Core Code
Core Code Modern Dev Handbook
RUST Contents
Rust Foundations for Production
Toolchain and Cargo Basics Project Layout Conventions Dependency Management Basics Configuration and Environment Basics Logging First Steps
Ownership, Borrowing, Lifetimes
Ownership Model Explained Borrowing Rules Lifetimes in Practice Smart Pointers: Box, Rc, Arc Interior Mutability
Types, Traits, and APIs
Traits and Generics Newtype Pattern API Design with Result and Option Serde Derive Basics Module Visibility Patterns
Error Handling & Reliability
Error Types with anyhow and thiserror Error Context and Chaining Retries and Timeouts Basics Idempotency Basics Input Validation Basics
Testing & Quality Gates
Unit and Integration Tests Mocking Strategies Coverage and Quality Gates CI Basics Contract Tests Basics
Concurrency & Shared State
Threads and Channels Mutex and RwLock Arc and Shared Ownership Deadlocks and Debugging Send and Sync Traits
Async Rust in Production
Async Runtime with Tokio Async Cancellation Async Timeouts Async Backpressure Basics Async Common Pitfalls
Web Services Basics
HTTP Server with Axum Routing and Middleware Basics JSON Errors and Problem Details Request IDs and Correlation Graceful Shutdown
Database & Migrations Basics
Choosing SQLx or Diesel Connection Pooling Migrations Basics Transactions Basics Query Timeouts
Observability Basics
Tracing Basics Metrics Basics Health Checks and Readiness Structured Logging Production Debugging Basics
Build, Release, Deployment Intro
Cross Compilation Basics Dockerizing Rust Services Configuration and Secrets Basics Release Profiles Rollback Strategies Basics
Security & Hardening Basics
Input Sanitization Deserialization Hardening SSRF and Egress Basics TLS Basics Dependency Vulnerability Scanning

Release Profiles

Use release profiles intentionally to control optimization level, binary size, panic behavior, and debug information. A production-ready build balances performance, observability, and reproducibility instead of relying on default settings blindly.
On this page

Why release profiles matter in production

Many teams rely on cargo build --release and never look at profile configuration. That works for small projects, but in production the build profile controls performance characteristics, binary size, panic behavior, and debugging capability. Release profiles are part of your deployment contract.

Debug vs release: what really changes

The default debug profile prioritizes fast compile times and rich debug information. The release profile prioritizes runtime performance.

  • Optimization level: release enables aggressive compiler optimizations.
  • Inlining and code motion: release changes execution characteristics.
  • Binary size: debug builds are larger and slower.

Production should never run debug binaries.

Default release profile

By default, cargo release profile enables optimization level 3. You can inspect and override settings in Cargo.toml.

[profile.release]
opt-level = 3
debug = false
lto = false
codegen-units = 16
panic = "unwind"
incremental = false

Optimization level

opt-level controls how aggressively the compiler optimizes. For most services, opt-level 3 is appropriate. Occasionally, opt-level s or z can reduce size if binary footprint matters more than raw speed.

[profile.release]
opt-level = 3

Link Time Optimization

Link Time Optimization allows the compiler to optimize across crate boundaries. It increases build time but can reduce binary size and slightly improve performance.

[profile.release]
lto = true

For large services, lto can noticeably reduce binary size. The tradeoff is longer CI build times.

Codegen units

codegen-units controls parallel code generation. Lower values can improve optimization quality but increase compile time.

[profile.release]
codegen-units = 1

Setting codegen-units to 1 may produce slightly better optimized binaries at the cost of slower builds.

Panic strategy

panic behavior affects binary size and runtime behavior. Two strategies exist:

  • unwind: stack unwinding, useful for libraries.
  • abort: terminate immediately, smaller binary.
[profile.release]
panic = "abort"

For many web services, panic abort is acceptable because the process should not continue after a panic. Smaller binary and simpler behavior can be beneficial. However, understand that abort removes unwinding-based recovery.

Debug symbols in release builds

Release builds can still include debug symbols. This helps when analyzing crashes with backtraces.

[profile.release]
debug = true

Keeping minimal debug info while stripping symbols in the distributed image can provide a good balance between diagnosability and size.

Stripping symbols

Stripping reduces binary size by removing symbol tables. This can be done in CI or Docker build stage.

RUN strip /app/your_binary

Be careful: stripping completely removes debugging information. Consider storing unstripped artifacts separately for incident analysis.

Reproducible builds

Reproducibility means that the same source and lock file produce the same artifact. To improve reproducibility:

  • Commit Cargo.lock.
  • Pin Rust toolchain version using rust-toolchain.toml.
  • Build inside controlled CI environments.
# rust-toolchain.toml
[toolchain]
channel = "1.76.0"

Binary size vs performance tradeoff

In container environments, binary size impacts image size and pull time. However, performance should not be sacrificed blindly. A practical baseline:

  • opt-level 3
  • lto enabled if CI time is acceptable
  • panic abort for simple services
  • codegen-units reduced for critical services

Measuring impact

Before and after profile changes, measure:

  • Binary size
  • Startup time
  • Throughput under load
  • Latency distribution

Do not assume improvements without measurement.

Common mistakes

  • Running debug builds in production.
  • Changing profile settings without measuring impact.
  • Removing all debug info and losing crash visibility.
  • Ignoring toolchain pinning.

Operational checklist

  • Release builds are used in all non-dev environments.
  • Toolchain version is pinned.
  • Cargo.lock is committed.
  • Binary size and performance are measured after profile changes.

What comes next

With reproducible builds and optimized release profiles, the final production concern is safe rollback. Next we will cover how to structure releases so reverting to a previous version is fast and low risk.

Rollback Strategies Basics →