You can install Stellar Core a number of different ways, and once you do, you can configure it to participate in the network on a several different levels: it can be either a Basic Validator or a Full Validator. No matter how you install Stellar Core or what kind of node you run, however, you need to set up to connect to the peer-to-peer network and store the state of the ledger in a SQL database.
We recently asked Stellar Core operators about their setups, and should have some updated information soon based on their responses. So stay tuned. In early 2018, Stellar Core with PostgreSQL running on the same machine worked well on a m5.large in AWS (dual core 2.5 GHz Intel Xeon, 8 GB RAM). Storage-wise, 20 GB was enough in 2018, but the ledger has grown a lot since then, and most people seem to have at least 1TB on hand.
If you decide to run Stellar Core on the same machine as Horizon (though note that this is a deprecated architecture, since Horizon now bundles Core for its needs), you will additionally need to ensure that your setup is also equipped to handle Horizon's compute requirements as well.
Stellar Core is designed to run on relatively modest hardware so that a whole range of individuals and organizations can participate in the network, and basic nodes should be able to function pretty well without tremendous overhead. That said, the more you ask of your node, the greater the requirements.
Stellar Core interacts with the peer-to-peer network to keep a distributed ledger in sync, which means that your node needs to make certain TCP ports available for inbound and outbound communication.
- Inbound: a Stellar Core node needs to allow all IPs to connect to its
PEER_PORTover TCP. You can specify a port when you configure Stellar Core, but most people use the default, which is 11625.
- Outbound: a Stellar Core needs to connect to other nodes via their
PEER_PORTs TCP. You can find information about other nodes'
PEER_PORTs on a network explorer like Stellarbeat, but most use the default port, which is, again, 11625.
Internal System Access
Stellar Core also needs to connect to certain internal systems, though exactly how varies based on your setup.
- Stellar Core requires access to a PostgreSQL database. If that database resides on a different machine on your network, you'll need to allow that connection. You specify the database when you configure Stellar Core.
- You can block all other connections.
- Inbound: Stellar Core exposes an unauthenticated HTTP endpoint on its
HTTP_PORT. You can specify a port when you configure Stellar Core, but most people use the default, which is 11626.
HTTP_PORTis used by Horizon to submit transactions, so may have to be exposed to the rest of your internal IPs
- It's also used to query Stellar Core info and provide metrics
- And to perform administrative commands such as scheduling upgrades and changing log levels
- For more on that, see commands
Note: if you need to expose your HTTP endpoint to other hosts in your local network, we recommended using an intermediate reverse proxy server to implement authentication. Don't expose the HTTP endpoint to the raw and cruel open internet.