On this page: Environment and dependencies · Gateway and CrewAI integration · Budgets and breakers · Common errors · FAQ
This playbook assumes a dedicated remote Mac (Apple Silicon) where you can keep long-lived services. Pair it with the LiteLLM Proxy plus OpenClaw gateway recipe for multi-model aliases, borrow JSON Schema tool validation and retry discipline for argument hygiene, align traces with OpenTelemetry GenAI fields, and compare routing economics using the multi-model routing cost matrix.
Environment and dependencies
Host and Python. Use macOS 14 or newer on the rented machine, Python 3.11 inside a project virtual environment, and pin crewai, httpx, and embedding clients in requirements.txt. Keep tokenizer and small adapter weights on local SSD so cold starts do not distort breaker tests.
OpenClaw CLI. Install the Node 22 LTS toolchain to match the OpenAI-compatible routing guidance, run openclaw gateway listen on 127.0.0.1, and store dashboard-issued bearer material under a path such as /.openclaw/token with permissions only the service user can read.
Optional inference hub. When you need heterogeneous vendors behind one OpenAI surface, place LiteLLM Proxy beside OpenClaw exactly as described in the LiteLLM article; CrewAI never receives raw provider keys.
Operational guardrails. Separate UNIX accounts or launchd labels for gateway, proxy, and crew workers; mount persistent volumes for logs; document ports in a single runbook so on-call engineers can diff configs during incidents.
Gateway and CrewAI integration steps
| Concern | CrewAI crew | OpenClaw gateway |
|---|---|---|
| LLM calls | Agents and tasks orchestrate prompts; set model names to stable aliases only. | Authenticates OpenAI-compatible traffic, maps aliases to upstream routes, enforces correlation ids. |
| Tools with side effects | Custom tools wrap HTTP clients with tight timeouts. | Exposes allow-listed routes, validates payloads, merges audit trails. |
| Failure handling | Crew manager summarizes outcomes for users. | Returns structured error bodies; gateway strips secrets before Python sees them. |
1. Bind the LLM client. Point OPENAI_API_BASE (or the CrewAI LLM config field) to http://127.0.0.1:GATEWAY_PORT/v1 so every agent shares one policy surface.
2. Register tools against gateway URLs. Implement tools as functions that call documented /tools/... endpoints with Bearer headers from the token file and X-Correlation-Id propagated from crew.kickoff metadata.
3. Validate arguments locally. Run JSON Schema or Pydantic checks before HTTP; reject bad shapes without touching provider quotas, mirroring the schema retry guide.
4. Serialize crew execution. When multiple agents can call the same tool, add an asyncio semaphore or worker pool limit so bursts become a queue instead of a stampede.
5. Map errors to envelopes. Intercept HTTP failures inside the tool client, normalize fields such as route, code, correlation_id, and hint, then raise a crew-safe exception the manager can translate.
6. Smoke test. Run a two-agent crew with a noop tool, curl the gateway health endpoint with the same token, and archive openclaw doctor --json output beside your pip freeze.
# Example: point CrewAI-style OpenAI config at loopback (illustrative)
# export OPENAI_API_BASE="http://127.0.0.1:18789/v1"
# export OPENAI_API_KEY="$(tr -d '\n' < ~/.openclaw/dashboard.token)"Budget and circuit breaker parameters
| Parameter | Starter value | Why it matters |
|---|---|---|
| Concurrent tool calls | 4–8 on M4-class hosts | Prevents file descriptors and upstream RPM from exploding when crews fan out. |
| Gateway RPM ceiling | Match LiteLLM tenant budget minus headroom | Keeps CrewAI max_iter from colliding with provider throttles. |
| Breaker error ratio | Open after 50% errors in 30s window | Stops a poisoned route from starving healthier aliases. |
| Cooldown | 45–90 seconds | Lets upstream recover before agents hammer retries. |
- Token accounting: attach stable
tenant_idandcrew_idlabels at the gateway so finance can reconcile against the observability matrix. - Latency SLO: keep connect timeouts near 2 s and read timeouts near 30 s for large completions, but shorten tool reads to 8 s unless the tool streams.
- Retry policy: allow bounded backoff for
429and connect errors; never auto-retry401or413.
Common errors
- 401 loops across agents. The dashboard token expired or the wrong file path is exported; refresh the token, restart workers, and verify curl with the same bearer string the crew uses.
- Breaker flicker. CrewAI retries amplify gateway traffic; lower client retries when the breaker is open and surface the failure envelope instead of hammering the route.
- Alias not found. Model names drift between LiteLLM and manifests; reload configs, grep logs for case mismatches, and promote aliases during a maintenance window.
- Silent cost spikes. Uncapped concurrency multiplied TPM; tighten the semaphore, reduce active agents, and confirm per-route usage logs.
FAQ
Can agents bypass OpenClaw and call LiteLLM directly? Technically yes, but you lose audit, schema gates, and consistent summaries—keep traffic on loopback through the gateway stack.
How do I share budgets across multiple crews? Use one process-wide semaphore and one gateway tenant; separate crews by metadata labels, not separate master keys.
What belongs in user-facing text after a failure? Quote the hint, correlation id, and degraded capability; omit raw provider payloads and prompts.
Public pages (no login): Compare pricing and SKUs on purchase, read the Help Center, and browse the Tech Blog index for related gateway guides.