Hello,

 

I’ve recently been experimenting with using the recently built ClamAV Docker image in a Kubernetes deployment.

We want to utilize the ClamAV container in our deployment alongside a basic server application running in a separate pod.

We think the ideal pattern would be to have the ClamAV container running clamd in its own pod with its client running in a separate pod. The idea would be to

 

1. Mount a volume for scanning into both the ClamAV container and the client container
2. Package clamdscan in the Docker image for the client pod
3. Whenever a file is uploaded to the client pod:
   1. Move that file to the mounted volume (which is mounted in both the ClamAV container and the client container)
   2. Use clamdscan from the client container to remotely tell clamd in the ClamAV container to scan the new file in the shared volume

 

At the moment, it seems that whenever I try to use clamdscan to tell clamd to scan the volume contents from its container, clamdscan simply defaults to streaming the file contents from the client container to the ClamAV container.

I would assume that if no mode is specified, clamdscan will default to streaming the file contents to the TCP port if it’s on a remote “host” (in this case, a separate pod).

 

Preferably, we would like to use clamdscan to tell clamd to scan the mounted volume contents from its container, not through a stream from the client. Is that possible?

 

Hopefully this question is appropriate for this mailing list. If not, I’ll post it to GitHub. Thanks!

 

Regards,

Nathan Choate