Skip to main content
Last updated on

Model Serving limits and regions

This article summarizes the limitations and region availability for Databricks Model Serving and supported endpoint types.

Resource and payload limits

Model Serving imposes default limits to ensure reliable performance. If you have feedback on these limits, reach out to your Databricks account team.

The limits in this section apply to custom model and AI agent endpoints only. For Foundation Model APIs and external model resource and payload limits, see Foundation Model APIs rate limits and quotas.

Custom models and AI agents

Feature

Granularity

Limit

Endpoints

Per workspace

1000. Reach out to your Databricks account team to increase.

Queries per second (QPS)

Per endpoint

300,000 using route optimization. If 1024 concurrency is not enough, reach out to your Databricks account team to increase.

Queries per second (QPS)

Per workspace

300,000 using route optimization. 200 for non-route optimized, recommended only for small dev use-cases.

Provisioned concurrency

Per model

1024 with custom option and route optimization. Reach out to your Databricks account team to increase.

Provisioned concurrency

Per workspace

4096. Reach out to your Databricks account team to increase.

Create/update operations

Per workspace

50 in 5 minutes.

Payload size

Per request

16 MB. For AI agent endpoints the limit is 4 MB.

Request/response size

Per request

Any request/response over 1 MB will not be logged.

Model execution duration

Per request

297 seconds

CPU endpoint model memory usage

Per endpoint

4GB

GPU endpoint model memory usage

Per endpoint

Depends on GPU type

Environment variables

Per served model

30. Reach out to your Databricks account team to increase.

Overhead latency

Per request

Less than 20 milliseconds with route optimization.

:::

Networking and security limitations

  • Model Serving endpoints are protected by access control and respect networking-related ingress rules configured on the workspace, like IP allowlists and PrivateLink.
  • By default, Model Serving does not support PrivateLink to external endpoints. Support for this functionality is evaluated and implemented on a per-region basis. Reach out to your Databricks account team for more information.
  • Model Serving does not provide security patches to existing model images because of the risk of destabilization to production deployments. A new model image created from a new model version will contain the latest patches. Reach out to your Databricks account team for more information.
  • You can restrict outbound network access from Model Serving endpoints by configuring network policies. See Manage network policies for serverless egress control.

Compliance security profile standards: CPU and GPU workloads

The following table lists the region availability and supported compliance security profile compliance standards for model serving on CPU and GPU workloads including external models.

note

These compliance standards require served containers to be built in the most recent 30 days. Databricks automatically rebuilds outdated containers on your behalf. However, if this automated job fails, an event log message like the following appears and provides guidance on how to ensure your endpoints stay within compliance requirements:

"Databricks couldn't complete a scheduled compliance check for model $servedModelName. This can happen if the system can't apply a required update. To resolve, try relogging your model. If the issue persists, contact support@databricks.com."

Region

Location

HIPAA

PCI-DSS

FedRAMP Moderate

IRAP

CCCS Medium (Protected B)

UK Cyber Essentials Plus

ap-northeast-1

Asia Pacific (Tokyo)

 

 

 

 

ap-northeast-2

Asia Pacific (Seoul)

 

 

 

 

ap-south-1

Asia Pacific (Mumbai)

 

 

 

 

ap-southeast-1

Asia Pacific (Singapore)

 

 

 

 

ap-southeast-2

Asia Pacific (Sydney)

 

 

 

ca-central-1

Canada (Central)

 

 

 

eu-central-1

EU (Frankfurt)

 

 

 

 

eu-west-1

EU (Ireland)

 

 

 

 

eu-west-2

EU (London)

 

 

 

eu-west-3

EU (Paris)

 

 

 

 

 

 

sa-east-1

South America (Sao Paulo)

 

 

 

 

us-east-1

US East (Northern Virginia)

 

 

 

us-east-2

US East (Ohio)

 

 

 

us-gov-west-1

US Gov West (Pendleton)

 

 

 

 

 

 

us-west-1

US West (Northern California)

 

 

 

 

 

 

us-west-2

US West (Oregon)

 

 

 

Compliance security profile standards: Foundation Model APIs workloads

The table lists the supported compliance security profile compliance standards for the following Foundation Model APIs workloads:

  • Provisioned throughput
  • Pay-per-token
  • Batch inference using AI Functions and Databricks-hosted models
note

These compliance standards require served containers to be built in the most recent 30 days. Databricks automatically rebuilds outdated containers on your behalf. However, if this automated job fails, an event log message like the following appears and provides guidance on how to ensure your endpoints stay within compliance requirements:

"Databricks couldn't complete a scheduled compliance check for model $servedModelName. This can happen if the system can't apply a required update. To resolve, try relogging your model. If the issue persists, contact support@databricks.com."

Region

Location

HIPAA

PCI-DSS

FedRAMP Moderate

IRAP

CCCS Medium (Protected B)

UK Cyber Essentials Plus

ap-northeast-1

Asia Pacific (Tokyo)

 

 

 

 

ap-northeast-2

Asia Pacific (Seoul)

 

 

 

 

ap-south-1

Asia Pacific (Mumbai)

 

 

 

 

ap-southeast-1

Asia Pacific (Singapore)

 

 

 

 

ap-southeast-2

Asia Pacific (Sydney)

 

 

 

ca-central-1

Canada (Central)

 

 

 

eu-central-1

EU (Frankfurt)

 

 

 

 

eu-west-1

EU (Ireland)

 

 

 

 

eu-west-2

EU (London)

 

 

 

✓*

eu-west-3

EU (Paris)

 

 

 

 

 

 

sa-east-1

South America (Sao Paulo)

 

 

 

 

us-east-1

US East (Northern Virginia)

 

 

 

us-east-2

US East (Ohio)

 

 

 

us-gov-west-1

US Gov West (Pendleton)

 

 

 

 

 

 

us-west-1

US West (Northern California)

 

 

 

 

 

 

us-west-2

US West (Oregon)

 

 

 

* Some models require cross geography routing for provisioned throughput and therefore are not UK Cyber Essentials Plus compliant. Reach out to your Databricks account team for more information.

Foundation Model APIs limits

For detailed information about Foundation Model APIs, including resource and payload limits for foundation and external models, see Foundation Model APIs rate limits and quotas.

Region availability

note

If you require an endpoint in an unsupported region, reach out to your Databricks account team.

If your workspace is deployed in a region that supports model serving but is served by a control plane in an unsupported region, the workspace does not support model serving. If you attempt to use model serving in such a workspace, you will see in an error message stating that your workspace is not supported. Reach out to your Databricks account team for more information.

See Model serving features availability for more information on regional availability of each Model Serving feature.

For Databricks-hosted foundation model region availability, see Foundation models hosted on Databricks.