oracle
diff --git a/‎docs-source/content/idm-products/oam/configure-ingress/_index.md‎
Lines changed: 360 additions & 145 deletions b/‎docs-source/content/idm-products/oam/configure-ingress/_index.md‎
Lines changed: 360 additions & 145 deletions
diff --git a/‎docs-source/content/idm-products/oam/create-oam-domains/create-oam-domains-using-wdt-models.md‎
Lines changed: 7 additions & 7 deletions b/‎docs-source/content/idm-products/oam/create-oam-domains/create-oam-domains-using-wdt-models.md‎
Lines changed: 7 additions & 7 deletions
diff --git a/‎docs-source/content/idm-products/oam/create-oam-domains/create-oam-domains-using-wlst.md‎
Lines changed: 3 additions & 3 deletions b/‎docs-source/content/idm-products/oam/create-oam-domains/create-oam-domains-using-wlst.md‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎docs-source/content/idm-products/oam/introduction/_index.md‎
Lines changed: 5 additions & 1 deletion b/‎docs-source/content/idm-products/oam/introduction/_index.md‎
Lines changed: 5 additions & 1 deletion
diff --git a/‎docs-source/content/idm-products/oam/patch-and-upgrade/upgrade-an-ingress.md‎
Lines changed: 3 additions & 4 deletions b/‎docs-source/content/idm-products/oam/patch-and-upgrade/upgrade-an-ingress.md‎
Lines changed: 3 additions & 4 deletions
diff --git a/‎docs-source/content/idm-products/oam/prepare-your-environment/_index.md‎
Lines changed: 3 additions & 3 deletions b/‎docs-source/content/idm-products/oam/prepare-your-environment/_index.md‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎docs-source/content/idm-products/oam/release-notes/_index.md‎
Lines changed: 17 additions & 1 deletion b/‎docs-source/content/idm-products/oam/release-notes/_index.md‎
Lines changed: 17 additions & 1 deletion
diff --git a/‎docs-source/content/idm-products/oam/troubleshooting/_index.md‎
Lines changed: 1 addition & 1 deletion b/‎docs-source/content/idm-products/oam/troubleshooting/_index.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs-source/content/idm-products/oam/validate-domain-urls/_index.md‎
Lines changed: 6 additions & 8 deletions b/‎docs-source/content/idm-products/oam/validate-domain-urls/_index.md‎
Lines changed: 6 additions & 8 deletions
@@ -313,7 +313,7 @@ In this section you generate the required WDT models for the OAM domain, along w
 	```
    domainUID: accessdomain
    domainHome: /u01/oracle/user_projects/domains/accessdomain
-   image: container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<July'24>
+   image: container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<October'24>
    imagePullSecretName: orclcred
    logHome: /u01/oracle/user_projects/domains/logs/accessdomain
    namespace: oamns
@@ -389,7 +389,7 @@ In this section you generate the required WDT models for the OAM domain, along w
    export datasourceType="generic"
    export edgInstall="false"
    export domainHome="/u01/oracle/user_projects/domains/accessdomain"
-   export image="container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<July'24>"
+   export image="container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<October'24>"
    export imagePullSecretName="orclcred"
    export logHome="/u01/oracle/user_projects/domains/logs/accessdomain"
    export exposeAdminT3Channel="false"
@@ -753,7 +753,7 @@ In this section you modify the `domain.yaml` file in preparation for creating th
      domainHomeSourceType: PersistentVolume
 
      # The WebLogic Server image that the Operator uses to start the domain
-     image: "container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<July'24>"
+     image: "container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<October'24>"
 
      # imagePullPolicy defaults to "Always" if image version is :latest
      imagePullPolicy: IfNotPresent
@@ -791,7 +791,7 @@ In this section you modify the `domain.yaml` file in preparation for creating th
      domainHomeSourceType: PersistentVolume
    
      # The WebLogic Server image that the Operator uses to start the domain
-     image: "container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<July'24>"
+     image: "container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<October'24>"
    
      # imagePullPolicy defaults to "Always" if image version is :latest
      imagePullPolicy: IfNotPresent
@@ -833,7 +833,7 @@ In this section you modify the `domain.yaml` file in preparation for creating th
          #DO NOT CHANGE THE NAME OF THIS INIT CONTAINER
          - name: compat-connector-init
            # OAM Product image, same as spec.image mentioned above
-           image: "container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<July'24>"
+           image: "container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<October'24>"
            imagePullPolicy: IfNotPresent
            command: [ "/bin/bash", "-c", "mkdir -p  /u01/oracle/user_projects/domains/wdt-logs"]
            volumeMounts:
@@ -1283,7 +1283,7 @@ In this section you deploy the OAM domain using the `domain.yaml`.
 	  Failure Retry Interval Seconds:  120
 	  Failure Retry Limit Minutes:     1440
 	  Http Access Log In Log Home:     true
-	  Image:                           container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<July'24>
+	  Image:                           container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<October'24>
 	  Image Pull Policy:               IfNotPresent
 	  Image Pull Secrets:
 		Name:                             orclcred
@@ -1308,7 +1308,7 @@ In this section you deploy the OAM domain using the `domain.yaml`.
 			/bin/bash
 			-c
 			mkdir -p  /u01/oracle/user_projects/domains/wdt-logs
-		  Image:              container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<July'24>
+		  Image:              container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<October'24>
 		  Image Pull Policy:  IfNotPresent
 		  Name:               compat-connector-init
 		  Volume Mounts:
 
@@ -65,7 +65,7 @@ The sample scripts for Oracle Access Management domain deployment are available
    ```bash   
    domainUID: accessdomain
    domainHome: /u01/oracle/user_projects/domains/accessdomain
-   image: container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<July'24>
+   image: container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<October'24>
    imagePullSecretName: orclcred
    weblogicCredentialsSecretName: accessdomain-credentials
    logHome: /u01/oracle/user_projects/domains/logs/accessdomain
@@ -164,7 +164,7 @@ generated artifacts:
    export initialManagedServerReplicas="2"
    export managedServerNameBase="oam_server"
    export managedServerPort="14100"
-   export image="container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<July'24>"
+   export image="container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<October'24>"
    export imagePullPolicy="IfNotPresent"
    export imagePullSecretName="orclcred"
    export productionModeEnabled="true"
@@ -552,7 +552,7 @@ By default, the java memory parameters assigned to the oam_server cluster are ve
      Failure Retry Interval Seconds:  120
      Failure Retry Limit Minutes:     1440
      Http Access Log In Log Home:     true
-     Image:                           container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<July'24>
+     Image:                           container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<October'24>
      Image Pull Policy:               IfNotPresent
      Image Pull Secrets:
        Name:                           orclcred
 
@@ -37,7 +37,7 @@ The main benefits of WDT are:
 
 ### Current production release
 
-The current production release for the Oracle Access Management domain deployment on Kubernetes is [24.3.1](https://github.com/oracle/fmw-kubernetes/releases). This release uses the WebLogic Kubernetes Operator version 4.1.8.
+The current production release for the Oracle Access Management domain deployment on Kubernetes is [24.4.1](https://github.com/oracle/fmw-kubernetes/releases). This release uses the WebLogic Kubernetes Operator version 4.1.8.
 
 For 4.0.X WebLogic Kubernetes Operator refer to [Version 23.3.1](https://oracle.github.io/fmw-kubernetes/23.3.1/idm-products/oam/)
 
@@ -64,11 +64,15 @@ Please note, you also have the option to follow the Enterprise Deployment Guide
    + Automate the deployment of Oracle Identity Management products on any compliant Kubernetes cluster.
 
 
+### Considerations for deploying OAM and OHS on Kubernetes
+
+If you intend to use Oracle HTTP Server (OHS) and Oracle WebGate, and want to deploy OHS on Kubernetes, you must read and understand the [Supported Architectures](../../../ohs/introduction/#supported-architectures) in the [Oracle HTTP Server on Kubernetes](../../../ohs) documentation before continuing. 
 
 ### Documentation for earlier releases
 
 To view documentation for an earlier release, see:
 
+* [Version 24.3.1](https://oracle.github.io/fmw-kubernetes/24.3.1/idm-products/oam/)
 * [Version 24.2.1](https://oracle.github.io/fmw-kubernetes/24.2.1/idm-products/oam/)
 * [Version 24.1.1](https://oracle.github.io/fmw-kubernetes/24.1.1/idm-products/oam/)
 * [Version 23.4.2](https://oracle.github.io/fmw-kubernetes/23.4.2/idm-products/oam/)
 
@@ -65,14 +65,14 @@ To upgrade the existing ingress rules, follow the steps below:
    oam-nginx       oamns           1               <DATE>      deployed        ingress-per-domain-0.1.0    1.0
    ```
 
-1. Edit the `$WORKDIR/kubernetes/charts/ingress-per-domain/values.yaml` and change the `domainUID` parameter to match your domainUID, for example `domainUID: accessdomain`. For example:
+1. Edit the `$WORKDIR/kubernetes/charts/ingress-per-domain/values.yaml` and change the parameters to the same as you had when you initially configured the ingress. See [Prepare the values.yaml for the ingress](../../configure-ingress/#prepare-the-values.yaml-for-the-ingress). For example:
 
    ```
    # Load balancer type. Supported values are: NGINX
    type: NGINX
 
    # SSL configuration Type. Supported Values are : NONSSL,SSL
-   sslType: SSL
+   sslType: NONSSL
 
    # domainType. Supported values are: oam
    domainType: oam
@@ -162,8 +162,7 @@ To upgrade the existing ingress rules, follow the steps below:
                  /oam/services/rest/access/api   accessdomain-cluster-oam-cluster:14100 (10.244.1.225:14100)
                  /access                         accessdomain-cluster-policy-cluster:15100 (10.244.1.226:15100)
                  /                               accessdomain-cluster-oam-cluster:14100 (10.244.1.225:14100)
-   Annotations:  kubernetes.io/ingress.class: nginx
-                 meta.helm.sh/release-name: oam-nginx
+   Annotations:  meta.helm.sh/release-name: oam-nginx
                  meta.helm.sh/release-namespace: oamns
                  nginx.ingress.kubernetes.io/configuration-snippet:
                    more_clear_input_headers "WL-Proxy-Client-IP" "WL-Proxy-SSL";
 
@@ -69,7 +69,7 @@ The OAM Kubernetes deployment requires access to an OAM container image. The ima
 #### Prebuilt OAM container image
 
 
-The prebuilt OAM July 2024 container image can be downloaded from [Oracle Container Registry](https://container-registry.oracle.com). This image is prebuilt by Oracle and includes Oracle Access Management 12.2.1.4.0, the July Patch Set Update (PSU) and other fixes released with the Critical Patch Update (CPU) program.
+The prebuilt OAM October 2024 container image can be downloaded from [Oracle Container Registry](https://container-registry.oracle.com). This image is prebuilt by Oracle and includes Oracle Access Management 12.2.1.4.0, the October Patch Set Update (PSU) and other fixes released with the Critical Patch Update (CPU) program.
 
 **Note**: Before using this image you must login to [Oracle Container Registry](https://container-registry.oracle.com), navigate to `Middleware` > `oam_cpu` and accept the license agreement.
 
@@ -426,7 +426,7 @@ Before following the steps in this section, make sure that the database and list
    For example:
 
    ```bash
-   $ kubectl run --image=container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<July'24> --image-pull-policy="IfNotPresent" --overrides='{"apiVersion": "v1","spec":{"imagePullSecrets": [{"name": "orclcred"}]}}' helper -n oamns -- sleep infinity
+   $ kubectl run --image=container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<October'24> --image-pull-policy="IfNotPresent" --overrides='{"apiVersion": "v1","spec":{"imagePullSecrets": [{"name": "orclcred"}]}}' helper -n oamns -- sleep infinity
    ```
    
    If you are not using a container registry and have loaded the image on each of the master and worker nodes, run the following command:
@@ -438,7 +438,7 @@ Before following the steps in this section, make sure that the database and list
    For example:
    
    ```bash
-   $ kubectl run helper --image oracle/oam:12.2.1.4-jdk8-ol8-<July'24> -n oamns -- sleep infinity
+   $ kubectl run helper --image oracle/oam:12.2.1.4-jdk8-ol8-<October'24> -n oamns -- sleep infinity
    ```
 
    The output will look similar to the following:
 
@@ -10,10 +10,26 @@ Review the latest changes and known issues for Oracle Access Management on Kuber
 
 | Date | Version | Change |
 | --- | --- | --- |
+| October, 2024 | 24.4.1 | Supports Oracle Access Management 12.2.1.4 domain deployment using the October 2024 container image which contains the October Patch Set Update (PSU) and other fixes released with the Critical Patch Update (CPU) program.|
+| | | This release contains the following changes:
+| | | + Ingress now uses ingressClassName instead of the deprecated kubernetes.io/ingress.class. See, [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/#deprecated-annotation).|
+| | | If upgrading to October 24 (24.4.1) from April 24 (24.2.1) or later, you must upgrade the following in order:
+| | | 1. Patch the OAM container image to October 24|
+| | | 2. If you are upgrading to Kubernetes 1.29 or later, you must upgrade the ingress. See [Upgrading the ingress](../patch-and-upgrade/upgrade-an-ingress).
+| | | If upgrading to October 24 (24.4.1) from October 22 (22.4.1) or later, you must upgrade the following in order:
+| | | 1. WebLogic Kubernetes Operator to 4.1.8|
+| | | 2. Patch the OAM container image to October 24|
+| | | 3. If you are upgrading to Kubernetes 1.29 or later, you must upgrade the ingress. See [Upgrading the ingress](../patch-and-upgrade/upgrade-an-ingress).
+| | | If upgrading to October 24 (24.4.1) from a release prior to October 22 (22.4.1), you must upgrade the following in order:
+| | | 1. WebLogic Kubernetes Operator to 4.1.8|
+| | | 2. Patch the OAM container image to October 24|
+| | | 3. Upgrade the Ingress|
+| | | 4. Upgrade Elasticsearch and Kibana|
+| | | See [Patch and Upgrade](../patch-and-upgrade) for these instructions.
 | July, 2024 | 24.3.1 | Supports Oracle Access Management 12.2.1.4 domain deployment using the July 2024 container image which contains the July Patch Set Update (PSU) and other fixes released with the Critical Patch Update (CPU) program.|
 | | | This release contains no changes other than support for the July Patch Set Update.
 | | | If upgrading to July 24 (24.3.1) from April 24 (24.2.1), you must upgrade the following in order:
-| | | 1. Patch the OAM container image to July 24|
+| | | 1. Patch the OAM container image to January 24|
 | | | If upgrading to July 24 (24.3.1) from October 22 (22.4.1) or later, you must upgrade the following in order:
 | | | 1. WebLogic Kubernetes Operator to 4.1.8|
 | | | 2. Patch the OAM container image to July 24|
 
@@ -94,7 +94,7 @@ If the domain creation fails while creating domain resources using the `domain.y
    a. Create a helper pod:
 
    ```
-	kubectl run --image=container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<July`24> --image-pull-policy="IfNotPresent" --overrides='{"apiVersion": "v1","spec":{"imagePullSecrets": [{"name": "orclcred"}]}}' helper -n oamns -- sleep infinity
+	kubectl run --image=container-registry.oracle.com/middleware/oam_cpu:12.2.1.4-jdk8-ol8-<October`24> --image-pull-policy="IfNotPresent" --overrides='{"apiVersion": "v1","spec":{"imagePullSecrets": [{"name": "orclcred"}]}}' helper -n oamns -- sleep infinity
 	```
 
 	b. Clean down the failed domain creation by following steps 1-3 in [Delete the OAM domain home](manage-oam-domains/delete-domain-home). 
 
@@ -7,22 +7,20 @@ description = "Sample for validating domain urls."
 
 In this section you validate the OAM domain URLs are accessible via the NGINX ingress.
 
-Make sure you know the master hostname and ingress port for NGINX before proceeding.
-
 
 #### Validate the OAM domain urls via the Ingress
 
 Launch a browser and access the following URL's. Login with the weblogic username and password (`weblogic/<password>`).
 
-**Note**: If using a load balancer for your ingress replace `${MASTERNODE-HOSTNAME}:${MASTERNODE-PORT}` with `${LOADBALANCER-HOSTNAME}:${LOADBALANCER-PORT}`.
+**Note**: The `${HOSTNAME}:${PORT}` depends on the architecture configured, and your ingress setup as per [Configuring an ingress for NGINX for the OAM Domain](../configure-ingress).
 
 | Console or Page | URL | 
 | --- | --- | 
-| WebLogic Administration Console | `https://${MASTERNODE-HOSTNAME}:${MASTERNODE-PORT}/console` | 
-| Oracle Enterprise Manager Console | `https://${MASTERNODE-HOSTNAME}:${MASTERNODE-PORT}/em` 
-| Oracle Access Management Console | `https://${MASTERNODE-HOSTNAME}:${MASTERNODE-PORT}/oamconsole` |
-| Oracle Access Management Console | `https://${MASTERNODE-HOSTNAME}:${MASTERNODE-PORT}/access` |
-| Logout URL | `https://${MASTERNODE-HOSTNAME}:${MASTERNODE-PORT}/oam/server/logout` |
+| WebLogic Administration Console | `http(s)://${HOSTNAME}:${PORT}/console` | 
+| Oracle Enterprise Manager Console | `http(s)://${HOSTNAME}:${PORT}/em` 
+| Oracle Access Management Console | `http(s)://${HOSTNAME}:${PORT}/oamconsole` |
+| Oracle Access Management Console | `http(s)://${HOSTNAME}:${PORT}/access` |
+| Logout URL | `http(s)://${HOSTNAME}:${PORT}/oam/server/logout` |
 
 
 **Note**: WebLogic Administration Console and Oracle Enterprise Manager Console should only be used to monitor the servers in the OAM domain. To control the Administration Server and OAM Managed Servers (start/stop) you must use Kubernetes. See [Domain Life Cycle ](../manage-oam-domains/domain-lifecycle) for more information.