ZooKeeper ACLs Best Practices: Cruise Control
You must follow the best practices for tightening the ZooKeeper ACLs or permissions for Cruise Control when provisioning a secure cluster.
Cruise Control currently logs into Zookeeper with Kafka credentials. This configuration should not be changed as it will render Cruise Control unable to operate.
A Custom ZooKeeper node,
/CruiseControlBrokerList, is created under the root
node of Kafka to store the failed broker information in case of Kafka broker failure.
For more information about configuring ZooKeeper ACLs for Kafka, see the ZooKeeper ACLs Best Practices: Kafka section.