At Ignite conference you get the latest information right from the experts and the product groups. Microsoft Teams is a hot topic and some hundred attendees formed a large crowd to get in the Teams architecture session in the morning.
Bill Bliss is the Platform Architect for Microsoft Teams and a founding member of the Microsoft Teams team. So, who else could better deliver insights of the Microsoft Teams architecture than Bill himself?
So, let´s get started.
Microsoft Teams is built on Azure services, Azure AD, Office 365 Groups, Microsoft Graph, and has the same enterprise-level security, compliance, and manageability as the rest of Office 365. On a very high level, Teams consists of the following components:
“Without Azure, we could not deliver Microsoft Teams”, Bill mentioned. All components require the security, compliance and agility of the cloud platform.
Starting with the Teams client, there are a lot of technologies wrapped in the Desktop Electron app. The foundation is built in Typescript and Node.js, using frameworks such as jQuery, Lodash and Angular, while Angular will be replaced by React (which is already partly included) in future. Also, the Electron app includes native code parts, depending on the platform.
The mobile apps are developed in the platform´s native code languages, in Swift for iPhone and iPad, and Java for Android. Both architectures are optimized for agility. The following slide shows that visually.
The “middle Tier” of Teams consists of a collection of microservices. This reduces complexity and allows efficient and flexible services, optimized for evolutionary changes. Behind the front end servers, there are a couple of services used such as Identity, Configuration, Team Management, Compliance, Notifications, and Extensibility. For these services, Microsoft is using a similar “rings” system to develop, test and deploy new services when needed.
The Intelligent Communications Cloud provides basically messaging and calling and meeting functionality in many flavors, depending on the action. It leverages the Skype for Business services, handles the VOIP and PSTN calling and conference functionality and shows the presence. The “Trouter” enables devices behind firewalls to discover and communicate with each other.
From the Office 365 platform, Teams leverages the features of other Office 365 workloads, such as Exchange, Office 35 Groups, SharePoint, Stream, OneDrive for Business, Information Protection, and Power-BI for data and analytics. (Web) Applications used are OneNote, PowerApps, Planner, PowerPoint, Excel and Word. The vision of the Teams team is to be an App hub for Office 365 to bring together the best capabilities.
Azure is the core platform that Teams is built on. The Azure platform allows massive scale support, a global footprint, redundancy and disaster recovery and compliance out of the box. The following graphics shows some Azure services that are used by Teams. Azure encapsulates all complexity of the single services and does a lot of work for Teams.
Also, data at rest can be deployed to various data residencies and regions. Originally, Teams started with three regions: America, EMEA and APAC. Since then, now Canada, UK, Japan, India, and Australia have their own datacenter regions, as well as 3 US government cloud regions. Microsoft stores data at rest only within the customer´s location and they take data security very seriously.
To get an impression of the technical complexity of Teams, the following slide shows an overview of components that are required to deliver the functionality, the colors identify the type.
Messages are transported from the Teams clients to the backend services and sent to subscribed client systems. Connectors and microservices, in the graphics at the at the bottom, take care that data flows to other systems. So, for example, if a user writes a message, that message generates a thread or is added to a reply chain. The members of a chat are stored in the “Roster”. The message is passed to the services beneath and other endpoints are notified that there´s something to update or to fire a trigger.
Message synchronization is not an easy task. For example, if user A posts a message, it must be synced via chat service to user B, but if user B is already logged in at another device, but inactive, a long poll over TCP/IP is performed by the client and eventually, other subscribers must be informed. For iOS devices, a push notification is sent to via iOS Push, for Android to the Google notification system. In the background, Exchange and Information Protection can start, Search Indexes are re-populated, the Activity feed needs to update, Audit Logs are written, Aggregation services restart and so on. So, a simple message post triggers for a bunch of other services in the backend.
The following graphics shows where data at rest is stored. Version 2 of the Chat service will use moving over to Cosmos DB. Images are stored in Azure Blob storage, other files in SharePoint and OneDrive for Business, calendar item sin Exchange and so on. Just to mention, Giphys are not stored, but their URL. Other cloud storage providers can be used as well.
For telemetry, everything is recorded, but all is stripped out with random identifiers. This is part of the Office 365 promise. The same will be valid for detailed error logs is and Microsoft is very serious about data privacy and data protection.
Behind the scenes, the Teams team is optimizing various services, such as the Calendar middle tier, the Exchange Connectors to talk to various versions of Exchange, storing different metadata for Outlook and teams, sending Voice and media to the media Mixer service etc. So, a lot of actions happen on the Teams server side. When a meeting is recorded, a “call recorder bot” does the recording and sends the data to the Azure media services that does the transcoding, then a message is sent to the user with the link to notify that the recording is available in Stream.
Microsoft is also working on Teams on VDI (Virtual Desktop Infrastructure). The goal is to create a performant VDI implementation that will work seamlessly for multiple partners. Well, not everything can be remoted, for example, if a machine does not have a microphone as a VM in a server room, but the idea is to use capabilities of smart devices as far as possible. The VDI Teams version is a different client (MSI package) and it requires to run some PowerShell commands to install it. On the VDI side, partner implementations must take care of the application situations, for example a notification window that must be shown on top of the Teams client.
At the end, the compliance boundary ensures that customer data is processed within the allowed scope and in the predefined direction only. For example, you cannot send data to Teams from outside, or send emails from Teams. The last slide visualizes such data flows.
Also, Teams enables Office 365 Information Protection with all the tools such as eDiscovery, Legal Hold, Compliance content search, Retention and Audit Logs. So, the Teams architecture relies on trusted services.
Bill did a great session informing about the complexity, challenges and latest updates of Microsoft Teams. Once the session is available online, the link will be added here.
Find out more about Microsoft Teams at the following resources:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.