Hello
After some help for the best way to combine environments but to maintain security. Currently have DEV and PROD env on 2 separate ESXi hosts (essentials license), but share the same SAN. The ESXi/SAN connections have different CHAPs passwords for DEV & PROD, so storage cannot be seen/used by other host.
We are looking to simplify and refresh the hosts and would like to forward a suggestion and see is this is a sensible approach or if there is a better way to do things.
Suggestion is to upgrade the license to essentials plus and replace the 2 separate hosts with a 3 node cluster with connection to the same SAN. This will allow vMotion and sharing the load more evenly across the 3 hosts.
However, we need to maintain environmental boundaries between DEV and PROD - thinking here is to use storage and network policies. Can storage policies ensure that only DEV VMs can see DEV datastores and only PROD VMs see PROD datastores? Likewise, can network policies ensure only DEV VMs can connect to DEV port groups and PROD VMs can only connect to PROD port groups?
Is this the best way to do this? Any other suggestions?
Thanks in advance.