# Server settings ## builtin_dictionaries_reload_interval The interval in seconds before reloading built-in dictionaries. ClickHouse reloads built-in dictionaries every x seconds. This makes it possible to edit dictionaries "on the fly" without restarting the server. Default value: 3600. **Example** ```xml 3600 ``` ## compression {#server-settings-compression} Data compression settings for [MergeTree](../table_engines/mergetree.md)-engine tables. !!! warning Don't use it if you have just started using ClickHouse. Configuration template: ```xml ... ... ... ... ``` `` fields: - `min_part_size` – The minimum size of a data part. - `min_part_size_ratio` – The ratio of the data part size to the table size. - `method` – Compression method. Acceptable values: `lz4` or `zstd`. You can configure multiple `` sections. Actions when conditions are met: - If a data part matches a condition set, ClickHouse uses the specified compression method. - If a data part matches multiple condition sets, ClickHouse uses the first matched condition set. If no conditions met for a data part, ClickHouse uses the `lz4` compression. **Example** ```xml 10000000000 0.01 zstd ``` ## default_database The default database. To get a list of databases, use the [SHOW DATABASES](../../query_language/show.md#show-databases) query. **Example** ```xml default ``` ## default_profile Default settings profile. Settings profiles are located in the file specified in the parameter `user_config`. **Example** ```xml default ``` ## dictionaries_config {#server_settings-dictionaries_config} The path to the config file for external dictionaries. Path: - Specify the absolute path or the path relative to the server config file. - The path can contain wildcards \* and ?. See also "[External dictionaries](../../query_language/dicts/external_dicts.md)". **Example** ```xml *_dictionary.xml ``` ## dictionaries_lazy_load {#server_settings-dictionaries_lazy_load} Lazy loading of dictionaries. If `true`, then each dictionary is created on first use. If dictionary creation failed, the function that was using the dictionary throws an exception. If `false`, all dictionaries are created when the server starts, and if there is an error, the server shuts down. The default is `true`. **Example** ```xml true ``` ## format_schema_path {#server_settings-format_schema_path} The path to the directory with the schemes for the input data, such as schemas for the [CapnProto](../../interfaces/formats.md#capnproto) format. **Example** ```xml format_schemas/ ``` ## graphite {#server_settings-graphite} Sending data to [Graphite](https://github.com/graphite-project). Settings: - host – The Graphite server. - port – The port on the Graphite server. - interval – The interval for sending, in seconds. - timeout – The timeout for sending data, in seconds. - root_path – Prefix for keys. - metrics – Sending data from the [system.metrics](../system_tables.md#system_tables-metrics) table. - events – Sending deltas data accumulated for the time period from the [system.events](../system_tables.md#system_tables-events) table. - events_cumulative – Sending cumulative data from the [system.events](../system_tables.md#system_tables-events) table. - asynchronous_metrics – Sending data from the [system.asynchronous_metrics](../system_tables.md#system_tables-asynchronous_metrics) table. You can configure multiple `` clauses. For instance, you can use this for sending different data at different intervals. **Example** ```xml localhost 42000 0.1 60 one_min true true false true ``` ## graphite_rollup {#server_settings-graphite_rollup} Settings for thinning data for Graphite. For more details, see [GraphiteMergeTree](../table_engines/graphitemergetree.md). **Example** ```xml max 0 60 3600 300 86400 3600 ``` ## http_port/https_port The port for connecting to the server over HTTP(s). If `https_port` is specified, [openSSL](#server_settings-openssl) must be configured. If `http_port` is specified, the openSSL configuration is ignored even if it is set. **Example** ```xml 0000 ``` ## http_server_default_response The page that is shown by default when you access the ClickHouse HTTP(s) server. **Example** Opens `https://tabix.io/` when accessing ` http://localhost: http_port`. ```xml
]]>
``` ## include_from {#server_settings-include_from} The path to the file with substitutions. For more information, see the section "[Configuration files](../configuration_files.md#configuration_files)". **Example** ```xml /etc/metrica.xml ``` ## interserver_http_port Port for exchanging data between ClickHouse servers. **Example** ```xml 9009 ``` ## interserver_http_host The host name that can be used by other servers to access this server. If omitted, it is defined in the same way as the `hostname-f` command. Useful for breaking away from a specific network interface. **Example** ```xml example.yandex.ru ``` ## interserver_http_credentials {#server-settings-interserver_http_credentials} The username and password used to authenticate during [replication](../table_engines/replication.md) with the Replicated* engines. These credentials are used only for communication between replicas and are unrelated to credentials for ClickHouse clients. The server is checking these credentials for connecting replicas and use the same credentials when connecting to other replicas. So, these credentials should be set the same for all replicas in a cluster. By default, the authentication is not used. This section contains the following parameters: - `user` — username. - `password` — password. **Example** ```xml admin 222 ``` ## keep_alive_timeout The number of seconds that ClickHouse waits for incoming requests before closing the connection. Defaults to 3 seconds. **Example** ```xml 3 ``` ## listen_host {#server_settings-listen_host} Restriction on hosts that requests can come from. If you want the server to answer all of them, specify `::`. Examples: ```xml ::1 127.0.0.1 ``` ## logger {#server_settings-logger} Logging settings. Keys: - level – Logging level. Acceptable values: ``trace``, ``debug``, ``information``, ``warning``, ``error``. - log – The log file. Contains all the entries according to `level`. - errorlog – Error log file. - size – Size of the file. Applies to ``log``and``errorlog``. Once the file reaches ``size``, ClickHouse archives and renames it, and creates a new log file in its place. - count – The number of archived log files that ClickHouse stores. **Example** ```xml trace /var/log/clickhouse-server/clickhouse-server.log /var/log/clickhouse-server/clickhouse-server.err.log 1000M 10 ``` Writing to the syslog is also supported. Config example: ```xml 1
syslog.remote:10514
myhost.local LOG_LOCAL6 syslog
``` Keys: - use_syslog — Required setting if you want to write to the syslog. - address — The host[:port] of syslogd. If omitted, the local daemon is used. - hostname — Optional. The name of the host that logs are sent from. - facility — [The syslog facility keyword](https://en.wikipedia.org/wiki/Syslog#Facility) in uppercase letters with the "LOG_" prefix: (``LOG_USER``, ``LOG_DAEMON``, ``LOG_LOCAL3``, and so on). Default value: ``LOG_USER`` if ``address`` is specified, ``LOG_DAEMON otherwise.`` - format – Message format. Possible values: ``bsd`` and ``syslog.`` ## macros Parameter substitutions for replicated tables. Can be omitted if replicated tables are not used. For more information, see the section "[Creating replicated tables](../../operations/table_engines/replication.md)". **Example** ```xml ``` ## mark_cache_size {#server-mark-cache-size} Approximate size (in bytes) of the cache of marks used by table engines of the [MergeTree](../table_engines/mergetree.md) family. The cache is shared for the server and memory is allocated as needed. The cache size must be at least 5368709120. **Example** ```xml 5368709120 ``` ## max_concurrent_queries The maximum number of simultaneously processed requests. **Example** ```xml 100 ``` ## max_connections The maximum number of inbound connections. **Example** ```xml 4096 ``` ## max_open_files The maximum number of open files. By default: `maximum`. We recommend using this option in Mac OS X, since the `getrlimit()` function returns an incorrect value. **Example** ```xml 262144 ``` ## max_table_size_to_drop Restriction on deleting tables. If the size of a [MergeTree](../table_engines/mergetree.md) table exceeds `max_table_size_to_drop` (in bytes), you can't delete it using a DROP query. If you still need to delete the table without restarting the ClickHouse server, create the `/flags/force_drop_table` file and run the DROP query. Default value: 50 GB. The value 0 means that you can delete all tables without any restrictions. **Example** ```xml 0 ``` ## merge_tree {#server_settings-merge_tree} Fine tuning for tables in the [MergeTree](../table_engines/mergetree.md). For more information, see the MergeTreeSettings.h header file. **Example** ```xml 5 ``` ## openSSL {#server_settings-openssl} SSL client/server configuration. Support for SSL is provided by the `libpoco` library. The interface is described in the file [SSLManager.h](https://github.com/ClickHouse-Extras/poco/blob/master/NetSSL_OpenSSL/include/Poco/Net/SSLManager.h) Keys for server/client settings: - privateKeyFile – The path to the file with the secret key of the PEM certificate. The file may contain a key and certificate at the same time. - certificateFile – The path to the client/server certificate file in PEM format. You can omit it if `privateKeyFile` contains the certificate. - caConfig – The path to the file or directory that contains trusted root certificates. - verificationMode – The method for checking the node's certificates. Details are in the description of the [Context](https://github.com/ClickHouse-Extras/poco/blob/master/NetSSL_OpenSSL/include/Poco/Net/Context.h) class. Possible values: ``none``, ``relaxed``, ``strict``, ``once``. - verificationDepth – The maximum length of the verification chain. Verification will fail if the certificate chain length exceeds the set value. - loadDefaultCAFile – Indicates that built-in CA certificates for OpenSSL will be used. Acceptable values: `true`, `false`. | - cipherList – Supported OpenSSL encryptions. For example: `ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH`. - cacheSessions – Enables or disables caching sessions. Must be used in combination with ``sessionIdContext``. Acceptable values: `true`, `false`. - sessionIdContext – A unique set of random characters that the server appends to each generated identifier. The length of the string must not exceed ``SSL_MAX_SSL_SESSION_ID_LENGTH``. This parameter is always recommended, since it helps avoid problems both if the server caches the session and if the client requested caching. Default value: ``${application.name}``. - sessionCacheSize – The maximum number of sessions that the server caches. Default value: 1024\*20. 0 – Unlimited sessions. - sessionTimeout – Time for caching the session on the server. - extendedVerification – Automatically extended verification of certificates after the session ends. Acceptable values: `true`, `false`. - requireTLSv1 – Require a TLSv1 connection. Acceptable values: `true`, `false`. - requireTLSv1_1 – Require a TLSv1.1 connection. Acceptable values: `true`, `false`. - requireTLSv1 – Require a TLSv1.2 connection. Acceptable values: `true`, `false`. - fips – Activates OpenSSL FIPS mode. Supported if the library's OpenSSL version supports FIPS. - privateKeyPassphraseHandler – Class (PrivateKeyPassphraseHandler subclass) that requests the passphrase for accessing the private key. For example: ````, ``KeyFileHandler``, ``test``, ````. - invalidCertificateHandler – Class (subclass of CertificateHandler) for verifying invalid certificates. For example: `` ConsoleCertificateHandler `` . - disableProtocols – Protocols that are not allowed to use. - preferServerCiphers – Preferred server ciphers on the client. **Example of settings:** ```xml /etc/clickhouse-server/server.crt /etc/clickhouse-server/server.key /etc/clickhouse-server/dhparam.pem none true true sslv2,sslv3 true true true sslv2,sslv3 true RejectCertificateHandler ``` ## part_log {#server_settings-part-log} Logging events that are associated with [MergeTree](../table_engines/mergetree.md). For instance, adding or merging data. You can use the log to simulate merge algorithms and compare their characteristics. You can visualize the merge process. Queries are logged in the [system.part_log](../system_tables.md#system_tables-part-log) table, not in a separate file. You can configure the name of this table in the `table` parameter (see below). Use the following parameters to configure logging: - `database` – Name of the database. - `table` – Name of the system table. - `partition_by` – Sets a [custom partitioning key](../../operations/table_engines/custom_partitioning_key.md). - `flush_interval_milliseconds` – Interval for flushing data from the buffer in memory to the table. **Example** ```xml system part_log
toMonday(event_date) 7500
``` ## path {#server_settings-path} The path to the directory containing data. !!! note The trailing slash is mandatory. **Example** ```xml /var/lib/clickhouse/ ``` ## query_log {#server_settings-query-log} Setting for logging queries received with the [log_queries=1](../settings/settings.md) setting. Queries are logged in the [system.query_log](../system_tables.md#system_tables-query_log) table, not in a separate file. You can change the name of the table in the `table` parameter (see below). Use the following parameters to configure logging: - `database` – Name of the database. - `table` – Name of the system table the queries will be logged in. - `partition_by` – Sets a [custom partitioning key](../../operations/table_engines/custom_partitioning_key.md) for a table. - `flush_interval_milliseconds` – Interval for flushing data from the buffer in memory to the table. If the table doesn't exist, ClickHouse will create it. If the structure of the query log changed when the ClickHouse server was updated, the table with the old structure is renamed, and a new table is created automatically. **Example** ```xml system query_log
toMonday(event_date) 7500
``` ## query_thread_log {#server_settings-query-thread-log} Setting for logging threads of queries received with the [log_query_threads=1](../settings/settings.md#settings-log-query-threads) setting. Queries are logged in the [system.query_thread_log](../system_tables.md#system_tables-query-thread-log) table, not in a separate file. You can change the name of the table in the `table` parameter (see below). Use the following parameters to configure logging: - `database` – Name of the database. - `table` – Name of the system table the queries will be logged in. - `partition_by` – Sets a [custom partitioning key](../../operations/table_engines/custom_partitioning_key.md) for a system table. - `flush_interval_milliseconds` – Interval for flushing data from the buffer in memory to the table. If the table doesn't exist, ClickHouse will create it. If the structure of the query thread log changed when the ClickHouse server was updated, the table with the old structure is renamed, and a new table is created automatically. **Example** ```xml system query_thread_log
toMonday(event_date) 7500
``` ## trace_log {#server_settings-trace_log} Settings for the [trace_log](../system_tables.md#system_tables-trace_log) system table operation. Parameters: - `database` — Database for storing a table. - `table` — Table name. - `partition_by` — [Custom partitioning key](../../operations/table_engines/custom_partitioning_key.md) for a system table. - `flush_interval_milliseconds` — Interval for flushing data from the buffer in memory to the table. The default server configuration file `config.xml` contains the following settings section: ```xml system trace_log
toYYYYMM(event_date) 7500
``` ## query_masking_rules Regexp-based rules, which will be applied to queries as well as all log messages before storing them in server logs, `system.query_log`, `system.text_log`, `system.processes` table, and in logs sent to client. That allows preventing sensitive data leakage from SQL queries (like names / emails / personal identifiers / credit card numbers etc) to logs. **Example** ```xml hide SSN (^|\D)\d{3}-\d{2}-\d{4}($|\D) 000-00-0000 ``` Config fields: - `name` - name for the rule (optional) - `regexp` - RE2 compatible regular expression (mandatory) - `replace` - substitution string for sensitive data (optional, by default - six asterisks) The masking rules are applied on whole query (to prevent leaks of sensitive data from malformed / non parsable queries). `system.events` table have counter `QueryMaskingRulesMatch` which have overall number of query masking rules matches. For distributed queries each server have to be configured separately, otherwise subquries passed to other nodes will be stored without masking. ## remote_servers {#server_settings_remote_servers} Configuration of clusters used by the [Distributed](../../operations/table_engines/distributed.md) table engine and by the `cluster` table function. **Example** ```xml ``` For the value of the `incl` attribute, see the section "[Configuration files](../configuration_files.md#configuration_files)". **See Also** - [skip_unavailable_shards](../settings/settings.md#settings-skip_unavailable_shards) ## timezone {#server_settings-timezone} The server's time zone. Specified as an IANA identifier for the UTC time zone or geographic location (for example, Africa/Abidjan). The time zone is necessary for conversions between String and DateTime formats when DateTime fields are output to text format (printed on the screen or in a file), and when getting DateTime from a string. In addition, the time zone is used in functions that work with the time and date if they didn't receive the time zone in the input parameters. **Example** ```xml Europe/Moscow ``` ## tcp_port {#server_settings-tcp_port} Port for communicating with clients over the TCP protocol. **Example** ```xml 9000 ``` ## tcp_port_secure {#server_settings-tcp_port_secure} TCP port for secure communication with clients. Use it with [OpenSSL](#server_settings-openssl) settings. **Possible values** Positive integer. **Default value** ```xml 9440 ``` ## mysql_port {#server_settings-mysql_port} Port for communicating with clients over MySQL protocol. **Possible values** Positive integer. Example ```xml 9004 ``` ## tmp_path {#server-settings-tmp_path} Path to temporary data for processing large queries. !!! note The trailing slash is mandatory. **Example** ```xml /var/lib/clickhouse/tmp/ ``` ## tmp_policy {#server-settings-tmp_policy} Policy from [`storage_configuration`](../table_engines/mergetree.md#table_engine-mergetree-multiple-volumes) to store temporary files. If not set [`tmp_path`](#server-settings-tmp_path) is used, otherwise it is ignored. !!! note - `move_factor` is ignored - `keep_free_space_bytes` is ignored - `max_data_part_size_bytes` is ignored - you must have exactly one volume in that policy ## uncompressed_cache_size {#server-settings-uncompressed_cache_size} Cache size (in bytes) for uncompressed data used by table engines from the [MergeTree](../table_engines/mergetree.md). There is one shared cache for the server. Memory is allocated on demand. The cache is used if the option [use_uncompressed_cache](../settings/settings.md#setting-use_uncompressed_cache) is enabled. The uncompressed cache is advantageous for very short queries in individual cases. **Example** ```xml 8589934592 ``` ## user_files_path {#server_settings-user_files_path} The directory with user files. Used in the table function [file()](../../query_language/table_functions/file.md). **Example** ```xml /var/lib/clickhouse/user_files/ ``` ## users_config Path to the file that contains: - User configurations. - Access rights. - Settings profiles. - Quota settings. **Example** ```xml users.xml ``` ## zookeeper {#server-settings_zookeeper} Contains settings that allow ClickHouse to interact with a [ZooKeeper](http://zookeeper.apache.org/) cluster. ClickHouse uses ZooKeeper for storing metadata of replicas when using replicated tables. If replicated tables are not used, this section of parameters can be omitted. This section contains the following parameters: - `node` — ZooKeeper endpoint. You can set multiple endpoints. For example: ```xml example_host 2181 ``` The `index` attribute specifies the node order when trying to connect to the ZooKeeper cluster. - `session_timeout` — Maximum timeout for the client session in milliseconds. - `root` — The [znode](http://zookeeper.apache.org/doc/r3.5.5/zookeeperOver.html#Nodes+and+ephemeral+nodes) that is used as the root for znodes used by the ClickHouse server. Optional. - `identity` — User and password, that can be required by ZooKeeper to give access to requested znodes. Optional. **Example configuration** ```xml example1 2181 example2 2181 30000 10000 /path/to/zookeeper/node user:password ``` **See Also** - [Replication](../../operations/table_engines/replication.md) - [ZooKeeper Programmer's Guide](http://zookeeper.apache.org/doc/current/zookeeperProgrammers.html) ## use_minimalistic_part_header_in_zookeeper {#server-settings-use_minimalistic_part_header_in_zookeeper} Storage method for data part headers in ZooKeeper. This setting only applies to the `MergeTree` family. It can be specified: - Globally in the [merge_tree](#server_settings-merge_tree) section of the `config.xml` file. ClickHouse uses the setting for all the tables on the server. You can change the setting at any time. Existing tables change their behavior when the setting changes. - For each individual table. When creating a table, specify the corresponding [engine setting](../table_engines/mergetree.md#table_engine-mergetree-creating-a-table). The behavior of an existing table with this setting does not change, even if the global setting changes. **Possible values** - 0 — Functionality is turned off. - 1 — Functionality is turned on. If `use_minimalistic_part_header_in_zookeeper = 1`, then [replicated](../table_engines/replication.md) tables store the headers of the data parts compactly using a single `znode`. If the table contains many columns, this storage method significantly reduces the volume of the data stored in Zookeeper. !!! attention After applying `use_minimalistic_part_header_in_zookeeper = 1`, you can't downgrade the ClickHouse server to a version that doesn't support this setting. Be careful when upgrading ClickHouse on servers in a cluster. Don't upgrade all the servers at once. It is safer to test new versions of ClickHouse in a test environment, or on just a few servers of a cluster. Data part headers already stored with this setting can't be restored to their previous (non-compact) representation. **Default value:** 0. ## disable_internal_dns_cache {#server-settings-disable_internal_dns_cache} Disables the internal DNS cache. Recommended for operating ClickHouse in systems with frequently changing infrastructure such as Kubernetes. **Default value:** 0. ## dns_cache_update_period {#server-settings-dns_cache_update_period} The period of updating IP addresses stored in the ClickHouse internal DNS cache (in seconds). The update is performed asynchronously, in a separate system thread. **Default value**: 15. [Original article](https://clickhouse.tech/docs/en/operations/server_settings/settings/)