Mailing List Archive

[clamav-users] Running ClamAV for production workloads
Hi,

We are close to choosing ClamAV to run our production workloads and I would
like to know what are some things to consider while setting up and using
ClamAV for production workloads ?

We are looking to scan millions of files in parallel and globally too.

Has anyone had the usecase and experience doing it .

I would like to know the performance of running scans on upto 2gb files .

Could you pls advise on the same.

Karthik
Re: [clamav-users] Running ClamAV for production workloads [ In reply to ]
If you are setting up lots of machines, make sure you set up a private mirror using cvdupdate first for all of your machines to pull updates from.
Have a script/plan for upgrading ClamAV. Super important to keep the engine up to date.
Have a plan for what you are going to do when it detects something.

Sent from my ? iPhone

> On Jun 8, 2021, at 22:40, Karthik Iyer via clamav-users <clamav-users@lists.clamav.net> wrote:
>
> ?Hi,
>
> We are close to choosing ClamAV to run our production workloads and I would like to know what are some things to consider while setting up and using ClamAV for production workloads ?
>
> We are looking to scan millions of files in parallel and globally too.
>
> Has anyone had the usecase and experience doing it .
>
> I would like to know the performance of running scans on upto 2gb files .
>
> Could you pls advise on the same.
>
> Karthik
>
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Re: [clamav-users] Running ClamAV for production workloads [ In reply to ]
I plan to run clamav on docker instances in a kubernetes cluster.

What would be the process of updating the pods in the cluster ?

Also can you point out to any resources for updating the visits and
malware definition and upgrading ClamAV?

Thanks.

Karthik

On Tue, Jun 8, 2021 at 11:10 PM Joel Esler (jesler) <jesler@cisco.com>
wrote:

> If you are setting up lots of machines, make sure you set up a private
> mirror using cvdupdate first for all of your machines to pull updates from.
> Have a script/plan for upgrading ClamAV. Super important to keep the
> engine up to date.
> Have a plan for what you are going to do when it detects something.
>
> Sent from my ? iPhone
>
> > On Jun 8, 2021, at 22:40, Karthik Iyer via clamav-users <
> clamav-users@lists.clamav.net> wrote:
> >
> > ?Hi,
> >
> > We are close to choosing ClamAV to run our production workloads and I
> would like to know what are some things to consider while setting up and
> using ClamAV for production workloads ?
> >
> > We are looking to scan millions of files in parallel and globally too.
> >
> > Has anyone had the usecase and experience doing it .
> >
> > I would like to know the performance of running scans on upto 2gb files .
> >
> > Could you pls advise on the same.
> >
> > Karthik
> >
> >
> > _______________________________________________
> >
> > clamav-users mailing list
> > clamav-users@lists.clamav.net
> > https://lists.clamav.net/mailman/listinfo/clamav-users
> >
> >
> > Help us build a comprehensive ClamAV guide:
> > https://github.com/vrtadmin/clamav-faq
> >
> > http://www.clamav.net/contact.html#ml
>
Re: [clamav-users] Running ClamAV for production workloads [ In reply to ]
* Karthik Iyer via clamav-users:

> I plan to run clamav on docker instances in a kubernetes cluster.
>
> What would be the process of updating the pods in the cluster ?

Not meaning to sound hostile, but I think it needs to be said: You
appear to lack programming experience and use this mailing list to ask
for general information. You also don't seem to have a solid foundation
of Kubernetes knowledge, and again you ask here.

This mailing list is meant to discuss ClamAV *specifics*, not a general
support forum for things you are lacking. My advice is for you to read
docs, and take some courses in the basics of your everyday work. The
volunteers on this mailing list are not some free-of-charge support
crew, and quite frankly, you need to do your homework first.

-Ralph

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Re: [clamav-users] Running ClamAV for production workloads [ In reply to ]
Hi there,

On Wed, 9 Jun 2021, Ralph Seichter via clamav-users wrote:

> * Karthik Iyer via clamav-users:
>
>> I plan to run clamav on docker instances in a kubernetes cluster.
>>
>> What would be the process of updating the pods in the cluster ?
>
> Not meaning to sound hostile, but ...
> ... quite frankly, you need to do your homework first.

+1

--

73,
Ged.

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Re: [clamav-users] Running ClamAV for production workloads [ In reply to ]
Thanks for all your help and support.

I will do some research in my end and get back to you with specific Clam AV
questions.



On Wed, Jun 9, 2021 at 2:29 AM G.W. Haywood via clamav-users <
clamav-users@lists.clamav.net> wrote:

> Hi there,
>
> On Wed, 9 Jun 2021, Ralph Seichter via clamav-users wrote:
>
> > * Karthik Iyer via clamav-users:
> >
> >> I plan to run clamav on docker instances in a kubernetes cluster.
> >>
> >> What would be the process of updating the pods in the cluster ?
> >
> > Not meaning to sound hostile, but ...
> > ... quite frankly, you need to do your homework first.
>
> +1
>
> --
>
> 73,
> Ged.
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
Re: [clamav-users] Running ClamAV for production workloads [ In reply to ]
On 6/8/21 10:44 PM, Karthik Iyer via clamav-users wrote:
> I plan to run clamav on docker instances in a kubernetes cluster.

Okay....

> What would be the process of updating the pods in the cluster ?

I'm not a Kubernetes nor Docker person myself. But those that I talk to
tell me that when you need to update the version of something inside a
container, it's time to deploy a new container with the new version and
get rid of the old container.

>  Also can you point out to any resources for updating the visits and
> malware definition and upgrading ClamAV?

Definition files are definitely different than the scanning engine.
Maybe you could deploy a new container daily with the day's definitions.

Or, as Joel indicated, run a local mirror (private or otherwise) and
have your containers pull their updates from said mirror.



--
Grant. . . .
unix || die