Originally, I had this application returning mock data to confirm the workflow. Now, it's actually querying the Envoy Proxy sidecars to collect information.
Real Metrics Collection (pkg/istio/discovery.go:209-382)
The application uses genuine Kubernetes API calls to collect real metrics:
Real Kubernetes API Interaction: Lines 217-244 show it executes kubectl exec commands inside actual pods to access Istio's Envoy proxy metrics endpoint (http://localhost:15020/stats/prometheus)
Actual Envoy Metrics Parsing: Lines 258-382 parse real Prometheus-format metrics from Envoy proxies, including:
- istio_requests_total for request counts
- istio_request_duration_milliseconds for latency percentiles
- envoy_http_downstream_cx_active for connection counts
- Circuit breaker, retry, and timeout metrics
Live Pod Discovery: Lines 113-156 discover services by scanning actual Kubernetes pods with Istio sidecars using real pod labels and annotations
Kubernetes Client Integration: The application connects to your actual cluster using kubeconfig (pkg/k8s/client.go) and performs live API calls
Real Data Flow
From the scan command (cmd/scan.go:111), the flow is:
- Connect to a real Kubernetes cluster
- Discover actual services with Istio sidecars
- Execute real curl commands inside Envoy sidecar containers
- Parse real Prometheus metrics from Envoy
- Apply ML clustering and anomaly detection to actual data