TARGETF4Admin · 验证备份能否在独立故障域恢复服务旅程的平台运维、数据 owner、QA 与审批人

隔离恢复演练

从不可变 manifest、隔离目标、恢复步骤、完整性/旅程验证到实际 RPO/RTO 形成双人可审计回执

/ops/recovery/drills/:drillIdplatform-operations
UI STUDIOplatform-restore-drill
Admin1440 × 900100%
100%
/ops/recovery/drills/:drillId
TARGET UI1440 × 900FIT 100%
K15 F4 TARGETCURRENT RUNTIME + CODE EVIDENCE + TARGET CONTROL PLANEreits-media db8c55a · EC2 snapshot 2026-07-17
RESOURCE & OBSERVABILITY / platform-restore-drill

隔离恢复演练

从不可变 manifest、隔离目标、恢复步骤、完整性/旅程验证到实际 RPO/RTO 形成双人可审计回执

BACKUP SUCCESS ≠ RESTORE PROVEN

Quarterly isolated recovery drill

DRILL-2026-Q3-EC2-01 · target runbook bound to current backup evidence

MARIA DB DUMP32 MBgzip verified · S3 copy
GITEA ARCHIVE13 GBgzip verified · S3 copy
LOCAL ROOT DISK56%backup + workloads share disk
RESTORE PROOFMISSINGno isolated service journey
RESTORE DRILL RUNBOOKTWO-PERSON TARGET
1Select immutable manifest

MariaDB + Gitea latest S3 copy

READY
2Provision isolated target

separate account/VPC/credentials

TARGET
3Restore data and services

no production overwrite

BLOCKED
4Run integrity + journey checks

login · repo clone · application reads

PENDING
5Measure and attest

actual RPO/RTO + evidence bundle

PENDING
REFERENCE VIEWPORT1440 × 900Desktop first · responsive
PRIMARY TASK选择 manifest主操作、权限与完成反馈必须同屏可验证
DATA CONTRACTBackupManifestready / loading / empty / error 使用同一 fixture
ACCESSIBILITYKeyboard + WCAG AA焦点顺序、可读名称、对比度进入 UI CI
VISUAL BASELINETARGET · 2026-07-17桌面/移动、浅色/错误态按稳定 Screen ID 留档

IMPLEMENTATION MAP

可以直接拆成开发任务的目标定义

目标稿与当前实现严格分轨;只有产品仓实现、测试与生产证据齐全后,才会转为 current evidence。

01

页面区域

  • 备份不等于恢复警示
  • 最近备份证据
  • 恢复步骤
  • 目标 RPO/RTO
  • P0 blockers
  • 验收旅程
  • 证明与跟进
02

用户动作

  • 选择 manifest
  • 验证 checksum
  • 申请隔离环境
  • 双人批准
  • 执行恢复
  • 运行服务旅程
  • 记录 RPO/RTO
  • 清理并签署
03

必须状态

  • 运营证据已就绪
  • 多源证据聚合中
  • 当前范围为空
  • 部分证据源失败
  • 运营视图读取失败
  • 离线快照只读
  • 资源或环境权限拒绝
  • 高风险命令确认
  • 命令与证据回执完成
04

数据契约

  • BackupManifest
  • BackupArtifact
  • RestoreEnvironment
  • RestoreApproval
  • RestoreStepReceipt
  • IntegrityCheck
  • JourneyCheck
  • RecoveryAttestation

TARGET MODULES

目标页面必须交付的模块

  1. 01backup manifest
  2. 02off-host copy
  3. 03isolated target
  4. 04two-person approval
  5. 05restore steps
  6. 06integrity/journey checks
  7. 07actual RPO/RTO
  8. 08cleanup receipt

PRODUCT ROUTE INDEX

REITs Platform · Resource & Observability 的 8 个稳定 Screen ID

同一产品内的页面共享 token、导航和状态语言,但每个 Screen ID 保留自己的字段、数据契约和 QA 基线。

01
资源上传与预检/ops/media/uploads/new
Admin
02
隔离验证与晋级/ops/media/quarantine
Admin
03
不可变资源库/ops/media/assets
Admin
04
平台服务状态/status · /ops/status
Admin
05
日志与关联检索/ops/logs
Admin
06
Incident 指挥与时间线/ops/incidents/:incidentId
Admin
07
跨域审计事件详情/ops/audit/:eventId
Admin
08
隔离恢复演练/ops/recovery/drills/:drillId
Admin