Hello,
I've recently been experimenting with using the recently built ClamAV Docker
image in a Kubernetes deployment.
We want to utilize the ClamAV container in our deployment alongside a basic
server application running in a separate pod.
We think the ideal pattern would be to have the ClamAV container running clamd
in its own pod with its client running in a separate pod. The idea would be to
1. Mount a volume for scanning into both the ClamAV container and the client
container
2. Package clamdscan in the Docker image for the client pod
3. Whenever a file is uploaded to the client pod:
* Move that file to the mounted volume (which is mounted in both the
ClamAV container and the client container)
* Use clamdscan from the client container to remotely tell clamd in the
ClamAV container to scan the new file in the shared volume
At the moment, it seems that whenever I try to use clamdscan to tell clamd to
scan the volume contents from its container, clamdscan simply defaults to
streaming the file contents from the client container to the ClamAV container.
I would assume that if no mode is specified, clamdscan will default to
streaming the file contents to the TCP port if it's on a remote "host" (in this
case, a separate pod).
Preferably, we would like to use clamdscan to tell clamd to scan the mounted
volume contents from its container, not through a stream from the client. Is
that possible?
Hopefully this question is appropriate for this mailing list. If not, I'll post
it to GitHub. Thanks!
Regards,
Nathan Choate
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
