Team Foundation Server Proxy and Source Control

Team Foundation Server Proxy is designed to boost network performance by caching copies of source control files in a remote location, local to the developer needing the files but away from the main source control location. By storing copies in the remote location, typically connected to the source location through a slower link than the local area network, the proxy helps each user avoid a costly download of the files to their workspace across the slower connection.

Instead, the Team Foundation Server Proxy generally serves client requests by returning the files from the local cache over the quicker local connection. When a file is not in the local cache, the file is downloaded by the proxy to the local cache from Team Foundation Server, before returning the files to the client.

Note

By default, a cache is also available on the application-tier server and is enabled. For more information, see How to: Change Cache Settings for an Application-Tier Server.

Basic Operation

Team Foundation Server Proxy operation can be seen from the client side and the server side. Like any Internet proxy, you configure the Team Foundation client to use the proxy, and then Team Foundation Server Proxy controls the administration of the files. As a user of Team Foundation client, you let the proxy control the downloading of files. For more information, see How to: Configure Team Foundation Source Control to use Proxy Server.

As the administrator, your first task is to set up Team Foundation Server Proxy on the server side. For more information about Team Foundation Server Proxy installation, see the Team Foundation Installation Guide located online at https://go.microsoft.com/fwlink/?linkid=40042 or the TFSInstall.chm file included with the product.

You can then configure the proxy to enable file caching by editing the Proxy.config file. For more information, see How to: Enable Source Control Caching for Team Foundation Server Proxy.

A maximum limit is set on the amount of storage space Team Foundation Server Proxy can use for caching files. When this limit is reached, old files in the cache are deleted to free some storage space so that the space can be used for caching newly requested files. Cleanup removes the files, depending on when they were last accessed. Files that have not been accessed for the longest time are deleted first.

Proxy Deployment Diagram

You can also change cache settings in the following ways:

  • Specify a different cache root folder.

  • Change the limit at which old files are removed from the cache.

  • Change the amount of space to free when old files are removed.

For more information, see How to: Change Cache Settings for Team Foundation Server Proxy.

Maintenance

You should periodically monitor and manage the cache performance of Team Foundation Server Proxy. For example, you should examine the following performance counters:

  • Current Cache Size

  • Total Cache Hits - count and percentage

  • Total Download Requests

  • Total Files in Cache

  • Total Cache Miss - count and percentage

These performance counters are registered as part of the proxy installation. The proxy performance counters are multi-instanced; meaning there is a set of counters for each application-tier that you have configured in the Proxy.config file. By collecting this data, you can better understand the performance and activity of Team Foundation Server Proxy while it is running. For more information, see How to: Examine Cache Performance for Team Foundation Server Proxy.

Security

Team Foundation Server Proxy uses a pre-authenticated ticket scheme for determining whether a requesting user is authorized to view the content of the requested file. In this scheme, the user’s client contacts the master source control server and if the user is authorized, the client is provided a digitally signed ticket that contains the details of the file being requested. The client then presents the ticket to the proxy server. This use of public/private key signatures allows the proxy to be certain that the ticket came from the server and that the user is therefore authorized to view the file. The proxy then looks into the cache to see whether it can service the request, and if not, requests the file from the server and adds it to the cache.

See Also

Tasks

How to: Configure Cache Security for Team Foundation Server Proxy
Troubleshooting Team Foundation Server Proxy

Concepts

Team Foundation Server Security Architecture