├── Dockerfile
├── Makefile
├── README.md
├── cluster-coordinator
    ├── main.go
    ├── misc.go
    ├── net.go
    └── zk.go
├── config
    ├── config.xml
    ├── docker_related_config.xml
    └── users.xml
└── helm
    └── clickhouse-on-kube
        ├── .helmignore
        ├── Chart.yaml
        ├── Makefile
        ├── templates
            ├── NOTES.txt
            ├── _helpers.tpl
            ├── configmap_configd.yaml
            ├── configmap_usersd.yaml
            ├── ingress.yaml
            ├── roles.yaml
            ├── service.yaml
            └── statefulset.yaml
        └── values.yaml


/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM ubuntu:16.04
 2 | 
 3 | ARG repository="deb http://repo.yandex.ru/clickhouse/deb/stable/ main/"
 4 | ARG version=\*
 5 | 
 6 | RUN apt-get update && \
 7 |     apt-get install -y apt-transport-https && \
 8 |     mkdir -p /etc/apt/sources.list.d && \
 9 |     echo $repository | tee /etc/apt/sources.list.d/clickhouse.list && \
10 |     apt-get update && \
11 |     apt-get install --allow-unauthenticated -y clickhouse-server-common=$version clickhouse-server-base=$version && \
12 |     rm -rf /var/lib/apt/lists/* /var/cache/debconf
13 | 
14 | # extras
15 | RUN apt-get update --allow-unauthenticated && \
16 |     apt-get install --allow-unauthenticated -y vim curl git
17 | 
18 | # install go
19 | RUN cd /tmp && \
20 |     curl -O https://dl.google.com/go/go1.10.1.linux-amd64.tar.gz && \
21 |     tar -xvf go1.10.1.linux-amd64.tar.gz && \
22 |     mv go /usr/local && \
23 |     rm go1.10.1.linux-amd64.tar.gz
24 | 
25 | ENV GOROOT=/usr/local/go
26 | ENV PATH=$PATH:$GOROOT/bin
27 | 
28 | # clean 
29 | RUN apt-get clean
30 | 
31 | COPY ./config/docker_related_config.xml /etc/clickhouse-server/config.d/
32 | COPY ./config/config.xml /etc/clickhouse-server/
33 | COPY ./config/users.xml /etc/clickhouse-server/users.d/
34 | 
35 | # data / tmp db location
36 | RUN mkdir -p /clickhouse/data && \
37 |     mkdir -p /clickhouse/tmp
38 | 
39 | EXPOSE 9000 8123 9009
40 | VOLUME /var/lib/clickhouse
41 | 
42 | ENV CLICKHOUSE_CONFIG /etc/clickhouse-server/config.xml
43 | 
44 | ENTRYPOINT exec /usr/bin/clickhouse-server --config=${CLICKHOUSE_CONFIG}
45 | 


--------------------------------------------------------------------------------
/Makefile:
--------------------------------------------------------------------------------
 1 | # docker vars
 2 | REPO=dmitryb/clickhouse-server
 3 | TAG=latest
 4 | 
 5 | # build clickhouse-server docker image
 6 | docker-build:
 7 | 	docker build -t $(REPO):$(TAG) .
 8 | 
 9 | # push clickhouse-server docker image to hub
10 | docker-push:
11 | 	docker push $(REPO):$(TAG)
12 | 
13 | # create helm package and reindex
14 | helm-pckg:
15 | 	helm package ./helm/clickhouse-on-kube
16 | 	helm repo index .
17 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # clickhouse-on-kubernetes
 2 | 
 3 | Run clickhouse server on kubernetes
 4 | 
 5 | ## Quick start
 6 | 
 7 | ```bash
 8 | # clone repo
 9 | git clone https://github.com/DmitryBe/clickhouse-on-kubernetes.git
10 | cd clickhouse-on-kubernetes/helm/clickhouse-on-kube
11 | 
12 | # update values.yaml
13 | # replicaCount: 3 # number of nodes && shards (1 replica)
14 | # zk.servers: <your zk address> # or disable
15 | # nodeSelector.type: <node label> # or remove
16 | # disable elb (if running on google cloud | minikube)
17 | # resources: ...
18 | 
19 | # install chart
20 | helm install \
21 |     --name clickhouse-test \
22 |     --namespace=default .
23 | 
24 | # run clickhouse-client
25 | docker run -it --rm --net=host yandex/clickhouse-client -h <elb_endpoint>
26 | 
27 | # check cluster config
28 | :) select * from system.clusters
29 | 
30 | # create db and distrib table
31 | CREATE DATABASE IF NOT EXISTS DB01;
32 | dd
33 | USE DB01;
34 | 
35 | CREATE TABLE IF NOT EXISTS DB01.Table1 ON CLUSTER default_cluster
36 | (
37 |     UpdateDate Date,    
38 |     GeoHash String,    
39 |     NBooked UInt32  
40 | ) ENGINE = MergeTree(UpdateDate, (GeoHash, UpdateDate), 8192);
41 | 
42 | CREATE TABLE IF NOT EXISTS DB01.Table1_c ON CLUSTER default_cluster as DB01.Table1
43 | ENGINE = Distributed(default_cluster, DB01, Table1, cityHash64(GeoHash));
44 | 
45 | # insert some data
46 | INSERT INTO DB01.Table1_c VALUES ('2017-11-08', 'geo01', 1);
47 | INSERT INTO DB01.Table1_c VALUES ('2017-11-08', 'geo02', 2);
48 | INSERT INTO DB01.Table1_c VALUES ('2017-11-08', 'geo03', 3);
49 | 
50 | # query distrib table
51 | SELECT * FROM DB01.Table1_c
52 | ```
53 | 
54 | ## Dev
55 | 
56 | To rebuild docker image run: `make docker-build`
57 | 
58 | To rebuild helm package run: `make helm-pckg`
59 | 


--------------------------------------------------------------------------------
/cluster-coordinator/main.go:
--------------------------------------------------------------------------------
  1 | package main
  2 | 
  3 | import (
  4 | 	"fmt"
  5 | 	"os"
  6 | 	"time"
  7 | 
  8 | 	"github.com/samuel/go-zookeeper/zk"
  9 | )
 10 | 
 11 | // ClickHousePort is a default clickhous port
 12 | const ClickHousePort = 9000
 13 | 
 14 | // ClickHouseConfigLocation config path
 15 | const ClickHouseConfigD = "/etc/clickhouse-server/config.d"
 16 | 
 17 | // ClickhouseRemoteServersConfigFileName - cluster config file name
 18 | const ClickhouseRemoteServersConfigFileName = "clickhouse_remote_servers.xml"
 19 | 
 20 | // ClickHouseClusterName for remote servres config
 21 | const ClickHouseClusterName = "default_cluster"
 22 | 
 23 | func main() {
 24 | 	fmt.Println("starting coordinator")
 25 | 
 26 | 	// get zk connection
 27 | 	zksStr := os.Getenv("ZOOKEEPER_SERVERS")
 28 | 	if zksStr == "" {
 29 | 		panic("ZOOKEEPER_SERVERS is requried")
 30 | 	}
 31 | 	fmt.Println("zk: " + zksStr)
 32 | 
 33 | 	// get zk key path
 34 | 	zkPath := os.Getenv("ZOOKEEPER_PATH")
 35 | 	if zkPath == "" {
 36 | 		zkPath = "/clickhouse-coordinator-01"
 37 | 	}
 38 | 	fmt.Println("zk-path: " + zkPath)
 39 | 
 40 | 	clickHouseConfigD := os.Getenv("CLICKHOUSE_CONFIG_LOCATION")
 41 | 	if clickHouseConfigD == "" {
 42 | 		clickHouseConfigD = ClickHouseConfigD
 43 | 	}
 44 | 	fmt.Println("clickhouse config.d path: " + clickHouseConfigD)
 45 | 
 46 | 	// connect to zk
 47 | 	conn := zkConnect()
 48 | 	defer conn.Close()
 49 | 
 50 | 	// create root path
 51 | 	path, err := conn.Create(zkPath, []byte(""), int32(0), zk.WorldACL(zk.PermAll))
 52 | 	if err != nil {
 53 | 		fmt.Printf("zp path exists: %+v\n", zkPath)
 54 | 	}
 55 | 	fmt.Printf("create: %+v\n", path)
 56 | 
 57 | 	// start zk watcher
 58 | 	snapshots, errors := zkMirror(conn, zkPath)
 59 | 	// watching events
 60 | 	go func() {
 61 | 		for {
 62 | 			select {
 63 | 			case snapshot := <-snapshots:
 64 | 				remoteServerConfig := UpdateClusterConfig(snapshot, ClickHouseClusterName)
 65 | 				fmt.Println("--------------------------------------------------------")
 66 | 				fmt.Println(remoteServerConfig)
 67 | 				fmt.Println("--------------------------------------------------------")
 68 | 				if len(snapshot) > 0 {
 69 | 					// update config file
 70 | 					remoteServreConfigPath := fmt.Sprintf("%s/%s", clickHouseConfigD, ClickhouseRemoteServersConfigFileName)
 71 | 					fmt.Println("updating remote server config: " + remoteServreConfigPath)
 72 | 					err := WriteStringToFile(remoteServreConfigPath, remoteServerConfig)
 73 | 					must(err)
 74 | 				}
 75 | 
 76 | 			case err := <-errors:
 77 | 				panic(err)
 78 | 			}
 79 | 		}
 80 | 	}()
 81 | 
 82 | 	// worming up
 83 | 	time.Sleep(time.Second)
 84 | 
 85 | 	// get pod ip
 86 | 	ip := GetLocalIP()
 87 | 	fmt.Println(ip.String())
 88 | 
 89 | 	// create ephemeral path
 90 | 	flags := int32(zk.FlagEphemeral)
 91 | 	acl := zk.WorldACL(zk.PermAll)
 92 | 	clickhouseHostPort := fmt.Sprintf("%s:%v", ip, ClickHousePort)
 93 | 	zkNodePath := fmt.Sprintf("%s/%s", zkPath, clickhouseHostPort)
 94 | 	fmt.Println("create zk path for node: " + zkNodePath)
 95 | 	_, err = conn.Create(zkNodePath, []byte(clickhouseHostPort), flags, acl)
 96 | 	must(err)
 97 | 
 98 | 	// wait for termination
 99 | 	fmt.Println("waiting for termination")
100 | 	_, _, ech, err := conn.ExistsW(zkPath)
101 | 	must(err)
102 | 	evt := <-ech
103 | 	fmt.Println("closing coordinator")
104 | 	must(evt.Err)
105 | }
106 | 


--------------------------------------------------------------------------------
/cluster-coordinator/misc.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 | 	"fmt"
 5 | 	"io"
 6 | 	"os"
 7 | 	"strings"
 8 | )
 9 | 
10 | // RemoteServersTemplate provides template for cluster remote server
11 | const RemoteServersTemplate = `
12 | <yandex>
13 | 	<remote_servers incl="clickhouse_remote_servers" >
14 | 		<%s>
15 | 			%s
16 | 		</%s>
17 | 	</remote_servers>
18 | </yandex>
19 | `
20 | 
21 | // ShardTemplate templates for node
22 | const ShardTemplate = `
23 | 			<shard>
24 | 				<replica>
25 | 					<host>%s</host>
26 | 					<port>%s</port>
27 | 				</replica>
28 | 			</shard>
29 | `
30 | 
31 | // UpdateClusterConfig is blah
32 | func UpdateClusterConfig(nodePorts []string, clusterName string) string {
33 | 	fmt.Println("updating cluster config")
34 | 	shards := []string{}
35 | 	for _, nodePort := range nodePorts {
36 | 		parts := strings.Split(nodePort, ":")
37 | 		node, port := parts[0], parts[1]
38 | 		shard := fmt.Sprintf(ShardTemplate, node, port)
39 | 		shards = append(shards, shard)
40 | 	}
41 | 	return fmt.Sprintf(RemoteServersTemplate, clusterName, strings.Join(shards, ""), clusterName)
42 | }
43 | 
44 | // WriteStringToFile is
45 | func WriteStringToFile(filepath, s string) error {
46 | 	fo, err := os.Create(filepath)
47 | 	if err != nil {
48 | 		return err
49 | 	}
50 | 	defer fo.Close()
51 | 
52 | 	_, err = io.Copy(fo, strings.NewReader(s))
53 | 	if err != nil {
54 | 		return err
55 | 	}
56 | 
57 | 	return nil
58 | }
59 | 


--------------------------------------------------------------------------------
/cluster-coordinator/net.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 | 	"log"
 5 | 	"net"
 6 | )
 7 | 
 8 | // GetLocalIP returns local node/pod ip
 9 | func GetLocalIP() net.IP {
10 | 
11 | 	conn, err := net.Dial("udp", "8.8.8.8:80")
12 | 	if err != nil {
13 | 		log.Fatal(err)
14 | 		panic("cannot get local ip")
15 | 	}
16 | 	defer conn.Close()
17 | 
18 | 	localAddr := conn.LocalAddr().(*net.UDPAddr)
19 | 	return localAddr.IP
20 | }
21 | 


--------------------------------------------------------------------------------
/cluster-coordinator/zk.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 | 	"log"
 5 | 	"strings"
 6 | 	"time"
 7 | 
 8 | 	"github.com/samuel/go-zookeeper/zk"
 9 | )
10 | 
11 | func must(err error) {
12 | 	if err != nil {
13 | 		log.Fatal(err)
14 | 		panic(err)
15 | 	}
16 | }
17 | 
18 | func zkConnect() *zk.Conn {
19 | 	zksStr := "0.0.0.0"
20 | 	zks := strings.Split(zksStr, ",")
21 | 	conn, _, err := zk.Connect(zks, time.Second)
22 | 	must(err)
23 | 	return conn
24 | }
25 | 
26 | func zkMirror(conn *zk.Conn, path string) (chan []string, chan error) {
27 | 	snapshots := make(chan []string)
28 | 	errors := make(chan error)
29 | 	go func() {
30 | 		for {
31 | 			snapshot, _, events, err := conn.ChildrenW(path)
32 | 			if err != nil {
33 | 				errors <- err
34 | 				return
35 | 			}
36 | 
37 | 			// snaps pipe
38 | 			snapshots <- snapshot
39 | 
40 | 			// error pipe
41 | 			evt := <-events
42 | 			if evt.Err != nil {
43 | 				errors <- evt.Err
44 | 				return
45 | 			}
46 | 
47 | 			// rest
48 | 			time.Sleep(time.Second * 3)
49 | 		}
50 | 	}()
51 | 	return snapshots, errors
52 | }
53 | 


--------------------------------------------------------------------------------
/config/config.xml:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0"?>
  2 | <yandex>
  3 |     <logger>
  4 |         <!-- Possible levels: https://github.com/pocoproject/poco/blob/develop/Foundation/include/Poco/Logger.h#L105 -->
  5 |         <level>error</level>
  6 |         <log>/var/log/clickhouse-server/clickhouse-server.log</log>
  7 |         <errorlog>/var/log/clickhouse-server/clickhouse-server.err.log</errorlog>
  8 |         <size>100M</size>
  9 |         <count>10</count>
 10 |         <!-- <console>1</console> --> <!-- Default behavior is autodetection (log to console if not daemon mode and is tty) -->
 11 |     </logger>
 12 | 
 13 |     <http_port>8123</http_port>
 14 |     <tcp_port>9000</tcp_port>
 15 | 
 16 |     <!-- For HTTPS and SSL over native protocol. -->
 17 |     <!--
 18 |     <https_port>8443</https_port>
 19 |     <tcp_ssl_port>9440</tcp_ssl_port>
 20 |     -->
 21 | 
 22 |     <!-- Used with https_port and tcp_ssl_port. Full ssl options list: https://github.com/ClickHouse-Extras/poco/blob/master/NetSSL_OpenSSL/include/Poco/Net/SSLManager.h#L71 -->
 23 |     <openSSL>
 24 |         <server> <!-- Used for https server AND secure tcp port -->
 25 |             <!-- openssl req -subj "/CN=localhost" -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout /etc/clickhouse-server/server.key -out /etc/clickhouse-server/server.crt -->
 26 |             <certificateFile>/etc/clickhouse-server/server.crt</certificateFile>
 27 |             <privateKeyFile>/etc/clickhouse-server/server.key</privateKeyFile>
 28 |             <!-- openssl dhparam -out /etc/clickhouse-server/dhparam.pem 4096 -->
 29 |             <dhParamsFile>/etc/clickhouse-server/dhparam.pem</dhParamsFile>
 30 |             <verificationMode>none</verificationMode>
 31 |             <loadDefaultCAFile>true</loadDefaultCAFile>
 32 |             <cacheSessions>true</cacheSessions>
 33 |             <disableProtocols>sslv2,sslv3</disableProtocols>
 34 |             <preferServerCiphers>true</preferServerCiphers>
 35 |         </server>
 36 | 
 37 |         <client> <!-- Used for connecting to https dictionary source -->
 38 |             <loadDefaultCAFile>true</loadDefaultCAFile>
 39 |             <cacheSessions>true</cacheSessions>
 40 |             <disableProtocols>sslv2,sslv3</disableProtocols>
 41 |             <preferServerCiphers>true</preferServerCiphers>
 42 |             <!-- Use for self-signed: <verificationMode>none</verificationMode> -->
 43 |             <invalidCertificateHandler>
 44 |                 <!-- Use for self-signed: <name>AcceptCertificateHandler</name> -->
 45 |                 <name>RejectCertificateHandler</name>
 46 |             </invalidCertificateHandler>
 47 |         </client>
 48 |     </openSSL>
 49 | 
 50 |     <!-- Default root page on http[s] server. For example load UI from https://tabix.io/ when opening http://localhost:8123 -->
 51 |     <!--
 52 |     <http_server_default_response><![CDATA[<html ng-app="SMI2"><head><base href="http://ui.tabix.io/"></head><body><div ui-view="" class="content-ui"></div><script src="http://loader.tabix.io/master.js"></script></body></html>]]></http_server_default_response>
 53 |     -->
 54 | 
 55 |     <!-- Port for communication between replicas. Used for data exchange. -->
 56 |     <interserver_http_port>9009</interserver_http_port>
 57 | 
 58 |     <!-- Hostname that is used by other replicas to request this server.
 59 |          If not specified, than it is determined analoguous to 'hostname -f' command.
 60 |          This setting could be used to switch replication to another network interface.
 61 |       -->
 62 |     <!--
 63 |     <interserver_http_host>example.yandex.ru</interserver_http_host>
 64 |     -->
 65 | 
 66 |     <!-- Listen specified host. use :: (wildcard IPv6 address), if you want to accept connections both with IPv4 and IPv6 from everywhere. -->
 67 |     <!-- <listen_host>::</listen_host> -->
 68 |     <!-- Same for hosts with disabled ipv6: -->
 69 |     <!-- <listen_host>0.0.0.0</listen_host> -->
 70 | 
 71 |     <!-- Default values - try listen localhost on ipv4 and ipv6: -->
 72 |     <!--
 73 |     <listen_host>::1</listen_host>
 74 |     <listen_host>127.0.0.1</listen_host>
 75 |     -->
 76 |     <!-- Don't exit if ipv6 or ipv4 unavailable, but listen_host with this protocol specified -->
 77 |     <!-- <listen_try>0</listen_try> -->
 78 | 
 79 |     <max_connections>4096</max_connections>
 80 |     <keep_alive_timeout>3</keep_alive_timeout>
 81 | 
 82 |     <!-- Maximum number of concurrent queries. -->
 83 |     <max_concurrent_queries>100</max_concurrent_queries>
 84 | 
 85 |     <!-- Set limit on number of open files (default: maximum). This setting makes sense on Mac OS X because getrlimit() fails to retrieve
 86 |          correct maximum value. -->
 87 |     <!-- <max_open_files>262144</max_open_files> -->
 88 | 
 89 |     <!-- Size of cache of uncompressed blocks of data, used in tables of MergeTree family.
 90 |          In bytes. Cache is single for server. Memory is allocated only on demand.
 91 |          Cache is used when 'use_uncompressed_cache' user setting turned on (off by default).
 92 |          Uncompressed cache is advantageous only for very short queries and in rare cases.
 93 |       -->
 94 |     <uncompressed_cache_size>8589934592</uncompressed_cache_size>
 95 | 
 96 |     <!-- Approximate size of mark cache, used in tables of MergeTree family.
 97 |          In bytes. Cache is single for server. Memory is allocated only on demand.
 98 |          You should not lower this value.
 99 |       -->
100 |     <mark_cache_size>5368709120</mark_cache_size>
101 | 
102 | 
103 |     <!-- Path to data directory, with trailing slash. -->
104 |     <path>/clickhouse/data/</path>
105 | 
106 |     <!-- Path to temporary data for processing hard queries. -->
107 |     <tmp_path>/clickhouse/tmp/</tmp_path>
108 | 
109 |     <!-- Path to configuration file with users, access rights, profiles of settings, quotas. -->
110 |     <users_config>/etc/clickhouse-server/users.d/users.xml</users_config>
111 | 
112 |     <!-- Default profile of settings. -->
113 |     <default_profile>default</default_profile>
114 | 
115 |     <!-- System profile of settings. This settings are used by internal processes (Buffer storage, Distibuted DDL worker and so on). -->
116 |     <!-- <system_profile>default</system_profile> -->
117 | 
118 |     <!-- Default database. -->
119 |     <default_database>default</default_database>
120 | 
121 |     <!-- Server time zone could be set here.
122 | 
123 |          Time zone is used when converting between String and DateTime types,
124 |           when printing DateTime in text formats and parsing DateTime from text,
125 |           it is used in date and time related functions, if specific time zone was not passed as an argument.
126 | 
127 |          Time zone is specified as identifier from IANA time zone database, like UTC or Africa/Abidjan.
128 |          If not specified, system time zone at server startup is used.
129 | 
130 |          Please note, that server could display time zone alias instead of specified name.
131 |          Example: W-SU is an alias for Europe/Moscow and Zulu is an alias for UTC.
132 |     -->
133 |     <!-- <timezone>Europe/Moscow</timezone> -->
134 | 
135 |     <!-- You can specify umask here (see "man umask"). Server will apply it on startup.
136 |          Number is always parsed as octal. Default umask is 027 (other users cannot read logs, data files, etc; group can only read).
137 |     -->
138 |     <!-- <umask>022</umask> -->
139 | 
140 |     <!-- Configuration of clusters that could be used in Distributed tables.
141 |          https://clickhouse.yandex/docs/en/table_engines/distributed/
142 |       -->
143 |     <remote_servers incl="clickhouse_remote_servers" />
144 | 
145 |     <!-- If element has 'incl' attribute, then for it's value will be used corresponding substitution from another file.
146 |          By default, path to file with substitutions is /etc/metrika.xml. It could be changed in config in 'include_from' element.
147 |          Values for substitutions are specified in /yandex/name_of_substitution elements in that file.
148 |       -->
149 | 
150 |     <!-- ZooKeeper is used to store metadata about replicas, when using Replicated tables.
151 |          Optional. If you don't use replicated tables, you could omit that.
152 | 
153 |          See https://clickhouse.yandex/docs/en/table_engines/replication/
154 |       -->
155 |     <zookeeper incl="zookeeper-servers" optional="true" />
156 | 
157 |     <!-- Substitutions for parameters of replicated tables.
158 |           Optional. If you don't use replicated tables, you could omit that.
159 | 
160 |          See https://clickhouse.yandex/docs/en/table_engines/replication/#creating-replicated-tables
161 |       -->
162 |     <macros incl="macros" optional="true" />
163 | 
164 | 
165 |     <!-- Reloading interval for embedded dictionaries, in seconds. Default: 3600. -->
166 |     <builtin_dictionaries_reload_interval>3600</builtin_dictionaries_reload_interval>
167 | 
168 | 
169 |     <!-- Maximum session timeout, in seconds. Default: 3600. -->
170 |     <max_session_timeout>3600</max_session_timeout>
171 | 
172 |     <!-- Default session timeout, in seconds. Default: 60. -->
173 |     <default_session_timeout>60</default_session_timeout>
174 | 
175 |     <!-- Sending data to Graphite for monitoring. Several sections can be defined. -->
176 |     <!--
177 |         interval - send every X second
178 |         root_path - prefix for keys
179 |         hostname_in_path - append hostname to root_path (default = true)
180 |         metrics - send data from table system.metrics
181 |         events - send data from table system.events
182 |         asynchronous_metrics - send data from table system.asynchronous_metrics
183 |     -->
184 |     <!--
185 |     <graphite>
186 |         <host>localhost</host>
187 |         <port>42000</port>
188 |         <timeout>0.1</timeout>
189 |         <interval>60</interval>
190 |         <root_path>one_min</root_path>
191 |         <hostname_in_path>true<hostname_in_path>
192 | 
193 |         <metrics>true</metrics>
194 |         <events>true</events>
195 |         <asynchronous_metrics>true</asynchronous_metrics>
196 |     </graphite>
197 |     <graphite>
198 |         <host>localhost</host>
199 |         <port>42000</port>
200 |         <timeout>0.1</timeout>
201 |         <interval>1</interval>
202 |         <root_path>one_sec</root_path>
203 | 
204 |         <metrics>true</metrics>
205 |         <events>true</events>
206 |         <asynchronous_metrics>false</asynchronous_metrics>
207 |     </graphite>
208 |     -->
209 | 
210 | 
211 |     <!-- Query log. Used only for queries with setting log_queries = 1. -->
212 |     <query_log>
213 |         <!-- What table to insert data. If table is not exist, it will be created.
214 |              When query log structure is changed after system update,
215 |               then old table will be renamed and new table will be created automatically.
216 |         -->
217 |         <database>system</database>
218 |         <table>query_log</table>
219 |         <!--
220 |             PARTITION BY expr https://clickhouse.yandex/docs/en/table_engines/custom_partitioning_key/
221 |             Example:
222 |                 event_date
223 |                 toMonday(event_date)
224 |                 toYYYYMM(event_date)
225 |                 toStartOfHour(event_time)
226 |         -->
227 |         <partition_by>toYYYYMM(event_date)</partition_by>
228 |         <!-- Interval of flushing data. -->
229 |         <flush_interval_milliseconds>7500</flush_interval_milliseconds>
230 |     </query_log>
231 | 
232 | 
233 |     <!-- Uncomment if use part_log
234 |     <part_log>
235 |         <database>system</database>
236 |         <table>part_log</table>
237 | 
238 |         <flush_interval_milliseconds>7500</flush_interval_milliseconds>
239 |     </part_log>
240 |     -->
241 | 
242 | 
243 |     <!-- Parameters for embedded dictionaries, used in Yandex.Metrica.
244 |          See https://clickhouse.yandex/docs/en/dicts/internal_dicts/
245 |     -->
246 | 
247 |     <!-- Path to file with region hierarchy. -->
248 |     <!-- <path_to_regions_hierarchy_file>/opt/geo/regions_hierarchy.txt</path_to_regions_hierarchy_file> -->
249 | 
250 |     <!-- Path to directory with files containing names of regions -->
251 |     <!-- <path_to_regions_names_files>/opt/geo/</path_to_regions_names_files> -->
252 | 
253 | 
254 |     <!-- Configuration of external dictionaries. See:
255 |          https://clickhouse.yandex/docs/en/dicts/external_dicts/
256 |     -->
257 |     <dictionaries_config>*_dictionary.xml</dictionaries_config>
258 | 
259 |     <!-- Uncomment if you want data to be compressed 30-100% better.
260 |          Don't do that if you just started using ClickHouse.
261 |       -->
262 |     <compression incl="clickhouse_compression">
263 |     <!--
264 |         <!- - Set of variants. Checked in order. Last matching case wins. If nothing matches, lz4 will be used. - ->
265 |         <case>
266 | 
267 |             <!- - Conditions. All must be satisfied. Some conditions may be omitted. - ->
268 |             <min_part_size>10000000000</min_part_size>        <!- - Min part size in bytes. - ->
269 |             <min_part_size_ratio>0.01</min_part_size_ratio>   <!- - Min size of part relative to whole table size. - ->
270 | 
271 |             <!- - What compression method to use. - ->
272 |             <method>zstd</method>
273 |         </case>
274 |     -->
275 |     </compression>
276 | 
277 |     <!-- Allow to execute distributed DDL queries (CREATE, DROP, ALTER, RENAME) on cluster.
278 |          Works only if ZooKeeper is enabled. Comment it if such functionality isn't required. -->
279 |     <distributed_ddl incl="clickhouse_distributed_ddl">
280 |         <!-- Path in ZooKeeper to queue with DDL queries -->
281 |         <!--
282 |         <path>/clickhouse/task_queue/ddl</path>
283 |         -->
284 | 
285 |         <!-- Settings from this profile will be used to execute DDL queries -->
286 |         <!-- <profile>default</profile> -->
287 |     </distributed_ddl>
288 | 
289 |     <!-- Settings to fine tune MergeTree tables. See documentation in source code, in MergeTreeSettings.h -->
290 |     <!--
291 |     <merge_tree>
292 |         <max_suspicious_broken_parts>5</max_suspicious_broken_parts>
293 |     </merge_tree>
294 |     -->
295 | 
296 |     <!-- Protection from accidental DROP.
297 |          If size of a MergeTree table is greater than max_table_size_to_drop (in bytes) than table could not be dropped with any DROP query.
298 |          If you want do delete one table and don't want to restart clickhouse-server, you could create special file <clickhouse-path>/flags/force_drop_table and make DROP once.
299 |          By default max_table_size_to_drop is 50GB, max_table_size_to_drop=0 allows to DROP any tables.
300 |          Uncomment to disable protection.
301 |     -->
302 |     <!-- <max_table_size_to_drop>0</max_table_size_to_drop> -->
303 | 
304 |     <!-- Example of parameters for GraphiteMergeTree table engine -->
305 |     <graphite_rollup_example>
306 |         <pattern>
307 |             <regexp>click_cost</regexp>
308 |             <function>any</function>
309 |             <retention>
310 |                 <age>0</age>
311 |                 <precision>3600</precision>
312 |             </retention>
313 |             <retention>
314 |                 <age>86400</age>
315 |                 <precision>60</precision>
316 |             </retention>
317 |         </pattern>
318 |         <default>
319 |             <function>max</function>
320 |             <retention>
321 |                 <age>0</age>
322 |                 <precision>60</precision>
323 |             </retention>
324 |             <retention>
325 |                 <age>3600</age>
326 |                 <precision>300</precision>
327 |             </retention>
328 |             <retention>
329 |                 <age>86400</age>
330 |                 <precision>3600</precision>
331 |             </retention>
332 |         </default>
333 |     </graphite_rollup_example>
334 | 
335 |     <!-- Directory in <clickhouse-path> containing schema files for various input formats.
336 |          The directory will be created if it doesn't exist.
337 |       -->
338 |     <format_schema_path>/var/lib/clickhouse/format_schemas/</format_schema_path>
339 | </yandex>
340 | 


--------------------------------------------------------------------------------
/config/docker_related_config.xml:
--------------------------------------------------------------------------------
 1 | <yandex>
 2 |      <!-- Listen wildcard address to allow accepting connections from other containers and host network. -->
 3 |     <listen_host>0.0.0.0</listen_host>
 4 |     <listen_host>::</listen_host>
 5 |     <listen_try>1</listen_try>
 6 | 
 7 |     <!--
 8 |     <logger>
 9 |         <console>1</console>
10 |     </logger>
11 |     -->
12 | </yandex>
13 | 


--------------------------------------------------------------------------------
/config/users.xml:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0"?>
  2 | <yandex>
  3 |     <!-- Profiles of settings. -->
  4 |     <profiles>
  5 |         <!-- Default settings. -->
  6 |         <default>
  7 |             <!-- Maximum memory usage for processing single query, in bytes. -->
  8 |             <max_memory_usage>10000000000</max_memory_usage>
  9 | 
 10 |             <!-- Use cache of uncompressed blocks of data. Meaningful only for processing many of very short queries. -->
 11 |             <use_uncompressed_cache>0</use_uncompressed_cache>
 12 | 
 13 |             <!-- How to choose between replicas during distributed query processing.
 14 |                  random - choose random replica from set of replicas with minimum number of errors
 15 |                  nearest_hostname - from set of replicas with minimum number of errors, choose replica
 16 |                   with minumum number of different symbols between replica's hostname and local hostname
 17 |                   (Hamming distance).
 18 |                  in_order - first live replica is choosen in specified order.
 19 |             -->
 20 |             <load_balancing>random</load_balancing>
 21 |         </default>
 22 | 
 23 |         <!-- Profile that allows only read queries. -->
 24 |         <readonly>
 25 |             <readonly>1</readonly>
 26 |         </readonly>
 27 |     </profiles>
 28 | 
 29 |     <!-- Users and ACL. -->
 30 |     <users>
 31 |         <!-- If user name was not specified, 'default' user is used. -->
 32 |         <default>
 33 |             <!-- Password could be specified in plaintext or in SHA256 (in hex format).
 34 | 
 35 |                  If you want to specify password in plaintext (not recommended), place it in 'password' element.
 36 |                  Example: <password>qwerty</password>.
 37 |                  Password could be empty.
 38 | 
 39 |                  If you want to specify SHA256, place it in 'password_sha256_hex' element.
 40 |                  Example: <password_sha256_hex>65e84be33532fb784c48129675f9eff3a682b27168c0ea744b2cf58ee02337c5</password_sha256_hex>
 41 | 
 42 |                  How to generate decent password:
 43 |                  Execute: PASSWORD=$(base64 < /dev/urandom | head -c8); echo "$PASSWORD"; echo -n "$PASSWORD" | sha256sum | tr -d '-'
 44 |                  In first line will be password and in second - corresponding SHA256.
 45 |             -->
 46 |             <password></password>
 47 | 
 48 |             <!-- List of networks with open access.
 49 | 
 50 |                  To open access from everywhere, specify:
 51 |                     <ip>::/0</ip>
 52 | 
 53 |                  To open access only from localhost, specify:
 54 |                     <ip>::1</ip>
 55 |                     <ip>127.0.0.1</ip>
 56 | 
 57 |                  Each element of list has one of the following forms:
 58 |                  <ip> IP-address or network mask. Examples: 213.180.204.3 or 10.0.0.1/8 or 2a02:6b8::3 or 2a02:6b8::3/64.
 59 |                  <host> Hostname. Example: server01.yandex.ru.
 60 |                      To check access, DNS query is performed, and all received addresses compared to peer address.
 61 |                  <host_regexp> Regular expression for host names. Example, ^server\d\d-\d\d-\d\.yandex\.ru$
 62 |                      To check access, DNS PTR query is performed for peer address and then regexp is applied.
 63 |                      Then, for result of PTR query, another DNS query is performed and all received addresses compared to peer address.
 64 |                      Strongly recommended that regexp is ends with $
 65 |                  All results of DNS requests are cached till server restart.
 66 |             -->
 67 |             <networks incl="networks" replace="replace">
 68 |                 <ip>::/0</ip>
 69 |             </networks>
 70 | 
 71 |             <!-- Settings profile for user. -->
 72 |             <profile>default</profile>
 73 | 
 74 |             <!-- Quota for user. -->
 75 |             <quota>default</quota>
 76 |         </default>
 77 | 
 78 |         <!-- Example of user with readonly access. -->
 79 |         <readonly>
 80 |             <password></password>
 81 |             <networks incl="networks" replace="replace">
 82 |                 <ip>::1</ip>
 83 |                 <ip>127.0.0.1</ip>
 84 |             </networks>
 85 |             <profile>readonly</profile>
 86 |             <quota>default</quota>
 87 |         </readonly>
 88 |     </users>
 89 | 
 90 |     <!-- Quotas. -->
 91 |     <quotas>
 92 |         <!-- Name of quota. -->
 93 |         <default>
 94 |             <!-- Limits for time interval. You could specify many intervals with different limits. -->
 95 |             <interval>
 96 |                 <!-- Length of interval. -->
 97 |                 <duration>3600</duration>
 98 | 
 99 |                 <!-- No limits. Just calculate resource usage for time interval. -->
100 |                 <queries>0</queries>
101 |                 <errors>0</errors>
102 |                 <result_rows>0</result_rows>
103 |                 <read_rows>0</read_rows>
104 |                 <execution_time>0</execution_time>
105 |             </interval>
106 |         </default>
107 |     </quotas>
108 | </yandex>
109 | 


--------------------------------------------------------------------------------
/helm/clickhouse-on-kube/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | 


--------------------------------------------------------------------------------
/helm/clickhouse-on-kube/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | appVersion: "1.0"
3 | description: A Helm chart for Kubernetes
4 | name: clickhouse-on-kube
5 | version: 0.1.0
6 | 


--------------------------------------------------------------------------------
/helm/clickhouse-on-kube/Makefile:
--------------------------------------------------------------------------------
 1 | 
 2 | helm-dry:
 3 | 	helm install --name clickhouse-test --namespace=playground --debug --dry-run .
 4 | 
 5 | helm-lint:
 6 | 	helm lint .
 7 | 
 8 | helm-install-test:
 9 | 	helm install --name clickhouse-test --namespace=playground .
10 | 
11 | helm-install-stg:
12 | 	helm install --name clickhouse-stg \
13 | 	    --namespace=clickhouse \
14 | 	    --set replicaCount=5 \
15 | 	    --set ebs.size=500Gi \
16 | 	    --set security.enabled=true \
17 | 	    --set resources.limits.cpu=3800m \
18 | 	    --set resources.limits.memory=28000Mi \
19 | 	    --set resources.requests.cpu=3800m \
20 | 	    --set resources.requests.memory=28000Mi \
21 | 	    .
22 | 
23 | helm-del:
24 | 	helm del --purge clickhouse-test
25 | 
26 | kube-get:
27 | 	kubectl -n playground get deployment,pod,svc,ingress
28 | 


--------------------------------------------------------------------------------
/helm/clickhouse-on-kube/templates/NOTES.txt:
--------------------------------------------------------------------------------
 1 | 1. Get the application URL by running these commands:
 2 | {{- if .Values.ingress.enabled }}
 3 | {{- range .Values.ingress.hosts }}
 4 |   http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }}
 5 | {{- end }}
 6 | {{- else if contains "NodePort" .Values.service.type }}
 7 |   export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "clickhouse-on-kube.fullname" . }})
 8 |   export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
 9 |   echo http://$NODE_IP:$NODE_PORT
10 | {{- else if contains "LoadBalancer" .Values.service.type }}
11 |      NOTE: It may take a few minutes for the LoadBalancer IP to be available.
12 |            You can watch the status of by running 'kubectl get svc -w {{ template "clickhouse-on-kube.fullname" . }}'
13 |   export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "clickhouse-on-kube.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
14 |   echo http://$SERVICE_IP:{{ .Values.service.port }}
15 | {{- else if contains "ClusterIP" .Values.service.type }}
16 |   export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "clickhouse-on-kube.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
17 |   echo "Visit http://127.0.0.1:8080 to use your application"
18 |   kubectl port-forward $POD_NAME 8080:80
19 | {{- end }}
20 | 


--------------------------------------------------------------------------------
/helm/clickhouse-on-kube/templates/_helpers.tpl:
--------------------------------------------------------------------------------
 1 | {{/* vim: set filetype=mustache: */}}
 2 | {{/*
 3 | Expand the name of the chart.
 4 | */}}
 5 | {{- define "clickhouse-on-kube.name" -}}
 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 7 | {{- end -}}
 8 | 
 9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "clickhouse-on-kube.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 | 
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "clickhouse-on-kube.chart" -}}
31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 | 


--------------------------------------------------------------------------------
/helm/clickhouse-on-kube/templates/configmap_configd.yaml:
--------------------------------------------------------------------------------
 1 | # This is a simple example of using a config map to create a single page static site.
 2 | apiVersion: v1
 3 | kind: ConfigMap
 4 | metadata:
 5 |   name: {{ .Release.Name }}-configd
 6 |   labels:
 7 |     app: {{ .Release.Name }}-configd
 8 |     chart: {{ template "clickhouse-on-kube.chart" . }}
 9 |     release: {{ .Release.Name }}
10 |     heritage: {{ .Release.Service }}
11 | data:
12 |   clickhouse_remote_servers.xml: |-
13 |     <yandex>
14 |         <remote_servers incl="clickhouse_remote_servers" >        
15 |         <default_cluster>
16 |             {{range $i, $e := until (atoi (printf "%d" (int64 .Values.replicaCount))) }}
17 |               <shard>
18 |                 <replica>
19 |                     <host>{{ $.Release.Name }}-{{$i}}</host>
20 |                     <port>{{ $.Values.service.rpc_port }}</port>
21 |                     {{ if $.Values.security.enabled }}
22 |                     <user>{{ $.Values.security.distributed.user }}</user>
23 |                     <password>{{ $.Values.security.distributed.password }}</password>
24 |                     {{ end }}
25 |                 </replica>
26 |               </shard>
27 |             {{end}}
28 |         </default_cluster>
29 |         </remote_servers>
30 |     </yandex>
31 |   docker_related_config.xml: |-
32 |     <yandex>
33 |         <listen_host>0.0.0.0</listen_host>
34 |         <listen_host>::</listen_host>
35 |         <listen_try>1</listen_try>
36 |         <!--
37 |         <logger>
38 |             <console>1</console>
39 |         </logger>
40 |         -->
41 |     </yandex>
42 | {{ if .Values.zk.enabled }}      
43 |   zookeeper-servers.xml: |-
44 |     <yandex>
45 |         <zookeeper incl="zookeeper-servers">
46 |             {{- range $index, $zk := .Values.zk.servers }}
47 |             <node index="1">
48 |                 <host>{{ $zk }}</host>
49 |                 <port>{{ $.Values.zk.port }}</port>
50 |             </node>
51 |             {{- end }}        
52 |         </zookeeper>
53 | 
54 |         <!-- Allow to execute distributed DDL queries (CREATE, DROP, ALTER, RENAME) on cluster.
55 |         Works only if ZooKeeper is enabled. Comment it if such functionality isn't required. -->        
56 |         <distributed_ddl incl="clickhouse_distributed_ddl">
57 |             <!-- Path in ZooKeeper to queue with DDL queries -->
58 |             <path>/{{ .Release.Name }}/task_queue/ddl</path>
59 | 
60 |             <!-- Settings from this profile will be used to execute DDL queries -->
61 |             <!-- <profile>default</profile> -->
62 |         </distributed_ddl>
63 |     </yandex>
64 | {{ end }}
65 | 


--------------------------------------------------------------------------------
/helm/clickhouse-on-kube/templates/configmap_usersd.yaml:
--------------------------------------------------------------------------------
  1 | {{- if .Values.security.enabled -}}
  2 | # This is a simple example of using a config map to create a single page static site.
  3 | apiVersion: v1
  4 | kind: ConfigMap
  5 | metadata:
  6 |   name: {{ .Release.Name }}-usersd 
  7 |   labels:
  8 |     app: {{ .Release.Name }}-usersd
  9 |     chart: {{ template "clickhouse-on-kube.chart" . }}
 10 |     release: {{ .Release.Name }}
 11 |     heritage: {{ .Release.Service }}
 12 | data:
 13 |   users.xml: |-
 14 |     <yandex>
 15 |         <!-- Profiles-->
 16 |         <profiles>
 17 |             {{- range .Values.security.profiles }}
 18 |             <{{ .name }}>
 19 |                 <!-- Maximum memory usage for processing single query, in bytes. -->
 20 |                 <max_memory_usage>{{ int64 .max_memory_usage | default 10000000000 }}</max_memory_usage>
 21 | 
 22 |                 <!-- Use cache of uncompressed blocks of data. Meaningful only for processing many of very short queries. -->
 23 |                 <use_uncompressed_cache>{{ int64 .use_uncompressed_cache | default 0 }}</use_uncompressed_cache>
 24 | 
 25 |                 <load_balancing>{{ .load_balancing | default "random" }}</load_balancing>
 26 |             </{{ .name }}>
 27 |             {{- end }}
 28 | 
 29 |             <!-- readonly profile -->
 30 |             <readonly>
 31 |                 <readonly>1</readonly>
 32 |             </readonly>
 33 |         </profiles>
 34 | 
 35 |         <!-- Quotas -->
 36 |         <quotas>
 37 |             {{- range .Values.security.quotas }}
 38 |             <{{ .name }}>
 39 |                 <!-- Limits for time interval. You could specify many intervals with different limits. -->
 40 |                 <interval>
 41 |                     <!-- Length of interval. -->
 42 |                     <duration>{{ int64 .duration | default 3600 }}</duration>
 43 | 
 44 |                     <!-- No limits. Just calculate resource usage for time interval. -->
 45 |                     <queries>{{ int64 .queries | default 0 }}</queries>
 46 |                     <errors>{{ int64 .errors | default 0 }}</errors>
 47 |                     <result_rows>{{ int64 .result_rows | default 0 }}</result_rows>
 48 |                     <read_rows>{{ int64 .read_rows | default 0 }}</read_rows>
 49 |                     <execution_time>{{ int64 .execution_time | default 0 }}</execution_time>
 50 |                 </interval>
 51 |             </{{ .name }}>
 52 |             {{- end }}
 53 |         </quotas>
 54 | 
 55 |         <!-- Users --> 
 56 |         <users>
 57 |             {{- range .Values.security.users }}
 58 |             <{{ .name }}>
 59 |                 <password>{{ .password }}</password>
 60 |             
 61 |                 <networks incl="networks" replace="replace">
 62 |                     <ip>::/0</ip>
 63 |                 </networks>
 64 | 
 65 |                 <!-- Settings profile for user. -->
 66 |                 <profile>{{ .profile | default "default" }}</profile>
 67 | 
 68 |                 <!-- Quota for user. -->
 69 |                 <quota>{{ .quota | default "default" }}</quota>
 70 |             </{{ .name }}>
 71 |             {{- end }}
 72 |             
 73 |             <!-- User for distributed queries -->
 74 |             <{{ .Values.security.distributed.user }}>
 75 |                 <password>{{ .Values.security.distributed.password }}</password>
 76 | 
 77 |                 <networks incl="networks" replace="replace">
 78 |                     <ip>::/0</ip>
 79 |                 </networks>
 80 | 
 81 |                 <!-- Settings profile for user. -->
 82 |                 <profile>{{ .Values.security.distributed.profile | default "default" }}</profile>
 83 | 
 84 |                 <!-- Quota for user. -->
 85 |                 <quota>{{ .Values.security.distributed.quota | default "default" }}</quota>
 86 |             </{{ .Values.security.distributed.user }}>
 87 | 
 88 |             <readonly>
 89 |                 <password></password>
 90 |                 <networks incl="networks" replace="replace">
 91 |                     <ip>::1</ip>
 92 |                     <ip>127.0.0.1</ip>
 93 |                 </networks>
 94 |                 <profile>readonly</profile>
 95 |                 <quota>default</quota>
 96 |             </readonly>
 97 |         </users>
 98 |     </yandex>
 99 | {{- end }}
100 | 


--------------------------------------------------------------------------------
/helm/clickhouse-on-kube/templates/ingress.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.ingress.enabled -}}
 2 | {{- $fullName := .Release.Name -}}
 3 | {{- $servicePort := .Values.service.port -}}
 4 | {{- $ingressPath := .Values.ingress.path -}}
 5 | apiVersion: extensions/v1beta1
 6 | kind: Ingress
 7 | metadata:
 8 |   name: {{ $fullName }}
 9 |   labels:
10 |     app: {{ $fullName }}
11 |     chart: {{ template "clickhouse-on-kube.chart" . }}
12 |     release: {{ .Release.Name }}
13 |     heritage: {{ .Release.Service }}
14 | {{- with .Values.ingress.annotations }}
15 |   annotations:
16 | {{ toYaml . | indent 4 }}
17 | {{- end }}
18 | spec:
19 | {{- if .Values.ingress.tls }}
20 |   tls:
21 |   {{- range .Values.ingress.tls }}
22 |     - hosts:
23 |       {{- range .hosts }}
24 |         - {{ . }}
25 |       {{- end }}
26 |       secretName: {{ .secretName }}
27 |   {{- end }}
28 | {{- end }}
29 |   rules:
30 |   {{- range .Values.ingress.hosts }}
31 |     - host: {{ . }}
32 |       http:
33 |         paths:
34 |           - path: {{ $ingressPath }}
35 |             backend:
36 |               serviceName: {{ $fullName }}
37 |               servicePort: http
38 |   {{- end }}
39 | {{- end }}
40 | 


--------------------------------------------------------------------------------
/helm/clickhouse-on-kube/templates/roles.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac -}}
 2 | apiVersion: rbac.authorization.k8s.io/v1beta1
 3 | kind: Role
 4 | metadata:  
 5 |   name: patch-pod
 6 |   namespace: {{ .Release.Namespace }}
 7 | rules:
 8 | - apiGroups:
 9 |   - '*'
10 |   resources:
11 |   - pods
12 |   verbs:
13 |   - patch
14 | ---
15 | apiVersion: rbac.authorization.k8s.io/v1beta1
16 | kind: RoleBinding
17 | metadata:  
18 |   name: default:patch-pod
19 |   namespace: {{ .Release.Namespace }}
20 | roleRef:
21 |   apiGroup: rbac.authorization.k8s.io
22 |   kind: Role
23 |   name: patch-pod
24 | subjects:
25 | - kind: ServiceAccount
26 |   name: default
27 |   namespace: {{ .Release.Namespace }}
28 | {{- end }}


--------------------------------------------------------------------------------
/helm/clickhouse-on-kube/templates/service.yaml:
--------------------------------------------------------------------------------
 1 | {{range $i, $e := until (atoi (printf "%d" (int64 .Values.replicaCount))) }}
 2 | apiVersion: v1
 3 | kind: Service
 4 | metadata:
 5 |   name: {{ $.Release.Name }}-{{$i}}
 6 |   labels:
 7 |     app: {{ template "clickhouse-on-kube.name" $ }}
 8 |     chart: {{ template "clickhouse-on-kube.chart" $ }}
 9 |     release: {{ $.Release.Name }}
10 |     heritage: {{ $.Release.Service }}
11 | spec:
12 |   type: {{ $.Values.service.type }}
13 |   ports:
14 |   - name: rpc
15 |     port: {{ $.Values.service.rpc_port }}
16 |     targetPort: {{ $.Values.service.rpc_port }}
17 |     protocol: TCP      
18 |   - name: rest
19 |     port: {{ $.Values.service.rest_port }}
20 |     targetPort: {{ $.Values.service.rest_port }}
21 |     protocol: TCP      
22 |   - name: interserver
23 |     port: 9009
24 |     targetPort: 9009
25 |     protocol: TCP
26 |   selector:
27 |     app: {{ $.Release.Name }}
28 |     shard_name: {{ $.Release.Name }}-{{$i}}
29 |     release: {{ $.Release.Name }}
30 | ---
31 | {{end}}
32 | # --- elb ---
33 | {{- if .Values.elb.enabled -}}
34 | apiVersion: v1
35 | kind: Service
36 | metadata:
37 |   name: {{ .Release.Name }}  
38 |   labels:
39 |     app: {{ .Release.Name }}
40 |     chart: {{ template "clickhouse-on-kube.chart" . }}
41 |     release: {{ .Release.Name }}
42 |     heritage: {{ .Release.Service }}
43 |   annotations:
44 |     service.beta.kubernetes.io/aws-load-balancer-internal: {{ .Values.elb.internal_range }}
45 | spec:  
46 |   externalTrafficPolicy: Cluster
47 |   ports:
48 |   - name: rpc
49 |     port: {{ $.Values.service.rpc_port }}
50 |     targetPort: {{ $.Values.service.rpc_port }}
51 |     protocol: TCP      
52 |   - name: rest
53 |     port: {{ $.Values.service.rest_port }}
54 |     targetPort: {{ $.Values.service.rest_port }}
55 |     protocol: TCP      
56 |   selector:
57 |     app: {{ .Release.Name }}  
58 |   sessionAffinity: None
59 |   type: LoadBalancer
60 |   {{- end }}
61 | 


--------------------------------------------------------------------------------
/helm/clickhouse-on-kube/templates/statefulset.yaml:
--------------------------------------------------------------------------------
  1 | apiVersion: apps/v1beta1
  2 | kind: StatefulSet
  3 | metadata:
  4 |   name: {{ .Release.Name }}  
  5 |   labels:
  6 |     app: {{ .Release.Name }}
  7 |     chart: {{ template "clickhouse-on-kube.chart" . }}
  8 |     release: {{ .Release.Name }}
  9 |     heritage: {{ .Release.Service }}
 10 | spec:
 11 |   podManagementPolicy: OrderedReady
 12 |   replicas: {{ .Values.replicaCount }}
 13 |   selector:
 14 |     matchLabels:
 15 |       app: {{ .Release.Name }}
 16 |       release: {{ .Release.Name }}
 17 |   serviceName: {{ .Release.Name }}
 18 |   template:
 19 |     metadata:
 20 |       labels:
 21 |         app: {{ .Release.Name }}
 22 |         release: {{ .Release.Name }}
 23 |     spec:      
 24 |       initContainers:
 25 |       - name: labeler
 26 |         image: devth/k8s-labeler
 27 |         env:
 28 |         - name: KUBE_NAMESPACE
 29 |           valueFrom:
 30 |             fieldRef:
 31 |               fieldPath: metadata.namespace
 32 |         - name: KUBE_LABEL_shard_name
 33 |           valueFrom:
 34 |             fieldRef:
 35 |               fieldPath: metadata.name
 36 |       containers:
 37 |         - name: {{ .Release.Name }}
 38 |           image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
 39 |           imagePullPolicy: {{ .Values.image.pullPolicy }}          
 40 |           ports:
 41 |           - name: rpc
 42 |             containerPort: {{ .Values.service.rpc_port }}
 43 |             protocol: TCP
 44 |           - name: rest
 45 |             containerPort: {{ .Values.service.rest_port }}
 46 |             protocol: TCP          
 47 |           - name: interserver
 48 |             containerPort: 9009
 49 |             protocol: TCP
 50 |           livenessProbe:
 51 |             httpGet:
 52 |               path: /
 53 |               port: rest
 54 |             initialDelaySeconds: 10
 55 |             periodSeconds: 10
 56 |             failureThreshold: 5
 57 |             timeoutSeconds: 1
 58 |           readinessProbe:
 59 |             httpGet:
 60 |               path: /
 61 |               port: rest
 62 |             initialDelaySeconds: 10
 63 |             periodSeconds: 10
 64 |             failureThreshold: 5
 65 |             timeoutSeconds: 1
 66 |           volumeMounts:
 67 |           - name: clickhouse-configd
 68 |             mountPath: /etc/clickhouse-server/config.d
 69 |           {{ if .Values.security.enabled }}
 70 |           - name: clickhouse-usersd
 71 |             mountPath: /etc/clickhouse-server/users.d
 72 |           {{ end }}
 73 |           {{ if .Values.ebs.enabled }}
 74 |           - name: clickhouse-data
 75 |             mountPath: /clickhouse
 76 |           {{ end }}
 77 |           resources:
 78 | {{ toYaml .Values.resources | indent 12 }}
 79 |       volumes:
 80 |       - name: clickhouse-configd
 81 |         configMap:
 82 |           name: {{ .Release.Name }}-configd
 83 |       {{ if .Values.security.enabled }}
 84 |       - name: clickhouse-usersd
 85 |         configMap:
 86 |           name: {{ .Release.Name }}-usersd
 87 |       {{ end }}
 88 |       {{ if .Values.image.imagePullSecrets }}
 89 |       imagePullSecrets:
 90 |       - name: {{ .Values.image.imagePullSecrets }}
 91 |       {{ end }}
 92 |     {{- with .Values.nodeSelector }}
 93 |       nodeSelector:
 94 | {{ toYaml . | indent 8 }}
 95 |     {{- end }}      
 96 |     {{- with .Values.affinity }}
 97 |       affinity:
 98 | {{ toYaml . | indent 8 }}
 99 |     {{- end }}
100 |     {{- with .Values.tolerations }}
101 |       tolerations:
102 | {{ toYaml . | indent 8 }}
103 |     {{- end }}  
104 | 
105 | {{ if .Values.ebs.enabled }}
106 |   volumeClaimTemplates:
107 |   - metadata:
108 |       name: clickhouse-data
109 |     spec:
110 |       accessModes:
111 |       - ReadWriteOnce
112 |       resources:
113 |         requests:
114 |           storage: {{ .Values.ebs.size }}
115 | {{ end }}
116 | 


--------------------------------------------------------------------------------
/helm/clickhouse-on-kube/values.yaml:
--------------------------------------------------------------------------------
  1 | # Default values for clickhouse-on-kube.
  2 | # This is a YAML-formatted file.
  3 | # Declare variables to be passed into your templates.
  4 | 
  5 | # number of nodes / shards
  6 | replicaCount: 1
  7 | 
  8 | image:
  9 |   repository: dmitryb/clickhouse-server
 10 |   tag: latest
 11 |   pullPolicy: Always
 12 |   # imagePullSecrets: grabdsbot
 13 | 
 14 | # grant pods/patch to default sa
 15 | rbac: true
 16 | 
 17 | service:
 18 |   type: ClusterIP
 19 |   rpc_port: 9000
 20 |   rest_port: 8123
 21 | 
 22 | ebs:
 23 |   # use aws ebs
 24 |   enabled: true
 25 |   size: 8Gi
 26 | 
 27 | elb:
 28 |   # use frontend elb
 29 |   enabled: true
 30 |   internal_range: 10.59.0.0/16,10.10.0.0/16
 31 | 
 32 | zk:
 33 |   enabled: true
 34 |   port: 2181
 35 |   servers:
 36 |   - zk-zookeeper.zk
 37 | 
 38 | security:
 39 |   enabled: true
 40 | 
 41 |   profiles:
 42 |   - name: default
 43 |     max_memory_usage: 10000000000
 44 |     use_uncompressed_cache: 0
 45 |     load_balancing: random
 46 | 
 47 |   quotas:
 48 |   - name: default
 49 |     duration: 3600
 50 |     queries: 0
 51 |     errors: 0
 52 |     result_rows: 0
 53 |     read_rows: 0 
 54 |     execution_time: 0
 55 | 
 56 |   users:
 57 |   - name: user_1
 58 |     password: djfgyeugf3484rf4
 59 |     profile: default
 60 |     quota: default
 61 |   - name: svc
 62 |     password: sdkfh1kjdshfkjj3
 63 |     profile: default
 64 |     quota: default
 65 | 
 66 |   # is used for running distributed queries (system)  
 67 |   distributed:
 68 |     user: sys_distrib_query
 69 |     password: iudhc87wfy87hrevh
 70 |     profile: default
 71 |     quota: default
 72 | 
 73 | ingress:
 74 |   # use ingress
 75 |   enabled: false
 76 |   annotations: {}
 77 |     # kubernetes.io/ingress.class: nginx
 78 |     # kubernetes.io/tls-acme: "true"
 79 |   path: /
 80 |   hosts:
 81 |     - chart-example.local
 82 |   tls: []
 83 |   #  - secretName: chart-example-tls
 84 |   #    hosts:
 85 |   #      - chart-example.local
 86 | 
 87 | resources:  
 88 |   limits:
 89 |    cpu: 250m
 90 |    memory: 1024Mi
 91 |   requests:
 92 |    cpu: 250m
 93 |    memory: 1024Mi
 94 | 
 95 | nodeSelector:
 96 |   # use nodes with label
 97 |   type: services
 98 | 
 99 | tolerations: []
100 | 
101 | affinity: {}
102 | 


--------------------------------------------------------------------------------