diff --git a/charts/osdfir-infrastructure/Chart.lock b/charts/osdfir-infrastructure/Chart.lock
index 1a27878e..46b45741 100644
--- a/charts/osdfir-infrastructure/Chart.lock
+++ b/charts/osdfir-infrastructure/Chart.lock
@@ -7,12 +7,12 @@ dependencies:
   version: 2.2.6
 - name: openrelik
   repository: file://charts/openrelik
-  version: 2.2.7
+  version: 2.2.8
 - name: grr
   repository: file://charts/grr
   version: 2.3.1
 - name: hashr
   repository: file://charts/hashr
   version: 2.0.1
-digest: sha256:a8aa83d96cc62b3b01b0ef6d057bdbee97ecbe8c091fcc2725760505d4839e89
-generated: "2026-02-11T11:04:05.246129-08:00"
+digest: sha256:cf52f78d2ed4ee1afea63b72e5aea03bd9e844d4c594ba6aad582edd4cbfc721
+generated: "2026-02-11T12:17:21.89324-08:00"
diff --git a/charts/osdfir-infrastructure/Chart.yaml b/charts/osdfir-infrastructure/Chart.yaml
index 35c5caa8..89dc8a7b 100644
--- a/charts/osdfir-infrastructure/Chart.yaml
+++ b/charts/osdfir-infrastructure/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: osdfir-infrastructure
-version: 2.8.0
+version: 2.8.1
 description: A Helm chart for Open Source Digital Forensics Kubernetes deployments.
 keywords:
 - timesketch
@@ -22,7 +22,7 @@ dependencies:
 - condition: global.openrelik.enabled
   name: openrelik
   repository: file://charts/openrelik
-  version: 2.2.7
+  version: 2.2.8
 - condition: global.grr.enabled
   name: grr
   repository: file://charts/grr
diff --git a/charts/osdfir-infrastructure/charts/openrelik/Chart.yaml b/charts/osdfir-infrastructure/charts/openrelik/Chart.yaml
index 25a3ab00..134c38b3 100644
--- a/charts/osdfir-infrastructure/charts/openrelik/Chart.yaml
+++ b/charts/osdfir-infrastructure/charts/openrelik/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: openrelik
-version: 2.2.7
+version: 2.2.8
 description: A Helm chart for Openrelik Kubernetes deployments.
 keywords:
 - openrelik
diff --git a/charts/osdfir-infrastructure/charts/openrelik/templates/worker-deployment.yaml b/charts/osdfir-infrastructure/charts/openrelik/templates/worker-deployment.yaml
index e3c43f13..88bb6d69 100644
--- a/charts/osdfir-infrastructure/charts/openrelik/templates/worker-deployment.yaml
+++ b/charts/osdfir-infrastructure/charts/openrelik/templates/worker-deployment.yaml
@@ -15,6 +15,8 @@ spec:
       app.kubernetes.io/component: worker
   template:
     metadata:
+      annotations:
+        cluster-autoscaler.kubernetes.io/safe-to-evict: "false"
       labels:
         app.kubernetes.io/name: openrelik
         app.kubernetes.io/component: worker
@@ -32,12 +34,13 @@ spec:
       {{- if $.Values.config.enableServiceAccount }}
       serviceAccountName: openrelik
       {{- end }}
+      terminationGracePeriodSeconds: {{ $.Values.config.terminationGracePeriodSeconds }}
       containers:
         - name: worker
           image: {{ .image | quote }}
           imagePullPolicy: {{ $.Values.config.imagePullPolicy }}
           command: ["/bin/sh", "-c"]
-          args: ["{{ .command }}"]
+          args: ["exec {{ .command }}"]
           terminationMessagePath: /tmp/termination-log
           securityContext:
             privileged: {{ .privileged }}
diff --git a/charts/osdfir-infrastructure/charts/openrelik/values.yaml b/charts/osdfir-infrastructure/charts/openrelik/values.yaml
index ac50495f..481e7f62 100644
--- a/charts/osdfir-infrastructure/charts/openrelik/values.yaml
+++ b/charts/osdfir-infrastructure/charts/openrelik/values.yaml
@@ -295,15 +295,7 @@ workers:
 - name: openrelik-worker-grep
   image: ghcr.io/openrelik/openrelik-worker-grep:latest
   command: "celery --app=src.app worker --task-events --concurrency=1 --loglevel=INFO -Q openrelik-worker-grep"
-  privileged: false
-  replicas: 1
-  env: {}
-  resources: {}
-  nodeSelector: {}
-- name: openrelik-worker-hayabusa
-  image: ghcr.io/openrelik/openrelik-worker-hayabusa:latest
-  command: "celery --app=src.app worker --task-events --concurrency=1 --loglevel=INFO -Q openrelik-worker-hayabusa"
-  privileged: false
+  privileged: true
   replicas: 1
   env: {}
   resources: {}
@@ -364,7 +356,10 @@ config:
   imagePullPolicy: Always
   ## @param config.gkeAllowList Specify a GKE Autopilot allowlist for OpenRelik privileged workers to use
   ##
-  gkeAllowList: "openrelik-privileged-workers-v3.0.0"
+  gkeAllowList: "openrelik-privileged-workers-v4.0.0"
+  ## @param config.terminationGracePeriodSeconds The number of seconds to wait before K8s forcefully terminates a OpenRelik worker Pod
+  ##
+  terminationGracePeriodSeconds: 600
   ## OpenRelik nbd init container configuration for OpenRelik containers that require the nbd module.
   ## Only enable this container when you need to load the nbd kernel module to the underlying node.
   ##