ZooKeeper ACLs Best Practices: YARN

You must follow the best practices for tightening the ZooKeeper ACLs or permissions for YARN when provisioning a secure cluster.

  • ZooKeeper Usage:
    • /yarn-leader-election - used for RM leader election

    • /rmstore - used for storing RM application state

  • Default ACLs:
    • /yarn-leader-election - sasl:[***customized principle upon first launch***]:cdrwa

    • /rmstore - sasl:[***customized principle upon first launch***]:cdrwa