Docker apparently doesn't respect your host firewall by default - leading to the potential for a gaping security hole. This has been a [https://github.com/docker/for-linux/issues/690 reported bug since 2018]. One fix is to [https://www.smarthomebeginner.com/traefik-docker-security-best-practices/#10_Change_DOCKER_OPTS_to_Respect_IP_Table_Firewall set the DOCKER_OPTS] configuration parameter. Another is to add a jump rule to UFW. The bug report links to docs and multiple references.
==Future ReadingDocker Downsides ==One major negative to the system architecture of Docker is that it relies on a server daemon. **Unlike** [[Podman]], Docker's Engine can use up 4GB of RAM just sitting idle.A similar thing happens with WSL2 on Windows <ref>https://news.ycombinator.com/item?id=26897095</ref>
#The compose application model https://docs.docker.com/compose/compose-file/02-model/#Understand how moby [https://github.com/moby/buildkit buildkit] is integrated with [https://github.com/docker/buildx buildx] (or docker) and use it.#Interesting read about docker commit https://adamtheautomator.com/docker-commit/== Future Reading ==
# The compose application model https://docs.docker.com/compose/compose-file/02-model/
# Understand how moby [https://github.com/moby/buildkit buildkit] is integrated with [https://github.com/docker/buildx buildx] (or docker) and use it.
# Interesting read about docker commit https://adamtheautomator.com/docker-commit/
Inspect your running container based on it's container name: docker inspect $(docker container ls | awk '/app2/ {print $1}')