CoAI LogoCoAI.Dev
Advanced Features

Multi-tenancy

Complete tenant isolation and management for multi-customer deployments

Multi-tenancy

Multi-tenancy enables CoAI.Dev to serve multiple customers or organizations from a single instance while maintaining complete isolation between tenants. This enterprise-grade feature provides scalable SaaS deployment capabilities with robust security, resource management, and customization options.

Enterprise Feature

Multi-tenancy is an advanced enterprise feature that provides complete tenant isolation and management capabilities for large-scale SaaS deployments.

Overview

Multi-tenancy Benefits:

  • 🏢 Complete Isolation: Data, configurations, and resources are fully isolated between tenants
  • 🔐 Security: Tenant-level security boundaries with role-based access control
  • 📊 Resource Management: Individual resource quotas and billing per tenant
  • 🎨 Customization: Tenant-specific branding, configurations, and features
  • 📈 Scalability: Efficient resource sharing while maintaining isolation

Use Cases:

  • SaaS providers serving multiple customers
  • Large enterprises with multiple departments or subsidiaries
  • Managed service providers offering AI solutions
  • Platform companies providing white-label AI services

Architecture

Tenant Isolation Model

Database-Level Isolation:

-- Tenant-specific table structure
CREATE TABLE tenant_channels (
    id VARCHAR(36) PRIMARY KEY,
    tenant_id VARCHAR(36) NOT NULL,
    name VARCHAR(255) NOT NULL,
    provider VARCHAR(100) NOT NULL,
    configuration JSON,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    INDEX idx_tenant_id (tenant_id)
);
 
-- Ensure all queries include tenant_id filter
SELECT * FROM tenant_channels WHERE tenant_id = 'tenant-123';

Application-Level Isolation:

  • Request Context: All requests carry tenant context
  • Middleware: Automatic tenant filtering in all database operations
  • Session Management: Tenant-aware authentication and authorization
  • API Endpoints: Tenant-scoped API access

Resource Management

Tenant Resource Allocation:

tenant_resources:
  compute:
    cpu_limit: "4"
    memory_limit: "8Gi"
    storage_limit: "100Gi"
  
  api_limits:
    requests_per_minute: 1000
    requests_per_hour: 50000
    concurrent_connections: 100
  
  features:
    custom_models: true
    advanced_analytics: true
    priority_support: true

Tenant Management

Creating Tenants

Tenant Registration

Admin Console Registration:

  1. Access Admin Portal: Login as super administrator
  2. Navigate to Tenants: Go to TenantsCreate New Tenant
  3. Basic Information:
    • Tenant Name: Organization name
    • Subdomain: Unique subdomain identifier
    • Contact Information: Primary contact details
    • Plan Type: Resource and feature allocation plan

Tenant Configuration:

{
  "tenant_id": "acme-corp-001",
  "name": "Acme Corporation",
  "subdomain": "acme",
  "domain": "acme.chatnio.com",
  "status": "active",
  "plan": "enterprise",
  "created_at": "2024-01-15T10:00:00Z",
  "settings": {
    "branding": {
      "logo_url": "https://cdn.chatnio.com/tenants/acme/logo.png",
      "primary_color": "#1e40af",
      "favicon_url": "https://cdn.chatnio.com/tenants/acme/favicon.ico"
    },
    "features": {
      "custom_models": true,
      "advanced_analytics": true,
      "api_access": true,
      "white_label": true
    }
  }
}

Resource Allocation

Define Resource Limits:

Compute Resources:

  • CPU Allocation: Dedicated or shared CPU resources
  • Memory Limits: RAM allocation per tenant
  • Storage Quotas: File storage and database limits
  • Network Bandwidth: Ingress/egress traffic limits

API Rate Limits:

  • Request Quotas: Per-minute, per-hour, and daily limits
  • Concurrent Connections: WebSocket and API connection limits
  • Model Access: Specific AI model availability per tenant
  • Feature Gates: Access to premium features

Example Resource Configuration:

tenant_quotas:
  basic_plan:
    requests_per_minute: 100
    requests_per_day: 10000
    storage_gb: 10
    users: 50
    models: ["gpt-3.5-turbo", "claude-instant"]
  
  enterprise_plan:
    requests_per_minute: 1000
    requests_per_day: 100000
    storage_gb: 1000
    users: 1000
    models: ["*"]  # All models
    custom_models: true

Tenant Onboarding

Initial Setup Process:

  1. Database Initialization: Create tenant-specific schemas and data
  2. User Creation: Set up initial administrator accounts
  3. Default Configuration: Apply tenant-specific default settings
  4. Service Provisioning: Allocate compute and storage resources
  5. Domain Setup: Configure custom domains and SSL certificates

Automated Onboarding Script:

#!/bin/bash
TENANT_ID=$1
TENANT_NAME=$2
ADMIN_EMAIL=$3
 
# Create tenant database schema
mysql -e "CREATE DATABASE chatnio_${TENANT_ID};"
 
# Initialize tenant configuration
curl -X POST "https://api.chatnio.com/admin/tenants" \
  -H "Content-Type: application/json" \
  -d "{
    \"tenant_id\": \"${TENANT_ID}\",
    \"name\": \"${TENANT_NAME}\",
    \"admin_email\": \"${ADMIN_EMAIL}\"
  }"
 
# Setup DNS and SSL
./setup-domain.sh ${TENANT_ID}
 
echo "Tenant ${TENANT_ID} onboarded successfully"

Tenant Configuration

Branding and Customization

White-Label Branding:

Custom Branding Options:

Logo and Visual Identity:

  • Custom Logo: Tenant-specific logo in header and login pages
  • Color Scheme: Primary and secondary brand colors
  • Favicon: Custom browser icon
  • Loading Screens: Branded loading and splash screens

Content Customization:

  • Welcome Messages: Custom onboarding messages
  • Help Documentation: Tenant-specific help content
  • Email Templates: Branded notification emails
  • Footer Information: Custom footer content and links

CSS Customization:

/* Tenant-specific styling */
.tenant-acme {
  --primary-color: #1e40af;
  --secondary-color: #64748b;
  --logo-url: url('https://cdn.chatnio.com/tenants/acme/logo.png');
}
 
.tenant-acme .header {
  background: linear-gradient(135deg, var(--primary-color), var(--secondary-color));
}
 
.tenant-acme .login-form {
  background-image: var(--logo-url);
  background-size: 200px auto;
  background-repeat: no-repeat;
  background-position: center top;
}

Security and Access Control

Tenant Security Model:

Authentication:

  • SSO Integration: SAML, OAuth2, OIDC support
  • LDAP/Active Directory: Enterprise directory integration
  • Multi-Factor Authentication: Tenant-wide MFA policies
  • Session Management: Tenant-isolated session storage

Authorization:

{
  "tenant_roles": {
    "tenant_admin": {
      "permissions": [
        "tenant.manage",
        "users.create",
        "users.edit",
        "users.delete",
        "settings.configure",
        "analytics.view"
      ]
    },
    "user_manager": {
      "permissions": [
        "users.create",
        "users.edit",
        "analytics.view"
      ]
    },
    "end_user": {
      "permissions": [
        "chat.use",
        "files.upload",
        "conversations.manage"
      ]
    }
  }
}

Network Security:

  • IP Whitelisting: Restrict access to specific IP ranges
  • VPN Integration: Support for tenant VPN connections
  • DDoS Protection: Tenant-level rate limiting and protection
  • Audit Logging: Comprehensive security event logging

Resource Management

Monitoring and Analytics

Tenant Metrics Dashboard:

Usage Analytics:

  • API Requests: Request volume, patterns, and error rates
  • User Activity: Active users, session durations, feature usage
  • Resource Consumption: CPU, memory, storage utilization
  • Cost Analysis: Resource costs and billing summaries

Performance Monitoring:

{
  "tenant_metrics": {
    "api_performance": {
      "avg_response_time": "150ms",
      "95th_percentile": "300ms",
      "error_rate": "0.1%",
      "uptime": "99.9%"
    },
    "resource_usage": {
      "cpu_utilization": "45%",
      "memory_usage": "3.2GB/8GB",
      "storage_used": "45GB/100GB",
      "bandwidth": "1.2TB/month"
    },
    "user_analytics": {
      "monthly_active_users": 1250,
      "daily_sessions": 850,
      "avg_session_duration": "25min",
      "feature_adoption": {
        "file_upload": "78%",
        "conversation_sharing": "45%",
        "api_usage": "32%"
      }
    }
  }
}

Billing and Cost Management

Multi-Tenant Billing:

Billing Models:

  • Usage-Based: Pay per API request, storage, or compute time
  • Seat-Based: Fixed price per user account
  • Tier-Based: Predefined plans with feature and usage limits
  • Hybrid: Combination of base fee plus usage overages

Cost Allocation:

billing_structure:
  base_fee: 
    amount: 1000
    currency: "USD"
    period: "monthly"
  
  usage_charges:
    api_requests:
      price_per_1000: 2.50
      included_in_base: 100000
    
    storage:
      price_per_gb_month: 0.50
      included_in_base: 100
    
    users:
      price_per_user_month: 15.00
      included_in_base: 10
    
    premium_models:
      gpt4_per_1000_tokens: 0.06
      claude_per_1000_tokens: 0.08

Financial Reporting:

  • Usage Reports: Detailed usage breakdowns by feature and time
  • Cost Forecasting: Predicted costs based on usage trends
  • Budget Alerts: Notifications when approaching usage limits
  • Invoice Generation: Automated billing and invoice creation

Implementation Guide

Setup and Configuration

Enable Multi-Tenancy

System Configuration:

Database Schema Updates:

-- Add tenant_id to all major tables
ALTER TABLE users ADD COLUMN tenant_id VARCHAR(36) NOT NULL;
ALTER TABLE channels ADD COLUMN tenant_id VARCHAR(36) NOT NULL;
ALTER TABLE conversations ADD COLUMN tenant_id VARCHAR(36) NOT NULL;
ALTER TABLE api_keys ADD COLUMN tenant_id VARCHAR(36) NOT NULL;
 
-- Create tenant management tables
CREATE TABLE tenants (
    id VARCHAR(36) PRIMARY KEY,
    name VARCHAR(255) NOT NULL,
    subdomain VARCHAR(100) UNIQUE NOT NULL,
    status ENUM('active', 'suspended', 'terminated') DEFAULT 'active',
    plan VARCHAR(100) NOT NULL,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
);
 
CREATE TABLE tenant_settings (
    tenant_id VARCHAR(36) PRIMARY KEY,
    branding JSON,
    features JSON,
    quotas JSON,
    FOREIGN KEY (tenant_id) REFERENCES tenants(id) ON DELETE CASCADE
);

Application Configuration:

multi_tenancy:
  enabled: true
  isolation_mode: "database"  # database, schema, or application
  subdomain_routing: true
  custom_domains: true
  
  default_quotas:
    users: 100
    api_requests_per_month: 100000
    storage_gb: 50
    
  billing:
    enabled: true
    provider: "stripe"
    currency: "USD"

Tenant Middleware

Request Processing:

Tenant Detection Middleware:

func TenantMiddleware(next http.Handler) http.Handler {
    return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
        var tenantID string
        
        // Extract tenant from subdomain
        host := r.Host
        if subdomain := extractSubdomain(host); subdomain != "" {
            tenant, err := getTenantBySubdomain(subdomain)
            if err == nil {
                tenantID = tenant.ID
            }
        }
        
        // Extract tenant from custom domain
        if tenantID == "" {
            tenant, err := getTenantByDomain(host)
            if err == nil {
                tenantID = tenant.ID
            }
        }
        
        // Add tenant context
        ctx := context.WithValue(r.Context(), "tenant_id", tenantID)
        next.ServeHTTP(w, r.WithContext(ctx))
    })
}

Database Query Interceptor:

func WithTenantFilter(ctx context.Context, query string) string {
    tenantID := ctx.Value("tenant_id").(string)
    if tenantID == "" {
        panic("No tenant context found")
    }
    
    // Add tenant filter to all queries
    if strings.Contains(query, "WHERE") {
        return strings.Replace(query, "WHERE", 
            fmt.Sprintf("WHERE tenant_id = '%s' AND", tenantID), 1)
    } else {
        return query + fmt.Sprintf(" WHERE tenant_id = '%s'", tenantID)
    }
}

Monitoring Setup

Tenant Metrics Collection:

# Prometheus metrics configuration
tenant_metrics:
  - name: tenant_api_requests_total
    type: counter
    labels: [tenant_id, method, endpoint, status]
    
  - name: tenant_active_users
    type: gauge
    labels: [tenant_id]
    
  - name: tenant_resource_usage
    type: gauge
    labels: [tenant_id, resource_type]
 
# Grafana dashboard per tenant
grafana:
  tenant_dashboards:
    enabled: true
    auto_provision: true
    variables:
      - name: tenant
        type: query
        query: "label_values(tenant_id)"

Alerting Rules:

tenant_alerts:
  - alert: TenantHighErrorRate
    expr: rate(tenant_api_requests_total{status=~"5.."}[5m]) > 0.1
    labels:
      severity: warning
    annotations:
      summary: "High error rate for tenant {{ $labels.tenant_id }}"
      
  - alert: TenantQuotaExceeded
    expr: tenant_resource_usage{resource_type="api_requests"} > tenant_quota{resource_type="api_requests"}
    labels:
      severity: critical
    annotations:
      summary: "Tenant {{ $labels.tenant_id }} exceeded quota"

Best Practices

Security

Tenant Isolation:

  • Defense in Depth: Multiple layers of isolation (database, application, network)
  • Principle of Least Privilege: Minimal permissions for all tenant operations
  • Regular Security Audits: Periodic reviews of tenant isolation effectiveness
  • Incident Response: Tenant-specific incident handling procedures

Data Protection:

  • Encryption: Data encryption at rest and in transit
  • Backup Isolation: Separate backup and recovery procedures per tenant
  • Data Residency: Compliance with data location requirements
  • GDPR/Privacy: Tenant-specific privacy controls and data deletion

Performance

Resource Optimization:

  • Connection Pooling: Tenant-aware database connection management
  • Caching Strategy: Tenant-scoped caching with proper isolation
  • Load Balancing: Distribute tenant workloads across infrastructure
  • Capacity Planning: Proactive scaling based on tenant growth

Operations

Automation:

  • Tenant Provisioning: Automated onboarding and setup processes
  • Monitoring: Comprehensive tenant-specific monitoring and alerting
  • Backup/Recovery: Automated tenant data backup and recovery
  • Scaling: Auto-scaling based on tenant resource demands

Enterprise Deployment

Multi-tenancy requires careful planning and implementation. Contact our enterprise team for assistance with large-scale multi-tenant deployments and custom requirements.

Multi-tenancy transforms CoAI.Dev into a powerful SaaS platform capable of serving multiple customers with complete isolation and customization. This enterprise-grade feature enables scalable business models while maintaining security and performance standards.

Previous

High Availability Setup

Next

Marketplace Presets

On this page