feat(infra,helm): add zero-downtime spot instance support for AWS and Azure

karimzakzouk · karimzakzouk · commit 76f39fe4e196 · 2025-11-01T16:57:08.000+02:00
diff --git a/backend/helm-chart/templates/deployment.yaml b/backend/helm-chart/templates/deployment.yaml
@@ -11,6 +11,11 @@ spec:
   selector:
     matchLabels:
       {{- include "hankers-backend.selectorLabels" . | nindent 6 }}
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 0
   template:
     metadata:
       labels:
@@ -20,6 +25,16 @@ spec:
         # Force pod restart on upgrade by adding timestamp
         rollme: {{ randAlphaNum 5 | quote }}
     spec:
+      terminationGracePeriodSeconds: 30
+      affinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - weight: 100
+              podAffinityTerm:
+                labelSelector:
+                  matchLabels:
+                    {{- include "hankers-backend.selectorLabels" . | nindent 20 }}
+                topologyKey: kubernetes.io/hostname
       {{- if .Values.migration.enabled }}
       initContainers:
       - name: migrate
@@ -36,6 +51,10 @@ spec:
       - name: backend
         image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
         imagePullPolicy: {{ .Values.image.pullPolicy }}
+        lifecycle:
+          preStop:
+            exec:
+              command: ["/bin/sh", "-c", "sleep 5"]
         ports:
         - name: http
           containerPort: {{ .Values.service.targetPort }}
diff --git a/backend/helm-chart/templates/poddisruptionbudget.yaml b/backend/helm-chart/templates/poddisruptionbudget.yaml
@@ -0,0 +1,12 @@
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: {{ include "hankers-backend.fullname" . }}-pdb
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "hankers-backend.labels" . | nindent 4 }}
+spec:
+  minAvailable: 1
+  selector:
+    matchLabels:
+      {{- include "hankers-backend.selectorLabels" . | nindent 6 }}
diff --git a/backend/helm-chart/values.yaml b/backend/helm-chart/values.yaml
@@ -1,4 +1,4 @@
-replicaCount: 1
+replicaCount: 2
 
 image:
   repository: karimzakzouk/backend
diff --git a/frontend/helm-chart/templates/deployment.yaml b/frontend/helm-chart/templates/deployment.yaml
@@ -11,6 +11,11 @@ spec:
   selector:
     matchLabels:
       {{- include "hankers-frontend.selectorLabels" . | nindent 6 }}
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 0
   template:
     metadata:
       labels:
@@ -20,10 +25,24 @@ spec:
         # Force pod restart on upgrade by adding timestamp
         rollme: {{ randAlphaNum 5 | quote }}
     spec:
+      terminationGracePeriodSeconds: 30
+      affinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - weight: 100
+              podAffinityTerm:
+                labelSelector:
+                  matchLabels:
+                    {{- include "hankers-frontend.selectorLabels" . | nindent 20 }}
+                topologyKey: kubernetes.io/hostname
       containers:
       - name: frontend
         image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
         imagePullPolicy: {{ .Values.image.pullPolicy }}
+        lifecycle:
+          preStop:
+            exec:
+              command: ["/bin/sh", "-c", "sleep 5"]
         ports:
         - name: http
           containerPort: {{ .Values.service.targetPort }}
diff --git a/frontend/helm-chart/templates/poddisruptionbudget.yaml b/frontend/helm-chart/templates/poddisruptionbudget.yaml
@@ -0,0 +1,12 @@
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: {{ include "hankers-frontend.fullname" . }}-pdb
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "hankers-frontend.labels" . | nindent 4 }}
+spec:
+  minAvailable: 1
+  selector:
+    matchLabels:
+      {{- include "hankers-frontend.selectorLabels" . | nindent 6 }}
diff --git a/frontend/helm-chart/values.yaml b/frontend/helm-chart/values.yaml
@@ -1,4 +1,4 @@
-replicaCount: 1
+replicaCount: 2
 
 image:
   repository: karimzakzouk/frontend
diff --git a/infra/development/terraform/main.tf b/infra/development/terraform/main.tf
@@ -38,16 +38,52 @@ resource "azurerm_kubernetes_cluster" "main" {
 
   default_node_pool {
     name       = "default"
-    node_count = 1
+    node_count = 1  # Keep 1 on-demand for stateful services
     vm_size    = "Standard_B2s"
   }
 
   identity {
     type = "SystemAssigned"
   }
+  
+  # Enable cluster autoscaler
+  automatic_channel_upgrade = "stable"
+
+  tags = {
+    Environment = "Development"
+  }
+}
 
+# Spot Node Pool for cost savings (70% cheaper)
+resource "azurerm_kubernetes_cluster_node_pool" "spot" {
+  name                  = "spot"
+  kubernetes_cluster_id = azurerm_kubernetes_cluster.main.id
+  vm_size              = "Standard_B2s"
+  
+  # Spot configuration
+  priority        = "Spot"
+  eviction_policy = "Delete"
+  spot_max_price  = -1  # Pay up to regular price (usually 70-90% off)
+  
+  # Auto-scaling configuration
+  enable_auto_scaling = true
+  min_count          = 0  # Scale to zero when not needed
+  max_count          = 2
+  
+  # Taints for spot-tolerant workloads only
+  node_taints = [
+    "kubernetes.azure.com/scalesetpriority=spot:NoSchedule"
+  ]
+  
+  # Labels to identify spot nodes
+  node_labels = {
+    "kubernetes.azure.com/scalesetpriority" = "spot"
+    "node-type"                             = "spot"
+  }
+  
   tags = {
     Environment = "Development"
+    NodeType    = "Spot"
   }
 }
 
diff --git a/infra/production/terraform/modules/rds/main.tf b/infra/production/terraform/modules/rds/main.tf
@@ -70,8 +70,9 @@ resource "aws_db_parameter_group" "postgres" {
 
   # Enable required PostgreSQL extensions (matching dev environment)
   parameter {
-    name  = "shared_preload_libraries"
-    value = "pg_stat_statements"
+    name         = "shared_preload_libraries"
+    value        = "pg_stat_statements"
+    apply_method = "pending-reboot"  # Static parameter requires DB restart
   }
 
   tags = merge(
@@ -110,8 +111,9 @@ resource "aws_db_instance" "main" {
   backup_window           = var.backup_window
   maintenance_window      = var.maintenance_window
 
-  skip_final_snapshot = var.skip_final_snapshot
-  deletion_protection = var.deletion_protection
+  skip_final_snapshot       = var.skip_final_snapshot
+  final_snapshot_identifier = var.skip_final_snapshot ? null : "${var.project_name}-db-final-snapshot-${formatdate("YYYY-MM-DD-hhmm", timestamp())}"
+  deletion_protection       = var.deletion_protection
 
   performance_insights_enabled = var.performance_insights_enabled
 

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-replicaCount: 1`
	`1`	`+replicaCount: 2`
`2`	`2`
`3`	`3`	`image:`
`4`	`4`	`repository: karimzakzouk/backend`