The distinction is between bare metal and virtual machine. Most cloud deployments will be hosted in a virtual machine, inside which you host your containers.

So the nested dolls go:

• bare metal (directly on hardware)
• virtual machine (inside a hypervisor)
• container (inside Docker, podman, containers, etc.)
• runtime (jvm, v8, clr, etc) (unless your code is in C, Rust, or other such language)
• your code

I have one of my domains on Cloudflare and was thinking of moving the rest of them there. What makes it harder to move name servers away from Cloudflare than other places?