We are debating whether to add Client Hyper-V or VMWare Player Pro to new Windows 10 desktops later this year and have our developers run their developer tools in a Windows 7 VM on their local desktop. For security reasons, they will not have admin rights on their local workstation which will only be used to host their VM(s) and for office work not requiring admin rights such as email, web, Microsoft Office etc.).
The developers would have admin rights on the VMs instead. The VMs would be on an isolated network VLAN and AD domain with no Internet access and no direct file transfer or network access between the VM and host. The users will do all their development and testing inside the VMs.
I have not been able to find a true virtual machine "player" that only allows using existing VMs and not creating new ones when installed on a workstation.
Client Hyper-V does not work at all unless the users have either local admin rights on the host machine or are members of the Hyper-V Administrators group which allows them unlimited configuring of VM settings which will make it pretty simple for them to get around restrictions even without admin rights on the host. VMWare Player is not just a player. It also allows creating new VMs even without admin rights.
Is there any alternative vm software that allows use of existing VMs on their local workstation, but not adding or reconfiguring VM hardware?
If that cannot be done, how can we build a highly available virtual server in Hyper-V that would have the performance needed for heavy software development, long queries and builds and debugging etc.. Many of the developers work with 10 or more applications running at the same time and have 16GB RAM on their current systems.
So, I would guess we would need 2 very powerful severs with a huge amount of RAM to run 100 high memory VMs simultaneously and some kind of virtual SAN. It will also need the disk space and I/O to handle 100 busy workstation VMs.
If there were 100 VMs, we could run 50 on each in a 2 member failover cluster. If one goes down, the other would need to be able to handle the load of all 100 without a problem. We could also do planned live migrations to do maintenance such a Windows Update reboots on the hosts. We would then need SCVMM to manage them and assign private cloud access to the users so they can access the VMs and also create/revert checkpoints on their software testing VMs.
Since we have limited money, what would be a cost effective hardware design that could make this work (server specs etc.) and what ballpark price range would we expect to pay using hardware from a manufacturer like Dell or HP etc..?
If the costs are astronomical, we would then go back to the plan of adding VMs locally on workstations and try to find ways to restrict the users from creating unauthorized VMs.