diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index ee84feea2b..b337055be9 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -97,8 +97,8 @@ docker_registry_insecure: "{{ 'yes' if docker_registry else 'no' }}"
 docker_runtime_directory: ""
 
 # Retention settings for Docker logs
-docker_log_max_file: 5
-docker_log_max_size: 50m
+docker_log_max_file: "5"
+docker_log_max_size: "50m"
 
 # Valid options are [ no, on-failure, always, unless-stopped ]
 docker_restart_policy: "unless-stopped"
@@ -108,7 +108,9 @@ docker_restart_policy_retry: "10"
 
 # Extra docker options for Zun
 docker_configure_for_zun: "no"
-docker_zun_options: -H fd:// -H tcp://{{ api_interface_address }}:2375 --cluster-store=etcd://{% for host in groups.get('etcd', []) %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ hostvars[host]['etcd_client_port'] }}{% if not loop.last %},{% endif %}{% endfor %}
+docker_zun_options: -H tcp://{{ api_interface_address }}:2375
+docker_zun_config:
+  cluster-store: etcd://{% for host in groups.get('etcd', []) %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ hostvars[host]['etcd_client_port'] }}{% if not loop.last %},{% endif %}{% endfor %}
 
 # Timeout after Docker sends SIGTERM before sending SIGKILL.
 docker_graceful_timeout: 60
diff --git a/ansible/roles/baremetal/defaults/main.yml b/ansible/roles/baremetal/defaults/main.yml
index 542c4f132b..ddb7030b22 100644
--- a/ansible/roles/baremetal/defaults/main.yml
+++ b/ansible/roles/baremetal/defaults/main.yml
@@ -31,8 +31,8 @@ change_selinux: True
 selinux_state: "permissive"
 
 docker_storage_driver: ""
-
 docker_custom_option: ""
+docker_custom_config: {}
 
 # Ubuntu 18+ does not have easy_install available due to
 # https://bugs.launchpad.net/ubuntu/+source/python-setuptools/+bug/1774419.
diff --git a/ansible/roles/baremetal/tasks/post-install.yml b/ansible/roles/baremetal/tasks/post-install.yml
index 0c044a068d..0f69d31b6a 100644
--- a/ansible/roles/baremetal/tasks/post-install.yml
+++ b/ansible/roles/baremetal/tasks/post-install.yml
@@ -55,35 +55,83 @@
   become: True
   when: not create_kolla_user | bool
 
+- name: Ensure docker config directory exists
+  file:
+    path: /etc/docker
+    state: directory
+  become: True
+
+- name: Merge Zun docker config
+  set_fact:
+    docker_config: "{{ docker_config | combine(docker_zun_config) }}"
+  when:
+    - docker_configure_for_zun | bool
+
+- name: Warn about deprecations
+  debug:
+    msg: >
+      docker_custom_option is deprecated in favor of docker_custom_config
+  when: docker_custom_option
+
+- name: Setup docker insecure registries
+  vars:
+    registries: ["{{ docker_registry }}"]
+  set_fact:
+    docker_config: "{{ docker_config | combine({'insecure-registries': registries}) }}"
+  when: docker_registry_insecure | bool
+
+- name: Setup docker storage driver
+  set_fact:
+    docker_config: "{{ docker_config | combine({'storage-driver': docker_storage_driver}) }}"
+  when: docker_storage_driver
+
+- name: Setup docker runtime directory
+  set_fact:
+    docker_config: "{{ docker_config | combine({'data-root': docker_runtime_directory}) }}"
+  when: docker_runtime_directory
+
+- name: Merge custom docker config
+  set_fact:
+    docker_config: "{{ docker_config | combine(docker_custom_config) }}"
+
+- name: Write docker config
+  become: True
+  copy:
+    content: "{{ docker_config | to_nice_json }}"
+    dest: /etc/docker/daemon.json
+    mode: 0644
+  register: docker_configured
+
+- name: Remove old docker options file
+  become: True
+  file:
+    path: /etc/systemd/system/docker.service.d/kolla.conf
+    state: absent
+  when:
+    - not docker_custom_option
+    - not docker_configure_for_zun|bool
+
 - name: Ensure docker service directory exists
+  become: True
   file:
     path: /etc/systemd/system/docker.service.d
     state: directory
     recurse: yes
-  become: True
-
-- name: Check dockerd exists
-  stat: path=/usr/bin/dockerd
-  register: dockerd_exists
-
-- name: Setting docker daemon name
-  set_fact:
-    docker_binary_name: "dockerd"
-  when:
-    dockerd_exists.stat.exists == True
+  when: docker_custom_option or docker_configure_for_zun|bool
 
 - name: Configure docker service
   become: True
   template:
     src: docker_systemd_service.j2
     dest: /etc/systemd/system/docker.service.d/kolla.conf
-  register: docker_configured
+  when: docker_custom_option or docker_configure_for_zun|bool
 
 - name: Reload docker service file
   become: True
   systemd:
     name: docker
     daemon_reload: yes
+  register: docker_reloaded
 
 - name: Get stat of libvirtd apparmor profile
   stat:
@@ -122,7 +170,7 @@
     name: docker
     state: restarted
   become: True
-  when: docker_configured.changed
+  when: docker_configured.changed or docker_reloaded.changed
 
 - name: Enable docker
   service:
diff --git a/ansible/roles/baremetal/templates/docker_systemd_service.j2 b/ansible/roles/baremetal/templates/docker_systemd_service.j2
index e6fc07329f..f6d19c226a 100644
--- a/ansible/roles/baremetal/templates/docker_systemd_service.j2
+++ b/ansible/roles/baremetal/templates/docker_systemd_service.j2
@@ -1,3 +1,4 @@
 [Service]
 ExecStart=
-ExecStart=/usr/bin/{{ docker_binary_name|default("docker daemon", true) }}{% if docker_registry_insecure | bool %} --insecure-registry {{ docker_registry }}{% endif %}{% if docker_storage_driver %} --storage-driver {{ docker_storage_driver }}{% endif %}{% if docker_runtime_directory %} --graph {{ docker_runtime_directory }}{% endif %}{% if docker_custom_option %} {{ docker_custom_option }}{% endif %}{% if docker_configure_for_zun|bool %} {{ docker_zun_options }}{% endif %} --log-opt max-file={{ docker_log_max_file }} --log-opt max-size={{ docker_log_max_size }}
+# ExecStart commandline copied from 'docker-ce' package. Same on CentOS/Debian/Ubuntu systems.
+ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock{% if docker_custom_option %} {{ docker_custom_option }}{% endif %}{% if docker_configure_for_zun|bool %} {{ docker_zun_options }}{% endif %}
diff --git a/ansible/roles/baremetal/vars/main.yml b/ansible/roles/baremetal/vars/main.yml
new file mode 100644
index 0000000000..5752302538
--- /dev/null
+++ b/ansible/roles/baremetal/vars/main.yml
@@ -0,0 +1,5 @@
+---
+docker_config:
+  log-opts:
+    max-file: "{{ docker_log_max_file }}"
+    max-size: "{{ docker_log_max_size }}"
diff --git a/doc/source/reference/deployment-and-bootstrapping/bootstrap-servers.rst b/doc/source/reference/deployment-and-bootstrapping/bootstrap-servers.rst
index e0658c4145..4fe1eb5b4d 100644
--- a/doc/source/reference/deployment-and-bootstrapping/bootstrap-servers.rst
+++ b/doc/source/reference/deployment-and-bootstrapping/bootstrap-servers.rst
@@ -162,7 +162,7 @@ The ``docker_storage_driver`` variable is optional. If set, it defines the
 use for Docker.
 
 The ``docker_runtime_directory`` variable is optional. If set, it defines the
-runtime (``--graph``) directory for Docker.
+runtime (``data-root``) directory for Docker.
 
 The ``docker_registry`` variable, which is not set by default, defines the
 address of the Docker registry. If the variable is not set, Dockerhub will be
@@ -178,8 +178,16 @@ maximum number of log files to retain per container. The
 ``docker_log_max_size`` variable, which defaults to ``50m``, defines the
 maximum size of each rotated log file per container.
 
-The ``docker_custom_option`` variable is optional. If set, it defines
-additional options to pass to the Docker engine via the Systemd unit file.
+Additional options for the Docker engine can be passed in
+``docker_custom_config`` variable. It will be stored in ``daemon.json`` config
+file. Example:
+
+.. code-block:: json
+
+    {
+        "experimental": false
+    }
+
 
 Disabling firewalls
 ~~~~~~~~~~~~~~~~~~~
diff --git a/releasenotes/notes/docker-daemon.json-33d7618aa5a355a8.yaml b/releasenotes/notes/docker-daemon.json-33d7618aa5a355a8.yaml
new file mode 100644
index 0000000000..cd0c4aa3c2
--- /dev/null
+++ b/releasenotes/notes/docker-daemon.json-33d7618aa5a355a8.yaml
@@ -0,0 +1,18 @@
+---
+features:
+  - |
+    Add custom option for docker daemon by altering "docker_custom_config"
+    variable (json formatted).
+
+upgrade:
+  - |
+    Docker engine configuration changes are now done in
+    "/etc/docker/daemon.json" file instead of altering systemd unit (which
+    gets removed if present). Also "docker_custom_option" got replaced by
+    "docker_custom_config" variable (json formatted).
+
+deprecations:
+  - |
+    Configuring Docker daemon by "docker_custom_option" (used in systemd unit
+    file) is deprecated in favour of "docker_custom_config" variable (stored in
+    "daemon.json" config file.
diff --git a/tests/templates/globals-default.j2 b/tests/templates/globals-default.j2
index 8bc33f382a..1de1708595 100644
--- a/tests/templates/globals-default.j2
+++ b/tests/templates/globals-default.j2
@@ -29,7 +29,6 @@ docker_namespace: "kolla"
 # will be the source of images during the upgrade.
 # NOTE(yoctozepto): this is required here for CI because we run templating
 # of docker systemd command only once, using the previous release when upgrading
-# also note: atm upgrade would conflict with the zun profile which uses this var
 docker_custom_option: "--insecure-registry {{ api_interface_address }}:4000"
 {% endif %}
 {% if not is_previous_release %}