Multi-Tenant ERP Platform

Retail, services, and distribution companies all need a CRM, an accounting module, and an inventory system — but the rules, fields, and workflows diverge sharply. A traditional monolith handles that divergence by piling on configuration flags until the codebase becomes a museum of special cases.

We had harder constraints: complete data isolation per tenant (no shared schemas), independent deploy cadence per module (CRM ships without blocking Inventory), sub-second cross-service consistency, and a single coherent UI despite a fragmented backend — all running on infrastructure an SMB could actually afford.

We chose polyrepo over monorepo for deployment independence. 41 repositories in total: 16 backend services, 10 Vue 3 microfrontends, a shared UI library, a JWT authentication SDK, and infrastructure modules. Each backend service is a focused Laravel app with its own PostgreSQL schema.

Services communicate exclusively through NATS JetStream — no direct HTTP calls between services. Synchronous requests from the browser hit a Kong API gateway that routes to the appropriate service and handles JWT validation. The UI is stitched at runtime using Rsbuild Module Federation, so CRM and Inventory can ship new features independently without rebuilding the shell.

Tenant isolation is enforced at the database level via PostgreSQL row-level security, provisioned per tenant by CloudNativePG. A tenant ID rides on every NATS message header. If a service forgets to scope a query, RLS catches it — not human vigilance.

The platform supports unlimited tenants with zero cross-contamination. Each service deploys independently via Helm charts on RKE2 Kubernetes, with full observability through Prometheus, Grafana, Loki, and Tempo. Average deployment time: under 3 minutes per service.