Is it necessary to install PIM also in the CDOM (Control Domain) along with the LDOM (Local Domain) ?

Document ID : KB000124394
Last Modified Date : 11/01/2019
Show Technical Document Details
Question:
What are the differences as far as PIM is concerned regarding Solaris LDOMs and Zones
Is it necessary to install PIM / PAMSC also in the CDOM (Control Domain) along with the LDOM (Local Domain) ?
Answer:
LDOM, which is renamed as Oracle VM for SPARC, is a hypervisor based architecture.  
Unlike operating system level virtualization, hypervisor based VMs don't share a single kernel.  Each guest system (VM) on LDOM is virtually a standalone system.  
This means PIM or PAMSC will install all components, of kernel and user mode, in a guest system.  

As for CDOM, it is the first domain, called primary domain, created on LDOM and provides management services for other guest domains.  
which operate only as a service level, not at kernel level.  
From PIM or PAMSC's perspective, CDOM is just another guest system on LDOM and it is no different than the other guest systems.


In contrast, Solaris Zones is an operating system level virtualization, so all zones share a single kernel.
This is why PIM or PAMSC needs to install and run on the global zone first and all non-global zones will communicate with the kernel via the SEOS_syscall module running in the global zone.


Bottom line: keep in mind that there are two virtualization design architectures, hypervisor and OS level virtualization, in virtualization among different products.  
The key in deploying PIM or PAMSC is whether guest systems share a kernel.  If it doesn't share a kernel, a VM is no different than a physical machine.
Additional Information:
PIM Implementation in Solaris Zones
https://docops.ca.com/ca-privileged-access-manager-server-control/14-1/en/implementing/install-unix-endpoint/solaris-10-zones-implementation

CA Privileged Identity Manager Endpoint Virtualization Matrix
https://support.ca.com/us/product-content/status/compatibility-matrix/ca-privileged-identity-manager-endpoint-virtualization-matrix.html