diff --git a/salt/states/firewalld/init.sls b/salt/states/firewalld/init.sls
index 2843ee2..11bb84e 100644
--- a/salt/states/firewalld/init.sls
+++ b/salt/states/firewalld/init.sls
@@ -9,6 +9,12 @@ Configure wireguard service:
     - ports:
       - {{ pillar['wireguard']['port'] }}/udp
 
+Configure container registry service:
+  firewalld.service:
+    - name: registry
+    - ports:
+      - 5000/tcp
+
 Configure firewalld for external interface:
   firewalld.present:
     - name: external
@@ -45,6 +51,7 @@ Configure firewalld for internal network:
       - https
       - dns
       - ntp
+      - registry
 
 Configure firewalld for public networks:
   firewalld.present:
@@ -74,6 +81,7 @@ Configure firewalld for public networks:
       - https
       - dns
       - ntp
+      - registry
 
 
 Configure firewalld for airgap networks:
@@ -104,6 +112,7 @@ Configure firewalld for airgap networks:
       - https
       - dns
       - ntp
+      - registry
 
 Add forwarding on Internal zone:
   cmd.run:
diff --git a/salt/states/pxe/harvester/files/harvester.cfg.jinja b/salt/states/pxe/harvester/files/harvester.cfg.jinja
index 2e42ec7..934b71d 100644
--- a/salt/states/pxe/harvester/files/harvester.cfg.jinja
+++ b/salt/states/pxe/harvester/files/harvester.cfg.jinja
@@ -2,12 +2,13 @@
 set menu_color_normal=white/black
 set menu_color_highlight=white/green
 
-menuentry 'TLU Harvester {{ pillar['harvester']['version'] }} node1' --class os {
-    linux harvester-v{{ pillar['harvester']['version'] }}-vmlinuz-amd64 nomodeset initrd=harvester-v{{ pillar['harvester']['version'] }}-initrd-amd64 ip=dhcp net.ifnames=1 rd.cos.disable rd.noverifyssl console=tty1 root=live:http://{{ pillar['network']['ip'] }}/harvester/harvester-v{{ pillar['harvester']['version'] }}-rootfs-amd64.squashfs harvester.install.automatic=true harvester.install.config_url=http://{{ pillar['network']['ip'] }}/harvester/node1.yaml
+{% for node in ['node1', 'node2', 'node3'] -%}
+menuentry 'TLU Harvester {{ pillar['harvester']['version'] }} {{ node }}' --class os {
+    linux harvester-v{{ pillar['harvester']['version'] }}-vmlinuz-amd64 nomodeset initrd=harvester-v{{ pillar['harvester']['version'] }}-initrd-amd64 ip=dhcp net.ifnames=1 rd.cos.disable rd.noverifyssl console=tty1 root=live:http://{{ pillar['network']['ip'] }}/harvester/harvester-v{{ pillar['harvester']['version'] }}-rootfs-amd64.squashfs harvester.install.automatic=true harvester.install.config_url=http://{{ pillar['network']['ip'] }}/harvester/{{ node }}.yaml
     initrd harvester-v{{ pillar['harvester']['version'] }}-initrd-amd64
     boot
 }
-
+{% endfor %}
 
 {% for item in pillar['pxe']['harvester'] -%}
 menuentry 'Harvester {{ item['version'] }}' --class os {
diff --git a/salt/states/pxe/harvester/files/node1.yaml.jinja b/salt/states/pxe/harvester/files/node1.yaml.jinja
index 868da30..ad75b4c 100644
--- a/salt/states/pxe/harvester/files/node1.yaml.jinja
+++ b/salt/states/pxe/harvester/files/node1.yaml.jinja
@@ -1,13 +1,23 @@
 token: {{ pillar['harvester']['token'] }}
 os:
   ssh_authorized_keys: {{ pillar['harvester']['os']['ssh_authorized_keys'] }}
-  nostname: node1
+  hostname: node1
   password: {{ pillar['harvester']['os']['password'] }}
   dns_nameservers:
   - {{ pillar['network']['ip'] }}
   password: {{ pillar['harvester']['os']['password'] }}
   ntp_servers:
     - {{ pillar['network']['ip'] }}
+  write_files:
+    - path: /etc/rancher/rke2/registries.yaml
+    - owner: 'root:root'
+    - permissions: '0600'
+    - content: |
+      mirrors:
+        docker.io:
+          endpoint:
+            - "http://{{ pillar['network']['ip'] }}:5000"
+
 install:
   mode: create
   networks:
diff --git a/salt/states/pxe/harvester/files/node2.yaml.jinja b/salt/states/pxe/harvester/files/node2.yaml.jinja
new file mode 100644
index 0000000..0a836a4
--- /dev/null
+++ b/salt/states/pxe/harvester/files/node2.yaml.jinja
@@ -0,0 +1,34 @@
+server_url: https://harvester.{{ pillar['network']['domain'] }}:8443
+token: {{ pillar['harvester']['token'] }}
+os:
+  ssh_authorized_keys: {{ pillar['harvester']['os']['ssh_authorized_keys'] }}
+  hostname: node2
+  password: {{ pillar['harvester']['os']['password'] }}
+  dns_nameservers:
+  - {{ pillar['network']['ip'] }}
+  password: {{ pillar['harvester']['os']['password'] }}
+  ntp_servers:
+    - {{ pillar['network']['ip'] }}
+  write_files:
+    - path: /etc/rancher/rke2/registries.yaml
+    - owner: 'root:root'
+    - permissions: '0600'
+    - content: |
+      mirrors:
+        docker.io:
+          endpoint:
+            - "http://{{ pillar['network']['ip'] }}:5000"
+
+install:
+  mode: join
+  networks:
+    harvester-mgmt:
+      interfaces:
+      - name: {{ pillar['harvester']['install']['mgmt-interface'] }}
+      method: static
+      ip: {{ pillar['network']['ip'][0:-1] }}{{ pillar['network']['hosts']['node2'] }}
+      subnet_mask: 255.255.255.0
+      gateway: {{ pillar['network']['ip'] }}
+      default_route: true
+  device: {{ pillar['harvester']['device'] }}
+  iso_url: http://{{ pillar['network']['ip'] }}/harvester/harvester-v{{ pillar['harvester']['version'] }}-amd64.iso
diff --git a/salt/states/pxe/harvester/files/node3.yaml.jinja b/salt/states/pxe/harvester/files/node3.yaml.jinja
new file mode 100644
index 0000000..3cc9008
--- /dev/null
+++ b/salt/states/pxe/harvester/files/node3.yaml.jinja
@@ -0,0 +1,34 @@
+server_url: https://harvester.{{ pillar['network']['domain'] }}:8443
+token: {{ pillar['harvester']['token'] }}
+os:
+  ssh_authorized_keys: {{ pillar['harvester']['os']['ssh_authorized_keys'] }}
+  hostname: node3
+  password: {{ pillar['harvester']['os']['password'] }}
+  dns_nameservers:
+  - {{ pillar['network']['ip'] }}
+  password: {{ pillar['harvester']['os']['password'] }}
+  ntp_servers:
+    - {{ pillar['network']['ip'] }}
+  write_files:
+    - path: /etc/rancher/rke2/registries.yaml
+    - owner: 'root:root'
+    - permissions: '0600'
+    - content: |
+      mirrors:
+        docker.io:
+          endpoint:
+            - "http://{{ pillar['network']['ip'] }}:5000"
+
+install:
+  mode: join
+  networks:
+    harvester-mgmt:
+      interfaces:
+      - name: {{ pillar['harvester']['install']['mgmt-interface'] }}
+      method: static
+      ip: {{ pillar['network']['ip'][0:-1] }}{{ pillar['network']['hosts']['node3'] }}
+      subnet_mask: 255.255.255.0
+      gateway: {{ pillar['network']['ip'] }}
+      default_route: true
+  device: {{ pillar['harvester']['device'] }}
+  iso_url: http://{{ pillar['network']['ip'] }}/harvester/harvester-v{{ pillar['harvester']['version'] }}-amd64.iso
diff --git a/salt/states/pxe/harvester/init.sls b/salt/states/pxe/harvester/init.sls
index fa74fef..44fef9b 100644
--- a/salt/states/pxe/harvester/init.sls
+++ b/salt/states/pxe/harvester/init.sls
@@ -46,11 +46,13 @@ Update harvester grub file:
     - group: root
     - mode: "0644"
 
-Create tlu harvester cluster yaml for node1:
+{% for node in ['node1', 'node2', 'node3'] -%}
+Create tlu harvester cluster yaml for {{ node }}:
   file.managed:
-    - name: /srv/www/htdocs/harvester/node1.yaml
-    - source: salt://pxe/harvester/files/node1.yaml.jinja
+    - name: /srv/www/htdocs/harvester/{{ node }}.yaml
+    - source: salt://pxe/harvester/files/{{ node }}.yaml.jinja
     - template: jinja
     - user: root
     - group: root
     - mode: "0644"
+{% endfor %}