Key Question
How does ZooKeeper notify clients of changes without polling?
Deep Dive
A watch is a one-time trigger. A client sets a watch on a ZNode by calling get("/path", watch=true). When that ZNode changes (data updated, node deleted, child added), ZooKeeper sends the client a notification. One notification, then the watch is gone.
Watches are delivered BEFORE the change data is visible. The client receives the notification, and then must call get() again (re-registering the watch) to see the new data. This guarantees the client never misses a change between reading and watching.
Timeline:
Client A ZooKeeper Client B
β β β
βββ get(/config, watch) βββββββΊβ β
β β β
β ββββββ set(/config) βββββββ€
β β β
ββββββ watch notification ββββββ€ β
β β β
βββ get(/config, watch) βββββββΊβ (re-register watch) β
ββββββ new config data βββββββββ€ βService discovery in action:
- Worker starts, creates ephemeral ZNode
/workers/worker_42 - Master sets a watch on
/workers(children watch) - Worker crashes β ephemeral ZNode auto-deletes
- ZooKeeper notifies Master:
/workerschildren changed - Master re-registers the watch, lists remaining workers
Since the watch is one-shot, the Master must re-register every time. This is deliberate: it prevents stale watches from piling up and forces the client to acknowledge every state change.
Before crash: After crash:
/workers /workers
/workers/worker_41 /workers/worker_41
/workers/worker_42 β crashβββ (deleted)
β
Master watches /workersCheck Your Understanding
- Why are watches one-shot instead of persistent?
- If a client sets a watch, gets notified, and re-registers β could it miss a change that happened between the notification and re-registration?
- What happens to watches on an ephemeral ZNode when the client session that owns the node crashes?
The βSo What?β
Without watches, clients would need to poll β flooding ZooKeeper with get() calls every few seconds. Watches turn this into a push model: clients sit idle until something interesting happens. This is how systems like Apache Kafka (using ZooKeeper) detect broker failures in under a second without wasting CPU on busy-waiting.
βοΈ Exercises
ZooKeeper: Exercises
Exercise 1
A ZooKeeper lock is held by Client A, which creates an ephemeral ZNode /lock/lock_0000005. Client B is watching, waiting for the lock. Client Aβs machine suddenly loses power. Walk through exactly what happens β which ZNodes get deleted, how does Client B learn about it, and what guarantee does ZooKeeper provide that the lock is released?
Exercise 2
A developer argues: βWatches should be persistent β I donβt want to re-register them after every notification. Itβs just extra code.β Explain why ZooKeeper uses one-shot watches instead of persistent ones. What failure scenarios does one-shot semantics protect against?
Exercise 3
A team decides to store user profiles (name, email, avatar URL, preferences JSON β about 400KB per profile) in ZooKeeper instead of a database. Why is this a bad idea? Reference ZooKeeperβs design constraints, ZAB protocol behavior, and use cases.
ποΈ View Solutions
ZooKeeper: Exercise Solutions
Exercise 1 β Solution
- Client Aβs machine loses power β ZooKeeper detects the session timeout (no heartbeats).
- ZooKeeperβs session management automatically deletes all ephemeral ZNodes owned by Client Aβs session, including
/lock/lock_0000005. - When
/lock/lock_0000005is deleted, Client B (which had set a watch on that node) receives a watch notification. - Client B calls
getChildren("/lock")to list remaining lock contenders. If its ZNode now has the smallest sequence number, it acquires the lock. - Guarantee: ZooKeeper provides no false-positive lock retention β the ephemeral node cannot survive the session. The session timeout bounds the worst-case lock release delay. Network partitions may delay detection, but the lock will be released once the session expires, bounded by the configured session timeout.
Exercise 2 β Solution
One-shot watches protect against the stale-watch problem:
- Scenario: A client sets a persistent watch on
/config. The config changes rapidly 10 times. If the clientβs notification handler is slow or blocked on garbage collection, old notifications queue up. When the client finally processes them, it acts on stale data β or worse, acts on every intermediate change instead of the latest state. - One-shot fix: The client gets one notification, then must re-register. By the time it calls
get("/config", watch=true), it atomically reads the current state. It never acts on old cached data. - Another failure: A crash between notification and processing. With persistent watches, the crash loses watch state on the server but the client doesnβt know. The client restarts thinking it has active watches β it doesnβt. With one-shot semantics, the client must re-register everything on startup anyway.
Exercise 3 β Solution
Four reasons this fails:
-
Size limit: ZooKeeperβs hard limit is 1MB per ZNode, and 1KB is recommended. A 400KB profile saturates the ZNode, and ZAB broadcasts every write to every follower. Profile updates would consume enormous network bandwidth in the ZooKeeper ensemble just to replicate one userβs avatar URL.
-
Read throughput: ZooKeeper is optimized for reads (not writes), but every read goes through the leader for linearizability. With thousands of user profiles being read constantly, the leader becomes a bottleneck β and ZooKeeper is not designed for high-throughput key-value storage.
-
Write amplification: ZAB broadcasts every write to a quorum (at least 2 out of 3 nodes). Each write is flushed to disk. For coordination metadata (a few bytes), this is fine. For 400KB blobs updated every time a user changes their email, the disk I/O and network cost destroy performance.
-
Wrong tool: ZooKeeper solves coordination (leader election, service discovery, configuration). Databases solve storage (querying, indexing, replication, backups). Using ZooKeeper as a database is like using a car engine as a paperweight β it works, but youβre paying for expensive capabilities you donβt need and missing the ones you do.