Kohn Pedersen Fox — Setting out to Ditch the Data Center

For most jobs, a laptop is fine. A desktop is overkill. But not for design applications like Autodesk AutoCAD & Revit, 3DS Max, and Rhino. Those call for high-performance storage, a modern multicore CPU, and a hefty graphics card for 3D rendering. Until recently, architects and designers, needed a full-fledged — and pricey — graphics workstation. It wasn’t convenient or portable. But nothing else would get the job done.

Then virtual-desktop vendors started offering GPU acceleration. A graphics workstation you could access from anywhere? CAD on a tablet? It seemed too good to be true.

And for a long time it was. At global architecture firm Kohn Pedersen Fox Associates, network manager Saif Khan implemented a leading on-premises VDI system, only to find the promise fell short of reality. Even with the boost from GPUs, users suffered slow performance and jittery graphics. The IT team constantly had to update apps and the VDI software itself, not to mention buying and maintaining additional hardware in their data centers.

VDI seemed a bit of a bust. But then KPF discovered that the cloud could make the difference between “sort of working” and “amazing.”

We recently talked to Saif Khan, network manager at global architecture firm Kohn Pedersen Fox Associates. He helped KPF implement a leading on-premises VDI system, only to find the promise fell short of reality.

Tell me a bit about KPF and your role there

We’re a global architecture firm with six offices around the world. Our headquarters are in New York, with offices in London, Shanghai, Hong Kong, Seoul, and Abu Dhabi.

We’re known for our design on supertall buildings, really high-profile projects, master planning, and interior work. We do everything from airports to educational campuses. The Abu Dhabi airport is one of our biggest projects now. When it’s complete in 2018, it will be one of the biggest airports in the world by square footage and number of flights that go through.

What drove KPF’s use of VDI?

In our industry, as you can imagine, the workloads are huge and the workstations are high-spec. To get that sort of horsepower on a server and distribute it was really challenging. So early on, we kind of ignored VDI. It didn’t make sense for us because everyone had these really high-powered workstations, and to move that to the data center didn’t make any sense.

Then, as VDI got a little better, we tried it about three years ago as a pilot with a very limited implementation, specifically for Revit, which is a collaborative BIM app where everyone works off the same file across offices. We tried VDI to fill that need, but it had its own issues and didn’t really catch on. The performance wasn’t that great. There was jitter. When moving things around it wouldn’t be as smooth. So the solution ended up being a remote tool that people could log in and use whenever they wanted to. We had that setup for a while, and people still use it. The problem is, we have limited hardware and can only support 12 users at a time.

Then we ran into Nutanix, and by that point we were much more into the cloud. We had started using Panzura for file sharing and had migrated as much of our infrastructure to the cloud as possible. We have a Panzura controller (cloud gateway), which sits in every office and connects to an S3 bucket in AWS. Panzura manages it as a single file system everyone can see and work off.

Overall, we wanted to minimize the amount we spent buying and maintaining new hardware. Moving our VDI workload to the cloud seemed like a natural step.

Another reason this was a hot topic for us, was that we were about to buy more VDI servers in New York, Asia, and London, and were going to have all these additional infrastructure costs. Then Xi Frame came along, and we said, “Why even bother, when we’re moving our data into the cloud and it makes sense to move our compute to the cloud as well?”

Disaster recovery was another driver. We had a snowstorm this past winter and other outages where people were trying to work from home and couldn’t because we could only support 12 concurrent users. Our board wanted us to elaborate or expand our remote capabilities, so Xi Frame fit into that as well.

We have 350 people in the New York office. We were ready to drop some money to buy more VDI servers and get another 12 sessions, but it just didn’t make sense when we could use Xi Frame and pay as we use the service, and have as many sessions as we want, instead of having all this infrastructure sitting here going to waste because it’s not being used.

And then, honestly, seeing Xi Frame was amazing. Just the performance, the refresh rate, the ability to smoothly move things around the screen. I remember sitting in front of it, saying to my boss, “You have to try this.”

Our on-premises VDI systems are already outdated — the graphics processors, even the CPUs — and it’s only been two years. We had started throwing more horsepower at this stuff because that’s the only thing you can do.The HDX tech the on-prem system uses hasn’t really evolved. No matter how much power you put in the back, that’s all you get.

When you compare it with Nutanix, you can easily see the difference in how the on-prem system lags and stutters.

Who at KPF gets access to VDI?

Everybody. The majority of time people use their own desktops, so VDI is mostly for when they’re away from the office.

How important is remote access?

Very important. A lot of our people use Xi Frame when they’re onsite or at a client’s office or other times when they’re traveling. It’s very important they be able to get to their applications and data. They can either run apps natively on laptops, or if that’s not available, they have the option to go to Xi Frame and use them that way.

Are small offices another use case for you?

For sure. When we open a new office, traditionally the first thing we do is set up a WAN and start sharing things that way. But in theory, with Xi Frame, all we need is a browser and a good internet connection. So that’s definitely something we would try in the future. Overall, working with the cloud, we’re focused on getting better internet connections and reducing our WAN usage, so Xi Frame fits into that model well.

Did security considerations influence your use of VDI?

It was definitely a factor. With any sort of VDI setup, you don’t have to worry about security as much. Everything is saved behind the firewall, and users come into the sessions over a secure connection. With Xi Frame it’s even better in the sense that the machines are ephemeral, and once you log off they don’t exist anymore so it’s even more secure. That was definitely a plus point.

What services have you plugged into Xi Frame?

We have single sign on through Azure AD, so people use their username and password to log into Xi Frame and that works great. We use Office 365, so our identity is already running in Azure. We’ve connected all our storage in Panzura. And we did a bit of a network integration so the Panzura controllers in the cloud could talk to our on-prem controllers. Also all licensing for the apps in Xi Frame happens here in New York for North American users. We have a network license server that feeds into systems running in the cloud.

How does managing Xi Frame compare with on-premises VDI?

Basically it involves a lot of updates and tweaking that we don’t do anymore. With our on-prem system we have to update the VDI software and applications on every single machine we have. With Xi Frame we just install whatever we’re installing on the main image and hit publish, and it pushes the app out.

The 12-session limitation with our on-prem VDI was a huge drawback for us as well. If people forget to log off or don’t the close session properly when they log into the on-prem environment from home, you have to close the session so someone else can get on. That’s something we deal with because we have a small VDI environment, but now this is no longer an issue with Frame. We can scale out to 1,000+ instances if we need to.

What’s next for desktop virtualization at KPF?

We plan on setting up Xi Frame for our other offices in the near future. The great thing about being in the cloud is the ability to chose the nearest data center based on office location and being able to easily replicate the current setup.