Deployment Guide
Hi there, thank you for trying out Pyroscope! In this guide you'll learn about deploying Pyroscope in production environment. If something doesn't work or these instructions are not clear enough — we would love to help you — reach out in our slack group or email us at contact@pyroscope.io.
Reference architecture
We recommend hosting pyroscope server in the same datacenter with your apps that you want to profile.
Configuration
Pyroscope can be configured with command line arguments, environment variables and config files. See Configuration for more info on this topic.
System requirements
As a rule of thumb, if you want to profile your whole cloud infrastructure, expect to spend about 1% of your cloud budget on Pyroscope server.
| Resource | More of resource equals |
|---|---|
| CPU | higher write bandwidth |
| RAM | higher write bandwidth, support for more individual apps |
| Disk throughput | higher write bandwidth |
| Disk Space | higher data retention (ability to store profiling data for longer periods of time) |
Networking requirements
These are the ports used by pyroscope server. Make sure you allow access to these ports from the outside:
| Port | Description |
|---|---|
| TCP :4040 | HTTP API, used for both data ingestion and web UI |
Currently there's no authentication mechanism in pyroscope. Possible workarounds are:
- use other access control solutions, for example OAuth2 Proxy (recommended)
- use a reverse proxy with Basic Authentication (e.g nginx)
- only allow access from select IPs
- set up an ssh tunnel, e.g
ssh <user>@<remote-address> -L 4040:127.0.0.1:4040 -N