Multi-Region Architecture: Building Globally Distributed Systems

When a user in Singapore updates their profile photo, that change must propagate to databases in Frankfurt and Virginia—ideally within seconds, reliably every time, without losing any updates along the way. This isn't a network copy operation; it's a precisely coordinated dance of serialization, transmission, conflict detection, and application that occurs billions of times daily across the internet.

Data replication is the circulatory system of multi-region architecture. Without reliable replication, regions become isolated islands; with it, they become a unified global system. The quality of your replication determines your Recovery Point Objective (RPO), your consistency guarantees, and ultimately your users' experience.

This page explores the mechanisms that make cross-region data synchronization possible—from low-level replication protocols to high-level architectural patterns—giving you the knowledge to design replication strategies that meet your system's specific requirements.

At its core, database replication captures changes from a source system and applies them to one or more target systems. The mechanism for this varies by database, but the fundamental concepts are universal.

Write-Ahead Logging (WAL)

Most modern databases use Write-Ahead Logging: before any change is applied to the actual data, it's written to a sequential log. This log serves dual purposes:

1. Durability: If the system crashes, the log enables recovery
2. Replication: The log provides a stream of changes that can be shipped to replicas

For cross-region replication, this log becomes the source of truth. Changes are serialized into the log, transmitted to remote regions, and replayed against remote databases.

Log-Based vs. Statement-Based Replication

Statement-Based Replication

• Ships the actual SQL statements to replicas
• Replicas execute the same statements
• Problems: Non-deterministic functions (NOW(), RAND()), triggers, different execution plans
• Largely obsolete for cross-region replication

Log-Based (Physical) Replication

• Ships the actual data changes (row/page level)
• Replicas apply the changes directly
• Deterministic: same changes produce identical state
• Used by most production systems

Logical vs Physical Replication

Physical Replication

• Replicates exact byte-level changes
• Replicas are binary-identical to primary
• Cannot filter tables or transform data during replication
• Simpler, lower overhead
• Example: PostgreSQL streaming replication, MySQL binary log replication

Logical Replication

• Replicates at the row/column level (decoded from log)
• Replicas can have different schema, indexes, or subset of data
• Enables selective replication (specific tables/columns)
• Higher overhead due to decoding/re-encoding
• Example: PostgreSQL logical replication, MySQL row-based replication with filters

Cross-region replication typically uses:

• Physical replication for disaster recovery (exact copies)
• Logical replication for active-active (selective, conflict-aware)

The most consequential replication decision is the synchronization model: should the primary wait for replicas to acknowledge before confirming a write? This choice fundamentally shapes your system's consistency, performance, and availability characteristics.

Asynchronous Replication

The primary acknowledges writes to clients immediately after local persistence, without waiting for replica confirmation. Replicas catch up as fast as the network and their processing allows.

Client → Primary (write) → Primary (local commit) → Client (acknowledged)
                         ↓ (async, background)
                    Replica (eventually receives)

Characteristics:

• Primary performance unaffected by replica location or count
• Network issues don't block primary operations
• Replicas may be seconds to minutes behind during load spikes
• Data loss possible on failover (uncommitted changes lost)

Synchronous Replication

The primary waits for at least one replica (often configured) to acknowledge before confirming to the client.

Client → Primary (write) → Primary (local commit) → Replica (receives)
                         ← Replica (acknowledges) ← 
Client (acknowledged) ←

Characteristics:

• Every confirmed write exists on multiple machines
• Zero RPO possible (no data loss on failover)
• Write latency includes round-trip to replica
• Replica unavailability blocks primary writes

Semi-Synchronous Replication

A hybrid approach that provides durability guarantees without blocking on the slowest replica:

• Configure to wait for acknowledgment from N replicas (not all)
• If all replicas are slow, fall back to asynchronous after timeout
• Provides high durability with bounded latency

MySQL's semi-synchronous replication implements this: wait for at least one replica to acknowledge, with configurable timeout before fallback.

The Cross-Region Latency Problem

For cross-region replication, synchronous waiting imposes physics-limited penalties:

• US-East to EU-West: ~80ms RTT minimum
• US-East to AP-Northeast: ~170ms RTT minimum

Every synchronous write incurs this latency. For a database handling 1,000 writes/second, each write thread is blocked for 80-170ms. This dramatically reduces write throughput and increases application response times.

Practical Guidance:

1. Within a region: Synchronous replication to at least one local replica (for HA without failover data loss)
2. Across regions: Asynchronous replication (for DR without latency penalty)
3. For critical data: Consider synchronous cross-region for specific tables or transactions only

How replicas connect to each other—the replication topology—significantly impacts performance, failure resilience, and operational complexity.

Single-Source (Primary-Replica)

The simplest topology: one primary, multiple replicas. All writes go to the primary; replicas receive changes from the primary.

• Simple to understand and operate
• Primary failure requires failover coordination
• Replicas can be geographically distributed
• Limited by primary's ability to serve all replicas

Cascading Replication

Replicas can replicate from other replicas rather than directly from the primary. This reduces load on the primary and can optimize cross-region traffic.

Primary (US-East)
    └── Regional Replica (US-West)
            └── Local Replica (US-West AZ-1)
            └── Local Replica (US-West AZ-2)
    └── Regional Replica (EU-West)
            └── Local Replica (EU-West AZ-1)

• Primary only maintains connections to regional replicas
• Each region handles local fan-out
• Reduces cross-region bandwidth (changes traverse WAN once per region)
• Adds latency for deeply cascaded replicas

Multi-Master (Circular/Mesh)

For active-active systems, multiple primaries accept writes and replicate to each other. Two variations:

Circular Replication

• Changes flow in one direction around a ring
• Simple to configure, but single point of failure breaks the ring
• MySQL historically used this pattern

Mesh Replication

• Every primary replicates to every other primary
• More resilient (no single point of failure)
• Conflict detection/resolution required
• Higher bandwidth usage (changes sent multiple times)

Hub-and-Spoke for Global Systems

A common production pattern combines topologies:

1. Hub region: Central primary, synchronous local replicas for HA
2. Spoke regions: Asynchronous replicas for read scaling and DR
3. Per-region leaders: For sharded active-active, each region is primary for its data

This allows:

• Strong consistency within regions
• Eventual consistency across regions
• Clear ownership for writes
• Scalable reads globally

While database-native replication works between identical database systems, cross-region architectures often require more flexibility. Change Data Capture (CDC) extracts changes from databases and makes them available as streams that can be processed, transformed, and applied to various targets.

What CDC Provides Beyond Native Replication:

• Database heterogeneity: Replicate between different database systems
• Selective replication: Choose specific tables, columns, or filter by content
• Transformation: Modify data during replication (schema adaptation, enrichment)
• Multiple consumers: Feed the same changes to databases, search indexes, caches, analytics
• Decoupling: Source and target don't need direct connectivity

Popular CDC Systems:

Debezium: Open-source CDC platform built on Kafka Connect

• Captures changes from MySQL, PostgreSQL, MongoDB, SQL Server, Oracle
• Publishes to Kafka topics as structured events
• Supports exactly-once semantics with proper configuration

AWS Database Migration Service (DMS): Managed CDC for AWS

• Continuous replication between AWS database services
• Also supports on-premises to cloud migration
• Lower operational overhead, less flexibility

Striim, Attunity, GoldenGate: Enterprise CDC platforms

• Real-time streaming with transformations
• Often used for Oracle and enterprise databases

CDC Architecture for Cross-Region Sync

Region A:                    Kafka (Cross-Region):          Region B:
Database → Debezium →       Global Kafka Cluster        → Kafka Consumer → Database
                                    ↑                           ↓
                             Event Stream              Apply with conflict
                             (ordered, durable)         resolution

Key Components:

1. Source Connector: Captures changes from source database
2. Event Stream (Kafka): Durable, ordered storage for change events
3. Sink Connector: Applies changes to target databases
4. Conflict Resolver: Handles concurrent modifications (for multi-master)

Cross-Region Kafka Considerations:

For CDC to work across regions, the Kafka cluster must span regions or use cross-region replication:

• MirrorMaker 2: Replicates Kafka topics across clusters
• Confluent Cluster Linking: Commercial solution for cross-region Kafka
• Single stretched cluster: Not recommended due to latency impact on producers

Exactly-Once Semantics

CDC systems can provide exactly-once delivery with:

• Kafka transactions for atomic writes
• Sink connectors that use database transactions
• Offset management within transactions

Cross-region replication performance directly impacts RPO and user experience. Several factors affect how quickly changes propagate:

Factors Affecting Replication Lag

1. Network latency and bandwidth: Physics limits minimum propagation time; bandwidth limits throughput
2. Write volume: Heavy write loads can overwhelm replication capacity
3. Transaction size: Large transactions take longer to transmit and apply
4. Apply parallelism: Serial apply on replica creates bottleneck
5. Index maintenance: Replicas building indexes slow down apply

Optimization Strategies

Network Optimization

• Use dedicated network links for replication traffic
• Compress replication streams (most databases support this)
• Use TCP tuning for high-latency links (increased buffers)

Parallel Apply Modern databases can apply changes in parallel when changes don't conflict:

-- PostgreSQL: Parallel recovery (replicas)
max_parallel_workers = 8

-- MySQL: Parallel replication
slave_parallel_workers = 8
slave_parallel_type = LOGICAL_CLOCK

Batch and Buffer

• Group small changes into larger network packets
• Use async commit on replicas (apply multiple transactions then commit)

Measuring End-to-End Latency

Replication lag metrics from databases measure queue depth, not actual latency. To measure true end-to-end latency:

1. Heartbeat table: Write timestamps to a heartbeat table in primary
2. Read from replica: Compare heartbeat timestamp to current time
3. This measures: Network + queueing + apply time

Handling Replication Storms

Large batch operations (data migrations, bulk updates) can overwhelm replication:

• Throttle batch operations: Limit rows per transaction, add delays
• Schedule during low traffic: Off-peak hours for large changes
• Pause non-critical replicas: Reduce fan-out during storms
• Increase replica resources: Temporarily scale up apply capacity

Running cross-region replication in production requires careful operational practices beyond initial setup.

Schema Changes and Replication

Schema changes are particularly dangerous with replication:

• Non-blocking DDL: Use online schema change tools (gh-ost, pt-online-schema-change)
• Backward compatible changes: Always add before remove; nullable columns with defaults
• Coordinate timing: Apply schema changes when replication is caught up
• Test on replicas first: Some changes are replicated; others aren't

Network Failures and Recovery

When cross-region network connectivity fails:

1. Transient outages: Replication buffers on primary, catches up on recovery
2. Extended outages: Buffers exhaust; may need full resync
3. Slot retention (PostgreSQL): Configure wal_keep_size to retain logs during outages
4. Binary log retention (MySQL): expire_logs_days must exceed max expected outage

Full Resync Procedures

When replication breaks beyond recovery:

1. Stop writes if possible (or accept divergence window)
2. Take consistent backup from primary
3. Restore to replica
4. Re-establish replication from appropriate point
5. Snapshot may take hours for large databases

Security Considerations

Cross-region replication transmits your data across networks:

• Encryption in transit: TLS for all replication connections
• Authentication: Strong credentials for replication users
• Network isolation: Replication traffic on private/VPN networks
• Audit logging: Track replication access and configuration changes

Cost Management

Cross-region data transfer incurs cloud charges:

• Estimate based on write volume × regions × replication overhead
• Compression typically achieves 3-5x reduction
• Consider selective replication to reduce volume
• Monitor actual transfer costs monthly

We've explored the mechanisms that synchronize data across geographic regions. Let's consolidate the key principles:

What's Next

With data replication ensuring consistency across regions, the final piece is directing user traffic to the appropriate region. The next page explores traffic routing—DNS, global load balancers, and the strategies that ensure users reach the right region with minimal latency.