Auto Merge of PR 59 - signoz-ansible-configs
Merged by Trez.One
This commit was merged in pull request #59.
This commit is contained in:
@@ -0,0 +1,75 @@
|
|||||||
|
<?xml version="1.0"?>
|
||||||
|
<clickhouse>
|
||||||
|
<!-- ZooKeeper is used to store metadata about replicas, when using Replicated tables.
|
||||||
|
Optional. If you don't use replicated tables, you could omit that.
|
||||||
|
|
||||||
|
See https://clickhouse.com/docs/en/engines/table-engines/mergetree-family/replication/
|
||||||
|
-->
|
||||||
|
<zookeeper>
|
||||||
|
<node index="1">
|
||||||
|
<host>zookeeper-1</host>
|
||||||
|
<port>2181</port>
|
||||||
|
</node>
|
||||||
|
<node index="2">
|
||||||
|
<host>zookeeper-2</host>
|
||||||
|
<port>2181</port>
|
||||||
|
</node>
|
||||||
|
<node index="3">
|
||||||
|
<host>zookeeper-3</host>
|
||||||
|
<port>2181</port>
|
||||||
|
</node>
|
||||||
|
</zookeeper>
|
||||||
|
|
||||||
|
<!-- Configuration of clusters that could be used in Distributed tables.
|
||||||
|
https://clickhouse.com/docs/en/operations/table_engines/distributed/
|
||||||
|
-->
|
||||||
|
<remote_servers>
|
||||||
|
<cluster>
|
||||||
|
<!-- Inter-server per-cluster secret for Distributed queries
|
||||||
|
default: no secret (no authentication will be performed)
|
||||||
|
|
||||||
|
If set, then Distributed queries will be validated on shards, so at least:
|
||||||
|
- such cluster should exist on the shard,
|
||||||
|
- such cluster should have the same secret.
|
||||||
|
|
||||||
|
And also (and which is more important), the initial_user will
|
||||||
|
be used as current user for the query.
|
||||||
|
|
||||||
|
Right now the protocol is pretty simple and it only takes into account:
|
||||||
|
- cluster name
|
||||||
|
- query
|
||||||
|
|
||||||
|
Also it will be nice if the following will be implemented:
|
||||||
|
- source hostname (see interserver_http_host), but then it will depends from DNS,
|
||||||
|
it can use IP address instead, but then the you need to get correct on the initiator node.
|
||||||
|
- target hostname / ip address (same notes as for source hostname)
|
||||||
|
- time-based security tokens
|
||||||
|
-->
|
||||||
|
<!-- <secret></secret> -->
|
||||||
|
<shard>
|
||||||
|
<!-- Optional. Whether to write data to just one of the replicas. Default: false (write data to all replicas). -->
|
||||||
|
<!-- <internal_replication>false</internal_replication> -->
|
||||||
|
<!-- Optional. Shard weight when writing data. Default: 1. -->
|
||||||
|
<!-- <weight>1</weight> -->
|
||||||
|
<replica>
|
||||||
|
<host>clickhouse</host>
|
||||||
|
<port>9000</port>
|
||||||
|
<!-- Optional. Priority of the replica for load_balancing. Default: 1 (less value has more priority). -->
|
||||||
|
<!-- <priority>1</priority> -->
|
||||||
|
</replica>
|
||||||
|
</shard>
|
||||||
|
<shard>
|
||||||
|
<replica>
|
||||||
|
<host>clickhouse-2</host>
|
||||||
|
<port>9000</port>
|
||||||
|
</replica>
|
||||||
|
</shard>
|
||||||
|
<shard>
|
||||||
|
<replica>
|
||||||
|
<host>clickhouse-3</host>
|
||||||
|
<port>9000</port>
|
||||||
|
</replica>
|
||||||
|
</shard>
|
||||||
|
</cluster>
|
||||||
|
</remote_servers>
|
||||||
|
</clickhouse>
|
||||||
@@ -0,0 +1,75 @@
|
|||||||
|
<?xml version="1.0"?>
|
||||||
|
<clickhouse>
|
||||||
|
<!-- ZooKeeper is used to store metadata about replicas, when using Replicated tables.
|
||||||
|
Optional. If you don't use replicated tables, you could omit that.
|
||||||
|
|
||||||
|
See https://clickhouse.com/docs/en/engines/table-engines/mergetree-family/replication/
|
||||||
|
-->
|
||||||
|
<zookeeper>
|
||||||
|
<node index="1">
|
||||||
|
<host>zookeeper-1</host>
|
||||||
|
<port>2181</port>
|
||||||
|
</node>
|
||||||
|
<!-- <node index="2">
|
||||||
|
<host>zookeeper-2</host>
|
||||||
|
<port>2181</port>
|
||||||
|
</node>
|
||||||
|
<node index="3">
|
||||||
|
<host>zookeeper-3</host>
|
||||||
|
<port>2181</port>
|
||||||
|
</node> -->
|
||||||
|
</zookeeper>
|
||||||
|
|
||||||
|
<!-- Configuration of clusters that could be used in Distributed tables.
|
||||||
|
https://clickhouse.com/docs/en/operations/table_engines/distributed/
|
||||||
|
-->
|
||||||
|
<remote_servers>
|
||||||
|
<cluster>
|
||||||
|
<!-- Inter-server per-cluster secret for Distributed queries
|
||||||
|
default: no secret (no authentication will be performed)
|
||||||
|
|
||||||
|
If set, then Distributed queries will be validated on shards, so at least:
|
||||||
|
- such cluster should exist on the shard,
|
||||||
|
- such cluster should have the same secret.
|
||||||
|
|
||||||
|
And also (and which is more important), the initial_user will
|
||||||
|
be used as current user for the query.
|
||||||
|
|
||||||
|
Right now the protocol is pretty simple and it only takes into account:
|
||||||
|
- cluster name
|
||||||
|
- query
|
||||||
|
|
||||||
|
Also it will be nice if the following will be implemented:
|
||||||
|
- source hostname (see interserver_http_host), but then it will depends from DNS,
|
||||||
|
it can use IP address instead, but then the you need to get correct on the initiator node.
|
||||||
|
- target hostname / ip address (same notes as for source hostname)
|
||||||
|
- time-based security tokens
|
||||||
|
-->
|
||||||
|
<!-- <secret></secret> -->
|
||||||
|
<shard>
|
||||||
|
<!-- Optional. Whether to write data to just one of the replicas. Default: false (write data to all replicas). -->
|
||||||
|
<!-- <internal_replication>false</internal_replication> -->
|
||||||
|
<!-- Optional. Shard weight when writing data. Default: 1. -->
|
||||||
|
<!-- <weight>1</weight> -->
|
||||||
|
<replica>
|
||||||
|
<host>clickhouse</host>
|
||||||
|
<port>9000</port>
|
||||||
|
<!-- Optional. Priority of the replica for load_balancing. Default: 1 (less value has more priority). -->
|
||||||
|
<!-- <priority>1</priority> -->
|
||||||
|
</replica>
|
||||||
|
</shard>
|
||||||
|
<!-- <shard>
|
||||||
|
<replica>
|
||||||
|
<host>clickhouse-2</host>
|
||||||
|
<port>9000</port>
|
||||||
|
</replica>
|
||||||
|
</shard>
|
||||||
|
<shard>
|
||||||
|
<replica>
|
||||||
|
<host>clickhouse-3</host>
|
||||||
|
<port>9000</port>
|
||||||
|
</replica>
|
||||||
|
</shard> -->
|
||||||
|
</cluster>
|
||||||
|
</remote_servers>
|
||||||
|
</clickhouse>
|
||||||
File diff suppressed because it is too large
Load Diff
@@ -0,0 +1,21 @@
|
|||||||
|
<functions>
|
||||||
|
<function>
|
||||||
|
<type>executable</type>
|
||||||
|
<name>histogramQuantile</name>
|
||||||
|
<return_type>Float64</return_type>
|
||||||
|
<argument>
|
||||||
|
<type>Array(Float64)</type>
|
||||||
|
<name>buckets</name>
|
||||||
|
</argument>
|
||||||
|
<argument>
|
||||||
|
<type>Array(Float64)</type>
|
||||||
|
<name>counts</name>
|
||||||
|
</argument>
|
||||||
|
<argument>
|
||||||
|
<type>Float64</type>
|
||||||
|
<name>quantile</name>
|
||||||
|
</argument>
|
||||||
|
<format>CSV</format>
|
||||||
|
<command>./histogramQuantile</command>
|
||||||
|
</function>
|
||||||
|
</functions>
|
||||||
@@ -0,0 +1,41 @@
|
|||||||
|
<?xml version="1.0"?>
|
||||||
|
<clickhouse>
|
||||||
|
<storage_configuration>
|
||||||
|
<disks>
|
||||||
|
<default>
|
||||||
|
<keep_free_space_bytes>10485760</keep_free_space_bytes>
|
||||||
|
</default>
|
||||||
|
<s3>
|
||||||
|
<type>s3</type>
|
||||||
|
<!-- For S3 cold storage,
|
||||||
|
if region is us-east-1, endpoint can be https://<bucket-name>.s3.amazonaws.com
|
||||||
|
if region is not us-east-1, endpoint should be https://<bucket-name>.s3-<region>.amazonaws.com
|
||||||
|
For GCS cold storage,
|
||||||
|
endpoint should be https://storage.googleapis.com/<bucket-name>/data/
|
||||||
|
-->
|
||||||
|
<endpoint>https://BUCKET-NAME.s3-REGION-NAME.amazonaws.com/data/</endpoint>
|
||||||
|
<access_key_id>ACCESS-KEY-ID</access_key_id>
|
||||||
|
<secret_access_key>SECRET-ACCESS-KEY</secret_access_key>
|
||||||
|
<!-- In case of S3, uncomment the below configuration in case you want to read
|
||||||
|
AWS credentials from the Environment variables if they exist. -->
|
||||||
|
<!-- <use_environment_credentials>true</use_environment_credentials> -->
|
||||||
|
<!-- In case of GCS, uncomment the below configuration, since GCS does
|
||||||
|
not support batch deletion and result in error messages in logs. -->
|
||||||
|
<!-- <support_batch_delete>false</support_batch_delete> -->
|
||||||
|
</s3>
|
||||||
|
</disks>
|
||||||
|
<policies>
|
||||||
|
<tiered>
|
||||||
|
<volumes>
|
||||||
|
<default>
|
||||||
|
<disk>default</disk>
|
||||||
|
</default>
|
||||||
|
<s3>
|
||||||
|
<disk>s3</disk>
|
||||||
|
<perform_ttl_move_on_insert>0</perform_ttl_move_on_insert>
|
||||||
|
</s3>
|
||||||
|
</volumes>
|
||||||
|
</tiered>
|
||||||
|
</policies>
|
||||||
|
</storage_configuration>
|
||||||
|
</clickhouse>
|
||||||
@@ -0,0 +1,123 @@
|
|||||||
|
<?xml version="1.0"?>
|
||||||
|
<clickhouse>
|
||||||
|
<!-- See also the files in users.d directory where the settings can be overridden. -->
|
||||||
|
|
||||||
|
<!-- Profiles of settings. -->
|
||||||
|
<profiles>
|
||||||
|
<!-- Default settings. -->
|
||||||
|
<default>
|
||||||
|
<!-- Maximum memory usage for processing single query, in bytes. -->
|
||||||
|
<max_memory_usage>10000000000</max_memory_usage>
|
||||||
|
|
||||||
|
<!-- How to choose between replicas during distributed query processing.
|
||||||
|
random - choose random replica from set of replicas with minimum number of errors
|
||||||
|
nearest_hostname - from set of replicas with minimum number of errors, choose replica
|
||||||
|
with minimum number of different symbols between replica's hostname and local hostname
|
||||||
|
(Hamming distance).
|
||||||
|
in_order - first live replica is chosen in specified order.
|
||||||
|
first_or_random - if first replica one has higher number of errors, pick a random one from replicas with minimum number of errors.
|
||||||
|
-->
|
||||||
|
<load_balancing>random</load_balancing>
|
||||||
|
</default>
|
||||||
|
|
||||||
|
<!-- Profile that allows only read queries. -->
|
||||||
|
<readonly>
|
||||||
|
<readonly>1</readonly>
|
||||||
|
</readonly>
|
||||||
|
</profiles>
|
||||||
|
|
||||||
|
<!-- Users and ACL. -->
|
||||||
|
<users>
|
||||||
|
<!-- If user name was not specified, 'default' user is used. -->
|
||||||
|
<default>
|
||||||
|
<!-- See also the files in users.d directory where the password can be overridden.
|
||||||
|
|
||||||
|
Password could be specified in plaintext or in SHA256 (in hex format).
|
||||||
|
|
||||||
|
If you want to specify password in plaintext (not recommended), place it in 'password' element.
|
||||||
|
Example: <password>qwerty</password>.
|
||||||
|
Password could be empty.
|
||||||
|
|
||||||
|
If you want to specify SHA256, place it in 'password_sha256_hex' element.
|
||||||
|
Example: <password_sha256_hex>65e84be33532fb784c48129675f9eff3a682b27168c0ea744b2cf58ee02337c5</password_sha256_hex>
|
||||||
|
Restrictions of SHA256: impossibility to connect to ClickHouse using MySQL JS client (as of July 2019).
|
||||||
|
|
||||||
|
If you want to specify double SHA1, place it in 'password_double_sha1_hex' element.
|
||||||
|
Example: <password_double_sha1_hex>e395796d6546b1b65db9d665cd43f0e858dd4303</password_double_sha1_hex>
|
||||||
|
|
||||||
|
If you want to specify a previously defined LDAP server (see 'ldap_servers' in the main config) for authentication,
|
||||||
|
place its name in 'server' element inside 'ldap' element.
|
||||||
|
Example: <ldap><server>my_ldap_server</server></ldap>
|
||||||
|
|
||||||
|
If you want to authenticate the user via Kerberos (assuming Kerberos is enabled, see 'kerberos' in the main config),
|
||||||
|
place 'kerberos' element instead of 'password' (and similar) elements.
|
||||||
|
The name part of the canonical principal name of the initiator must match the user name for authentication to succeed.
|
||||||
|
You can also place 'realm' element inside 'kerberos' element to further restrict authentication to only those requests
|
||||||
|
whose initiator's realm matches it.
|
||||||
|
Example: <kerberos />
|
||||||
|
Example: <kerberos><realm>EXAMPLE.COM</realm></kerberos>
|
||||||
|
|
||||||
|
How to generate decent password:
|
||||||
|
Execute: PASSWORD=$(base64 < /dev/urandom | head -c8); echo "$PASSWORD"; echo -n "$PASSWORD" | sha256sum | tr -d '-'
|
||||||
|
In first line will be password and in second - corresponding SHA256.
|
||||||
|
|
||||||
|
How to generate double SHA1:
|
||||||
|
Execute: PASSWORD=$(base64 < /dev/urandom | head -c8); echo "$PASSWORD"; echo -n "$PASSWORD" | sha1sum | tr -d '-' | xxd -r -p | sha1sum | tr -d '-'
|
||||||
|
In first line will be password and in second - corresponding double SHA1.
|
||||||
|
-->
|
||||||
|
<password></password>
|
||||||
|
|
||||||
|
<!-- List of networks with open access.
|
||||||
|
|
||||||
|
To open access from everywhere, specify:
|
||||||
|
<ip>::/0</ip>
|
||||||
|
|
||||||
|
To open access only from localhost, specify:
|
||||||
|
<ip>::1</ip>
|
||||||
|
<ip>127.0.0.1</ip>
|
||||||
|
|
||||||
|
Each element of list has one of the following forms:
|
||||||
|
<ip> IP-address or network mask. Examples: 213.180.204.3 or 10.0.0.1/8 or 10.0.0.1/255.255.255.0
|
||||||
|
2a02:6b8::3 or 2a02:6b8::3/64 or 2a02:6b8::3/ffff:ffff:ffff:ffff::.
|
||||||
|
<host> Hostname. Example: server01.clickhouse.com.
|
||||||
|
To check access, DNS query is performed, and all received addresses compared to peer address.
|
||||||
|
<host_regexp> Regular expression for host names. Example, ^server\d\d-\d\d-\d\.clickhouse\.com$
|
||||||
|
To check access, DNS PTR query is performed for peer address and then regexp is applied.
|
||||||
|
Then, for result of PTR query, another DNS query is performed and all received addresses compared to peer address.
|
||||||
|
Strongly recommended that regexp is ends with $
|
||||||
|
All results of DNS requests are cached till server restart.
|
||||||
|
-->
|
||||||
|
<networks>
|
||||||
|
<ip>::/0</ip>
|
||||||
|
</networks>
|
||||||
|
|
||||||
|
<!-- Settings profile for user. -->
|
||||||
|
<profile>default</profile>
|
||||||
|
|
||||||
|
<!-- Quota for user. -->
|
||||||
|
<quota>default</quota>
|
||||||
|
|
||||||
|
<!-- User can create other users and grant rights to them. -->
|
||||||
|
<!-- <access_management>1</access_management> -->
|
||||||
|
</default>
|
||||||
|
</users>
|
||||||
|
|
||||||
|
<!-- Quotas. -->
|
||||||
|
<quotas>
|
||||||
|
<!-- Name of quota. -->
|
||||||
|
<default>
|
||||||
|
<!-- Limits for time interval. You could specify many intervals with different limits. -->
|
||||||
|
<interval>
|
||||||
|
<!-- Length of interval. -->
|
||||||
|
<duration>3600</duration>
|
||||||
|
|
||||||
|
<!-- No limits. Just calculate resource usage for time interval. -->
|
||||||
|
<queries>0</queries>
|
||||||
|
<errors>0</errors>
|
||||||
|
<result_rows>0</result_rows>
|
||||||
|
<read_rows>0</read_rows>
|
||||||
|
<execution_time>0</execution_time>
|
||||||
|
</interval>
|
||||||
|
</default>
|
||||||
|
</quotas>
|
||||||
|
</clickhouse>
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
server_endpoint: ws://signoz:4320/v1/opamp
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
server_endpoint: ws://signoz:4320/v1/opamp
|
||||||
@@ -0,0 +1,25 @@
|
|||||||
|
# my global config
|
||||||
|
global:
|
||||||
|
scrape_interval: 5s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
|
||||||
|
evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute.
|
||||||
|
# scrape_timeout is set to the global default (10s).
|
||||||
|
|
||||||
|
# Alertmanager configuration
|
||||||
|
alerting:
|
||||||
|
alertmanagers:
|
||||||
|
- static_configs:
|
||||||
|
- targets:
|
||||||
|
- alertmanager:9093
|
||||||
|
|
||||||
|
# Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
|
||||||
|
rule_files: []
|
||||||
|
# - "first_rules.yml"
|
||||||
|
# - "second_rules.yml"
|
||||||
|
# - 'alerts.yml'
|
||||||
|
|
||||||
|
# A scrape configuration containing exactly one endpoint to scrape:
|
||||||
|
# Here it's Prometheus itself.
|
||||||
|
scrape_configs: []
|
||||||
|
|
||||||
|
remote_read:
|
||||||
|
- url: tcp://clickhouse:9000/signoz_metrics
|
||||||
Reference in New Issue
Block a user