azure: Mask systemd-resolved
    
    The initial value of NS of resolv.conf is 127.0.0.11, this
    is the embedded NS of docker-compose. The disabling of
    this feature is not currently supported by Docker.
    
    On startup systemd-resolved caches the /etc/resolv.conf
    (docker-compose version), which is later modified by
    setup_containers.py script.
    
    This results in resolving error occurs:
    ```console
    [root@replica1 /]# getent ahosts master1.ipa.test
    ... can't resolve
    
    [root@replica1 /]# grep 'hosts:' /etc/nsswitch.conf
    hosts:      files myhostname resolve [!UNAVAIL=return] dns
    
    [root@replica1 /]# resolvectl status
    Global
           LLMNR setting: resolve
    MulticastDNS setting: no
      DNSOverTLS setting: no
          DNSSEC setting: no
        DNSSEC supported: no
      Current DNS Server: 127.0.0.11
             DNS Servers: 127.0.0.11
    Fallback DNS Servers: 1.1.1.1
                          8.8.8.8
                          1.0.0.1
                          8.8.4.4
                          2606:4700:4700::1111
                          2001:4860:4860::8888
                          2606:4700:4700::1001
                          2001:4860:4860::8844
    ```
    
    According to docs:
    https://www.freedesktop.org/software/systemd/man/systemd-resolved.service.html#/etc/resolv.conf
    our case is 4(managed by other packages).
    
    So, restart of systemd-resolved is enough for its re-initialization,
    but not for services that already received DNS results. To speed up
    the overall process and to no restart each service which wants
    internet connection(or wait until service retries connection)
    systemd-resolved is masked.
    
    Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>