The main issue with MongoSync is it doesn’t have the ability to pass the --sslCAFile, at least in 2022 it didn’t, and in fact a lot of methods attempted to do so caused extreme slowdowns or grinded MongoDB 4.4, 5.0, and 6.0 to a halt.
No fix has been implemented, just fyi to help save you from causing a potential outage in your prod environment.
You’re better off setting up a script to sync your DBs in batches via BSON/JSON pushes as it’s safer, and you can script in anything and everything you want and set it up to automatically send the batches, or just listen to changes and send the new files. General template is at the end in the script, the middle script segment can be used to help as well, but that’s what I’d do.
Easily, you will have to modify the script a bit like is provided at the end, but you can implement replace.one for what’s changed, etc. or add new documents etc. The key part is just establishing a listener for when changes have been made, or just setting it up to just send timed batches either or.
Also, this method in tests back in August of 2022, indicated less resource strain on MongoDB’s operation.
You can also set a time/date for what changes occurred and so on, you can also create a network drive and send back-up copies of the JSON documents or BSON files to, in addition to the MongoDB instances all at the same time.
I’m a DevOps background, 12 years InfoSecDevOps before working at MongoDB for two years. These are the methods that seem safest.
The other option is to build and install an Apollo GraphQL server, and have it route data between both MongoDB instances and it’ll sync everything and manage all of it.
Apollo GraphQL Server is a huge plus though, in long-term scalability, you can stack and orchestrate data between numerous databases irrelevant of what they are.
Redis, MongoDB, MySQL, etc. All of them can be connected to Apollo, and synced together so they all have the same data whether as caches or data stores.
The single largest concern I have though, is by using MongoSync to pass CAs, in a lot of tests it either shut down connections to MongoDB, froze MongoDB, or broke MongoDB Encrypted builds. In each use case and experiment the results to test environments were catastrophic.
This is the basis of why I suggest not using MongoSync if you’re trying to launch an --sslCAFile, because it can quite literally bring your entire prod down.