vnitus's avatar

Multi-tenancy Best Practices

So we have an Admin Portal web app, a Client Portal web app, and an API app.

Admin Portal is built in Laravel 5.x Client Portal is built in Laravel 5.y API is built in Lumen 5.z

Admin Portal:

  • Acts like a CMS for our 100 employees to interact with customer data
  • This app sits on its own repo “admin_portal”
  • This app has its own sub-domain admin.company.com
  • Has an admin database schema, with employees table used for authentication (this table has login email and password of our 100 employees)
  • Has pages like reports, tickets etc.

Client Portal:

  • Acts like a Customer-facing portal where our 1,000 clients login and perform actions like submit information requested and see status of their current case
  • This app sits on its own repo “client_portal”
  • This app has its own sub-domain client.company.com
  • Has an customer database schema, with clients table used for authentication (this table has login email and password of our 1,000 clients)

API:

  • Acts like an API for outsider to interact with our 2 DB schemas
  • This app sits on its own repo “api”
  • This app has its own sub-domain api.company.com

Pretty much all pages, UIs, features in Admin Portal and Client Portal are different.

However, there are some repeated codes in Admin Portal and Client Portal: models, helper functions (i.e. both apps need to talk to some third-party API or need to generate similar PDFs) etc.

A developer in our team suggested combining Admin Portal, Client Portal, and API into 1 giant multi-tenant Laravel app so we can have less code-base and easier to maintain.

We’re trying to research:

  • Whether we should do this? (in what use-case to implement a multi-tenancy app vs single-tenancy app)
  • What are the Pros and Cons (development, deployment, debugging, security, and maintenance)
  • Whether it’s doable with Laravel, or what would be the side-effects.

We’d like to have the community to give us your opinions and experiences. A few things to consider though:

  • We may want to eventually to lock down Admin Portal to our office IPs only
  • API is using OAuth while Admin Portal and Client Portal are not
  • We are exploring micro-services like Lambda functions to off load a lot of logic from PHP
  • Each app may need a different set of PHP packages/versions (defined in composer.json)
  • We are using Bitbucket Pipelines and AWS CodeDeploy, listening on each repo

Highly appreciated and cheers!

0 likes
2 replies
mushood's avatar

I best explain this as an example

Lets say you have a User model which is shared by Site A and site B

You can create a composer package with this user model.

Require this composer package in Site A and Site B.

In each site, set their User Model that extends the package User Model. This way, you can sync files across projects.

Some extra work of course, but saves time in the long run. Plus you get to keep your initial structure.

vnitus's avatar

Thanks mushood.

We'd like to see more opinions on our scope of research though:

  • Whether we should do this? (in what use-case to implement a multi-tenancy app vs single-tenancy app)

  • What are the Pros and Cons (development, deployment, debugging, security, and maintenance)

  • Whether it’s doable with Laravel, or what would be the side-effects.

Please or to participate in this conversation.