ACI support for privileged container
Make possible to lauch contaner in privilege mode to allow loading of kernel modules and other feautures.
ACI currently has no plans to provide access to host-level interaction. We are always open to feedback, but this is the current plan.
The --cap-add is required for features such as blobfuse. AzureFiles is the wrong solution for many scenarios. Add this capability, or don't wonder why we use AWS: we have to, since it don't work in ACI!
Support the equivalents of "docker run -d --cap-add NET_ADMIN ..." and SYS_ADMIN