Install Banyan Connector using Docker
Install the Connector on a server running Docker
- Network Reachability Checklist
- Register Connector
- Connectivity Parameters
- Verify Installation
Installing the Banyan Connector via Docker Desktop on Mac is currently not supported. We are actively working on providing this soon.
Network Reachability Checklist
The Connector needs to be able to connect outbound to the Internet; it does not need any inbound open ports to operate correctly.
Ensure that the Connector server can make an outbound HTTPS connection via port 443 to the Command Center. The Connector does this to register itself and receive its configuration parameters, by making API calls to
Ensure that the Connector can make an outbound UDP connection to the Banyan Global Edge Network. The Connector will pick a port(s) in the range 30000 - 32767 to set up a Wireguard tunnel(s) with the Edge Network.
Ensure your networking policies allow traffic to flow from the Connector server to backend machines running the applications and services you need to secure access to.
In the Banyan Command Center, navigate to Settings > API Keys and make sure you have created an API Key that can be used to register your Connector.
Create API Key
Then, navigate to the Infrastructure > Connectors section, and click on Add Connector to create your Connector.
Specify the API Key to use, the Cluster and Access Tier(s) you want your Connector to connect to. You can leave all the other fields at their default / empty values.
Once your Connector has been created in the UI, you can proceed to your Linux server to install the
Before you start the Connector docker container, set the environment variables that specify how it should connect to the Command Center so it can register itself and receive its configuration.
export COMMAND_CENTER_URL= # Banyan Command Center, such as https://net.banyanops.com export API_KEY_SECRET= # secret API Key associated with your Connector export CONNECTOR_NAME= # name of your Connector
# run the container docker run --privileged --cap-add=NET_ADMIN \ -e COMMAND_CENTER_URL -e API_KEY_SECRET -e CONNECTOR_NAME \ -d gcr.io/banyan-pub/connector:1.3.0
If your machine needs root privilege to run
docker via the
sudo command, remember to add
-E so your environment variables get passed through. Your command will then look like
sudo -E docker run ...
Banyan’s Connector leverages Wireguard to set up secure tunnels. The Docker container needs to be run in privileged mode with the NET_ADMIN capability to configure networking correctly.
Once the Connector is running, you can check its logs using
docker logs to ensure it is functioning as expected.
In the Infrastructure > Connectors section of the Banyan Command Center to see the list of all the registered Connectors. Verify the status of your Connector there.
Last modified: Sep 28, 2021