Merge pull request #27 from stefanprodan/ci

Migrate to CircleCI and run e2e tests with Kubernetes Kind
Release v2.0.1
2026-04-07 11:36:50 +00:00 · 2019-08-06 21:59:13 +03:00 · 2019-08-06 21:53:16 +03:00 · 2019-08-06 21:36:25 +03:00 · 2019-08-06 21:08:54 +03:00 · 2019-08-06 20:46:17 +03:00
189 changed files with 4349 additions and 1619 deletions
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -1,5 +1,104 @@
-version: 2
+version: 2.1
 jobs:
-  build:
-    branches:
-      ignore: gh-pages
+  e2e-kubernetes:
+    machine: true
+    steps:
+      - checkout
+      - run: e2e/bootstrap.sh
+      - run: e2e/install.sh
+      - run: e2e/test.sh
+
+  build-container:
+    docker:
+      - image: circleci/golang:1.12
+    working_directory: ~/build
+    steps:
+      - checkout
+      - setup_remote_docker:
+          docker_layer_caching: true
+      - run: make build-container
+      - run: |
+          if [ -z "$CIRCLE_TAG" ]; then
+            echo "Not a release, skipping container push";
+          else
+            echo $DOCKER_PASS | docker login -u $DOCKER_USER --password-stdin;
+            echo $QUAY_PASS | docker login -u $QUAY_USER --password-stdin quay.io;
+            make push-container;
+          fi
+
+  push-binary:
+    docker:
+      - image: circleci/golang:1.12
+    steps:
+      - checkout
+      - run: curl -sL https://git.io/goreleaser | bash
+
+  push-helm-charts:
+    docker:
+      - image: circleci/golang:1.12
+    steps:
+      - checkout
+      - run:
+          name: Install kubectl
+          command: sudo curl -L https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl -o /usr/local/bin/kubectl && sudo chmod +x /usr/local/bin/kubectl
+      - run:
+          name: Install helm
+          command: sudo curl -L https://storage.googleapis.com/kubernetes-helm/helm-v2.14.2-linux-amd64.tar.gz | tar xz && sudo mv linux-amd64/helm /bin/helm && sudo rm -rf linux-amd64
+      - run:
+          name: Initialize helm
+          command:  helm init --client-only --kubeconfig=$HOME/.kube/kubeconfig
+      - run:
+          name: Lint charts
+          command: |
+            helm lint ./charts/*
+      - run:
+          name: Package charts
+          command: |
+            mkdir $HOME/charts
+            helm package ./charts/* --destination $HOME/charts
+      - run:
+          name: Publish charts
+          command: |
+            if echo "${CIRCLE_TAG}" | grep -Eq "[0-9]+(\.[0-9]+)*(-[a-z]+)?$"; then
+              REPOSITORY="https://stefanprodan:${GITHUB_TOKEN}@github.com/stefanprodan/podinfo.git"
+              git config user.email stefanprodan@users.noreply.github.com
+              git config user.name stefanprodan
+              git remote set-url origin ${REPOSITORY}
+              git checkout gh-pages
+              mv -f $HOME/charts/*.tgz .
+              helm repo index . --url https://stefanprodan.github.io/podinfo
+              git add .
+              git commit -m "Publish Helm charts v${CIRCLE_TAG}"
+              git push origin gh-pages
+            else
+              echo "Not a release! Skip charts publish"
+            fi
+
+workflows:
+  version: 2
+  build-test:
+    jobs:
+      - build-container
+      - e2e-kubernetes
+  release:
+    jobs:
+      - build-container:
+          filters:
+            branches:
+              ignore: /.*/
+            tags:
+              ignore: /^chart.*/
+      - push-binary:
+          filters:
+            branches:
+              ignore: /.*/
+            tags:
+              ignore: /^chart.*/
+      - push-helm-charts:
+          requires:
+            - build-container
+          filters:
+            branches:
+              ignore: /.*/
+            tags:
+              ignore: /^chart.*/
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1,22 @@
+# Binaries for programs and plugins
+*.exe
+*.dll
+*.so
+*.dylib
+
+# Test binary, build with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+
+.DS_Store
+
+# Project-local glide cache, RE: https://github.com/Masterminds/glide/issues/736
+.glide/
+.idea/
+release/
+build/
+gcloud/
+dist/
+bin/
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -0,0 +1,16 @@
+builds:
+  - main: ./cmd/podcli
+    binary: podcli
+    ldflags: -s -w -X github.com/stefanprodan/podinfo/pkg/version.REVISION={{.Commit}}
+    goos:
+      - windows
+      - darwin
+      - linux
+    goarch:
+      - amd64
+    env:
+      - CGO_ENABLED=0
+archives:
+  - name_template: "{{ .Binary }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}"
+    files:
+      - none*
--- a/39
+++ b/39
@@ -0,0 +1,39 @@
+FROM golang:1.12 as builder
+
+RUN mkdir -p /podinfo/
+
+WORKDIR /podinfo
+
+COPY . .
+
+RUN GOPROXY=https://proxy.golang.org go mod download
+
+RUN go test -v -race ./...
+
+RUN GIT_COMMIT=$(git rev-list -1 HEAD) && \
+    CGO_ENABLED=0 GOOS=linux go build -ldflags "-s -w \
+    -X github.com/stefanprodan/podinfo/pkg/version.REVISION=${GIT_COMMIT}" \
+    -a -o bin/podinfo cmd/podinfo/*
+
+RUN GIT_COMMIT=$(git rev-list -1 HEAD) && \
+    CGO_ENABLED=0 GOOS=linux go build -ldflags "-s -w \
+    -X github.com/stefanprodan/podinfo/pkg/version.REVISION=${GIT_COMMIT}" \
+    -a -o bin/podcli cmd/podcli/*
+
+FROM alpine:3.10
+
+RUN addgroup -S app \
+    && adduser -S -g app app \
+    && apk --no-cache add \
+    curl openssl netcat-openbsd
+
+WORKDIR /home/app
+
+COPY --from=builder /podinfo/bin/podinfo .
+COPY --from=builder /podinfo/bin/podcli /usr/local/bin/podcli
+COPY ./ui ./ui
+RUN chown -R app:app ./
+
+USER app
+
+CMD ["./podinfo"]
--- a/21
+++ b/21
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2018 Stefan Prodan
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
--- a/53
+++ b/53
@@ -0,0 +1,53 @@
+# Makefile for releasing podinfo
+#
+# The release version is controlled from pkg/version
+
+TAG?=latest
+NAME:=podinfo
+DOCKER_REPOSITORY:=stefanprodan
+DOCKER_IMAGE_NAME:=$(DOCKER_REPOSITORY)/$(NAME)
+GIT_COMMIT:=$(shell git describe --dirty --always)
+VERSION:=$(shell grep 'VERSION' pkg/version/version.go | awk '{ print $$4 }' | tr -d '"')
+
+run:
+	GO111MODULE=on go run -ldflags "-s -w -X github.com/stefanprodan/podinfo/pkg/version.REVISION=$(GIT_COMMIT)" cmd/podinfo/* --level=debug
+
+test:
+	GO111MODULE=on go test -v -race ./...
+
+build:
+	GO111MODULE=on GIT_COMMIT=$$(git rev-list -1 HEAD) && GO111MODULE=on CGO_ENABLED=0 go build  -ldflags "-s -w -X github.com/stefanprodan/podinfo/pkg/version.REVISION=$(GIT_COMMIT)" -a -o ./bin/podinfo ./cmd/podinfo/*
+	GO111MODULE=on GIT_COMMIT=$$(git rev-list -1 HEAD) && GO111MODULE=on CGO_ENABLED=0 go build  -ldflags "-s -w -X github.com/stefanprodan/podinfo/pkg/version.REVISION=$(GIT_COMMIT)" -a -o ./bin/podcli ./cmd/podcli/*
+
+build-charts:
+	helm lint charts/*
+	helm package charts/*
+
+build-container:
+	docker build -t $(DOCKER_IMAGE_NAME):$(VERSION) .
+
+test-container:
+	@docker rm -f podinfo || true
+	@docker run -dp 9898:9898 --name=podinfo $(DOCKER_IMAGE_NAME):$(VERSION)
+	@docker ps
+	@TOKEN=$$(curl -sd 'test' localhost:9898/token | jq -r .token) && \
+	curl -sH "Authorization: Bearer $${TOKEN}" localhost:9898/token/validate | grep test
+
+push-container:
+	docker push $(DOCKER_IMAGE_NAME):$(VERSION)
+	docker tag $(DOCKER_IMAGE_NAME):$(VERSION) quay.io/$(DOCKER_IMAGE_NAME):$(VERSION)
+	docker push quay.io/$(DOCKER_IMAGE_NAME):$(VERSION)
+
+version-set:
+	@next="$(TAG)" && \
+	current="$(VERSION)" && \
+	sed -i '' "s/$$current/$$next/g" pkg/version/version.go && \
+	sed -i '' "s/tag: $$current/tag: $$next/g" charts/podinfo/values.yaml && \
+	sed -i '' "s/appVersion: $$current/appVersion: $$next/g" charts/podinfo/Chart.yaml && \
+	sed -i '' "s/version: $$current/version: $$next/g" charts/podinfo/Chart.yaml && \
+	sed -i '' "s/podinfo:$$current/podinfo:$$next/g" kustomize/deployment.yaml && \
+	echo "Version $$next set in code, deployment, chart and kustomize"
+
+release:
+	git tag $(VERSION)
+	git push origin $(VERSION)
--- a/README.md
+++ b/README.md
@@ -0,0 +1,81 @@
+# podinfo
+
+[![CircleCI](https://circleci.com/gh/stefanprodan/podinfo.svg?style=svg)](https://circleci.com/gh/stefanprodan/podinfo)
+[![Docker Pulls](https://img.shields.io/docker/pulls/stefanprodan/podinfo)](https://hub.docker.com/r/stefanprodan/podinfo)
+
+Podinfo is a tiny web application made with Go 
+that showcases best practices of running microservices in Kubernetes.
+
+Specifications:
+
+* Health checks (readiness and liveness)
+* Graceful shutdown on interrupt signals
+* File watcher for secrets and configmaps
+* Instrumented with Prometheus
+* Tracing with Istio and Jaeger
+* Structured logging with zap 
+* 12-factor app with viper
+* Fault injection (random errors and latency)
+* Helm and Kustomize installers
+* End-to-End testing with Kubernetes Kind and Helm
+
+Web API:
+
+* `GET /` prints runtime information
+* `GET /version` prints podinfo version and git commit hash 
+* `GET /metrics` return HTTP requests duration and Go runtime metrics
+* `GET /healthz` used by Kubernetes liveness probe
+* `GET /readyz` used by Kubernetes readiness probe
+* `POST /readyz/enable` signals the Kubernetes LB that this instance is ready to receive traffic
+* `POST /readyz/disable` signals the Kubernetes LB to stop sending requests to this instance
+* `GET /status/{code}` returns the status code
+* `GET /panic` crashes the process with exit code 255
+* `POST /echo` forwards the call to the backend service and echos the posted content 
+* `GET /env` returns the environment variables as a JSON array
+* `GET /headers` returns a JSON with the request HTTP headers
+* `GET /delay/{seconds}` waits for the specified period
+* `POST /token` issues a JWT token valid for one minute `JWT=$(curl -sd 'anon' podinfo:9898/token | jq -r .token)`
+* `GET /token/validate` validates the JWT token `curl -H "Authorization: Bearer $JWT" podinfo:9898/token/validate`
+* `GET /configs` returns a JSON with configmaps and/or secrets mounted in the `config` volume
+* `POST /store` writes the posted content to disk at /data/hash and returns the SHA1 hash of the content
+* `GET /store/{hash}` returns the content of the file /data/hash if exists
+* `GET /ws/echo` echos content via websockets `podcli ws ws://localhost:9898/ws/echo`
+* `GET /chunked/{seconds}` uses `transfer-encoding` type `chunked` to give a partial response and then waits for the specified period
+
+Web UI:
+
+![podinfo-ui](https://raw.githubusercontent.com/stefanprodan/podinfo/gh-pages/screens/podinfo-ui.png)
+
+### Guides
+
+* [Automated canary deployments with Flagger and Istio](https://medium.com/google-cloud/automated-canary-deployments-with-flagger-and-istio-ac747827f9d1)
+* [Kubernetes autoscaling with Istio metrics](https://medium.com/google-cloud/kubernetes-autoscaling-with-istio-metrics-76442253a45a)
+* [Managing Helm releases the GitOps way](https://medium.com/google-cloud/managing-helm-releases-the-gitops-way-207a6ac6ff0e)
+* [Expose Kubernetes services over HTTPS with Ngrok](https://stefanprodan.com/2018/expose-kubernetes-services-over-http-with-ngrok/)
+
+### Install
+
+Helm:
+
+```bash
+helm repo add sp https://stefanprodan.github.io/podinfo
+
+helm upgrade --install --wait frontend \
+--namespace test \
+--set replicaCount=2 \
+--set backend=http://backend-podinfo:9898/echo \
+sp/podinfo
+
+helm test frontend --cleanup
+
+helm upgrade --install --wait backend \
+--namespace test \
+--set hpa.enabled=true \
+sp/podinfo
+```
+
+Kustomize:
+
+```bash
+kubectl apply -k github.com/stefanprodan/podinfo//kustomize
+```
--- a/charts/ngrok/.helmignore
+++ b/charts/ngrok/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
--- a/charts/ngrok/Chart.yaml
+++ b/charts/ngrok/Chart.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+appVersion: "1.0"
+description: A Ngrok Helm chart for Kubernetes
+name: ngrok
+version: 0.2.0
--- a/charts/ngrok/README.md
+++ b/charts/ngrok/README.md
@@ -0,0 +1,64 @@
+# Ngrok
+
+Expose Kubernetes service with [Ngrok](https://ngrok.com).
+
+## Installing the Chart
+
+To install the chart with the release name `my-release`:
+
+```console
+$ helm install sp/ngrok --name my-release \
+  --set token=NGROK-TOKEN \
+  --set expose.service=podinfo:9898
+```
+
+The command deploys Ngrok on the Kubernetes cluster in the default namespace.
+The [configuration](#configuration) section lists the parameters that can be configured during installation.
+
+## Uninstalling the Chart
+
+To uninstall/delete the `my-release` deployment:
+
+```console
+$ helm delete --purge my-release
+```
+
+The command removes all the Kubernetes components associated with the chart and deletes the release.
+
+## Configuration
+
+The following tables lists the configurable parameters of the Grafana chart and their default values.
+
+Parameter | Description | Default
+--- | --- | ---
+`image.repository` | Image repository | `stefanprodan/ngrok`
+`image.pullPolicy` | Image pull policy | `IfNotPresent`
+`image.tag` | Image tag | `latest`
+`replicaCount` | desired number of pods | `1`
+`tolerations` | List of node taints to tolerate | `[]`
+`affinity` | node/pod affinities | `node`
+`nodeSelector` | node labels for pod assignment | `{}`
+`service.type` | type of service | `ClusterIP`
+`token` | Ngrok auth token | `none`
+`expose.service` | Service address to be exposed as in `service-name:port` | `none`
+`subdomain` | Ngrok subdomain | `none`
+
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
+
+```console
+$ helm upgrade --install --wait tunel \
+  --set token=NGROK-TOKEN \
+  --set service.type=NodePort \
+  --set expose.service=podinfo:9898 \
+  sp/ngrok
+```
+
+Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example,
+
+```console
+$ helm install sp/grafana --name my-release -f values.yaml
+```
+
+> **Tip**: You can use the default [values.yaml](values.yaml)
+```
+
--- a/charts/ngrok/templates/NOTES.txt
+++ b/charts/ngrok/templates/NOTES.txt
@@ -0,0 +1,15 @@
+1. Get the application URL by running these commands:
+{{- if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "ngrok.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get svc -w {{ template "ngrok.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "ngrok.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "ngrok.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl port-forward $POD_NAME 8080:80
+{{- end }}
--- a/charts/ngrok/templates/_helpers.tpl
+++ b/charts/ngrok/templates/_helpers.tpl
@@ -0,0 +1,32 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "ngrok.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "ngrok.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "ngrok.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
--- a/charts/ngrok/templates/config.yaml
+++ b/charts/ngrok/templates/config.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "ngrok.fullname" . }}
+data:
+  ngrok.yml: |-
+    web_addr: 0.0.0.0:4040
+    update: false
+    log: stdout
+{{- if .Values.token }}
+    authtoken: {{ .Values.token }}
+{{- end }}
--- a/charts/ngrok/templates/deployment.yaml
+++ b/charts/ngrok/templates/deployment.yaml
@@ -0,0 +1,65 @@
+apiVersion: apps/v1beta2
+kind: Deployment
+metadata:
+  name: {{ template "ngrok.fullname" . }}
+  labels:
+    app: {{ template "ngrok.name" . }}
+    chart: {{ template "ngrok.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      app: {{ template "ngrok.name" . }}
+      release: {{ .Release.Name }}
+  template:
+    metadata:
+      labels:
+        app: {{ template "ngrok.name" . }}
+        release: {{ .Release.Name }}
+      annotations:
+        prometheus.io/scrape: 'false'
+    spec:
+      containers:
+        - name: {{ .Chart.Name }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          command:
+            - ./ngrok
+            - http
+            {{- if .Values.subdomain }}
+            - --subdomain={{ .Values.subdomain }}
+            {{- end }}
+            - {{ .Values.expose.service }}
+          volumeMounts:
+          - name: config
+            mountPath: /home/ngrok/.ngrok2
+          ports:
+            - name: http
+              containerPort: 4040
+              protocol: TCP
+          livenessProbe:
+            httpGet:
+              path: /api/tunnels
+              port: http
+            initialDelaySeconds: 10
+            periodSeconds: 30
+          resources:
+{{ toYaml .Values.resources | indent 12 }}
+    {{- with .Values.nodeSelector }}
+      nodeSelector:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+    {{- with .Values.affinity }}
+      affinity:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+    {{- with .Values.tolerations }}
+      tolerations:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+      volumes:
+      - name: config
+        configMap:
+          name: {{ template "ngrok.fullname" . }}
--- a/charts/ngrok/templates/service.yaml
+++ b/charts/ngrok/templates/service.yaml
@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "ngrok.fullname" . }}
+  labels:
+    app: {{ template "ngrok.name" . }}
+    chart: {{ template "ngrok.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+  selector:
+    app: {{ template "ngrok.name" . }}
+    release: {{ .Release.Name }}
--- a/charts/ngrok/values.yaml
+++ b/charts/ngrok/values.yaml
@@ -0,0 +1,27 @@
+# Default values for ngrok.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+  repository: stefanprodan/ngrok
+  tag: latest
+  pullPolicy: IfNotPresent
+
+service:
+  type: ClusterIP
+  port: 4040
+
+expose:
+  service: ga-podinfo:9898
+
+token: 4i3rDinhLqMHtvez71N9S_38rkS7onwv77VFNZTaUR6
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+subdomain:
--- a/charts/podinfo/.helmignore
+++ b/charts/podinfo/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
--- a/charts/podinfo/Chart.yaml
+++ b/charts/podinfo/Chart.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+version: 2.0.1
+appVersion: 2.0.1
+name: podinfo
+engine: gotpl
+description: Podinfo Helm chart for Kubernetes
+home: https://github.com/stefanprodan/podinfo
+maintainers:
+- email: stefanprodan@users.noreply.github.com
+  name: stefanprodan
+sources:
+- https://github.com/stefanprodan/podinfo
--- a/charts/podinfo/README.md
+++ b/charts/podinfo/README.md
@@ -0,0 +1,81 @@
+# Podinfo
+
+Podinfo is a tiny web application made with Go 
+that showcases best practices of running microservices in Kubernetes.
+
+## Installing the Chart
+
+To install the chart with the release name `my-release`:
+
+```console
+$ helm repo add sp https://stefanprodan.github.io/k8s-podinfo
+$ helm upgrade my-release --install sp/podinfo 
+```
+
+The command deploys podinfo on the Kubernetes cluster in the default namespace.
+The [configuration](#configuration) section lists the parameters that can be configured during installation.
+
+## Uninstalling the Chart
+
+To uninstall/delete the `my-release` deployment:
+
+```console
+$ helm delete --purge my-release
+```
+
+The command removes all the Kubernetes components associated with the chart and deletes the release.
+
+## Configuration
+
+The following tables lists the configurable parameters of the podinfo chart and their default values.
+
+Parameter | Description | Default
+--- | --- | ---
+`affinity` | node/pod affinities | None
+`color` | UI color | blue
+`backend` | echo backend URL | None
+`faults.delay` | random HTTP response delays between 0 and 5 seconds | `false`
+`faults.error` | 1/3 chances of a random HTTP response error | `false`
+`hpa.enabled` | enables HPA | `false`
+`hpa.cpu` | target CPU usage per pod | None
+`hpa.memory` | target memory usage per pod | None
+`hpa.requests` | target requests per second per pod | None
+`hpa.maxReplicas` | maximum pod replicas | `10`
+`ingress.hosts` | ingress accepted hostnames | None
+`ingress.tls` | ingress TLS configuration | None:
+`image.pullPolicy` | image pull policy | `IfNotPresent`
+`image.repository` | image repository | `stefanprodan/podinfo`
+`image.tag` | image tag | `0.0.1`
+`ingress.enabled` | enables ingress | `false`
+`ingress.annotations` | ingress annotations | None
+`ingress.hosts` | ingress accepted hostnames | None
+`ingress.tls` | ingress TLS configuration | None
+`message` | UI greetings message | None
+`nodeSelector` | node labels for pod assignment | `{}`
+`replicaCount` | desired number of pods | `2`
+`resources.requests/cpu` | pod CPU request | `1m`
+`resources.requests/memory` | pod memory request | `16Mi`
+`resources.limits/cpu` | pod CPU limit | None
+`resources.limits/memory` | pod memory limit | None
+`service.externalPort` | external port for the service | `9898`
+`service.internalPort` | internal port for the service | `9898`
+`service.nodePort` | node port for the service | `31198`
+`service.type` | type of service | `ClusterIP`
+`tolerations` | list of node taints to tolerate | `[]`
+
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
+
+```console
+$ helm install stable/podinfo --name my-release \
+  --set=image.tag=0.0.2,service.type=NodePort
+```
+
+Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example,
+
+```console
+$ helm install stable/podinfo --name my-release -f values.yaml
+```
+
+> **Tip**: You can use the default [values.yaml](values.yaml)
+```
+
--- a/charts/podinfo/templates/NOTES.txt
+++ b/charts/podinfo/templates/NOTES.txt
@@ -0,0 +1,19 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "podinfo.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get svc -w {{ template "podinfo.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "podinfo.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "podinfo.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl port-forward $POD_NAME 8080:{{ .Values.service.externalPort }}
+{{- end }}
--- a/charts/podinfo/templates/_helpers.tpl
+++ b/charts/podinfo/templates/_helpers.tpl
@@ -0,0 +1,32 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "podinfo.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "podinfo.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "podinfo.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
--- a/charts/podinfo/templates/deployment.yaml
+++ b/charts/podinfo/templates/deployment.yaml
@@ -0,0 +1,91 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "podinfo.fullname" . }}
+  labels:
+    app: {{ template "podinfo.name" . }}
+    chart: {{ template "podinfo.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxUnavailable: 1
+  selector:
+    matchLabels:
+      app: {{ template "podinfo.name" . }}
+      release: {{ .Release.Name }}
+  template:
+    metadata:
+      labels:
+        app: {{ template "podinfo.name" . }}
+        release: {{ .Release.Name }}
+      annotations:
+        prometheus.io/scrape: 'true'
+    spec:
+      terminationGracePeriodSeconds: 30
+      containers:
+        - name: {{ .Chart.Name }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          command:
+            - ./podinfo
+            - --port={{ .Values.service.containerPort }}
+            - --level={{ .Values.logLevel }}
+            - --random-delay={{ .Values.faults.delay }}
+            - --random-error={{ .Values.faults.error }}
+          env:
+          - name: PODINFO_UI_COLOR
+            value: {{ .Values.color }}
+          {{- if .Values.message }}
+          - name: PODINFO_UI_MESSAGE
+            value: {{ .Values.message }}
+          {{- end }}
+          {{- if .Values.backend }}
+          - name: PODINFO_BACKEND_URL
+            value: {{ .Values.backend }}
+          {{- end }}
+          ports:
+            - name: http
+              containerPort: {{ .Values.service.containerPort }}
+              protocol: TCP
+          livenessProbe:
+            exec:
+              command:
+              - podcli
+              - check
+              - http
+              - localhost:{{ .Values.service.containerPort }}/healthz
+            initialDelaySeconds: 1
+            timeoutSeconds: 5
+          readinessProbe:
+            exec:
+              command:
+              - podcli
+              - check
+              - http
+              - localhost:{{ .Values.service.containerPort }}/readyz
+            initialDelaySeconds: 1
+            timeoutSeconds: 5
+          volumeMounts:
+          - name: data
+            mountPath: /data
+          resources:
+{{ toYaml .Values.resources | indent 12 }}
+    {{- with .Values.nodeSelector }}
+      nodeSelector:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+    {{- with .Values.affinity }}
+      affinity:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+    {{- with .Values.tolerations }}
+      tolerations:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+      volumes:
+      - name: data
+        emptyDir: {}
--- a/charts/podinfo/templates/hpa.yaml
+++ b/charts/podinfo/templates/hpa.yaml
@@ -0,0 +1,32 @@
+{{- if .Values.hpa.enabled -}}
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ template "podinfo.fullname" . }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1beta2
+    kind: Deployment
+    name: {{ template "podinfo.fullname" . }}
+  minReplicas: {{ .Values.replicaCount }}
+  maxReplicas: {{ .Values.hpa.maxReplicas }}
+  metrics:
+  {{- if .Values.hpa.cpu }}
+  - type: Resource
+    resource:
+      name: cpu
+      targetAverageUtilization: {{ .Values.hpa.cpu }}
+  {{- end }}
+  {{- if .Values.hpa.memory }}
+  - type: Resource
+    resource:
+      name: memory
+      targetAverageValue: {{ .Values.hpa.memory }}
+  {{- end }}
+  {{- if .Values.hpa.requests }}
+  - type: Pod
+      pods:
+        metricName: http_requests
+        targetAverageValue: {{ .Values.hpa.requests }}
+  {{- end }}
+{{- end }}
--- a/charts/podinfo/templates/ingress.yaml
+++ b/charts/podinfo/templates/ingress.yaml
@@ -0,0 +1,39 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "podinfo.fullname" . -}}
+{{- $servicePort := .Values.service.port -}}
+{{- $ingressPath := .Values.ingress.path -}}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  labels:
+    app: {{ template "podinfo.name" . }}
+    chart: {{ template "podinfo.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+{{- with .Values.ingress.annotations }}
+  annotations:
+{{ toYaml . | indent 4 }}
+{{- end }}
+spec:
+{{- if .Values.ingress.tls }}
+  tls:
+  {{- range .Values.ingress.tls }}
+    - hosts:
+      {{- range .hosts }}
+        - {{ . }}
+      {{- end }}
+      secretName: {{ .secretName }}
+  {{- end }}
+{{- end }}
+  rules:
+  {{- range .Values.ingress.hosts }}
+    - host: {{ . }}
+      http:
+        paths:
+          - path: {{ $ingressPath }}
+            backend:
+              serviceName: {{ $fullName }}
+              servicePort: http
+  {{- end }}
+{{- end }}
--- a/charts/podinfo/templates/service.yaml
+++ b/charts/podinfo/templates/service.yaml
@@ -0,0 +1,22 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "podinfo.fullname" . }}
+  labels:
+    app: {{ template "podinfo.name" . }}
+    chart: {{ template "podinfo.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.externalPort }}
+      targetPort: http
+      protocol: TCP
+      name: http
+      {{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }}
+      nodePort: {{ .Values.service.nodePort }}
+      {{- end }}
+  selector:
+    app: {{ template "podinfo.name" . }}
+    release: {{ .Release.Name }}
--- a/charts/podinfo/templates/tests/jwt.yaml
+++ b/charts/podinfo/templates/tests/jwt.yaml
@@ -0,0 +1,43 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: {{ template "podinfo.fullname" . }}-jwt-test-{{ randAlphaNum 5 | lower }}
+  labels:
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version }}
+    app: {{ template "podinfo.name" . }}
+  annotations:
+    "helm.sh/hook": test-success
+spec:
+  containers:
+    - name: tools
+      image: giantswarm/tiny-tools
+      command: ["/bin/sh", "/scripts/test.sh"]
+      env:
+      - name: PODINFO_SVC
+        value: {{ template "podinfo.fullname" . }}:{{ .Values.service.externalPort }}
+      volumeMounts:
+      - name: scripts
+        mountPath: /scripts
+  restartPolicy: Never
+  volumes:
+  - name: scripts
+    configMap:
+      name: {{ template "podinfo.fullname" . }}-storage-cfg
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "podinfo.fullname" . }}-storage-cfg
+  labels:
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version }}
+    app: {{ template "podinfo.name" . }}
+data:
+  test.sh: |
+    #!/bin/sh
+    echo "testing ${PODINFO_SVC}/token"
+    TOKEN=$(curl -sd 'test' ${PODINFO_SVC}/token | jq -r .token) && \
+    curl -H "Authorization: Bearer ${TOKEN}" ${PODINFO_SVC}/token/validate | grep test
--- a/charts/podinfo/templates/tests/service.yaml
+++ b/charts/podinfo/templates/tests/service.yaml
@@ -0,0 +1,18 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: {{ template "podinfo.fullname" . }}-service-test-{{ randAlphaNum 5 | lower }}
+  labels:
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version }}
+    app: {{ template "podinfo.name" . }}
+  annotations:
+    "helm.sh/hook": test-success
+spec:
+  containers:
+    - name: curl
+      image: radial/busyboxplus:curl
+      command: ['curl']
+      args:  ['{{ template "podinfo.fullname" . }}:{{ .Values.service.externalPort }}']
+  restartPolicy: Never
--- a/charts/podinfo/values.yaml
+++ b/charts/podinfo/values.yaml
@@ -0,0 +1,59 @@
+# Default values for podinfo.
+
+replicaCount: 1
+logLevel: info
+color: blue
+backend: #http://backend-podinfo:9898/echo
+message: #UI greetings
+
+faults:
+  delay: false
+  error: false
+
+image:
+  repository: quay.io/stefanprodan/podinfo
+  tag: 2.0.1
+  pullPolicy: IfNotPresent
+
+service:
+  type: ClusterIP
+  externalPort: 9898
+  containerPort: 9898
+  nodePort: 31198
+
+# metrics-server add-on required
+hpa:
+  enabled: false
+  maxReplicas: 10
+  # average total CPU usage per pod (1-100)
+  cpu:
+  # average memory usage per pod (100Mi-1Gi)
+  memory:
+  # average http requests per second per pod (k8s-prometheus-adapter)
+  requests:
+
+ingress:
+  enabled: false
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  path: /
+  hosts:
+    - podinfo.local
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local
+
+resources:
+  limits:
+  requests:
+    cpu: 1m
+    memory: 16Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
--- a/cloudbuild.yaml
+++ b/cloudbuild.yaml
@@ -0,0 +1,4 @@
+steps:
+- name: 'gcr.io/cloud-builders/docker'
+  args: ['build','-f' , 'Dockerfile', '-t', 'gcr.io/$PROJECT_ID/podinfo:$BRANCH_NAME-$SHORT_SHA', '.']
+images: ['gcr.io/$PROJECT_ID/podinfo:$BRANCH_NAME-$SHORT_SHA']
--- a/cmd/podcli/check.go
+++ b/cmd/podcli/check.go
@@ -0,0 +1,245 @@
+package main
+
+import (
+	"bytes"
+	"context"
+	"crypto/tls"
+	"fmt"
+	"net"
+	"net/http"
+	"net/url"
+	"os"
+	"strings"
+	"time"
+
+	"github.com/spf13/cobra"
+	"go.uber.org/zap"
+)
+
+var (
+	retryCount int
+	retryDelay time.Duration
+	method     string
+	body       string
+	timeout    time.Duration
+)
+
+var checkCmd = &cobra.Command{
+	Use:   `check`,
+	Short: "Health check commands",
+	Long:  "Commands for running health checks",
+}
+
+var checkUrlCmd = &cobra.Command{
+	Use:     `http [address]`,
+	Short:   "HTTP(S) health check",
+	Example: `  check http https://httpbin.org/anything --method=POST --retry=2 --delay=2s --timeout=3s --body='{"test"=1}'`,
+	RunE:    runCheck,
+}
+
+var checkTcpCmd = &cobra.Command{
+	Use:     `tcp [address]`,
+	Short:   "TCP health check",
+	Example: `  check tcp httpbin.org:443 --retry=1 --delay=2s --timeout=2s`,
+	RunE:    runCheckTCP,
+}
+
+var checkCertCmd = &cobra.Command{
+	Use:     `cert [address]`,
+	Short:   "SSL/TLS certificate validity check",
+	Example: `  check cert httpbin.org`,
+	RunE:    runCheckCert,
+}
+
+func init() {
+	checkUrlCmd.Flags().StringVar(&method, "method", "GET", "HTTP method")
+	checkUrlCmd.Flags().StringVar(&body, "body", "", "HTTP POST/PUT content")
+	checkUrlCmd.Flags().IntVar(&retryCount, "retry", 0, "times to retry the HTTP call")
+	checkUrlCmd.Flags().DurationVar(&retryDelay, "delay", 1*time.Second, "wait duration between retries")
+	checkUrlCmd.Flags().DurationVar(&timeout, "timeout", 5*time.Second, "timeout")
+	checkCmd.AddCommand(checkUrlCmd)
+
+	checkTcpCmd.Flags().IntVar(&retryCount, "retry", 0, "times to retry the TCP check")
+	checkTcpCmd.Flags().DurationVar(&retryDelay, "delay", 1*time.Second, "wait duration between retries")
+	checkTcpCmd.Flags().DurationVar(&timeout, "timeout", 5*time.Second, "timeout")
+	checkCmd.AddCommand(checkTcpCmd)
+
+	checkCmd.AddCommand(checkCertCmd)
+
+	rootCmd.AddCommand(checkCmd)
+}
+
+func runCheck(cmd *cobra.Command, args []string) error {
+	if retryCount < 0 {
+		return fmt.Errorf("--retry is required")
+	}
+	if len(args) < 1 {
+		return fmt.Errorf("address is required! example: check http https://httpbin.org")
+	}
+
+	address := args[0]
+	if !strings.HasPrefix(address, "http://") && !strings.HasPrefix(address, "https://") {
+		address = fmt.Sprintf("http://%s", address)
+	}
+
+	for n := 0; n <= retryCount; n++ {
+		if n != 1 {
+			time.Sleep(retryDelay)
+		}
+
+		req, err := http.NewRequest(method, address, bytes.NewBuffer([]byte(body)))
+		if err != nil {
+			logger.Info("check failed",
+				zap.String("address", address),
+				zap.Error(err))
+			os.Exit(1)
+		}
+
+		ctx, cancel := context.WithTimeout(req.Context(), timeout)
+		resp, err := http.DefaultClient.Do(req.WithContext(ctx))
+		cancel()
+		if err != nil {
+			logger.Info("check failed",
+				zap.String("address", address),
+				zap.Error(err))
+			continue
+		}
+
+		if resp.Body != nil {
+			resp.Body.Close()
+		}
+
+		if resp.StatusCode >= 200 && resp.StatusCode < 400 {
+			logger.Info("check succeed",
+				zap.String("address", address),
+				zap.Int("status code", resp.StatusCode),
+				zap.String("response size", fmtContentLength(resp.ContentLength)))
+			os.Exit(0)
+		} else {
+			logger.Info("check failed",
+				zap.String("address", address),
+				zap.Int("status code", resp.StatusCode))
+			continue
+		}
+	}
+
+	os.Exit(1)
+	return nil
+}
+
+func runCheckTCP(cmd *cobra.Command, args []string) error {
+	if retryCount < 0 {
+		return fmt.Errorf("--retry is required")
+	}
+	if len(args) < 1 {
+		return fmt.Errorf("address is required! example: check tcp httpbin.org:80")
+	}
+	address := args[0]
+
+	for n := 0; n <= retryCount; n++ {
+		if n != 1 {
+			time.Sleep(retryDelay)
+		}
+
+		conn, err := net.DialTimeout("tcp", address, timeout)
+
+		if err != nil {
+			logger.Info("check failed",
+				zap.String("address", address),
+				zap.Error(err))
+			continue
+		}
+
+		conn.Close()
+		logger.Info("check succeed", zap.String("address", address))
+		os.Exit(0)
+
+	}
+
+	os.Exit(1)
+	return nil
+}
+
+func runCheckCert(cmd *cobra.Command, args []string) error {
+	if len(args) < 1 {
+		return fmt.Errorf("address is required! example: check cert httpbin.org")
+	}
+	host := args[0]
+	if !strings.HasPrefix(host, "https://") {
+		host = "https://" + host
+	}
+
+	u, err := url.Parse(host)
+	if err != nil {
+		logger.Info("check failed",
+			zap.String("address", host),
+			zap.Error(err))
+		os.Exit(1)
+	}
+
+	address := u.Hostname() + ":443"
+	ipConn, err := net.DialTimeout("tcp", address, 5*time.Second)
+	if err != nil {
+		logger.Info("check failed",
+			zap.String("address", address),
+			zap.Error(err))
+		os.Exit(1)
+
+	}
+
+	defer ipConn.Close()
+	conn := tls.Client(ipConn, &tls.Config{
+		InsecureSkipVerify: true,
+		ServerName:         u.Hostname(),
+	})
+	if err = conn.Handshake(); err != nil {
+		logger.Info("check failed",
+			zap.String("address", address),
+			zap.Error(err))
+		os.Exit(1)
+	}
+
+	defer conn.Close()
+	addr := conn.RemoteAddr()
+	_, _, err = net.SplitHostPort(addr.String())
+	if err != nil {
+		logger.Info("check failed",
+			zap.String("address", address),
+			zap.Error(err))
+		os.Exit(1)
+	}
+
+	cert := conn.ConnectionState().PeerCertificates[0]
+
+	timeNow := time.Now()
+	if timeNow.After(cert.NotAfter) {
+		logger.Info("check failed",
+			zap.String("address", address),
+			zap.String("issuer", cert.Issuer.CommonName),
+			zap.String("subject", cert.Subject.CommonName),
+			zap.Time("expired", cert.NotAfter))
+		os.Exit(1)
+	}
+
+	logger.Info("check succeed",
+		zap.String("address", address),
+		zap.String("issuer", cert.Issuer.CommonName),
+		zap.String("subject", cert.Subject.CommonName),
+		zap.Time("notAfter", cert.NotAfter),
+		zap.Time("notBefore", cert.NotBefore))
+
+	return nil
+}
+
+func fmtContentLength(b int64) string {
+	const unit = 1000
+	if b < unit {
+		return fmt.Sprintf("%d B", b)
+	}
+	div, exp := int64(unit), 0
+	for n := b / unit; n >= unit; n /= unit {
+		div *= unit
+		exp++
+	}
+	return fmt.Sprintf("%.1f %cB", float64(b)/float64(div), "kMGTPE"[exp])
+}
--- a/cmd/podcli/code.go
+++ b/cmd/podcli/code.go
@@ -0,0 +1,365 @@
+package main
+
+import (
+	"fmt"
+	"io"
+	"io/ioutil"
+	"log"
+	"os"
+	"os/exec"
+	"path"
+	"path/filepath"
+	"regexp"
+	"strings"
+
+	"github.com/hashicorp/go-getter"
+	"github.com/spf13/cobra"
+)
+
+var (
+	codeProjectName string
+	codeGitUser     string
+	codeVersion     string
+	codeProjectPath string
+)
+
+var codeCmd = &cobra.Command{
+	Use:   `code`,
+	Short: "Code commands",
+}
+
+var codeInitCmd = &cobra.Command{
+	Use:     `init [name]`,
+	Short:   "initialize podinfo code repo",
+	Example: `  code init demo-app --version=v1.2.0 --git-user=stefanprodan`,
+	RunE:    runCodeInit,
+}
+
+func init() {
+	codeInitCmd.Flags().StringVar(&codeGitUser, "git-user", "", "GitHub user or org")
+	codeInitCmd.Flags().StringVar(&codeVersion, "version", "master", "podinfo repo tag or branch name")
+	codeInitCmd.Flags().StringVar(&codeProjectPath, "path", ".", "destination repo")
+
+	codeCmd.AddCommand(codeInitCmd)
+
+	rootCmd.AddCommand(codeCmd)
+}
+
+func runCodeInit(cmd *cobra.Command, args []string) error {
+
+	if len(codeGitUser) < 0 {
+		return fmt.Errorf("--git-user is required")
+	}
+	if len(args) < 1 {
+		return fmt.Errorf("project name is required")
+	}
+
+	codeProjectName = args[0]
+
+	pwd, err := os.Getwd()
+	if err != nil {
+		log.Fatalf("Error getting pwd: %s", err)
+		os.Exit(1)
+	}
+
+	tmpPath := "/tmp/k8s-podinfo"
+	versionName := fmt.Sprintf("k8s-podinfo-%s", codeVersion)
+
+	downloadURL := fmt.Sprintf("https://github.com/stefanprodan/podinfo/archive/%s.zip", codeVersion)
+	client := &getter.Client{
+		Src:  downloadURL,
+		Dst:  tmpPath,
+		Pwd:  pwd,
+		Mode: getter.ClientModeAny,
+	}
+
+	fmt.Printf("Downloading %s\n", downloadURL)
+
+	if err := client.Get(); err != nil {
+		log.Fatalf("Error downloading: %s", err)
+		os.Exit(1)
+	}
+
+	pkgFrom := "github.com/stefanprodan/podinfo"
+	pkgTo := fmt.Sprintf("github.com/%s/%s", codeGitUser, codeProjectName)
+
+	if err := replaceImports(tmpPath, pkgFrom, pkgTo); err != nil {
+		log.Fatalf("Error parsing imports: %s", err)
+		os.Exit(1)
+	}
+
+	dirs := []string{"pkg", "cmd", "ui", "vendor", ".github"}
+	for _, dir := range dirs {
+
+		err = os.MkdirAll(path.Join(codeProjectPath, dir), os.ModePerm)
+		if err != nil {
+			log.Fatalf("Error: %s", err)
+			os.Exit(1)
+		}
+		if err := copyDir(path.Join(tmpPath, versionName, dir), path.Join(codeProjectPath, dir)); err != nil {
+			log.Fatalf("Error: %s", err)
+			os.Exit(1)
+		}
+	}
+
+	files := []string{"Gopkg.toml", "Gopkg.lock"}
+	for _, file := range files {
+		if err := copyFile(path.Join(tmpPath, versionName, file), path.Join(codeProjectPath, file)); err != nil {
+			log.Fatalf("Error: %s", err)
+			os.Exit(1)
+		}
+
+		fileContent, err := ioutil.ReadFile(path.Join(codeProjectPath, file))
+		if err != nil {
+			log.Fatalf("Error: %s", err)
+			os.Exit(1)
+		}
+
+		newContent := strings.Replace(string(fileContent), pkgFrom, pkgTo, -1)
+		err = ioutil.WriteFile(path.Join(codeProjectPath, file), []byte(newContent), os.ModePerm)
+		if err != nil {
+			log.Fatalf("Error: %s", err)
+			os.Exit(1)
+		}
+	}
+
+	projFrom := "stefanprodan/podinfo"
+	projTo := fmt.Sprintf("%s/%s", codeGitUser, codeProjectName)
+
+	makeFiles := []string{"Makefile.gh", "Dockerfile.gh"}
+	for _, file := range makeFiles {
+		fileContent, err := ioutil.ReadFile(path.Join(tmpPath, versionName, file))
+		if err != nil {
+			log.Fatalf("Error: %s", err)
+			os.Exit(1)
+		}
+
+		destFile := strings.Replace(file, ".gh", "", -1)
+		newContent := strings.Replace(string(fileContent), projFrom, projTo, -1)
+		err = ioutil.WriteFile(path.Join(codeProjectPath, destFile), []byte(newContent), os.ModePerm)
+		if err != nil {
+			log.Fatalf("Error: %s", err)
+			os.Exit(1)
+		}
+	}
+
+	workflows := []string{".github/main.workflow"}
+	for _, file := range workflows {
+		fileContent, err := ioutil.ReadFile(path.Join(codeProjectPath, file))
+		if err != nil {
+			log.Fatalf("Error: %s", err)
+			os.Exit(1)
+		}
+
+		newContent := strings.Replace(string(fileContent), "Dockerfile.gh", "Dockerfile", -1)
+		err = ioutil.WriteFile(path.Join(codeProjectPath, file), []byte(newContent), os.ModePerm)
+		if err != nil {
+			log.Fatalf("Error: %s", err)
+			os.Exit(1)
+		}
+	}
+
+	dockerFiles := []string{"Dockerfile.ci"}
+	for _, file := range dockerFiles {
+		fileContent, err := ioutil.ReadFile(path.Join(tmpPath, versionName, file))
+		if err != nil {
+			log.Fatalf("Error: %s", err)
+			os.Exit(1)
+		}
+
+		newContent := strings.Replace(string(fileContent), projFrom, projTo, -1)
+		err = ioutil.WriteFile(path.Join(codeProjectPath, file), []byte(newContent), os.ModePerm)
+		if err != nil {
+			log.Fatalf("Error: %s", err)
+			os.Exit(1)
+		}
+	}
+
+	travisFiles := []string{"travis.lite.yml"}
+	for _, file := range travisFiles {
+		fileContent, err := ioutil.ReadFile(path.Join(tmpPath, versionName, file))
+		if err != nil {
+			log.Fatalf("Error: %s", err)
+			os.Exit(1)
+		}
+
+		destFile := strings.Replace(file, "travis.lite.yml", ".travis.yml", -1)
+		newContent := strings.Replace(string(fileContent), projFrom, projTo, -1)
+		err = ioutil.WriteFile(path.Join(codeProjectPath, destFile), []byte(newContent), os.ModePerm)
+		if err != nil {
+			log.Fatalf("Error: %s", err)
+			os.Exit(1)
+		}
+	}
+
+	err = gitPush()
+	if err != nil {
+		log.Fatalf("git push error: %s", err)
+		os.Exit(1)
+	}
+
+	fmt.Println("Initialization finished")
+	return nil
+}
+
+func gitPush() error {
+	cmdPush := fmt.Sprintf("git add . && git commit -m \"sync %s\" && git push", codeVersion)
+	cmd := exec.Command("sh", "-c", cmdPush)
+	output, err := cmd.Output()
+	if err != nil {
+		return err
+	}
+	fmt.Println(string(output))
+	return nil
+}
+
+func replaceImports(projectPath string, pkgFrom string, pkgTo string) error {
+	regexImport, err := regexp.Compile(`(?s)(import(.*?)\)|import.*$)`)
+	if err != nil {
+		return err
+	}
+
+	regexImportedPackage, err := regexp.Compile(`"(.*?)"`)
+	if err != nil {
+		return err
+	}
+
+	found := []string{}
+
+	err = filepath.Walk(projectPath, func(path string, info os.FileInfo, err error) error {
+		if filepath.Ext(path) == ".go" {
+			bts, err := ioutil.ReadFile(path)
+			if err != nil {
+				return err
+			}
+
+			content := string(bts)
+			matches := regexImport.FindAllString(content, -1)
+			isExists := false
+
+		isReplaceable:
+			for _, each := range matches {
+				for _, eachLine := range strings.Split(each, "\n") {
+					matchesInline := regexImportedPackage.FindAllString(eachLine, -1)
+					if err != nil {
+						return err
+					}
+
+					for _, eachSubline := range matchesInline {
+						if strings.Contains(eachSubline, pkgFrom) {
+							isExists = true
+							break isReplaceable
+						}
+					}
+				}
+			}
+
+			if isExists {
+				content = strings.Replace(content, `"`+pkgFrom+`"`, `"`+pkgTo+`"`, -1)
+				content = strings.Replace(content, `"`+pkgFrom+`/`, `"`+pkgTo+`/`, -1)
+				found = append(found, path)
+			}
+
+			err = ioutil.WriteFile(path, []byte(content), info.Mode())
+			if err != nil {
+				return err
+			}
+		}
+
+		return nil
+	})
+
+	if err != nil {
+		fmt.Println("ERROR", err.Error())
+	}
+
+	if len(found) == 0 {
+		fmt.Println("Nothing replaced")
+	} else {
+		fmt.Printf("Go imports total %d file replaced\n", len(found))
+	}
+
+	return nil
+}
+
+func copyDir(src string, dst string) error {
+	si, err := os.Stat(src)
+	if err != nil {
+		return err
+	}
+	if !si.IsDir() {
+		return fmt.Errorf("source is not a directory")
+	}
+
+	err = os.MkdirAll(dst, si.Mode())
+	if err != nil {
+		return err
+	}
+
+	entries, err := ioutil.ReadDir(src)
+	if err != nil {
+		return err
+	}
+
+	for _, entry := range entries {
+		srcPath := filepath.Join(src, entry.Name())
+		dstPath := filepath.Join(dst, entry.Name())
+
+		if entry.IsDir() {
+			err = copyDir(srcPath, dstPath)
+			if err != nil {
+				return err
+			}
+		} else {
+			// Skip symlinks.
+			if entry.Mode()&os.ModeSymlink != 0 {
+				continue
+			}
+
+			err = copyFile(srcPath, dstPath)
+			if err != nil {
+				return err
+			}
+		}
+	}
+	return nil
+}
+
+func copyFile(src, dst string) (err error) {
+	in, err := os.Open(src)
+	if err != nil {
+		return
+	}
+	defer in.Close()
+
+	out, err := os.Create(dst)
+	if err != nil {
+		return
+	}
+	defer func() {
+		if e := out.Close(); e != nil {
+			err = e
+		}
+	}()
+
+	_, err = io.Copy(out, in)
+	if err != nil {
+		return
+	}
+
+	err = out.Sync()
+	if err != nil {
+		return
+	}
+
+	si, err := os.Stat(src)
+	if err != nil {
+		return
+	}
+	err = os.Chmod(dst, si.Mode())
+	if err != nil {
+		return
+	}
+
+	return
+}
--- a/cmd/podcli/main.go
+++ b/cmd/podcli/main.go
@@ -0,0 +1,38 @@
+package main
+
+import (
+	"fmt"
+	"github.com/spf13/cobra"
+	"go.uber.org/zap"
+	"log"
+	"os"
+	"strings"
+)
+
+var rootCmd = &cobra.Command{
+	Use:   "podcli",
+	Short: "podinfo command line",
+	Long: `
+podinfo command line utilities`,
+}
+
+var (
+	logger *zap.Logger
+)
+
+func main() {
+
+	var err error
+	logger, err = zap.NewDevelopment()
+	if err != nil {
+		log.Fatalf("can't initialize zap logger: %v", err)
+	}
+	defer logger.Sync()
+
+	rootCmd.SetArgs(os.Args[1:])
+	if err := rootCmd.Execute(); err != nil {
+		e := err.Error()
+		fmt.Println(strings.ToUpper(e[:1]) + e[1:])
+		os.Exit(1)
+	}
+}
--- a/cmd/podcli/version.go
+++ b/cmd/podcli/version.go
@@ -0,0 +1,20 @@
+package main
+
+import (
+	"fmt"
+	"github.com/spf13/cobra"
+	"github.com/stefanprodan/podinfo/pkg/version"
+)
+
+func init() {
+	rootCmd.AddCommand(versionCmd)
+}
+
+var versionCmd = &cobra.Command{
+	Use:   `version`,
+	Short: "Prints podcli version",
+	RunE: func(cmd *cobra.Command, args []string) error {
+		fmt.Println(version.VERSION)
+		return nil
+	},
+}
--- a/cmd/podcli/ws.go
+++ b/cmd/podcli/ws.go
@@ -0,0 +1,143 @@
+package main
+
+import (
+	"encoding/hex"
+	"fmt"
+	"net/http"
+	"net/url"
+	"os"
+	"regexp"
+	"strings"
+
+	"github.com/chzyer/readline"
+	"github.com/fatih/color"
+	"github.com/gorilla/websocket"
+	"github.com/spf13/cobra"
+	"go.uber.org/zap"
+)
+
+var origin string
+
+func init() {
+	wsCmd.Flags().StringVarP(&origin, "origin", "o", "", "websocket origin")
+	rootCmd.AddCommand(wsCmd)
+}
+
+var wsCmd = &cobra.Command{
+	Use:     `ws [address]`,
+	Short:   "Websocket client",
+	Example: `  ws localhost:9898/ws/echo`,
+	RunE: func(cmd *cobra.Command, args []string) error {
+		if len(args) < 1 {
+			return fmt.Errorf("address is required")
+		}
+
+		address := args[0]
+		if !strings.HasPrefix(address, "ws://") && !strings.HasPrefix(address, "wss://") {
+			address = fmt.Sprintf("ws://%s", address)
+		}
+
+		dest, err := url.Parse(address)
+		if err != nil {
+			return err
+		}
+		if origin != "" {
+		} else {
+			originURL := *dest
+			if dest.Scheme == "wss" {
+				originURL.Scheme = "https"
+			} else {
+				originURL.Scheme = "http"
+			}
+			origin = originURL.String()
+		}
+
+		err = connect(dest.String(), origin, &readline.Config{
+			Prompt: "> ",
+		})
+		if err != nil {
+			logger.Info("websocket closed", zap.Error(err))
+		}
+		return nil
+	},
+}
+
+type session struct {
+	ws      *websocket.Conn
+	rl      *readline.Instance
+	errChan chan error
+}
+
+func connect(url, origin string, rlConf *readline.Config) error {
+	headers := make(http.Header)
+	headers.Add("Origin", origin)
+
+	ws, _, err := websocket.DefaultDialer.Dial(url, headers)
+	if err != nil {
+		return err
+	}
+
+	rl, err := readline.NewEx(rlConf)
+	if err != nil {
+		return err
+	}
+	defer rl.Close()
+
+	sess := &session{
+		ws:      ws,
+		rl:      rl,
+		errChan: make(chan error),
+	}
+
+	go sess.readConsole()
+	go sess.readWebsocket()
+
+	return <-sess.errChan
+}
+
+func (s *session) readConsole() {
+	for {
+		line, err := s.rl.Readline()
+		if err != nil {
+			s.errChan <- err
+			return
+		}
+
+		err = s.ws.WriteMessage(websocket.TextMessage, []byte(line))
+		if err != nil {
+			s.errChan <- err
+			return
+		}
+	}
+}
+
+func bytesToFormattedHex(bytes []byte) string {
+	text := hex.EncodeToString(bytes)
+	return regexp.MustCompile("(..)").ReplaceAllString(text, "$1 ")
+}
+
+func (s *session) readWebsocket() {
+	rxSprintf := color.New(color.FgGreen).SprintfFunc()
+
+	for {
+		msgType, buf, err := s.ws.ReadMessage()
+		if err != nil {
+			fmt.Fprint(s.rl.Stdout(), rxSprintf("< %s\n", err.Error()))
+			os.Exit(1)
+			return
+		}
+
+		var text string
+		switch msgType {
+		case websocket.TextMessage:
+			text = string(buf)
+		case websocket.BinaryMessage:
+			text = bytesToFormattedHex(buf)
+		default:
+			s.errChan <- fmt.Errorf("unknown websocket frame type: %d", msgType)
+			return
+		}
+
+		fmt.Fprint(s.rl.Stdout(), rxSprintf("< %s\n", text))
+	}
+}
--- a/cmd/podinfo/main.go
+++ b/cmd/podinfo/main.go
@@ -0,0 +1,199 @@
+package main
+
+import (
+	"fmt"
+	"github.com/spf13/pflag"
+	"github.com/spf13/viper"
+	"github.com/stefanprodan/podinfo/pkg/api"
+	"github.com/stefanprodan/podinfo/pkg/signals"
+	"github.com/stefanprodan/podinfo/pkg/version"
+	"go.uber.org/zap"
+	"go.uber.org/zap/zapcore"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"strconv"
+	"strings"
+	"time"
+)
+
+func main() {
+	// flags definition
+	fs := pflag.NewFlagSet("default", pflag.ContinueOnError)
+	fs.Int("port", 9898, "port")
+	fs.Int("port-metrics", 0, "metrics port")
+	fs.String("level", "info", "log level debug, info, warn, error, flat or panic")
+	fs.String("backend-url", "", "backend service URL")
+	fs.Duration("http-client-timeout", 2*time.Minute, "client timeout duration")
+	fs.Duration("http-server-timeout", 30*time.Second, "server read and write timeout duration")
+	fs.Duration("http-server-shutdown-timeout", 5*time.Second, "server graceful shutdown timeout duration")
+	fs.String("data-path", "/data", "data local path")
+	fs.String("config-path", "", "config dir path")
+	fs.String("config", "config.yaml", "config file name")
+	fs.String("ui-path", "./ui", "UI local path")
+	fs.String("ui-color", "blue", "UI color")
+	fs.String("ui-message", fmt.Sprintf("greetings from podinfo v%v", version.VERSION), "UI message")
+	fs.Bool("random-delay", false, "between 0 and 5 seconds random delay")
+	fs.Bool("random-error", false, "1/3 chances of a random response error")
+	fs.Int("stress-cpu", 0, "Number of CPU cores with 100 load")
+	fs.Int("stress-memory", 0, "MB of data to load into memory")
+
+	versionFlag := fs.BoolP("version", "v", false, "get version number")
+
+	// parse flags
+	err := fs.Parse(os.Args[1:])
+	switch {
+	case err == pflag.ErrHelp:
+		os.Exit(0)
+	case err != nil:
+		fmt.Fprintf(os.Stderr, "Error: %s\n\n", err.Error())
+		fs.PrintDefaults()
+		os.Exit(2)
+	case *versionFlag:
+		fmt.Println(version.VERSION)
+		os.Exit(0)
+	}
+
+	// bind flags and environment variables
+	viper.BindPFlags(fs)
+	viper.RegisterAlias("backendUrl", "backend-url")
+	hostname, _ := os.Hostname()
+	viper.SetDefault("jwt-secret", "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9")
+	viper.Set("hostname", hostname)
+	viper.Set("version", version.VERSION)
+	viper.Set("revision", version.REVISION)
+	viper.SetEnvPrefix("PODINFO")
+	viper.SetEnvKeyReplacer(strings.NewReplacer("-", "_"))
+	viper.AutomaticEnv()
+
+	// load config from file
+	if _, err := os.Stat(filepath.Join(viper.GetString("config-path"), viper.GetString("config"))); err == nil {
+		viper.SetConfigName(strings.Split(viper.GetString("config"), ".")[0])
+		viper.AddConfigPath(viper.GetString("config-path"))
+		if err := viper.ReadInConfig(); err != nil {
+			fmt.Printf("Error reading config file, %v\n", err)
+		}
+	}
+
+	// configure logging
+	logger, _ := initZap(viper.GetString("level"))
+	defer logger.Sync()
+	stdLog := zap.RedirectStdLog(logger)
+	defer stdLog()
+
+	// start stress tests if any
+	beginStressTest(viper.GetInt("stress-cpu"), viper.GetInt("stress-memory"), logger)
+
+	// validate port
+	if _, err := strconv.Atoi(viper.GetString("port")); err != nil {
+		port, _ := fs.GetInt("port")
+		viper.Set("port", strconv.Itoa(port))
+	}
+
+	// load HTTP server config
+	var srvCfg api.Config
+	if err := viper.Unmarshal(&srvCfg); err != nil {
+		logger.Panic("config unmarshal failed", zap.Error(err))
+	}
+
+	// log version and port
+	logger.Info("Starting podinfo",
+		zap.String("version", viper.GetString("version")),
+		zap.String("revision", viper.GetString("revision")),
+		zap.String("port", srvCfg.Port),
+	)
+
+	// start HTTP server
+	srv, _ := api.NewServer(&srvCfg, logger)
+	stopCh := signals.SetupSignalHandler()
+	srv.ListenAndServe(stopCh)
+}
+
+func initZap(logLevel string) (*zap.Logger, error) {
+	level := zap.NewAtomicLevelAt(zapcore.InfoLevel)
+	switch logLevel {
+	case "debug":
+		level = zap.NewAtomicLevelAt(zapcore.DebugLevel)
+	case "info":
+		level = zap.NewAtomicLevelAt(zapcore.InfoLevel)
+	case "warn":
+		level = zap.NewAtomicLevelAt(zapcore.WarnLevel)
+	case "error":
+		level = zap.NewAtomicLevelAt(zapcore.ErrorLevel)
+	case "fatal":
+		level = zap.NewAtomicLevelAt(zapcore.FatalLevel)
+	case "panic":
+		level = zap.NewAtomicLevelAt(zapcore.PanicLevel)
+	}
+
+	zapEncoderConfig := zapcore.EncoderConfig{
+		TimeKey:        "ts",
+		LevelKey:       "level",
+		NameKey:        "logger",
+		CallerKey:      "caller",
+		MessageKey:     "msg",
+		StacktraceKey:  "stacktrace",
+		LineEnding:     zapcore.DefaultLineEnding,
+		EncodeLevel:    zapcore.LowercaseLevelEncoder,
+		EncodeTime:     zapcore.ISO8601TimeEncoder,
+		EncodeDuration: zapcore.SecondsDurationEncoder,
+		EncodeCaller:   zapcore.ShortCallerEncoder,
+	}
+
+	zapConfig := zap.Config{
+		Level:       level,
+		Development: false,
+		Sampling: &zap.SamplingConfig{
+			Initial:    100,
+			Thereafter: 100,
+		},
+		Encoding:         "json",
+		EncoderConfig:    zapEncoderConfig,
+		OutputPaths:      []string{"stderr"},
+		ErrorOutputPaths: []string{"stderr"},
+	}
+
+	return zapConfig.Build()
+}
+
+var stressMemoryPayload []byte
+
+func beginStressTest(cpus int, mem int, logger *zap.Logger) {
+	done := make(chan int)
+	if cpus > 0 {
+		logger.Info("starting CPU stress", zap.Int("cores", cpus))
+		for i := 0; i < cpus; i++ {
+			go func() {
+				for {
+					select {
+					case <-done:
+						return
+					default:
+
+					}
+				}
+			}()
+		}
+	}
+
+	if mem > 0 {
+		path := "/tmp/podinfo.data"
+		f, err := os.Create(path)
+
+		if err != nil {
+			logger.Error("memory stress failed", zap.Error(err))
+		}
+
+		if err := f.Truncate(1000000 * int64(mem)); err != nil {
+			logger.Error("memory stress failed", zap.Error(err))
+		}
+
+		stressMemoryPayload, err = ioutil.ReadFile(path)
+		f.Close()
+		os.Remove(path)
+		if err != nil {
+			logger.Error("memory stress failed", zap.Error(err))
+		}
+		logger.Info("starting CPU stress", zap.Int("memory", len(stressMemoryPayload)))
+	}
+}
--- a/cuddle_bunny.gif
+++ b/cuddle_bunny.gif
--- a/cuddle_clap.gif
+++ b/cuddle_clap.gif
--- a/e2e/bootstrap.sh
+++ b/e2e/bootstrap.sh
@@ -0,0 +1,34 @@
+#!/usr/bin/env bash
+
+set -o errexit
+
+REPO_ROOT=$(git rev-parse --show-toplevel)
+KIND_VERSION=v0.4.0
+
+if [[ "$1" ]]; then
+  KIND_VERSION=$1
+fi
+
+echo ">>> Installing kubectl"
+curl -sLO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && \
+chmod +x kubectl && \
+sudo mv kubectl /usr/local/bin/
+
+echo ">>> Installing kind"
+curl -sSLo kind "https://github.com/kubernetes-sigs/kind/releases/download/$KIND_VERSION/kind-linux-amd64"
+chmod +x kind
+sudo mv kind /usr/local/bin/kind
+
+echo ">>> Creating kind cluster"
+kind create cluster --wait 5m
+
+export KUBECONFIG="$(kind get kubeconfig-path --name="kind")"
+kubectl get pods --all-namespaces
+
+echo ">>> Installing Helm"
+curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get | bash
+
+echo '>>> Installing Tiller'
+kubectl --namespace kube-system create sa tiller
+kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
+helm init --service-account tiller --upgrade --wait
--- a/e2e/install.sh
+++ b/e2e/install.sh
@@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+
+set -o errexit
+
+REPO_ROOT=$(git rev-parse --show-toplevel)
+export KUBECONFIG="$(kind get kubeconfig-path --name="kind")"
+
+echo ">>> Building container"
+docker build -t test/podinfo:latest .
+
+echo '>>> Loading image in Kind'
+kind load docker-image test/podinfo:latest
+
+echo '>>> Installing'
+helm upgrade -i podinfo ${REPO_ROOT}/charts/podinfo --namespace=default
+kubectl set image deployment/podinfo podinfo=test/podinfo:latest
+kubectl rollout status deployment/podinfo
--- a/e2e/test.sh
+++ b/e2e/test.sh
@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+
+set -o errexit
+
+REPO_ROOT=$(git rev-parse --show-toplevel)
+export KUBECONFIG="$(kind get kubeconfig-path --name="kind")"
+
+echo '>>> Testing'
+helm test podinfo
+
+echo '>>> Test logs'
+kubectl logs -l app=podinfo
--- a/go.mod
+++ b/go.mod
@@ -0,0 +1,53 @@
+module github.com/stefanprodan/podinfo
+
+go 1.12
+
+require (
+	github.com/BurntSushi/toml v0.3.1 // indirect
+	github.com/aws/aws-sdk-go v1.15.63 // indirect
+	github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973 // indirect
+	github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect
+	github.com/chzyer/logex v1.1.10 // indirect
+	github.com/chzyer/readline v0.0.0-20160726135117-62c6fe619375
+	github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/dgrijalva/jwt-go v3.2.0+incompatible
+	github.com/fatih/color v1.7.0
+	github.com/fsnotify/fsnotify v1.4.7
+	github.com/golang/protobuf v1.2.0 // indirect
+	github.com/gorilla/mux v1.7.3
+	github.com/gorilla/websocket v1.4.0
+	github.com/hashicorp/go-cleanhttp v0.5.0 // indirect
+	github.com/hashicorp/go-getter v0.0.0-20180809191950-4bda8fa99001
+	github.com/hashicorp/go-safetemp v1.0.0 // indirect
+	github.com/hashicorp/go-version v1.0.0 // indirect
+	github.com/hashicorp/hcl v0.0.0-20180404174102-ef8a98b0bbce // indirect
+	github.com/inconshreveable/mousetrap v1.0.0 // indirect
+	github.com/magiconair/properties v1.8.0 // indirect
+	github.com/mattn/go-colorable v0.0.9 // indirect
+	github.com/mattn/go-isatty v0.0.4 // indirect
+	github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
+	github.com/mitchellh/go-homedir v1.0.0 // indirect
+	github.com/mitchellh/go-testing-interface v1.0.0 // indirect
+	github.com/mitchellh/mapstructure v0.0.0-20180715050151-f15292f7a699 // indirect
+	github.com/pelletier/go-toml v1.2.0 // indirect
+	github.com/pkg/errors v0.8.1 // indirect
+	github.com/prometheus/client_golang v0.8.0
+	github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910 // indirect
+	github.com/prometheus/common v0.0.0-20180801064454-c7de2306084e // indirect
+	github.com/prometheus/procfs v0.0.0-20180725123919-05ee40e3a273 // indirect
+	github.com/spf13/afero v1.1.1 // indirect
+	github.com/spf13/cast v1.2.0 // indirect
+	github.com/spf13/cobra v0.0.3
+	github.com/spf13/jwalterweatherman v0.0.0-20180814060501-14d3d4c51834 // indirect
+	github.com/spf13/pflag v1.0.2
+	github.com/spf13/viper v1.1.0
+	github.com/stretchr/testify v1.3.0 // indirect
+	github.com/ulikunitz/xz v0.5.4 // indirect
+	go.uber.org/atomic v1.3.2 // indirect
+	go.uber.org/multierr v1.1.0 // indirect
+	go.uber.org/zap v1.9.1
+	golang.org/x/net v0.0.0-20190724013045-ca1201d0de80 // indirect
+	golang.org/x/sync v0.0.0-20190423024810-112230192c58 // indirect
+	gopkg.in/yaml.v2 v2.2.1 // indirect
+)
--- a/go.sum
+++ b/go.sum
@@ -0,0 +1,107 @@
+github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ=
+github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
+github.com/aws/aws-sdk-go v1.15.63 h1:rPr7eEm/FSK23DoDKhbd9oLMYGT7JU9pkyfBUVOHXUo=
+github.com/aws/aws-sdk-go v1.15.63/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3ATZkfNZeM=
+github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973 h1:xJ4a3vCFaGF/jqvzLMYoU8P317H5OQ+Via4RmuPwCS0=
+github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
+github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1UJrqV3uuy861HCTo708pDMbjHHdCas=
+github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d/go.mod h1:6QX/PXZ00z/TKoufEY6K/a0k6AhaJrQKdFe6OfVXsa4=
+github.com/chzyer/logex v1.1.10 h1:Swpa1K6QvQznwJRcfTfQJmTE72DqScAa40E+fbHEXEE=
+github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
+github.com/chzyer/readline v0.0.0-20160726135117-62c6fe619375 h1:JVe1zduaiPlSLOuQcU/MqRJkBbWRPsjdW48+20AtJXM=
+github.com/chzyer/readline v0.0.0-20160726135117-62c6fe619375/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
+github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1 h1:q763qf9huN11kDQavWsoZXJNW3xEE4JJyHa5Q25/sd8=
+github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM=
+github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
+github.com/fatih/color v1.7.0 h1:DkWD4oS2D8LGGgTQ6IvwJJXSL5Vp2ffcQg58nFV38Ys=
+github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
+github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I=
+github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
+github.com/golang/protobuf v1.2.0 h1:P3YflyNX/ehuJFLhxviNdFxQPkGK5cDcApsge1SqnvM=
+github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/gorilla/mux v1.7.3 h1:gnP5JzjVOuiZD07fKKToCAOjS0yOpj/qPETTXCCS6hw=
+github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
+github.com/gorilla/websocket v1.4.0 h1:WDFjx/TMzVgy9VdMMQi2K2Emtwi2QcUQsztZ/zLaH/Q=
+github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
+github.com/hashicorp/go-cleanhttp v0.5.0 h1:wvCrVc9TjDls6+YGAF2hAifE1E5U1+b4tH6KdvN3Gig=
+github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80=
+github.com/hashicorp/go-getter v0.0.0-20180809191950-4bda8fa99001 h1:qC+3MHkvfCXb1cA9YDpWZ7np8tPOXZceLrW+xyqOgmk=
+github.com/hashicorp/go-getter v0.0.0-20180809191950-4bda8fa99001/go.mod h1:6rdJFnhkXnzGOJbvkrdv4t9nLwKcVA+tmbQeUlkIzrU=
+github.com/hashicorp/go-safetemp v1.0.0 h1:2HR189eFNrjHQyENnQMMpCiBAsRxzbTMIgBhEyExpmo=
+github.com/hashicorp/go-safetemp v1.0.0/go.mod h1:oaerMy3BhqiTbVye6QuFhFtIceqFoDHxNAB65b+Rj1I=
+github.com/hashicorp/go-version v1.0.0 h1:21MVWPKDphxa7ineQQTrCU5brh7OuVVAzGOCnnCPtE8=
+github.com/hashicorp/go-version v1.0.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
+github.com/hashicorp/hcl v0.0.0-20180404174102-ef8a98b0bbce h1:xdsDDbiBDQTKASoGEZ+pEmF1OnWuu8AQ9I8iNbHNeno=
+github.com/hashicorp/hcl v0.0.0-20180404174102-ef8a98b0bbce/go.mod h1:oZtUIOe8dh44I2q6ScRibXws4Ajl+d+nod3AaR9vL5w=
+github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM=
+github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
+github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8 h1:12VvqtR6Aowv3l/EQUlocDHW2Cp4G9WJVH7uyH8QFJE=
+github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
+github.com/magiconair/properties v1.8.0 h1:LLgXmsheXeRoUOBOjtwPQCWIYqM/LU1ayDtDePerRcY=
+github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
+github.com/mattn/go-colorable v0.0.9 h1:UVL0vNpWh04HeJXV0KLcaT7r06gOH2l4OW6ddYRUIY4=
+github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
+github.com/mattn/go-isatty v0.0.4 h1:bnP0vzxcAdeI1zdubAl5PjU6zsERjGZb7raWodagDYs=
+github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
+github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU=
+github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
+github.com/mitchellh/go-homedir v1.0.0 h1:vKb8ShqSby24Yrqr/yDYkuFz8d0WUjys40rvnGC8aR0=
+github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
+github.com/mitchellh/go-testing-interface v1.0.0 h1:fzU/JVNcaqHQEcVFAKeR41fkiLdIPrefOvVG1VZ96U0=
+github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI=
+github.com/mitchellh/mapstructure v0.0.0-20180715050151-f15292f7a699 h1:KXZJFdun9knAVAR8tg/aHJEr5DgtcbqyvzacK+CDCaI=
+github.com/mitchellh/mapstructure v0.0.0-20180715050151-f15292f7a699/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
+github.com/pelletier/go-toml v1.2.0 h1:T5zMGML61Wp+FlcbWjRDT7yAxhJNAiPPLOFECq181zc=
+github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
+github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I=
+github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/prometheus/client_golang v0.8.0 h1:1921Yw9Gc3iSc4VQh3PIoOqgPCZS7G/4xQNVUp8Mda8=
+github.com/prometheus/client_golang v0.8.0/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
+github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910 h1:idejC8f05m9MGOsuEi1ATq9shN03HrxNkD/luQvxCv8=
+github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
+github.com/prometheus/common v0.0.0-20180801064454-c7de2306084e h1:n/3MEhJQjQxrOUCzh1Y3Re6aJUUWRp2M9+Oc3eVn/54=
+github.com/prometheus/common v0.0.0-20180801064454-c7de2306084e/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
+github.com/prometheus/procfs v0.0.0-20180725123919-05ee40e3a273 h1:agujYaXJSxSo18YNX3jzl+4G6Bstwt+kqv47GS12uL0=
+github.com/prometheus/procfs v0.0.0-20180725123919-05ee40e3a273/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
+github.com/spf13/afero v1.1.1 h1:Lt3ihYMlE+lreX1GS4Qw4ZsNpYQLxIXKBTEOXm3nt6I=
+github.com/spf13/afero v1.1.1/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
+github.com/spf13/cast v1.2.0 h1:HHl1DSRbEQN2i8tJmtS6ViPyHx35+p51amrdsiTCrkg=
+github.com/spf13/cast v1.2.0/go.mod h1:r2rcYCSwa1IExKTDiTfzaxqT2FNHs8hODu4LnUfgKEg=
+github.com/spf13/cobra v0.0.3 h1:ZlrZ4XsMRm04Fr5pSFxBgfND2EBVa1nLpiy1stUsX/8=
+github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
+github.com/spf13/jwalterweatherman v0.0.0-20180814060501-14d3d4c51834 h1:kJI9pPzfsULT/72wy7mxkRQZPtKWgFdCA2RTGZ4v8/E=
+github.com/spf13/jwalterweatherman v0.0.0-20180814060501-14d3d4c51834/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo=
+github.com/spf13/pflag v1.0.2 h1:Fy0orTDgHdbnzHcsOgfCN4LtHf0ec3wwtiwJqwvf3Gc=
+github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
+github.com/spf13/viper v1.1.0 h1:V7OZpY8i3C1x/pDmU0zNNlfVoDz112fSYvtWMjjS3f4=
+github.com/spf13/viper v1.1.0/go.mod h1:A8kyI5cUJhb8N+3pkfONlcEcZbueH6nhAm0Fq7SrnBM=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/ulikunitz/xz v0.5.4 h1:zATC2OoZ8H1TZll3FpbX+ikwmadbO699PE06cIkm9oU=
+github.com/ulikunitz/xz v0.5.4/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8=
+go.uber.org/atomic v1.3.2 h1:2Oa65PReHzfn29GpvgsYwloV9AVFHPDk8tYxt2c2tr4=
+go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
+go.uber.org/multierr v1.1.0 h1:HoEmRHQPVSqub6w2z2d2EOVs2fjyFRGyofhKuyDq0QI=
+go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
+go.uber.org/zap v1.9.1 h1:XCJQEf3W6eZaVwhRBof6ImoYGJSITeKWsyeh3HFu/5o=
+go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/net v0.0.0-20190724013045-ca1201d0de80 h1:Ao/3l156eZf2AW5wK8a7/smtodRU+gha3+BeqJ69lRk=
+golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58 h1:8gQV6CLnAEikrhgkHFbMAEhagSSnXWGV915qUMm9mrU=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a h1:1BGLXjeY4akVXGgbC9HugT3Jv3hCI0z56oJR5vAMgBU=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE=
+gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
--- a/index.yaml
+++ b/index.yaml
--- a/kustomize/deployment.yaml
+++ b/kustomize/deployment.yaml
@@ -0,0 +1,66 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: podinfo
+  labels:
+    app: podinfo
+spec:
+  minReadySeconds: 5
+  revisionHistoryLimit: 5
+  progressDeadlineSeconds: 60
+  strategy:
+    rollingUpdate:
+      maxUnavailable: 0
+    type: RollingUpdate
+  selector:
+    matchLabels:
+      app: podinfo
+  template:
+    metadata:
+      annotations:
+        prometheus.io/scrape: "true"
+      labels:
+        app: podinfo
+    spec:
+      containers:
+      - name: podinfod
+        image: quay.io/stefanprodan/podinfo:2.0.1
+        imagePullPolicy: IfNotPresent
+        ports:
+        - containerPort: 9898
+          name: http
+          protocol: TCP
+        command:
+        - ./podinfo
+        - --port=9898
+        - --level=info
+        - --random-delay=false
+        - --random-error=false
+        env:
+        - name: PODINFO_UI_COLOR
+          value: blue
+        livenessProbe:
+          exec:
+            command:
+            - podcli
+            - check
+            - http
+            - localhost:9898/healthz
+          initialDelaySeconds: 5
+          timeoutSeconds: 5
+        readinessProbe:
+          exec:
+            command:
+            - podcli
+            - check
+            - http
+            - localhost:9898/readyz
+          initialDelaySeconds: 5
+          timeoutSeconds: 5
+        resources:
+          limits:
+            cpu: 2000m
+            memory: 512Mi
+          requests:
+            cpu: 100m
+            memory: 64Mi
--- a/kustomize/hpa.yaml
+++ b/kustomize/hpa.yaml
@@ -0,0 +1,18 @@
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: podinfo
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: podinfo
+  minReplicas: 2
+  maxReplicas: 4
+  metrics:
+  - type: Resource
+    resource:
+      name: cpu
+      # scale up if usage is above
+      # 99% of the requested CPU (100m)
+      targetAverageUtilization: 99
--- a/kustomize/kustomization.yaml
+++ b/kustomize/kustomization.yaml
@@ -0,0 +1,5 @@
+resources:
+  - hpa.yaml
+  - deployment.yaml
+  - service.yaml
+
--- a/kustomize/service.yaml
+++ b/kustomize/service.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: podinfo
+  labels:
+    app: podinfo
+spec:
+  type: ClusterIP
+  selector:
+    app: podinfo
+  ports:
+    - name: http
+      port: 9898
+      protocol: TCP
+      targetPort: http
--- a/pkg/api/chunked.go
+++ b/pkg/api/chunked.go
@@ -0,0 +1,36 @@
+package api
+
+import (
+	"math/rand"
+	"net/http"
+	"strconv"
+	"time"
+
+	"github.com/gorilla/mux"
+)
+
+func (s *Server) chunkedHandler(w http.ResponseWriter, r *http.Request) {
+	vars := mux.Vars(r)
+
+	delay, err := strconv.Atoi(vars["wait"])
+	if err != nil {
+		delay = rand.Intn(int(s.config.HttpServerTimeout*time.Second)-10) + 10
+	}
+
+	flusher, ok := w.(http.Flusher)
+	if !ok {
+		s.ErrorResponse(w, r, "Streaming unsupported!", http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Connection", "Keep-Alive")
+	w.Header().Set("Transfer-Encoding", "chunked")
+	w.Header().Set("X-Content-Type-Options", "nosniff")
+
+	flusher.Flush()
+
+	time.Sleep(time.Duration(delay) * time.Second)
+	s.JSONResponse(w, r, map[string]int{"delay": delay})
+
+	flusher.Flush()
+}
--- a/pkg/api/chunked_test.go
+++ b/pkg/api/chunked_test.go
@@ -0,0 +1,35 @@
+package api
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"regexp"
+	"testing"
+)
+
+func TestChunkedHandler(t *testing.T) {
+	req, err := http.NewRequest("GET", "/chunked/0", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	rr := httptest.NewRecorder()
+	srv := NewMockServer()
+
+	srv.router.HandleFunc("/chunked/{wait}", srv.chunkedHandler)
+	srv.router.ServeHTTP(rr, req)
+
+	// Check the status code is what we expect.
+	if status := rr.Code; status != http.StatusOK {
+		t.Errorf("handler returned wrong status code: got %v want %v",
+			status, http.StatusOK)
+	}
+
+	// Check the response body is what we expect.
+	expected := ".*delay.*0.*"
+	r := regexp.MustCompile(expected)
+	if !r.MatchString(rr.Body.String()) {
+		t.Fatalf("handler returned unexpected body:\ngot \n%v \nwant \n%s",
+			rr.Body.String(), expected)
+	}
+}
--- a/pkg/api/configs.go
+++ b/pkg/api/configs.go
@@ -0,0 +1,15 @@
+package api
+
+import "net/http"
+
+func (s *Server) configReadHandler(w http.ResponseWriter, r *http.Request) {
+	files := make(map[string]string)
+	if watcher != nil {
+		watcher.Cache.Range(func(key interface{}, value interface{}) bool {
+			files[key.(string)] = value.(string)
+			return true
+		})
+	}
+
+	s.JSONResponse(w, r, files)
+}
--- a/pkg/api/delay.go
+++ b/pkg/api/delay.go
@@ -0,0 +1,23 @@
+package api
+
+import (
+	"net/http"
+
+	"github.com/gorilla/mux"
+	"strconv"
+	"time"
+)
+
+func (s *Server) delayHandler(w http.ResponseWriter, r *http.Request) {
+	vars := mux.Vars(r)
+
+	delay, err := strconv.Atoi(vars["wait"])
+	if err != nil {
+		s.ErrorResponse(w, r, err.Error(), http.StatusBadRequest)
+		return
+	}
+
+	time.Sleep(time.Duration(delay) * time.Second)
+
+	s.JSONResponse(w, r, map[string]int{"delay": delay})
+}
--- a/pkg/api/delay_test.go
+++ b/pkg/api/delay_test.go
@@ -0,0 +1,35 @@
+package api
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"regexp"
+	"testing"
+)
+
+func TestDelayHandler(t *testing.T) {
+	req, err := http.NewRequest("GET", "/delay/0", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	rr := httptest.NewRecorder()
+	srv := NewMockServer()
+
+	srv.router.HandleFunc("/delay/{wait}", srv.delayHandler)
+	srv.router.ServeHTTP(rr, req)
+
+	// Check the status code is what we expect.
+	if status := rr.Code; status != http.StatusOK {
+		t.Errorf("handler returned wrong status code: got %v want %v",
+			status, http.StatusOK)
+	}
+
+	// Check the response body is what we expect.
+	expected := ".*delay.*0.*"
+	r := regexp.MustCompile(expected)
+	if !r.MatchString(rr.Body.String()) {
+		t.Fatalf("handler returned unexpected body:\ngot \n%v \nwant \n%s",
+			rr.Body.String(), expected)
+	}
+}
--- a/pkg/api/echo.go
+++ b/pkg/api/echo.go
@@ -0,0 +1,79 @@
+package api
+
+import (
+	"bytes"
+	"context"
+	"io/ioutil"
+	"net/http"
+
+	"github.com/stefanprodan/podinfo/pkg/version"
+	"go.uber.org/zap"
+)
+
+func (s *Server) echoHandler(w http.ResponseWriter, r *http.Request) {
+	body, err := ioutil.ReadAll(r.Body)
+	if err != nil {
+		s.logger.Error("reading the request body failed", zap.Error(err))
+		s.ErrorResponse(w, r, "invalid request body", http.StatusBadRequest)
+		return
+	}
+	defer r.Body.Close()
+
+	if len(s.config.BackendURL) > 0 {
+		backendReq, err := http.NewRequest("POST", s.config.BackendURL, bytes.NewReader(body))
+		if err != nil {
+			s.logger.Error("backend call failed", zap.Error(err), zap.String("url", s.config.BackendURL))
+			s.ErrorResponse(w, r, "backend call failed", http.StatusInternalServerError)
+			return
+		}
+
+		// forward headers
+		copyTracingHeaders(r, backendReq)
+
+		backendReq.Header.Set("X-API-Version", version.VERSION)
+		backendReq.Header.Set("X-API-Revision", version.REVISION)
+
+		ctx, cancel := context.WithTimeout(backendReq.Context(), s.config.HttpClientTimeout)
+		defer cancel()
+
+		// call backend
+		resp, err := http.DefaultClient.Do(backendReq.WithContext(ctx))
+		if err != nil {
+			s.logger.Error("backend call failed", zap.Error(err), zap.String("url", s.config.BackendURL))
+			s.ErrorResponse(w, r, "backend call failed", http.StatusInternalServerError)
+			return
+		}
+
+		defer resp.Body.Close()
+
+		// copy error status from backend and exit
+		if resp.StatusCode >= 400 {
+			s.ErrorResponse(w, r, "backend error", resp.StatusCode)
+			return
+		}
+
+		// forward the received body
+		rbody, err := ioutil.ReadAll(resp.Body)
+		if err != nil {
+			s.logger.Error(
+				"reading the backend request body failed",
+				zap.Error(err),
+				zap.String("url", s.config.BackendURL))
+			s.ErrorResponse(w, r, "backend call failed", http.StatusInternalServerError)
+			return
+		}
+
+		s.logger.Debug(
+			"payload received from backend",
+			zap.String("response", string(rbody)),
+			zap.String("url", s.config.BackendURL))
+
+		w.Header().Set("X-Color", s.config.UIColor)
+		w.WriteHeader(http.StatusAccepted)
+		w.Write(rbody)
+	} else {
+		w.Header().Set("X-Color", s.config.UIColor)
+		w.WriteHeader(http.StatusAccepted)
+		w.Write(body)
+	}
+}
--- a/pkg/api/echo_test.go
+++ b/pkg/api/echo_test.go
@@ -0,0 +1,34 @@
+package api
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"strings"
+	"testing"
+)
+
+func TestEchoHandler(t *testing.T) {
+	expected := `{"test": true}`
+	req, err := http.NewRequest("POST", "/api/echo", strings.NewReader(expected))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	rr := httptest.NewRecorder()
+	srv := NewMockServer()
+	handler := http.HandlerFunc(srv.echoHandler)
+
+	handler.ServeHTTP(rr, req)
+
+	// Check the status code is what we expect.
+	if status := rr.Code; status != http.StatusAccepted {
+		t.Errorf("handler returned wrong status code: got %v want %v",
+			status, http.StatusAccepted)
+	}
+
+	// Check the response body is what we expect.
+	if rr.Body.String() != expected {
+		t.Fatalf("handler returned unexpected body:\ngot \n%v \nwant \n%s",
+			rr.Body.String(), expected)
+	}
+}
--- a/pkg/api/echows.go
+++ b/pkg/api/echows.go
@@ -0,0 +1,82 @@
+package api
+
+import (
+	"net/http"
+	"strings"
+	"time"
+
+	"github.com/gorilla/websocket"
+	"go.uber.org/zap"
+)
+
+var wsCon = websocket.Upgrader{}
+
+// Test: go run ./cmd/podcli/* ws localhost:9898/ws/echo
+func (s *Server) echoWsHandler(w http.ResponseWriter, r *http.Request) {
+	c, err := wsCon.Upgrade(w, r, nil)
+	if err != nil {
+		if err != nil {
+			s.logger.Warn("websocket upgrade error", zap.Error(err))
+			return
+		}
+	}
+	defer c.Close()
+	done := make(chan struct{})
+	defer close(done)
+	in := make(chan interface{})
+	defer close(in)
+	go s.writeWs(c, in)
+	go s.sendHostWs(c, in, done)
+	for {
+		_, message, err := c.ReadMessage()
+		if err != nil {
+			if !strings.Contains(err.Error(), "close") {
+				s.logger.Warn("websocket read error", zap.Error(err))
+			}
+			break
+		}
+		var response = struct {
+			Time    time.Time `json:"ts"`
+			Message string    `json:"msg"`
+		}{
+			Time:    time.Now(),
+			Message: string(message),
+		}
+		in <- response
+	}
+}
+
+func (s *Server) sendHostWs(ws *websocket.Conn, in chan interface{}, done chan struct{}) {
+	ticker := time.NewTicker(5 * time.Second)
+	defer ticker.Stop()
+	for {
+		select {
+		case <-ticker.C:
+			var status = struct {
+				Time time.Time `json:"ts"`
+				Host string    `json:"server"`
+			}{
+				Time: time.Now(),
+				Host: s.config.Hostname,
+			}
+			in <- status
+		case <-done:
+			s.logger.Debug("websocket exit")
+			return
+		}
+	}
+}
+
+func (s *Server) writeWs(ws *websocket.Conn, in chan interface{}) {
+	for {
+		select {
+		case msg := <-in:
+			if err := ws.WriteJSON(msg); err != nil {
+				if !strings.Contains(err.Error(), "close") {
+					s.logger.Warn("websocket write error", zap.Error(err))
+				}
+				return
+			}
+		}
+	}
+}
--- a/pkg/api/env.go
+++ b/pkg/api/env.go
@@ -0,0 +1,11 @@
+package api
+
+import (
+	"net/http"
+
+	"os"
+)
+
+func (s *Server) envHandler(w http.ResponseWriter, r *http.Request) {
+	s.JSONResponse(w, r, os.Environ())
+}
--- a/pkg/api/env_test.go
+++ b/pkg/api/env_test.go
@@ -0,0 +1,35 @@
+package api
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"regexp"
+	"testing"
+)
+
+func TestEnvHandler(t *testing.T) {
+	req, err := http.NewRequest("GET", "/api/env", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	rr := httptest.NewRecorder()
+	srv := NewMockServer()
+	handler := http.HandlerFunc(srv.infoHandler)
+
+	handler.ServeHTTP(rr, req)
+
+	// Check the status code is what we expect.
+	if status := rr.Code; status != http.StatusOK {
+		t.Errorf("handler returned wrong status code: got %v want %v",
+			status, http.StatusOK)
+	}
+
+	// Check the response body is what we expect.
+	expected := ".*hostname.*"
+	r := regexp.MustCompile(expected)
+	if !r.MatchString(rr.Body.String()) {
+		t.Fatalf("handler returned unexpected body:\ngot \n%v \nwant \n%s",
+			rr.Body.String(), expected)
+	}
+}
--- a/pkg/api/headers.go
+++ b/pkg/api/headers.go
@@ -0,0 +1,9 @@
+package api
+
+import (
+	"net/http"
+)
+
+func (s *Server) echoHeadersHandler(w http.ResponseWriter, r *http.Request) {
+	s.JSONResponse(w, r, r.Header)
+}
--- a/pkg/api/headers_test.go
+++ b/pkg/api/headers_test.go
@@ -0,0 +1,36 @@
+package api
+
+import (
+	"fmt"
+	"net/http"
+	"net/http/httptest"
+	"regexp"
+	"testing"
+)
+
+func TestEchoHeadersHandler(t *testing.T) {
+	req, err := http.NewRequest("GET", "/api/headers", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+	req.Header.Set("X-Test", "testing")
+	rr := httptest.NewRecorder()
+	srv := NewMockServer()
+	handler := http.HandlerFunc(srv.echoHeadersHandler)
+
+	handler.ServeHTTP(rr, req)
+
+	// Check the status code is what we expect.
+	if status := rr.Code; status != http.StatusOK {
+		t.Errorf("handler returned wrong status code: got %v want %v",
+			status, http.StatusOK)
+	}
+
+	// Check the response body is what we expect.
+	expected := "testing"
+	r := regexp.MustCompile(fmt.Sprintf("(?m:%s)", expected))
+	if !r.MatchString(rr.Body.String()) {
+		t.Fatalf("handler returned unexpected body:\ngot \n%v \nwant \n%s",
+			rr.Body.String(), expected)
+	}
+}
--- a/pkg/api/health.go
+++ b/pkg/api/health.go
@@ -0,0 +1,32 @@
+package api
+
+import (
+	"net/http"
+	"sync/atomic"
+)
+
+func (s *Server) healthzHandler(w http.ResponseWriter, r *http.Request) {
+	if atomic.LoadInt32(&healthy) == 1 {
+		s.JSONResponse(w, r, map[string]string{"status": "OK"})
+		return
+	}
+	w.WriteHeader(http.StatusServiceUnavailable)
+}
+
+func (s *Server) readyzHandler(w http.ResponseWriter, r *http.Request) {
+	if atomic.LoadInt32(&ready) == 1 {
+		s.JSONResponse(w, r, map[string]string{"status": "OK"})
+		return
+	}
+	w.WriteHeader(http.StatusServiceUnavailable)
+}
+
+func (s *Server) enableReadyHandler(w http.ResponseWriter, r *http.Request) {
+	atomic.StoreInt32(&ready, 1)
+	w.WriteHeader(http.StatusAccepted)
+}
+
+func (s *Server) disableReadyHandler(w http.ResponseWriter, r *http.Request) {
+	atomic.StoreInt32(&ready, 0)
+	w.WriteHeader(http.StatusAccepted)
+}
--- a/pkg/api/health_test.go
+++ b/pkg/api/health_test.go
@@ -0,0 +1,45 @@
+package api
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"testing"
+)
+
+func TestHealthzHandler(t *testing.T) {
+	req, err := http.NewRequest("GET", "/healthz", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	rr := httptest.NewRecorder()
+	srv := NewMockServer()
+	handler := http.HandlerFunc(srv.healthzHandler)
+
+	handler.ServeHTTP(rr, req)
+
+	// Check the status code is what we expect.
+	if status := rr.Code; status != http.StatusServiceUnavailable {
+		t.Errorf("handler returned wrong status code: got %v want %v",
+			status, http.StatusServiceUnavailable)
+	}
+}
+
+func TestReadyzHandler(t *testing.T) {
+	req, err := http.NewRequest("GET", "/readyz", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	rr := httptest.NewRecorder()
+	srv := NewMockServer()
+	handler := http.HandlerFunc(srv.readyzHandler)
+
+	handler.ServeHTTP(rr, req)
+
+	// Check the status code is what we expect.
+	if status := rr.Code; status != http.StatusServiceUnavailable {
+		t.Errorf("handler returned wrong status code: got %v want %v",
+			status, http.StatusServiceUnavailable)
+	}
+}
--- a/pkg/api/http.go
+++ b/pkg/api/http.go
@@ -0,0 +1,122 @@
+package api
+
+import (
+	"bytes"
+	"encoding/json"
+	"math/rand"
+	"net/http"
+	"time"
+
+	"github.com/stefanprodan/podinfo/pkg/version"
+	"go.uber.org/zap"
+)
+
+func randomDelayMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		min := 0
+		max := 5
+		rand.Seed(time.Now().Unix())
+		delay := rand.Intn(max-min) + min
+		time.Sleep(time.Duration(delay) * time.Second)
+		next.ServeHTTP(w, r)
+	})
+}
+
+func randomErrorMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		rand.Seed(time.Now().Unix())
+		if rand.Int31n(3) == 0 {
+
+			errors := []int{http.StatusInternalServerError, http.StatusBadRequest, http.StatusConflict}
+			w.WriteHeader(errors[rand.Intn(len(errors))])
+			return
+		}
+		next.ServeHTTP(w, r)
+	})
+}
+
+func versionMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		r.Header.Set("X-API-Version", version.VERSION)
+		r.Header.Set("X-API-Revision", version.REVISION)
+
+		next.ServeHTTP(w, r)
+	})
+}
+
+// TODO: use Istio tracing package
+// https://github.com/istio/istio/blob/master/pkg/tracing/config.go
+func copyTracingHeaders(from *http.Request, to *http.Request) {
+	headers := []string{
+		"x-request-id",
+		"x-b3-traceid",
+		"x-b3-spanid",
+		"x-b3-parentspanid",
+		"x-b3-sampled",
+		"x-b3-flags",
+		"x-ot-span-context",
+	}
+
+	for i := range headers {
+		headerValue := from.Header.Get(headers[i])
+		if len(headerValue) > 0 {
+			to.Header.Set(headers[i], headerValue)
+		}
+	}
+}
+
+func (s *Server) JSONResponse(w http.ResponseWriter, r *http.Request, result interface{}) {
+	body, err := json.Marshal(result)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		s.logger.Error("JSON marshal failed", zap.Error(err))
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.Header().Set("X-Content-Type-Options", "nosniff")
+	w.WriteHeader(http.StatusOK)
+	w.Write(prettyJSON(body))
+}
+
+func (s *Server) JSONResponseCode(w http.ResponseWriter, r *http.Request, result interface{}, responseCode int) {
+	body, err := json.Marshal(result)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		s.logger.Error("JSON marshal failed", zap.Error(err))
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.Header().Set("X-Content-Type-Options", "nosniff")
+	w.WriteHeader(responseCode)
+	w.Write(prettyJSON(body))
+}
+
+func (s *Server) ErrorResponse(w http.ResponseWriter, r *http.Request, error string, code int) {
+	data := struct {
+		Code    int    `json:"code"`
+		Message string `json:"message"`
+	}{
+		Code:    code,
+		Message: error,
+	}
+
+	body, err := json.Marshal(data)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		s.logger.Error("JSON marshal failed", zap.Error(err))
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.Header().Set("X-Content-Type-Options", "nosniff")
+	w.WriteHeader(http.StatusOK)
+	w.Write(prettyJSON(body))
+}
+
+func prettyJSON(b []byte) []byte {
+	var out bytes.Buffer
+	json.Indent(&out, b, "", "  ")
+	return out.Bytes()
+}
--- a/pkg/api/index.go
+++ b/pkg/api/index.go
@@ -0,0 +1,26 @@
+package api
+
+import (
+	"html/template"
+	"net/http"
+	"path"
+)
+
+func (s *Server) indexHandler(w http.ResponseWriter, r *http.Request) {
+	tmpl, err := template.New("vue.html").ParseFiles(path.Join(s.config.UIPath, "vue.html"))
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		w.Write([]byte(path.Join(s.config.UIPath, "vue.html") + err.Error()))
+		return
+	}
+
+	data := struct {
+		Title string
+	}{
+		Title: s.config.Hostname,
+	}
+
+	if err := tmpl.Execute(w, data); err != nil {
+		http.Error(w, path.Join(s.config.UIPath, "vue.html")+err.Error(), http.StatusInternalServerError)
+	}
+}
--- a/pkg/api/info.go
+++ b/pkg/api/info.go
@@ -0,0 +1,38 @@
+package api
+
+import (
+	"net/http"
+
+	"runtime"
+	"strconv"
+
+	"github.com/stefanprodan/podinfo/pkg/version"
+)
+
+func (s *Server) infoHandler(w http.ResponseWriter, r *http.Request) {
+	data := struct {
+		Hostname     string `json:"hostname"`
+		Version      string `json:"version"`
+		Revision     string `json:"revision"`
+		Color        string `json:"color"`
+		Message      string `json:"message"`
+		GOOS         string `json:"goos"`
+		GOARCH       string `json:"goarch"`
+		Runtime      string `json:"runtime"`
+		NumGoroutine string `json:"num_goroutine"`
+		NumCPU       string `json:"num_cpu"`
+	}{
+		Hostname:     s.config.Hostname,
+		Version:      version.VERSION,
+		Revision:     version.REVISION,
+		Color:        s.config.UIColor,
+		Message:      s.config.UIMessage,
+		GOOS:         runtime.GOOS,
+		GOARCH:       runtime.GOARCH,
+		Runtime:      runtime.Version(),
+		NumGoroutine: strconv.FormatInt(int64(runtime.NumGoroutine()), 10),
+		NumCPU:       strconv.FormatInt(int64(runtime.NumCPU()), 10),
+	}
+
+	s.JSONResponse(w, r, data)
+}
--- a/pkg/api/info_test.go
+++ b/pkg/api/info_test.go
@@ -0,0 +1,35 @@
+package api
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"regexp"
+	"testing"
+)
+
+func TestInfoHandler(t *testing.T) {
+	req, err := http.NewRequest("GET", "/api/info", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	rr := httptest.NewRecorder()
+	srv := NewMockServer()
+	handler := http.HandlerFunc(srv.infoHandler)
+
+	handler.ServeHTTP(rr, req)
+
+	// Check the status code is what we expect.
+	if status := rr.Code; status != http.StatusOK {
+		t.Errorf("handler returned wrong status code: got %v want %v",
+			status, http.StatusOK)
+	}
+
+	// Check the response body is what we expect.
+	expected := ".*color.*blue.*"
+	r := regexp.MustCompile(expected)
+	if !r.MatchString(rr.Body.String()) {
+		t.Fatalf("handler returned unexpected body:\ngot \n%v \nwant \n%s",
+			rr.Body.String(), expected)
+	}
+}
--- a/pkg/api/logging.go
+++ b/pkg/api/logging.go
@@ -0,0 +1,31 @@
+package api
+
+import (
+	"net/http"
+
+	"go.uber.org/zap"
+)
+
+type LoggingMiddleware struct {
+	logger *zap.Logger
+}
+
+func NewLoggingMiddleware(logger *zap.Logger) *LoggingMiddleware {
+	return &LoggingMiddleware{
+		logger: logger,
+	}
+}
+
+func (m *LoggingMiddleware) Handler(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		m.logger.Debug(
+			"request started",
+			zap.String("proto", r.Proto),
+			zap.String("uri", r.RequestURI),
+			zap.String("method", r.Method),
+			zap.String("remote", r.RemoteAddr),
+			zap.String("user-agent", r.UserAgent()),
+		)
+		next.ServeHTTP(w, r)
+	})
+}
--- a/pkg/api/metrics.go
+++ b/pkg/api/metrics.go
@@ -0,0 +1,372 @@
+package api
+
+import (
+	"bufio"
+	"fmt"
+	"io"
+	"net"
+	"net/http"
+	"regexp"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/gorilla/mux"
+	"github.com/prometheus/client_golang/prometheus"
+)
+
+type PrometheusMiddleware struct {
+	Histogram *prometheus.HistogramVec
+	Counter   *prometheus.CounterVec
+}
+
+func NewPrometheusMiddleware() *PrometheusMiddleware {
+	// used for monitoring and alerting (RED method)
+	histogram := prometheus.NewHistogramVec(prometheus.HistogramOpts{
+		Subsystem: "http",
+		Name:      "request_duration_seconds",
+		Help:      "Seconds spent serving HTTP requests.",
+		Buckets:   prometheus.DefBuckets,
+	}, []string{"method", "path", "status"})
+	// used for horizontal pod auto-scaling (Kubernetes HPA v2)
+	counter := prometheus.NewCounterVec(
+		prometheus.CounterOpts{
+			Subsystem: "http",
+			Name:      "requests_total",
+			Help:      "The total number of HTTP requests.",
+		},
+		[]string{"status"},
+	)
+
+	prometheus.MustRegister(histogram)
+	prometheus.MustRegister(counter)
+
+	return &PrometheusMiddleware{
+		Histogram: histogram,
+		Counter:   counter,
+	}
+}
+
+func (p *PrometheusMiddleware) Handler(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		begin := time.Now()
+		interceptor := &interceptor{ResponseWriter: w, statusCode: http.StatusOK}
+		path := p.getRouteName(r)
+		next.ServeHTTP(interceptor.wrappedResponseWriter(), r)
+		var (
+			status = strconv.Itoa(interceptor.statusCode)
+			took   = time.Since(begin)
+		)
+		p.Histogram.WithLabelValues(r.Method, path, status).Observe(took.Seconds())
+		p.Counter.WithLabelValues(status).Inc()
+	})
+}
+
+// converts gorilla mux routes from '/api/delay/{wait}' to 'api_delay_wait'
+func (p *PrometheusMiddleware) getRouteName(r *http.Request) string {
+	if mux.CurrentRoute(r) != nil {
+		if name := mux.CurrentRoute(r).GetName(); len(name) > 0 {
+			return urlToLabel(name)
+		}
+		if path, err := mux.CurrentRoute(r).GetPathTemplate(); err == nil {
+			if len(path) > 0 {
+				return urlToLabel(path)
+			}
+		}
+	}
+	return urlToLabel(r.RequestURI)
+}
+
+var invalidChars = regexp.MustCompile(`[^a-zA-Z0-9]+`)
+
+// converts a URL path to a string compatible with Prometheus label value.
+func urlToLabel(path string) string {
+	result := invalidChars.ReplaceAllString(path, "_")
+	result = strings.ToLower(strings.Trim(result, "_"))
+	if result == "" {
+		result = "root"
+	}
+	return result
+}
+
+type interceptor struct {
+	http.ResponseWriter
+	statusCode int
+	recorded   bool
+}
+
+func (i *interceptor) Hijack() (net.Conn, *bufio.ReadWriter, error) {
+	hj, ok := i.ResponseWriter.(http.Hijacker)
+	if !ok {
+		return nil, nil, fmt.Errorf("interceptor: can't cast parent ResponseWriter to Hijacker")
+	}
+	return hj.Hijack()
+}
+
+func (i *interceptor) WriteHeader(code int) {
+	if !i.recorded {
+		i.statusCode = code
+		i.recorded = true
+	}
+	i.ResponseWriter.WriteHeader(code)
+}
+
+// Returns a wrapped http.ResponseWriter that implements the same optional interfaces
+// that the underlying ResponseWriter has.
+// Handle every possible combination so that code that checks for the existence of each
+// optional interface functions properly.
+// Based on https://github.com/felixge/httpsnoop/blob/eadd4fad6aac69ae62379194fe0219f3dbc80fd3/wrap_generated_gteq_1.8.go#L66
+func (i *interceptor) wrappedResponseWriter() http.ResponseWriter {
+	closeNotifier, isCloseNotifier := i.ResponseWriter.(http.CloseNotifier)
+	flush, isFlusher := i.ResponseWriter.(http.Flusher)
+	hijack, isHijacker := i.ResponseWriter.(http.Hijacker)
+	push, isPusher := i.ResponseWriter.(http.Pusher)
+	readFrom, isReaderFrom := i.ResponseWriter.(io.ReaderFrom)
+
+	switch {
+	case !isCloseNotifier && !isFlusher && !isHijacker && !isPusher && !isReaderFrom:
+		return struct {
+			http.ResponseWriter
+		}{i}
+
+	case isCloseNotifier && !isFlusher && !isHijacker && !isPusher && !isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.CloseNotifier
+		}{i, closeNotifier}
+
+	case !isCloseNotifier && isFlusher && !isHijacker && !isPusher && !isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.Flusher
+		}{i, flush}
+
+	case !isCloseNotifier && !isFlusher && isHijacker && !isPusher && !isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.Hijacker
+		}{i, hijack}
+
+	case !isCloseNotifier && !isFlusher && !isHijacker && isPusher && !isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.Pusher
+		}{i, push}
+
+	case !isCloseNotifier && !isFlusher && !isHijacker && !isPusher && isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			io.ReaderFrom
+		}{i, readFrom}
+
+	case isCloseNotifier && isFlusher && !isHijacker && !isPusher && !isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.CloseNotifier
+			http.Flusher
+		}{i, closeNotifier, flush}
+
+	case isCloseNotifier && !isFlusher && isHijacker && !isPusher && !isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.CloseNotifier
+			http.Hijacker
+		}{i, closeNotifier, hijack}
+
+	case isCloseNotifier && !isFlusher && !isHijacker && isPusher && !isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.CloseNotifier
+			http.Pusher
+		}{i, closeNotifier, push}
+
+	case isCloseNotifier && !isFlusher && !isHijacker && !isPusher && isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.CloseNotifier
+			io.ReaderFrom
+		}{i, closeNotifier, readFrom}
+
+	case !isCloseNotifier && isFlusher && isHijacker && !isPusher && !isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.Flusher
+			http.Hijacker
+		}{i, flush, hijack}
+
+	case !isCloseNotifier && isFlusher && !isHijacker && isPusher && !isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.Flusher
+			http.Pusher
+		}{i, flush, push}
+
+	case !isCloseNotifier && isFlusher && !isHijacker && !isPusher && isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.Flusher
+			io.ReaderFrom
+		}{i, flush, readFrom}
+
+	case !isCloseNotifier && !isFlusher && isHijacker && isPusher && !isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.Hijacker
+			http.Pusher
+		}{i, hijack, push}
+
+	case !isCloseNotifier && !isFlusher && isHijacker && !isPusher && isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.Hijacker
+			io.ReaderFrom
+		}{i, hijack, readFrom}
+
+	case !isCloseNotifier && !isFlusher && !isHijacker && isPusher && isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.Pusher
+			io.ReaderFrom
+		}{i, push, readFrom}
+
+	case isCloseNotifier && isFlusher && isHijacker && !isPusher && !isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.CloseNotifier
+			http.Flusher
+			http.Hijacker
+		}{i, closeNotifier, flush, hijack}
+
+	case isCloseNotifier && isFlusher && !isHijacker && isPusher && !isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.CloseNotifier
+			http.Flusher
+			http.Pusher
+		}{i, closeNotifier, flush, push}
+
+	case isCloseNotifier && isFlusher && !isHijacker && !isPusher && isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.CloseNotifier
+			http.Flusher
+			io.ReaderFrom
+		}{i, closeNotifier, flush, readFrom}
+
+	case isCloseNotifier && !isFlusher && isHijacker && isPusher && !isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.CloseNotifier
+			http.Hijacker
+			http.Pusher
+		}{i, closeNotifier, hijack, push}
+
+	case isCloseNotifier && !isFlusher && isHijacker && !isPusher && isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.CloseNotifier
+			http.Hijacker
+			io.ReaderFrom
+		}{i, closeNotifier, hijack, readFrom}
+
+	case isCloseNotifier && !isFlusher && !isHijacker && isPusher && isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.CloseNotifier
+			http.Pusher
+			io.ReaderFrom
+		}{i, closeNotifier, push, readFrom}
+
+	case !isCloseNotifier && isFlusher && isHijacker && isPusher && !isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.Flusher
+			http.Hijacker
+			http.Pusher
+		}{i, flush, hijack, push}
+
+	case !isCloseNotifier && isFlusher && isHijacker && !isPusher && isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.Flusher
+			http.Hijacker
+			io.ReaderFrom
+		}{i, flush, hijack, readFrom}
+
+	case !isCloseNotifier && isFlusher && !isHijacker && isPusher && isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.Flusher
+			http.Pusher
+			io.ReaderFrom
+		}{i, flush, push, readFrom}
+
+	case !isCloseNotifier && !isFlusher && isHijacker && isPusher && isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.Hijacker
+			http.Pusher
+			io.ReaderFrom
+		}{i, hijack, push, readFrom}
+
+	case isCloseNotifier && isFlusher && isHijacker && isPusher && !isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.CloseNotifier
+			http.Flusher
+			http.Hijacker
+			http.Pusher
+		}{i, closeNotifier, flush, hijack, push}
+
+	case isCloseNotifier && isFlusher && isHijacker && !isPusher && isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.CloseNotifier
+			http.Flusher
+			http.Hijacker
+			io.ReaderFrom
+		}{i, closeNotifier, flush, hijack, readFrom}
+
+	case isCloseNotifier && isFlusher && !isHijacker && isPusher && isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.CloseNotifier
+			http.Flusher
+			http.Pusher
+			io.ReaderFrom
+		}{i, closeNotifier, flush, push, readFrom}
+
+	case isCloseNotifier && !isFlusher && isHijacker && isPusher && isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.CloseNotifier
+			http.Hijacker
+			http.Pusher
+			io.ReaderFrom
+		}{i, closeNotifier, hijack, push, readFrom}
+
+	case !isCloseNotifier && isFlusher && isHijacker && isPusher && isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.Flusher
+			http.Hijacker
+			http.Pusher
+			io.ReaderFrom
+		}{i, flush, hijack, push, readFrom}
+
+	case isCloseNotifier && isFlusher && isHijacker && isPusher && isReaderFrom:
+		return struct {
+			http.ResponseWriter
+			http.CloseNotifier
+			http.Flusher
+			http.Hijacker
+			http.Pusher
+			io.ReaderFrom
+		}{i, closeNotifier, flush, hijack, push, readFrom}
+
+	default:
+		return struct {
+			http.ResponseWriter
+		}{i}
+	}
+}
--- a/pkg/api/mock.go
+++ b/pkg/api/mock.go
@@ -0,0 +1,32 @@
+package api
+
+import (
+	"time"
+
+	"github.com/gorilla/mux"
+	"go.uber.org/zap"
+)
+
+func NewMockServer() *Server {
+	config := &Config{
+		Port:                      "9898",
+		HttpServerShutdownTimeout: 5 * time.Second,
+		HttpServerTimeout:         30 * time.Second,
+		BackendURL:                "",
+		ConfigPath:                "/config",
+		DataPath:                  "/data",
+		HttpClientTimeout:         30 * time.Second,
+		UIColor:                   "blue",
+		UIPath:                    ".ui",
+		UIMessage:                 "Greetings",
+		Hostname:                  "localhost",
+	}
+
+	logger, _ := zap.NewDevelopment()
+
+	return &Server{
+		router: mux.NewRouter(),
+		logger: logger,
+		config: config,
+	}
+}
--- a/pkg/api/panic.go
+++ b/pkg/api/panic.go
@@ -0,0 +1,9 @@
+package api
+
+import (
+	"net/http"
+)
+
+func (s *Server) panicHandler(w http.ResponseWriter, r *http.Request) {
+	s.logger.Panic("Panic command received")
+}
--- a/pkg/api/server.go
+++ b/pkg/api/server.go
@@ -0,0 +1,208 @@
+package api
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	_ "net/http/pprof"
+	"os"
+	"strings"
+	"sync/atomic"
+	"time"
+
+	"github.com/gorilla/mux"
+	"github.com/prometheus/client_golang/prometheus/promhttp"
+	"github.com/spf13/viper"
+	"github.com/stefanprodan/podinfo/pkg/fscache"
+	"go.uber.org/zap"
+)
+
+var (
+	healthy int32
+	ready   int32
+	watcher *fscache.Watcher
+)
+
+type Config struct {
+	HttpClientTimeout         time.Duration `mapstructure:"http-client-timeout"`
+	HttpServerTimeout         time.Duration `mapstructure:"http-server-timeout"`
+	HttpServerShutdownTimeout time.Duration `mapstructure:"http-server-shutdown-timeout"`
+	BackendURL                string        `mapstructure:"backend-url"`
+	UIMessage                 string        `mapstructure:"ui-message"`
+	UIColor                   string        `mapstructure:"ui-color"`
+	UIPath                    string        `mapstructure:"ui-path"`
+	DataPath                  string        `mapstructure:"data-path"`
+	ConfigPath                string        `mapstructure:"config-path"`
+	Port                      string        `mapstructure:"port"`
+	PortMetrics               int           `mapstructure:"port-metrics"`
+	Hostname                  string        `mapstructure:"hostname"`
+	RandomDelay               bool          `mapstructure:"random-delay"`
+	RandomError               bool          `mapstructure:"random-error"`
+	JWTSecret                 string        `mapstructure:"jwt-secret"`
+}
+
+type Server struct {
+	router *mux.Router
+	logger *zap.Logger
+	config *Config
+}
+
+func NewServer(config *Config, logger *zap.Logger) (*Server, error) {
+	srv := &Server{
+		router: mux.NewRouter(),
+		logger: logger,
+		config: config,
+	}
+
+	return srv, nil
+}
+
+func (s *Server) registerHandlers() {
+	s.router.Handle("/metrics", promhttp.Handler())
+	s.router.PathPrefix("/debug/pprof/").Handler(http.DefaultServeMux)
+	s.router.HandleFunc("/", s.indexHandler).HeadersRegexp("User-Agent", "^Mozilla.*").Methods("GET")
+	s.router.HandleFunc("/", s.infoHandler).Methods("GET")
+	s.router.HandleFunc("/version", s.versionHandler).Methods("GET")
+	s.router.HandleFunc("/echo", s.echoHandler).Methods("POST")
+	s.router.HandleFunc("/env", s.envHandler).Methods("GET", "POST")
+	s.router.HandleFunc("/headers", s.echoHeadersHandler).Methods("GET", "POST")
+	s.router.HandleFunc("/delay/{wait:[0-9]+}", s.delayHandler).Methods("GET").Name("delay")
+	s.router.HandleFunc("/healthz", s.healthzHandler).Methods("GET")
+	s.router.HandleFunc("/readyz", s.readyzHandler).Methods("GET")
+	s.router.HandleFunc("/readyz/enable", s.enableReadyHandler).Methods("POST")
+	s.router.HandleFunc("/readyz/disable", s.disableReadyHandler).Methods("POST")
+	s.router.HandleFunc("/panic", s.panicHandler).Methods("GET")
+	s.router.HandleFunc("/status/{code:[0-9]+}", s.statusHandler).Methods("GET", "POST", "PUT").Name("status")
+	s.router.HandleFunc("/store", s.storeWriteHandler).Methods("POST")
+	s.router.HandleFunc("/store/{hash}", s.storeReadHandler).Methods("GET").Name("store")
+	s.router.HandleFunc("/configs", s.configReadHandler).Methods("GET")
+	s.router.HandleFunc("/token", s.tokenGenerateHandler).Methods("POST")
+	s.router.HandleFunc("/token/validate", s.tokenValidateHandler).Methods("GET")
+	s.router.HandleFunc("/api/info", s.infoHandler).Methods("GET")
+	s.router.HandleFunc("/api/echo", s.echoHandler).Methods("POST")
+	s.router.HandleFunc("/ws/echo", s.echoWsHandler)
+	s.router.HandleFunc("/chunked", s.chunkedHandler)
+	s.router.HandleFunc("/chunked/{wait:[0-9]+}", s.chunkedHandler)
+}
+
+func (s *Server) registerMiddlewares() {
+	prom := NewPrometheusMiddleware()
+	s.router.Use(prom.Handler)
+	httpLogger := NewLoggingMiddleware(s.logger)
+	s.router.Use(httpLogger.Handler)
+	s.router.Use(versionMiddleware)
+	if s.config.RandomDelay {
+		s.router.Use(randomDelayMiddleware)
+	}
+	if s.config.RandomError {
+		s.router.Use(randomErrorMiddleware)
+	}
+}
+
+func (s *Server) ListenAndServe(stopCh <-chan struct{}) {
+	go s.startMetricsServer()
+
+	s.registerHandlers()
+	s.registerMiddlewares()
+
+	srv := &http.Server{
+		Addr:         ":" + s.config.Port,
+		WriteTimeout: s.config.HttpServerTimeout,
+		ReadTimeout:  s.config.HttpServerTimeout,
+		IdleTimeout:  2 * s.config.HttpServerTimeout,
+		Handler:      s.router,
+	}
+
+	//s.printRoutes()
+
+	// load configs in memory and start watching for changes in the config dir
+	if stat, err := os.Stat(s.config.ConfigPath); err == nil && stat.IsDir() {
+		var err error
+		watcher, err = fscache.NewWatch(s.config.ConfigPath)
+		if err != nil {
+			s.logger.Error("config watch error", zap.Error(err), zap.String("path", s.config.ConfigPath))
+		} else {
+			watcher.Watch()
+		}
+	}
+
+	// run server in background
+	go func() {
+		if err := srv.ListenAndServe(); err != http.ErrServerClosed {
+			s.logger.Fatal("HTTP server crashed", zap.Error(err))
+		}
+	}()
+
+	// signal Kubernetes the server is ready to receive traffic
+	atomic.StoreInt32(&healthy, 1)
+	atomic.StoreInt32(&ready, 1)
+
+	// wait for SIGTERM or SIGINT
+	<-stopCh
+	ctx, cancel := context.WithTimeout(context.Background(), s.config.HttpServerShutdownTimeout)
+	defer cancel()
+
+	// all calls to /healthz and /readyz will fail from now on
+	atomic.StoreInt32(&healthy, 0)
+	atomic.StoreInt32(&ready, 0)
+
+	s.logger.Info("Shutting down HTTP server", zap.Duration("timeout", s.config.HttpServerShutdownTimeout))
+
+	// wait for Kubernetes readiness probe to remove this instance from the load balancer
+	// the readiness check interval must be lower than the timeout
+	if viper.GetString("level") != "debug" {
+		time.Sleep(3 * time.Second)
+	}
+
+	// attempt graceful shutdown
+	if err := srv.Shutdown(ctx); err != nil {
+		s.logger.Warn("HTTP server graceful shutdown failed", zap.Error(err))
+	} else {
+		s.logger.Info("HTTP server stopped")
+	}
+}
+
+func (s *Server) startMetricsServer() {
+	if s.config.PortMetrics > 0 {
+		mux := http.DefaultServeMux
+		mux.Handle("/metrics", promhttp.Handler())
+		mux.HandleFunc("/healthz", func(w http.ResponseWriter, r *http.Request) {
+			w.WriteHeader(http.StatusOK)
+			w.Write([]byte("OK"))
+		})
+
+		srv := &http.Server{
+			Addr:    fmt.Sprintf(":%v", s.config.PortMetrics),
+			Handler: mux,
+		}
+
+		srv.ListenAndServe()
+	}
+}
+
+func (s *Server) printRoutes() {
+	s.router.Walk(func(route *mux.Route, router *mux.Router, ancestors []*mux.Route) error {
+		pathTemplate, err := route.GetPathTemplate()
+		if err == nil {
+			fmt.Println("ROUTE:", pathTemplate)
+		}
+		pathRegexp, err := route.GetPathRegexp()
+		if err == nil {
+			fmt.Println("Path regexp:", pathRegexp)
+		}
+		queriesTemplates, err := route.GetQueriesTemplates()
+		if err == nil {
+			fmt.Println("Queries templates:", strings.Join(queriesTemplates, ","))
+		}
+		queriesRegexps, err := route.GetQueriesRegexp()
+		if err == nil {
+			fmt.Println("Queries regexps:", strings.Join(queriesRegexps, ","))
+		}
+		methods, err := route.GetMethods()
+		if err == nil {
+			fmt.Println("Methods:", strings.Join(methods, ","))
+		}
+		fmt.Println()
+		return nil
+	})
+}
--- a/pkg/api/status.go
+++ b/pkg/api/status.go
@@ -0,0 +1,20 @@
+package api
+
+import (
+	"net/http"
+
+	"github.com/gorilla/mux"
+	"strconv"
+)
+
+func (s *Server) statusHandler(w http.ResponseWriter, r *http.Request) {
+	vars := mux.Vars(r)
+
+	code, err := strconv.Atoi(vars["code"])
+	if err != nil {
+		s.ErrorResponse(w, r, err.Error(), http.StatusBadRequest)
+		return
+	}
+
+	s.JSONResponseCode(w, r, map[string]int{"status": code}, code)
+}
--- a/pkg/api/status_test.go
+++ b/pkg/api/status_test.go
@@ -0,0 +1,26 @@
+package api
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"testing"
+)
+
+func TestStatusHandler(t *testing.T) {
+	req, err := http.NewRequest("GET", "/status/404", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	rr := httptest.NewRecorder()
+	srv := NewMockServer()
+
+	srv.router.HandleFunc("/status/{code}", srv.statusHandler)
+	srv.router.ServeHTTP(rr, req)
+
+	// Check the status code is what we expect.
+	if status := rr.Code; status != http.StatusNotFound {
+		t.Errorf("handler returned wrong status code: got %v want %v",
+			status, http.StatusNotFound)
+	}
+}
--- a/pkg/api/store.go
+++ b/pkg/api/store.go
@@ -0,0 +1,48 @@
+package api
+
+import (
+	"crypto/sha1"
+	"encoding/hex"
+	"io/ioutil"
+	"net/http"
+	"path"
+
+	"github.com/gorilla/mux"
+	"go.uber.org/zap"
+)
+
+func (s *Server) storeWriteHandler(w http.ResponseWriter, r *http.Request) {
+
+	body, err := ioutil.ReadAll(r.Body)
+	if err != nil {
+		s.ErrorResponse(w, r, "reading the request body failed", http.StatusBadRequest)
+		return
+	}
+
+	hash := hash(string(body))
+	err = ioutil.WriteFile(path.Join(s.config.DataPath, hash), body, 0644)
+	if err != nil {
+		s.logger.Warn("writing file failed", zap.Error(err), zap.String("file", path.Join(s.config.DataPath, hash)))
+		s.ErrorResponse(w, r, "writing file failed", http.StatusInternalServerError)
+		return
+	}
+	s.JSONResponseCode(w, r, map[string]string{"hash": hash}, http.StatusAccepted)
+}
+
+func (s *Server) storeReadHandler(w http.ResponseWriter, r *http.Request) {
+	hash := mux.Vars(r)["hash"]
+	content, err := ioutil.ReadFile(path.Join(s.config.DataPath, hash))
+	if err != nil {
+		s.logger.Warn("reading file failed", zap.Error(err), zap.String("file", path.Join(s.config.DataPath, hash)))
+		s.ErrorResponse(w, r, "reading file failed", http.StatusInternalServerError)
+		return
+	}
+	w.WriteHeader(http.StatusAccepted)
+	w.Write([]byte(content))
+}
+
+func hash(input string) string {
+	h := sha1.New()
+	h.Write([]byte(input))
+	return hex.EncodeToString(h.Sum(nil))
+}
--- a/pkg/api/token.go
+++ b/pkg/api/token.go
@@ -0,0 +1,102 @@
+package api
+
+import (
+	"fmt"
+	"net/http"
+	"strings"
+	"time"
+
+	"io/ioutil"
+
+	"github.com/dgrijalva/jwt-go"
+	"go.uber.org/zap"
+)
+
+type jwtCustomClaims struct {
+	Name string `json:"name"`
+	jwt.StandardClaims
+}
+
+func (s *Server) tokenGenerateHandler(w http.ResponseWriter, r *http.Request) {
+	body, err := ioutil.ReadAll(r.Body)
+	if err != nil {
+		s.logger.Error("reading the request body failed", zap.Error(err))
+		s.ErrorResponse(w, r, "invalid request body", http.StatusBadRequest)
+		return
+	}
+	defer r.Body.Close()
+
+	user := "anonymous"
+	if len(body) > 0 {
+		user = string(body)
+	}
+
+	claims := &jwtCustomClaims{
+		user,
+		jwt.StandardClaims{
+			Issuer:    "podinfo",
+			ExpiresAt: time.Now().Add(time.Minute * 1).Unix(),
+		},
+	}
+
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+	t, err := token.SignedString([]byte(s.config.JWTSecret))
+	if err != nil {
+		s.ErrorResponse(w, r, err.Error(), http.StatusBadRequest)
+		return
+	}
+
+	var result = struct {
+		Token     string    `json:"token"`
+		ExpiresAt time.Time `json:"expires_at"`
+	}{
+		Token:     t,
+		ExpiresAt: time.Unix(claims.StandardClaims.ExpiresAt, 0),
+	}
+
+	s.JSONResponse(w, r, result)
+}
+
+// Get: JWT=$(curl -s -d 'test' localhost:9898/token | jq -r .token)
+// Post: curl -H "Authorization: Bearer ${JWT}" localhost:9898/token/validate
+func (s *Server) tokenValidateHandler(w http.ResponseWriter, r *http.Request) {
+	authorizationHeader := r.Header.Get("authorization")
+	if authorizationHeader == "" {
+		s.ErrorResponse(w, r, "authorization bearer header required", http.StatusUnauthorized)
+		return
+	}
+	bearerToken := strings.Split(authorizationHeader, " ")
+	if len(bearerToken) != 2 || strings.ToLower(bearerToken[0]) != "bearer" {
+		s.ErrorResponse(w, r, "authorization bearer header required", http.StatusUnauthorized)
+		return
+	}
+
+	claims := jwtCustomClaims{}
+	token, err := jwt.ParseWithClaims(bearerToken[1], &claims, func(token *jwt.Token) (interface{}, error) {
+		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
+			return nil, fmt.Errorf("invalid signing method")
+		}
+		return []byte(s.config.JWTSecret), nil
+	})
+	if err != nil {
+		s.ErrorResponse(w, r, err.Error(), http.StatusUnauthorized)
+		return
+	}
+
+	if token.Valid {
+		if claims.StandardClaims.Issuer != "podinfo" {
+			s.ErrorResponse(w, r, "invalid issuer", http.StatusUnauthorized)
+		} else {
+			var result = struct {
+				TokenName string    `json:"token_name"`
+				ExpiresAt time.Time `json:"expires_at"`
+			}{
+				TokenName: claims.Name,
+				ExpiresAt: time.Unix(claims.StandardClaims.ExpiresAt, 0),
+			}
+			s.JSONResponse(w, r, result)
+		}
+	} else {
+		s.ErrorResponse(w, r, "Invalid authorization token", http.StatusUnauthorized)
+	}
+}
--- a/pkg/api/version.go
+++ b/pkg/api/version.go
@@ -0,0 +1,15 @@
+package api
+
+import (
+	"net/http"
+
+	"github.com/stefanprodan/podinfo/pkg/version"
+)
+
+func (s *Server) versionHandler(w http.ResponseWriter, r *http.Request) {
+	result := map[string]string{
+		"version": version.VERSION,
+		"commit":  version.REVISION,
+	}
+	s.JSONResponse(w, r, result)
+}
--- a/pkg/api/version_test.go
+++ b/pkg/api/version_test.go
@@ -0,0 +1,36 @@
+package api
+
+import (
+	"fmt"
+	"net/http"
+	"net/http/httptest"
+	"regexp"
+	"testing"
+)
+
+func TestVersionHandler(t *testing.T) {
+	req, err := http.NewRequest("GET", "/version", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	rr := httptest.NewRecorder()
+	srv := NewMockServer()
+	handler := http.HandlerFunc(srv.versionHandler)
+
+	handler.ServeHTTP(rr, req)
+
+	// Check the status code is what we expect.
+	if status := rr.Code; status != http.StatusOK {
+		t.Errorf("handler returned wrong status code: got %v want %v",
+			status, http.StatusOK)
+	}
+
+	// Check the response body is what we expect.
+	expected := "unknown"
+	r := regexp.MustCompile(fmt.Sprintf("(?m:%s)", expected))
+	if !r.MatchString(rr.Body.String()) {
+		t.Fatalf("handler returned unexpected body:\ngot \n%v \nwant \n%s",
+			rr.Body.String(), expected)
+	}
+}
--- a/pkg/fscache/fscache.go
+++ b/pkg/fscache/fscache.go
@@ -0,0 +1,112 @@
+package fscache
+
+import (
+	"errors"
+	"io/ioutil"
+	"log"
+	"path/filepath"
+	"strings"
+	"sync"
+
+	"github.com/fsnotify/fsnotify"
+)
+
+type Watcher struct {
+	dir       string
+	fswatcher *fsnotify.Watcher
+	Cache     *sync.Map
+}
+
+// NewWatch creates a directory watcher and
+// updates the cache when any file changes in that dir
+func NewWatch(dir string) (*Watcher, error) {
+	if len(dir) < 1 {
+		return nil, errors.New("directory is empty")
+	}
+
+	fw, err := fsnotify.NewWatcher()
+	if err != nil {
+		return nil, err
+	}
+
+	w := &Watcher{
+		dir:       dir,
+		fswatcher: fw,
+		Cache:     new(sync.Map),
+	}
+
+	log.Printf("fscache start watcher for %s", w.dir)
+	err = w.fswatcher.Add(w.dir)
+	if err != nil {
+		return nil, err
+	}
+
+	// initial read
+	err = w.updateCache()
+	if err != nil {
+		return nil, err
+	}
+
+	return w, nil
+}
+
+// Watch watches for when kubelet updates the volume mount content
+func (w *Watcher) Watch() {
+	go func() {
+		for {
+			select {
+			// it can take up to a 2 minutes for kubelet to recreate the ..data symlink
+			case event := <-w.fswatcher.Events:
+				if event.Op&fsnotify.Create == fsnotify.Create {
+					if filepath.Base(event.Name) == "..data" {
+						err := w.updateCache()
+						if err != nil {
+							log.Printf("fscache update error %v", err)
+						} else {
+							log.Printf("fscache reload %s", w.dir)
+						}
+					}
+				}
+			case err := <-w.fswatcher.Errors:
+				log.Printf("fswatcher %s error %v", w.dir, err)
+			}
+		}
+	}()
+}
+
+// updateCache reads files content and loads them into the cache
+func (w *Watcher) updateCache() error {
+	fileMap := make(map[string]string)
+	files, err := ioutil.ReadDir(w.dir)
+	if err != nil {
+		return err
+	}
+
+	// read files ignoring symlinks and sub directories
+	for _, file := range files {
+		name := filepath.Base(file.Name())
+		if !file.IsDir() && !strings.Contains(name, "..") {
+			b, err := ioutil.ReadFile(filepath.Join(w.dir, file.Name()))
+			if err != nil {
+				return err
+			}
+			fileMap[name] = string(b)
+		}
+	}
+
+	// remove deleted files from cache
+	w.Cache.Range(func(key interface{}, value interface{}) bool {
+		_, ok := fileMap[key.(string)]
+		if !ok {
+			w.Cache.Delete(key)
+		}
+		return true
+	})
+
+	// sync cache
+	for k, v := range fileMap {
+		w.Cache.Store(k, v)
+	}
+
+	return nil
+}
--- a/pkg/signals/signal.go
+++ b/pkg/signals/signal.go
@@ -0,0 +1,27 @@
+package signals
+
+import (
+	"os"
+	"os/signal"
+)
+
+var onlyOneSignalHandler = make(chan struct{})
+
+// SetupSignalHandler registered for SIGTERM and SIGINT. A stop channel is returned
+// which is closed on one of these signals. If a second signal is caught, the program
+// is terminated with exit code 1.
+func SetupSignalHandler() (stopCh <-chan struct{}) {
+	close(onlyOneSignalHandler) // panics when called twice
+
+	stop := make(chan struct{})
+	c := make(chan os.Signal, 2)
+	signal.Notify(c, shutdownSignals...)
+	go func() {
+		<-c
+		close(stop)
+		<-c
+		os.Exit(1) // second signal. Exit directly.
+	}()
+
+	return stop
+}
--- a/pkg/signals/signal_posix.go
+++ b/pkg/signals/signal_posix.go
@@ -0,0 +1,10 @@
+// +build !windows
+
+package signals
+
+import (
+	"os"
+	"syscall"
+)
+
+var shutdownSignals = []os.Signal{os.Interrupt, syscall.SIGTERM}
--- a/pkg/signals/signal_windows.go
+++ b/pkg/signals/signal_windows.go
@@ -0,0 +1,7 @@
+package signals
+
+import (
+	"os"
+)
+
+var shutdownSignals = []os.Signal{os.Interrupt}
--- a/pkg/version/version.go
+++ b/pkg/version/version.go
@@ -0,0 +1,4 @@
+package version
+
+var VERSION = "2.0.1"
+var REVISION = "unknown"
--- a/podinfo-0.1.0.tgz
+++ b/podinfo-0.1.0.tgz
--- a/podinfo-0.2.0.tgz
+++ b/podinfo-0.2.0.tgz
--- a/podinfo-0.2.1.tgz
+++ b/podinfo-0.2.1.tgz
--- a/podinfo-0.2.2.tgz
+++ b/podinfo-0.2.2.tgz
--- a/podinfo-1.0.0.tgz
+++ b/podinfo-1.0.0.tgz
--- a/podinfo-1.1.0.tgz
+++ b/podinfo-1.1.0.tgz
--- a/podinfo-1.2.0.tgz
+++ b/podinfo-1.2.0.tgz
--- a/podinfo-1.2.1.tgz
+++ b/podinfo-1.2.1.tgz
--- a/podinfo-1.3.0.tgz
+++ b/podinfo-1.3.0.tgz
--- a/podinfo-1.3.1.tgz
+++ b/podinfo-1.3.1.tgz
--- a/podinfo-1.4.0.tgz
+++ b/podinfo-1.4.0.tgz
--- a/podinfo-1.4.1.tgz
+++ b/podinfo-1.4.1.tgz
--- a/podinfo-1.4.2.tgz
+++ b/podinfo-1.4.2.tgz
--- a/podinfo-1.5.0.tgz
+++ b/podinfo-1.5.0.tgz
--- a/podinfo-1.6.0.tgz
+++ b/podinfo-1.6.0.tgz
--- a/podinfo-2.0.0.tgz
+++ b/podinfo-2.0.0.tgz
--- a/podinfo-2.0.1.tgz
+++ b/podinfo-2.0.1.tgz
--- a/podinfo-2.0.2.tgz
+++ b/podinfo-2.0.2.tgz
--- a/podinfo-2.1.0.tgz
+++ b/podinfo-2.1.0.tgz
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Stefan Prodan	e0864b6e20	Merge pull request #27 from stefanprodan/ci Migrate to CircleCI and run e2e tests with Kubernetes Kind	2019-08-06 21:59:13 +03:00
stefanprodan	de2a9c464a	Release v2.0.1	2019-08-06 21:53:16 +03:00
stefanprodan	fed04ad692	Add e2e testing with Kubernetes Kind and Helm	2019-08-06 21:36:25 +03:00
stefanprodan	c907163073	Add JWT test to helm chart	2019-08-06 21:08:54 +03:00
stefanprodan	67578338c9	Toggle timeline background based on version	2019-08-06 20:46:17 +03:00
stefanprodan	0c27729000	Migrate CI to CircleCI	2019-08-06 20:36:57 +03:00
Stefan Prodan	dc27269a47	Merge pull request #26 from stefanprodan/prep-v2.0.0 Release v2.0.0	2019-08-06 17:17:45 +03:00
stefanprodan	eeb1d2b674	Publish podinfo CLI to GitHub releases	2019-08-06 17:03:09 +03:00
stefanprodan	6da79daa96	Add release command	2019-08-06 16:58:35 +03:00
stefanprodan	34aef54f20	Release v2	2019-08-06 16:53:38 +03:00
stefanprodan	dc96b15dac	Add badges	2019-08-06 16:53:02 +03:00
stefanprodan	64ff737dca	Add CircleCI release workflow	2019-08-06 16:44:05 +03:00
Stefan Prodan	3c76b54c80	Merge pull request #25 from stefanprodan/v2 Prepare v2 release	2019-08-06 16:41:11 +03:00
stefanprodan	fc5a9797e8	Add guides to readme	2019-08-06 16:33:20 +03:00
stefanprodan	fb183d897b	Publish Helm chart to GH Pages	2019-08-06 16:14:07 +03:00
stefanprodan	67711cf150	Add Kustomize and Helm install to readme	2019-08-06 15:59:58 +03:00
stefanprodan	0ca7c25d68	Set version with make	2019-08-06 15:59:39 +03:00
stefanprodan	eb0ad32655	Add Kustomize installer	2019-08-06 15:59:03 +03:00
stefanprodan	f9ce51da4b	Push container on release	2019-08-06 15:32:37 +03:00
stefanprodan	045246c324	Cleanup make	2019-08-06 15:06:27 +03:00
stefanprodan	9bd14c1ba7	Use go proxy and modules	2019-08-06 15:06:16 +03:00
stefanprodan	6f59e98bec	Add timeline to UI	2019-08-06 15:05:37 +03:00
stefanprodan	c287ab7daf	Rename imports and use go modules	2019-08-06 15:05:15 +03:00
stefanprodan	e2efee0bdf	Remove docs and build dirs	2019-08-06 12:14:09 +03:00