Tonic architecture
The following diagram shows how data and requests flow within within the Tonic application:

Tonic architecture
The Tonic application database is a PostgreSQL database that stores the workspace and Tonic configuration.
The configuration includes:
- Which users have administrative access to the Tonic instance.
- Configuration of the workspaces in the Tonic instance. Each workspace includes:
- Data connections
- Users and roles
- Generation configuration (table modes, generators, subsetting)
- Post-job actions
- Job tracking
For a file connector workspace that uses files uploaded from a local file system, the Tonic application database stores the encrypted source files. It also stores the generated destination files.
Each workspace is connected to a source database and a destination database. These databases are external to Tonic, but Tonic must be able to read from the source database and write to the destination database.
The source database contains the original data. We recommend that you use a static copy of your production database that was restored from a backup.
The destination database contains the results of the Tonic data generation.
Each of the components below can have one or more containers.
Runs the Tonic user interface. It also runs scans to ascertain the structure of the source data, including the scans to detect schema changes.
The web server displays preview data from the source database, and pulls the configuration from the application database.
The web server also receives and processes requests and calls from the Tonic API.
The web server also handles the migration of the Tonic database when a new Tonic version makes changes to it.
Sends email notifications to notify users about comments on source database columns. The commenting feature requires an enterprise tier license.
The notification component also processes Tonic webhooks. Webhooks perform specific actions when a data generation job completes, fails, or is canceled.
A Tonic instance can have multiple workers. Additional workers allow you to process multiple jobs at the same time.
Tonic workers run sensitivity scans. During a sensitivity scan, Tonic looks for specific types of sensitive information in the source database. See privacy-hub-sensitive-data-types.
The workers also run data generation. The data generation process pulls data from the source database and applies the configured generators and subsetting. The configuration is in the application database.
The workers write the resulting data to the destination database.
Runs the AI Synthesizer generator. If a workspace uses AI Synthesizer, then the Tonic worker calls the Tonic machine learning during data generation.
The SMTP server processes the notifications sent by the Tonic notification component.
All communication between Tonic components, between Tonic components and the application database, and between the notification component and the SMTP server use TLS encryption.
TLS encryption also is used by default to encrypt communication between Tonic and the source and destination databases.