Supervisor cluster inheriting the proxy from vCenter fails to register with TMC Self Managed. The following errors can be observed in the tmc-agent-installer pod logs and the pods will be in Error State.

{"error":"download and apply registration link, attempt: 2: download manifest from link: get registration link: Get \"https://tmc-xxxxxxxxxxx/agent/v1alpha1/managementclusters:manifest/mc:01J69R6J7FJC87J1NWXD2994DK\": x509: certificate signed by unknown authority","extension":"tmc-agent-installer","level":"fatal","msg":"process of install / uninstall","time":"2024-08-27T11:20:06Z"}

Tanzu Mission Control Self Managed 1.3.1

The Supervisor inherits the proxy from the vCenter which prevents the communication between the Supervisor cluster and TMC-SM resulting in Installer pods not being able to pull the images from the TMC-SM resulting in supervisor failing to register to TMC-SM.

The following workaround can be applied in order to establish the connection between the TMC-SM and Supervisor cluster.

1. We can add the TMC(FQDN) and Harbor URL to the noProxy list from the DCLI. 

dcli> 
namespacemanagement clusters update --cluster domain-xxxxx
--cluster-proxy-config-proxy-settings-source CLUSTER_CONFIGURED 
--cluster-proxy-config-http-proxy-confighttp://xxxxxxxxxxx:8080 
--cluster-proxy-config-https-proxy-confighttp://xxxxxxx:8080 
--cluster-proxy-config-no-proxy-config "localhost,10.0.0.0/8,tmc.fqdn.com,harbor-xxxxxx.com

2. From the TMC-UI we can follow the procedure to register the management cluster -> Click Administration -> Management Clusters tab -> Register Management Cluster tab -> Choose  vSphere with Tanzu.


3. On the Register page, provide a name for the management cluster, and select a default cluster group for workload clusters. 

4. You can optionally provide a description and labels for the management cluster.

5. Click to toggle the Set proxy option to No.

6. Click Next. 

7. When you click Next, Tanzu Mission Control generates a YAML file that defines how the management cluster connects to Tanzu Mission Control for registration. You need to click View YAML to copy the code and manually apply this YAML instead of using the AgentInstall CRD on the supervisor clusters.

8. You need to change the namespace name with the TMC namespace present on the supervisor cluster (example - svc-tmc-c8) in the yaml obtained from TMC(Multiple occurrences of namespace is present on yaml and all of them needs to be changed). Once the namespace is set. You can apply this YAML on the supervisor cluster(This requires the admin kubeconfig). This will install all the agents required to register the Supervisor with TMC.