Unable to pull images from a private container registry (e.g., Harbor) in a vSphere Supervisor-managed TKG Service Cluster.
Customers encounter image pull errors or TLS/certificate trust issues when using a registry with a self-signed or custom certificate.

vSphere 8.x

To resolve this, follow the Broadcom documentation to integrate the private container registry with your TKG Service cluster using the v1beta1 Cluster API or v1alpha3 API.

This involves creating an image pull secret in the same namespace as the workload cluster and referencing it in the Cluster resource definition under the spec.settings.trust section. This allows the cluster nodes to authenticate and pull images securely from the registry.

Refer to the official documentation for the full YAML example and configuration details:

v1alpha3 Cluster API - Follow docs 
v1beta1 Cluster API- Follow docs