Listening to Andre Arko at RailsConf 2011 talking about Bundler.
Bundler exists to make running your app consistent, repeatable, and guaranteed. Bundler doesn't let you use a gem unless it's in the Gemfile. Gemfile.lock keeps track of which version of the gem is running.
To publish the app. A very simple way is to tell Heroku or EngineYard to do it, they build right from your Gemfile and deploy.
To do it yourself. Make sure gems are installed within the app, not as the root user: bundle install --path app/vendor
Bundler provides a --frozen mode that makes sure that all of the Gemfile entries match up with the Gemfile.lock. This is a good thing to have in place on production.
For production: bundle install --deployment (turns on --path and --frozen)
For bundling to send to a server that has no outbound internet access: bundle path (not advised unless the only option, because requires downloading a ton of binary data from version control)