Creating local registry will fail on bastion, if Internet access is only possible with proxy

[torwen1]

I did some tests in an environment, where Internet access is only possible with a proxy. The proxy feature itself has been already implemented some time ago and works fine.

It just stops working in the situation when I enable enable_local_registry = true,
The problem is that the registry package cannot be downloaded by the installed and activated systemd service local-registry.service.

This service downloads the registry package on it's first start and systemd ignores the *_PROXY environment variables.
The fix is to add the proxy in the service file:
cat /etc/systemd/system/local-registry.service
[Unit]
Description=OpenShift Registry for HelperNode
After=network.target syslog.target

[Service]
Environment=ftp_proxy="http://:3128/" # PROXY FIX
Environment=http_proxy="http://:3128/" # PROXY FIX
Environment=https_proxy="http://:3128/" # PROXY FIX
Type=simple
TimeoutStartSec=5m
ExecStartPre=-/usr/bin/podman rm "local-registry"

ExecStart=/usr/bin/podman run --name local-registry -p 5000:5000
-v /opt/registry/data:/var/lib/registry:z
-v /opt/registry/auth:/auth:z
-e "REGISTRY_AUTH=htpasswd"
-e "REGISTRY_AUTH_HTPASSWD_REALM=Realm"
-e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd
-v /opt/registry/certs:/certs:z
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt
-e REGISTRY_HTTP_TLS_KEY=/certs/domain.pem
docker.io/ppc64le/registry:2

ExecReload=-/usr/bin/podman stop "local-registry"
ExecReload=-/usr/bin/podman rm "local-registry"
ExecStop=-/usr/bin/podman stop "local-registry"
Restart=always
RestartSec=30

[Install]
WantedBy=multi-user.target

The service file is provided by ocp4-helpernode, so I will also open a feature request for this project.
Reference: redhat-cop/ocp4-helpernode#247

[torwen1]

Linked issue on ocp4-helpernode got closed without any further comment. So, I will close this one too because without the change in helpernode, it will not get fixed.