Skip to main content
Skip table of contents

VeridiumID Server On-Prem - Multi-tenancy installation guide

Starting with version 3.8.1, Veridium supports multi-tenancy, enabling organizations to manage multiple client environments from a single Veridium deployment. This feature is particularly suitable for small to medium-sized environments, providing greater flexibility and efficient resource utilization.

A multi-tenant infrastructure uses a layered architecture for each tenant while sharing a common persistence layer to optimize data storage and retrieval. Each tenant has an independent web application layer that supports one or two application nodes. In addition, every tenant can maintain its own configuration, version, and deployment type, allowing customized settings and operational policies.

This guide describes:

  • The system and network prerequisites required before installation.

  • The step-by-step process for executing the VeridiumInstaller for each tenant.

General Assumptions

  • The installer uses SSH keys to connect to all tenant nodes. These keys are required only during the installation process and can be removed after installation is complete.

  • A privileged account (root or another user with sufficient privileges) is required during installation. After installation, these privileges can be revoked.

  • All required system users are automatically created during installation.

  • It is highly recommended to mount a dedicated disk for /vid-app before starting the installation.

By following this guide, administrators can perform a repeatable, standardized, and secure on-premises deployment of VeridiumID.

1. Installing the first tenant

The installation process for the first tenant is identical to the standard Veridium Server On-Prem deployment procedure described here: VeridiumID Server On-Prem - Deployment using VeridiumInstaller

2. Adding a new tenant

2.1 Retrieve tenant configuration

In a multi-tenant infrastructure, a new tenant must inherit the shared configuration from the existing tenant-infra.yaml file. Since the persistence layer is shared across all tenants, this file contains critical configuration details required for the new tenant deployment.

On a persistence node run the following command to retrieve the tenant-infra.yaml file:

CODE 
sudo migration -d /path/to/zookeeperBackup

The tenant-infra file can be found here: /path/to/zookeeperBackup/infra/tenant-infra.yaml

2.2 Copy the configuration in the new tenant instalation folder

On the web application node for the new tenant follow the procedure from step 1 through step 2.2 from the standard Veridium Server On-Prem Deployment procedure that is described here: VeridiumID Server On-Prem - Deployment using VeridiumInstaller.

After unpacking the installer archive, copy the tenant-infra.yaml file that was retrieved in the previous step into the same directory where veridium-installer.sh is located. Ensure that the file ownership matches the user used to perform the installation.

Useful commands:

CODE 
ls -lrt /vid-app/installer/
chmod 644 /vid-app/installer/tenant-infra.yaml
chown user:group /vid-app/installer/tenant-infra.yaml

After completing these steps, continue the installation process starting from Step 2.3 in the standard deployment guide: VeridiumID Server On-Prem - Deployment using VeridiumInstaller .

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close