diff --git a/arm_exporter.jsonnet b/arm_exporter.jsonnet
index 95599db..f7bfe11 100644
--- a/arm_exporter.jsonnet
+++ b/arm_exporter.jsonnet
@@ -15,15 +15,8 @@ local utils = import 'utils.libsonnet';
   },
 
   armExporter+:: {
-    clusterRoleBinding:
-      local clusterRoleBinding = k.rbac.v1.clusterRoleBinding;
-
-      clusterRoleBinding.new() +
-      clusterRoleBinding.mixin.metadata.withName('arm-exporter') +
-      clusterRoleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') +
-      clusterRoleBinding.mixin.roleRef.withName('arm-exporter') +
-      clusterRoleBinding.mixin.roleRef.mixinInstance({ kind: 'ClusterRole' }) +
-      clusterRoleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'arm-exporter', namespace: $._config.namespace }]),
+    serviceAccount:
+      utils.newServiceAccount('arm-exporter', $._config.namespace, null),
 
     clusterRole:
       utils.newClusterRole('arm-exporter', [
@@ -35,13 +28,10 @@ local utils = import 'utils.libsonnet';
          res: ['subjectaccessreviews'],
          verbs: ['create']
         }
-      ]),
+      ], null),
 
-    serviceAccount:
-      local serviceAccount = k.core.v1.serviceAccount;
-
-      serviceAccount.new('arm-exporter') +
-      serviceAccount.mixin.metadata.withNamespace($._config.namespace),
+    clusterRoleBinding:
+      utils.newClusterRoleBinding('arm-exporter', 'arm-exporter', $._config.namespace, 'arm-exporter', null),
 
     daemonset:
       local daemonset = k.apps.v1.daemonSet;
@@ -84,16 +74,6 @@ local utils = import 'utils.libsonnet';
       daemonset.mixin.spec.template.spec.withServiceAccountName('arm-exporter') +
       daemonset.mixin.spec.template.spec.withContainers(c),
 
-    serviceMonitor:
-      utils.newServiceMonitorHTTPS('arm-exporter',
-        $._config.namespace,
-        {'k8s-app': 'arm-exporter'},
-        $._config.namespace,
-        'https',
-        'https',
-        '/var/run/secrets/kubernetes.io/serviceaccount/token',
-      ),
-
     service:
       local service = k.core.v1.service;
       local servicePort = k.core.v1.service.mixin.spec.portsType;
@@ -104,5 +84,15 @@ local utils = import 'utils.libsonnet';
       service.mixin.metadata.withNamespace($._config.namespace) +
       service.mixin.metadata.withLabels({ 'k8s-app': 'arm-exporter' }) +
       service.mixin.spec.withClusterIp('None'),
+
+    serviceMonitor:
+      utils.newServiceMonitorHTTPS('arm-exporter',
+        $._config.namespace,
+        {'k8s-app': 'arm-exporter'},
+        $._config.namespace,
+        'https',
+        'https',
+        '/var/run/secrets/kubernetes.io/serviceaccount/token',
+      ),
   },
 }
diff --git a/utils.libsonnet b/utils.libsonnet
index 88210b7..f06237f 100644
--- a/utils.libsonnet
+++ b/utils.libsonnet
@@ -2,6 +2,15 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
 local vars = import 'vars.jsonnet';
 
 {
+  // Generates the manifests for all objects in kp except those starting with "_"
+  generate(kp):: (
+    {
+      [std.asciiLower(module) + '-' + name]: kp[module][name]
+      for module in std.objectFieldsAll(kp) if !std.startsWith(module, '_')
+      for name in std.objectFields(kp[module])
+    }
+  ),
+
   // Join multiple objects into one
   join_objects(objs)::
     local aux(arr, i, running) =
@@ -11,30 +20,53 @@ local vars = import 'vars.jsonnet';
         aux(arr, i + 1, running + arr[i]) tailstrict;
     aux(objs, 0, {}),
 
+  // Creates serviceaccount
+  newServiceAccount(name, namespace, labels):: (
+      local serviceAccount = k.core.v1.serviceAccount;
+
+      serviceAccount.new(name)
+      + (if labels != null then serviceAccount.mixin.metadata.withLabels(labels) else {})
+      + serviceAccount.mixin.metadata.withNamespace(namespace)
+  ),
+
   // Creates ClusterRoles
-  // roles format example: {apis: ['authentication.k8s.io'],
+  // roles format example: [{apis: ['authentication.k8s.io'],
   //                        res: ['tokenreviews'],
   //                        verbs: ['create']
-  //                       }
-    newClusterRole(name, roles):: (
+  //                       },[{...}]]
+    newClusterRole(name, roles, labels):: (
       local clusterRole = k.rbac.v1.clusterRole;
       local policyRule = clusterRole.rulesType;
 
-      local p(apigroups, resources, verbs) = policyRule.new() +
-                  policyRule.withApiGroups([a for a in apigroups]) +
-                  policyRule.withResources([r for r in resources]) +
-                  policyRule.withVerbs([v for v in verbs]);
+      local p(apigroups, resources, verbs) = policyRule.new()
+            + policyRule.withApiGroups([a for a in apigroups])
+            + policyRule.withResources([r for r in resources])
+            + policyRule.withVerbs([v for v in verbs]);
 
       local r = [ p(pol.apis, pol.res, pol.verbs) for pol in roles ];
 
       local rules = r;
 
-      local c = clusterRole.new() +
-        clusterRole.mixin.metadata.withName(name) +
-        clusterRole.withRules(rules);
+      local c = clusterRole.new()
+            + (if labels != null then clusterRole.mixin.metadata.withLabels(labels) else {})
+            + clusterRole.mixin.metadata.withName(name) +
+            + clusterRole.withRules(rules);
       c
     ),
 
+    // Creates a ClusterRoleBinding between a `clusterRole` and a `serviceAccount` on `serviceAccountNamespace`
+    newClusterRoleBinding(name, serviceAccount, serviceAccountNamespace, clusterRole, labels):: (
+      local clusterRoleBinding = k.rbac.v1.clusterRoleBinding;
+
+      clusterRoleBinding.new()
+      + clusterRoleBinding.mixin.metadata.withName(name) +
+      + (if labels != null then clusterRoleBinding.mixin.metadata.withLabels(labels) else {})
+      + clusterRoleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io')
+      + clusterRoleBinding.mixin.roleRef.withName(clusterRole)
+      + clusterRoleBinding.mixin.roleRef.mixinInstance({ kind: 'ClusterRole' })
+      + clusterRoleBinding.withSubjects([{ kind: 'ServiceAccount', 'name': serviceAccount, 'namespace': serviceAccountNamespace }])
+    ),
+
   // Creates endpoint objects
   newEndpoint(name, namespace, ips, portName, portNumber):: (
     local endpoints = k.core.v1.endpoints;
@@ -81,6 +113,39 @@ local vars = import 'vars.jsonnet';
     )
   ),
 
+  // Creates new basic deployments
+  newDeployment(name, namespace, image, cmd, port):: (
+    local deployment = k.apps.v1.deployment;
+    local container = k.apps.v1.deployment.mixin.spec.template.spec.containersType;
+    local containerPort = container.portsType;
+
+    local con =
+      container.new(name, image)
+      + (if cmd != null then container.withCommand(cmd) else {})
+      + container.withPorts(containerPort.newNamed(port, name+'-port'));
+
+    local c = [con];
+
+    local d = deployment.new(name, 1, c, {'app': name}) +
+      deployment.mixin.metadata.withNamespace(namespace) +
+      deployment.mixin.metadata.withLabels({'app': name}) +
+      deployment.mixin.spec.selector.withMatchLabels({'app': name}) +
+      deployment.mixin.spec.strategy.withType('RollingUpdate') +
+      deployment.mixin.spec.template.spec.withRestartPolicy('Always');
+    d
+  ),
+
+  newService(name, namespace, port):: (
+    local service = k.core.v1.service;
+    local servicePort = k.core.v1.service.mixin.spec.portsType;
+    local p = servicePort.newNamed(name, port, port);
+
+    local s = service.new(name, {'app': name}, p) +
+      service.mixin.metadata.withNamespace(namespace) +
+      service.mixin.metadata.withLabels({'app': name});
+    s
+  ),
+
   // Creates http ServiceMonitor objects
   newServiceMonitor(name, namespace, matchLabel, matchNamespace, portName, portScheme, path='metrics'):: (
     {