We usually have different dependencies at run time vs build time.

In your dockerfile you specify a base image with FROM base-image:version as name.

Docker lets you do this multiple times to specify a multistage build.

You can then refer to the name in your copy command: COPY --from=name /path/from /path/to.

RUN

creates a new layer in your dockerfile by executing some command and then looking at the difference.

CMD

launch a program CMD ["python3" "-m" "http.server"].

EXPOSE

listen on a port EXPOSE 80.

ENV

set an environment variable ENV VARIABLE thing.

COPY

move some files into your container, creating a layer.

ADD

like copy, but with some extra stuff like tar extraction.

ENTRYPOINT

set a main command for the image

VOLUME

associate some storage

USER

change user

WORKDIR

set working directory

ONBUILD

some extra commands for after the image has finished

When using `docker run` you have the restart flag: docker run --restart unless-stopped image.

Docker makes three networks which you can assign containers to:

bridge

the default, available to containers as docker0.

none

disables the network stack for a container?

host

pretend to be the host machine?

Or you can define your own network and assign some containers to it.

This is a registry where people put their awful images.

This is a program for starting containers in the right order.

docker-compose up makes that go.

docker-compose.yml is a file which lists the containers.

`docker-compose` has similar commands to `docker`.

It should restart containers automatically.

We have three main kinds of storage:

volumes

managed by Docker in var/lib/docker/volumes.

bind mounts

anywhere on the host system.

tmpfs mounts

in memory

The InfluxDB and Alpine Postgres Images both use volumes, so you can destroy and recreate these images without losing data.

There is a thing called Prometheus which tells you what your Docker is doing.