How to run a Solana RPC node

Introduction

The easiest way to run a Solana RPC node is with Chainstack:

1. Sign up with Chainstack.
2. Deploy a Solana RPC node.
3. Get the deployed node’s endpoint.

That said, this post provides you with the step-by-step instructions on running a non-validating Solana RPC node and connecting it to the mainnet beta cluster.

This tutorial uses the Solana Lumen server program specifications.

Prerequisites

• Operating system: Ubuntu 20.04
• Memory: 250 GB
• CPU: Intel(R) Xeon(R) Gold 6226R
• Cores: 32 cores @ 2.9 GHz
• Storage: 2 x 900 GB NVMe

Notes

In this tutorial:

• We will not be using accounts in RAM.
• We will avoid creating RAID 0 or logical volumes with different sizes.
• Accounts and the ledger will be stored on different volumes.
• We will manually tune the system.

In brief

The process is the following:

1. Mount disks to store Solana data.
2. sysctl additional values—the memory mapped files limit and the UDP buffer size.
3. Create a user for the Solana instance.
4. Install Solana binaries.
5. Create a run script.
6. Create a service for the Solana instance.
7. Create an identity for the node.
8. Install Node Exporter to expose node metrics.
9. Install Nginx.
10. Obtain an SSL certificate.

1. Mount disks

We will store our data in /var/solana on two different mounted disks:

• disk #1 for ledger and config — /var/solana/data
• disk #2 for accounts — /var/solana/accounts

It’s an official Solana recommendation to store the ledger data and the accounts data on separate disks.

Run:

root@solana-node-01:~# mkdir /var/solana &&  mkdir /var/solana/data && mkdir /var/solana/accounts
root@solana-node-01:~# mount /dev/nvme2n1 /var/solana/data 
root@solana-node-01:~# mkfs -t xfs /dev/nvme2n1
root@solana-node-01:~# mount /dev/nvme1n1 /var/solana/accounts
root@solana-node-01:~# mkfs -t xfs /dev/nvme1n1

2. sysctl additional values

Increase the memory mapped files limit, increase the UDP buffer size, and optimize the kernel parameters:

root@solana-node-01:~# bash -c "cat >/etc/sysctl.d/20-solana-additionals.conf <<EOF
kernel.nmi_watchdog=0
kernel.sched_min_granularity_ns='10000000'
kernel.sched_wakeup_granularity_ns='15000000'
vm.swappiness='30'
kernel.hung_task_timeout_secs=600
vm.stat_interval=10
vm.dirty_ratio=40
vm.dirty_background_ratio=10
vm.dirty_expire_centisecs=36000
vm.dirty_writeback_centisecs=3000
vm.dirtytime_expire_seconds=43200
kernel.timer_migration=0
kernel.pid_max=65536
net.ipv4.tcp_fastopen=3
EOF"
root@solana-node-01:~# bash -c "cat >/etc/sysctl.d/20-solana-mmaps.conf <<EOF
# Increase memory mapped files limit
vm.max_map_count = 1000000
EOF"
root@solana-node-01:~# bash -c "cat >/etc/sysctl.d/20-solana-udp-buffers.conf <<EOF
# Increase UDP buffer size
net.core.rmem_default = 134217728
net.core.rmem_max = 134217728
net.core.wmem_default = 134217728
net.core.wmem_max = 134217728
EOF"
root@solana-node-01:~# sysctl -p /etc/sysctl.d/20-solana-mmaps.conf
root@solana-node-01:~# sysctl -p /etc/sysctl.d/20-solana-udp-buffers.conf
root@solana-node-01:~# sysctl -p /etc/sysctl.d/20-solana-additionals.conf

3. Create a user for Solana

root@solana-node-01:~# adduser  solana
root@solana-node-01:~# chown solana:solana /var/solana/data/
root@solana-node-01:~# chown solana:solana /var/solana/accounts/

4. Install Solana binaries

solana@solana-node-01:~$ sh -c "$(curl -sSfL https://release.solana.com/stable/install)"

5. Create a run script

solana@solana-node-01:~$ mkdir /home/solana/bin && cd /home/solana/bin
solana@solana-node-01:~$ bash -c "cat > validator.sh <<EOF
#!/bin/bash
set -o errexit
set -o nounset
set -o pipefail
# Remove empty snapshots
find "/var/solana/data/ledger" -name 'snapshot-*' -size 0 -print -exec rm {} \; || true
export RUST_LOG=error
export RUST_BACKTRACE=full
solana-validator \
--ledger /var/solana/data/ledger \
--identity /var/solana/data/config/validator-keypair.json \
--trusted-validator 7Np41oeYqPefeNQEHSv1UDhYrehxin3NStELsSKCT4K2 \
--trusted-validator GdnSyH3YtwcxFvQrVVJMm1JhTS4QVX7MFsX56uJLUfiZ \
--trusted-validator DE1bawNcRJB9rVm3buyMVfr8mBEoyyu73NBovf2oXJsJ \
--trusted-validator CakcnaRDHka2gXyfbEd2d3xsvkJkqsLw2akB3zsN1D2S \
--expected-genesis-hash 5eykt4UsFv8P8NJdTREpY1vzqKqZKvdpKuc147dw2N9d \
--entrypoint entrypoint.mainnet-beta.solana.com:8001 \
--entrypoint entrypoint2.mainnet-beta.solana.com:8001 \
--entrypoint entrypoint3.mainnet-beta.solana.com:8001 \
--entrypoint entrypoint4.mainnet-beta.solana.com:8001 \
--entrypoint entrypoint5.mainnet-beta.solana.com:8001 \
--no-voting \
--snapshot-interval-slots 500 \
--maximum-local-snapshot-age 500 \
--rpc-bind-address 127.0.0.1 \
--rpc-port 8799 \
--gossip-port 8801 \
--dynamic-port-range 8802-8812 \
--no-port-check \
--wal-recovery-mode skip_any_corrupted_record \
--enable-rpc-transaction-history \
--enable-cpi-and-log-storage \
--init-complete-file /var/solana/data/init-completed \
--snapshot-compression none \
--require-tower \
--no-wait-for-vote-to-start-leader \
--no-poh-speed-test \
--limit-ledger-size 50000000 \
--accounts /var/solana/accounts \
--log -
EOF"
solana@solana-node-01:~$ chmod +x validator.sh

6. Create a service for Solana

root@solana-node-01:~# bash -c "cat > /etc/systemd/system/sol.service <<EOF
[Unit]
Description=Solana Validator
After=network.target
StartLimitIntervalSec=0
[Service]
Type=simple
Restart=always
RestartSec=1
User=solana
LimitNOFILE=1000000
LogRateLimitIntervalSec=0
Environment="PATH=/bin:/usr/bin:/home/solana/.local/share/solana/install/active_release/bin"
ExecStart=/home/solana/bin/validator.sh
[Install]
WantedBy=multi-user.target
EOF"

7. Create the node identity

You need a key pair to identify the node on the network. You do not need any funds on the key pair as you are not running a validator.

solana@solana-node-01:~$ solana-keygen new -o /var/solana/data/config/validator-keypair.json

8. Install Prometheus Node Exporter

Install the Prometheus Node Exporter to export node metrics that you can later feed into your monitoring tools.

root@solana-node-01:~# wget https://github.com/prometheus/node_exporter/releases/download/v1.3.1/node_exporter-1.3.1.linux-amd64.tar.gz
root@solana-node-01:~# tar xvfz node_exporter-1.3.1.linux-amd64.tar.gz
root@solana-node-01:~# mv node_exporter-1.3.1.linux-amd64/node_exporter /usr/local/bin/
root@solana-node-01:~# useradd -rs /bin/false node_exporter
root@solana-node-01:~# tee /etc/systemd/system/node_exporter.service<<EOF
[Unit]
Description=Node Exporter
After=network.target
[Service]
User=node_exporter
Group=node_exporter
Type=simple
ExecStart=/usr/local/bin/node_exporter
[Install]
WantedBy=multi-user.target
EOF

…if you need to change port:

root@solana-node-01:~# tee /etc/prometheus.conf<<EOF
ARGS=--web.listen-address=localhost:9101
EOF

Change /etc/systemd/system/node_exporter.service to the ExecStart string to look like this:
ExecStart=/usr/local/bin/node_exporter $ARGS

…continue:

root@solana-node-01:~# systemctl daemon-reload
root@solana-node-01:~# systemctl start node_exporter
root@solana-node-01:~# systemctl enable node_exporter
root@solana-node-01:~# systemctl enable --now sol

9. Install and configure Nginx

Enable secure access to your Solana’s node endpoint with Nginx.

9.1 Install Nginx

root@solana-node-01:~# apt update && apt install nginx
root@solana-node-01:~# cd /etc/nginx/sites-available/
root@solana-node-01:~# vim default

9.2 In location /, set proxy_pass http://solana, save

root@solana-node-01:~# cd ../ && vim nginx.conf

9.3 At the end of the http section, add:

upstream solana{
    server 127.0.0.1:8799;
}

Save.

9.4 Set your domain name, if needed

In /etc/nginx/sites-available/default, add the string server_name {{YOUR DOMAIN NAME HERE}} in the server section.

9.5 Test the Nginx configuration by executing the following:

root@solana-node-01:~# nginx -t

9.6 Reload Nginx

root@solana-node-01:~# systemctl reload nginx

10. Obtain the SSL certificate

10.1 Install Certbot

root@solana-node-01:~# apt install certbot python3-certbot-nginx

10.2 Obtain and apply the certificate

root@solana-node-01:~# certbot --nginx -d {{YOUR DOMAIN NAME HERE}}

11. Enable basic authentication on the endpoint

Run:

root@solana-node-01:~# apt install apache2-utils -y
root@solana-node-01:~# cd /etc/nginx/
root@solana-node-01:~# htpasswd -c .htpasswd {{YOUR_BASIC_AUTH_USER}}

Edit the Nginx configuration:

root@solana-node-01:~# cd sites-available/
root@solana-node-01:~# vim default

Add the following lines inside the server section:

    auth_basic           "Authorization requred";
    auth_basic_user_file /etc/nginx/.htpasswd;

Restart Nginx:

root@solana-node-01:~# nginx -t
root@solana-node-01:~# systemctl restart nginx

Conclusion

This tutorial walked you through the basics of setting up a non-validating Solana RPC node with a protected RPC endpoint.

• Discover how you can save thousands in infra costs every month with our unbeatable pricing on the most complete Web3 development platform.
• Input your workload and see how affordable Chainstack is compared to other RPC providers.
• Connect to Ethereum, Polygon, BNB Smart Chain, Base, Avalanche, Arbitrum, zkSync Era, Polygon zkEVM, Optimism, Oasis Sapphire, NEAR, Aurora, Solana, Scroll, Aptos, Gnosis Chain, Cronos, Filecoin, Fantom, StarkNet, Harmony, Tezos and Fuse mainnet or testnets through an interface designed to help you get the job done.
• To learn more about Chainstack, visit our Developer Portal or join our Discord server and Telegram group. 
• Are you in need of testnet tokens? Request some from our faucets. Multi-chain faucet, Sepolia faucet, Goerli faucet, BNB faucet, zkSync faucet, Scroll faucet.

Have you already explored what you can achieve with Chainstack? Get started for free today.