docker build -t packetchef/icap-clamav-server:1.0 .

docker run --rm -d -p 1344:1344 --name scanner packetchef/icap-clamav-server:1.0

c-icap-client -v -i icap.clamav.server.example.com -s avscan -f eicar.txt

The Dockerfile used to call: echo "Default Service avscan" >> /etc/c-icap/c-icap.conf

Dockerfile also used to include: sed -i 's/^Service antivirus_module/Service avscan/' /etc/c-icap/virus_scan.conf && \

Which we left as, Service antivirus_module and instead added a ServiceAlias avscan antivirus_module

Right now, the scanner Docker build pulls signature updates with freshclam. Future state, scanner will just be the scanner, and updater will be responsible for pulling signatures and sharing with the cluster through a Persistent Volume Claim mounted at /var/lib/clamav. The updater container could stay running constantly, but ideally should be scheduled as a task that runs on a periodic basis.

We should also consider whether a scanner container should run just one c-icap server/process/thread, and let the cluster scale out as needed. I'm also not sure if running entrypoint.sh is the right approach to starting up c-icap, but for now it works.

Also need to solve for scanner logging. Right now, c-icap logs to /var/log/c-icap inside the container. This should log instead to stdout.