Open documentation index
Troubleshooting
Diagnose configuration errors, exhausted routes, provider authentication failures, cooldowns, SQLite locks, and secret-store problems.
Start with these diagnostics
modelmux version
modelmux config validate
modelmux config validate --check-provider
modelmux keys --json
modelmux logs --json --limit 100
curl http://127.0.0.1:8787/metricsRecord the request ID, requested model/group, HTTP status, selected provider/key when available, and the exact time of the failure.
The configuration does not load
- Run
modelmux config validateand fix the first reported error before later errors. - Confirm indentation uses spaces and list entries start with
-. - Verify every
provider_id,model_id, andkey_idreference exists. - Check that IDs are unique and enabled entries do not reference disabled or missing dependencies.
- Confirm environment variables referenced by
value_envandauth_token_envare exported in the process environment.
ModelMux returns 429 or all keys are exhausted
- Inspect active, cooldown, invalid, limited, and disabled key counts.
- Check model-level RPM and concurrency capacity.
- Check each key's minute, daily, token, and concurrency limits.
- Search recent logs for upstream 429 responses and cooldown events.
- Confirm the requested group has at least one enabled member with an eligible key.
Do not immediately raise limits above provider capacity. Upstream 429 responses indicate that the provider or credential is already enforcing a lower effective limit.
A provider returns 401 or 403
- Verify the environment variable or secret reference resolves to the intended key.
- Check provider base URL, type, and authentication mode.
- Confirm the credential is authorized for the configured upstream model.
- Run
modelmux key test --id <key>. - Replace revoked credentials, then re-enable or retest the key.
Authentication failures can mark a key invalid. A health check cannot repair a credential that remains unauthorized.
Timeouts, network errors, and provider 5xx responses
Check DNS, firewall, TLS, and the provider base URL from the same host or container running ModelMux. Compare providers[].timeout_seconds with normal model latency, especially for long streaming generations.
Repeated transient errors place keys into cooldown. If every key uses the same unavailable provider, adding more retries will not restore service and may increase latency.
SQLite is locked or cannot be opened
- Confirm only one ModelMux instance uses the database file.
- Check directory ownership and write permissions for the database, WAL, and SHM files.
- Do not place the database on an unsuitable shared network filesystem.
- Do not remove
-walor-shmfiles while the service is running. - Verify the disk has available space and the filesystem is writable.
The encrypted secret store cannot be opened
- Export the same
MODELMUX_MASTER_KEYused when the file was created. - Confirm the process can read
secrets.enc. - Run
modelmux secret verify. - Restore the encrypted backup and matching master key together.
- Do not edit the encrypted file manually.
AES-GCM encryption is designed to prevent decryption without the correct master key. Keep an independent secure copy.
Authentication behaves unexpectedly behind a reverse proxy
Ensure the client sends Authorization: Bearer ... and the reverse proxy forwards that header. Keep both server.require_auth and server.admin.require_auth enabled where appropriate.
Do not bypass admin authentication because the reverse proxy connects from localhost or a trusted container network. Enforce access at both layers.