Continuous Profiling with Google Cloud Profiler

Runway provides built-in support for continuous profiling using Google Cloud Profiler, enabling development teams to gain operational insights into their production services’ performance characteristics.

Continuous profiling helps you understand your application’s performance in production by collecting CPU usage, memory allocation, and other runtime metrics over time. This data helps identify performance bottlenecks, memory leaks, and optimization opportunities without the overhead of traditional APM solutions.

If your application uses GitLab’s Labkit framework for Go, enabling profiling requires two steps:

Add the following environment variable to your service configuration:

GKE:

example-service-gke:
  spec:
    environment:
      GITLAB_CONTINUOUS_PROFILING: 'stackdriver?${runway_service_id}'

Cloud Run:

GITLAB_CONTINUOUS_PROFILING: "stackdriver"

When building your Go application, include the continuous_profiler_stackdriver build tag:

go build -tags continuous_profiler_stackdriver -o myapp .

Or in .goreleaser.yml:

builds:
  - id: 'app'
    binary: "app"
    main: ./cmd/app
    env:
      - CGO_ENABLED=0
    goos:
      - linux
    goarch:
      - amd64
    tags:
      - continuous_profiler_stackdriver

Applications not using Labkit can integrate Google Cloud Profiler directly using the appropriate client library for their language. The profiler will automatically authenticate using Application Default Credentials (ADC).

import googlecloudprofiler

def main():
    # Start the profiler
    googlecloudprofiler.start(
        service='my-runway-service',  # Your Runway service ID
        service_version='1.0.0',       # Your service version
        # No credentials needed - uses ADC automatically
    )

    # Your application code here
    run_application()

if __name__ == '__main__':
    main()

On Cloud Run, Runway automatically configures the service account crun-${runway_service_id} with the roles/cloudprofiler.agent role. No additional authentication setup is required.

On GKE, Runway uses Workload Identity Federation:

• The gke-${runway_service_id} GCP Service Account is created for your service
• The Kubernetes Service Account is granted permission to impersonate the GCP Service Account
• The GCP Service Account has the roles/cloudprofiler.agent role

This allows applications to use Application Default Credentials to authenticate to GCP automatically.

Once profiling is enabled, you can view your application’s performance data in the Google Cloud Console:

1. Navigate to the Cloud Profiler page in the GCP Console
2. Select the appropriate GCP project (gitlab-runway-production or gitlab-runway-staging)
3. Choose your service from the dropdown menu (it will match your Runway service ID)
4. Explore different profile types:
   • CPU Time: Shows where your application spends CPU cycles
   • Heap: Memory allocation patterns
   • Threads: Thread creation and contention (language-dependent)
   • Contention: Lock contention analysis (Go-specific)

• Google Cloud Profiler Documentation
• Labkit Monitoring Documentation
• Runway Issue #152 - Continuous Profiling Support

For questions or issues related to continuous profiling in Runway:

1. Comment on issue #152 for feature requests or platform support questions
2. Reach out to the Runway team in the #f_runway Slack channel