MongoDB Cross-Region Disaster Recovery (DR) on AWS EC2: Step-by-Step Guide


In today’s high-availability landscape, disaster recovery (DR) is more than a best practice—it's a requirement. This tutorial walks you through implementing a cross-region MongoDB DR solution using EC2 instances with public IPs. You’ll learn to replicate data between AWS regions to ensure business continuity even in regional outages.
🧭 Architecture Overview
The DR architecture consists of:
A primary MongoDB instance running in one AWS region.
A replica set member (secondary) in a separate AWS region.
Data replication between these two nodes.
📌 Diagram on page 1 shows a simple two-region EC2-based MongoDB setup with replication arrows connecting the nodes.
🔧 Implementation Guide
1. EC2 Instance Setup
Launch two Ubuntu EC2 instances, one in each AWS region.
Security Groups must allow:
- Inbound traffic on TCP port 27017 (MongoDB default port) from known IPs.
2. Install MongoDB
Run these commands on both instances:
sudo apt-get install gnupg curl
curl -fsSL https://www.mongodb.org/static/pgp/server-8.0.asc | \
sudo gpg -o /usr/share/keyrings/mongodb-server-8.0.gpg --dearmor
echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-8.0.gpg ] \
https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/8.0 multiverse" | \
sudo tee /etc/apt/sources.list.d/mongodb-org-8.0.list
sudo apt-get update
sudo apt-get install -y mongodb-org
sudo systemctl start mongod
sudo systemctl enable mongod
3. Configure MongoDB
Edit the MongoDB config file on both servers:
sudo nano /etc/mongod.conf
Set the following values:
net:
port: 27017
bindIp: 0.0.0.0
replication:
replSetName: "rs0"
security:
authorization: enabled
Then restart the MongoDB service:
sudo systemctl restart mongod
4. Initialize Replica Set
Log in to the Mongo shell on the primary:
mongosh
Run this setup:
rs.initiate({
_id: "rs0",
members: [
{ _id: 0, host: "primary-public-ip:27017", priority: 2 },
{ _id: 1, host: "secondary-public-ip:27017", priority: 1 }
]
})
Verify it using:
rs.status()
5. Create Admin User
On the primary:
db.createUser({
user: "adminUser",
pwd: "securePassword",
roles: [{ role: "root", db: "admin" }]
})
Reconnect with auth:
mongosh --host primary-public-ip:27017 -u adminUser -p securePassword --authenticationDatabase admin
6. Test Replication
Insert on primary:
use testdb
db.testCollection.insertOne({ message: "Testing replication", timestamp: new Date() })
Read from the secondary:
mongosh --host secondary-public-ip:27017 -u adminUser -p securePassword --authenticationDatabase admin
Enable read preference:
db.getMongo().setReadPref("secondaryPreferred")
use testdb
db.testCollection.find()
7. Simulate Failover
Stop MongoDB on the primary:
sudo systemctl stop mongod
Then, on the secondary, verify promotion:
rs.status() // This node should now be PRIMARY
Bring the primary back:
sudo systemctl start mongod
📝 8. Checklist / TL;DR
Here’s a quick reference summary to validate your setup:
✅ EC2s launched in two AWS regions
✅ MongoDB installed and configured
✅ Replica set initialized
✅ Authentication set up
✅ Replication verified
✅ Failover tested
✅ Conclusion
This guide demonstrates how to:
Set up a MongoDB replica set across AWS regions.
Secure it with authentication.
Test real-time replication and failover.
While this is a basic manual setup, production deployments may benefit from:
Private networking (e.g., VPC peering).
Automation via Terraform or Ansible.
Monitoring using MongoDB Ops Manager or Prometheus.
Subscribe to my newsletter
Read articles from DevOpsofworld directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
