julianobarbosa/pyroscope
skills/pyroscope/SKILL.md
Guide for Grafana Pyroscope continuous profiling. Use for Kubernetes Helm deployment, Go/Java/Python/.NET/Ruby/Node.js profiling, storage backends, trace-to-profile linking, and troubleshooting.
$ install --global
skillsauthnpx skillsauth add julianobarbosa/claude-code-skills pyroscopeInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 29, 2026, 7:46 AM126.9s5 files scanned
SKILL.md
- name:
- pyroscope
- description:
- >-
Grafana Pyroscope Skill
Comprehensive guide for Grafana Pyroscope - the open-source continuous profiling platform for analyzing application performance at the code level.
What is Pyroscope?
Pyroscope is a horizontally-scalable, highly-available, multi-tenant continuous profiling system that:
- Collects profiling data continuously with minimal overhead (~2-5% CPU)
- Provides code-level visibility with source-line granularity
- Stores compressed profiles in object storage (S3, GCS, Azure Blob)
- Integrates with Grafana for correlating profiles with metrics, logs, and traces
- Supports multiple languages - Go, Java, Python, .NET, Ruby, Node.js, Rust
Architecture Overview
Core Components
| Component | Purpose | |-----------|---------| | Distributor | Validates and routes incoming profiles to ingesters | | Ingester | Buffers profiles in memory, compresses and writes to storage | | Querier | Retrieves and processes profile data for analysis | | Query Frontend | Handles query requests, caching, and scheduling | | Query Scheduler | Manages per-tenant query queues | | Store Gateway | Provides access to long-term profile storage | | Compactor | Merges blocks, manages retention, handles deletion |
Data Flow
Write Path:
SDK/Alloy → Distributor → Ingester → Object Storage
↓
Blocks + Indexes
Read Path:
Query → Query Frontend → Query Scheduler → Querier
↓
Ingesters + Store Gateway
Deployment Modes
1. Monolithic Mode (-target=all)
- All components in single process
- Best for: Development, small-scale deployments
- Query URL:
http://pyroscope:4040/
2. Microservices Mode (Production)
- Each component runs independently
- Horizontally scalable
- Query URL:
http://pyroscope-querier:4040/
# Microservices deployment
architecture:
microservices:
enabled: true
querier:
replicas: 3
distributor:
replicas: 2
ingester:
replicas: 3
compactor:
replicas: 3
storeGateway:
replicas: 3
Quick Start - Kubernetes Helm
Add Repository
helm repo add grafana https://grafana.github.io/helm-charts
helm repo update
Install Single Binary
kubectl create namespace pyroscope
helm install pyroscope grafana/pyroscope -n pyroscope
Install Microservices Mode
curl -Lo values-micro-services.yaml \
https://raw.githubusercontent.com/grafana/pyroscope/main/operations/pyroscope/helm/pyroscope/values-micro-services.yaml
helm install pyroscope grafana/pyroscope \
-n pyroscope \
--values values-micro-services.yaml
Profile Types
| Type | Description | Languages | |------|-------------|-----------| | CPU | Wall/CPU time consumption | All | | Memory | Allocation objects/space, heap | Go, Java, .NET | | Goroutine | Concurrent goroutines | Go | | Mutex | Lock contention (count/duration) | Go, Java, .NET | | Block | Thread blocking/delays | Go | | Exceptions | Exception tracking | Python |
Client Configuration Methods
Method 1: SDK Instrumentation (Push Mode)
Go SDK:
import "github.com/grafana/pyroscope-go"
pyroscope.Start(pyroscope.Config{
ApplicationName: "my-app",
ServerAddress: "http://pyroscope:4040",
ProfileTypes: []pyroscope.ProfileType{
pyroscope.ProfileCPU,
pyroscope.ProfileAllocObjects,
pyroscope.ProfileAllocSpace,
pyroscope.ProfileInuseObjects,
pyroscope.ProfileInuseSpace,
pyroscope.ProfileGoroutines,
pyroscope.ProfileMutexCount,
pyroscope.ProfileMutexDuration,
pyroscope.ProfileBlockCount,
pyroscope.ProfileBlockDuration,
},
Tags: map[string]string{
"env": "production",
},
})
Java SDK:
PyroscopeAgent.start(
new Config.Builder()
.setApplicationName("my-app")
.setServerAddress("http://pyroscope:4040")
.setProfilingEvent(EventType.ITIMER)
.setFormat(Format.JFR)
.build()
);
Python SDK:
import pyroscope
pyroscope.configure(
application_name="my-app",
server_address="http://pyroscope:4040",
tags={"env": "production"},
)
Method 2: Grafana Alloy (Pull Mode)
Auto-instrumentation via Annotations:
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-app
spec:
template:
metadata:
annotations:
profiles.grafana.com/cpu.scrape: "true"
profiles.grafana.com/cpu.port: "8080"
profiles.grafana.com/memory.scrape: "true"
profiles.grafana.com/memory.port: "8080"
profiles.grafana.com/goroutine.scrape: "true"
profiles.grafana.com/goroutine.port: "8080"
Alloy Configuration:
pyroscope.scrape "default" {
targets = discovery.kubernetes.pods.targets
forward_to = [pyroscope.write.default.receiver]
profiling_config {
profile.process_cpu { enabled = true }
profile.memory { enabled = true }
profile.goroutine { enabled = true }
}
}
pyroscope.write "default" {
endpoint {
url = "http://pyroscope:4040"
}
}
Method 3: eBPF Profiling (Linux)
For compiled languages (C/C++, Go, Rust):
pyroscope.ebpf "default" {
forward_to = [pyroscope.write.default.receiver]
targets = discovery.kubernetes.pods.targets
}
Storage Configuration
Azure Blob Storage
pyroscope:
config:
storage:
backend: azure
azure:
container_name: pyroscope-data
account_name: mystorageaccount
account_key: ${AZURE_ACCOUNT_KEY}
AWS S3
pyroscope:
config:
storage:
backend: s3
s3:
bucket_name: pyroscope-data
region: us-east-1
endpoint: s3.us-east-1.amazonaws.com
access_key_id: ${AWS_ACCESS_KEY_ID}
secret_access_key: ${AWS_SECRET_ACCESS_KEY}
Google Cloud Storage
pyroscope:
config:
storage:
backend: gcs
gcs:
bucket_name: pyroscope-data
# Uses GOOGLE_APPLICATION_CREDENTIALS
Grafana Integration
Data Source Configuration
apiVersion: 1
datasources:
- name: Pyroscope
type: grafana-pyroscope-datasource
access: proxy
url: http://pyroscope-querier:4040
isDefault: false
editable: true
Trace-to-Profile Linking
Enable span profiles to correlate traces with profiles:
Go with OpenTelemetry:
import (
"github.com/grafana/pyroscope-go"
otelpyroscope "github.com/grafana/otel-profiling-go"
)
tp := trace.NewTracerProvider(
trace.WithSpanProcessor(otelpyroscope.NewSpanProcessor()),
)
Requirements:
- Minimum span duration: 20ms
- Supported: Go, Java, .NET, Python, Ruby
Resource Requirements
Single Binary (Development)
resources:
requests:
cpu: 500m
memory: 512Mi
limits:
cpu: 1
memory: 2Gi
Microservices (Production)
| Component | CPU Request | Memory Request | Memory Limit | |-----------|-------------|----------------|--------------| | Distributor | 500m | 256Mi | 1Gi | | Ingester | 1 | 8Gi | 16Gi | | Querier | 100m | 256Mi | 1Gi | | Query Frontend | 100m | 256Mi | 1Gi | | Compactor | 1 | 8Gi | 16Gi | | Store Gateway | 1 | 8Gi | 16Gi |
Common Helm Values
# Production values
architecture:
microservices:
enabled: true
pyroscope:
persistence:
enabled: true
size: 50Gi
config:
storage:
backend: s3
s3:
bucket_name: pyroscope-prod
region: us-east-1
# High availability
ingester:
replicas: 3
terminationGracePeriodSeconds: 600
querier:
replicas: 3
distributor:
replicas: 2
compactor:
replicas: 3
terminationGracePeriodSeconds: 1200
storeGateway:
replicas: 3
# Pod disruption budget
podDisruptionBudget:
enabled: true
maxUnavailable: 1
# Topology spread
topologySpreadConstraints:
- maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: DoNotSchedule
# Monitoring
serviceMonitor:
enabled: true
# Alloy for profile collection
alloy:
enabled: true
API Endpoints
Ingestion
# Push profiles (Connect API)
POST /push.v1.PusherService/Push
# Legacy HTTP (pprof, JFR formats)
POST /ingest
Query
# Merged profile
POST /querier.v1.QuerierService/SelectMergeProfile
# Flame graph data
POST /querier.v1.QuerierService/SelectMergeStacktraces
# Available labels
POST /querier.v1.QuerierService/LabelNames
# Profile types
POST /querier.v1.QuerierService/ProfileTypes
# Legacy render
GET /pyroscope/render?query={}&from=now-1h&until=now
System
# Readiness
GET /ready
# Configuration
GET /config
# Metrics
GET /metrics
Troubleshooting
Diagnostic Commands
# Check pod status
kubectl get pods -n pyroscope -l app.kubernetes.io/name=pyroscope
# View ingester logs
kubectl logs -n pyroscope -l app.kubernetes.io/component=ingester --tail=100
# Check ring status
kubectl exec -it pyroscope-0 -n pyroscope -- \
curl http://localhost:4040/ingester/ring
# Verify readiness
kubectl exec -it pyroscope-0 -n pyroscope -- \
curl http://localhost:4040/ready
# Check configuration
kubectl exec -it pyroscope-0 -n pyroscope -- \
curl http://localhost:4040/config
Common Issues
1. Ingester OOM:
ingester:
resources:
limits:
memory: 16Gi
2. Storage Authentication Failed:
# Azure - verify RBAC
az role assignment create \
--role "Storage Blob Data Contributor" \
--assignee-object-id <principal-id> \
--scope <storage-scope>
3. High Cardinality Labels:
# Limit label cardinality
pyroscope:
config:
validation:
max_label_names_per_series: 25
4. Query Timeout:
pyroscope:
config:
querier:
query_timeout: 5m
max_concurrent: 8
Reference Documentation
For detailed configuration by topic:
- Helm Deployment: Complete Helm values reference
- Architecture: Component details and scaling
- SDK Instrumentation: Language SDK guides
- Troubleshooting: Common issues and diagnostics
External Resources
- Official Pyroscope Documentation
- Pyroscope Helm Chart
- Pyroscope GitHub Repository
- Grafana Profiles Drilldown
Gotchas
- Profile sampling rate per-application: 100Hz on a busy service adds non-trivial overhead — profile in canary first.
- Storage compaction blocks new writes during merge — large compactions cause write stalls; chunk size and compaction window need tuning.
- Tag cardinality explosion: per-request tags balloon storage; cap tag values explicitly or storage doubles weekly.
- Trace integration: span → profile linking requires matching
traceparentheader propagation end-to-end; one un-instrumented hop loses linkage silently. - eBPF profiler vs SDK profiler: different attribution, sometimes conflicting. Don't run both for the same service.
- gRPC vs HTTP push: same data, different rate limits at the ingester; HTTP push is throttled harder under load.
Related Skills
julianobarbosa/ship
development
VerifiedTrustedCommunity
End-to-end branch delivery: commit (no AI attribution) → push → open a pull request → ensure a Board work item exists (create one per task, assigned to the configured user, if none) and link it → after merge, clean up branch and worktree. Auto-detects the platform from the remote — Azure Repos + Boards (azure-devops-node-api SDK; OAuth Bearer push fallback via `az`) or GitHub (Octokit; `gh` for auth). Scripts are TypeScript, run via `bun`. Use whenever asked to "ship", "ship it", "ship this branch", "open a PR", "push and open a PR", "raise a PR", "deliver this", "send this for review", or "create a PR and link the work item" — and when a direct push to main is blocked and the change needs to go through a PR instead.
78SKILL.mdUpdated May 30, 2026
julianobarbosa/your-skill-name
testing
VerifiedTrustedCommunity
Brief description of what this skill does. Include specific triggers - when should Claude use this skill? Example triggers, file types, or keywords that indicate this skill applies.
76SKILL.mdUpdated May 30, 2026
julianobarbosa/zsh-path
tools
VerifiedTrustedCommunity
Manage and troubleshoot PATH configuration in zsh. Use when adding tools to PATH (bun, nvm, Python venv, cargo, go), diagnosing "command not found" errors, validating PATH entries, or organizing shell configuration in .zshrc and .zshrc.local files.
76SKILL.mdUpdated May 30, 2026
julianobarbosa/zabbix-api
tools
VerifiedTrustedCommunity
Zabbix monitoring system automation via API and Python. Use when: (1) Managing hosts, templates, items, triggers, or host groups, (2) Automating monitoring configuration, (3) Sending data via Zabbix trapper/sender, (4) Querying historical data or events, (5) Bulk operations on Zabbix objects, (6) Maintenance window management, (7) User/permission management
76SKILL.mdUpdated May 30, 2026