diff --git a/apis/views.py b/apis/views.py
index 85d581a..589aba2 100644
--- a/apis/views.py
+++ b/apis/views.py
@@ -43,7 +43,7 @@ def render_op_result_to_msg(op_result):
 def render_podgroup_deploy_result_to_msg(deploy_result):
     msg = 'proc deploy result:\n'
     for pgname, pgr in deploy_result['podgroup_result'].iteritems():
-        msg += '    %s\n' % ( render_op_result_to_msg(pgr))
+        msg += '    %s\n' % (render_op_result_to_msg(pgr))
     services = deploy_result['services_need_deploy']
     if services is not None and len(services) > 0:
         msg += '    services_need_deploy:\n'
@@ -476,7 +476,8 @@ def delete_app(cls, appname, options=None):
                         'Not allow to delete resource app.',
                         reverse('api_apps'))
 
-            v = get_etcd_value(PROTECTED_APPS_ETCD_PREFIX, ETCD_AUTHORITY, '[]')
+            v = get_etcd_value(PROTECTED_APPS_ETCD_PREFIX,
+                               ETCD_AUTHORITY, '[]')
             protected_apps = json.loads(v)
             if appname in protected_apps:
                 return (403, AppApi.render_app(app),
@@ -873,7 +874,7 @@ def create_app_proc(cls, appname, procname, options=None):
                 return (400, None,
                         'no such proc %s in app %s' % (procname, appname),
                         reverse('api_procs', kwargs={'appname': appname}))
-            if pg_status:
+            if pg_status and options.get('type', None) != 'canary':
                 return (409, ProcApi.render_proc_data(appname, proc, pg_status),
                         'proc with procname %s already exists\n' % procname,
                         reverse('api_proc', kwargs={'appname': appname, 'procname': procname}))
@@ -882,11 +883,18 @@ def create_app_proc(cls, appname, procname, options=None):
                 procname, appname, AuthApi.operater))
 
             add_oplog(AuthApi.operater, "DEPLOY", appname, "",
-                      "proc depolyd" % procname)
+                      "proc %s depolyd" % procname)
 
             podgroup_name = "%s.%s.%s" % (
                 app.appname, proc.type.name, proc.name)
             podgroup_spec = app.podgroup_spec(podgroup_name)
+            # if create canary type proc, 1. rename pgname 2. add canary info
+            if options is not None and options.get('type', None) == 'canary':
+                podgroup_spec.Name = "%s.%s.%s" % (
+                    app.appname, 'canary', proc.name)
+                podgroup_spec.Pod.Name = podgroup_spec.Name
+                podgroup_spec.strategies = options.get('strategies', [])
+                
             deploy_result = recursive_deploy(podgroup_spec)
             if deploy_result.get("OK", False):
                 return (201, ProcApi.render_proc_data(appname, proc, app.podgroup_status(podgroup_name)),
@@ -1084,6 +1092,11 @@ def delete_app_proc(cls, appname, procname, options=None):
 
                 podgroup_name = "%s.%s.%s" % (
                     appname, proc.type.name, proc.name)
+
+                if options is not None and options.get('type', None) == 'canary':
+                    podgroup_name = "%s.%s.%s" % (
+                    appname, 'canary', proc.name)
+
                 remove_result = app.podgroup_remove(podgroup_name)
                 if remove_result.status_code < 400:
                     return (202, ProcApi.render_proc_data(appname, proc),
diff --git a/authorize/models.py b/authorize/models.py
index ffd207e..b53a215 100644
--- a/authorize/models.py
+++ b/authorize/models.py
@@ -38,7 +38,7 @@ def redirect_to_ui(cls, token_json):
     @classmethod
     def authorize_registry(cls, request):
         info = authorize.registry.parse_request(request)
-        if len(info.actions) == 1 and str(info.actions[0]) == 'pull':
+        if isinstance(info.actions, (list, tuple)) and len(info.actions) == 1 and str(info.actions[0]) == 'pull':
             return True, authorize.registry.get_jwt_with_request_info(info)
         if not authorize.registry.ip_in_whitelist(info.client_ip):
             if not authorize.utils.is_valid_user(info.username, info.password):
@@ -51,7 +51,6 @@ def authorize_registry(cls, request):
                     logger.warning("requests from %s for %s not valid" % (
                         info.username, info.appname))
                     return False, 'the user has no access to %s' % info.appname
-
         return True, authorize.registry.get_jwt_with_request_info(info)
 
     @classmethod
diff --git a/console/views.py b/console/views.py
index 36fdec1..84ef305 100644
--- a/console/views.py
+++ b/console/views.py
@@ -231,8 +231,12 @@ def api_proc_history_get(request, appname, procname, instance):
 @deployd_required
 def api_proc_high_permit(request, appname, procname):
     if request.method == 'DELETE':
+        try:
+            options = json.loads(request.body)
+        except Exception:
+            options = None
         status_code, view_object, msg, url = ProcApi.delete_app_proc(
-            appname, procname)
+            appname, procname, options)
         return render_json_response(status_code, 'proc', view_object, msg, url)
     elif request.method == 'PATCH':
         try: