Powered By GitBook
index
Scan Kubernetes pods and nodes from a dedicated antivirus pod.
Ian Maddox | Solutions Architect | Google
Contributed by Google employees.
​This example provides a Clam antivirus Docker image that performs regularly scheduled scans.
This example is designed to be run on Container-Optimized OS, but it should work with most other Docker servers.
ClamAV is an open source antivirus engine for detecting trojans, viruses, malware, and other malicious threats.

Basic usage

    1.
    Build your Docker image.
    2.
    Deploy that image to your Kubernetes cluster.
    3.
    Use Daemonsets to configure the new workload to run one scanner pod per node.
    4.
    Ensure that scan-required paths within other pods are mounted as named volumes so they will be included in the scan of the node.
Use the following to create the container, replacing [DOCKER_APP_CONFIG_PATH] with the value for your environment:
1
IMAGE=clamav
2
CONTAINER=clamav
3
APP=clamav
4
BASEDIR=/[DOCKER_APP_CONFIG_PATH]/$APP
5
​
6
docker create --name=$APP \
7
-v /share:/host-fs:ro \
8
-v $BASEDIR/logs:/logs \
9
-v $BASEDIR/conf:/etc/clamav \
10
--health-cmd "/health.sh" \
11
$IMAGE
Copied!
The first time you start the container, default configuration files will be deployed into the conf/ subfolder. You can customize the configuration files, and they will be deployed the next time you start the container.
Be sure to tune the MaxThreads value in clamd.conf to work well with the other workloads.
Last modified 7mo ago
Copy link
Contents
Basic usage