alexsun/compose-anything
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add openlit & openobserve & buildingai

Browse Source
This commit is contained in:
Sun-ZhenXing
2026-01-15 09:12:18 +08:00
parent b3c2708a53
commit 3efc2150fe
14 changed files with 1741 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
apps/buildingai/.env.example Normal file
View File

@@ -0,0 +1,76 @@
# BuildingAI Configuration
# Copy this file to .env and modify as needed
# ===========================
# Global Settings
# ===========================
# Global registry prefix for all images (optional)
# Example: registry.example.com/
GLOBAL_REGISTRY=
# Timezone setting (default: UTC)
# Examples: Asia/Shanghai, America/New_York, Europe/London
TZ=UTC
# ===========================
# Redis Configuration
# ===========================
# Redis version
REDIS_VERSION=8.2.2
# Redis password (leave empty for no password)
REDIS_PASSWORD=
# Redis host port override (default: 6379)
# Set this to change the exposed port on the host
REDIS_PORT_OVERRIDE=6379
# Redis resource limits
REDIS_CPU_LIMIT=0.25
REDIS_MEMORY_LIMIT=256M
REDIS_CPU_RESERVATION=0.10
REDIS_MEMORY_RESERVATION=128M
# ===========================
# PostgreSQL Configuration
# ===========================
# PostgreSQL version
POSTGRES_VERSION=17.6-alpine
# Database credentials
DB_USERNAME=postgres
DB_PASSWORD=postgres
DB_DATABASE=buildingai
# PostgreSQL host port override (default: 5432)
POSTGRES_PORT_OVERRIDE=5432
# PostgreSQL resource limits
POSTGRES_CPU_LIMIT=1.0
POSTGRES_MEMORY_LIMIT=512M
POSTGRES_CPU_RESERVATION=0.25
POSTGRES_MEMORY_RESERVATION=256M
# ===========================
# BuildingAI Configuration
# ===========================
# BuildingAI version
BUILDINGAI_VERSION=latest
# Server port (internal container port)
SERVER_PORT=4090
# BuildingAI host port override (default: 4090)
# This is the port you'll use to access BuildingAI
BUILDINGAI_PORT_OVERRIDE=4090
# NPM Registry URL (optional)
# Set this to use a custom npm registry mirror
# Example: https://registry.npmmirror.com
NPM_REGISTRY_URL=
# BuildingAI resource limits
BUILDINGAI_CPU_LIMIT=2.0
BUILDINGAI_MEMORY_LIMIT=3584M
BUILDINGAI_CPU_RESERVATION=0.5
BUILDINGAI_MEMORY_RESERVATION=512M

231
apps/buildingai/README.md Normal file
View File

@@ -0,0 +1,231 @@
# BuildingAI
BuildingAI is an intelligent AI application development platform that empowers developers to quickly build and deploy AI-powered applications. Built on NestJS + Vue 3, it provides a comprehensive solution for creating, managing, and deploying AI agents with a modern, user-friendly interface.
## Features
- 🤖 **AI Agent Builder**: Create and customize AI agents with drag-and-drop interface
- 💬 **Conversation Management**: Advanced chat interface with context awareness
- 🔌 **MCP Server Integration**: Support for Model Context Protocol servers
- 🎨 **Modern UI**: Built with Vue 3 and Nuxt for excellent user experience
- 🔒 **Enterprise Ready**: Built-in user management, authentication, and multi-tenancy
- 📊 **Analytics**: Track usage and performance of your AI applications
- 🌐 **i18n Support**: Multi-language interface support
- 🔧 **Extensible**: Plugin system for custom extensions
## Tech Stack
- **Backend**: NestJS 11.x + TypeORM 0.3.x
- **Database**: PostgreSQL 17.x
- **Cache**: Redis 8.x
- **Frontend**: Vue.js 3.x + Nuxt + Vite 7.x
- **TypeScript**: 5.x
- **Monorepo**: Turbo 2.x
## Quick Start
### Prerequisites
- Docker and Docker Compose installed
- At least 4GB RAM available
- 5GB free disk space
### Deployment
1. Copy the environment file:
```bash
cp .env.example .env
```
2. (Optional) Modify the `.env` file to customize your configuration:
- Set `DB_PASSWORD` for database security
- Set `REDIS_PASSWORD` for Redis security
- Configure `BUILDINGAI_PORT_OVERRIDE` if you need a different port
- Set `NPM_REGISTRY_URL` if you need a custom npm registry mirror
3. Start the services:
```bash
docker compose up -d
```
4. Wait for services to be ready (may take a few minutes on first start):
```bash
docker compose logs -f buildingai
```
5. Access BuildingAI at [http://localhost:4090/install](http://localhost:4090/install) to complete the initial setup wizard.
### Default Ports
- **BuildingAI**: 4090 (web interface)
- **PostgreSQL**: 5432 (database)
- **Redis**: 6379 (cache)
You can override these ports in the `.env` file.
## Configuration
### Environment Variables
All configuration is done through the `.env` file. See [.env.example](.env.example) for all available options.
#### Key Settings
- `DB_USERNAME` / `DB_PASSWORD`: Database credentials
- `REDIS_PASSWORD`: Redis password (optional, but recommended for production)
- `SERVER_PORT`: Internal application port
- `NPM_REGISTRY_URL`: Custom npm registry mirror (useful in China or private networks)
### Resource Limits
Default resource limits are configured for small to medium deployments:
- **BuildingAI**: 2 CPU cores, 3584MB RAM
- **PostgreSQL**: 1 CPU core, 512MB RAM
- **Redis**: 0.25 CPU cores, 256MB RAM
Adjust these in `.env` based on your workload.
## Data Persistence
All data is stored in Docker volumes:
- `buildingai_data`: Application data and uploads
- `postgres_data`: Database files
- `redis_data`: Redis persistence
### Backup
To backup your data:
```bash
# Backup database
docker compose exec postgres pg_dump -U postgres buildingai > backup.sql
# Backup application data
docker run --rm -v buildingai_buildingai_data:/data -v $(pwd):/backup alpine tar czf /backup/buildingai-data.tar.gz -C /data .
```
### Restore
```bash
# Restore database
docker compose exec -T postgres psql -U postgres buildingai < backup.sql
# Restore application data
docker run --rm -v buildingai_buildingai_data:/data -v $(pwd):/backup alpine tar xzf /backup/buildingai-data.tar.gz -C /data
```
## Maintenance
### View Logs
```bash
# All services
docker compose logs -f
# Specific service
docker compose logs -f buildingai
```
### Restart Services
```bash
# All services
docker compose restart
# Specific service
docker compose restart buildingai
```
### Update BuildingAI
```bash
# Pull latest images
docker compose pull
# Restart with new images
docker compose up -d
```
### Stop Services
```bash
# Stop all services
docker compose down
# Stop and remove volumes (WARNING: deletes all data)
docker compose down -v
```
## Troubleshooting
### BuildingAI won't start
1. Check service health:
```bash
docker compose ps
```
2. Check logs for errors:
```bash
docker compose logs buildingai
```
3. Ensure PostgreSQL and Redis are healthy:
```bash
docker compose ps postgres redis
```
### Database connection errors
- Verify `DB_USERNAME`, `DB_PASSWORD`, and `DB_DATABASE` in `.env`
- Check PostgreSQL logs: `docker compose logs postgres`
- Ensure PostgreSQL healthcheck is passing
### Redis connection errors
- If `REDIS_PASSWORD` is set, ensure it matches in all services
- Check Redis logs: `docker compose logs redis`
- Verify Redis healthcheck status
### Performance issues
- Increase resource limits in `.env`
- Monitor resource usage: `docker stats`
- Check for sufficient disk space
## Security Recommendations
For production deployments:
1. **Set strong passwords** for `DB_PASSWORD` and `REDIS_PASSWORD`
2. **Do not expose** PostgreSQL and Redis ports externally (remove port mappings or use firewall rules)
3. **Use a reverse proxy** (nginx, Caddy) with HTTPS for the BuildingAI web interface
4. **Regular backups** of database and application data
5. **Monitor logs** for suspicious activity
6. **Keep images updated** regularly
## Links
- [GitHub Repository](https://github.com/BidingCC/BuildingAI)
- [Official Website](https://www.buildingai.cc/)
- [Live Demo](http://demo.buildingai.cc/)
- [Documentation](https://www.buildingai.cc/docs/introduction/install)
## License
Please refer to the [original repository](https://github.com/BidingCC/BuildingAI) for license information.
## Support
For issues and questions:
- GitHub Issues: [BuildingAI Issues](https://github.com/BidingCC/BuildingAI/issues)
- Official Documentation: [BuildingAI Docs](https://www.buildingai.cc/docs/)

231
apps/buildingai/README.zh.md Normal file
View File

@@ -0,0 +1,231 @@
# BuildingAI
BuildingAI 是一个智能 AI 应用开发平台,帮助开发者快速构建和部署 AI 驱动的应用程序。基于 NestJS + Vue 3 构建,为创建、管理和部署 AI 智能体提供全面的解决方案,拥有现代化的用户友好界面。
## 功能特性
- 🤖 **AI 智能体构建器**:使用拖放界面创建和自定义 AI 智能体
- 💬 **对话管理**:具有上下文感知的高级聊天界面
- 🔌 **MCP 服务器集成**支持模型上下文协议Model Context Protocol服务器
- 🎨 **现代化 UI**:使用 Vue 3 和 Nuxt 构建,提供卓越的用户体验
- 🔒 **企业级就绪**:内置用户管理、身份验证和多租户支持
- 📊 **数据分析**:跟踪 AI 应用的使用情况和性能
- 🌐 **i18n 支持**:多语言界面支持
- 🔧 **可扩展**:插件系统支持自定义扩展
## 技术栈
- **后端**NestJS 11.x + TypeORM 0.3.x
- **数据库**PostgreSQL 17.x
- **缓存**Redis 8.x
- **前端**Vue.js 3.x + Nuxt + Vite 7.x
- **TypeScript**5.x
- **Monorepo**Turbo 2.x
## 快速开始
### 前置要求
- 已安装 Docker 和 Docker Compose
- 至少 4GB 可用内存
- 5GB 可用磁盘空间
### 部署步骤
1. 复制环境变量文件:
```bash
cp .env.example .env
```
2. (可选)修改 `.env` 文件以自定义配置:
- 设置 `DB_PASSWORD` 以增强数据库安全性
- 设置 `REDIS_PASSWORD` 以增强 Redis 安全性
- 如需使用不同端口,配置 `BUILDINGAI_PORT_OVERRIDE`
- 如需使用自定义 npm 镜像源,设置 `NPM_REGISTRY_URL`
3. 启动服务:
```bash
docker compose up -d
```
4. 等待服务就绪(首次启动可能需要几分钟):
```bash
docker compose logs -f buildingai
```
5. 访问 [http://localhost:4090/install](http://localhost:4090/install) 完成初始化设置向导。
### 默认端口
- **BuildingAI**4090Web 界面)
- **PostgreSQL**5432数据库
- **Redis**6379缓存
你可以在 `.env` 文件中覆盖这些端口。
## 配置说明
### 环境变量
所有配置都通过 `.env` 文件完成。查看 [.env.example](.env.example) 了解所有可用选项。
#### 关键设置
- `DB_USERNAME` / `DB_PASSWORD`:数据库凭据
- `REDIS_PASSWORD`Redis 密码(可选,但生产环境建议设置)
- `SERVER_PORT`:内部应用端口
- `NPM_REGISTRY_URL`:自定义 npm 镜像源(在中国或私有网络中很有用)
### 资源限制
默认资源限制配置适用于中小型部署:
- **BuildingAI**2 CPU 核心3584MB 内存
- **PostgreSQL**1 CPU 核心512MB 内存
- **Redis**0.25 CPU 核心256MB 内存
根据你的工作负载在 `.env` 中调整这些设置。
## 数据持久化
所有数据存储在 Docker 卷中:
- `buildingai_data`:应用数据和上传文件
- `postgres_data`:数据库文件
- `redis_data`Redis 持久化数据
### 备份
备份你的数据:
```bash
# 备份数据库
docker compose exec postgres pg_dump -U postgres buildingai > backup.sql
# 备份应用数据
docker run --rm -v buildingai_buildingai_data:/data -v $(pwd):/backup alpine tar czf /backup/buildingai-data.tar.gz -C /data .
```
### 恢复
```bash
# 恢复数据库
docker compose exec -T postgres psql -U postgres buildingai < backup.sql
# 恢复应用数据
docker run --rm -v buildingai_buildingai_data:/data -v $(pwd):/backup alpine tar xzf /backup/buildingai-data.tar.gz -C /data
```
## 维护
### 查看日志
```bash
# 所有服务
docker compose logs -f
# 特定服务
docker compose logs -f buildingai
```
### 重启服务
```bash
# 所有服务
docker compose restart
# 特定服务
docker compose restart buildingai
```
### 更新 BuildingAI
```bash
# 拉取最新镜像
docker compose pull
# 使用新镜像重启
docker compose up -d
```
### 停止服务
```bash
# 停止所有服务
docker compose down
# 停止并删除卷(警告:会删除所有数据)
docker compose down -v
```
## 故障排除
### BuildingAI 无法启动
1. 检查服务健康状态:
```bash
docker compose ps
```
2. 检查日志中的错误:
```bash
docker compose logs buildingai
```
3. 确保 PostgreSQL 和 Redis 健康:
```bash
docker compose ps postgres redis
```
### 数据库连接错误
- 验证 `.env` 中的 `DB_USERNAME`、`DB_PASSWORD` 和 `DB_DATABASE`
- 检查 PostgreSQL 日志:`docker compose logs postgres`
- 确保 PostgreSQL 健康检查通过
### Redis 连接错误
- 如果设置了 `REDIS_PASSWORD`,确保所有服务中的配置一致
- 检查 Redis 日志:`docker compose logs redis`
- 验证 Redis 健康检查状态
### 性能问题
- 在 `.env` 中增加资源限制
- 监控资源使用情况:`docker stats`
- 检查磁盘空间是否充足
## 安全建议
生产环境部署时:
1. **设置强密码**:为 `DB_PASSWORD` 和 `REDIS_PASSWORD` 设置强密码
2. **不要暴露端口**:不要在外部暴露 PostgreSQL 和 Redis 端口(删除端口映射或使用防火墙规则)
3. **使用反向代理**:为 BuildingAI Web 界面使用带 HTTPS 的反向代理nginx、Caddy
4. **定期备份**:定期备份数据库和应用数据
5. **监控日志**:监控日志中的可疑活动
6. **保持更新**:定期更新镜像
## 链接
- [GitHub 仓库](https://github.com/BidingCC/BuildingAI)
- [官方网站](https://www.buildingai.cc/)
- [在线演示](http://demo.buildingai.cc/)
- [文档](https://www.buildingai.cc/docs/introduction/install)
## 许可证
请参考[原始仓库](https://github.com/BidingCC/BuildingAI)了解许可证信息。
## 支持
遇到问题和疑问:
- GitHub Issues[BuildingAI Issues](https://github.com/BidingCC/BuildingAI/issues)
- 官方文档:[BuildingAI Docs](https://www.buildingai.cc/docs/)

117
apps/buildingai/docker-compose.yaml Normal file
View File

@@ -0,0 +1,117 @@
# BuildingAI - AI Application Development Platform
# An intelligent application development platform built on NestJS + Vue 3
# https://github.com/BidingCC/BuildingAI
x-defaults: &defaults
restart: unless-stopped
logging:
driver: json-file
options:
max-size: 100m
max-file: "3"
services:
redis:
<<: *defaults
image: ${GLOBAL_REGISTRY:-}redis:${REDIS_VERSION:-8.2.2}-alpine
environment:
- TZ=${TZ:-UTC}
- REDIS_PASSWORD=${REDIS_PASSWORD:-}
ports:
- "${REDIS_PORT_OVERRIDE:-6379}:6379"
volumes:
- redis_data:/data
command: >
sh -c '
if [ -n "$REDIS_PASSWORD" ]; then
exec redis-server --requirepass "$REDIS_PASSWORD"
else
exec redis-server
fi
'
healthcheck:
test: ["CMD-SHELL", "redis-cli -a $$REDIS_PASSWORD ping 2>/dev/null || redis-cli ping"]
interval: 10s
timeout: 5s
retries: 5
start_period: 10s
deploy:
resources:
limits:
cpus: ${REDIS_CPU_LIMIT:-0.25}
memory: ${REDIS_MEMORY_LIMIT:-256M}
reservations:
cpus: ${REDIS_CPU_RESERVATION:-0.10}
memory: ${REDIS_MEMORY_RESERVATION:-128M}
postgres:
<<: *defaults
image: ${GLOBAL_REGISTRY:-}postgres:${POSTGRES_VERSION:-17.6-alpine}
environment:
- TZ=${TZ:-UTC}
- POSTGRES_USER=${DB_USERNAME:-postgres}
- POSTGRES_PASSWORD=${DB_PASSWORD:-postgres}
- POSTGRES_DB=${DB_DATABASE:-buildingai}
- PGDATA=/var/lib/postgresql/data/pgdata
ports:
- "${POSTGRES_PORT_OVERRIDE:-5432}:5432"
volumes:
- postgres_data:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U ${DB_USERNAME:-postgres}"]
interval: 10s
timeout: 5s
retries: 5
start_period: 20s
deploy:
resources:
limits:
cpus: ${POSTGRES_CPU_LIMIT:-1.0}
memory: ${POSTGRES_MEMORY_LIMIT:-512M}
reservations:
cpus: ${POSTGRES_CPU_RESERVATION:-0.25}
memory: ${POSTGRES_MEMORY_RESERVATION:-256M}
buildingai:
<<: *defaults
image: ${GLOBAL_REGISTRY:-}bidingcc/buildingai:${BUILDINGAI_VERSION:-latest}
depends_on:
redis:
condition: service_healthy
postgres:
condition: service_healthy
environment:
- TZ=${TZ:-UTC}
- SERVER_PORT=${SERVER_PORT:-4090}
- NPM_REGISTRY_URL=${NPM_REGISTRY_URL:-}
- DB_USERNAME=${DB_USERNAME:-postgres}
- DB_PASSWORD=${DB_PASSWORD:-postgres}
- DB_DATABASE=${DB_DATABASE:-buildingai}
- DB_HOST=postgres
- DB_PORT=5432
- REDIS_HOST=redis
- REDIS_PORT=6379
- REDIS_PASSWORD=${REDIS_PASSWORD:-}
ports:
- "${BUILDINGAI_PORT_OVERRIDE:-4090}:${SERVER_PORT:-4090}"
volumes:
- buildingai_data:/app/data
healthcheck:
test: ["CMD-SHELL", "curl -f http://localhost:${SERVER_PORT:-4090}/consoleapi/health || exit 1"]
interval: 30s
timeout: 10s
retries: 3
start_period: 180s
deploy:
resources:
limits:
cpus: ${BUILDINGAI_CPU_LIMIT:-2.0}
memory: ${BUILDINGAI_MEMORY_LIMIT:-3584M}
reservations:
cpus: ${BUILDINGAI_CPU_RESERVATION:-0.5}
memory: ${BUILDINGAI_MEMORY_RESERVATION:-512M}
volumes:
redis_data:
postgres_data:
buildingai_data:

121
apps/openlit/.env.example Normal file
View File

@@ -0,0 +1,121 @@
# OpenLIT Configuration
# Copy this file to .env and modify as needed
# =============================================================================
# Version Configuration
# =============================================================================
# OpenLIT version (default: latest)
OPENLIT_VERSION=latest
# ClickHouse version
CLICKHOUSE_VERSION=24.4.1
# =============================================================================
# Global Configuration
# =============================================================================
# Global registry prefix for all images (optional)
# GLOBAL_REGISTRY=
# Time zone (default: UTC)
TZ=UTC
# =============================================================================
# Database Configuration
# =============================================================================
# ClickHouse database name
OPENLIT_DB_NAME=openlit
# ClickHouse username
OPENLIT_DB_USER=default
# ClickHouse password
OPENLIT_DB_PASSWORD=OPENLIT
# =============================================================================
# Port Configuration
# =============================================================================
# OpenLIT UI port on host (default: 3000)
OPENLIT_PORT_OVERRIDE=3000
# OpenLIT internal port (do not change unless necessary)
OPENLIT_INTERNAL_PORT=3000
# OTLP gRPC receiver port (default: 4317)
OPENLIT_OTLP_GRPC_PORT_OVERRIDE=4317
# OTLP HTTP receiver port (default: 4318)
OPENLIT_OTLP_HTTP_PORT_OVERRIDE=4318
# ClickHouse HTTP port (default: 8123)
CLICKHOUSE_HTTP_PORT_OVERRIDE=8123
# ClickHouse Native protocol port (default: 9000)
CLICKHOUSE_NATIVE_PORT_OVERRIDE=9000
# =============================================================================
# Resource Limits - OpenLIT
# =============================================================================
# CPU limit for OpenLIT
OPENLIT_CPU_LIMIT=1.0
# Memory limit for OpenLIT
OPENLIT_MEMORY_LIMIT=2G
# CPU reservation for OpenLIT
OPENLIT_CPU_RESERVATION=0.25
# Memory reservation for OpenLIT
OPENLIT_MEMORY_RESERVATION=512M
# =============================================================================
# Resource Limits - ClickHouse
# =============================================================================
# CPU limit for ClickHouse
CLICKHOUSE_CPU_LIMIT=2.0
# Memory limit for ClickHouse
CLICKHOUSE_MEMORY_LIMIT=4G
# CPU reservation for ClickHouse
CLICKHOUSE_CPU_RESERVATION=0.5
# Memory reservation for ClickHouse
CLICKHOUSE_MEMORY_RESERVATION=2G
# =============================================================================
# Application Configuration
# =============================================================================
# Enable telemetry
TELEMETRY_ENABLED=true
# =============================================================================
# OAuth Configuration (Optional)
# =============================================================================
# Google OAuth
GOOGLE_CLIENT_ID=
GOOGLE_CLIENT_SECRET=
# GitHub OAuth
GITHUB_CLIENT_ID=
GITHUB_CLIENT_SECRET=
# =============================================================================
# OpAMP Server Configuration
# =============================================================================
# Environment Mode: development, production, testing (default: production)
OPAMP_ENVIRONMENT=production
# Skip certificate verification (development only, default: false)
OPAMP_TLS_INSECURE_SKIP_VERIFY=false
# Require client certificates for mutual TLS (default: true)
OPAMP_TLS_REQUIRE_CLIENT_CERT=true
# TLS minimum version: 1.0, 1.1, 1.2, 1.3 (default: 1.2)
OPAMP_TLS_MIN_VERSION=1.2
# TLS maximum version: 1.0, 1.1, 1.2, 1.3 (default: 1.3)
OPAMP_TLS_MAX_VERSION=1.3
# Logging level: debug, info, warn, error (default: info)
OPAMP_LOG_LEVEL=info

221
apps/openlit/README.md Normal file
View File

@@ -0,0 +1,221 @@
# OpenLIT
OpenLIT is an open-source platform for AI engineering that provides OpenTelemetry-native observability, monitoring, and management tools for large language models (LLMs), GPUs, and vector databases.
## Features
- **📈 Analytics Dashboard**: Monitor your AI application's health and performance with detailed dashboards that track metrics, costs, and user interactions
- **🔌 OpenTelemetry-native Observability SDKs**: Vendor-neutral SDKs to send traces and metrics to your existing observability tools
- **💲 Cost Tracking**: Tailor cost estimations for specific models using custom pricing files for precise budgeting
- **🐛 Exceptions Monitoring**: Quickly spot and resolve issues by tracking common exceptions and errors
- **💭 Prompt Management**: Manage and version prompts using Prompt Hub for consistent and easy access across applications
- **🔑 API Keys and Secrets Management**: Securely handle your API keys and secrets centrally
- **🎮 Experiment with different LLMs**: Use OpenGround to explore, test and compare various LLMs side by side
- **🚀 Fleet Hub for OpAMP Management**: Centrally manage and monitor OpenTelemetry Collectors across your infrastructure using the OpAMP (Open Agent Management Protocol) with secure TLS communication
## Quick Start
1. Copy `.env.example` to `.env` and customize as needed:
```bash
cp .env.example .env
```
2. Start the services:
```bash
docker compose up -d
```
3. Access OpenLIT at `http://localhost:3000`
4. Login with default credentials:
- Email: `user@openlit.io`
- Password: `openlituser`
## Components
This deployment includes:
- **OpenLIT Platform**: Main application providing the UI and API (Port: 3000)
- **ClickHouse**: Database for storing telemetry data (Ports: 8123, 9000)
- **OTLP Receivers**:
- gRPC: Port 4317
- HTTP: Port 4318
## Integration with Your Applications
To integrate OpenLIT with your AI applications:
### Python SDK
```bash
pip install openlit
```
```python
import openlit
openlit.init(
otlp_endpoint="http://localhost:4318"
)
```
### TypeScript SDK
```bash
npm install openlit
```
```typescript
import Openlit from 'openlit';
Openlit.init({
otlpEndpoint: 'http://localhost:4318'
});
```
## Environment Variables
Key configuration options (see `.env.example` for all options):
| Variable | Description | Default |
| --------------------------------- | ----------------------------------- | ------------ |
| `OPENLIT_VERSION` | OpenLIT image version | `latest` |
| `CLICKHOUSE_VERSION` | ClickHouse version | `24.4.1` |
| `OPENLIT_PORT_OVERRIDE` | UI port on host | `3000` |
| `OPENLIT_OTLP_HTTP_PORT_OVERRIDE` | OTLP HTTP port | `4318` |
| `OPENLIT_OTLP_GRPC_PORT_OVERRIDE` | OTLP gRPC port | `4317` |
| `OPENLIT_DB_PASSWORD` | ClickHouse password | `OPENLIT` |
| `OPAMP_ENVIRONMENT` | OpAMP mode (development/production) | `production` |
## Resource Requirements
Default resource allocations:
- **OpenLIT**:
- Limits: 1 CPU, 2GB RAM
- Reservations: 0.25 CPU, 512MB RAM
- **ClickHouse**:
- Limits: 2 CPU, 4GB RAM
- Reservations: 0.5 CPU, 2GB RAM
Adjust these in `.env` file based on your workload.
## OAuth Configuration (Optional)
To enable OAuth authentication:
1. Configure Google OAuth:
```env
GOOGLE_CLIENT_ID=your-client-id
GOOGLE_CLIENT_SECRET=your-client-secret
```
2. Configure GitHub OAuth:
```env
GITHUB_CLIENT_ID=your-client-id
GITHUB_CLIENT_SECRET=your-client-secret
```
## OpAMP Fleet Hub
OpenLIT includes an OpAMP server for centralized management of OpenTelemetry Collectors:
- Access Fleet Hub at: `http://localhost:3000/fleet-hub`
- OpAMP endpoint: `wss://localhost:4320/v1/opamp` (production mode)
- API endpoint: `http://localhost:8080`
For production deployments, ensure proper TLS configuration:
```env
OPAMP_ENVIRONMENT=production
OPAMP_TLS_INSECURE_SKIP_VERIFY=false
OPAMP_TLS_REQUIRE_CLIENT_CERT=true
```
## Supported Integrations
OpenLIT provides automatic instrumentation for 50+ LLM providers, vector databases, and frameworks including:
- **LLM Providers**: OpenAI, Anthropic, Cohere, Azure OpenAI, Google Vertex AI, Bedrock, and more
- **Vector Databases**: Pinecone, Weaviate, ChromaDB, Qdrant, Milvus, and more
- **Frameworks**: LangChain, LlamaIndex, Haystack, AutoGen, CrewAI, and more
## Health Checks
The OpenLIT service includes health checks to ensure proper startup. The service is considered healthy when:
- The web interface responds on the configured port
- Interval: 30 seconds
- Timeout: 10 seconds
- Start period: 60 seconds
## Data Persistence
Data is persisted in Docker volumes:
- `clickhouse_data`: ClickHouse database files
- `openlit_data`: OpenLIT application data including SQLite database
## Monitoring
Monitor your deployment:
```bash
# View logs
docker compose logs -f openlit
# Check service status
docker compose ps
# View resource usage
docker stats
```
## Security Notes
1. **Change default password**: Update `OPENLIT_DB_PASSWORD` in production
2. **TLS Configuration**: For production, use proper TLS certificates with OpAMP
3. **OAuth**: Consider enabling OAuth for enhanced security
4. **Network**: By default, services are exposed on all interfaces. Consider using a reverse proxy in production
## Troubleshooting
### Service won't start
- Check logs: `docker compose logs openlit`
- Verify ClickHouse is healthy: `docker compose ps`
- Ensure ports are not in use
### Cannot connect to OTLP endpoint
- Verify firewall settings
- Check port configuration in `.env`
- Ensure the endpoint URL is correct in your application
### High resource usage
- Adjust resource limits in `.env`
- Monitor with: `docker stats`
- Consider scaling ClickHouse resources for large workloads
## Documentation
- Official Documentation: <https://docs.openlit.io/>
- GitHub Repository: <https://github.com/openlit/openlit>
- Python SDK: <https://github.com/openlit/openlit/tree/main/sdk/python>
- TypeScript SDK: <https://github.com/openlit/openlit/tree/main/sdk/typescript>
## License
OpenLIT is available under the Apache-2.0 license.
## Support
- [Slack Community](https://join.slack.com/t/openlit/shared_invite/zt-2etnfttwg-TjP_7BZXfYg84oAukY8QRQ)
- [Discord](https://discord.gg/CQnXwNT3)
- [GitHub Issues](https://github.com/openlit/openlit/issues)
- [X/Twitter](https://twitter.com/openlit_io)

221
apps/openlit/README.zh.md Normal file
View File

@@ -0,0 +1,221 @@
# OpenLIT
OpenLIT 是一个开源的 AI 工程平台为大型语言模型LLM、GPU 和向量数据库提供 OpenTelemetry 原生的可观测性、监控和管理工具。
## 功能特性
- **📈 分析仪表板**:通过详细的仪表板监控 AI 应用程序的健康状况和性能,跟踪指标、成本和用户交互
- **🔌 OpenTelemetry 原生可观测性 SDK**:供应商中立的 SDK可将跟踪和指标发送到现有的可观测性工具
- **💲 成本跟踪**:使用自定义定价文件为特定模型定制成本估算,实现精确预算
- **🐛 异常监控**:通过跟踪常见异常和错误快速发现并解决问题
- **💭 提示词管理**:使用 Prompt Hub 管理和版本化提示词,确保应用程序之间的一致性和便捷访问
- **🔑 API 密钥和密钥管理**:集中安全地处理 API 密钥和密钥
- **🎮 实验不同的 LLM**:使用 OpenGround 并排探索、测试和比较各种 LLM
- **🚀 OpAMP 管理的 Fleet Hub**:使用 OpAMP开放代理管理协议集中管理和监控整个基础设施中的 OpenTelemetry Collector并支持安全的 TLS 通信
## 快速开始
1. 复制 `.env.example``.env` 并根据需要自定义:
```bash
cp .env.example .env
```
2. 启动服务:
```bash
docker compose up -d
```
3. 访问 OpenLIT`http://localhost:3000`
4. 使用默认凭据登录:
- 邮箱:`user@openlit.io`
- 密码:`openlituser`
## 组件说明
此部署包含以下组件:
- **OpenLIT 平台**:提供 UI 和 API 的主应用程序端口3000
- **ClickHouse**存储遥测数据的数据库端口8123、9000
- **OTLP 接收器**
- gRPC端口 4317
- HTTP端口 4318
## 与应用程序集成
将 OpenLIT 集成到 AI 应用程序:
### Python SDK
```bash
pip install openlit
```
```python
import openlit
openlit.init(
otlp_endpoint="http://localhost:4318"
)
```
### TypeScript SDK
```bash
npm install openlit
```
```typescript
import Openlit from 'openlit';
Openlit.init({
otlpEndpoint: 'http://localhost:4318'
});
```
## 环境变量
关键配置选项(查看 `.env.example` 获取所有选项):
| 变量 | 说明 | 默认值 |
| --------------------------------- | ------------------------------------ | ------------ |
| `OPENLIT_VERSION` | OpenLIT 镜像版本 | `latest` |
| `CLICKHOUSE_VERSION` | ClickHouse 版本 | `24.4.1` |
| `OPENLIT_PORT_OVERRIDE` | 主机上的 UI 端口 | `3000` |
| `OPENLIT_OTLP_HTTP_PORT_OVERRIDE` | OTLP HTTP 端口 | `4318` |
| `OPENLIT_OTLP_GRPC_PORT_OVERRIDE` | OTLP gRPC 端口 | `4317` |
| `OPENLIT_DB_PASSWORD` | ClickHouse 密码 | `OPENLIT` |
| `OPAMP_ENVIRONMENT` | OpAMP 模式development/production | `production` |
## 资源需求
默认资源分配:
- **OpenLIT**
- 限制1 CPU、2GB 内存
- 预留0.25 CPU、512MB 内存
- **ClickHouse**
- 限制2 CPU、4GB 内存
- 预留0.5 CPU、2GB 内存
根据工作负载在 `.env` 文件中调整这些值。
## OAuth 配置(可选)
要启用 OAuth 身份验证:
1. 配置 Google OAuth
```env
GOOGLE_CLIENT_ID=your-client-id
GOOGLE_CLIENT_SECRET=your-client-secret
```
2. 配置 GitHub OAuth
```env
GITHUB_CLIENT_ID=your-client-id
GITHUB_CLIENT_SECRET=your-client-secret
```
## OpAMP Fleet Hub
OpenLIT 包含用于集中管理 OpenTelemetry Collector 的 OpAMP 服务器:
- Fleet Hub 访问地址:`http://localhost:3000/fleet-hub`
- OpAMP 端点:`wss://localhost:4320/v1/opamp`(生产模式)
- API 端点:`http://localhost:8080`
对于生产部署,请确保正确的 TLS 配置:
```env
OPAMP_ENVIRONMENT=production
OPAMP_TLS_INSECURE_SKIP_VERIFY=false
OPAMP_TLS_REQUIRE_CLIENT_CERT=true
```
## 支持的集成
OpenLIT 为 50 多种 LLM 提供商、向量数据库和框架提供自动仪表化,包括:
- **LLM 提供商**OpenAI、Anthropic、Cohere、Azure OpenAI、Google Vertex AI、Bedrock 等
- **向量数据库**Pinecone、Weaviate、ChromaDB、Qdrant、Milvus 等
- **框架**LangChain、LlamaIndex、Haystack、AutoGen、CrewAI 等
## 健康检查
OpenLIT 服务包含健康检查以确保正确启动。当满足以下条件时,服务被视为健康:
- Web 界面在配置的端口上响应
- 间隔30 秒
- 超时10 秒
- 启动期60 秒
## 数据持久化
数据持久化在 Docker 卷中:
- `clickhouse_data`ClickHouse 数据库文件
- `openlit_data`OpenLIT 应用程序数据,包括 SQLite 数据库
## 监控
监控部署:
```bash
# 查看日志
docker compose logs -f openlit
# 检查服务状态
docker compose ps
# 查看资源使用情况
docker stats
```
## 安全注意事项
1. **更改默认密码**:在生产环境中更新 `OPENLIT_DB_PASSWORD`
2. **TLS 配置**:对于生产环境,请在 OpAMP 中使用正确的 TLS 证书
3. **OAuth**:考虑启用 OAuth 以增强安全性
4. **网络**:默认情况下,服务在所有接口上公开。在生产环境中考虑使用反向代理
## 故障排除
### 服务无法启动
- 检查日志:`docker compose logs openlit`
- 验证 ClickHouse 是否健康:`docker compose ps`
- 确保端口未被占用
### 无法连接到 OTLP 端点
- 验证防火墙设置
- 检查 `.env` 中的端口配置
- 确保应用程序中的端点 URL 正确
### 资源使用率高
- 在 `.env` 中调整资源限制
- 使用以下命令监控:`docker stats`
- 考虑为大型工作负载扩展 ClickHouse 资源
## 文档
- 官方文档:<https://docs.openlit.io/>
- GitHub 仓库:<https://github.com/openlit/openlit>
- Python SDK<https://github.com/openlit/openlit/tree/main/sdk/python>
- TypeScript SDK<https://github.com/openlit/openlit/tree/main/sdk/typescript>
## 许可证
OpenLIT 采用 Apache-2.0 许可证。
## 支持
- [Slack 社区](https://join.slack.com/t/openlit/shared_invite/zt-2etnfttwg-TjP_7BZXfYg84oAukY8QRQ)
- [Discord](https://discord.gg/CQnXwNT3)
- [GitHub Issues](https://github.com/openlit/openlit/issues)
- [X/Twitter](https://twitter.com/openlit_io)

97
apps/openlit/docker-compose.yaml Normal file
View File

@@ -0,0 +1,97 @@
# OpenLIT - AI Engineering Observability Platform
# OpenLIT provides OpenTelemetry-native LLM Observability, GPU Monitoring,
# Guardrails, Evaluations, Prompt Management, Vault, and Playground.
# Repository: https://github.com/openlit/openlit
x-defaults: &defaults
restart: unless-stopped
logging:
driver: json-file
options:
max-size: 100m
max-file: "3"
services:
clickhouse:
<<: *defaults
image: ${GLOBAL_REGISTRY:-}clickhouse/clickhouse-server:${CLICKHOUSE_VERSION:-24.4.1}
environment:
- TZ=${TZ:-UTC}
- CLICKHOUSE_PASSWORD=${OPENLIT_DB_PASSWORD:-OPENLIT}
- CLICKHOUSE_USER=${OPENLIT_DB_USER:-default}
- CLICKHOUSE_DATABASE=${OPENLIT_DB_NAME:-openlit}
- CLICKHOUSE_ALWAYS_RUN_INITDB_SCRIPTS=true
volumes:
- clickhouse_data:/var/lib/clickhouse
ports:
- "${CLICKHOUSE_HTTP_PORT_OVERRIDE:-8123}:8123"
- "${CLICKHOUSE_NATIVE_PORT_OVERRIDE:-9000}:9000"
healthcheck:
test: ["CMD-SHELL", "clickhouse-client --user=$${CLICKHOUSE_USER} --password=$${CLICKHOUSE_PASSWORD} --query='SELECT 1' || exit 1"]
interval: 5s
timeout: 3s
retries: 10
start_period: 100s
deploy:
resources:
limits:
cpus: ${CLICKHOUSE_CPU_LIMIT:-2.0}
memory: ${CLICKHOUSE_MEMORY_LIMIT:-4G}
reservations:
cpus: ${CLICKHOUSE_CPU_RESERVATION:-0.5}
memory: ${CLICKHOUSE_MEMORY_RESERVATION:-2G}
openlit:
<<: *defaults
image: ${GLOBAL_REGISTRY:-}ghcr.io/openlit/openlit:${OPENLIT_VERSION:-latest}
environment:
- TZ=${TZ:-UTC}
- TELEMETRY_ENABLED=${TELEMETRY_ENABLED:-true}
- INIT_DB_HOST=clickhouse
- INIT_DB_PORT=8123
- INIT_DB_DATABASE=${OPENLIT_DB_NAME:-openlit}
- INIT_DB_USERNAME=${OPENLIT_DB_USER:-default}
- INIT_DB_PASSWORD=${OPENLIT_DB_PASSWORD:-OPENLIT}
- SQLITE_DATABASE_URL=file:/app/client/data/data.db
- PORT=${OPENLIT_INTERNAL_PORT:-3000}
- DOCKER_PORT=${OPENLIT_INTERNAL_PORT:-3000}
# OAuth Configuration (Optional)
- GOOGLE_CLIENT_ID=${GOOGLE_CLIENT_ID:-}
- GOOGLE_CLIENT_SECRET=${GOOGLE_CLIENT_SECRET:-}
- GITHUB_CLIENT_ID=${GITHUB_CLIENT_ID:-}
- GITHUB_CLIENT_SECRET=${GITHUB_CLIENT_SECRET:-}
# OpAMP Server Configuration
- OPAMP_ENVIRONMENT=${OPAMP_ENVIRONMENT:-production}
- OPAMP_CERTS_DIR=/app/opamp/certs
- OPAMP_TLS_INSECURE_SKIP_VERIFY=${OPAMP_TLS_INSECURE_SKIP_VERIFY:-false}
- OPAMP_TLS_REQUIRE_CLIENT_CERT=${OPAMP_TLS_REQUIRE_CLIENT_CERT:-true}
- OPAMP_TLS_MIN_VERSION=${OPAMP_TLS_MIN_VERSION:-1.2}
- OPAMP_TLS_MAX_VERSION=${OPAMP_TLS_MAX_VERSION:-1.3}
- OPAMP_LOG_LEVEL=${OPAMP_LOG_LEVEL:-info}
ports:
- "${OPENLIT_PORT_OVERRIDE:-3000}:${OPENLIT_INTERNAL_PORT:-3000}"
- "${OPENLIT_OTLP_GRPC_PORT_OVERRIDE:-4317}:4317"
- "${OPENLIT_OTLP_HTTP_PORT_OVERRIDE:-4318}:4318"
depends_on:
clickhouse:
condition: service_healthy
volumes:
- openlit_data:/app/client/data
healthcheck:
test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:${OPENLIT_INTERNAL_PORT:-3000}/health"]
interval: 30s
timeout: 10s
retries: 3
start_period: 60s
deploy:
resources:
limits:
cpus: ${OPENLIT_CPU_LIMIT:-1.0}
memory: ${OPENLIT_MEMORY_LIMIT:-2G}
reservations:
cpus: ${OPENLIT_CPU_RESERVATION:-0.25}
memory: ${OPENLIT_MEMORY_RESERVATION:-512M}
volumes:
clickhouse_data:
openlit_data:

43
apps/openobserve/.env.example Normal file
View File

@@ -0,0 +1,43 @@
# OpenObserve Configuration
# Global registry prefix (optional)
# Leave empty to use the default registry (public.ecr.aws/zinclabs/)
GLOBAL_REGISTRY=
# OpenObserve version
# Latest stable version: v0.50.0
OPENOBSERVE_VERSION=v0.50.0
# Timezone configuration
# Default: UTC
TZ=UTC
# OpenObserve web UI port override
# Default: 5080
OPENOBSERVE_PORT_OVERRIDE=5080
# Data directory inside container
# Default: /data
ZO_DATA_DIR=/data
# Root user credentials
# IMPORTANT: Change these default credentials before deploying to production
ZO_ROOT_USER_EMAIL=admin@example.com
ZO_ROOT_USER_PASSWORD=Complexpass#123
# Optional: S3 object storage configuration
# Leave empty to use local disk storage
# If configured, OpenObserve will use S3 for data storage
ZO_S3_BUCKET_NAME=
ZO_S3_REGION_NAME=
ZO_S3_ACCESS_KEY=
ZO_S3_SECRET_KEY=
# Resource limits
# CPU limits (in cores)
OPENOBSERVE_CPU_LIMIT=2.0
OPENOBSERVE_CPU_RESERVATION=0.5
# Memory limits
OPENOBSERVE_MEMORY_LIMIT=2G
OPENOBSERVE_MEMORY_RESERVATION=512M

165
apps/openobserve/README.md Normal file
View File

@@ -0,0 +1,165 @@
# OpenObserve
[OpenObserve](https://openobserve.ai/) is a cloud-native observability platform built specifically for logs, metrics, traces, analytics, and more. It provides 10x easier deployment, 140x lower storage costs, and high performance compared to traditional observability solutions like Elasticsearch, Splunk, and Datadog.
## Features
- **Unified Observability**: Logs, metrics, traces, and frontend monitoring (RUM) in a single platform
- **Cost Efficiency**: 140x lower storage costs compared to Elasticsearch through Parquet columnar storage and S3-native architecture
- **High Performance**: Better query performance than Elasticsearch while using 1/4th the hardware resources
- **Single Binary**: Start with a single binary that scales to terabytes, or deploy in High Availability mode for petabyte-scale workloads
- **Easy to Use**: No complex tuning required, intuitive UI, SQL and PromQL support
- **OpenTelemetry Native**: Built-in OTLP ingestion for logs, metrics, and traces
- **Flexible Storage**: Supports local disk, S3, MinIO, GCS, or Azure Blob Storage
- **Production Ready**: Thousands of deployments worldwide, largest deployment processes 2 PB/day
## Quick Start
1. Copy the environment example file:
```bash
cp .env.example .env
```
2. Edit `.env` and configure:
- `ZO_ROOT_USER_EMAIL`: Admin email (change default)
- `ZO_ROOT_USER_PASSWORD`: Admin password (change default, minimum 8 characters with special chars)
- `OPENOBSERVE_PORT_OVERRIDE`: Web UI port (default: 5080)
3. Start OpenObserve:
```bash
docker compose up -d
```
4. Access the web UI at `http://localhost:5080`
5. Log in with your configured credentials
## Configuration
### Basic Configuration
| Environment Variable | Description | Default |
| --------------------------- | ------------------------------- | ------------------- |
| `OPENOBSERVE_VERSION` | OpenObserve image version | `v0.50.0` |
| `OPENOBSERVE_PORT_OVERRIDE` | Web UI port | `5080` |
| `ZO_ROOT_USER_EMAIL` | Root user email | `admin@example.com` |
| `ZO_ROOT_USER_PASSWORD` | Root user password | `Complexpass#123` |
| `ZO_DATA_DIR` | Data directory inside container | `/data` |
### S3 Object Storage (Optional)
For production deployments, configure S3-compatible object storage:
| Environment Variable | Description |
| -------------------- | -------------- |
| `ZO_S3_BUCKET_NAME` | S3 bucket name |
| `ZO_S3_REGION_NAME` | S3 region |
| `ZO_S3_ACCESS_KEY` | S3 access key |
| `ZO_S3_SECRET_KEY` | S3 secret key |
When S3 is configured, OpenObserve will use it for data storage instead of local volumes.
### Resource Limits
Adjust CPU and memory limits based on your workload:
| Environment Variable | Description | Default |
| -------------------------------- | ------------------ | ------- |
| `OPENOBSERVE_CPU_LIMIT` | Maximum CPU cores | `2.0` |
| `OPENOBSERVE_CPU_RESERVATION` | Reserved CPU cores | `0.5` |
| `OPENOBSERVE_MEMORY_LIMIT` | Maximum memory | `2G` |
| `OPENOBSERVE_MEMORY_RESERVATION` | Reserved memory | `512M` |
## Data Ingestion
OpenObserve supports multiple ingestion methods:
### OpenTelemetry (OTLP)
Send OTLP data to `http://localhost:5080/api/default/` with authentication.
### Logs via HTTP
```bash
curl -u admin@example.com:Complexpass#123 \
-H "Content-Type: application/json" \
http://localhost:5080/api/default/logs/_json \
-d '[{"message": "Hello OpenObserve", "level": "info"}]'
```
### Prometheus Remote Write
Configure Prometheus to use OpenObserve as a remote write target.
See the [official documentation](https://openobserve.ai/docs/ingestion/) for more ingestion methods.
## Architecture
OpenObserve achieves its performance and cost efficiency through:
- **Parquet columnar storage**: Efficient compression and query performance
- **S3-native design**: Leverages inexpensive object storage with intelligent caching
- **Built in Rust**: Memory-safe, high-performance implementation
- **Intelligent partitioning and indexing**: Reduces search space by up to 99% for most queries
- **Stateless architecture**: Enables rapid scaling and disaster recovery
## Volumes
- `openobserve_data`: Stores all data when using local disk storage (not used when S3 is configured)
## Security Considerations
1. **Change default credentials**: Always modify `ZO_ROOT_USER_EMAIL` and `ZO_ROOT_USER_PASSWORD` in production
2. **Password requirements**: Use strong passwords with minimum 8 characters including special characters
3. **Network security**: Consider using a reverse proxy with TLS for production deployments
4. **S3 credentials**: Store S3 credentials securely, consider using IAM roles when possible
5. **Data immutability**: All ingested data is immutable by design for audit compliance
## Upgrading
To upgrade to a new version:
1. Update `OPENOBSERVE_VERSION` in `.env`
2. Pull the new image and restart:
```bash
docker compose pull
docker compose up -d
```
OpenObserve handles schema migrations automatically, no manual steps required.
## Enterprise Features
The Enterprise edition includes:
- Single Sign-On (SSO): OIDC, OAuth, SAML, LDAP/AD
- Advanced RBAC: Role-based access control with custom roles
- Audit trails: Immutable audit logs
- Federated search: Query across multiple clusters
- Sensitive Data Redaction: Automatic PII redaction
- Priority support with SLA guarantees
See [pricing page](https://openobserve.ai/downloads/) for details.
## License
- Open Source Edition: AGPL-3.0
- Enterprise Edition: Commercial license
## Links
- [Official Website](https://openobserve.ai/)
- [Documentation](https://openobserve.ai/docs/)
- [GitHub Repository](https://github.com/openobserve/openobserve)
- [Slack Community](https://short.openobserve.ai/community)
- [Customer Stories](https://openobserve.ai/customer-stories/)
## Support
- Community support via [Slack](https://short.openobserve.ai/community)
- GitHub [Issues](https://github.com/openobserve/openobserve/issues)
- GitHub [Discussions](https://github.com/openobserve/openobserve/discussions)
- Enterprise support available with commercial license

165
apps/openobserve/README.zh.md Normal file
View File

@@ -0,0 +1,165 @@
# OpenObserve
[OpenObserve](https://openobserve.ai/) 是一个专为日志、指标、追踪、分析等构建的云原生可观测平台。与 Elasticsearch、Splunk 和 Datadog 等传统可观测解决方案相比,它提供了 10 倍更简单的部署、140 倍更低的存储成本和高性能。
## 功能特性
- **统一可观测性**日志、指标、追踪和前端监控RUM集成在单一平台
- **成本效益**:通过 Parquet 列式存储和 S3 原生架构,存储成本比 Elasticsearch 低 140 倍
- **高性能**:查询性能优于 Elasticsearch同时仅使用 1/4 的硬件资源
- **单一二进制**:从可扩展至 TB 级的单一二进制开始,或部署高可用模式以处理 PB 级工作负载
- **易于使用**:无需复杂调优,直观的 UI支持 SQL 和 PromQL
- **OpenTelemetry 原生**:内置 OTLP 日志、指标和追踪采集
- **灵活存储**支持本地磁盘、S3、MinIO、GCS 或 Azure Blob 存储
- **生产就绪**:全球数千个部署,最大部署每天处理 2 PB 数据
## 快速开始
1. 复制环境变量示例文件:
```bash
cp .env.example .env
```
2. 编辑 `.env` 并配置:
- `ZO_ROOT_USER_EMAIL`:管理员邮箱(修改默认值)
- `ZO_ROOT_USER_PASSWORD`:管理员密码(修改默认值,最少 8 个字符且包含特殊字符)
- `OPENOBSERVE_PORT_OVERRIDE`Web UI 端口默认5080
3. 启动 OpenObserve
```bash
docker compose up -d
```
4. 访问 Web UI`http://localhost:5080`
5. 使用配置的凭据登录
## 配置说明
### 基础配置
| 环境变量 | 说明 | 默认值 |
| --------------------------- | -------------------- | ------------------- |
| `OPENOBSERVE_VERSION` | OpenObserve 镜像版本 | `v0.50.0` |
| `OPENOBSERVE_PORT_OVERRIDE` | Web UI 端口 | `5080` |
| `ZO_ROOT_USER_EMAIL` | 根用户邮箱 | `admin@example.com` |
| `ZO_ROOT_USER_PASSWORD` | 根用户密码 | `Complexpass#123` |
| `ZO_DATA_DIR` | 容器内数据目录 | `/data` |
### S3 对象存储(可选)
对于生产部署,配置兼容 S3 的对象存储:
| 环境变量 | 说明 |
| ------------------- | ------------- |
| `ZO_S3_BUCKET_NAME` | S3 存储桶名称 |
| `ZO_S3_REGION_NAME` | S3 区域 |
| `ZO_S3_ACCESS_KEY` | S3 访问密钥 |
| `ZO_S3_SECRET_KEY` | S3 密钥 |
配置 S3 后OpenObserve 将使用它进行数据存储,而不是本地卷。
### 资源限制
根据工作负载调整 CPU 和内存限制:
| 环境变量 | 说明 | 默认值 |
| -------------------------------- | --------------- | ------ |
| `OPENOBSERVE_CPU_LIMIT` | 最大 CPU 核心数 | `2.0` |
| `OPENOBSERVE_CPU_RESERVATION` | 预留 CPU 核心数 | `0.5` |
| `OPENOBSERVE_MEMORY_LIMIT` | 最大内存 | `2G` |
| `OPENOBSERVE_MEMORY_RESERVATION` | 预留内存 | `512M` |
## 数据采集
OpenObserve 支持多种采集方式:
### OpenTelemetry (OTLP)
发送 OTLP 数据到 `http://localhost:5080/api/default/` 并进行身份验证。
### 通过 HTTP 采集日志
```bash
curl -u admin@example.com:Complexpass#123 \
-H "Content-Type: application/json" \
http://localhost:5080/api/default/logs/_json \
-d '[{"message": "Hello OpenObserve", "level": "info"}]'
```
### Prometheus 远程写入
配置 Prometheus 使用 OpenObserve 作为远程写入目标。
更多采集方法请参见[官方文档](https://openobserve.ai/docs/ingestion/)。
## 架构
OpenObserve 通过以下方式实现其性能和成本效率:
- **Parquet 列式存储**:高效压缩和查询性能
- **S3 原生设计**:利用廉价对象存储与智能缓存
- **Rust 构建**:内存安全、高性能实现
- **智能分区和索引**:大多数查询可将搜索空间减少高达 99%
- **无状态架构**:支持快速扩展和灾难恢复
## 数据卷
- `openobserve_data`:使用本地磁盘存储时存储所有数据(配置 S3 时不使用)
## 安全注意事项
1. **修改默认凭据**:在生产环境中务必修改 `ZO_ROOT_USER_EMAIL` 和 `ZO_ROOT_USER_PASSWORD`
2. **密码要求**:使用强密码,至少 8 个字符且包含特殊字符
3. **网络安全**:生产部署时考虑使用带 TLS 的反向代理
4. **S3 凭据**:安全存储 S3 凭据,在可能的情况下考虑使用 IAM 角色
5. **数据不可变性**:所有采集的数据在设计上都是不可变的,以满足审计合规要求
## 升级
升级到新版本:
1. 在 `.env` 中更新 `OPENOBSERVE_VERSION`
2. 拉取新镜像并重启:
```bash
docker compose pull
docker compose up -d
```
OpenObserve 会自动处理模式迁移,无需手动步骤。
## 企业版功能
企业版包含:
- 单点登录SSOOIDC、OAuth、SAML、LDAP/AD
- 高级 RBAC基于角色的访问控制与自定义角色
- 审计跟踪:不可变审计日志
- 联合搜索:跨多个集群查询
- 敏感数据脱敏:自动 PII 脱敏
- 带 SLA 保证的优先支持
详情请参见[价格页面](https://openobserve.ai/downloads/)。
## 许可证
- 开源版AGPL-3.0
- 企业版:商业许可证
## 相关链接
- [官方网站](https://openobserve.ai/)
- [文档](https://openobserve.ai/docs/)
- [GitHub 仓库](https://github.com/openobserve/openobserve)
- [Slack 社区](https://short.openobserve.ai/community)
- [客户案例](https://openobserve.ai/customer-stories/)
## 支持
- 通过 [Slack](https://short.openobserve.ai/community) 获得社区支持
- GitHub [Issues](https://github.com/openobserve/openobserve/issues)
- GitHub [Discussions](https://github.com/openobserve/openobserve/discussions)
- 商业许可证提供企业支持

47
apps/openobserve/docker-compose.yaml Normal file
View File

@@ -0,0 +1,47 @@
# Docker Compose configuration for OpenObserve
# OpenObserve is a cloud-native observability platform for logs, metrics, traces, and more
# https://github.com/openobserve/openobserve
x-defaults: &defaults
restart: unless-stopped
logging:
driver: json-file
options:
max-size: 100m
max-file: "3"
services:
openobserve:
<<: *defaults
image: ${GLOBAL_REGISTRY:-public.ecr.aws/zinclabs/}openobserve:${OPENOBSERVE_VERSION:-v0.50.0}
ports:
- "${OPENOBSERVE_PORT_OVERRIDE:-5080}:5080"
volumes:
- openobserve_data:/data
environment:
- TZ=${TZ:-UTC}
- ZO_DATA_DIR=${ZO_DATA_DIR:-/data}
- ZO_ROOT_USER_EMAIL=${ZO_ROOT_USER_EMAIL:-admin@example.com}
- ZO_ROOT_USER_PASSWORD=${ZO_ROOT_USER_PASSWORD:-Complexpass#123}
# Optional: S3 configuration for object storage
- ZO_S3_BUCKET_NAME=${ZO_S3_BUCKET_NAME:-}
- ZO_S3_REGION_NAME=${ZO_S3_REGION_NAME:-}
- ZO_S3_ACCESS_KEY=${ZO_S3_ACCESS_KEY:-}
- ZO_S3_SECRET_KEY=${ZO_S3_SECRET_KEY:-}
healthcheck:
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:5080/healthz"]
interval: 30s
timeout: 10s
retries: 3
start_period: 30s
deploy:
resources:
limits:
cpus: ${OPENOBSERVE_CPU_LIMIT:-2.0}
memory: ${OPENOBSERVE_MEMORY_LIMIT:-2G}
reservations:
cpus: ${OPENOBSERVE_CPU_RESERVATION:-0.5}
memory: ${OPENOBSERVE_MEMORY_RESERVATION:-512M}
volumes:
openobserve_data: