Part 2. Running Kaspersky Scan Engine in Docker

To run the Kaspersky Scan Engine in Docker:

  1. Open command line.
  2. Load the image to the local Docker registry:
    • For HTTP mode:

      docker load -i kaspersky_scanengine_httpd.tar

    • For ICAP mode:

      docker load -i kaspersky_scanengine_icapd.tar

  3. Check that the image is available in Docker:

    docker images

    The displayed list must contain the following images:

    • For HTTP mode:

      kaspersky/scanengine_httpd:%KSE_VERSION%

    • For ICAP mode:

      kaspersky/scanengine_icapd:%KSE_VERSION%

    In the list above, %KSE_VERSION% is the version of Kaspersky Scan Engine used in Docker images. For example, 2.0.0.1157.

  4. Run the Kaspersky Scan Engine Docker container, for example, as shown below:
    • HTTP mode:

      docker run -d -p 8080:8443 -p 8085:9998 -v %CONFIGURATION_FILES_DIRECTORY%:/tmp/scanengine/mounted/configs -v %LICENSE_FILE_DIRECTORY%:/tmp/scanengine/mounted/lic -v %KEY_FILE_DIRECTORY%:/tmp/scanengine/mounted/key -v %LOGS_DIRECTORY%:/tmp/scanengine/mounted/logs -v %SYSLOGS_DIRECTORY%:/var/log/kaspersky --name KSE_HTTPD kaspersky/scanengine_httpd:%KSE_VERSION%

    • ICAP mode:

      docker run -d -p 8080:8443 -p 8085:1344 -v %CONFIGURATION_FILES_DIRECTORY%:/tmp/scanengine/mounted/configs -v %LICENSE_FILE_DIRECTORY%:/tmp/scanengine/mounted/lic -v %KEY_FILE_DIRECTORY%:/tmp/scanengine/mounted/key -v %LOGS_DIRECTORY%:/tmp/scanengine/mounted/logs -v %SYSLOGS_DIRECTORY%:/var/log/kaspersky --name KSE_ICAPD kaspersky/scanengine_icapd:%KSE_VERSION%

    In the command above:

    • %CONFIGURATION_FILES_DIRECTORY% is the host directory containing the configuration files.
    • %LICENSE_FILE_DIRECTORY% is the host directory containing the key file or activation code.
    • %KEY_FILE_DIRECTORY% is the host directory containing the kl_scanengine_db.key file. Remove it if you did not enable Kaspersky Scan Engine GUI.
    • %LOGS_DIRECTORY% is the host directory for log files. Remove it if you did not enable logging to a mounted directory.
    • %SYSLOGS_DIRECTORY% is the host directory for syslog files. Remove it if you did not enable Syslog logging to a mounted directory.

      Make sure that all users have the write access to %LOGS_DIRECTORY% and %SYSLOGS_DIRECTORY%. This is necessary because Kaspersky Scan Engine does not have root privileges when it runs inside the container.

    • %KSE_VERSION% is the version of Kaspersky Scan Engine used in Docker images. For example, 2.0.0.1157.

    It is recommended to use the kse_docker_control.sh script to run and manage containers. For more information, see section "Managing Docker containers".

Page top