FEAT(security): enable HA with replica 2 and soft anti-affinity

- Add replicaCount: 2 to authelia, external-secrets, falco
- Add soft pod anti-affinity for node distribution
- Configure affinity for all security components

falco/helm-values.yaml

@@ -121,7 +121,7 @@ grafanaDashboard:
 falcosidekick:
   enabled: true
   fullfqdn: false
-  replicaCount: 1
+  replicaCount: 2
 
   resources:
     requests:
@@ -154,6 +154,17 @@ falcosidekick:
   webui:
     enabled: false
 
+  # Affinity - Soft Anti-Affinity to spread pods across nodes
+  affinity:
+    podAntiAffinity:
+      preferredDuringSchedulingIgnoredDuringExecution:
+        - weight: 100
+          podAffinityTerm:
+            labelSelector:
+              matchLabels:
+                app.kubernetes.io/name: falcosidekick
+            topologyKey: kubernetes.io/hostname
+
 # RBAC
 rbac:
   create: true