From 2da7a6755c12eadc29d807796c033f989cae020f Mon Sep 17 00:00:00 2001
From: Waleed <walif6@gmail.com>
Date: Mon, 13 Oct 2025 12:06:30 -0700
Subject: [PATCH] feat(helm): added pdb to helm (#1617)

* feat(helm): added pdb to helm

* add additional config
---
 helm/sim/examples/values-aws.yaml           |  5 +-
 helm/sim/examples/values-external-db.yaml   |  5 +-
 helm/sim/examples/values-gcp.yaml           |  5 +-
 helm/sim/examples/values-production.yaml    |  4 +-
 helm/sim/templates/poddisruptionbudget.yaml | 52 +++++++++++++++++++++
 helm/sim/values.yaml                        | 13 +++++-
 6 files changed, 76 insertions(+), 8 deletions(-)
 create mode 100644 helm/sim/templates/poddisruptionbudget.yaml

diff --git a/helm/sim/examples/values-aws.yaml b/helm/sim/examples/values-aws.yaml
index 14adf139f7..51045af982 100644
--- a/helm/sim/examples/values-aws.yaml
+++ b/helm/sim/examples/values-aws.yaml
@@ -200,8 +200,9 @@ ingress:
 # Pod disruption budget for high availability
 podDisruptionBudget:
   enabled: true
-  minAvailable: 1
-
+  minAvailable: null
+  maxUnavailable: 1  
+  unhealthyPodEvictionPolicy: AlwaysAllow 
 # Network policies
 networkPolicy:
   enabled: true
diff --git a/helm/sim/examples/values-external-db.yaml b/helm/sim/examples/values-external-db.yaml
index c4dd7f754f..0f48e16607 100644
--- a/helm/sim/examples/values-external-db.yaml
+++ b/helm/sim/examples/values-external-db.yaml
@@ -122,8 +122,9 @@ autoscaling:
 
 podDisruptionBudget:
   enabled: true
-  minAvailable: 1
-
+  minAvailable: null
+  maxUnavailable: 1  
+  unhealthyPodEvictionPolicy: AlwaysAllow 
 monitoring:
   serviceMonitor:
     enabled: true
diff --git a/helm/sim/examples/values-gcp.yaml b/helm/sim/examples/values-gcp.yaml
index 987bad86f3..d28c80efed 100644
--- a/helm/sim/examples/values-gcp.yaml
+++ b/helm/sim/examples/values-gcp.yaml
@@ -201,8 +201,9 @@ ingress:
 # Pod disruption budget for high availability
 podDisruptionBudget:
   enabled: true
-  minAvailable: 1
-
+  minAvailable: null
+  maxUnavailable: 1  
+  unhealthyPodEvictionPolicy: AlwaysAllow 
 # Network policies
 networkPolicy:
   enabled: true
diff --git a/helm/sim/examples/values-production.yaml b/helm/sim/examples/values-production.yaml
index ac307b14a9..d449fe68b2 100644
--- a/helm/sim/examples/values-production.yaml
+++ b/helm/sim/examples/values-production.yaml
@@ -165,7 +165,9 @@ autoscaling:
 # Pod disruption budget (ensures minimum availability during cluster maintenance)
 podDisruptionBudget:
   enabled: true
-  minAvailable: 1
+  minAvailable: null
+  maxUnavailable: 1  
+  unhealthyPodEvictionPolicy: AlwaysAllow 
 
 # Monitoring integration with Prometheus
 monitoring:
diff --git a/helm/sim/templates/poddisruptionbudget.yaml b/helm/sim/templates/poddisruptionbudget.yaml
new file mode 100644
index 0000000000..641d50bbf5
--- /dev/null
+++ b/helm/sim/templates/poddisruptionbudget.yaml
@@ -0,0 +1,52 @@
+{{- if and .Values.podDisruptionBudget.enabled .Values.app.enabled }}
+{{- with .Values.podDisruptionBudget }}
+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: {{ include "sim.fullname" $ }}-app-pdb
+  namespace: {{ $.Release.Namespace }}
+  labels:
+    {{- include "sim.app.labels" $ | nindent 4 }}
+spec:
+  {{- if .minAvailable }}
+  minAvailable: {{ .minAvailable }}
+  {{- else if .maxUnavailable }}
+  maxUnavailable: {{ .maxUnavailable }}
+  {{- else }}
+  maxUnavailable: 1
+  {{- end }}
+  {{- if .unhealthyPodEvictionPolicy }}
+  unhealthyPodEvictionPolicy: {{ .unhealthyPodEvictionPolicy }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "sim.app.selectorLabels" $ | nindent 6 }}
+{{- end }}
+{{- end }}
+{{- if and .Values.podDisruptionBudget.enabled .Values.realtime.enabled }}
+{{- with .Values.podDisruptionBudget }}
+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: {{ include "sim.fullname" $ }}-realtime-pdb
+  namespace: {{ $.Release.Namespace }}
+  labels:
+    {{- include "sim.realtime.labels" $ | nindent 4 }}
+spec:
+  {{- if .minAvailable }}
+  minAvailable: {{ .minAvailable }}
+  {{- else if .maxUnavailable }}
+  maxUnavailable: {{ .maxUnavailable }}
+  {{- else }}
+  maxUnavailable: 1
+  {{- end }}
+  {{- if .unhealthyPodEvictionPolicy }}
+  unhealthyPodEvictionPolicy: {{ .unhealthyPodEvictionPolicy }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "sim.realtime.selectorLabels" $ | nindent 6 }}
+{{- end }}
+{{- end }}
diff --git a/helm/sim/values.yaml b/helm/sim/values.yaml
index 73ed5bf957..81dd162e6b 100644
--- a/helm/sim/values.yaml
+++ b/helm/sim/values.yaml
@@ -495,9 +495,20 @@ autoscaling:
   behavior: {}
 
 # Pod disruption budget
+# Note: PDBs only protect against voluntary disruptions (node drains, autoscaler)
+# They do NOT affect rolling updates - use deployment.strategy.rollingUpdate for that
 podDisruptionBudget:
   enabled: false
-  minAvailable: 1
+  # Use either minAvailable or maxUnavailable (not both)
+  # Recommendation: Use maxUnavailable as it scales better with HPA
+  # - minAvailable: minimum pods that must remain available (e.g., 1, "50%")
+  # - maxUnavailable: maximum pods that can be unavailable (e.g., 1, "25%")
+  minAvailable: null
+  maxUnavailable: 1
+  # unhealthyPodEvictionPolicy: allows eviction of unhealthy pods during node drains
+  # Options: IfHealthyBudget (default) | AlwaysAllow (recommended for production)
+  # Set to null to use K8s default (IfHealthyBudget)
+  unhealthyPodEvictionPolicy: null
 
 # Monitoring configuration
 monitoring: