How do I create secure containers/jail for users connected to my server?

I’m creating a hacking game where real commands are ran on a server in the cloud by multiple users. Think like CTF games. I would like every user who connects to be contained within their own jail. And this is the purpose of the question.

I have many mini hacking games that I have created in VM’s. Some exploit vulnerabilities in software that can produce a shell.

My idea is to contain each user in some sort of jail, container, or VM so they can complete the hacking challenge with an expiration where the container will die in x number of minutes. I need to be able to pick a “container” from a pool and new “containers” shouldn’t take too long to spin up.

My problem is I’ve never seen anything like this done before to get any ideas on what is a secure solution. Is it possible? I can’t find any case studies.