Handling changes in a distributed network management system that uses a logical multi-dimensional label-based policy model

The invention claimed is: 1. A method of processing a change to a state of a particular managed server within an administrative domain, wherein the administrative domain includes a plurality of managed servers that use management instructions to configure management modules so that the configured management modules implement an administrative domain-wide management policy that comprises a set of one or more rules, the method comprising: storing the set of one or more rules, each rule specifying a service provided over a computer network, a provided-by portion indicating which of the managed servers are controlled by the rule in providing the service over the computer network, and a used-by portion indicating which of the managed servers are controlled by the rule in using the service accessed over the computer network; modifying an initial description of the particular managed server to generate a modified description of the particular managed server to indicate the particular managed server's changed state; comparing the initial description to the modified description, thereby specifying a description change; determining, based on the description change, whether to update current management instructions previously sent to the particular managed server; and responsive to determining to update the particular managed server's current management instructions: determining, based on the modified description, which rules within the set of rules specify a provided-by portion applicable to the particular managed server or a used-by portion applicable to the particular managed server, thereby specifying currently-relevant rules; obtaining cached previously-relevant rules previously determined based on the initial description; determining whether the currently-relevant rules differ from the cached previously-relevant rules for the particular managed server; and responsive to determining that the currently-relevant rules differ from the cached previously-relevant rules: determining a rule that should be added, removed, or modified relative to the cached previously-relevant rules; updating the cached previously-relevant rules based on the determined rule; generating, based on the determined rule, a management instruction executable by the particular managed server; and sending, to the particular managed server, the management instruction and an instruction to add, remove, or modify the management instruction on the particular managed server. 2. The method of claim 1 , further comprising responsive to determining to update the particular managed server's management instructions and responsive to determining that the currently-relevant rules differ from the cached previously-relevant rules: updating cached actor-sets to indicate the particular managed server's changed state, thereby specifying updated actor-sets; determining which updated actor-sets are relevant to the particular managed server, thereby specifying currently-relevant updated actor-sets; determining whether the currently-relevant updated actor-sets differ from actor-sets previously sent to the particular managed server; and responsive to determining that the currently-relevant updated actor-sets are different from the previously-sent actor-sets: determining an updated actor-set that should be added, removed, or modified relative to the previously-sent actor-sets; and sending, to the particular managed server, the updated actor-set and a second instruction to add, remove, or modify the updated actor-set. 3. The method of claim 1 , wherein the description change comprises an offline/online change, a label set change, a configured characteristic change, or a network exposure information change. 4. The method of claim 1 , wherein determining whether to update management instructions previously sent to the particular managed server comprises: determining whether the description change indicates that the particular managed server went from offline to online; and responsive to determining that the description change indicates that the particular managed server went from offline to online, determining to update the particular managed server's management instructions. 5. The method of claim 1 , wherein determining whether to update management instructions previously sent to the particular managed server comprises: determining whether the description change comprises a label set change or a configured characteristic change; and responsive to determining that the description change comprises the label set change or the configured characteristic change, determining to update the particular managed server's management instructions. 6. The method of claim 1 , wherein determining whether to update management instructions previously sent to the particular managed server comprises: determining whether the description change comprises a network exposure information change; and responsive to determining that the description change comprises a network exposure information change, determining to update the particular managed server's management instructions. 7. The method of claim 1 , further comprising, prior to comparing the initial description to the modified description: determining, based on the modified description, additional information regarding the particular managed server; and modifying the modified description to indicate the additional information. 8. The method of claim 1 , wherein determining which rules within the set of rules specify and provided-by portion applicable to the particular managed server or a used-by portion applicable to the particular managed server, and determining whether the currently-relevant rules differ from the cached previously-relevant rules for the particular managed server identifies a limited set of rules to enable efficient distribution of the limited set of rules to the particular managed server. 9. A non-transitory computer-readable storage medium storing computer program modules for processing a change to a state of a particular managed server within an administrative domain, wherein the administrative domain includes a plurality of managed servers that use management instructions to configure management modules so that the configured management modules implement an administrative domain-wide management policy that comprises a set of one or more rules, the computer program modules executable to perform steps comprising: storing the set of one or more rules, each rule specifying a service provided over a computer network, a provided-by portion indicating which of the managed servers are controlled by the rule in providing the service over the computer network, and a used-by portion indicating which of the managed servers are controlled by the rule in using the service accessed over the computer network; modifying an initial description of the particular managed server to generate a modified description of the particular managed server to indicate the particular managed server's changed state; comparing the initial description to the modified description, thereby specifying a description change; determining, based on the description change, whether to update current management instructions previously sent to the particular managed server; and responsive to determining to update the particular managed server's current management instructions: determining, based on the modified description, which rules within the set of rules specify a provided-by portion applicable to the particular managed server or a used-by portion applicable to the particular managed server, thereby specifying currently-relevant rules; obtaining cached previously-relevant rules previously determined based on the initial description; determining whethe