Offering managed Odoo hosting to clients is a significant revenue opportunity for development agencies and consultancies — but it requires building the right infrastructure from the start. Get the architecture wrong and you'll spend more time firefighting than building. This guide covers how to structure client Odoo hosting professionally, from server decisions to support workflows.
Architecture Decision: Separate Servers vs Shared
The first and most consequential decision is whether each client gets their own server or multiple clients share a single server with database-level isolation.
Separate servers per client is the recommended approach for most agencies. Each client has their own VPS with their own Odoo installation, PostgreSQL database, and file storage. Problems on one client's server don't affect others. Performance is predictable. Security isolation is absolute — a compromise of one instance cannot reach another client's data. Scaling a specific client (adding RAM, CPU) is as simple as resizing their VPS.
The downside is cost and management overhead. Each server requires its own SSL certificate, monitoring, backup configuration, and Odoo installation. At small scale, this is manageable. At 20+ clients, tooling and automation become important.
Shared server with multi-database Odoo is cheaper but introduces significant risk. Odoo supports running multiple databases on a single instance, but all databases share the same Odoo process workers, the same PostgreSQL server, and the same file system. A heavy query on one client's database slows response for all. A misconfigured module on one database can create errors that affect others. A security vulnerability in one client's custom module could potentially reach other databases.
For agencies serious about client service quality and data security, separate servers are the right architecture. The per-server cost is low enough ($5–$15/month on Hetzner or Vultr) that the isolation is worth it.
Client Isolation Best Practices
Even on separate servers, isolation requires attention to detail:
- Separate DNS subdomains: Each client gets a subdomain (clientname.youragency.com) or their own domain. Never share a domain across clients.
- Independent SSL certificates: Each domain gets its own cert. Let's Encrypt handles this automatically with proper nginx configuration.
- Separate database users: If any client uses shared infrastructure, database access should be scoped to their database only.
- Firewall rules: Only expose ports 80, 443, and (optionally) SSH on each server. Block all other inbound traffic.
- SSH key management: Use separate SSH key pairs per client or per team member. Rotate keys when team members leave.
Billing Models for Client Hosting
There are three common billing models for agency-managed Odoo hosting:
Pass-through plus margin: You pay the VPS provider directly and bill the client your cost plus a markup (typically 20–50%). Transparent, easy to explain, but your margin is thin.
Flat monthly management fee: You charge a fixed monthly fee (e.g., $99–$299/month depending on instance size and SLA) that covers hosting, management, monitoring, and support. This is predictable for both parties and your margin is in the management fee rather than hardware markup. This is the most common model for professional agencies.
Hosting included in a retainer: Server hosting is bundled into a broader consulting retainer. Works well for clients where you're also doing ongoing development. Harder to scope when clients want hosting-only.
Regardless of model, be explicit in your service agreement about what's included: backup frequency, monitoring, uptime SLA, response time, included support hours, and how upgrades are handled.
Support Workflows
Define your support scope clearly from the start. There are three layers of support for hosted Odoo:
Infrastructure support (server up, SSL valid, backups running) — this should be included in any managed hosting offering and handled proactively through monitoring.
Odoo application support (module configuration, user questions, workflow issues) — this is billable consulting time unless explicitly included in the retainer.
Custom development support (bug fixes in custom modules, new features) — always billable separately.
Use a ticketing system (even a simple one) to track client requests. This creates a paper trail, helps identify which clients consume the most support time, and makes it easy to justify billing for out-of-scope requests.
For monitoring, set up uptime alerts (UptimeRobot's free plan works for basic checks) and Odoo log monitoring for critical errors. You want to know about problems before the client does.
Team Permissions and Access Control
As your team grows, you need clear access control for client servers:
- Developers should have SSH access only to clients they're actively working on
- Use a secrets manager (Bitwarden Teams, 1Password Teams) for server credentials — never share passwords via Slack or email
- Maintain an access log: who has access to which client server
- Revoke access immediately when a team member leaves
- Consider bastion hosts for large portfolios — one hardened jump server through which all client SSH access flows
For Odoo application access, create a separate "agency admin" user on each client instance with a strong unique password. Don't use the client's admin credentials for your own access — it creates confusion and audit trail problems.
Managing Client Portfolios with DeployMonkey
DeployMonkey's Agency plan ($150/month) is designed specifically for this use case. You connect your clients' VPS servers to your DeployMonkey account, and we handle SSL management, backup automation, monitoring, and Odoo updates across all of them. Your team gets a single dashboard to manage the full portfolio.
Team permissions let you assign developers access to specific client instances without giving them access to others. The audit log tracks all actions across your portfolio, which is useful for both internal accountability and client reporting.
See the full guide on Odoo hosting for agencies or read about deploying Odoo on Hetzner for the infrastructure setup details.
Frequently Asked Questions
How many clients can one Odoo server handle?
On a shared multi-database setup, a 4-core 8GB server can typically handle 5–10 small client databases. For production quality isolation, one server per client is strongly preferred. A Hetzner CX22 (2 cores, 4GB) handles small client instances well at about €5/month.
Should I use Odoo Community or Enterprise for client hosting?
Depends on the client's needs. Community is free and covers most standard business functions. Enterprise adds advanced features (full accounting, subscriptions, mobile apps) but requires per-user licensing. Many clients are well-served by Community.
How do I handle Odoo version upgrades for clients?
Odoo version upgrades are major projects, not routine maintenance. Plan them as scoped projects with testing, custom module compatibility verification, and a rollback plan. They typically take 20–40 hours of effort for a complex client instance.
What's a reasonable uptime SLA to promise clients?
99.5% monthly uptime (about 3.6 hours of allowed downtime per month) is achievable with good VPS infrastructure and monitoring. 99.9% is achievable but requires more robust infrastructure (load balancing, failover) that isn't cost-effective for small client instances.
How should I handle client data when they terminate?
Define this in the service agreement. Standard practice: provide the client a full database backup on termination, keep a copy for 30 days, then delete. Document the data retention and deletion policy clearly in advance.