// Self-host guide

Solana validator + Yellowstone gRPC, self-hosted

Everything you need to stand up your own Solana gRPC endpoint: hardware, plugin config, TLS, auth, and monitoring. Plus the honest TCO breakdown — because for most workloads, a managed provider like Subglow is 10–30× cheaper.

Before you start: is this actually worth it?

Self-hosting a Solana validator for Yellowstone gRPC is an operationally heavy choice. You're signing up for:

  • $3,500–5,000/mo all-in (hardware + bandwidth + HA)
  • Snapshot management, restart storms, and ledger maintenance
  • DevOps on-call for plugin ABI breakages on every agave release
  • Your own TLS, auth, rate-limiting, and abuse handling
  • No pre-parsing — your bot still Borsh-decodes every instruction

Unless you need colocation at a specific data center for HFT reasons, or you have compliance requirements that rule out third-party infra, a managed endpoint will be cheaper and faster. See our pricing calculator for a side-by-side.

Seven steps to a working Yellowstone endpoint

  1. 01

    Provision the hardware

    Rent or build a bare-metal machine: AMD EPYC 7713P (or similar), 512 GB DDR4 ECC, 2× 2 TB NVMe, 10 Gbps uplink. Recommended providers: Latitude.sh (AMS/NY4), Equinix Metal, OVH HighGrade. Install Ubuntu 22.04 LTS.

  2. 02

    Install agave-validator

    Download the latest release from the agave repo. Place the binary in /usr/local/bin/ and create a dedicated solana user. Build from source only if you need a custom patch — the release binaries are fine for most operators.

  3. 03

    Download a recent snapshot

    Catching up from genesis takes days. Pull a recent snapshot from a known-good source (e.g. official, QuickNode, or Triton mirror). Verify the hash. Place under /mnt/ledger/.

  4. 04

    Compile the Yellowstone plugin

    Clone rpcpool/yellowstone-grpc. Build the .so against your agave version — plugin ABI is tight with the validator version. Place the .so under /opt/yellowstone/ and write a minimal yellowstone-config.json with your bind address, port, and TLS config.

  5. 05

    Wire the plugin into the validator

    Add --geyser-plugin-config /opt/yellowstone/yellowstone-config.json to your agave-validator systemd unit. Restart. Check the logs — the plugin logs its own startup banner and will refuse to load if the ABI doesn't match.

  6. 06

    Put TLS and auth in front

    Stand up nginx or Caddy with a Let's Encrypt cert on port 443 and proxy to the plugin's port 10000 with HTTP/2. Add an auth layer (API key header check or mTLS). Without auth, anyone with your hostname consumes your bandwidth.

  7. 07

    Monitor slot lag and plugin health

    Graph slot lag (your slot vs cluster head) — anything above 5 slots is a red flag. Graph the plugin's internal queue depth — if it grows, your client subscribers are backpressured or your network is dropping. Alert on both.

Minimal yellowstone-config.json

This is the smallest config that will boot the plugin against a recent agave build. You'll want to extend it with an auth token check and connection limits before opening to the public.

{
  "libpath": "/opt/yellowstone/libyellowstone_grpc_geyser.so",
  "log": { "level": "info" },
  "grpc": {
    "address": "0.0.0.0:10000",
    "max_slots_history": 100,
    "max_concurrent_streams": 128,
    "channel_capacity": 100000
  },
  "filters": {
    "accounts": { "max": 4096 },
    "slots": { "max": 16 },
    "transactions": { "max": 4096 },
    "blocks": { "max": 4 }
  }
}

Operational gotchas we've hit

Plugin ABI is tightly coupled to agave version

Upgrading agave almost always means rebuilding the yellowstone .so against the new validator headers. Keep a canary node on the new version before rolling production.

Accounts DB growth is nonlinear

2 TB is fine today. Plan for 4 TB within 12 months. Migrating accounts mid-operation is a multi-hour restart.

The plugin backpressures your validator if a client is slow

A client that can't drain the stream fast enough will make the plugin queue grow, which steals memory from the validator and can cause slot lag to spike. Always set a per-client timeout and drop slow consumers.

TLS termination cost adds up

At the message rates gRPC delivers, TLS CPU isn't free. Offload to an nginx reverse proxy with OpenSSL 3 and enable session reuse. On a loaded node, this saves 3–6% CPU.

Frequently asked

How much does it cost to self-host a Solana validator with Yellowstone?

Hardware alone is $1,500–2,500/mo for a single node (AMD EPYC or recent Xeon, 512GB RAM, 2x NVMe). Add bandwidth (~$80–250/mo), monitoring/ops, and a hot-standby for HA and you're at $3,500–5,000/mo all-in before your DevOps time. For most trading-bot workloads this is 10–30× more expensive than a Subglow Pro plan ($249/mo).

Is a self-hosted node faster than a managed gRPC provider?

Only if you get every layer right. A well-colocated managed endpoint (like Subglow in AMS/FRA) routinely beats a self-hosted node in the wrong region. The only time self-hosting clearly wins is when you're latency-sensitive at the single-ms level and can afford to colocate your Solana validator in the same rack as your bot.

Do I need to run a voting validator or an RPC-only node?

For streaming gRPC data, you want an RPC node — no voting. Running a voting validator adds SOL staking requirements, slashing risk, and operational complexity you don't need. Set identity.json to a fresh key, set --no-voting, and wire up Yellowstone. That's the minimal rig.

What hardware do I actually need?

Minimums as of 2026: AMD EPYC 7713P or better / Xeon Gold 6338 or better, 512GB DDR4 ECC RAM, two 2TB NVMe drives (one for ledger, one for accounts), 10 Gbps network. You'll grow the accounts drive to 4TB within a year. Don't try to run on consumer SSDs — write amplification will eat them in weeks.

How do I connect clients to the Yellowstone plugin?

The plugin exposes a gRPC server on a configurable port (default 10000). You put a TLS reverse proxy (nginx, Caddy, or envoy) in front of it with a Let's Encrypt cert, and point clients at your hostname on port 443. You'll also want an auth middleware — the plugin itself doesn't authenticate, so anyone who knows your hostname can consume your bandwidth.

When is self-hosting worth it?

Three cases: (1) you're a market-maker or HFT shop with strict latency budgets that need sub-5ms slot-to-process and you colocate both validator and bot in the same rack; (2) you have compliance requirements that forbid third-party infra; (3) you're already running validators for other reasons and gRPC is a marginal add-on. For copy-trade and sniper use cases, managed wins on TCO.

Or skip the rack and rent it

Subglow runs all of this — validator, Yellowstone plugin, TLS, auth, filtering, pre-parsed JSON — on colocated infrastructure in Amsterdam and Frankfurt. Flat $99/mo for the filtered streams, no DevOps required.

Start on Sniper ($99/mo) →Compare pricing