Antivirus software adds an unknown variable to the existing complexity of Kubernetes. Most of them have not yet kept up with newer technologies such as Kubernetes and have not reached a CNCF certified status. In environments where antivirus software had been enabled, there has seen issues stemming from interfering actions from such software. As an example, there have been incidents where the antivirus software had pruned files in the ContainerD filesystem incorrectly, causing the ContainerD mounts to go corrupt and causing data loss.
Issues resulting from third-party tools, such as antivirus and intrusion detection software, interfering with ContainerD or other necessary system calls are deemed resolved should disabling such tools restore functionality.
Also, having Antivirus software running in the nodes can result in poor performance. Some antivirus software may continue to impact even if all paths our products rely on are excluded. Whilst performing scanning and inspection of files, disk I/O and CPU usage can increase, thus slowing our product performance. In some cases, this reduction in performance can be dramatic and can even render our products impossible to use.
Lastly, where a customer environment has deviated from our supported configurations, we always reserve the right to recommend the customer to revert to a supported configuration to resolve the reported issue.