Pod status show ErrImagePull  

Describe pod may show below similar error messages 

  Normal   Pulling    36s (x3 over 118s)  kubelet            Pulling image "<image-name>"
  Warning  Failed     16s (x3 over 98s)   kubelet            Error: ErrImagePull
  Warning  Failed     98s                 kubelet            Failed to pull image "<image-name>": failed to pull and unpack image "<registry-name/imagepath>": failed to resolve reference "<registry-name/imagepath>": failed to do request: Head "https://<registry-name/imagepath>": dial tcp: lookup <registry-name> on 127.0.0.53:53: read udp 127.0.0.53:53: i/o timeout

You may encounter image pull failure's with error messages similar to the following:

[ ~ ]# crictl pull <registry-name/imagepath>
 "PullImage from image service failed" err="rpc error: code = Unknown desc = failed to pull and unpack image \"<registry-name/imagepath>": failed to resolve reference \"<registry-name/imagepath>": pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed" image="<registry-name/imagepath>"
FATA[0022] pulling image: failed to pull and unpack image "<registry-name/imagepath>": failed to resolve reference "<registry-name/imagepath>": pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed

This error usually indicates an issue on the registry or server side, such as:

• Network connectivity issues between the node and the registry
• The registry is temporarily down or the requested content is unavailable

• Find and resolve any DNS or resolution issues from node to the registry
• Ensure that all necessary firewall rules are updated, allowing access to public container image repositories from the environment. The registry domains should be whitelisted. If firewall rules are configured correctly and the issue persists, contact Broadcom Support for further assistance