Use helm template + kubectl apply for CRD charts#2636
Use helm template + kubectl apply for CRD charts#2636caseydavenport wants to merge 1 commit intotigera:mainfrom
Conversation
The CRD Helm charts have grown large enough to exceed the 1MB Kubernetes Secret size limit that Helm uses for release tracking. Since CRDs don't need Helm release management, use helm template piped to kubectl apply --server-side instead. Fixes CORE-12633
❌ Deploy Preview for calico-docs-preview-next failed. Why did it fail? →
|
✅ Deploy Preview succeeded!Built without sensitive environment variables
To edit notification comments on pull requests, go to your Netlify project configuration. |
There was a problem hiding this comment.
Pull request overview
Updates Calico and Calico Enterprise installation docs to avoid Helm release tracking for CRD-only charts (which can exceed Helm’s 1MB Secret limit) by switching to rendering manifests with helm template and applying them via kubectl apply --server-side.
Changes:
- Replace
helm installfor CRD charts withhelm template ... | kubectl apply --server-side -f -. - Move
--create-namespacefrom the CRD step to the operatorhelm installstep in Calico Enterprise docs. - Adjust step wording from “Create” CRDs to “Install” CRDs.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 8 comments.
Show a summary per file
| File | Description |
|---|---|
| calico/operations/native-v3-crds.mdx | Switch v3 CRD installation to helm template + server-side apply. |
| calico/getting-started/kubernetes/helm.mdx | Switch v1/v3 CRD installation to helm template + server-side apply; wording update. |
| calico-enterprise/operations/native-v3-crds.mdx | Switch v3 CRD installation to helm template + server-side apply. |
| calico-enterprise/multicluster/.../create-a-management-cluster-helm.mdx | Switch CRD install to templating+apply; move namespace creation to operator install. |
| calico-enterprise/multicluster/.../create-a-managed-cluster-helm.mdx | Switch CRD install to templating+apply; move namespace creation to operator install. |
| calico-enterprise/getting-started/install-on-clusters/kubernetes/helm.mdx | Switch CRD install to templating+apply; add --create-namespace to operator install. |
|
|
||
| ```bash | ||
| helm install calico-crds projectcalico/projectcalico.org.v3 --version $[releaseTitle] --namespace tigera-operator | ||
| helm template calico-crds projectcalico/projectcalico.org.v3 --version $[releaseTitle] | kubectl apply --server-side -f - |
There was a problem hiding this comment.
helm template does not render resources from a chart’s crds/ directory unless --include-crds is specified. Since this step is intended to install CRDs, add --include-crds to the helm template command to ensure the CRDs are actually output (regardless of whether the chart stores CRDs under templates/ or crds/).
| helm template calico-crds projectcalico/projectcalico.org.v3 --version $[releaseTitle] | kubectl apply --server-side -f - | |
| helm template calico-crds projectcalico/projectcalico.org.v3 --version $[releaseTitle] --include-crds | kubectl apply --server-side -f - |
|
|
||
| ```bash | ||
| helm install calico-crds projectcalico/crd.projectcalico.org.v1 --version $[releaseTitle] --namespace tigera-operator | ||
| helm template calico-crds projectcalico/crd.projectcalico.org.v1 --version $[releaseTitle] | kubectl apply --server-side -f - |
There was a problem hiding this comment.
helm template does not render resources from a chart’s crds/ directory unless --include-crds is specified. Since this step is intended to install CRDs, add --include-crds to the helm template command to ensure the CRDs are actually output.
|
|
||
| ```bash | ||
| helm install calico-crds projectcalico/projectcalico.org.v3 --version $[releaseTitle] --namespace tigera-operator | ||
| helm template calico-crds projectcalico/projectcalico.org.v3 --version $[releaseTitle] | kubectl apply --server-side -f - |
There was a problem hiding this comment.
helm template does not render resources from a chart’s crds/ directory unless --include-crds is specified. Since this step is intended to install CRDs, add --include-crds to the helm template command to ensure the CRDs are actually output.
|
|
||
| ```bash | ||
| helm install calico-crds projectcalico/projectcalico.org.v3 --version $[releaseTitle] --namespace tigera-operator | ||
| helm template calico-crds projectcalico/projectcalico.org.v3 --version $[releaseTitle] | kubectl apply --server-side -f - |
There was a problem hiding this comment.
helm template does not render resources from a chart’s crds/ directory unless --include-crds is specified. Since this step is intended to install CRDs, add --include-crds to the helm template command to ensure the CRDs are actually output.
| helm template calico-crds projectcalico/projectcalico.org.v3 --version $[releaseTitle] | kubectl apply --server-side -f - | |
| helm template calico-crds projectcalico/projectcalico.org.v3 --version $[releaseTitle] --include-crds | kubectl apply --server-side -f - |
|
|
||
| ```bash | ||
| helm install calico-crds crd.projectcalico.org.v1-$[chart_version_name].tgz --namespace tigera-operator --create-namespace | ||
| helm template calico-crds crd.projectcalico.org.v1-$[chart_version_name].tgz | kubectl apply --server-side -f - |
There was a problem hiding this comment.
helm template does not render resources from a chart’s crds/ directory unless --include-crds is specified. Since this step is intended to install CRDs, add --include-crds to the helm template command to ensure the CRDs are actually output.
| helm template calico-crds crd.projectcalico.org.v1-$[chart_version_name].tgz | kubectl apply --server-side -f - | |
| helm template --include-crds calico-crds crd.projectcalico.org.v1-$[chart_version_name].tgz | kubectl apply --server-side -f - |
|
|
||
| ```bash | ||
| helm install calico-crds crd.projectcalico.org.v1-$[chart_version_name].tgz --namespace tigera-operator --create-namespace | ||
| helm template calico-crds crd.projectcalico.org.v1-$[chart_version_name].tgz | kubectl apply --server-side -f - |
There was a problem hiding this comment.
helm template does not render resources from a chart’s crds/ directory unless --include-crds is specified. Since this step is intended to install CRDs, add --include-crds to the helm template command to ensure the CRDs are actually output.
| helm template calico-crds crd.projectcalico.org.v1-$[chart_version_name].tgz | kubectl apply --server-side -f - | |
| helm template calico-crds crd.projectcalico.org.v1-$[chart_version_name].tgz --include-crds | kubectl apply --server-side -f - |
|
|
||
| ```bash | ||
| helm install calico-crds crd.projectcalico.org.v1-$[chart_version_name].tgz --namespace tigera-operator --create-namespace | ||
| helm template calico-crds crd.projectcalico.org.v1-$[chart_version_name].tgz | kubectl apply --server-side -f - |
There was a problem hiding this comment.
helm template does not render resources from a chart’s crds/ directory unless --include-crds is specified. Since this step is intended to install CRDs, add --include-crds to the helm template command to ensure the CRDs are actually output.
| helm template calico-crds crd.projectcalico.org.v1-$[chart_version_name].tgz | kubectl apply --server-side -f - | |
| helm template --include-crds calico-crds crd.projectcalico.org.v1-$[chart_version_name].tgz | kubectl apply --server-side -f - |
|
|
||
| ```bash | ||
| helm install calico-crds crd.projectcalico.org.v1-$[chart_version_name].tgz --namespace tigera-operator --create-namespace | ||
| helm template calico-crds crd.projectcalico.org.v1-$[chart_version_name].tgz | kubectl apply --server-side -f - |
There was a problem hiding this comment.
helm template does not render resources from a chart’s crds/ directory unless --include-crds is specified. Since this step is intended to install CRDs, add --include-crds to the helm template command to ensure the CRDs are actually output.
| helm template calico-crds crd.projectcalico.org.v1-$[chart_version_name].tgz | kubectl apply --server-side -f - | |
| helm template --include-crds calico-crds crd.projectcalico.org.v1-$[chart_version_name].tgz | kubectl apply --server-side -f - |
The CRD Helm charts have grown large enough to exceed the 1MB Kubernetes Secret size limit that Helm uses for release tracking. Since CRDs don't actually need Helm release management, this switches to
helm templatepiped tokubectl apply --server-sideinstead.Also moves
--create-namespaceto the operatorhelm installstep in the enterprise docs, since the CRD step no longer needs a namespace.Fixes CORE-12633