I'm just getting re-acquainted with VMware, so pardon my likely nubile questions.
In my case, i want to isolate infrastructure VMs from development VMs. The infrastructure VMs are maintained by me, while the dev VMs are maintained by the developers. And in short, i want the devs to spin up new machines at will, but simultaneously don't want the developers to mutilate my infrastructure.
I can put my VMs on a different resource pool from the dev VMs, and i can give the devs a Developer role with certain (and ghastly complicated) permissions. Still, that only begins to solve my problem.
* How can i restrict a pool of virtual machines to only a given virtual switch? I see that i can set a resource pool to use only a maximum amount of memory or cpu but i can't find how to keep the dev machines and infrastructure machines on different networks.
* How can i restrict a set of users (a group, a role?) to access only a given datastore? My aim here is to isolate infrastructure disk space from dev disk space. Is this even a sensible requirement or is there another way to limit the total space used by the dev pool of machines?
I might be asking the very wrong questions here, and if so, i'd appreciate to be told where my mental model is unaligned with the VMware way of doing things.
I currently operate on a single machine running ESXi 6 update 1 on a Mac mini, but will scale out to another few Macs and a vSphere Essentials Kit once i get this permission and resource allocation thing sorted out. I have an eight disk Synology box serving iSCSI. So yeah, this is all very small, but small is somewhere to start.