Feel kind of bad for whoever made the bad command. Imagine how horrifying a moment that must’ve been.
Maybe the tool could use a MySQL-style are-you-sure-you-mean-everything warning.
Or require two operators along with soft and hard limits on actions.
I think it would be enough for the tool to just print out the list of servers it’s going to reboot and then ask “Are you sure you want to do this?” The operator would easily catch the mistake if it listed every single server in the data-center.
I used to work as a Student Assistant in my University’s Library IT Department, and one day about 6 months into my job I accidentally deleted our entire network share full of software and documentation. Thankfully we were able to quickly grab the server and run some file recovery software (file deletions on Windows network shares skip the Trash Can). We recovered about 95% of what had been lost, and I spent the rest of the day putting everything back in it’s place.
In the end, it caused my boss to start looking for safer alternatives, and we ended up switching to a better system several months after that.
But yes, the moment you realize what you’ve done is terrifying.