Things hardcoded to docker I usually convert to systemd-nspawn containers that can be distributed and lifecycled as .deb packages. Otherwise we just create our own unit files. The main reason is that docker's IPv6 support is garbage, and puts a heavy legacy burden on the OS. For example: it's hardcoded to iptables-legacy which was actually EOL the moment docker was first launched. I have to manage a couple dozen machines and 100s of applications, docker makes this a nightmare.