OpenStack Object Storage (swift)

Virus Scanning

Asked by Travis W Kiel

What should I expect to happen if I clamscan my storage nodes and object's are quarantined? This also assuming that all storage nodes get their scans at the same time, hopefully avoiding replications.

Question information

Language:
English Edit question
Status:
Solved
For:
OpenStack Object Storage (swift) Edit question
Assignee:
No assignee Edit question
Solved by:
gholt
Solved:
Last query:
Last reply:
Revision history for this message
Best gholt (gholt) said : 		#1

Assuming it amazingly detected the virus on all three (assuming three replicas here) object servers at exactly the same time (and that's a HUGE assumption), the object would still be in the container listings, though any attempt to retrieve the object would 404. This would cause auditing and billing problems.

A better way to implement virus scanning is to issue a delete to the proxy server (or using the proxy server's logic) so that the deletion tombstone is created on all three object servers and all three container servers are updated. Also, somehow notifying the user that their object was deleted due to virus detected would be important.

Revision history for this message
Travis W Kiel (twkiel) said : 		#2

Thanks gholt, that solved my question.