summaryrefslogtreecommitdiff
path: root/PCAP-PIC/clickhouse/clickhouse-server/users.xml
diff options
context:
space:
mode:
Diffstat (limited to 'PCAP-PIC/clickhouse/clickhouse-server/users.xml')
-rw-r--r--PCAP-PIC/clickhouse/clickhouse-server/users.xml214
1 files changed, 214 insertions, 0 deletions
diff --git a/PCAP-PIC/clickhouse/clickhouse-server/users.xml b/PCAP-PIC/clickhouse/clickhouse-server/users.xml
new file mode 100644
index 0000000..990135b
--- /dev/null
+++ b/PCAP-PIC/clickhouse/clickhouse-server/users.xml
@@ -0,0 +1,214 @@
+<?xml version="1.0"?>
+<yandex>
+ <!-- Profiles of settings. -->
+ <profiles>
+ <!-- Default settings. -->
+ <default>
+ <!-- Maximum memory usage for processing single query, in bytes. -->
+ <max_memory_usage>150000000000</max_memory_usage>
+ <!-- <max_memory_usage_for_all_queries>200000000000</max_memory_usage_for_all_queries> -->
+ <default_database_engine>Ordinary</default_database_engine>
+ <optimize_on_insert>0</optimize_on_insert>
+ <async_socket_for_remote>0</async_socket_for_remote>
+ <distributed_ddl_task_timeout>0</distributed_ddl_task_timeout>
+ <max_bytes_before_external_group_by>75000000000</max_bytes_before_external_group_by>
+ <distributed_aggregation_memory_efficient>1</distributed_aggregation_memory_efficient>
+ <distributed_product_mode>local</distributed_product_mode>
+ <log_queries>1</log_queries>
+ <cancel_http_readonly_queries_on_client_close>1</cancel_http_readonly_queries_on_client_close>
+ <background_pool_size>16</background_pool_size>
+ <!-- <enable_http_compression>1</enable_http_compression>-->
+ <replication_alter_columns_timeout>60</replication_alter_columns_timeout>
+ <skip_unavailable_shards>1</skip_unavailable_shards>
+ <max_execution_time>21600</max_execution_time>
+ <!-- Use cache of uncompressed blocks of data. Meaningful only for processing many of very short queries. -->
+ <use_uncompressed_cache>1</use_uncompressed_cache>
+ <replace_running_query>1</replace_running_query>
+ <http_receive_timeout>21600</http_receive_timeout>
+ <http_send_timeout>21600</http_send_timeout>
+ <receive_timeout>21600</receive_timeout>
+ <send_timeout>21600</send_timeout>
+ <count_distinct_implementation>uniqCombined</count_distinct_implementation>
+ <!-- How to choose between replicas during distributed query processing.
+ random - choose random replica from set of replicas with minimum number of errors
+ nearest_hostname - from set of replicas with minimum number of errors, choose replica
+ with minumum number of different symbols between replica's hostname and local hostname
+ (Hamming distance).
+ in_order - first live replica is choosen in specified order.
+ -->
+ <max_rows_to_group_by>10000000</max_rows_to_group_by>
+ <group_by_overflow_mode>any</group_by_overflow_mode>
+ <timeout_before_checking_execution_speed>3600</timeout_before_checking_execution_speed>
+ <load_balancing>in_order</load_balancing>
+ </default>
+
+ <!-- Profile that allows only read queries. -->
+ <readonly>
+ <max_memory_usage>150000000000</max_memory_usage>
+ <!-- <max_memory_usage_for_all_queries>200000000000</max_memory_usage_for_all_queries> -->
+ <default_database_engine>Ordinary</default_database_engine>
+ <optimize_on_insert>0</optimize_on_insert>
+ <async_socket_for_remote>0</async_socket_for_remote>
+ <distributed_ddl_task_timeout>0</distributed_ddl_task_timeout>
+ <distributed_product_mode>local</distributed_product_mode>
+ <http_receive_timeout>600</http_receive_timeout>
+ <http_send_timeout>600</http_send_timeout>
+ <receive_timeout>600</receive_timeout>
+ <send_timeout>600</send_timeout>
+ <log_queries>1</log_queries>
+ <cancel_http_readonly_queries_on_client_close>1</cancel_http_readonly_queries_on_client_close>
+ <background_pool_size>16</background_pool_size>
+ <!-- http压缩 不影响http请求,只影响使用chproxy的客户端-->
+ <enable_http_compression>1</enable_http_compression>
+ <replace_running_query>1</replace_running_query>
+ <replication_alter_columns_timeout>60</replication_alter_columns_timeout>
+ <skip_unavailable_shards>1</skip_unavailable_shards>
+ <max_execution_time>600</max_execution_time>
+ <!-- Use cache of uncompressed blocks of data. Meaningful only for processing many of very short queries. -->
+ <timeout_before_checking_execution_speed>600</timeout_before_checking_execution_speed>
+ <use_uncompressed_cache>1</use_uncompressed_cache>
+ <count_distinct_implementation>uniqCombined</count_distinct_implementation>
+ <load_balancing>in_order</load_balancing>
+ <distributed_aggregation_memory_efficient>1</distributed_aggregation_memory_efficient>
+ <max_rows_to_group_by>10000000</max_rows_to_group_by>
+ <group_by_overflow_mode>any</group_by_overflow_mode>
+ <readonly>2</readonly>
+
+ </readonly>
+
+ <ckinsert>
+ <max_memory_usage>150000000000</max_memory_usage>
+ <!-- <max_memory_usage_for_all_queries>200000000000</max_memory_usage_for_all_queries> -->
+ <default_database_engine>Ordinary</default_database_engine>
+ <optimize_on_insert>0</optimize_on_insert>
+ <async_socket_for_remote>0</async_socket_for_remote>
+ <distributed_ddl_task_timeout>0</distributed_ddl_task_timeout>
+ <distributed_product_mode>local</distributed_product_mode>
+ <log_queries>1</log_queries>
+ <background_pool_size>16</background_pool_size>
+
+ <replication_alter_columns_timeout>60</replication_alter_columns_timeout>
+ <skip_unavailable_shards>1</skip_unavailable_shards>
+ <max_execution_time>300</max_execution_time>
+ <!-- Use cache of uncompressed blocks of data. Meaningful only for processing many of very short queries. -->
+ <use_uncompressed_cache>0</use_uncompressed_cache>
+ <timeout_before_checking_execution_speed>300</timeout_before_checking_execution_speed>
+ <http_receive_timeout>300</http_receive_timeout>
+ <http_send_timeout>300</http_send_timeout>
+ <receive_timeout>300</receive_timeout>
+ <send_timeout>300</send_timeout>
+ <allow_ddl>0</allow_ddl>
+ <load_balancing>random</load_balancing>
+ </ckinsert>
+ </profiles>
+
+ <!-- Users and ACL. -->
+ <users>
+ <!-- If user name was not specified, 'default' user is used. -->
+ <default>
+ <!-- Password could be specified in plaintext or in SHA256 (in hex format).
+
+ If you want to specify password in plaintext (not recommended), place it in 'password' element.
+ Example: <password>qwerty</password>.
+ Password could be empty.
+
+ If you want to specify SHA256, place it in 'password_sha256_hex' element.
+ Example: <password_sha256_hex>65e84be33532fb784c48129675f9eff3a682b27168c0ea744b2cf58ee02337c5</password_sha256_hex>
+
+ How to generate decent password:
+ Execute: PASSWORD=$(base64 < /dev/urandom | head -c8); echo "$PASSWORD"; echo -n "$PASSWORD" | sha256sum | tr -d '-'
+ In first line will be password and in second - corresponding SHA256.
+ -->
+ <password_sha256_hex>d24247a535fe6794275904f9b72e7fcf14a8a45628874d2eb1fd147020a403f7</password_sha256_hex>
+
+ <!-- List of networks with open access.
+
+ To open access from everywhere, specify:
+ <ip>::/0</ip>
+
+ To open access only from localhost, specify:
+ <ip>::1</ip>
+ <ip>127.0.0.1</ip>
+
+ Each element of list has one of the following forms:
+ <ip> IP-address or network mask. Examples: 213.180.204.3 or 10.0.0.1/8 or 10.0.0.1/255.255.255.0
+ 2a02:6b8::3 or 2a02:6b8::3/64 or 2a02:6b8::3/ffff:ffff:ffff:ffff::.
+ <host> Hostname. Example: server01.yandex.ru.
+ To check access, DNS query is performed, and all received addresses compared to peer address.
+ <host_regexp> Regular expression for host names. Example, ^server\d\d-\d\d-\d\.yandex\.ru$
+ To check access, DNS PTR query is performed for peer address and then regexp is applied.
+ Then, for result of PTR query, another DNS query is performed and all received addresses compared to peer address.
+ Strongly recommended that regexp is ends with $
+ All results of DNS requests are cached till server restart.
+ -->
+ <networks incl="networks" replace="replace">
+ <ip>::/0</ip>
+ </networks>
+
+ <!-- Settings profile for user. -->
+ <profile>default</profile>
+
+ <!-- Quota for user. -->
+ <quota>default</quota>
+ </default>
+
+ <tsg_report>
+ <password_sha256_hex>d24247a535fe6794275904f9b72e7fcf14a8a45628874d2eb1fd147020a403f7</password_sha256_hex>
+ <networks incl="networks" replace="replace">
+ <ip>::/0</ip>
+ </networks>
+ <profile>default</profile>
+ <quota>default</quota>
+ </tsg_report>
+
+
+ <tsg_insert>
+ <password_sha256_hex>d24247a535fe6794275904f9b72e7fcf14a8a45628874d2eb1fd147020a403f7</password_sha256_hex>
+ <networks incl="networks" replace="replace">
+ <ip>::/0</ip>
+ </networks>
+ <profile>ckinsert</profile>
+ <quota>default</quota>
+ </tsg_insert>
+
+ <!-- Example of user with readonly access. -->
+ <tsg_query>
+ <password_sha256_hex>bce24719d7fef9c9569e710a344bf24d4a1d6a8f19c9ec1f4c4b7884a9d31121</password_sha256_hex>
+ <networks incl="networks" replace="replace">
+ <ip>::/0</ip>
+ </networks>
+ <profile>readonly</profile>
+ <quota>default</quota>
+ </tsg_query>
+
+
+ <!-- Example of user with readonly access. -->
+ <readonly>
+ <password></password>
+ <networks incl="networks" replace="replace">
+ <ip>::1</ip>
+ <ip>127.0.0.1</ip>
+ </networks>
+ <profile>readonly</profile>
+ <quota>default</quota>
+ </readonly>
+ </users>
+
+ <!-- Quotas. -->
+ <quotas>
+ <!-- Name of quota. -->
+ <default>
+ <!-- Limits for time interval. You could specify many intervals with different limits. -->
+ <interval>
+ <!-- Length of interval. -->
+ <duration>3600</duration>
+ <!-- No limits. Just calculate resource usage for time interval. -->
+ <queries>0</queries>
+ <errors>0</errors>
+ <result_rows>0</result_rows>
+ <read_rows>0</read_rows>
+ <execution_time>0</execution_time>
+ </interval>
+ </default>
+ </quotas>
+</yandex>
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 14:08:19 +0000