Diff: systems/totebox-orchestration
From a07bdf5 to a07bdf5
+0 / −0 lines
| Before | After |
|---|---|
| --- | --- |
| schema: foundry-doc-v1 | schema: foundry-doc-v1 |
| title: "Totebox orchestration" | title: "Totebox orchestration" |
| slug: totebox-orchestration | slug: totebox-orchestration |
| category: systems | category: systems |
| type: topic | type: topic |
| quality: complete | quality: complete |
| short_description: "Totebox Orchestration describes the coordination layer that manages multiple Totebox data-archive containers, keeping software execution engines isolated from passive corporate ledgers across deployments." | short_description: "Totebox Orchestration describes the coordination layer that manages multiple Totebox data-archive containers, keeping software execution engines isolated from passive corporate ledgers across deployments." |
| status: active | status: active |
| bcsc_class: public-disclosure-safe | bcsc_class: public-disclosure-safe |
| last_edited: 2026-05-04 | last_edited: 2026-05-04 |
| editor: pointsav-engineering | editor: pointsav-engineering |
| cites: [] | cites: [] |
| paired_with: topic-totebox-orchestration.es.md | paired_with: topic-totebox-orchestration.es.md |
| --- | --- |
| **Totebox Orchestration** is the layer responsible for provisioning, coordinating, and monitoring individual Totebox instances in a PointSav deployment. A Totebox is an isolated data container that separates active software engines from passive corporate ledgers. The container stores data as inert flat files; cryptographic checksums verify structural integrity on a permanent basis. | **Totebox Orchestration** is the layer responsible for provisioning, coordinating, and monitoring individual Totebox instances in a PointSav deployment. A Totebox is an isolated data container that separates active software engines from passive corporate ledgers. The container stores data as inert flat files; cryptographic checksums verify structural integrity on a permanent basis. |
| When a customer operates more than one Totebox — for example, separate archive containers for contracts, financial records, and correspondence — the orchestration layer ensures each container maintains its own isolated ledger, runs its own integrity verification pass, and reports health status through a unified monitoring surface. | When a customer operates more than one Totebox — for example, separate archive containers for contracts, financial records, and correspondence — the orchestration layer ensures each container maintains its own isolated ledger, runs its own integrity verification pass, and reports health status through a unified monitoring surface. |
| ## Container isolation | ## Container isolation |
| Each Totebox runs as an independent unit. No container shares a ledger directory with any other container. A compromise in one container's asset directory does not propagate to sibling containers, because there is no shared mutable state at the ledger layer. | Each Totebox runs as an independent unit. No container shares a ledger directory with any other container. A compromise in one container's asset directory does not propagate to sibling containers, because there is no shared mutable state at the ledger layer. |
| ## Integrity verification | ## Integrity verification |
| The orchestration layer schedules periodic checksum audits across all managed containers. Results are written to a consolidated audit record. Any checksum mismatch raises a flag at the orchestration level before surfacing to the operator. | The orchestration layer schedules periodic checksum audits across all managed containers. Results are written to a consolidated audit record. Any checksum mismatch raises a flag at the orchestration level before surfacing to the operator. |
| ## Provisioning and lifecycle | ## Provisioning and lifecycle |
| A new Totebox container is provisioned with a three-directory skeleton — `app-console-input/`, `assets/`, and `ledger/` — and registered with the orchestration layer at creation time. The orchestration layer tracks container state across its operational lifecycle: active, suspended, or archived. | A new Totebox container is provisioned with a three-directory skeleton — `app-console-input/`, `assets/`, and `ledger/` — and registered with the orchestration layer at creation time. The orchestration layer tracks container state across its operational lifecycle: active, suspended, or archived. |
| ## See also | ## See also |
| - [[totebox-os]] | - [[totebox-os]] |
| - [[infrastructure-os]] | - [[infrastructure-os]] |
| - [[console-os]] | - [[console-os]] |