The following error is seen when scheduling a Pod within a guest cluster context:

$ kubectl apply -f TestPod.yaml
Error when creating "TestPod.yaml": admission webhook "default.validating.license.supervisor.vmware.com" denied the request: workload management cluster uses vSphere Networking, which does not support action on kind Pod

Additionally,

• After successful kubectl-vsphere login to a guest cluster, the guest cluster's context shows Supervisor Cluster IP instead of its own.
• Even with a guest cluster context, 'kubectl' command actually runs against Supervisor context.

vSphere with Tanzu

vSphere with Tanzu with vDS Networking

When 'kubectl vsphere login' is run against a specific cluster in a specific vsphere namespace, it'll create a few kubernetes contexts. Among them are, guest cluster context & vsphere namespace context.

If the guest cluster name & the vsphere namespace name are the same, then the vsphere namespace context will overwrite the guest cluster context.

Under this situation, kubectl command will run with the vsphere namespace context which is actually the Supervisor cluster context.

Ensure that the cluster name is different to the vSphere namespace it belongs to.