diff --git a/manifests/database-local-service.yaml b/manifests/database-local-service.yaml
new file mode 100644
index 0000000..ac854d9
--- /dev/null
+++ b/manifests/database-local-service.yaml
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    cnpg.io/cluster: zitadel-db
+  name: zitadel-db-local
+  namespace: zitadel
+spec:
+  internalTrafficPolicy: Local
+  ports:
+    - name: postgres
+      port: 5432
+      protocol: TCP
+      targetPort: 5432
+  selector:
+    cnpg.io/cluster: zitadel-db
+    cnpg.io/instanceRole: primary
diff --git a/manifests/database.yaml b/manifests/database.yaml
index 88d3d9a..a7f29fa 100644
--- a/manifests/database.yaml
+++ b/manifests/database.yaml
@@ -54,3 +54,11 @@ spec:
 
   monitoring:
     enablePodMonitor: true
+
+  topologySpreadConstraints:
+    - maxSkew: 1
+      topologyKey: zone
+      whenUnsatisfiable: DoNotSchedule
+      labelSelector:
+        matchLabels:
+          cnpg.io/cluster: zitadel-db
diff --git a/manifests/deployment.yaml b/manifests/deployment.yaml
index 283ca90..81db1a6 100644
--- a/manifests/deployment.yaml
+++ b/manifests/deployment.yaml
@@ -15,6 +15,20 @@ spec:
         spec:
             hostname: zitadel
             subdomain: zitadel
+            affinity:
+              podAffinity:
+                requiredDuringSchedulingIgnoredDuringExecution:
+                  - labelSelector:
+                      matchExpressions:
+                        - key: cnpg.io/cluster
+                          operator: In
+                          values:
+                            - zitadel-db
+                        - key: cnpg.io/instanceRole
+                          operator: In
+                          values:
+                            - primary
+                    topologyKey: "kubernetes.io/hostname"
             containers:
               - name: zitadel
                 image: ghcr.io/zitadel/zitadel:v2.71.1
@@ -29,7 +43,7 @@ spec:
                   - containerPort: 8080
                 env:
                   - name: ZITADEL_DATABASE_POSTGRES_HOST
-                    value: "zitadel-db-rw.zitadel.svc.cluster.local"
+                    value: "zitadel-db-local.zitadel.svc.cluster.local"
                   - name: ZITADEL_DATABASE_POSTGRES_PORT
                     value: "5432"
                   - name: ZITADEL_DATABASE_POSTGRES_DATABASE
diff --git a/manifests/kustomization.yaml b/manifests/kustomization.yaml
index a7cdb13..bf5a405 100644
--- a/manifests/kustomization.yaml
+++ b/manifests/kustomization.yaml
@@ -8,5 +8,6 @@ resources:
   - ingress.yaml
   - database.yaml
   - database-backup.yaml
+  - database-local-service.yaml
   - configmap.yaml
   - deployment.yaml