Setting up ClamAV with CTDB
PrereqsConfigure CTDB as above and set it up to use public ipaddresses.
Verify that the CTDB cluster works.
ConfigurationConfigure clamd on each node on the cluster.
For details how to configure clamd check its documentation.
/etc/sysconfig/ctdbAdd the following lines to the /etc/sysconfig/ctdb configuration file.
CTDB_MANAGES_CLAMD=yes CTDB_CLAMD_SOCKET="/path/to/clamd.sock"Disable clamd in chkconfig so that it does not start by default. Instead CTDB will start/stop clamd as required.
chkconfig clamd off
Events scriptThe CTDB distribution already comes with an events script for clamd in the file /etc/ctdb/events.d/31.clamd
There should not be any need to edit this file. What you need is to set it as executable, with command like this:
chmod +x /etc/ctdb/events.d/31.clamdTo check if ctdb monitoring and handling with clamd, you can check outpout of command:
Restart your clusterNext time your cluster restarts, CTDB will start managing the clamd service.
If the cluster is already in production you may not want to restart the entire cluster since this would disrupt services.
Insted you can just disable/enable the nodes one by one. Once a node becomes enabled again it will start the clamd service.
Follow the procedure below for each node, one node at a time :
1 Disable the nodeUse the ctdb command to disable the node :
ctdb -n NODE disable
2 Wait until the cluster has recoveredUse the ctdb tool to monitor until the cluster has recovered, i.e. Recovery mode is NORMAL. This should happen within seconds of when you disabled the node.
3 Enable the node againRe-enable the node again which will start the newly configured vsftp service.
ctdb -n NODE enable
See alsoThe CLAMAV section in the ctdbd manpage.