WLCG Middleware Package Reporter

Author/Developer: Lionel Cons CERN/IT-SDC


As discussed during our 4th meeting, volunteer sites must publish the packages they have installed so that they can be compared against reference versions.

We have worked with the Pakiti team and the Pakiti v3 client can now be used to submit package information to the MW Readiness collector server. Since 2015-01-06, the Pakiti v3 client is available from EPEL as the pakiti-client rpm.


In order to collect the list of installed packages at volunteer sites, a lightweight client has to be used. It sends its data (in encrypted form) to a collector server located at CERN. The information collected is protected and only the WLCG MW Officer (and the team working with him) can access it.

Technical details:

  • the data is encrypted using openssl smime
  • the encrypted data is sent over HTTP
  • the received data is stored in a MySQL database with restricted access

Site Name

Collected packages are grouped by site so it is very important to use the correct site name. As discussed elsewhere, the volunteer site name may be different from the official name.

In the instructions below, MY-SITE must be replaced by the agreed site name.


In order to report the list of installed packages, a single script has to be installed. The easiest solution is to install it as an rpm. It is available from EPEL so, if your machine already uses EPEL, the following command is enough to get it installed:

  # yum install pakiti-client

If you don't install it via EPEL, please make sure that you install the latest version. You must use at least version 3.0.1 that added support to the tag option.

In addition to the script, a configuration file corresponding to the MW Readiness collector must be present. It is attached to this wiki page and can be downloaded on your machine with something like:

  # cd /etc
  # wget https://twiki.cern.ch/twiki/pub/LCG/MiddlewarePackageReporter/wlcg-mwr-pkgdb.conf

Please make sure you keep the configuration file up to date. The current version is from 5-Aug-2015 and has been changed to define the tag to use for middleware readiness (that is MWR).

The recommended way to use this script is daily, via cron. You can add to your crontab something like:

  # pakiti-client --conf /etc/wlcg-mwr-pkgdb.conf --site MY-SITE --rndsleep 60 --tag MWR


Puppet Installation

For the sites using Puppet, here is what could be used to install and configure the Pakiti v3 client to send information to the MW Readiness collector.

  # package installation
  package { 'pakiti-client':
    ensure => 'installed',
  # script configuration
  $conf = '/etc/wlcg-mwr-pkgdb.conf'
  file { $conf:
    mode   => '0644',
    source => 'puppet:///.../wlcg-mwr-pkgdb.conf',
  # cron definition
  cron { 'wlcg-package-reporter':
    ensure  => 'present',
    command => "pakiti-client --conf ${conf} --site MY-SITE --rndsleep 60 --tag MWR",
    user    => 'nobody',
    hour    => fqdn_rand(24,'pakiti'),
    minute  => fqdn_rand(60,'pakiti'),

This assumes that:

  • the Puppet managed machines use EPEL
  • the wlcg-mwr-pkgdb.conf file has been copied somewhere in Puppet


The pakiti client is now available also via CVMFS grid.cern.ch .

In order to send data to the MW readiness collector site managers can mount the cvmfs grid.cern.ch and use this command in their cron:

/cvmfs/grid.cern.ch/pakiti/bin/pakiti-client --site <site_name> --conf /cvmfs/grid.cern.ch/pakiti/conf/WLCG-MWR.conf


Lionel documented the format used by the pakiti-client script in the script’s man page (in GitHub). Lionel's recommendations:

  • If someone wants to write their own submitter tool, I would strongly recommend to use the pakiti-client script to send the report. This can be done with the --input option. The idea would be to:
    • prepare one or more reports to be sent and save them as files
    • for each file, run pakiti-client with the --input option to send the prepared report(s)
  • If someone wants to filter out the list of packages report, I would strongly recommend to use the pakiti-client script anyway. The idea would be to:
    • run pakiti-client with the --output option to save the report to file instead of sending it
    • edit the saved file to remove the packages that should not be exposed (think “grep -v”)
    • run pakiti-client with the --input option to send the edited report

Report Format

The pakiti-client 's man page contains a description of the report format used.


For more information:
Topic attachments
I Attachment History Action Size Date Who Comment
Unknown file formatconf wlcg-mwr-pkgdb.conf r2 r1 manage 3.3 K 2015-08-05 - 14:11 LionelCons pakiti-client configuration file for the WLCG MiddleWare Readiness Package Database
Edit | Attach | Watch | Print version | History: r15 < r14 < r13 < r12 < r11 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r15 - 2018-02-28 - MaartenLitmaath
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    LCG All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright &© 2008-2023 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
or Ideas, requests, problems regarding TWiki? use Discourse or Send feedback