Multistage Builds:

 In simple terms if you want to build an 3-tier application for that you created the
docker files and you run it, in this case most of the resources like OS or runtime
for which app should run we should not use all.

 If we run that container the size should definitely been high to avoid that issues if
we use the multistage build approach it is very smooth

 The main focus of the multistage is reuse the resources and utilise it properly and
make the end of container size low.

 For that those parameters which is common and which is reuse we can put in one
stage and those which are dynamical values or parameters we can put in last
stage

 If we do this approach for heavy loaded containers the size should be become
very less and we can also use resources properly .

Example for Multistage builds:

Moto is to run the high-end node-JS app using Nginx

Docker file
#######Stage-1-Docker-File##########
# we are taking Node js and we can name it as build
FROM node:12.13.0-alpine as build

#Working directory is /app meaning all upcoming activity will address from /app
WORKDIR /app

#copy the packages from local to Node js

COPY package*.json ./

#we are installing the NPM bec Node js wants NPM

RUN npm install

#copy the build stuff from local to /app(work dir)

COPY . .

#we are building the stuff

RUN npm run build
 ######Stage-2-Docker-File##########
FROM nginx (#we are trying to deploy the nodejs app on Nginx)
EXPOSE 3000 (#the port which we are using is 3000)
COPY ./nginx/default.conf /etc/nginx/conf.d/default.conf (#copy the config from
local to nginx)
COPY --from=build /app/build /usr/share/nginx/html(#copy the build o/p to
nginx)

 If we use that multistage builds it have made it much easier to create optimized
images this is a very good approach while dealing with prod environment.

Distroless Image:
 Suppose if you load your docker file with OS and one runtime to run the app
many resources are going to be waste
 And other point is if we go ahead and import any kind of OS to run the app there
is a defiantly security issue
 To avoid that issue if we use the distroless image is the best option.
 Because it contains only the runtimes which app required to run, so there is NO
OS is the best strategy in distroless images
 Example for distroless image

Moto is to run the calculator app using GO-Lang

###########################################
# BASE IMAGE
###########################################

FROM ubuntu AS build

RUN apt-get update && apt-get install -y golang-go

ENV GO111MODULE=off

COPY . .

RUN CGO_ENABLED=0 go build -o /app .

############################################
# HERE STARTS THE MAGIC OF MULTI STAGE BUILD
############################################
 FROM scratch (#scratch is a very basic distro less images having low size and
flexible compatability)

# Copy the compiled binary from the build stage

COPY --from=build /app /app

# Set the entrypoint for the container to run the binary

ENTRYPOINT ["/app"]

When to Use Distroless:

 Maximized Security
 Simplified Dependencies:
 small Images
 Vulnerabilities less

 About Alpine:
 Best competitor for distroless.
 Mostly flexible for Linux based apps.
 Customization is very flexible meaning if we want use for OS dependet app
we can run that also with super performance and low size.
 Here are the basic difference between distroless and alpine