Bare metal (what I think you mean by natively) is usually more performant than any kind of virtualization/containerization simply due to the fact that there is less system overhead between hardware, kernel and OS.
A container is going to give you the benefit of managing multiple instances of an OS (snapshots, migration, image dumps/backups, resource prioritization, etc.) without incurring a heavy performance penalty. Containerization security does have some disadvantages over full virtualization however.
A full VM would be a better choice when performance is less of a concern since fully virtualization usually involves emulating various hardware devices. Each virtual instance is a complete operating system (with exception of hardware pass-through) processes, kernel, libraries and applications running within it. It's considered to be much harder for an attacker to break out of a fully virtualized host over a container but this risk/attack surface is going to vary by vendor.
If you're not doing extremely heavy I/O or CPU utilization, you probably won't see a big performance hit for either containers or full VMs. As an example, containerization would be a better choice for something like a software testing or compilation node where you want the best performance you can get to lessen development lead times, however you still want to be able to snapshot or roll-back installations easily (something you cannot do easily with bare-metal).
You will probably have to experiment with you software stack a bit but with the list you've give, I would go full virtualization to get all the benefits of security and VM management.
