Mailing List Archive

You can run a local mirror. That might be a good alternative.

Sent from my ? iPhone

> On Apr 4, 2019, at 21:03, Tim Hawkins <tim.hawkins@redflaggroup.com> wrote:
>
> We have a large number of services running inside kubernetes that need to have access to clamav, given the sheer number, i dont want to have to run freshclam process on each virtual machine (container), due to the managemeht and monitoring overhead, and the risk of some not updating for variouis reasons.
>
> Is there any easy way i can share the directories containing the definition database on one server image to all the others so i only have one machine to monitor updates on, we can use docker.kubernetes ability to share persistent volumes to do this, we will be running clamav in single file scan mode, and wont be using the daemon, so syncronising restart of the daemon on updates is not required.
>
> Sent from Nine
>
>
>
> DISCLAIMER
> The information contained in this email and any attachments are confidential. It is intended solely for the individual or entity to whom they are addressed. Access to this email by anyone else is unauthorized.
>
> If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by responding to this email and then delete it from your system.
>
> The Red Flag Group is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt.
>
> Any advice, recommendations or opinion contained within this email or its attachments are not to be construed as legal advice.
>
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml

It would help, but it does not solve the issue of freshclam failing which happens, i dont want to have to monitor the update dates of definitions in each service.

Sent from Nine<http://www.9folders.com/>
________________________________
From: "Joel Esler (jesler) via clamav-users" <clamav-users@lists.clamav.net>
Sent: Friday, April 5, 2019 09:14
To: ClamAV users ML
Cc: Joel Esler (jesler)
Subject: [External] Re: [clamav-users] Updating multiple servers

You can run a local mirror. That might be a good alternative.

Sent from my ? iPhone

On Apr 4, 2019, at 21:03, Tim Hawkins <tim.hawkins@redflaggroup.com<mailto:tim.hawkins@redflaggroup.com>> wrote:

We have a large number of services running inside kubernetes that need to have access to clamav, given the sheer number, i dont want to have to run freshclam process on each virtual machine (container), due to the managemeht and monitoring overhead, and the risk of some not updating for variouis reasons.

Is there any easy way i can share the directories containing the definition database on one server image to all the others so i only have one machine to monitor updates on, we can use docker.kubernetes ability to share persistent volumes to do this, we will be running clamav in single file scan mode, and wont be using the daemon, so syncronising restart of the daemon on updates is not required.

Sent from Nine<http://www.9folders.com/>



DISCLAIMER

The information contained in this email and any attachments are confidential. It is intended solely for the individual or entity to whom they are addressed. Access to this email by anyone else is unauthorized.

If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by responding to this email and then delete it from your system.

The Red Flag Group is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt.

Any advice, recommendations or opinion contained within this email or its attachments are not to be construed as legal advice.

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net>
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml


DISCLAIMER

The information contained in this email and any attachments are confidential. It is intended solely for the individual or entity to whom they are addressed. Access to this email by anyone else is unauthorized.

If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by responding to this email and then delete it from your system.

The Red Flag Group is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt.

Any advice, recommendations or opinion contained within this email or its attachments are not to be construed as legal advice.

On 4/4/2019 9:01 PM, Tim Hawkins wrote:
> We have a large number of services running inside kubernetes that need to have
> access to clamav,  given the sheer number, i dont want to have to run freshclam
> process on each virtual machine (container), due to the managemeht and monitoring
> overhead, and the risk of some not updating for variouis reasons.
>
> Is there any easy way i can share the directories containing the definition
> database on one server image to all the others so i only have one machine to
> monitor updates on, we can use docker.kubernetes ability to share persistent
> volumes to do this,  we will be running clamav in single file scan mode, and wont
> be using the daemon, so syncronising restart of the daemon on updates is not required.

If you are simply scanning single files and loading the databases every time, then
you should be able to share the database directory with whatever method you have
available.

On the other hand, keep in mind that it can take time for clamscan to load the
databases (especially for slower systems or if you have lots of third-party
signatures).  If you have any volume at all, you may want to use the daemon instead
since it is MUCH faster.  One solution would be to run the daemon on one server and
open a TCP port so the other servers can connect to it with clamdscan to do scans. 
That way you only have one database directory and one daemon process to worry about.

--
Bowie