From bc85e4ac244a20c14627982a43741f8400e43e42 Mon Sep 17 00:00:00 2001 From: Kaspars Skels Date: Tue, 4 Sep 2018 17:11:01 -0500 Subject: [PATCH] Airship site authoring and deployment docs First version of deployment documentation moving/updating info from https://github.com/att-comdev/treasuremap New revision will follow soon after Pegleg, and structure changes https://review.openstack.org/#/c/577886/ Change-Id: I32274b5e188389a92cf3d14972b23c0040ce60ef --- docs/requirements.txt | 2 + docs/source/authoring_and_deployment.rst | 925 +++++++++++++++++++++++ docs/source/conf.py | 160 ++++ docs/source/diagrams/component_list.png | Bin 0 -> 72007 bytes docs/source/index.rst | 24 + docs/source/seaworthy.rst | 8 + 6 files changed, 1119 insertions(+) create mode 100644 docs/requirements.txt create mode 100644 docs/source/authoring_and_deployment.rst create mode 100644 docs/source/conf.py create mode 100644 docs/source/diagrams/component_list.png create mode 100644 docs/source/index.rst create mode 100644 docs/source/seaworthy.rst diff --git a/docs/requirements.txt b/docs/requirements.txt new file mode 100644 index 000000000..dcc0b7c05 --- /dev/null +++ b/docs/requirements.txt @@ -0,0 +1,2 @@ +sphinx>=1.6.2 +sphinx_rtd_theme==0.2.4 diff --git a/docs/source/authoring_and_deployment.rst b/docs/source/authoring_and_deployment.rst new file mode 100644 index 000000000..d85ab138e --- /dev/null +++ b/docs/source/authoring_and_deployment.rst @@ -0,0 +1,925 @@ +Site Authoring and Deployment Guide +=================================== + +The document contains the instructions for standing up a greenfield +Airship site. This can be broken down into two high-level pieces: + +1. **Site authoring guide(s)**: Describes how to craft site manifests + and configs required to perform a deployment. The primary site + authoring guide is for deploying Airship sites, where OpenStack + is the target platform deployed on top of Airship. +2. **Deployment guide(s)**: Describes how to apply site manifests for a + given site. + +This document is an "all in one" site authoring guide + deployment guide +for a standard Airship deployment. For the most part, the site +authoring guidance lives within ``airship-seaworthy`` reference site in the +form of YAML comments. + +Terminology +----------- + +**Cloud**: A platform that provides a standard set of interfaces for +`IaaS `__ +consumers. + +**OSH**: (`OpenStack +Helm `__) is a +collection of Helm charts used to deploy OpenStack on kubernetes. + +**Undercloud/Overcloud**: Terms used to distinguish which cloud is +deployed on top of the other. In Airship sites, OpenStack (overcloud) +is deployed on top of Kubernetes (underlcoud). + +**Airship**: A specific implementation of OpenStack Helm charts onto +kubernetes, the deployment of which is the primary focus of this document. + +**Control Plane**: From the point of view of the cloud service provider, +the control plane refers to the set of resources (hardware, network, +storage, etc) sourced to run cloud services. + +**Data Plane**: From the point of view of the cloud service provider, +the data plane is the set of resources (hardware, network, storage, +etc.) sourced to to run consumer workloads. When used in this document, +"data plane" refers to the data plane of the overcloud (OSH). + +**Host Profile**: A host profile is a standard way of configuring a bare +metal host. Encompasses items such as the number of bonds, bond slaves, +physical storage mapping and partitioning, and kernel parameters. + +Component Overview +~~~~~~~~~~~~~~~~~~ + +.. image:: diagrams/component_list.png + +Node Overview +~~~~~~~~~~~~~ + +This document refers to several types of nodes, which vary in their +purpose, and to some degree in their orchestration / setup: + +- **Build node**: This refers to the environment where configuration + documents are built for your environment (e.g., your laptop) +- **Genesis node**: The "genesis" or "seed node" refers to a node used + to get a new deployment off the ground, and is the first node built + in a new deployment environment. +- **Control / Controller nodes**: The nodes that make up the control + plane. (Note that the Genesis node will be one of the controller + nodes.) +- **Compute nodes / Worker Nodes**: The nodes that make up the data + plane + +Support +------- + +Bugs may be viewed and reported at the following locations, depending on +the component: + +- For OSH: `Launchpad `__ + +- Airship: Bugs may be filed using OpenStack Storyboard for specific + projects in `Airship + group `__: + + - `Airship Armada `__ + - `Airship Berth `__ + - `Airship + Deckhand `__ + - `Airship + Divingbell `__ + - `Airship + Drydock `__ + - `Airship MaaS `__ + - `Airship Pegleg `__ + - `Airship + Promenade `__ + - `Airship + Shipyard `__ + - `Airship in a + Bottle `__ + + - `Airship Treasuremap + `__ + +Hardware Prep +------------- + +Disk +^^^^ + +1. Control plane server disks: + + - Two-disk RAID-1 mirror for operating system + - Two-disk RAID-1 mirror for ceph journals - preferentially SSDs + - Remaining disks as JBOD for Ceph + +2. Data plane server disks: + + - Two-disk RAID-1 mirror for operating system + - Remaining disks need to be configured according to the host profile target + for each given server (e.g., RAID-10). + +BIOS and IPMI +^^^^^^^^^^^^^ + +1. Virtualization enabled in BIOS +2. IPMI enabled in server BIOS (e.g., IPMI over LAN option enabled) +3. IPMI IPs assigned, and routed to the environment you will deploy into + Note: Firmware bugs related to IPMI are common. Ensure you are running the + latest firmware version for your hardware. Otherwise, it is recommended to + perform an iLo/iDrac reset, as IPMI bugs with long-running firmware are not + uncommon. +4. Set PXE as first boot device and ensure the correct NIC is selected for PXE + +Network +^^^^^^^ + +1. You have a network you can successfully PXE boot with your network topology + and bonding settings (dedicated PXE interace on untagged/native VLAN in this + example) +2. You have (VLAN) segmented, routed networks accessible by all nodes for: + + 1. Management network(s) (k8s control channel) + 2. Calico network(s) + 3. Storage network(s) + 4. Overlay network(s) + 5. Public network(s) + +HW Sizing and minimum requirements +---------------------------------- + ++----------+----------+----------+----------+ +| Node | disk | memory | cpu | ++==========+==========+==========+==========+ +| Build | 10 GB | 4 GB | 1 | ++----------+----------+----------+----------+ +| Genesis | 100 GB | 16 GB | 8 | ++----------+----------+----------+----------+ +| Control | 10 TB | 128 GB | 24 | ++----------+----------+----------+----------+ +| Compute | N/A* | N/A* | N/A* | ++----------+----------+----------+----------+ + +* Workload driven (determined by host profile) + + +Establishing build node environment +----------------------------------- + +1. On the machine you wish to use to generate deployment files, install required + tooling:: + + sudo apt -y install docker.io git + +2. Clone and link the required git repos as follows:: + + git clone https://git.openstack.org/openstack/airship-pegleg + git clone https://git.openstack.org/openstack/airship-treasuremap + + +Building Site documents +----------------------- + +This section goes over how to put together site documents according to +your specific environment, and generate the initial Promenade bundle +needed to start the site deployment. + +Preparing deployment documents +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +In its current form, pegleg provides an organized structure for YAML +elements, in order to separate common site elements (i.e., ``global`` +folder) from unique site elements (i.e., ``site`` folder). + +To gain a full understanding of the pegleg strutcure, it is highly +recommended to read pegleg documentation on this +`here `__. + +The ``airship-seaworthy`` site may be used as reference site. It is the +principal pipeline for integration and continuous deployment testing of Airship. + +Change directory to the ``airship-treasuremap/site`` folder and copy the +``airship-seaworthy`` site as follows: + +:: + + NEW_SITE=mySite # replace with the name of your site + cd airship-treasuremap/site + cp -r airship-seaworthy $NEW_SITE + +Remove ``airship-seaworthy`` specific certificates. + +:: + + rm -rf airship-treasuremap/site/airship-seaworthy/secrets/certificates/certificates.yaml + + +You will then need to manually make changes to these files. These site +manifests are heavily commented to explain parameters, and importantly +identify all of the parameters that need to change when authoring a new +site. + +These areas which must be updated for a new site are flagged with the +label ``NEWSITE-CHANGEME`` in YAML commentary. Search for all instances +of ``NEWSITE-CHANGEME`` in your new site definition, and follow the +instructions that accompany the tag in order to make all needed changes +to author your new Airship site. + +Because some files depend on (or will repeat) information from others, +the order in which you should build your site files is as follows: + +1. site/$NEW\_SITE/networks/physical/networks.yaml +2. site/$NEW\_SITE/baremetal/nodes.yaml +3. site/$NEW\_SITE/networks/common-addresses.yaml +4. site/$NEW\_SITE/pki/pki-catalog.yaml +5. All other site files + +Control Plane Ceph Cluster Notes +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Environment Ceph parameters for the control plane are located in: + +``site/$NEW_SITE/software/charts/ucp/ceph/ceph.yaml`` + +Setting highlights: + +- data/values/conf/storage/osd[\*]/data/location: The block device that + will be formatted by the Ceph chart and used as a Ceph OSD disk +- data/values/conf/storage/osd[\*]/journal/location: The directory + backing the ceph journal used by this OSD. Refer to the journal + paradigm below. +- data/values/conf/pool/target/osd: Number of OSD disks on each node + +Assumptions: + +1. Ceph OSD disks are not configured for any type of RAID (i.e., they + are configured as JBOD if connected through a RAID controller). (If + RAID controller does not support JBOD, put each disk in its own + RAID-0 and enable RAID cache and write-back cache if the RAID + controller supports it.) +2. Ceph disk mapping, disk layout, journal and OSD setup is the same + across Ceph nodes, with only their role differing. Out of the 4 + control plane nodes, we expect to have 3 actively participating in + the Ceph quorom, and the remaining 1 node designated as a standby + Ceph node which uses a different control plane profile + (cp\_*-secondary) than the other three (cp\_*-primary). +3. If doing a fresh install, disk are unlabeled or not labeled from a + previous Ceph install, so that Ceph chart will not fail disk + initialization + +This document covers two Ceph journal deployment paradigms: + +1. Servers with SSD/HDD mix (disregarding operating system disks). +2. Servers with no SSDs (disregarding operating system disks). In other + words, exclusively spinning disk HDDs available for Ceph. + +If you have an operating system available on the target hardware, you +can determine HDD and SSD layout with: + +:: + + lsblk -d -o name,rota + +where a ``rota`` (rotational) value of ``1`` indicates a spinning HDD, +and where a value of ``0`` indicates non-spinning disk (i.e. SSD). (Note +- Some SSDs still report a value of ``1``, so it is best to go by your +server specifications). + +In case #1, the SSDs will be used for journals and the HDDs for OSDs. + +For OSDs, pass in the whole block device (e.g., ``/dev/sdd``), and the +Ceph chart will take care of disk partitioning, formatting, mounting, +etc. + +For journals, divide the number of journal disks as evenly as possible +between the OSD disks. We will also use the whole block device, however +we cannot pass that block device to the Ceph chart like we can for the +OSD disks. + +Instead, the journal devices must be already partitioned, formatted, and +mounted prior to Ceph chart execution. This should be done by MaaS as +part of the Drydock host-profile being used for control plane nodes. + +Consider the follow example where: + +- /dev/sda is an operating system RAID-1 device (SSDs for OS root) +- /dev/sdb is an operating system RAID-1 device (SSDs for ceph journal) +- /dev/sd[cdef] are HDDs + +Then, the data section of this file would look like: + +:: + + data: + values: + conf: + storage: + osd: + - data: + type: block-logical + location: /dev/sdd + journal: + type: directory + location: /var/lib/openstack-helm/ceph/journal/journal-sdd + - data: + type: block-logical + location: /dev/sde + journal: + type: directory + location: /var/lib/openstack-helm/ceph/journal/journal-sde + - data: + type: block-logical + location: /dev/sdf + journal: + type: directory + location: /var/lib/openstack-helm/ceph/journal/journal-sdf + - data: + type: block-logical + location: /dev/sdg + journal: + type: directory + location: /var/lib/openstack-helm/ceph/journal/journal-sdg + pool: + target: + osd: 4 + +where the following mount is setup by MaaS via Drydock host profile for +the control-plane nodes: + +:: + + /dev/sdb is mounted to /var/lib/openstack-helm/ceph/journal + +In case #2, Ceph best practice is to allocate journal space on all OSD +disks. The Ceph chart assumes this partitioning has been done +beforehand. Ensure that your control plane host profile is partitioning +each disk between the Ceph OSD and Ceph journal, and that it is mounting +the journal partitions. (Drydock will drive these disk layouts via MaaS +provisioning). Note the mountpoints for the journals and the partition +mappings. Consider the following example where: + +- /dev/sda is the operating system RAID-1 device +- /dev/sd[bcde] are HDDs + +Then, the data section of this file will look similar to the following: + +:: + + data: + values: + conf: + storage: + osd: + - data: + type: block-logical + location: /dev/sdb2 + journal: + type: directory + location: /var/lib/openstack-helm/ceph/journal0/journal-sdb + - data: + type: block-logical + location: /dev/sdc2 + journal: + type: directory + location: /var/lib/openstack-helm/ceph/journal1/journal-sdc + - data: + type: block-logical + location: /dev/sdd2 + journal: + type: directory + location: /var/lib/openstack-helm/ceph/journal2/journal-sdd + - data: + type: block-logical + location: /dev/sde2 + journal: + type: directory + location: /var/lib/openstack-helm/ceph/journal3/journal-sde + pool: + target: + osd: 4 + +where the following mounts are setup by MaaS via Drydock host profile +for the control-plane nodes: + +:: + + /dev/sdb1 is mounted to /var/lib/openstack-helm/ceph/journal0 + /dev/sdc1 is mounted to /var/lib/openstack-helm/ceph/journal1 + /dev/sdd1 is mounted to /var/lib/openstack-helm/ceph/journal2 + /dev/sde1 is mounted to /var/lib/openstack-helm/ceph/journal3 + +Update Passphrases +~~~~~~~~~~~~~~~~~~~~ + +Replace passphrases under ``site/airship-seaworthy/secrets/passphrases/`` +with random generated ones (e.g. ``openssl rand -hex 10``). + +Manifest linting and combining layers +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +After constituent YAML configurations are finalized, use Pegleg to lint +your manifests, and resolve any issues that result from linting before +proceeding: + +:: + + sudo airship-pegleg/tools/pegleg.sh lint \ + -p airship-treasuremap + +Note: ``P001`` and ``P003`` linting errors are expected for missing +certificates, as they are not generated until the next section. You may +suppress these warnings by appending ``-x P001 -x P003`` to the lint +command. + +Next, use pegleg to perform the merge that will yield the combined +global + site type + site YAML: + +:: + + sudo sh airship-pegleg/tools/pegleg.sh site \ + -p airship-treasuremap \ + collect $NEW_SITE + +Perform a visual inspection of the output. If any errors are discovered, +you may fix your manifests and re-run the ``lint`` and ``collect`` +commands. + +After you have an error-free output, save the resulting YAML as follows: + +:: + + mkdir -p ~/${NEW_SITE}_collected + sudo airship-pegleg/tools/pegleg.sh site \ + -p airship-treasuremap \ + collect $NEW_SITE -s ${NEW_SITE}_collected + +It is this output which will be used in subsequent steps. + +Lastly, you should also perform a ``render`` on the documents. The +resulting render from Pegleg will not be used as input in subsequent +steps, but is useful for understanding what the document will look like +once Deckhand has performed all substitutions, replacements, etc. This +is also useful for troubleshooting, and addressing any Deckhand errors +prior to submitting via Shipyard: + +:: + + sudo airship-pegleg/tools/pegleg.sh site \ + -p airship-treasuremap \ + render $NEW_SITE + +Inspect the rendered document for any errors. If there are errors, +address them in your manifests and re-run this section of the document. + +Building the Promenade bundle +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Clone the Promenade repo, if not already cloned: + +:: + + git clone https://github.com/openstack/airship-promenade + +Refer to the ``data/charts/ucp/promenade/reference`` field in +``airship-treasuremap/global/v4.0/software/config/versions.yaml``. If +this is a pinned reference (i.e., any reference that's not ``master``), +then you should checkout the same version of the Promenade repository. +For example, if the Promenade reference was ``86c3c11...`` in the +versions file, checkout the same version of the Promenade repo which was +cloned previously: + +:: + + (cd airship-promenade && git checkout 86c3c11) + +Likewise, before running the ``simple-deployment.sh`` script, you should +refer to the ``data/images/ucp/promenade/promenade`` field in +``~/airship-treasuremap/global/v4.0/software/config/versions.yaml``. If +there is a pinned reference (i.e., any image reference that's not +``latest``), then this reference should be used to set the +``IMAGE_PROMENADE`` environment variable. For example, if the Promenade +image was pinned to ``quay.io/airshipit/promenade:d30397f...`` in +the versions file, then export the previously mentioned environment +variable like so: + +:: + + export IMAGE_PROMENADE=quay.io/airshipit/promenade:d30397f... + +Now, create an output directory for Promenade bundles and run the +``simple-deployment.sh`` script: + +:: + + mkdir ${NEW_SITE}_bundle + sudo airship-promenade/tools/simple-deployment.sh ${NEW_SITE}_collected ${NEW_SITE}_bundle + +Estimated runtime: About **1 minute** + +After the bundle has been successfully created, copy the generated +certificates into the security folder. Ex: + +:: + + mkdir -p airship-treasuremap/site/${NEW_SITE}/secrets/certificates + sudo cp ${NEW_SITE}_bundle/certificates.yaml \ + airship-treasuremap/site/${NEW_SITE}/secrets/certificates/certificates.yaml + +Genesis node +------------ + +Initial setup +~~~~~~~~~~~~~ + +Before starting, ensure that the BIOS and IPMI settings match those +stated previously in this document. Also ensure that the hardware RAID +is setup for this node per the control plane disk configuration stated +previously in this document. + +Then, start with a manual install of Ubuntu 16.04 on the node you wish +to use to seed the rest of your environment standard `Ubuntu +ISO `__. +Ensure to select the following: + +- UTC timezone +- Hostname that matches the Genesis hostname given in + ``/data/genesis/hostname`` in + ``airship-treasuremap/site/$NEW_SITE/networks/common-addresses.yaml``. +- At the ``Partition Disks`` screen, select ``Manual`` so that you can + setup the same disk partitioning scheme used on the other control + plane nodes that will be deployed by MaaS. Select the first logical + device that corresponds to one of the RAID-1 arrays already setup in + the hardware controller. On this device, setup partitions matching + those defined for the ``bootdisk`` in your control plane host profile + found in ``airship-treasuremap/site/$NEW_SITE/profiles/host``. + (e.g., 30G for /, 1G for /boot, 100G for /var/log, and all remaining + storage for /var). Note that the volume size syntax looking like + ``>300g`` in Drydock means that all remaining disk space is allocated + to this volume, and that that volume needs to be at least 300G in + size. +- When you get to the prompt, "How do you want to manage upgrades on + this system?", choose "No automatic updates" so that packages are + only updated at the time of our choosing (e.g. maintenance windows). +- Ensure the grub bootloader is also installed to the same logical + device as in the previous step (this should be default behavior). + +After installation, ensure the host has outbound internet access and can +resolve public DNS entries (e.g., ``nslookup google.com``, +``curl https://www.google.com``). + +Ensure that the deployed Genesis hostname matches the hostname in +``data/genesis/hostname`` in +``airship-treasuremap/site/$NEW_SITE/networks/common-addresses.yaml``. +If it does not match, then either change the hostname of the node to +match the configuration documents, or re-generate the configuration with +the correct hostname. In order to change the hostname of the deployed +node, you may run the following: + +:: + + sudo hostname $NEW_HOSTNAME + sudo sh -c "echo $NEW_HOSTNAME > /etc/hostname" + sudo vi /etc/hosts # Anywhere the old hostname appears in the file, replace + # with the new hostname + +Or to regenerate manifests, re-run the previous two sections with the +after updating the genesis hostname in the site definition. + +Installing matching kernel version +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Install the same kernel version on the Genesis host that MaaS will use +to deploy new baremetal nodes. + +In order to do this, first you must determine the kernel version that +will be deployed to those nodes. Start by looking at the host profile +definition used to deploy other control plane nodes by searching for +``control-plane: enabled``. Most likely this will be a file under +``global/v4.0/profiles/host``. In this file, find the kernel info - +e.g.: + +:: + + platform: + image: 'xenial' + kernel: 'hwe-16.04' + +In this case, it is the hardware enablement kernel for 16.04. To find +the exact kernel version that will be deployed, we must look into the +simple-stream image cache that will be used by MaaS to deploy nodes +with. Locate the ``data/images/ucp/maas/maas_cache`` key in within +``airship-treasuremap/global/v4.0/software/config/versions.yaml``. This +is the image that you will need to fetch, using a node with docker +installed that has access and can reach the site/location hosting the +image. For example, from the **build node**, the command would take the +form: + +:: + + sudo docker pull YOUR_SSTREAM_IMAGE + +Then, create a container from that image: + +:: + + cd ~ + sudo sh -c "$(docker images | grep sstream-cache | head -1 | awk '{print $1}' > image_name)" + sudo docker create --name sstream $(cat image_name) + +Then use the container ID returned from the last command as follows: + +:: + + sudo docker start sstream + sudo docker exec -it sstream /bin/bash + +In the container, install the ``file`` package. Define any proxy +environment variables needed for your environment to reach public ubuntu +package repos, then run: + +:: + + apt -y install file + +In the container, ``cd`` to the following location (substituting for the +platform image and platform kernel identified in the host profile +previously, and choosing the folder corresponding to the most current +date if more than one are available) and run the ``file`` command on the +``boot-kernel`` file: + +:: + + cd /var/www/html/maas/images/ephemeral-v3/daily/PLATFORM_IMAGE/amd64/LATEST_DATE/PLATFORM_KERNEL/generic + file boot-kernel + +This will produce the complete kernel version. E.g.: + +:: + + Linux kernel x86 boot executable bzImage, version 4.13.0-43-generic (buildd@lcy01-amd64-029) #48~16.04.1-Ubuntu S, RO-rootFS, swap_dev 0x7, Normal VGA + +In this example, the kernel version is ``4.13.0-43-generic``. Now +install the matching kernel on the Genesis host (make sure to run on +Genesis host, not the build host): + +:: + + sudo apt -y install 4.13.0-43-generic + +Check the installed packages on the genesis host with ``dpkg --list``. +If there are any later kernel versions installed, remove them with +``sudo apt remove``, so that the newly install kernel is the latest +available. + +Lastly if you wish to cleanup your build node, you may run the +following: + +:: + + exit # (to quit the container) + cd ~ + sudo docker stop sstream + sudo docker rm sstream + sudo docker image rm $(cat image_name) + sudo rm image_name + +Install ntpdate/ntp +~~~~~~~~~~~~~~~~~~~ + +Install and run ntpdate, to ensure a reasonably sane time on genesis +host before proceeding: + +:: + + sudo apt -y install ntpdate + sudo ntpdate ntp.ubuntu.com + +If your network policy does not allow time sync with external time +sources, specify a local NTP server instead of using ``ntp.ubuntu.com``. + +Then, install the NTP client: + +:: + + sudo apt -y install ntp + +Add the list of NTP servers specified in ``data/ntp/servers_joined`` in +file +``airship-treasuremap/site/$NEW_SITE/networks/common-address.yaml`` +to ``/etc/ntp.conf`` as follows: + +:: + + pool NTP_SERVER1 iburst + pool NTP_SERVER2 iburst + (repeat for each NTP server with correct NTP IP or FQDN) + +Then, restart the NTP service: + +:: + + sudo service ntp restart + +If you cannot get good time to your selected time servers, +consider using alternate time sources for your deployment. + +Disable the apparmor profile for ntpd: + +:: + + sudo ln -s /etc/apparmor.d/usr.sbin.ntpd /etc/apparmor.d/disable/ + sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.ntpd + +This prevents an issue with the MaaS containers, which otherwise get +permission denied errors from apparmor when the MaaS container tries to +leverage libc6 for /bin/sh when MaaS container ntpd is forcefully +disabled. + +Setup Ceph Journals +~~~~~~~~~~~~~~~~~~~ + +Until genesis node reprovisioning is implemented, it is necessary to +manually perform host-level disk partitioning and mounting on the +genesis node, for activites that would otherwise have been addressed by +a bare metal node provision via Drydock host profile data by MaaS. + +Assuming your genesis HW matches the HW used in your control plane host +profile, you should manually apply to the genesis node the same Ceph +partitioning (OSDs & journals) and formatting + mounting (journals only) +as defined in the control plane host profile. See +``airship-treasuremap/global/v4.0/profiles/host/base_control_plane.yaml``. + +For example, if we have a journal SSDs ``/dev/sdb`` on the genesis node, +then use the ``cfdisk`` tool to format it: + +:: + + sudo cfdisk /dev/sdb + +Then: + +1. Select ``gpt`` label for the disk +2. Select ``New`` to create a new partition +3. If scenario #1 applies in + site/$NEW\_SITE/software/charts/ucp/ceph/ceph.yaml\_, then accept + default partition size (entire disk). If scenario #2 applies, then + only allocate as much space as defined in the journal disk partitions + mounted in the control plane host profile. +4. Select ``Write`` option to commit changes, then ``Quit`` +5. If scenario #2 applies, create a second partition that takes up all + of the remaining disk space. This will be used as the OSD partition + (``/dev/sdb2``). + +Install package to format disks with XFS: + +:: + + sudo apt -y install xfsprogs + +Then, construct an XFS filesystem on the journal partition with XFS: + +:: + + sudo mkfs.xfs /dev/sdb1 + +Create a directory as mount point for ``/dev/sdb1`` to match those +defined in the same host profile ceph journals: + +:: + + sudo mkdir -p /var/lib/ceph/cp + +Use the ``blkid`` command to get the UUID for ``/dev/sdb1``, then +populate ``/etc/fstab`` accordingly. Ex: + +:: + + sudo sh -c 'echo "UUID=01234567-ffff-aaaa-bbbb-abcdef012345 /var/lib/ceph/cp xfs defaults 0 0" >> /etc/fstab' + +Repeat all preceeding steps in this section for each journal device in +the Ceph cluster. After this is completed for all journals, mount the +partitions: + +:: + + sudo mount -a + +Promenade bootstrap +~~~~~~~~~~~~~~~~~~~ + +Copy the ``${NEW_SITE}_bundle`` and ``${NEW_SITE}_collected`` +directories from the build node to the genesis node, into the home +directory of the user there (e.g., ``/home/ubuntu``). Then, run the +following script as sudo on the genesis node: + +:: + + cd ${NEW_SITE}_bundle + sudo ./genesis.sh + +Estimated runtime: **40m** + +Following completion, run the ``validate-genesis.sh`` script to ensure +correct provisioning of the genesis node: + +:: + + cd ${NEW_SITE}_bundle + sudo ./validate-genesis.sh + +Estimated runtime: **2m** + +Deploy Site with Shipyard +------------------------- + +Start by cloning the shipyard repository to the Genesis node: + +:: + + git clone https://github.com/openstack/airship-shipyard + +Refer to the ``data/charts/ucp/shipyard/reference`` field in +``airship-treasuremap/global/v4.0/software/config/versions.yaml``. If +this is a pinned reference (i.e., any reference that's not ``master``), +then you should checkout the same version of the Shipyard repository. +For example, if the Shipyard reference was ``7046ad3...`` in the +versions file, checkout the same version of the Shipyard repo which was +cloned previously: + +:: + + (cd airship-shipyard && git checkout 7046ad3) + +Likewise, before running the ``deckhand_load_yaml.sh`` script, you +should refer to the ``data/images/ucp/shipyard/shipyard`` field in +``airship-treasuremap/global/v4.0/software/config/versions.yaml``. If +there is a pinned reference (i.e., any image reference that's not +``latest``), then this reference should be used to set the +``SHIPYARD_IMAGE`` environment variable. For example, if the Shipyard +image was pinned to ``quay.io/airshipit/shipyard@sha256:dfc25e1...`` in +the versions file, then export the previously mentioned environment +variable: + +:: + + export SHIPYARD_IMAGE=quay.io/airshipit/shipyard@sha256:dfc25e1... + +Export valid login credentials for one of the Airship Keystone users defined +for the site. Currently there is no authorization checks in place, so +the credentials for any of the site-defined users will work. For +example, we can use the ``shipyard`` user, with the password that was +defined in +``airship-treasuremap/site/$NEW_SITE/secrets/passphrases/ucp_shipyard_keystone_password.yaml``. +Ex: + +:: + + export OS_USERNAME=shipyard + export OS_PASSWORD=46a75e4... + +(Note: Default auth variables are defined +`here `__, +and should otherwise be correct, barring any customizations of these +site parameters). + +Next, run the deckhand\_load\_yaml.sh script as follows: + +:: + + sudo airship-shipyard/tools/deckhand_load_yaml.sh ${NEW_SITE} ${NEW_SITE}_collected + +Estimated runtime: **3m** + +Now deploy the site with shipyard: + +:: + + sudo airship-shipyard/tools/deploy_site.sh + +Estimated runtime: **1h30m** + +The message ``Site Successfully Deployed`` is the expected output at the +end of a successful deployment. In this example, this means that Airship and +OSH should be fully deployed. + +Disable password-based login on Genesis +--------------------------------------- + +Before proceeding, verify that your SSH access to the Genesis node is +working with your SSH key (i.e., not using password-based +authentication). + +Then, disable password-based SSH authentication on Genesis in +``/etc/ssh/sshd_config`` by uncommenting the ``PasswordAuthentication`` +and setting its value to ``no``. Ex: + +:: + + PasswordAuthentication no + +Then, restart the ssh service: + +:: + + sudo systemctl restart ssh + diff --git a/docs/source/conf.py b/docs/source/conf.py new file mode 100644 index 000000000..c653975ad --- /dev/null +++ b/docs/source/conf.py @@ -0,0 +1,160 @@ +# -*- coding: utf-8 -*- +# +# shipyard documentation build configuration file, created by +# sphinx-quickstart on Sat Sep 16 03:40:50 2017. +# +# This file is execfile()d with the current directory set to its +# containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +# +# import os +# import sys +# sys.path.insert(0, os.path.abspath('.')) +import sphinx_rtd_theme + + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +# +# needs_sphinx = '1.0' + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + 'sphinx.ext.autodoc', + 'sphinx.ext.todo', + 'sphinx.ext.viewcode', +] + +# Add any paths that contain templates here, relative to this directory. +# templates_path = [] + +# The suffix(es) of source filenames. +# You can specify multiple suffix as a list of string: +# +# source_suffix = ['.rst', '.md'] +source_suffix = '.rst' + +# The master toctree document. +master_doc = 'index' + +# General information about the project. +project = u'Airship Integration' +copyright = u'2018 AT&T Intellectual Property.' +author = u'Airship Authors' + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +# The short X.Y version. +version = u'0.1.0' +# The full version, including alpha/beta/rc tags. +release = u'0.1.0' + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# +# This is also used if you do content translation via gettext catalogs. +# Usually you set "language" from the command line for these cases. +language = None + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +# This patterns also effect to html_static_path and html_extra_path +exclude_patterns = [] + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = 'sphinx' + +# If true, `todo` and `todoList` produce output, else they produce nothing. +todo_include_todos = False + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +# +html_theme = "sphinx_rtd_theme" +html_theme_path = [sphinx_rtd_theme.get_html_theme_path()] + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +# +# html_theme_options = {} + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = [] + + +# -- Options for HTMLHelp output ------------------------------------------ + +# Output file base name for HTML help builder. +htmlhelp_basename = 'ucpintdoc' + + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # + # 'papersize': 'letterpaper', + + # The font size ('10pt', '11pt' or '12pt'). + # + # 'pointsize': '10pt', + + # Additional stuff for the LaTeX preamble. + # + # 'preamble': '', + + # Latex figure (float) alignment + # + # 'figure_align': 'htbp', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + (master_doc, 'airshipint.tex', u'Airship Integration Documentation', + u'Airship Authors', 'manual'), +] + + +# -- Options for manual page output --------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + (master_doc, 'AirshipIntegration', u'Airship Integration Documentation', + [author], 1) +] + + +# -- Options for Texinfo output ------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + (master_doc, 'Airship Integration', u'Airship Integration Documentation', + author, 'Airship Integration', + 'Airship documentation', + 'Miscellaneous'), +] diff --git a/docs/source/diagrams/component_list.png b/docs/source/diagrams/component_list.png new file mode 100644 index 0000000000000000000000000000000000000000..afde9fa258db233e98b728026e9a58ba7907fe9e GIT binary patch literal 72007 zcmcG#Wmr{jzcq?dN(u-F2ndLDOP7SwAPW|q(kmvjA&%a8l+an-gb^iHz62pK+f`9unf}pMVKw$EJ9x@8CKl8{TSRXDGFwFvoH@yCegq1h z(>xHQD!*FlgL??qov32|kff}0UDCO79O1o6vX5T>y>OOv#BM62ufiVm_mV7mIVy;U z^XG~ri;NOfMRl*`nb{%u`w5PsPEV8|<=;!Nvs6O-&y^MU>hhmw&tG(q{p-muGgN=S zH7t%+c9_@vO|1M0?S|!^>fAMAZR&Ya{b#PD+ zEnI)b-QT4x)|SP+t=k~kcGlK*a6Q$Qi1$$-g{bFGU2cd9Y;pg-`TuzF|Du-XT7==` z9VboRyT3u=AN>qE+Ham=qKz|2*>0ZG-8WgGM@2{D;NfRCk>$Dj15L3b?jU;zssC_i zzj##pIKsOaWrBWs)=`gak5i;QdZ5!ld{wMF(Ih&%x)N?>NAW-jf=7JG$aIvU&3y8f zLWnHUOZ!=>1X(@xO*9|PeU+Ku+Ltd5G9aYe+ttzG16EFs2_`9=l|4ifcT^^fPkJ*F z2RJwcIsYzN=8Nc4pZf>By_G!8Q%h{?rPjKRK*K~~6*vl&fx#jJ1op)sqwK5(zqGP! zjHxev5>91+hqoAY&%`bu(DCH$+cyaFDvbVh{{GfKyl%I8^*!b*NCG@($a1mvxWl{N1;i|6LUBt(4HQdcNSrv@)b#BzLBk=)-2ZBI9 zZf~;g?^b9CE&9oSzJ*2Zaeuqhay3vc7ect2t4L)yyJ(?$e0<5o z!^00Z(f+92oA2sqd)@O3oVQ%a+wSYTkzqY(lGFvsMlZ&w{yfuq$6ms6D%^#0l;@TDExe(RRK8B(%9FM-3)nQ6xv!tc0dJ*;8t&QUN z?6k96*E@0(dJeAhyonkt2t;#~)__X{1O%LFcx6a)N;n_U_lQ1_cACRY6i|NtM1c47 zJl2q#yb)qPwB7y;_ueBM_LUj?Qd(X$aiA!yEo3h(&Ek$h{^Jw|rJ`edzFeZ_%MOOF z1z&1Net085zR=T~`g^s3nxWKj7Wd#4%IYwTA#Xa1$ZM&Y#F3aAHjIP1F_Us_fn8{2 zb)wNx^Et;3-(i;@Ax=J3d=?60vl?>i{3Ow#>fTb4GtwT0zD2#ybZ!0Gyk!x|fRHg3 zPQt;YNAhxI8d%|D18X(;WQv3ZG*<^78%BhBu0P7y8cxgC#?by~Ht4Y+)N|jo_W0Q% z+&!r4rx1wM5lh`d`Hm0G1e@%GsUE^RCSCvdJkvT!E_Sw?k^1k=&GGCm2mwP$Va2*$ z*~nobwCd@UWQz@`B<}9Ax($j;7K=WvlCrXs56Z3+9rHCf1h|Yn8({=YWhM`N9zu2y zCmahJE67wqweup1O$Cobgzuj~Wu{XAE(@bo5yLaI#{w+Tq+zpa0y#?KtMDMxWQSJrEvv0g1%X#C! z6W}Dlze)M@r@F1is~KmOk8BZkW^#oIWM857h%(1l=`$23^P`X4U9n!xE4nn@@W
_4^`7hZ!lqNrRF2!_j)52rX$mvwSLJVWD0lRw7hdUKY7B z1GQJBW2>}x5H(cG^N>%hI!d$BeB~efQtZTTbJO#`)(Q?jpE4Ng%;)*ms&W!pW6eakW3pbzF^uGY%0DIbABEH z-klU%#iia5OkND`Zdg`cIt{Q_<2=GfpR6IcT(>IA>_2DXtH z10yR7s%#Trhls}g@j;iIF4FyxtD2|G8Jo|WO;TD;n1t)8P4fhrbFo$|ND2HjTbf7t zNB6`Yr|Atd*-}$j&3rS92sKYDIllQ+dk25brinJ6RXIe9j?DQe=g$BkU0?SuxBsdW zmWug6&BuOfi|}JQ{NmzlYg8Hi6|{d90=CfK+IX8@zk{l={nbADP2N$uSTe`tR)x!~ z9jM=1Z{VGB!4+Qs{JNr1NBoYlU?kx-F&qs$8svV#ZEa}!wnudl0hH~ET4VLmpSY@W z}hlD={4%gmF;wN-)a!MT9vintHk*J+g*5%wmS>{eK3TP zdf@*ZiK9U54blFEezYrVEwQTGlFSd^pVoTZzLZvlQWDneesMnD*rC;^$B>RKL9lUl ze(ql#EZ9$u!Wa^h^)urxElsvYD>E1lCWbU!b|;p0G0s3o~T`-C8#V~5T zSvkh3V7H`0_|PveNK$)?N#tvbr_3XY^4BR7h1gD_SFd{I{4hfZ^oB+%HY+l%h4OH> zpmTK_Ay*n-9$3zfHz7Nq;9ToZNxbJZ%1U1A$+0d)W16Q4%-VIq9#~9;R;4ceSv^k_ z7LSj;u3yBMPe+b}oS9xhK_+)T$YUE1m#5xoP_hA&sk)zsG;b*>Gvf6B4J5Xm8z2jL z(kJcp`GvN6d&UB_j(CEP+_)S8m?9l2M}5dMqgYlaLnG)f@X45AkCR;xcGGd?g=V|w zZI6%F4!zU3Q=gpopvaA8wtCyxN3I8^bD}Qex=$NDg z*HylLHMS|1z^v7Xr1Hpvh+1P46LP9(@BKZ~>B-|cToG>5;+}q~z~Wvw5d}-V2>r}W zrktNUZnKXxIT7y9$JHD`W)A1x%YG^2Z{@iE$bClhe00Dop1wy(QU6nwwi4`xJ?K-o zw-cEH%=mrLaBNDImgiC`?8#_FwNyxbr0wsOC;9A;5B;2Wne+^XJzEL1{4ul}&loBi z-8TGv74^AC)!+Z!IhY>L1~|;nPGA)?K?z)k8NJikxJj6S&d2_4*_9 zyhNAm(lKcHvEeY#y9XxiOInain5ff*Pr zTe=FAeF2Y*)^VJ1kGZsXvarw&l18gQV-cV&(VrRM320gf{8KQD=PZG+F35ALegq9? z7XRFi0epI#Ax4~MaC>emx5txPwN#PixWGYjejdgbpgj(J|5PBb`TTpUvM4+^FoK)$|h?OuAK zh=cR$Qqf)9&woefh8tFJk)AxSZxuJLfPiB}`WN?R2uM4Yb9rvRaj^J|eb!9M)RCSS z9&L<4LO(ER&}4nD$r)Zuyeq+^BzBosy#>W%gPolLK&sCU#!y3SV&6A;lr27dHAaPD zwv3W;b!0FfoLwHSp<9&e#vxQ~Qd3y-bIkH?PH@<1m>g$Bhp^ zn9WB1Agsmb`dTb^=%=l?bFmIxwh0HE`{fY7LwjM^Jeg{uvVkUaHL4ziEI8n(IS{qR zy0z>x#X_Tth|f$pc}|*F1;JbcwZTLQ`pHnz&9?9%|IVN^GC$|!PvQtAf1#?!1Yhrg z>*C+$3o|X3y`>B#oE|dWKMwwh&@}7u!*iwh)5FOzY#xhMSIT0Qc_(H{-YAs)#QR}q z_+O6XiQ-7y*C$nPCrM0nI#ULNPHPBv!Z=#zNpv0E$T_BLVoNJ`bJbaEDx=tRVU=iZ zP{9Q_pYu=s1TSJv(SSrc)uI5uwv!g-j`|z>vD!t{yy;4!cbMBDvE-hiXq@INi3-A> z=B))wJvZ59H7lNUcXz7^IO575-l01#Sr;B0k@y878O)7}0PqKQm{cg}H>q%E*Lshk z%NtIzt+l>r)|;B;GL1WRtzdkyMv|9o{W9_POI4b z6s5)@Y{!DT{cK6FP?MD~(@W=D+fmKq$Vgguj9f&szaZ?#&@h-`bmIZ**zGI%_H zJXAJ&C^xn5I){Ec-!sos-BfsBjV@Zx(9$Qo=}zi{7LS>LTLf{)c5l#o?|^&Bs{Dlp z+a{#l$zdy>`}^!O;t324o0$5ciSLK4Q$sW58>)-1H@R7q%X_};hps1M0x7YZVgiw} zc2%lUa#miMZYCAg*j4g7kk6JzqaUNUU87=EF`7XFQ3Tj=8<(8002$kUF)CE)D3LEb z|Cb8Iv5`!|d6D7K;4*3{kcY{tm5cKAn$0(%k}Wm+BjYv4OoLyLvAHwfH#L5JoWXg1 zV&t5D1$Za34TnC=Nc5~6&EAJXdH&5=CJL%btDSrS!bf)PJJA1OW%R}N_so~!# zhpj{*jVwq_$*4Tnz*}FN@qsv9z9=yvEjRDM=-oD5zKDY2#H@BQD@(oW&eL6P8w%c|7$96|qsvsuahwhMv%7IBk3azg`KgTEXm#sClCM-T`Cx$uj{U3Zi1y$@ zxmSsF8OQ(!&e{$%Pqvq|^Z63%!}9Bpt?%vS-DJU5Oz5UOo* zNoaoGSzw}IF!xjB+GRzra(4lIWj#wHtW`qY-9tr3htr*7=KL!<{^z%>PNY}FL^6H5 z1>L1_a<4ASrv_34Tnagu`Q;~p?YoDBMEr)NL#KN)*Y;BRu5r>Sfo0c-Z_`!r_MY^& z=N180(E}!SiEiYLD7AEY*Ve=gb{`yL&`Ia{azz zk@7<0GnG@fycTi-tep_IBhPO&eBMy%ioz1}0rRB41W%osv2V&Ld-Cb$;KbbU^%`5M z6?-`Iud8i_??YE@g7;jP-pB6OAExTO)`F0lxcMDE<>D-7cr#Jz8ShalahW0N;Ns*XR)Thj97`wEz>|;c}aE5V3EQtMT$9ZD&LeoSZ zp|8)yaDOZ!#zzRwfi`u zWYBtFcj&AI-%7H6{+BiyE7)}1s~6xtJSDP3e}sR7=O3KhlP$zCD%E#eu$M?9IJ5j> zpg6g>;?K}ZzLk`goxHTivt=8bsrriLG<=8SPB79V?0pdR!fbtmao#vk3+GZ@tUAj5{6jk+Z+b_t*%TGW2R_%JT$I|w&}50;BjD)k&s4hL{0Vfi?hAEH+N02&Is=Km zYpQgS@9|d$rs`b#9hc=Lm9c-TiX$jj<*M9vxZ@Pft&sZD#NL90snVaKa~d^hB85K~ z1-AII9Q;x39PI6fd~1NDH{In41&Sjv&{s-tZN!zY# z6kRipNyNqU*%G{vrrD*0+PH8YN#<*%_P2rCj5Id*y7Dl!@P21Xh1>0${Gyt<4|UZkM9-hk`gO2M?)6 zvtwe4pXyVF`qy{PdJ%iB_W!_&4J>h$XO~ygkK~qyNwKO2Mh&M%({Q3V(#3aY*Ct6q z&YE(-ZZnN^=e9mw0+QZ^zPH3MIHP!ruY7kfY2v1x(4HQSVJ#=L}th^TF_9oP4r zeA^b4M5g@uJ6feWdU<#gIn~x+kLrZUm#aC>Gs`GDL_MZ zc6IlMy@VbA0szt}`JHI-HlH=xex--qX74iYxwLW-^MLZG5`EJR!P4QlHq@MK@w@@4 z32MXHbte`;#m0scVXZUmlZMGyXl3LHb2kY}Who?mU3I(#DQ8SelCPJe%RE)^lAgVT<#NTR{WB?xZ$0w97G7po zE0r8+HGxpJl<$aVa;E~^h(vKTrxQ%@zF4mtsHZ+8m7CmHv>MOw(`Hz$M`>W#!=vG?KF65(-1 z`N~R_^+n4)aIg8ddl=fc{2CWTwA7x^ZtVy<;r`1{`O_{aDB}q-@Ki!zbD}p==jy|U z@uW)l2P-Z%=pAR}kJAmz-Pp4_!uaCND2~mfq@?WHE;qW$(caPDXV)+mY#MUPgUult zVPMiYoQkdXsU;C;UAShYvez;)UiX)^a&UZF(bYvL`RdW8fA$28LHidNg*>6d{)Db* zCE5g#C7=s?2qJAl!D1EId|&bi!tcUKBS82JQY(*6tGECust*L#S2q&^W@2>~L-ZcJ zM)iK}G|Tq4MVD5JCW;cL1Vr;*^BK2$FMakU@PY- z$~<+56A{}m_N5O?2G~w%2m`i(5{GiJHp!9WLBIw2mcdbgW8Qo%om==d$|^}!_0Ylm&t`^$BVgh#I~^OsE8pK>Zl{^Ddsl|FpZ zN`Z*X5Oh8>k&UtD}Dv~h38(cGlJKSh4TTT%Ws+*{r#>nNG&lLD%AP^ZIj1gM(d zaq@|bf=TrBuXzaUBGYoA=uU7q9)PVJt>4QnUsA{nupn&6&N2jpZHmsE@ajyRnD+y2 z z1Zi;wcl}1Ea67wYop?=+_UQ>Rw`8kRFZbue&`#RXX;q)4(u9h!i-D3XhiXIrVBGVR zLrcjEl>%vvJub5VdCxl&&CvxV`%>7RksxP_ z)eY$Rg&DL9CsF<*ZEfP$3GL^H%>7Bt7D&Cn%!HCF zLP17=V$wgd7l~B(|%#S@0U#}xb*+WC} z>*^NXL)G>;UoSMv`BdL(9nLpCv8I;k!wgM~V>VCS+AVLoeXTm>lk#2vNkXw&0apj- zpRSPtx(2|B0!>*jGhOOV=RTT~E{rp4fmiafCcL(|=^tZNYVHP1VOf)b~ zB_Jc%6FfttGN8&YAtlA9BQ4JhOpS{}`k;y0^S;AY)WZkj(QP`PMR8(2YRiDQ)j%z(N+bcCxALT-`u!3QN|1&4~eG*>)=+xaT!XownI`3BB1@!blOoEba z!osYoyk6oTy|ten!+rK`jbD>86v=vc8>e)P*{}iQ79`Dh8nr-n2?A0)Xo_Mg)|iUnSzBt;8LkLvX z2Wga_F9KmdeVW_gRBLoVhFvKmLFK1pK?Q{y+b(>~NbJ{bLtkIoAN3d#qmySCQBEKu z&B0s(+229*q?;WmP%D>!w3HdLtpE8#DE9wWi~kXIArS}HR{o(fx7y1iMtRw9goSs~ z%-1uJx2Mul80}j;(E+AYeo;2$nWQz}|pN1ZgbFuET<&N5W zdCyKh?h#y@?UD0%pR+z{UGcvw(eiDnvH5sXzWMeA*-ZKKWs3o234_@%tIMGAzY4WD zL}tSQNIaswPIP3524Lge1P_{=9UIGDJw7J}W9iPqljfr@;^b3Wp{d4FrHSm<=tP8< zfSkC}kjClp z?{hx@^G3SHWpsT#TSE>#dLR<@eX75u{5cj+@vzlAspQ2xo6+l@*#Tb5iYs%Yjq5WP zaKswQh-Lo>%(xM((jIve7R{~HDLhx?fgj!fMttaE`A2&e;{Bv?)7U4NW73VyN z*5JRp4vcs?$x_XGB*aUw{zcd3_a1-6xXTlyY;Sjv3EBqh{X;bvKrKgf}?+-b!e(1^RNnowT6LDQz z+fy>KctS&5XmcS-s7&4>2nB40$Ghlkb8#}C~*?nSGb0O&@W^Inob57EtZ4U~_s zvL)eSOu`l(k*H4%4=N}5+b5AJeBS3lNJU?a`qze>HS}ArrFgvWX@5E2f9{^NXHwCc z3i%P<8FmIw`$v-e4v-(FusVjdF9v#B+eiim2ChxoS7fDSHG%f}+%63b13aGQg@O#4 z{MT-7z4aH$d4mn6je0)ON%;d{-5fM<=>3tbh>6DK;;2!`i z4cWoDVab9~xKVE*bp$Nw$UNB3?NzF)Ywa)4pi@PG+j)|%g1yVwIO*xv7VB=4HcL4RP|wOZ+vt4)Dn?`^c}X+_4{`$1me|B|&d)b^j(;8GhA;TQ=A2xi2k%~8Cb zt0SG7Bisx@8?CM?bN=@I`*-W-M%4H`SO+r!L8YI8np>k*TX+A#&cB0bxdEY`F8uHj z5eSB&k)Z4!ZI(Ke&5`NW^&NwBn56a@TNCFm2E3U#GLDE%wt)rta4!LbI z0KoI?{3PHA~Y_q+nc#OOyuE|mwd;g z8ITgn)v~=Bmot)gBHi;2Cu`e}?D$;tNCGIAJk1FlH25z?PB!>*e-dhyn_BSFKL!>X}VM?WTGH(#T9lTbm@Zx@X$d)k?m~}5;kJ0$9RVDu z*lE8LG09TNyO}hC3lumtqXOM{^T21pJ2Z;`P_rom2b_!0A7{M=bgn_dK*0e zs}%YE6!%RTzM!mlja|Zo}@dK7H!Oy>=?r$VU!oVRb*l zYCO|7Vf^*}3BlBqo#Ja!e18M)!`QE&YcIog7bD1TTmm0j_hCxo}ETwQ?g-Q?`>vFYTY zKj&Re&US`>{Nxqo8}+-_%<-%QCEVVq>x4|v(2q{x;p6C9X{jt|_4WOv`&dnP<{}3s ze^A-joC#midV-1s3ShH};hz<@n*DJlv=iP$GPP^O`4NA2(xepV;A}AzN5$MZSYFzd zLl0VHKh=}tt`?z_|Wb1vz~~Uh8z3p2MRa~ zJ#Ef~7t{(H$EfM4Mz8eVr~VK~X?|2oK#|74^25Y@HvTz;Caz%TkFp10!*IXx)*#N0Y-=$bz7l*^cyob|U2r3z-i$hirgtgtD z@yBbb>(8HN|4}q1y$WoB{zN(D9!~9{(e(-wwf;!fLYNP&Y#zUxpSN0$BU=G7F~v%U z*&b5l`1ts>Lm0!%!=1S-3Ao$#BT403(?%C{cHKrZ#VKpd@k7b^VhS5 zqHSu-Xt)EFNyskTg%`_wh&lF#V+Lq7v!VBxc?O#09v|Pndnesz(xp+A-GNe7B0skr zke(iykh__-Nng{ z&}T^nJYKOMwpO$x>p?0LyX`Xo8zkb@jQa`8a-I>h0Jc~Is4kLuN|^aF5C)cu6Yz+J zFO9-9bJl<xe=S)a&C}cc+ZL{C3hb22J@9Pg-Gj0zB*{GDE;5}(!vV}%E7$R7z zdxPb+&k3gMjmS1OW@c@Z_MikuRcIj;@kvC}+qL(&*e7~UvpciU;))2EOGH0^6UI84 zqu^#*Iyn8o7!nbpaOMJSfGIc|rt#5!e)4t2Ihs0;+iF?lFlvtkaQi6M+u`5bwRo@B z%N88x2+WrGp!GoQQ5?03Q}`J~hU+A8To#&{U|eCLVOe5<)0&lj>5-960!mMl>h(8{ z4yeHpaJ>B9pAZ)mR8G*LBb0tvNywt9!`$p4NG_EhnUKI+k8z93VDj+Iiz!hGCJ#%I zqEpF9LTZmqZs={?Rk``yg+7OTY%=Hn_04_~TL0-iqbxtx?w1)w^wHflZb!bNfFp(2 z4LU&T?dv+&RHAu{1m!aDov#XLAox5!C&b52IdnxSDU|}vxH;HbWP2!RqvPg8!ihHji;LN0gV3AAd4xUc(P`>2JaF7^`wawxM@(*J<`O{Fil!x z;*O*b4RC+*KDf#k82DEXqmJx-6KTqM#I~zHXXY0g0Sb3TmbsLKW*KczUV@RE8h4F+ z=L(*=xhf{mgR>zH4p+=U80cbKEGY0?KS|GSjybm03O@GUA8B!#`7IB*5xN>%zLirl z**XTCasd2H>H=J*uD`OYIE6@0IaSC6sbR|+f0+GEoBzz{+L=xWOc3BYe-)bAwkSQ}qz0Vwf3(GS9GV6^JUp$eZQ?a=ooO{H^Q?C_U0qyy z?ceNg-k1dhC?#{}E)z``>aax8nHGYb{l1+ypKj(+eEqR*)cNzY+#Y zq1C_A3vqF`0P6q9(EGpe-Tsk}+uct@Nv#}{QoD@ z@&8cApKaf&4x(V-|HJR7}iAOjd!^hI>4T77EK1RzTaq)0k~yKdM*&qNnZT8IFYqE$hn*AH7f_$d#fEK znyc+?dus3P09+qkYOzC6cUV>LOxkc=t=ngJe_`X^vE!n=W$elwgR=WWonUo}(d zK;xxbN)(b?;X#=g>ATA=o#4B9Ot0$h6ol zF$M}L2|+F(rLE68d#G1NHYE(zhq_}7d4U=9KnP@gn+$z@eW1;e$w?#`FEwOxY+bc^ z4XJNxHKq(ch@vao`)~A*0^vg+?Lh3-T8&}C(?@~P)%UkIiQCJ@uNoIT9o#3$sS934 zB2>BW=zC1NlEp?W7m~)ghzE#M2=L%uF}tr6yi+=Ean6xJrAI+QIj-GAv~ZVEc54dV z&vfZ(H@#68>{?nc9uqky=OSzBd;9&U#$py_lG;u` zag2vej!>;J)C&!8;GH9j7O#_L4a#Vaf`RPKy2ZVXEz5bzJ;mIm4U}{gGA%0`mR-Mf zXcTC>dbB4g?NfQ9bg;LdREUF5=6g10$7y3^al&(57vmUt0CpDv%Kf&J09ZTb!9g$ z@=#|6r|uFZ)r|SkVacgS?Ut|To6y+UX>e_sW93IJORfIKlv?jioOfOVg@< zS|&fX;IV;|D-rmOD1gwz?4^XO*z9mM=c!zxs_qt}Y^_@t=oY5i0qtnfyLqg`J-oEy z%|Z@)wovaun9Yz4q4Y-zSnEB+qXnn?4eo{5mBfhWrZZ(n$CA4-b?X*{r^_wB1GyRN zTLlPB2u10Q#9H zEmMW;!K$>36TpC+TcRLNRm-U0AzPufNx2(Bnq1pdm#A-jHL*8`tto1JYMmYl=%*R6 zO9F+;3)OZg>#OW^K0}t#9W!<2%F32s@|69$yTHD=$O`M4r)6jQw;#_?rVI)sj>-qT_%W2gAn+e~+A z7A<$CT~e``OuS@jeYM`Bi2j0z%->ZrR|eKq7^V3rgo_uI#g~hwrEq1J@75O@793r6 zoWcxNYO*6HCV4a=0ShV@S!6X`X5g;lQNMzI$eTN6BC1e?#)j*_6nx$R=tbdQ@vB)t zyS&C@>WIhlSm3_#DVy0SV`o>Fu+Aqq0Ul|{QA<)bDTB9`fGhGD4YP=Y;o!QF_>GjM z_{dlEzJ0~DhtOEXnEl?@yyed^AVQf-_Hcl64Wd=8u&)-` zL z6US|w5leP+g4n~o$pJ%C-Q3GS|FRfsd2d($Ix0RPQEmwc+y8-b6r1r#iNf$JrYT!# zBx~Lp0FmNnQc|dQxORK7-PNhh2L4L*bA* zJc9L=VFQ4?6k;|XSdgymM}|StD~uMAqhl$Uxpc0IT@yzhAm-c5)JYq>{BPgA&5-0J ze1Err8E*>57KdD-m>BW-q|5kp+m)!T6z`Xo#<0Y!9=>=!sBXn0~ujo?e| zNv0Dnp(6fQasxHKbw7~rsXSIJwO=(YU8f4DI^;hg;c$QZwwsEA?#VEhwJG?93SwUz zAUb8u%Jp8v<4ckN+h>EP8Txz*I0{DaI$ri7oE>79OYrnlZ(5EhAOIZvV2AIj}DX70fD{Y1* zlb@YFkJ;>xS+8NMI0A*5bD*nM?Oaqi8C;EbfRYFHic=v=`3Lexb$$TO>?yb5rg%q> z)z+MT?EdOmgAW&ovedXA%QESK#)(Pr?Owq}MtjDlU`h=+9Wp9PK0w+^_t$>IOyeN1qu)c`L!(=+`{ z8#{DM+OnVYefNTa>Mg6X^*5ZIL~F+uzl1Vm`3CaN8veU42X(qHh)Mm{u(A~!T&Tp& zM6CK#(yt#!+G_V5QF6L}=k2Pf-f}8ZSTB%29CtLsrSdqYe7>0FqJbE;+cWWA!6m#I zd4&-1oU#3MT`skSfg~hy>GbS0j(@a8UX$86D<)`EQVYNt)C@1<8s-QUwA%7gmIt)= zL_a32g0kK$xm{s~-dj>$S_y`hgQW+Ot?^Hx(*+o*5?){Fc0+5od9?UEF^@bKp87AK z^?y{Lvr2VMM$@@sc5AJR&m=IFJHDz{QWJ3VRj#tUR}@T|aU~PRe#AT}dtPhbMv5L- z5~DX=>S=YKAxA#zL69@&wAvOKKki9ko!k&n{qRd~Z^3h>Sx;CLkxK82Inu~{Gtb>L zzM5JhMJEde&13C1F_MutqZ~+_OT|InSX#cR5--{-FH--Gk0S-q26^bGBAq}nk%pcv zejs?`_FC>28EG^TkmBE^+8Y|WKp@X9NnxbLU1)6+ixR`Oz$Q|nTN@_dG?xK{d0KEY zPm(ijmRAI!gE?BN6TM`?5=x#;H=2cTDoUV+0JF0fHp( z?z_e1E+0~kua-x2E=yNYpH0oIo&chJT}KhK(_qn{QDRos+oTz9lqOBghmjj%XaOU>2+w`!UtC@nBWhfj`u)~k z{^?m8L+2L~s5Csk*i$2Mrm!SFt!QPWb5Qe5|B1k43>lD*N#!X`3JH_uyX`y*r-HD32ye;XBkkq*F}Qs zzdV2LwM$%RYF6W&jB1c+0Gyf4*EZ-}YYorL(<*p6IH=Ps_eRm$z}PTgW8-Znb$9=L zPZesKg0Icz&f>QimEKTu6DaY=UBtd`icbufo)NE#j9Oj$2}WIDEzgGOM#%X_8&Pyp zcdpb-*q8nu^l-g*J!m=5s{j?>5+Vf|@eF6^#7+l+b38Vehy$@NUP*y`)x z&Re^{jCV$Pm(yKO?HU1%%GsR|c1?Qf>8o#G^%R+N00_W;r zt@U-Xn|i7v>yWhIuRKiw~~;4rl|yIpvAG3K3L-T5f={VUyCXz9;qyvzA#G0D+Iezg(1S5XMLP}dyC z@X+9($TNKrRSB~rnhEA`I3ITNY(~n0ST0eF<_=}h#Xq0a&TC49Pc=`9_#herGLmP%f`-O5Oy=O@3jR4o^?T%e^<7{#@^?iU|exZ97`2r?<;L8<)R@GC#Cpf9gH*&_b^cc2haq zwcQwrE|=vTR0*qW*%biDAMBs&_yn&XuhqQfo$1@fcnPpJnT{MReGcMO^m}4prsLHV z!LjtAG2SE7K7PC!-V3kinI8k_2D*X+eszWIWb>OU zM{=zT$av@ZrIS^M2q1ee@I>LdGvh2 znO+?&uD@$YotZ2Ake7O5z@#XKwc>E&iyw;r z>R==~?!I!Z>s99OS6m0^`}1}$!jTU)MGFl|s`Ee%8I@fLwc8};L@@0`>wGAdYYenF zz5OJ~#=C2SqJqtJ#}qIR;RZU92KvV!FW9*Eo@m`~S@Mz%7#E9(iux# zu1&q8e)oC4z&=js=dgOQyL7x#+rap+XpZxJIXMly_8UyedF9g8dD04u>4aRA4LLaM z3Y=-$XEnaiMoC3|qy<2(5K~>W`(ZPJIrEOcutA95%=59 zE}59mRmnf9wJntkA+HDuR(>6N0i>lsLF~xcaHN8pogh_aqkD7`ZRR2BQfE-nV(G>; z_VvxEOX%DZ;Y*opR7UJQFhd=DHb zMK%#EQ%&&e^jPxxhrq%(Z98qi2#T!*ruvNOb)@6|Z8~vkiW!YE>xpe7$R7vyWpJP~ zd3ss_B6D(cFja%XO5m#f>K5r6#|iKov)TOob1eLA!ceFqeOuaxC$2>zA#S)RVBfW0 zHp(%Vyus$*l2r4fxE(DaQJW#@vYSy6ars=h;DL#FiTLWyg- z<liPvg$uIy4<1T%|~aVd%LTPjyT`)cSP>Ur1+ut4>DyZr+EyE|Az_S%>H@!}Lqq^uHDnndzJ^f1?8`eYE{Q+IAsNXqeR zbUw){AH|A5=_)A7(PZ2uCzRd*NYS&Tx9g|~v-mF%Qa|LkSQ{D82@Z92by4uK6Pr{` z!@QEw9%|}AI_dS2Dn094LrU3KOjq*}D+PN@qf>3fs_?q!x(dRbrW9@?-H3U2Dok1} zE+k$lkFU%0hQ| z5^JfY9OlFc zaU%ZGIWBCzy?4KQIfR*s;dXGzaClc-Nh9VboRgoXs$ZJswr+?Ld^2y~pv?0i5TT5j zN|x1^8yDN6B9$_KFEJM5H0ybHYwjjsrwWo~X#&|`+C5VUi8;?qSDgp}RmzO1dGpZ}SV2fi6dZ%k17MCJg;dj!AUP zBo-nG1YIFlh3w`p4+CVH#(vEr?V8vLmDwYW#dDZWViUPRVYIg(;rtASLNk<{qho|0^WyHJWbjuKF((D|@en|J9Whyl z^vp2S4u8OMFFnH1lP(uQHF8&|wI$q9b9$@6l;BBlO&14=t4fp`F-u`kssf0NI{>Sq za~T3&1}J`X|NXJhJ{PK#GKVU?r$?`8)}YHIJ(P=*Tqz_tm4p%f^qEZ{Hm(v=kW;-x z-PV|RQ>?m0qA?f9hoQ@GNs8{}h;bu;SC56GuU^>deGydp_+6VQ+ zN`&morqhvX9=qh_S~uayx(9;IHoAGtH2Vq$Qe4s!Pl%d-X3nhc;wdj)bK6K0PtU6b zEw%2R=B|NT>{6Cu;*MYWI9m{_5R5{>cFLJ7!0<) z)wk6uT`3}BBJDS3zjL`ahm};yl zE|d&%91ZB!A_3~d*0f<>soJK--jSf7pC%AWL;YvU^1FUt)6CTBaKJUV(Wxw;{$whH zQk{Pco{}W*&B88G6}PdQFQx=$c$pXL_jPdl6uB}4`|T^GnXw>ja`eq72&sd80@WF9N5Iba!Nlyo3)A|>h- zhRE$N4rIy9e2!Usg?rA1UG0L`eU{3X7BQ!nU_6qU*z4_+Yr81_m4gM61cJP2gsQ59-GAb1tL;K?tR@^L1-=CkwlT*hN@WLg54G*{l`3B*dLt{5 znjVr~^q8}bkOhq^1B=;4TC2CX93QWdHL^qch~{Fpjp0s+tHr2*mmLe4#zhizkx#+Sna3 z?geQs!M~e-8phF3QT{#B5(5o|@>=?-%&W$dfh0R@z5RGCffH>YE#fO(0ph!{tRjf< zXiGo6k%EF4q7G$ifpI+E_DT2?#Y|Jw0zk!fzp|UQ7||abot2|i76FmdUY9$R$EX{D zt8hKBh}U#B&Tml))L;wj5bN2As6TM(DK|_K0uNS$QgB!&h}&QN|ocnYq;zKz{!7Q7d-hm60j8eSf4Y z87ZPFcGD7DFmDnvvS}t?tYfH4p7I3{)=2}VFNK}TCw2@{?njPJ*rc7D6Q9G{e*c&28KYYh=+&VKc2%<~g+9>1ic!D5qy z+;TaU$d!KFK!uv$Ad)(NYUBZvb^na_0 z|6iTFqBnWR`a@{6^mQ|mvdB6=2oSP!%do_8gO5GyDQ?kmcT1Cc<8RzlFY3Owt$Y@^ zjHoKW3r4`)UOQ0`P$ge}vtnx_fYre}_L26tmZaJ@HbvI$wGCljX*W9CCHaRPM5JZz zRU_oz-lS06N)c0KbL}KfA)X_1h4}GJ${vSy*_F_-emD`!UtebsgcS4xkR6Etb*<)u z`%J~AMKZUoItvgra6)Z)7H~x7%hihk*nAy!CpP(q29MJ?F}tUI-Wh`lEl3D37ru)L z5BI0(yZh#olkiY83T3)M{?OZkc}A|`9}>{f0Zt`XsQScAHxmE|u(5QXPF?nW8@v-o zH{okIS3~vvrn!c4cr|8QE~U=C8>~D9_OV0RTem-D_O>P^ia20>ZhQ7#9Y+|NeqZCPpGV@;(3USusdcX(f; z(-?N7n}NEM=LD~LT*jQJ?eCf~blmT-g#(0Z?Jj9|QcO`daA3p0>Wr={%VwWUPua(D z)%>5+Y%Oi1M#@K?4Zp|UjxXsWwh#VsTGT9OIc2B6E!E_p9vIhDd#>JEV zB#YtV&ti-Su$s0Mlk>ytn|^C*H;&3DT7*lM^g1Pdj7v@@%=}v zb^F+mjOkIiU&~C>3V91G0qM((x0wKV?r9#_)kzY}{MEa^-~qU~b>Kr0@g2DAWLr7# z5?jBAd%?c1K`Q}rk7JGA8UHG#w!HksRJl0gt~mKJVo4fs-bwV%nbJXDPRqhT zeTU_>n%#K(1(01_D|bfUj%_Olrfbkc#tXb>6!zP5@;_oXT|b`h}*FM!2C0agn3^s5FHomdjUvxfp6FR>(hpA{L|}__$GM~ z6Go!bi&czsbI#8}$RP|mr?7Rz1#b7@-=toCqFgLWZ9uJ>FY+bd6%_|59UdbLHBYve zfp58KFhSl`DNGM4`oaw>ER%X^Ah2I~!1y|?3<}M;-mXuQ$U#67xr2Ch-w>F3+k3kZ z7^J^j7gsyC(h$^D+jh5dq9QF(iP zh-&LxVLkZeGq-Pp#5{8{x9Oe}VYhJ)I{C$E(kbScK6(jmONeX(t;pt7@VqF>G6w0k zFPxy}ZP8r0YO#aF**nXDN@xd`o!Mas`ao%B1_bZ z+i)b8P~Acq9@s~}1(B6z>ZIVaR-eBOjHAe$0q^Ba8v_zihMW(Ya=7rfG>0dFF|{o1l^cXb=KWNh;k6J=JJXUZWon~u6Y`-U*u552uxAtRIVueWB*A9lFRq- zPWobOSXPsV%VpmbjATo4?q7(cPgk9w?5LTd;^PMR)LV`ncuiXZ(J)aV3*oB1f;5`; zh<<}Z`EGV{#UD?Bq@2!9{s}!Ee3nM5>&Awi?vXBBAk(Cm8%XUz#YPF`$B__y5)^iO zKeDhKGg~=`l-i&%$l*poXtriP%WCub-F8e@0Ny%DHg*Cg*SYJys%6~57q|xBU6VX- z!ChA|8Zk|&&pbSZ0$33X59?(EE|vkE#C3bxCr8o&{O0$^Db7`2Y6uCIezhF~?BNYj zd({C$QK4$|04BrhwOBw-G5eORIm*0nmO?pG;M@72axJVC39;=i+l=mHyg&?St#y-y zN{j-SE^C*pxDs(JZiBYJIG{6mv3~!?BhanIOF?Duj z2;ypPD${rdmsHgg$n7b??>D5mg9NLe8oH-sUuBK$XKyVy z;7y_uoSTHLTn}iD4dOh+o^Gn3i!E*}ahX2!R*PbaQ;Lh@F%4zktGadz&sWc#vXs(inUQi#S&VP$NqtV zk$I&5HtA}X`_>)r4Ibjh|U??yupX@ovrXJsTzyuYX`Z}L zWMdderQDQxYIrd+uPkNVzAEV!0o9Q|j~l5~x{b}4I8RwzNA=%r!EMdcna(g5wX5NI z9##KKXezPuaO&a=t@=*Y4c0Z!K`@4;SNkDVt8Sa9s|f2`0|tTi@J~C;lizvdYE77K z7cSpn`+!`fAI(hNX>|*GE7Lmtm3T6}7n_Q^rw$OppB%6&?6<+puGpegLp#i~DGU;&DfZU;nxLoU0TDr?_k2Dl0e|3)g^d#X4J8 zlIaG-YchLtzXU+|?1`55Et++h$F}Ef=`WkA-UJ4~HnHK5t<2PQRBm3%z}TJrgsYp$ zW)GJF4Kxy5Y2J7))w-NL&&<;Puu%Yk10t0%5CsoqR%t@%xuz}dRh`+UyU&ocSC}(z z`gt5h+0(xkW_&m9KC$K3;}F6r8agY0H1^N1t4-4tY$2B>*7(uYzq)&|V8UyDT+V}n zh3ZqdZoarXZm~G~J?Q>&?xqRG^6rA+%R6>|))ZjEu)jXZAFN#-Em}-MU3Gbv_G~6BV z*a&EG^Qum({1FRvH%wCl&o=DQ<}5;vJ@)vyBaeq(7m}vm$K%U{^hhIq+uF~#4j+)o z5l%r&bx~8h$;YAkB2uSy@!D(kI147N9;f6kchrfmD(u8%vG`ip`ZWjw-p_;=0ns4T zj0~V@KG@p(S)az@;i9^8seM|i^-$xrk0AL-ivOmrJZ44}u0 z{K$`X-7^K@S<$SQCK#%at5$#)XRd97NNn?i${AxsGrkHdOwqD43QnWBvTyL$iI#{= zOrJYS^7$j+LF6Q3Hg4I?-mOU}QqSbmudPGF0NKo|xQS^Xt(F?YoH9ONvmo`ivEk0? zV#})-vmLXcv){2YIomsg4L{nmXyjJ&1}eA|4(RcI6B zERTTU&=ylM0pVU>Q2mSObKShl)C^6XC4zSpEdb17swK?F1@xBFc3?>NKH z`AF13_-WVNc&c9zm|UxKSwzi>yT#maK05&Df=p-8%DP#$ z!WTQM0@}}G`^n?`_S;8z1s0`z8I%cMxwy63mIk?+_1E-A{5e|5KJ!&5E8y{*I&a+_ z5z{#k7(I*7fch+G%oWQwu|m+e?YNzeD%A3%#g&BSOpksKu<5wnDVuBOCqQ{{5UwES{FU@nkPs7C{ z!W22EOpY-`Eu}7oLRFMq^u-MOIUUU>wRXv83cdAX*fBzmQr^)oVj=QkBHMDCDT#D4 z18`Q;moq@31MFAXk1O3=mh&w~FHi|12Ink{DN|HC5Cg~$74kdgzoMNTEaWon zpy}%Zjy;I3s2Q;ud;_~k(#HgQE3t|UE9F-)V{kKRIA<#>EZ2+Ya7j5SOND!`B0kz< zFGcs|`K_QkuilP%DmxlxtJ*?FYV+J#fVv_$^8$oUJ+NK(P0z}4<4U2(5wIeocyWYA zQd&{$Yu%ULLRlKd_c|bTIJP#IlIoYYeMW6XMQ2hegE#EEEYYRPf?aTOEMMearY+}+ zTn)^Hdw6?2<6BxZ4fAv0g5qY}3640c-KIpBD9W^FL!PF?q{oEh%;I8=*+f>t(aQIV zi@dN&3jY?Z&O9fA5&1r+J%-Xlwn^U?Uhpd`Wsb;g<@?hsFw=p2UOnq!H{1=gQ4(xP z2BPyUOC?!4i_1#!q z5JEbHD=i^s(`G>-C9WaZlo%v;ukIitLhufx{c}Lczg)uY9$>6NxDk16tQI{A7d?v#g0SZGLGFp?=E`2bq`iwhZS)y<=Ol)E-orzJ9LyOXZQ1m z_XmpIzM>x&0$A*As{v@$MU(qcv;<8)JZ@b6T?AuMp&Al<^#HDL(Ei!DHzJHAt$vb; zSGhX2|HOWXFQE-tnUQuTs6Z}YI*DdWxQg8FoT;fbIsy6p2!i$|92Rtw{-g-8s*=6T zF^16^_qT~aO2kSQd$x3n1d<_(Ds3{){Q_BCb;GT<_m6wq@vN?|CUbRcZrBx4BBp)v z6d?{grf0Rk)0l)XjGm^WBHvnxK?-umc!#1=UgY?~fk1-`WCwM4ORKisOqaLk?$av! z&4fHFaVdg*mqPt{Bu$oQL`%DRp6cc~Fw=d{89}|5xYPaO=h(dIRgpWbbj#xDDA_hSg#KtA$z`aK zNg2p*NRV_G&tfl@*6A(Sf;{VX4b5KF-Hgt)S$Lh!K4V28^OZeA+JP=@@BP=RW0&$b zg#5((bzVwM>UyffXA$Z`tZWo5_ji)AW};(oeYq8VLwcY6kmhF78%1B$a_g;6F#h6e z*-X(h4B(d4aIFGoCb#cDA#z4{dlRW%R#_gt4on*g<$8K_NevRbrv+Lhd@vm-_>m(N zA=sJxr)%}DV`+|sr#K^b$2@qjBp>by-vCY!vpFA;L7q_$A5H^&xPZJpI%8@o%TTrErocc*E?yNIR z5ZN8=?^`mrz|U!#J2Q@NSK?fK`h)B{M!I0^lEzwV%|B{oxkmWF`D7{O`Cgp39`N9q9z_;}V^pUiEOmny_~Apu&5$EY zk{PU>)D+xjJ4xIdB4>aCsYo>dEwI<0;+CY<2dPK#M9<%)nu}($hdMe>MWxQWJ8!R7 z-rQZkL4_LJAgAAWYSFEXaO0prr6C{v4P1LDhEW;vXCT;eJRgl*d2`NlPEYP^X5v(V zFI|BD(MLCUl;Pii1H+><==2;&s@=`4@h!kRr=SUokO1Y{jnP{we(@BKoUI!eA#e7_gTR zNa$w%t9U9p=dn<5qi#|^3`kWbKL&pOxwYkQA1n2_FlKhX_v54L;m`c#e<2aVAL5=eEKqOecy|Uk!ZG9R#?)xG@$J-t`ZG#oi7> zmxeCUwF-p4Q?nU++AE(x-m&-vWIW}BS(cjad`prnu4$(Jq}XIe+i-@Dd`AI1OJz1!Q>Z9P|4ZcWtm_21VsG@5V1!mGa`m-B)FZ%_9e zyE6?wk|{BpG|<%#)Q9m5coUIxKDFyrY;DheGO!R73+*lu`swWZ{P|Hb=<$&PPmxhL zX6xOMObmj9NL{=BSBdBN7hP>#jZYe@P-;(g{TrEGgI;srEa6l4Bm87$5>3$A_bxY- zpL?Dm9l+{BqdMM4IW?_6I63sh$27#&CVFo9P1F)jVtNuWQD$SX+1ZJtU`bVS(JL+e zU*JQfezFfwUkY3Ih&rj7bFvI4+51vCsM9F7U8FD|1EU=oi{x50xZyc>C-dqPm7d9@?3XA|P|hdz>>Z4Eao&Be zW%tNYP^IU)%JSS9t&2e!WfZ0~fa~Nm+&Situ8%vLUbBwo$q=}D7AobX#TZM0t`AFd z6Q+klJjkwV4LThMGBSZRmjW*+-!eo|ref?1Wu+IR;ueP-9R30y40g3+r;7iX`iw@$ zJt*E^NJQYNApGbcJeyup0)b9at+9;vN_oGN&d^TGox3z=mFXrGG23~lxmAGpqhe88 z>!ES`bUUW}G%-~Z#5fuLUeP1`GXdsX@^5&B2AO=PESiQF`)R~%Y*_B*@qQPzm~U-q zN>mc9jIZam-F-76P-yAwNj9TzeD z@C^7EbPD%ZP#ikBu=`%aE^B?p9XD*V*lhkRU_xkF#oV;%D8kXalkGqP-dZgK&kX_| z3WDJ+v5C9Mn!37~;M04O4?m1b!R-SX;pRO-0Re%n157-*b^CchwkYm;=+0+tZJ286 zG#KKQqE}-N%QaS~2}$P8;W^YYxel)&>AD6e1hcx84mPJ<-}o{a6co_DY^1RmB`B}R zek=-m<a{^vO=U@i;m=V?CKZ2VmCG@q^y z-hrHsjM>gpWG=6M<@7eL7zOL@ev^ZB2uG{!4hX8+DXs4;?Uvt+L!%f=@wc)``e;)= zd&R1uV6XbsPGasFI3G6XJX~hN!)4wG)3wjXzWcp+dO+$n?}CGx!CU4)4T~s>lRVpk zx`sY(9eGsi@J<>vdcRGJ86WYv$4UO*-9KsOF7YnY#NN?OOadg)A zIs>OVR^cE~6Fb4s90L0i+r zK&jbXo2`gI9RY8?EDoyCsDd(62~BDdb~43L!{#}s2%M)$F4Gaia+!Ru*L0YI*k`ZN zqVa;G3TmvzR9daZQS^2mq8;*%Uqo}k0a|8biiPAns8rpT&q;75XLUbj1Al0BFI?te z{UxE-PP%zI$se$0>1a?`l&M4tj424j!3fiuvEWG`PukB^p3}FMDS&Vlo{paQxsn=^ zp@T1+=KShnXa;bnb7^p1tAGun3*;2WnLb_JQ^K8F+<7^$pZJMJj9AjD%3QOdRq3rm zt4Mf|A~`ezA+Jl_knPTQ+KPkn#}=FJM+3-!HNTg(Q6AV3xDr`K_7h@)5;O8;MaEW_ zcGV6d(5HWiBP^CUP$NuX>y)A2jk1EP`V`yedtV&B?C}qg9O1tI)}VpA6l0&F$ zvLs!Qzbo0FgpKoc@QQiO*Yf*EK{1zJ`=&&WjO+>uV9{+I{rM!Nl71?`JjOH$)rotD zgoK2MkQ<$l*G&erxRJ^Yj6WGGbtLp1FcZV#6pDG z7})LO_3KZ@r!U#hu!H=|G?jAqOo6&PSd!kcq1}hBKjhbk$^jeD6Qd1ewJ_o8Rw!;a0@ZudPBnv;602_=dbAPmG7cbtZ@zjAJnF z>Tq&)Syq}}K`+Y;ic$>cH(8(Xglu{~-4$s+ZhOThd|^ZumzhJ^w>@4RN-kfIz>W3k zU8qkW5iKpYM|0Ssd?rjI*Ph|FLR?ozbJ$*n?qwoiqruxC>8G`{+I+D<#sn3}9T(5p z%J=hwZ5^G3Nvk3E9@6Bg+-E=_p&Au{PRtA5Gj|?tSJJI=J#!(*wC$YGed~Ifx@GVH zKYA&E3DV1n_#5V8(GKhg->uW}T{FMgnyNOT=i7$yss}I(shnCi=1_8a~+-6a>>+VQZ>!6Qk$V=F5>&D_#o{*LyT z;U_{HGCxwAlZ@kT+DQM>1Br@TmdnTF-r+(yme3U3RXQhGjM-r?f| zU=nubLlQ$Eiam=PuWwgSFk`=cph=!GdAhSR_w@tGQ@qOXJdw?Tg|NuQ+^z|#y_@@v z5IJ&f-;t7BG+0nTy7Kx?3VHJQtKsnc-Gg#)rC1z|DP^gKOE_a`HRw9+L|9Ap*gw`z zL#{e@rwPJ4c1&fbu+*ci0X*pj#qvie0M#{n@lmI#4kOLv!aJXLOyh zViHsCsCtx}zZDO_nhnmCRPVAHN|ioq5;2t$kt;bniFc!^*$@xGt`EZNv|MYP;fvK< zg^}graS7)nQnWa#%ZJ5>vz{MO{iSf zv7ap*K9K&{UITz*SNq5l=FrfuzD$u(KuoA2jo4G^F9wz!_6J^$Xc=O{Q6=eOVsE0O zpz2A<=`t>_(AZSU(Y<>l4iA0X{#>(&kai{D!>{sgH*AM}p;ve_yE!)@g6!4fjcB0mpDX1yQg07u?{b zweb5b1uld@KLeCf?$Zzl&9^Qvmw1t>_~LlO6$w%1dr-%}yfN5lJm&Y5Cxa&XQBn1R z5x|enz%EoCYAZnh=edq_JPzQ`a|8ya1ehTDt1FhBo88P-yr;!e%v9kM$X@s}oE6|+ zrlM^)@u#K)%EkU!9bJ)vm@rw@#T8XBJ4C>Z)MLUhIhuJdFO%*&`Yyno6Vu1^E3WQ@Ipcf*^ zBC7ll^j$0^(P+IsqnK@}#o*9)0D|6lXe&Bpr+#Owb$SS@q7xn=vJ6i9+uh?@Ger`t z)ow7s!TpOeS4^0gZ(A?9j;#($ef&q~-Pe;#YVC{>Rr^MLe8hQyiMiB14|kzs?vOmi z{l;o|Y1-aS(@-~9s^xl;sTBT<1`Af!2FKBeM<{;b*{G8Rxme|;L6e3=IRncm{^kB1 zNYNIpy$XIa&VR#kw{1WCWRzNuFsuj#9i4P=_-jKJ+nD~~lZdbWl6;K!tNt5sKf3uF zQmI~e!LZG2Ou#SzM7@{xDZWD0K{dR>oqDcM+BE$qhN$=N&<{|Sc*88u(|9ahRzAGc zglg>jQ^CiHrUwRv2!x>DTJHWdHchyDingqcg1QsJVNkuY+^pfTsym5JP3vKKPS+&0 z)IZ=K6wvBKlTTuz@Sc)&PlXXhZ@V!pasOmuUMJHu36mfQr+Z@QEWxbSNt=tZasK7q zUfiP9Zum`OUbRGAnLM<3FMs6XWAY3Wd{_wqudM(IvzQx3DobdF`HU88xjl6W!7bj} zcqn~^waeNyux_Ic7Xl_S(c&)qX>sew3p+nd_K~}0(!}B}F=;q`E@opkxB8uRT8Sj1 zor*)e$=@w=-`>Gu+o$^1@T7!FxjVpu7x>Bs@swJ640w8v+Mx^Km!S(c9$Vtzo=QrF z;D8rhdNiu_vBg2p2|_2@r|uV}Y8#_51%0kfo}MH&j$4fqD5vkx&Ag)*p$JjnExz?P z%RjPbc}uIJ5!=}GDr$bIh=eZU*^;P44HJTsw-=4%mmG?`@F+o`;T8Dh>FjE>Ebz= zFQuf;kEog(YtNXH-H<7j(X-zMr_`c*ijLOmvVZFp$uu8fiMi~cF>Yg9NX{z*_i=wF zkDqs8WnP_x>$V+jaSFkm+Gn!dWdW!`Rq<3cz9-(E37< zR4*1}D~s|AShYS!?S!ZHBu)$)JE495&WRPh7*-UFp>+1CDh0Auz!#f?UeZ{(XsD&| z)l*Y0zZ90T=E%Z0p_iUS)d+Wv@@K`7^Y!os(>f{l)frtSel3iJJ??d_?NEj#o0B}3 zG36Pp-lFSzrCh)1yb1o*{j!G)lS&U*g#$gpP9_^Rj$_^aXN7D;;89WbsoOL`;@;Se z-#RwYZHLvvddNC3FM0rwAq~5dKuK&Rt>bcvuOcEpI-|gP>Rit&sRH0@=#1f6(I@WM zkm54+>{QV7(hgdMj*3JYiPCMl z?eqPLQx|AqKR(VN;J?pRpj;sG)XNU^8DuB?WmnY91iDCySDe3jjdA`JG>qs@6KU@W zS*5k(GBM+N$1S@~v#Xk2DHVYH`Uj8uKxfl&!;;Jv6K0Z%a6l$yQ-iH07A=8d;O`l? z@Lf}cSjV&LPJy3yM-VTLI38~Ie4Ai)_Z#{~uH4sPjo4exJ=q`Kovi>P7ql&;>8mbD z_65kvNT}Y)icNn^1^iH94wZiJ2KjY^{hejv^&>w)257>i5rzsLIHdEZ5=WWI94_E_ zy0l!-1SI8guURyN`O-8j|7d>o;`PhcL)UFBeXX3CNb>9K*hG-YG-6)OU~54CLY7!c zwc)5F2^b(Mmhf_Wd@emzJb! z{%VME=Wkybwp$R%qcMLsFCeB{=G|^A&J(wlNyaSR-UcFGZTbyv8GWCKp~hMVzwMs# zEsbT4FR4UBXVCZ3`c8@^!npa8)>nKcKSk$^keL+WnDnF-r=ROT8T9@EMZ8O z{_5K&&RVVvDyE^zT|P>9W{nC}u0(29vBi7?U)?I?+QNT&MN{TJgSJa#_FCDM6{SVu z8b($jd7QS{dd+~-j!c>5%VnVbQnUM|6vgfqGxQTuh`63VERz7QV7^Q(jISU)W6#a{ zCpHRczMP1H&XtjlVE-Uw(c^WoxrGWhzhBK7@-iLGwQP+y;QMAxq`M1OX2_Ts>G4`D zv*Fd)a@Zn5Y!*z6I*e7ik*7hisp z9lgP1bj`NKvYDO|muRw{!CPyy`^)|8zOz{m*_2~`qqaFU=+d=LJoB@^ z_4QbZ%{uMo2fQWu>t^l__TIt5I}#F6zW}q)v~G)YEVb>5=F3%}28;i)Re7WL8f3iY zw3073@rjWMsK&s09R~jy0c#+=t_EzC! zO~Jb^LfvrmD91b^zQ5d?yAaClrzryZ)P{a;5vsM`vtZkQORKJK&RJk1?xG5W3V1xx z^a_b7iR45sN4Jf3c`5*F4Qu2_`1ieEowR^sLw`*kbG+)gxjK7jduMNtPh2KM_!L}< zNjYxnUmwErZT)r|aGOQu5KA{T$cOVhe_q-S_Hz3jbP%=BIJHcydb^I|Tw~ptz&|6E zt^0+u)=7PUB(Qs~kg*tI3ZY!p0kiz5ES+h~NXNlV3F73Q@bJ^E1~NXoYm3ZZK)%@1&^Om7+v&148}dX8ETTawheI ze;ly+AcsDL0!}Hrr*!_UOY-L9_FAMcrBB!Ar~V!gR(*q4?lQ_NIV{T6p!pF)7CQiVT=zWdOVc2tSpirmyl0! zKEPj2wjALF+sNpZS%d~7qnfNB%wTCPH~$x+nw$9lLLbil&Oy)ni{|_x4F8I^0fK<{ zKp_}|0EGQ`{1p@-68WF5uk0a)g8q*f3gdsq8_er?9(e-}>L$*9EBOWN5yuBEu0-~S zXu#ZT-{HYQ`1Ucz(0_gHmtbbRxH9Y7k# z@Ict^zBUbOi^HeH{$Zi5w}|e`0Eo7-onw7lI{o%J9Kzy2!frWIPfr<*BCel1LC9Ro z37-!O2Qe)v%=$U)kh+NTnp+mJXPMSf0~*41HJ&fAN%!*A@Pd~4?u(C9-3I2sBC7Ei z=6ZNUP#dO&&9F1#>Wto*IjLGxSEXE$5hA`u)UAD5kCKUw{I-furd{f=Pv;3ds`)2+P0Zh6xBi?w zNtk(`q$yxf+0{hDVD7^#m=f*Qy<`sASH*AN1o211lVY)*%ubguNe$f0)iludt6`9;qrQ#0BgU|t%%_zj}eOAzad~^qHvk0 znNS|UQi*vD zxaO^{pio?{n}I5*A>B+jDSlZZm4p=RlU19fv3g~iNvYbcb zjsZ8JkE_Yq)dar_J(3F_6z~};R4B>c3nX3J;4%J#ycV}10?bI%xSG63X%RphAOQ@Lo+@Ko_(L4AW2{G(R!r9;8) zMs&RY`o)Un znr*9D?phA?8H}9dwRNiUv-#mWTb{)06~VHKFfcX@LmRqQexNr>b$oRFGru;T+*FAH z)DX`84Zeo9waO67rDlVk6xq}x?8=P{0|eO`18Bq0R)@!h-84pg{qiR7a@Wy4=raoun;mDuyxzDNCADLnG-)vIUS zG(y{9e(8K6zW!q{>GhbhW=3+?2~A1pi>J9M2a9JwWyI8rE>iva;sEQo9Rzt`${DYm zH=h3z<)v%jYP7+Mm9GXuNwGMhTdHUnI9_0ufeg#<*0t`(jmhpsrntJdhlt4OvZWS> zZZ)W7-yJ;Hy>Ni$fQgL{u8}~m4BN?yay##Yx_7>I#U4pnG) ztF)kqx$UnwToc-QsBagat+$hC6{nQ?lkY#mi$}2V2$a_0Ayl^fb5jax!D{TM7``s| z9Kar-rL9lcrvWFw@}ZY)N-0EE*gq`l>8|V`)8H}Db~Cm7%BW;fR{{eY@UOp>J0-}EaqDKz$Fr3GuS4N5Z z1O|9*6E1R7IKx8{!4bkAc@enFN`JMb!2A2_{D?dLNoaiBHPxZ4;4ltDz?qP!SM&kQ zK;P}8KZbAO{wGxSUqtBdF#cac?mvl+;8~o!!Ynvd+|ZT@r>c^7aI_bN$I1-dWN6Ch^}jAb{V#eLa}IQ=ky55mvyS zx>egO@;IPXhp*1gpX>w%^(E@-;#QWH2nQdSPhLS8#=A8?|1wy4=!Z;mv*Ww9fLW~uce=`vHVjv(4ghUlAUfu&L^1>%e!p;? zRjGA$jCm-u`!9$v>@MI3|9*4{B`GD4XvgE=1 zBFK=(g^Cjp5Hn<|G!0EX0TJk{kxB})MuvPLugo$A*7CC!cnnMHW8G1gJf4!fCNzvQ z8i5I6A?YS13&#cSR}+kOmY1!JH%-eXF05;kPP-Rf0gjGP3z{b-t<5CQ4u@;5hqP7! z9|~qXRKoe`Yt;zL8f{0KS?(&hV))|d1ECYh1!sNVF*7hrN&g{@0p5EXu_#b{x4k$i zK-i1UpU1WL5osG4$12g=CS)cO0G!u7NFYppO`=$=Z)wBc58|-iTpQBdyb{QWtg_s1 zPjeJU^xR^CuL&%d%*%|?bppm@(ssx+RZ2;NblTuIV^A&XXiF=tHeUmvyRu3fkBME` z@?x1{BRVC)6UakAH!02y0N2iTf5!>bJ-eFMYgq7DKw4 zFlVhRDv(MK*llXnzNIMyW&!*iT8+kV|Krr6qB#!Um* ztJrOQG4-{RDvLMVb)Hl30FaiU_p#*%pkF~*_W)LN*V8d|X`8b1JWtkP++{qrQ@ux$uML7;T6Zh$N=%a9abQaA|Of;rE-V>)UKb- zF2pmQa8YPcZYUG=>kX829yFNTxiU@nL*O?*qH)?^=f=kO#EuD4Pk2X}QJnjPR zS~1fhR@c206eKrx(@#{nn_dq~FUdGRv@_L!ZkAyzZhP=IxOKEz^$lOG5avr|5o%XG z$*29{`K%EI72O-aaE2Htj~K2_lb)I3x0!hKb-raT#E4r|@f-Yjs6}wRKMKW|>^6_E zSrRrvTI{&VW|M|n9-nZPbHA3R)Dsq3+z9Mv(h*wavs1-y&&+P$ja5wu4b0MRV^ByR z^7PFH#&oyw$cxk_)Gr6iG0Cx{A3Zzgh^w@*t{g48Sf3=IAK^CnQdw363xCnNaQ#$b zXCWVML&ON5_+2thv8k4>DbgER8=xVWpV9S|NgokgTDO2uE0CD+mQF?d%t&wL8~X0G z_K^32loFzQKletK>zd6SE#)TJU+AYvti0SVnxmnke!R6`v|GAXkq!2WD{?{(lDK}KU=S3!RCkJEUk2rgaykDy!0n71(ns;{lSOUrhy&y3qA=&n`QH? zVPe4e=`Z|eJmg+_6~4=T0fkaSRjke-@qPi%l5{qNKtm#kj&}3Lacd0aL!PNM-FTbX zIe-cV*rJ(Y0#UGQCax8H~#d=$+IqcL7fc8hzgAM4nOIXodUtZDKh-DFXkk}SP*0*=| z-EMOh=QBG2U%03$nh|zE<0fx!RC@NPH+vb{jsGpx7Cw#klYFh5}&KI9cK-Klg0Slb8$l|IF7-<&kp8JuELg0cJ*C9KJqy1O$)vc7 z&^jGV&s)!1lL7o`{4UJ~Ok6)Q)y!_!des+BVfBL`ggtIziPq*`#kSM^t2)Fe>TSd%{w`8`o~kay;0^DAF2n` zMvlcR^TP#f)J#nv3ibak&;QG_`EORZZ3U3W@$GLfCjA1%zqcTPqzeELBvgOmwiaYi zvea6!B$jFp63>anb&u8r7-$O|;VU6|$x?^p_(`YxS3cV>eqorzuoT-}GnP~C=}hCE zD!LL99IQ?HCj=tH(?uGG!Pxi0KlZth)#oyQziP~)!RNa6R4P?o3+S8gp1veb46Z22 z{dxAC$TY4d(n2N-?d7W^{|`0Y+gCMDe()yt3Z6at+a>dWSU zu@9r#fX8Cn2@teP7^VJmk7etzV6rC$9+?OQryv0kf7{Pli1Bn~jR1Z^&5S-v|H8#V zSR|J2*dBO-BEQlDz;7AmwcKA)LPd#XBY!aj2TO`PW*AFpe)TNEo7=@=xjpFOW((PR zVoITb!?ANIrawbf7<=9s#}C<)W^V`k&lBnbI0x`W$IcxO|0@G1m|M;*IQ2&w?a1$OqlvKMvCp^xa2A`0RrtZ-C# zrmkx1qgt@i>;>>T9zH0Xz3g8k|5eDze;1*m zZI~qBheToZw(yyXIBFd?XrLXazXs@LA9a!&u#1xbao|g58@?s_WvS=ytaN8*B*T&4 zMxFw>|MU7X0sNRt0>FR&m;?Ut%@^A8lK=dx2g}Ys7RY}|hyaTJJ2bWpSvT0%;Kiq^ zl^J8`{n>e;dLwwqpefKKRr@yJdgE4=Kb!n3#YcN-ZSC|e2YTX9SbC2!9HarA0Qv9z zNr3!=q9OvI)jtVpe`PPt`i^xH<1s1ZQ<>_kg=m~+_((_2q#1L0*%*V1OWUH8F5u!t zB{EvTdVt#gVgRbO-zY2A0KoUaV(2A=KCerYtZCJs2`|=`xyn3IyW8^B4*vckKDq_q zsy^29x*IsF8g5asnV}B;w=dz`<(Fr)s;zyBV7RL=OZTK8809n;Qc9}+y(Qk= zXFdBZ;6QFYV4G9O8&a`mQ~-SKzr{;uAbKWS2&Hp*1|B);6WSFr2NZzuem)lw?Gf~} zZh*5*u(tYKes!NrNDtCPsz_N0OgAomX?u;X&7|>|&RmEOF3`g6b2iqY)&+KHH6db9 z`^L)h7lp-+d}BkGDLfVh%<1|~aeR|E*P{Gpjjz3!rl)zp$9L2g*R>37n>kBBn4C7r zKNb@ZjB`ZWysP;tjlH6M(@+TzM1n)8;QdXmFN{^NfFA3U=+^Wlw|4l9q651%Z(X~h zW8OvvAiKRe9&?!I1wZYgb229S&*(SwRsga2x%DaPhwF+jo_#-=Zm#4Ps1v0JzcJ zF_L+z(10-M1cyl$1jVfjJY8A83#Rb1Jq|6dB8FCy$ z2&>_XZesqC{=xglLL)J5-+QqzC2yJq1>vb4c85GiE@@5+0d;nJx!>^jiHT)3ump4% zNkzkS3k5gP@&kkdCnsB(jC@Y5`;YK?5kWwrd-;$R_voI<5)6VJX${{WX-Go84PZ@f66z`L>DXb6GSQuTK!7(KX3Yt7##KVj;Cktdj$2;je zgpnd*Vy~BTF_7-7aLLZDNJEUmM2saOF=gnx7+TEmIqZ->`1+B~G4j(R@Kj_OzJJqzFvP-Jo^FSRllLzG`7Y?A>8kOW4O0-rDb%n-R#hO zqQ)AHng`2TnM+wo&5O*%R8UYj2D?7qlH2c^f0m{XyJ)7?0b}}FUbkJZO4^eNBDgDS7KIUnb{ha`&csw6F;zhOd{g# zwp+1@TWpc4^pnBW4IP#epHQ1{%Ae=Q^r5!D3AbG$*)RJ8)@Db_$L<^66ecwy*(*vU zbWo5LKrFs12qfta>@F#kIg1M9Rmk=|=ddwf5@Yu$txY}By!>IJq{inap3Ge)>en$I zr!xVi^MRg~Ygrq>c`07EWL2*KKUSs!dlI0y{9%AB-4@VINay6L5gaNrUWmem@V?Ld z>3q|V^!HvxYV0$;@2lFo*n&7ZbS?CaW`qA&{U`eL|Sl-`6 z#z2#?0g#b}CFMQ>~&1u@^Nl>O#+MG%L5p zF{N{kB@skS;+;3zpV23uyi#`{&g4+WDylPpwvGwxRa5#-z9(4((IoHejxjwuXwShZsxyX;6#jq7tO3ePODdi|+rlifLU4M!jkaqM+>z%BNpa%t$)Mw{cOyDVmMKQ5L>wH>b zK)@l56#nw|WqGyJ`yeD98@^UNtLl4%Lzm}fAl7UphWXQ$65&J~@;I0L)ToupA5MHa z6cuek-za)jMXVJFM;|`r{McLcgldB{TF5xTR{I#Pj9q6Lw35cw{E! z3R%Kt#B(jr$hcsm-YoJy+rkfuiS}pQ(ihzMB!v9)#LI`@O4-uHez(iFL{Po)(0Hr# zhJg7^qHjmzR3@a?1=xXn!nEeA-{tE;W?oM4k-JWv)~Qp}nw^Hs=cqXko_)9qRa2wV zMkRD>{AoZ&zUdj=u$0}fO7__5-e}_cw#l$b?*bp8y`*dkVgt*B$(t=6KK8vuih;;ivSex1PUHt zAP!%1|DTJ}{AhdNTLtoI;BwJ>F0h%uz6J2gJr=}sETpz+)d>G>fC=&b#PrTmJ1u2G(g?!Hp(Cc|p&% zy3L*{>i?hb;v?WS`EwYG{I6&Ahtj83WtkglK6fTk_Mz{Ndsmm-TSD0IBmIRz(&>7G zDifrKOXeU0R~#>Ul*U%(G#p4j15Mf#sT@jv#Z-HPrDliAKIGzfxDe8L4!vFh71o)c zV~&Lc{WCG!Pw@yyeGj}mimM$??|TE))U!67HV{7`Sgp43csSgZ7%pwQA7N`?l42p6 z@re^Joi;Ki2{n~8r%rQ{={Z^LoDI?SINal5ly((0Z@hF~JM~+WIZ%8AGSunfO}WCip=!`Q@Bm7wQRKDyJ+0fymu7_ zqd?l~Z|`-N`pL#tpBMziP4Z!VPuaEhm}NIbc7eNx?##3A#pO?b*clSaV2 z`^j4Xq?p$5p_}Uj3>A8^F=WKr9`y4FB5&90rwNctF~Vj-f|eYZ3~c)JlJQX|h+ToU zpAg~ZaR-GuDK`2`7=yVM^9#nqfU262t$EU>ao0Ld$cs8hTprXf?5xBq$525ZP0<3N z5#uMna>C-k_BI|qO}kgWZ`IW2$i?rTqtx4BU#r}Q0?#>Pz0kt?wq4knWGVacO6sd6 ziXZE#SaWua1CY|%-$i~SC-MPDsB)O|bo z>>u>2Dcu7|k?*y+QbDGf{^$SsLpEdRAd|e%N1S+ke0Iql<9Y^=49*Z=70!i_DYfCM= zyjmbUZ^)&7!%~i2_b&fT-acK4%b9tf)0?HJWN25V*xDkPns~NeEN^HD0@y30_2{ex z%RoK5T2lmC&fP%AEJxGg`8zMFH@)`-oGXK=wJ#1uMO&{YIoD|vu$^u)w;G*sgwxX! zniG7~vv+b4ZGbt}vp5Ro?=sU(!sG_*dGs*ekMq5tISAP`5KLt z==!)l&Snr*4f_3`P6X+%W=nSw)6dd}&#$dbfI z;!EK!Rr}odPr8doUuar?N>eGb6 z2$zqhD-mxvIF1L@(wi9FF#VB`3EIvDLhl^#e#90O1jw?KcKkGvIp7i;wQ%*k4a!yU zY+ke;h(Z>6;fhxu+IpNvX@u##hg4IN7&JPnn=Di>{{-jR)!UcR%WsVieR~rNy$`9f zPFhy70=PZIm|CZK+{#zsHpeZVl*3SL72f39PbLcy$xD3Qu6>fwnVT5Ej509coNhey zc+3;}A~NfQS;)p3b@u$?3!5mUBw5rE?k-kV`&f2q4-L*A5J{)Q!fiB!^tV~h_B@BK zC6GjUV--f+E;*u~YylHmc^z+EO>53~S9C~d`9{y7S&WO|$Yl;as*ac}(ve0Aw zEB1g84LMbH_0{#ZV&laUvSh7_J*OkP%c`iy{CP(y6?KUdbT-PZCwbNRu9-#RlncZOv~%4^bUcAAs84Z_y--nU2z;k^0?$ZCtm= z(N?ovaxb|{tL~&CP7aS{8(K6)3kiVL$)4EjLz4M(A~&jqB>?qycu$3l+N2uxMPIl5 z%x21RYsshA#AGJXIAx#4c!Jo2%Md9#p+GbmO%owsdV|bp?f!-ap>ZrqC1>G z`tl?~^LqBBVwP+y)*o9Z!~?eay4vZ~I|2m*66A76z7hJO&7ycC1{oYyEa2|J2+*=@ zkrt~g1P$$(FT5+JS0%gXuw!iI724vi|6#{gW^5GZuZbo<^wighp%46#-vIBzp1v4K z7T=VN6doBK+S8t{vSn;QyM0yKGKbnV(DH+s;!*53^~YSLrfGQ`A@7I?TE5gdZ5zjRk8^qj%F`Gr!S zN_Qus4_prI|9tvoYN}5Px>tQ6GQtPA-a}}IklYsWbdO9JR`r7mzATg8&eIw0AoM{^)_{jIW+Z&_6*rd{^t!HavSm#4+ zo>9lxg=eIrhZ+MU|vchd_)|9Ir0+gy;_?l~`gg-#}K5gwRIMx&Z)v9FaLr+v5r2%zRi?4mYS}NghrEs=1}_nA(+G zc0at(wn!N(7S$Uhgb)dc-vsWHUXt<&DVuUcu#q@2BM6X{R`N%sPJ*KMu=oggqWPTyj3@P<5i0YKkNx)nnG`$D=Qqq3yrK+yV)?`(*i4uNk zevm0W7w`g!{93|%abnhiv-6DcKsxM*;T_LXG(i=+00$+TlQTs9jF1ON3wTpj?&eu7 zwX@@v74#Q!^{=-Zl)W^gF!m%I-;x2n6x>tap}WI8hIw%w^rvnn2hM}DgcBwwH~Ll1 zqOP?%9Xwa1f(*gEz1E?-m#!5PH&m2cO2d25^)_^ zRz0>urZGHd0_6MoT^-lmdj>C_A}_QThAmEj;5j|{p}|*T3uJjFEdJy&D42fzV~0IJ)t@7W8tD&6eE;(mjQ=|S3y16v52d0b z8%q-20TGHhcsDzLm(-VH`Cr-TBTy$8>5I{a;I!D(|7S2``I9yxg?J4pVzvS!f^Po< zNnKoOvigEi01HiFT%v4ie>3pfTIzRhGI1ENF9lOS`)54_{&@IX^gmqx1fa_Q>U=q1 zZTwdg2KWOX6d&@;|A<@X{MY+xO{~l79xiJun~$8h+)^&t3vfNJJPdFehXa2u=6KvJ zl1j-h5edZh{3fi|(rMD1esz!Hd|j!fCbstf_!8>=^^Cv%k0Yd(3^)H7@SV&s=>E4- zF3%s3v;j~!HXKMKOFtz7FRyQ!fIf@R{P z5H#f= zcZpn!D6>z>bZ438(T_P89%6B&cuaVwp^b+D^o%^ZdTlZ$>We5J9Id`A+1A+`2-xBl{qnd1ICt{=d90Z? zP^LvwsDJilsELUQ9|=;&_o`t8ub&h)4h+GF1$y%qY~r9ys2MH5QB zQ<5wcjK$bh2W{R-<2i0w31ga7nXqfPsXcm$>x$RG3uyz8!68Z6ORn>V#_z$+ zf9BOvQNpEfu7ZfX&^_Hego$tc5pn_t`?7c>?VNu9xCFU8_3)TGVsMAfBwc~~oyagr zucld!7Nl>9b`x1j;AUH}w#7cQn#9Vl@CvJC?O&|3US1Mr`~Kol1+(nX-NY2@UXT(5 zwb?_znX z0S*R8uBMmmf)1}8ehnTWLO)Os8XRT> zu{1hv5DQ+J`$p9d{SS!&gxJVQFV^B1H`=tY<(#w9cu}%6_v`)( zRj7`&W>Ws;wRV6;IRDjx^Szhi@R4NvYWJ2cu!W8abPyPPGD-i7p@@SQypt&liO2_e1~x}GQsFBes{ zIdWQ7nd?KzM|F;3cv@8A%@rt(ZbY>uY2qd1zjaLzNghLncUU2sU1#T40Z#zW%!3<& zS9a{i>SCMYx6v7bJFjsAlA8m_(|@+qEB$dI`&bj614fqDLI8PAf$8Jev{J6{!%K{r zd8pnp23@GVX%H^6e*ltDO-Z)O_@v8zGMHMqyavhnFg3siHf{OYw{XODC@)IjZyWyHC9hR%@88M%l$^B z`K$FX2+a`|&TXR`f@J;=sN|YnO*3*=%%Pz89^n&IHvQ7Br4&0i_hl&b5^r0571cqp zqz|Pw$)1@l_eeSev#-(XfZteZ!^a7KEP34_RCb?_8)kIZGpXl-U`N;R(mv*WY@E`VqG0f@7@~zq2DETQr|&QSqNKe(<}& z#Bx?LyX_=Q&&=6+<7}5co>@+tTFy})0&?MKr;Qw^3_IT42Yn$4S{{O5o4w=8!~8jta$JuziM6lA zZ->HFqTQLjfp@Zr{G^Ig6x1!5JJV5#Vs5@~F9dMSO5lmsk?K9(DFK1uWjJa=5dxhV z(c1L&IoNJ$zrk`}{~Hc#x)eN->r;&!ath<6DUp4uErC|9OV*}amc81dVl`Qj3gC#+ zDjhUCaNso?_U$z=3A;zr_Ip6iTp4;$xMaynh4NlUJ9!MIx5ZdG!-Zw~@JLkS>nVnm zaNF+F$4g9*a{<)Y&KZ5TW82#)z>hxVnH$ZyF{nj7?9kEi!5V_H-u}_A++xTbhfZU` znJlv{`%E_eLp~baHxoN!a;c<$tcBHOj}^q{2?d$5@a!5Owa5~UK67bHcmp()X?6nI z=xHM36=#ipOWK*c)V*Xxli2dNt>f1h(V&<4VKE19{pglf#%J`|C1T$F zP+WUcU4GiEf1k#Zso`;EsYMtT=G`=2XtlhW|AboM4X@I^!{N{7ggx>Spt-SP2bCo;rs`^jNtcQPFxrzj z4F`5EryF32DW7t_*gd!q$T)g^&Ii7wf6ke$v&gonxEDxDF!KTfGUwP{5@5ej=cod9 zUG`mx&mXqgci5cxrGBvkkHROA(G#f+ob@Wz{r&_0RFdHU6vLQB{3z+w~hO zN=P;4{3U;I=2KC>mxLz%8XYiLy^&VX9o6_rR$9(^8re$JFU+rxZRYgSu zandZg5O1AJQ$`~Qi_l>%xnyCGlDTfMy!fTfIWakLa{9v(c8HAU5hnYeM2D^<4CgQN zFC!hzU|8gdnYFVRlWn{P{=>t5UXo>f+WU_fmEH}!9m>k17@{8%PGDb%ZT0}(@WJ=; z5@?$H%k0-C!C)Q4rn{$c`EG6p0B zeht9T&d9Hqm;%q9{Ud$N#SLo<}I0x8Rg#QCj{AY0ZzmMeKeLlouuI8@+Q)@e_6|L;wgCwI*N+-~hS{M8kHhVaB{&kSY%oP)8=$#Ufm9P1%gH+`Zm{p@iDleT)? zY=y|h&qc}+3p0#~M!bmXuoIbTr&bS%47J^j`hzf>A#!II2#%~Fy#VdcMTOXr#}kcJ z5leF)|4=_Gk4tO&*aG|cYMoOLGTg5uF;_7@AS=j5Tc^{`b%;ApJ|X{&6s@3_5>ncN zh>gAj`d@Q|)Cs6)tcaZc576fNmzD@T+84opguw@y?coCt2lbP$f2Q+68~p2u0>Ne8 z+COzi=C~f+oAVfeGOIQtl=*C^xN$1uE!v9t+H&hfc9Jd|a;fy?N;e!%t~`JfXZ+?u z_PA6`7rFy?O5ConA0~_nvo^3QjClI_{Ch4d?m#}L5B8o01~~C|)u<{>H}<^Sa@4p( zOFm_zD2PjF9X}}Dm`|>~j*t4Epgem9afqgE6+-bES_)53-!{70kmf4;wjn&7K`luK?g1@2bFGPH$@OvK+t324ZH0juH6r4-qj z%LP-N1Gh}^RIq2*rGuuDg-pL zG#8S~u8wZ;1@@Ul{Keasm{9KN=R)EJ;3kpwP_fsJ2i(O+c*Aqy(5;fJZz+n?mge`@ zrAhXlGPPCt68NU{?L{6w(sC^nUs=E-#< z-M8OO55%@BMvqY@^3r3O4@$!@n(;2RHyY{gHs1>@*)CFK9k%gQf=lQqgHAo(Zd_AI znUt6QMqT70)eKr1)()Uv|&NO7Do6{<1>*S8sk`qd`mxf&L zg5xwW2>O}>EGG=ti5Er^gqX%}C05ARS> z5fK-=#wr&Zv=p0($X!_#&8Xm7HR=oOB+pS^Ou0w$r3d4cJP*y`|=1A-2FRj|D5+WsQ>$<7TE@cg; zuD#r5DQ1_E-kwweJ2XmZH^MY3Ea;YHThD=K_vH6`!fTX{)u(*c`@M!YV0(l~p_1`SywFF#`}?ub zVVoC+{k(&0;gmh{5+F2~n2biakeJtx(S-?{n|bAZep^yL^t9hQ_qlNKIbo$RM5^b4 zTvltV{YUJP*B%>=h)1Bn86B@sP92#x7X8MMMXqvqgx*hqRegUV9q-tRBOb@cX1VU+ zPnUqw_h{EPcR!dIwZT3XmB=d{-%48{OrvKs+a{9TPIDP-SK!;}7KW(<-teJoIlbE| z&uNw|X$p$1fY!#b-v_pA2ZFAT;bC5qmv@xir(^D09|yilvT}hBM5u zyHpn)x|K%VNeunoPV^$`G4b<&2Cj7%^VtZ>ux3ufVST8O$e}LDi5;PqogdYF5s6cX zhk^cU{SNnUy|_eT?Xj}YnGdtpq{Y?-e^`~->z7*?7oee@bQ@$ zjI5X&(CQ)jH2*S0w0Vl!sDHl*C5(JUv*{y~NI!a-l2AT|vd-(lO@JI~81SR6qx~}t z9xiT%&vfLSm$B~Dj-MpqS)!!1!)YCt`b{Ya$*w0ttF5~5@$q01TFCvp&s?n^i>EEJ zg`Dfzs9`L1oVbt*L|fMS`U|sr=~8#b6TD16!8IOuEhh7nl_u$Zv4F1t-^g+jnb3Q1 z;0CkZE^l$)T+3FIC6|GLnSYR|DfYN<+Px*BN8;%2LPAs@>xwm_ERtLF_k>6E@^W}< zof^i05>lgk$_zOZhcgw%7N3?EblF{U==m#*0&1h)OuH_J#!H~3RN;h~#dbBX;VIPo z$~&yoO(iDW78P6UAmSM4m<|4+l}xN_Wfrz77FZ;9NpAh?>N_Wu{lM<8xzUM6SBgh* zQtObT;);_`7wINwlfOP8k_6uRZi3$#D>39>G7p$rg}903a?vb#eL}hZpwR!_qquqE zm~#FF$_JnM83&gzThUONAw$_TQ)OBtK8l0Ly{f%!9_Pj*`MOOfqWJjMHl+j(v~pIg zr3z7~=}LgP(y%kr^>7+pV{`a@6WSg8@@=dI2g*z(?@m)FV@Va**wYCSDZn^PYtK_i z=+_3GVk1@b)xt}K@uv%DqMQ`P{pLofct*&f2bV&h*$*pu=xR*%p3)3faIyX>PdRT0 zkA7;mcO9`*@U)gbG0Z(S=;WrxCncq~<^ z5J8@tbC!F+jq#Zn&YXe#AUiPqrOd}h zwSj~(VqCAnzMOAlst+XmWGC2{>`YncQe%6RIT5TA*4c@PEGJqUg2tL@tY>AUZ;)KE z;|4cZ8(SFysgLtr4!~CuCtewbthZ67Z6k_<$bU)?LmL`*3lj~73*x^s=JX%#hQ3Nd z2gQ$0L?4}G%G)c~vKNyW^YaVh^OIBtI(1f@2z)B|WJzJ|RwW-}a2$PlE3GT>XGKwb z64xPtabvkK=90&x_3=AGeKlEP3}&P%;ZAHwRG->~g-UVP-gM@>eGBu@P&vnWjuHh) zD>?0^g3^kxDnaHvVMWz)y^&|cTI^WJcf>xhk6ywOs@+zCq$;z5UgwO?TJWBl868tI zRFikO8ozT=1iVS=*JO1g6YGQ9N_WmC&M(v4q(?Ievb{Q^zU%o==y;HGLb<2HJ)f)&1T= z%;nT8sf3e|0=mx*NsOv=bl$gWQ9QDnxRp>cWXq?CNoOv_OrM!m&wBsHsg7VS@$!0U z%$r{N3-V{z{K#QDxV2AKRtGsnmRkkmgn}xfFqoe;|Eo^mhiRw?y86W{T_r^ zPO&hZeJ&IV#URQWCAzIza3-a&E`%!DFr37Bk^sQeTGd9@P8&lx7_cG=t?%d?lS?ov zT_AZH`a z$aplNk9>k+uGcO9Jf^(>LH263SP=Voqi3ipt}Wy>46M~?%R;YNNo0W}*EN`vR6X<4 zK#JE5hzWcdvca)eOyqb$BPE>bKG7CgFxYopz;xUso9g7nt0>BlB7G{;4% zKhHD~dP}9MA%)Rsc4}QCr}Ej!nxSFqV>UIJt-e{oE<5|B3qVhH2lz&B^U?d>Ws+zb zAVUXF%~IbYCy|CN5zmh7Br3W%wus@!DUU9IQ90{y+=S^R;P(}??tV}6<_}T@#2~Zs zG$iFlGr>6CK{7%&lRnM9W|%ta{sLPHP5Xa z9y5EfpG!q4H1rx$bdDWro`|E^!Qi7gcpFGG!k_eZo~WYu#VPq?Qz^*_WeP<*Y`)i# zJN~R!75t6}uiVH^BzIms5x}{2lkRtlPCiQ8HtA~aUgwpew+IGn)<{Y{qI#+%kG-9v zQhs!hom#r?4px;$%2Di_G8-lU<;Jr93VQ?!7{ABeg2+jZjd7U$u$qtgUX@JyVFn%%vgE%(m$@e{96X zH6Mh1xFiqu9zlC-{&y+3Sj<0^nTa@KSS}W;TxYV|Wne<^LVWAGY+b$&a}4`=Go4U; zDvz?+`QX3C{%3Nig)?d?bO}uK0j3uf<#|m#il7jcOCTa5`PKtgRD9IlPTtQ>b*_3L zmjcRsQpNqbz`#|!?HZQ2*cGw0m$7_%?Q?yi6FyaM*D<^Bz|_IVFtN^Rv)ue3?P;jZ zIW4(6DH-MhxfKVrRY(VHODY`iUKh2(c$S2 zld+ZEw;ob?dR`)5?7&u5^m2K|t`kO5aDXAMzTw*LXVAcEqTxDP2np_$n3xQqqUR?L znJVFs6<~)Y=rB7C;^Pb_j6B?^L|N_E4kZ3NV@mSO>Gt+^>(ln96F6Ot%cG=d*#%$n zeOmcyS?=;!04GFi&H!GS2L#ukZ`BtyVOW13-oarU<85{|m=?)XNkOap>xa&kT-V|) zpR8L5E+OF$$qCQ*VY}5F62#|2x(icmPTGSha8$>GnQ!WBCXAZ=Ap_cYx)v7tpeNIF zJh}^kza^g&Pgs;W?d&SMUv%La&lKXBg6{>tF=~e*pb@4oct1wrU`@ws0xMj4-TUcp z^k3XTbTAE*U$`6y+GYYV@(!`ORFpjC+1*BJ*{M( zqvv-sO$3z*3=?quZ-d?=VMJGVqPl|O#n-R^jd*%|X3J!44Wav!ASCZCaMM{6_;(ia z7mJ1Gs1uGmiHH^gVqxQMS$n~lt{4aW_7eA&5g?B8*$Y0y6h4|Y~q$~8ArXm-k5hczbQV252`g2 zhw(X#!&ORj#LJ@Uq(N`D_HKQioD&z#G?NT9IR199e2N5uiLms!#6W2w5y?VcYp&5} z0x*Y4&n-EDTG>!LQXH)4H-~(gRlY6-XA~tzAD*Y~Ic$4>l?83PNwT%DrMCTE^uTin zy9|fHa*JtdG-|Edrn+%2p|3jK?yp}SEFO3RjAVV+PVkvpg@8$=@H^~)H^Vw3liT5n zyPcxF8ph;SL)_4$llJC#FlMQ$);OuA&7M7)> zd+N(bj6rjJkw#D-bju9MX{g4c_i)#A_G7n^pg3F09pPg!B(P+$x~qj29NKZW*2Chw zDk5No8roXt?1PY7JkIrOUYk})>?q+!j?~I@BHM-ih4sEx*(0NSpy!Y0otodPXX}CX zJH8r?j(Y7@EpIyOzO2t)uExk)JFJPh8}U0A#L)%S?m~L%Ja5l3COUi5)6}Y;^UTk` z#KqL({dz^AS8yYsgWuK-+L<^xU;;WR+h}`kFOemMvKtOp7&=#4YF(HwhE|A%m_Bm8 z9wu>aXk0svrtIC_Ck9iv`s2Ku^xUBY!_+xU{g=KJjkX8;goMopMJF~@d4h8PT*E`_lM_}f$3FV2z>j2BH|gul%Qu0t6!>D4k{(8ibg#uX-zk4`(Tm)W2+0C{+F zB!0Ccue6L>jXI9UkW)@Z3Mf&yPFIYEQ$Ac)#2w$ck>~;$ZgXN~@VDbuKy9pmz|tlJ zqBT@nohEJoj3JlR1)s-c>NWQ-?Y5>|m=c&GI`ZUJQf*=+-pR;0-)Yv{&xD8#w-v_G zzER4RIp$=|s<&Goh0B^j#A0paC@UK*uN~`*26Fc#hdSrPx)=KE>a=k-?P6yZweKOn zJ_&Cnu#}|mwY9l27!H7xM>G%YjMHyEFw zs~1|g8j4|~;uqlmlwlyLO1PE%d8NJXTQ(0?dMsNB@(Jh!E=5QgK&hy@Y+&${+A_M0 zUMoAenMqI6NCSQZX^#h!o#wcUMZ*w{54uZ zSy5kS+-6Up)S&)aJ{7N_QS!svPpD{U!uQP`qlFq?#6mWRM4Y882sMp$`wo~cwp+i? zeSHs?movb!B-ARx~FF+bq;%a#}07ImlZ}M&k~ACW{E$WKBg3U zo87nZT}hnd5x?7E)giR@k`43aa>Vj-W1RuwPbTGp@MIqTsxO~R?-4><TF?CQ1i%N5@_Z1NEG>lEH*f({~hYB`U>)i)>h7pg6j$y8))Pg%QCC4nIb$=ptI36jV9W{B+3*8S=96^HpR#?iGAxM|+twA|lvIg$y6w!1*T!nVhL>fambKXD7H1b(td0v(?lJcUH{IRBw`%?$qcv0!CmBm}P z-h(J{NM-LCGlo4hm#Ko=Xl$z`B}KrNV2_x$N&ZRGInfvWSte`_j5qM#LBPh~FyKh7 zQiJsak1ha;H`0C|-vYawYdROgVNgWK5PP4%5fXBj;E}YX({h+KB){SHb=;ziii+hM zY<#%aA2pFFv7E)@D*a-wG)wLpR=0i-Mk^NBzKCMIZkyn+ejCz#vKi+)Vjn_n8C%G>m!5DEF)39`iR0F&6i@O6ij4f;BYabts;rF zZr8=P+aY{|k~)MfSF~a>sYSN~+0RN5uRb=~3or6Id@9rXh)C!YHm~m}wtCh#nn6AJ z3scZ^451{KP>xNFacfkD6)_<6Acsui*%}zJeuy4tC)l??I|J3SH53ei&!y1oE%T9(dBIp z4<09%?D?4|b-k|HbH`W^Pm{H!b4nSVM|9Cgb#*HtoXsEM8cvwQK)!8rd5Swq$VLz= zdeuLJ?-O%Y9n7(`ohc-}K>w51IjTPrDS$GO}sPIQO{aq&PW8tKTu;s&* zO9uxBwqXx@IpI^Zqw2d)$gTue4npROFfvysvR}f66Ys3{mKi&m51Ba72&?*RDAS3! zv#Ewtge-^)<1izy$ek?Z7ZMQjTu#>m;-YG&D?FZn*v;?Kr zja%|kJ~<+)pj82kHnB%>Ket?(v-L|2K4~SVoQQ1=tKO_dj8y9=9N*o#w)OPPqVN`n zE$_KR5;p&YL}_X$u9|qh7L>*m`%0=un-Q|3mK-tdmB)@9nag|X)L+4Qd$r?`nFE%* znNzwF46Sp0g(1&$J|)XAGtcbj-uHE1WoJKTS7L`T^)T>z zk}$!70<-*&6b@9@+ev+{d9HyShTgL}_~bR0a_Sy^+vas`rJB-~{1a;E6zh=W`3V^u zVajDBxTGABAeZ+;mX)JWr&VN@ko-e$mhXE%N)g9fVOU?=qLybBBc-@%d#*(Du7lA# z3Ha_?Y_AVtnwa8yIln?Qn?&Aq-lm+_#^#Ij<4SOKnm2PYiXIUGCdmeFwM6%?$r8Q8 z$%s5DE{@QAxD9{btmIJ3USxH@?Xu>x;hWd#<=@t_+0>XR1p1bA!B2Y#Of zcnYBc8J8vy{3ZgyFHaM`(SJ;hhdKWzp7MVn#K&`Wc1mLyH;F?mW|aeP33POHbmj6( zHA2P3#Z`7PGyfY-HLI?{m-{bUCeb4(93q<_`%mFa4&$wDpbg-^0ptl4qjN-1&QT>h z4UPM9*_NGB(V>|sFD&qM4Uiu{zD$6s{{1f!`oFWLIamXFPI*iI3vD0zVv;{-)l1}tB2 z{Z@N@$oRyG9N`S=wyl^l30F)-u~b7eln%tYuD%*BNY}}k>{xa9zF3{cq6(U>8@dO!v5;wbBcA$WSuYBXSlHHgt@WbfG0shg%|_Rg=K4(V+&!vqUtHZeU)qgAH#qT11--a=i<7>9eOGzeuet4In~SC)g@r!4?NCD1Et3edX41t=)fW$li7oVli0NTedB=R* zE$v}{n7mR+3OG~p|1d#kN{~t4&IcL2H4NJ~!zJ4;@jiFHA?LN#ZFpG_WRK)8-773! zg;n^@vcaY#+4qHgTkTWwGmQahsA)~}!G*MJv08d5lEx_vdf)MElQDr^3(H6n`mr89 z)%k6{z4tSHft!T67#dB z$CJN**0@RfWwwph9MTF;?I)&XHMq;3DfSFUkcbmBV%yo4#0W-3laJ`N9$49YjxJX@I+*hWNTF(QVn9?h5X0n_#R0vAZ49I-Tyqb zKbz-K>EQqa1%FO`8#tY}Q--K7hJ1ZiKwctazP~U|yZ-^Hb-NK}lpasol;>oBtEF3- z@6XYh1SP3bEUAurePWaVB$W0IM5?%VxIV%1{8!U?e^ z_+tLy9VPDWAQ<#R*K>-M9yc^vbSCU!jujfa83}mxnp8NJMI>9d6YdlX#td<=pW#0( zIPg9^*H(H}=6U|7c3PCy@-z0S#l=(L79}_A_Z0MM#FSdj+8oT+N#Yyb~lX~w%N7NnMZvYAu!@RDG}Sr z8}++DNY>nv&m3`Rng!|$ySDmQEz29}3{<#O%Gvuy(fWu{2~kkPWk0`i3Z7RRMFxaeQC8jcxU5+Ah} zyBVgX+zEDV8y6&gWM^qp*nVSgv4UGgwO7wg@Iqah??^uD{9XF3!h9cj_Ylw57QK}g znDW!IX?SD8F=m^Y`(^=z1wLS))vLLXob=Aiv1k|^l3^^2w+No_H_90jV*JhiiYA&f z7ZJ~7bNz&@%rD6QYeW_{1u`t-Sgp#bI3L6FDEYh9(BF?r3qM<(qGB=Zqc#Mo1V-X^ z9EWSl)r%|)U_$tm{EviP8lb_d@6UbePZn35Fe}`$?Q$y%(Fxk@V{U=5k*CB#f&2LO6t3Q!=rP{=Ol$GgW_f$9S8R@9C|OSwo>koj*f6 zGk$xlOA>VWMv6_!8wJ}OxKJ-;Uc5aWiLS|xTdfc~@hHj4`)JI&$~nFLXng$lU?=0L z&(Y(_(o5oPob8@w4hraWM6{%BpaybCHZ95|2f73=)F@3aV@6kB;;7}wR^A3`a6ZaF z7PprlUM_Ba#skjBTXmesFt#Ihy707W&I5^6Oo}Bkdozb1CFb%qANHjMk;?Ojvxg2J zajzrCXm-bOxh{n5aqY>Ze=+&tPZjbkY)?J(nWp|AkKy5p&JU`j zRys8y1Yfu255*47YD#al&G+xLbj0f}Mw4-AcORLm47_@8S6k?@8y389D?X4-sb-g<)B&8|c%IRKZV=mb90!LPIKKz&g*vUxM+Vfyld zW~M`(NSE2q8+S{?5~b$9uP{C{X@uCU4I& z{wzccNKecdl>h+g`WaG-3^M zdZ^Q;kM6yQWvb+e!pXI7$~cJ8=o3MWKei>MwLYJ)T&RSr*Tt9%276o0mrHqG;%I}| z8hHKp)pbz&i-&CW zFJ6Ck-14N&jK$zfC}*-=o=tFT21gs!_)9$d+13f!Xhw`hlpW6Q^!Sk#+QP^vYt8F! zlN;%3w4rP`r-Nw+SL^P`AV2wX*nvD}wq}Mid33tCt1%J>2fKUZ?xHnc>AmE1z2BRt z56!(TBtEKU(|=o2emO8*_+Ieeir4SLwlnEwA1bDeuOt*!-B@s-b9sz&>OKDl=9^1jO(mAvkVd@K@%0ag8B;al!~(Lr((k(=ypR7Z)=5^_ zUI`f$NVWYEay(7g-pKo&$B#*?Qjz|Y(v?C{M7W)}1QM3*t217}$y78}QC-_9z2vLo zUsQq}AY9dGEh$;8WGvy?XzauBd*IJzA@bwkfPIO_-uP=Hc}1E$J`)>f%3K>&pt33- zlFvgIB6!8bI*d%#5KGpF6p;)eCw^SCI$=#14M%EZ35QPIOUHCScKb1 zjWl~jIcde(x7D>__tjaP_AeDWI0)Z!cQ@zSAh{h~269&Q&+ay$N`rRfj%CK^ylNA6 z{i*RsEo$6sTFqxMYnU8HS1A|QuD%E?mHap*fpsWAa}%!m{mhL+PSQ3i2hmX6VcvID zqbL(+afNG)B8=hWX-s7FX6f{c?#J_opC2DczkHY$fz3XxyLz9a7E*brLnh!2heH1# zuEQtgm>+NUJF`B(739&|{~q`~r`gO-1{kNml@df1rE{g+K z8+P_*x>ed~A&Ns;K&Eb%TI<)05ge7C13O)~HV<{5KXv}fK)-f@pBwDn)4t)cX6m^u zJkNK1eAVn=h4jl=T?sx>S?1gXXB|?&m|Ev+S&torA`axatm6k}=vQ;qy1Cru4L^!G z9(D1*D$~JO@=@+h=8(@hC(NR;T-fw17@12MwP9Ndu^k039*dYY}%Ie4_o@c4X%@ez;l!;fpn zGlKfwtrqJe-W-Zr&gJaWku+m?HpxJ|r32gZ9>`3Qw0X#B*z_fcu&-9q-qpbl?s>87 zMPOzAVOGs2a(wFEWr%VI*kS)x&cb+p>aM=Of4Hv~T_>Ut=0&Zv3QMkuQ2+Uwo+!fJ zJ?>AOlWIKu=R;a|k=@A?56%C;{7k2|e&v0|xVoS( zybw+!3xeBY2rBmZM@4;Mkr|;1e-cr*TS-$UyL#{sWo2;v4Ut8mWx~oWYZAwGRg%Vp z2~SuV@mfeeXfob|qhw87YE4QJlIL`}gWnfv(sV`ud}|+NQg1$?njjL$TmSv%5d|NM zt>N{%8ot}TFXYvh=Cuj-&bjDEOLqiypZfsiU=k94-hU0TewVO^D%~8}8Bch;_ieD; zq>y;$!+6Ng^;%jhwmDzv|Xjx%5qDO5AA&(UELeq}h1lNy`-t}l^@uYOaKjo;1cI?6`|{yT~Lm&-Q3=SVMA}kvARN->1HS7gBSG;rOO%! zU~+54vit?R4oi_F0iEPMvHiJJ5rr6h>g~;RJsccX-Fz|&Rr1^H^isU_ObO(YxPQ&n znb&vd+U4I-$tom8Qq1FcDYcbhM)&O~e`j$+p+Zs94cJe3c7krk7L15y4E^y$QrCba z*XWFviGqSB%CfiXc0)tIoxvI0VzL{)3ht`gh7nlA6yiUZQi6A5=(F(eq0@LyH<><> z*Z`UQN9N1jKld8m65iiuKonVMzHcbFcL@G=D6#1cc`rbI1ExIz^&VVY%>ImiVoISf zGcz;aLv7?=mezwy`rnm$`q=bBqomS-v7vv|-Vu+HI3M)kC>1kPR~|tB{~VAYfdKmG z`F{@2`_ByHe~9#N>^uJ+|4GJDd~m*bVqD#!%StKY!4TA>iNRKYr;PEbtmP{(}Ag$*}OxN}fOiQnhYO<`Orr zb#of@ZCYAdAbtRTSSVobUli_@M1E4dj1bd!3&t_xFFdw?Nf&FEKKI-;g*^%VQLK|I z7fJ596e;L<^!N3L;NZ946IeymuC6ankc3kzoHIMqCjODLwKloNt=`@xm^k-Sl5P(q zaZH#QwRn#4F?-q1H+`IM_DBPVzvTY=#7Z05oCY6)`Pmi^`1mq%~1R6FvznLo0BQ#ze z&IoUVo#y~U#}jdHzTqrMhuQ9UQIG9(>=f|PWzq!fMhn!aGmxbQf|t+sJ4C$?S)7;q zFa!k!jgp=gsActTl($E9bVyA+y_xwikJOUL6VexlvpcW$hZpO#?5^WncYnV08MEnl zP;*&Ga=iH~c&Cl(z4i_)z#fM4w$q`y;?2DE1XZTtXol3`#WHL#l^d6TV^V&^&m`y7 z%>ENWZ=pK7h3pN(7DrW+0~A+wc|Ywp^l58-bBEAcm!7dXY0(q`~A#K4s?o=|BNl;RnM0i-T!{oc*vn~&r+3A{(Nf4k-dW& zshl3%t75Pw;<589u=RyS%Yigbi)L{d5EKYIZSGZ_pD_=TM>`lz1VF;l`zIV(}Knt4Llxyh`V=+^f(E|Zq*Ift1F)dEHZzHu_=pZp!SOT((+FDv0kF8xRmoA0tlYE#LV_n`tiTi^)H9?wE)Lq$x@n@=}zl4~$IJfQ3=RfD>Hhl5$@DfK2m7t7h z$^^7$VH*?UAMK1mR$-TyYAib3O}AbzbG_0HY948F?+_jO3w?0BUtIpXY2-D1_SxM= zXP>u=yWDc7E0LX9CmjSxn|uyx=8?gmb9Y*UsC2pK=p-oT;@>0!|EpFiYS=7hY;3HM zHCC+GJ}M-m71P}gS#mxc$6t)?v9I@Tw!dG`hVmOeMd;(wIjhp8smKlP5`V4_@*g&k zjQ2>{1E2M}c$)4Er$~A*&HB$8*${^iZkl1mtR6YcHNGQB;!F>LN=Cj&wB}#TWUseZ z;<^bn7zt%KM465Z4h-NWb4fmf#%Eh~zQ1#3Y~3r{^XU=)lY}cj87el-CFTuCX+25U3+6MKu(Ir&ryh_n_V4#dfI;`=&&$3D~5ZYu`uDfN=;r~9{svd-}-g~U+38swyZRhr$k*k-OHiNb==&QCSXEBPly(Fe(KeWx-UPlU)cRYE){L)#kcsB@2%~7 z^c_W`o0W_Kq4C(#ckN#kMEV9%`<+T7ug^Bh2}Sg-PmuolB!X|cuu60*Z%2~zcm3%J zuZ84cnT{7YpaxStS2H}GyRMDOrb#ZeQp__j)`3;M1S->6M|^%d9oSoDFEkZYa-OTL zj%1lon~pPc(a_v#^*$P>vHKQ9Sy5Tp8A%~{=%Q4bIeAO5gT?z~yL3osNCi?_Qc~le z%|{B`X*~ggsnUZmux!7hc?*tSTQ~WcoRzng8CO0e9eydfGn^q2_VQrWI)-nn{^gpe zl~5GbEMfTo>2G^6OA~MOYuhUa0uldF@(f8|9GzA!X3YxnsJVLk)O@PAMb%>pTe0wR zZ+S^Iyhp5OG`sA2O(okWN$pvxq^#O91xim27!~3J%_Y1Ggyje*100vUxB}OH2l>R# z@s?wM)Wl=8P)*Gq5)!So$(z_ONwmoNGhv)%fIBrc0dy>ooY^IxUT}oDMS^3#!H^ zI})#YHxlSh4f`^H8oGKZ-^+JmRIHx&rA={^p))=)u{LUUrgY@ipivF+j>l%s5be-h zk9=JsDn*`ohW`y=ZGZcH^G+eMq3HN%t`T++L{sUTmrR8#(SC-KFKwkbSb7z4ab-DKs3$K^ zn>fPQ$(SepZ@H%WPj&qAP*nts_NQ$n8juee5C`YRy$i~thjNC6wTtgOi=?%Pl22VcAwXJt$X)cQoqbzfAp8He9_d|EY% zOA?PZ*Hv+pXRLa-KYs$Jb*_wn3c1_Fgf^L}C@ zwX4TPdCG+#6F!th7-Vca?fufTqg!7F7XHK{bx4|mqTPH^{I^9YIf2XXo$5;8u`K-{ z6e@`Tq+D5@xRV^7Hc*zKJ?VXh)0;A}-aN*Q@MYyN{4!OThgs>w zZTr__@d~1-f82U?wg(|mqP^VFzHWUbzxj~Id2NqAWb}82;NE57=g`oIfQ_J4*f36e zJbSG>=}6WOa*0a+5mm!RU!wSL(LID_?Om-t<1GgPdzjGYlejUical}g z)_3z#EoEMCDM`I9)#txl#}*Er`~%r##w98!4q{E@Ibs2qDElGmmiQ>A@z zjN!*1guGSc?{s;zVj|o62)lxbH16#@y@JV~kPg-%NZ!nPXAq7?y}i+^QvKJ|iW3ED z)3efKPOtp-X<1nAf-P@6RxZyyI&_?Qz1lK)20L{-uT+KtQm^@`@c}!Q(@AHXgwNxK z@V-!=hLJ2$CEhZ$VGnh?s{AFBipJ-CB@wmEcq*#KO8X<^T>{+RjUnWeJ=Or}(6>xV z1Gn8c+T3>eoN?3~ZGMF{#Jmy~i9BhxL~X6$zb2`t>%^EoeMzj?efd zboBP$+st(< zT^p>IiI5SxK!)_@8PE5B5~fN}1J~cx2O+ zA2(lM`}IHE@Zy?-T#Gk98F{UzmN~z-6+X`NFK}3Kz7p@(gN}c8U*hDrz}Je9Ayc)R z^r+jdYq3wlLgN(wTk>xVoZeZn;)aj@_xO*5S@8i#CH|MX`|W?2#s4dHm-s7kX6eSU zzW={F*8eYnQ`^4)wRkm&-_c(HORVv}?P6c)MpRzw{|YwOe&FOeLiI1*%8gPiMe>U( zcuxu1Gr~gf1;8k$`kYi({R^wo(0AKut6irAIkNxtA^+bz%|hg>E_Au@o~JKC_>qqY z@z3S{c%lanOyTFt!2B8fraQRv`}ceCOe$T!yF*lz0IYf<;VblOe!kKHDWRMuK%fHW z>jVI$?Buf4p#HhVU<%emY%IOJwSFboZJrr6jPeOOp_c6D>IeW_;2w&c3!(N4y@6f; zIphl`EI9G0nvS6SD?JX#CtjWXC^Hgm+5gU-Uu5Oy=cij^6`Rklwp3i+CNrEaTai*D7^3hZ*ufIGT z&JYa&$fWn*8!>M4)yq=Bg^p%pC?<18IxY34q7Yme?H3D&oJWp)!>eD1hwt0l+n*Wp zm^+(=`J(qfgC_b+qH&oi2H(Wf^E3#Dl<3`4RaMnK_-nbtrf9QoQNJ@h7Nn~!h7Q|K z_VzkQKffTsKQuHnjA2xIJbwlLo8K4~?)6J4nKKpDt8y>>i%vN>g#0dmbBap)%l*0K zot>Qx?px$Q4bEq>--$!r(cS$bnK1-G64$FB;`AE`#0?b*5j1Lst=_K>;$UZoV^Umv zd=DkBFI;jGaWn&1IE`Bh%OUS1%Ea1<$1Ba`TP~019335>4}C_w9a?aq5!9G2GkWvp zP2f)ZHI?OXx-{seY7i=YVz`suM}I$Fpbs{@0Z#u}^)5WA3Ab?#AZk1V1A`&;t(j_h zrO}~0H=Q!W&Ol6@nuoGHfuio49eYdP_|4WfH!o;tsYKmNrtb3D|9T=VEnQJpH$?%l z#xwV!Q#4@HDT}yIDPjfLn5nkZ$dSd(;5s>pmb@wiF*iHq&~L|EbKD-=hWJl~9(Wy~ zdH_IJ+}er+HG~e}Xt;ZyI2Yqt)fRv#d#E&r9Po|9>lDI+jGEnlgDJqvM7GzvWAfDN zPI-s5)<3>PmkRn{`En2mNFKhsj^l)!$*xlat&H4I=0hR>%cE)Xlv3kXa;2naV<$Xn zNvSp$l2@l@0JN%3+->|8O(p&%)sGe(JZl?fW97Hu<91+WPuw%P=vWWiqD&l#1`kyoY|k>HYxM z#tAc811e6p(O0ufnfH3uG7FYJt!8e{@Qj1wh#V;K+WB_a4$hA@LI8$^W=i|#c(9+HppD7H!C1fp zTk0iH(J}X-%{zk%dep0^&%Xz$wjDDPg6!UZj z)~9`ZCpWhrI}5&sUiTqylzcaOe9QXw@fbRn6_G=8O0+Qv z*>K+1Y@fQ*1XG8p@pmS$3zLy@1PnL5> zYi~uGVJPmh-zhIi~=>w#$5?aUtWJk44)J{>iS?rlJH*o5W?N$ z>RU2SEPjh{sF45FMUXE+9;XZA2j6ndTP)IzhM1t*j-!bi(hkaqmj`Ol%}Gp6s4gil zE@b`YH|42#7^DK(>f^CRYCSvwKi`1341Ji2w~TB_&W^bgsutC0%oab+=_2Fxcak+j z2W&GqdCZz{#vjw%{RB+72wSuJ3k-n?X&PVp^2FVeIgO~y_szu{e}8Cn9adI6Cgn1Y zAYoRuDr(`|Nl4S?iNGPG;wuG9B^H6HIm>o(3U>L!_Q?g@BD?r}zI_vgGa5pp{;#P8 zD{rjtPYy~O_s20F{dk(*-^NJ7OeWax3sGm8KrO*>EW>QX*DcN17uM8o-6CU$$V$H& zexTqlL#OC7NM`GzCDfl>V?Tc;Z6RV&3SZ{`(AdjqA!op|rrAJ$xs4Ez=ea-~zQmr3 zvCD&a4PuzQU6n>i%{}Go;}fSwxfRfF^=qx6(gBUnrLd3V#EQ|WH0%C@ zG77Y%qs!iLx9_l8J>18Slknx4Ew-hH^)X658ypIIX}FP^W%Eo{nF`ydNLi5?0ZB|S zZaJDVn6<4^NfYqaQs`C2=8gIK%ATgEDJk{{p_iBN1w!|Xk+Vwqn0BZDfsA071jUZG z%A|-p;eKh{s3IL(SS1=emO|&t_Z64E;$PX$wk{mEi1LhxQy}^@Cw1mYU-wrA-1Oo0 zid&g{-yZHiNJMF(B9aj7adHYpMF^687lJB7s+_p|3s7-qadeX)TFy{+Mrg<+zM_`8 za2elu+){6Srm!6`V7cMpL>jZSADdBpGVsy<0LSqkFZPL?uNA%Nayb?AjjZ=>CKW+W zDR}9O88NO>+y3iI?EKHGB%!nn7@rX&<0eXVu}rWkLb5^DHnGqeZJrbAgb4Axwv@yN zsGUWm|Md?kl{QOgFl%5-qq|Nfuci>qz;biay?eM9A6`9IP~wH2aha=A7x~7(2Dq1n zX@@RXQfa3n&<&cQpyuqO8Ac!OxA060XpVFLRC>of_fjcefmj&IM!SW|6V5m9GylrQ z%9tE(3>Q@R^Nf*_gh_eSA_+xI>e4ROD7}25X0ERQ%>W~pqO@NT;Nm`D-GCIOB^(a; zLc_UI1!x6pvC?D{-1`^VoOcvEqtVO;2*fW#I?m2)1S1M3zp>_Z{yTA(0}co^!)2_L z`t2UD=hUpIA7)iOt-#&ziwDHsUpK$agG z$7L%5%Z$gl{P1JkMeyru z1Y(pKT+WB813r3LlB7qzDeSb%dZzY`w8)S~XX#9O=ZuttggDedlT6touPFuE977!9 zQ^+XS24sNSOIsnF5Gu@cU>-xwnv$@jK=ApgP8p+Da8G^aBp=+Mw!d;vMU{0OxR|t@*-E;SS=dT#RjT+=z%E$<`PrzgOZ#=F1L^-`?>J{X`UHKD;H~4;vO!II|dz zS9BRUZ8`f}?1WMo8euGoQD8xmBfXus6h>2jy0CKi7)!SP2O{;D?)2b+Sg4holUM$W z3+nmbSSdg^ftlvXyFyC9_Tw zZpLwP(NvLo)fVeP7GpUttrl8@LHj}N>EpBX_eU|vvO2J3RBkMOQ_}!V6N2r<)p|G{e+@UXxBypdX=7x{&73R&77UO8 zzO$OhCvaZ*o_9$I)+USJ4f!$6qyiVad-&mSp536X({SehqMQC4(-2DLun#vX9R~kNRyyOKwGZc{O%hfI*#1z-p^n(>~c)+yj|4!(?^nFHwPp72^k zK<^*I0I&OdaWQ*BKI-XMtYE#}T>iv(z0~b4iy^r9I5-c2h4X3lN6ea*HAHmtg+=D% zA};P9Kfuh@*v{;Cy1eq6Ez~Mdoz0Q!qu~JmfT?#Va^ zm2?faXg%KT$xR5MxG;D&t>)Tyspw3>e|$B#0{_>RbUnj1-&Dy~Deyb%s@B&aM^MAN zE6bP$ECk>#$o^m51ve$~UuFS#_W#XmBy@iG@PS51=qDdY=mKZhv4OXzws>`UeuE-4 zD&M~R)drj6BfTMz6_cKY;gNEtpcvFVJ%zMO^*HHJ_TE38|BUDBU8M2Sm{3QC$I#AKu6U%K0eMT z2z?BCO~B|)S2;@yr|hu=C^2?ruzB=jG8Oa4lsO9G_oJSBRW>pl_Wh---SG z=CjpYjlhC`_5CiH7p}(68Ny!ptEySgRTv}1>gD`ra31Z8h@W216xca!j`~fIhbav^ zC0_}j#F~A-CcWxjvz=E>Sv?%L1FT>H5is20KaAj7Rk znsZO$(+h%d2y;LM)W<_F`0RWJy+G6E=1jGBnR#Qn4&V`gH8{PndA;()`6^FaovH*E z=105gxB0VD#6$wjgszGK!^LvhwC!@oQuXP}tFD)^{jVO7E$&!iX`jcit4Zk2{ruaq z9J9FYPw<6o#LEUOH(dTqK_3s>K%2VFCw$goO-B@;Fq`WsFswMzg`7KTv@haZ0Gj^J zEgOx|&FwiT+j2D}s(bORJcS>PW8~+Fv|m2#i?kK~Zm2m>=XdFCbk##@vgQl=gLye?!IczZ**dGSKhp72KzU+C z17}vF$`FWOR5{+--Y%;RDNxM-8zzaX-sRa5HP#d{{`c;`xzQ3`>B2700X@GwkgSF& z#>G{RCE1SUt=WtQ_%YZ2`l_iM%*0MRk>I{tpU69~JgPP9Nj`jSC_HJrFNx|GGxGa|9B+-Ubj@uL2On>h3?PCX7fSkp^M=YVZI2|_f8pgc+V87WskHK! zTh|o&K2tUCC~9oyFesZ~!4Q|^zg4yVTw^-z6w}m`SHOSR5pQW|_|2%@x^YVLd()*z zdvvi5)efA9h$=W2=Oo8>#oF^ap2~Bhm2eNbv$hJ(qbhjt^dVv(JedtoUcSIHnyWU) z`NARCFN#$%Vthr@#`|2`wf@s+jH&WdQRUU?Qr!m>SCF#-);Pv2HZ=Lh9C4qrBLh9>_BX4%?XCu08J&v+V{kp{Y`-OnUpF7<$(MlWJqsN z|2eKMB47DEQ;~FnMJ{)08Z-%TJ0@oF*?+;5cpP2|?p`ZoztZW=5g%DX&_FKf3NqbpTO$X2?MNJtiArGpg^5*{8tEXa#9 z>}=2WsxTX40jMFUC-1{0lhbw3&xk7^F0b{p^Oebrm}|RlsR$xdjEpgxPv9+|#ODM*!&Vn|_u3)|4JNx+ z@Kz%%wLV}6HrLsA)N7%-I1KL7_pOIercKfAy1N!X&}h(w{G6Rh%_m-U<396xmE$T5 zd!%PHfB5>n6z-t6-y}I6O8MJrcW)Q32?jw0!)^rZSCEhUVzsJWOt(1c89vp=+UsYX z4imXq_1yD(?*(V-OPJ4veEtgMtDVXv|M+sFg<~-m*MgUgL*6~j5tL>Wf3s-wHC_nALB+bu<)GR;fqIW zYE89xxwM>bH#dM`CKSSVV9LY|2>|wX?Q~I(`+To}q~U{isc3t_q6_>U-oKef#7}_2bf)(Sas!x=Pwz_3Og# zMoT5^m3#`l8xrsG7$0pxH?<`i&c-$UHLY}R-5VAXF=Y|UowXteEC1aW*m`!oTnR`6 z!VDo|@p7r(Z_n81A}l}e_QjKGPYFCZI4Do4_2eKIfKf1he>M6}v-t6O!=vK12w|n` z7tvSU8ntqEm(4N}*-HC#+^Lw#xPyORu>@!z6~9GyA!C>wF!-KFy(!yzrd@^qthD5h zcw1xsVZ1Ts^S2j#d^R(31stW%oc^8?J^j_JB{?l`be`jaTyycU+UbUCDmMT7lCkv0 z1xo>B5RnRx36MiIHZ@t3d9_%lUE zdf4AV7{(AnPWkK@(m^*QJ@ic=K0vb{2PS|B5f=N9kt)$nS%J&_($G)0in{%JwJu_*$Fbk?y*n<0Fua`4R8-n?mdYI#oIKmnHfR3o(NToh!9@EP!roTp*zdL*#Z_G1UI@@ZmXEHF0kkKk>~x<$n7iQwvSS@Kbf|07y_keIK*S!!1r{26tz>Z@E!V;s9w4G-pyf>{k04 z>eCOKDgMlF+;C%fX6m_z-NZBCcHuR<)y9ka>d z)YnDEBqmX*0T}dc(-^vgnBAd^&C)_{htIz!l-pt{jD4&k9nS0`6&G2%vTm8W#h!ds zggF2bs)%fk)2BMr&&FrwM8%v9(dT|o(2NUq*R1a8O=Y#P9LGJ)GixU4&yx-Peu(x= z{K4@GJ*BN`mY|lt{qA!Q8;&f4#YUPB?6$elCh~rOgYWgK=tvM zfEJ})2-nkGiWJv$g?H-9Yo#;K*VJI;^I)RCL2Q1FySE{&Sou)CeuVKMGa8f6^zB=LMqJO>V0~>DVyp zuf77V4y(7-NM`?0T z^_}EcU_q-r@WP?C_8*51pKSixr{*M|i=x~YZu^UzPdTvq&6}t4ST6YQSZ}-R;UuCz zf6^F|LnfLMEBpFNY4?#!Dv;v9mJxDn!sb3jVe#3_Z7_unhJmFoD&cCHlF3gE6fwFp zd}&@0E2(V{(g7Ge&#I=sooU_8x!T~^?dhX-?RW@P6-KBrmp&pPR=5=N2qW4|=X+AkT z48s<8{`GR>#9Afy5QGF2l_qo?p0o>gi%)mQmNL@BTV(Rwiab<`PQ5MM-JSO@f3e;^0Otl|*gd&Wd@;g;Vv-A7jPo<>ZXxrl>7V&#)K36e1 z`fZpr&*;B&@bfo9`G=CY|1|G6`2GJJ0{?%D^KY~vprIeHKFw%-fVd!pk^sm5@!g(l Z3}c^2Qn><|wOil;d8sN}CS&^k{{ab74MhL| literal 0 HcmV?d00001 diff --git a/docs/source/index.rst b/docs/source/index.rst new file mode 100644 index 000000000..e79fdda4b --- /dev/null +++ b/docs/source/index.rst @@ -0,0 +1,24 @@ + +Airship Integration +=================== + +Airship is a collection of components that coordinate to form means of +configuring and deploying and maintaining +a `Kubernetes `__ environment using a +declarative set of `yaml `__ documents. + +Approach +-------- + +As Airship revolves around the setup and use of Kubernetes and +`Helm `__, practices take cues from these projects. +Since the sibling work of Airship is the `Openstack +Helm `__ project (now an +`Openstack `__ project) cues are also taken +from the Openstack approach. + +.. toctree:: + :maxdepth: 2 + + authoring_and_deployment + seaworthy diff --git a/docs/source/seaworthy.rst b/docs/source/seaworthy.rst new file mode 100644 index 000000000..bc05971a4 --- /dev/null +++ b/docs/source/seaworthy.rst @@ -0,0 +1,8 @@ +Airship Seaworthy +================= + +Airship Seaworthy is a multi-node Airship deployment reference, and pipeline. + +The site manifests are available at +`site/airship-seaworthy `__. +