Stop trying to maintain the docker.service, and just inject

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>

files/osbs/docker.firewall.service

@@ -0,0 +1,2 @@
+[Service]
+ExecStartPost=/usr/local/bin/fix-docker-iptables

files/osbs/docker.service

@@ -1,32 +0,0 @@
-[Unit]
-Description=Docker Application Container Engine
-Documentation=http://docs.docker.com
-After=network.target
-Wants=docker-storage-setup.service
-
-[Service]
-Type=notify
-NotifyAccess=all
-EnvironmentFile=-/etc/sysconfig/docker
-EnvironmentFile=-/etc/sysconfig/docker-storage
-EnvironmentFile=-/etc/sysconfig/docker-network
-Environment=GOTRACEBACK=crash
-ExecStart=/usr/bin/docker daemon \
-          --exec-opt native.cgroupdriver=systemd \
-          $OPTIONS \
-          $DOCKER_STORAGE_OPTIONS \
-          $DOCKER_NETWORK_OPTIONS \
-          $INSECURE_REGISTRY
-ExecStartPost=/usr/local/bin/fix-docker-iptables
-LimitNOFILE=1048576
-LimitNPROC=1048576
-LimitCORE=infinity
-MountFlags=slave
-StandardOutput=null
-StandardError=null
-TimeoutStartSec=0
-Restart=on-abnormal
-
-[Install]
-WantedBy=multi-user.target
-

playbooks/groups/osbs-cluster.yml

@@ -656,10 +656,10 @@
       notify:
         - restart docker
 
-    - name: copy docker service config
+    - name: copy docker custom service config
       copy:
-        src: "{{files}}/osbs/docker.service"
-        dest: /etc/systemd/system/docker.service
+        src: "{{files}}/osbs/docker.firewall.service"
+        dest: /etc/systemd/system/docker.service.d/firewall.conf
       notify:
         - systemctl daemon-reload
         - restart docker