diff --git a/ansible/configure-core-local.yml b/ansible/configure-core-local.yml
index b42c72f7..c2086c06 100644
--- a/ansible/configure-core-local.yml
+++ b/ansible/configure-core-local.yml
@@ -6,6 +6,7 @@
   become: true
   force_handlers: true
   vars:
+    exclusive_tenant: ""
     shard_role: core
     cloud_provider: aws
     core_public_ip: "{{ oracle_public_ip | default('') if core_cloud_provider == 'oracle' else ansible_ec2_public_ipv4 | default('') }}"
diff --git a/ansible/roles/common/files/oracle_cache.sh b/ansible/roles/common/files/oracle_cache.sh
index 4ac5eeea..d6c78fc2 100644
--- a/ansible/roles/common/files/oracle_cache.sh
+++ b/ansible/roles/common/files/oracle_cache.sh
@@ -44,6 +44,7 @@ export NAME_TAG="Name"
 export SHARD_TAG="shard"
 export SHARD_ROLE_TAG="shard-role"
 export GIT_BRANCH_TAG="git_branch"
+export EXCLUSIVE_TENANT_TAG="exclusive_tenant"
 export RELEASE_NUMBER_TAG="release_number"
 export JIBRI_RELEASE_NUMBER_TAG="jibri_release_number"
 export JVB_RELEASE_NUMBER_TAG="jvb_release_number"
@@ -88,6 +89,7 @@ export ENVIRONMENT=$(cat $CACHE_PATH | jq -r --arg ENVIRONMENT_TAG "$ENVIRONMENT
 export ENVIRONMENT_TYPE=$(cat $CACHE_PATH | jq -r --arg ENVIRONMENT_TYPE_TAG "$ENVIRONMENT_TYPE_TAG" ".[\"$ENVIRONMENT_TYPE_TAG\"]")
 export SHARD=$(cat $CACHE_PATH | jq -r --arg SHARD_TAG "$SHARD_TAG" ".[\"$SHARD_TAG\"]")
 export SHARD_ROLE=$(cat $CACHE_PATH | jq -r --arg SHARD_ROLE_TAG "$SHARD_ROLE_TAG" ".[\"$SHARD_ROLE_TAG\"]")
+export EXCLUSIVE_TENANT=$(cat $CACHE_PATH | jq -r --arg EXCLUSIVE_TENANT_TAG "$EXCLUSIVE_TENANT_TAG" ".[\"$EXCLUSIVE_TENANT_TAG\"]")
 export RELEASE_NUMBER=$(cat $CACHE_PATH | jq -r --arg RELEASE_NUMBER_TAG "$RELEASE_NUMBER_TAG" ".[\"$RELEASE_NUMBER_TAG\"]")
 export JIBRI_RELEASE_NUMBER=$(cat $CACHE_PATH | jq -r --arg JIBRI_RELEASE_NUMBER_TAG "$JIBRI_RELEASE_NUMBER_TAG" ".[\"$JIBRI_RELEASE_NUMBER_TAG\"]")
 export JVB_RELEASE_NUMBER=$(cat $CACHE_PATH | jq -r --arg JVB_RELEASE_NUMBER_TAG "$JVB_RELEASE_NUMBER_TAG" ".[\"$JVB_RELEASE_NUMBER_TAG\"]")
@@ -127,4 +129,8 @@ fi
 
 if [ "$JVB_POOL_MODE" == "null" ]; then
   export JVB_POOL_MODE=
-fi
\ No newline at end of file
+fi
+
+if [ "$EXCLUSIVE_TENANT" == "null" ]; then
+  export EXCLUSIVE_TENANT=
+fi
diff --git a/ansible/roles/consul-signal/templates/signal.json.j2 b/ansible/roles/consul-signal/templates/signal.json.j2
index c98f3dc1..f4534026 100644
--- a/ansible/roles/consul-signal/templates/signal.json.j2
+++ b/ansible/roles/consul-signal/templates/signal.json.j2
@@ -6,6 +6,7 @@
         "environment":"{{ hcv_environment }}",
         "domain":"{{ prosody_domain_name }}",
         "release_number":"{{ jitsi_release_number }}",
+        "exclusive_tenant":"{{ exclusive_tenant }}",
         "shard":"{{ shard_name }}",
         "shard_id":"{{ shard_number }}",
         "http_backend_port":"443",
diff --git a/ansible/roles/hcv-haproxy-configure/files/configure-haproxy.py b/ansible/roles/hcv-haproxy-configure/files/configure-haproxy.py
index ad7c27c1..f8d1ea7c 100644
--- a/ansible/roles/hcv-haproxy-configure/files/configure-haproxy.py
+++ b/ansible/roles/hcv-haproxy-configure/files/configure-haproxy.py
@@ -110,6 +110,10 @@ def backend_from_service(consul_url,service,datacenter,local_datacenters):
     if 'http_backend_port' in service['ServiceMeta']:
         backend_port = int(service['ServiceMeta']['http_backend_port'])
 
+    exclusive_tenant = ''
+    if 'exclusive_tenant' in service['ServiceMeta']:
+        exclusive_tenant = service['ServiceMeta']['exclusive_tenant']
+
     if 'ServiceTaggedAddresses' in service:
         if 'lan' in service['ServiceTaggedAddresses']:
             private_ip = service['ServiceTaggedAddresses']['lan']['Address']
@@ -154,6 +158,7 @@ def backend_from_service(consul_url,service,datacenter,local_datacenters):
         'agent_port': agent_port,
         'backend_port': backend_port,
         'release_number': release_number,
+        'exclusive_tenant': exclusive_tenant,
     }
 
     if backend['datacenter'] in local_datacenters:
diff --git a/ansible/roles/hcv-haproxy-configure/templates/haproxy.cfg.j2 b/ansible/roles/hcv-haproxy-configure/templates/haproxy.cfg.j2
index f8c2b4b3..16cf8a99 100644
--- a/ansible/roles/hcv-haproxy-configure/templates/haproxy.cfg.j2
+++ b/ansible/roles/hcv-haproxy-configure/templates/haproxy.cfg.j2
@@ -403,7 +403,22 @@ backend release-{{ release }}
 {%- endif %}  
 {% endfor %}
 {% for item in haproxy_facts.backends|sort(attribute='local',reverse=True) %}
-{% if item['release_number'] != release %}
+{% if item['release_number'] != release and item['exclusive_tenant'] == "" %}
+  server {{ release }}-fallback-{{ item['shard'] }} {% if haproxy_backend_use_private_ip -%}
+    {{ item['private_ip'] }}
+  {%- else -%}
+    {{ item['public_ip'] }}
+  {%- endif -%}
+    :{{ item['backend_port'] if item['backend_port'] is defined else haproxy_backend_port }} id {{ item['id'] }} backup 
+  {%- if (item['backend_port'] if item['backend_port'] is defined else haproxy_backend_port)==443 %} ssl verify none {% endif -%}
+  {% if haproxy_agent_check -%} no-check agent-check agent-port {{ item['agent_port'] if item['agent_port'] is defined else haproxy_agent_check_port }} agent-inter {{ haproxy_check_interval }} weight 256
+  {%- elif haproxy_check_port -%}
+    {%- if haproxy_check_port==443 %} check-ssl {% endif -%} check port {{ haproxy_check_port }}
+  {%- endif %}
+{%- endif %}  
+{% endfor %}
+{% for item in haproxy_facts.backends|sort(attribute='local',reverse=True) %}
+{% if item['release_number'] != release and item['exclusive_tenant'] != "" %}
   server {{ release }}-fallback-{{ item['shard'] }} {% if haproxy_backend_use_private_ip -%}
     {{ item['private_ip'] }}
   {%- else -%}
@@ -417,5 +432,4 @@ backend release-{{ release }}
   {%- endif %}
 {%- endif %}  
 {% endfor %}
-
 {% endfor %} {# haproxy_facts.releases #}
diff --git a/ansible/roles/hcv-haproxy-configure/templates/haproxy.cfg.template.j2 b/ansible/roles/hcv-haproxy-configure/templates/haproxy.cfg.template.j2
index cd2d15d0..837c5265 100644
--- a/ansible/roles/hcv-haproxy-configure/templates/haproxy.cfg.template.j2
+++ b/ansible/roles/hcv-haproxy-configure/templates/haproxy.cfg.template.j2
@@ -344,6 +344,9 @@ backend release-{{ $release }}
   stick on hdr(X-StickToken) table {{ haproxy_backend_name }} if stick_token_flag stick_token
 {% for dc in ns.haproxy_datacenters %}{% raw %}{{ $dc_shards := print "signal@{% endraw %}{{ dc }}{% raw %}" }}{{ range $index, $shard := service $dc_shards }}{{ if eq $shard.ServiceMeta.release_number $release }}
   server {{ $release }}-{{ $shard.ServiceMeta.shard }} {{ $shard.Address }}:{{ $shard.ServiceMeta.http_backend_port }} id {{ $shard_int := $shard.ServiceMeta.shard_id | parseInt }}{{ add $shard_int 10 }}{% endraw %}{% if loop.index != 1 %}{% raw %} backup{% endraw %}{% endif %}{% raw %}{{ if eq $shard.ServiceMeta.http_backend_port "443" }} ssl verify none{{ end }} no-check agent-check agent-port {{ $shard.ServiceMeta.signal_sidecar_agent_port }} agent-inter {{ env "HAPROXY_AGENT_CHECK_INTERVAL" }} weight 256{{ end }}{{ end }}{% endraw %}{% endfor %}
-{% for dc in ns.haproxy_datacenters %}{% raw %}{{ $dc_shards := print "signal@{% endraw %}{{ dc }}{% raw %}" }}{{ range $index, $shard := service $dc_shards }}{{ if ne $shard.ServiceMeta.release_number $release }}
+{% for dc in ns.haproxy_datacenters %}{% raw %}{{ $dc_shards := print "signal@{% endraw %}{{ dc }}{% raw %}" }}{{ range $index, $shard := service $dc_shards }}{{ if and (ne $shard.ServiceMeta.release_number $release) (eq $shard.ServiceMeta.exclusive_release "" }}
+  server {{ $release }}-fallback-{{ $shard.ServiceMeta.shard }} {{ $shard.Address }}:{{ $shard.ServiceMeta.http_backend_port }} id {{ $shard_int := $shard.ServiceMeta.shard_id | parseInt }}{{ add $shard_int 10 }} backup{{ if eq $shard.ServiceMeta.http_backend_port "443" }} ssl verify none{{ end }} no-check agent-check agent-port {{ $shard.ServiceMeta.signal_sidecar_agent_port }} agent-inter {{ env "HAPROXY_AGENT_CHECK_INTERVAL" }} weight 256{{ end }}{{ end }}{% endraw %}{% endfor %}{% raw %}
+{{ end }}{% endraw %}
+{% for dc in ns.haproxy_datacenters %}{% raw %}{{ $dc_shards := print "signal@{% endraw %}{{ dc }}{% raw %}" }}{{ range $index, $shard := service $dc_shards }}{{ if and (ne $shard.ServiceMeta.release_number $release) (ne $shard.ServiceMeta.exclusive_release "") }}
   server {{ $release }}-fallback-{{ $shard.ServiceMeta.shard }} {{ $shard.Address }}:{{ $shard.ServiceMeta.http_backend_port }} id {{ $shard_int := $shard.ServiceMeta.shard_id | parseInt }}{{ add $shard_int 10 }} backup{{ if eq $shard.ServiceMeta.http_backend_port "443" }} ssl verify none{{ end }} no-check agent-check agent-port {{ $shard.ServiceMeta.signal_sidecar_agent_port }} agent-inter {{ env "HAPROXY_AGENT_CHECK_INTERVAL" }} weight 256{{ end }}{{ end }}{% endraw %}{% endfor %}{% raw %}
 {{ end }}{% endraw %}