MongoDB Cross-Region Disaster Recovery (DR) on AWS EC2: Step-by-Step Guide

DevOpsofworldDevOpsofworld
3 min read

In today’s high-availability landscape, disaster recovery (DR) is more than a best practice—it's a requirement. This tutorial walks you through implementing a cross-region MongoDB DR solution using EC2 instances with public IPs. You’ll learn to replicate data between AWS regions to ensure business continuity even in regional outages.

🧭 Architecture Overview

The DR architecture consists of:

  • A primary MongoDB instance running in one AWS region.

  • A replica set member (secondary) in a separate AWS region.

  • Data replication between these two nodes.

📌 Diagram on page 1 shows a simple two-region EC2-based MongoDB setup with replication arrows connecting the nodes.

🔧 Implementation Guide

1. EC2 Instance Setup

  • Launch two Ubuntu EC2 instances, one in each AWS region.

  • Security Groups must allow:

    • Inbound traffic on TCP port 27017 (MongoDB default port) from known IPs.

2. Install MongoDB

Run these commands on both instances:

sudo apt-get install gnupg curl
curl -fsSL https://www.mongodb.org/static/pgp/server-8.0.asc | \
  sudo gpg -o /usr/share/keyrings/mongodb-server-8.0.gpg --dearmor

echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-8.0.gpg ] \
https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/8.0 multiverse" | \
sudo tee /etc/apt/sources.list.d/mongodb-org-8.0.list

sudo apt-get update
sudo apt-get install -y mongodb-org
sudo systemctl start mongod
sudo systemctl enable mongod

3. Configure MongoDB

Edit the MongoDB config file on both servers:

sudo nano /etc/mongod.conf

Set the following values:

net:
  port: 27017
  bindIp: 0.0.0.0

replication:
  replSetName: "rs0"

security:
  authorization: enabled

Then restart the MongoDB service:

sudo systemctl restart mongod

4. Initialize Replica Set

Log in to the Mongo shell on the primary:

mongosh

Run this setup:

rs.initiate({
  _id: "rs0",
  members: [
    { _id: 0, host: "primary-public-ip:27017", priority: 2 },
    { _id: 1, host: "secondary-public-ip:27017", priority: 1 }
  ]
})

Verify it using:

rs.status()

5. Create Admin User

On the primary:

db.createUser({
  user: "adminUser",
  pwd: "securePassword",
  roles: [{ role: "root", db: "admin" }]
})

Reconnect with auth:

mongosh --host primary-public-ip:27017 -u adminUser -p securePassword --authenticationDatabase admin

6. Test Replication

Insert on primary:

use testdb
db.testCollection.insertOne({ message: "Testing replication", timestamp: new Date() })

Read from the secondary:

mongosh --host secondary-public-ip:27017 -u adminUser -p securePassword --authenticationDatabase admin

Enable read preference:

db.getMongo().setReadPref("secondaryPreferred")
use testdb
db.testCollection.find()

7. Simulate Failover

Stop MongoDB on the primary:

sudo systemctl stop mongod

Then, on the secondary, verify promotion:

rs.status()  // This node should now be PRIMARY

Bring the primary back:

sudo systemctl start mongod

📝 8. Checklist / TL;DR

Here’s a quick reference summary to validate your setup:

✅ EC2s launched in two AWS regions
✅ MongoDB installed and configured
✅ Replica set initialized
✅ Authentication set up
✅ Replication verified
✅ Failover tested

✅ Conclusion

This guide demonstrates how to:

  • Set up a MongoDB replica set across AWS regions.

  • Secure it with authentication.

  • Test real-time replication and failover.

While this is a basic manual setup, production deployments may benefit from:

  • Private networking (e.g., VPC peering).

  • Automation via Terraform or Ansible.

  • Monitoring using MongoDB Ops Manager or Prometheus.

0
Subscribe to my newsletter

Read articles from DevOpsofworld directly inside your inbox. Subscribe to the newsletter, and don't miss out.

MongoDBAWSDevopsDisaster recoverycloud architecture

Written by

DevOpsofworld
DevOpsofworld