MongoDB Cross-Region Disaster Recovery (DR) on AWS EC2: Step-by-Step Guide

In today’s high-availability landscape, disaster recovery (DR) is more than a best practice—it's a requirement. This tutorial walks you through implementing a cross-region MongoDB DR solution using EC2 instances with public IPs. You’ll learn to replicate data between AWS regions to ensure business continuity even in regional outages.

---

🧭 Architecture Overview

The DR architecture consists of:

• A primary MongoDB instance running in one AWS region.

• A replica set member (secondary) in a separate AWS region.

• Data replication between these two nodes.

📌 Diagram on page 1 shows a simple two-region EC2-based MongoDB setup with replication arrows connecting the nodes.

---

🔧 Implementation Guide

1. EC2 Instance Setup

• Launch two Ubuntu EC2 instances, one in each AWS region.

• Security Groups must allow:

  • Inbound traffic on TCP port 27017 (MongoDB default port) from known IPs.

---

2. Install MongoDB

Run these commands on both instances:

sudo apt-get install gnupg curl
curl -fsSL https://www.mongodb.org/static/pgp/server-8.0.asc | \
  sudo gpg -o /usr/share/keyrings/mongodb-server-8.0.gpg --dearmor

echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-8.0.gpg ] \
https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/8.0 multiverse" | \
sudo tee /etc/apt/sources.list.d/mongodb-org-8.0.list

sudo apt-get update
sudo apt-get install -y mongodb-org
sudo systemctl start mongod
sudo systemctl enable mongod

---

3. Configure MongoDB

Edit the MongoDB config file on both servers:

sudo nano /etc/mongod.conf

Set the following values:

net:
  port: 27017
  bindIp: 0.0.0.0

replication:
  replSetName: "rs0"

security:
  authorization: enabled

Then restart the MongoDB service:

sudo systemctl restart mongod

---

4. Initialize Replica Set

Log in to the Mongo shell on the primary:

mongosh

Run this setup:

rs.initiate({
  _id: "rs0",
  members: [
    { _id: 0, host: "primary-public-ip:27017", priority: 2 },
    { _id: 1, host: "secondary-public-ip:27017", priority: 1 }
  ]
})

Verify it using:

rs.status()

---

5. Create Admin User

On the primary:

db.createUser({
  user: "adminUser",
  pwd: "securePassword",
  roles: [{ role: "root", db: "admin" }]
})

Reconnect with auth:

mongosh --host primary-public-ip:27017 -u adminUser -p securePassword --authenticationDatabase admin

---

6. Test Replication

Insert on primary:

use testdb
db.testCollection.insertOne({ message: "Testing replication", timestamp: new Date() })

Read from the secondary:

mongosh --host secondary-public-ip:27017 -u adminUser -p securePassword --authenticationDatabase admin

Enable read preference:

db.getMongo().setReadPref("secondaryPreferred")
use testdb
db.testCollection.find()

---

7. Simulate Failover

Stop MongoDB on the primary:

sudo systemctl stop mongod

Then, on the secondary, verify promotion:

rs.status()  // This node should now be PRIMARY

Bring the primary back:

sudo systemctl start mongod

---

📝 8. Checklist / TL;DR

Here’s a quick reference summary to validate your setup:

✅ EC2s launched in two AWS regions
✅ MongoDB installed and configured
✅ Replica set initialized
✅ Authentication set up
✅ Replication verified
✅ Failover tested

✅ Conclusion

This guide demonstrates how to:

• Set up a MongoDB replica set across AWS regions.

• Secure it with authentication.

• Test real-time replication and failover.

While this is a basic manual setup, production deployments may benefit from:

• Private networking (e.g., VPC peering).

• Automation via Terraform or Ansible.

• Monitoring using MongoDB Ops Manager or Prometheus.