diff --git a/Dockerfile b/Dockerfile
index 027114bf..a9c55e8f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,5 @@
-FROM python:3.5
+ARG FROM=python:3.5
+FROM ${FROM}
 
 MAINTAINER Armada Team
 
diff --git a/Makefile b/Makefile
index d1f0163f..12b3700b 100644
--- a/Makefile
+++ b/Makefile
@@ -13,19 +13,20 @@
 # limitations under the License.
 
 # APP INFO
-DOCKER_REGISTRY ?= quay.io
-IMAGE_PREFIX    ?= attcomdev
-IMAGE_NAME      ?= armada
-IMAGE_TAG       ?= latest
-HELM            ?= helm
-PROXY           ?= http://proxy.foo.com:8000
-NO_PROXY        ?= localhost,127.0.0.1,.svc.cluster.local
-USE_PROXY       ?= false
-PUSH_IMAGE      ?= false
-LABEL           ?= commit-id
-PYTHON          = python3
-CHARTS          := $(patsubst charts/%/.,%,$(wildcard charts/*/.))
-IMAGE           := ${DOCKER_REGISTRY}/${IMAGE_PREFIX}/${IMAGE_NAME}:${IMAGE_TAG}
+DOCKER_REGISTRY   ?= quay.io
+IMAGE_PREFIX      ?= attcomdev
+IMAGE_NAME        ?= armada
+IMAGE_TAG         ?= latest
+HELM              ?= helm
+PROXY             ?= http://proxy.foo.com:8000
+NO_PROXY          ?= localhost,127.0.0.1,.svc.cluster.local
+USE_PROXY         ?= false
+PUSH_IMAGE        ?= false
+LABEL             ?= commit-id
+PYTHON            = python3
+CHARTS            := $(patsubst charts/%/.,%,$(wildcard charts/*/.))
+IMAGE             := ${DOCKER_REGISTRY}/${IMAGE_PREFIX}/${IMAGE_NAME}:${IMAGE_TAG}
+PYTHON_BASE_IMAGE ?= python:3.5
 
 # VERSION INFO
 GIT_COMMIT = $(shell git rev-parse HEAD)
@@ -104,6 +105,7 @@ build_docs:
 build_armada:
 ifeq ($(USE_PROXY), true)
 	docker build --network host -t $(IMAGE) --label $(LABEL) -f ./Dockerfile \
+		--build-arg FROM=$(PYTHON_BASE_IMAGE) \
 		--build-arg http_proxy=$(PROXY) \
 		--build-arg https_proxy=$(PROXY) \
 		--build-arg HTTP_PROXY=$(PROXY) \
@@ -111,7 +113,8 @@ ifeq ($(USE_PROXY), true)
 		--build-arg no_proxy=$(NO_PROXY) \
 		--build-arg NO_PROXY=$(NO_PROXY) .
 else
-	docker build --network host -t $(IMAGE) --label $(LABEL) -f ./Dockerfile .
+	docker build --network host -t $(IMAGE) --label $(LABEL) -f ./Dockerfile \
+		--build-arg FROM=$(PYTHON_BASE_IMAGE) .
 endif
 ifeq ($(PUSH_IMAGE), true)
 	docker push $(IMAGE)
diff --git a/tools/gate/playbooks/docker-image-build.yaml b/tools/gate/playbooks/docker-image-build.yaml
index 9d151c23..8444fa87 100644
--- a/tools/gate/playbooks/docker-image-build.yaml
+++ b/tools/gate/playbooks/docker-image-build.yaml
@@ -14,6 +14,8 @@
 
 - hosts: primary
   tasks:
+    - include_vars: vars.yaml
+
     - name: Debug tag generation inputs
       block:
         - debug:
@@ -39,16 +41,47 @@
         var: image_tags
 
     - name: Install Docker (Debian)
+      when: ansible_os_family == 'Debian'
       block:
+        - file:
+            path: "{{ item }}"
+            state: directory
+          with_items:
+            - /etc/docker/
+            - /etc/systemd/system/docker.service.d/
+            - /var/lib/docker/
+        - mount:
+            path: /var/lib/docker/
+            src: tmpfs
+            fstype: tmpfs
+            opts: size=25g
+            state: mounted
+        - copy: "{{ item }}"
+          with_items:
+            - content: "{{ docker_daemon | to_json }}"
+              dest: /etc/docker/daemon.json
+            - src: files/docker-systemd.conf
+              dest: /etc/systemd/system/docker.service.d/
+        - apt_key:
+            url: https://download.docker.com/linux/ubuntu/gpg
+        - apt_repository:
+            repo: deb http://{{ zuul_site_mirror_fqdn }}/deb-docker xenial stable
         - apt:
             name: "{{ item }}"
+            allow_unauthenticated: True
           with_items:
-            - docker.io
+            - docker-ce
             - python-pip
-          when: ansible_os_family == 'Debian'
         - pip:
             name: docker
             version: 2.7.0
+        # NOTE(SamYaple): Allow all connections from containers to host so the
+        # containers can access the http server for git and wheels
+        - iptables:
+            action: insert
+            chain: INPUT
+            in_interface: docker0
+            jump: ACCEPT
       become: True
 
     - name: Make images
diff --git a/tools/gate/playbooks/files/docker-systemd.conf b/tools/gate/playbooks/files/docker-systemd.conf
new file mode 100644
index 00000000..6b01af0f
--- /dev/null
+++ b/tools/gate/playbooks/files/docker-systemd.conf
@@ -0,0 +1,8 @@
+# NOTE(SamYaple): CentOS cannot be build with userns-remap enabled. httpd uses
+# cap_set_file capability and there is no way to pass that in at build as of
+# docker 17.06.
+# TODO(SamYaple): Periodically check to see if this is possible in newer
+# versions of Docker
+[Service]
+ExecStart=
+ExecStart=/usr/bin/dockerd
diff --git a/tools/gate/playbooks/vars.yaml b/tools/gate/playbooks/vars.yaml
index eb6ffae1..c89b7980 100644
--- a/tools/gate/playbooks/vars.yaml
+++ b/tools/gate/playbooks/vars.yaml
@@ -12,4 +12,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-null: null
+docker_daemon:
+  group: zuul
+  registry-mirrors:
+    - "http://{{ zuul_site_mirror_fqdn }}:8082/"
+  storage-driver: overlay2