Harbor Minimalist Build Guide

Harbor Minimalist Build Guide


   Docker: 20.10.12

   Docker-compose: 1.29.2

   Harbor: 2.4.1


1.1 Install Docker and Docker Compose


Please refer directly to the official website. Here is an example on CentOS only:

sudo yum install -y yum-utils

sudo yum-config-manager \

    --add-repo \


sudo yum install docker-ce docker-ce-cli containerd.io

sudo systemctl start docker

sudo systemctl enable docker


sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose

sudo chmod +x /usr/local/bin/docker-compose


1.2 Install OpenSSL


Here is an example for CentOS only:

yum install -y openssl


2. Install Harbor


The official website provides two installation modes, online installation package or offline installation package. The difference is that the offline installation package contains images, while the online version goes to Docker Hub to pull the images during installation. We use the offline installation package here.

wget https://github.com/goharbor/harbor/releases/download/v2.4.1/harbor-offline-installer-v2.4.1.tgz

tar zxvf harbor-offline-installer-v2.4.1.tgz

cd harbor

In the harbor folder, you can see a file harbor.yml.tmpl, which is the configuration information of Harbor. Let’s copy a copy and modify it (only the modified part is shown below):

cp harbor.yml.tmpl harbor.yml


# Configuration file of Harbor


# The IP address or hostname to access admin UI and registry service.

# DO NOT use localhost or, because Harbor needs to be accessed by external clients.

- hostname: reg.mydomain.com

+ hostname: your.domain.com (self-designated)


# http related config


  # port for http, default is 80. If https enabled, this port will redirect to https port

  port: 80


# https related config

# Disable HTTPS directly

- https:

+ # https:

  # https port for harbor, default is 443

- port: 443

+ # port: 443

  # The path of cert and key files for nginx

- certificate: /your/certificate/path

- private_key: /your/private/key/path

+ # certificate: /your/certificate/path

+ # private_key: /your/private/key/path


# # Uncomment following will enable tls communication between all harbor components

# internal_tls:

#   # set enabled to true means internal tls is enabled

#   enabled: true

#   # put your cert and key files on dir

#   dir: /etc/harbor/tls/internal


# Uncomment external_url if you want to enable external proxy

# And when it enabled the hostname will no longer used

# external_url: https://reg.mydomain.com:8433


# The initial password of Harbor admin

# It only works in first time to install harbor

# Remember Change the admin password from UI after launching Harbor.

- harbor_admin_password: Harbor12345

+ harbor_admin_password: yourPassword (self-designated)


After modification, run ./install.sh directly, and wait for Docker Compose to complete. After the deployment is complete, you can use port 80 of this machine to see the Harbor interface. To enable Helm Chart's management functionality, use ./install.sh --with-chartmuseum.


3. Login and usage method


On the local machine where Harbor is installed, you can directly configure it in /etc/hosts, add the hostname you defined in the configuration file after, and then use the following command to log in directly:

docker login -u admin -p yourPassword http://your.domain.com

The above password and hostname need to be replaced by yourself.


If you log in from another machine, you still need to configure /etc/hosts first, and point hostname to the IP of the machine where Harbor is installed. When logging in, you may encounter the following situations:

$ docker login -u admin -p yourPassword http://your.domain.com

Error response from daemon: Get https://your.domain.com/v2/: dial tcp xxx.xxx.xxx.xxx:443: connect: connection refused

The reason is that access to HTTPS is denied (we only configure HTTP), and security verification needs to be turned off. Modify /etc/docker/daemon.json and add the following content:


+ "insecure-registries": ["your.domain.com:port", ""]

If it is port 80, the port part can be ignored. After modification, restart Docker:

sudo systemctl restart docker

If necessary, Harbor can be restarted on the machine where Harbor is installed:

cd harbor

docker-compose down -v

docker-compose up -d

Log in again to use normally. It should be noted that when using Harbor, the image needs to follow the following format:

# Docker


docker push your.domain.com/PROJECT_NAME/REPOSITORY[:TAG]

docker pull your.domain.com/PROJECT_NAME/REPOSITORY[:TAG]


# Helm

helm repo add --username admin --password ADMIN_PASSWORD harbor http://your.domain.com/chartrepo/

helm plugin install https://github.com/chartmuseum/helm-push

helm cm-push CHART_PATH --version="CHART_VERSION" harbor

helm repo update

helm search repo CHART_PATH


Among them, PROJECT_NAME is the name of the project you created in Harbor UI, CHART_PATH is the path to store the Helm Chart, CHART_NAME is the name of the Chart searched after using helm search, and RELEASE_NAME is the custom name after Helm deployment.




You must be logged in to post a comment.

About Author

This guy is lazy and left nothing behind.