f5devcentral
diff --git a/‎docker-compose.yaml‎
Lines changed: 20 additions & 0 deletions b/‎docker-compose.yaml‎
Lines changed: 20 additions & 0 deletions
diff --git a/‎services/clickhouse/config.d/config.xml‎
Lines changed: 25 additions & 0 deletions b/‎services/clickhouse/config.d/config.xml‎
Lines changed: 25 additions & 0 deletions
diff --git a/‎services/clickhouse/docker-entrypoint-initdb.d/init-otel-db.sh‎
Lines changed: 111 additions & 0 deletions b/‎services/clickhouse/docker-entrypoint-initdb.d/init-otel-db.sh‎
Lines changed: 111 additions & 0 deletions
diff --git a/‎services/clickhouse/users.d/user-default.xml‎
Lines changed: 37 additions & 0 deletions b/‎services/clickhouse/users.d/user-default.xml‎
Lines changed: 37 additions & 0 deletions
diff --git a/‎services/clickhouse/users.d/user-grafana.xml‎
Lines changed: 16 additions & 0 deletions b/‎services/clickhouse/users.d/user-grafana.xml‎
Lines changed: 16 additions & 0 deletions
diff --git a/‎services/clickhouse/users.d/user-otel-collector.xml‎
Lines changed: 19 additions & 0 deletions b/‎services/clickhouse/users.d/user-otel-collector.xml‎
Lines changed: 19 additions & 0 deletions
@@ -3,6 +3,7 @@ version: '3'
 volumes:
   prometheus:
   grafana:
+  clickhouse:
 
 services:
   prometheus:
@@ -55,5 +56,24 @@ services:
     networks:
       - 7lc_network
 
+  clickhouse:
+    image: clickhouse/clickhouse-server:25.1.4
+    user: "101:101"
+    hostname: clickhouse
+    ulimits:
+      nofile:
+        soft: 262144
+        hard: 262144
+    volumes:
+      - ./services/clickhouse/config.d:/etc/clickhouse-server/config.d
+      - ./services/clickhouse/users.d:/etc/clickhouse-server/users.d
+      - ./services/clickhouse/docker-entrypoint-initdb.d/init-otel-db.sh:/docker-entrypoint-initdb.d/init-otel-db.sh
+      - clickhouse:/var/lib/clickhouse
+    env_file: ".env"
+    healthcheck:
+      test: wget --no-verbose --tries=1 --spider http://localhost:8123/ping || exit 1
+    networks:
+      - 7lc_network
+
 networks:
   7lc_network:
@@ -0,0 +1,25 @@
+<clickhouse replace="true">
+    <logger>
+        <level>notice</level>
+        <console>true</console>
+    </logger>
+    <display_name>clickhouse</display_name>
+    <listen_host from_env="HOSTNAME" />
+    <http_port>8123</http_port>
+    <tcp_port>9000</tcp_port>
+    <user_directories>
+        <users_xml>
+            <path>users.xml</path>
+        </users_xml>
+        <local_directory>
+            <path>/var/lib/clickhouse/access/</path>
+        </local_directory>
+    </user_directories>
+    <prometheus>
+        <endpoint>/metrics</endpoint>
+        <port>9126</port>
+        <metrics>true</metrics>
+        <events>true</events>
+        <asynchronous_metrics>true</asynchronous_metrics>
+    </prometheus>
+</clickhouse>
@@ -0,0 +1,111 @@
+#!/bin/bash
+set -e
+
+echo "=== OTEL DB Initialization Script Started ==="
+
+clickhouse client <<-EOSQL
+    CREATE DATABASE IF NOT EXISTS otel;
+EOSQL
+
+# Create the null log table for incoming otel data
+clickhouse client <<-EOSQL
+    CREATE TABLE IF NOT EXISTS otel.otel_sslo_logs_null
+    (
+        Timestamp DateTime64(9) CODEC(Delta(8), ZSTD(1)),
+        ObservedTimestamp DateTime64(9) CODEC(Delta(8), ZSTD(1)),
+        TraceId String CODEC(ZSTD(1)),
+        SpanId String CODEC(ZSTD(1)),
+        TraceFlags UInt8,
+        SeverityText LowCardinality(String) CODEC(ZSTD(1)),
+        SeverityNumber UInt8,
+        ServiceName LowCardinality(String) CODEC(ZSTD(1)),
+        Body String CODEC(ZSTD(1)),
+        ResourceSchemaUrl LowCardinality(String) CODEC(ZSTD(1)),
+        ResourceAttributes Map(LowCardinality(String), String) CODEC(ZSTD(1)),
+        ScopeSchemaUrl LowCardinality(String) CODEC(ZSTD(1)),
+        ScopeName String CODEC(ZSTD(1)),
+        ScopeVersion LowCardinality(String) CODEC(ZSTD(1)),
+        ScopeAttributes Map(LowCardinality(String), String) CODEC(ZSTD(1)),
+        LogAttributes Map(LowCardinality(String), String) CODEC(ZSTD(1)),
+    )
+    ENGINE = Null;
+EOSQL
+
+
+# Create the actual table which logs will be stored in
+clickhouse client <<-EOSQL
+
+    CREATE TABLE IF NOT EXISTS otel.sslo_logs
+    (
+        Timestamp DateTime,
+        ObservedTimestamp DateTime,
+        hostname String CODEC(ZSTD(1)),
+        flow_id String CODEC(ZSTD(1)),
+        vip String CODEC(ZSTD(1)),
+        l4_protocol LowCardinality(String) CODEC(ZSTD(1)),
+        src_ip String CODEC(ZSTD(1)),
+        src_port UInt16,
+        dst_ip String CODEC(ZSTD(1)),
+        dst_port UInt16,
+        client_ssl_protocol LowCardinality(String) CODEC(ZSTD(1)),
+        client_ssl_cipher LowCardinality(String) CODEC(ZSTD(1)),
+        server_ssl_protocol LowCardinality(String) CODEC(ZSTD(1)),
+        server_ssl_cipher LowCardinality(String) CODEC(ZSTD(1)),
+        l7_protocol LowCardinality(String) CODEC(ZSTD(1)),
+        sslo_host String CODEC(ZSTD(1)),
+        decryption_status LowCardinality(String) CODEC(ZSTD(1)),
+        duration UInt64,
+        service_path String CODEC(ZSTD(1)),
+        client_bytes_in UInt64,
+        client_bytes_out UInt64,
+        server_bytes_in UInt64,
+        server_bytes_out UInt64,
+        client_tls_handshake LowCardinality(String) CODEC(ZSTD(1)),
+        server_tls_handshake LowCardinality(String) CODEC(ZSTD(1)),
+        reset_cause LowCardinality(String) CODEC(ZSTD(1)),
+        policy_rule LowCardinality(String) CODEC(ZSTD(1)),
+        url_category LowCardinality(String) CODEC(ZSTD(1)),
+        ingress String CODEC(ZSTD(1)),
+        egress String CODEC(ZSTD(1)),
+    )
+    ENGINE = MergeTree
+    ORDER BY (Timestamp)
+    TTL Timestamp + INTERVAL 24 HOUR;
+EOSQL
+
+# Create the Materialized View that populates the access log table from incoming
+# null logs.
+clickhouse client <<-EOSQL
+    CREATE MATERIALIZED VIEW IF NOT EXISTS otel.sslo_logs_mv TO otel.sslo_logs AS
+    SELECT  Timestamp::DateTime AS Timestamp,
+    ObservedTimestamp::DateTime AS ObservedTimestamp,
+    LogAttributes['hostname'] AS hostname,
+    LogAttributes['flow_id'] AS flow_id,
+    LogAttributes['vip'] AS vip,
+    LogAttributes['l4_protocol'] AS l4_protocol,
+    LogAttributes['src_ip'] AS src_ip,
+    LogAttributes['src_port'] AS src_port,
+    LogAttributes['dst_ip'] AS dst_ip,
+    LogAttributes['dst_port'] AS dst_port,
+    LogAttributes['client_ssl_protocol'] AS client_ssl_protocol,
+    LogAttributes['client_ssl_cipher'] AS client_ssl_cipher,
+    LogAttributes['server_ssl_protocol'] AS server_ssl_protocol,
+    LogAttributes['server_ssl_cipher'] AS server_ssl_cipher,
+    LogAttributes['l7_protocol'] AS l7_protocol,
+    LogAttributes['sslo_host'] AS sslo_host,
+    LogAttributes['decryption_status'] AS decryption_status,
+    LogAttributes['duration'] AS duration,
+    LogAttributes['service_path'] AS service_path,
+    LogAttributes['client_bytes_in'] AS client_bytes_in,
+    LogAttributes['client_bytes_out'] AS client_bytes_out,
+    LogAttributes['server_bytes_in'] AS server_bytes_in,
+    LogAttributes['server_bytes_out'] AS server_bytes_out,
+    LogAttributes['client_tls_handshake'] AS client_tls_handshake,
+    LogAttributes['server_tls_handshake'] AS server_tls_handshake,
+    LogAttributes['reset_cause'] AS reset_cause,
+    LogAttributes['policy_rule'] AS policy_rule,
+    LogAttributes['url_category'] AS url_category,
+    LogAttributes['ingress'] AS ingress,
+    LogAttributes['egress'] AS egress
+    FROM otel.otel_sslo_logs_null;
+EOSQL
@@ -0,0 +1,37 @@
+<?xml version="1.0"?>
+<clickhouse>
+	<profiles>
+        <default>
+            <max_memory_usage>10000000000</max_memory_usage>
+            <use_uncompressed_cache>0</use_uncompressed_cache>
+            <load_balancing>in_order</load_balancing>
+            <log_queries>1</log_queries>
+        </default>
+    </profiles>
+    <users>
+        <default>
+            <access_management>1</access_management>
+            <profile>default</profile>
+            <networks>
+                <host>localhost</host>
+            </networks>
+            <quota>default</quota>
+            <access_management>1</access_management>
+            <named_collection_control>1</named_collection_control>
+            <show_named_collections>1</show_named_collections>
+            <show_named_collections_secrets>1</show_named_collections_secrets>
+        </default>
+    </users>
+    <quotas>
+        <default>
+            <interval>
+                <duration>3600</duration>
+                <queries>0</queries>
+                <errors>0</errors>
+                <result_rows>0</result_rows>
+                <read_rows>0</read_rows>
+                <execution_time>0</execution_time>
+            </interval>
+        </default>
+    </quotas>
+</clickhouse>
@@ -0,0 +1,16 @@
+<?xml version="1.0"?>
+<clickhouse>
+    <users>
+        <grafana>
+            <profile>default</profile>
+            <networks>
+                <host>grafana</host>
+            </networks>
+            <quota>default</quota>
+            <password from_env="GRAFANA_CLICKHOUSE_PASSWORD" />
+            <grants>
+                <query>GRANT SELECT ON otel.*</query>
+            </grants>
+        </grafana>
+    </users>
+</clickhouse>
@@ -0,0 +1,19 @@
+<?xml version="1.0"?>
+<clickhouse>
+    <users>
+        <otel>
+            <profile>default</profile>
+            <networks>
+		        <host>otel-collector</host>
+            </networks>
+	        <grants>
+                <query>GRANT INSERT ON otel.*</query>
+                <query>GRANT SELECT ON otel.*</query>
+                <query>GRANT CREATE DATABASE ON otel.*</query>
+                <query>GRANT CREATE TABLE ON otel.*</query>
+            </grants>
+            <quota>default</quota>
+            <password from_env="OTEL_COLLECTOR_CLICKHOUSE_PASSWORD" />
+        </otel>
+    </users>
+</clickhouse>