Tenant Isolation
How Reeve Cloud isolates workspaces, data, and execution between tenants.
Tenant Isolation
Every Reeve Cloud tenant runs in complete isolation. Your agents, data, config, and execution environment are separated from other tenants at multiple levels.
Isolation Layers
1. Process Isolation
Each tenant runs in its own Docker container with a dedicated gateway process. There is no shared runtime between tenants.
Container A (Tenant: Acme) Container B (Tenant: Beta)
├── Gateway process ├── Gateway process
├── Node.js runtime ├── Node.js runtime
├── SQLite databases ├── SQLite databases
└── Agent sessions └── Agent sessions2. Filesystem Isolation
Each container mounts only its own data directory:
/data/tenants/acme/ ← Mounted to Container A only
/data/tenants/beta/ ← Mounted to Container B onlyContainer A cannot access /data/tenants/beta/ and vice versa. Docker volume mounts enforce this at the OS level.
3. Network Isolation
Traefik routes requests by hostname — acme.gw.meetreeve.com only reaches the Acme container. Containers communicate with the Services API via HTTPS with tenant-scoped tokens.
4. Database Isolation
Each tenant has its own SQLite databases:
/data/tenants/acme/goals/goals.db ← Acme's goals only
/data/tenants/acme/memory/memory.db ← Acme's memory onlyThe Services API (PostgreSQL) uses tenant-scoped queries — every query filters by tenant_id.
5. Config Isolation
Config layers are tenant-scoped:
Acme's Layer 2 (org): /data/tenants/acme/org/
Acme's Layer 4 (workspace): /data/tenants/acme/agents/*/workspace/Layer 1 (universal) is shared — it ships with the gateway and contains only Reeve platform defaults.
What's Isolated
| Resource | Isolation Method |
|---|---|
| Agent sessions | Per-container process |
| Goals database | Per-container SQLite |
| Semantic memory | Per-container SQLite |
| Config (reeve.json) | Per-container volume |
| Workspace files | Per-container volume |
| Org context | Per-tenant directory |
| API keys (LLM providers) | Per-tenant config |
| Connector tokens | Per-tenant in Services DB |
| Session history | Per-container storage |
| Cron jobs | Per-container scheduler |
What's Shared
| Resource | Why Shared | Mitigation |
|---|---|---|
| EC2 host | Cost efficiency | Container resource limits |
| Traefik proxy | Single entry point | Host-based routing isolation |
| Services API | Single deployment | Tenant-scoped DB queries |
| Universal config (Layer 1) | Platform defaults | Read-only, no tenant data |
LLM API keys are stored in each tenant's reeve.json on the container filesystem. In BYOK (Bring Your Own Key) mode, these keys never leave the tenant's container. In credit mode, a shared platform key is used — but requests are still made from the tenant's container.
Data Retention
- Active tenants: Data persists on container volume + S3 backup
- Deleted tenants: Data is removed from container and S3 within 30 days
- Backups: S3 snapshots with 90-day retention
Compliance Considerations
- All data stays within the AWS region (default: us-east-1)
- No tenant data crosses container boundaries
- Service-to-service auth uses rotating tokens
- All external API calls (LLM, connectors) originate from the tenant's container