diff --git a/.ci/deploy/localenv/Notes.md b/.ci/deploy/localenv/Notes.md
index 0fec7bc52..b55124a0e 100644
--- a/.ci/deploy/localenv/Notes.md
+++ b/.ci/deploy/localenv/Notes.md
@@ -30,6 +30,7 @@ apt-get install nano && nano /etc/hosts
 192.168.56.9 signal.opendut.local
 192.168.56.9 carl.opendut.local
 192.168.56.9 nginx-webdav.opendut.local
+192.168.56.9 opentelemetry.opendut.local
 # ping should work
 ping carl.opendut.local
 
diff --git a/.ci/deploy/localenv/Readme.md b/.ci/deploy/localenv/Readme.md
index acd04a435..85e51062e 100644
--- a/.ci/deploy/localenv/Readme.md
+++ b/.ci/deploy/localenv/Readme.md
@@ -69,4 +69,5 @@ Add the following lines to the `/etc/hosts` file on the host system to access th
 192.168.56.9 signal.opendut.local
 192.168.56.9 carl.opendut.local
 192.168.56.9 nginx-webdav.opendut.local
+192.168.56.9 opentelemetry.opendut.local
 ```
diff --git a/.ci/deploy/localenv/data/pki/recreate.sh b/.ci/deploy/localenv/data/pki/recreate.sh
index ed1c30f83..4c850a006 100755
--- a/.ci/deploy/localenv/data/pki/recreate.sh
+++ b/.ci/deploy/localenv/data/pki/recreate.sh
@@ -22,3 +22,4 @@ OPENDUT_PASSWORD_FILE="${OPENDUT_PASSWORD_FILE:-$HOME/.opendut-ca.pass}"
 "$PKI_ROOT_DIR"./generate-certificate.sh signal.opendut.local
 "$PKI_ROOT_DIR"./generate-certificate.sh carl.opendut.local
 "$PKI_ROOT_DIR"./generate-certificate.sh nginx-webdav.opendut.local
+"$PKI_ROOT_DIR"./generate-certificate.sh opentelemetry.opendut.local
diff --git a/.ci/deploy/localenv/data/provision/pki/recreate.sh b/.ci/deploy/localenv/data/provision/pki/recreate.sh
index 1159c22a4..63c9ce185 100755
--- a/.ci/deploy/localenv/data/provision/pki/recreate.sh
+++ b/.ci/deploy/localenv/data/provision/pki/recreate.sh
@@ -12,3 +12,4 @@ PKI_ROOT_DIR="/provision/"
 "$PKI_ROOT_DIR"./generate-certificate.sh signal.opendut.local
 "$PKI_ROOT_DIR"./generate-certificate.sh carl.opendut.local
 "$PKI_ROOT_DIR"./generate-certificate.sh nginx-webdav.opendut.local
+"$PKI_ROOT_DIR"./generate-certificate.sh opentelemetry.opendut.local
diff --git a/.ci/deploy/localenv/data/telemetry/otel-collector.yml b/.ci/deploy/localenv/data/telemetry/otel-collector.yml
new file mode 100644
index 000000000..64a354a29
--- /dev/null
+++ b/.ci/deploy/localenv/data/telemetry/otel-collector.yml
@@ -0,0 +1,79 @@
+receivers:
+  otlp:
+    protocols:
+      http:
+        endpoint: 0.0.0.0:4318
+      grpc:
+        endpoint: 0.0.0.0:4317
+        auth:
+          authenticator: oidc
+  docker_stats:
+    endpoint: unix:///var/run/docker.sock
+    collection_interval: 15s
+    metrics:
+processors:
+  batch:
+
+  attributes:
+    actions:
+      - action: insert
+        key: loki.attribute.labels
+        value: test
+
+  resource:
+    attributes:
+      - action: insert
+        key: loki.resource.labels
+        value: test
+
+exporters:
+  debug:
+    verbosity: detailed
+  prometheus:
+    endpoint: 0.0.0.0:8889
+    const_labels:
+      project: opendut
+    resource_to_telemetry_conversion: # include information about specific containers
+      enabled: true
+  otlp/tempo:
+    endpoint: tempo:4317
+    tls:
+      insecure: true
+  loki:
+    endpoint: "http://loki:3100/loki/api/v1/push"
+    tls:
+      insecure: true
+    headers:
+      "X-Scope-OrgID": "tenant1"
+    default_labels_enabled:
+      exporter: true
+      job: true
+
+extensions:
+  health_check:
+  pprof:
+    endpoint: :1888
+  zpages:
+    endpoint: :55679
+  oidc:
+    issuer_url: https://auth.opendut.local/realms/opendut  #FIXME hostname wrong?
+    audience: account
+
+service:
+  extensions: [ pprof, zpages, health_check, oidc ]
+  telemetry:
+    logs:
+      level: "debug"
+  pipelines:
+    traces:
+      receivers: [ otlp ]
+      processors: [ batch ]
+      exporters: [ debug, otlp/tempo ]
+    metrics:
+      receivers: [ otlp, docker_stats ]
+      processors: [ batch ]
+      exporters: [ debug, prometheus ]
+    logs:
+      receivers: [ otlp ]
+      processors: [ batch, resource, attributes ]
+      exporters: [ debug, loki ]
diff --git a/.ci/deploy/localenv/docker-compose.yml b/.ci/deploy/localenv/docker-compose.yml
index aeefa10c8..5399c84a4 100644
--- a/.ci/deploy/localenv/docker-compose.yml
+++ b/.ci/deploy/localenv/docker-compose.yml
@@ -124,6 +124,7 @@ services:
           - netbird-api.opendut.local
           - auth.opendut.local
           - signal.opendut.local
+          - opentelemetry.opendut.local  #TODO Is this correct? Why are not all DNS entries here? Do we need a Traefik forwarding rule?
 
 # vaguely derived from: https://github.com/netbirdio/netbird/blob/main/infrastructure_files/docker-compose.yml.tmpl.traefik
   netbird-dashboard:
@@ -455,6 +456,31 @@ services:
     networks:
       - opendut_local
 
+  otel-collector:
+    container_name: otel-collector
+    image: otel/opentelemetry-collector-contrib:0.97.0
+    volumes:
+      - ./data/telemetry/otel-collector.yml:/etc/collector-gateway.yaml
+      - /var/lib/docker/containers:/var/lib/docker/containers:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ./data/secrets/pki/:/pki/:ro
+    environment:
+      - "SSL_CERT_FILE=/pki/opentelemetry.opendut.local.pem"
+    command: [ "--config=/etc/collector-gateway.yaml" ]
+    user: "0"
+    depends_on:
+      - tempo
+      - loki
+    restart: on-failure
+    labels:
+      - traefik.enable=true
+      - traefik.tcp.routers.otel-collector.rule=HostSNI(`opentelemetry.opendut.local`)
+      - traefik.tcp.routers.otel-collector.tls.passthrough=true
+      - traefik.tcp.services.otel-collector.loadbalancer.server.port=80
+    networks:
+      opendut_local:
+        ipv4_address: 192.168.32.220
+
 
 volumes:
   keycloak_postgres_data:
diff --git a/doc/src/user-manual/carl/setup.md b/doc/src/user-manual/carl/setup.md
index 12bb66231..6a052e9fc 100644
--- a/doc/src/user-manual/carl/setup.md
+++ b/doc/src/user-manual/carl/setup.md
@@ -25,6 +25,7 @@ Add the following lines to the `/etc/hosts` file on the host system to access th
     192.168.56.9 signal.opendut.local
     192.168.56.9 carl.opendut.local
     192.168.56.9 nginx-webdav.opendut.local
+    192.168.56.9 opentelemetry.opendut.local
     ```
 5. Start the local test environment using docker compose.
     ```shell
diff --git a/doc/src/user-manual/edgar/setup.md b/doc/src/user-manual/edgar/setup.md
index 59e883f3c..ab9cfaaaa 100644
--- a/doc/src/user-manual/edgar/setup.md
+++ b/doc/src/user-manual/edgar/setup.md
@@ -120,6 +120,7 @@ If your backend server does not have a public DNS entry, you will need to adjust
 123.456.789.101 netbird-api.opendut.local
 123.456.789.101 signal.opendut.local
 123.456.789.101 nginx-webdav.opendut.local
+123.456.789.101 opentelemetry.opendut.local
 ```
 
 Now the following command should complete without errors: