What needs to be done?
📌 Overview
Develop a Helm subchart for deploying the ClamAV service as part of the email system. This chart will provide antivirus scanning capabilities and integrate with other components such as Rspamd.
🎯 Objectives
- Package ClamAV as a reusable Helm subchart.
- Enable antivirus scanning for incoming emails.
- Support persistent storage for virus definitions.
- Ensure the chart is configurable and production-ready.
🧩 Scope
1. Chart Initialization
2. Kubernetes Resources
Implement templates for:
Deployment / StatefulSet
-
Deploy ClamAV container (clamav/clamav)
-
Configure environment variables:
CLAMAV_NO_FRESHCLAMD=false
-
Ensure proper startup (ClamAV initializes virus DB)
Service
PersistentVolumeClaim
-
Store virus database:
-
Store logs:
3. Configuration (values.yaml)
Support configurable parameters:
Image
image:
repository: clamav/clamav
tag: latest
pullPolicy: IfNotPresent
Resources (Important)
resources:
requests:
memory: 1Gi
cpu: 200m
limits:
memory: 3Gi
cpu: 1
Persistence
persistence:
enabled: true
storageClass: <storage-class>
size: 10Gi
Service
service:
type: ClusterIP
port: 3310
4. Health Checks
Add probes to ensure reliability:
-
Readiness Probe
- Verify ClamAV daemon is ready (TCP check on port 3310)
-
Liveness Probe
- Ensure container is running and responsive
5. Configuration Management
- Allow environment variable configuration via
values.yaml
- Support optional tuning (e.g., update frequency)
6. Resource Management
- Ensure sufficient memory allocation (ClamAV is resource-intensive)
- Prevent OOMKilled issues via proper limits
7. Integration Readiness
8. Testing
-
Add Helm test hook to:
- Verify ClamAV service is reachable on port 3310
- Validate daemon startup
9. Documentation
Create README.md including:
- Installation instructions
- Resource requirements
- Configuration options
- Integration notes with Rspamd
📦 Deliverables
- Complete
clamav Helm subchart
- Configurable
values.yaml
- Templates (Deployment/StatefulSet, Service, PVC)
- Documentation
✅ Acceptance Criteria
- ClamAV deploys successfully via Helm
- Virus database persists across restarts
- Service is accessible internally
- Resource usage is configurable
- Chart integrates cleanly with the umbrella chart
⚠️ Notes
- ClamAV is memory-intensive; ensure adequate resource allocation.
- Initial startup may be slow due to database download.
- Avoid tight coupling with other services at this stage.
What needs to be done?
📌 Overview
Develop a Helm subchart for deploying the ClamAV service as part of the email system. This chart will provide antivirus scanning capabilities and integrate with other components such as Rspamd.
🎯 Objectives
🧩 Scope
1. Chart Initialization
Create a new Helm chart under:
Define
Chart.yamlwith appropriate metadata.2. Kubernetes Resources
Implement templates for:
Deployment / StatefulSet
Deploy ClamAV container (
clamav/clamav)Configure environment variables:
CLAMAV_NO_FRESHCLAMD=falseEnsure proper startup (ClamAV initializes virus DB)
Service
Expose ClamAV daemon internally:
3310(TCP)Service type:
ClusterIPPersistentVolumeClaim
Store virus database:
Store logs:
3. Configuration (
values.yaml)Support configurable parameters:
Image
Resources (Important)
Persistence
Service
4. Health Checks
Add probes to ensure reliability:
Readiness Probe
Liveness Probe
5. Configuration Management
values.yaml6. Resource Management
7. Integration Readiness
Ensure compatibility with:
Keep chart loosely coupled (no hard dependency)
8. Testing
Add Helm test hook to:
9. Documentation
Create
README.mdincluding:📦 Deliverables
clamavHelm subchartvalues.yaml✅ Acceptance Criteria