ZooKeeper ACLs Best Practices: Accumulo

/accumulo - Parent ZNode for all of Accumulo use in ZooKeeper

/accumulo/$UUID - Parent ZNode for a specific Accumulo instance

/accumulo/instances - Contains mappings of human-readable Accumulo names to the UUID

/accumulo/$UUID/users - Accumulo user database

/accumulo/$UUID/problems - Persisted advertisement of reported problems in Accumulo

/accumulo/$UUID/root_tables - The “root” Accumulo table (points to the Accumulo metadata table)

/accumulo/$UUID/hdfs_reservations - ZNode to coordinate unique directories in HFDS for bulk imports of Accumulo files to a table

/accumulo/$UUID/gc - Advertisement and leader election for Accumulo GarbageCollector

/accumulo/$UUID/table_locks - RW-locks per Accumulo table

/accumulo/$UUID/fate - Parent znode for Accumulo’s FATE (distributed, multi-step transactions)

/accumulo/$UUID/tservers - Advertisement and ephemeral znodes(keep-alive) for TabletServers

/accumulo/$UUID/tables - The “database” of Accumulo tables (metadata)

/accumulo/$UUID/namespaces - The “database” of Accumulo namespaces (metadata)

/accumulo/$UUID/next_file - Coordinates unique name generation for files in HDFS

/accumulo/$UUID/config - Dynamic configuration for Accumulo

/accumulo/$UUID/masters - Advertisement and leader election for the Accumulo Master

/accumulo/$UUID/monitor - Advertisement and leader election for the Accumulo Monitor

/accumulo/$UUID/bulk_failed_copyq - Tracking files to bulk import which failed

/accumulo/$UUID/recovery - Used to coordinate recovery of write-ahead logs

All znodes not specified otherwise are world-readable and cdrwa ‘accumulo’. Those below are not world-readable:

/accumulo/$UUID/users/*

The user does not need to alter any ACLs in ZooKeeper. Accumulo protects all ZNodes automatically.