I have to patch my servers, I know that is a golden rule but I have heard comments from friends related to the IT industry, that is much better to spin new servers with updated images and configure/deploy the services again and redirect the traffic or whatever is necessary to maintain production environments stable and then decommission the old server. Wondering what is the best approach and what are the best practices to test patches before doing that on production environments. Also, spinning new infrastructure in a cloud provider( e.g AWS ) is not more expensive than patching your current servers? Hope you guys can give me the best practices on this topic 