π Coditect Sandbox Platform β Full Technical Architecture (L1 β L7)
π§ Level 1 β Problem Statement & Contextβ
Coditect addresses the need for secure, autosaving, multi-runtime sandbox environments that support AI agents, ephemeral developer environments, and dynamic runtime workloads in a zero-trust cloud-native architecture.
Context:
- Increasing demand for ephemeral compute across AI and software engineering workflows
- Multi-tenant environments require strong isolation guarantees
- Git-centric workflows require automatic state capture, snapshots, and traceability
- Executable environments must span containers (gVisor/Kata), microVMs (Firecracker), and WASM runtimes
π§ Level 2 β High-Level Architectureβ
πΉ Key Components:β
- Frontend UI (React) β sandbox explorer, logs, creation
- API (FastAPI) β JWT-authenticated entrypoint for sandbox lifecycle, autosave, and quota
- Controller (Go) β Kubernetes CRD controller for
Sandboxresources - Agent (Python or Rust) β GCP Workstation-local gRPC server to launch containers in gVisor, Kata, or Wasmtime
- Infrastructure (OpenTofu) β GCP project, GKE, WorkstationConfig, Secret Manager, IAM
- Autosave Engine β GitHub worktree commit/push daemon
- Monitoring β Prometheus, Grafana, Cloud Logging
π System Flow:β
...
β This is the full Coditect architecture from Level 1 β Level 7, covering strategic goals, detailed implementation, runtime isolation, identity, observability, and threat modeling.
Would you like this exported as a PDF or HTML next?