Why does Chroma report sqlite locked or database is locked?

Multiple processes opened the same persistence directory, or a backup copied SQLite files while writes were active. Stop all Chroma instances, ensure only one server or embedded client owns the path, and take snapshots only after quiesce.

Permission denied on my Chroma path after moving disks—what changed?

APFS volumes mounted from backups or provider templates can carry root-owned directories. chown -R the build user over the persistence root, or recreate the folder with mkdir -p and migrate data with rsync -a to preserve timestamps.

Where should timeouts live if OpenClaw calls my RAG tool?

Enforce deadlines in the tool implementation closest to Chroma (Python httpx timeout, grpc deadline, or asyncio.wait_for). The gateway still benefits from global upstream budgets, but vector latency spikes are easiest to cap inside the skill code.

How full is too full for a local vector store on a rental Mac?

Keep at least fifteen to twenty percent free on the volume that holds embeddings and SQLite sidecars; macOS and indexing tools behave poorly under single-digit gigabytes free. Alert earlier if you run Docker images or model weights on the same disk.

2026 OpenClaw + Chroma on Rented Mac: Snapshots, Query Timeouts & Disk Alerts

When you land retrieval-augmented generation on a rented remote Mac, Chroma is a popular local vector store: low friction, embeddable, and easy to colocate with an OpenClaw gateway. The gap between a demo and production is operational: where files live, how you back them up, what probes prove the stack is alive, and how you stop one slow embedding query from wedging an agent session. This tutorial is written for teams shipping AI compute on Mac hardware they do not physically touch—SSH in, codify paths, and sleep without silent data loss. Pair it with our OpenClaw Docker deploy and hardening guide for base gateway install, then layer observability from gateway metrics and Prometheus-style alerts. If Chroma shares disk with containers, skim Docker and Podman layer pull cache matrix for APFS headroom habits before you scale ingest.

Chroma persistence directory and snapshot steps

Chroma’s embedded and server modes ultimately commit state under a persistence directory you choose. On a rental Mac, treat that directory like a small database: one canonical absolute path, owned by the automation user, on a volume with predictable free space—not the root system slice if you can avoid it. Export something like CHROMA_PERSIST_DIRECTORY=/Volumes/Data/chroma-prod in your shell profile, launchd plist, or Docker bind mount, and reference the same variable from the OpenClaw skill that opens collections.

Snapshot recipe (filesystem-consistent, reproducible). First, stop writers: quit the embedded Python process or stop the chroma server container so SQLite and segment files are not mid-transaction. Second, record a manifest: collection names, embedding model id, and Chroma version string—restore drills fail when the client major version diverges from the on-disk layout. Third, archive with a tool that preserves metadata:

# replace paths; run only when Chroma is stopped
export SRC="$CHROMA_PERSIST_DIRECTORY"
export STAMP=$(date -u +%Y%m%dT%H%M%SZ)
tar -C "$(dirname "$SRC")" -czf "/backup/chroma-${STAMP}.tgz" "$(basename "$SRC")"
shasum -a 256 /backup/chroma-${STAMP}.tgz > /backup/chroma-${STAMP}.tgz.sha256

rsync -a --delete to network-attached or object-storage gateways is equally fine when you trust the network path; keep at least two generations locally plus one off-host copy if the Mac is a single point of failure. Fourth, verify: extract into a scratch directory on another machine, instantiate a read-only client if your version supports it, or run a trivial count() query per collection. Fifth, re-enable the server and document the restore command beside the backup cron entry.

Why not copy while running? CoW filesystems on macOS reduce some risk, but Chroma still mixes SQLite with blob segments; a hot copy can yield database is locked restores or torn pages. For RPO under a minute, migrate to a storage backend designed for online backup, or run a brief maintenance window—cheap on overnight batch slots.

OpenClaw health probes and alert templates

The OpenClaw Gateway exposes /healthz and /readyz on the HTTP listener (default 127.0.0.1:18789). Those endpoints are your control-plane heartbeats: if they fail, no skill—Chroma-backed or otherwise—should pretend the assistant is usable. From SSH:

curl -fsS http://127.0.0.1:18789/healthz
curl -fsS http://127.0.0.1:18789/readyz

Re-use the same scrape pattern you already adopted for Prometheus or a managed blackbox check; the important part is labels—tag env=prod, role=openclaw-gateway, and the provider instance id so paging routes correctly.

Disk quota style alerts belong next to gateway health. Chroma growth tracks document count, embedding dimension, and segment merges; a silent disk fill kills both SQLite and the OS page cache. Export free space via node_exporter, a trivial df -Pk cron that writes a metric file, or your vendor agent. Start with a warning when available space on the Chroma volume drops below roughly 20 GB (tune to embedding batch size) and critical below 5 GB or when projected time-to-full is under two hours at the trailing ingest rate.

Signal	Starter condition	Notes
Gateway /healthz	HTTP status ≠ 200 for 2 consecutive checks	Use 15–30 s interval on user-facing stacks
Gateway /readyz	Failures while /healthz OK	Often dependency or config; check logs before Chroma
Volume free bytes	avail < 20e9 warn / < 5e9 crit	Per-volume, not root aggregate
Chroma HTTP (optional)	TCP or HTTP probe to bound port	Only if you run server mode on a known interface

Wire notification channels you already trust—Slack webhook, PagerDuty, or email—and keep runbook links in the alert annotation: “check gateway token rotation,” “verify disk,” “rollback to last Chroma tarball.”

Query timeout and circuit-breaker parameters

Chroma query latency grows with collection size, filter complexity, and concurrent HNSW access. An OpenClaw tool that blocks without a deadline can starve the session worker and amplify retries across channels. Set timeouts at the narrowest layer—the function that calls collection.query or the HTTP client speaking to chroma run—not only at a vague “LLM timeout” upstream.

Practical starting numbers for interactive RAG tools. Use a client deadline of 4–8 seconds for top-k similarity with modest filters on collections up to a few million vectors on Apple Silicon; raise toward 15–30 seconds only for batch reconciliation jobs that run off the critical path. Pair the deadline with max concurrency (for example two to four parallel queries per gateway process) so bursts from group chats do not stampede the index.

Circuit breaker sketch. Keep a rolling window of failures (timeouts, 5xx, or “empty index” errors). After three consecutive failures inside five minutes, open the breaker for 30–120 seconds: return a deterministic degraded message to the agent (“vector store temporarily unavailable—using cached summary”) and log a structured error_class=chroma_breaker_open. Half-open after the cool-down with a single probe query. This pattern composes well with per-project API budgets if you also cap upstream embedding calls.

# asyncio-style deadline (illustrative)
import asyncio

async def query_with_cap(coro, seconds=6.0):
    return await asyncio.wait_for(coro, timeout=seconds)

For synchronous stacks, httpx.Client(timeout=6.0) or your gRPC channel options achieve the same contract. Document the chosen values beside your OpenClaw skill manifest so on-call engineers know whether a timeout is a tuning problem or a real outage.

FAQ: common permission and path errors

PermissionError: [Errno 13] on persist path. The rental user running OpenClaw is not the owner of the directory—common after cloning a disk image or restoring from Time Machine. Fix with sudo chown -R $USER:staff "$CHROMA_PERSIST_DIRECTORY" or recreate the tree and rsync -a data across.

sqlite3.OperationalError: database is locked. Two processes opened the same persistence directory, or a backup job copied *.sqlite* while writes continued. Stop every Chroma instance, confirm with lsof on the path, then restart a single owner.

Relative paths that differ under launchd vs SSH. Always use absolute paths in plists and compose files; ~/chroma expands differently for GUI vs SSH sessions.

Case sensitivity surprises. If you mount external volumes with different APFS case sensitivity than development laptops, normalize collection and snapshot folder names to lowercase to avoid “file not found” in automation.

Docker bind mounts on Mac. When Chroma runs in a container, the host path must exist before docker compose up and match SELinux or permission labels if you later move to Linux workers—the mental model is the same even if this article focuses on bare-metal rental Macs.

Summary

Chroma on a rented remote Mac stays boring-in-a-good-way when persistence lives on a dedicated volume, snapshots are cold (writers stopped), and OpenClaw health probes fire before users notice. Add disk quota alerts early—vector tables fail noisily once the filesystem is tight. Finish with explicit query deadlines and a small circuit breaker so one bad index day does not cascade across agent sessions.

Public pricing and purchase pages describe Mac compute tiers without a login wall; help covers access and billing when you are ready to pin this stack to long-running hardware.