VLANs are fine. Running your whole core over one trunk into a general-purpose box gets dumb fast, because one bad config or L2 loop turns into a host-side debugging session.

Extra NICs move forwarding work into the host, and you pay for that in CPU time. If you care about isolation and wire-speed, buy a cheap managed switch instead of stuffing more NICs into the box.