tenement
Lightweight Rust hypervisor for single-server deployments of many single-tenant processes.
tenement is a process hypervisor for running multi-tenant services on a single server. It spawns one process per tenant, routes requests by subdomain, runs HTTP health checks, and stops idle instances automatically. When the next request arrives, it wakes them back up.
Cold wake times (measured, stop-then-request, on a MacBook):
| Runtime | Cold wake |
|---|---|
| Python | ~65ms |
| Node.js | ~105ms |
Go (go run) | ~140ms |
You write your app as if it serves one customer. tenement runs a copy for each of them.
alice.notes.example.com -> notes:alice -> isolated process + own databasebob.notes.example.com -> notes:bob -> isolated process + own databaseWhy not just use systemd?
Section titled “Why not just use systemd?”systemd runs processes, but it doesn’t route requests or stop idle ones. You’d write a unit file for each customer and wire up nginx yourself. If you want to add a new customer, that’s a unit file, an nginx config block, and a reload. If you have 200 customers and only 10 are active at any time, systemd keeps all 200 processes running.
tenement is Fly Machines on your own hardware. Spawn a process with one command, give it a subdomain automatically, let it sleep when nobody’s using it, wake it up on the next request.
| systemd | tenement | |
|---|---|---|
| Routing | You configure nginx per service | alice.notes.example.com just works |
| Scale to zero | Processes run forever | Idle processes stop, wake on first request |
| Per-tenant data | You manage it | Each instance gets its own data directory |
| New customer | Write a unit file, reload | ten spawn notes:alice |
| Health + restart | Basic restart-on-failure | HTTP health checks, exponential backoff |
| Deployment | Rolling restart scripts | ten deploy notes:v2 then ten route --from v1 --to v2 |
| Logs | journalctl | ten logs notes:alice with full-text search |
Get started
Section titled “Get started”cargo install tenement-cliThe Quick Start walks through a complete example, from writing an app to spawning tenants to watching them scale to zero.
If you’d rather read code, the examples directory has working setups in Python, Node.js, and Go that you can run immediately. The multi-runtime example runs all three at once and includes a 56-test integration script.
What’s in the box
Section titled “What’s in the box”tenement does subdomain routing, scale-to-zero with wake-on-request, per-tenant data directories, process isolation via Linux namespaces, HTTP health checks with exponential backoff, weighted routing for blue-green and canary deployments, built-in TLS via Let’s Encrypt, Prometheus metrics, log capture with full-text search, and bearer token auth for the management API.
It doesn’t touch your app’s auth. All request headers, including Authorization, pass through to your process untouched. Your app handles authentication however it wants.
- Quick Start walks through writing an app, configuring tenement, and spawning your first tenants.
- Why tenement? explains the problem in more detail and the economics of running mostly-idle tenants.
- Concepts covers how tenement works internally: the request flow, instance lifecycle, health checks, and the auth model.
- Configuration is the full TOML reference.
- Production covers TLS, systemd, and Caddy for real deployments.
- Deployment Patterns covers blue-green swaps and canary rollouts.
- Troubleshooting has solutions for common issues.