How to run a Solana RPC node

Introduction
The easiest way to run a Solana RPC node is with Chainstack:
That said, this post provides you with the step-by-step instructions on running a non-validating Solana RPC node and connecting it to the mainnet beta cluster.
This tutorial uses the Solana Lumen server program specifications.
Prerequisites
- Operating system: Ubuntu 20.04
- Memory: 250 GB
- CPU: Intel(R) Xeon(R) Gold 6226R
- Cores: 32 cores @ 2.9 GHz
- Storage: 2 x 900 GB NVMe
Notes
In this tutorial:
- We will not be using accounts in RAM.
- We will avoid creating RAID 0 or logical volumes with different sizes.
- Accounts and the ledger will be stored on different volumes.
- We will manually tune the system.
In brief
The process is the following:
- Mount disks to store Solana data.
- sysctl additional values—the memory mapped files limit and the UDP buffer size.
- Create a user for the Solana instance.
- Install Solana binaries.
- Create a run script.
- Create a service for the Solana instance.
- Create an identity for the node.
- Install Node Exporter to expose node metrics.
- Install Nginx.
- Obtain an SSL certificate.
1. Mount disks
We will store our data in /var/solana
on two different mounted disks:
- disk #1 for ledger and config —
/var/solana/data
- disk #2 for accounts —
/var/solana/accounts
It’s an official Solana recommendation to store the ledger data and the accounts data on separate disks.
Run:
[email protected]:~# mkdir /var/solana && mkdir /var/solana/data && mkdir /var/solana/accounts
[email protected]:~# mount /dev/nvme2n1 /var/solana/data
[email protected]:~# mkfs -t xfs /dev/nvme2n1
[email protected]:~# mount /dev/nvme1n1 /var/solana/accounts
[email protected]:~# mkfs -t xfs /dev/nvme1n1
2. sysctl additional values
Increase the memory mapped files limit, increase the UDP buffer size, and optimize the kernel parameters:
[email protected]:~# bash -c "cat >/etc/sysctl.d/20-solana-additionals.conf <<EOF
kernel.nmi_watchdog=0
kernel.sched_min_granularity_ns='10000000'
kernel.sched_wakeup_granularity_ns='15000000'
vm.swappiness='30'
kernel.hung_task_timeout_secs=600
vm.stat_interval=10
vm.dirty_ratio=40
vm.dirty_background_ratio=10
vm.dirty_expire_centisecs=36000
vm.dirty_writeback_centisecs=3000
vm.dirtytime_expire_seconds=43200
kernel.timer_migration=0
kernel.pid_max=65536
net.ipv4.tcp_fastopen=3
EOF"
[email protected]:~# bash -c "cat >/etc/sysctl.d/20-solana-mmaps.conf <<EOF
# Increase memory mapped files limit
vm.max_map_count = 1000000
EOF"
[email protected]:~# bash -c "cat >/etc/sysctl.d/20-solana-udp-buffers.conf <<EOF
# Increase UDP buffer size
net.core.rmem_default = 134217728
net.core.rmem_max = 134217728
net.core.wmem_default = 134217728
net.core.wmem_max = 134217728
EOF"
[email protected]:~# sysctl -p /etc/sysctl.d/20-solana-mmaps.conf
[email protected]:~# sysctl -p /etc/sysctl.d/20-solana-udp-buffers.conf
[email protected]:~# sysctl -p /etc/sysctl.d/20-solana-additionals.conf
3. Create a user for Solana
[email protected]:~# adduser solana
[email protected]:~# chown solana:solana /var/solana/data/
[email protected]:~# chown solana:solana /var/solana/accounts/
4. Install Solana binaries
[email protected]:~$ sh -c "$(curl -sSfL https://release.solana.com/stable/install)"
5. Create a run script
[email protected]:~$ mkdir /home/solana/bin && cd /home/solana/bin
[email protected]:~$ bash -c "cat > validator.sh <<EOF
#!/bin/bash
set -o errexit
set -o nounset
set -o pipefail
# Remove empty snapshots
find "/var/solana/data/ledger" -name 'snapshot-*' -size 0 -print -exec rm {} \; || true
export RUST_LOG=error
export RUST_BACKTRACE=full
solana-validator \
--ledger /var/solana/data/ledger \
--identity /var/solana/data/config/validator-keypair.json \
--trusted-validator 7Np41oeYqPefeNQEHSv1UDhYrehxin3NStELsSKCT4K2 \
--trusted-validator GdnSyH3YtwcxFvQrVVJMm1JhTS4QVX7MFsX56uJLUfiZ \
--trusted-validator DE1bawNcRJB9rVm3buyMVfr8mBEoyyu73NBovf2oXJsJ \
--trusted-validator CakcnaRDHka2gXyfbEd2d3xsvkJkqsLw2akB3zsN1D2S \
--expected-genesis-hash 5eykt4UsFv8P8NJdTREpY1vzqKqZKvdpKuc147dw2N9d \
--entrypoint entrypoint.mainnet-beta.solana.com:8001 \
--entrypoint entrypoint2.mainnet-beta.solana.com:8001 \
--entrypoint entrypoint3.mainnet-beta.solana.com:8001 \
--entrypoint entrypoint4.mainnet-beta.solana.com:8001 \
--entrypoint entrypoint5.mainnet-beta.solana.com:8001 \
--no-voting \
--snapshot-interval-slots 500 \
--maximum-local-snapshot-age 500 \
--rpc-bind-address 127.0.0.1 \
--rpc-port 8799 \
--gossip-port 8801 \
--dynamic-port-range 8802-8812 \
--no-port-check \
--wal-recovery-mode skip_any_corrupted_record \
--enable-rpc-transaction-history \
--enable-cpi-and-log-storage \
--init-complete-file /var/solana/data/init-completed \
--snapshot-compression none \
--require-tower \
--no-wait-for-vote-to-start-leader \
--no-poh-speed-test \
--limit-ledger-size 50000000 \
--accounts /var/solana/accounts \
--log -
EOF"
[email protected]:~$ chmod +x validator.sh
6. Create a service for Solana
[email protected]:~# bash -c "cat > /etc/systemd/system/sol.service <<EOF
[Unit]
Description=Solana Validator
After=network.target
StartLimitIntervalSec=0
[Service]
Type=simple
Restart=always
RestartSec=1
User=solana
LimitNOFILE=1000000
LogRateLimitIntervalSec=0
Environment="PATH=/bin:/usr/bin:/home/solana/.local/share/solana/install/active_release/bin"
ExecStart=/home/solana/bin/validator.sh
[Install]
WantedBy=multi-user.target
EOF"
7. Create the node identity
You need a key pair to identify the node on the network. You do not need any funds on the key pair as you are not running a validator.
[email protected]:~$ solana-keygen new -o /var/solana/data/config/validator-keypair.json
8. Install Prometheus Node Exporter
Install the Prometheus Node Exporter to export node metrics that you can later feed into your monitoring tools.
[email protected]:~# wget https://github.com/prometheus/node_exporter/releases/download/v1.3.1/node_exporter-1.3.1.linux-amd64.tar.gz
[email protected]:~# tar xvfz node_exporter-1.3.1.linux-amd64.tar.gz
[email protected]:~# mv node_exporter-1.3.1.linux-amd64/node_exporter /usr/local/bin/
[email protected]:~# useradd -rs /bin/false node_exporter
[email protected]:~# tee /etc/systemd/system/node_exporter.service<<EOF
[Unit]
Description=Node Exporter
After=network.target
[Service]
User=node_exporter
Group=node_exporter
Type=simple
ExecStart=/usr/local/bin/node_exporter
[Install]
WantedBy=multi-user.target
EOF
…if you need to change port:
[email protected]:~# tee /etc/prometheus.conf<<EOF
ARGS=--web.listen-address=localhost:9101
EOF
Change /etc/systemd/system/node_exporter.service
to the ExecStart
string to look like this:ExecStart=/usr/local/bin/node_exporter $ARGS
…continue:
[email protected]:~# systemctl daemon-reload
[email protected]:~# systemctl start node_exporter
[email protected]:~# systemctl enable node_exporter
[email protected]:~# systemctl enable --now sol
9. Install and configure Nginx
Enable secure access to your Solana’s node endpoint with Nginx.
9.1 Install Nginx
[email protected]:~# apt update && apt install nginx
[email protected]:~# cd /etc/nginx/sites-available/
[email protected]:~# vim default
9.2 In location /
, set proxy_pass http://solana
, save
[email protected]:~# cd ../ && vim nginx.conf
9.3 At the end of the http
section, add:
upstream solana{
server 127.0.0.1:8799;
}
Save.
9.4 Set your domain name, if needed
In /etc/nginx/sites-available/default
, add the string server_name {{YOUR DOMAIN NAME HERE}}
in the server section.
9.5 Test the Nginx configuration by executing the following:
[email protected]:~# nginx -t
9.6 Reload Nginx
[email protected]:~# systemctl reload nginx
10. Obtain the SSL certificate
10.1 Install Certbot
[email protected]:~# apt install certbot python3-certbot-nginx
10.2 Obtain and apply the certificate
[email protected]:~# certbot --nginx -d {{YOUR DOMAIN NAME HERE}}
11. Enable basic authentication on the endpoint
Run:
[email protected]:~# apt install apache2-utils -y
[email protected]:~# cd /etc/nginx/
[email protected]:~# htpasswd -c .htpasswd {{YOUR_BASIC_AUTH_USER}}
Edit the Nginx configuration:
[email protected]:~# cd sites-available/
[email protected]:~# vim default
Add the following lines inside the server section:
auth_basic "Authorization requred";
auth_basic_user_file /etc/nginx/.htpasswd;
Restart Nginx:
[email protected]:~# nginx -t
[email protected]:~# systemctl restart nginx
Conclusion
This tutorial walked you through the basics of setting up a non-validating Solana RPC node with a protected RPC endpoint.
- Connect to the Ethereum, Polygon, BNB Smart Chain, Avalanche, Arbitrum, Optimism, NEAR, Aurora, Solana, Polygon zkEVM, Aptos, Gnosis Chain, Cronos, Filecoin, Fantom, StarkNet, Harmony, Tezos and Fuse mainnet or testnets through the interface designed to help you get the job done.
- Get access to the Ethereum, Polygon, BNB Smart Chain, Avalanche, Cronos, Fantom and Tezos archive nodes to query the entire history of the mainnet—starting at just $49 per month.
- Choose where you want to deploy, and we will provide you with the dedicated managed infrastructure that can handle high-volume, high-velocity read/write access to the network.
- To learn more about Chainstack, visit our Knowledge Center or join our Discord server and Telegram group.
Have you already explored what you can achieve with Chainstack? Get started for free today.