Evening,

I love this request... I get these semi IaaS requests all the time.  This normally means management is frustrated or they have someone who is going to break security policy and they don't want to know...

There are lots of options it all depends on what you want to spend. 

1. vCloud director would allow you to create this whole thing except you will need to separate the lun's from your normal luns so they are not mixed loads

2. Solution like Nutanix to keep storage on it's own system

3. A hybrid solution:

* VLAN's with cidr subnetted ip's for their management, vmotion, vm traffic

* Physical different switches uplinked to the c7000 for the 10gb connections

* Use c7000 ports that are not in use so no cross c7000 traffic

* Use Fiber ports not in use and direct connect them to FC storage array taking switches out of the mix

* Add fiber switches

* Storage is hard... you could use the storage appliance but I doubt it has performance or scales like you want.. otherwise you need to share at some level I wish VSAN was out it might solve your issues

* ESXi build more nodes and virtual center

What is really comes down to is how much does your company want to spend to solve this issue and how you are currently setup. 

At the end of the day it's all requirements, cost and time.   

I normally do something like this:

* VLAN's with unique ip ranges

* Shared switches but ports on the C7000 dedicated to their traffic not shared by my stuff

* Blades allocated to them and build

* Unique virtual center with web only access

* Connection to shared storage on it's own array or raid sets

Thou I have to say we just deployed vcloud director to solve these needs and it rocks and always solves the problems.

Thanks,

J