OpenStack Swift reports

openstack_project_swift_verticalIt’s no secret that I love OpenStack Swift. While is not always a two way relationship, I use Swift as much as I can: mostly for long-term backups, serve static websites and even streaming.

While functionalities are awesome, it’s also important to get accounting/usage information of the platform. Out of the box, Swift does not allow an administrator to access even accounting information from a given account. The “standard” approach is to use the Telemetry feature of OpenStack (aka ceilometer), but I’m not a fan of that project either. In my opinion telemetry is  “pumping” so much data that in most of the cases are way too much and I believe that a simpler approach is to be preferred.

To create a report of Swift usage, we need to use the Reseller Admin concept in Swift to query account statistics from a single admin-level user.  The reseller role (named “ResellerAdmin” by default) can operate on any swift account.

While “getting the concept” is a bit tricky (and undocumented as well), the truth is that is quite straightforward to enable it. Create a “ResellerAdmin” role on OpenStack with the command openstack role create ResellerAdmin and grant the role to the user that need to access the containers, ex: the user admin.

Edit the  Swift proxy-server.conf (filter:keystone section) and add the lines highlighted in bold.

use = egg:swift#keystoneauth
operator_roles = admin, SwiftOperator
reseller_admin_role = ResellerAdmin
reseller_prefix = AUTH_
is_admin = true
cache = swift.cache

Now the admin user can enumerate the projects and get statistics of all the projects and containers. It’s now easy enough to cycle through all the projects and get the used bytes, as shown below:

$ swift stat --os-project-name myproject
      Account: AUTH_c9f567ce0c7f484e918ac8fc798f988f
      Containers: 4
      Objects: 325   
      Bytes: 101947377850 
      Containers in policy "policy-0": 4
      Objects in policy "policy-0": 325
      Bytes in policy "policy-0": 101947377850
      X-Account-Project-Domain-Id: default
      X-Timestamp: 1487950953.36228
      X-Trans-Id: tx49e7b3d4e1a24f529fbc6-00594fb813
      Content-Type: text/plain; charset=utf-8
      Accept-Ranges: bytes


Today I’ve released an internal tool we use in GARL. The name is swift-backup and is a simple program written in GO to backup a file.

The aim of this is to have a single multi-platform binary with no dependencies that is able to backup a single file to OpenStack Swift. We use this tool to schedule backup for database dumps and other locally-created backups such as tar.gz from geographically dispersed resources.

You can find the source code here:

Racing with OpenStack

My talk at both OpenStack Days Uk and Italy will have the title of Racing with OpenStack.

I’ve been using OpenStack in several telcos and some banks, but there are other creative ways of using OpenStack as well. The talk shows how OpenStack supported at a car racing event. In detail, it will show how the infrastructure was prepared to  managed cams, live streaming of the event, etc….. Details will be provided on the OpenStack architecture.

“lectio magistralis” in London

On Thursday I had the chance to speak “lectio magistralis” in front of members of different funds in London. They were interested in my opinion on the IT market, not only short term, but also long term (e.g. in the 5 to 10 years). The reason is that these funds are willing to provide long term investments for their private customers and banks.

This conference was a wonderful experience, with a lot of intriguing questions from the funds researcher. This was my very first time speaking to a totally different audience rather to pure IT public. Having said that, I’ve realized how important this really was.

This fund community is perceiving me as someone who is really reliable, understands the IT market, and has a clear vision on short and long term perspectives. Speaking exactly in London as an influential city with a worldwide impact was even more significant.

Will this be a new path in my career? I don’t know. What I know for sure is that technology is my absolute passion and nobody can bring me away from the “keyboard”. However, I feel I’m ready to play even more important roles on the market.

I want to say thank you all, it was my pleasure to take part in this event and speak in front of this committed audience.

Wrap-up OpenStack Ops in Milan

It was very exciting to for me to see the OpenStack Ops Midcycle in Milan (Italy), which is my hometown. I was also very pleased to see a lot of common faces across the community, and Switzerland was well represented with Switch, ZHAV,  University of Zurich, CSCS … and myself.


I personally followed more the tracks about containers: Kolla is becoming increasingly popular among the consultants to deploy OpenStack in a repeatable way. However, the real advantage of Kolla in my humble opinion is all about upgrades: containers allow to upgrade and roll-back the cluster in short period of time, which is essential when you need to operate a production cloud.

The overall feeling that I shared with my “colleagues” of the community is that OpenStack has definitively improved his stability. I started to work on OpenStack since 2010 with the Diablo release and it was a pain to run it at the beginning. While most of the production clusters are on Liberty or Mitaka release, no one is applying special patches to code, as we used to do at the outset.

There are still issues with the non-core projects or the features that are less used and tested, but I can definitively tell that – if you make appropriate decisions and you stick to the stable components – OpenStack can be safely run in production. We’ll see how it goes with the Ocata release, as Nova introduces cells v2.

I need to thank both Savrerio Proto from Switch and the Enter team for having brought such a fantastic event in Milan.

Back on track for 2017

As you’ve already noticed, I wasn’t that active on my social media channels. As you might know 2016 was a very busy and productive business year for me. I’ve spent most of the time in London and Milan, focusing on some exciting projects. For instance, my work for eBay© was to make their application more cloud-aware so that their releases speed up. I’ve also assisted a bank in central London to integrate the cloud into their business routine. In Milan, I’ve concentrated on the kick off at Saipem/ENI© with OpenStack and multi-cloud. I am thankful for these work opportunities and I am looking forward to get involved in new ones.

Having said that, now is the right time to tell you about my resolutions for 2017:

  • Spend more time in Zurich while keeping London as a main landing point.
  • Get on board 2-3 long-term projects that will provide recurring revenues.
  • Keep working on Long-Term Support (LTS) releases concept for OpenStack.
  • Have more time for family and hobbies (such as improving my flying skills).

The key word for 2017 adventure is “simplification”. This is the reason why my next blog post will underline how cloud might be a key component of simplification in IT.

Stay tuned!

SecurePass 0.4.6, focus on OpenStack & cloud

I’m proud to annouce that SecurePass “Dreamliner” 0.4.6. This release has special focus on OpenStack and could deployments in general, as we introduced password-only authentication for service users. Our new command line tool reflect these changes.

Also, we stabilized the driver for OpenStack Keystone and is easier to install and easier to comfigure. Also multiple SecurePass domains are supported as keystone domaijs, as we enabled domain-based comnfiguration. The Keystone driver is freely available on our GitHub page.

Last but not least, our Linux NSS module now supports posix group. Packages for RedHat/CentOS and Suse/OpenSuse are available on the repository. Ubuntu and Debian users should receive updates via backports.

In detail the new features:

  • Added user modify
  • Added password only authentication
  • Added show group information
  • Fix user modify: name and surname were to lowercase
0 comments on “2017 OpenStack Board Election Results”

2017 OpenStack Board Election Results


The 2017 OpenStack Board Elections were held on Friday, January 13, 2017. This year I wasn’t elected to represent the OpenStack community as a Board member. On the bright side, being the 10th in the world with no support of any IMHO company is still a great result. I needed a few more votes to pass the threshold.

Despite this, I want to thank you for your kind support. I appreciate your help and I am very grateful to each one of you who believed in me.

This outcome only motivates me further. I will take advantage of the time until the next Election and will keep working on the Long Term Support (LTS) releases concept. Nevertheless, I am still on the customer’s side, representing their needs and securing stability. I’m already looking forward to a happy and productive year!

For more information, you can check the results here.

0 comments on “Giuseppe Paternò for OpenStack”

Giuseppe Paternò for OpenStack


OpenStack has already become a leading standard for cloud architecture and continues to provide great opportunities for software manufacturers and system integrators. Partly due to its heritage and also because as a result of dynamic ongoing improvements new features are being introduced on a steady basis. At the same time the security mechanisms are being further enhanced. These constant changes are undoubtedly good for development and testing environments but prove rather challenging for IT-departments, especially in the area of Finance and Telecom. The nature of the Open Stack architecture demands professional maintenance and care as well as a measured approach to release changes and implementations of new features. In this context, I am working to implement a Long Term Support (LTS) releases concept, which secures stability for enterprise customers in order to give them the time and freedom to focus on their core business. Achieving this milestone is my main priority, because enterprise customers value stability to a great extent, in particular for their highly complex IT infrastructure.

This January you have the chance to vote again in the 2017 Board Election and choose your board members. My aim, as a candidate, is to take care of OpenStack from the Customer’s point of view, focusing on banking and telecoms. Because of my long experience with OpenStack, I am capable to appreciate the customers’ needs and support them not only through the first installation but also help them to manage new releases both strategically and on a long-term basis. Making sure that the new updates are successfully implemented and properly used is what I do best. Thus, working with customers and ensuring a secure and stable OpenStack community makes “upgrading” far more painless and provides greater value to you – the customers as well as the whole Open Stack community.

If this is applicable to you, please consider voting for me. Making OpenStack the most used platform among enterprises, service providers and outsources is something we can achieve together. Let’s do it here.