A tiered hybrid stack — chosen by contract, not by code fork.
Vela eliminates the false trade-off between multi-tenant economics and enterprise-grade isolation. Every request travels the same four layers; only the database routing changes per tier.
From storefront request to ring-fenced database, in four deterministic layers.
- 01
API Gateway
Edge perimeter
TLS termination, rate limiting, global routing. Hard multi-tenant quotas prevent noisy-neighbour saturation from cascading across tiers.
- 02
Tenant-Aware Authentication
Identity & tier resolution
Validates JWT/session, resolves subdomain → tenant_id, identifies subscription tier, and injects tenant context into the request stream.
- 03
Application Logic
Unified codebase
Shared controllers and business logic. A tenant router interceptor picks the right database connection profile for every inbound call — no forks, no branches.
- 04
Tiered Database Isolation
Per-tenant ring-fence
Dynamically routes to Tier 1 dedicated engines, Tier 2 isolated schemas, or Tier 3 shared tables with Row-Level Security.
Three tiers. One unified product surface.
Tier 1 · Sovereign
Database-per-tenant
Dedicated compute node · full physical isolation · unique per-tenant KMS keys
Government portals, parastatal supply chains, public entities requiring absolute data ring-fencing.
Tier 2 · Commercial
Schema-per-tenant
Shared server cluster · logical internal database schemas
Scaling regional consumer brands requiring customised table metrics and strong logical boundaries.
Tier 3 · Growth
Shared schema + RLS
Shared multi-tenant tables isolated via Postgres Row-Level Security
High-volume small merchants needing low entry costs and elastic platform scaling.
