Team Foundation Server Architecture
To analyze and plan for the optimal deployment of Visual Studio Team Foundation Server to meet your business needs, you must consider the following aspects:
the logical application, data, and client tiers for Team Foundation
the location of the physical servers that host those tiers
Team Foundation Build and the build computers that will run in your environment
Team Foundation Server Proxy
In addition, you must consider the interactions between these entities. You must know what Web services, databases, and object models are used. Also, you must know which network ports and protocols are used by default and which network ports you can customize. Finally, you must understand what permissions you must set in Team Foundation Server and the components and programs on which your deployment depends.
Besides its own services, Team Foundation Server depends on other services in order to function. For more information, see Team Foundation Server Concepts and Components of the Data Warehouse for Team Foundation. For more information about the requirements and dependencies for installation, see Installing Team Foundation Components.
Object Model
You can extend the features and functionality of Team Foundation by writing an application that is based on its server or client object model. If you want to extend the server capabilities, your application must run on the application-tier server. If you want to extend the client capabilities, your application must run on the same computer as Team Explorer.
.png "Object Models for Team Foundation")
For more information, see Extending Team Foundation.
Web Services and Databases
Team Foundation Server includes a set of Web services and databases that you install and configure separately on the server or servers that host the logical application, data, and client tiers for Team Foundation. The following illustrations provide a high-level view of Web services, applications, and databases.
.png "Server architecture diagram")
.png "Additional servers used in TFS")
.png "Client architecture diagram")
Collection-Level Services
Collection-level services provide the functionality for operations at the level of the team project collection. You can create applications that extend Team Foundation Server by using some of these services. For more information, see Extending Team Foundation.
Team Foundation Framework Services
Registry service
Registration service (for compatibility with earlier versions of Team Foundation Server)
Property Service
Event Service
Security service
Location service
Identity Management service
Version Control Web service
Work Item Tracking Web service
Team Foundation Build Web service
Lab Management Web service
VMM Administration Web service
Test Agent Controller Web service
Server-Level Services
Sever-level services (also known as application-level services) provide the functionality for operations for Team Foundation Server as a software application. You can create applications that extend Team Foundation Server by using some of these services. For more information, see Extending Team Foundation.
Team Foundation Framework Services
Registry service
Event service
Team Project Collection service
Property service
Security service
Location service
Identity Management service
Administration Service
Collection Management Service
Catalog Service
Data Tier
The logical data tier for Team Foundation consists of the following operational stores within SQL Server 2008. This tier includes data, stored procedures, and other associated logic. These operational stores might be stored all on one physical server or distributed across many servers. You can create applications that extend Team Foundation Server by using some of these operational stores. For more information, see Extending Team Foundation.
Configuration database (TFS_Configuration)
Application warehouse (TFS_Warehouse)
Analysis Services database (TFS_Analysis)
Databases for team project collections (TFS_CollectionName)
The following table provides a list of the databases that Team Foundation Server uses and where they are stored. Unless otherwise noted, you can move all databases in this list from the original server where they are installed and configured to another server.
Database Name and Description |
Server |
|---|---|
TFS_Configuration This database stores the catalog of resources and the configuration information for Team Foundation Server. This database contains the operational stores for Team Foundation Server. |
Instance of SQL Server that is used when Team Foundation Server is first installed and configured |
TFS_Warehouse This database stores the data for reports. |
Instance of SQL Server that is used when Team Foundation Server is first installed and configured |
TFS_Analysis This multi-dimensional database stores the aggregated data from team project collections. |
Instance of SQL Server that is used when Team Foundation Server is first installed and configured |
Databases for team project collections Each team project collection has its own database, where data is stored for all team projects in the collection. |
Instance of SQL Server that is compatible with Team Foundation Server. |
Client Tier
The client tier uses the same Web services that are listed for the application tier to communicate with that tier. They communicate through the object model for Team Foundation Server. Besides that model, the client tier consists of Visual Studio Industry Partners (VSIP) components, Microsoft Office integration, command-line interfaces, and a framework for check-in policies.
Configuration Information
Team Foundation Server depends on SQL Server, Internet Information Services (IIS), and the Windows operating system. Depending on your deployment, Team Foundation Server might also depend on SQL Server Reporting Services or SharePoint Products. Therefore, configuration information for Team Foundation Server can be stored in any of the following locations:
IIS data stores
Configuration files for Team Foundation Server
Data sources for Reporting Services (for example, TFSREPORTS data)
Configuration database for Team Foundation Server
Windows Registry
As you maintain a deployment of Team Foundation Server, you must take these configuration sources into account. To change the configuration in any way, you might need to modify information that is stored in multiple locations. You might also need to change configuration information for the data and client tiers. Team Foundation Server includes an administration console and several command-line utilities to help you make these changes. However, some configuration changes might require you to make some manual adjustments.
Synchronization of Group Identities Between Active Directory and Team Foundation Server
In deployments where Team Foundation Server is running in an Active Directory domain, group and identity information is synchronized when any of the following events occur:
The application-tier server for Team Foundation starts.
An Active Directory group is added to a group in Team Foundation Server.
The period of time that is specified in the scheduled job elapses. (The default is one hour, and all groups in Team Foundation Server are updated every 24 hours.)
Identity Management Services (IMS) synchronizes with Active Directory, and changed identities are propagated from the server to the clients. Depending on the synchronization schedule for the job service, changes might not be reflected across Team Foundation Server immediately. By default, all groups are updated within 24 hours, but you can customize this to better suit the needs of your deployment.
Groups and Permissions
Team Foundation Server has its own set of default groups and permissions that you can set at the project, collection, or server level. You can create custom groups and customize permissions at group and individual levels. However, users or groups that you add to Team Foundation Server are not automatically added to two components on which Team Foundation Server can depend: SharePoint Products and Reporting Services. If your deployment uses these programs, you must add users and groups to them and grant the appropriate permissions before those users or groups will function correctly across all operations in Team Foundation Server. For more information, see Add Users to Team Projects, Configuring Users, Groups, and Permissions, Managing Permissions, Roles in SharePoint Products, and SQL Server Reporting Services Roles.
Network Ports and Protocols
By default, Team Foundation Server is configured to use specific network ports and protocols. The following illustration shows network traffic for Team Foundation Server in a simple deployment.
.png "Ports and communications simple diagram")
The following illustration shows network traffic in a more complex deployment that includes the components for Visual Studio Lab Management.
.png "Ports and communications complex diagram part 1")
.png "Ports and communications complex diagram part 3")
.png "Ports and communications complex diagram part 2")
Default Network Settings
By default, communication between the computers in a deployment of Team Foundation uses the protocols and ports in the following table. If an asterisk (*) follows the port number, you can customize that port.
Tier and service |
Protocol |
Port |
|---|---|---|
Application tier – Web Services |
HTTP/HTTPS |
8080/443* |
Application tier – Windows SharePoint Services Administration |
HTTP |
17012* (if it was installed with Team Foundation Server); otherwise randomly generated |
Application tier – Windows SharePoint Services and Reporting Services |
HTTP Windows Management Instrumentation (WMI) service (required during installation to specify and verify the URLs for reporting services) |
80* Dynamic port |
Build computer – remote access from application-tier server |
SOAP over HTTP |
9191* |
Data tier |
MS-SQL TCP |
1433* |
Team Foundation Server Proxy - client to proxy |
HTTP |
8081* |
Team Foundation Server Proxy - proxy to application tier |
HTTP/HTTPS |
8080/443* |
Client tier - Reporting Services |
HTTP |
80* |
Client tier - Web services |
HTTP/HTTPS |
8080/443* |
Application tier to build controller |
SOAP over HTTP |
9191* |
Application tier to build agent |
SOAP over HTTP |
9191* |
Build controller to application tier |
HTTP/HTTPS |
8080/443 |
Build agent to application tier |
HTTP/HTTPS |
8080/443 |
Test controller to application tier |
HTTP/HTTPS |
8080/443* |
Application tier to test controller |
.NET remoting |
6901* |
Application tier to Domain Name System (DNS) |
DNS Dynamic Update |
|
Application tier – Virtual Machine Manager |
HTTP |
8100 |
Test controller to test agent |
.NET remoting |
6910* |
Test agent to test controller |
.NET remoting |
6901* |
Build controller to build agent |
SOAP over HTTP |
9191 |
Lab agent to lab agent in an isolated environment |
TCP sockets |
9050 |
Build agent to build controller |
SOAP over HTTP |
9191 |
Virtual Machine Manager Administrator Console – Virtual Machine Manager |
HTTP |
8100 |
Virtual Machine Manager– Virtual Machine Manager hosts |
Windows Remote Management (WinRM) to perform actions Background Intelligent Transfer Service (BITS) to transfer data |
80 to perform actions 443 to transfer data |
Virtual Machine Manager– Virtual Machine Manager library server |
WinRM to perform actions BITS to transfer data |
80 to perform actions 443 to transfer data |
Application tier – Virtual Machine Manager hosts |
Distributed Component Object Model/Windows Management Interface (DCOM/WMI) communication to transfer data |
135 Dynamic ports in the range 49152 to 65535. |
Client tier – Virtual Machine Manager hosts |
Host-based connection to the virtual machine. For more information about host-based connections, see How to: Connect to a Virtual Environment. |
2179 to perform host-based connections. |
Customizable Network Settings
As the previous table shows, you can change communication between the application, data, and client tiers by modifying Team Foundation Server to use custom ports. The following table describes example changes in ports from HTTP to HTTPS.
Note
To configure Team Foundation Server to use HTTPS and Secure Sockets Layer, you must not only enable ports for HTTPS network traffic but also perform many other tasks.
Service |
Protocol |
Port |
|---|---|---|
Web Services with SSL |
HTTPS |
Configured by the administrator |
SharePoint Central Administration |
HTTPS |
Configured by the administrator |
SharePoint Products |
HTTPS |
443 |
Reporting Services |
HTTPS |
443 |
Client Web Services |
HTTPS |
Configured by the administrator |
See Also
Concepts
Team Foundation Server Concepts