Support Questions
Find answers, ask questions, and share your expertise
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Changing of HBase path


Changing of HBase path




hbase.rootdir is set to hdfs://CLU01/apps/hbase/data, and I do see HBase tables created under /apps/hbase/data/data/default HDFS directory.

How do I alter created tables to be stored under /dev HDFS directory? Actually, how do you generally deal with access rights for HBase tables: HDFS+HBase ACLs or HBase ACLs only?

For example: I've got a Dev team which I'd like to limit to work with /dev directory only, hence HDFS permissions are set. They are mainly working with HBase, so I had to adjust HBase ACLs for them as well (via Ranger), but since hbase.rootdir is set to hdfs://CLU01/apps/hbase/data my HDFS permissions with regards to /dev don't make sense. Does it make sense to move Dev HBase tables to /dev or HBase ACLs should be enough?



Re: Changing of HBase path

You may use namespace for your use-case


Re: Changing of HBase path


HBase, as a database, completely owns ALL of the files under its root directory. Users cannot and should not access the underlying files from HDFS. In a secure setup in HDFS and HBase, by default, the hbase user is the single owner of /apps/hbase/data, and that directory will have 700 as permissions.

However, HBase has it's own ACL model which is applicable at the namespace / table / column family / column / cell level. You can set HBase-level authorization to make it so that users can access only the data that they are supposed to access. HBase will enforce the authorization. Having HBase-level access to a table for a user will not give permissions at the HDFS level to the underlying data files.

Don't have an account?
Coming from Hortonworks? Activate your account here