On Cloud Computing, Integration Technology, Mobility, RFID, ERP etc...
Sr, Program Manager at Microsoft and MBA from UNC Chapel Hill.My small world includes my beautiful wife Swati and our awesome twin boyz Arni and Abhi.
Note: This post is relevant only to Dual server configurations of TFS.
Many customers have asked me if TFS Setup account needs to be Administrator on TFS Data Tier. For Orcas the answer is "NO". Let me provide some details on this topic.
In VS 2005 we had a DT SKU that was installed on DT machine. Therefore you had to be administrator to install the DT SKU. Based on tons of feedback we got from our customers we removed that SKU in Orcas and now you just have 1 SKU or installer for both single server and dual server setup. The advantage is you do not need to be administrator to install TFS in dual server environment. You still need to be a SQL Administrator so we can create TFS databases.
Following are tasks we perform as TFS Setup on the Data Tier machine.
Hope this provides some more understanding around TFS Setup account.
As I mentioned earlier we now support running TFS service as network service. The primary advantage of using network service is, you don't have to worry about managing the password for the account. If you are using VS 2005 TFS running under domain account and want to move to Orcas with TFS Service running under Network Service following are the steps.
Steps to upgrade TFS 2005 with Domain account to Orcas with Network Service
Now you should have your Orcas environment up and running with Network Service.
Please give us your feedback. Is this good enough solution or do you want us to improve this experience.
Orcas supports Named Instances of SQL Server. In VS 2005 we only supported default instance of SQL Server this was a major pain point for customers using SQL farms. We fixed this in Orcas and now you can use named instances of SQL. This post is about how to upgrade from VS 2005 TFS using default instance to Orcas using Named Instances.
As I mentioned in my last post related to Upgrade. We want you to make sure you have a working Whidbey before trying to upgrade to Orcas. We don't want you to change the configuration of the server.
The steps to upgrade are as follows.
Now you should have your TFS configuration ready to go. You can also refer to Renaming TFS Server topic.
Please read http://blogs.msdn.com/sudhir/archive/2007/08/03/upgrade-tfs-2005-with-wss2-0-to-tfs-2008-orcas-with-existing-wss3-0-farm.aspx if you want to upgrade to existing WSS3.0 farm.
This topic is very similar to the previous topic(http://blogs.msdn.com/sudhir/archive/2007/05/31/upgrade-2005-with-wss2-0-to-orcas-wss3-0.aspx). The primary difference is how will you move to WSS3.0 on remote machine.
The steps remain same. In short
One major scenario for most of our customers who are using Visual Studio 2005 Team Foundation Server is moving to Orcas and leveraging the new features around WSS3.0. The upgrade path to this is very simple and straight forward. This post is focused on performing in-place upgrade of WSS. That means you upgrade WSS2.0 to WSS3.0 on the TFS server itself.
Note: You can use TFSAdminUtil to update all the different URL's for WSS. Following is the syntax for updating all WSS related attributes in TFS.
Hope this post is helpful. Please let me know your experiences.
We have put in a lot of effort on getting our Upgrade experience right. It is not perfect but I think it is great. This post is first in the series of posts around upgrade. You can have so many scenarios around upgrade; I will take one scenario at a time to provide more details. For now let's talk about basic upgrade from VS 2005 TFS to Orcas Beta 2 or higher. The experience for you should is same as new setup. Our upgrade is completely integrated into setup. Setup will ask for your database server name. We probe the database server to check if it is a existing database from VS 2005. If it is we upgrade it to Orcas. You can either have VS2005 RTM or SP1 version.
We also realized some customers may uninstall VS2005 before running Setup for Orcas and therefore we have made sure the Orcas setup can handle that scenario. Following are few pre-requisites for upgrade to work flawlessly.
Having spoken about limitation now let's talk about some key scenarios you all will be interested in. You all want to use the new features provided in Orcas. How do you get your VS 2005 TFS Server to run with all the new features of Orcas TFS? Following are the major scenarios
I will try to explain each of these scenarios in next few posts. The key here is the standard upgrade will only upgrade you from VS 2005 TFS with WSS2.0 to Orcas TFS with WSS2.0. We have to perform some extra steps to achieve above 4 scenarios. It is not difficult but just few more steps.
You should see additional posts soon…
After V1.0 we got a lot of feedback around SharePoint. Following are few things we heard a lot
We heard you all. We fixed these 2 major issues for you. Orcas Beta 2 installer will have support for WSS 3.0. Following are few things we support.
Orcas Setup will ask your preference on WSS page and you can choose one option, either install or use exiting WSS. We really did not want to tell you how to configure your WSS environment and therefore we are not going to document the provisioning steps for WSS on TFS MSDN site. Finally who are we to tell you how to setup and configure your environment? Having said that I can share with you the steps we follow to provision our test WSS environments. These are scripts which we use to provision WSS for internal testing of TFS installer.
This is not guidance just a sample of what we do…
Provisioning of WSS3.0
Provisioning of WSS2.0
Hopefully this information is useful. Please let me know if you need any additional information.
Lot of customers wanted us to support network service as the service account for TFS. Some people said it was not secure enough and therefore we should not support it. The challenge we face is balancing between simplicity vs. security. Lot of customers feel Network service is pretty safe and is better because it need less maintenance. You can secure the environment using other techniques and having domain accounts for every service is too cumbersome. Following is a link to a security guidance document I found on MSDN. The document is very well written and provides very valuable information. Following is the explanation around Network service account from the document
Network Service account
The Network Service account is a special built-in account that has reduced privileges similar to an authenticated user account. This limited access helps safeguard the computer if an attacker compromises individual services or processes. A service that runs as the Network Service account accesses network resources using the credentials of the computer account in the same manner as a Local System service does. The actual name of the account is NT AUTHORITY\NetworkService, and it does not have a password that an administrator needs to manage.
Having given you the background let me hash out what we support in Orcas. In Orcas we accept 3 different accounts while setting up TFS.
We only support running TFS Service as Network Service. You cannot use network service for Reporting data sources or WSS services. The reason in both cases is security. In case of reporting data sources if you use network service suddenly every report will have access to all the data in SQL Server and therefore it is a huge risk. Similarly WSS does not allow you to use network service.
You atleast don't have to worry about changing TFS service account password every few months. J
Note: You can use the same domain account for TFS Service, Reporting data sources and WSS installation.
In Orcas you can also install TFS on ports other than 8080. Again you will have to specify the port in MSIProperty.ini file. You still cannot use a port number that is already in use. We also don't try to merge sites for you. We do expect you to have a dedicated port for TFS.
Following are steps you can take to install TFS on non default(8080) port.
At the end of setup you should have TFS server up and running on non 8080 port. You may have to open the NewPortNumber in your firewall to make things work.
Orcas Beta2 release of Team Foundation Server will enable support for Analysis server flexibility. Many customers want to install SQL Analysis services on a different machine than SQL Database Services. One primary reason is load balancing. We have enabled this scenario in Orcas. The experience is not very great but the solution works. We will improve the experience going forward in next release.
To setup TFS with Analysis services on different machine than the SQL Database services you need the AS machine name(ASMachineName) and SQL Instance Name(ASInstanceName). If you want to avoid taking dependency on SQL Browser service you require the Port(ASPortNumber) on which AS is running.
Steps to install Orcas with AS Flexibility:
Next Run TFS Setup
Feature List for Orcas
Analysis services flexibility: It is possible for customers to move Analysis services to different box than TFS DT machine.
Few days back I wrote a post about using SQL Named instances with TFS Orcas Beta 2 release. Link: http://blogs.msdn.com/sudhir/archive/2007/04/23/sql-named-instance-support.aspx.
Some corporations do not want to keep SQL browser service running for security reasons. SQL browser service is responsible for mapping DBServerName/InstanceName into a specific server and port number. If you want to stop SQL browser service you need to run all the services on fixed ports and then install TFS with these specific ports. If you want to install TFS in such environment you will have to take few extra steps than normal.
Before we get into the actual process let me give you a bit more background. TFS uses both SQL Database Services and Analysis service. Both these run on different ports. When we use named instance with SQL browser service the service can map the name of instance to correct ports for both database service and analysis service. When you decide not to run browser service you need to give us all the ports. These ports are specific to the SQL instance you want to use. Therefore before you begin you need to gather following information
Steps to follow:
Note: Please note the separator is different in both cases.
This should setup your TFS without any dependency on SQL Browser service. Please give us your feedback on this.
My interview with Brian Keller has been published on Channel 9. The interview was around enhancements in Orcas around Setup/Admin/Ops. If you want to know how Orcas solves your Administrative pain point please watch the video and give me feedback. Thanks.
Orcas Beta2 will support using SQL Named instance on data tier of TFS. This was a key feature requested by lot of customers and we were able to add it in Orcas Beta2. For some of you who are going to try out Beta1 you will have to wait for Beta2 to see this feature.
It is very easy to setup TFS with named instance just enter dbname/instancename when the setup requests for database name. This does require you to have SQL browser service running in your environment. This feature will enable you to use an existing SQL Farms for TFS now.
Next Post I will tell you how to avoid dependency on SQL Browser service.
Yesterday we announced acquisition of Team Plain. This is really a great move by us. I have seen Team Plain and I feel it is a key component in increasing reach of TFS in non development community. Having a web access to all the major features especially the Work Item tracking system is key to success. I don't think we can accept any non developer to install and use Visual Studio. This is a great move by us.
You can read more at Brian's Blog or MSDN
Today I gave a talk at Dev Connections conference in Orlando at 9:45am. The topic of the talk was "Visual Studio 2005 Team Foundation Server Planning and Deployment".
Link to Presentation: Dev Connection Presentation
The Visual Studio "Orcas" March CTP is available and now contains TFS. In this, you will find the majority of the feature work we plan to do for our Orcas release. I appreciate those of you who can look it over and give us feedback. Use http://connect.microsoft.com to give us the feedback (or, if you want, you can comment on this post and I will forward it but Connect is better). This CTP is being released as both a Virtual PC (VPC) image and Installable Bits for both VSTS and TFS.
If you wish to use the Virtual PC image, you will need Virtual PC or Virtual Server to run this image. You can use Virtual PC 2004 or Virtual PC 2007 (2007 required to run the VPC on Windows Vista). If you wish to use the self-extracting install, we advise that you do not install this on a production machine. If you have Vista as the OS on your box, please only download the VPC. In either case, depending on your hardware the download files make take between 30-60 minutes to decompress.
Use the following links for step-by-step instructions on installing and using the VPC images or installable bits, links to the ReadMe and provide feedback.
See Readme document for important notices and information about the CTP.
Here is some detail on the new stuff you will find in Team System.
Team Foundation Server
James has tagged me and at mid night on Sunday with nothing to do I thought I will put down few random thoughts. J
I had written in my previous post about having a high level topic that brings together all the information related to disaster recovery and reliability. Brain has written a great post which brings all of it together.
Please let us know your feedback on the same. Do you need any additional information which will be helpful in making your TFS environment more reliable?
Let's continue our discussion around Failover options in TFS. We already spoke about Backup/Restore, SQL Mirroring or SQL Clustering. One more option available is SQL Log Shipping. Log Shipping is very close to Mirroring. The only difference is Mirroring is almost real-time synchronization of databases whereas Log shipping is time delayed synchronization. In short you can synchronize the databases every X minutes. This helps when the geographic locations of primary and secondary servers are far apart for e.g. if you want to have Primary server in US and Secondary backup server in Asia. You do not want to do mirroring in this case, as it may slow down the primary server.
Caution: This is not an officially supported configuration. I have tried it and it works fine. Please test this on your test environments before trying it in production.
Terminology: Primary Server – Main TFS Data Tier, Secondary Server – Backup Data tier Server
Before you begin you should have installed SQL Server 2005 on secondary server. Following are the steps to setup Log Shipping for TFS
Configure Log shipping
Note: You should configure the transaction log shipping schedule (step 6.c) for all databases at same time. For e.g. all of them can run after every 1 hour starting 7:00PM 01/01/2007. This is crucial to keep the databases in sync.
Failover to the secondary Database
Important: To failover to the secondary server we have to failover all the databases at the same time.
Restore database <TFSDBName> with Recovery
cd Microsoft Visual Studio 2005 Team Foundation Server\Tools
TFSAdminUtil RenameDT <SecondaryServer>
TFS Databases: ReportServer, ReportServerTempDB, STS_Config_TFS, STS_Content_TFS, TfsBuild, TfsIntegration, TfsVersionControl, TfsWarehouse, TfsWorkItemTracking, TfsWorkItemTrackingAttachments, TfsActivityLogging
Note: We are working on officially supporting this configuration. I will keep you all updated
Please let me know if you tried using these steps and found them useful.
TFS SP1 has support for Basic (or digest) authentication with TFS via an ISAPI filter. This could be used for clients connecting to TFS over the internet. James Manning has a detailed post on this topic.
Join members of the Visual Studio Team System product group to discuss features available in Visual Studio Team Foundation Server, Team Editions for Architects, Developers, Database Pros, and Testers. In addition, discuss what's new in the latest Community Technology Preview (CTP).
Join the chat on Wednesday, November 8th, 2006 from 10:00am - 11:00am Pacific Time.
Add to Calendar
Additional Time Zones
As I mentioned in my last post we are working on documentation on how to use SQL Mirroring with TFS. We have the draft white paper published today at http://blogs.msdn.com/vstsue/archive/2006/11/03/mirroring-the-team-foundation-data-tier-server.aspx.
Please let us know if you have any questions on the content in the paper.
Failover is a big concern for everyone using Team Foundation Server. What happens if the server hosting Data Tier of Team Foundation Server crashes? How can we get the whole system back up and running in least amount of time? There are various solutions to this problem. Traditionally we have recommended using Clustering for maximum availability. Clustering is a great solution, as it provides automatic failover that is transparent to end users. Another option is to use backup and restore mechanism of SQL Server. In this case users can take combination of Full and incremental backup of the Data Tier and if there is a failover of primary server you can easily recover the TFS Data Tier using the backed up data. This could be a very time consuming process.
Clustering provides automatic failover; Backup/restore provides long lead time recovering of server. SQL Mirroring can be used as a solution in between both of these options. SQL Mirroring provides warm standby but TFS does not support automatic failover with mirroring. Few manual steps need to be executed when the primary server fails with mirroring in TFS. We are working on a White paper to provide detailed steps on using SQL Mirroring for failover scenarios in TFS. We should have it ready within few weeks for everyone to use. Till then following are the high level steps required to use mirroring.
The process of configuring a VSTF deployment for mirroring can be defined in following steps
More detailed Mirroring steps should be up on MSDN in next few weeks. I will keep all of you updated when that happens.
Its been two months since I joined Microsoft. These two months have been hectic, lots to learn, lots to understand and lot more to catch up. I have learnt a lot in every area from technology to process to management in this short period of time. The most important point I have noticed is, management’s commitment to customer satisfaction. Customer Focus is one theme that drives product designs and development at Microsoft. We have processes in place which help us take constant feedback from customers. One way of doing that is through blogs.
Looking at this level of customer focus across the organization I want to do my part. Here are two commitments from me to all our customers
I have been spending lot of time trying to catch up with all the functionality and understanding philosophy behind TFS. I still don’t know everything, but now I know people who know everything. So if you guys want to know anything about TFS in general and Admin/Ops in specific please please please feel free to shoot an email or leave a comment. I promise I will get back to you ASAP.