Hi,
We observed performance issues using clamd docker image (
https://hub.docker.com/r/mkodockx/docker-clamav/dockerfile) for virus
scanning.
Our application and clamd (side car deployment) resides on the same pod.
The application sends .zip files (200 KB - 300 KB) to clamd over tcp to
scan using INSTREAM command. The client library that is used is
https://github.com/cdarras/clamav-client library. The .zip file usually
contains multiple xml files and txt files.
We were able to achieve around 4 request per second with 10 vcpu limit for
clamd docker image.
By turning off ScanArchive (false) , the request per second increases to
25. When the scanarchive is true, there are too many requests waiting in
the queue (QUEUEDSINCE) , as observed in clamdtop. But it doesn’t detect
the virus file inside the zip. Is it possible to detect virus inside the
zip with ScanArchive turned off?
Attached is the strace, clamd.conf, pidstat, iostat, htop data during
performance testing.
We are suspecting some issues while writing to the temp directory and
scanning the individual files inside the zip file. We are not able to root
cause the same.
Please let me know your thoughts. Your help is highly appreciated.
Thanks
Zayan
We observed performance issues using clamd docker image (
https://hub.docker.com/r/mkodockx/docker-clamav/dockerfile) for virus
scanning.
Our application and clamd (side car deployment) resides on the same pod.
The application sends .zip files (200 KB - 300 KB) to clamd over tcp to
scan using INSTREAM command. The client library that is used is
https://github.com/cdarras/clamav-client library. The .zip file usually
contains multiple xml files and txt files.
We were able to achieve around 4 request per second with 10 vcpu limit for
clamd docker image.
By turning off ScanArchive (false) , the request per second increases to
25. When the scanarchive is true, there are too many requests waiting in
the queue (QUEUEDSINCE) , as observed in clamdtop. But it doesn’t detect
the virus file inside the zip. Is it possible to detect virus inside the
zip with ScanArchive turned off?
Attached is the strace, clamd.conf, pidstat, iostat, htop data during
performance testing.
We are suspecting some issues while writing to the temp directory and
scanning the individual files inside the zip file. We are not able to root
cause the same.
Please let me know your thoughts. Your help is highly appreciated.
Thanks
Zayan