I wonder what the purpose of the linux firewalls is if there are already AWS security groups in place?

Seems like a lot of extra complexity to track the IPs of every EC2 instance whenever they launch/start.

Nixe article! As much as I love mongoDB, when reading articles like this I really get the urge to think about how my data might fit into riak, cassandra or elastic search.

I really dislike architectures that force the setup and monitoring of those "specialized" roles onto the user although they seem to belong to the internal protocols

The monitoring processes makes sure that each instance can talk to every other instance (firewalls, etc.). That definitely doesn't belong in a distributed database protocol.

We avoid all that headache by letting MongoHQ take care of the details, it literally reduces my work down to just making sure I have sane indexes.

I would love for someone else to take care of our headache for us :) Unfortunately, we have enough data that our service doesn't fit well within 3rd party hosting services' pricing plans -- there are other concerns with offloading such an important part of the business as well: availability, data-security, etc.

Thanks for the article.

Have you considered writing a 'control' program that you can provide a list of mongo servers, and allow the control program to configure the replica sets etc?

May help a little, it's something I would consider myself if I ever need it.

Even naming replica sets etc is a bit cumbersome.