DOCS-670: Add pod scheduling and HA guidance for Gateway and Injector Helm charts

[harrison-akeyless]

Summary

Adds Kubernetes pod scheduling and high availability documentation for the Akeyless Gateway and Kubernetes Secrets Injector Helm charts.

Jira: DOCS-670

Changes

gateway-best-practices.md

• Added new ## Pod scheduling for high availability (Kubernetes) section
• Recommends topologySpreadConstraints and pod anti-affinity for multi-pod deployments
• Includes links to Kubernetes docs and cloud provider docs (AWS, Azure, GCP, OCI, and on-premises guidance)
• Provides a generic, platform-agnostic YAML example
• Links to the Helm Values Reference for full chart options

gateway-kubernetes-helm-values-reference.md

• Added new ### Pod Scheduling section under ## Operational Settings
• Documents gateway.deployment.nodeSelector, gateway.deployment.tolerations, gateway.deployment.affinity, and gateway.deployment.topologySpreadConstraints with YAML examples
• Clarifies that topologySpreadConstraints in the Gateway chart requires affinity.enabled: true
• Cross-references the best practices page

akeyless-kubernetes-secrets-injector.md

• Added new ## Pod scheduling for high availability section for the akeyless-k8s-secrets-injection chart
• Documents Injector-specific schema differences (enabled/data sub-keys for tolerations and topologySpreadConstraints)
• Clarifies that Injector topologySpreadConstraints is independent of affinity.enabled
• Cross-references the Gateway best practices page

Validation

• markdownlint: clean (one unavoidable false positive on existing product page link text)
• cspell: clean

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds documentation and spellcheck dictionary entries for Kubernetes pod scheduling (nodeSelector, tolerations, affinity, topologySpreadConstraints) across Gateway and Injector Helm values and best-practices docs; also a minor wording change from "segregation" to "isolation".

Changes

Kubernetes Pod Scheduling Documentation

Layer / File(s)	Summary
Dictionary Support .cspell/akeyless-standard-dictionary.txt	Added tolerations (ensures blockquotes present).
Helm Values Reference (API/Data Shape) docs/Akeyless Gateway/deploy-gateway/gateway-deploy-kubernetes-helm/gateway-kubernetes-helm-values-reference.md	Added "Pod Scheduling" section documenting gateway.deployment.nodeSelector, gateway.deployment.tolerations, gateway.deployment.affinity (including affinity.enabled: true rendering note and soft pod anti-affinity example), and gateway.deployment.topologySpreadConstraints with YAML examples and references.
Best Practices Guidance docs/Akeyless Gateway/gateway-best-practices.md	Inserted "Pod scheduling for high availability (Kubernetes)" recommending topologySpreadConstraints and pod anti-affinity, provider links, and a Helm values.yaml snippet (replicaCount, affinity.enabled, podAntiAffinity, topologySpreadConstraints).
Injector Documentation / Schema Notes docs/Integrations & Plugins/plugins-overview/kubernetes-plugins/akeyless-kubernetes-secrets-injector.md	Replaced "segregation" with "isolation" in Overview. Added "Pod scheduling for high availability" section describing Injector deployment scheduling keys and schema differences vs Gateway (tolerations/topologySpreadConstraints use enabled/data; topologySpreadConstraints renders independently) plus a values.yaml example using release-name labelSelector.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Suggested reviewers

• EldadH89
• lidorb-akeyless

Poem

🐰 I hopped through docs and lines so neat,
I planted tolerations at each pod's feet,
With spread and affinity they roam,
Finding balances, making homes,
A guide in springtime—HA and sweet. 🌿

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title directly and accurately summarizes the main change: adding pod scheduling and high-availability guidance for both Gateway and Injector Helm charts.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch v1.0_docs-670-gateway-pod-scheduling

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@docs/Akeyless` Gateway/gateway-best-practices.md:
- Around line 83-87: Update the listed cloud-service references to expand each
acronym on first use in this section by replacing or augmenting the short form
with the full service name (e.g., change "EKS" to "Amazon Elastic Kubernetes
Service (EKS)", "AKS" to "Azure Kubernetes Service (AKS)", "GKE" to "Google
Kubernetes Engine (GKE)", "OCI/OKE" to "Oracle Cloud Infrastructure (OCI) /
Oracle Kubernetes Engine (OKE)"), ensuring the short acronyms remain in
parentheses for subsequent readability in the bullet list.

In `@docs/Integrations` &
Plugins/plugins-overview/kubernetes-plugins/akeyless-kubernetes-secrets-injector.md:
- Line 27: Change the phrase "high level" to the hyphenated compound adjective
"high-level" in the sentence that begins "Although authorization in Kubernetes
is intentionally high level," so it reads "Although authorization in Kubernetes
is intentionally high-level," to follow compound-adjective hyphenation and
documentation style; no other wording changes needed.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 73373b18-15fc-4de0-852e-e7278c644336

📥 Commits

Reviewing files that changed from the base of the PR and between 8c1ebd1 and e2652bc.

📒 Files selected for processing (4)

• .cspell/akeyless-standard-dictionary.txt
• docs/Akeyless Gateway/deploy-gateway/gateway-deploy-kubernetes-helm/gateway-kubernetes-helm-values-reference.md
• docs/Akeyless Gateway/gateway-best-practices.md
• docs/Integrations & Plugins/plugins-overview/kubernetes-plugins/akeyless-kubernetes-secrets-injector.md