diff --git a/roles/kubernetes/templates/docker.service b/roles/kubernetes/templates/docker.service
new file mode 100644
index 0000000..aba631a
--- /dev/null
+++ b/roles/kubernetes/templates/docker.service
@@ -0,0 +1,32 @@
+[Unit]
+Description=Docker Application Container Engine
+Documentation=https://docs.docker.com
+After=network.target docker.socket
+Requires=docker.socket
+
+[Service]
+Type=notify
+# the default is not to use systemd for cgroups because the delegate issues still
+# exists and systemd currently does not support the cgroup feature set required
+# for containers run by docker
+# Extra options:
+# - select overlay as file driver
+# - make the cluster accessible from the outside
+ExecStart=/usr/bin/dockerd -H fd:// {{ dockerd_extra_args }} -s {{ docker.storage_driver }}
+ExecReload=/bin/kill -s HUP $MAINPID
+# Having non-zero Limit*s causes performance problems due to accounting overhead
+# in the kernel. We recommend using cgroups to do container-local accounting.
+LimitNPROC=infinity
+LimitCORE=infinity
+LimitNOFILE=infinity
+# Uncomment TasksMax if your systemd version supports it.
+# Only systemd 226 and above support this version.
+#TasksMax=infinity
+TimeoutStartSec=0
+# set delegate yes so that systemd does not reset the cgroups of docker containers
+Delegate=yes
+# kill only the docker process, not all processes in the cgroup
+KillMode=process
+
+[Install]
+WantedBy=multi-user.target