We frequently hear from prospects about their schema migration challenges. One of the top pain points is managing schemas where they employ a single DB per tenant architecture.
When building a SaaS application, determining the optimal database architecture for multi-tenancy is a pivotal decision that significantly influences scalability, security, cost-efficiency, and operational complexity. The architectural spectrum ranges from shared-everything models, where tenants share databases, schemas, and tables, to shared-nothing approaches, where each tenant has dedicated resources.
It's a recurring topic asked like in this Reddit post:
and has sparked a lot of tears in HackerNews:
Multi-Tenant Database Architecture Patterns
Let's explore the common patterns for multi-tenant database architectures:
Pattern 1: Shared Everything - Shared Database, Shared Schema
In this model, all tenants share the same database and the same tables. This is achieved by adding a tenant_id column to each table that requires tenant separation.
CREATE TABLE customers (
id INT PRIMARY KEY,
tenant_id INT NOT NULL,
name VARCHAR(255),
email VARCHAR(255),
...
INDEX(tenant_id)
);
Pros:
- Simplest and most cost-effective approach
- Easier maintenance - single database to back up, monitor, and update
- Simplified schema management - changes apply to all tenants
Cons:
- Risk of data leaks between tenants if queries aren't properly filtered
- Limited tenant isolation. Performance can be affected by "noisy neighbors"
- One-size-fits-all approach limits customization per tenant
Pattern 2: Shared Database, Separate Schemas
Only applicable to database engines supporting separate schemas like PostgreSQL, SQL Server.
This pattern uses a single database but creates a separate schema for each tenant.
-- Create schema for Tenant 1
CREATE SCHEMA tenant1;
-- Create tables in Tenant 1's schema
CREATE TABLE tenant1.customers (
id INT PRIMARY KEY,
name VARCHAR(255),
email VARCHAR(255),
...
);
-- Create schema for Tenant 2
CREATE SCHEMA tenant2;
-- Create tables in Tenant 2's schema
CREATE TABLE tenant2.customers (
id INT PRIMARY KEY,
name VARCHAR(255),
email VARCHAR(255),
...
);
Pros:
- Better separation between tenants while still sharing database resources
- Lower risk of data leaks compared to shared tables
- Cost-effective - still only one database to manage
- Supports tenant-specific customizations
Cons:
- Schema migrations must be applied to each tenant schema
- Database object limits may become an issue with many tenants
- Resource contention still possible at the database level
- Backup/restore complexity increases
Pattern 3: Database-per-Tenant
In this pattern, each tenant gets their own dedicated database.
-- Create Tenant 1's database
CREATE DATABASE tenant1;
-- Create Tenant 2's database
CREATE DATABASE tenant2;
Pros:
- Maximum tenant isolation
- Easier customization per tenant
- No "noisy neighbor" problems
- Simpler compliance with data residency requirements
- Easier to scale individual tenants
Cons:
- Highest operational complexity
- Most expensive in terms of resources
- Schema migrations must be applied across all tenant databases
- Resource underutilization for smaller tenants
- Database connection management becomes more complex
Summary
| Dimension | Shared Database, Shared Schema | Shared Database, Separate Schemas | Database per Tenant |
|---|---|---|---|
| Database Support | ✅ All database systems | ❓ PostgreSQL, SQL Server, Oracle | ✅ All database systems |
| Regulatory Compliance | ❌ Most difficult for strict compliance needs | ❓ May meet requirements with careful design | ✅ Easiest to meet data residency requirements |
| Operational Complexity | ✅ Low; simplest deployment model | ❌ High; one instance, many schemas | ❌ High; many instances to manage |
| Schema Customization | ❌ Difficult; typically requires Entity-Attribute-Value (EAV) patterns | ❌ Limited customization possible | ✅ Complete freedom per tenant |
| Scalability | ❌ Must scale entire database | ❌ Must scale entire database | ✅ Can scale individual tenants |
We recommend avoiding the Shared Database, Separate Schemas approach because it introduces complexity comparable to Database per Tenant without offering sufficient isolation to meet stringent regulatory compliance requirements.
When starting your greenfield project, the Database per Tenant model should only be chosen if your business demands strict regulatory compliance in day 1.
In summary, our guidance is to adopt the Shared Database, Shared Schema approach whenever possible. Only transition to Database per Tenant if compliance, scalability, or customization requirements necessitate it. Avoid Shared Database, Separate Schemas, as it combines the drawbacks of both models without delivering significant benefits.
Schema Migration Best Practices with Multiple Tenants
Schema migrations are inherently challenging, and if you opt for the Database per Tenant model, the complexity increases significantly:
- Change History: Keeping track of schema versions across many tenant databases.
- Coordinated Deployment: Ensuring changes are applied consistently across all tenant databases.
- Rollbacks: Managing failed migrations becomes exponentially more complex.
- Tenant-Specific Customizations: Handling deviations in schema between tenants.
- Testing: Validating migrations across representative tenant databases.
To tackle this, you should adopt best practices:
- Version Control for Migration Scripts
- Store all migration scripts in version control systems
- Use sequential versioning (e.g., V1, V2) or timestamp-based versioning
- Never modify committed migration scripts
- Automated SQL Analysis in CI Pipeline
- Configure SQL linters to run on every migration script
- Block PRs that introduces risky patterns by failing the CI pipeline
- Idempotent Migrations
- Design migrations to be safely re-runnable
- Include checks like `IF NOT EXISTS` for table creation
- Use transactions where possible to ensure atomicity
- Staged Rollout Strategy
- Test migrations on development/staging environments first
- Deploy to a small subset of tenants (canary deployment)
- Monitor for issues before full deployment
- Backward Compatibility
- Design schema changes to support both old and new application versions
- Consider using database views for compatibility layers
- Implement multi-phase migrations for breaking changes
- Tenant Metadata Registry
- Maintain a central registry of all tenant databases
- Track current schema version for each tenant
- Record migration history and status
Bytebase offers batch change, SQL Review, GitOps to streamline and simplify schema migrations for the Database per Tenant model.
Top comments (0)