CI/CD with Jenkins – Part 4: Install and Configure Harbor

What is Harbor

VMware Harbor repository is an enterprise-class registry server that stores and distributes container images. Harbor allows you to store and manage images on-premise environment.


Docker: for docker installation, please refer to ‘Install Docker‘ Part in previous article.

Install docker-composer

Install and upgrade python-pip

yum -y install python3-pip python-devel python3
pip3 install --upgrade pip

optional: set up pip source. if you have better network speed to official source, you can skip this step.

vim ~/.pip/pip.conf

update following info

index-url =
trusted-host =

install docker-compose

pip3 install docker-compose
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose

Install Harbor

Download Harbor from and extract to /opt folder

tar -xzf harbor-offline-installer-v1.9.2.tgz
mkdir /opt/harbor
mv harbor/* /opt/harbor

change the hostname in harbor

cd /opt/harbor
vi harbor.yml


Configure HTTPS for Harbor

Create CA

mkdir /root/ca -p
cd /root/ca
openssl req  -newkey rsa:4096 -nodes -sha256 -keyout ca.key -x509 -days 365 -out ca.crt

Common Name (eg, your name or your server’s hostname) []:

create self-signed certificate

openssl req  -newkey rsa:4096 -nodes -sha256 -keyout -out

Common Name (eg, your name or your server’s hostname) []:

Generate certificate

echo subjectAltName = IP: > extfile.cnf
openssl x509 -req -days 365 -in -CA ca.crt -CAkey ca.key -CAcreateserial -extfile extfile.cnf -out

move cert/key to cert folder

mv /opt/cert

Edit harbor.yml to update hostname, HTTPS section. part of the harbor.yml

# The IP address or hostname to access admin UI and registry service.
# DO NOT use localhost or, because Harbor needs to be accessed by external clients.

# http related config
  # port for http, default is 80. If https enabled, this port will redirect to https port
  port: 80

# https related config
#   # https port for harbor, default is 443
   port: 443
#   # The path of cert and key files for nginx
   certificate: /opt/cert/
   private_key: /opt/cert/

# Uncomment external_url if you want to enable external proxy
# And when it enabled the hostname will no longer used
# external_url:

# The initial password of Harbor admin
# It only works in first time to install harbor
# Remember Change the admin password from UI after launching Harbor.
harbor_admin_password: Harbor12345

Install harbor


Start, stop and restart Harbor

docker-compose up -d 
docker-compose stop 
docker-compose restart 

Check and access Harbor

login the harbor with the username and password that you define in the Harbor configuration file.

Create project and username in Harbor

Harbor has two types of project:

Public: all users can access this repository, it is used for storing public images.
Private: only authorized users can access the repository.

Click new project to create new one

Enter project nama, access level, and quota.

Create users

Input the basic information.

Add a user to be a member of group by clicking Projects->Members->User

Assign role permission


In Part 4, we have successfully installed Harbor, creates self-signed certificates, and configured SSL for Harbor. Meanwhile, we have performed the basic actions, creating the project, users, and assigning user roles. all components are ready now, we are heading over code building in next part.

Leave a Reply

Your email address will not be published. Required fields are marked *