With 750+ Partners and 2,500+ members spanning 100 countries, the Ubuntoo platform is well placed to help companies accelerate their sustainability goals and collaborate globally. As the usage of the platform increased, new opportunities to enhance the platform evolved. One such business-critical need was around building a secure, online collaboration space that would facilitate a connect between companies and groups of innovators and entrepreneurs focused on specific environmental challenges. Such a space would support coordinating activities like

• Publishing of the Challenge to a Wide Audience
• Organisation and Participation in Virtual Exhibitions
• Engaging with Relevant Start-ups
• Solution Discovery
• Project Coordination, Monitoring & Communication
• All other activities that will help ideas come to life

Ubuntoo proposed Greenhouse, a specialised virtual private digital collaboration platform that taps into a vast database of Ubuntoo solutions, while providing space and tools for confidential collaboration within a closed group and community. It enables users to create a private community within Ubuntoo with its own custom branding. The community can invite members, consult experts, comment, rate, review and communicate confidentially in a secure environment.

A Greenhouse is like a private room formed to solve a specific problem by a select group of members. The members can collaborate by identifying approaches, evaluating news items, blogs, forums and events and working towards a solution. Each greenhouse is akin to a tenant.

Oneture has been Ubuntoo’s Product and Technology partner since its inception in July, 2018.

The Ubuntoo Greenhouse solution presented technical challenges that drew on Oneture’s rich experience in cloud engineering. Some key factors were –

Multi-Tenancy

As multiple Greenhouses exist independent of each other, the Ubuntoo Greenhouse had to support a multi-tenant SaaS architecture. Ensuring this functionality meant that the solution architecture incorporated data isolation, seamless onboarding, provisioning, security and compliance.

A key design consideration to ensure multi-tenancy is to partition the data. For this, Oneture evaluated three data partitioning models.

After evaluating each model thoroughly, Oneture proposed implementation of the Pool Model. The Pool Model represents the all-in, multi-tenant model where a common database with a common schema handles all the data from different tenants. This requires introduction of a partitioning key that is used to scope and control access to tenant data in silos. This model tends to simplify a SaaS solution’s provisioning, management, and update experience. It also fits well with the continuous delivery and agility goals that are essential to SaaS providers.

Role Identification and Access Control

Each Greenhouse member is assigned to a defined roles and identity. Each role would have its own defined access control. In a Greenhouse, members can be classified into different user types – normal members, curators, innovators and experts – which have different roles and access controls. Data visibility is limited based on member type; e.g. innovators & experts can only see the solutions and forum posts in which they have been tagged, curators can access and manage users and other data resources inside a Greenhouse. Since the users have a many-to-many relationship with Greenhouses, we introduced an extra layer of isolation which detects greenhouse members and their (user) types.

Time-to-Market

Ubuntoo proposed to transition users from its existing platform to Greenhouse within a short time with minimal business discontinuity to the users. To ensure smooth conversion to the upgraded functionality, Ubuntoo chalked a two-month implementation window within which Oneture had to design and implement the solution. Our knowledge and experience of working in SaaS, especially native to AWS was invaluable. We delivered the platform by building the underlying security engine, configuration engine and multi-tenancy management system within the timeline.

While building multitenant SaaS solution it is important to gain a deep understanding of tenant profiles. One can then define the isolation and partition models. Implementation can start with a Pool Model, unless there is an SLA or other data compliance requirement that compels use of the Silo Model. Following key factors ensure success of the solution.

• Use of metering by using resource tagging techniques in AWS helps to understand the cost per tenant and refine the subscription tiering.
• Using CI/CD and effective monitoring are important features of the Pool Model.
• Agile development model is more suited for SaaS-based projects because there are many incremental feature releases that can be better managed using agile sprints.

Using AWS serverless technologies and other cloud native services can simplify implementation and deployment of multi-tenant SaaS solutions. Ubuntoo Greenhouses has proven that such robust solutions can be designed in short timelines with minimal disruption to business.