There are many, but I guess most are either obvious or well known. I think one of the most challenging when I started was the additional level of monitoring required. For instance, CPU/memory monitoring is well known, but monitoring now both the host resources plus the container resources (ie what they used vs what you provisioned) was tricky sometimes.. we didn't look at the right gauge and we think our memory is ok, but the provisioning isn't good, or vice-versa. In short, you add a new layer, and it does not remove complexity of your system, it just moves it (when you had challenges with vm or version and thinks like that, this is now easier, but the drawback is the added complexity of container resources management and scheduling)