Self-healing architecture for resilient computing services

What is claimed is: 1. A method comprising: initializing, by a distributed computing system, a plurality of virtual machines (VMs) configured to provide a service, wherein: the distributed computing system hosts a first VM of the plurality of VMs, the distributed computing system hosts a second VM of the plurality of VMs, the first VM is in an active mode and the second VM is not in the active mode, initializing the plurality of VMs comprises, for each respective VM of the plurality of VMs: generating a unique Application Binary Interface (ABI) for an operating system for the respective VM; compiling a software application such that the software application is configured to use the unique ABI for the operating system for the respective VM; and installing the operating system for the respective VM and the compiled software application on the respective VM, wherein, for each respective VM of the plurality of VMs, the ABI for the operating system for the respective VM is different from the ABIs for the operating systems for each other VM of the plurality of VMs; dispatching, by the distributed computing system, to one or more VMs of the plurality of VMs that provide the service and are in the active mode, one or more request messages for the service; determining, by the distributed computing system, in response to software in the first VM invoking a system call in a manner inconsistent with the unique ABI for the operating system of the first VM, that a failover event has occurred; and responsive to determining that the failover event has occurred, failing over, by the distributed computing system, from the first VM to the second VM such that the second VM is in the active mode instead of the first VM. 2. The method of claim 1 , wherein: the distributed computing system comprises a first cluster and a second cluster, the first cluster including a first host device and a first persistent storage node, the second cluster including a second host device and a second persistent storage node, the first host device hosts the first VM, the second host device hosts the second VM; the method further comprising: prior to determining the failover event has occurred: storing, at the first persistent storage node, a first copy of a database, the first persistent storage node persisting the first copy of the database independently of the first VM; storing, at the second persistent storage node, a second copy of the database, the second persistent storage node persisting the second copy of the database independently of the second VM; receiving, by the first VM, a request message for the service; as part of processing the request message, generating, by the first VM, a database modification request; responsive to the database modification request, performing, at the first persistent storage node, a modification to the first copy of the database; and synchronizing the first copy and the second copy of the database; and responsive to determining the failover event has occurred, rolling back the modification to the database requested by the first VM. 3. The method of claim 2 , wherein synchronizing the first copy and the second copy of the database comprise comprises communicating the modification to the first copy of the database to the second persistent storage node via a distributed virtual private network (VPN). 4. The method of claim 1 , wherein the method further comprises: automatically discarding and replacing, by the distributed computing system, VMs of the plurality of VMs according to a refresh policy. 5. The method of claim 4 , wherein automatically discarding and replacing the VMs according to the refresh policy comprises: automatically discarding and replacing, by the distributed computing system, a VM of the plurality of VMs after the VM has completed processing a particular number of transactions. 6. The method of claim 5 , wherein each of the transactions comprises an application level session involving the VM and a user device. 7. The method of claim 1 , wherein, for each respective VM of the plurality of VMs: generating the unique ABI for the operating system for the respective VM comprises replacing a published set of call numbers for system calls of a published ABI of the operating system for the respective VM with a randomized set of call numbers, and compiling the software application comprises compiling the software application such that machine code generated by compiling the software application is configured to use call numbers in the randomized set of call numbers to perform system calls instead of call numbers in the published set of call numbers. 8. The method of claim 7 , further comprising: determining, by a host device that hosts the first VM, based on the software in the first VM using a call number in the published set of call numbers to invoke the system call, that the software in the first VM has invoked the system call in the manner inconsistent with the unique ABI for the operating system of the first VM. 9. The method of claim 1 , further comprising: responsive to determining that the failover event has occurred, discarding, by the distributed computing system, the first VM. 10. The method of claim 1 , wherein a first host device hosts the first VM, a second host device hosts the second VM, the failover event is a first failover event, the method further comprising, after failing over from the first VM to the second VM: determining, by the distributed computing system, that a second failover event has occurred based on communication with the second host device or the second VM being lost; and in response to the second failover event, failing over, by the distributed computing system, from the second VM to a third VM of the plurality of VMs. 11. The method of claim 1 , wherein: the method further comprising initializing, by the distributed computing system, a plurality of dispatcher nodes such that each respective dispatcher node of the plurality of dispatcher nodes is configured to receive, from one or more user devices, at least one request message of the one or more request messages and to forward the respective at least one request message to one or more VMs of the plurality of VMs that are in the active mode. 12. A distributed computing system comprising: a dispatcher node; a plurality of host devices, wherein one or more host devices of the plurality of host devices are configured to: initialize a plurality of virtual machines (VMs) configured to provide a service, wherein: the plurality of VMs includes a first VM and a second VM, the first VM is in an active mode and the second VM is not in the active mode, wherein the one or more host devices of the plurality of host devices are configured such that, as part of initializing the plurality of VMs, the one or more host devices, for each respective VM of the plurality of VMs: generate a unique Application Binary Interface (ABI) for an operating system for the respective VM; compile a software application such that the software application is configured to use the unique ABI for the operating system for the respective VM; and install the operating system for the respective VM and the compiled software application on the respective VM, wherein, for each respective VM of the plurality of VMs, the ABI for the operating system for the respective VM is different from the ABIs for the operating systems for each other VM of the plurality of VMs; wherein the dispatcher node is configured to distribute to one or more VMs of the plurality of VMs that provide the service and are in the active mode, one or more request messages for the service; wher