• VKS (vSphere Kubernetes Service) Control plane nodes are unable to resolve or reach projects.packages.broadcom.com which results in the pods to go into a failed state with error "ErrImagePull"
• Connecting to the control plane node and doing ping/nslookup to the external DNS server from the control plane node workload interface fails, but works from the management interface.
• If DNS resolution is successful, the Control plane nodes may fail to connect to projects.packages.broadcom.com using curl command via the workload interface:
  
  curl -v --interface eth1 https://projects.packages.broadcom.com 
  
  
• Egress networking is configured and populated in the gateway NAT.

VMware NSX

VMware VKS

• The eth1 (workload interface) will be used to fetch the file from projects.packages.broadcom.com , and must have reachability to the URL.
• The egress subnet is not getting published to the external router, however, the NSX T0 is redistributing the egress network.

Review the physical networking to ensure the egress networking is being properly propagated and the URL is reachable from the translated subnet of workload domain.