Release v0.13.2

Merge pull request #178 from carlossg/issue-177
Fix #177 Do not copy labels from canary to primary deployment
2026-02-15 18:40:12 +00:00 · 2019-05-11 15:16:31 +03:00 · 2019-05-11 14:56:22 +03:00 · 2019-05-11 13:42:08 +02:00 · 2019-05-10 12:09:40 +03:00 · 2019-05-10 11:53:12 +03:00
1916 changed files with 277859 additions and 45499 deletions
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -1,6 +1,6 @@
 version: 2.1
 jobs:
-  e2e-testing:
+  e2e-istio-testing:
    machine: true
    steps:
      - checkout
@@ -9,8 +9,46 @@ jobs:
      - run: test/e2e-build.sh
      - run: test/e2e-tests.sh

+  e2e-supergloo-testing:
+    machine: true
+    steps:
+      - checkout
+      - run: test/e2e-kind.sh
+      - run: test/e2e-supergloo.sh
+      - run: test/e2e-build.sh supergloo:test.supergloo-system
+      - run: test/e2e-tests.sh canary
+
+  e2e-nginx-testing:
+    machine: true
+    steps:
+      - checkout
+      - run: test/e2e-kind.sh
+      - run: test/e2e-nginx.sh
+      - run: test/e2e-nginx-build.sh
+      - run: test/e2e-nginx-tests.sh
+
 workflows:
  version: 2
  build-and-test:
    jobs:
-      - e2e-testing
+      - e2e-istio-testing:
+          filters:
+            branches:
+              ignore:
+                - /gh-pages.*/
+                - /docs-.*/
+                - /release-.*/
+      - e2e-supergloo-testing:
+          filters:
+            branches:
+              ignore:
+                - /gh-pages.*/
+                - /docs-.*/
+                - /release-.*/
+      - e2e-nginx-testing:
+          filters:
+            branches:
+              ignore:
+                - /gh-pages.*/
+                - /docs-.*/
+                - /release-.*/
--- a/.codecov.yml
+++ b/.codecov.yml
@@ -6,3 +6,6 @@ coverage:
        threshold: 50
        base: auto
    patch: off
+
+comment:
+  require_changes: yes
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -0,0 +1 @@
+*   @stefanprodan
--- a/.gitignore
+++ b/.gitignore
@@ -13,4 +13,5 @@
 .DS_Store

 bin/
-artifacts/gcloud/
+artifacts/gcloud/
+.idea
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -1,7 +1,7 @@
 builds:
  - main: ./cmd/flagger
    binary: flagger
-    ldflags: -s -w -X github.com/stefanprodan/flagger/pkg/version.REVISION={{.Commit}}
+    ldflags: -s -w -X github.com/weaveworks/flagger/pkg/version.REVISION={{.Commit}}
    goos:
      - linux
    goarch:
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,8 +1,13 @@
 sudo: required
 language: go

+branches:
+  except:
+    - /gh-pages.*/
+    - /docs-.*/
+
 go:
- 1.11.x
+- 1.12.x

 services:
 - docker
@@ -12,16 +17,10 @@ addons:
    packages:
    - docker-ce

-#before_script:
-#  - go get -u sigs.k8s.io/kind
-#  - curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get | bash
-#  - curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && chmod +x kubectl && sudo mv kubectl /usr/local/bin/
-
 script:
-  - set -e
  - make test-fmt
  - make test-codegen
-  - go test -race -coverprofile=coverage.txt -covermode=atomic ./pkg/controller/
+  - go test -race -coverprofile=coverage.txt -covermode=atomic $(go list ./pkg/...)
  - make build

 after_success:
@@ -29,16 +28,16 @@ after_success:
    echo "PR build, skipping image push";
  else
    BRANCH_COMMIT=${TRAVIS_BRANCH}-$(echo ${TRAVIS_COMMIT} | head -c7);
-    docker tag stefanprodan/flagger:latest quay.io/stefanprodan/flagger:${BRANCH_COMMIT};
-    echo $DOCKER_PASS | docker login -u=$DOCKER_USER --password-stdin quay.io;
-    docker push quay.io/stefanprodan/flagger:${BRANCH_COMMIT};
+    docker tag weaveworks/flagger:latest weaveworks/flagger:${BRANCH_COMMIT};
+    echo $DOCKER_PASS | docker login -u=$DOCKER_USER --password-stdin;
+    docker push weaveworks/flagger:${BRANCH_COMMIT};
  fi
 - if [ -z "$TRAVIS_TAG" ]; then
    echo "Not a release, skipping image push";
  else
-    docker tag stefanprodan/flagger:latest quay.io/stefanprodan/flagger:${TRAVIS_TAG};
-    echo $DOCKER_PASS | docker login -u=$DOCKER_USER --password-stdin quay.io;
-    docker push quay.io/stefanprodan/flagger:$TRAVIS_TAG;
+    docker tag weaveworks/flagger:latest weaveworks/flagger:${TRAVIS_TAG};
+    echo $DOCKER_PASS | docker login -u=$DOCKER_USER --password-stdin;
+    docker push weaveworks/flagger:$TRAVIS_TAG;
  fi
 - bash <(curl -s https://codecov.io/bash)
 - rm coverage.txt
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,14 +2,129 @@

 All notable changes to this project are documented in this file.

+## 0.13.2 (2019-04-11) 
+
+Fixes for Jenkins X deployments (prevent the jx GC from removing the primary instance)
+
+#### Fixes
+
+- Do not copy labels from canary to primary deployment [#178](https://github.com/weaveworks/flagger/pull/178)
+
+#### Improvements 
+
+- Add NGINX ingress controller e2e and unit tests [#176](https://github.com/weaveworks/flagger/pull/176) 
+
+## 0.13.1 (2019-04-09) 
+
+Fixes for custom metrics checks and NGINX Prometheus queries 
+
+#### Fixes
+
+- Fix promql queries for custom checks and NGINX [#174](https://github.com/weaveworks/flagger/pull/174)
+
+## 0.13.0 (2019-04-08) 
+
+Adds support for [NGINX](https://docs.flagger.app/usage/nginx-progressive-delivery) ingress controller
+
+#### Features
+
+- Add support for nginx ingress controller (weighted traffic and A/B testing) [#170](https://github.com/weaveworks/flagger/pull/170)
+- Add Prometheus add-on to Flagger Helm chart for App Mesh and NGINX [79b3370](https://github.com/weaveworks/flagger/pull/170/commits/79b337089294a92961bc8446fd185b38c50a32df)
+
+#### Fixes
+
+- Fix duplicate hosts Istio error when using wildcards [#162](https://github.com/weaveworks/flagger/pull/162)
+
+## 0.12.0 (2019-04-29) 
+
+Adds support for [SuperGloo](https://docs.flagger.app/install/flagger-install-with-supergloo)
+
+#### Features
+
+- Supergloo support for canary deployment (weighted traffic) [#151](https://github.com/weaveworks/flagger/pull/151)
+
+## 0.11.1 (2019-04-18) 
+
+Move Flagger and the load tester container images to Docker Hub
+
+#### Features
+
+- Add Bash Automated Testing System support to Flagger tester for running acceptance tests as pre-rollout hooks 
+
+## 0.11.0 (2019-04-17) 
+
+Adds pre/post rollout [webhooks](https://docs.flagger.app/how-it-works#webhooks)
+
+#### Features
+
+- Add `pre-rollout` and `post-rollout` webhook types [#147](https://github.com/weaveworks/flagger/pull/147)
+
+#### Improvements 
+
+- Unify App Mesh and Istio builtin metric checks [#146](https://github.com/weaveworks/flagger/pull/146) 
+- Make the pod selector label configurable [#148](https://github.com/weaveworks/flagger/pull/148)
+
+#### Breaking changes
+
+- Set default `mesh` Istio gateway only if no gateway is specified [#141](https://github.com/weaveworks/flagger/pull/141)
+
+## 0.10.0 (2019-03-27) 
+
+Adds support for App Mesh
+
+#### Features
+
+- AWS App Mesh integration
+    [#107](https://github.com/weaveworks/flagger/pull/107)
+    [#123](https://github.com/weaveworks/flagger/pull/123)
+
+#### Improvements 
+
+- Reconcile Kubernetes ClusterIP services [#122](https://github.com/weaveworks/flagger/pull/122) 
+ 
+#### Fixes
+
+- Preserve pod labels on canary promotion [#105](https://github.com/weaveworks/flagger/pull/105)
+- Fix canary status Prometheus metric [#121](https://github.com/weaveworks/flagger/pull/121)
+
+## 0.9.0 (2019-03-11)
+
+Allows A/B testing scenarios where instead of weighted routing, the traffic is split between the 
+primary and canary based on HTTP headers or cookies.
+
+#### Features
+
+- A/B testing - canary with session affinity [#88](https://github.com/weaveworks/flagger/pull/88)
+
+#### Fixes
+
+- Update the analysis interval when the custom resource changes [#91](https://github.com/weaveworks/flagger/pull/91)
+
+## 0.8.0 (2019-03-06)
+
+Adds support for CORS policy and HTTP request headers manipulation
+
+#### Features
+
+- CORS policy support [#83](https://github.com/weaveworks/flagger/pull/83)
+- Allow headers to be appended to HTTP requests [#82](https://github.com/weaveworks/flagger/pull/82)
+
+#### Improvements 
+
+- Refactor the routing management 
+    [#72](https://github.com/weaveworks/flagger/pull/72) 
+    [#80](https://github.com/weaveworks/flagger/pull/80)
+- Fine-grained RBAC [#73](https://github.com/weaveworks/flagger/pull/73)
+- Add option to limit Flagger to a single namespace [#78](https://github.com/weaveworks/flagger/pull/78)
+
 ## 0.7.0 (2019-02-28)

 Adds support for custom metric checks, HTTP timeouts and HTTP retries

 #### Features

- Allow custom promql queries in the canary analysis spec [##60](https://github.com/stefanprodan/flagger/pull/#60)
- Add HTTP timeout and retries to canary service spec [##62](https://github.com/stefanprodan/flagger/pull/#62)
+- Allow custom promql queries in the canary analysis spec [#60](https://github.com/weaveworks/flagger/pull/60)
+- Add HTTP timeout and retries to canary service spec [#62](https://github.com/weaveworks/flagger/pull/62)

 ## 0.6.0 (2019-02-25)

@@ -19,15 +134,15 @@ to be customized in the service spec of the canary custom resource.

 #### Features

- Add HTTP match conditions and URI rewrite to the canary service spec [#55](https://github.com/stefanprodan/flagger/pull/55)
+- Add HTTP match conditions and URI rewrite to the canary service spec [#55](https://github.com/weaveworks/flagger/pull/55)
 - Update virtual service when the canary service spec changes 
-    [#54](https://github.com/stefanprodan/flagger/pull/54)
-    [#51](https://github.com/stefanprodan/flagger/pull/51)
+    [#54](https://github.com/weaveworks/flagger/pull/54)
+    [#51](https://github.com/weaveworks/flagger/pull/51)

 #### Improvements 

 - Run e2e testing on [Kubernetes Kind](https://github.com/kubernetes-sigs/kind) for canary promotion 
-    [#53](https://github.com/stefanprodan/flagger/pull/53)
+    [#53](https://github.com/weaveworks/flagger/pull/53)

 ## 0.5.1 (2019-02-14)

@@ -35,15 +150,15 @@ Allows skipping the analysis phase to ship changes directly to production

 #### Features

- Add option to skip the canary analysis [#46](https://github.com/stefanprodan/flagger/pull/46)
+- Add option to skip the canary analysis [#46](https://github.com/weaveworks/flagger/pull/46)

 #### Fixes

- Reject deployment if the pod label selector doesn't match `app: <DEPLOYMENT_NAME>` [#43](https://github.com/stefanprodan/flagger/pull/43)
+- Reject deployment if the pod label selector doesn't match `app: <DEPLOYMENT_NAME>` [#43](https://github.com/weaveworks/flagger/pull/43)

 ## 0.5.0 (2019-01-30)

-Track changes in ConfigMaps and Secrets [#37](https://github.com/stefanprodan/flagger/pull/37)
+Track changes in ConfigMaps and Secrets [#37](https://github.com/weaveworks/flagger/pull/37)

 #### Features

@@ -59,7 +174,7 @@ Track changes in ConfigMaps and Secrets [#37](https://github.com/stefanprodan/fl

 ## 0.4.1 (2019-01-24)

-Load testing webhook [#35](https://github.com/stefanprodan/flagger/pull/35)
+Load testing webhook [#35](https://github.com/weaveworks/flagger/pull/35)

 #### Features

@@ -73,7 +188,7 @@ Load testing webhook [#35](https://github.com/stefanprodan/flagger/pull/35)

 ## 0.4.0 (2019-01-18)

-Restart canary analysis if revision changes [#31](https://github.com/stefanprodan/flagger/pull/31)
+Restart canary analysis if revision changes [#31](https://github.com/weaveworks/flagger/pull/31)

 #### Breaking changes

@@ -94,7 +209,7 @@ Restart canary analysis if revision changes [#31](https://github.com/stefanproda

 ## 0.3.0 (2019-01-11)

-Configurable canary analysis duration [#20](https://github.com/stefanprodan/flagger/pull/20)
+Configurable canary analysis duration [#20](https://github.com/weaveworks/flagger/pull/20)

 #### Breaking changes

@@ -109,7 +224,7 @@ Configurable canary analysis duration [#20](https://github.com/stefanprodan/flag

 ## 0.2.0 (2019-01-04)

-Webhooks [#18](https://github.com/stefanprodan/flagger/pull/18)
+Webhooks [#18](https://github.com/weaveworks/flagger/pull/18)

 #### Features

@@ -120,7 +235,7 @@ Webhooks [#18](https://github.com/stefanprodan/flagger/pull/18)

 ## 0.1.2 (2018-12-06)

-Improve Slack notifications [#14](https://github.com/stefanprodan/flagger/pull/14)
+Improve Slack notifications [#14](https://github.com/weaveworks/flagger/pull/14)

 #### Features

@@ -129,7 +244,7 @@ Improve Slack notifications [#14](https://github.com/stefanprodan/flagger/pull/1

 ## 0.1.1 (2018-11-28)

-Canary progress deadline [#10](https://github.com/stefanprodan/flagger/pull/10)
+Canary progress deadline [#10](https://github.com/weaveworks/flagger/pull/10)

 #### Features

--- a/12
+++ b/12
@@ -1,17 +1,17 @@
-FROM golang:1.11
+FROM golang:1.12

-RUN mkdir -p /go/src/github.com/stefanprodan/flagger/
+RUN mkdir -p /go/src/github.com/weaveworks/flagger/

-WORKDIR /go/src/github.com/stefanprodan/flagger
+WORKDIR /go/src/github.com/weaveworks/flagger

 COPY . .

 RUN GIT_COMMIT=$(git rev-list -1 HEAD) && \
    CGO_ENABLED=0 GOOS=linux go build -ldflags "-s -w \
-    -X github.com/stefanprodan/flagger/pkg/version.REVISION=${GIT_COMMIT}" \
+    -X github.com/weaveworks/flagger/pkg/version.REVISION=${GIT_COMMIT}" \
    -a -installsuffix cgo -o flagger ./cmd/flagger/*

-FROM alpine:3.8
+FROM alpine:3.9

 RUN addgroup -S flagger \
    && adduser -S -g flagger flagger \
@@ -19,7 +19,7 @@ RUN addgroup -S flagger \

 WORKDIR /home/flagger

-COPY --from=0 /go/src/github.com/stefanprodan/flagger/flagger .
+COPY --from=0 /go/src/github.com/weaveworks/flagger/flagger .

 RUN chown -R flagger:flagger ./

--- a/Dockerfile.loadtester
+++ b/Dockerfile.loadtester
@@ -1,24 +1,8 @@
-FROM golang:1.11 AS hey-builder
+FROM golang:1.12 AS builder

-RUN mkdir -p /go/src/github.com/rakyll/hey/
+RUN mkdir -p /go/src/github.com/weaveworks/flagger/

-WORKDIR /go/src/github.com/rakyll/hey
-
-ADD https://github.com/rakyll/hey/archive/v0.1.1.tar.gz .
-
-RUN tar xzf v0.1.1.tar.gz --strip 1
-
-RUN go get ./...
-
-RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 \
-  go install -ldflags '-w -extldflags "-static"' \
-  /go/src/github.com/rakyll/hey
-
-FROM golang:1.11 AS builder
-
-RUN mkdir -p /go/src/github.com/stefanprodan/flagger/
-
-WORKDIR /go/src/github.com/stefanprodan/flagger
+WORKDIR /go/src/github.com/weaveworks/flagger

 COPY . .

@@ -26,16 +10,18 @@ RUN go test -race ./pkg/loadtester/

 RUN CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o loadtester ./cmd/loadtester/*

-FROM alpine:3.8
+FROM bats/bats:v1.1.0

 RUN addgroup -S app \
    && adduser -S -g app app \
-    && apk --no-cache add ca-certificates curl
+    && apk --no-cache add ca-certificates curl jq

 WORKDIR /home/app

-COPY --from=hey-builder /go/bin/hey /usr/local/bin/hey
-COPY --from=builder /go/src/github.com/stefanprodan/flagger/loadtester .
+RUN curl -sSLo hey "https://storage.googleapis.com/jblabs/dist/hey_linux_v0.1.2" && \
+chmod +x hey && mv hey /usr/local/bin/hey
+
+COPY --from=builder /go/src/github.com/weaveworks/flagger/loadtester .

 RUN chown -R app:app ./

--- a/Gopkg.lock
+++ b/Gopkg.lock
--- a/Gopkg.toml
+++ b/Gopkg.toml
@@ -11,31 +11,37 @@ required = [
  name = "go.uber.org/zap"
  version = "v1.9.1"

+[[constraint]]
+  name = "gopkg.in/h2non/gock.v1"
+  version = "v1.0.14"
+
 [[override]]
  name = "gopkg.in/yaml.v2"
  version = "v2.2.1"

 [[override]]
  name = "k8s.io/api"
-  version = "kubernetes-1.11.0"
+  version = "kubernetes-1.13.1"

 [[override]]
  name = "k8s.io/apimachinery"
-  version = "kubernetes-1.11.0"
+  version = "kubernetes-1.13.1"

 [[override]]
  name = "k8s.io/code-generator"
-  version = "kubernetes-1.11.0"
+  version = "kubernetes-1.13.1"

 [[override]]
  name = "k8s.io/client-go"
-  version = "kubernetes-1.11.0"
+  version = "kubernetes-1.13.1"

 [[override]]
-  name = "github.com/json-iterator/go"
-  # This is the commit at which k8s depends on this in 1.11
-  # It seems to be broken at HEAD.
-  revision = "f2b4162afba35581b6d4a50d3b8f34e33c144682"
+  name = "k8s.io/apiextensions-apiserver"
+  version = "kubernetes-1.13.1"
+
+[[override]]
+  name = "k8s.io/apiserver"
+  version = "kubernetes-1.13.1"

 [[constraint]]
  name = "github.com/prometheus/client_golang"
@@ -45,13 +51,9 @@ required = [
  name = "github.com/google/go-cmp"
  version = "v0.2.0"

-[[constraint]]
-  name = "github.com/knative/pkg"
-  revision = "f9612ef73847258e381e749c4f45b0f5e03b66e9"
-
 [[override]]
-  name = "github.com/golang/glog"
-  source = "github.com/istio/glog"
+  name = "k8s.io/klog"
+  source = "github.com/stefanprodan/klog"

 [prune]
  go-tests = true
@@ -62,3 +64,11 @@ required = [
  name = "k8s.io/code-generator"
  unused-packages = false
  non-go = false
+
+[[constraint]]
+  name = "github.com/solo-io/supergloo"
+  version = "v0.3.11"
+
+[[constraint]]
+  name = "github.com/solo-io/solo-kit"
+  version = "v0.6.3"
--- a/5
+++ b/5
@@ -0,0 +1,5 @@
+The maintainers are generally available in Slack at
+https://weave-community.slack.com/messages/flagger/ (obtain an invitation
+at https://slack.weave.works/).
+
+Stefan Prodan, Weaveworks <stefan@weave.works> (Slack: @stefan Twitter: @stefanprodan)
--- a/25
+++ b/25
@@ -4,6 +4,7 @@ VERSION_MINOR:=$(shell grep 'VERSION' pkg/version/version.go | awk '{ print $$4
 PATCH:=$(shell grep 'VERSION' pkg/version/version.go | awk '{ print $$4 }' | tr -d '"' | awk -F. '{print $$NF}')
 SOURCE_DIRS = cmd pkg/apis pkg/controller pkg/server pkg/logging pkg/version
 LT_VERSION?=$(shell grep 'VERSION' cmd/loadtester/main.go | awk '{ print $$4 }' | tr -d '"' | head -n1)
+TS=$(shell date +%Y-%m-%d_%H-%M-%S)

 run:
 	go run cmd/flagger/* -kubeconfig=$$HOME/.kube/config -log-level=info \
@@ -11,12 +12,24 @@ run:
 	-slack-url=https://hooks.slack.com/services/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 \
 	-slack-channel="devops-alerts"

+run-appmesh:
+	go run cmd/flagger/* -kubeconfig=$$HOME/.kube/config -log-level=info -mesh-provider=appmesh \
+	-metrics-server=http://acfc235624ca911e9a94c02c4171f346-1585187926.us-west-2.elb.amazonaws.com:9090 \
+	-slack-url=https://hooks.slack.com/services/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 \
+	-slack-channel="devops-alerts"
+
+run-nginx:
+	go run cmd/flagger/* -kubeconfig=$$HOME/.kube/config -log-level=info -mesh-provider=nginx -namespace=nginx \
+	-metrics-server=http://prometheus-weave.istio.weavedx.com \
+	-slack-url=https://hooks.slack.com/services/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 \
+	-slack-channel="devops-alerts"
+
 build:
-	docker build -t stefanprodan/flagger:$(TAG) . -f Dockerfile
+	docker build -t weaveworks/flagger:$(TAG) . -f Dockerfile

 push:
-	docker tag stefanprodan/flagger:$(TAG) quay.io/stefanprodan/flagger:$(VERSION)
-	docker push quay.io/stefanprodan/flagger:$(VERSION)
+	docker tag weaveworks/flagger:$(TAG) weaveworks/flagger:$(VERSION)
+	docker push weaveworks/flagger:$(VERSION)

 fmt:
 	gofmt -l -s -w $(SOURCE_DIRS)
@@ -33,7 +46,7 @@ test: test-fmt test-codegen
 helm-package:
 	cd charts/ && helm package ./*
 	mv charts/*.tgz docs/
-	helm repo index docs --url https://stefanprodan.github.io/flagger --merge ./docs/index.yaml
+	helm repo index docs --url https://weaveworks.github.io/flagger --merge ./docs/index.yaml

 helm-up:
 	helm upgrade --install flagger ./charts/flagger --namespace=istio-system --set crd.create=false
@@ -82,5 +95,5 @@ reset-test:
 	kubectl apply -f ./artifacts/canaries

 loadtester-push:
-	docker build -t quay.io/stefanprodan/flagger-loadtester:$(LT_VERSION) . -f Dockerfile.loadtester
-	docker push quay.io/stefanprodan/flagger-loadtester:$(LT_VERSION)
+	docker build -t weaveworks/flagger-loadtester:$(LT_VERSION) . -f Dockerfile.loadtester
+	docker push weaveworks/flagger-loadtester:$(LT_VERSION)
--- a/README.md
+++ b/README.md
@@ -1,71 +1,57 @@
 # flagger

-[![build](https://travis-ci.org/stefanprodan/flagger.svg?branch=master)](https://travis-ci.org/stefanprodan/flagger)
-[![report](https://goreportcard.com/badge/github.com/stefanprodan/flagger)](https://goreportcard.com/report/github.com/stefanprodan/flagger)
-[![codecov](https://codecov.io/gh/stefanprodan/flagger/branch/master/graph/badge.svg)](https://codecov.io/gh/stefanprodan/flagger)
-[![license](https://img.shields.io/github/license/stefanprodan/flagger.svg)](https://github.com/stefanprodan/flagger/blob/master/LICENSE)
-[![release](https://img.shields.io/github/release/stefanprodan/flagger/all.svg)](https://github.com/stefanprodan/flagger/releases)
+[![build](https://travis-ci.org/weaveworks/flagger.svg?branch=master)](https://travis-ci.org/weaveworks/flagger)
+[![report](https://goreportcard.com/badge/github.com/weaveworks/flagger)](https://goreportcard.com/report/github.com/weaveworks/flagger)
+[![codecov](https://codecov.io/gh/weaveworks/flagger/branch/master/graph/badge.svg)](https://codecov.io/gh/weaveworks/flagger)
+[![license](https://img.shields.io/github/license/weaveworks/flagger.svg)](https://github.com/weaveworks/flagger/blob/master/LICENSE)
+[![release](https://img.shields.io/github/release/weaveworks/flagger/all.svg)](https://github.com/weaveworks/flagger/releases)

 Flagger is a Kubernetes operator that automates the promotion of canary deployments
-using Istio routing for traffic shifting and Prometheus metrics for canary analysis. 
-The canary analysis can be extended with webhooks for running acceptance tests, 
+using Istio, App Mesh or NGINX routing for traffic shifting and Prometheus metrics for canary analysis.
+The canary analysis can be extended with webhooks for running acceptance tests,
 load tests or any other custom validation.

-Flagger implements a control loop that gradually shifts traffic to the canary while measuring key performance 
-indicators like HTTP requests success rate, requests average duration and pods health. 
+Flagger implements a control loop that gradually shifts traffic to the canary while measuring key performance
+indicators like HTTP requests success rate, requests average duration and pods health.
 Based on analysis of the KPIs a canary is promoted or aborted, and the analysis result is published to Slack.

-![flagger-overview](https://raw.githubusercontent.com/stefanprodan/flagger/master/docs/diagrams/flagger-canary-overview.png)
+![flagger-overview](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/diagrams/flagger-canary-overview.png)

-### Documentation
+## Documentation

 Flagger documentation can be found at [docs.flagger.app](https://docs.flagger.app)

 * Install
-    * [Flagger install on Kubernetes](https://docs.flagger.app/install/flagger-install-on-kubernetes)
-    * [Flagger install on GKE](https://docs.flagger.app/install/flagger-install-on-google-cloud)
+  * [Flagger install on Kubernetes](https://docs.flagger.app/install/flagger-install-on-kubernetes)
+  * [Flagger install on GKE Istio](https://docs.flagger.app/install/flagger-install-on-google-cloud)
+  * [Flagger install on EKS App Mesh](https://docs.flagger.app/install/flagger-install-on-eks-appmesh)
+  * [Flagger install with SuperGloo](https://docs.flagger.app/install/flagger-install-with-supergloo)
 * How it works
-    * [Canary custom resource](https://docs.flagger.app/how-it-works#canary-custom-resource)
-    * [Virtual Service](https://docs.flagger.app/how-it-works#virtual-service)
-    * [Canary deployment stages](https://docs.flagger.app/how-it-works#canary-deployment)
-    * [Canary analysis](https://docs.flagger.app/how-it-works#canary-analysis)
-    * [HTTP metrics](https://docs.flagger.app/how-it-works#http-metrics)
-    * [Custom metrics](https://docs.flagger.app/how-it-works#custom-metrics)
-    * [Webhooks](https://docs.flagger.app/how-it-works#webhooks)
-    * [Load testing](https://docs.flagger.app/how-it-works#load-testing)
+  * [Canary custom resource](https://docs.flagger.app/how-it-works#canary-custom-resource)
+  * [Routing](https://docs.flagger.app/how-it-works#istio-routing)
+  * [Canary deployment stages](https://docs.flagger.app/how-it-works#canary-deployment)
+  * [Canary analysis](https://docs.flagger.app/how-it-works#canary-analysis)
+  * [HTTP metrics](https://docs.flagger.app/how-it-works#http-metrics)
+  * [Custom metrics](https://docs.flagger.app/how-it-works#custom-metrics)
+  * [Webhooks](https://docs.flagger.app/how-it-works#webhooks)
+  * [Load testing](https://docs.flagger.app/how-it-works#load-testing)
 * Usage
-    * [Canary promotions and rollbacks](https://docs.flagger.app/usage/progressive-delivery)
-    * [Monitoring](https://docs.flagger.app/usage/monitoring)
-    * [Alerting](https://docs.flagger.app/usage/alerting)
+  * [Istio canary deployments](https://docs.flagger.app/usage/progressive-delivery)
+  * [Istio A/B testing](https://docs.flagger.app/usage/ab-testing)
+  * [App Mesh canary deployments](https://docs.flagger.app/usage/appmesh-progressive-delivery)
+  * [NGINX ingress controller canary deployments](https://docs.flagger.app/usage/nginx-progressive-delivery)
+  * [Monitoring](https://docs.flagger.app/usage/monitoring)
+  * [Alerting](https://docs.flagger.app/usage/alerting)
 * Tutorials
-    * [Canary deployments with Helm charts and Weave Flux](https://docs.flagger.app/tutorials/canary-helm-gitops)
+  * [Canary deployments with Helm charts and Weave Flux](https://docs.flagger.app/tutorials/canary-helm-gitops)

-### Install 
-
-Before installing Flagger make sure you have Istio setup up with Prometheus enabled. 
-If you are new to Istio you can follow my [Istio service mesh walk-through](https://github.com/stefanprodan/istio-gke).
-
-Deploy Flagger in the `istio-system` namespace using Helm:
-
-```bash
-# add the Helm repository
-helm repo add flagger https://flagger.app
-
-# install or upgrade
-helm upgrade -i flagger flagger/flagger \
--namespace=istio-system \
--set metricsServer=http://prometheus.istio-system:9090 
-```
-
-Flagger is compatible with Kubernetes >1.11.0 and Istio >1.0.0.
-
-### Canary CRD
+## Canary CRD

 Flagger takes a Kubernetes deployment and optionally a horizontal pod autoscaler (HPA),
-then creates a series of objects (Kubernetes deployments, ClusterIP services and Istio virtual services).
+then creates a series of objects (Kubernetes deployments, ClusterIP services and Istio or App Mesh virtual services).
 These objects expose the application on the mesh and drive the canary analysis and promotion.

-Flagger keeps track of ConfigMaps and Secrets referenced by a Kubernetes Deployment and triggers a canary analysis if any of those objects change. 
+Flagger keeps track of ConfigMaps and Secrets referenced by a Kubernetes Deployment and triggers a canary analysis if any of those objects change.
 When promoting a workload in production, both code (container images) and configuration (config maps and secrets) are being synchronised.

 For a deployment named _podinfo_, a canary promotion can be defined using Flagger's custom resource:
@@ -96,6 +82,7 @@ spec:
    # Istio gateways (optional)
    gateways:
    - public-gateway.istio-system.svc.cluster.local
+    - mesh
    # Istio virtual service host names (optional)
    hosts:
    - podinfo.example.com
@@ -106,11 +93,17 @@ spec:
    # HTTP rewrite (optional)
    rewrite:
      uri: /
-    # timeout for HTTP requests (optional)
-    timeout: 5s
-    # retry policy when a HTTP request fails (optional)
-    retries:
-      attempts: 3
+    # Envoy timeout and retry policy (optional)
+    headers:
+      request:
+        add:
+          x-envoy-upstream-rq-timeout-ms: "15000"
+          x-envoy-max-retries: "10"
+          x-envoy-retry-on: "gateway-error,connect-failure,refused-stream"
+    # cross-origin resource sharing policy (optional)
+    corsPolicy:
+      allowOrigin:
+        - example.com
  # promote the canary without analysing it (default false)
  skipAnalysis: false
  # define the canary analysis timing and KPIs
@@ -127,13 +120,13 @@ spec:
    stepWeight: 5
    # Istio Prometheus checks
    metrics:
-    # builtin Istio checks
-    - name: istio_requests_total
+    # builtin checks
+    - name: request-success-rate
      # minimum req success rate (non 5xx responses)
      # percentage (0-100)
      threshold: 99
      interval: 1m
-    - name: istio_request_duration_seconds_bucket
+    - name: request-duration
      # maximum req duration P99
      # milliseconds
      threshold: 500
@@ -159,19 +152,45 @@ spec:

 For more details on how the canary analysis and promotion works please [read the docs](https://docs.flagger.app/how-it-works).

-### Roadmap
+## Features

-* Add A/B testing capabilities using fixed routing based on HTTP headers and cookies match conditions
-* Integrate with other service mesh technologies like AWS AppMesh and Linkerd v2
+| Feature                                      | Istio              | App Mesh           | SuperGloo          | NGINX Ingress      |
+| -------------------------------------------- | ------------------ | ------------------ |------------------  |------------------  |
+| Canary deployments (weighted traffic)        | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
+| A/B testing (headers and cookies filters)    | :heavy_check_mark: | :heavy_minus_sign: | :heavy_minus_sign: | :heavy_check_mark: |
+| Load testing                                 | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
+| Webhooks (custom acceptance tests)           | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
+| Request success rate check (L7 metric)       | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
+| Request duration check (L7 metric)           | :heavy_check_mark: | :heavy_minus_sign: | :heavy_check_mark: | :heavy_check_mark: |
+| Custom promql checks                         | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
+| Ingress gateway (CORS, retries and timeouts) | :heavy_check_mark: | :heavy_minus_sign: | :heavy_check_mark: | :heavy_check_mark: |
+
+## Roadmap
+
+* Integrate with other service mesh technologies like Linkerd v2
 * Add support for comparing the canary metrics to the primary ones and do the validation based on the derivation between the two

-### Contributing
+## Contributing

 Flagger is Apache 2.0 licensed and accepts contributions via GitHub pull requests.

-When submitting bug reports please include as much details as possible: 
+When submitting bug reports please include as much details as possible:
+
 * which Flagger version
 * which Flagger CRD version
 * which Kubernetes/Istio version
 * what configuration (canary, virtual service and workloads definitions)
 * what happened (Flagger, Istio Pilot and Proxy logs)
+
+## Getting Help
+
+If you have any questions about Flagger and progressive delivery:
+
+* Read the Flagger [docs](https://docs.flagger.app).
+* Invite yourself to the [Weave community slack](https://slack.weave.works/)
+  and join the [#flagger](https://weave-community.slack.com/messages/flagger/) channel.
+* Join the [Weave User Group](https://www.meetup.com/pro/Weave/) and get invited to online talks,
+  hands-on training and meetups in your area.
+* File an [issue](https://github.com/weaveworks/flagger/issues/new).
+
+Your feedback is always welcome!
--- a/artifacts/ab-testing/canary.yaml
+++ b/artifacts/ab-testing/canary.yaml
@@ -0,0 +1,62 @@
+apiVersion: flagger.app/v1alpha3
+kind: Canary
+metadata:
+  name: abtest
+  namespace: test
+spec:
+  # deployment reference
+  targetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: abtest
+  # the maximum time in seconds for the canary deployment
+  # to make progress before it is rollback (default 600s)
+  progressDeadlineSeconds: 60
+  # HPA reference (optional)
+  autoscalerRef:
+    apiVersion: autoscaling/v2beta1
+    kind: HorizontalPodAutoscaler
+    name: abtest
+  service:
+    # container port
+    port: 9898
+    # Istio gateways (optional)
+    gateways:
+    - public-gateway.istio-system.svc.cluster.local
+    - mesh
+    # Istio virtual service host names (optional)
+    hosts:
+    - abtest.istio.weavedx.com
+  canaryAnalysis:
+    # schedule interval (default 60s)
+    interval: 10s
+    # max number of failed metric checks before rollback
+    threshold: 10
+    # total number of iterations
+    iterations: 10
+    # canary match condition
+    match:
+      - headers:
+          user-agent:
+            regex: "^(?!.*Chrome)(?=.*\bSafari\b).*$"
+      - headers:
+          cookie:
+            regex: "^(.*?;)?(type=insider)(;.*)?$"
+    metrics:
+    - name: request-success-rate
+      # minimum req success rate (non 5xx responses)
+      # percentage (0-100)
+      threshold: 99
+      interval: 1m
+    - name: request-duration
+      # maximum req duration P99
+      # milliseconds
+      threshold: 500
+      interval: 30s
+    # external checks (optional)
+    webhooks:
+      - name: load-test
+        url: http://flagger-loadtester.test/
+        timeout: 5s
+        metadata:
+          cmd: "hey -z 1m -q 10 -c 2 -H 'Cookie: type=insider' http://podinfo.test:9898/"
--- a/artifacts/ab-testing/deployment.yaml
+++ b/artifacts/ab-testing/deployment.yaml
@@ -0,0 +1,67 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: abtest
+  namespace: test
+  labels:
+    app: abtest
+spec:
+  minReadySeconds: 5
+  revisionHistoryLimit: 5
+  progressDeadlineSeconds: 60
+  strategy:
+    rollingUpdate:
+      maxUnavailable: 0
+    type: RollingUpdate
+  selector:
+    matchLabels:
+      app: abtest
+  template:
+    metadata:
+      annotations:
+        prometheus.io/scrape: "true"
+      labels:
+        app: abtest
+    spec:
+      containers:
+      - name: podinfod
+        image: quay.io/stefanprodan/podinfo:1.4.0
+        imagePullPolicy: IfNotPresent
+        ports:
+        - containerPort: 9898
+          name: http
+          protocol: TCP
+        command:
+        - ./podinfo
+        - --port=9898
+        - --level=info
+        - --random-delay=false
+        - --random-error=false
+        env:
+        - name: PODINFO_UI_COLOR
+          value: blue
+        livenessProbe:
+          exec:
+            command:
+            - podcli
+            - check
+            - http
+            - localhost:9898/healthz
+          initialDelaySeconds: 5
+          timeoutSeconds: 5
+        readinessProbe:
+          exec:
+            command:
+            - podcli
+            - check
+            - http
+            - localhost:9898/readyz
+          initialDelaySeconds: 5
+          timeoutSeconds: 5
+        resources:
+          limits:
+            cpu: 2000m
+            memory: 512Mi
+          requests:
+            cpu: 100m
+            memory: 64Mi
--- a/artifacts/ab-testing/hpa.yaml
+++ b/artifacts/ab-testing/hpa.yaml
@@ -0,0 +1,19 @@
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: abtest
+  namespace: test
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: abtest
+  minReplicas: 2
+  maxReplicas: 4
+  metrics:
+  - type: Resource
+    resource:
+      name: cpu
+      # scale up if usage is above
+      # 99% of the requested CPU (100m)
+      targetAverageUtilization: 99
--- a/artifacts/appmesh/canary.yaml
+++ b/artifacts/appmesh/canary.yaml
@@ -0,0 +1,50 @@
+apiVersion: flagger.app/v1alpha3
+kind: Canary
+metadata:
+  name: podinfo
+  namespace: test
+spec:
+  # deployment reference
+  targetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: podinfo
+  # the maximum time in seconds for the canary deployment
+  # to make progress before it is rollback (default 600s)
+  progressDeadlineSeconds: 60
+  # HPA reference (optional)
+  autoscalerRef:
+    apiVersion: autoscaling/v2beta1
+    kind: HorizontalPodAutoscaler
+    name: podinfo
+  service:
+    # container port
+    port: 9898
+    # App Mesh reference
+    meshName: global
+  # define the canary analysis timing and KPIs
+  canaryAnalysis:
+    # schedule interval (default 60s)
+    interval: 10s
+    # max number of failed metric checks before rollback
+    threshold: 10
+    # max traffic percentage routed to canary
+    # percentage (0-100)
+    maxWeight: 50
+    # canary increment step
+    # percentage (0-100)
+    stepWeight: 5
+    # App Mesh Prometheus checks
+    metrics:
+    - name: request-success-rate
+      # minimum req success rate (non 5xx responses)
+      # percentage (0-100)
+      threshold: 99
+      interval: 1m
+    # external checks (optional)
+    webhooks:
+      - name: load-test
+        url: http://flagger-loadtester.test/
+        timeout: 5s
+        metadata:
+          cmd: "hey -z 1m -q 10 -c 2 http://podinfo.test:9898/"
--- a/artifacts/appmesh/deployment.yaml
+++ b/artifacts/appmesh/deployment.yaml
@@ -0,0 +1,65 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: podinfo
+  namespace: test
+  labels:
+    app: podinfo
+spec:
+  minReadySeconds: 5
+  revisionHistoryLimit: 5
+  progressDeadlineSeconds: 60
+  strategy:
+    rollingUpdate:
+      maxUnavailable: 0
+    type: RollingUpdate
+  selector:
+    matchLabels:
+      app: podinfo
+  template:
+    metadata:
+      annotations:
+        prometheus.io/scrape: "true"
+      labels:
+        app: podinfo
+    spec:
+      containers:
+      - name: podinfod
+        image: quay.io/stefanprodan/podinfo:1.4.0
+        imagePullPolicy: IfNotPresent
+        ports:
+        - containerPort: 9898
+          name: http
+          protocol: TCP
+        command:
+        - ./podinfo
+        - --port=9898
+        - --level=info
+        env:
+        - name: PODINFO_UI_COLOR
+          value: blue
+        livenessProbe:
+          exec:
+            command:
+            - podcli
+            - check
+            - http
+            - localhost:9898/healthz
+          initialDelaySeconds: 5
+          timeoutSeconds: 5
+        readinessProbe:
+          exec:
+            command:
+            - podcli
+            - check
+            - http
+            - localhost:9898/readyz
+          initialDelaySeconds: 5
+          timeoutSeconds: 5
+        resources:
+          limits:
+            cpu: 2000m
+            memory: 512Mi
+          requests:
+            cpu: 100m
+            memory: 64Mi
--- a/artifacts/appmesh/global-mesh.yaml
+++ b/artifacts/appmesh/global-mesh.yaml
@@ -0,0 +1,6 @@
+apiVersion: appmesh.k8s.aws/v1beta1
+kind: Mesh
+metadata:
+  name: global
+spec:
+  serviceDiscoveryType: dns
--- a/artifacts/appmesh/hpa.yaml
+++ b/artifacts/appmesh/hpa.yaml
@@ -0,0 +1,19 @@
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: podinfo
+  namespace: test
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: podinfo
+  minReplicas: 2
+  maxReplicas: 4
+  metrics:
+  - type: Resource
+    resource:
+      name: cpu
+      # scale up if usage is above
+      # 99% of the requested CPU (100m)
+      targetAverageUtilization: 99
--- a/artifacts/appmesh/ingress.yaml
+++ b/artifacts/appmesh/ingress.yaml
@@ -0,0 +1,177 @@
+---
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: ingress-config
+  namespace: test
+  labels:
+    app: ingress
+data:
+  envoy.yaml: |
+    static_resources:
+      listeners:
+        - address:
+            socket_address:
+              address: 0.0.0.0
+              port_value: 80
+          filter_chains:
+            - filters:
+                - name: envoy.http_connection_manager
+                  config:
+                    access_log:
+                    - name: envoy.file_access_log
+                      config:
+                        path: /dev/stdout
+                    codec_type: auto
+                    stat_prefix: ingress_http
+                    http_filters:
+                      - name: envoy.router
+                        config: {}
+                    route_config:
+                      name: local_route
+                      virtual_hosts:
+                        - name: local_service
+                          domains: ["*"]
+                          routes:
+                            - match:
+                                prefix: "/"
+                              route:
+                                cluster: podinfo
+                                host_rewrite: podinfo.test
+                                timeout: 15s
+                                retry_policy:
+                                  retry_on: "gateway-error,connect-failure,refused-stream"
+                                  num_retries: 10
+                                  per_try_timeout: 5s
+      clusters:
+        - name: podinfo
+          connect_timeout: 0.30s
+          type: strict_dns
+          lb_policy: round_robin
+          http2_protocol_options: {}
+          hosts:
+            - socket_address:
+                address: podinfo.test
+                port_value: 9898
+    admin:
+      access_log_path: /dev/null
+      address:
+        socket_address:
+          address: 0.0.0.0
+          port_value: 9999
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: ingress
+  namespace: test
+  labels:
+    app: ingress
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: ingress
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxUnavailable: 0
+  template:
+    metadata:
+      labels:
+        app: ingress
+      annotations:
+        prometheus.io/path: "/stats/prometheus"
+        prometheus.io/port: "9999"
+        prometheus.io/scrape: "true"
+        # dummy port to exclude ingress from mesh traffic
+        # only egress should go over the mesh
+        appmesh.k8s.aws/ports: "444"
+    spec:
+      terminationGracePeriodSeconds: 30
+      containers:
+        - name: ingress
+          image: "envoyproxy/envoy-alpine:d920944aed67425f91fc203774aebce9609e5d9a"
+          securityContext:
+            capabilities:
+              drop:
+                - ALL
+              add:
+                - NET_BIND_SERVICE
+          command:
+            - /usr/bin/dumb-init
+            - --
+          args:
+            - /usr/local/bin/envoy
+            - --base-id 30
+            - --v2-config-only
+            - -l
+            - $loglevel
+            - -c
+            - /config/envoy.yaml
+          ports:
+            - name: admin
+              containerPort: 9999
+              protocol: TCP
+            - name: http
+              containerPort: 80
+              protocol: TCP
+            - name: https
+              containerPort: 443
+              protocol: TCP
+          livenessProbe:
+            initialDelaySeconds: 5
+            tcpSocket:
+              port: admin
+          readinessProbe:
+            initialDelaySeconds: 5
+            tcpSocket:
+              port: admin
+          resources:
+            requests:
+              cpu: 100m
+              memory: 64Mi
+          volumeMounts:
+            - name: config
+              mountPath: /config
+      volumes:
+        - name: config
+          configMap:
+            name: ingress-config
+---
+kind: Service
+apiVersion: v1
+metadata:
+  name: ingress
+  namespace: test
+spec:
+  selector:
+    app: ingress
+  ports:
+    - protocol: TCP
+      name: http
+      port: 80
+      targetPort: 80
+    - protocol: TCP
+      name: https
+      port: 443
+      targetPort: 443
+  type: LoadBalancer
+---
+apiVersion: appmesh.k8s.aws/v1beta1
+kind: VirtualNode
+metadata:
+  name: ingress
+  namespace: test
+spec:
+  meshName: global
+  listeners:
+    - portMapping:
+        port: 80
+        protocol: http
+  serviceDiscovery:
+    dns:
+      hostName: ingress.test
+  backends:
+    - virtualService:
+        virtualServiceName: podinfo.test
--- a/artifacts/canaries/canary.yaml
+++ b/artifacts/canaries/canary.yaml
@@ -23,18 +23,25 @@ spec:
    # Istio gateways (optional)
    gateways:
    - public-gateway.istio-system.svc.cluster.local
+    - mesh
    # Istio virtual service host names (optional)
    hosts:
    - app.istio.weavedx.com
-    # Istio virtual service HTTP match conditions (optional)
+    # HTTP match conditions (optional)
    match:
      - uri:
          prefix: /
-    # Istio virtual service HTTP rewrite (optional)
+    # HTTP rewrite (optional)
    rewrite:
      uri: /
-  # for emergency cases when you want to ship changes
-  # in production without analysing the canary
+    # Envoy timeout and retry policy (optional)
+    headers:
+      request:
+        add:
+          x-envoy-upstream-rq-timeout-ms: "15000"
+          x-envoy-max-retries: "10"
+          x-envoy-retry-on: "gateway-error,connect-failure,refused-stream"
+  # promote the canary without analysing it (default false)
  skipAnalysis: false
  canaryAnalysis:
    # schedule interval (default 60s)
@@ -49,12 +56,12 @@ spec:
    stepWeight: 5
    # Istio Prometheus checks
    metrics:
-    - name: istio_requests_total
+    - name: request-success-rate
      # minimum req success rate (non 5xx responses)
      # percentage (0-100)
      threshold: 99
      interval: 1m
-    - name: istio_request_duration_seconds_bucket
+    - name: request-duration
      # maximum req duration P99
      # milliseconds
      threshold: 500
@@ -65,4 +72,6 @@ spec:
        url: http://flagger-loadtester.test/
        timeout: 5s
        metadata:
+          type: cmd
          cmd: "hey -z 1m -q 10 -c 2 http://podinfo.test:9898/"
+          logCmdOutput: "true"
--- a/artifacts/configs/canary.yaml
+++ b/artifacts/configs/canary.yaml
@@ -23,6 +23,7 @@ spec:
    # Istio gateways (optional)
    gateways:
    - public-gateway.istio-system.svc.cluster.local
+    - mesh
    # Istio virtual service host names (optional)
    hosts:
    - app.iowa.weavedx.com
@@ -39,12 +40,12 @@ spec:
    stepWeight: 5
    # Istio Prometheus checks
    metrics:
-    - name: istio_requests_total
+    - name: request-success-rate
      # minimum req success rate (non 5xx responses)
      # percentage (0-100)
      threshold: 99
      interval: 1m
-    - name: istio_request_duration_seconds_bucket
+    - name: request-duration
      # maximum req duration P99
      # milliseconds
      threshold: 500
--- a/artifacts/eks/appmesh-prometheus.yaml
+++ b/artifacts/eks/appmesh-prometheus.yaml
@@ -0,0 +1,264 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+  name: prometheus
+  labels:
+    app: prometheus
+rules:
+  - apiGroups: [""]
+    resources:
+      - nodes
+      - services
+      - endpoints
+      - pods
+      - nodes/proxy
+    verbs: ["get", "list", "watch"]
+  - apiGroups: [""]
+    resources:
+      - configmaps
+    verbs: ["get"]
+  - nonResourceURLs: ["/metrics"]
+    verbs: ["get"]
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+  name: prometheus
+  labels:
+    app: prometheus
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: prometheus
+subjects:
+  - kind: ServiceAccount
+    name: prometheus
+    namespace: appmesh-system
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: prometheus
+  namespace: appmesh-system
+  labels:
+    app: prometheus
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: prometheus
+  namespace: appmesh-system
+  labels:
+    app: prometheus
+data:
+  prometheus.yml: |-
+    global:
+      scrape_interval: 5s
+    scrape_configs:
+
+    # Scrape config for AppMesh Envoy sidecar
+    - job_name: 'appmesh-envoy'
+      metrics_path: /stats/prometheus
+      kubernetes_sd_configs:
+      - role: pod
+
+      relabel_configs:
+      - source_labels: [__meta_kubernetes_pod_container_name]
+        action: keep
+        regex: '^envoy$'
+      - source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port]
+        action: replace
+        regex: ([^:]+)(?::\d+)?;(\d+)
+        replacement: ${1}:9901
+        target_label: __address__
+      - action: labelmap
+        regex: __meta_kubernetes_pod_label_(.+)
+      - source_labels: [__meta_kubernetes_namespace]
+        action: replace
+        target_label: kubernetes_namespace
+      - source_labels: [__meta_kubernetes_pod_name]
+        action: replace
+        target_label: kubernetes_pod_name
+
+      # Exclude high cardinality metrics
+      metric_relabel_configs:
+      - source_labels: [ cluster_name ]
+        regex: '(outbound|inbound|prometheus_stats).*'
+        action: drop
+      - source_labels: [ tcp_prefix ]
+        regex: '(outbound|inbound|prometheus_stats).*'
+        action: drop
+      - source_labels: [ listener_address ]
+        regex: '(.+)'
+        action: drop
+      - source_labels: [ http_conn_manager_listener_prefix ]
+        regex: '(.+)'
+        action: drop
+      - source_labels: [ http_conn_manager_prefix ]
+        regex: '(.+)'
+        action: drop
+      - source_labels: [ __name__ ]
+        regex: 'envoy_tls.*'
+        action: drop
+      - source_labels: [ __name__ ]
+        regex: 'envoy_tcp_downstream.*'
+        action: drop
+      - source_labels: [ __name__ ]
+        regex: 'envoy_http_(stats|admin).*'
+        action: drop
+      - source_labels: [ __name__ ]
+        regex: 'envoy_cluster_(lb|retry|bind|internal|max|original).*'
+        action: drop
+
+    # Scrape config for API servers
+    - job_name: 'kubernetes-apiservers'
+      kubernetes_sd_configs:
+      - role: endpoints
+        namespaces:
+          names:
+          - default
+      scheme: https
+      tls_config:
+        ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+      relabel_configs:
+      - source_labels: [__meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]
+        action: keep
+        regex: kubernetes;https
+
+    # Scrape config for nodes
+    - job_name: 'kubernetes-nodes'
+      scheme: https
+      tls_config:
+        ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+      kubernetes_sd_configs:
+      - role: node
+      relabel_configs:
+      - action: labelmap
+        regex: __meta_kubernetes_node_label_(.+)
+      - target_label: __address__
+        replacement: kubernetes.default.svc:443
+      - source_labels: [__meta_kubernetes_node_name]
+        regex: (.+)
+        target_label: __metrics_path__
+        replacement: /api/v1/nodes/${1}/proxy/metrics
+
+    # scrape config for cAdvisor
+    - job_name: 'kubernetes-cadvisor'
+      scheme: https
+      tls_config:
+        ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+      kubernetes_sd_configs:
+      - role: node
+      relabel_configs:
+      - action: labelmap
+        regex: __meta_kubernetes_node_label_(.+)
+      - target_label: __address__
+        replacement: kubernetes.default.svc:443
+      - source_labels: [__meta_kubernetes_node_name]
+        regex: (.+)
+        target_label: __metrics_path__
+        replacement: /api/v1/nodes/${1}/proxy/metrics/cadvisor
+
+    # scrape config for pods
+    - job_name: kubernetes-pods
+      kubernetes_sd_configs:
+      - role: pod
+      relabel_configs:
+      - action: keep
+        regex: true
+        source_labels:
+        - __meta_kubernetes_pod_annotation_prometheus_io_scrape
+      - source_labels: [ __address__ ]
+        regex: '.*9901.*'
+        action: drop
+      - action: replace
+        regex: (.+)
+        source_labels:
+        - __meta_kubernetes_pod_annotation_prometheus_io_path
+        target_label: __metrics_path__
+      - action: replace
+        regex: ([^:]+)(?::\d+)?;(\d+)
+        replacement: $1:$2
+        source_labels:
+        - __address__
+        - __meta_kubernetes_pod_annotation_prometheus_io_port
+        target_label: __address__
+      - action: labelmap
+        regex: __meta_kubernetes_pod_label_(.+)
+      - action: replace
+        source_labels:
+        - __meta_kubernetes_namespace
+        target_label: kubernetes_namespace
+      - action: replace
+        source_labels:
+        - __meta_kubernetes_pod_name
+        target_label: kubernetes_pod_name
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: prometheus
+  namespace: appmesh-system
+  labels:
+    app: prometheus
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: prometheus
+  template:
+    metadata:
+      labels:
+        app: prometheus
+      annotations:
+        version: "appmesh-v1alpha1"
+    spec:
+      serviceAccountName: prometheus
+      containers:
+        - name: prometheus
+          image: "docker.io/prom/prometheus:v2.7.1"
+          imagePullPolicy: IfNotPresent
+          args:
+            - '--storage.tsdb.retention=6h'
+            - '--config.file=/etc/prometheus/prometheus.yml'
+          ports:
+            - containerPort: 9090
+              name: http
+          livenessProbe:
+            httpGet:
+              path: /-/healthy
+              port: 9090
+          readinessProbe:
+            httpGet:
+              path: /-/ready
+              port: 9090
+          resources:
+            requests:
+              cpu: 10m
+              memory: 128Mi
+          volumeMounts:
+            - name: config-volume
+              mountPath: /etc/prometheus
+      volumes:
+        - name: config-volume
+          configMap:
+            name: prometheus
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: prometheus
+  namespace: appmesh-system
+  labels:
+    name: prometheus
+spec:
+  selector:
+    app: prometheus
+  ports:
+    - name: http
+      protocol: TCP
+      port: 9090
--- a/artifacts/flagger/account.yaml
+++ b/artifacts/flagger/account.yaml
@@ -13,11 +13,56 @@ metadata:
  labels:
    app: flagger
 rules:
- apiGroups: ['*']
-  resources: ['*']
-  verbs: ['*']
- nonResourceURLs: ['*']
-  verbs: ['*']
+  - apiGroups:
+      - ""
+    resources:
+      - events
+      - configmaps
+      - secrets
+      - services
+    verbs: ["*"]
+  - apiGroups:
+      - apps
+    resources:
+      - deployments
+    verbs: ["*"]
+  - apiGroups:
+      - autoscaling
+    resources:
+      - horizontalpodautoscalers
+    verbs: ["*"]
+  - apiGroups:
+      - "extensions"
+    resources:
+      - ingresses
+      - ingresses/status
+    verbs: ["*"]
+  - apiGroups:
+      - flagger.app
+    resources:
+      - canaries
+      - canaries/status
+    verbs: ["*"]
+  - apiGroups:
+      - networking.istio.io
+    resources:
+      - virtualservices
+      - virtualservices/status
+    verbs: ["*"]
+  - apiGroups:
+      - appmesh.k8s.aws
+    resources:
+      - meshes
+      - meshes/status
+      - virtualnodes
+      - virtualnodes/status
+      - virtualservices
+      - virtualservices/status
+    verbs: ["*"]
+  - nonResourceURLs:
+      - /version
+    verbs:
+      - get
 ---
 apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: ClusterRoleBinding
--- a/artifacts/flagger/crd.yaml
+++ b/artifacts/flagger/crd.yaml
@@ -2,6 +2,8 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
  name: canaries.flagger.app
+  annotations:
+    helm.sh/resource-policy: keep
 spec:
  group: flagger.app
  version: v1alpha3
@@ -39,9 +41,9 @@ spec:
      properties:
        spec:
          required:
-          - targetRef
-          - service
-          - canaryAnalysis
+            - targetRef
+            - service
+            - canaryAnalysis
          properties:
            progressDeadlineSeconds:
              type: number
@@ -67,12 +69,28 @@ spec:
                  type: string
                name:
                  type: string
+            ingressRef:
+              anyOf:
+                - type: string
+                - type: object
+              required: ['apiVersion', 'kind', 'name']
+              properties:
+                apiVersion:
+                  type: string
+                kind:
+                  type: string
+                name:
+                  type: string
            service:
              type: object
              required: ['port']
              properties:
                port:
                  type: number
+                portName:
+                  type: string
+                meshName:
+                  type: string
                timeout:
                  type: string
            skipAnalysis:
@@ -82,6 +100,8 @@ spec:
                interval:
                  type: string
                  pattern: "^[0-9]+(m|s)"
+                iterations:
+                  type: number
                threshold:
                  type: number
                maxWeight:
@@ -113,9 +133,36 @@ spec:
                      properties:
                        name:
                          type: string
+                        type:
+                          type: string
+                          enum:
+                            - ""
+                            - pre-rollout
+                            - rollout
+                            - post-rollout
                        url:
                          type: string
                          format: url
                        timeout:
                          type: string
                          pattern: "^[0-9]+(m|s)"
+        status:
+          properties:
+            phase:
+              type: string
+              enum:
+                - ""
+                - Initialized
+                - Progressing
+                - Succeeded
+                - Failed
+            canaryWeight:
+              type: number
+            failedChecks:
+              type: number
+            iterations:
+              type: number
+            lastAppliedSpec:
+              type: string
+            lastTransitionTime:
+              type: string
--- a/artifacts/flagger/deployment.yaml
+++ b/artifacts/flagger/deployment.yaml
@@ -22,7 +22,7 @@ spec:
      serviceAccountName: flagger
      containers:
      - name: flagger
-        image: quay.io/stefanprodan/flagger:0.7.0
+        image: weaveworks/flagger:0.13.2
        imagePullPolicy: IfNotPresent
        ports:
        - name: http
@@ -31,6 +31,7 @@ spec:
        - ./flagger
        - -log-level=info
        - -control-loop-interval=10s
+        - -mesh-provider=$(MESH_PROVIDER)
        - -metrics-server=http://prometheus.istio-system.svc.cluster.local:9090
        livenessProbe:
          exec:
--- a/artifacts/loadtester/config.yaml
+++ b/artifacts/loadtester/config.yaml
@@ -0,0 +1,19 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: flagger-loadtester-bats
+data:
+  tests: |
+    #!/usr/bin/env bats
+
+    @test "check message" {
+      curl -sS http://${URL} | jq -r .message | {
+        run cut -d $' ' -f1
+        [ $output = "greetings" ]
+      }
+    }
+
+    @test "check headers" {
+      curl -sS http://${URL}/headers | grep X-Request-Id
+    }
--- a/artifacts/loadtester/deployment.yaml
+++ b/artifacts/loadtester/deployment.yaml
@@ -17,7 +17,7 @@ spec:
    spec:
      containers:
        - name: loadtester
-          image: quay.io/stefanprodan/flagger-loadtester:0.1.0
+          image: weaveworks/flagger-loadtester:0.3.0
          imagePullPolicy: IfNotPresent
          ports:
            - name: http
@@ -27,7 +27,6 @@ spec:
            - -port=8080
            - -log-level=info
            - -timeout=1h
-            - -log-cmd-output=true
          livenessProbe:
            exec:
              command:
@@ -58,3 +57,11 @@ spec:
          securityContext:
            readOnlyRootFilesystem: true
            runAsUser: 10001
+#          volumeMounts:
+#            - name: tests
+#              mountPath: /bats
+#              readOnly: true
+#      volumes:
+#        - name: tests
+#          configMap:
+#            name: flagger-loadtester-bats
--- a/artifacts/namespaces/test.yaml
+++ b/artifacts/namespaces/test.yaml
@@ -4,3 +4,4 @@ metadata:
  name: test
  labels:
    istio-injection: enabled
+    appmesh.k8s.aws/sidecarInjectorWebhook: enabled
--- a/artifacts/nginx/canary.yaml
+++ b/artifacts/nginx/canary.yaml
@@ -0,0 +1,68 @@
+apiVersion: flagger.app/v1alpha3
+kind: Canary
+metadata:
+  name: podinfo
+  namespace: test
+spec:
+  # deployment reference
+  targetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: podinfo
+  # ingress reference
+  ingressRef:
+    apiVersion: extensions/v1beta1
+    kind: Ingress
+    name: podinfo
+  # HPA reference (optional)
+  autoscalerRef:
+    apiVersion: autoscaling/v2beta1
+    kind: HorizontalPodAutoscaler
+    name: podinfo
+  # the maximum time in seconds for the canary deployment
+  # to make progress before it is rollback (default 600s)
+  progressDeadlineSeconds: 60
+  service:
+    # container port
+    port: 9898
+  canaryAnalysis:
+    # schedule interval (default 60s)
+    interval: 10s
+    # max number of failed metric checks before rollback
+    threshold: 10
+    # max traffic percentage routed to canary
+    # percentage (0-100)
+    maxWeight: 50
+    # canary increment step
+    # percentage (0-100)
+    stepWeight: 5
+    # NGINX Prometheus checks
+    metrics:
+    - name: request-success-rate
+      # minimum req success rate (non 5xx responses)
+      # percentage (0-100)
+      threshold: 99
+      interval: 1m
+    - name: "latency"
+      threshold: 0.5
+      interval: 1m
+      query: |
+        histogram_quantile(0.99,
+          sum(
+            rate(
+              http_request_duration_seconds_bucket{
+                kubernetes_namespace="test",
+                kubernetes_pod_name=~"podinfo-[0-9a-zA-Z]+(-[0-9a-zA-Z]+)"
+              }[1m]
+            )
+          ) by (le)
+        )
+    # external checks (optional)
+    webhooks:
+      - name: load-test
+        url: http://flagger-loadtester.test/
+        timeout: 5s
+        metadata:
+          type: cmd
+          cmd: "hey -z 1m -q 10 -c 2 http://app.example.com/"
+          logCmdOutput: "true"
--- a/artifacts/nginx/deployment.yaml
+++ b/artifacts/nginx/deployment.yaml
@@ -0,0 +1,69 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: podinfo
+  namespace: test
+  labels:
+    app: podinfo
+spec:
+  replicas: 1
+  strategy:
+    rollingUpdate:
+      maxUnavailable: 0
+    type: RollingUpdate
+  selector:
+    matchLabels:
+      app: podinfo
+  template:
+    metadata:
+      annotations:
+        prometheus.io/scrape: "true"
+      labels:
+        app: podinfo
+    spec:
+      containers:
+      - name: podinfod
+        image: quay.io/stefanprodan/podinfo:1.4.0
+        imagePullPolicy: IfNotPresent
+        ports:
+        - containerPort: 9898
+          name: http
+          protocol: TCP
+        command:
+        - ./podinfo
+        - --port=9898
+        - --level=info
+        - --random-delay=false
+        - --random-error=false
+        env:
+        - name: PODINFO_UI_COLOR
+          value: green
+        livenessProbe:
+          exec:
+            command:
+            - podcli
+            - check
+            - http
+            - localhost:9898/healthz
+          failureThreshold: 3
+          periodSeconds: 10
+          successThreshold: 1
+          timeoutSeconds: 2
+        readinessProbe:
+          exec:
+            command:
+            - podcli
+            - check
+            - http
+            - localhost:9898/readyz
+          failureThreshold: 3
+          periodSeconds: 3
+          successThreshold: 1
+          timeoutSeconds: 2
+        resources:
+          limits:
+            cpu: 1000m
+            memory: 256Mi
+          requests:
+            cpu: 100m
+            memory: 16Mi
--- a/artifacts/nginx/hpa.yaml
+++ b/artifacts/nginx/hpa.yaml
@@ -0,0 +1,19 @@
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: podinfo
+  namespace: test
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: podinfo
+  minReplicas: 2
+  maxReplicas: 4
+  metrics:
+  - type: Resource
+    resource:
+      name: cpu
+      # scale up if usage is above
+      # 99% of the requested CPU (100m)
+      targetAverageUtilization: 99
--- a/artifacts/nginx/ingress.yaml
+++ b/artifacts/nginx/ingress.yaml
@@ -0,0 +1,17 @@
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: podinfo
+  namespace: test
+  labels:
+    app: podinfo
+  annotations:
+    kubernetes.io/ingress.class: "nginx"
+spec:
+  rules:
+    - host: app.example.com
+      http:
+        paths:
+          - backend:
+              serviceName: podinfo
+              servicePort: 9898
--- a/artifacts/routing/match.yaml
+++ b/artifacts/routing/match.yaml
@@ -8,13 +8,17 @@ spec:
  - public-gateway.istio-system.svc.cluster.local
  - mesh
  hosts:
-  - podinfo.iowa.weavedx.com
+  - app.istio.weavedx.com
  - podinfo
  http:
  - match:
    - headers:
        user-agent:
          regex: ^(?!.*Chrome)(?=.*\bSafari\b).*$
+      uri:
+        prefix: "/version/"
+    rewrite:
+      uri: /api/info
    route:
    - destination:
        host: podinfo-primary
@@ -26,7 +30,12 @@ spec:
        port:
          number: 9898
      weight: 100
-  - route:
+  - match:
+      - uri:
+          prefix: "/version/"
+    rewrite:
+      uri: /api/info
+    route:
    - destination:
        host: podinfo-primary
        port:
--- a/artifacts/workloads/canary-deployment.yaml
+++ b/artifacts/workloads/canary-deployment.yaml
@@ -23,7 +23,7 @@ spec:
    spec:
      containers:
      - name: podinfod
-        image: quay.io/stefanprodan/podinfo:1.2.0
+        image: quay.io/stefanprodan/podinfo:1.4.0
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 9898
@@ -67,9 +67,3 @@ spec:
          requests:
            cpu: 100m
            memory: 16Mi
-        volumeMounts:
-        - mountPath: /data
-          name: data
-      volumes:
-      - emptyDir: {}
-        name: data
--- a/artifacts/workloads/canary-service.yaml
+++ b/artifacts/workloads/canary-service.yaml
@@ -1,10 +1,8 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: podinfo
+  name: podinfo-canary
  namespace: test
-  labels:
-    app: podinfo
 spec:
  type: ClusterIP
  selector:
--- a/artifacts/workloads/primary-deployment.yaml
+++ b/artifacts/workloads/primary-deployment.yaml
@@ -23,7 +23,7 @@ spec:
    spec:
      containers:
      - name: podinfod
-        image: quay.io/stefanprodan/podinfo:1.1.1
+        image: quay.io/stefanprodan/podinfo:1.4.1
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 9898
--- a/artifacts/workloads/service.yaml
+++ b/artifacts/workloads/service.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: podinfo
+  namespace: test
+spec:
+  type: ClusterIP
+  selector:
+    app: podinfo-primary
+  ports:
+  - name: http
+    port: 9898
+    protocol: TCP
+    targetPort: http
--- a/charts/flagger/Chart.yaml
+++ b/charts/flagger/Chart.yaml
@@ -1,14 +1,14 @@
 apiVersion: v1
 name: flagger
-version: 0.7.0
-appVersion: 0.7.0
+version: 0.13.2
+appVersion: 0.13.2
 kubeVersion: ">=1.11.0-0"
 engine: gotpl
-description: Flagger is a Kubernetes operator that automates the promotion of canary deployments using Istio routing for traffic shifting and Prometheus metrics for canary analysis.
+description: Flagger is a Kubernetes operator that automates the promotion of canary deployments using Istio, App Mesh or NGINX routing for traffic shifting and Prometheus metrics for canary analysis.
 home: https://docs.flagger.app
-icon: https://raw.githubusercontent.com/stefanprodan/flagger/master/docs/logo/flagger-icon.png
+icon: https://raw.githubusercontent.com/weaveworks/flagger/master/docs/logo/flagger-icon.png
 sources:
- https://github.com/stefanprodan/flagger
+- https://github.com/weaveworks/flagger
 maintainers:
 - name: stefanprodan
  url: https://github.com/stefanprodan
@@ -16,4 +16,5 @@ maintainers:
 keywords:
 - canary
 - istio
+- appmesh
 - gitops
--- a/charts/flagger/README.md
+++ b/charts/flagger/README.md
@@ -1,6 +1,6 @@
 # Flagger

-[Flagger](https://github.com/stefanprodan/flagger) is a Kubernetes operator that automates the promotion of 
+[Flagger](https://github.com/weaveworks/flagger) is a Kubernetes operator that automates the promotion of 
 canary deployments using Istio routing for traffic shifting and Prometheus metrics for canary analysis. 
 Flagger implements a control loop that gradually shifts traffic to the canary while measuring key performance indicators
 like HTTP requests success rate, requests average duration and pods health.
@@ -45,7 +45,7 @@ The following tables lists the configurable parameters of the Flagger chart and

 Parameter | Description | Default
 --- | --- | ---
-`image.repository` | image repository | `quay.io/stefanprodan/flagger`
+`image.repository` | image repository | `weaveworks/flagger`
 `image.tag` | image tag | `<VERSION>`
 `image.pullPolicy` | image pull policy | `IfNotPresent`
 `metricsServer` | Prometheus URL | `http://prometheus.istio-system:9090`
--- a/charts/flagger/templates/crd.yaml
+++ b/charts/flagger/templates/crd.yaml
@@ -3,6 +3,8 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
  name: canaries.flagger.app
+  annotations:
+    helm.sh/resource-policy: keep
 spec:
  group: flagger.app
  version: v1alpha3
@@ -68,12 +70,28 @@ spec:
                  type: string
                name:
                  type: string
+            ingressRef:
+              anyOf:
+                - type: string
+                - type: object
+              required: ['apiVersion', 'kind', 'name']
+              properties:
+                apiVersion:
+                  type: string
+                kind:
+                  type: string
+                name:
+                  type: string
            service:
              type: object
              required: ['port']
              properties:
                port:
                  type: number
+                portName:
+                  type: string
+                meshName:
+                  type: string
                timeout:
                  type: string
            skipAnalysis:
@@ -83,6 +101,8 @@ spec:
                interval:
                  type: string
                  pattern: "^[0-9]+(m|s)"
+                iterations:
+                  type: number
                threshold:
                  type: number
                maxWeight:
@@ -114,10 +134,37 @@ spec:
                      properties:
                        name:
                          type: string
+                        type:
+                          type: string
+                          enum:
+                            - ""
+                            - pre-rollout
+                            - rollout
+                            - post-rollout
                        url:
                          type: string
                          format: url
                        timeout:
                          type: string
                          pattern: "^[0-9]+(m|s)"
+        status:
+          properties:
+            phase:
+              type: string
+              enum:
+                - ""
+                - Initialized
+                - Progressing
+                - Succeeded
+                - Failed
+            canaryWeight:
+              type: number
+            failedChecks:
+              type: number
+            iterations:
+              type: number
+            lastAppliedSpec:
+              type: string
+            lastTransitionTime:
+              type: string
 {{- end }}
--- a/charts/flagger/templates/deployment.yaml
+++ b/charts/flagger/templates/deployment.yaml
@@ -35,7 +35,17 @@ spec:
          command:
          - ./flagger
          - -log-level=info
+          {{- if .Values.meshProvider }}
+          - -mesh-provider={{ .Values.meshProvider }}
+          {{- end }}
+          {{- if .Values.prometheus.install }}
+          - -metrics-server=http://{{ template "flagger.fullname" . }}-prometheus:9090
+          {{- else }}
          - -metrics-server={{ .Values.metricsServer }}
+          {{- end }}
+          {{- if .Values.namespace }}
+          - -namespace={{ .Values.namespace }}
+          {{- end }}
          {{- if .Values.slack.url }}
          - -slack-url={{ .Values.slack.url }}
          - -slack-user={{ .Values.slack.user }}
--- a/charts/flagger/templates/prometheus.yaml
+++ b/charts/flagger/templates/prometheus.yaml
@@ -0,0 +1,292 @@
+{{- if .Values.prometheus.install }}
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+  name: {{ template "flagger.fullname" . }}-prometheus
+  labels:
+    helm.sh/chart: {{ template "flagger.chart" . }}
+    app.kubernetes.io/name: {{ template "flagger.name" . }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+rules:
+  - apiGroups: [""]
+    resources:
+      - nodes
+      - services
+      - endpoints
+      - pods
+      - nodes/proxy
+    verbs: ["get", "list", "watch"]
+  - apiGroups: [""]
+    resources:
+      - configmaps
+    verbs: ["get"]
+  - nonResourceURLs: ["/metrics"]
+    verbs: ["get"]
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "flagger.fullname" . }}-prometheus
+  labels:
+    helm.sh/chart: {{ template "flagger.chart" . }}
+    app.kubernetes.io/name: {{ template "flagger.name" . }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "flagger.fullname" . }}-prometheus
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "flagger.serviceAccountName" . }}-prometheus
+    namespace: {{ .Release.Namespace }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "flagger.serviceAccountName" . }}-prometheus
+  namespace: {{ .Release.Namespace }}
+  labels:
+    helm.sh/chart: {{ template "flagger.chart" . }}
+    app.kubernetes.io/name: {{ template "flagger.name" . }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "flagger.fullname" . }}-prometheus
+  namespace: {{ .Release.Namespace }}
+  labels:
+    helm.sh/chart: {{ template "flagger.chart" . }}
+    app.kubernetes.io/name: {{ template "flagger.name" . }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+data:
+  prometheus.yml: |-
+    global:
+      scrape_interval: 5s
+    scrape_configs:
+
+    # Scrape config for AppMesh Envoy sidecar
+    - job_name: 'appmesh-envoy'
+      metrics_path: /stats/prometheus
+      kubernetes_sd_configs:
+      - role: pod
+
+      relabel_configs:
+      - source_labels: [__meta_kubernetes_pod_container_name]
+        action: keep
+        regex: '^envoy$'
+      - source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port]
+        action: replace
+        regex: ([^:]+)(?::\d+)?;(\d+)
+        replacement: ${1}:9901
+        target_label: __address__
+      - action: labelmap
+        regex: __meta_kubernetes_pod_label_(.+)
+      - source_labels: [__meta_kubernetes_namespace]
+        action: replace
+        target_label: kubernetes_namespace
+      - source_labels: [__meta_kubernetes_pod_name]
+        action: replace
+        target_label: kubernetes_pod_name
+
+      # Exclude high cardinality metrics
+      metric_relabel_configs:
+      - source_labels: [ cluster_name ]
+        regex: '(outbound|inbound|prometheus_stats).*'
+        action: drop
+      - source_labels: [ tcp_prefix ]
+        regex: '(outbound|inbound|prometheus_stats).*'
+        action: drop
+      - source_labels: [ listener_address ]
+        regex: '(.+)'
+        action: drop
+      - source_labels: [ http_conn_manager_listener_prefix ]
+        regex: '(.+)'
+        action: drop
+      - source_labels: [ http_conn_manager_prefix ]
+        regex: '(.+)'
+        action: drop
+      - source_labels: [ __name__ ]
+        regex: 'envoy_tls.*'
+        action: drop
+      - source_labels: [ __name__ ]
+        regex: 'envoy_tcp_downstream.*'
+        action: drop
+      - source_labels: [ __name__ ]
+        regex: 'envoy_http_(stats|admin).*'
+        action: drop
+      - source_labels: [ __name__ ]
+        regex: 'envoy_cluster_(lb|retry|bind|internal|max|original).*'
+        action: drop
+
+    # Scrape config for API servers
+    - job_name: 'kubernetes-apiservers'
+      kubernetes_sd_configs:
+      - role: endpoints
+        namespaces:
+          names:
+          - default
+      scheme: https
+      tls_config:
+        ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+      relabel_configs:
+      - source_labels: [__meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]
+        action: keep
+        regex: kubernetes;https
+
+    # Scrape config for nodes
+    - job_name: 'kubernetes-nodes'
+      scheme: https
+      tls_config:
+        ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+      kubernetes_sd_configs:
+      - role: node
+      relabel_configs:
+      - action: labelmap
+        regex: __meta_kubernetes_node_label_(.+)
+      - target_label: __address__
+        replacement: kubernetes.default.svc:443
+      - source_labels: [__meta_kubernetes_node_name]
+        regex: (.+)
+        target_label: __metrics_path__
+        replacement: /api/v1/nodes/${1}/proxy/metrics
+
+    # scrape config for cAdvisor
+    - job_name: 'kubernetes-cadvisor'
+      scheme: https
+      tls_config:
+        ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+      kubernetes_sd_configs:
+      - role: node
+      relabel_configs:
+      - action: labelmap
+        regex: __meta_kubernetes_node_label_(.+)
+      - target_label: __address__
+        replacement: kubernetes.default.svc:443
+      - source_labels: [__meta_kubernetes_node_name]
+        regex: (.+)
+        target_label: __metrics_path__
+        replacement: /api/v1/nodes/${1}/proxy/metrics/cadvisor
+
+    # scrape config for pods
+    - job_name: kubernetes-pods
+      kubernetes_sd_configs:
+      - role: pod
+      relabel_configs:
+      - action: keep
+        regex: true
+        source_labels:
+        - __meta_kubernetes_pod_annotation_prometheus_io_scrape
+      - source_labels: [ __address__ ]
+        regex: '.*9901.*'
+        action: drop
+      - action: replace
+        regex: (.+)
+        source_labels:
+        - __meta_kubernetes_pod_annotation_prometheus_io_path
+        target_label: __metrics_path__
+      - action: replace
+        regex: ([^:]+)(?::\d+)?;(\d+)
+        replacement: $1:$2
+        source_labels:
+        - __address__
+        - __meta_kubernetes_pod_annotation_prometheus_io_port
+        target_label: __address__
+      - action: labelmap
+        regex: __meta_kubernetes_pod_label_(.+)
+      - action: replace
+        source_labels:
+        - __meta_kubernetes_namespace
+        target_label: kubernetes_namespace
+      - action: replace
+        source_labels:
+        - __meta_kubernetes_pod_name
+        target_label: kubernetes_pod_name
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "flagger.fullname" . }}-prometheus
+  namespace: {{ .Release.Namespace }}
+  labels:
+    helm.sh/chart: {{ template "flagger.chart" . }}
+    app.kubernetes.io/name: {{ template "flagger.name" . }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ template "flagger.name" . }}-prometheus
+      app.kubernetes.io/instance: {{ .Release.Name }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: {{ template "flagger.name" . }}-prometheus
+        app.kubernetes.io/instance: {{ .Release.Name }}
+      annotations:
+        appmesh.k8s.aws/sidecarInjectorWebhook: disabled
+        sidecar.istio.io/inject: "false"
+    spec:
+      serviceAccountName: {{ template "flagger.serviceAccountName" . }}-prometheus
+      containers:
+        - name: prometheus
+          image: "docker.io/prom/prometheus:v2.7.1"
+          imagePullPolicy: IfNotPresent
+          args:
+            - '--storage.tsdb.retention=6h'
+            - '--config.file=/etc/prometheus/prometheus.yml'
+          ports:
+            - containerPort: 9090
+              name: http
+          livenessProbe:
+            httpGet:
+              path: /-/healthy
+              port: 9090
+          readinessProbe:
+            httpGet:
+              path: /-/ready
+              port: 9090
+          resources:
+            requests:
+              cpu: 10m
+              memory: 128Mi
+          volumeMounts:
+            - name: config-volume
+              mountPath: /etc/prometheus
+            - name: data-volume
+              mountPath: /prometheus/data
+
+      volumes:
+        - name: config-volume
+          configMap:
+            name: {{ template "flagger.fullname" . }}-prometheus
+        - name: data-volume
+          emptyDir: {}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "flagger.fullname" . }}-prometheus
+  namespace: {{ .Release.Namespace }}
+  labels:
+    helm.sh/chart: {{ template "flagger.chart" . }}
+    app.kubernetes.io/name: {{ template "flagger.name" . }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+spec:
+  selector:
+    app.kubernetes.io/name: {{ template "flagger.name" . }}-prometheus
+    app.kubernetes.io/instance: {{ .Release.Name }}
+  ports:
+    - name: http
+      protocol: TCP
+      port: 9090
+{{- end }}
--- a/charts/flagger/templates/rbac.yaml
+++ b/charts/flagger/templates/rbac.yaml
@@ -9,11 +9,56 @@ metadata:
    app.kubernetes.io/managed-by: {{ .Release.Service }}
    app.kubernetes.io/instance: {{ .Release.Name }}
 rules:
- apiGroups: ['*']
-  resources: ['*']
-  verbs: ['*']
- nonResourceURLs: ['*']
-  verbs: ['*']
+  - apiGroups:
+      - ""
+    resources:
+      - events
+      - configmaps
+      - secrets
+      - services
+    verbs: ["*"]
+  - apiGroups:
+      - apps
+    resources:
+      - deployments
+    verbs: ["*"]
+  - apiGroups:
+      - autoscaling
+    resources:
+      - horizontalpodautoscalers
+    verbs: ["*"]
+  - apiGroups:
+      - "extensions"
+    resources:
+      - ingresses
+      - ingresses/status
+    verbs: ["*"]
+  - apiGroups:
+      - flagger.app
+    resources:
+      - canaries
+      - canaries/status
+    verbs: ["*"]
+  - apiGroups:
+      - networking.istio.io
+    resources:
+      - virtualservices
+      - virtualservices/status
+    verbs: ["*"]
+  - apiGroups:
+      - appmesh.k8s.aws
+    resources:
+      - meshes
+      - meshes/status
+      - virtualnodes
+      - virtualnodes/status
+      - virtualservices
+      - virtualservices/status
+    verbs: ["*"]
+  - nonResourceURLs:
+      - /version
+    verbs:
+      - get
 ---
 apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: ClusterRoleBinding
--- a/charts/flagger/values.yaml
+++ b/charts/flagger/values.yaml
@@ -1,11 +1,17 @@
 # Default values for flagger.

 image:
-  repository: quay.io/stefanprodan/flagger
-  tag: 0.7.0
+  repository: weaveworks/flagger
+  tag: 0.13.2
  pullPolicy: IfNotPresent

-metricsServer: "http://prometheus.istio-system.svc.cluster.local:9090"
+metricsServer: "http://prometheus:9090"
+
+# accepted values are istio, appmesh, nginx or supergloo:mesh.namespace (defaults to istio)
+meshProvider: ""
+
+# single namespace restriction
+namespace: ""

 slack:
  user: flagger
@@ -43,3 +49,7 @@ nodeSelector: {}
 tolerations: []

 affinity: {}
+
+prometheus:
+  # to be used with AppMesh or nginx ingress
+  install: false
--- a/charts/grafana/Chart.yaml
+++ b/charts/grafana/Chart.yaml
@@ -1,12 +1,12 @@
 apiVersion: v1
 name: grafana
-version: 1.0.0
+version: 1.2.0
 appVersion: 5.4.3
 description: Grafana dashboards for monitoring Flagger canary deployments
-icon: https://raw.githubusercontent.com/stefanprodan/flagger/master/docs/logo/flagger-icon.png
+icon: https://raw.githubusercontent.com/weaveworks/flagger/master/docs/logo/flagger-icon.png
 home: https://flagger.app
 sources:
- https://github.com/stefanprodan/flagger
+- https://github.com/weaveworks/flagger
 maintainers:
 - name: stefanprodan
  url: https://github.com/stefanprodan
--- a/charts/grafana/README.md
+++ b/charts/grafana/README.md
@@ -2,7 +2,7 @@

 Grafana dashboards for monitoring progressive deployments powered by Istio, Prometheus and Flagger.

-![flagger-grafana](https://raw.githubusercontent.com/stefanprodan/flagger/master/docs/screens/grafana-canary-analysis.png)
+![flagger-grafana](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/screens/grafana-canary-analysis.png)

 ## Prerequisites

--- a/charts/grafana/dashboards/appmesh.json
+++ b/charts/grafana/dashboards/appmesh.json
--- a/charts/grafana/dashboards/canary.json
+++ b/charts/grafana/dashboards/canary.json
@@ -1583,11 +1583,7 @@
    "list": [
      {
        "allValue": null,
-        "current": {
-          "selected": true,
-          "text": "test",
-          "value": "test"
-        },
+        "current": null,
        "datasource": "prometheus",
        "definition": "",
        "hide": 0,
@@ -1609,11 +1605,7 @@
      },
      {
        "allValue": null,
-        "current": {
-          "selected": false,
-          "text": "backend-primary",
-          "value": "backend-primary"
-        },
+        "current": null,
        "datasource": "prometheus",
        "definition": "",
        "hide": 0,
@@ -1622,9 +1614,9 @@
        "multi": false,
        "name": "primary",
        "options": [],
-        "query": "query_result(sum(istio_requests_total{destination_workload_namespace=~\"$namespace\"}) by (destination_service_name))",
+        "query": "query_result(sum(istio_requests_total{destination_workload_namespace=~\"$namespace\"}) by (destination_workload))",
        "refresh": 1,
-        "regex": "/.*destination_service_name=\"([^\"]*).*/",
+        "regex": "/.*destination_workload=\"([^\"]*).*/",
        "skipUrlSync": false,
        "sort": 1,
        "tagValuesQuery": "",
@@ -1635,11 +1627,7 @@
      },
      {
        "allValue": null,
-        "current": {
-          "selected": true,
-          "text": "backend",
-          "value": "backend"
-        },
+        "current": null,
        "datasource": "prometheus",
        "definition": "",
        "hide": 0,
@@ -1648,9 +1636,9 @@
        "multi": false,
        "name": "canary",
        "options": [],
-        "query": "query_result(sum(istio_requests_total{destination_workload_namespace=~\"$namespace\"}) by (destination_service_name))",
+        "query": "query_result(sum(istio_requests_total{destination_workload_namespace=~\"$namespace\"}) by (destination_workload))",
        "refresh": 1,
-        "regex": "/.*destination_service_name=\"([^\"]*).*/",
+        "regex": "/.*destination_workload=\"([^\"]*).*/",
        "skipUrlSync": false,
        "sort": 1,
        "tagValuesQuery": "",
@@ -1691,7 +1679,7 @@
    ]
  },
  "timezone": "",
-  "title": "Flagger canary",
-  "uid": "RdykD7tiz",
+  "title": "Istio Canary",
+  "uid": "flagger-istio",
  "version": 3
 }
--- a/charts/grafana/templates/NOTES.txt
+++ b/charts/grafana/templates/NOTES.txt
@@ -1,15 +1,7 @@
-1. Get the application URL by running these commands:
-{{- if contains "NodePort" .Values.service.type }}
-  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "grafana.fullname" . }})
-  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
-  echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
-     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
-           You can watch the status of by running 'kubectl get svc -w {{ template "grafana.fullname" . }}'
-  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "grafana.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
-  echo http://$SERVICE_IP:{{ .Values.service.port }}
-{{- else if contains "ClusterIP" .Values.service.type }}
-  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "grafana.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
-  echo "Visit http://127.0.0.1:8080 to use your application"
-  kubectl port-forward $POD_NAME 8080:80
-{{- end }}
+1. Run the port forward command:
+
+kubectl -n {{ .Release.Namespace }} port-forward svc/{{ .Release.Name }} 3000:80
+
+2. Navigate to:
+
+http://localhost:3000
--- a/charts/loadtester/Chart.yaml
+++ b/charts/loadtester/Chart.yaml
@@ -1,14 +1,14 @@
 apiVersion: v1
 name: loadtester
-version: 0.1.0
-appVersion: 0.1.0
+version: 0.4.0
+appVersion: 0.3.0
 kubeVersion: ">=1.11.0-0"
 engine: gotpl
 description: Flagger's load testing services based on rakyll/hey that generates traffic during canary analysis when configured as a webhook.
 home: https://docs.flagger.app
-icon: https://raw.githubusercontent.com/stefanprodan/flagger/master/docs/logo/flagger-icon.png
+icon: https://raw.githubusercontent.com/weaveworks/flagger/master/docs/logo/flagger-icon.png
 sources:
-  - https://github.com/stefanprodan/flagger
+  - https://github.com/weaveworks/flagger
 maintainers:
  - name: stefanprodan
    url: https://github.com/stefanprodan
@@ -16,5 +16,6 @@ maintainers:
 keywords:
  - canary
  - istio
+  - appmesh
  - gitops
  - load testing
--- a/charts/loadtester/README.md
+++ b/charts/loadtester/README.md
@@ -1,6 +1,6 @@
 # Flagger load testing service

-[Flagger's](https://github.com/stefanprodan/flagger) load testing service is based on 
+[Flagger's](https://github.com/weaveworks/flagger) load testing service is based on 
 [rakyll/hey](https://github.com/rakyll/hey) 
 and can be used to generates traffic during canary analysis when configured as a webhook.

@@ -56,15 +56,15 @@ Parameter | Description | Default
 `nodeSelector` | node labels for pod assignment | `{}`
 `service.type` | type of service | `ClusterIP`
 `service.port` | ClusterIP port | `80`
-`cmd.logOutput` | Log the command output to stderr | `true`
 `cmd.timeout` | Command execution timeout | `1h`
 `logLevel` | Log level can be debug, info, warning, error or panic | `info`
+`meshName` | AWS App Mesh name | `none`
+`backends` | AWS App Mesh virtual services | `none`

 Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,

 ```console
-helm install flagger/loadtester --name flagger-loadtester \
--set cmd.logOutput=false
+helm install flagger/loadtester --name flagger-loadtester
 ```

 Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example,
--- a/charts/loadtester/templates/deployment.yaml
+++ b/charts/loadtester/templates/deployment.yaml
@@ -16,6 +16,8 @@ spec:
    metadata:
      labels:
        app: {{ include "loadtester.name" . }}
+      annotations:
+        appmesh.k8s.aws/ports: "444"
    spec:
      containers:
        - name: {{ .Chart.Name }}
@@ -29,7 +31,6 @@ spec:
            - -port=8080
            - -log-level={{ .Values.logLevel }}
            - -timeout={{ .Values.cmd.timeout }}
-            - -log-cmd-output={{ .Values.cmd.logOutput }}
          livenessProbe:
            exec:
              command:
--- a/charts/loadtester/templates/virtual-node.yaml
+++ b/charts/loadtester/templates/virtual-node.yaml
@@ -0,0 +1,27 @@
+{{- if .Values.meshName }}
+apiVersion: appmesh.k8s.aws/v1beta1
+kind: VirtualNode
+metadata:
+  name: {{ include "loadtester.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "loadtester.name" . }}
+    helm.sh/chart: {{ include "loadtester.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+spec:
+  meshName: {{ .Values.meshName }}
+  listeners:
+    - portMapping:
+        port: 444
+        protocol: http
+  serviceDiscovery:
+    dns:
+      hostName: {{ include "loadtester.fullname" . }}.{{ .Release.Namespace }}
+  {{- if .Values.backends }}
+  backends:
+    {{- range .Values.backends }}
+    - virtualService:
+        virtualServiceName: {{ . }}
+    {{- end }}
+  {{- end }}
+{{- end }}
--- a/charts/loadtester/values.yaml
+++ b/charts/loadtester/values.yaml
@@ -1,13 +1,12 @@
 replicaCount: 1

 image:
-  repository: quay.io/stefanprodan/flagger-loadtester
-  tag: 0.1.0
+  repository: weaveworks/flagger-loadtester
+  tag: 0.3.0
  pullPolicy: IfNotPresent

 logLevel: info
 cmd:
-  logOutput: true
  timeout: 1h

 nameOverride: ""
@@ -27,3 +26,9 @@ nodeSelector: {}
 tolerations: []

 affinity: {}
+
+# App Mesh virtual node settings
+meshName: ""
+#backends:
+#  - app1.namespace
+#  - app2.namespace
--- a/charts/podinfo/Chart.yaml
+++ b/charts/podinfo/Chart.yaml
@@ -1,12 +1,12 @@
 apiVersion: v1
-version: 2.0.0
+version: 2.0.1
 appVersion: 1.4.0
 name: podinfo
 engine: gotpl
 description: Flagger canary deployment demo chart
-home: https://github.com/stefanprodan/flagger
+home: https://github.com/weaveworks/flagger
 maintainers:
 - email: stefanprodan@users.noreply.github.com
  name: stefanprodan
 sources:
- https://github.com/stefanprodan/flagger
+- https://github.com/weaveworks/flagger
--- a/charts/podinfo/templates/canary.yaml
+++ b/charts/podinfo/templates/canary.yaml
@@ -32,10 +32,10 @@ spec:
    maxWeight: {{ .Values.canary.analysis.maxWeight }}
    stepWeight: {{ .Values.canary.analysis.stepWeight }}
    metrics:
-    - name: istio_requests_total
+    - name: request-success-rate
      threshold: {{ .Values.canary.thresholds.successRate }}
      interval: 1m
-    - name: istio_request_duration_seconds_bucket
+    - name: request-duration
      threshold: {{ .Values.canary.thresholds.latency }}
      interval: 1m
    {{- if .Values.canary.loadtest.enabled }}
--- a/cmd/flagger/main.go
+++ b/cmd/flagger/main.go
@@ -3,18 +3,21 @@ package main
 import (
 	"flag"
 	"log"
+	"strings"
 	"time"

-	_ "github.com/istio/glog"
-	istioclientset "github.com/knative/pkg/client/clientset/versioned"
-	"github.com/knative/pkg/signals"
-	clientset "github.com/stefanprodan/flagger/pkg/client/clientset/versioned"
-	informers "github.com/stefanprodan/flagger/pkg/client/informers/externalversions"
-	"github.com/stefanprodan/flagger/pkg/controller"
-	"github.com/stefanprodan/flagger/pkg/logging"
-	"github.com/stefanprodan/flagger/pkg/notifier"
-	"github.com/stefanprodan/flagger/pkg/server"
-	"github.com/stefanprodan/flagger/pkg/version"
+	_ "github.com/stefanprodan/klog"
+	clientset "github.com/weaveworks/flagger/pkg/client/clientset/versioned"
+	informers "github.com/weaveworks/flagger/pkg/client/informers/externalversions"
+	"github.com/weaveworks/flagger/pkg/controller"
+	"github.com/weaveworks/flagger/pkg/logger"
+	"github.com/weaveworks/flagger/pkg/metrics"
+	"github.com/weaveworks/flagger/pkg/notifier"
+	"github.com/weaveworks/flagger/pkg/router"
+	"github.com/weaveworks/flagger/pkg/server"
+	"github.com/weaveworks/flagger/pkg/signals"
+	"github.com/weaveworks/flagger/pkg/version"
+	"go.uber.org/zap"
 	"k8s.io/client-go/kubernetes"
 	_ "k8s.io/client-go/plugin/pkg/client/auth/gcp"
 	"k8s.io/client-go/tools/cache"
@@ -31,6 +34,12 @@ var (
 	slackURL            string
 	slackUser           string
 	slackChannel        string
+	threadiness         int
+	zapReplaceGlobals   bool
+	zapEncoding         string
+	namespace           string
+	meshProvider        string
+	selectorLabels      string
 )

 func init() {
@@ -43,15 +52,25 @@ func init() {
 	flag.StringVar(&slackURL, "slack-url", "", "Slack hook URL.")
 	flag.StringVar(&slackUser, "slack-user", "flagger", "Slack user name.")
 	flag.StringVar(&slackChannel, "slack-channel", "", "Slack channel.")
+	flag.IntVar(&threadiness, "threadiness", 2, "Worker concurrency.")
+	flag.BoolVar(&zapReplaceGlobals, "zap-replace-globals", false, "Whether to change the logging level of the global zap logger.")
+	flag.StringVar(&zapEncoding, "zap-encoding", "json", "Zap logger encoding.")
+	flag.StringVar(&namespace, "namespace", "", "Namespace that flagger would watch canary object")
+	flag.StringVar(&meshProvider, "mesh-provider", "istio", "Service mesh provider, can be istio or appmesh")
+	flag.StringVar(&selectorLabels, "selector-labels", "app,name,app.kubernetes.io/name", "List of pod labels that Flagger uses to create pod selectors")
 }

 func main() {
 	flag.Parse()

-	logger, err := logging.NewLogger(logLevel)
+	logger, err := logger.NewLoggerWithEncoding(logLevel, zapEncoding)
 	if err != nil {
 		log.Fatalf("Error creating logger: %v", err)
 	}
+	if zapReplaceGlobals {
+		zap.ReplaceGlobals(logger.Desugar())
+	}
+
 	defer logger.Sync()

 	stopCh := signals.SetupSignalHandler()
@@ -66,7 +85,7 @@ func main() {
 		logger.Fatalf("Error building kubernetes clientset: %v", err)
 	}

-	istioClient, err := istioclientset.NewForConfig(cfg)
+	meshClient, err := clientset.NewForConfig(cfg)
 	if err != nil {
 		logger.Fatalf("Error building istio clientset: %v", err)
 	}
@@ -76,19 +95,28 @@ func main() {
 		logger.Fatalf("Error building example clientset: %s", err.Error())
 	}

-	flaggerInformerFactory := informers.NewSharedInformerFactory(flaggerClient, time.Second*30)
+	flaggerInformerFactory := informers.NewSharedInformerFactoryWithOptions(flaggerClient, time.Second*30, informers.WithNamespace(namespace))
+
 	canaryInformer := flaggerInformerFactory.Flagger().V1alpha3().Canaries()

-	logger.Infof("Starting flagger version %s revision %s", version.VERSION, version.REVISION)
+	logger.Infof("Starting flagger version %s revision %s mesh provider %s", version.VERSION, version.REVISION, meshProvider)

 	ver, err := kubeClient.Discovery().ServerVersion()
 	if err != nil {
 		logger.Fatalf("Error calling Kubernetes API: %v", err)
 	}

-	logger.Infof("Connected to Kubernetes API %s", ver)
+	labels := strings.Split(selectorLabels, ",")
+	if len(labels) < 1 {
+		logger.Fatalf("At least one selector label is required")
+	}

-	ok, err := controller.CheckMetricsServer(metricsServer)
+	logger.Infof("Connected to Kubernetes API %s", ver)
+	if namespace != "" {
+		logger.Infof("Watching namespace %s", namespace)
+	}
+
+	ok, err := metrics.CheckMetricsServer(metricsServer)
 	if ok {
 		logger.Infof("Connected to metrics server %s", metricsServer)
 	} else {
@@ -108,15 +136,21 @@ func main() {
 	// start HTTP server
 	go server.ListenAndServe(port, 3*time.Second, logger, stopCh)

+	routerFactory := router.NewFactory(cfg, kubeClient, flaggerClient, logger, meshClient)
+
 	c := controller.NewController(
 		kubeClient,
-		istioClient,
+		meshClient,
 		flaggerClient,
 		canaryInformer,
 		controlLoopInterval,
 		metricsServer,
 		logger,
 		slack,
+		routerFactory,
+		meshProvider,
+		version.VERSION,
+		labels,
 	)

 	flaggerInformerFactory.Start(stopCh)
@@ -132,7 +166,7 @@ func main() {

 	// start controller
 	go func(ctrl *controller.Controller) {
-		if err := ctrl.Run(2, stopCh); err != nil {
+		if err := ctrl.Run(threadiness, stopCh); err != nil {
 			logger.Fatalf("Error running controller: %v", err)
 		}
 	}(c)
--- a/cmd/loadtester/main.go
+++ b/cmd/loadtester/main.go
@@ -2,40 +2,47 @@ package main

 import (
 	"flag"
-	"github.com/knative/pkg/signals"
-	"github.com/stefanprodan/flagger/pkg/loadtester"
-	"github.com/stefanprodan/flagger/pkg/logging"
+	"github.com/weaveworks/flagger/pkg/loadtester"
+	"github.com/weaveworks/flagger/pkg/logger"
+	"github.com/weaveworks/flagger/pkg/signals"
+	"go.uber.org/zap"
 	"log"
 	"time"
 )

-var VERSION = "0.1.0"
+var VERSION = "0.3.0"
 var (
-	logLevel     string
-	port         string
-	timeout      time.Duration
-	logCmdOutput bool
+	logLevel          string
+	port              string
+	timeout           time.Duration
+	zapReplaceGlobals bool
+	zapEncoding       string
 )

 func init() {
 	flag.StringVar(&logLevel, "log-level", "debug", "Log level can be: debug, info, warning, error.")
 	flag.StringVar(&port, "port", "9090", "Port to listen on.")
-	flag.DurationVar(&timeout, "timeout", time.Hour, "Command exec timeout.")
-	flag.BoolVar(&logCmdOutput, "log-cmd-output", true, "Log command output to stderr")
+	flag.DurationVar(&timeout, "timeout", time.Hour, "Load test exec timeout.")
+	flag.BoolVar(&zapReplaceGlobals, "zap-replace-globals", false, "Whether to change the logging level of the global zap logger.")
+	flag.StringVar(&zapEncoding, "zap-encoding", "json", "Zap logger encoding.")
 }

 func main() {
 	flag.Parse()

-	logger, err := logging.NewLogger(logLevel)
+	logger, err := logger.NewLoggerWithEncoding(logLevel, zapEncoding)
 	if err != nil {
 		log.Fatalf("Error creating logger: %v", err)
 	}
+	if zapReplaceGlobals {
+		zap.ReplaceGlobals(logger.Desugar())
+	}
+
 	defer logger.Sync()

 	stopCh := signals.SetupSignalHandler()

-	taskRunner := loadtester.NewTaskRunner(logger, timeout, logCmdOutput)
+	taskRunner := loadtester.NewTaskRunner(logger, timeout)

 	go taskRunner.Start(100*time.Millisecond, stopCh)

--- a/docs/diagrams/flagger-abtest-steps.png
+++ b/docs/diagrams/flagger-abtest-steps.png
--- a/docs/diagrams/flagger-canary-overview.png
+++ b/docs/diagrams/flagger-canary-overview.png
--- a/docs/diagrams/flagger-gitops-aws.png
+++ b/docs/diagrams/flagger-gitops-aws.png
--- a/docs/diagrams/flagger-gitops-istio.png
+++ b/docs/diagrams/flagger-gitops-istio.png
--- a/docs/diagrams/flagger-nginx-overview.png
+++ b/docs/diagrams/flagger-nginx-overview.png
--- a/docs/diagrams/flagger-overview.png
+++ b/docs/diagrams/flagger-overview.png
--- a/docs/gitbook/README.md
+++ b/docs/gitbook/README.md
@@ -1,11 +1,11 @@
 ---
-description: Flagger is an Istio progressive delivery Kubernetes operator
+description: Flagger is a progressive delivery Kubernetes operator
 ---

 # Introduction

-[Flagger](https://github.com/stefanprodan/flagger) is a **Kubernetes** operator that automates the promotion of canary 
-deployments using **Istio** routing for traffic shifting and **Prometheus** metrics for canary analysis.
+[Flagger](https://github.com/weaveworks/flagger) is a **Kubernetes** operator that automates the promotion of canary 
+deployments using **Istio**, **App Mesh** or **NGINX** routing for traffic shifting and **Prometheus** metrics for canary analysis.
 The canary analysis can be extended with webhooks for running 
 system integration/acceptance tests, load tests, or any other custom validation.

@@ -13,7 +13,7 @@ Flagger implements a control loop that gradually shifts traffic to the canary wh
 indicators like HTTP requests success rate, requests average duration and pods health. 
 Based on analysis of the **KPIs** a canary is promoted or aborted, and the analysis result is published to **Slack**.

-![Flagger overview diagram](https://raw.githubusercontent.com/stefanprodan/flagger/master/docs/diagrams/flagger-canary-overview.png)
+![Flagger overview diagram](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/diagrams/flagger-canary-overview.png)

 Flagger can be configured with Kubernetes custom resources and is compatible with 
 any CI/CD solutions made for Kubernetes. Since Flagger is declarative and reacts to Kubernetes events, 
--- a/docs/gitbook/SUMMARY.md
+++ b/docs/gitbook/SUMMARY.md
@@ -6,14 +6,20 @@
 ## Install

 * [Flagger Install on Kubernetes](install/flagger-install-on-kubernetes.md)
-* [Flagger Install on Google Cloud](install/flagger-install-on-google-cloud.md)
+* [Flagger Install on GKE Istio](install/flagger-install-on-google-cloud.md)
+* [Flagger Install on EKS App Mesh](install/flagger-install-on-eks-appmesh.md)
+* [Flagger Install with SuperGloo](install/flagger-install-with-supergloo.md)

 ## Usage

-* [Canary Deployments](usage/progressive-delivery.md)
+* [Istio Canary Deployments](usage/progressive-delivery.md)
+* [Istio A/B Testing](usage/ab-testing.md)
+* [App Mesh Canary Deployments](usage/appmesh-progressive-delivery.md)
+* [NGINX Canary Deployments](usage/nginx-progressive-delivery.md)
 * [Monitoring](usage/monitoring.md)
 * [Alerting](usage/alerting.md)

 ## Tutorials

 * [Canaries with Helm charts and GitOps](tutorials/canary-helm-gitops.md)
+* [Zero downtime deployments](tutorials/zero-downtime-deployments.md)
--- a/docs/gitbook/faq.md
+++ b/docs/gitbook/faq.md
@@ -0,0 +1,21 @@
+# Frequently asked questions
+
+**Can Flagger be part of my integration tests?**
+> Yes, Flagger supports webhooks to do integration testing.
+
+**What if I only want to target beta testers?**
+> That's a feature in Flagger, not in App Mesh. It's on the App Mesh roadmap.
+
+**When do I use A/B testing when Canary?**
+> One advantage of using A/B testing is that each version remains separated and routes aren't mixed.
+>
+> Using a Canary deployment can lead to behaviour like this one observed by a
+> user:
+>
+> [..] during a canary deployment of our nodejs app, the version that is being served <50% traffic reports mime type mismatch errors in the browser (js as "text/html")
+> When the deployment Passes/ Fails (doesn't really matter) the version that stays alive works as expected. If anyone has any tips or direction I would greatly appreciate it. Even if its as simple as I'm looking in the wrong place. Thanks in advance!
+>
+> The issue was that we were not maintaining session affinity while serving files for our frontend. Which resulted in any redirects or refreshes occasionally returning a mismatched app.*.js file (generated from vue)
+>
+> Read up on [A/B testing](https://docs.flagger.app/usage/ab-testing).
+
--- a/docs/gitbook/how-it-works.md
+++ b/docs/gitbook/how-it-works.md
@@ -1,10 +1,10 @@
 # How it works

-[Flagger](https://github.com/stefanprodan/flagger) takes a Kubernetes deployment and optionally 
+[Flagger](https://github.com/weaveworks/flagger) takes a Kubernetes deployment and optionally 
 a horizontal pod autoscaler \(HPA\) and creates a series of objects 
-\(Kubernetes deployments, ClusterIP services and Istio virtual services\) to drive the canary analysis and promotion. 
+\(Kubernetes deployments, ClusterIP services and Istio or App Mesh virtual services\) to drive the canary analysis and promotion. 

-![Flagger Canary Process](https://raw.githubusercontent.com/stefanprodan/flagger/master/docs/diagrams/flagger-canary-hpa.png)
+![Flagger Canary Process](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/diagrams/flagger-canary-hpa.png)

 ### Canary Custom Resource

@@ -33,25 +33,15 @@ spec:
  service:
    # container port
    port: 9898
+    # service port name (optional, will default to "http")
+    portName: http-podinfo
    # Istio gateways (optional)
    gateways:
    - public-gateway.istio-system.svc.cluster.local
+    - mesh
    # Istio virtual service host names (optional)
    hosts:
    - podinfo.example.com
-    # HTTP match conditions (optional)
-    match:
-      - uri:
-          prefix: /
-    # HTTP rewrite (optional)
-    rewrite:
-      uri: /
-    # timeout for HTTP requests (optional)
-    timeout: 5s
-    # retry policy when a HTTP request fails (optional)
-    retries:
-      attempts: 3
-      perTryTimeout: 3s
  # promote the canary without analysing it (default false)
  skipAnalysis: false
  # define the canary analysis timing and KPIs
@@ -66,14 +56,14 @@ spec:
    # canary increment step
    # percentage (0-100)
    stepWeight: 5
-    # Istio Prometheus checks
+    # Prometheus checks
    metrics:
-    - name: istio_requests_total
+    - name: request-success-rate
      # minimum req success rate (non 5xx responses)
      # percentage (0-100)
      threshold: 99
      interval: 1m
-    - name: istio_request_duration_seconds_bucket
+    - name: request-duration
      # maximum req duration P99
      # milliseconds
      threshold: 500
@@ -106,12 +96,17 @@ spec:
        app: podinfo
 ```

+Besides `app` Flagger supports `name` and `app.kubernetes.io/name` selectors. If you use a different 
+convention you can specify your label with the `-selector-labels` flag.
+
 The target deployment should expose a TCP port that will be used by Flagger to create the ClusterIP Service and 
 the Istio Virtual Service. The container port from the target deployment should match the `service.port` value.

-### Virtual Service
+### Istio routing

-Flagger creates an Istio Virtual Service based on the Canary service spec.
+Flagger creates an Istio Virtual Service based on the Canary service spec. The service configuration lets you expose 
+an app inside or outside the mesh.
+You can also define HTTP match conditions, URI rewrite rules, CORS policies, timeout and retries.

 The following spec exposes the `frontend` workload inside the mesh on `frontend.test.svc.cluster.local:9898` 
 and outside the mesh on `frontend.example.com`. You'll have to specify an Istio ingress gateway for external hosts.
@@ -122,22 +117,43 @@ kind: Canary
 metadata:
  name: frontend
  namespace: test
+spec:
  service:
    # container port
    port: 9898
+    # service port name (optional, will default to "http")
+    portName: http-frontend
    # Istio gateways (optional)
    gateways:
    - public-gateway.istio-system.svc.cluster.local
+    - mesh
    # Istio virtual service host names (optional)
    hosts:
    - frontend.example.com
-    # Istio virtual service HTTP match conditions (optional)
+    # HTTP match conditions (optional)
    match:
      - uri:
          prefix: /
-    # Istio virtual service HTTP rewrite (optional)
+    # HTTP rewrite (optional)
    rewrite:
      uri: /
+    # Envoy timeout and retry policy (optional)
+    headers:
+      request:
+        add:
+          x-envoy-upstream-rq-timeout-ms: "15000"
+          x-envoy-max-retries: "10"
+          x-envoy-retry-on: "gateway-error,connect-failure,refused-stream"
+    # cross-origin resource sharing policy (optional)
+    corsPolicy:
+      allowOrigin:
+        - example.com
+      allowMethods:
+        - GET
+      allowCredentials: false
+      allowHeaders:
+        - x-some-header
+      maxAge: 24h
 ```

 For the above spec Flagger will generate the following virtual service:
@@ -163,25 +179,37 @@ spec:
    - frontend.example.com
    - frontend
  http:
-    - match:
-        - uri:
-            prefix: /
-      rewrite:
-        uri: /
-      route:
-        - destination:
-            host: frontend-primary
-            port:
-              number: 9898
-          weight: 100
-        - destination:
-            host: frontend-canary
-            port:
-              number: 9898
-          weight: 0
+  - appendHeaders:
+      x-envoy-max-retries: "10"
+      x-envoy-retry-on: gateway-error,connect-failure,refused-stream
+      x-envoy-upstream-rq-timeout-ms: "15000"
+    corsPolicy:
+      allowHeaders:
+      - x-some-header
+      allowMethods:
+      - GET
+      allowOrigin:
+      - example.com
+      maxAge: 24h
+    match:
+    - uri:
+        prefix: /
+    rewrite:
+      uri: /
+    route:
+    - destination:
+        host: podinfo-primary
+        port:
+          number: 9898
+      weight: 100
+    - destination:
+        host: podinfo-canary
+        port:
+          number: 9898
+      weight: 0
 ```

-Flagger keeps in sync the virtual service with the canary service spec. Any direct modification of the virtual 
+Flagger keeps in sync the virtual service with the canary service spec. Any direct modification to the virtual 
 service spec will be overwritten.

 To expose a workload inside the mesh on `http://backend.test.svc.cluster.local:9898`,
@@ -228,7 +256,7 @@ and for backend HTTP APIs that are accessible only from inside the mesh.

 ### Canary Stages

-![Flagger Canary Stages](https://raw.githubusercontent.com/stefanprodan/flagger/master/docs/diagrams/flagger-canary-steps.png)
+![Flagger Canary Stages](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/diagrams/flagger-canary-steps.png)

 A canary deployment is triggered by changes in any of the following objects:

@@ -243,16 +271,22 @@ Gated canary promotion stages:
 * check primary and canary deployments status
    * halt advancement if a rolling update is underway
    * halt advancement if pods are unhealthy
+* call pre-rollout webhooks are check results
+    * halt advancement if any hook returned a non HTTP 2xx result
+    * increment the failed checks counter
 * increase canary traffic weight percentage from 0% to 5% (step weight)
-* call webhooks and check results
+* call rollout webhooks and check results
 * check canary HTTP request success rate and latency
    * halt advancement if any metric is under the specified threshold
    * increment the failed checks counter
 * check if the number of failed checks reached the threshold
    * route all traffic to primary
    * scale to zero the canary deployment and mark it as failed
+    * call post-rollout webhooks
+    * post the analysis result to Slack
    * wait for the canary deployment to be updated and start over
 * increase canary traffic weight by 5% (step weight) till it reaches 50% (max weight) 
+    * halt advancement if any webhook call fails
    * halt advancement while canary request success rate is under the threshold
    * halt advancement while canary request duration P99 is over the threshold
    * halt advancement if the primary or canary deployment becomes unhealthy 
@@ -265,6 +299,8 @@ Gated canary promotion stages:
 * route all traffic to primary
 * scale to zero the canary deployment
 * mark rollout as finished
+* call post-rollout webhooks
+* post the analysis result to Slack
 * wait for the canary deployment to be updated and start over

 ### Canary Analysis
@@ -308,6 +344,49 @@ At any time you can set the `spec.skipAnalysis: true`.
 When skip analysis is enabled, Flagger checks if the canary deployment is healthy and 
 promotes it without analysing it. If an analysis is underway, Flagger cancels it and runs the promotion.

+### A/B Testing
+
+Besides weighted routing, Flagger can be configured to route traffic to the canary based on HTTP match conditions.
+In an A/B testing scenario, you'll be using HTTP headers or cookies to target a certain segment of your users.
+This is particularly useful for frontend applications that require session affinity.
+
+You can enable A/B testing by specifying the HTTP match conditions and the number of iterations:
+
+```yaml
+  canaryAnalysis:
+    # schedule interval (default 60s)
+    interval: 1m
+    # total number of iterations
+    iterations: 10
+    # max number of failed iterations before rollback
+    threshold: 2
+    # canary match condition
+    match:
+      - headers:
+          user-agent:
+            regex: "^(?!.*Chrome).*Safari.*"
+      - headers:
+          cookie:
+            regex: "^(.*?;)?(user=test)(;.*)?$"
+```
+
+If Flagger finds a HTTP match condition, it will ignore the `maxWeight` and `stepWeight` settings.
+
+The above configuration will run an analysis for ten minutes targeting the Safari users and those that have a test cookie.
+You can determine the minimum time that it takes to validate and promote a canary deployment using this formula:
+
+```
+interval * iterations
+```
+
+And the time it takes for a canary to be rollback when the metrics or webhook checks are failing:
+
+```
+interval * threshold 
+```
+
+Make sure that the analysis threshold is lower than the number of iterations.
+
 ### HTTP Metrics

 The canary analysis is using the following Prometheus queries:
@@ -319,14 +398,14 @@ Spec:
 ```yaml
  canaryAnalysis:
    metrics:
-    - name: istio_requests_total
+    - name: request-success-rate
      # minimum req success rate (non 5xx responses)
      # percentage (0-100)
      threshold: 99
      interval: 1m
 ```

-Query:
+Istio query:

 ```javascript
 sum(
@@ -351,6 +430,29 @@ sum(
 )
 ```

+App Mesh query:
+
+```javascript
+sum(
+    rate(
+        envoy_cluster_upstream_rq{
+          kubernetes_namespace="$namespace",
+          kubernetes_pod_name=~"$workload",
+          response_code!~"5.*"
+        }[$interval]
+    )
+) 
+/ 
+sum(
+    rate(
+        envoy_cluster_upstream_rq{
+          kubernetes_namespace="$namespace",
+          kubernetes_pod_name=~"$workload"
+        }[$interval]
+    )
+)
+```
+
 **HTTP requests milliseconds duration P99**

 Spec:
@@ -358,14 +460,14 @@ Spec:
 ```yaml
  canaryAnalysis:
    metrics:
-    - name: istio_request_duration_seconds_bucket
+    - name: request-duration
      # maximum req duration P99
      # milliseconds
      threshold: 500
      interval: 1m
 ```

-Query:
+Istio query:

 ```javascript
 histogram_quantile(0.99, 
@@ -381,6 +483,21 @@ histogram_quantile(0.99,
 )
 ```

+App Mesh query:
+
+```javascript
+histogram_quantile(0.99, 
+  sum(
+    irate(
+      envoy_cluster_upstream_rq_time_bucket{
+        kubernetes_pod_name=~"$workload",
+        kubernetes_namespace=~"$namespace"
+      }[$interval]
+    )
+  ) by (le)
+)
+```
+
 > **Note** that the metric interval should be lower or equal to the control loop interval.

 ### Custom Metrics
@@ -422,42 +539,89 @@ The above configuration validates the canary by checking
 if the HTTP 404 req/sec percentage is below 5 percent of the total traffic.
 If the 404s rate reaches the 5% threshold, then the canary fails.

+```yaml
+  canaryAnalysis:
+    threshold: 1
+    maxWeight: 50
+    stepWeight: 5
+    metrics:
+    - name: "rpc error rate"
+      threshold: 5
+      query: |
+        100 - (sum
+            rate(
+                grpc_server_handled_total{
+                  grpc_service="my.TestService",
+                  grpc_code!="OK"
+                }[1m]
+            )
+        )
+        /
+        sum(
+            rate(
+                grpc_server_started_total{
+                  grpc_service="my.TestService"
+                }[1m]
+            )
+        ) * 100
+```
+
+The above configuration validates the canary by checking if the percentage of
+non-OK GRPC req/sec is below 5 percent of the total requests. If the non-OK
+rate reaches the 5% threshold, then the canary fails.
+
 When specifying a query, Flagger will run the promql query and convert the result to float64. 
 Then it compares the query result value with the metric threshold value.

-
 ### Webhooks

-The canary analysis can be extended with webhooks. 
-Flagger will call each webhook URL and determine from the response status code (HTTP 2xx) if the canary is failing or not.
+The canary analysis can be extended with webhooks. Flagger will call each webhook URL and
+determine from the response status code (HTTP 2xx) if the canary is failing or not.
+
+There are three types of hooks:
+* Pre-rollout hooks are executed before routing traffic to canary. 
+The canary advancement is paused if a pre-rollout hook fails and if the number of failures reach the 
+threshold the canary will be rollback.
+* Rollout hooks are executed during the analysis on each iteration before the metric checks. 
+If a rollout hook call fails the canary advancement is paused and eventfully rolled back.
+* Post-rollout hooks are executed after the canary has been promoted or rolled back. 
+If a post rollout hook fails the error is logged.

 Spec:

 ```yaml
  canaryAnalysis:
    webhooks:
-      - name: integration-test
-        url: http://int-runner.test:8080/
-        timeout: 30s
-        metadata:
-          test: "all"
-          token: "16688eb5e9f289f1991c"
-      - name: db-test
+      - name: "smoke test"
+        type: pre-rollout
        url: http://migration-check.db/query
        timeout: 30s
        metadata:
          key1: "val1"
          key2: "val2"
+      - name: "load test"
+        type: rollout
+        url: http://flagger-loadtester.test/
+        timeout: 15s
+        metadata:
+          cmd: "hey -z 1m -q 5 -c 2 http://podinfo-canary.test:9898/"
+      - name: "notify"
+        type: post-rollout
+        url: http://telegram.bot:8080/
+        timeout: 5s
+        metadata:
+          some: "message"
 ```

-> **Note** that the sum of all webhooks timeouts should be lower than the control loop interval. 
+> **Note** that the sum of all rollout webhooks timeouts should be lower than the analysis interval. 

 Webhook payload (HTTP POST):

 ```json
 {
    "name": "podinfo",
-    "namespace": "test", 
+    "namespace": "test",
+    "phase": "Progressing", 
    "metadata": {
        "test":  "all",
        "token":  "16688eb5e9f289f1991c"
@@ -482,12 +646,12 @@ Flagger metric checks will fail with "no values found for metric istio_requests_
 Flagger comes with a load testing service based on [rakyll/hey](https://github.com/rakyll/hey) 
 that generates traffic during analysis when configured as a webhook.

-![Flagger Load Testing Webhook](https://raw.githubusercontent.com/stefanprodan/flagger/master/docs/diagrams/flagger-load-testing.png)
+![Flagger Load Testing Webhook](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/diagrams/flagger-load-testing.png)

 First you need to deploy the load test runner in a namespace with Istio sidecar injection enabled:

 ```bash
-export REPO=https://raw.githubusercontent.com/stefanprodan/flagger/master
+export REPO=https://raw.githubusercontent.com/weaveworks/flagger/master

 kubectl -n test apply -f ${REPO}/artifacts/loadtester/deployment.yaml
 kubectl -n test apply -f ${REPO}/artifacts/loadtester/service.yaml
@@ -499,8 +663,7 @@ Or by using Helm:
 helm repo add flagger https://flagger.app

 helm upgrade -i flagger-loadtester flagger/loadtester \
--namepace=test \
--set cmd.logOutput=true \
+--namespace=test \
 --set cmd.timeout=1h
 ```

@@ -514,17 +677,19 @@ webhooks:
    url: http://flagger-loadtester.test/
    timeout: 5s
    metadata:
+      type: cmd
      cmd: "hey -z 1m -q 10 -c 2 http://podinfo.test:9898/"
  - name: load-test-post
    url: http://flagger-loadtester.test/
    timeout: 5s
    metadata:
+      type: cmd
      cmd: "hey -z 1m -q 10 -c 2 -m POST -d '{test: 2}' http://podinfo.test:9898/echo"
 ```

 When the canary analysis starts, Flagger will call the webhooks and the load tester will run the `hey` commands 
 in the background, if they are not already running. This will ensure that during the 
-analysis, the `podinfo.test` virtual service will receive a steady steam of GET and POST requests.
+analysis, the `podinfo.test` virtual service will receive a steady stream of GET and POST requests.

 If your workload is exposed outside the mesh with the Istio Gateway and TLS you can point `hey` to the 
 public URL and use HTTP2.
@@ -535,6 +700,7 @@ webhooks:
    url: http://flagger-loadtester.test/
    timeout: 5s
    metadata:
+      type: cmd
      cmd: "hey -z 1m -q 10 -c 2 -h2 https://podinfo.example.com/"
 ```

@@ -547,3 +713,32 @@ FROM quay.io/stefanprodan/flagger-loadtester:<VER>
 RUN curl -Lo /usr/local/bin/my-cli https://github.com/user/repo/releases/download/ver/my-cli \
    && chmod +x /usr/local/bin/my-cli
 ```
+
+### Load Testing Delegation
+
+The load tester can also forward testing tasks to external tools, by now [nGrinder](https://github.com/naver/ngrinder)
+is supported.
+
+To use this feature, add a load test task of type 'ngrinder' to the canary analysis spec:
+
+```yaml
+webhooks:
+  - name: load-test-post
+    url: http://flagger-loadtester.test/
+    timeout: 5s
+    metadata:
+      # type of this load test task, cmd or ngrinder
+      type: ngrinder
+      # base url of your nGrinder controller server
+      server: http://ngrinder-server:port
+      # id of the test to clone from, the test must have been defined.
+      clone: 100
+      # user name and base64 encoded password to authenticate against the nGrinder server
+      username: admin
+      passwd: YWRtaW4=
+      # the interval between between nGrinder test status polling, default to 1s
+      pollInterval: 5s
+```
+When the canary analysis starts, the load tester will initiate a [clone_and_start request](https://github.com/naver/ngrinder/wiki/REST-API-PerfTest)
+to the nGrinder server and start a new performance test. the load tester will periodically poll the nGrinder server
+for the status of the test, and prevent duplicate requests from being sent in subsequent analysis loops.
--- a/docs/gitbook/install/flagger-install-on-eks-appmesh.md
+++ b/docs/gitbook/install/flagger-install-on-eks-appmesh.md
@@ -0,0 +1,176 @@
+# Flagger install on AWS
+
+This guide walks you through setting up Flagger and AWS App Mesh on EKS.
+
+### App Mesh
+
+The App Mesh integration with EKS is made out of the following components:
+
+* Kubernetes custom resources
+    * `mesh.appmesh.k8s.aws` defines a logical boundary for network traffic between the services 
+    * `virtualnode.appmesh.k8s.aws` defines a logical pointer to a Kubernetes workload
+    * `virtualservice.appmesh.k8s.aws` defines the routing rules for a workload inside the mesh
+* CRD controller - keeps the custom resources in sync with the App Mesh control plane
+* Admission controller - injects the Envoy sidecar and assigns Kubernetes pods to App Mesh virtual nodes
+* Metrics server - Prometheus instance that collects and stores Envoy's metrics
+
+Prerequisites:
+
+* jq
+* homebrew
+* openssl
+* kubectl
+* AWS CLI (default region us-west-2)
+
+### Create a Kubernetes cluster
+
+In order to create an EKS cluster you can use [eksctl](https://eksctl.io).
+Eksctl is an open source command-line utility made by Weaveworks in collaboration with Amazon, 
+it’s a Kubernetes-native tool written in Go.
+
+On MacOS you can install eksctl with Homebrew:
+
+```bash
+brew tap weaveworks/tap
+brew install weaveworks/tap/eksctl
+```
+
+Create an EKS cluster:
+
+```bash
+eksctl create cluster --name=appmesh \
+--region=us-west-2 \
+--appmesh-access
+```
+
+The above command will create a two nodes cluster with App Mesh
+[IAM policy](https://docs.aws.amazon.com/app-mesh/latest/userguide/MESH_IAM_user_policies.html)
+attached to the EKS node instance role.
+
+Verify the install with:
+
+```bash
+kubectl get nodes
+```
+
+### Install Helm
+
+Install the [Helm](https://docs.helm.sh/using_helm/#installing-helm) command-line tool:
+
+```text
+brew install kubernetes-helm
+```
+
+Create a service account and a cluster role binding for Tiller:
+
+```bash
+kubectl -n kube-system create sa tiller
+
+kubectl create clusterrolebinding tiller-cluster-rule \
+--clusterrole=cluster-admin \
+--serviceaccount=kube-system:tiller 
+```
+
+Deploy Tiller in the `kube-system` namespace:
+
+```bash
+helm init --service-account tiller
+```
+
+You should consider using SSL between Helm and Tiller, for more information on securing your Helm 
+installation see [docs.helm.sh](https://docs.helm.sh/using_helm/#securing-your-helm-installation).
+
+### Enable horizontal pod auto-scaling
+
+Install the Horizontal Pod Autoscaler (HPA) metrics provider:
+
+```bash
+helm upgrade -i metrics-server stable/metrics-server \
+--namespace kube-system
+```
+
+After a minute, the metrics API should report CPU and memory usage for pods.
+You can very the metrics API with:
+
+```bash
+kubectl -n kube-system top pods
+```
+
+### Install the App Mesh components
+
+Run the App Mesh installer:
+
+```bash
+curl -fsSL https://git.io/get-app-mesh-eks.sh | bash -
+```
+
+The installer does the following:
+
+* creates the `appmesh-system` namespace
+* generates a certificate signed by Kubernetes CA
+* registers the App Mesh mutating webhook
+* deploys the App Mesh webhook in `appmesh-system` namespace
+* deploys the App Mesh CRDs
+* deploys the App Mesh controller in `appmesh-system` namespace
+* creates a mesh called `global`
+
+Verify that the global mesh is active:
+
+```bash
+kubectl describe mesh
+
+Status:
+  Mesh Condition:
+    Status:                True
+    Type:                  MeshActive
+```
+
+### Install Flagger and Grafana
+
+Add Flagger Helm repository:
+
+```bash
+helm repo add flagger https://flagger.app
+```
+
+Deploy Flagger and Prometheus in the _**appmesh-system**_ namespace:
+
+```bash
+helm upgrade -i flagger flagger/flagger \
+--namespace=appmesh-system \
+--set meshProvider=appmesh \
+--set prometheus.install=true
+```
+
+In order to collect the App Mesh metrics that Flagger needs to run the canary analysis, 
+you'll need to setup a Prometheus instance to scrape the Envoy sidecars.
+
+You can enable **Slack** notifications with:
+
+```bash
+helm upgrade -i flagger flagger/flagger \
+--namespace=appmesh-system \
+--set meshProvider=appmesh \
+--set metricsServer=http://prometheus.appmesh:9090 \
+--set slack.url=https://hooks.slack.com/services/YOUR/SLACK/WEBHOOK \
+--set slack.channel=general \
+--set slack.user=flagger
+```
+
+Flagger comes with a Grafana dashboard made for monitoring the canary analysis.
+Deploy Grafana in the _**appmesh-system**_ namespace:
+
+```bash
+helm upgrade -i flagger-grafana flagger/grafana \
+--namespace=appmesh-system \
+--set url=http://prometheus.appmesh-system:9090
+```
+
+You can access Grafana using port forwarding:
+
+```bash
+kubectl -n appmesh-system port-forward svc/flagger-grafana 3000:80
+```
+
+Now that you have Flagger running you can try the
+[App Mesh canary deployments tutorial](https://docs.flagger.app/usage/appmesh-progressive-delivery).
--- a/docs/gitbook/install/flagger-install-on-google-cloud.md
+++ b/docs/gitbook/install/flagger-install-on-google-cloud.md
@@ -2,7 +2,7 @@

 This guide walks you through setting up Flagger and Istio on Google Kubernetes Engine.

-![GKE Cluster Overview](https://raw.githubusercontent.com/stefanprodan/flagger/master/docs/diagrams/flagger-gke-istio.png)
+![GKE Cluster Overview](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/diagrams/flagger-gke-istio.png)

 ### Prerequisites

@@ -186,7 +186,7 @@ Install cert-manager's CRDs:
 ```bash
 CERT_REPO=https://raw.githubusercontent.com/jetstack/cert-manager

-kubectl apply -f ${CERT_REPO}/release-0.6/deploy/manifests/00-crds.yaml
+kubectl apply -f ${CERT_REPO}/release-0.7/deploy/manifests/00-crds.yaml
 ```

 Create the cert-manager namespace and disable resource validation:
@@ -200,20 +200,22 @@ kubectl label namespace cert-manager certmanager.k8s.io/disable-validation=true
 Install cert-manager with Helm:

 ```bash
-helm repo update && helm upgrade -i cert-manager \
+helm repo add jetstack https://charts.jetstack.io && \
+helm repo update && \
+helm upgrade -i cert-manager \
 --namespace cert-manager \
--version v0.6.0 \
-stable/cert-manager
+--version v0.7.0 \
+jetstack/cert-manager
 ```

 ### Istio Gateway TLS setup

-![Istio Let&apos;s Encrypt](https://raw.githubusercontent.com/stefanprodan/flagger/master/docs/diagrams/istio-cert-manager-gke.png)
+![Istio Let&apos;s Encrypt](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/diagrams/istio-cert-manager-gke.png)

 Create a generic Istio Gateway to expose services outside the mesh on HTTPS:

 ```bash
-REPO=https://raw.githubusercontent.com/stefanprodan/flagger/master
+REPO=https://raw.githubusercontent.com/weaveworks/flagger/master

 kubectl apply -f ${REPO}/artifacts/gke/istio-gateway.yaml
 ```
@@ -284,7 +286,7 @@ metadata:
  name: istio-gateway
  namespace: istio-system
 spec:
-  secretname: istio-ingressgateway-certs
+  secretName: istio-ingressgateway-certs
  issuerRef:
    name: letsencrypt-prod
  commonName: "*.example.com"
@@ -332,7 +334,7 @@ Because Flagger uses the Istio HTTP metrics to run the canary analysis you have
 Prometheus configuration that's similar to the one that comes with the official Istio Helm chart.

 ```bash
-REPO=https://raw.githubusercontent.com/stefanprodan/flagger/master
+REPO=https://raw.githubusercontent.com/weaveworks/flagger/master

 kubectl apply -f ${REPO}/artifacts/gke/istio-prometheus.yaml
 ```
--- a/docs/gitbook/install/flagger-install-on-kubernetes.md
+++ b/docs/gitbook/install/flagger-install-on-kubernetes.md
@@ -52,7 +52,8 @@ If you don't have Tiller you can use the helm template command and apply the gen

 ```bash
 # generate
-helm template flagger/flagger \
+helm fetch --untar --untardir . flagger/flagger &&
+helm template flagger \
 --name flagger \
 --namespace=istio-system \
 --set metricsServer=http://prometheus.istio-system:9090 \
@@ -98,12 +99,10 @@ Or use helm template command and apply the generated yaml with kubectl:

 ```bash
 # generate
-helm template flagger/grafana \
+helm fetch --untar --untardir . flagger/grafana &&
+helm template grafana \
 --name flagger-grafana \
 --namespace=istio-system \
--set url=http://prometheus.istio-system:9090 \
--set user=admin \
--set password=change-me \
 > $HOME/flagger-grafana.yaml

 # apply
@@ -113,7 +112,7 @@ kubectl apply -f $HOME/flagger-grafana.yaml
 You can access Grafana using port forwarding:

 ```bash
-kubectl -n istio-system port-forward svc/flagger-grafana 3000:3000
+kubectl -n istio-system port-forward svc/flagger-grafana 3000:80
 ```

 ###  Install Load Tester
@@ -125,18 +124,21 @@ Deploy the load test runner with Helm:

 ```bash
 helm upgrade -i flagger-loadtester flagger/loadtester \
--namepace=test \
--set cmd.logOutput=true \
+--namespace=test \
 --set cmd.timeout=1h
 ```

 Deploy with kubectl:

 ```bash
-export REPO=https://raw.githubusercontent.com/stefanprodan/flagger/master
+helm fetch --untar --untardir . flagger/loadtester &&
+helm template loadtester \
+--name flagger-loadtester \
+--namespace=test
+> $HOME/flagger-loadtester.yaml

-kubectl -n test apply -f ${REPO}/artifacts/loadtester/deployment.yaml
-kubectl -n test apply -f ${REPO}/artifacts/loadtester/service.yaml
+# apply
+kubectl apply -f $HOME/flagger-loadtester.yaml
 ```

 > **Note** that the load tester should be deployed in a namespace with Istio sidecar injection enabled.
--- a/docs/gitbook/install/flagger-install-with-supergloo.md
+++ b/docs/gitbook/install/flagger-install-with-supergloo.md
@@ -0,0 +1,184 @@
+# Flagger install on Kubernetes with SuperGloo
+
+This guide walks you through setting up Flagger on a Kubernetes cluster using [SuperGloo](https://github.com/solo-io/supergloo).
+
+SuperGloo by [Solo.io](https://solo.io) is an opinionated abstraction layer that simplifies the installation, management, and operation of your service mesh.
+It supports running multiple ingresses with multiple meshes (Istio, App Mesh, Consul Connect and Linkerd 2) in the same cluster.
+
+### Prerequisites
+
+Flagger requires a Kubernetes cluster **v1.11** or newer with the following admission controllers enabled:
+
+* MutatingAdmissionWebhook
+* ValidatingAdmissionWebhook
+
+### Install Istio with SuperGloo
+
+#### Install SuperGloo command line interface helper
+
+SuperGloo includes a command line helper (CLI) that makes operation of SuperGloo easier.
+The CLI is not required for SuperGloo to function correctly.
+
+If you use [Homebrew](https://brew.sh) package manager run the following
+commands to install the SuperGloo CLI.
+
+```bash
+brew tap solo-io/tap
+brew solo-io/tap/supergloo
+```
+
+Or you can download SuperGloo CLI and add it to your path:
+
+```bash
+curl -sL https://run.solo.io/supergloo/install | sh
+export PATH=$HOME/.supergloo/bin:$PATH
+```
+
+#### Install SuperGloo controller
+
+Deploy the SuperGloo controller in the `supergloo-system` namespace:
+
+```bash
+supergloo init
+```
+
+This is equivalent to installing SuperGloo using its Helm chart
+
+```bash
+helm repo add supergloo http://storage.googleapis.com/supergloo-helm
+helm upgrade --install supergloo supergloo/supergloo --namespace supergloo-system
+```
+
+#### Install Istio using SuperGloo
+
+Create the `istio-system` namespace and install Istio with traffic management, telemetry and Prometheus enabled:
+
+```bash
+ISTIO_VER="1.0.6"
+
+kubectl create namespace istio-system
+
+supergloo install istio --name istio \
+--namespace=supergloo-system \
+--auto-inject=true \
+--installation-namespace=istio-system \
+--mtls=false \
+--prometheus=true \
+--version=${ISTIO_VER}
+```
+
+This creates a Kubernetes Custom Resource (CRD) like the following.
+
+```yaml
+apiVersion: supergloo.solo.io/v1
+kind: Install
+metadata:
+  name: istio
+  namespace: supergloo-system
+spec:
+  installationNamespace: istio-system
+  mesh:
+    installedMesh:
+      name: istio
+      namespace: supergloo-system
+    istioMesh:
+      enableAutoInject: true
+      enableMtls: false
+      installGrafana: false
+      installJaeger: false
+      installPrometheus: true
+      istioVersion: 1.0.6
+```
+
+#### Allow Flagger to manipulate SuperGloo
+
+Create a cluster role binding so that Flagger can manipulate SuperGloo custom resources:
+
+```bash
+kubectl create clusterrolebinding flagger-supergloo \
+--clusterrole=mesh-discovery \
+--serviceaccount=istio-system:flagger
+```
+
+Wait for the Istio control plane to become available:
+
+```bash
+kubectl --namespace istio-system rollout status deployment/istio-sidecar-injector
+kubectl --namespace istio-system rollout status deployment/prometheus
+```
+
+### Install Flagger
+
+Add Flagger Helm repository:
+
+```bash
+helm repo add flagger https://flagger.app
+```
+
+Deploy Flagger in the _**istio-system**_ namespace and set the service mesh provider to SuperGloo:
+
+```bash
+helm upgrade -i flagger flagger/flagger \
+--namespace=istio-system \
+--set metricsServer=http://prometheus.istio-system:9090 \
+--set meshProvider=supergloo:istio.supergloo-system
+```
+
+When using SuperGloo the mesh provider format is `supergloo:<MESH-NAME>.<SUPERGLOO-NAMESPACE>`.
+
+Optionally you can enable **Slack** notifications:
+
+```bash
+helm upgrade -i flagger flagger/flagger \
+--reuse-values \
+--namespace=istio-system \
+--set slack.url=https://hooks.slack.com/services/YOUR/SLACK/WEBHOOK \
+--set slack.channel=general \
+--set slack.user=flagger
+```
+
+### Install Grafana
+
+Flagger comes with a Grafana dashboard made for monitoring the canary analysis.
+
+Deploy Grafana in the _**istio-system**_ namespace:
+
+```bash
+helm upgrade -i flagger-grafana flagger/grafana \
+--namespace=istio-system \
+--set url=http://prometheus.istio-system:9090
+```
+
+You can access Grafana using port forwarding:
+
+```bash
+kubectl -n istio-system port-forward svc/flagger-grafana 3000:80
+```
+
+### Install Load Tester
+
+Flagger comes with an optional load testing service that generates traffic
+during canary analysis when configured as a webhook.
+
+Deploy the load test runner with Helm:
+
+```bash
+helm upgrade -i flagger-loadtester flagger/loadtester \
+--namespace=test \
+--set cmd.timeout=1h
+```
+
+Deploy with kubectl:
+
+```bash
+helm fetch --untar --untardir . flagger/loadtester &&
+helm template loadtester \
+--name flagger-loadtester \
+--namespace=test
+> $HOME/flagger-loadtester.yaml
+
+# apply
+kubectl apply -f $HOME/flagger-loadtester.yaml
+```
+
+> **Note** that the load tester should be deployed in a namespace with Istio sidecar injection enabled.
--- a/docs/gitbook/tutorials/canary-helm-gitops.md
+++ b/docs/gitbook/tutorials/canary-helm-gitops.md
@@ -29,7 +29,7 @@ You can find the chart source [here](https://github.com/stefanprodan/flagger/tre
 Create a test namespace with Istio sidecar injection enabled:

 ```bash
-export REPO=https://raw.githubusercontent.com/stefanprodan/flagger/master
+export REPO=https://raw.githubusercontent.com/weaveworks/flagger/master

 kubectl apply -f ${REPO}/artifacts/namespaces/test.yaml
 ```
@@ -79,7 +79,7 @@ Flagger will route all traffic to the primary pods and scale to zero the `fronte

 Open your browser and navigate to the frontend URL:

-![Podinfo Frontend](https://raw.githubusercontent.com/stefanprodan/flagger/master/docs/screens/demo-frontend.png)
+![Podinfo Frontend](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/screens/demo-frontend.png)

 Now let's install the `backend` release without exposing it outside the mesh:

@@ -104,7 +104,7 @@ frontend   Initialized   0        2019-02-12T17:50:50Z
 Click on the ping button in the `frontend` UI to trigger a HTTP POST request 
 that will reach the `backend` app:

-![Jaeger Tracing](https://raw.githubusercontent.com/stefanprodan/flagger/master/docs/screens/demo-frontend-jaeger.png)
+![Jaeger Tracing](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/screens/demo-frontend-jaeger.png)

 We'll use the `/echo` endpoint (same as the one the ping button calls) 
 to generate load on both apps during a canary deployment.
@@ -115,7 +115,7 @@ First let's install a load testing service that will generate traffic during ana

 ```bash
 helm upgrade -i flagger-loadtester flagger/loadtester \
--namepace=test
+--namespace=test
 ```

 Enable the load tester and deploy a new `frontend` version:
@@ -155,7 +155,7 @@ You can monitor the canary deployment with Grafana. Open the Flagger dashboard,
 select `test` from the namespace dropdown, `frontend-primary` from the primary dropdown and `frontend` from the
 canary dropdown.

-![Flagger Grafana Dashboard](https://raw.githubusercontent.com/stefanprodan/flagger/master/docs/screens/demo-frontend-dashboard.png)
+![Flagger Grafana Dashboard](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/screens/demo-frontend-dashboard.png)

 Now trigger a canary deployment for the `backend` app, but this time you'll change a value in the configmap:

@@ -213,7 +213,7 @@ Copying backend.test template spec to backend-primary.test
 Promotion completed! Scaling down backend.test
 ```

-![Flagger Grafana Dashboard](https://raw.githubusercontent.com/stefanprodan/flagger/master/docs/screens/demo-backend-dashboard.png)
+![Flagger Grafana Dashboard](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/screens/demo-backend-dashboard.png)

 If the number of failed checks reaches the canary analysis threshold, the traffic is routed back to the primary, 
 the canary is scaled to zero and the rollout is marked as failed.
@@ -237,7 +237,7 @@ In the [GitOps model](https://www.weave.works/technologies/gitops/),
 any change to production must be committed in source control
 prior to being applied on the cluster. This way rollback and audit logs are provided by Git.

-![Helm GitOps Canary Deployment](https://raw.githubusercontent.com/stefanprodan/flagger/master/docs/diagrams/flagger-flux-gitops.png)
+![Helm GitOps Canary Deployment](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/diagrams/flagger-flux-gitops.png)

 In order to apply the GitOps pipeline model to Flagger canary deployments you'll need 
 a Git repository with your workloads definitions in YAML format, 
--- a/docs/gitbook/tutorials/zero-downtime-deployments.md
+++ b/docs/gitbook/tutorials/zero-downtime-deployments.md
@@ -0,0 +1,206 @@
+# Zero downtime deployments
+
+This is a list of things you should consider when dealing with a high traffic production environment if you want to
+minimise the impact of rolling updates and downscaling.
+
+### Deployment strategy
+
+Limit the number of unavailable pods during a rolling update:
+
+```yaml
+apiVersion: apps/v1
+kind: Deployment
+spec:
+  progressDeadlineSeconds: 120
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxUnavailable: 0
+```
+
+The default progress deadline for a deployment is ten minutes.
+You should consider adjusting this value to make the deployment process fail faster.
+
+### Liveness health check
+
+You application should expose a HTTP endpoint that Kubernetes can call to determine if 
+your app transitioned to a broken state from which it can't recover and needs to be restarted.
+
+```yaml
+readinessProbe:
+  exec:
+    command:
+    - wget
+    - --quiet
+    - --tries=1
+    - --timeout=4
+    - --spider
+    - http://localhost:8080/healthz
+  timeoutSeconds: 5
+  initialDelaySeconds: 5
+```
+
+If you've enabled mTLS, you'll have to use `exec` for liveness and readiness checks since 
+kubelet is not part of the service mesh and doesn't have access to the TLS cert.
+
+### Readiness health check
+
+You application should expose a HTTP endpoint that Kubernetes can call to determine if 
+your app is ready to receive traffic.
+
+```yaml
+livenessProbe:
+  exec:
+    command:
+    - wget
+    - --quiet
+    - --tries=1
+    - --timeout=4
+    - --spider
+    - http://localhost:8080/readyz
+  timeoutSeconds: 5
+  initialDelaySeconds: 5
+  periodSeconds: 5
+```
+
+If your app depends on external services, you should check if those services are available before allowing Kubernetes
+to route traffic to an app instance. Keep in mind that the Envoy sidecar can have a slower startup than your app.
+This means that on application start you should retry for at least a couple of seconds any external connection.
+
+### Graceful shutdown
+
+Before a pod gets terminated, Kubernetes sends a `SIGTERM` signal to every container and waits for period of 
+time (30s by default) for all containers to exit gracefully. If your app doesn't handle the `SIGTERM` signal or if it 
+doesn't exit within the grace period, Kubernetes will kill the container and any inflight requests that your app is 
+processing will fail.
+
+```yaml
+apiVersion: apps/v1
+kind: Deployment
+spec:
+  template:
+    spec:
+      terminationGracePeriodSeconds: 60
+      containers:
+      - name: app
+        lifecycle:
+          preStop:
+            exec:
+              command:
+              - sleep
+              - "10"
+```
+
+Your app container should have a `preStop` hook that delays the container shutdown.
+This will allow the service mesh to drain the traffic and remove this pod from all other Envoy sidecars before your app 
+becomes unavailable.
+
+### Delay Envoy shutdown
+
+Even if your app reacts to `SIGTERM` and tries to complete the inflight requests before shutdown, that 
+doesn't mean that the response will make it back to the caller. If the Envoy sidecar shuts down before your app, then 
+the caller will receive a 503 error.
+
+To mitigate this issue you can add a `preStop` hook to the Istio proxy and wait for the main app to exist before Envoy exists.
+
+```bash
+#!/bin/bash
+set -e
+if ! pidof envoy &>/dev/null; then
+  exit 0
+fi
+
+if ! pidof pilot-agent &>/dev/null; then
+  exit 0
+fi
+
+while [ $(netstat -plunt | grep tcp | grep -v envoy | wc -l | xargs) -ne 0 ]; do
+  sleep 1;
+done
+
+exit 0
+```
+
+You'll have to build your own Envoy docker image with the above script and
+modify the Istio injection webhook with the `preStop` directive. 
+
+Thanks to Stono for his excellent [tips](https://github.com/istio/istio/issues/12183) on minimising 503s. 
+
+### Resource requests and limits
+
+Setting CPU and memory requests/limits for all workloads is a mandatory step if you're running a production system.
+Without limits your nodes could run out of memory or become unresponsive due to CPU exhausting.
+Without CPU and memory requests,
+the Kubernetes scheduler will not be able to make decisions about which nodes to place pods on.
+
+```yaml
+apiVersion: apps/v1
+kind: Deployment
+spec:
+  template:
+    spec:
+      containers:
+      - name: app
+        resources:
+          limits:
+            cpu: 1000m
+            memory: 1Gi
+          requests:
+            cpu: 100m
+            memory: 128Mi
+```
+
+Note that without resource requests the horizontal pod autoscaler can't determine when to scale your app.
+
+### Autoscaling
+
+A production environment should be able to handle traffic bursts without impacting the quality of service.
+This can be achieved with Kubernetes autoscaling capabilities.
+Autoscaling in Kubernetes has two dimensions: the Cluster Autoscaler that deals with node scaling operations and
+the Horizontal Pod Autoscaler that automatically scales the number of pods in a deployment.
+
+```yaml
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: app
+  minReplicas: 2
+  maxReplicas: 4
+  metrics:
+  - type: Resource
+    resource:
+      name: cpu
+      targetAverageValue: 900m
+  - type: Resource
+    resource:
+      name: memory
+      targetAverageValue: 768Mi
+```
+
+The above HPA ensures your app will be scaled up before the pods reach the CPU or memory limits.
+
+### Ingress retries
+
+To minimise the impact of downscaling operations you can make use of Envoy retry capabilities.
+
+```yaml
+apiVersion: flagger.app/v1alpha3
+kind: Canary
+spec:
+  service:
+    port: 9898
+    gateways:
+    - public-gateway.istio-system.svc.cluster.local
+    hosts:
+    - app.example.com
+    appendHeaders:
+      x-envoy-upstream-rq-timeout-ms: "15000"
+      x-envoy-max-retries: "10"
+      x-envoy-retry-on: "gateway-error,connect-failure,refused-stream"
+```
+
+When the HPA scales down your app, your users could run into 503 errors.
+The above configuration will make Envoy retry the HTTP requests that failed due to gateway errors.
--- a/docs/gitbook/usage/ab-testing.md
+++ b/docs/gitbook/usage/ab-testing.md
@@ -0,0 +1,214 @@
+# Istio A/B Testing 
+
+This guide shows you how to automate A/B testing with Istio and Flagger.
+
+Besides weighted routing, Flagger can be configured to route traffic to the canary based on HTTP match conditions.
+In an A/B testing scenario, you'll be using HTTP headers or cookies to target a certain segment of your users.
+This is particularly useful for frontend applications that require session affinity.
+
+![Flagger A/B Testing Stages](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/diagrams/flagger-abtest-steps.png)
+
+### Bootstrap
+
+Create a test namespace with Istio sidecar injection enabled:
+
+```bash
+export REPO=https://raw.githubusercontent.com/weaveworks/flagger/master
+
+kubectl apply -f ${REPO}/artifacts/namespaces/test.yaml
+```
+
+Create a deployment and a horizontal pod autoscaler:
+
+```bash
+kubectl apply -f ${REPO}/artifacts/ab-testing/deployment.yaml
+kubectl apply -f ${REPO}/artifacts/ab-testing/hpa.yaml
+```
+
+Deploy the load testing service to generate traffic during the canary analysis:
+
+```bash
+kubectl -n test apply -f ${REPO}/artifacts/loadtester/deployment.yaml
+kubectl -n test apply -f ${REPO}/artifacts/loadtester/service.yaml
+```
+
+Create a canary custom resource (replace example.com with your own domain):
+
+```yaml
+apiVersion: flagger.app/v1alpha3
+kind: Canary
+metadata:
+  name: abtest
+  namespace: test
+spec:
+  # deployment reference
+  targetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: abtest
+  # the maximum time in seconds for the canary deployment
+  # to make progress before it is rollback (default 600s)
+  progressDeadlineSeconds: 60
+  # HPA reference (optional)
+  autoscalerRef:
+    apiVersion: autoscaling/v2beta1
+    kind: HorizontalPodAutoscaler
+    name: abtest
+  service:
+    # container port
+    port: 9898
+    # Istio gateways (optional)
+    gateways:
+    - public-gateway.istio-system.svc.cluster.local
+    - mesh
+    # Istio virtual service host names (optional)
+    hosts:
+    - app.example.com
+  canaryAnalysis:
+    # schedule interval (default 60s)
+    interval: 1m
+    # total number of iterations
+    iterations: 10
+    # max number of failed iterations before rollback
+    threshold: 2
+    # canary match condition
+    match:
+      - headers:
+          user-agent:
+            regex: "^(?!.*Chrome).*Safari.*"
+      - headers:
+          cookie:
+            regex: "^(.*?;)?(type=insider)(;.*)?$"
+    metrics:
+    - name: request-success-rate
+      # minimum req success rate (non 5xx responses)
+      # percentage (0-100)
+      threshold: 99
+      interval: 1m
+    - name: request-duration
+      # maximum req duration P99
+      # milliseconds
+      threshold: 500
+      interval: 30s
+    # generate traffic during analysis
+    webhooks:
+      - name: load-test
+        url: http://flagger-loadtester.test/
+        timeout: 5s
+        metadata:
+          cmd: "hey -z 1m -q 10 -c 2 -H 'Cookie: type=insider' http://podinfo.test:9898/"
+```
+
+The above configuration will run an analysis for ten minutes targeting Safari users and those that have an insider cookie.
+
+Save the above resource as podinfo-abtest.yaml and then apply it:
+
+```bash
+kubectl apply -f ./podinfo-abtest.yaml
+```
+
+After a couple of seconds Flagger will create the canary objects:
+
+```bash
+# applied 
+deployment.apps/abtest
+horizontalpodautoscaler.autoscaling/abtest
+canary.flagger.app/abtest
+
+# generated 
+deployment.apps/abtest-primary
+horizontalpodautoscaler.autoscaling/abtest-primary
+service/abtest
+service/abtest-canary
+service/abtest-primary
+virtualservice.networking.istio.io/abtest
+```
+
+### Automated canary promotion
+
+Trigger a canary deployment by updating the container image:
+
+```bash
+kubectl -n test set image deployment/abtest \
+podinfod=quay.io/stefanprodan/podinfo:1.4.1
+```
+
+Flagger detects that the deployment revision changed and starts a new rollout:
+
+```text
+kubectl -n test describe canary/abtest
+
+Status:
+  Failed Checks:         0
+  Phase:                 Succeeded
+Events:
+  Type     Reason  Age   From     Message
+  ----     ------  ----  ----     -------
+  Normal   Synced  3m    flagger  New revision detected abtest.test
+  Normal   Synced  3m    flagger  Scaling up abtest.test
+  Warning  Synced  3m    flagger  Waiting for abtest.test rollout to finish: 0 of 1 updated replicas are available
+  Normal   Synced  3m    flagger  Advance abtest.test canary iteration 1/10
+  Normal   Synced  3m    flagger  Advance abtest.test canary iteration 2/10
+  Normal   Synced  3m    flagger  Advance abtest.test canary iteration 3/10
+  Normal   Synced  2m    flagger  Advance abtest.test canary iteration 4/10
+  Normal   Synced  2m    flagger  Advance abtest.test canary iteration 5/10
+  Normal   Synced  1m    flagger  Advance abtest.test canary iteration 6/10
+  Normal   Synced  1m    flagger  Advance abtest.test canary iteration 7/10
+  Normal   Synced  55s   flagger  Advance abtest.test canary iteration 8/10
+  Normal   Synced  45s   flagger  Advance abtest.test canary iteration 9/10
+  Normal   Synced  35s   flagger  Advance abtest.test canary iteration 10/10
+  Normal   Synced  25s   flagger  Copying abtest.test template spec to abtest-primary.test
+  Warning  Synced  15s   flagger  Waiting for abtest-primary.test rollout to finish: 1 of 2 updated replicas are available
+  Normal   Synced  5s    flagger  Promotion completed! Scaling down abtest.test
+```
+
+**Note** that if you apply new changes to the deployment during the canary analysis, Flagger will restart the analysis.
+
+You can monitor all canaries with:
+
+```bash
+watch kubectl get canaries --all-namespaces
+
+NAMESPACE   NAME      STATUS        WEIGHT   LASTTRANSITIONTIME
+test        abtest    Progressing   100      2019-03-16T14:05:07Z
+prod        frontend  Succeeded     0        2019-03-15T16:15:07Z
+prod        backend   Failed        0        2019-03-14T17:05:07Z
+```
+
+### Automated rollback
+
+During the canary analysis you can generate HTTP 500 errors and high latency to test Flagger's rollback.
+
+Generate HTTP 500 errors:
+
+```bash
+watch curl -b 'type=insider' http://app.example.com/status/500
+```
+
+Generate latency:
+
+```bash
+watch curl -b 'type=insider' http://app.example.com/delay/1
+```
+
+When the number of failed checks reaches the canary analysis threshold, the traffic is routed back to the primary, 
+the canary is scaled to zero and the rollout is marked as failed.
+
+```text
+kubectl -n test describe canary/abtest
+
+Status:
+  Failed Checks:         2
+  Phase:                 Failed
+Events:
+  Type     Reason  Age   From     Message
+  ----     ------  ----  ----     -------
+  Normal   Synced  3m    flagger  Starting canary deployment for abtest.test
+  Normal   Synced  3m    flagger  Advance abtest.test canary iteration 1/10
+  Normal   Synced  3m    flagger  Advance abtest.test canary iteration 2/10
+  Normal   Synced  3m    flagger  Advance abtest.test canary iteration 3/10
+  Normal   Synced  3m    flagger  Halt abtest.test advancement success rate 69.17% < 99%
+  Normal   Synced  2m    flagger  Halt abtest.test advancement success rate 61.39% < 99%
+  Warning  Synced  2m    flagger  Rolling back abtest.test failed checks threshold reached 2
+  Warning  Synced  1m    flagger  Canary failed! Scaling down abtest.test
+```
--- a/docs/gitbook/usage/alerting.md
+++ b/docs/gitbook/usage/alerting.md
@@ -15,12 +15,12 @@ helm upgrade -i flagger flagger/flagger \
 Once configured with a Slack incoming **webhook**, Flagger will post messages when a canary deployment 
 has been initialised, when a new revision has been detected and if the canary analysis failed or succeeded.

-![flagger-slack](https://raw.githubusercontent.com/stefanprodan/flagger/master/docs/screens/slack-canary-notifications.png)
+![Slack Notifications](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/screens/slack-canary-notifications.png)

 A canary deployment will be rolled back if the progress deadline exceeded or if the analysis reached the 
 maximum number of failed checks:

-![flagger-slack-errors](https://raw.githubusercontent.com/stefanprodan/flagger/master/docs/screens/slack-canary-failed.png)
+![Slack Notifications](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/screens/slack-canary-failed.png)

 ### Prometheus Alert Manager

--- a/docs/gitbook/usage/appmesh-progressive-delivery.md
+++ b/docs/gitbook/usage/appmesh-progressive-delivery.md
@@ -0,0 +1,286 @@
+# App Mesh Canary Deployments
+
+This guide shows you how to use App Mesh and Flagger to automate canary deployments. 
+You'll need an EKS cluster configured with App Mesh, you can find the install guide 
+[here](https://docs.flagger.app/install/flagger-install-on-eks-appmesh).
+
+### Bootstrap
+
+Flagger takes a Kubernetes deployment and optionally a horizontal pod autoscaler (HPA), 
+then creates a series of objects (Kubernetes deployments, ClusterIP services, App Mesh virtual nodes and services). 
+These objects expose the application on the mesh and drive the canary analysis and promotion.
+The only App Mesh object you need to create by yourself is the mesh resource.
+
+Create a mesh called `global`:
+
+```bash
+export REPO=https://raw.githubusercontent.com/weaveworks/flagger/master
+
+kubectl apply -f ${REPO}/artifacts/appmesh/global-mesh.yaml
+```
+
+Create a test namespace with App Mesh sidecar injection enabled:
+
+```bash
+kubectl apply -f ${REPO}/artifacts/namespaces/test.yaml
+```
+
+Create a deployment and a horizontal pod autoscaler:
+
+```bash
+kubectl apply -f ${REPO}/artifacts/appmesh/deployment.yaml
+kubectl apply -f ${REPO}/artifacts/appmesh/hpa.yaml
+```
+
+Deploy the load testing service to generate traffic during the canary analysis:
+
+```bash
+helm upgrade -i flagger-loadtester flagger/loadtester \
+--namespace=test \
+--set meshName=global.appmesh-system \
+--set "backends[0]=podinfo.test"
+```
+
+Create a canary custom resource:
+
+```yaml
+apiVersion: flagger.app/v1alpha3
+kind: Canary
+metadata:
+  name: podinfo
+  namespace: test
+spec:
+  # deployment reference
+  targetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: podinfo
+  # the maximum time in seconds for the canary deployment
+  # to make progress before it is rollback (default 600s)
+  progressDeadlineSeconds: 60
+  # HPA reference (optional)
+  autoscalerRef:
+    apiVersion: autoscaling/v2beta1
+    kind: HorizontalPodAutoscaler
+    name: podinfo
+  service:
+    # container port
+    port: 9898
+    # App Mesh reference
+    meshName: global.appmesh-system
+    # App Mesh egress (optional) 
+    backends:
+      - backend.test
+  # define the canary analysis timing and KPIs
+  canaryAnalysis:
+    # schedule interval (default 60s)
+    interval: 10s
+    # max number of failed metric checks before rollback
+    threshold: 10
+    # max traffic percentage routed to canary
+    # percentage (0-100)
+    maxWeight: 50
+    # canary increment step
+    # percentage (0-100)
+    stepWeight: 5
+    # App Mesh Prometheus checks
+    metrics:
+    - name: request-success-rate
+      # minimum req success rate (non 5xx responses)
+      # percentage (0-100)
+      threshold: 99
+      interval: 1m
+    # external checks (optional)
+    webhooks:
+      - name: load-test
+        url: http://flagger-loadtester.test/
+        timeout: 5s
+        metadata:
+          cmd: "hey -z 1m -q 10 -c 2 http://podinfo.test:9898/"
+```
+
+Save the above resource as podinfo-canary.yaml and then apply it:
+
+```bash
+kubectl apply -f ./podinfo-canary.yaml
+```
+
+After a couple of seconds Flagger will create the canary objects:
+
+```bash
+# applied 
+deployment.apps/podinfo
+horizontalpodautoscaler.autoscaling/podinfo
+canary.flagger.app/podinfo
+
+# generated Kubernetes objects
+deployment.apps/podinfo-primary
+horizontalpodautoscaler.autoscaling/podinfo-primary
+service/podinfo
+service/podinfo-canary
+service/podinfo-primary
+
+# generated App Mesh objects
+virtualnode.appmesh.k8s.aws/podinfo
+virtualnode.appmesh.k8s.aws/podinfo-canary
+virtualnode.appmesh.k8s.aws/podinfo-primary
+virtualservice.appmesh.k8s.aws/podinfo.test
+```
+
+The App Mesh specific settings are:
+
+```yaml
+  service:
+    port: 9898
+    meshName: global.appmesh-system
+    backends:
+      - backend1.test
+      - backend2.test
+```
+
+App Mesh blocks all egress traffic by default. If your application needs to call another service, you have to create an
+App Mesh virtual service for it and add the virtual service name to the backend list.
+
+### Setup App Mesh ingress (optional)
+
+In order to expose the podinfo app outside the mesh you'll be using an Envoy ingress and an AWS classic load balancer.
+The ingress binds to an internet domain and forwards the calls into the mesh through the App Mesh sidecar.
+If podinfo becomes unavailable due to a HPA downscaling or a node restart,
+the ingress will retry the calls for a short period of time.
+
+Deploy the ingress and the AWS ELB service:
+
+```bash
+kubectl apply -f ${REPO}/artifacts/appmesh/ingress.yaml
+```
+
+Find the ingress public address:
+
+```bash
+kubectl -n test describe svc/ingress | grep Ingress
+
+LoadBalancer Ingress:     yyy-xx.us-west-2.elb.amazonaws.com
+```
+
+Wait for the ELB to become active:
+
+```bash
+ watch curl -sS ${INGRESS_URL}
+```
+
+Open your browser and navigate to the ingress address to access podinfo UI.
+
+### Automated canary promotion
+
+Trigger a canary deployment by updating the container image:
+
+```bash
+kubectl -n test set image deployment/podinfo \
+podinfod=quay.io/stefanprodan/podinfo:1.4.1
+```
+
+Flagger detects that the deployment revision changed and starts a new rollout:
+
+```text
+kubectl -n test describe canary/podinfo
+
+Status:
+  Canary Weight:         0
+  Failed Checks:         0
+  Phase:                 Succeeded
+Events:
+  Type     Reason  Age   From     Message
+  ----     ------  ----  ----     -------
+  Normal   Synced  3m    flagger  New revision detected podinfo.test
+  Normal   Synced  3m    flagger  Scaling up podinfo.test
+  Warning  Synced  3m    flagger  Waiting for podinfo.test rollout to finish: 0 of 1 updated replicas are available
+  Normal   Synced  3m    flagger  Advance podinfo.test canary weight 5
+  Normal   Synced  3m    flagger  Advance podinfo.test canary weight 10
+  Normal   Synced  3m    flagger  Advance podinfo.test canary weight 15
+  Normal   Synced  2m    flagger  Advance podinfo.test canary weight 20
+  Normal   Synced  2m    flagger  Advance podinfo.test canary weight 25
+  Normal   Synced  1m    flagger  Advance podinfo.test canary weight 30
+  Normal   Synced  1m    flagger  Advance podinfo.test canary weight 35
+  Normal   Synced  55s   flagger  Advance podinfo.test canary weight 40
+  Normal   Synced  45s   flagger  Advance podinfo.test canary weight 45
+  Normal   Synced  35s   flagger  Advance podinfo.test canary weight 50
+  Normal   Synced  25s   flagger  Copying podinfo.test template spec to podinfo-primary.test
+  Warning  Synced  15s   flagger  Waiting for podinfo-primary.test rollout to finish: 1 of 2 updated replicas are available
+  Normal   Synced  5s    flagger  Promotion completed! Scaling down podinfo.test
+```
+
+**Note** that if you apply new changes to the deployment during the canary analysis, Flagger will restart the analysis.
+
+During the analysis the canary’s progress can be monitored with Grafana. The App Mesh dashboard URL is 
+http://localhost:3000/d/flagger-appmesh/appmesh-canary?refresh=10s&orgId=1&var-namespace=test&var-primary=podinfo-primary&var-canary=podinfo
+
+![App Mesh Canary Dashboard](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/screens/flagger-grafana-appmesh.png)
+
+You can monitor all canaries with:
+
+```bash
+watch kubectl get canaries --all-namespaces
+
+NAMESPACE   NAME      STATUS        WEIGHT   LASTTRANSITIONTIME
+test        podinfo   Progressing   15       2019-03-16T14:05:07Z
+prod        frontend  Succeeded     0        2019-03-15T16:15:07Z
+prod        backend   Failed        0        2019-03-14T17:05:07Z
+```
+
+If you’ve enabled the Slack notifications, you should receive the following messages:
+
+![Flagger Slack Notifications](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/screens/slack-canary-notifications.png)
+
+### Automated rollback
+
+During the canary analysis you can generate HTTP 500 errors to test if Flagger pauses the rollout.
+
+Trigger a canary deployment:
+
+```bash
+kubectl -n test set image deployment/podinfo \
+podinfod=quay.io/stefanprodan/podinfo:1.4.2
+```
+
+Exec into the load tester pod with:
+
+```bash
+kubectl -n test exec -it flagger-loadtester-xx-xx sh
+```
+
+Generate HTTP 500 errors:
+
+```bash
+hey -z 1m -c 5 -q 5 http://podinfo.test:9898/status/500
+```
+
+When the number of failed checks reaches the canary analysis threshold, the traffic is routed back to the primary, 
+the canary is scaled to zero and the rollout is marked as failed.
+
+```text
+kubectl -n test describe canary/podinfo
+
+Status:
+  Canary Weight:         0
+  Failed Checks:         10
+  Phase:                 Failed
+Events:
+  Type     Reason  Age   From     Message
+  ----     ------  ----  ----     -------
+  Normal   Synced  3m    flagger  Starting canary deployment for podinfo.test
+  Normal   Synced  3m    flagger  Advance podinfo.test canary weight 5
+  Normal   Synced  3m    flagger  Advance podinfo.test canary weight 10
+  Normal   Synced  3m    flagger  Advance podinfo.test canary weight 15
+  Normal   Synced  3m    flagger  Halt podinfo.test advancement success rate 69.17% < 99%
+  Normal   Synced  2m    flagger  Halt podinfo.test advancement success rate 61.39% < 99%
+  Normal   Synced  2m    flagger  Halt podinfo.test advancement success rate 55.06% < 99%
+  Normal   Synced  2m    flagger  Halt podinfo.test advancement success rate 47.00% < 99%
+  Normal   Synced  2m    flagger  (combined from similar events): Halt podinfo.test advancement success rate 38.08% < 99%
+  Warning  Synced  1m    flagger  Rolling back podinfo.test failed checks threshold reached 10
+  Warning  Synced  1m    flagger  Canary failed! Scaling down podinfo.test
+```
+
+If you’ve enabled the Slack notifications, you’ll receive a message if the progress deadline is exceeded, 
+or if the analysis reached the maximum number of failed checks:
+
+![Flagger Slack Notifications](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/screens/slack-canary-failed.png)
--- a/docs/gitbook/usage/monitoring.md
+++ b/docs/gitbook/usage/monitoring.md
@@ -6,15 +6,13 @@ Flagger comes with a Grafana dashboard made for canary analysis. Install Grafana

 ```bash
 helm upgrade -i flagger-grafana flagger/grafana \
--namespace=istio-system \
--set url=http://prometheus:9090 \
--set user=admin \
--set password=admin
+--namespace=istio-system \ # or appmesh-system
+--set url=http://prometheus:9090
 ```

 The dashboard shows the RED and USE metrics for the primary and canary workloads:

-![canary dashboard](https://raw.githubusercontent.com/stefanprodan/flagger/master/docs/screens/grafana-canary-analysis.png)
+![Canary Dashboard](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/screens/grafana-canary-analysis.png)

 ### Logging

@@ -48,6 +46,9 @@ Flagger exposes Prometheus metrics that can be used to determine the canary anal
 the destination weight values:

 ```bash
+# Flagger version and mesh provider gauge
+flagger_info{version="0.10.0", mesh_provider="istio"} 1
+
 # Canaries total gauge
 flagger_canary_total{namespace="test"} 1

--- a/docs/gitbook/usage/nginx-progressive-delivery.md
+++ b/docs/gitbook/usage/nginx-progressive-delivery.md
@@ -0,0 +1,421 @@
+# NGNIX Ingress Controller Canary Deployments
+
+This guide shows you how to use the NGINX ingress controller and Flagger to automate canary deployments and A/B testing.
+
+![Flagger NGINX Ingress Controller](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/diagrams/flagger-nginx-overview.png)
+
+### Prerequisites
+
+Flagger requires a Kubernetes cluster **v1.11** or newer and NGINX ingress **0.24** or newer.
+
+Install NGINX with Helm:
+
+```bash
+helm upgrade -i nginx-ingress stable/nginx-ingress \
+--namespace ingress-nginx \
+--set controller.stats.enabled=true \
+--set controller.metrics.enabled=true \
+--set controller.podAnnotations."prometheus\.io/scrape"=true \
+--set controller.podAnnotations."prometheus\.io/port"=10254 
+```
+
+Install Flagger and the Prometheus add-on in the same namespace as NGINX:
+
+```bash
+helm repo add flagger https://flagger.app
+
+helm upgrade -i flagger flagger/flagger \
+--namespace ingress-nginx \
+--set prometheus.install=true \
+--set meshProvider=nginx
+```
+
+Optionally you can enable Slack notifications:
+
+```bash
+helm upgrade -i flagger flagger/flagger \
+--reuse-values \
+--namespace ingress-nginx \
+--set slack.url=https://hooks.slack.com/services/YOUR/SLACK/WEBHOOK \
+--set slack.channel=general \
+--set slack.user=flagger
+```
+
+### Bootstrap
+
+Flagger takes a Kubernetes deployment and optionally a horizontal pod autoscaler (HPA), 
+then creates a series of objects (Kubernetes deployments, ClusterIP services and canary ingress). 
+These objects expose the application outside the cluster and drive the canary analysis and promotion.
+
+Create a test namespace:
+
+```bash
+kubectl create ns test
+```
+
+Create a deployment and a horizontal pod autoscaler:
+
+```bash
+kubectl apply -f ${REPO}/artifacts/nginx/deployment.yaml
+kubectl apply -f ${REPO}/artifacts/nginx/hpa.yaml
+```
+
+Deploy the load testing service to generate traffic during the canary analysis:
+
+```bash
+helm upgrade -i flagger-loadtester flagger/loadtester \
+--namespace=test
+```
+
+Create an ingress definition (replace `app.example.com` with your own domain):
+
+```yaml
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: podinfo
+  namespace: test
+  labels:
+    app: podinfo
+  annotations:
+    kubernetes.io/ingress.class: "nginx"
+spec:
+  rules:
+    - host: app.example.com
+      http:
+        paths:
+          - backend:
+              serviceName: podinfo
+              servicePort: 9898
+```
+
+Save the above resource as podinfo-ingress.yaml and then apply it:
+
+```bash
+kubectl apply -f ./podinfo-ingress.yaml
+```
+
+Create a canary custom resource (replace `app.example.com` with your own domain):
+
+```yaml
+apiVersion: flagger.app/v1alpha3
+kind: Canary
+metadata:
+  name: podinfo
+  namespace: test
+spec:
+  # deployment reference
+  targetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: podinfo
+  # ingress reference
+  ingressRef:
+    apiVersion: extensions/v1beta1
+    kind: Ingress
+    name: podinfo
+  # HPA reference (optional)
+  autoscalerRef:
+    apiVersion: autoscaling/v2beta1
+    kind: HorizontalPodAutoscaler
+    name: podinfo
+  # the maximum time in seconds for the canary deployment
+  # to make progress before it is rollback (default 600s)
+  progressDeadlineSeconds: 60
+  service:
+    # container port
+    port: 9898
+  canaryAnalysis:
+    # schedule interval (default 60s)
+    interval: 10s
+    # max number of failed metric checks before rollback
+    threshold: 10
+    # max traffic percentage routed to canary
+    # percentage (0-100)
+    maxWeight: 50
+    # canary increment step
+    # percentage (0-100)
+    stepWeight: 5
+    # NGINX Prometheus checks
+    metrics:
+    - name: request-success-rate
+      # minimum req success rate (non 5xx responses)
+      # percentage (0-100)
+      threshold: 99
+      interval: 1m
+    # load testing (optional)
+    webhooks:
+      - name: load-test
+        url: http://flagger-loadtester.test/
+        timeout: 5s
+        metadata:
+          type: cmd
+          cmd: "hey -z 1m -q 10 -c 2 http://app.example.com/"
+```
+
+Save the above resource as podinfo-canary.yaml and then apply it:
+
+```bash
+kubectl apply -f ./podinfo-canary.yaml
+```
+
+After a couple of seconds Flagger will create the canary objects:
+
+```bash
+# applied 
+deployment.apps/podinfo
+horizontalpodautoscaler.autoscaling/podinfo
+ingresses.extensions/podinfo
+canary.flagger.app/podinfo
+
+# generated 
+deployment.apps/podinfo-primary
+horizontalpodautoscaler.autoscaling/podinfo-primary
+service/podinfo
+service/podinfo-canary
+service/podinfo-primary
+ingresses.extensions/podinfo-canary
+```
+
+### Automated canary promotion
+
+Flagger implements a control loop that gradually shifts traffic to the canary while measuring key performance indicators 
+like HTTP requests success rate, requests average duration and pod health.
+Based on analysis of the KPIs a canary is promoted or aborted, and the analysis result is published to Slack.
+
+![Flagger Canary Stages](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/diagrams/flagger-canary-steps.png)
+
+Trigger a canary deployment by updating the container image:
+
+```bash
+kubectl -n test set image deployment/podinfo \
+podinfod=quay.io/stefanprodan/podinfo:1.4.1
+```
+
+Flagger detects that the deployment revision changed and starts a new rollout:
+
+```text
+kubectl -n test describe canary/podinfo
+
+Status:
+  Canary Weight:         0
+  Failed Checks:         0
+  Phase:                 Succeeded
+Events:
+  Type     Reason  Age   From     Message
+  ----     ------  ----  ----     -------
+  Normal   Synced  3m    flagger  New revision detected podinfo.test
+  Normal   Synced  3m    flagger  Scaling up podinfo.test
+  Warning  Synced  3m    flagger  Waiting for podinfo.test rollout to finish: 0 of 1 updated replicas are available
+  Normal   Synced  3m    flagger  Advance podinfo.test canary weight 5
+  Normal   Synced  3m    flagger  Advance podinfo.test canary weight 10
+  Normal   Synced  3m    flagger  Advance podinfo.test canary weight 15
+  Normal   Synced  2m    flagger  Advance podinfo.test canary weight 20
+  Normal   Synced  2m    flagger  Advance podinfo.test canary weight 25
+  Normal   Synced  1m    flagger  Advance podinfo.test canary weight 30
+  Normal   Synced  1m    flagger  Advance podinfo.test canary weight 35
+  Normal   Synced  55s   flagger  Advance podinfo.test canary weight 40
+  Normal   Synced  45s   flagger  Advance podinfo.test canary weight 45
+  Normal   Synced  35s   flagger  Advance podinfo.test canary weight 50
+  Normal   Synced  25s   flagger  Copying podinfo.test template spec to podinfo-primary.test
+  Warning  Synced  15s   flagger  Waiting for podinfo-primary.test rollout to finish: 1 of 2 updated replicas are available
+  Normal   Synced  5s    flagger  Promotion completed! Scaling down podinfo.test
+```
+
+**Note** that if you apply new changes to the deployment during the canary analysis, Flagger will restart the analysis.
+
+You can monitor all canaries with:
+
+```bash
+watch kubectl get canaries --all-namespaces
+
+NAMESPACE   NAME      STATUS        WEIGHT   LASTTRANSITIONTIME
+test        podinfo   Progressing   15       2019-05-06T14:05:07Z
+prod        frontend  Succeeded     0        2019-05-05T16:15:07Z
+prod        backend   Failed        0        2019-05-04T17:05:07Z
+```
+
+### Automated rollback
+
+During the canary analysis you can generate HTTP 500 errors to test if Flagger pauses and rolls back the faulted version.
+
+Trigger another canary deployment:
+
+```bash
+kubectl -n test set image deployment/podinfo \
+podinfod=quay.io/stefanprodan/podinfo:1.4.2
+```
+
+Generate HTTP 500 errors:
+
+```bash
+watch curl http://app.example.com/status/500
+```
+
+When the number of failed checks reaches the canary analysis threshold, the traffic is routed back to the primary, 
+the canary is scaled to zero and the rollout is marked as failed.
+
+```text
+kubectl -n test describe canary/podinfo
+
+Status:
+  Canary Weight:         0
+  Failed Checks:         10
+  Phase:                 Failed
+Events:
+  Type     Reason  Age   From     Message
+  ----     ------  ----  ----     -------
+  Normal   Synced  3m    flagger  Starting canary deployment for podinfo.test
+  Normal   Synced  3m    flagger  Advance podinfo.test canary weight 5
+  Normal   Synced  3m    flagger  Advance podinfo.test canary weight 10
+  Normal   Synced  3m    flagger  Advance podinfo.test canary weight 15
+  Normal   Synced  3m    flagger  Halt podinfo.test advancement success rate 69.17% < 99%
+  Normal   Synced  2m    flagger  Halt podinfo.test advancement success rate 61.39% < 99%
+  Normal   Synced  2m    flagger  Halt podinfo.test advancement success rate 55.06% < 99%
+  Normal   Synced  2m    flagger  Halt podinfo.test advancement success rate 47.00% < 99%
+  Normal   Synced  2m    flagger  (combined from similar events): Halt podinfo.test advancement success rate 38.08% < 99%
+  Warning  Synced  1m    flagger  Rolling back podinfo.test failed checks threshold reached 10
+  Warning  Synced  1m    flagger  Canary failed! Scaling down podinfo.test
+```
+
+### Custom metrics
+
+The canary analysis can be extended with Prometheus queries.
+
+The demo app is instrumented with Prometheus so you can create a custom check that will use the HTTP request duration 
+histogram to validate the canary. 
+
+Edit the canary analysis and add the following metric:
+
+```yaml
+  canaryAnalysis:
+    metrics:
+    - name: "latency"
+      threshold: 0.5
+      interval: 1m
+      query: |
+        histogram_quantile(0.99,
+          sum(
+            rate(
+              http_request_duration_seconds_bucket{
+                kubernetes_namespace="test",
+                kubernetes_pod_name=~"podinfo-[0-9a-zA-Z]+(-[0-9a-zA-Z]+)"
+              }[1m]
+            )
+          ) by (le)
+        )
+```
+
+The threshold is set to 500ms so if the average request duration in the last minute 
+goes over half a second then the analysis will fail and the canary will not be promoted.
+
+Trigger a canary deployment by updating the container image:
+
+```bash
+kubectl -n test set image deployment/podinfo \
+podinfod=quay.io/stefanprodan/podinfo:1.4.3
+```
+
+Generate high response latency:
+
+```bash
+watch curl http://app.exmaple.com/delay/2
+```
+
+Watch Flagger logs:
+
+```
+kubectl -n nginx-ingress logs deployment/flagger -f | jq .msg
+
+Starting canary deployment for podinfo.test
+Advance podinfo.test canary weight 5
+Advance podinfo.test canary weight 10
+Advance podinfo.test canary weight 15
+Halt podinfo.test advancement latency 1.20 > 0.5
+Halt podinfo.test advancement latency 1.45 > 0.5
+Halt podinfo.test advancement latency 1.60 > 0.5
+Halt podinfo.test advancement latency 1.69 > 0.5
+Halt podinfo.test advancement latency 1.70 > 0.5
+Rolling back podinfo.test failed checks threshold reached 5
+Canary failed! Scaling down podinfo.test
+```
+
+If you have Slack configured, Flagger will send a notification with the reason why the canary failed.
+
+### A/B Testing 
+
+Besides weighted routing, Flagger can be configured to route traffic to the canary based on HTTP match conditions.
+In an A/B testing scenario, you'll be using HTTP headers or cookies to target a certain segment of your users.
+This is particularly useful for frontend applications that require session affinity.
+
+![Flagger A/B Testing Stages](https://raw.githubusercontent.com/weaveworks/flagger/master/docs/diagrams/flagger-abtest-steps.png)
+
+Edit the canary analysis, remove the max/step weight and add the match conditions and iterations:
+
+```yaml
+  canaryAnalysis:
+    interval: 1m
+    threshold: 10
+    iterations: 10
+    match:
+      # curl -H 'X-Canary: insider' http://app.example.com
+      - headers:
+          x-canary:
+            exact: "insider"
+      # curl -b 'canary=always' http://app.example.com
+      - headers:
+          cookie:
+            exact: "canary"
+    metrics:
+    - name: request-success-rate
+      threshold: 99
+      interval: 1m
+    webhooks:
+      - name: load-test
+        url: http://localhost:8888/
+        timeout: 5s
+        metadata:
+          type: cmd
+          cmd: "hey -z 1m -q 10 -c 2 -H 'Cookie: canary=always' http://app.example.com/"
+          logCmdOutput: "true"
+```
+
+The above configuration will run an analysis for ten minutes targeting users that have a `canary` cookie set to `always` or 
+those that call the service using the `X-Canary: insider` header.
+
+Trigger a canary deployment by updating the container image:
+
+```bash
+kubectl -n test set image deployment/podinfo \
+podinfod=quay.io/stefanprodan/podinfo:1.5.0
+```
+
+Flagger detects that the deployment revision changed and starts the A/B testing:
+
+```text
+kubectl -n test describe canary/podinfo
+
+Status:
+  Failed Checks:         0
+  Phase:                 Succeeded
+Events:
+  Type     Reason  Age   From     Message
+  ----     ------  ----  ----     -------
+  Normal   Synced  3m    flagger  New revision detected podinfo.test
+  Normal   Synced  3m    flagger  Scaling up podinfo.test
+  Warning  Synced  3m    flagger  Waiting for podinfo.test rollout to finish: 0 of 1 updated replicas are available
+  Normal   Synced  3m    flagger  Advance podinfo.test canary iteration 1/10
+  Normal   Synced  3m    flagger  Advance podinfo.test canary iteration 2/10
+  Normal   Synced  3m    flagger  Advance podinfo.test canary iteration 3/10
+  Normal   Synced  2m    flagger  Advance podinfo.test canary iteration 4/10
+  Normal   Synced  2m    flagger  Advance podinfo.test canary iteration 5/10
+  Normal   Synced  1m    flagger  Advance podinfo.test canary iteration 6/10
+  Normal   Synced  1m    flagger  Advance podinfo.test canary iteration 7/10
+  Normal   Synced  55s   flagger  Advance podinfo.test canary iteration 8/10
+  Normal   Synced  45s   flagger  Advance podinfo.test canary iteration 9/10
+  Normal   Synced  35s   flagger  Advance podinfo.test canary iteration 10/10
+  Normal   Synced  25s   flagger  Copying podinfo.test template spec to podinfo-primary.test
+  Warning  Synced  15s   flagger  Waiting for podinfo-primary.test rollout to finish: 1 of 2 updated replicas are available
+  Normal   Synced  5s    flagger  Promotion completed! Scaling down podinfo.test
+```
+
--- a/docs/gitbook/usage/progressive-delivery.md
+++ b/docs/gitbook/usage/progressive-delivery.md
@@ -1,11 +1,13 @@
-# Canary Deployments
+# Istio Canary Deployments

 This guide shows you how to use Istio and Flagger to automate canary deployments.

+### Bootstrap
+
 Create a test namespace with Istio sidecar injection enabled:

 ```bash
-export REPO=https://raw.githubusercontent.com/stefanprodan/flagger/master
+export REPO=https://raw.githubusercontent.com/weaveworks/flagger/master

 kubectl apply -f ${REPO}/artifacts/namespaces/test.yaml
 ```
@@ -52,6 +54,7 @@ spec:
    # Istio gateways (optional)
    gateways:
    - public-gateway.istio-system.svc.cluster.local
+    - mesh
    # Istio virtual service host names (optional)
    hosts:
    - app.example.com
@@ -67,12 +70,12 @@ spec:
    # percentage (0-100)
    stepWeight: 10
    metrics:
-    - name: istio_requests_total
+    - name: request-success-rate
      # minimum req success rate (non 5xx responses)
      # percentage (0-100)
      threshold: 99
      interval: 1m
-    - name: istio_request_duration_seconds_bucket
+    - name: request-duration
      # maximum req duration P99
      # milliseconds
      threshold: 500
@@ -109,6 +112,8 @@ service/podinfo-primary
 virtualservice.networking.istio.io/podinfo
 ```

+### Automated canary promotion
+
 Trigger a canary deployment by updating the container image:

 ```bash
@@ -159,6 +164,8 @@ prod        frontend  Succeeded     0        2019-01-15T16:15:07Z
 prod        backend   Failed        0        2019-01-14T17:05:07Z
 ```

+### Automated rollback
+
 During the canary analysis you can generate HTTP 500 errors and high latency to test if Flagger pauses the rollout.

 Create a tester pod and exec into it:
--- a/docs/logo/flagger-horiz.jpg
+++ b/docs/logo/flagger-horiz.jpg
--- a/docs/logo/flagger-horiz.png
+++ b/docs/logo/flagger-horiz.png
--- a/docs/logo/flagger-vert.jpg
+++ b/docs/logo/flagger-vert.jpg
--- a/docs/logo/flagger-vert.png
+++ b/docs/logo/flagger-vert.png
--- a/docs/logo/flagger-weaveworks.svg
+++ b/docs/logo/flagger-weaveworks.svg
@@ -0,0 +1,71 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Generator: Adobe Illustrator 16.0.3, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 width="900px" height="900px" viewBox="0 0 900 900" enable-background="new 0 0 900 900" xml:space="preserve">
+<g>
+	<defs>
+		<rect id="SVGID_1_" width="900" height="900"/>
+	</defs>
+	<clipPath id="SVGID_2_">
+		<use xlink:href="#SVGID_1_"  overflow="visible"/>
+	</clipPath>
+	<path clip-path="url(#SVGID_2_)" fill="#33324B" d="M356.003,268.915L586.001,63.471c-18.262-14.35-38.76-25.978-60.934-34.188
+		L356.003,180.298V268.915z"/>
+	<path clip-path="url(#SVGID_2_)" fill="#33324B" d="M289.914,239.333l-62.307,55.655c5.674,23.087,14.884,44.774,27.05,64.454
+		l35.257-31.493V239.333z"/>
+	<path clip-path="url(#SVGID_2_)" fill="#40C6F1" d="M479.023,70.412V17.631c-10.554-1.513-21.329-2.338-32.302-2.338
+		c-11.484,0-22.764,0.871-33.787,2.527v111.626L479.023,70.412z"/>
+	<path clip-path="url(#SVGID_2_)" fill="#40C6F1" d="M479.023,380.863V159.029l-66.089,59.033v246.046
+		c11.023,1.655,22.303,2.526,33.787,2.526c13.449,0,26.601-1.244,39.404-3.5l176.98-158.086c6.01-20.321,9.287-41.815,9.287-64.085
+		c0-10.488-0.774-20.79-2.159-30.898L479.023,380.863z"/>
+	<path clip-path="url(#SVGID_2_)" fill="#F04E27" d="M479.023,315.734l177.305-158.376c-8.446-21.157-19.978-40.739-34.079-58.175
+		L479.023,227.118V315.734z"/>
+	<path clip-path="url(#SVGID_2_)" fill="#F04E27" d="M412.935,286.152l-56.931,50.854V34.328
+		c-24.657,10.841-46.992,25.96-66.09,44.426v324.42c14.897,14.403,31.742,26.797,50.147,36.688l72.874-65.094V286.152z"/>
+	<polygon clip-path="url(#SVGID_2_)" fill="#33324B" points="175.804,603.774 207.413,485.167 249.859,485.167 202.897,650.136 
+		152.926,650.136 124.93,539.054 96.933,650.136 46.961,650.136 0,485.167 42.446,485.167 74.055,603.774 105.362,485.167 
+		144.497,485.167 	"/>
+	<path clip-path="url(#SVGID_2_)" fill="#33324B" d="M406.409,595.948c-4.816,32.812-30.103,56.293-73.452,56.293
+		c-46.059,0-80.076-27.695-80.076-83.686c0-56.293,35.222-85.495,80.076-85.495c49.67,0,75.861,36.426,75.861,85.191v8.73H295.025
+		c0,18.365,7.526,41.543,37.328,41.543c16.558,0,29.502-8.127,32.814-23.479L406.409,595.948z M365.77,547.784
+		c-1.506-22.88-16.256-31.308-33.114-31.308c-19.266,0-34.017,11.738-36.124,31.308H365.77z"/>
+	<path clip-path="url(#SVGID_2_)" fill="#33324B" d="M530.318,543.269v-5.721c0-12.944-5.42-21.374-29.803-21.374
+		c-30.404,0-31.308,16.859-31.308,22.58h-39.134c0-24.386,10.234-55.693,71.646-55.693c58.702,0,69.238,29.201,69.238,52.982v90.912
+		c0,6.624,0.301,12.041,0.903,16.256l1.204,6.925h-41.544v-16.557c-11.739,11.738-27.995,18.662-51.176,18.662
+		c-32.511,0-57.196-18.965-57.196-51.777c0-37.93,35.824-46.059,50.273-48.465L530.318,543.269z M530.318,574.275l-15.955,2.406
+		c-8.73,1.506-19.267,3.011-25.588,4.215c-6.925,1.205-12.945,2.71-17.46,6.321c-4.215,3.313-6.321,7.829-6.321,13.546
+		c0,4.818,1.806,19.87,24.385,19.87c13.243,0,24.984-4.816,31.307-11.14c8.128-8.127,9.633-18.362,9.633-26.49V574.275z"/>
+	<polygon clip-path="url(#SVGID_2_)" fill="#33324B" points="687.764,650.136 632.675,650.136 578.488,485.167 623.041,485.167 
+		660.972,611.303 699.203,485.167 742.552,485.167 	"/>
+	<path clip-path="url(#SVGID_2_)" fill="#33324B" d="M897.591,595.948c-4.816,32.812-30.103,56.293-73.452,56.293
+		c-46.059,0-80.075-27.695-80.075-83.686c0-56.293,35.222-85.495,80.075-85.495c49.67,0,75.861,36.426,75.861,85.191v8.73H786.208
+		c0,18.365,7.526,41.543,37.328,41.543c16.558,0,29.502-8.127,32.812-23.479L897.591,595.948z M856.952,547.784
+		c-1.506-22.88-16.256-31.308-33.114-31.308c-19.266,0-34.017,11.738-36.124,31.308H856.952z"/>
+</g>
+<g id="flagger1">
+	<path id="fagger" fill="#566991" d="M138.27,737.32h-30.625v113.925H87.8V737.32H64.77v-16.905H87.8v-22.05
+		c0-18.62,11.515-29.89,32.095-29.89c8.575,0,20.09,0.489,20.09,0.489v17.15c-1.225,0-10.535-0.245-13.965-0.245
+		c-10.535,0-18.375,1.225-18.375,14.945v19.6h30.625V737.32z M179.675,851.245h-20.09v-181.3h20.09V851.245z M293.519,800.285
+		V785.34c0,0-28.42,3.675-42.875,5.88c-13.965,1.96-25.235,6.615-25.235,22.051c0,12.984,8.82,22.784,26.705,22.784
+		C276.858,836.055,293.519,821.845,293.519,800.285z M239.618,776.521c12.495-2.45,53.9-7.351,53.9-7.351v-7.104
+		c0-18.13-7.84-26.705-30.87-26.705c-24.745,0-31.605,11.27-32.585,24.5h-20.09c0-16.905,9.555-41.16,52.185-41.16
+		c44.835,0,51.45,23.275,51.45,44.1v67.375c0,6.125,0.245,15.926,1.715,21.07h-20.335c0,0-0.49-7.105-0.49-17.64
+		c-6.37,8.33-19.11,19.354-45.815,19.354c-25.235,0-44.1-14.7-44.1-39.2C204.583,786.565,226.388,779.215,239.618,776.521z
+		 M338.271,782.646c0-42.386,24.99-63.945,55.86-63.945c22.295,0,36.015,10.535,40.425,20.58v-18.865h19.845V850.51
+		c0,25.235-12.25,49.49-58.31,49.49c-34.3,0-55.125-13.72-55.86-42.63h20.335c0,14.945,10.535,25.97,36.015,25.97
+		c29.399,0,37.729-13.475,37.729-35.035v-22.784c-4.41,10.045-18.62,20.58-40.915,20.58
+		C362.527,846.101,338.271,825.03,338.271,782.646z M434.312,782.4c0-33.32-14.7-46.55-38.22-46.55
+		c-20.825,0-37.485,11.76-37.485,46.305s16.66,46.795,37.485,46.795C419.611,828.95,434.312,815.72,434.312,782.4z M478.575,782.646
+		c0-42.386,24.99-63.945,55.859-63.945c22.296,0,36.016,10.535,40.426,20.58v-18.865h19.845V850.51
+		c0,25.235-12.25,49.49-58.311,49.49c-34.3,0-55.125-13.72-55.859-42.63h20.335c0,14.945,10.535,25.97,36.015,25.97
+		c29.4,0,37.73-13.475,37.73-35.035v-22.784c-4.41,10.045-18.62,20.58-40.915,20.58C502.83,846.101,478.575,825.03,478.575,782.646z
+		 M574.615,782.4c0-33.32-14.7-46.55-38.221-46.55c-20.824,0-37.484,11.76-37.484,46.305s16.66,46.795,37.484,46.795
+		C559.915,828.95,574.615,815.72,574.615,782.4z M714.674,806.165l20.335,0.245c-2.695,23.03-18.62,46.55-56.105,46.55
+		c-34.79,0-60.025-23.765-60.025-66.885c0-40.67,24.99-67.375,59.78-67.375c36.75,0,57.085,27.439,57.085,70.56h-96.285
+		c0.49,24.745,10.78,46.795,39.69,46.795C700.463,836.055,712.958,822.825,714.674,806.165z M640.193,773.335h73.745
+		c-1.96-27.685-17.885-37.729-35.771-37.729C658.078,735.605,642.644,749.08,640.193,773.335z M829.497,740.995h-8.82
+		c-23.521,0-39.936,8.085-39.936,38.955v71.295h-20.09v-130.83h19.846v22.54c8.574-16.66,25.97-22.54,39.689-22.54h9.311V740.995z"
+		/>
+</g>
+</svg>
--- a/docs/screens/flagger-grafana-appmesh.png
+++ b/docs/screens/flagger-grafana-appmesh.png
--- a/hack/update-codegen.sh
+++ b/hack/update-codegen.sh
@@ -22,7 +22,6 @@ SCRIPT_ROOT=$(dirname ${BASH_SOURCE})/..
 CODEGEN_PKG=${CODEGEN_PKG:-$(cd ${SCRIPT_ROOT}; ls -d -1 ./vendor/k8s.io/code-generator 2>/dev/null || echo ../code-generator)}

 ${CODEGEN_PKG}/generate-groups.sh "deepcopy,client,informer,lister" \
-  github.com/stefanprodan/flagger/pkg/client github.com/stefanprodan/flagger/pkg/apis \
-  flagger:v1alpha3 \
+  github.com/weaveworks/flagger/pkg/client github.com/weaveworks/flagger/pkg/apis \
+  "appmesh:v1beta1 istio:v1alpha3 flagger:v1alpha3" \
  --go-header-file ${SCRIPT_ROOT}/hack/boilerplate.go.txt
-
--- a/pkg/apis/appmesh/register.go
+++ b/pkg/apis/appmesh/register.go
@@ -0,0 +1,5 @@
+package appmesh
+
+const (
+	GroupName = "appmesh.k8s.aws"
+)
--- a/pkg/apis/appmesh/v1beta1/doc.go
+++ b/pkg/apis/appmesh/v1beta1/doc.go
@@ -0,0 +1,5 @@
+// +k8s:deepcopy-gen=package
+
+// Package v1beta1 is the v1beta1 version of the API.
+// +groupName=appmesh.k8s.aws
+package v1beta1
--- a/pkg/apis/appmesh/v1beta1/register.go
+++ b/pkg/apis/appmesh/v1beta1/register.go
@@ -0,0 +1,41 @@
+package v1beta1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+
+	"github.com/weaveworks/flagger/pkg/apis/appmesh"
+)
+
+// SchemeGroupVersion is group version used to register these objects
+var SchemeGroupVersion = schema.GroupVersion{Group: appmesh.GroupName, Version: "v1beta1"}
+
+// Kind takes an unqualified kind and returns back a Group qualified GroupKind
+func Kind(kind string) schema.GroupKind {
+	return SchemeGroupVersion.WithKind(kind).GroupKind()
+}
+
+// Resource takes an unqualified resource and returns a Group qualified GroupResource
+func Resource(resource string) schema.GroupResource {
+	return SchemeGroupVersion.WithResource(resource).GroupResource()
+}
+
+var (
+	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
+	AddToScheme   = SchemeBuilder.AddToScheme
+)
+
+// Adds the list of known types to api.Scheme.
+func addKnownTypes(scheme *runtime.Scheme) error {
+	scheme.AddKnownTypes(SchemeGroupVersion,
+		&Mesh{},
+		&MeshList{},
+		&VirtualService{},
+		&VirtualServiceList{},
+		&VirtualNode{},
+		&VirtualNodeList{},
+	)
+	metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
+	return nil
+}
--- a/pkg/apis/appmesh/v1beta1/types.go
+++ b/pkg/apis/appmesh/v1beta1/types.go
@@ -0,0 +1,286 @@
+package v1beta1
+
+import (
+	api "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// App Mesh Custom Resource API types.
+// This API follows the conventions described in
+// https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md
+
+// +genclient
+// +genclient:nonNamespaced
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// Mesh is a specification for a Mesh resource
+type Mesh struct {
+	metav1.TypeMeta `json:",inline"`
+	// +optional
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	// +optional
+	Spec MeshSpec `json:"spec,omitempty"`
+	// +optional
+	Status MeshStatus `json:"status,omitempty"`
+}
+
+type MeshServiceDiscoveryType string
+
+const (
+	Dns MeshServiceDiscoveryType = "Dns"
+)
+
+// MeshSpec is the spec for a Mesh resource
+type MeshSpec struct {
+	// +optional
+	ServiceDiscoveryType *MeshServiceDiscoveryType `json:"serviceDiscoveryType,omitempty"`
+}
+
+// MeshStatus is the status for a Mesh resource
+type MeshStatus struct {
+	// MeshArn is the AppMesh Mesh object's Amazon Resource Name
+	// +optional
+	MeshArn    *string         `json:"meshArn,omitempty"`
+	Conditions []MeshCondition `json:"meshCondition"`
+}
+
+type MeshConditionType string
+
+const (
+	// MeshActive is Active when the Appmesh Mesh has been created or found via the API
+	MeshActive MeshConditionType = "MeshActive"
+)
+
+type MeshCondition struct {
+	// Type of mesh condition.
+	Type MeshConditionType `json:"type"`
+	// Status of the condition, one of True, False, Unknown.
+	Status api.ConditionStatus `json:"status"`
+	// Last time the condition transitioned from one status to another.
+	// +optional
+	LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"`
+	// The reason for the condition's last transition.
+	// +optional
+	Reason *string `json:"reason,omitempty"`
+	// A human readable message indicating details about the transition.
+	// +optional
+	Message *string `json:"message,omitempty"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// MeshList is a list of Mesh resources
+type MeshList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata"`
+
+	Items []Mesh `json:"items"`
+}
+
+// +genclient
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// VirtualService is a specification for a VirtualService resource
+type VirtualService struct {
+	metav1.TypeMeta `json:",inline"`
+	// +optional
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	// +optional
+	Spec VirtualServiceSpec `json:"spec,omitempty"`
+	// +optional
+	Status VirtualServiceStatus `json:"status,omitempty"`
+}
+
+// VirtualServiceSpec is the spec for a VirtualService resource
+type VirtualServiceSpec struct {
+	MeshName string `json:"meshName"`
+	// +optional
+	VirtualRouter *VirtualRouter `json:"virtualRouter,omitempty"`
+	// +optional
+	Routes []Route `json:"routes,omitempty"`
+}
+
+type VirtualRouter struct {
+	Name string `json:"name"`
+}
+
+type Route struct {
+	Name string    `json:"name"`
+	Http HttpRoute `json:"http"`
+}
+
+type HttpRoute struct {
+	Match  HttpRouteMatch  `json:"match"`
+	Action HttpRouteAction `json:"action"`
+}
+
+type HttpRouteMatch struct {
+	Prefix string `json:"prefix"`
+}
+
+type HttpRouteAction struct {
+	WeightedTargets []WeightedTarget `json:"weightedTargets"`
+}
+
+type WeightedTarget struct {
+	VirtualNodeName string `json:"virtualNodeName"`
+	Weight          int64  `json:"weight"`
+}
+
+// VirtualServiceStatus is the status for a VirtualService resource
+type VirtualServiceStatus struct {
+	// VirtualServiceArn is the AppMesh VirtualService object's Amazon Resource Name
+	// +optional
+	VirtualServiceArn *string `json:"virtualServiceArn,omitempty"`
+	// VirtualRouterArn is the AppMesh VirtualRouter object's Amazon Resource Name
+	// +optional
+	VirtualRouterArn *string `json:"virtualRouterArn,omitempty"`
+	// RouteArns is a list of AppMesh Route objects' Amazon Resource Names
+	// +optional
+	RouteArns  []string                  `json:"routeArns,omitempty"`
+	Conditions []VirtualServiceCondition `json:"conditions"`
+}
+
+type VirtualServiceConditionType string
+
+const (
+	// VirtualServiceActive is Active when the Appmesh Service has been created or found via the API
+	VirtualServiceActive                VirtualServiceConditionType = "VirtualServiceActive"
+	VirtualRouterActive                 VirtualServiceConditionType = "VirtualRouterActive"
+	RoutesActive                        VirtualServiceConditionType = "RoutesActive"
+	VirtualServiceMeshMarkedForDeletion VirtualServiceConditionType = "MeshMarkedForDeletion"
+)
+
+type VirtualServiceCondition struct {
+	// Type of mesh service condition.
+	Type VirtualServiceConditionType `json:"type"`
+	// Status of the condition, one of True, False, Unknown.
+	Status api.ConditionStatus `json:"status"`
+	// Last time the condition transitioned from one status to another.
+	// +optional
+	LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"`
+	// The reason for the condition's last transition.
+	// +optional
+	Reason *string `json:"reason,omitempty"`
+	// A human readable message indicating details about the transition.
+	// +optional
+	Message *string `json:"message,omitempty"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// VirtualServiceList is a list of VirtualService resources
+type VirtualServiceList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata"`
+
+	Items []VirtualService `json:"items"`
+}
+
+// +genclient
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// VirtualNode is a specification for a VirtualNode resource
+type VirtualNode struct {
+	metav1.TypeMeta `json:",inline"`
+	// +optional
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	// +optional
+	Spec VirtualNodeSpec `json:"spec,omitempty"`
+	// +optional
+	Status VirtualNodeStatus `json:"status,omitempty"`
+}
+
+// VirtualNodeSpec is the spec for a VirtualNode resource
+type VirtualNodeSpec struct {
+	MeshName string `json:"meshName"`
+	// +optional
+	Listeners []Listener `json:"listeners,omitempty"`
+	// +optional
+	ServiceDiscovery *ServiceDiscovery `json:"serviceDiscovery,omitempty"`
+	// +optional
+	Backends []Backend `json:"backends,omitempty"`
+}
+
+type Listener struct {
+	PortMapping PortMapping `json:"portMapping"`
+}
+
+type PortMapping struct {
+	Port     int64  `json:"port"`
+	Protocol string `json:"protocol"`
+}
+
+type ServiceDiscovery struct {
+	// +optional
+	CloudMap *CloudMapServiceDiscovery `json:"cloudMap,omitempty"`
+	// +optional
+	Dns *DnsServiceDiscovery `json:"dns,omitempty"`
+}
+
+type CloudMapServiceDiscovery struct {
+	CloudMapServiceName string `json:"cloudMapServiceName"`
+}
+
+type DnsServiceDiscovery struct {
+	HostName string `json:"hostName"`
+}
+
+type Backend struct {
+	VirtualService VirtualServiceBackend `json:"virtualService"`
+}
+
+type VirtualServiceBackend struct {
+	VirtualServiceName string `json:"virtualServiceName"`
+}
+
+// VirtualNodeStatus is the status for a VirtualNode resource
+type VirtualNodeStatus struct {
+	MeshArn *string `json:"meshArn,omitempty"`
+	// VirtualNodeArn is the AppMesh VirtualNode object's Amazon Resource Name
+	// +optional
+	VirtualNodeArn *string `json:"virtualNodeArn,omitempty"`
+	// CloudMapServiceArn is a CloudMap Service object's Amazon Resource Name
+	// +optional
+	CloudMapServiceArn *string `json:"cloudMapServiceArn,omitempty"`
+	// +optional
+	QueryParameters map[string]string      `json:"queryParameters,omitempty"`
+	Conditions      []VirtualNodeCondition `json:"conditions"`
+}
+
+type VirtualNodeConditionType string
+
+const (
+	// VirtualNodeActive is Active when the Appmesh Node has been created or found via the API
+	VirtualNodeActive                VirtualNodeConditionType = "VirtualNodeActive"
+	VirtualNodeMeshMarkedForDeletion VirtualNodeConditionType = "MeshMarkedForDeletion"
+)
+
+type VirtualNodeCondition struct {
+	// Type of mesh node condition.
+	Type VirtualNodeConditionType `json:"type"`
+	// Status of the condition, one of True, False, Unknown.
+	Status api.ConditionStatus `json:"status"`
+	// Last time the condition transitioned from one status to another.
+	// +optional
+	LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"`
+	// The reason for the condition's last transition.
+	// +optional
+	Reason *string `json:"reason,omitempty"`
+	// A human readable message indicating details about the transition.
+	// +optional
+	Message *string `json:"reason,omitempty"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// VirtualNodeList is a list of VirtualNode resources
+type VirtualNodeList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata"`
+
+	Items []VirtualNode `json:"items"`
+}
--- a/pkg/apis/appmesh/v1beta1/zz_generated.deepcopy.go
+++ b/pkg/apis/appmesh/v1beta1/zz_generated.deepcopy.go
@@ -0,0 +1,717 @@
+// +build !ignore_autogenerated
+
+/*
+Copyright The Flagger Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by deepcopy-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	runtime "k8s.io/apimachinery/pkg/runtime"
+)
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *Backend) DeepCopyInto(out *Backend) {
+	*out = *in
+	out.VirtualService = in.VirtualService
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Backend.
+func (in *Backend) DeepCopy() *Backend {
+	if in == nil {
+		return nil
+	}
+	out := new(Backend)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *CloudMapServiceDiscovery) DeepCopyInto(out *CloudMapServiceDiscovery) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudMapServiceDiscovery.
+func (in *CloudMapServiceDiscovery) DeepCopy() *CloudMapServiceDiscovery {
+	if in == nil {
+		return nil
+	}
+	out := new(CloudMapServiceDiscovery)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DnsServiceDiscovery) DeepCopyInto(out *DnsServiceDiscovery) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DnsServiceDiscovery.
+func (in *DnsServiceDiscovery) DeepCopy() *DnsServiceDiscovery {
+	if in == nil {
+		return nil
+	}
+	out := new(DnsServiceDiscovery)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *HttpRoute) DeepCopyInto(out *HttpRoute) {
+	*out = *in
+	out.Match = in.Match
+	in.Action.DeepCopyInto(&out.Action)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HttpRoute.
+func (in *HttpRoute) DeepCopy() *HttpRoute {
+	if in == nil {
+		return nil
+	}
+	out := new(HttpRoute)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *HttpRouteAction) DeepCopyInto(out *HttpRouteAction) {
+	*out = *in
+	if in.WeightedTargets != nil {
+		in, out := &in.WeightedTargets, &out.WeightedTargets
+		*out = make([]WeightedTarget, len(*in))
+		copy(*out, *in)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HttpRouteAction.
+func (in *HttpRouteAction) DeepCopy() *HttpRouteAction {
+	if in == nil {
+		return nil
+	}
+	out := new(HttpRouteAction)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *HttpRouteMatch) DeepCopyInto(out *HttpRouteMatch) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HttpRouteMatch.
+func (in *HttpRouteMatch) DeepCopy() *HttpRouteMatch {
+	if in == nil {
+		return nil
+	}
+	out := new(HttpRouteMatch)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *Listener) DeepCopyInto(out *Listener) {
+	*out = *in
+	out.PortMapping = in.PortMapping
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Listener.
+func (in *Listener) DeepCopy() *Listener {
+	if in == nil {
+		return nil
+	}
+	out := new(Listener)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *Mesh) DeepCopyInto(out *Mesh) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	in.Status.DeepCopyInto(&out.Status)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Mesh.
+func (in *Mesh) DeepCopy() *Mesh {
+	if in == nil {
+		return nil
+	}
+	out := new(Mesh)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *Mesh) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *MeshCondition) DeepCopyInto(out *MeshCondition) {
+	*out = *in
+	if in.LastTransitionTime != nil {
+		in, out := &in.LastTransitionTime, &out.LastTransitionTime
+		*out = (*in).DeepCopy()
+	}
+	if in.Reason != nil {
+		in, out := &in.Reason, &out.Reason
+		*out = new(string)
+		**out = **in
+	}
+	if in.Message != nil {
+		in, out := &in.Message, &out.Message
+		*out = new(string)
+		**out = **in
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshCondition.
+func (in *MeshCondition) DeepCopy() *MeshCondition {
+	if in == nil {
+		return nil
+	}
+	out := new(MeshCondition)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *MeshList) DeepCopyInto(out *MeshList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	out.ListMeta = in.ListMeta
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]Mesh, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshList.
+func (in *MeshList) DeepCopy() *MeshList {
+	if in == nil {
+		return nil
+	}
+	out := new(MeshList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *MeshList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *MeshSpec) DeepCopyInto(out *MeshSpec) {
+	*out = *in
+	if in.ServiceDiscoveryType != nil {
+		in, out := &in.ServiceDiscoveryType, &out.ServiceDiscoveryType
+		*out = new(MeshServiceDiscoveryType)
+		**out = **in
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshSpec.
+func (in *MeshSpec) DeepCopy() *MeshSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(MeshSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *MeshStatus) DeepCopyInto(out *MeshStatus) {
+	*out = *in
+	if in.MeshArn != nil {
+		in, out := &in.MeshArn, &out.MeshArn
+		*out = new(string)
+		**out = **in
+	}
+	if in.Conditions != nil {
+		in, out := &in.Conditions, &out.Conditions
+		*out = make([]MeshCondition, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshStatus.
+func (in *MeshStatus) DeepCopy() *MeshStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(MeshStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *PortMapping) DeepCopyInto(out *PortMapping) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PortMapping.
+func (in *PortMapping) DeepCopy() *PortMapping {
+	if in == nil {
+		return nil
+	}
+	out := new(PortMapping)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *Route) DeepCopyInto(out *Route) {
+	*out = *in
+	in.Http.DeepCopyInto(&out.Http)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Route.
+func (in *Route) DeepCopy() *Route {
+	if in == nil {
+		return nil
+	}
+	out := new(Route)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ServiceDiscovery) DeepCopyInto(out *ServiceDiscovery) {
+	*out = *in
+	if in.CloudMap != nil {
+		in, out := &in.CloudMap, &out.CloudMap
+		*out = new(CloudMapServiceDiscovery)
+		**out = **in
+	}
+	if in.Dns != nil {
+		in, out := &in.Dns, &out.Dns
+		*out = new(DnsServiceDiscovery)
+		**out = **in
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceDiscovery.
+func (in *ServiceDiscovery) DeepCopy() *ServiceDiscovery {
+	if in == nil {
+		return nil
+	}
+	out := new(ServiceDiscovery)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *VirtualNode) DeepCopyInto(out *VirtualNode) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	in.Status.DeepCopyInto(&out.Status)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VirtualNode.
+func (in *VirtualNode) DeepCopy() *VirtualNode {
+	if in == nil {
+		return nil
+	}
+	out := new(VirtualNode)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *VirtualNode) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *VirtualNodeCondition) DeepCopyInto(out *VirtualNodeCondition) {
+	*out = *in
+	if in.LastTransitionTime != nil {
+		in, out := &in.LastTransitionTime, &out.LastTransitionTime
+		*out = (*in).DeepCopy()
+	}
+	if in.Reason != nil {
+		in, out := &in.Reason, &out.Reason
+		*out = new(string)
+		**out = **in
+	}
+	if in.Message != nil {
+		in, out := &in.Message, &out.Message
+		*out = new(string)
+		**out = **in
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VirtualNodeCondition.
+func (in *VirtualNodeCondition) DeepCopy() *VirtualNodeCondition {
+	if in == nil {
+		return nil
+	}
+	out := new(VirtualNodeCondition)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *VirtualNodeList) DeepCopyInto(out *VirtualNodeList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	out.ListMeta = in.ListMeta
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]VirtualNode, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VirtualNodeList.
+func (in *VirtualNodeList) DeepCopy() *VirtualNodeList {
+	if in == nil {
+		return nil
+	}
+	out := new(VirtualNodeList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *VirtualNodeList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *VirtualNodeSpec) DeepCopyInto(out *VirtualNodeSpec) {
+	*out = *in
+	if in.Listeners != nil {
+		in, out := &in.Listeners, &out.Listeners
+		*out = make([]Listener, len(*in))
+		copy(*out, *in)
+	}
+	if in.ServiceDiscovery != nil {
+		in, out := &in.ServiceDiscovery, &out.ServiceDiscovery
+		*out = new(ServiceDiscovery)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.Backends != nil {
+		in, out := &in.Backends, &out.Backends
+		*out = make([]Backend, len(*in))
+		copy(*out, *in)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VirtualNodeSpec.
+func (in *VirtualNodeSpec) DeepCopy() *VirtualNodeSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(VirtualNodeSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *VirtualNodeStatus) DeepCopyInto(out *VirtualNodeStatus) {
+	*out = *in
+	if in.MeshArn != nil {
+		in, out := &in.MeshArn, &out.MeshArn
+		*out = new(string)
+		**out = **in
+	}
+	if in.VirtualNodeArn != nil {
+		in, out := &in.VirtualNodeArn, &out.VirtualNodeArn
+		*out = new(string)
+		**out = **in
+	}
+	if in.CloudMapServiceArn != nil {
+		in, out := &in.CloudMapServiceArn, &out.CloudMapServiceArn
+		*out = new(string)
+		**out = **in
+	}
+	if in.QueryParameters != nil {
+		in, out := &in.QueryParameters, &out.QueryParameters
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
+	if in.Conditions != nil {
+		in, out := &in.Conditions, &out.Conditions
+		*out = make([]VirtualNodeCondition, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VirtualNodeStatus.
+func (in *VirtualNodeStatus) DeepCopy() *VirtualNodeStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(VirtualNodeStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *VirtualRouter) DeepCopyInto(out *VirtualRouter) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VirtualRouter.
+func (in *VirtualRouter) DeepCopy() *VirtualRouter {
+	if in == nil {
+		return nil
+	}
+	out := new(VirtualRouter)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *VirtualService) DeepCopyInto(out *VirtualService) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	in.Status.DeepCopyInto(&out.Status)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VirtualService.
+func (in *VirtualService) DeepCopy() *VirtualService {
+	if in == nil {
+		return nil
+	}
+	out := new(VirtualService)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *VirtualService) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *VirtualServiceBackend) DeepCopyInto(out *VirtualServiceBackend) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VirtualServiceBackend.
+func (in *VirtualServiceBackend) DeepCopy() *VirtualServiceBackend {
+	if in == nil {
+		return nil
+	}
+	out := new(VirtualServiceBackend)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *VirtualServiceCondition) DeepCopyInto(out *VirtualServiceCondition) {
+	*out = *in
+	if in.LastTransitionTime != nil {
+		in, out := &in.LastTransitionTime, &out.LastTransitionTime
+		*out = (*in).DeepCopy()
+	}
+	if in.Reason != nil {
+		in, out := &in.Reason, &out.Reason
+		*out = new(string)
+		**out = **in
+	}
+	if in.Message != nil {
+		in, out := &in.Message, &out.Message
+		*out = new(string)
+		**out = **in
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VirtualServiceCondition.
+func (in *VirtualServiceCondition) DeepCopy() *VirtualServiceCondition {
+	if in == nil {
+		return nil
+	}
+	out := new(VirtualServiceCondition)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *VirtualServiceList) DeepCopyInto(out *VirtualServiceList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	out.ListMeta = in.ListMeta
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]VirtualService, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VirtualServiceList.
+func (in *VirtualServiceList) DeepCopy() *VirtualServiceList {
+	if in == nil {
+		return nil
+	}
+	out := new(VirtualServiceList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *VirtualServiceList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *VirtualServiceSpec) DeepCopyInto(out *VirtualServiceSpec) {
+	*out = *in
+	if in.VirtualRouter != nil {
+		in, out := &in.VirtualRouter, &out.VirtualRouter
+		*out = new(VirtualRouter)
+		**out = **in
+	}
+	if in.Routes != nil {
+		in, out := &in.Routes, &out.Routes
+		*out = make([]Route, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VirtualServiceSpec.
+func (in *VirtualServiceSpec) DeepCopy() *VirtualServiceSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(VirtualServiceSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *VirtualServiceStatus) DeepCopyInto(out *VirtualServiceStatus) {
+	*out = *in
+	if in.VirtualServiceArn != nil {
+		in, out := &in.VirtualServiceArn, &out.VirtualServiceArn
+		*out = new(string)
+		**out = **in
+	}
+	if in.VirtualRouterArn != nil {
+		in, out := &in.VirtualRouterArn, &out.VirtualRouterArn
+		*out = new(string)
+		**out = **in
+	}
+	if in.RouteArns != nil {
+		in, out := &in.RouteArns, &out.RouteArns
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	if in.Conditions != nil {
+		in, out := &in.Conditions, &out.Conditions
+		*out = make([]VirtualServiceCondition, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VirtualServiceStatus.
+func (in *VirtualServiceStatus) DeepCopy() *VirtualServiceStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(VirtualServiceStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *WeightedTarget) DeepCopyInto(out *WeightedTarget) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WeightedTarget.
+func (in *WeightedTarget) DeepCopy() *WeightedTarget {
+	if in == nil {
+		return nil
+	}
+	out := new(WeightedTarget)
+	in.DeepCopyInto(out)
+	return out
+}
--- a/pkg/apis/flagger/v1alpha3/register.go
+++ b/pkg/apis/flagger/v1alpha3/register.go
@@ -21,7 +21,7 @@ import (
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"

-	rollout "github.com/stefanprodan/flagger/pkg/apis/flagger"
+	rollout "github.com/weaveworks/flagger/pkg/apis/flagger"
 )

 // SchemeGroupVersion is group version used to register these objects
--- a/pkg/apis/flagger/v1alpha3/types.go
+++ b/pkg/apis/flagger/v1alpha3/types.go
@@ -17,10 +17,11 @@ limitations under the License.
 package v1alpha3

 import (
-	istiov1alpha3 "github.com/knative/pkg/apis/istio/v1alpha3"
+	"time"
+
+	istiov1alpha3 "github.com/weaveworks/flagger/pkg/apis/istio/v1alpha3"
 	hpav1 "k8s.io/api/autoscaling/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"time"
 )

 const (
@@ -51,6 +52,10 @@ type CanarySpec struct {
 	// +optional
 	AutoscalerRef *hpav1.CrossVersionObjectReference `json:"autoscalerRef,omitempty"`

+	// reference to NGINX ingress resource
+	// +optional
+	IngressRef *hpav1.CrossVersionObjectReference `json:"ingressRef,omitempty"`
+
 	// virtual service spec
 	Service CanaryService `json:"service"`

@@ -98,6 +103,7 @@ type CanaryStatus struct {
 	Phase        CanaryPhase `json:"phase"`
 	FailedChecks int         `json:"failedChecks"`
 	CanaryWeight int         `json:"canaryWeight"`
+	Iterations   int         `json:"iterations"`
 	// +optional
 	TrackedConfigs *map[string]string `json:"trackedConfigs,omitempty"`
 	// +optional
@@ -109,23 +115,32 @@ type CanaryStatus struct {
 // CanaryService is used to create ClusterIP services
 // and Istio Virtual Service
 type CanaryService struct {
-	Port     int32                            `json:"port"`
-	Gateways []string                         `json:"gateways"`
-	Hosts    []string                         `json:"hosts"`
-	Match    []istiov1alpha3.HTTPMatchRequest `json:"match,omitempty"`
-	Rewrite  *istiov1alpha3.HTTPRewrite       `json:"rewrite,omitempty"`
-	Timeout  string                           `json:"timeout,omitempty"`
-	Retries  *istiov1alpha3.HTTPRetry         `json:"retries,omitempty"`
+	Port       int32                            `json:"port"`
+	PortName   string                           `json:"portName,omitempty"`
+	Match      []istiov1alpha3.HTTPMatchRequest `json:"match,omitempty"`
+	Rewrite    *istiov1alpha3.HTTPRewrite       `json:"rewrite,omitempty"`
+	Timeout    string                           `json:"timeout,omitempty"`
+	Retries    *istiov1alpha3.HTTPRetry         `json:"retries,omitempty"`
+	Headers    *istiov1alpha3.Headers           `json:"headers,omitempty"`
+	CorsPolicy *istiov1alpha3.CorsPolicy        `json:"corsPolicy,omitempty"`
+	//Istio
+	Gateways []string `json:"gateways,omitempty"`
+	Hosts    []string `json:"hosts,omitempty"`
+	// App Mesh
+	MeshName string   `json:"meshName,omitempty"`
+	Backends []string `json:"backends,omitempty"`
 }

 // CanaryAnalysis is used to describe how the analysis should be done
 type CanaryAnalysis struct {
-	Interval   string          `json:"interval"`
-	Threshold  int             `json:"threshold"`
-	MaxWeight  int             `json:"maxWeight"`
-	StepWeight int             `json:"stepWeight"`
-	Metrics    []CanaryMetric  `json:"metrics"`
-	Webhooks   []CanaryWebhook `json:"webhooks,omitempty"`
+	Interval   string                           `json:"interval"`
+	Threshold  int                              `json:"threshold"`
+	MaxWeight  int                              `json:"maxWeight"`
+	StepWeight int                              `json:"stepWeight"`
+	Metrics    []CanaryMetric                   `json:"metrics"`
+	Webhooks   []CanaryWebhook                  `json:"webhooks,omitempty"`
+	Match      []istiov1alpha3.HTTPMatchRequest `json:"match,omitempty"`
+	Iterations int                              `json:"iterations,omitempty"`
 }

 // CanaryMetric holds the reference to Istio metrics used for canary analysis
@@ -137,11 +152,24 @@ type CanaryMetric struct {
 	Query string `json:"query,omitempty"`
 }

+// HookType can be pre, post or during rollout
+type HookType string
+
+const (
+	// RolloutHook execute webhook during the canary analysis
+	RolloutHook HookType = "rollout"
+	// PreRolloutHook execute webhook before routing traffic to canary
+	PreRolloutHook HookType = "pre-rollout"
+	// PreRolloutHook execute webhook after the canary analysis
+	PostRolloutHook HookType = "post-rollout"
+)
+
 // CanaryWebhook holds the reference to external checks used for canary analysis
 type CanaryWebhook struct {
-	Name    string `json:"name"`
-	URL     string `json:"url"`
-	Timeout string `json:"timeout"`
+	Type    HookType `json:"type"`
+	Name    string   `json:"name"`
+	URL     string   `json:"url"`
+	Timeout string   `json:"timeout"`
 	// +optional
 	Metadata *map[string]string `json:"metadata,omitempty"`
 }
@@ -150,6 +178,7 @@ type CanaryWebhook struct {
 type CanaryWebhookPayload struct {
 	Name      string            `json:"name"`
 	Namespace string            `json:"namespace"`
+	Phase     CanaryPhase       `json:"phase"`
 	Metadata  map[string]string `json:"metadata,omitempty"`
 }

--- a/pkg/apis/flagger/v1alpha3/zz_generated.deepcopy.go
+++ b/pkg/apis/flagger/v1alpha3/zz_generated.deepcopy.go
@@ -21,7 +21,7 @@ limitations under the License.
 package v1alpha3

 import (
-	istiov1alpha3 "github.com/knative/pkg/apis/istio/v1alpha3"
+	istiov1alpha3 "github.com/weaveworks/flagger/pkg/apis/istio/v1alpha3"
 	v1 "k8s.io/api/autoscaling/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
@@ -69,6 +69,13 @@ func (in *CanaryAnalysis) DeepCopyInto(out *CanaryAnalysis) {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
+	if in.Match != nil {
+		in, out := &in.Match, &out.Match
+		*out = make([]istiov1alpha3.HTTPMatchRequest, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
 	return
 }

@@ -134,16 +141,6 @@ func (in *CanaryMetric) DeepCopy() *CanaryMetric {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *CanaryService) DeepCopyInto(out *CanaryService) {
 	*out = *in
-	if in.Gateways != nil {
-		in, out := &in.Gateways, &out.Gateways
-		*out = make([]string, len(*in))
-		copy(*out, *in)
-	}
-	if in.Hosts != nil {
-		in, out := &in.Hosts, &out.Hosts
-		*out = make([]string, len(*in))
-		copy(*out, *in)
-	}
 	if in.Match != nil {
 		in, out := &in.Match, &out.Match
 		*out = make([]istiov1alpha3.HTTPMatchRequest, len(*in))
@@ -161,6 +158,31 @@ func (in *CanaryService) DeepCopyInto(out *CanaryService) {
 		*out = new(istiov1alpha3.HTTPRetry)
 		**out = **in
 	}
+	if in.Headers != nil {
+		in, out := &in.Headers, &out.Headers
+		*out = new(istiov1alpha3.Headers)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.CorsPolicy != nil {
+		in, out := &in.CorsPolicy, &out.CorsPolicy
+		*out = new(istiov1alpha3.CorsPolicy)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.Gateways != nil {
+		in, out := &in.Gateways, &out.Gateways
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	if in.Hosts != nil {
+		in, out := &in.Hosts, &out.Hosts
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	if in.Backends != nil {
+		in, out := &in.Backends, &out.Backends
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
 	return
 }

@@ -183,6 +205,11 @@ func (in *CanarySpec) DeepCopyInto(out *CanarySpec) {
 		*out = new(v1.CrossVersionObjectReference)
 		**out = **in
 	}
+	if in.IngressRef != nil {
+		in, out := &in.IngressRef, &out.IngressRef
+		*out = new(v1.CrossVersionObjectReference)
+		**out = **in
+	}
 	in.Service.DeepCopyInto(&out.Service)
 	in.CanaryAnalysis.DeepCopyInto(&out.CanaryAnalysis)
 	if in.ProgressDeadlineSeconds != nil {
--- a/pkg/apis/istio/common/v1alpha1/string.go
+++ b/pkg/apis/istio/common/v1alpha1/string.go
@@ -0,0 +1,19 @@
+package v1alpha1
+
+// Describes how to match a given string in HTTP headers. Match is
+// case-sensitive.
+type StringMatch struct {
+	// Specified exactly one of the fields below.
+
+	// exact string match
+	Exact string `json:"exact,omitempty"`
+
+	// prefix-based match
+	Prefix string `json:"prefix,omitempty"`
+
+	// suffix-based match.
+	Suffix string `json:"suffix,omitempty"`
+
+	// ECMAscript style regex-based match
+	Regex string `json:"regex,omitempty"`
+}
--- a/pkg/apis/istio/register.go
+++ b/pkg/apis/istio/register.go
@@ -0,0 +1,5 @@
+package istio
+
+const (
+	GroupName = "networking.istio.io"
+)
--- a/Show More
+++ b/Show More