From d235b95056b22bba21e3147ca3081773e3d12049 Mon Sep 17 00:00:00 2001 From: MCamp859 Date: Tue, 25 May 2021 23:29:54 -0400 Subject: [PATCH] R5 updates to landing page and installation Patch set 5: Updated R5 RN. Patch set 4: Resolved merge confict. Patch set 3: Removed R5 install guides. Local docs build is successful. Patch set 2: Added R6 install guides. Removed R1-R4 install guides. R5 will be removed next patch set. Updated main docs landing page with R5 links. Installation index page: promoted R5 to supported, moved R4 to archive section, created R6 (latest) section. Change-Id: Ic0e0409f2385a9a6f29b83a2eda12753ea4ac1a3 Signed-off-by: MCamp859 --- doc/source/_includes/docker-proxy-config.rest | 2 +- doc/source/configuration/cert_config.rst | 32 +- ...-configuration-with-controller-storage.rst | 2 +- ...ptions-all-in-one-duplex-configuration.rst | 4 +- ...ptionsall-in-one-simplex-configuration.rst | 2 +- ...d-configuration-with-dedicated-storage.rst | 2 +- doc/source/deploy_install_guides/index.rst | 55 +- .../r1_release/controller_storage.rst | 1004 ----------- .../r1_release/dedicated_storage.rst | 918 ---------- .../r1_release/deployment_terminology.rst | 119 -- .../r1_release/duplex.rst | 1563 ----------------- ...-deployment-options-controller-storage.png | Bin 102760 -> 0 bytes ...x-deployment-options-dedicated-storage.png | Bin 109174 -> 0 bytes ...ngx-deployment-options-duplex-extended.png | Bin 106659 -> 0 bytes .../starlingx-deployment-options-duplex.png | Bin 91370 -> 0 bytes .../starlingx-deployment-options-simplex.png | Bin 81291 -> 0 bytes .../r1_release/index.rst | 300 ---- .../r1_release/installation_libvirt_qemu.rst | 204 --- .../r1_release/simplex.rst | 748 -------- .../r2_release/ansible_bootstrap_configs.rst | 246 --- .../r2_release/bare_metal/aio_duplex.rst | 26 - .../bare_metal/aio_duplex_extend.rst | 192 -- .../bare_metal/aio_duplex_hardware.rst | 58 - .../aio_duplex_install_kubernetes.rst | 435 ----- .../r2_release/bare_metal/aio_simplex.rst | 21 - .../bare_metal/aio_simplex_hardware.rst | 58 - .../aio_simplex_install_kubernetes.rst | 347 ---- .../bare_metal/controller_storage.rst | 22 - .../controller_storage_hardware.rst | 56 - .../controller_storage_install_kubernetes.rst | 586 ------ .../bare_metal/dedicated_storage.rst | 21 - .../bare_metal/dedicated_storage_hardware.rst | 61 - .../dedicated_storage_install_kubernetes.rst | 362 ---- .../r2_release/bare_metal/ironic.rst | 66 - .../r2_release/bare_metal/ironic_hardware.rst | 51 - .../r2_release/bare_metal/ironic_install.rst | 392 ----- .../r2_release/desc_aio_duplex.txt | 23 - .../r2_release/desc_aio_simplex.txt | 18 - .../r2_release/desc_controller_storage.txt | 22 - .../r2_release/desc_dedicated_storage.txt | 17 - .../starlingx-deployment-options-duplex.png | Bin 105153 -> 0 bytes .../r2_release/index.rst | 63 - .../r2_release/kubernetes_access.rst | 181 -- .../r2_release/openstack/access.rst | 273 --- .../r2_release/openstack/install.rst | 65 - .../r2_release/virtual/aio_duplex.rst | 21 - .../r2_release/virtual/aio_duplex_environ.rst | 53 - .../virtual/aio_duplex_install_kubernetes.rst | 423 ----- .../r2_release/virtual/aio_simplex.rst | 21 - .../virtual/aio_simplex_environ.rst | 52 - .../aio_simplex_install_kubernetes.rst | 284 --- .../virtual/controller_storage_environ.rst | 56 - .../controller_storage_install_kubernetes.rst | 550 ------ .../virtual/dedicated_storage_environ.rst | 58 - .../dedicated_storage_install_kubernetes.rst | 390 ---- .../r2_release/virtual/physical_host_req.txt | 78 - .../r3_release/ansible_bootstrap_configs.rst | 422 ----- .../r3_release/ansible_install_time_only.txt | 7 - .../r3_release/bare_metal/aio_duplex.rst | 26 - .../bare_metal/aio_duplex_extend.rst | 192 -- .../bare_metal/aio_duplex_hardware.rst | 58 - .../aio_duplex_install_kubernetes.rst | 523 ------ .../r3_release/bare_metal/aio_simplex.rst | 21 - .../aio_simplex_install_kubernetes.rst | 510 ------ .../bare_metal/controller_storage.rst | 22 - .../controller_storage_hardware.rst | 56 - .../controller_storage_install_kubernetes.rst | 773 -------- .../bare_metal/dedicated_storage.rst | 22 - .../bare_metal/dedicated_storage_hardware.rst | 61 - .../dedicated_storage_install_kubernetes.rst | 367 ---- .../r3_release/bare_metal/ironic_hardware.rst | 51 - .../r3_release/bare_metal/ironic_install.rst | 392 ----- .../r3_release/bare_metal/prep_servers.txt | 17 - .../r3_release/desc_dedicated_storage.txt | 23 - .../r3_release/distributed_cloud/index.rst | 310 ---- ...starlingx-aio-controller-configuration.png | Bin 16897 -> 0 bytes .../figures/starlingx-aio-serial-console.png | Bin 14516 -> 0 bytes ...-deployment-options-controller-storage.png | Bin 98773 -> 0 bytes ...x-deployment-options-dedicated-storage.png | Bin 111169 -> 0 bytes ...ngx-deployment-options-duplex-extended.png | Bin 101986 -> 0 bytes .../starlingx-deployment-options-ironic.png | Bin 129791 -> 0 bytes .../starlingx-deployment-options-simplex.png | Bin 72126 -> 0 bytes ...ngx-release3-ansible-bootstrap-simplex.png | Bin 27331 -> 0 bytes ...ingx-standard-controller-configuration.png | Bin 195515 -> 0 bytes .../r3_release/index.rst | 65 - .../r3_release/ipv6_note.txt | 14 - .../r3_release/kubernetes_access.rst | 181 -- .../r3_release/kubernetes_install_next.txt | 7 - .../r3_release/openstack/access.rst | 331 ---- .../r3_release/openstack/index.rst | 16 - .../r3_release/openstack/install.rst | 75 - .../r3_release/openstack/uninstall_delete.rst | 33 - .../r3_release/virtual/aio_duplex_environ.rst | 54 - .../virtual/aio_duplex_install_kubernetes.rst | 532 ------ .../virtual/aio_simplex_environ.rst | 52 - .../aio_simplex_install_kubernetes.rst | 419 ----- .../r3_release/virtual/controller_storage.rst | 21 - .../virtual/controller_storage_environ.rst | 56 - .../controller_storage_install_kubernetes.rst | 721 -------- .../r3_release/virtual/dedicated_storage.rst | 21 - .../virtual/dedicated_storage_environ.rst | 58 - .../dedicated_storage_install_kubernetes.rst | 415 ----- .../r3_release/virtual/physical_host_req.txt | 78 - .../r4_release/ansible_bootstrap_configs.rst | 420 ----- .../bare_metal/aio_duplex_extend.rst | 192 -- .../aio_duplex_install_kubernetes.rst | 480 ----- .../bare_metal/aio_simplex_hardware.rst | 58 - .../aio_simplex_install_kubernetes.rst | 413 ----- .../controller_storage_install_kubernetes.rst | 655 ------- .../dedicated_storage_install_kubernetes.rst | 367 ---- .../r4_release/bare_metal/ironic.rst | 72 - .../r4_release/bare_metal/prep_servers.txt | 17 - .../r4_release/desc_aio_duplex.txt | 29 - .../r4_release/desc_aio_simplex.txt | 24 - .../r4_release/desc_controller_storage.txt | 28 - .../starlingx-access-openstack-command.png | Bin 366267 -> 0 bytes .../starlingx-access-openstack-flavorlist.png | Bin 447605 -> 0 bytes ...-deployment-options-controller-storage.png | Bin 98773 -> 0 bytes ...x-deployment-options-dedicated-storage.png | Bin 111169 -> 0 bytes ...x-deployment-options-distributed-cloud.png | Bin 320078 -> 0 bytes ...ngx-deployment-options-duplex-extended.png | Bin 101986 -> 0 bytes .../starlingx-deployment-options-duplex.png | Bin 103883 -> 0 bytes .../starlingx-deployment-options-ironic.png | Bin 129791 -> 0 bytes .../starlingx-deployment-options-simplex.png | Bin 72126 -> 0 bytes .../r4_release/index.rst | 71 - .../r4_release/ipv6_note.txt | 14 - .../r4_release/kubernetes_access.rst | 188 -- .../r4_release/kubernetes_install_next.txt | 7 - .../r4_release/openstack/index.rst | 16 - .../r4_release/openstack/install.rst | 99 -- .../r4_release/openstack/uninstall_delete.rst | 33 - .../r4_release/virtual/aio_duplex.rst | 21 - .../r4_release/virtual/aio_duplex_environ.rst | 57 - .../virtual/aio_duplex_install_kubernetes.rst | 467 ----- .../r4_release/virtual/aio_simplex.rst | 21 - .../aio_simplex_install_kubernetes.rst | 324 ---- .../r4_release/virtual/controller_storage.rst | 21 - .../controller_storage_install_kubernetes.rst | 593 ------- .../r4_release/virtual/dedicated_storage.rst | 21 - .../virtual/dedicated_storage_environ.rst | 61 - .../dedicated_storage_install_kubernetes.rst | 395 ----- .../r4_release/virtual/install_virtualbox.rst | 366 ---- .../r5_release/ansible_install_time_only.txt | 7 - .../r5_release/bare_metal/aio_duplex.rst | 26 - .../bare_metal/aio_duplex_hardware.rst | 58 - .../r5_release/bare_metal/aio_simplex.rst | 21 - .../bare_metal/aio_simplex_hardware.rst | 58 - .../bare_metal/controller_storage.rst | 22 - .../controller_storage_hardware.rst | 56 - .../bare_metal/dedicated_storage.rst | 22 - .../bare_metal/dedicated_storage_hardware.rst | 61 - .../r5_release/bare_metal/ironic.rst | 72 - .../r5_release/bare_metal/ironic_hardware.rst | 51 - .../r5_release/bare_metal/ironic_install.rst | 392 ----- .../r5_release/bare_metal/prep_servers.txt | 17 - .../r5_release/desc_aio_duplex.txt | 29 - .../r5_release/desc_aio_simplex.txt | 24 - .../r5_release/desc_controller_storage.txt | 28 - .../r5_release/desc_dedicated_storage.txt | 24 - .../r5_release/distributed_cloud/index.rst | 310 ---- .../install_virtualbox_configparms.png | Bin 13447 -> 0 bytes .../figures/install_virtualbox_guiscreen.png | Bin 23175 -> 0 bytes .../starlingx-access-openstack-command.png | Bin 366267 -> 0 bytes .../starlingx-access-openstack-flavorlist.png | Bin 447605 -> 0 bytes ...-deployment-options-controller-storage.png | Bin 98773 -> 0 bytes ...x-deployment-options-dedicated-storage.png | Bin 111169 -> 0 bytes ...x-deployment-options-distributed-cloud.png | Bin 320078 -> 0 bytes ...ngx-deployment-options-duplex-extended.png | Bin 101986 -> 0 bytes .../starlingx-deployment-options-duplex.png | Bin 103883 -> 0 bytes .../starlingx-deployment-options-ironic.png | Bin 129791 -> 0 bytes .../starlingx-deployment-options-simplex.png | Bin 72126 -> 0 bytes .../r5_release/ipv6_note.txt | 14 - .../r5_release/kubernetes_install_next.txt | 7 - .../r5_release/openstack/access.rst | 329 ---- .../r5_release/openstack/index.rst | 16 - .../r5_release/openstack/uninstall_delete.rst | 33 - .../r5_release/virtual/aio_duplex.rst | 21 - .../r5_release/virtual/aio_simplex.rst | 21 - .../virtual/aio_simplex_environ.rst | 55 - .../virtual/config_virtualbox_netwk.rst | 161 -- .../r5_release/virtual/controller_storage.rst | 21 - .../virtual/controller_storage_environ.rst | 59 - .../r5_release/virtual/dedicated_storage.rst | 21 - .../r5_release/virtual/physical_host_req.txt | 72 - .../ansible_bootstrap_configs.rst | 6 +- .../ansible_install_time_only.txt | 2 +- ...erver-files-for-a-custom-configuration.rst | 6 +- .../bare_metal/adding-hosts-in-bulk.rst | 6 +- ...dding-hosts-using-the-host-add-command.rst | 6 +- .../bare_metal/aio_duplex.rst | 2 +- .../bare_metal/aio_duplex_extend.rst | 0 .../bare_metal/aio_duplex_hardware.rst | 2 +- .../aio_duplex_install_kubernetes.rst | 8 +- .../bare_metal/aio_simplex.rst | 2 +- .../bare_metal/aio_simplex_hardware.rst | 2 +- .../aio_simplex_install_kubernetes.rst | 8 +- ...rapping-from-a-private-docker-registry.rst | 2 +- .../bare_metal/bulk-host-xml-file-format.rst | 2 +- .../configuring-a-pxe-boot-server.rst | 10 +- .../bare_metal/controller_storage.rst | 2 +- .../controller_storage_hardware.rst | 2 +- .../controller_storage_install_kubernetes.rst | 8 +- .../bare_metal/dedicated_storage.rst | 2 +- .../bare_metal/dedicated_storage_hardware.rst | 2 +- .../dedicated_storage_install_kubernetes.rst | 2 +- .../exporting-host-configurations.rst | 8 +- .../inc-install-software-on-controller.rest | 0 .../inc-openstack-specific-host-config.rest | 0 .../bare_metal/ironic.rst | 2 +- .../bare_metal/ironic_hardware.rst | 2 +- .../bare_metal/ironic_install.rst | 6 +- .../bare_metal/prep_servers.txt | 0 .../reinstalling-a-system-or-a-host.rst | 8 +- ...ng-an-exported-host-configuration-file.rst | 8 +- .../bare_metal/rook_storage.rst | 2 +- .../bare_metal/rook_storage_hardware.rst | 2 +- .../rook_storage_install_kubernetes.rst | 8 +- .../desc_aio_duplex.txt | 0 .../desc_aio_simplex.txt | 0 .../desc_controller_storage.txt | 0 .../desc_dedicated_storage.txt | 0 .../desc_rook_storage.txt | 0 .../distributed_cloud/index.rst | 18 +- .../install_virtualbox_configparms.png | Bin .../figures/install_virtualbox_guiscreen.png | Bin .../starlingx-access-openstack-command.png | Bin .../starlingx-access-openstack-flavorlist.png | Bin ...-deployment-options-controller-storage.png | Bin ...x-deployment-options-dedicated-storage.png | Bin ...x-deployment-options-distributed-cloud.png | Bin ...ngx-deployment-options-duplex-extended.png | Bin .../starlingx-deployment-options-duplex.png | Bin .../starlingx-deployment-options-ironic.png | Bin .../starlingx-deployment-options-simplex.png | Bin .../{r5_release => r6_release}/index.rst | 6 +- .../{r2_release => r6_release}/ipv6_note.txt | 0 .../kubernetes_access.rst | 2 +- .../kubernetes_install_next.txt | 0 .../openstack/access.rst | 0 .../openstack/index.rst | 0 .../openstack/install.rst | 2 +- .../openstack/uninstall_delete.rst | 0 .../virtual/aio_duplex.rst | 2 +- .../virtual/aio_duplex_environ.rst | 2 +- .../virtual/aio_duplex_install_kubernetes.rst | 8 +- .../virtual/aio_simplex.rst | 2 +- .../virtual/aio_simplex_environ.rst | 2 +- .../aio_simplex_install_kubernetes.rst | 8 +- .../virtual/config_virtualbox_netwk.rst | 0 .../virtual/controller_storage.rst | 2 +- .../virtual/controller_storage_environ.rst | 2 +- .../controller_storage_install_kubernetes.rst | 8 +- .../virtual/dedicated_storage.rst | 2 +- .../virtual/dedicated_storage_environ.rst | 2 +- .../dedicated_storage_install_kubernetes.rst | 2 +- .../virtual/install_virtualbox.rst | 4 +- .../virtual/physical_host_req.txt | 0 .../virtual/rook_storage.rst | 2 +- .../virtual/rook_storage_environ.rst | 2 +- .../rook_storage_install_kubernetes.rst | 2 +- doc/source/index.rst | 8 +- doc/source/releasenotes/r4_release.rst | 3 +- doc/source/releasenotes/r5_release.rst | 4 +- 263 files changed, 156 insertions(+), 25310 deletions(-) delete mode 100644 doc/source/deploy_install_guides/r1_release/controller_storage.rst delete mode 100644 doc/source/deploy_install_guides/r1_release/dedicated_storage.rst delete mode 100644 doc/source/deploy_install_guides/r1_release/deployment_terminology.rst delete mode 100644 doc/source/deploy_install_guides/r1_release/duplex.rst delete mode 100644 doc/source/deploy_install_guides/r1_release/figures/starlingx-deployment-options-controller-storage.png delete mode 100644 doc/source/deploy_install_guides/r1_release/figures/starlingx-deployment-options-dedicated-storage.png delete mode 100644 doc/source/deploy_install_guides/r1_release/figures/starlingx-deployment-options-duplex-extended.png delete mode 100644 doc/source/deploy_install_guides/r1_release/figures/starlingx-deployment-options-duplex.png delete mode 100644 doc/source/deploy_install_guides/r1_release/figures/starlingx-deployment-options-simplex.png delete mode 100644 doc/source/deploy_install_guides/r1_release/index.rst delete mode 100644 doc/source/deploy_install_guides/r1_release/installation_libvirt_qemu.rst delete mode 100644 doc/source/deploy_install_guides/r1_release/simplex.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/ansible_bootstrap_configs.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/bare_metal/aio_duplex.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/bare_metal/aio_duplex_extend.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/bare_metal/aio_duplex_hardware.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/bare_metal/aio_duplex_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/bare_metal/aio_simplex.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/bare_metal/aio_simplex_hardware.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/bare_metal/aio_simplex_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/bare_metal/controller_storage.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/bare_metal/controller_storage_hardware.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/bare_metal/controller_storage_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/bare_metal/dedicated_storage.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/bare_metal/dedicated_storage_hardware.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/bare_metal/dedicated_storage_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/bare_metal/ironic.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/bare_metal/ironic_hardware.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/bare_metal/ironic_install.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/desc_aio_duplex.txt delete mode 100644 doc/source/deploy_install_guides/r2_release/desc_aio_simplex.txt delete mode 100644 doc/source/deploy_install_guides/r2_release/desc_controller_storage.txt delete mode 100644 doc/source/deploy_install_guides/r2_release/desc_dedicated_storage.txt delete mode 100644 doc/source/deploy_install_guides/r2_release/figures/starlingx-deployment-options-duplex.png delete mode 100644 doc/source/deploy_install_guides/r2_release/index.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/kubernetes_access.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/openstack/access.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/openstack/install.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/virtual/aio_duplex.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/virtual/aio_duplex_environ.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/virtual/aio_duplex_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/virtual/aio_simplex.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/virtual/aio_simplex_environ.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/virtual/aio_simplex_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/virtual/controller_storage_environ.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/virtual/controller_storage_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/virtual/dedicated_storage_environ.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/virtual/dedicated_storage_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r2_release/virtual/physical_host_req.txt delete mode 100644 doc/source/deploy_install_guides/r3_release/ansible_bootstrap_configs.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/ansible_install_time_only.txt delete mode 100644 doc/source/deploy_install_guides/r3_release/bare_metal/aio_duplex.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/bare_metal/aio_duplex_extend.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/bare_metal/aio_duplex_hardware.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/bare_metal/aio_duplex_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/bare_metal/aio_simplex.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/bare_metal/aio_simplex_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/bare_metal/controller_storage.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/bare_metal/controller_storage_hardware.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/bare_metal/controller_storage_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/bare_metal/dedicated_storage.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/bare_metal/dedicated_storage_hardware.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/bare_metal/dedicated_storage_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/bare_metal/ironic_hardware.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/bare_metal/ironic_install.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/bare_metal/prep_servers.txt delete mode 100644 doc/source/deploy_install_guides/r3_release/desc_dedicated_storage.txt delete mode 100644 doc/source/deploy_install_guides/r3_release/distributed_cloud/index.rst delete mode 100755 doc/source/deploy_install_guides/r3_release/figures/starlingx-aio-controller-configuration.png delete mode 100755 doc/source/deploy_install_guides/r3_release/figures/starlingx-aio-serial-console.png delete mode 100644 doc/source/deploy_install_guides/r3_release/figures/starlingx-deployment-options-controller-storage.png delete mode 100644 doc/source/deploy_install_guides/r3_release/figures/starlingx-deployment-options-dedicated-storage.png delete mode 100644 doc/source/deploy_install_guides/r3_release/figures/starlingx-deployment-options-duplex-extended.png delete mode 100644 doc/source/deploy_install_guides/r3_release/figures/starlingx-deployment-options-ironic.png delete mode 100644 doc/source/deploy_install_guides/r3_release/figures/starlingx-deployment-options-simplex.png delete mode 100755 doc/source/deploy_install_guides/r3_release/figures/starlingx-release3-ansible-bootstrap-simplex.png delete mode 100644 doc/source/deploy_install_guides/r3_release/figures/starlingx-standard-controller-configuration.png delete mode 100644 doc/source/deploy_install_guides/r3_release/index.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/ipv6_note.txt delete mode 100644 doc/source/deploy_install_guides/r3_release/kubernetes_access.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/kubernetes_install_next.txt delete mode 100644 doc/source/deploy_install_guides/r3_release/openstack/access.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/openstack/index.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/openstack/install.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/openstack/uninstall_delete.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/virtual/aio_duplex_environ.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/virtual/aio_duplex_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/virtual/aio_simplex_environ.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/virtual/aio_simplex_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/virtual/controller_storage.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/virtual/controller_storage_environ.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/virtual/controller_storage_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/virtual/dedicated_storage.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/virtual/dedicated_storage_environ.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/virtual/dedicated_storage_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r3_release/virtual/physical_host_req.txt delete mode 100644 doc/source/deploy_install_guides/r4_release/ansible_bootstrap_configs.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/bare_metal/aio_duplex_extend.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/bare_metal/aio_duplex_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/bare_metal/aio_simplex_hardware.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/bare_metal/aio_simplex_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/bare_metal/controller_storage_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/bare_metal/dedicated_storage_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/bare_metal/ironic.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/bare_metal/prep_servers.txt delete mode 100644 doc/source/deploy_install_guides/r4_release/desc_aio_duplex.txt delete mode 100644 doc/source/deploy_install_guides/r4_release/desc_aio_simplex.txt delete mode 100644 doc/source/deploy_install_guides/r4_release/desc_controller_storage.txt delete mode 100644 doc/source/deploy_install_guides/r4_release/figures/starlingx-access-openstack-command.png delete mode 100644 doc/source/deploy_install_guides/r4_release/figures/starlingx-access-openstack-flavorlist.png delete mode 100644 doc/source/deploy_install_guides/r4_release/figures/starlingx-deployment-options-controller-storage.png delete mode 100644 doc/source/deploy_install_guides/r4_release/figures/starlingx-deployment-options-dedicated-storage.png delete mode 100644 doc/source/deploy_install_guides/r4_release/figures/starlingx-deployment-options-distributed-cloud.png delete mode 100644 doc/source/deploy_install_guides/r4_release/figures/starlingx-deployment-options-duplex-extended.png delete mode 100644 doc/source/deploy_install_guides/r4_release/figures/starlingx-deployment-options-duplex.png delete mode 100644 doc/source/deploy_install_guides/r4_release/figures/starlingx-deployment-options-ironic.png delete mode 100644 doc/source/deploy_install_guides/r4_release/figures/starlingx-deployment-options-simplex.png delete mode 100644 doc/source/deploy_install_guides/r4_release/index.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/ipv6_note.txt delete mode 100644 doc/source/deploy_install_guides/r4_release/kubernetes_access.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/kubernetes_install_next.txt delete mode 100644 doc/source/deploy_install_guides/r4_release/openstack/index.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/openstack/install.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/openstack/uninstall_delete.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/virtual/aio_duplex.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/virtual/aio_duplex_environ.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/virtual/aio_duplex_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/virtual/aio_simplex.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/virtual/aio_simplex_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/virtual/controller_storage.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/virtual/controller_storage_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/virtual/dedicated_storage.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/virtual/dedicated_storage_environ.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/virtual/dedicated_storage_install_kubernetes.rst delete mode 100644 doc/source/deploy_install_guides/r4_release/virtual/install_virtualbox.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/ansible_install_time_only.txt delete mode 100644 doc/source/deploy_install_guides/r5_release/bare_metal/aio_duplex.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/bare_metal/aio_duplex_hardware.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/bare_metal/aio_simplex.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/bare_metal/aio_simplex_hardware.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/bare_metal/controller_storage.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/bare_metal/controller_storage_hardware.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/bare_metal/dedicated_storage.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/bare_metal/dedicated_storage_hardware.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/bare_metal/ironic.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/bare_metal/ironic_hardware.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/bare_metal/ironic_install.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/bare_metal/prep_servers.txt delete mode 100644 doc/source/deploy_install_guides/r5_release/desc_aio_duplex.txt delete mode 100644 doc/source/deploy_install_guides/r5_release/desc_aio_simplex.txt delete mode 100644 doc/source/deploy_install_guides/r5_release/desc_controller_storage.txt delete mode 100644 doc/source/deploy_install_guides/r5_release/desc_dedicated_storage.txt delete mode 100644 doc/source/deploy_install_guides/r5_release/distributed_cloud/index.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/figures/install_virtualbox_configparms.png delete mode 100644 doc/source/deploy_install_guides/r5_release/figures/install_virtualbox_guiscreen.png delete mode 100644 doc/source/deploy_install_guides/r5_release/figures/starlingx-access-openstack-command.png delete mode 100644 doc/source/deploy_install_guides/r5_release/figures/starlingx-access-openstack-flavorlist.png delete mode 100644 doc/source/deploy_install_guides/r5_release/figures/starlingx-deployment-options-controller-storage.png delete mode 100644 doc/source/deploy_install_guides/r5_release/figures/starlingx-deployment-options-dedicated-storage.png delete mode 100644 doc/source/deploy_install_guides/r5_release/figures/starlingx-deployment-options-distributed-cloud.png delete mode 100644 doc/source/deploy_install_guides/r5_release/figures/starlingx-deployment-options-duplex-extended.png delete mode 100644 doc/source/deploy_install_guides/r5_release/figures/starlingx-deployment-options-duplex.png delete mode 100644 doc/source/deploy_install_guides/r5_release/figures/starlingx-deployment-options-ironic.png delete mode 100644 doc/source/deploy_install_guides/r5_release/figures/starlingx-deployment-options-simplex.png delete mode 100644 doc/source/deploy_install_guides/r5_release/ipv6_note.txt delete mode 100644 doc/source/deploy_install_guides/r5_release/kubernetes_install_next.txt delete mode 100644 doc/source/deploy_install_guides/r5_release/openstack/access.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/openstack/index.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/openstack/uninstall_delete.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/virtual/aio_duplex.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/virtual/aio_simplex.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/virtual/aio_simplex_environ.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/virtual/config_virtualbox_netwk.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/virtual/controller_storage.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/virtual/controller_storage_environ.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/virtual/dedicated_storage.rst delete mode 100644 doc/source/deploy_install_guides/r5_release/virtual/physical_host_req.txt rename doc/source/deploy_install_guides/{r5_release => r6_release}/ansible_bootstrap_configs.rst (95%) rename doc/source/deploy_install_guides/{r4_release => r6_release}/ansible_install_time_only.txt (89%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/bare_metal/accessing-pxe-boot-server-files-for-a-custom-configuration.rst (92%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/bare_metal/adding-hosts-in-bulk.rst (91%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/bare_metal/adding-hosts-using-the-host-add-command.rst (97%) rename doc/source/deploy_install_guides/{r4_release => r6_release}/bare_metal/aio_duplex.rst (85%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/bare_metal/aio_duplex_extend.rst (100%) rename doc/source/deploy_install_guides/{r4_release => r6_release}/bare_metal/aio_duplex_hardware.rst (95%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/bare_metal/aio_duplex_install_kubernetes.rst (96%) rename doc/source/deploy_install_guides/{r4_release => r6_release}/bare_metal/aio_simplex.rst (82%) rename doc/source/deploy_install_guides/{r3_release => r6_release}/bare_metal/aio_simplex_hardware.rst (95%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/bare_metal/aio_simplex_install_kubernetes.rst (96%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/bare_metal/bootstrapping-from-a-private-docker-registry.rst (96%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/bare_metal/bulk-host-xml-file-format.rst (99%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/bare_metal/configuring-a-pxe-boot-server.rst (96%) rename doc/source/deploy_install_guides/{r4_release => r6_release}/bare_metal/controller_storage.rst (81%) rename doc/source/deploy_install_guides/{r4_release => r6_release}/bare_metal/controller_storage_hardware.rst (95%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/bare_metal/controller_storage_install_kubernetes.rst (96%) rename doc/source/deploy_install_guides/{r4_release => r6_release}/bare_metal/dedicated_storage.rst (81%) rename doc/source/deploy_install_guides/{r4_release => r6_release}/bare_metal/dedicated_storage_hardware.rst (96%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/bare_metal/dedicated_storage_install_kubernetes.rst (96%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/bare_metal/exporting-host-configurations.rst (90%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/bare_metal/inc-install-software-on-controller.rest (100%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/bare_metal/inc-openstack-specific-host-config.rest (100%) rename doc/source/deploy_install_guides/{r3_release => r6_release}/bare_metal/ironic.rst (98%) rename doc/source/deploy_install_guides/{r4_release => r6_release}/bare_metal/ironic_hardware.rst (92%) rename doc/source/deploy_install_guides/{r4_release => r6_release}/bare_metal/ironic_install.rst (95%) rename doc/source/deploy_install_guides/{r2_release => r6_release}/bare_metal/prep_servers.txt (100%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/bare_metal/reinstalling-a-system-or-a-host.rst (95%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/bare_metal/reinstalling-a-system-using-an-exported-host-configuration-file.rst (93%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/bare_metal/rook_storage.rst (81%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/bare_metal/rook_storage_hardware.rst (97%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/bare_metal/rook_storage_install_kubernetes.rst (96%) rename doc/source/deploy_install_guides/{r3_release => r6_release}/desc_aio_duplex.txt (100%) rename doc/source/deploy_install_guides/{r3_release => r6_release}/desc_aio_simplex.txt (100%) rename doc/source/deploy_install_guides/{r3_release => r6_release}/desc_controller_storage.txt (100%) rename doc/source/deploy_install_guides/{r4_release => r6_release}/desc_dedicated_storage.txt (100%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/desc_rook_storage.txt (100%) rename doc/source/deploy_install_guides/{r4_release => r6_release}/distributed_cloud/index.rst (93%) rename doc/source/deploy_install_guides/{r4_release => r6_release}/figures/install_virtualbox_configparms.png (100%) rename doc/source/deploy_install_guides/{r4_release => r6_release}/figures/install_virtualbox_guiscreen.png (100%) rename doc/source/deploy_install_guides/{r3_release => r6_release}/figures/starlingx-access-openstack-command.png (100%) rename doc/source/deploy_install_guides/{r3_release => r6_release}/figures/starlingx-access-openstack-flavorlist.png (100%) rename doc/source/deploy_install_guides/{r2_release => r6_release}/figures/starlingx-deployment-options-controller-storage.png (100%) rename doc/source/deploy_install_guides/{r2_release => r6_release}/figures/starlingx-deployment-options-dedicated-storage.png (100%) rename doc/source/deploy_install_guides/{r3_release => r6_release}/figures/starlingx-deployment-options-distributed-cloud.png (100%) rename doc/source/deploy_install_guides/{r2_release => r6_release}/figures/starlingx-deployment-options-duplex-extended.png (100%) rename doc/source/deploy_install_guides/{r3_release => r6_release}/figures/starlingx-deployment-options-duplex.png (100%) rename doc/source/deploy_install_guides/{r2_release => r6_release}/figures/starlingx-deployment-options-ironic.png (100%) rename doc/source/deploy_install_guides/{r2_release => r6_release}/figures/starlingx-deployment-options-simplex.png (100%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/index.rst (92%) rename doc/source/deploy_install_guides/{r2_release => r6_release}/ipv6_note.txt (100%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/kubernetes_access.rst (95%) rename doc/source/deploy_install_guides/{r2_release => r6_release}/kubernetes_install_next.txt (100%) rename doc/source/deploy_install_guides/{r4_release => r6_release}/openstack/access.rst (100%) rename doc/source/deploy_install_guides/{r2_release => r6_release}/openstack/index.rst (100%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/openstack/install.rst (95%) rename doc/source/deploy_install_guides/{r2_release => r6_release}/openstack/uninstall_delete.rst (100%) rename doc/source/deploy_install_guides/{r3_release => r6_release}/virtual/aio_duplex.rst (87%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/virtual/aio_duplex_environ.rst (92%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/virtual/aio_duplex_install_kubernetes.rst (96%) rename doc/source/deploy_install_guides/{r3_release => r6_release}/virtual/aio_simplex.rst (82%) rename doc/source/deploy_install_guides/{r4_release => r6_release}/virtual/aio_simplex_environ.rst (92%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/virtual/aio_simplex_install_kubernetes.rst (95%) rename doc/source/deploy_install_guides/{r4_release => r6_release}/virtual/config_virtualbox_netwk.rst (100%) rename doc/source/deploy_install_guides/{r2_release => r6_release}/virtual/controller_storage.rst (86%) rename doc/source/deploy_install_guides/{r4_release => r6_release}/virtual/controller_storage_environ.rst (90%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/virtual/controller_storage_install_kubernetes.rst (95%) rename doc/source/deploy_install_guides/{r2_release => r6_release}/virtual/dedicated_storage.rst (86%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/virtual/dedicated_storage_environ.rst (93%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/virtual/dedicated_storage_install_kubernetes.rst (96%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/virtual/install_virtualbox.rst (96%) rename doc/source/deploy_install_guides/{r4_release => r6_release}/virtual/physical_host_req.txt (100%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/virtual/rook_storage.rst (86%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/virtual/rook_storage_environ.rst (96%) rename doc/source/deploy_install_guides/{r5_release => r6_release}/virtual/rook_storage_install_kubernetes.rst (99%) diff --git a/doc/source/_includes/docker-proxy-config.rest b/doc/source/_includes/docker-proxy-config.rest index 132a3e0cd..2609a24bc 100644 --- a/doc/source/_includes/docker-proxy-config.rest +++ b/doc/source/_includes/docker-proxy-config.rest @@ -16,7 +16,7 @@ Set proxy at bootstrap To set the Docker proxy at bootstrap time, refer to :doc:`Ansible Bootstrap Configurations -<../deploy_install_guides/r3_release/ansible_bootstrap_configs>`. +<../deploy_install_guides/r6_release/ansible_bootstrap_configs>`. .. r3_end diff --git a/doc/source/configuration/cert_config.rst b/doc/source/configuration/cert_config.rst index 59f8859e0..a3a532981 100644 --- a/doc/source/configuration/cert_config.rst +++ b/doc/source/configuration/cert_config.rst @@ -56,9 +56,9 @@ self-signed certificate is automatically installed. In order to connect, remote clients must be configured to accept the self-signed certificate without verifying it. This is called *insecure mode*. -For secure-mode connections, a CA-signed certificate, or an ICA (intermediate -CA) signed certificate is required. Using a CA or ICA signed certificate is -strongly recommended. +For secure-mode connections, a CA-signed certificate, or an ICA (intermediate +CA) signed certificate is required. Using a CA or ICA signed certificate is +strongly recommended. * To install (or update) the certificate used by StarlingX REST API applications and the StarlingX Horizon GUI: @@ -66,12 +66,12 @@ strongly recommended. ~(keystone_admin)]$ system certificate-install -m ssl - where ```` == a PEM file containing both the private key - and the signed public certificate. In the case of an ICA signed certificate, - the PEM file also contains the intermediate CA certificates. The certificates - in the file should be ordered such that each of the certificates is signed - by the succeeding one, with the public certificate as the very first in the - list. + where ```` == a PEM file containing both the private key + and the signed public certificate. In the case of an ICA signed certificate, + the PEM file also contains the intermediate CA certificates. The certificates + in the file should be ordered such that each of the certificates is signed + by the succeeding one, with the public certificate as the very first in the + list. You can update the certificate used by StarlingX platform at any time after installation. @@ -108,7 +108,7 @@ Certificate Authority. Currently the Kubernetes root CA certificate and key can only be updated at Ansible bootstrap time. For details, see -:ref:`Kubernetes root CA certificate and key `. +:ref:`Kubernetes root CA certificate and key `. --------------------- Local Docker registry @@ -116,8 +116,8 @@ Local Docker registry HTTPS is always enabled for the local Docker registry. Similarly, a self-signed certificate is used by default, however, we recommend that you update the -certificate with a certificate signed by a Certificate Authority or an -intermediate Certificate Authority after installation. +certificate with a certificate signed by a Certificate Authority or an +intermediate Certificate Authority after installation. * To install (or update) the certificate used by the local Docker registry: :: @@ -125,10 +125,10 @@ intermediate Certificate Authority after installation. ~(keystone_admin)]$ system certificate-install -m docker_registry where ```` == a PEM file containing both the private key and - the signed public certificate. In the case of an ICA signed certificate, the - PEM file also contains the intermediate CA certificates. The certificates in - the file should be ordered such that each of the certificates is signed by - the succeeding one, with the public certificate as the very first in the list. + the signed public certificate. In the case of an ICA signed certificate, the + PEM file also contains the intermediate CA certificates. The certificates in + the file should be ordered such that each of the certificates is signed by + the succeeding one, with the public certificate as the very first in the list. Note that the CA-signed certificate for the registry must have at least the following :abbr:`SANs (Subject Alternative Names)`: diff --git a/doc/source/deploy/deployment-and-configuration-options-standard-configuration-with-controller-storage.rst b/doc/source/deploy/deployment-and-configuration-options-standard-configuration-with-controller-storage.rst index aca7abf22..72c74a028 100644 --- a/doc/source/deploy/deployment-and-configuration-options-standard-configuration-with-controller-storage.rst +++ b/doc/source/deploy/deployment-and-configuration-options-standard-configuration-with-controller-storage.rst @@ -10,7 +10,7 @@ Standard Configuration with Controller Storage back-end for Kubernetes |PVCs| deployed on the controller nodes instead of using dedicated storage nodes. -.. image:: /deploy_install_guides/r5_release/figures/starlingx-deployment-options-controller-storage.png +.. image:: /deploy_install_guides/r6_release/figures/starlingx-deployment-options-controller-storage.png :width: 800 See :ref:`Common Components ` for a description of common diff --git a/doc/source/deploy/deployment-config-options-all-in-one-duplex-configuration.rst b/doc/source/deploy/deployment-config-options-all-in-one-duplex-configuration.rst index ee19d2e4b..3f6b68b90 100644 --- a/doc/source/deploy/deployment-config-options-all-in-one-duplex-configuration.rst +++ b/doc/source/deploy/deployment-config-options-all-in-one-duplex-configuration.rst @@ -14,7 +14,7 @@ redundant pair of hosts. :local: :depth: 1 -.. image:: /deploy_install_guides/r5_release/figures/starlingx-deployment-options-duplex.png +.. image:: /deploy_install_guides/r6_release/figures/starlingx-deployment-options-duplex.png :width: 800 See :ref:`Common Components ` for a description of common @@ -97,7 +97,7 @@ Up to fifty worker/compute nodes can be added to the All-in-one Duplex deployment, allowing a capacity growth path if starting with an AIO-Duplex deployment. -.. image:: /deploy_install_guides/r5_release/figures/starlingx-deployment-options-duplex-extended.png +.. image:: /deploy_install_guides/r6_release/figures/starlingx-deployment-options-duplex-extended.png :width: 800 The extended capacity is limited up to fifty worker/compute nodes as the diff --git a/doc/source/deploy/deployment-config-optionsall-in-one-simplex-configuration.rst b/doc/source/deploy/deployment-config-optionsall-in-one-simplex-configuration.rst index 30de4b817..693f841a6 100644 --- a/doc/source/deploy/deployment-config-optionsall-in-one-simplex-configuration.rst +++ b/doc/source/deploy/deployment-config-optionsall-in-one-simplex-configuration.rst @@ -10,7 +10,7 @@ The AIO Simplex deployment configuration provides a scaled-down |prod| that combines controller, storage, and worker functionality on a single non-redundant host. -.. image:: /deploy_install_guides/r5_release/figures/starlingx-deployment-options-simplex.png +.. image:: /deploy_install_guides/r6_release/figures/starlingx-deployment-options-simplex.png :width: 800 .. note:: diff --git a/doc/source/deploy/standard-configuration-with-dedicated-storage.rst b/doc/source/deploy/standard-configuration-with-dedicated-storage.rst index b4983fffe..8bd290b54 100644 --- a/doc/source/deploy/standard-configuration-with-dedicated-storage.rst +++ b/doc/source/deploy/standard-configuration-with-dedicated-storage.rst @@ -9,7 +9,7 @@ Standard Configuration with Dedicated Storage Deployment of |prod| with dedicated storage nodes provides the highest capacity \(single region\), performance, and scalability. -.. image:: /deploy_install_guides/r5_release/figures/starlingx-deployment-options-dedicated-storage.png +.. image:: /deploy_install_guides/r6_release/figures/starlingx-deployment-options-dedicated-storage.png :width: 800 See :ref:`Common Components ` for a description of common diff --git a/doc/source/deploy_install_guides/index.rst b/doc/source/deploy_install_guides/index.rst index 53b00e01c..4ef7ea5e7 100755 --- a/doc/source/deploy_install_guides/index.rst +++ b/doc/source/deploy_install_guides/index.rst @@ -6,41 +6,28 @@ Installation and deployment guides for StarlingX are release-specific. Each guide provides instruction on a specific StarlingX configuration (e.g. All-in-one Simplex). -.. _latest_release: - ------------------------- -Supported release (R4.0) ------------------------- - -StarlingX R4.0 is the most recent supported release of StarlingX. - -.. toctree:: - :maxdepth: 1 - - r4_release/index - ------------------------- Upcoming release (latest) ------------------------- -StarlingX R5.0 is under development. +StarlingX R6.0 is under development. .. toctree:: :maxdepth: 1 - r5_release/index + r6_release/index ------------------ -Archived releases ------------------ +------------------------------- +Supported and archived releases +------------------------------- -.. toctree:: - :maxdepth: 1 +StarlingX R5.0 is the most recent supported release of StarlingX. + +To view the R5.0 documentation, use the **Version** selector in the upper right +or go directly to `Installation guides for R5.0 and older releases +`_. - r3_release/index - r2_release/index - r1_release/index .. Add common files to toctree @@ -52,16 +39,18 @@ Archived releases bootable_usb nvme_config +.. Docs note: Starting with R5 (May 2021), team agreed that the latest/working + branch will include the current install guides only. The archived releases + will only be available in a release-specific branch. The instructions below + are modified to reflect this change. .. Making a new release -.. 1. Archive the previous 'supported' release. - Move the toctree link from the Supported release section into the Archived - releases toctree. -.. 2. Make the previous 'upcoming' release the new 'supported'. - Move the toctree link from the Upcoming release section into the Supported - release. Update intro text for the Supported release section to use the +.. 1. Make the previous 'upcoming' release the new 'supported' release. + Copy the folder to the release-specific branch. + Copy the toctree link into the Supported section of install landing page. + Update intro text for the Supported release section to use the latest version. -.. 3. Add new 'upcoming' release, aka 'Latest' on the version button. +.. 2. Add new 'upcoming' release, aka 'Latest' on the version button. If new upcoming release docs aren't ready, remove toctree from Upcoming section and just leave intro text. Update text for the upcoming release version. Once the new upcoming docs are ready, add them in the @@ -70,9 +59,9 @@ Archived releases .. Adding new release docs .. 1. Make sure the most recent release versioned docs are complete for that release. -.. 2. Make a copy of the most recent release folder e.g. 'r4_release.' Rename - the folder for the new release e.g. 'r5_release'. +.. 2. Make a copy of the most recent release folder e.g. 'r6_release.' Rename + the folder for the new release e.g. 'r7_release'. .. 3. Search and replace all references to previous release number with the new - release number. For example replace all 'R4.0' with 'R5.0.' Also search + release number. For example replace all 'R6.0' with 'R7.0.' Also search and replace any links that may have a specific release number in the path. .. 4. Link new version on this page (the index page). diff --git a/doc/source/deploy_install_guides/r1_release/controller_storage.rst b/doc/source/deploy_install_guides/r1_release/controller_storage.rst deleted file mode 100644 index 90ef23456..000000000 --- a/doc/source/deploy_install_guides/r1_release/controller_storage.rst +++ /dev/null @@ -1,1004 +0,0 @@ -======================= -Controller storage R1.0 -======================= - -.. contents:: - :local: - :depth: 1 - -**NOTE:** The instructions to set up a StarlingX Cloud with Controller -Storage with containerized openstack services in this guide -are under development. -For approved instructions, see the -`StarlingX Cloud with Controller Storage wiki page `__. - ----------------------- -Deployment description ----------------------- - -The Controller Storage deployment option provides a 2x node high availability -controller / storage cluster with: - -- A pool of up to seven compute nodes. The pool size limit is due to the capacity of - the storage function. -- A growth path for storage to the full standard solution with an independent - CEPH storage cluster. -- High availability services running across the controller nodes in either - active/active or active/standby mode. -- Storage function running on top of LVM on single second disk, DRBD-synchronized - between the controller nodes. - -.. figure:: figures/starlingx-deployment-options-controller-storage.png - :scale: 50% - :alt: Controller Storage deployment configuration - - *Controller Storage deployment configuration* - -A Controller Storage deployment provides protection against overall controller -node and compute node failure: - -- On overall controller node failure, all controller high availability services - go active on the remaining healthy controller node. -- On overall compute node failure, virtual machines on a failed compute node are - recovered on the remaining healthy compute nodes. - ------------------------------------- -Preparing controller storage servers ------------------------------------- - -********** -Bare metal -********** - -Required servers: - -- Controllers: 2 -- Computes: 2 - 100 - -^^^^^^^^^^^^^^^^^^^^^ -Hardware requirements -^^^^^^^^^^^^^^^^^^^^^ - -The recommended minimum requirements for the physical servers where -Controller Storage is deployed include: - -- Minimum processor: - - - Dual-CPU Intel® Xeon® E5 26xx family (SandyBridge) 8 cores/socket - -- Memory: - - - 64 GB controller - - 32 GB compute - -- BIOS: - - - Hyper-Threading technology: Enabled - - Virtualization technology: Enabled - - VT for directed I/O: Enabled - - CPU power and performance policy: Performance - - CPU C state control: Disabled - - Plug & play BMC detection: Disabled - -- Primary disk: - - - 500 GB SSD or NVMe controller - - 120 GB (min. 10K RPM) compute - -- Additional disks: - - - One or more 500 GB disks (min. 10K RPM) compute - -- Network ports\* - - - Management: 10GE controller, compute - - OAM: 10GE controller - - Data: n x 10GE compute - -******************* -Virtual environment -******************* - -Run the libvirt QEMU setup scripts to set up virtualized OAM and -management networks: - -:: - - $ bash setup_network.sh - -Building XML for definition of virtual servers: - -:: - - $ bash setup_configuration.sh -c controllerstorage -i - -The default XML server definitions that are created by the previous script -are as follows: - -- controllerstorage-controller-0 -- controllerstorage-controller-1 -- controllerstorage-compute-0 -- controllerstorage-compute-1 - -^^^^^^^^^^^^^^^^^^^^^^^^^ -Power up a virtual server -^^^^^^^^^^^^^^^^^^^^^^^^^ - -To power up a virtual server, run the following command: - -:: - - $ sudo virsh start - -Here is an example: - -:: - - $ sudo virsh start controllerstorage-controller-0 - -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -Access virtual server consoles -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -The XML for virtual servers in stx-tools repo, deployment/libvirt, -provides both graphical and text consoles. -Follow these steps to access a virtual server console: - -#. Access the graphical console in virt-manager by right-clicking on the - domain (i.e. the server) and selecting "Open". - -#. Access the textual console using the command "virsh console $DOMAIN", - where DOMAIN is the name of the server shown in virsh. - -#. When booting controller-0 for the first time, both the serial and - graphical consoles present the initial configuration menu for the - cluster. You can select the serial or graphical console for controller-0. - However, for the other nodes, you can only use the serial console - regardless of the selected option. - -#. Open the graphic console on all servers before powering them on to - observe the boot device selection and PXI boot progress. Run the "virsh - console $DOMAIN" command promptly after powering up to see the initial boot - sequence that follows the boot device selection. Only a few seconds exist - during which you can see the sequence. - --------------------------------- -Installing the controller-0 host --------------------------------- - -Installing controller-0 involves initializing a host with software and -then applying a bootstrap configuration from the command line. The -configured bootstrapped host becomes controller-0. - -Following is the general procedure: - -#. Be sure the StarlingX ISO is on a USB device and it is plugged into - the USB port of the server that will be controller-0 and then - power on the server. - -#. Configure the controller using the config_controller script. - -************************* -Initializing controller-0 -************************* - -This section describes how to initialize StarlingX in host controller-0. -Except where noted, you must execute all the commands from a console of -the host. - -#. Be sure the StarlingX ISO is on a USB device and it is plugged into - the USB port of the server that will be controller-0. - -#. Power on the server. - -#. Wait for the console to show the StarlingX ISO booting options: - - - **All-in-one Controller Configuration** - - - When the installer is loaded and the installer welcome screen - appears in the controller-0 host, select "All-in-one Controller Configuration" - for the type of installation. - - - **Graphical Console** - - - Select the "Graphical Console" as the console to use during - installation. - - - **Standard Security Boot Profile** - - - Select "Standard Security Boot Profile" as the Security Profile. - -#. Monitor the initialization. When the installation is complete, a reboot is initiated - on the controller-0 host. The GNU GRUB screen briefly displays and then - boots automatically into the StarlingX image. - -#. Log into controller-0 as user wrsroot and use wrsroot as the password. The - first time you log in as wrsroot, you are required to change your - password. Enter the current password (i.e. wrsroot): - - :: - - Changing password for wrsroot. - (current) UNIX Password: - -#. Enter a new password for the wrsroot account: - - :: - - New password: - -#. Enter the new password again to confirm it: - - :: - - Retype new password: - -#. The controller-0 is initialized with StarlingX and is ready for configuration. - -************************ -Configuring controller-0 -************************ - -This section describes how to interactively configure controller-0 -to bootstrap the system with minimal critical data. -Except where noted, you must execute all commands from the console -of the active controller (i.e. controller-0). - -When run interactively, the config_controller script presents a series -of prompts for initial configuration of StarlingX: - -- For the virtual environment, you can accept all the default values - immediately after "system date and time". -- For a physical deployment, answer the bootstrap configuration - questions with answers applicable to your particular physical setup. - -The script configures the first controller in the StarlingX -cluster as controller-0. The prompts are grouped by configuration -area. - -Follow this procedure to interactively configure controller-0: - -#. Start the script with no parameters: - - :: - - controller-0:~$ sudo config_controller - System Configuration - ================ - Enter ! at any prompt to abort... - ... - -#. Accept all the default values immediately after "system date and time": - -:: - - ... - Applying configuration (this will take several minutes): - - 01/08: Creating bootstrap configuration ... DONE - 02/08: Applying bootstrap manifest ... DONE - 03/08: Persisting local configuration ... DONE - 04/08: Populating initial system inventory ... DONE - 05:08: Creating system configuration ... DONE - 06:08: Applying controller manifest ... DONE - 07:08: Finalize controller configuration ... DONE - 08:08: Waiting for service activation ... DONE - - Configuration was applied - - Please complete any out of service commissioning steps with system - commands and unlock controller to proceed. - -#. After config_controller bootstrap configuration, REST API, CLI and - Horizon interfaces are enabled on the controller-0 OAM IP address. The - remaining installation instructions use the CLI. - ------------------------------------- -Provisioning controller-0 and system ------------------------------------- - -On controller-0, acquire Keystone administrative privileges: - -:: - - controller-0:~$ source /etc/nova/openrc - -********************************************* -Configuring provider networks at installation -********************************************* - -You must set up provider networks at installation so that you can attach -data interfaces and unlock the compute nodes. - -Set up one provider network of the vlan type and name it providernet-a: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ neutron providernet-create providernet-a --type=vlan - [wrsroot@controller-0 ~(keystone_admin)]$ neutron providernet-range-create --name providernet-a-range1 --range 100-400 providernet-a - -************************************* -Configuring Cinder on controller disk -************************************* - -Follow these steps: - -#. Review the available disk space and capacity and obtain the uuid of the - physical disk: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-list controller-0 - +--------------------------------------+-----------+---------+---------+-------+------------+--------------+... - | uuid | device_no | device_ | device_ | size_ | available_ | rpm |... - | | de | num | type | gib | gib | |... - +--------------------------------------+-----------+---------+---------+-------+------------+--------------+... - | 004f4c09-2f61-46c5-8def-99b2bdeed83c | /dev/sda | 2048 | HDD | 200.0 | 0.0 | |... - | 89694799-0dd8-4532-8636-c0d8aabfe215 | /dev/sdb | 2064 | HDD | 200.0 | 199.997 | |... - +--------------------------------------+-----------+---------+---------+-------+------------+--------------+... - -#. Create the 'cinder-volumes' local volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-lvg-add controller-0 cinder-volumes - +-----------------+--------------------------------------+ - | Property | Value | - +-----------------+--------------------------------------+ - | lvm_vg_name | cinder-volumes | - | vg_state | adding | - | uuid | ece4c755-241c-4363-958e-85e9e3d12917 | - | ihost_uuid | 150284e2-fb60-4169-ae75-7f444b8ca9bf | - | lvm_vg_access | None | - | lvm_max_lv | 0 | - | lvm_cur_lv | 0 | - | lvm_max_pv | 0 | - | lvm_cur_pv | 0 | - | lvm_vg_size_gib | 0.00 | - | lvm_vg_total_pe | 0 | - | lvm_vg_free_pe | 0 | - | created_at | 2018-08-22T03:59:30.685718+00:00 | - | updated_at | None | - | parameters | {u'lvm_type': u'thin'} | - +-----------------+--------------------------------------+ - -#. Create a disk partition to add to the volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-partition-add controller-0 89694799-0dd8-4532-8636-c0d8aabfe215 199 -t lvm_phys_vol - +-------------+--------------------------------------------------+ - | Property | Value | - +-------------+--------------------------------------------------+ - | device_path | /dev/disk/by-path/pci-0000:00:03.0-ata-2.0-part1 | - | device_node | /dev/sdb1 | - | type_guid | ba5eba11-0000-1111-2222-000000000001 | - | type_name | None | - | start_mib | None | - | end_mib | None | - | size_mib | 203776 | - | uuid | 9ba2d76a-6ae2-4bfa-ad48-57b62d102e80 | - | ihost_uuid | 150284e2-fb60-4169-ae75-7f444b8ca9bf | - | idisk_uuid | 89694799-0dd8-4532-8636-c0d8aabfe215 | - | ipv_uuid | None | - | status | Creating | - | created_at | 2018-08-22T04:03:40.761221+00:00 | - | updated_at | None | - +-------------+--------------------------------------------------+ - -#. Wait for the new partition to be created (i.e. status=Ready): - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-partition-list controller-0 --disk 89694799-0dd8-4532-8636-c0d8aabfe215 - +--------------------------------------+...+------------+...+---------------------+----------+--------+ - | uuid |...| device_nod |...| type_name | size_mib | status | - | |...| e |...| | | | - +--------------------------------------+...+------------+...+---------------------+----------+--------+ - | 9ba2d76a-6ae2-4bfa-ad48-57b62d102e80 |...| /dev/sdb1 |...| LVM Physical Volume | 199.0 | Ready | - | |...| |...| | | | - | |...| |...| | | | - +--------------------------------------+...+------------+...+---------------------+----------+--------+ - -#. Add the partition to the volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-pv-add controller-0 cinder-volumes 9ba2d76a-6ae2-4bfa-ad48-57b62d102e80 - +--------------------------+--------------------------------------------------+ - | Property | Value | - +--------------------------+--------------------------------------------------+ - | uuid | 060dc47e-bc17-40f4-8f09-5326ef0e86a5 | - | pv_state | adding | - | pv_type | partition | - | disk_or_part_uuid | 9ba2d76a-6ae2-4bfa-ad48-57b62d102e80 | - | disk_or_part_device_node | /dev/sdb1 | - | disk_or_part_device_path | /dev/disk/by-path/pci-0000:00:03.0-ata-2.0-part1 | - | lvm_pv_name | /dev/sdb1 | - | lvm_vg_name | cinder-volumes | - | lvm_pv_uuid | None | - | lvm_pv_size_gib | 0.0 | - | lvm_pe_total | 0 | - | lvm_pe_alloced | 0 | - | ihost_uuid | 150284e2-fb60-4169-ae75-7f444b8ca9bf | - | created_at | 2018-08-22T04:06:54.008632+00:00 | - | updated_at | None | - +--------------------------+--------------------------------------------------+ - -#. Enable the LVM backend: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system storage-backend-add lvm -s cinder --confirmed - -#. Wait for the storage backend to leave the "configuring" state. Confirm LVM - backend storage is configured: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system storage-backend-list - +--------------------------------------+------------+---------+------------+------+----------+... - | uuid | name | backend | state | task | services |... - +--------------------------------------+------------+---------+------------+------+----------+... - | 1daf3e5b-4122-459f-9dba-d2e92896e718 | file-store | file | configured | None | glance |... - | a4607355-be7e-4c5c-bf87-c71a0e2ad380 | lvm-store | lvm | configured | None | cinder |... - +--------------------------------------+------------+---------+------------+------+----------+... - -********************** -Unlocking controller-0 -********************** - -You must unlock controller-0 so that you can use it to install the -remaining hosts. On controller-0, acquire Keystone administrative -privileges. Use the system host-unlock command: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-unlock controller-0 - -The host reboots. During the reboot, the command line is -unavailable and any ssh connections are dropped. To monitor the -progress of the reboot, use the controller-0 console. - -**************************************** -Verifying the controller-0 configuration -**************************************** - -Follow these steps: - -#. On controller-0, acquire Keystone administrative privileges: - - :: - - controller-0:~$ source /etc/nova/openrc - -#. Verify StarlingX controller services are running: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system service-list - +-----+-------------------------------+--------------+----------------+ - | id | service_name | hostname | state | - +-----+-------------------------------+--------------+----------------+ - ... - | 1 | oam-ip | controller-0 | enabled-active | - | 2 | management-ip | controller-0 | enabled-active | - ... - +-----+-------------------------------+--------------+----------------+ - -#. Verify that controller-0 is unlocked, enabled, and available: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - +----+--------------+-------------+----------------+-------------+--------------+ - ---------------------------------------- -Installing controller-1 / compute hosts ---------------------------------------- - -After initializing and configuring an active controller, you can add and -configure a backup controller as well as additional compute or storage hosts. -For each host do the following: - -********************* -Initializing the host -********************* - -Power on the Host. The following displays in the host's console: - -:: - - Waiting for this node to be configured. - - Please configure the personality for this node from the - controller node in order to proceed. - -****************************************** -Updating the host hostname and personality -****************************************** - -Follow these steps: - -#. On controller-0, acquire Keystone administrative privileges: - - :: - - controller-0:~$ source /etc/nova/openrc - -#. Wait for controller-0 to discover the new host. - List the host until a new UNKNOWN host appears in the table: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | None | None | locked | disabled | offline | - +----+--------------+-------------+----------------+-------------+--------------+ - -#. Use the system host-add command to update the host's personality attribute: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-update 2 personality=controller hostname=controller-1 - - Or for compute-0: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-update 3 personality=compute hostname=compute-0 - - **NOTE:** You can also see the 'system help host-update' for more information. - - Unless it is known that the host's configuration can support the - installation of more than one node, it is recommended that the - installation and configuration of each node be serialized. For example, - if the virtual disks for the entire cluster are hosted on the host's - root disk and that disk happens to be a single rotational type hard disk, - then the host cannot reliably support parallel node installation. - -************* -Monitor hosts -************* - -On controller-0, you can monitor the installation progress by periodically -running the system host-show command for the host. Progress appears -in the install_state field. - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-show | grep install - | install_output | text | - | install_state | booting | - | install_state_info | None | - -Wait while the host is configured and rebooted. Depending on hardware, -a reboot can take up to 20 minutes. When the reboot completes, -the host is reported as locked, disabled, and online. - -********** -List hosts -********** - -You can use the system host-list command to list the hosts -once the nodes have been installed, configured and rebooted, on -controller-0: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-1 | controller | locked | disabled | online | - | 3 | compute-0 | compute | locked | disabled | online | - | 4 | compute-1 | compute | locked | disabled | online | - +----+--------------+-------------+----------------+-------------+--------------+ - -------------------------- -Provisioning controller-1 -------------------------- - -Use the system host-list on controller-0 to list the hosts: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - ... - | 2 | controller-1 | controller | locked | disabled | online | - ... - +----+--------------+-------------+----------------+-------------+--------------+ - -*********************************************** -Provisioning network interfaces on controller-1 -*********************************************** - -Follow these steps: - -#. Use the system host-port-list command to list hardware port names, types, - and PCI addresses that have been discovered: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-port-list controller-1 - -#. Provision the OAM interface for controller-1: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-if-modify -n -c platform --networks oam controller-1 - -************************************ -Provisioning storage on controller-1 -************************************ - -Follow these steps: - -#. Review the available disk space and capacity and obtain the uuid of the - physical disk: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-list controller-1 - +--------------------------------------+-----------+---------+---------+-------+------------+ - | uuid | device_no | device_ | device_ | size_ | available_ | - | | de | num | type | gib | gib | - +--------------------------------------+-----------+---------+---------+-------+------------+ - | f7ce53db-7843-457e-8422-3c8f9970b4f2 | /dev/sda | 2048 | HDD | 200.0 | 0.0 | - | 70b83394-968e-4f0d-8a99-7985cd282a21 | /dev/sdb | 2064 | HDD | 200.0 | 199.997 | - +--------------------------------------+-----------+---------+---------+-------+------------+ - -#. Assign Cinder storage to the physical disk: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-lvg-add controller-1 cinder-volumes - +-----------------+--------------------------------------+ - | Property | Value | - +-----------------+--------------------------------------+ - | lvm_vg_name | cinder-volumes | - | vg_state | adding | - | uuid | 22d8b94a-200a-4fd5-b1f5-7015ddf10d0b | - | ihost_uuid | 06827025-eacb-45e6-bb88-1a649f7404ec | - | lvm_vg_access | None | - | lvm_max_lv | 0 | - | lvm_cur_lv | 0 | - | lvm_max_pv | 0 | - | lvm_cur_pv | 0 | - | lvm_vg_size_gib | 0.00 | - | lvm_vg_total_pe | 0 | - | lvm_vg_free_pe | 0 | - | created_at | 2018-08-22T05:33:44.608913+00:00 | - | updated_at | None | - | parameters | {u'lvm_type': u'thin'} | - +-----------------+--------------------------------------+ - -#. Create a disk partition to add to the volume group based on the uuid of the - physical disk: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-partition-add controller-1 70b83394-968e-4f0d-8a99-7985cd282a21 199 -t lvm_phys_vol - +-------------+--------------------------------------------------+ - | Property | Value | - +-------------+--------------------------------------------------+ - | device_path | /dev/disk/by-path/pci-0000:00:03.0-ata-2.0-part1 | - | device_node | /dev/sdb1 | - | type_guid | ba5eba11-0000-1111-2222-000000000001 | - | type_name | None | - | start_mib | None | - | end_mib | None | - | size_mib | 203776 | - | uuid | 16a1c5cb-620c-47a3-be4b-022eafd122ee | - | ihost_uuid | 06827025-eacb-45e6-bb88-1a649f7404ec | - | idisk_uuid | 70b83394-968e-4f0d-8a99-7985cd282a21 | - | ipv_uuid | None | - | status | Creating (on unlock) | - | created_at | 2018-08-22T05:36:42.123770+00:00 | - | updated_at | None | - +-------------+--------------------------------------------------+ - -#. Wait for the new partition to be created (i.e. status=Ready): - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-partition-list controller-1 --disk 70b83394-968e-4f0d-8a99-7985cd282a21 - +--------------------------------------+...+------------+...+-------+--------+----------------------+ - | uuid |...| device_nod | ... | size_g | status | - | |...| e | ... | ib | | - +--------------------------------------+...+------------+ ... +--------+----------------------+ - | 16a1c5cb-620c-47a3-be4b-022eafd122ee |...| /dev/sdb1 | ... | 199.0 | Creating (on unlock) | - | |...| | ... | | | - | |...| | ... | | | - +--------------------------------------+...+------------+...+--------+----------------------+ - -#. Add the partition to the volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-pv-add controller-1 cinder-volumes 16a1c5cb-620c-47a3-be4b-022eafd122ee - +--------------------------+--------------------------------------------------+ - | Property | Value | - +--------------------------+--------------------------------------------------+ - | uuid | 01d79ed2-717f-428e-b9bc-23894203b35b | - | pv_state | adding | - | pv_type | partition | - | disk_or_part_uuid | 16a1c5cb-620c-47a3-be4b-022eafd122ee | - | disk_or_part_device_node | /dev/sdb1 | - | disk_or_part_device_path | /dev/disk/by-path/pci-0000:00:03.0-ata-2.0-part1 | - | lvm_pv_name | /dev/sdb1 | - | lvm_vg_name | cinder-volumes | - | lvm_pv_uuid | None | - | lvm_pv_size_gib | 0.0 | - | lvm_pe_total | 0 | - | lvm_pe_alloced | 0 | - | ihost_uuid | 06827025-eacb-45e6-bb88-1a649f7404ec | - | created_at | 2018-08-22T05:44:34.715289+00:00 | - | updated_at | None | - +--------------------------+--------------------------------------------------+ - -********************** -Unlocking controller-1 -********************** - -Follow these steps: - -#. Unlock controller-1: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-unlock controller-1 - -#. Wait for controller-1 to reboot. Depending on hardware, it can - take up to 10 minutes for the reboot to complete. - - **NOTE:** Controller-1 remains in a degraded state until - data synchronization is complete. The length of time controller-1 - remains in this state depends on the virtualization host's configuration - (i.e. the number and configuration of physical disks used to host - the nodes' virtual disks. Also, the management network is expected - to have a link capacity of 10000. Link capacity of 1000 is not - supported due to excessive data synchronization time. Use 'fm alarm-list' to - confirm status. - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-1 | controller | unlocked | enabled | available | - ... - ---------------------------- -Provisioning a compute host ---------------------------- - -You must configure the network interfaces and the storage disks on a -host before you can unlock it. For each compute host, do the following: - -On controller-0, acquire Keystone administrative privileges: - -:: - - controller-0:~$ source /etc/nova/openrc - -************************************************* -Provisioning network interfaces on a compute host -************************************************* - -Follow these steps: - -#. In order to identify hardware port names, types, and discovered - pci-addresses on controller-0, list the host ports: - - - **Only in virtual environment**: Ensure that the interface used is - one of those attached to the host bridge with model type "virtio" (i.e. - eth1000 and eth1001). The model type "e1000" emulated devices will - not work for provider networks: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-port-list compute-0 - -#. Use the following command to provision the data interface for compute: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-if-modify -p providernet-a -c data compute-0 eth1000 - -*************************** -VSwitch virtual environment -*************************** - -**Only in virtual environment**. If the compute node has more than four CPUs, -the system auto-configures the vswitch to use two cores. However, some virtual -environments do not properly support multi-queue, which is required in a -multi-CPU environment. Therefore, run the following command to reduce the -vswitch cores to one: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-cpu-modify compute-0 -f vswitch -p0 1 - +--------------------------------------+-------+-----------+-------+--------+... - | uuid | log_c | processor | phy_c | thread |... - | | ore | | ore | |... - +--------------------------------------+-------+-----------+-------+--------+... - | a3b5620c-28b1-4fe0-9e97-82950d8582c2 | 0 | 0 | 0 | 0 |... - | f2e91c2b-bfc5-4f2a-9434-bceb7e5722c3 | 1 | 0 | 1 | 0 |... - | 18a98743-fdc4-4c0c-990f-3c1cb2df8cb3 | 2 | 0 | 2 | 0 |... - | 690d25d2-4f99-4ba1-a9ba-0484eec21cc7 | 3 | 0 | 3 | 0 |... - +--------------------------------------+-------+-----------+-------+--------+... - -************************************** -Provisioning storage on a compute host -************************************** - -Follow these steps: - -#. Review the available disk space and capacity and then obtain the uuid(s) of - the physical disk(s) to be used for nova local: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-list compute-0 - +--------------------------------------+-----------+---------+---------+-------+------------+... - | uuid | device_no | device_ | device_ | size_ | available_ |... - | | de | num | type | gib | gib |... - +--------------------------------------+-----------+---------+---------+-------+------------+... - | 8a9d2c09-d3a7-4781-bd06-f7abf603713a | /dev/sda | 2048 | HDD | 200.0 | 172.164 |... - | 5ad61bd1-795a-4a76-96ce-39433ef55ca5 | /dev/sdb | 2064 | HDD | 200.0 | 199.997 |... - +--------------------------------------+-----------+---------+---------+-------+------------+... - -#. Use the following command to create the 'nova-local' local volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-lvg-add compute-0 nova-local - +-----------------+-------------------------------------------------------------------+ - | Property | Value | - +-----------------+-------------------------------------------------------------------+ - | lvm_vg_name | nova-local | - | vg_state | adding | - | uuid | 18898640-c8b7-4bbd-a323-4bf3e35fee4d | - | ihost_uuid | da1cbe93-cec5-4f64-b211-b277e4860ab3 | - | lvm_vg_access | None | - | lvm_max_lv | 0 | - | lvm_cur_lv | 0 | - | lvm_max_pv | 0 | - | lvm_cur_pv | 0 | - | lvm_vg_size_gib | 0.00 | - | lvm_vg_total_pe | 0 | - | lvm_vg_free_pe | 0 | - | created_at | 2018-08-22T08:00:51.945160+00:00 | - | updated_at | None | - | parameters | {u'concurrent_disk_operations': 2, u'instance_backing': u'image'} | - +-----------------+-------------------------------------------------------------------+ - -#. Use the following command to create a disk partition to add to the volume - group based on the uuid of the physical disk: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-pv-add compute-0 nova-local 5ad61bd1-795a-4a76-96ce-39433ef55ca5 - +--------------------------+--------------------------------------------+ - | Property | Value | - +--------------------------+--------------------------------------------+ - | uuid | 4c81745b-286a-4850-ba10-305e19cee78c | - | pv_state | adding | - | pv_type | disk | - | disk_or_part_uuid | 5ad61bd1-795a-4a76-96ce-39433ef55ca5 | - | disk_or_part_device_node | /dev/sdb | - | disk_or_part_device_path | /dev/disk/by-path/pci-0000:00:03.0-ata-2.0 | - | lvm_pv_name | /dev/sdb | - | lvm_vg_name | nova-local | - | lvm_pv_uuid | None | - | lvm_pv_size_gib | 0.0 | - | lvm_pe_total | 0 | - | lvm_pe_alloced | 0 | - | ihost_uuid | da1cbe93-cec5-4f64-b211-b277e4860ab3 | - | created_at | 2018-08-22T08:07:14.205690+00:00 | - | updated_at | None | - +--------------------------+--------------------------------------------+ - -#. Specify the local storage space as local copy-on-write image volumes in - nova-local: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-lvg-modify -b image -s 10240 compute-0 nova-local - +-----------------+-------------------------------------------------------------------+ - | Property | Value | - +-----------------+-------------------------------------------------------------------+ - | lvm_vg_name | nova-local | - | vg_state | adding | - | uuid | 18898640-c8b7-4bbd-a323-4bf3e35fee4d | - | ihost_uuid | da1cbe93-cec5-4f64-b211-b277e4860ab3 | - | lvm_vg_access | None | - | lvm_max_lv | 0 | - | lvm_cur_lv | 0 | - | lvm_max_pv | 0 | - | lvm_cur_pv | 0 | - | lvm_vg_size_gib | 0.00 | - | lvm_vg_total_pe | 0 | - | lvm_vg_free_pe | 0 | - | created_at | 2018-08-22T08:00:51.945160+00:00 | - | updated_at | None | - | parameters | {u'concurrent_disk_operations': 2, u'instance_backing': u'image'} | - +-----------------+-------------------------------------------------------------------+ - -************************ -Unlocking a compute host -************************ - -On controller-0, use the system host-unlock command to unlock -the compute node: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-unlock compute-0 - -Wait while the compute node reboots. It might take up to 10 minutes -for the reboot to complete depending on the hardware. Once the host -reboots, its availability state becomes "in-test", which is -followed by "unlocked/enabled". - -------------------- -System health check -------------------- - -*********************** -Listing StarlingX nodes -*********************** - -On controller-0, use the system host-list command to view the nodes. -Eventually, all nodes are reported as unlocked, enabled, and available: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-1 | controller | unlocked | enabled | available | - | 3 | compute-0 | compute | unlocked | enabled | available | - | 4 | compute-1 | compute | unlocked | enabled | available | - +----+--------------+-------------+----------------+-------------+--------------+ - -***************** -System alarm-list -***************** - -When all nodes are unlocked, enabled and available: check 'fm alarm-list' for -issues. - -Your StarlingX deployment is now up and running with 2x HA controllers with -Cinder storage, 2x computes, and all OpenStack services up and running. You can -now proceed with standard OpenStack APIs, CLIs and/or Horizon to load Glance -images, configure Nova Flavors, configure Neutron networks, and launch Nova -virtual machines. - ----------------------- -Deployment terminology ----------------------- - -.. include:: deployment_terminology.rst - :start-after: incl-standard-controller-deployment-terminology: - :end-before: incl-standard-controller-deployment-terminology-end: - -.. include:: deployment_terminology.rst - :start-after: incl-common-deployment-terminology: - :end-before: incl-common-deployment-terminology-end: diff --git a/doc/source/deploy_install_guides/r1_release/dedicated_storage.rst b/doc/source/deploy_install_guides/r1_release/dedicated_storage.rst deleted file mode 100644 index 565266a6a..000000000 --- a/doc/source/deploy_install_guides/r1_release/dedicated_storage.rst +++ /dev/null @@ -1,918 +0,0 @@ -====================== -Dedicated storage R1.0 -====================== - -.. contents:: - :local: - :depth: 1 - -**NOTE:** The instructions to setup a StarlingX Cloud with Dedicated -Storage with containerized openstack services in this guide -are under development. -For approved instructions, see the -`StarlingX Cloud with Dedicated Storage wiki page `__. - ----------------------- -Deployment description ----------------------- - -Cloud with Dedicated Storage is the standard StarlingX deployment option with -independent controller, compute, and storage nodes. - -This deployment option provides the maximum capacity for a single region -deployment, with a supported growth path to a multi-region deployment option by -adding a secondary region. - -.. figure:: figures/starlingx-deployment-options-dedicated-storage.png - :scale: 50% - :alt: Dedicated Storage deployment configuration - - *Dedicated Storage deployment configuration* - -Cloud with Dedicated Storage includes: - -- 2x node HA controller cluster with HA services running across the controller - nodes in either active/active or active/standby mode. -- Pool of up to 100 compute nodes for hosting virtual machines and virtual - networks. -- 2-9x node HA Ceph storage cluster for hosting virtual volumes, images, and - object storage that supports a replication factor of 2 or 3. - - Storage nodes are deployed in replication groups of 2 or 3. Replication - of objects is done strictly within the replication group. - - Supports up to 4 groups of 2x storage nodes, or up to 3 groups of 3x storage - nodes. - ------------------------------------ -Preparing dedicated storage servers ------------------------------------ - -********** -Bare metal -********** - -Required Servers: - -- Controllers: 2 -- Storage - - - Replication factor of 2: 2 - 8 - - Replication factor of 3: 3 - 9 - -- Computes: 2 - 100 - -^^^^^^^^^^^^^^^^^^^^^ -Hardware requirements -^^^^^^^^^^^^^^^^^^^^^ - -The recommended minimum requirements for the physical servers where -Dedicated Storage will be deployed, include: - -- Minimum processor: - - - Dual-CPU Intel® Xeon® E5 26xx family (SandyBridge) 8 cores/socket - -- Memory: - - - 64 GB controller, storage - - 32 GB compute - -- BIOS: - - - Hyper-Threading technology: Enabled - - Virtualization technology: Enabled - - VT for directed I/O: Enabled - - CPU power and performance policy: Performance - - CPU C state control: Disabled - - Plug & play BMC detection: Disabled - -- Primary disk: - - - 500 GB SSD or NVMe controller - - 120 GB (min. 10K RPM) compute and storage - -- Additional disks: - - - 1 or more 500 GB disks (min. 10K RPM) storage, compute - -- Network ports\* - - - Management: 10GE controller, storage, compute - - OAM: 10GE controller - - Data: n x 10GE compute - -******************* -Virtual environment -******************* - -Run the libvirt qemu setup scripts. Setting up virtualized OAM and -management networks: - -:: - - $ bash setup_network.sh - -Building XML for definition of virtual servers: - -:: - - $ bash setup_configuration.sh -c dedicatedstorage -i - -The default XML server definitions that are created by the previous script -are: - -- dedicatedstorage-controller-0 -- dedicatedstorage-controller-1 -- dedicatedstorage-compute-0 -- dedicatedstorage-compute-1 -- dedicatedstorage-storage-0 -- dedicatedstorage-storage-1 - -^^^^^^^^^^^^^^^^^^^^^^^^^ -Power up a virtual server -^^^^^^^^^^^^^^^^^^^^^^^^^ - -To power up a virtual server, run the following command: - -:: - - $ sudo virsh start - -e.g. - -:: - - $ sudo virsh start dedicatedstorage-controller-0 - -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -Access virtual server consoles -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -The XML for virtual servers in stx-tools repo, deployment/libvirt, -provides both graphical and text consoles. - -Access the graphical console in virt-manager by right-click on the -domain (the server) and selecting "Open". - -Access the textual console with the command "virsh console $DOMAIN", -where DOMAIN is the name of the server shown in virsh. - -When booting the controller-0 for the first time, both the serial and -graphical consoles will present the initial configuration menu for the -cluster. One can select serial or graphical console for controller-0. -For the other nodes however only serial is used, regardless of which -option is selected. - -Open the graphic console on all servers before powering them on to -observe the boot device selection and PXI boot progress. Run "virsh -console $DOMAIN" command promptly after power on to see the initial boot -sequence which follows the boot device selection. One has a few seconds -to do this. - --------------------------------- -Installing the controller-0 host --------------------------------- - -Installing controller-0 involves initializing a host with software and -then applying a bootstrap configuration from the command line. The -configured bootstrapped host becomes controller-0. - -Procedure: - -#. Power on the server that will be controller-0 with the StarlingX ISO - on a USB in a bootable USB slot. -#. Configure the controller using the config_controller script. - -************************* -Initializing controller-0 -************************* - -This section describes how to initialize StarlingX in host controller-0. -Except where noted, all the commands must be executed from a console of -the host. - -Power on the host to be configured as controller-0, with the StarlingX -ISO on a USB in a bootable USB slot. Wait for the console to show the -StarlingX ISO booting options: - -- **Standard Controller Configuration** - - - When the installer is loaded and the installer welcome screen - appears in the controller-0 host, select the type of installation - "Standard Controller Configuration". - -- **Graphical Console** - - - Select the "Graphical Console" as the console to use during - installation. - -- **Standard Security Boot Profile** - - - Select "Standard Security Boot Profile" as the security profile. - -Monitor the initialization. When it is complete, a reboot is initiated -on the controller-0 host, briefly displays a GNU GRUB screen, and then -boots automatically into the StarlingX image. - -Log into controller-0 as user wrsroot, with password wrsroot. The -first time you log in as wrsroot, you are required to change your -password. Enter the current password (wrsroot): - -:: - - Changing password for wrsroot. - (current) UNIX Password: - -Enter a new password for the wrsroot account: - -:: - - New password: - -Enter the new password again to confirm it: - -:: - - Retype new password: - -controller-0 is initialized with StarlingX, and is ready for configuration. - -************************ -Configuring controller-0 -************************ - -This section describes how to perform the controller-0 configuration -interactively just to bootstrap system with minimum critical data. -Except where noted, all the commands must be executed from the console -of the active controller (here assumed to be controller-0). - -When run interactively, the config_controller script presents a series -of prompts for initial configuration of StarlingX: - -- For the virtual environment, you can accept all the default values - immediately after ‘system date and time’. -- For a physical deployment, answer the bootstrap configuration - questions with answers applicable to your particular physical setup. - -The script is used to configure the first controller in the StarlingX -cluster as controller-0. The prompts are grouped by configuration -area. To start the script interactively, use the following command -with no parameters: - -:: - - controller-0:~$ sudo config_controller - System Configuration - ================ - Enter ! at any prompt to abort... - ... - -Accept all the default values immediately after ‘system date and time’: - -:: - - ... - Applying configuration (this will take several minutes): - - 01/08: Creating bootstrap configuration ... DONE - 02/08: Applying bootstrap manifest ... DONE - 03/08: Persisting local configuration ... DONE - 04/08: Populating initial system inventory ... DONE - 05:08: Creating system configuration ... DONE - 06:08: Applying controller manifest ... DONE - 07:08: Finalize controller configuration ... DONE - 08:08: Waiting for service activation ... DONE - - Configuration was applied - - Please complete any out of service commissioning steps with system commands and unlock controller to proceed. - -After config_controller bootstrap configuration, REST API, CLI and -Horizon interfaces are enabled on the controller-0 OAM IP address. The -remaining installation instructions will use the CLI. - ------------------------------------- -Provisioning controller-0 and system ------------------------------------- - -On controller-0, acquire Keystone administrative privileges: - -:: - - controller-0:~$ source /etc/nova/openrc - -********************************************* -Configuring provider networks at installation -********************************************* - -You must set up provider networks at installation so that you can attach -data interfaces and unlock the compute nodes. - -Set up one provider network of the vlan type, named providernet-a: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ neutron providernet-create providernet-a --type=vlan - [wrsroot@controller-0 ~(keystone_admin)]$ neutron providernet-range-create --name providernet-a-range1 --range 100-400 providernet-a - -********************************************* -Adding a Ceph storage backend at installation -********************************************* - -Add Ceph Storage backend: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system storage-backend-add ceph -s cinder,glance,swift,nova - - WARNING : THIS OPERATION IS NOT REVERSIBLE AND CANNOT BE CANCELLED. - - By confirming this operation, Ceph backend will be created. - A minimum of 2 storage nodes are required to complete the configuration. - Please set the 'confirmed' field to execute this operation for the ceph backend. - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system storage-backend-add ceph -s cinder,glance,swift,nova --confirmed - - System configuration has changed. - Please follow the administrator guide to complete configuring the system. - - +--------------------------------------+------------+---------+-------------+--------------------+----------+... - | uuid | name | backend | state | task | services |... - +--------------------------------------+------------+---------+-------------+--------------------+----------+... - | 48ddb10a-206c-42da-bb3f-f7160a356724 | ceph-store | ceph | configuring | applying-manifests | cinder, |... - | | | | | | glance, |... - | | | | | | swift |... - | | | | | | nova |... - | | | | | | |... - | 55f49f86-3e01-4d03-a014-42e1b55ba487 | file-store | file | configured | None | glance |... - +--------------------------------------+------------+---------+-------------+--------------------+----------+... - -Confirm Ceph storage is configured: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system storage-backend-list - +--------------------------------------+------------+---------+------------+-------------------+-----------+... - | uuid | name | backend | state | task | services |... - +--------------------------------------+------------+---------+------------+-------------------+-----------+... - | 48ddb10a-206c-42da-bb3f-f7160a356724 | ceph-store | ceph | configured | provision-storage | cinder, |... - | | | | | | glance, |... - | | | | | | swift |... - | | | | | | nova |... - | | | | | | |... - | 55f49f86-3e01-4d03-a014-42e1b55ba487 | file-store | file | configured | None | glance |... - +--------------------------------------+------------+---------+------------+-------------------+-----------+... - -********************** -Unlocking controller-0 -********************** - -You must unlock controller-0 so that you can use it to install the remaining -hosts. Use the system host-unlock command: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-unlock controller-0 - -The host is rebooted. During the reboot, the command line is unavailable, and -any ssh connections are dropped. To monitor the progress of the reboot, use the -controller-0 console. - -**************************************** -Verifying the controller-0 configuration -**************************************** - -On controller-0, acquire Keystone administrative privileges: - -:: - - controller-0:~$ source /etc/nova/openrc - -Verify that the StarlingX controller services are running: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system service-list - +-----+-------------------------------+--------------+----------------+ - | id | service_name | hostname | state | - +-----+-------------------------------+--------------+----------------+ - ... - | 1 | oam-ip | controller-0 | enabled-active | - | 2 | management-ip | controller-0 | enabled-active | - ... - +-----+-------------------------------+--------------+----------------+ - -Verify that controller-0 is unlocked, enabled, and available: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - +----+--------------+-------------+----------------+-------------+--------------+ - -******************************* -Provisioning filesystem storage -******************************* - -List the controller file systems with status and current sizes: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system controllerfs-list - +--------------------------------------+-----------------+------+--------------------+------------+-------+ - | UUID | FS Name | Size | Logical Volume | Replicated | State | - | | | in | | | | - | | | GiB | | | | - +--------------------------------------+-----------------+------+--------------------+------------+-------+ - | 4e31c4ea-6970-4fc6-80ba-431fdcdae15f | backup | 5 | backup-lv | False | None | - | 6c689cd7-2bef-4755-a2fb-ddd9504692f3 | database | 5 | pgsql-lv | True | None | - | 44c7d520-9dbe-41be-ac6a-5d02e3833fd5 | extension | 1 | extension-lv | True | None | - | 809a5ed3-22c0-4385-9d1e-dd250f634a37 | glance | 8 | cgcs-lv | True | None | - | 9c94ef09-c474-425c-a8ba-264e82d9467e | gnocchi | 5 | gnocchi-lv | False | None | - | 895222b3-3ce5-486a-be79-9fe21b94c075 | img-conversions | 8 | img-conversions-lv | False | None | - | 5811713f-def2-420b-9edf-6680446cd379 | scratch | 8 | scratch-lv | False | None | - +--------------------------------------+-----------------+------+--------------------+------------+-------+ - -Modify filesystem sizes - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system controllerfs-modify backup=42 database=12 img-conversions=12 - -------------------------------------------------------- -Installing controller-1 / storage hosts / compute hosts -------------------------------------------------------- - -After initializing and configuring an active controller, you can add and -configure a backup controller and additional compute or storage hosts. -For each host do the following: - -***************** -Initializing host -***************** - -Power on Host. In host console you will see: - -:: - - Waiting for this node to be configured. - - Please configure the personality for this node from the - controller node in order to proceed. - -********************************** -Updating host name and personality -********************************** - -On controller-0, acquire Keystone administrative privileges: - -:: - - controller-0:~$ source /etc/nova/openrc - -Wait for controller-0 to discover new host, list the host until new -UNKNOWN host shows up in table: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | None | None | locked | disabled | offline | - +----+--------------+-------------+----------------+-------------+--------------+ - -Use the system host-add to update host personality attribute: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-add -n -p -m - -**REMARK:** use the Mac address for the specific network interface you -are going to be connected. e.g. OAM network interface for controller-1 -node, management network interface for compute and storage nodes. - -Check the **NIC** MAC address from "Virtual Manager GUI" under *"Show -virtual hardware details -*\ **i**\ *" Main Banner --> NIC: --> specific -"Bridge name:" under MAC address text field.* - -*************** -Monitoring host -*************** - -On controller-0, you can monitor the installation progress by running -the system host-show command for the host periodically. Progress is -shown in the install_state field. - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-show | grep install - | install_output | text | - | install_state | booting | - | install_state_info | None | - - -Wait while the host is configured and rebooted. Up to 20 minutes may be -required for a reboot, depending on hardware. When the reboot is -complete, the host is reported as locked, disabled, and online. - -************* -Listing hosts -************* - -Once all nodes have been installed, configured and rebooted, on -controller-0 list the hosts: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-1 | controller | locked | disabled | online | - | 3 | compute-0 | compute | locked | disabled | online | - | 4 | compute-1 | compute | locked | disabled | online | - | 5 | storage-0 | storage | locked | disabled | online | - | 6 | storage-1 | storage | locked | disabled | online | - +----+--------------+-------------+----------------+-------------+--------------+ - -------------------------- -Provisioning controller-1 -------------------------- - -On controller-0, list hosts: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - ... - | 2 | controller-1 | controller | locked | disabled | online | - ... - +----+--------------+-------------+----------------+-------------+--------------+ - -*********************************************** -Provisioning network interfaces on controller-1 -*********************************************** - -In order to list out hardware port names, types, PCI addresses that have -been discovered: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-port-list controller-1 - -Provision the OAM interface for controller-1: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-if-modify -n -c platform --networks oam controller-1 - -********************** -Unlocking controller-1 -********************** - -Unlock controller-1: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-unlock controller-1 - -Wait while the controller-1 is rebooted. Up to 10 minutes may be -required for a reboot, depending on hardware. - -**REMARK:** controller-1 will remain in degraded state until -data-syncing is complete. The duration is dependant on the -virtualization host's configuration - i.e., the number and configuration -of physical disks used to host the nodes' virtual disks. Also, the -management network is expected to have link capacity of 10000 (1000 is -not supported due to excessive data-sync time). Use 'fm alarm-list' to -confirm status. - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-1 | controller | unlocked | enabled | available | - ... - -------------------------- -Provisioning storage host -------------------------- - -************************************** -Provisioning storage on a storage host -************************************** - -Available physical disks in storage-N: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-list storage-0 - +--------------------------------------+-----------+---------+---------+-------+------------+--------------+... - | uuid | device_no | device_ | device_ | size_ | available_ | rpm |... - | | de | num | type | gib | gib | |... - +--------------------------------------+-----------+---------+---------+-------+------------+--------------+... - | a2bbfe1f-cf91-4d39-a2e8-a9785448aa56 | /dev/sda | 2048 | HDD | 292. | 0.0 | Undetermined |... - | | | | | 968 | | |... - | | | | | | | |... - | c7cc08e6-ff18-4229-a79d-a04187de7b8d | /dev/sdb | 2064 | HDD | 100.0 | 99.997 | Undetermined |... - | | | | | | | |... - | | | | | | | |... - | 1ece5d1b-5dcf-4e3c-9d10-ea83a19dd661 | /dev/sdc | 2080 | HDD | 4.0 | 3.997 |... - | | | | | | | |... - | | | | | | | |... - +--------------------------------------+-----------+---------+---------+-------+------------+--------------+... - -Available storage tiers in storage-N: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system storage-tier-list ceph_cluster - +--------------------------------------+---------+--------+--------------------------------------+ - | uuid | name | status | backend_using | - +--------------------------------------+---------+--------+--------------------------------------+ - | 4398d910-75e4-4e99-a57f-fc147fb87bdb | storage | in-use | 5131a848-25ea-4cd8-bbce-0d65c84183df | - +--------------------------------------+---------+--------+--------------------------------------+ - -Create a storage function (i.e. OSD) in storage-N. At least two unlocked and -enabled hosts with monitors are required. Candidates are: controller-0, -controller-1, and storage-0. - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-stor-add storage-0 c7cc08e6-ff18-4229-a79d-a04187de7b8d - +------------------+--------------------------------------------------+ - | Property | Value | - +------------------+--------------------------------------------------+ - | osdid | 0 | - | function | osd | - | journal_location | 34989bad-67fc-49ea-9e9c-38ca4be95fad | - | journal_size_gib | 1024 | - | journal_path | /dev/disk/by-path/pci-0000:00:0d.0-ata-2.0-part2 | - | journal_node | /dev/sdb2 | - | uuid | 34989bad-67fc-49ea-9e9c-38ca4be95fad | - | ihost_uuid | 4a5ed4fc-1d2b-4607-acf9-e50a3759c994 | - | idisk_uuid | c7cc08e6-ff18-4229-a79d-a04187de7b8d | - | tier_uuid | 4398d910-75e4-4e99-a57f-fc147fb87bdb | - | tier_name | storage | - | created_at | 2018-08-16T00:39:44.409448+00:00 | - | updated_at | 2018-08-16T00:40:07.626762+00:00 | - +------------------+--------------------------------------------------+ - -Create remaining available storage function (an OSD) in storage-N -based in the number of available physical disks. - -List the OSDs: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-stor-list storage-0 - +--------------------------------------+----------+-------+--------------+--------------------------------------+ - | uuid | function | osdid | capabilities | idisk_uuid | - +--------------------------------------+----------+-------+--------------+--------------------------------------+ - | 34989bad-67fc-49ea-9e9c-38ca4be95fad | osd | 0 | {} | c7cc08e6-ff18-4229-a79d-a04187de7b8d | - +--------------------------------------+----------+-------+--------------+--------------------------------------+ - -Unlock storage-N: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-unlock storage-0 - -**REMARK:** Before you continue, repeat Provisioning Storage steps on -remaining storage nodes. - ---------------------------- -Provisioning a compute host ---------------------------- - -You must configure the network interfaces and the storage disks on a -host before you can unlock it. For each compute host do the following: - -On controller-0, acquire Keystone administrative privileges: - -:: - - controller-0:~$ source /etc/nova/openrc - -************************************************* -Provisioning network interfaces on a compute host -************************************************* - -On controller-0, in order to list out hardware port names, types, -pci-addresses that have been discovered: - -- **Only in virtual environment**: Ensure that the interface used is - one of those attached to host bridge with model type "virtio" (i.e., - eth1000 and eth1001). The model type "e1000" emulated devices will - not work for provider networks. - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-port-list compute-0 - -Provision the data interface for compute: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-if-modify -p providernet-a -c data compute-0 eth1000 - -*************************** -VSwitch virtual environment -*************************** - -**Only in virtual environment**. If the compute has more than 4 CPUs, -the system will auto-configure the vswitch to use 2 cores. However some -virtual environments do not properly support multi-queue required in a -multi-CPU environment. Therefore run the following command to reduce the -vswitch cores to 1: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-cpu-modify compute-0 -f vswitch -p0 1 - +--------------------------------------+-------+-----------+-------+--------+... - | uuid | log_c | processor | phy_c | thread |... - | | ore | | ore | |... - +--------------------------------------+-------+-----------+-------+--------+... - | a3b5620c-28b1-4fe0-9e97-82950d8582c2 | 0 | 0 | 0 | 0 |... - | f2e91c2b-bfc5-4f2a-9434-bceb7e5722c3 | 1 | 0 | 1 | 0 |... - | 18a98743-fdc4-4c0c-990f-3c1cb2df8cb3 | 2 | 0 | 2 | 0 |... - | 690d25d2-4f99-4ba1-a9ba-0484eec21cc7 | 3 | 0 | 3 | 0 |... - +--------------------------------------+-------+-----------+-------+--------+... - -************************************** -Provisioning storage on a compute host -************************************** - -Review the available disk space and capacity and obtain the uuid(s) of -the physical disk(s) to be used for nova local: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-list compute-0 - +--------------------------------------+-----------+---------+---------+-------+------------+... - | uuid | device_no | device_ | device_ | size_ | available_ |... - | | de | num | type | gib | gib |... - +--------------------------------------+-----------+---------+---------+-------+------------+ - | 14e52a55-f6a7-40ad-a0b1-11c2c3b6e7e9 | /dev/sda | 2048 | HDD | 292. | 265.132 |... - | a639914b-23a9-4071-9f25-a5f1960846cc | /dev/sdb | 2064 | HDD | 100.0 | 99.997 |... - +--------------------------------------+-----------+---------+---------+-------+------------+... - -Create the 'nova-local' local volume group: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-lvg-add compute-0 nova-local - +-----------------+-------------------------------------------------------------------+ - | Property | Value | - +-----------------+-------------------------------------------------------------------+ - | lvm_vg_name | nova-local | - | vg_state | adding | - | uuid | 37f4c178-f0fe-422d-b66e-24ae057da674 | - | ihost_uuid | f56921a6-8784-45ac-bd72-c0372cd95964 | - | lvm_vg_access | None | - | lvm_max_lv | 0 | - | lvm_cur_lv | 0 | - | lvm_max_pv | 0 | - | lvm_cur_pv | 0 | - | lvm_vg_size_gib | 0.00 | - | lvm_vg_total_pe | 0 | - | lvm_vg_free_pe | 0 | - | created_at | 2018-08-16T00:57:46.340454+00:00 | - | updated_at | None | - | parameters | {u'concurrent_disk_operations': 2, u'instance_backing': u'image'} | - +-----------------+-------------------------------------------------------------------+ - -Create a disk partition to add to the volume group based on uuid of the -physical disk: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-pv-add compute-0 nova-local a639914b-23a9-4071-9f25-a5f1960846cc - +--------------------------+--------------------------------------------+ - | Property | Value | - +--------------------------+--------------------------------------------+ - | uuid | 56fdb63a-1078-4394-b1ce-9a0b3bff46dc | - | pv_state | adding | - | pv_type | disk | - | disk_or_part_uuid | a639914b-23a9-4071-9f25-a5f1960846cc | - | disk_or_part_device_node | /dev/sdb | - | disk_or_part_device_path | /dev/disk/by-path/pci-0000:00:0d.0-ata-2.0 | - | lvm_pv_name | /dev/sdb | - | lvm_vg_name | nova-local | - | lvm_pv_uuid | None | - | lvm_pv_size_gib | 0.0 | - | lvm_pe_total | 0 | - | lvm_pe_alloced | 0 | - | ihost_uuid | f56921a6-8784-45ac-bd72-c0372cd95964 | - | created_at | 2018-08-16T01:05:59.013257+00:00 | - | updated_at | None | - +--------------------------+--------------------------------------------+ - -Remote RAW Ceph storage backed will be used to back nova local ephemeral -volumes: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-lvg-modify -b remote compute-0 nova-local - -************************ -Unlocking a compute host -************************ - -On controller-0, use the system host-unlock command to unlock the -compute-N: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-unlock compute-0 - -Wait while the compute-N is rebooted. Up to 10 minutes may be required -for a reboot, depending on hardware. The host is rebooted, and its -availability state is reported as in-test, followed by unlocked/enabled. - -------------------- -System health check -------------------- - -*********************** -Listing StarlingX nodes -*********************** - -On controller-0, after a few minutes, all nodes shall be reported as -unlocked, enabled, and available: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-1 | controller | unlocked | enabled | available | - | 3 | compute-0 | compute | unlocked | enabled | available | - | 4 | compute-1 | compute | unlocked | enabled | available | - | 5 | storage-0 | storage | unlocked | enabled | available | - | 6 | storage-1 | storage | unlocked | enabled | available | - +----+--------------+-------------+----------------+-------------+--------------+ - -****************************** -Checking StarlingX Ceph health -****************************** - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ ceph -s - cluster e14ebfd6-5030-4592-91c3-7e6146b3c910 - health HEALTH_OK - monmap e1: 3 mons at {controller-0=192.168.204.3:6789/0,controller-1=192.168.204.4:6789/0,storage-0=192.168.204.204:6789/0} - election epoch 22, quorum 0,1,2 controller-0,controller-1,storage-0 - osdmap e84: 2 osds: 2 up, 2 in - flags sortbitwise,require_jewel_osds - pgmap v168: 1600 pgs, 5 pools, 0 bytes data, 0 objects - 87444 kB used, 197 GB / 197 GB avail - 1600 active+clean - controller-0:~$ - -***************** -System alarm list -***************** - -When all nodes are unlocked, enabled and available: check 'fm alarm-list' for -issues. - -Your StarlingX deployment is now up and running with 2x HA controllers with -Cinder storage, 1x compute, 3x storages and all OpenStack services up and -running. You can now proceed with standard OpenStack APIs, CLIs and/or Horizon -to load Glance images, configure Nova Flavors, configure Neutron networks and -launch Nova virtual machines. - ----------------------- -Deployment terminology ----------------------- - -.. include:: deployment_terminology.rst - :start-after: incl-standard-controller-deployment-terminology: - :end-before: incl-standard-controller-deployment-terminology-end: - -.. include:: deployment_terminology.rst - :start-after: incl-dedicated-storage-deployment-terminology: - :end-before: incl-dedicated-storage-deployment-terminology-end: - -.. include:: deployment_terminology.rst - :start-after: incl-common-deployment-terminology: - :end-before: incl-common-deployment-terminology-end: diff --git a/doc/source/deploy_install_guides/r1_release/deployment_terminology.rst b/doc/source/deploy_install_guides/r1_release/deployment_terminology.rst deleted file mode 100644 index 6d695ee73..000000000 --- a/doc/source/deploy_install_guides/r1_release/deployment_terminology.rst +++ /dev/null @@ -1,119 +0,0 @@ -.. _incl-simplex-deployment-terminology: - -**All-in-one controller node** - A single physical node that provides a controller function, compute - function, and storage function. - -.. _incl-simplex-deployment-terminology-end: - - -.. _incl-standard-controller-deployment-terminology: - -**Controller node / function** - A node that runs cloud control function for managing cloud resources. - - - Runs cloud control functions for managing cloud resources. - - Runs all OpenStack control functions (e.g. managing images, virtual - volumes, virtual network, and virtual machines). - - Can be part of a two-node HA control node cluster for running control - functions either active/active or active/standby. - -**Compute ( & network ) node / function** - A node that hosts applications in virtual machines using compute resources - such as CPU, memory, and disk. - - - Runs virtual switch for realizing virtual networks. - - Provides L3 routing and NET services. - -.. _incl-standard-controller-deployment-terminology-end: - - -.. _incl-dedicated-storage-deployment-terminology: - -**Storage node / function** - A node that contains a set of disks (e.g. SATA, SAS, SSD, and/or NVMe). - - - Runs CEPH distributed storage software. - - Part of an HA multi-node CEPH storage cluster supporting a replication - factor of two or three, journal caching, and class tiering. - - Provides HA persistent storage for images, virtual volumes - (i.e. block storage), and object storage. - -.. _incl-dedicated-storage-deployment-terminology-end: - -.. _incl-common-deployment-terminology: - -**OAM network** - The network on which all external StarlingX platform APIs are exposed, - (i.e. REST APIs, Horizon web server, SSH, and SNMP), typically 1GE. - - Only controller type nodes are required to be connected to the OAM - network. - -**Management network** - A private network (i.e. not connected externally), tipically 10GE, - used for the following: - - - Internal OpenStack / StarlingX monitoring and control. - - VM I/O access to a storage cluster. - - All nodes are required to be connected to the management network. - -**Data network(s)** - Networks on which the OpenStack / Neutron provider networks are realized - and become the VM tenant networks. - - Only compute type and all-in-one type nodes are required to be connected - to the data network(s). These node types require one or more interface(s) - on the data network(s). - -**IPMI network** - An optional network on which IPMI interfaces of all nodes are connected. - The network must be reachable using L3/IP from the controller's OAM - interfaces. - - You can optionally connect all node types to the IPMI network. - -**PXEBoot network** - An optional network for controllers to boot/install other nodes over the - network. - - By default, controllers use the management network for boot/install of other - nodes in the openstack cloud. If this optional network is used, all node - types are required to be connected to the PXEBoot network. - - A PXEBoot network is required for a variety of special case situations: - - - Cases where the management network must be IPv6: - - - IPv6 does not support PXEBoot. Therefore, IPv4 PXEBoot network must be - configured. - - - Cases where the management network must be VLAN tagged: - - - Most server's BIOS do not support PXEBooting over tagged networks. - Therefore, you must configure an untagged PXEBoot network. - - - Cases where a management network must be shared across regions but - individual regions' controllers want to only network boot/install nodes - of their own region: - - - You must configure separate, per-region PXEBoot networks. - -**Infra network** - A deprecated optional network that was historically used for access to the - storage cluster. - - If this optional network is used, all node types are required to be - connected to the INFRA network, - -**Node interfaces** - All nodes' network interfaces can, in general, optionally be either: - - - Untagged single port. - - Untagged two-port LAG and optionally split between redudant L2 switches - running vPC (Virtual Port-Channel), also known as multichassis - EtherChannel (MEC). - - VLAN on either single-port ETH interface or two-port LAG interface. - -.. _incl-common-deployment-terminology-end: diff --git a/doc/source/deploy_install_guides/r1_release/duplex.rst b/doc/source/deploy_install_guides/r1_release/duplex.rst deleted file mode 100644 index c5b06c1af..000000000 --- a/doc/source/deploy_install_guides/r1_release/duplex.rst +++ /dev/null @@ -1,1563 +0,0 @@ -====================== -All-in-one Duplex R1.0 -====================== - -.. contents:: - :local: - :depth: 1 - -**NOTE:** The instructions to setup a StarlingX All-in-One Duplex -(AIO-DX) with containerized openstack services in this guide -are under development. -For approved instructions, see the -`All in One Duplex Configuration wiki page `__. - ----------------------- -Deployment description ----------------------- - -***************** -All-In-One Duplex -***************** - -The All-In-One Duplex (AIO-DX) deployment option provides all three cloud -functions (controller, compute, and storage) on two physical servers. With cloud -technologies, multiple diverse application types can be deployed and -consolidated onto a protected pair of physical servers. For example: - -- Consolidate legacy applications that must run standalone on a server by - using multiple virtual machines. -- Consolidate legacy applications that run on different operating systems - or different distributions of operating systems by using multiple virtual - machines. - -.. figure:: figures/starlingx-deployment-options-duplex.png - :scale: 50% - :alt: All-In-One Duplex deployment configuration - - *All-In-One Duplex deployment configuration* - -This two node cluster enables the following: - -- High availability services running on the controller function across the - two physical servers in either active/active or active/standby mode. -- Storage function running on top of LVM on single second disk, DRBD-sync'd - between the servers. -- Virtual machines being scheduled on both compute functions. - -An All-In-One Duplex deployment provides protection against overall server -hardware fault. Should an overall server hardware fault occur: - -- All controller high availability services go active on remaining - healthy server. -- All virtual machines are recovered on the remaining healthy server. - -The All-In-One Duplex deployment solution is required for a variety of special -case situations. -Here are two examples: - -- Small amount of cloud processing/storage. -- Protection against overall server hardware faults. - -************************** -All-In-One Duplex extended -************************** - -The All-In-One Duplex Extended deployment option extends the capacity of the -All-In-One Duplex deployment by adding up to four compute nodes to the -deployment. The extended deployment option provides a capacity growth path for -someone starting with an All-In-One Duplex deployment. - -With this option, virtual machines can be scheduled on either of the -all-in-one controller nodes and/or the compute nodes. - -.. figure:: figures/starlingx-deployment-options-duplex-extended.png - :scale: 50% - :alt: All-In-One Duplex Extended Deployment Configuration - - *All-In-One Duplex Extended deployment configuration* - -This configuration is limited to four compute nodes as the controller function -on the all-in-one controllers has only a portion of the processing power of the -overall server. - ------------------------------------ -Preparing All-In-One Duplex servers ------------------------------------ - -********** -Bare metal -********** - -Required Servers: - -- Combined servers (controller + compute): 2 - -^^^^^^^^^^^^^^^^^^^^^ -Hardware requirements -^^^^^^^^^^^^^^^^^^^^^ - -The recommended minimum requirements for the physical servers where -All-In-One Duplex is deployed include the following: - -- Minimum processor: - - - Typical hardware form factor: - - - Dual-CPU Intel® Xeon® E5 26xx family (SandyBridge) 8 cores/socket - - Low cost / low power hardware form factor - - - Single-CPU Intel Xeon D-15xx family, 8 cores - -- Memory: 64 GB -- BIOS: - - - Hyper-Threading technology: Enabled - - Virtualization technology: Enabled - - VT for directed I/O: Enabled - - CPU power and performance policy: Performance - - CPU C state control: Disabled - - Plug & play BMC detection: Disabled - -- Primary disk: - - - 500 GB SSD or NVMe - -- Additional disks: - - - Zero or more 500 GB disks (min. 10K RPM) - -- Network ports: - - **NOTE:** The All-In-One Duplex configuration requires one or more data ports. - - - Management: 10GE - - OAM: 10GE - - Data: n x 10GE - -******************* -Virtual environment -******************* - -Run the libvirt QEMU setup scripts to set up virtualized OAM and -management networks: - -:: - - $ bash setup_network.sh - -Building XML for definition of virtual servers: - -:: - - $ bash setup_configuration.sh -c duplex -i - -The default XML server definitions that are created by the previous script -are: - -- duplex-controller-0 -- duplex-controller-1 - -^^^^^^^^^^^^^^^^^^^^^^^^^ -Power up a virtual server -^^^^^^^^^^^^^^^^^^^^^^^^^ - -To power up a virtual server, run the following command: - -:: - - $ sudo virsh start - -Here is an example: - -:: - - $ sudo virsh start duplex-controller-0 - -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -Access virtual server consoles -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -The XML for virtual servers in stx-tools repo, deployment/libvirt, -provides both graphical and text consoles. -Follow these steps to access virtual server consoles: - -#. Access the graphical console in virt-manager by right-clicking on the - domain (i.e. the server) and selecting "Open". - -#. Access the textual console using the command "virsh console $DOMAIN", - where DOMAIN is the name of the server shown in virsh. - -#. When booting the controller-0 for the first time, both the serial and - graphical consoles present the initial configuration menu for the - cluster. You can select the serial or graphical console for controller-0. - However, for the other nodes, you can only use the serial console - regardless of the selected option. - -#. Open the graphic console on all servers before powering them on to - observe the boot device selection and PXI boot progress. Run the "virsh - console $DOMAIN" command promptly after powering up to see the initial boot - sequence that follows the boot device selection. Only a few seconds exist - during which you can see the sequence. - --------------------------------- -Installing the controller-0 host --------------------------------- - -Installing controller-0 involves initializing a host with software and -then applying a bootstrap configuration from the command line. The -configured bootstrapped host becomes controller-0. - -Following is the general procedure: - -#. Be sure the StarlingX ISO is on a USB device and it is plugged into - the USB port of the server that will be controller-0 and then - power on the server. - -#. Configure the controller using the config_controller script. - -************************* -Initializing controller-0 -************************* - -This section describes how to initialize StarlingX in host controller-0. -Except where noted, all the commands must be executed from a console of -the host. - -#. Be sure the StarlingX ISO is on a USB device and it is plugged into - the USB port of the server that will be controller-0. - -#. Power on the server. - -#. Wait for the console to show the StarlingX ISO booting options: - - - **All-in-one Controller Configuration** - - - When the installer is loaded and the installer welcome screen - appears in the controller-0 host, select "All-in-one Controller Configuration" - for the type of installation. - - - **Graphical Console** - - - Select the "Graphical Console" as the console to use during - installation. - - - **Standard Security Boot Profile** - - - Select "Standard Security Boot Profile" as the Security Profile. - -#. Monitor the initialization. When the installation is complete, a reboot is initiated - on the controller-0 host. The GNU GRUB screen briefly displays and then - boots automatically into the StarlingX image. - -#. Log into controller-0 as user wrsroot and use wrsroot as the password. The - first time you log in as wrsroot, you are required to change your - password. Enter the current password (i.e. wrsroot): - - :: - - Changing password for wrsroot. - (current) UNIX Password: - -#. Enter a new password for the wrsroot account: - - :: - - New password: - -#. Enter the new password again to confirm it: - - :: - - Retype new password: - -#. The controller-0 is initialized with StarlingX and is ready for configuration. - -************************ -Configuring controller-0 -************************ - -This section describes how to interactively configure controller-0 -to bootstrap the system with minimal critical data. -Except where noted, you must execute all commands from the console -of the active controller (i.e. controller-0). - -When run interactively, the config_controller script presents a series -of prompts for initial configuration of StarlingX: - -- For the virtual environment, you can accept all the default values - immediately after "system date and time". -- For a physical deployment, answer the bootstrap configuration - questions with answers applicable to your particular physical setup. - -The script configures the first controller in the StarlingX -cluster as controller-0. The prompts are grouped by configuration -area. - -Follow this procedure to interactively configure controller-0: - -#. Start the script with no parameters: - - :: - - controller-0:~$ sudo config_controller - System Configuration - ================ - Enter ! at any prompt to abort... - ... - -#. Select [y] for System date and time: - - :: - - System date and time: - ----------------------------- - - Is the current date and time correct? [y/N]: y - -#. For System mode choose "duplex": - - :: - - System mode. Available options are: - - 1) duplex-direct: two node-redundant configuration. Management and - infrastructure networks are directly connected to peer ports - 2) duplex - two node redundant configuration - 3) simplex - single node non-redundant configuration - System mode [duplex-direct]: 2 - -#. After System date and time and System mode: - - :: - - Applying configuration (this will take several minutes): - - 01/08: Creating bootstrap configuration ... DONE - 02/08: Applying bootstrap manifest ... DONE - 03/08: Persisting local configuration ... DONE - 04/08: Populating initial system inventory ... DONE - 05:08: Creating system configuration ... DONE - 06:08: Applying controller manifest ... DONE - 07:08: Finalize controller configuration ... DONE - 08:08: Waiting for service activation ... DONE - - Configuration was applied - - Please complete any out of service commissioning steps with system commands and unlock controller to proceed. - -#. After config_controller bootstrap configuration, REST API, CLI and - Horizon interfaces are enabled on the controller-0 OAM IP address. The - remaining installation instructions use the CLI. - ----------------------------------- -Provisioning the controller-0 host ----------------------------------- - -On controller-0, acquire Keystone administrative privileges: - -:: - - controller-0:~$ source /etc/nova/openrc - -********************************************* -Configuring provider networks at installation -********************************************* - -Set up one provider network of the vlan type and name it providernet-a: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ neutron providernet-create providernet-a --type=vlan - [wrsroot@controller-0 ~(keystone_admin)]$ neutron providernet-range-create --name providernet-a-range1 --range 100-400 providernet-a - -***************************************** -Providing data interfaces on controller-0 -***************************************** - -Follow these steps: - -#. List all interfaces: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-if-list -a controller-0 - +--------------------------------------+---------+----------+...+------+--------------+------+---------+------------+.. - | uuid | name | class |...| vlan | ports | uses | used by | attributes |.. - | | | |...| id | | i/f | i/f | |.. - +--------------------------------------+---------+----------+...+------+--------------+------+---------+------------+.. - | 49fd8938-e76f-49f1-879e-83c431a9f1af | enp0s3 | platform |...| None | [u'enp0s3'] | [] | [] | MTU=1500 |.. - | 8957bb2c-fec3-4e5d-b4ed-78071f9f781c | eth1000 | None |...| None | [u'eth1000'] | [] | [] | MTU=1500 |.. - | bf6f4cad-1022-4dd7-962b-4d7c47d16d54 | eth1001 | None |...| None | [u'eth1001'] | [] | [] | MTU=1500 |.. - | f59b9469-7702-4b46-bad5-683b95f0a1cb | enp0s8 | platform |...| None | [u'enp0s8'] | [] | [] | MTU=1500 |.. - +--------------------------------------+---------+----------+...+------+--------------+------+---------+------------+.. - -#. Configure the data interfaces: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-if-modify -c data controller-0 eth1000 -p providernet-a - +------------------+--------------------------------------+ - | Property | Value | - +------------------+--------------------------------------+ - | ifname | eth1000 | - | iftype | ethernet | - | ports | [u'eth1000'] | - | providernetworks | providernet-a | - | imac | 08:00:27:c4:ad:3e | - | imtu | 1500 | - | ifclass | data | - | aemode | None | - | schedpolicy | None | - | txhashpolicy | None | - | uuid | 8957bb2c-fec3-4e5d-b4ed-78071f9f781c | - | ihost_uuid | 9c332b27-6f22-433b-bf51-396371ac4608 | - | vlan_id | None | - | uses | [] | - | used_by | [] | - | created_at | 2018-08-28T12:50:51.820151+00:00 | - | updated_at | 2018-08-28T14:46:18.333109+00:00 | - | sriov_numvfs | 0 | - | ipv4_mode | disabled | - | ipv6_mode | disabled | - | accelerated | [True] | - +------------------+--------------------------------------+ - -************************************* -Configuring Cinder on controller disk -************************************* - -Follow these steps: - -#. Review the available disk space and capacity and obtain the uuid of the - physical disk: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-list controller-0 - +--------------------------------------+-----------+---------+---------+---------+------------+... - | uuid | device_no | device_ | device_ | size_mi | available_ |... - | | de | num | type | b | mib |... - +--------------------------------------+-----------+---------+---------+---------+------------+... - | 6b42c9dc-f7c0-42f1-a410-6576f5f069f1 | /dev/sda | 2048 | HDD | 600000 | 434072 |... - | | | | | | |... - | | | | | | |... - | 534352d8-fec2-4ca5-bda7-0e0abe5a8e17 | /dev/sdb | 2064 | HDD | 16240 | 16237 |... - | | | | | | |... - | | | | | | |... - | 146195b2-f3d7-42f9-935d-057a53736929 | /dev/sdc | 2080 | HDD | 16240 | 16237 |... - | | | | | | |... - | | | | | | |... - +--------------------------------------+-----------+---------+---------+---------+------------+... - -#. Create the 'cinder-volumes' local volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-lvg-add controller-0 cinder-volumes - +-----------------+--------------------------------------+ - | lvm_vg_name | cinder-volumes | - | vg_state | adding | - | uuid | 61cb5cd2-171e-4ef7-8228-915d3560cdc3 | - | ihost_uuid | 9c332b27-6f22-433b-bf51-396371ac4608 | - | lvm_vg_access | None | - | lvm_max_lv | 0 | - | lvm_cur_lv | 0 | - | lvm_max_pv | 0 | - | lvm_cur_pv | 0 | - | lvm_vg_size | 0.00 | - | lvm_vg_total_pe | 0 | - | lvm_vg_free_pe | 0 | - | created_at | 2018-08-28T13:45:20.218905+00:00 | - | updated_at | None | - | parameters | {u'lvm_type': u'thin'} | - +-----------------+--------------------------------------+ - -#. Create a disk partition to add to the volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-partition-add controller-0 534352d8-fec2-4ca5-bda7-0e0abe5a8e17 16237 -t lvm_phys_vol - +-------------+--------------------------------------------------+ - | Property | Value | - +-------------+--------------------------------------------------+ - | device_path | /dev/disk/by-path/pci-0000:00:0d.0-ata-2.0-part1 | - | device_node | /dev/sdb1 | - | type_guid | ba5eba11-0000-1111-2222-000000000001 | - | type_name | None | - | start_mib | None | - | end_mib | None | - | size_mib | 16237 | - | uuid | 0494615f-bd79-4490-84b9-dcebbe5f377a | - | ihost_uuid | 9c332b27-6f22-433b-bf51-396371ac4608 | - | idisk_uuid | 534352d8-fec2-4ca5-bda7-0e0abe5a8e17 | - | ipv_uuid | None | - | status | Creating | - | created_at | 2018-08-28T13:45:48.512226+00:00 | - | updated_at | None | - +-------------+--------------------------------------------------+ - -#. Wait for the new partition to be created (i.e. status=Ready): - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-partition-list controller-0 --disk 534352d8-fec2-4ca5-bda7-0e0abe5a8e17 - +--------------------------------------+...+------------+...+---------------------+----------+--------+ - | uuid |...| device_nod |...| type_name | size_mib | status | - | |...| e |...| | | | - +--------------------------------------+...+------------+...+---------------------+----------+--------+ - | 0494615f-bd79-4490-84b9-dcebbe5f377a |...| /dev/sdb1 |...| LVM Physical Volume | 16237 | Ready | - | |...| |...| | | | - | |...| |...| | | | - +--------------------------------------+...+------------+...+---------------------+----------+--------+ - -#. Add the partition to the volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-pv-add controller-0 cinder-volumes 0494615f-bd79-4490-84b9-dcebbe5f377a - +--------------------------+--------------------------------------------------+ - | Property | Value | - +--------------------------+--------------------------------------------------+ - | uuid | 9a0ad568-0ace-4d57-9e03-e7a63f609cf2 | - | pv_state | adding | - | pv_type | partition | - | disk_or_part_uuid | 0494615f-bd79-4490-84b9-dcebbe5f377a | - | disk_or_part_device_node | /dev/sdb1 | - | disk_or_part_device_path | /dev/disk/by-path/pci-0000:00:0d.0-ata-2.0-part1 | - | lvm_pv_name | /dev/sdb1 | - | lvm_vg_name | cinder-volumes | - | lvm_pv_uuid | None | - | lvm_pv_size | 0 | - | lvm_pe_total | 0 | - | lvm_pe_alloced | 0 | - | ihost_uuid | 9c332b27-6f22-433b-bf51-396371ac4608 | - | created_at | 2018-08-28T13:47:39.450763+00:00 | - | updated_at | None | - +--------------------------+--------------------------------------------------+ - -********************************************* -Adding an LVM storage backend at installation -********************************************* - -Follow these steps: - -#. Ensure requirements are met to add LVM storage: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system storage-backend-add lvm -s cinder - - WARNING : THIS OPERATION IS NOT REVERSIBLE AND CANNOT BE CANCELLED. - - By confirming this operation, the LVM backend will be created. - - Please refer to the system admin guide for minimum spec for LVM - storage. Set the 'confirmed' field to execute this operation - for the lvm backend. - -#. Add the LVM storage backend: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system storage-backend-add lvm -s cinder --confirmed - - System configuration has changed. - Please follow the administrator guide to complete configuring the system. - - +--------------------------------------+------------+---------+-------------+...+----------+--------------+ - | uuid | name | backend | state |...| services | capabilities | - +--------------------------------------+------------+---------+-------------+...+----------+--------------+ - | 6d750a68-115a-4c26-adf4-58d6e358a00d | file-store | file | configured |...| glance | {} | - | e2697426-2d79-4a83-beb7-2eafa9ceaee5 | lvm-store | lvm | configuring |...| cinder | {} | - +--------------------------------------+------------+---------+-------------+...+----------+--------------+ - -#. Wait for the LVM storage backend to be configured (i.e. state=configured): - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system storage-backend-list - +--------------------------------------+------------+---------+------------+------+----------+--------------+ - | uuid | name | backend | state | task | services | capabilities | - +--------------------------------------+------------+---------+------------+------+----------+--------------+ - | 6d750a68-115a-4c26-adf4-58d6e358a00d | file-store | file | configured | None | glance | {} | - | e2697426-2d79-4a83-beb7-2eafa9ceaee5 | lvm-store | lvm | configured | None | cinder | {} | - +--------------------------------------+------------+---------+------------+------+----------+--------------+ - -*********************************************** -Configuring VM local storage on controller disk -*********************************************** - -Follow these steps: - -#. Review the available disk space and capacity and obtain the uuid of the - physical disk: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-list controller-0 - +--------------------------------------+-----------+---------+---------+---------+------------+... - | uuid | device_no | device_ | device_ | size_mi | available_ |... - | | de | num | type | b | mib |... - +--------------------------------------+-----------+---------+---------+---------+------------+... - | 6b42c9dc-f7c0-42f1-a410-6576f5f069f1 | /dev/sda | 2048 | HDD | 600000 | 434072 |... - | | | | | | |... - | | | | | | |... - | 534352d8-fec2-4ca5-bda7-0e0abe5a8e17 | /dev/sdb | 2064 | HDD | 16240 | 0 |... - | | | | | | |... - | | | | | | |... - | 146195b2-f3d7-42f9-935d-057a53736929 | /dev/sdc | 2080 | HDD | 16240 | 16237 |... - | | | | | | |... - | | | | | | |... - +--------------------------------------+-----------+---------+---------+---------+------------+... - -#. Create the 'noval-local' volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-lvg-add controller-0 nova-local - +-----------------+-------------------------------------------------------------------+ - | Property | Value | - +-----------------+-------------------------------------------------------------------+ - | lvm_vg_name | nova-local | - | vg_state | adding | - | uuid | 517d313e-8aa0-4b4d-92e6-774b9085f336 | - | ihost_uuid | 9c332b27-6f22-433b-bf51-396371ac4608 | - | lvm_vg_access | None | - | lvm_max_lv | 0 | - | lvm_cur_lv | 0 | - | lvm_max_pv | 0 | - | lvm_cur_pv | 0 | - | lvm_vg_size | 0.00 | - | lvm_vg_total_pe | 0 | - | lvm_vg_free_pe | 0 | - | created_at | 2018-08-28T14:02:58.486716+00:00 | - | updated_at | None | - | parameters | {u'concurrent_disk_operations': 2, u'instance_backing': u'image'} | - +-----------------+-------------------------------------------------------------------+ - -#. Create a disk partition to add to the volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-partition-add controller-0 146195b2-f3d7-42f9-935d-057a53736929 16237 -t lvm_phys_vol - +-------------+--------------------------------------------------+ - | Property | Value | - +-------------+--------------------------------------------------+ - | device_path | /dev/disk/by-path/pci-0000:00:0d.0-ata-3.0-part1 | - | device_node | /dev/sdc1 | - | type_guid | ba5eba11-0000-1111-2222-000000000001 | - | type_name | None | - | start_mib | None | - | end_mib | None | - | size_mib | 16237 | - | uuid | 009ce3b1-ed07-46e9-9560-9d2371676748 | - | ihost_uuid | 9c332b27-6f22-433b-bf51-396371ac4608 | - | idisk_uuid | 146195b2-f3d7-42f9-935d-057a53736929 | - | ipv_uuid | None | - | status | Creating | - | created_at | 2018-08-28T14:04:29.714030+00:00 | - | updated_at | None | - +-------------+--------------------------------------------------+ - -#. Wait for the new partition to be created (i.e. status=Ready): - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-partition-list controller-0 --disk 146195b2-f3d7-42f9-935d-057a53736929 - +--------------------------------------+...+------------+...+---------------------+----------+--------+ - | uuid |...| device_nod |...| type_name | size_mib | status | - | |...| e |...| | | | - +--------------------------------------+...+------------+...+---------------------+----------+--------+ - | 009ce3b1-ed07-46e9-9560-9d2371676748 |...| /dev/sdc1 |...| LVM Physical Volume | 16237 | Ready | - | |...| |...| | | | - | |...| |...| | | | - +--------------------------------------+...+------------+...+---------------------+----------+--------+ - -#. Add the partition to the volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-pv-add controller-0 nova-local 009ce3b1-ed07-46e9-9560-9d2371676748 - +--------------------------+--------------------------------------------------+ - | Property | Value | - +--------------------------+--------------------------------------------------+ - | uuid | 830c9dc8-c71a-4cb2-83be-c4d955ef4f6b | - | pv_state | adding | - | pv_type | partition | - | disk_or_part_uuid | 009ce3b1-ed07-46e9-9560-9d2371676748 | - | disk_or_part_device_node | /dev/sdc1 | - | disk_or_part_device_path | /dev/disk/by-path/pci-0000:00:0d.0-ata-3.0-part1 | - | lvm_pv_name | /dev/sdc1 | - | lvm_vg_name | nova-local | - | lvm_pv_uuid | None | - | lvm_pv_size | 0 | - | lvm_pe_total | 0 | - | lvm_pe_alloced | 0 | - | ihost_uuid | 9c332b27-6f22-433b-bf51-396371ac4608 | - | created_at | 2018-08-28T14:06:05.705546+00:00 | - | updated_at | None | - +--------------------------+--------------------------------------------------+ - -********************** -Unlocking controller-0 -********************** - -You must unlock controller-0 so that you can use it to install -controller-1. Use the system host-unlock command: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-unlock controller-0 - -The host is rebooted. During the reboot, the command line is -unavailable, and any ssh connections are dropped. To monitor the -progress of the reboot, use the controller-0 console. - -**************************************** -Verifying the controller-0 configuration -**************************************** - -Follow these steps: - -#. On controller-0, acquire Keystone administrative privileges: - - :: - - controller-0:~$ source /etc/nova/openrc - -#. Verify that the controller-0 services are running: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system service-list - +-----+-------------------------------+--------------+----------------+ - | id | service_name | hostname | state | - +-----+-------------------------------+--------------+----------------+ - ... - | 1 | oam-ip | controller-0 | enabled-active | - | 2 | management-ip | controller-0 | enabled-active | - ... - +-----+-------------------------------+--------------+----------------+ - -#. Verify that controller-0 has controller and compute subfunctions: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-show 1 | grep subfunctions - | subfunctions | controller,compute | - -#. Verify that controller-0 is unlocked, enabled, and available: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - +----+--------------+-------------+----------------+-------------+--------------+ - --------------------------------- -Installing the controller-1 host --------------------------------- - -After initializing and configuring controller-0, you can add and -configure a backup controller controller-1. - -****************************** -Initializing controller-1 host -****************************** - -Power on controller-1. In the controller-1 console you will see: - -:: - - Waiting for this node to be configured. - - Please configure the personality for this node from the - controller node in order to proceed. - -*************************************************** -Updating controller-1 host hostname and personality -*************************************************** - -Follow these steps: - -#. On controller-0, acquire Keystone administrative privileges: - - :: - - controller-0:~$ source /etc/nova/openrc - -#. Wait for controller-0 to discover new host. - List the host until a new UNKNOWN host appears in table: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | None | None | locked | disabled | offline | - +----+--------------+-------------+----------------+-------------+--------------+ - -#. Use the system host-update command to update the contoller-1 host personality - attribute: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-update 2 personality=controller hostname=controller-1 - +---------------------+--------------------------------------+ - | Property | Value | - +---------------------+--------------------------------------+ - | action | none | - | administrative | locked | - | availability | offline | - | bm_ip | None | - | bm_type | None | - | bm_username | None | - | boot_device | sda | - | capabilities | {} | - | config_applied | None | - | config_status | None | - | config_target | None | - | console | ttyS0,115200 | - | created_at | 2018-08-28T15:09:13.812906+00:00 | - | hostname | controller-1 | - | id | 2 | - | install_output | text | - | install_state | None | - | install_state_info | None | - | invprovision | None | - | location | {} | - | mgmt_ip | 192.168.204.4 | - | mgmt_mac | 08:00:27:3d:e2:66 | - | operational | disabled | - | personality | controller | - | reserved | False | - | rootfs_device | sda | - | serialid | None | - | software_load | 18.03 | - | subfunction_avail | not-installed | - | subfunction_oper | disabled | - | subfunctions | controller,compute | - | task | None | - | tboot | false | - | ttys_dcd | None | - | updated_at | None | - | uptime | 0 | - | uuid | be0f35f7-31d9-4145-bf6a-0c2556cf398c | - | vim_progress_status | None | - +---------------------+--------------------------------------+ - -**************************** -Monitoring controller-1 host -**************************** - -On controller-0, you can monitor the installation progress by running -the system host-show command for the host periodically. Progress appears -in the install_state field: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-show controller-1 | grep install - | install_output | text | - | install_state | booting | - | install_state_info | None | - -Wait while the controller-1 is configured and rebooted. -It might take up to 20 minutes for the reboot to complete depending -on the hardware. -When the reboot completes, controller-1 is reported as locked, disabled, and online. - -************************* -Listing controller-1 host -************************* - -Once controller-1 has been installed, configured, and rebooted, -list the hosts on controller-0: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-1 | controller | locked | disabled | online | - +----+--------------+-------------+----------------+-------------+--------------+ - ----------------------------------- -Provisioning the controller-1 host ----------------------------------- - -List the hosts on controller-0: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - ... - | 2 | controller-1 | controller | locked | disabled | online | - +----+--------------+-------------+----------------+-------------+--------------+ - -*********************************************** -Provisioning network interfaces on controller-1 -*********************************************** - -Follow these steps: - -#. Use the host-port-list command to list hardware port names, types, - and PCI addresses that have been discovered: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-port-list controller-1 - -#. Provision the controller-1 OAM interface: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-if-modify -n ens6 -c platform --networks oam controller-1 ens6 - +------------------+--------------------------------------+ - | Property | Value | - +------------------+--------------------------------------+ - | ifname | ens6 | - | iftype | ethernet | - | ports | [u'ens6'] | - | providernetworks | None | - | imac | 08:00:27:ba:3c:38 | - | imtu | 1500 | - | ifclass | oam | - | aemode | None | - | schedpolicy | None | - | txhashpolicy | None | - | uuid | 160bfede-0950-42ba-acef-d0eb31e7fc49 | - | ihost_uuid | be0f35f7-31d9-4145-bf6a-0c2556cf398c | - | vlan_id | None | - | uses | [] | - | used_by | [] | - | created_at | 2018-08-28T15:59:10.701772+00:00 | - | updated_at | 2018-08-29T05:44:38.585642+00:00 | - | sriov_numvfs | 0 | - | ipv4_mode | static | - | ipv6_mode | disabled | - | accelerated | [False] | - +------------------+--------------------------------------+ - -***************************************** -Providing data interfaces on controller-1 -***************************************** - -Follow these steps: - -#. List all interfaces: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-if-list -a controller-1 - +--------------------------------------+---------+---------+...+------+--------------+------+------+------------+.. - | uuid | name | network |...| vlan | ports | uses | used | attributes |.. - | | | type |...| id | | i/f | by | |.. - | | | |...| | | | i/f | |.. - +--------------------------------------+---------+---------+...+------+--------------+------+------+------------+.. - | 160bfede-0950-42ba-acef-d0eb31e7fc49 | ens6 | oam |...| None | [u'enp0s3'] | [] | [] | MTU=1500 |.. - | 37b3abcd-bcbe-44d5-b2fb-759c34efec89 | eth1001 | None |...| None | [u'eth1001'] | [] | [] | MTU=1500 |.. - | 81d66feb-b23c-4533-bd4b-129f9b75ecd6 | mgmt0 | mgmt |...| None | [u'enp0s8'] | [] | [] | MTU=1500 |.. - | e78ad9a9-e74d-4c6c-9de8-0e41aad8d7b7 | eth1000 | None |...| None | [u'eth1000'] | [] | [] | MTU=1500 |.. - +--------------------------------------+---------+---------+...+------+--------------+------+------+------------+.. - -#. Configure the data interfaces: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-if-modify -p providernet-a -c data controller-1 eth1000 - +------------------+--------------------------------------+ - | Property | Value | - +------------------+--------------------------------------+ - | ifname | eth1000 | - | networktype | data | - | iftype | ethernet | - | ports | [u'eth1000'] | - | providernetworks | providernet-a | - | imac | 08:00:27:39:61:6e | - | imtu | 1500 | - | aemode | None | - | schedpolicy | None | - | txhashpolicy | None | - | uuid | e78ad9a9-e74d-4c6c-9de8-0e41aad8d7b7 | - | ihost_uuid | be0f35f7-31d9-4145-bf6a-0c2556cf398c | - | vlan_id | None | - | uses | [] | - | used_by | [] | - | created_at | 2018-08-28T15:59:17.667899+00:00 | - | updated_at | 2018-08-29T06:04:55.116653+00:00 | - | sriov_numvfs | 0 | - | ipv4_mode | disabled | - | ipv6_mode | disabled | - | accelerated | [True] | - +------------------+--------------------------------------+ - -************************************ -Provisioning storage on controller-1 -************************************ - -Follow these steps: - -#. Review the available disk space and capacity and obtain the uuid of the - physical disk: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-list controller-1 - +--------------------------------------+-------------+------------+-------------+----------+---------------+... - | uuid | device_node | device_num | device_type | size_mib | available_mib |... - +--------------------------------------+-------------+------------+-------------+----------+---------------+... - | 2dcc3d33-ba43-4b5a-b0b0-2b5a2e5737b7 | /dev/sda | 2048 | HDD | 600000 | 434072 |... - | f53437c6-77e3-4185-9453-67eaa8b461b1 | /dev/sdb | 2064 | HDD | 16240 | 16237 |... - | 623bbfc0-2b38-432a-acf4-a28db6066cce | /dev/sdc | 2080 | HDD | 16240 | 16237 |... - +--------------------------------------+-------------+------------+-------------+----------+---------------+... - -#. Assign Cinder storage to the physical disk: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-lvg-add controller-1 cinder-volumes - +-----------------+--------------------------------------+ - | Property | Value | - +-----------------+--------------------------------------+ - | lvm_vg_name | cinder-volumes | - | vg_state | adding | - | uuid | 3ccadc5c-e4f7-4b04-8403-af5d2ecef96d | - | ihost_uuid | be0f35f7-31d9-4145-bf6a-0c2556cf398c | - | lvm_vg_access | None | - | lvm_max_lv | 0 | - | lvm_cur_lv | 0 | - | lvm_max_pv | 0 | - | lvm_cur_pv | 0 | - | lvm_vg_size | 0.00 | - | lvm_vg_total_pe | 0 | - | lvm_vg_free_pe | 0 | - | created_at | 2018-08-29T05:51:13.965883+00:00 | - | updated_at | None | - | parameters | {u'lvm_type': u'thin'} | - +-----------------+--------------------------------------+ - -#. Create a disk partition to add to the volume group based on the uuid of the - physical disk: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-partition-add controller-1 f53437c6-77e3-4185-9453-67eaa8b461b1 16237 -t lvm_phys_vol - +-------------+--------------------------------------------------+ - | Property | Value | - +-------------+--------------------------------------------------+ - | device_path | /dev/disk/by-path/pci-0000:00:0d.0-ata-2.0-part1 | - | device_node | /dev/sdb1 | - | type_guid | ba5eba11-0000-1111-2222-000000000001 | - | type_name | None | - | start_mib | None | - | end_mib | None | - | size_mib | 16237 | - | uuid | 7a41aab0-6695-4d16-9003-73238adda75b | - | ihost_uuid | be0f35f7-31d9-4145-bf6a-0c2556cf398c | - | idisk_uuid | f53437c6-77e3-4185-9453-67eaa8b461b1 | - | ipv_uuid | None | - | status | Creating (on unlock) | - | created_at | 2018-08-29T05:54:23.326612+00:00 | - | updated_at | None | - +-------------+--------------------------------------------------+ - -#. Wait for the new partition to be created (i.e. status=Ready): - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-partition-list controller-1 --disk f53437c6-77e3-4185-9453-67eaa8b461b1 - +--------------------------------------+...+-------------+...+-----------+----------+----------------------+ - | uuid |...| device_node |...| type_name | size_mib | status | - +--------------------------------------+...+-------------+...+-----------+----------+----------------------+ - | 7a41aab0-6695-4d16-9003-73238adda75b |...| /dev/sdb1 |...| None | 16237 | Creating (on unlock) | - +--------------------------------------+...+-------------+...+-----------+----------+----------------------+ - -#. Add the partition to the volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-pv-add controller-1 cinder-volumes 7a41aab0-6695-4d16-9003-73238adda75b - +--------------------------+--------------------------------------------------+ - | Property | Value | - +--------------------------+--------------------------------------------------+ - | uuid | 11628316-56ab-41b2-b2be-a5d72667a5e9 | - | pv_state | adding | - | pv_type | partition | - | disk_or_part_uuid | 7a41aab0-6695-4d16-9003-73238adda75b | - | disk_or_part_device_node | /dev/sdb1 | - | disk_or_part_device_path | /dev/disk/by-path/pci-0000:00:0d.0-ata-2.0-part1 | - | lvm_pv_name | /dev/sdb1 | - | lvm_vg_name | cinder-volumes | - | lvm_pv_uuid | None | - | lvm_pv_size | 0 | - | lvm_pe_total | 0 | - | lvm_pe_alloced | 0 | - | ihost_uuid | be0f35f7-31d9-4145-bf6a-0c2556cf398c | - | created_at | 2018-08-29T06:25:54.550430+00:00 | - | updated_at | None | - +--------------------------+--------------------------------------------------+ - -*********************************************** -Configuring VM local storage on controller disk -*********************************************** - -Follow these steps: - -#. Review the available disk space and capacity and obtain the uuid of the - physical disk: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-list controller-1 - +--------------------------------------+-------------+------------+-------------+----------+---------------+... - | uuid | device_node | device_num | device_type | size_mib | available_mib |... - +--------------------------------------+-------------+------------+-------------+----------+---------------+... - | 2dcc3d33-ba43-4b5a-b0b0-2b5a2e5737b7 | /dev/sda | 2048 | HDD | 600000 | 434072 |... - | f53437c6-77e3-4185-9453-67eaa8b461b1 | /dev/sdb | 2064 | HDD | 16240 | 16237 |... - | 623bbfc0-2b38-432a-acf4-a28db6066cce | /dev/sdc | 2080 | HDD | 16240 | 16237 |... - +--------------------------------------+-------------+------------+-------------+----------+---------------+... - -#. Create the 'cinder-volumes' local volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-lvg-add controller-1 nova-local - +-----------------+-------------------------------------------------------------------+ - | Property | Value | - +-----------------+-------------------------------------------------------------------+ - | lvm_vg_name | nova-local | - | vg_state | adding | - | uuid | d205f839-0930-4e77-9f10-97089150f812 | - | ihost_uuid | be0f35f7-31d9-4145-bf6a-0c2556cf398c | - | lvm_vg_access | None | - | lvm_max_lv | 0 | - | lvm_cur_lv | 0 | - | lvm_max_pv | 0 | - | lvm_cur_pv | 0 | - | lvm_vg_size | 0.00 | - | lvm_vg_total_pe | 0 | - | lvm_vg_free_pe | 0 | - | created_at | 2018-08-29T06:28:28.226907+00:00 | - | updated_at | None | - | parameters | {u'concurrent_disk_operations': 2, u'instance_backing': u'image'} | - +-----------------+-------------------------------------------------------------------+ - -#. Create a disk partition to add to the volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-partition-add controller-1 623bbfc0-2b38-432a-acf4-a28db6066cce 16237 -t lvm_phys_vol - +-------------+--------------------------------------------------+ - | Property | Value | - +-------------+--------------------------------------------------+ - | device_path | /dev/disk/by-path/pci-0000:00:0d.0-ata-3.0-part1 | - | device_node | /dev/sdc1 | - | type_guid | ba5eba11-0000-1111-2222-000000000001 | - | type_name | None | - | start_mib | None | - | end_mib | None | - | size_mib | 16237 | - | uuid | f7bc6095-9375-49fe-83c7-12601c202376 | - | ihost_uuid | be0f35f7-31d9-4145-bf6a-0c2556cf398c | - | idisk_uuid | 623bbfc0-2b38-432a-acf4-a28db6066cce | - | ipv_uuid | None | - | status | Creating (on unlock) | - | created_at | 2018-08-29T06:30:33.176428+00:00 | - | updated_at | None | - +-------------+--------------------------------------------------+ - -#. Wait for the new partition to be created (i.e. status=Ready): - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-partition-list controller-1 - +--------------------------------------+...+-------------+...+-----------+----------+----------------------+ - | uuid |...| device_node |...| type_name | size_mib | status | - +--------------------------------------+...+-------------+...+-----------+----------+----------------------+ - | 7a41aab0-6695-4d16-9003-73238adda75b |...| /dev/sdb1 |...| None | 16237 | Creating (on unlock) | - | f7bc6095-9375-49fe-83c7-12601c202376 |...| /dev/sdc1 |...| None | 16237 | Creating (on unlock) | - +--------------------------------------+...+-------------+...+-----------+----------+----------------------+ - -#. Add the partition to the volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-pv-add controller-1 nova-local f7bc6095-9375-49fe-83c7-12601c202376 - +--------------------------+--------------------------------------------------+ - | Property | Value | - +--------------------------+--------------------------------------------------+ - | uuid | 94003d64-4e1b-483a-8a6c-0fc4b1e0e272 | - | pv_state | adding | - | pv_type | partition | - | disk_or_part_uuid | f7bc6095-9375-49fe-83c7-12601c202376 | - | disk_or_part_device_node | /dev/sdc1 | - | disk_or_part_device_path | /dev/disk/by-path/pci-0000:00:0d.0-ata-3.0-part1 | - | lvm_pv_name | /dev/sdc1 | - | lvm_vg_name | nova-local | - | lvm_pv_uuid | None | - | lvm_pv_size | 0 | - | lvm_pe_total | 0 | - | lvm_pe_alloced | 0 | - | ihost_uuid | be0f35f7-31d9-4145-bf6a-0c2556cf398c | - | created_at | 2018-08-29T06:33:08.625604+00:00 | - | updated_at | None | - +--------------------------+--------------------------------------------------+ - -********************** -Unlocking controller-1 -********************** - -Follow these steps: - -#. Unlock controller-1: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-unlock controller-1 - -#. Wait while the controller-1 is rebooted. - It might take up to 10 minutes for the boot to complete depending - on the hardware. - - **NOTE:** controller-1 will remain in a degraded state until data-syncing - completes. The duration is dependant on the virtualization host's - configuration (i.e. the number and configuration of physical disks - used to host the nodes' virtual disks. Also, the management network is - expected to have link capacity of 10000. - Link capacity of 1000 is not supported due to excessive data-sync time. - Use 'fm alarm-list' to confirm status. - -#. List the hosts: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-1 | controller | unlocked | enabled | available | - +----+--------------+-------------+----------------+-------------+--------------+ - ------------------------------------ -Extending the compute node capacity ------------------------------------ - -You can add up to four compute nodes to the All-in-One Duplex deployment. - -************************** -Compute hosts installation -************************** - -After initializing and configuring the two controllers, you can add up -to four additional compute hosts. To add a host, do the following: - -^^^^^^^^^^^^^^^^^^^ -Initialize the host -^^^^^^^^^^^^^^^^^^^ - -Power on the host. The following appears in the host console: - -:: - - Waiting for this node to be configured. - - Please configure the personality for this node from the - controller node in order to proceed. - -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -Update the hostname and personality -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -Follow these steps: - -#. On controller-0, acquire Keystone administrative privileges: - - :: - - controller-0:~$ source /etc/nova/openrc - -#. Wait for the controller-0 to both discover the new host and to list that host - as UNKNOWN in the table: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | online | - | 2 | controller-1 | controller | unlocked | enabled | online | - | 3 | None | None | locked | disabled | offline | - +----+--------------+-------------+----------------+-------------+--------------+ - -#. Use the system host-update command to update the host personality attribute: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-update 3 personality=compute hostname=compute-0 - - **NOTE:** You can also see the 'system help host-update' for more information. - - Unless it is known that the host's configuration can support the - installation of more than one node, it is recommended that the - installation and configuration of each node be serialized. For example, - if the virtual disks for the entire cluster are hosted on the host's - root disk and that disk happens to be a single rotational type hard disk, - then the host cannot reliably support parallel node installation. - -^^^^^^^^^^^^ -Monitor host -^^^^^^^^^^^^ - -On controller-0, you can monitor the installation progress by periodically -running the system host-show command for the host. Progress appears -in the install_state field. - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-show | grep install - | install_output | text | - | install_state | booting | - | install_state_info | None | - -Wait while the host is installed, configured, and rebooted. -It might take up to 20 minutes for the boot to complete depending on the hardware. -When the reboot completes, the host is reported as locked, disabled, -and online. - -^^^^^^^^^^ -List hosts -^^^^^^^^^^ - -You can use the system host-list command to list the hosts once the node -has been installed, configured, and rebooted: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | online | - | 2 | controller-1 | controller | unlocked | enabled | online | - | 3 | compute-0 | compute | locked | disabled | online | - +----+--------------+-------------+----------------+-------------+--------------+ - -***************************** -Provisioning the compute host -***************************** - -You must configure the network interfaces and the storage disks on a -host before you can unlock it. For each compute host, do the following: - -On controller-0, acquire Keystone administrative privileges: - -:: - - controller-0:~$ source /etc/nova/openrc - -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -Provision network interfaces on a compute host -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -Follow these steps: - -#. In order to identify hardware port names, types, and discovered - pci-addresses on controller-0, list the host ports: - - - **Only in virtual environment**: Ensure that the interface used is - one of those attached to the host bridge with model type "virtio" (i.e. - eth1000 and eth1001). The model type "e1000" emulated devices will - not work for provider networks: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-port-list compute-0 - +--------------------------------------+---------+----------+--------------+... - | uuid | name | type | pci address |... - +--------------------------------------+---------+----------+--------------+... - | de9ec830-cf33-4a06-8985-cd3262f6ecd3 | enp2s1 | ethernet | 0000:02:01.0 |... - | 9def88fb-d871-4542-83e2-d4b6e35169a1 | enp2s2 | ethernet | 0000:02:02.0 |... - | b2e38da9-840f-446c-b466-ceb6479266f6 | eth1000 | ethernet | 0000:02:03.0 |... - | c1694675-643d-4ba7-b821-cd147450112e | eth1001 | ethernet | 0000:02:04.0 |... - +--------------------------------------+---------+----------+--------------+... - -#. Use the following command to provision the data interface for compute: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-if-modify -p providernet-a -c data compute-0 eth1000 - -^^^^^^^^^^^^^^^^^^^^^^^^^^^ -VSwitch virtual environment -^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -**Only in virtual environment**. If the compute node has more than four CPUs, -the system auto-configures the vswitch to use two cores. However, some virtual -environments do not properly support multi-queue, which is required in a -multi-CPU environment. Therefore, run the following command to reduce the -vswitch cores to one: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-cpu-modify compute-0 -f vswitch -p0 1 - +--------------------------------------+-------+-----------+-------+--------+... - | uuid | log_c | processor | phy_c | thread |... - +--------------------------------------+-------+-----------+-------+--------+... - | 9d53c015-8dd5-4cd8-9abb-6f231fa773c2 | 0 | 0 | 0 | 0 |... - | 8620eaa7-19af-4ef7-a5aa-690ed57f01c7 | 1 | 0 | 1 | 0 |... - | f26598a5-8029-4d20-999e-2ec5d532d62e | 2 | 0 | 2 | 0 |... - | f7b3ce4a-10da-485d-873c-4e6988f7e9cf | 3 | 0 | 3 | 0 |... - +--------------------------------------+-------+-----------+-------+--------+... - -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -Provision storage on a compute host -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -Follow these steps: - -#. Review the available disk space and capacity and then obtain the uuid(s) of - the physical disk(s) to be used for nova local: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-list compute-0 - +--------------------------------------+-----------+---------+---------+-------+------------+... - | uuid | device_no | device_ | device_ | size_ | available |... - | | de | num | type | gib | gib |... - +--------------------------------------+-----------+---------+---------+-------+------------+... - | 0ae45272-c9f4-4824-8405-f6c8946fda1e | /dev/sda | 2048 | HDD | 200.0 | 120.976 |... - | d751abfe-de57-4b23-b166-1d3d5b4d5ca6 | /dev/sdb | 2064 | HDD | 200.0 | 199.997 |... - +--------------------------------------+-----------+---------+---------+-------+------------+... - -#. Use the following command to create the 'nova-local' local volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-lvg-add compute-0 nova-local - +-----------------------+-------------------------------------------------------------------+ - | Property | Value | - +-----------------------+-------------------------------------------------------------------+ - | lvm_vg_name | nova-local | - | vg_state | adding | - | uuid | 78e84a57-c40e-438c-97a4-49ebec6394d1 | - | ihost_uuid | 6f2de9b6-c55c-47b0-b40e-aff47f1e1bda | - | lvm_vg_access | None | - | lvm_max_lv | 0 | - | lvm_cur_lv | 0 | - | lvm_max_pv | 0 | - | lvm_cur_pv | 0 | - | lvm_vg_size_gib | 0.0 | - | lvm_vg_avail_size_gib | 0.0 | - | lvm_vg_total_pe | 0 | - | lvm_vg_free_pe | 0 | - | created_at | 2019-01-15T12:31:45.796538+00:00 | - | updated_at | None | - | parameters | {u'concurrent_disk_operations': 2, u'instance_backing': u'image'} | - +-----------------------+-------------------------------------------------------------------+ - -#. Use the following command to create a disk partition to add to the volume - group based on the uuid of the physical disk: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-pv-add compute-0 nova-local d751abfe-de57-4b23-b166-1d3d5b4d5ca6 - +--------------------------+--------------------------------------------+ - | Property | Value | - +--------------------------+--------------------------------------------+ - | uuid | bba20f20-81fc-40a2-bf1e-a2fae849625b | - | pv_state | adding | - | pv_type | disk | - | disk_or_part_uuid | d751abfe-de57-4b23-b166-1d3d5b4d5ca6 | - | disk_or_part_device_node | /dev/sdb | - | disk_or_part_device_path | /dev/disk/by-path/pci-0000:00:1f.2-ata-2.0 | - | lvm_pv_name | /dev/sdb | - | lvm_vg_name | nova-local | - | lvm_pv_uuid | None | - | lvm_pv_size_gib | 0.0 | - | lvm_pe_total | 0 | - | lvm_pe_alloced | 0 | - | ihost_uuid | 6f2de9b6-c55c-47b0-b40e-aff47f1e1bda | - | created_at | 2019-01-15T12:32:40.535160+00:00 | - | updated_at | None | - +--------------------------+--------------------------------------------+ - -^^^^^^^^^^^^^^^^^^^^^ -Unlock a compute host -^^^^^^^^^^^^^^^^^^^^^ - -On controller-0, use the system host-unlock command to unlock the -compute node: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-unlock compute-0 - -Wait while the compute node is rebooted and re-configured. -It might take up to 10 minutes for the reboot to complete depending -on the hardware. -Once the reboot is complete, the nodes availability state appears in the -"in-test" field and is followed by unlocked/enabled. - -------------------- -System health check -------------------- - -*********************** -Listing StarlingX nodes -*********************** - -On controller-0, after a few minutes, all nodes are reported as -unlocked, enabled, and available: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-1 | controller | unlocked | enabled | available | - | 3 | compute-0 | compute | unlocked | enabled | available | - +----+--------------+-------------+----------------+-------------+--------------+ - -***************** -System alarm list -***************** - -When all nodes are unlocked, enabled, and available, check 'fm alarm-list' for -issues. - -Your StarlingX deployment is now up and running with 2x HA controllers with -Cinder storage and all OpenStack services up and running. You can now proceed -with standard OpenStack APIs, CLIs and/or Horizon to load Glance images, -configure Nova Flavors, configure Neutron networks, and launch Nova virtual -machines. - ----------------------- -Deployment terminology ----------------------- - -.. include:: deployment_terminology.rst - :start-after: incl-simplex-deployment-terminology: - :end-before: incl-simplex-deployment-terminology-end: - -.. include:: deployment_terminology.rst - :start-after: incl-standard-controller-deployment-terminology: - :end-before: incl-standard-controller-deployment-terminology-end: - -.. include:: deployment_terminology.rst - :start-after: incl-common-deployment-terminology: - :end-before: incl-common-deployment-terminology-end: diff --git a/doc/source/deploy_install_guides/r1_release/figures/starlingx-deployment-options-controller-storage.png b/doc/source/deploy_install_guides/r1_release/figures/starlingx-deployment-options-controller-storage.png deleted file mode 100644 index c1d028acf02fcd8875993f847cb1c2aafadd7562..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 102760 zcmeFY_dA<^^gnKfnn9}e2t{kfs#PNutJLVUYOB3z?ODW@QneK=+N!N+?U~wpkJbt` zf><%Xx7YhKe)|3gpZmI8t|V7-KcDBE=Q)q_IFCD8Pe+}af`x*BfPh+41M!%E07One zK>UOp1ia(VnrZ?3BlLW%{(zu#fNcYKL1GJk1ScS=^Ijo{YdE;I_TcG`SQ1>$7`K; z*=J3qi{2jZvfnG%V0?2HjU2Cxc%c9H(ux9wBLB~Yrq73S{ofBO-`auy&u2)a5H}0S z|NRiEh5UbC{m&f#&rJV2D*k^%LcII@q+7{FaW|CK=@T)Hj5$x^%5715j-&FZN6-AX zYhD~yc{VPyV+{-kMT7QYFN9I{Z9xNriIWX$QsY)n{^=+BJw24E{Q}2OZKjpsx)qNq zE+>#kv|rx;j@QZo1pFXQV!+@|>P`c0K#+9Ye}2=nzwBbB%=@wLUnUivA6H?NA_mi< zY0%!j+NQ(r|77|QN)yRMuFjci!_Kb$vtw#2^uGE&blg{Wj+c*S zU7Ob~-dYAn!Ls(P#5L;0B!tHmZ;h)pobO;SUA)iKo>jL8#Scaw4rzetrkSXTP~HS8 zA%7C{GMf*Lo1alz^3mM@!D%&HB%>_XUJ?B6pT`Cr|2x&bd!$L?c90-u#{jGk<cfC$x z8=rZ_SwYphSV=3&2&@-hC}f(q&YUHftH}2vlU>6hX37)tULm13r?ZzlVoE@xG7;2S zmM36EZYC@}<>M@;1HO*oU|cDJR| z!aN@6OL(~QT515=MX~k*)~%FvsYkMPz?lBr@_~N#AlkpIoMRM5@;sa%f}mR4V4Aj_ z=<$NOa!ND*f_h8Gy;5lsN4DdU6Rs)SYy@z1MffB!@#N+}{h)~>-@KCYyM0OnQf%yo zki+)3-dp`rrvpx;#GZN6%L1J|2@QRj?}w$is_xlL=`_-5tl?@Pu(7&n>rXifb9b)6 z=&W~EGVA^WVry)FO#Wp3kyjaj>qz%Gp((pY`($kbZ{R{UE#d+=t=Zh>|IAVFXdtZV zhPjgJx%>jb27AlKXMdfwAXz*uX1!1Emq@^sb9m|QTT=89JF%)>87L94Q0(|t#=qFGqT%Q|LpJ%^Yl&=dm3{d?wNs$I_}*M z{R;s}bPavgYT-ym5#FQ-4C{fB}RsI_#_I+9ovQ2p(VdaLeAH^Y1& z%PR;O(d1QsL~s(~GtwqBJu)&|0vz(Ta?{D=1 zFEA1ZopnnQ`Y6PV>-!A&9~hIHa!w6a3`XzatYjYMrLuARIWgQypbuB4(&W#pR8UMF z#2or2MtpvWzFE(hQc$MlzTgv>1P9D|Y^UcOzQ|E(Xo79%LZTahlE0}&vKCHp$V+44&PRMJHET-Z5FB_{M;(T_p2B20IFDetgw2?sLQ)&GZERxz(OMK zOVTB)rFqK)o5;6)wzh0ZwaH~YaMYU5ETBR1QTnJKnOJWjxK+L4H;QJt^0?x&> zMxgXBR@{M$Ut0QT&U5go0d2vnVPg8QQ`krHgY9^3C^Q+|m^!J&nC@~;%|F2Md}UQC z#$Sv*Nh4mctf6w+B8olZ(Y2X?ad-mhZ@ES$#(7@zi-JGOA8XcUd7vZS`(a87 z|MFWNd9X$7HmplKTfn+8rBM@}vk&kX+$`r=mVMxUT7|Go7v#**GpGPYB6E3^m7FXyeYGRR_54&g_zFWc2)F`;xenH*)*B4MM!NACY9Rm zM?>U44T|h;C4cN+@pxYTQtZX*f%14#jlxT7qimvdbcVro zj0|L4F>h>!a~D4&nY*4X&d@!bWs*iy!J8c=+|0dAeMeJ}q6W2Jtb*9~Q&4 zL+>c7qbe0F5fiAxT04H{mipiI;}HWQ(8{^pUp?flC;clGYxT$yG8Pg~iinwY&F;hp z3xdH?-zUz#H^`21smhlSZ;IO)h$tEO(#pJRDkZ^)`Gss7Tc z#5Cx8vApg?5r5n*RA~qur`XNrvdf?tboDS-8joeh2a6kqyhFpIoZnZw zp?;rLMXT4n?-ko}M&DN;D44v3rS%LsS+rHw*~?%+<_AT9eU$BGA&+zYX35>$BslIUU#f{DE0!#(6}gkj&le76g zZ(QbLgYQr{NA>dJ@zw zo|&_snuGUl1rJY~{`+|tdxJE7-8-+92l_Z_QRbayAz@5D)}eqvfV_&W0?u2+_nAIh zX91UUEct8ar=y&xjBY;9Zy24GS}P9)yUtCZGwLPq&O;WZK|d_2q%1c0JYMCIYJZAc zG<@Vo_ZzScAw*E~Yj3Rd4alu6Uyg@^iR1-TJ)GZ+=av}lt;3bXD;L0es``RT{GR$- zZOB+wn2{G4W%G7%{ajJ4-7hHW2KZQ@vbMJ5Jq#?M?WWUN{j>%riiiT>6EZj3JAngq3~5^m1UeMeMuf>(j}VeFJv zcAJoDWR%kRUsflES@e&XKB5@1tl)3yAhDOJoglgmDDUgEe8@@E;hzM1GYwFII&(7? zx~Zvc)d5l4J5%Uu$xj*{M|}hG`Rxw-^UJ+ACISaI*50j~76iNUv7kr7*@9~L&c=MZ zUN)mo{&rw(W_pfy?DV^JE&FLiuRhSbQPEJ)t-h|@KAK21q>rcwJf4>(m8!|h$oiH+ z3au>OWz`<(_I8?b^D=FRxkfndY4wj!D@u06evSDT|Aacfd!;5LFuEdXQj*o zt%}?PH-9;}EMq3RA7u#UA-;x5h(hYfK<$@r-ILxx`a5x6b3D?ME4R{hCCQCQY~Rb` zm!U{a^ZcOYMhXNYDN$B~I*9_;iK%?PGGc<^9Y594%mp!w1V&kBDw|?_{c~%i|CGcO zxY!RJj%EMI%GKI2A^T`qNQ7Inobknklrhj)>NO6yRzMLxNd8e2Qac$&>d;uW{$7<{ zwE?I#P-vw9xVg)2$|y?Ch>h zL6fT1!YQNac`(u~yZ@MjUZMiK4IksKE^SqW(-yfAYNG%SW6?5hRTh0+4Mi!1A=gX;IzGwDigBgjgl>(nfQGGKRGeLsobN5SuE{4i z$;K}+==~Nnq00|QghKNbw33C1IE}#fUHG)!yZ<PNod4l6*6LV%KsRSI2~C9e&3T}bV zRxM*t)Yd4E9wL>s^u}Clh$E2-rz!$QiQ9OqVFWa-iHBx4uRBCk&AT^U7O!awcOWPr ztuTde*Dfl)3|JQyf)Z&T3(#c1q)^Bu z^zWOKcgPjDWZqI*ZNTTfH%7@+Mfubi?U`b(H>I76?nXTcjn$3>wIVxAmURFl-9BJR z&?gxX6R8YdU4 zvlZL;6HejtHv9*HuUuc^tQ?2M>YwY*hg4{{m3W{9`S5ZIF+?;g z?SLTU_Umbz4{NEl4K_wE4p^J_So?p>y37V#;&QQ~HQY>`ZyJ`_M?G>+I`~fq2X0+g zotf0@2KmBP4Kw3d=4^_~n3Ozj#0I`Ny0Ij~@p{TaONxc}i094WhYflj^13^ZnMm>& zbY$}C*D@SWwPG}0AT#sCFkk-LT8Wa_Hiq-Ol~Z!@bfWfjFa})=oYV(%K3*JA0xts( z#|0yzExz82{N(^1((=bP9xvE&j#anQ$V*Dkxv5-b&#Q);2a-#;Cj-C}&4ymJBSN`^ za--i|-4^xLyt?jR0Td*<&UR`HunTwi7GGsLXW$0p%kXm;#Yy0tr~%daX8w9Ngb0U# zoEX;n1Etlzw5DMy-nXTg$W-0Ny)G6+s5*Jg*9gw`k;hyk-K&4`9d@w>Yl_G9gCl7q zEF`11*W?>|U+z4X0(oQy?El`77l2kpvBr%ub0NZ74=cw8c{G)YJ zg6vw_(=-U`2oG>YjgNP2X+{M0)%A0+cNQn@W9_$>BpRbDu6>~)ueVsY?d+Oq>GIF} znl$<5`(}OYiS8rWumZg5KRYl)Py5dU74A@bVvT>jZ=3lRYE4c2Ha>4i^yUZ0&uOFm zMN40SQ+U8bDx9Z7{}ib6rxfi1BLf+aDa;>!Jiojlb~q>lf|s<*M5=Ff`{*{6Ipi{L zK9R7=|L!9^5p~skb%8D7_=3OJRh$U#xEx%Ru)FHE^$hT3!~T_+63O|t{Q=(XGv%kr zz9tjL9e*HRO3Ew6?%qK+kSHL|7ht=eb2(fUJd&?;OcM=Ngw}tYf6PQ}A(zs&6^kM% ziCWA3ZS+w!iU7l{92}f%v({h%+F-a7dq5YM*)JIdDhKyC4|3e8!h8~r1oFEv<$*v> zGVxQao_SqrlZ$X~oWLnbKkEteyOiC-PX_xM_r*WvNb_U?^>ODvIldW_LqJULvvhm-)ncCW*ySE0g>k0%864W}Qlg z&$$aZ_BlwQTGn8_fRALBL3DqixMFn$2b-A?c+ytK+^e~j*QsMM+sUxvY>Ux#Wm5wh zJ~8s1wg64j1CDX7H0#`yO^!_?7p;;(9r^8)%QXdihr$Og;4#1Xj?GoMvU~LTM}8%< z#j{FVY%zhF{>vG{z2s;6w3mNqM=oc)Mjw46>@NPf+eUfzJ;sYQ$Q3`oD)*cb=b`Tw zw-IzgZT5*n(ZUqjC-2Nm!o9R=A2-B&lR9j#n3=>*cyhKO+mMyye8POfgIJ51mYRqz z{bm}Gmz;n+HHvljmnzMGxYzmToDZVmmXdoiqcrSZLvV?BGsIfxz|~Ch3Bt7rOd91L zo9j+IQgigxP_RAb*Rr0YZOW3{_j09Zc=?Q^=3b7)CVh!b?%0IFgz%L~PQitA(_TDl zI$?#bL*eg_-Yh?^qMX&MjnB^EXU)7y1K;K;;gJkyVhFCslrn1X8{{2p{HhWUYW1NKCr=YcZ65QkZ1?qWnRm#{f;WNks~GFW z5sO}8c(SlM=>p-y!j>}@1wF{sXjgcs!R)tSbZYDyt{l)_ZQI~&yd}m3dJANN*2HLb z=4C~3j62?m#Ei`_f8I8N2bzSNkD30fc@P+1vz0va^8@LXfmzJ{G7tWln6}CEb_sd6@RhKWG^j;l!6_c_StOEqfcCAQd9o6P= zIBZ*NzW&vK-_sm)n|YgD_@v063$7#@#d@^T$|?#IR-K@E9q69bM5@|0&@bkB7p$h6z2%0f@TYCT3^0 z#;3g1Y>;>&w7^jIKKB=6xcSs&nb;RN*zLZK>}tvyDlx#?fnRc`$pp0i2u!NiM?fJc z8)p&|5=F;c6JjOhD@tU@OMc+ULs}Q4$L2L71d#W_;RFxElN{Uqo-ne{@VN#*@5J6S z><3Qu*SzzKsu^__5=V7lV|)>gu!x|4w>ya3l?F{#Mph`jU`C1dfoRS3@{}^l#4ntw zc$uFo@3c;_5JL_*oa3OXz?$H#-{96B-Y1i~<+i$-F8DQ$t@nG`g|0;H0y=JW|G zXqF+9QH}iC1d8&~lw8uJ`>P&&)BMQ^ZwwkazN3Pq>Gp);+1+Ph_FIyfw4J#^ZH<=fCwk|klqiL zb)-_7Uxb^x4|9Q0`WDs9-t48UV);#Deyl{{T)Ka2%gz-% zFtW6skDCgNxCi?Vsuq4cRVIccWjBktDUNGi;|BZtBgbQK`fjB+r^#;SEqhBkR5TpP zh9kXS;RB4re6mdsw~7LSJDQe3&FAD3imvqG1d-dp#p#60EF|B)&pMQevO;wCd82tf zYwSbv|FoGz74&(g#hx)E`vkQaQjQzAKfeAHf?gUagon82)J9C4%_Q-k7r*uX1XJb? zZ(bgdFkytuL>~T48@dzf{fUh4O1IZXn3_nDVRbOiy^y76QF=!)zkCp@T|yS|N%Kdu zAc%0510$F?d#a6fp?z59EK%4L%U*2375eW)0~8GM!xKmRY>ndGy2 zW}~Oy=p-mj*E8whtnC1%nz;&@W++?j_B09SGP~NBka1nA$#AdKPI_BGJ9P{B$0AFX zPF8JC(Qom+S_@1Tlh?-@z)60veAa^9k>SZkSS#kOGc7t+GlmoF|Ijmpq*b@*gi5=9 zI4nigCK460vyXj4$@q;e9_vp8&$ZnZ<5o4_Pdg8+UmsVB|MJ8U1kW*!m{KoTGr*sz zDRiCZAZ*LvmMq9|zwFfR;H0Smj}FSSH&PFmLzl&Sf_?`p${kh>RngQO>(vGAc;;quBtChYf0CU^-`)|#{9G@Q?nbdm)cQu^iI`CO7*~kJ z8Rz?JyApWtNrmR)clHsYD8+%WYiUIeYA2s@ew8#%bFO2 z_Ocu0`eTHujp%t`XIj3pR}8pmcUIwHNt{~xL)(-?&Z6>%+%{=qdNFC%S#>^A4j@7| zA^vO!f#5-h?zClzfujPWIrbF5dUoN11GVlo-lRcS`>%m9jo2Ugq+ptQM`}5-c)wC; zP~r>07R*^V7R&?hS!P+npP$JM`1W1)eNfFHhE{601yU7c7!uU!SD-5^hCpy$D2XIa z#>rmcBiH5SadU71Yu{s^LbAXG`TMp8p)3LmADn3%X?qTlDC%LW#v{XqAIA&+u6iX2 zZGn)#{F-l>_LRZFi)RaOKELdc6Eks2!QH07hR2+Qn}*jgk$`!W_b=KsVvT5PHK~Y- z13{bZm&`@kB2^Qn;Nj6YF014DH)R=wQtwG`q6}NHP6t0fBdhEh!w}Xo&MYJyj=shR z4@7@crWQb~!!@bHDqqNTDb30h3-mj-2ZgH}Ug=YQgS;g>gxFr#6>a@aMEiH8@7pqk z1Gl;vsE(ftz*}^uEhfVYK$d4@jZHwCcWgYJw0}bT*vZzn%k9Y zt5WS0$0a;0)z0l|=WE#3wBl^tJSGcp%GoRMs&CtCuu?2ih~@lJz2R?-b}B039ywHl z)kdQji55a`j;&?7no1EroHmB9k%p}Z4ComQ)zNQo0N~4nvuDZbdy$uEIotF5B0vn0 zy9WGW#IU@r80tcASb*T$X_cHW&V?X5^b*JooZp%-t<^iI8PL2^6Y9N}+8w`a{G<1( z#xv_U^^BTY&K8H0lIF6@4Q$(cb>WaJ-Q!y#%LRSOD}7^K=ys)$PzgLKk)vF_0LY)b zNflc!JOb+VNY1`cS;3BkBbVn{U73r1ygDT93u=cqC+vgTjD`6lhN|vOVCIoyu zQ7k4`>^V(*Z15SJBPxMzAvee!(X+GqS!)3z)CTH&)7Hm8NQFK!u*nD;=(mK~6fc1( zeTD0ZNS8#zI1uLd9Zv7b-4_puPXDWdtnH*7Aim!=ZDjwGrT`x3Dz_D++rg5 zU_y;n8CbxQdpr<9`ttPeRcG}5tZ9v|^r^x;9P;!_t8B#lv#g|$<5WZf{?P>%jmNlE z&~|}`bz5=7>bcrGyCHX$ajuYnmjcza;!*n-dZkw%mv6DpJoxbH)x=Z`Q~LG_<@N1gDxj=)DWY=`dv+C>N&_)w9vv#yx;A zM&1Nsy@Gi{(C;zzzkaF$$dn_H8RF!q?G20Bt6d68t{gz{`oTN*5+7DSx-V8zdsZ9= z?2PvgosMDm$Xe0{DbQPBNmkO-CBV9$?UtSbIg z<}B>TKHbe?w%UH2dql8_J;F)C6`g=y;muRX8l|O z{;f|!(ry+ok-z|o3NKz0_*AD%(hkzX)pKDiakop1{Gn&@4_cX9`!+thK{_F3NDfoEf>6);`E=D#9}w*o5%nKAVEhOmryjGA1WewcN`U%_KKb}5-a^{G zpZR*Z^x@`NM|na&#Bb{S7TB(G-GBXX-*nY3H9H$H;K?H<8vtn@&M4kJ9yEF;=$GgS zPAOFNRm7BaKV>-QTf!I`clH>vuI?4JJTT(y++clr6 zAG7*Dfw`czeRyci7ET}#Q+5x4^G42`@1^Zbzd0!2x~0f_uyA{t)o!6H_P$(EC7#^N zqSs|_J=pp0D8Ju)IgtD^$MJKzM4Uc#n8k4cn9k6;jcv_uM@}UpKx$ zA-&=$Me4X-E}rza3COH}41b&x)Gsx8@BzHR0oVz4AVJjU9;p?BERp7o`JYtz^^V@Z zt*SwnprfkX!$rWiLj~ekyrwHlm@S>5$t!!Xo-+G;O{y?=f9ns@gD=bOL_YuJ+Af*i z!Npa`d~LM=XU+#GIR!~x6=%x?ZJ+JwD<9-vL3=q#_i*Jw?Flt zAG!++TFtOj2co}3B0dSaeUHtGa z6%4d--F`M3TL-mdiMoO{E24;cianEJ(dRI&aDwW*qnS78@-%c<~pr|m)+7u2lGc|N7WmKb$ynsdH##6 zRVD@Fo<uotCf#F8#9iHVB4ypqW*3A0To4cc=FfGqwb_7B zI)jIn`NBrY(TE93Kc7XncIt~O1c*U3%82%@MWu9VpWylByFc$eHJ@m3Z)Dme8qhIk zs{&+7{=NW+uyM5ej=|cKFL@ao>9tD5yT3BvdW_zV($nlDvyaZ)!`ExNZX^St;X-B^ zxPRq%RxFv`J$+<=1rlJW100?C>l`-**U z_2u#z07KoiA}C^c2Ty61`h2qEKEPe7g4F-opu4O&K{-&L#zEs5;%FqSF6zCOZYy_~ zZuZKr7O8ZsFh&t$;G08D zzxe&!UzdCGK@baZ(R(RA)2y$fpJq z1GlV3Z5_dJ>gjgwL0B?5A6P`nnIZ;F6;+RpFV9tss|?_D!w->EfguJZW8Ay z0&C+A7R9LjuBIju2*w%GE;EQ;FP8iJmSO7;KcyBw6%q1nxTuubz73D4Q2{{Z{HWjW5j-nfAXiHL zwN=^MBmV7XEUwKjPR-yu7e|C$m7r57uN=nzTa>)hZXm5YJJQtrTl_r+)JFLN2tIA) zS3?x!%)%h~6&_N@NFAOp;jSSxh@rmg_QL|KEUQ2}*)#sfPj<)uxz%?N;aDLH1@(;j z>JJ#b#gHPcPvcx|yBg<8Z@gdozslp_pa!yZwX6a>KG`wFDutDzpegE5sQH%I?Z-O! zK&B}D0V}Q_qLg(yQoPRX$GMw|_0p5HLGnGBpD|1Fzh(RC(f*RupWZGupR@f0Ml~Z1 zyAh%#YfH;9h6JTQ|9!pWj~1fI79;1%jY9qT+S~X}>-D_%Wc7Rjq!qVxTHYZfdRJZd zYMj3QTwyS9$1|#wR_Oq;b3A30SV4L686E<Z=f%jD(Xa)7d8;-XrfJ z5@LC({Yl#1@DCLLOWd59Auo0V4ChL28ih9ma!d*=XRve>uKwI_g4b&qzO~Jsg*^vC z@MD&PfTSJg_>Wu~m2kC`UE{|Iiht{9SbdW?U!<~2z2dAEZnqrWPm5B+_Zfv|JF|O< zj15e~L0a{R-4-c08MM0TTQz2O-Vu-q*@@{}cfFir?k4Gmfx|H-Puah6zYp&!sb6;s zUZyGdW24WST(KHOR78I$b;0Nl+0c%1^HM=XML-sj4nfRp!I!v;+b+Dh^mir= zZL_7uB$0uJfilDx?&1l^*i-03bm=9f-|OmH@4|4Lnq98C=6SFZkTs|Ue&_Jm2WJhh|V zKk_xP8f&{-P_(}a-qh|>CXDrYcUW?>#MhOz+6GLO;b1qU7&ddnbHup`r|Ay*lQuqM zD%{QbbX~n&jbnGZ=9p^J=ea-a=KU>`o-a42mQ6l750C~)_j*$9oynqwdIn!e(iG%$ z!|U%a*6P=qeR4i&+Lv!VwoS7KPqI>nyR=KabF^E~yhBxBlrxeFy8#PTWsDeLCQ(kx zAd8@4|5vFGbHHA{nts#3xxUh+ zX3(gg3r+b?YL)Z~4kGOBa9q9oef-jy-2q5kI@S6a;EKh1S+C0`fm2NP?L{T+m&u~i zj^u0W^&hT$oYqF{t@XL4zh?J_cl5U~U8oNypg`g8 z>P>{gId((HB>i{lF%QdN*2*H4ase;)v5?Mp_TjD4eGnm4Hf4`oCF$a{WHafh)Jg(H z?G?&zovhdM8!;V=_uFWz9DPZrx9xR+rIlrS2!X6Y*x08fVF#&L_y#XA@fU^avXNkH z>+fT_U_Dqm7HQFT81u1-d1K_G?030kc5Gd;iJ@3K`xPn{c3yEx8TERR-OR@lVAXIE-0k6~Ns2r6{mjm(fnbT!rMEL=W z9|Jiy^>%Ut=6jA2#(3M6-qGiAOm)|Mpc*7)6LQuVpi3g%o`7jcBbE(N$1Q{fB;K+w z_8@^?YyY2kJf&phLp2uKpk#pA*f-2x-I9DYz(>YE)9X`hQ_mw-b?pO_GE>N-@%A>% zcPKLhbSH?LTx&Sa>rV#MxqTjo6Rh(}Zk@JDg>AM9)Wc^%gkW3>ZfLUO(&0>Qybw-c zGwduCPM|g)gjj&-2t9Q%L*gu$Y%Bt6F52p!fFTj6Yux6;%Ly|TfLtF1 z?kw|OjWGX(DCr;7=0B4ZeFcvhr^Df-y8?x@XC;+j_Qqu`95i(quRkOF<-32t^XY-| zqh*C~Km3@fne$c3nZyt8qU_fXgK@kCukKQ1CXg>324pWufVSKB>pHGV9G!deeM5O+ zx_UEPQqscY;)XAX=(H1zl3-sN3@e1_yV*Ro5ASoRrV$xCRj59ka`8ycEHNQ|0Le3m z?AQUGaWMWVB2LQMySR3*);^CkA@@LAV07m<}E|ACqY;YW`(=rH`MHdU>{*$(T78;^ z$%x{%nQRb7zH>O-8PwIST2sz2YWwyLYI1x=G6Qew# zW?nVo+N7LhD%~^T!C6Hz3AgN7r+5f28i-~CC-S1^X1c4KD|p4tT|ktD{0(ZdkU2y* z)}j+T&SVXy^5bym+{l7Qtb6#*L?7`_N6yHtMVvL%DHdPo_q{hF3{HX*R0Qv1d=mzJ zmRT3;^o>_9nI~TB?JS?y&xnPeD?rk%7W=DYlT;pbobvdQl-%CP;H$_XdCyy0Ltr5+ zceYh^mdh)Cl@)x6AIJHm)rqziX1e^`52V#U>2@nH7yoyhn{Ni;+qa~>!Lj%(<<{-t zx>5P++lv25&R)@0@MY_vF+IcZmHdtZaaJVuOEMJ;KJ-qDMu}lOV{!DCFjdCT&oJ`3 z7L3Y^+WFVB|BZuiv&|Q?nt0ON9i4m>pa$uf8+FP0CTUR|!QnBB1u!%@)5N!+tOt^v zn+DARcps6OTx-_n64C}_33OBrN;$UE<0-)d<IjbaafdTDEx)PG~_jt4xPUiic1|%8g4*xcE%Z!Ry z?hy8lM+t;X@bwZ|Iw{u{o=mH`1|Gm;Mt#y+Vx4+@s~YYVLhJiip=2CWS%CWB%Nxt> zd+r{EIX z>v18MSy{vOjOXnd8-SqjS)4F-&F1L#6Q+PrSSdbhn#2((Bo`bL5mKnZnIYA8P^zJh zw+l=iFk<<(w9WN+$b*0nY;D5V;v^iXaZ-$Q|I8nD`n2Gq0{Z)gjKun@5#)s~CZGMy zTt$XeUuJ`Tg%CxyGk2RA%$Vc|{?=chgcO*o5{54j2TP5|4A(sH zE-?$B$u$;?skH&GkOoZf`0db&lXu}w4Ej@kKMEP4`hBe0kjh!BKVdJ-L+(R6O3{f~ z+591}!be!(|4K7xStYFf2Ub=u84cB!xRFK%30IH?)zR!53;rjj!X}ZeWovD$ERCrw z!%aDljk%=-iaaUAoQD8)QEDNy-!n!PbxfC{nl}o9YYTQnyh?on(ascL(tT_$y2w!2 z3ajFd>8~05cJu3U)xPCLo$B5@fI98iEa~O&-_myuu6c09_1xbqji4bllQb!l2=CD< zu=#Yhy9VRoP}Ys1or%IxN$bQCSTd@yE3nE$1}H*hOv*AjqlH-NHCu{9uURs|MRv70 zFZ{9Lwf5|%mOUhiC&3eUW)qsA97kWM!v0FxmuDR;tM~*Y_8`R1G@Vj3Bh3_z8m<)Z zn&A5Lpr167axj11$A>{w|4g&WR`8@~4xwZ2Dh) zPh-v-KPhmS1d*<6zj2fo{}l7!&z^37TEyg|EGx{m(=nB?PdlTM98$4 zI=*4vsP)JBT*HZJ)AJpErfQu@Q~&LrJ;7QVU{JYK)ir$#ur5qKGsiq1Z;@k^7e@aA z60XIcWMZ~CzORDg5sZ{-H#&}^u-_EEU3=n_mY!?0FYecz{`-7ss8S(ru6!f(0TbcM z;0j?Jl|k9?aTVm4Mc$lpNWj4Z*&eQ7SA3KClw1Y7O=kF! zKWyvJf`@U9-S0phCLT`^ceFv>R`YgH`5??ZBgF^|bDk!KGv1^pYf{2_c)DM^0QDp9 z2i=pG$tof@~5U!K=BcP zH`0SP{(URcX~g03?~fAfwHt(Q52{Odz2q^Oi%kM}DK zNyv>1-uQ`DlP-qVCA_VZ9Vx-Uy-HsjB4k|gG$`KhlV0Z6M;BTZaxN#=-8cHQDbDTV ziEgRZLZX3g^$dB4UK+tzst@OEtq>29+PE(!8-pe^)ByH?a5WPNfsQx>MKsWC6UnW{ zWiGzbN_Wg;{k(n2}TxZ8YhVx=#$bht1zb;ZA ztA9{r#~E=Iz6}N77>%7!F<0_CbyiYWPYX7$dCR7=dF)YQ1KM&#Havug`j!fU2$QMtWulT}Q$OR9jcOHE?Xhk8hkW z)2Z_DmU^5ItqOO{C6cW^)%fd?7XbXL6(1n1pI_$@=pAS;p~_wS!l*otpA{HF$4kxf zT+_T0AnI8}eSd3xRXV{z)oIcB?Z+rA`{M5!ZPNeIB@co(#Rrw@`SwJQW&0>k1qyfX z9HtcAxB1+{`E@nQ;fLH>nw2Ezlc(1J*B{G1)wG-#MsCDU>UIfr_Sez+@;ejasqQV(A?F93k80zA z-&*ulBQ+-)ItxP)-fuqJ`Sl`r?iQRs%PmZ;$O{ycVA-U6UFq-^vw`-Nb?}1*A1%BlX$hb zE#}wQ>!MDFQVrAJ>9d2EXw4b-9*&*I4g&(M%jv8*f^lQo=I66se6!E;DW0D>aQNyRSG2`I;&Nh zc3F9)fmoyS7|DLK;Cnk~m9L}bzHa{qrkdadU(Dz8*)O^_(;Fr57L#s$Nv~5P)Xsjw zn+Bf1!SvCFqk?7)sPbN+dS%?ulPLel4(x04sy~lh{gQbo0X?)mzEd=4_cffbJJ+RwxgM&;^}bWJ=<*W=bon#NFxU6m|II&ZWt7U%M9gcr*ErCbf{3I435d~7wPJzOoS1ug zP}G0j*GbN=bSqu%t+i2#YAcwS9sit^0=P6STnE2mh40Lh+!?1|+dujNEmqp4`1~3G zi2@6L%zX8Az}r`9Mw+h-}d-@Yh&q5<%zvqAiX|K1n_Wy}ByS*olH$^E z^G&}Wxr}T9lH&0YbGn0T8v=*`qQ@kAx?Yfszty~4&vDX1cJKOGbr#hXa$+DryadLA z|2@fl7;#pRAotZ5-)oi=6AwA9opJcK#ysewCQg!bb&io14cySmR5+R{mTl@B>1@d~G_mswyO8BIqWNX$H-zePMF*8*khV(|wp{-@D#>KJMwVCu6L;aU6{z0`hu z0_?-{)YP>Jzcx-_vC!F%6a_4P$rz1>G0~h4MJZO-10m47pP3Wu&kVaw*Njh#$^Ze1 z_rW3Aw$J5fK% z#bi!^hiA{7BHm$@qk~Z$ttZs_4L~F)H(bt4Hr^B5O7>BV*o zTb?4`)c3v|5y;n=@IZA`Q1MVBi6v=(voryV03U<@1Q9|ubI;~5gyvjUH%`=?!fR6LJlF_M^rgD&YNvFNj-ET9S8 zaK!@-O+D@kq)hv!ZDk!&fK{EbwFhXzwcIpfcZ;IBKjl2A&Ty>AqD4$_?7cyr z=$SVF3woJ~L<=NA#+r2N>lk4TtSTXhgue@W{$>oloyc$)tp*8@YYPb#_R`y;HUfa2 zwUIdIe1*U0OVI0C@5uw>*DEOXLVuE>&8t3%0gZ@rYm&FzLudXpiD$v>Y%;b;c+zJ7 zdcSLv{{2a58avkZ5EKY#`n`UBSX4R+;skUliw8`eVVRs(P6lboA`)l_S82oI#STUR zR9O7~v2^Y6O#T1g-Npi;bDh_B;Ci{_~$b&N=Vb`}KO>UVz)+em4lFTzSO{f98GUnH->kUbXJTlPU#nB9=XOcuoHs8%;H-#Kpl_Oga=@u!xhvr4E-)@La3c!KLOc);(KvUCf3 zv90{CA5G2#F6B5@&>$hk9;<9!dEqXJq78k15`s^B-Fg3BKko6W4blAo6O{tKh_=*utN;Upu62pzSqB70HC*eD^1ydxD-0;Eshi#kFc-f&TUDDZk?&;R z0cz7#2un$Ob%)({oyS;8RKs3Q=!7g%%SuFeZjw+sxv!dbqvd8p&Aj?$lUqUW>gSV} z|8@%c0@q~1vbS~E^{+;&dBb;DmuZzyTm}E1d{)THg1^FXb}UCk+(mdVtT!zhT*h@C z4uW&x_kYMf_>+X+t^0Ip3rlgm0_PvC>5-TcN3BS$wr~Qs^M$~^Q@PJa!Irsdf^g}K zOabZFMhT;d5!+(?2~b79s<0WQZll^gTYk}rkN;Y*bPjMH`soiC2%Cbv)v|8ei(wnq zd2e`Y_pe@e+d^XlXqiQ?t^QGnaZqOMxwEmZ>b7m|hI4?MJOGs$mkIxB{`lQjA&9i} zYmy6d$K@qxn8;&4=LXJj856;Y@c{?zoQ5jf6F6%!(}Tn4fxzMyLvQe+T>ICL7n)le zj53e{x44Y3?7jfPsIk|7{%=ENQGi9@x_{64D%AJab}Fu$)_&BbTnz(ipY{F?T`?>p zaaIn64#P<)O5H9IQ9#_(p9xal^fGe_oGjZHv^fp zS#;S$B{RJYb3#ozr>Ico)*-O`OB{gySC>1dcHJj(TNY1wzbeYI(pKF0I&8+CeY@>z zU~{Y3nI0x#TC>(>P#hEsOO2LIjZW4AmvOr-j;3RM#$CmP3AG{}!qWAHTS zOj{z`=1k`uHl$J0>rdiSI!B-pqOG{)9~TBL@EMoj_9{|iFLd3s)Vmnrb=+4i9B4`3 zKxjg)}-#nE|RYd3*K8E&YQVKh$q z_n{?Veq(Buu{-$m#)G^E*#pEbDlsycGz2tLJY`XJS0z5gj)D`!1I(}Q+T->eNUcm- z>p?R-Lg9A2RvWSKj3Crl9Q{X8Xl>Eo>fIp#u)1@$?x(w(83^9(=saSEh_ilqNL(p# zGBSWt3%Ggw0<$Mg^CU$g!~IIjL}Bgr8)h%Qog{|zkRv18K<~w$sf@>Go-PO@x45V& z)RAuXnekWa)e@Ib$yCUyn`srV8BgLHl~ifhY^#mNmq>fr5x|;#`Fx`7{E2>I+{NdK zy^A*DOyG+Crc3)ZY&9`0+BCN1ZOFnd{j1fDSR0F2`!Fl>Gz0J&lTTjcONttagVuAs= zh@#x>lW;BtXLn&gL6)a9K-xGvD>EKDdVEXgi!XK@^$1h%XgJVi*i++%WGU4*mbZTD z>EPvvL`eK>siT>dPrdGX!$oq@M}zGXrFR=`29a`liqGo zmjWahy?V*TB2==!*A?y$h=FWRt%teur*ofp$V&iBjj|`rkQ{&Yx4T7K{>FX3TG4;~ zxd2-F{m(mKhdHyikNk@qfbo98Vr)>bG>|bQ$`Q}Ub6a!$(0sG39W9m#F~EhXu)-hh_G)J>S;xEm4GOl5 ztsG3@(XRS*^NkqgTAQpZ2d9>;m<-QPH1(S*S=>w3$k&O7&=k3)NNYigGUe7J*> zjNg*yDfK;i&klW{-izGJLkkj=`sF@rl%4j|!zMW2OK1s*MRNP`H&=*{4%Av) zeyRlT++sxPb5~|O&z3K9*LP45n00UIpOId?XS*Wk&protQux`!Pzn5O+oga^Ki>27 zd~ap$cMhoRZo|KDFgQ!h>q%3TU1q@|<;+~q@F>TJIK0$!_WpLiigmQI(ToxI$?O-RD|9x1G^}oQx-iT*l4ZFeD>zCML47!MDDW8oR7lm* z=0#gIPw_FgRhUl(5+xab6W(&A6*z{@#VIU~gvG*quVfTwWmiXfRtd$B70!Qe(OFY$ z&5};xoKUYk`RpB>&wO&VUE|G!WS`!If8?d+i6;X`$eQVa+3xdaJfv3Tg6Ji|%=1d) zyeFR|FS-eQ>jJUO&o;p%3Eqi>`sD|;->(cN$roYyqTpNsu~GA(Q1GZe7wekQDE+WC z{QR^>5Bz9zNiDc>YUT;mhIXIP+Iey_BLJ%ba2ILzyq*&mqQm9I+lwa?-SuUb024Oj-LLx}2FE~Y zX1eo2FaJu;R}26nlh0=~#}}4R@lfFJjXKpa_Rd%_D^f0V6hP)PpSoQOFbzP~iLu9C z(CA55%oQ-8|5dYlJPNgSm6YACdk=T9cYY&jN=KR*wK}xmCQjd#_?X}g-tc(mcVVtT5AT-)A zYM{X+$`X9Bt${>(WW_2REz>^ZiKE{Fgq7j){MQPDf>=32hLna>VqBiY=w3~k0F8m3 zU5h-yxdpvq0kZ(RH0D8?!{D4C$i3ODYl&jT$-V9|zb*-W@uoj`oz`8OFHsG!a^5@o zTvG3t*dug_zxf{iSAOJAs>OF1^+VB@Xd|NuLadPAxY>S51(qza#qNDO2yxZNO7PK; z8Si!p9gPIrxXz%N2lhix#8{;mv&9F_QV80q!_k;^>dmR5RV%)K5G39{wEbjU^=A*^lJ0Er7g(d9v_VCmK;G zHnzwQ+3RWky$+PZuVje;#I}ldgy~REgtWq9R*D--MkSymR?3%24|({NM-!&1QiaGlNB#*@ko{Saz$DEXd&E1&1>Y$ zvPb%E3uUR-@bzztbr8?Cs#vkgj6c>)BE3DM9e@vDB&8mqC@no&W!({?6?`P^~S+qc9 z$G2%m;GBx%qD#1=?rQCl2cweZLf^a!{86gx0Ul8=9|suE;r8PVAAsLrIhrX=Zw;PA zb!byO=HzE=}%L&-C-tz5e#=en}SM`s0{nc=rEsomgm$IL@S&18+t1MA@EV5! z6ZV44@2PCO?i>+9<`YA;HhiBvLoHvqRkS}(7PHtoUa$a#*FMaXuVFSI@)Co%-{GKW zr@(u&Vd@e72N)X+(yp)r$)?!C( zdyMK`EYoqG*~|K#8Jec`XEnmgNRxLbw7uoboPCqmM^=rq6}^^T(vzX~ti7;Nc>9-D|7M}^!Y3bPJXIBD^LcGt@a}(|_uZQ2GgQ<~1N~gl$}n2i$(?0VLxi82<2~ ze$cMh{WUdyp^5^SVOcJhF&e=Iisb1^57~L0rI>*PnfO5~46PM4*O{j@O*m47#F1@K z*7;%>0=4}ZG->=sj3|>Rf9KZqQb)7i#4AO?cyKSkjTBkUbF`i z@x}wi9=WE#f$$MR#Mz7X$-+BG0IGV9I_n> zT67Fb{=9nG_w$&Q!lZFH9(V8yS6;fWgJnPe{i0A0-N4A=h9mAO1+8I!28(cneyfVvi;x? zmZ~s30f2J&svwRVJ-|WBCPc_Tq3i&Gl{7dH_=_f`>$OkipCWjCukpqUIcZW95c)E5 z#DCJ@N4c%xh&kI#_e*P#lZVdKc^+&LfnAdB$_wEEE4rQ=cv_rNobC2J6qBiH?!*J; zIYvu%MFQf z3ZUnPVio>kRG*YrV2|BiGEKbK)W@cstH`{*l-QZMJ4@Cr3VL4|;_?`cJ8xeIZmVRA)=K zqH}0Eqdu4E%Ezb5X#-_l-J;e1_0VQ_-UXLOT&S${B32ud07gaoawRDj zP0d{;HMDpfgKt<-Z@^#m=0ZGDzTil*JZ18Cz@;m&DHnfg8nlM>NVkfXmM->u;A6=)82!kEWm6X;&E|9jioa|t zB$D?VU%M9ntWZJPO~S@T`bsasTRAMcsv_LPDb?H%a#xf4!p)O|4d(DCs_EROJ(^cQ zG79N3Js%&v;Z}Umc3j3DTxg-7rux48wrsU70p>reiFg&10t5q{KZ;W{sY;btDHQ42 z7gHSOM3vsLOgFU6e;Lsmnn(>zr!Q1H-`{^>rXLV%u-YY(AMDl8)rhAK zEdyd;9|`&#cjeMuqDnUei3yutuv4KySu@1gE=HV-YF+jBZ2$-?O+|EpL65@Y;Fg7x zFA4hNaKs?kUJ1b)L*2VKLAC9UlSbm@MhL9J zI&~?x&dgST<$7iH=nBu!a*bEzU5^AnXtKc*JyU z`<}H)bw$KSm{d0%Oqh4pQK%Rw6S)B8ImC=!ZS^Re zt}N%W}7XXjD&3}QjX7ubVqjYz1(2hn%;->w=WqVU7r|PFy9T6D$tjv%3CT`X_-cjx z@@AzYHGMeLibOy&2!n?+nQst2uD(cbQA+UQZO%BaDVjJ3W z4ggFQ+=JTmY3o^hddL)m;L5_WUjKKkSfR{`xAej77J9?Wr3mqU#@6s4>yU`{d!G!T z9=59z7Yd|_9uBOOy0*V1AFleiyr3Sl2l+Q8oiYX7W&ANbC1%G(!(s|2F-B9;ETvu! zZ#8&^?PV(_dUVs^un@UK>1*;@N+L>(Ss*yX-a6#L{r*7mj}yUS=3hXDt41;Y@B5Fq zVA)Qy!P(Bnv>p|K#Q?uV`i|u=f!VWtV2BWe_QQmPpv%$j798(knJk$-kUY@Wi`qO7 ztT#^@@MTkW*^q4ECT-^Vkn$Cy4yT*~LD@F|w7f8(CL5gBO?gV~H3h;DXwzM4rip86 zuWkl@qbnk1VD4`etYqA?6yRmLkGyYm=~2A|?VK%LtiS&#|5jZzbnobvTjZJ2IgG+| z55gpC;HLh{{#l4iK_E;k`{Ei#|piw(j6uMKU*dACKTi?GOL3zBfOH5YJ`1~aof zGKOuMT4y#My3Du|Y4NVY!seInEKY#8+Mhvum!t_JrO z!o{IUMq70C=8Y102A7sI)1QGZTIgQu+-`C591^8E=TY8@_v5$9jiGXE4Lz|E$oa z_yjAT9fd2>U?dSth^*F+1)j?W3Osnzh8eG!5O^WI&P(N_GpyHB-V)6xcD1am1n=* z)rz0iUX_RF@n8fo5Vs7_3ZdG#LmSn3Yt(kuxWX;o{?rp8!PaMniF|tFeUb`>GN>(* zF2ULP8^Pb1uEJbSro54}WFyEAV2s`Go9t5s=Yv zD(|xn*(@cHecnE-Cu(#)^L0+B%U43kTc$Sk25Q=IG2FX>@&4W*O*36w1pfg*3DnX1 zmFQ;yEm#R&QhX+{$v3vCDtJA_V9jnhViCR^K~hW?-8p7fnbIp=W;7y9cK6zJXZyUv z_$`+w-5^bcE`7P@X@_h>B!4vtsU0pgJ1)o7pZ@GG;1R^_Dl!D;54BLyh-Nc@(52nR zMeJG`L7J7fUDJyTVfn6FF+psak-dsz)w*b&wpAlxqu&)4|TLxJR%V1v;H)uhs>2(Dy2L?0fC}eVw_TTea>OvmAha#orxlA82T@ z%&#rxDpw5fJTLbKPss8obUS!!^4UqC-&WpTv->)lDweE?@lNPClN?ed_jFYAs&2aO zeB$k4J&L7XT%TlVaqBZ_!M@sU6r)~#J~BWwfQ7dQ(t#+$o=CJEuf#pNuF9pLTt?Y7 zk&^IN?&g1t0M#cLhMxP~w1;E59HZasVCj{VLGmr`&v6_43}{1w&_7o*4;ox6bPCGt?;8u{Z@N#Z!Fp*bFCKw@ z@LlQ7RWdzr9*``R4`FB?46Cv~oiQgX2=2_Ix7jQ?9^AeZ+0MkWrV7*-`|`@3n~Nac zQ?8hs6^Xlz+9X}Kq>98HG}RltvJhceLOxO+h!%7~dGGfJEM8WmOg@^*UR$pr6v;rL?y41eD=WX|4gy(ZZ zs*4#w)$OHjH>q5fxzR@piC`X3tYs?Zb#5+)C%!DJSJduNTZ(9Q`ro-kNc^D`L^S$;HWKBe&H`+NrTu|xF@3*^i3+ULnNj2{CXZnrZ5tx=*_Wc{SDP0? zuMq1iBn+>qz|u9Mr}Z}dG5il8Pq~wI(U`{B=FqJa=j`~;V@K}9!fND;E*aZ|wd*4} zj9s-7KzCQ8_W;((V8-c9ol5RCSx&j{($e>22G}YzU);QxW4Dl!uDk%{PW+j(qz=B# z-IE?+%`l1tHy>~x-OoBbTm@w*aZa_iHJAuPm4*}`K~0oqjnn5it{_29AAk33Yl~(|-3N6462U7)ualOPo5^F#GLlsDu>=(EB5R?*twqlp zzP106047lF^0-5!yoGInrh8b4rQ5S<^y#w@+ihcrrbH#yE+;@)T zq=L2_qB>FB_^j`4E!sR9A~fwhrZNap2Ds7y5iQ#b4mZZr(Ge#UJaz z6-V41D$CeSZsh?1x*nkFy9Q4EvPiBB7Sj$Bf9CNUzB9V_8aM3VX2g>*B#^MoofKCA znP|Msp)J=j=Dm^o9s$s;5h0I-9SE%M97*c2QN?M_Ck4@ao#Svjeaw!O`J$YgZgBq8 zbj5yN;&6nyin;z?aqP2CJ3n%PlS)dAM@91v%L|$8KH+@o*$lc>?|(F&M@9;6Dc7*- zDB8W{|1B!fyb*5kq!bdDKUwRjSbJV*!OlF*N*i&a{+QVh2r*?f1d;gm2 zb41xAd#_UGGcE1{O(f(wSn`3GLea4Ea9Y$J?gB!NrJHd{xkWQg0LHK`j6fge07$R*8({oP=K0lDPXvB#y=t(hTuG%-2D z>-u;X-7nz16*K)OL+X#O89JNz9*7aeKKZCBL*HJ;JJ1AR0Zoo%hU%ZFOngBPmfeyc z5_+|Wl9`psK8kqr!^1#Sj!mXfD?Lb6>?vhSLqBEMm5FCEDAr{o*U&%YBOdwQl-#1A zTiYGpmxrWT1^0+Y1ZjKqZuQcx1hiP-dqRz@`cVK*g6mVelo|sgzTVJLcS`N56p~*wNf%Mf_*UjJD{l8;1l4S{i1S0&;@$EOxVbJoQBX(KUY~X36W$KU)1=u>*o&hy$8RaW z0!K#^H1+j1yXjr~kROV#?AHxG<$BqG^nU~5wBtrq{@U=&b8s{hID);mq%*m@f&h)l z$8M_sp%#B9od7k%cQVPP@(HCLB0V|t2ZyQKYWy~!g{aol^K<^FgIEo`HOw+9ocf&J zfcLMMep8n$$iH6gW%dx2Sa72v}4o-Ej=BNq`>;Y&*PRy*tXuocJ` zhU=_Zkz=yZ%%TYy?{b#7FkN|hQi;?I_IVmA*>H*z6>tfum|>vmDOC6o%3p*=G8*0p zu9>>w!leA1?`KnX_@hfgU5Mc+*FgWMYAlD)DAOt-huf*rF#I#F20SlQ0$O*eCMR+PpjifBn539u1 zo#R^b={}aDvS9nO^Y-8O-;5KVM?bt?=bDLkfB^FTTjyPe?1JWl?K%x#{!(bAs_XS3 zSmpr%3x2$IFUVmAkS^Us9J?@0JEH*&=w6AlgRI}aXvzHiY}-ew?)G(g?d5`?`6TbJ z))jd?=UmJG&Z;n~=o?BzMJoih70bFP31zvVzoa-g%RHFX5JZi{+6g_g9RXS)^v~({ zxi>Nl;ClRMt#?b2~={r+5DImNhKkRw8uPht6sdo{NbE3Th8XS2%ZAUaK2&OLgyJfiV}Hx_iHI zfQ9nJ`C~Yvfh{we*WiN57c`9KkD%J6jbx&QqQ%?Y>V{fL?IgtI#d%ii<~!t9Nd$oDiqxqRH&lOIku57YJNBE;z0-w zTGXMXN2jK$8Yr3$KdgB9J8-2&vU%S-r5+j^y_33B)_f;xba3&koV}la0{271xRjzpz~vVsHL+Dci7lWk^FF<;g)8WMAuzFZCWe*CQjOXKvKjB?6e%M zYUFWkV3=K(&G*4AOKXW#Q1UL6RS~*@KE{;c&rB*=W|Krc(W;93zu1`sHvlO zw&G|9lri9?pT)47I~6Yxz>ED zpSE|2v0VV55;TQ65#w96O+;(PqP1OuYV!DWrBv-NX2B=v?G}7wdEkk)ql5>*Ayi@F zB6@ql0auVu-YiBm?=ls27-fqQi{Y7+(PL{Ji9!`Q5rAS5%Xc!hF!V%&=>G`Kz__b0 zS->%47VFCTyW%y;smbRCU+(iem;YLfSP(&|On5EWXbK*8(NN64%su7-iUH;j)-?0O zazCP<%D8pyL8)nmMHtcD#7G4uqo5;L80^gZ2*iNC7b6Ph_?+7S%W)HBekxs#)`h3e z!5PkgURQ(jybV$7X$e8NU5S*e?@K7m2LwfKP^3`rvM(|iJ8s!lt8@9e&#D=f9{hOMRGyzGem#Nh+K33`tBQTbTdEpKs3>mVDzW= zXG|Yj;;bY7*eh*FPo9)}x8O*|lK^W*9rZB6k&i8Telg&_m>lbxiTs;Gx&HSEOFR;2 zX|=1g0e!&EJt)iTBzlJJw^9F;)oN&Ad!30gR%w?zRMMU`lhS;jGBb`SKPP&!-EL?? zM5gXnCDa{p8Q4&=6WqYO zpwhNl(o}q^=>@KzZfSCBYZP|XRbhH8>+`Xz4=Z3Q3+-k)e0USFdwiwPCAAz_4d&$Il3bniG4&ll^9a;Ob4?mMzB+Hj~DjNFG z$|6~{vkeXd$(k<)R=Az$;xFIh8}j!(e@6O!fgiv^b|4lCOU)J41v|uH=?1$$J;uLj zElLG_D*@{dKtMS)1~t0P-}6uj`FNzV-Lh=S4JMwb-njAk-e-jWwPL~8D0gKF>)ifD z!YczN$)KuE-4e=$1%J%R=P2JEUaHu^vNM56>sc4m@|W?bL|_!{`Djv7%%rl#(-qev!XbVIx<&oQq;Ff`PYq(d`O+pOyU-dKQK_Dm2yq$giN^qqP)4(jTfl#P|o-!n8K< zVZ<3-Aob%KReW0=@cRH6t1B$zftB~Rh8PjX7`uljxvhav;Y=5MDGC1q9|1u^1?4(z z%_Q>J{;u#`aD6!Wva({7gYT?oqW9T)V~&_<_&T->W5p_M>>tX^Yo6OhU_u9w#*W5h zcnO7<)j-b?TKjh-L05KXw;0?a4Bj;z5k&{)v`evuDa4ox3!|Dc>PH$m?PFPTS@Kuo zzeePzNWIJ&T3~*_9o#SH=4r;7BQLyhAv?6U^|}}XOy&2lVf=SYO>U{f1v=iO&tk7( z0_-i$Vz4b)7XZ<+#1zmKO_Z}~>V4+EES0TvH1UHp9POQwuRHFhxSi1CcX{+gcOax% zF(!~0ZM1BtTqNV=_UGhwrmk1Xpbf(SbJ){WzP!?aWARzsATUXyZstyaaJMS?Mwvr23Ax!QM!^)fq4y{?0kcbJFR?6Zy}fg6^= zmk6hkEG9#_-}-0wbiDCByW>LX2g&~J`W3M`05V&D2OO06?gS^~o#2KyMsL?V&X<=} zaYTpMlm=n-pz5}ZR9xVdru9E}eJ_uC3=R=C7Y3>R2WZ&0T`{l>31H^~hnp-bM-uti zd?Xv@mwO7tZ~VrRlwhd&3GIIPBmqb@QH05j=$-H=5p{Y3$&p# zQxI%SL^EkwSJU$y-4fvxg*BtRpdjG2AZVta%L~p<{G&oR>VHXZm+Vi>0q0rzqN(Y zaNG^Bt>E9^&TTEwW&yg#2Ep50T0&Hi-i+eyEV1vqN}(5SXvAnm-LUxjkoSnA%`9Z8nSyShjkt%WV222+4@9rW;?T- z^Ss&$7C9bSY&Ftb?SzEGO>*!jgk**Hg!Wpt3IgqjQZcqaFi{ZpD3)|KPU9$^m9K_y zM~)azLrn!u6F0sQ1~+OR(JtSE#sJ8uk)|ALXDD|XY(yLkESHQ5({z)7FLAaGLVVmG zPwCG5v^^U?&s9K8(@;!i0FeYYl1B@KUr)`)S9j4ZvpUsOAjL@s_Cin@m}4u<(swKI zci*Y{PbW0|7-_S6Y5d9KTUgs(OHwB}f6=gubf}wq2IOd|rD+!jM`GD+Ukt|qLsv^v z@P>!Q*hUd`;Be{3(pN$@P7IT$pVOg1<eh%i<~WTxEvyR27z|>5GGLctUTLw4>6|&>2{_YHbrnH+|s?Dw7cB)=^Ur zWR>A6N<7J|lqYSl#3szDCw0h7XEB`K&2qJ>2~(i5t*@UO__w@q^BMBC?&?Kri&ifn zT$Zxm8vg%p$_=X=@9I8kc67aE>VaalEVwdPz%(T0gPpH&GfP^LRAP^MxhHiBEskEL zc8=IfNKQ?8S+8k5D_n$6=C(z&&J}7L@Deo*I`#*@qx_#<4EAZ zNyUr`M*NLkRq+`!UOw6!(Q`T31Jd5_y!$?F_w6#U(xIq4tBNUgf$|_WO8&e{ zOq&l83HBF&TWAcW__t+uWRw=a;Q6kH(8jVM;+8dWZQpXmwrF^(-od9qm*}CUiO!4JY z;@V5yFXhtmsRb%S(f(=xu#%RyYH5b=A-`Yu-E9RPgeEX+^KjfBV74UQW?gOrJbp#- zV*xU7)cxmenDoe zn@v~(qgb*HpJ*BJEPrLG;@d^qN`R3zSCfa!M1|(jb#c;M8akaYR|Ve&7cEgWZop;x zMgAXsNY}{IJjFZkf`0Jdnmo#x&=UhalP(fR(~M7~DP9(vS5AHf<$88`23(j6z1X&L z6ZOL0(yGCzT)`4=sNb1gLCwD4=~g7Mp|ZB54@eDJq%7IoBemta$rn7^^&wwa-1l*U zyF;Oy7wf3Y`5Nd)n6T$s+j*}N744XFf{fw@z^XX|EK2)iUUm$N#)VbY=v$(@K!2VI zMSK5!X&rGoP2BYx%WT;{KL|pLuL3Gljo`+L;pTS^Z5_$KQo%1atSgSq$A8(HNxQ)0 z3UzYHq}1T{bj}cO^zH1UMA0-Y$ug~8TK%wigWQ*P3;YDF(Fi{=Ox^3JU?=K}s+;`_ zY#05h3*Xf&h7zQS3*xR?k%5|Z!|O|77~+Np(lmTK3%Bm_5O`)tV0QqITcmT$XVZ&T zE1nmsLx6Dx4+XR^u$X4m5#!h*>voqC5Xjhj?~XMwl+x(Ces)X*v#R&LUAOdL4vyj$ z8bQ2@DpEd-XLwec_`90Cp4j&Gn?**CN70(zkjs>7o=_K|i~pP-;E?$n`R%7RIPe!7Cs++`->jZJ9m;NOaF*?OuFyIr#2UF0sCN9LolY35;d=o*E5j zzajxZlB;;ut=#a~om*dVG8j$iw1M0ES5SNQ8D7s3fh)wZevd~eK=8a#H}&qHLlZ{^#E|l`MZ*VQJL&ewnKv|U=yBDbD>R6jJ+S28BU9Dps)b0J~_BN_KM;Ft0l{} zZCx5s`OwWY*h1UP*H*1*A@2bZD1vUh&jG^kY)e!@6##oQ&~|=guHt@riBpi)lWw&;Q$ZE4WHEUA2FjQC# zX;;A3eJJ}&7NX~{y6QUWkqi|8_ zuuME+`b{$aJh`nTVZex60y}AKN^^#p89H)>s4rFdR)?c+UU|Bqmrme$1L#O`J)fUc z!yOgNK=nMLtXjqoS62@=qNZ5?WBRP$95Q{$qtI<7sApR?((PEzR?Ra5|1!7aU;em{ zYRSd9=N==#dR>a=?XiUAIxGjU)vbd5Yg^I!qQTOAE$AuX9Y#Uf0FIYD*$M6KZ-rHiDg4Z@hu7#1U2;!cLEcU!^eBprV-x7`B$BIaf zM_bt=YQbN61B*xn-xi9T9^Z3Jv$xVZwPBwc^I`UHyvq)wYB89&zI07&Df|U);Xji8 zwl0z*V`@jDMlBYNx`S!>-Ux-bkmtMjKSm)HhWiQlJ)Ziq)orR40yIh zv`c^P5Kuqyp#FC}!})N5Tc#LWY2d;!v_l{d`*j~kmBm799xWO8Y>c=t_4 zOGB>jKXhAzRnE75(C5K;(;>3tpTDO+5Df<@?3OC5oB3;I=d-V(d8r3YForZQ?X}|5 z!CWTCpHH3NoDL3?jnUphAEWJJ%wRn(dlgbhv(L z@b|E4Xabz^{>)Sde-R?6V=k$Q$O({$U%jci>5l5eg}wBA%25onJXoO1f62+UG0#15 zbbc`c*xwZ~7W$WjV>Y!q0w?hbu*Bm_{O^&`wKaewa_0>)v(=hddjSTCD7b?GLt2rR z5a=C8R74yP*vM_#MzhPDm2IL^Ku?X|WyTj5VP|L#-#dgN2M^KK^XOeK^bfkfN^j#J zkr_#9JZR7im5`B%F=5ltkCl+oXr&H1rbai(+wks%`RI}X`BAiL`wfnLA+ijc4r*n@ zULMUbej&>7jy{Wa3QO;bItUB3=15sT63_1eUI%zM^+OE!3D0({B)$0G?>D)XS<+MY zrJbJmGI}M$INh*{3g#7H3_#qxLV&vUCzh{b%*L>tZ8$%Bb z`22la-;#5(Qygd`J%(2Hfp}e|4T6_XYXoTmz@b;CX``6PZ?lIRKwp;`!2$)1ukxHn zfL0oeteH86H6ShxUV-D<$@|8pJV0^)^yFVAW0raE!K3l~3aJ)8p|m2HlHP^=c8SAH zOXHvzkTA~=P}4lpLt~>>q#s!gWtEXR@^2`~_c>AT zt@>Nb@(X=*@$WvmikRwkD&<%v%eh@uNm`(^P@4b$&?(3G8+sKeSoGYPYr?*r6pf3l zFeyJLOa+bq9LX2AkHXK6>WF7v`kOo22Pu{LLQqMzWiP|Bd!HzwZ=L2cqVwl4bESLs z)&a~gnVx#W^&`v4FJMgH_mz#|70*pEGl35BYs&@;iH_Y=HVs}c8lbENjp>2n7b7xh z{QWe|V?kVH2?iQ2as(NT6y3AKzvcnoE|c-n?m}`YA^e$27-(kkPd))`(cG!l0%a2!ak~4vQ@k(@erW$a2YNNq>3l* z6*3)*hUZZZ&)6Y@#^qYo?!4sx#Pkd^(dr__75yr$O;iAs9S;Y5d3PBLuU#&W^SJTS zfzQnGPf(Wv+jctOAJCf#OB?+~zJ+cl;bwJ#m=Y_B#2mf!uK}-RQs-sNDkNT0ezn1+ zpSIoedMP3Zo&ppyHqZ2@gotVD^yySKogVIPe<@<8pDS;v0U#=zeo^Rz1*O{j1bmF+ zT5XZq+r2XOR(2#Kua}?g^E7l$ zMb8KunOIU93YIj|K_9;swfgrkWk;q{YSJjxsvdA{WX9KyH8LLrH{MVcxEenU!=^lT zg_x=c$C$)pMY=vbkT3GP@L3UxGb#=NMmG)4tszrI;73V!_WDL%cDk6U@!(nNVf4ja zf2RYB>3XapZpGXL-yS)Ta?qLF>G{SW8Ij=t_&BMK=eT-hE^LW^VQJvB?>kJ&zO2PT zg;um32Cv)#|J9v(ICfFKJd=GOx^);IRw=DcB6|o_r!V{kN_A-iuw%#GD$XcstBoPU z4G_sWTC-dLh1j&@>?aD4^Mi*P%uR|-|MfDM^K{g9a0#Y{?Z3}EzQ;h-&toDUTH53So=^bC4Ej<4*l5hSL@JY z@rGEovgL@>;x7&`4b(r^CMh)XivI1#?dR(7Kw!0a!gYL43!(n+wfj1uS3ZjPEcs*+ z5#>IN=@|h3yH%YEeAz>;yzs9vO&IZv(WBhreuiJEaId=Qfd1t}m<;U;Y=%uu2a1dy zSxyS5tVg8P2HG z-+9T--mU8ArEofFq;Bf|`1B@*afe-m#dPFqq=d|o6(5tfBJLDjf$sm~?ybY3?7sd{ znxR1{=`cV<8U(4Kl@39W1`!4aM7m1>X#}NPN)QZMx}{TaNNJ>`V~Dc{pKmT!v5u%kMkJ|D(aw8bXEH%t(qh|@oX;UNwVK4@%KWW9v~M7n72v(P5o_C`hgVAdSN zn3(SSW^9f-F(`ggwJBYhquV}dRf{9v6#pF3<1%h-G+Kp9NVUFQBoqwhk(`hRHxTlM zO)-*VRB4^f?X6J}VyNn4Pv-Wjh#4IQlFgdoy>K4-_i;{^gH`J&2nXJX8u`ti4d4OTse=bEP6y1M)`c5K7)s7Pkcp%|HJTt`Tbh&h*+(U!jxPn>S6Cx3+HWAI zLlwq>CgS2JD73YpPMqM$(9mou@pm_y4?Ggo7`EuJHy4LgO(gJ7XK`;;i!zxUbFGT`gpo)Coh4(RsHi+#NX38G}l-N<&TJteZdEl4< zn5AM)_a2DMaEig{iY<&wXv3wFhNt62jGI zJ^L<4bX1YB;`s-dQMxj+lA;<+&3z*GOf-xKxlMtGYOc=@F*n&qWmx^1_{X-#>=XB@ zkmI%ZgglrKLg`~PGBcm4XVc=)%UfcgaSi~ECQ5)Ci1j!^ESu{slPDJ~PY5E!d|8c- zl8FUlXJ3(NFG`V1x!$xZGN_h0AjRfgGo@7`!;MFmh$e}OuF%1}SX<3;%{Z_x19HGDE7p@E*_XS+?9BP4(oSrN<-t zp!0=}ppMt!KvzytIZHfbF&Jb^D2^3PFqo8Z5#fC;QG6c9%SNhu6vkR;tisgnb!_ON z=ud9>So!4DZHsPe7cpi_E(9=MQyd9AcbEd4t-421-V+LO5gM&xokMA0_f3pFwN6C?O&}Q zl_8OdInCG6L&Wox6WjB%>)nY!*E+j>4_og@0>1tLq{JhS3%VZ`QrxqvY*9twtP`J3 zZwR4MQ(&YaC61p82Ai8KcbD2X<$eM^JkpAdL8KcxrMH;^yJ?}S-z~R_v-U@!ly?6T z7bTK&*>o&zrYVYYwBKt0zR)%7Pn({;?J+wQ~wH zO?{hq?;x3>Ne;r}3ENPq>=Bjg&012_7@-9g#k`r7R>%huNL}v`gumdY>P5O1e(7}= zX# zDtL?n!NvF@aXcUaZ%@>a^^xm&E-$tj)dlXZ5+`DNgg%`XL%-j!T)Rb%&T`v6aQ7u^ zx%r8=Tc$DTQTO_h3O+U7?F*cBhuo_78Q6GDeVLMa(pwb{gf9}gMk-A8RK3|IclG2_ zxWaTw27NXJlT(pa7&LI8Gjf^ zED4~Uf>jonI11U*E4v%fz;jN`DdywQd=aa-$|^fS12P~ zmFzvZ*dD+#AmprQm#8o5GBI6|ym(7;TW~ssFqGT{4E2unlX2VSHt6Fp+z2i%_@TJC z$j8{%cq4$8dWRCt}PSdISjqDFs0JPIUv+@u<;JT26x} zxm$IXBoxD?%i3^&&U0J6>uX@`Yk=w^op8K6Dl~U}J3D8KO!Ir>aPL4$6!9`P(%gDAiIJproeXpnzSx34z_nUEY}i%E zd&G1$#Y52_f0~Jq5RaDu{z`Njl!*Wj%2O=^p}rs+=@z~1-_$Fy=O;Vg ze$-KW)bRq<_j5WqzV_0siS*$)rk7CDvAEY&x3m~87GgclrRr=pk|UK#3}T95pl9xc zWHYhU-A}j}(3LVuaIzHD2*I0BjUY!T3W;?G#Gbn-_g%GD!KWuuyY#7Kl<|prgqs$P zSY0U!5@&rK+<$|gE_u+*(m~H46b0<48R3QBN4}~GZY$?Yiag<0zXKTHrMyR-4x&mO z=ePDy^Ny^vww4X|Dqq}RTJ;)94-~|ucQFPvMhMq=J!ZZ^s?HM&C$?B=_Nk%1zbaQj;aoq8Kv+ zFeX7gOZ~Ze7CH2KJHT(-pVyzITyAA>e^_~e+?S`(DpOt_D=1x5Aym@NzwRyQ;~l?o z)xS9b!cbJT*-n0u7Y2aC9L~Q3y)t5&i^9dWT>B4*ZwGX~hmWbEYt9DH+AOZKpB>E7 zRn%SCKs9z7*`i~2HLgoI8HDG4-vYQH9*hsRy6dW>Le`Pyy5R`ugH%jr-#;8c)p=BHXK^X- zJu$vI-fHtsRwR4ERz*hUb1=}0{M#{Uf!OHGnUIM|f=CECd&+qxxwN?K?WN;OlIFM5 z^&%B~?&1XBkBq|&+7Mb7(+HO2Cc*D$t(bPjXyO2|3%?RM<`c=(DQ=q^a=`3#h(@ET za8c--tUDJ?Vz9PUO=)gC1~tzBnHG73xOtlMx^M#pKoFMOLY*e$$qPAj1)gi4NhmF` z8QUY)Y1a;<)U0RfS_I{locki_AY=3hP^|bi@JF-~SeEWrS4D)IIN-Y<%`m2}WnN)n z>Bj*k_It0HpCKid?kA>2>;QI1ryPVyj!*_%;Z1SNJPLx4cc9r_y3rYf8$gCNUvCWh ziXo&DLqa$;{p(^4LFjInJe{$%+ex>e(^2x5?R^X{a*cZKIW(Hhr-}l!(gAl10r}iB z9bLdEV2|cVCK70X?6S>13a%pIW9r!h1s$77wkuUdro@qr&6ArO+*!mXpdM20@zLlV zoi`4UkSY>;w1Fuwf6toOdno_8u;fJ9XyM0fq|BpQVVlrS2Tj0taG(&AebJsRxj-f$ zgm@U4LJ)N03rqp+l6Gn&&xtUaY67r>{ADDAHW#>Y%JDW(&_yqnoWT)n z&<;K5HsZ$vsVBv?@_@vjK_Ki9JeWTVkVomlvD~rzcyuoMj<>q?kU_G2-kxJ3#y__u z8MSN40rW&Q6co6Ux6F_VWlzg#8RcRHnGk-DUEmQl1RkIuxa7E7xkT+deP(z-7U0Atk&x*0f%N= zi-KLKFRDsqiKmF?#R}e)q_>YhEFJGn)_$3L%B7@<4^Z>g1W=qLNQ2ccym;sF@y>8g zUC5Ffi&`d=x9h1LRydYd91d1sx}Fc{-QP@^aCh~_N+Toxtc4R8N?u29%#W5yA1A+s za%|CA8gKDnQ)Bz^)X~LUQzb=Ra%MAa)M1h+L0N>d-9Vf3c-106NT`2vwvlTnj^e}w zp@ND-ZibH6tZ~$y!Dn|m*L(3GX=F6(z9FRKdka)1fcy10jM+>Om?PUf!F`neg-hY= zb(PVWynabNo{h8a>Oaz#FERLjR2xgFfv_kRM92J0P;KgSv z=EHi?AS$LLzW1dkyY@(RN)D~{kt)VbjM~LZ&vAp(A;gM97)=nu8GAfE9_)-^h?t@2 z4ff>==qyDW3^uPF0YtG-APQ>Y+$m@!dglrvMuh0bGgT!qh4KpsA+? zWQPnjwnG(yX&pep3brHL2HLB*9@h?S*6=P!7t7}qa$_w*c&Sy4VV3vIF zwhh^a>6+|RkG#>8YJo(TQy&M<)8o99- z1vXKDz}P`pp&*@p!xKQ}k0(8DXSW&z*MIa5z0j@{_q8t%L72aktrf`NW{Ge7QCoAajBuGN+}WX* zQqA}=S+Px@+;C+)Fr4)q3ys?`xvFm?r4-1$#v>ozn(GTjfxK~T0e#&vf!v5w&?GW8 zDFwE>1Zb$($mNDU6XCU;sTG=ItQx6c+-elyd2SF?#NAoqIz3nq-)&L-TkolS%;Tdus z113OsS5DA-8HHVC1iTi2?H8Hl&z!s6kk+fhtq?)x=GTk)q%OiZ0z;zl2HDdSm!q%= zGXNvz7YdQYdJ?L}#CEL<4dhu;Tagesu8#n_dOGC#?d-axoYa>AF${K1QC7uha%h@( zt3U;J5g2~=+a5y&URk?%P9Tc`erXoOOkcRyGv9h&5<7J_Z4#odUL3mv^tuOE&%xr6 z?1a2~C^5L~Ng^@9i6nVXxBC1Z?_N-KMiqiNs0#m3 zlS>DvzAN?!^KtN@&jdsmx_agEP_I-B8*RsKfOL$S%dl0t)vbu_Ve?QnBHAN?>E$K0 zi{C#MGSZzRJjZm7^qi>S@lH_=({_tGeyWP^*GmAVZ$1{4o=6RN4oVK}y87f9$LT!2 zL)mXMk-Kb!7>!k}+~-ov#04;(#r$)m_1R~dMgb*@n;dMV1AW0&!TM{cra1fEFAszs z>~6kC0rz&vuDcs;eNy#c0UfHuRP-%v$K3dB>zm!iv))HN*4F?>J>UcPvc9Jc1lJW- zQ-DLhH-j$03K6POjr#B}y!skJP+}8fyH#bx?q)>UK8r zC_(RnHm*HZcO>`hsNaj?{~1FiwAzq9$UfZ^IM8M zqpS>$Iv;K%AxpRGe^(FqPFwlF?qlZ2K!v$hsa!>0@#eV5Z?MvhoCnn!R;xXT@zW}9z;wP;P0g8+Ra?;L~|>2F*+NQ0^r0GgneGo zmj{9(Sj}$KbbCc?FB_4gWB@SS;@)B4q)TJay@;M2(X2n^`dB>s{iOv~XY&}eAW< z@L2_3%L1rS2&@AyIt|vDE#kF?VL!ZRol|NQ6%?c}+{;87k4A)Xrp4n0N-zYUmuQX_ zDWE1OSds=Q`JiqO!LKtx51sZCB5zd(bRYcqqNM+sKPzLQ{KhBjY&l?z!x9bn%y~fd zvu}OK)~=I#?*v0q0R8DegxU-kSEav|xqPU2_Szt&*gw73I1>7uQOM(C?T{$JhYqau>3Vk$Zq>DgA=R&xKePKMp6W4HSBf1P3Y zpZ5BH?+gLWQ1pt@)#NZ{)xBAA91ISlG62W74GYi=^=m8mA03)Mp+5yPy5lE(CQDHzyuqN3V|tZ8cqERbSOS(_ zL$v89NRt&Q%IS}GK0t6-<8G<|oEqz$_b6}X^ij&ojdP>-ZvU0Qu13;gkvm#vSSE7G zudfl*9)Iv6SS5Y>RhI@U^WktYp`T^6qn_60vG6CSx9hH47Psy-i6}2u1+Q{m`U@eC za%v+u&4-d8@0PCmEsIiP1?9yAq(iymN@%d`u9u3vplEfVS(SQd%l=ne-o+BfhPjjy=Bb-ciBTe|VVZt*Df_&Eup*tb@ulOTJL_w%AW) ztdm?|0HtWFwTDxf$2}gJO;2CEbIYO+@zXuVH&^vI`Yisy4TQXq?)^g~@=S@hu_>97 z%0Q`x@axGR;!>Efi+)hD!jkz~X+iqi5{px*k~(@i2v&s25iSk&6^8aA#Pm-W2Y$s9_*&-g?i*m?~uH+3>b)_(2>rN^|t3htUfQS+%tu4+&yk z3gcdJJX2a-n@DtS{Cv;ui%q*P{>ok|+$^>t4V5xn>3X)%%Km+U5avwXSPG8$zXA;*)(w293=iwcGV1>Yn#Co`<3nWJhGoLLE%dpZPvl%Uu)7H3(8Cs<4b*kWc1iEA<|AJJ>wn&*|`jNrp~9Rwr9N-*JPIDHe2lYA z-J5HA*B$nRrsViNqQ=kTLet^XPrL)sVd~8h%1s3E@yCnBw?bwG||H`F_ za{6%+E~?wcB#Untu)mUuebG(H;Kv?=V(+@tXjd61er%-9T1;MN{A|{{0MPEl@itBn zZcU(nc}v1=z>H8blueQpN6Pi|$;eB~2c#v(yzMpZvCn$ilwU%zkA@7n>d{PStpobf z9Q{X55W<4&V5Z(*v&1a+clEZAzWeFI!6l7u_9R!|wr-V7uj(P_Ti9f6m3;5wXqtj0 zh!kpjFv=9`-XkfEA8v?z*3+It61?Ezz5SkRZzvaglbc#Cl=Q-VBO<-a**8s(t%WXx z?iL7}_ZgS)w&1!kc;+_fasW0UH#R${f+SG|2JT=nZo2}l zQvw(RioN=Lj66t6wEfvJZ!V;Urf)uNCumsl15k1~t>Q&5iliqJ!S%gBgR${FfA!s= zwELS29qL4+I1NnxK07Ay2zUP*CvykUjp7$}g`-JF@BG1{;d*Q+S5K*(IgaLULN)L9 z5Om(>TB(AF=0>LOZOaLRx%L4iXA7ZGZ|Z&#T_%uAb+ZLs)>(@(Z>HM+Gi$hJfqX@( zDWeQoRVneoVg$5$aci}0*e=FX;9)$p}`YW%3q7N9oBmW#?SnPNBxTavA;37dK$gf6HfQd*o?&_s>&@X z&ZiR|y5vu%N{VlWnqaTe*nOB%!%I!1%Ex`S%FaHivzyJerwaGXq!ObkCE1)f60i%k zx5t$GqLa@V&6qhhWo!^wO`?4hR}Ef^W4D5Hfg2bf=|32s9}&VTcQ914J}zT3&2UMW z+{LX8kIs8_07kXh z;CTJ_UJS5XE{12J17$>ck5r=Av6(r><$C@$g5iqaJ9EE9F#TfX>sYc=rEbX9Mc>Wr z4tNw*q5WSGP3BeNBUZCDSrFq6OO3f3x2m4zo+=?@nwKO0a$kQNx`e2{`JNf00Xu2R z4d2NwW%zw0);6ulam1DtlOSP*a`cr*P$AWs^P=kkd&-y`oZE;CtfGHq_iVCng1#n9C; zDG-JH2nKO3VBPdOZ2I9c4Ww(om10r5DWpb~2fuR8${$hj^xwe|Ab)A?bonp*fHk5r$o~~i^K!tjIWA(9*kd|IA)HvE1ap(`{hne$oxytb z_|GI)$0QA2l_o2^B7!YY{vlBQknxj6{~uXO9rk2R#&4l&+o9%9PE-8*c+bD07+vrG zkL-@g-#8?Kam+{xl@t*92~+w&aq1hz-y3=3q2lKywVxcsnV6h$xFu=H{TC?7S@Y;4 zIn=QMPwxCq2!e0_`%h3$nNtFq{gyca)K|wN$|x<+xSe+pjYi@Kme{anA86xfT_21peP2!1vWzj%U z09vaYUqbC8Tl&ra*#-Sar)3D{mV}tw<R|0)w za4|%Bbw3^TkcBMVK<(ZjLJp9T#X#!cNih_|zC@9YMVAiNN`iWbp98k+hsgLWh?=sx zbnf4JodujlQ174VCk4YnM^PyL@~`X=+(e-ym{<9i788$&Vkz^4U*Qc6 za7_T#+{T~x3nKdpq}@?MX{Et&_aB*A0bIPG*mdC5FYsL?$Z?-Z->qMv47fZ-3A|GD zuN<_X@aa-D7HIDT@BbY8D^H-5!T;=uANrT_R}LK1*?>d&koF6Q^8b(wm`6e%bww2Z zNbdHFlOWqj@?rjbH75hFfpVfKKGWQPR>I66Y&BnUg%72>3{}0Q zw~_*rM?~klafL`G%-829YD@Dq>^ZwNyLGxpW5wn==VSb@!wPG@eLUuK2WIMTzi}pW z)(h3P|D)_%y#Dfs{RcXv7G^hX0KU4MG{+wpsmMUvEY1 zK|PZ@dDpEvlu2yGk5ag{dybYgIV>~(TBAyx5%KcOEavqBN{tua-Wwi2cP{L(^wWdV z{*7Wiqa`nckp5}3#qgCRL(Y_|C4>mqt>}S0V<3HqzcHw1bdBmuU)T;Qy-}jae+L%d z)D@Z|{5(y&SMIM3>kl0lN<5H17@T#RGn07aMETfO4*8EC*DAc%HUB9tZePgH(Xv%O@i6_Rl~&uD2N z)~n<+%qsAoh?R7H?_-)C>7Cohw~M?!-9%2tIsKgF|9w-^(PhuzWLm=XI_B_2%0Zpk zKR-(1v1flKEiV%}g~Y0Ud^MtCtNz$l>E=IC?(0LZQOwua>RE#Uu;_o>l^!!V=XZ!# z|G+?mIogmrx8VhX|0IHqc@$DFG-&gI!TGtQJ%T+|%NlI?e|L$h`%US;DQI)j5~*Ab zm|4lKpRn~w@QmAUT*>smvEDPS_6tYa#^gUGHd$GKx(jW4tjY1@YL=jO;@@*hB#3V= z7OtW33I0uhcIKj*-vDg=t&pu4w`BN1 zo~r)li<5+*dj63us|R-`KQjE9xH;+wgQv5`%IhF5>$KNZGw}?ar(~^Upmo-vKDi}4 z@Sh1yA1W_&LFEnU>&pBj#PSDH?9(alLZpe~)pYxa+TvOnz7I=LKT|j$s!};X$o{4P zfr9$6ob(>A73*UGSbvZ&f)`@O6xXaJ4cGX4lLGQRq5x8hg$Ao58?_F#vBuS^e+FnfSv^+b`hY;1 zsBvwLF{SAozAe2=B2F?VdwdR&OVPPCEdrmlki%OgNf5bmm&@PBQ{th4$;e^&)zAPY zqe*Cc#GTb0tJgo(*!9~7{W-OLN#&E+XV&b)Ty~&P;^eLmOykX<=r>#2YHtx+VQ=9G z;Z)g|VF+h4fH-5gyPu<=WI{W))hDg%)1ptk>!sv-w4+x9pc{kkvp?4)&mlUQe`;wM zGG|Gm={vVScJu*;y@vWvEBD?9@07YMA(sUpF5=!q(-n^yKd1;F2yW423SxYA=DZB` zx)w0*%@niVqb?U;ocD9PGysZ(kg``vMc1weYMr;tqSQ?qUZ6WppU;sv(LD{NiYJl) zg+mECwTDAp0BWshe%Nbu*y1(9`M$;+4qAkD^YwAg^ZrpiL(sp(u=?Zkdg8fv+OoUU!Rl;N+$0E*X zj>*(aFv#a;0$@p6+#^vtV^4z#V{dXzQT1egKVeKf7`*dAZS^MaGd6Ktf4BC)O{quZ zd0W$aFxjQ5M?DYbiso?Y-|n=zx07&mk|ge4o(wlx?iBg%rnVbSk_{)Fm6Pov{Up%+ z-k;y5-g|6r^yh5mw`)9Dmv6M$4QnXSigm2pwY|Mi+vdhc!ipFGePMiN9m8S(^#)r`vNbwzMPHrkiPg)8 zMn*8?R;O^B7C>29wFk&SI?^79e;=8zv^`Ec z4I|ZMggrgf&D*VxlbKPuqIs2zID!{cQ%?1S%=xEqz2Fjh=()8+gIa}X!4yNU;fY6H zRT!dlE~aQM^Ex#J^jkvcBWLW(P8lu$a`!-`^Qw63M< z_@iN0*~a|EXKsEIC!T{x@CLv7slF4QSzcei1fju-e*6XZjawOGb*(PKk- z?epeYFLfh6b}*|5TwIm{@jqPiW>3zg;O_djen_Udrwg)GxX=T=yedhfi6-Hxmac=X ztW8?za4Bbw2j}V0P-svoe<3@Wl3R~|N$$@T*=%oS(MvjxEGPKHVM4@iEj!CVrUh|Y zX7TJq^PQ;SlhTn!avArff^WMOnvBLq zOBh|XHPiP`^EmEv7Rjwt8V!zO&W~qYsWmRydO-7YQ_C&fgIL*zJuZl;v?KRzE6$6@ z%!R`i_KRhTPJK+jzr}DcOd=T&S%=r?@d(#`<-%S(D$%`wMNK)k%)Bd0-hOazEztv( zY=R6sJ~vnjAF0gnh-rQ6=|AoA*2bEBBtqo;Ym({!Xp zBP5&4^N{w~Hnhzl_s4?v_+L=@<0`XDZ#b*H6XiNb;wB*{W2nYOFz))*`!1QNQ6Z5( z8jO{3q{gFI8lEio#rA+#&H90WKa-HQaj!zy5p_Kqs|XIeP`Kp>?W3GyA2^$l5y{Ui z?*((xhu+P0$CqBU2+MotCQx%^d1ax3uhTG)mIWCcz==mG*=zv|)nl%m5OnCSMST0h@-~0uA~Q*yzii z8AjvlF&!Jajh_XK69e9C-Dp?#qbX2@JJh@7{hX1_MHfu2XrDLB8Z0UX)_AX$hh+ei zx1u2D{K_7VqJ9$LEqDL>1U5|w0B5D~#r5r-|`yGOW))G`58z&xv=&8`6 z)4P|ci{UF}{l<9|2f8}pvNc4cNS8rJ2Ki#$o7oQ)@5wd2`Ui%-fC^BDn(ngiaKJ$X zdN@f9E>8Gx)kX)qZHH2B`=^zL>Jk2o@O?~ip}4m1odtNbZ^PL@uJFgh@SzlbNM+{V z6C`;aKI~O+(Cb)B(=d4%XfSofU=V^Tf;?s?`k-Km{k@VaM1E_3uNT^+zHfJgTb`^2 zPJTNr17P{?Y$K_MB_YV3(h!__^TFq)AW%IQfB6URjcKpm@=v?@_owlmbZi0hqo8xe zzAI}ymc0H>_dE%ghc=f>?K|TlD7Vr7{C&oxY95Rh=eS?=N?#ur;-s4PoCy`B4iwTq zt|t=bcm?H7($gr2LEHr?(;o~l`dZA2)It95O)4eE+NHOj4pi5%XN3~5j#9Ut_av8Y zikM=dv*Klc!mUA8yy)r3`imFe&I|i{jc#tzri^j2Dbc{)MzD>#Y|RU!X+x3qkIVb{ zThiNzd_9`bOhuT%jXoDYi$Zv&mFYX6dg^U+E6ExcvjFVY zyVoHs?rBhN1CthR4W_y{S71@HR#9=*EJ)JDIJSQ!R-9dO&7Se*L9XHn?r0g?wII8x%Py>1UvLE`?0hA;hT z5+wd+d937{@8WqX$B5?Rm!n`rB`<0ZivGr)#f_6my++HIpI|=^0#(iC{6-g2LlVFM>OZc{EreqT&tU?0<1G^7O-=(D(O4 zj^n43FS5tg^wh1WC@6JeYcn=^E3a#6UTZ%|x4?N^MTPZ3MoLCm7~(=2l_-f0U9+X2 zm}8QMN|HwexT$GrkzZ3MBDKrtehHkb%~b9wK)dtt!>xh0+*_DdvIjQ5>MttwxvEhr;&X+@|z%iA1Oca z@I~r{o$!P-VW+a3zAY>v2{=yN#bG)%#QenQlgN|ePZY&31k2~Hewc2_C~oGwhmM98 z2f8$R@$3xzZW*W=3s{mCgpab>@L7E|F#1^iX+Ww3zk3O;?(?z|3$YfEA0jeFr%_8EoyMXw}iDNggtBDUP*pG`2P+k_8< zZu0#q&0HER}wJ_jJ())O3b5vV+I?taZUg*%neM`Y=Q z^8;Y}zLkefmp)(fG;}6D4%!XXN!OR1V6(_sC}z}d((c!seuceJtR`L%luTKbUlyhj zs=_E?*%|EuU)l>CrwogPHP&D993MKM-2r4$pTE&nzGr*R__@Blq*bE3?RlxgfoysS zuQFxY?xPk@!4K2Hd$;e6y{AA!^Kq5(M@#-baj!_XhPYmv_H&Fp`HJiKGgeuu8!1m{ z*ABIXQ(%^)g!6*Iqqp_2iYRmCZ|Qk3%nb@yLG_JDkTr^jNkgM@>~c8~jN1uUHW06S zbe!+G$w;|zK84~9X#(J6H+khleMkEwi!r1S9`~(6;k4qe>M}g$t;AON4#IQ+PQtN^ z*l3!*^D*g8Qsvs_bfVCkqcxjEjtP$cW_T%me`A68K}UibuO8=>tv)8|PPkI(i|pnZ zXb#fuR!Fm>?DjVD`cmB4`7rDVr~+E07Oj;!=;lX>w*oT7#izRyjJ=`J*3s~E5z?b=;n`8tt`lv-BCAM=U(y% z=M&1Q`nowG7I^wF@i$q_HcfN)J}*UiQ+~Cq=0zr+{)XZ2)Tq`l)5zCM-0d~=R`|tI z3X0UmG_a}uX})15>XWlCjItG(4Tc`NwSKx`A6+9SKrrTs!2dxpypY9 zs=cut{|SVt}gIn(W4wK|rIM_kHB1E!_;O@}G? z-Oz|4@yp8m)G|4_w`{HRp=nRDiTrM%NKRDADOPDVlGJqfPH2&!+vPqcg-IdDt%6tf zxj4ZeRTF>H<(_kuwqN#yn4idmk1Tjr3$*P2;pq4V=|*6U30>YXToltgj&4}>PC6^q z9*G(2%ID4$d;t71r_6Bjx*_)W8|zgk%CvY^=#^_5SJ`shpX(4z06le=N7Pf?**%v- zKSGn+772LY7HG`@=(pWLRc}F!>d6~L&PjyslZ#@{yA>0A45-f3L;RB*xO2H@#Ca(N z^Af7-PR;JWH*`;)BFmbr@-W2V=uyd5n|%i;}mOGK$be}j+sJFw1i51)#|XeXAQKBeJRgFrXynb z)z(48=Fv>mgk6U48}YK1R|~!61Ea6y1(dFynPFbM2aG#pNQNsQ@-A1sheesgiz(h3L>RL6(Sor_m8@Ks$$mQ@3nrb%in}9(08+MZdG!>MIh5**n$igj7_V+0aPf zgpu;P>2ElZeE`rsR4Bv?J1{+T?{kf%f1>sM=MG*Q3lj63yT>XJ=JsdST&r(*susmORF4Q@uZ zkIE$!TU|Fwx*I>Z^i)cecA_Y>9*hcuOd@P-^cZdnEdWA zAHp;F`dKmMKD}inLQJK^4hH^fX=0WUiAMJk4*d0b%h$P1+!Cc%7ko(HyIctT@6FyD zU8JMG^!)8tWW1((#ag8z;8#{FYkw(bWZ?qv;jw0^+-DxY4>z+JW5%J1xVq&ut7y~52PNRL>~0q_-}q4LC8JG!%NeIWW^6+KU*%xsTX8)Q(xD6LwU$7NUmvitF5J1<$v zG7e_O8JPrJDL!JIDjmf1%QwKE>pWjt+NWE2*;hq~JcluO zQ2|qcz|gz#=4G$G>2246w3JcOi%+&6L{&7D`0bV-+<80&oR8s(9%10x&pi4sWou$h zYYz=W6Tljz&P@rne4fK}JN3%{Xc;_IgIK+NSTIs8Rf$&v=ag?BidvzF^88T$(NW7Z z=7OQME$deDf2jMj)79X|N_o3cSHp@!?x|X~Bpxl=rMBbBiaOe7J@Q;9ros;nhsRas zZ-#VI6jBtob`?Fx1o1#+w`Vsv`ad!86FVA=XwfXSJC1Z@gZ8w3O@TP|roVP7$y3*5 z3Iggt$`ATXotXAT&Cf7=Tl6*~cEY%{MaBqw==QS>PAf zRSb<(w3jSB=nZ+<`T}QXEWmg;L#i0Re{aIx=pdoSZf14Y>w0B&U74-!m$y~GE$Fyk zZBb@lTAr%u$soWc?l>1V$Lsgfz`4sWt<_35V>nWfX&X`8=@6QMv|d@-?5C?(mu(J9 ztu1k0&$3%QIjkuc4#w%oohee}*N`#mwXZ}va{l64Gi~*Z41HWaa_mkV$-8<(4T+xU z@)MR;A2mCPq6qWx97Rgz+w1E3jE+5y0vLWTGi9Qo{SBoyAq^ELL#KDjBSweR6d3bI z2Qq4Ew9&=aim=ABTU)l|ze*Tbj4|xtty$uTi8tMy;o-UL$>kZE!T~32vd0!Wsa*7; zk**Z=6w6KTdwPvmr(C<2L8$gNF^DdfMD~QQ00#e~*0Xo$GZ7&C{7|H_)Ff?v*=gMN zITd?0lv})vInEx3B2}K#nB!_tt64tLQ%kyBwiGXk-OwV+xt%I?pJB5BJIgPQvIl9c z*=9klt=5CQGo=cl>JiGdjPei#y~ttSe4?mrJ07{!4I?2hp>Px7IigtGKFeO0R;%gR zm|tV?iMIju7bC8M>=0^6W?E|6Cc^j|84Vxsd)H1H&o!UG()HDS$HujXnR?k>WU!C7 zkz`?FuX3*A56!W=g{IUZ(1Mz%FL9Q(T0I@(ePJo`sz^Bus}F>!OwYq5JPYkIhLZ)^ zWKLBVSoePE$jof?JzJ?lh9|#=ZysVA542u(tE^@8w$wO8BK-`;1o8F4-j zETzSwNljp0vL;^Io8C}Aiv9MU#UHd(=GN@0H?jv*cKwoWN-okZJBZjgkvcjHfAJOv zrJ_YO(ujeB0u)VBW`-**6?>r^5o9%)F=rIdYNMtQO4@u_DOGzeVrX;5yX_0iH^47GIPFjJ5viPGkpGTSL z&0?rXSMQBM8R|WrnICd9Qj*IYnG$@3(`#6^`4QY@m;!Iw;YKDuq~Fx*@HnW2s=vYW z5$(x_zGIPW^KPX0gaAu_lRDngV>8`^+DeNjhKaoG>Nq@3eJ&OTBbFS0wKTa}?-^&~ z@pUjLV6u5lPx?dqA6=O%O=MU(;~ui>Hyhu~^UP$NN%Y8&rN18S@zu4DqXVyGH@*dw z1w;BCD%gfJI6EG=O_bN#D2A-Sh|4po&W#0l^V1iPed|M`aTiT}6)`-_JZ@%W7MvaU z%B&CmE;gejfx$OQT%{+zrnJ&>#Z75|RrqnopCyX7_EzGsun?rbmevn>(o{tH&xO1#bw88lY)royGc;`lAc1KhRu znSM2eJdyKXV^?bcx97xCaTHF>KR5hf{CxN~HCV3D*W#iFp-QIAS<@1M;WxE>JW;kC zF!Z+jmXYRHmBLzWba4>AZ|w@x&?4BgGxteRd>uxZhekGLtUK)P zfc!nmj~oxfr^>)k+DX8L;Rgka42`yZ|BJ;s6t9KtY%?th*u0L=>2sr|h+Y1?#hifV zZ&~1`l+<4sZhiaJQ&)=WffmUZUR*;0g4yFty;WH~x;bkP_-!)C)Wu3nL;!T*f3c3p z*BzlMkm2%Ck%&3}gCeg!s+(k1QsqAPvK^VoYWlq^*IqmZkcgVq<>~J{1ZYA|;o0D&!VT43VWhr}U5g}#Y zDQnrHWSgm^ETLhnV=2-?OqMofU&ay=!r0nS$vT*_HdpyVc zJn!-R(?6N(doAa6E}!#rp4S>H*UmfFQt4vh-E(NaO9!r7WG!7!xw!9ITE2DDIB|dO zKSG9tNU=NQtV<)!!khc3vjmH-2+h`>%qPj)bc$alYccciK>~ooA1(IH;XfQ6x60M^ z3>TRF4npsom3sNqgtM3O+3-_-Rux8UM9-R_04a$}IdsrUV}qvTp$EOY0wl8#RYgyr zE^0{hbvT4vp6!RgFl%lXKvw1T=A|`6p>fra19S79M-07r856!_IY2}V6|9jm9*q{Clv>3?^dvF`5CJBR?0N&} zm9@N+NjlGqco})2=Oe;o@ZH|U$(sFTU*KvGX@#*;^Mn)SSlU#YDR51^zWkaIUPhs^ z#kpQplVWV-uFeQet(OKgM6-9-8R@cZS>Ga^*F~kickR2CP91Lzel)G-O}X~Mlu?XB zH$+(C1=8J$PgT-9{QYikvc`6YJwz|<(9yk_ntRW^A&lk-PVLQQ)>JwxO$v#QbT*l^ z`(;kGafZ5XOCkPQbot@jqk8nR^kmSL`eEM`N~+J8a+jtz5bcs@-z`tAP0#vto?iC1 zSa6?&E9A_UlE}@sG!dQ1=%P~9*SlSSsVY96U{DP;JYO^YGLt>nw3a^`@c|Y334qE^ zBNPRY^IOt%r89x6BPUA8x=)_WmCSc^;PCmbZ<_6?Fb4G0ueyRcs3S(}0ivf{|~xyeIy;NiN^?-I1@MawFs8k6iiO<`C>a1Lp6 z)kKjMa26;H_eSIw)@(gA``WW_B;XWx%+E4@k0*UM#WKg`YtST3Cz04Qe~S4(Q#* z6(6EriX%Tv3muY#04Io9b81^-DmM|srdckH!o$=4kdRS_>b= zGR}1Nl-%sIP^d8p4D_KQ!vKKP>dLwC(aV;WRg@k?5Gm$SsSWJdH`K%4s=Gqeu&ikz z?NeM&BSF}z+&Y9*> zzG9OENjq8gU|6kkM6>Y6?>1aXlV|6#_qIF&$0pQ)i=LAFL_2J9s^C!7X?fN)mLJlz zA8QZ(W*Y`~-Bl))mQ&tnzuSABV%nMl5?@P$B^@rX4Skx3*3qhv1o4}J)p5-_AsYCW z($+4_TCvMH$A#J$_1q4n)@q%%6O=i&LzO|(L)D=oEa3nJQymhRkkgQ)c-QNn*2|Ed zYyPNzA2F=*HXlPf^TkMRTHdXmw43I`&MxYMhh^WG&gYi!UB0yE)H;9SY^5>t?{;r- zdrZO^J>Au%3`JF_E-kCgK;ec6sy{GE$nL$hv()~ejthrgPt1c7T1dym8}6@{<)=8|16gLd_2{OR}^+HW$=Vfwiv4M^vQaM9L1@pBQk|xRGv`H4V2sdNJDn|R@Z>+qEHK07QDs2k-;R|zC zec`EeDVY%YGZF_TZ^`kE#7Xm76c;4dIlfbh7EbUuat*r;B-Fm9UvpiOK;OM_^hnBR zI4$$hbA0>hgcOP*&-T2bf9_f?n;s%dj-@+5Pk!GosNY3qUucU@{NwfnP4;nMmYytya-h^VU5i5zz4u*E#}O7Btl|FEmSMaXbUlbJ)N(q`&Q+6sc#`%iDi99W&Kj6U^aHFGJAG7pvBPX#Bg~P1dA4eC4k`*bKUf zu5`nGvt|Dq{A5mDebLE!?T$<5?*5WJVwcefIq|3}pgz8arfU~4aUP$wBS_MQ0ZNHg zxwO8XQOmqJ$)eH?T3l~gLrbw$`C`T^z2z>$YAkG99qXdrRA;%?(t8l zO8}gJy$F6a^P~*RU9P_5Q~q90?{?v!X&onUK?%4k6lx~L^$PwUro({!KnX>@K@8C{Wg+YaUyJV>|o zkRe0l_T%sWu}7;=Eh1@ZU%~_Uk4flrF3StMjA7mIC|YD1JWv=z|Br3qgGaejW_Mj0 zgWeAsYp*nZ{ZmpNgw$TN{DTi!ciK&YR5=yb8{MTFa$*Xud8!1a_j216HXf;e2t$#k zE-PW%0CCdzwXJyA&)L6s`h1MmF2@UNTIh0K?THljd4IOA z6L4l+7}3BVeYsSFFq%8~+epJj2_$@{X*1Trrdmn-d=^ph%kcJk(#=!z&!xI5RmPjQ zvn}QTa;c{mcv9JGRTRe~bhu0--#@nZ9z5-aq!F=${?eW!@PmZU&hX~MpVQMXTbEHg z(i|pyJnt=HQs}*SD5X1&i57N_TN8`;u3oxv(;u*3KI0W!J z37_7OG79U4by55hueSfXHT7kd;L7_C2_cGm^tNAm@Zm-A?dfFz?W>@}){;%0)-H6~^xd#BQm_Jgm zM3dxYLJuC%eJsD2FZ$9A2>`bK8q}7Z_eiA+fB7Tb1OP<6SYlPK58woe(sIVYC3CaP zv`D=m0)TGTWRSc6aYrVsmsOf%cem)1ZSKG9q)g`SBn;~~$ipu)G>NK;v|PvEjj;i{ zg?8op7Ou?RVw!b?+)?m+<#KPXHl2sj(?FPEJp18fB_iqdviJF;sNzbNMb)OX%=CixhoAWwk7DFl;4dyL^=*$iw+EmF zUJEmw0I?hRtL=PeYTC!uV{wn>%9VVW{=AOpr;6@<;bBrX9)*=IowLI=(6Pns;qEr6 zy&VJHGqcw9*fi{rYoa*-Q@@4IGr6>oVh4|_E9Z#~Wk0h)#)jcq?WuHemp)6(iy@HO z?{SCC@yYkPlJ<}9u?o?MxC<_V-*9^3C|a8;=1X8)!SAYP#fvsQ$Jc8Lx%!riP*Q%1^l3W3C%~H2JDv)1 zXBI5+=8_75c9#8>l!SS|rYdvtV%tr5Zp6a7HPh0L-FVNDE%EmPP3XJ1UKc-rli*(o z_xfz@pZWF*s*!+i-#$ymFGYQ)+>i9m%~4l3R(3?nKkCFP8vuI3zzBli97ZyvCH}rD za*Ksy8Nf0`v&qY|KD_#i<{o;{!a%c;v+KzcY?DgC8i1LCp=roGj!rN01q+cA99$QV zZudq8HMkC~4XDU$=@(4ozG>|HeBi+C^c1hTnRYoAnFO)Q#-bCwgU;55AsQYDay$6B z7G#YmGcYJgp{2sX|2hKdKt~sKSpT4=IRTHs0>Y`xqaSqP53-k37QrXqnHX@e1UcH^ z7FcL|?6fTH)q*bj-DsDnUr0}lo8d(l9s!7&LR3`!tk?i+zo&>UcLmnIc_fXsk4gH< z+9xb&){JgG;72~d`35u8@(4F!&|NZ)&8WNXcP|B&UgX~pO3dkM#mqYJ=jrcl9CZGh-Yp zXA~mrV${Y(y-7ZsiVK>WhC$r;z|G>z8&3ZctN(DBn)yK;*{^Oui|i_Rkp|}yW|&h8 zC`J@VSSst87U7vW)jk4WsuswSiC+S|=AX&@AATV7oBIAr=8wP#H~&cGFUbYBh~0vG zADcA+;*k zu*X~&)}keNx3*snIW&jPnUo(Hbpe6YE@Zk@DeL zLqzbP0|y-Wi-9wmVquVF1>9F#7};-b%h;zaV=NvU?j|<_^F%j^N93ZxPPFgl7sMkLRu1CwEFL?To z*G-X^vFAr-DJ`#^cIGo~vi_q48>wZF-aUFy#8|_n)%7~F29Hkb9&b+zC84*?Jxp<@ zarOzHMp-*^cHb%Q%GomTV}XDZB;QOvvHkjF;W-+s?O)#*^oasV0~_zBr)=*DyMiml z4wTU`9SK2fs0hokeXqYRF%ELvrwyxoxX1t4{>G+9G#1G3r0kzgQF1tE&eo(<78_GY ziETigfwUVhNC`E81%`z+oiv#!m2{lA>&&q>$fbQKr`#nLEA0fh@h<7Ef;+h^V$X?m zxm5=gxb~oNOYj?(-3mt#DqP*x&A)F zg=87_DY%BH7FBvakG0Ws#!$-L|LFwZyr5abXR@0_csri+CMMYXSNeWi-$Dmk!j%t{ z2gMCsScQhsd&+zLQ`{K#Z2LKoX>oL7$lTIzq?tCX#2llNO>?M2GRGPDYw44@>!hpTDd68$aLa zV5W~ib|~%QVVpQbK`|4Imyt%wk36OKg_K_sK@&NVJkfVv=qC}@|7HT|WX^*$4*+~s zrzUWGs}Q+3lEXyWQs1~(q@4j?tT8T_*h^%kET2G0xoUcW(^`ToW9{xcC5xcYLw;Cp zhbmL7!|X(y5ipG+s#Jyi|1b;L_+W=<>^9&KsabHkC_8OTLp)U$JGj0xJm4)}o5{tS zHx(?~@o85N#Kl1mO`$H6?z>89B>Mz8`jKH-G{{~wtJwC}e&y-@U;+Lqk@(6Ih#9Rm zX~2^Sz7==XNL(g2e4|CXEX&npdONrFE-tQA&w`#J;aps4SRVm0%;nO6Vo(AA>2l&_3>$=~hrq`+HmMI6O!f-vVPeJ4i~VU*Mff_> zW5@cZ^4-p>X!VHzW|)SflSVw5Mp7`WhK00%t>SRGriR|_6~-BS_j_F5)@@_7T|&{6 z<^aG|pq0p}KxR6+mumn!#>z%FDGr3#oqw@gQ`?I#~r%_T(MD?;EI0GL;#!A1W!tJTIM%kkdH1!9tqCz}L3e8{9b>b+Ct2`|d?jD9xj#75cXwIX z!c`;aA91wIF961I7h;GuGBX%CI&U|JwmsL9ZhD3W|Iwt3XEHAoUVUs97Cudu8DPC{ zz*7qQ%C!C-E5!OHr7}l$x>efl+PJStaVC_sr;iF~*M(1j;^)NjZ$>F{wC=pf%N}!! z`^l^R|7oe#w)B`QhBz&e$4O24ed94)BY9!00ZJC z09-U>k>(H($zAPa0?z zei`1yvJKSD?zZSR|GhSYx6p!sJSq!d1}qoT7}IKMPZtzNjM474{l&^$XO6>GD#o&4 z%Q;rw^6+H{Yf+cQQYj29<^(Sd^aDwD)-hU?Fv7N0H%3!;!(l5Bfv;+Eq1yn;Apd-~ z(Suzj-HzCR?|>B;GKMA-WWe8$3LjI37UognTWD#C*Mq@=R1ib8%o9JP8D0d^QM-QS zsX8~RPdk+pMZSSoUkB&Z-5~0;@w(ski+S=K4Hq5xRfVM+o%+inga9rd=gwr5&emP} z1vdM^dpE$+aPM(6lH*bIZ6e&Aw27vU6oGtLJFPufV5`eH9LGoue(ofgnasf>PrJiW zj2Mn4OCTr{2Sz-Au`auc56)QOpc){`2@cEqF@|1@sx)2;&glav-guC;yFZK+l5*x* zQQWFe7*bz*0M6N=cGR zP8vMBAmgDC7S5n>@LU}@y9Ev*UdHhF44aE)1O|E6fBFlpvdFHHVy_-umUsJTTMMq9 z5`ILv>No^`+>lOoZS1adDi0T`jihCOYh8<%^GC;3&*pmCPb{%vyU)3~fmhN}wNWQp zn@%9rm7n(Zwy(4R*r+Nv9PpW)5g?zOjAni+(N~@7y*{n`vhknl2g(Zl?|1vw^$a|M z6m}_EcQ<9JA$d7ztPl4sn)P|*XEdAfMSEJD^#D`Y#p;ZbPRpX~G~CxQvYV2Et8D^U zFr`%i9uxrW=GP9fZ=1mG;N6`fJ*?QXh`zPbwzyX6vJlpTqf09&W|sjqpv&P>&#K)e z?=d$sKk|oqUc=30BJy%Ja1`!M+kU#J+kzF5ODTahKrE)*y;(CEEXuqr_v(B8;xLOENYZ3m*uUGWR zXaPZ?XbiOBX|}^izrf>Vo$kV{x7TLYW%MCM7`IEjbiUhuS#Pd%bL#X=K3_Fo-NXBz zF4vbh$T(EsWnk_Ge>PtP-jZICOXSr+m9)O?Wab52V!@L4G5>3;1OC0Bfp*t;7@ykz zyIO$5f4}@}P=QK(m9Wz`W7u3tEE>x-HpBfrW$PlX4TQ|&#}_Yy zfVIwL1}-b+nxl}5t14GDwBpR?et7f+^2`B0YtE{idhBHFqNlahX$y}hTmv`zS%+KT z&F(q6s~pBA{G-(%&?|6cK*a7i!RScslB^jiUS~f>ojC>7vvZvzDFvg_hR6>uC020G zoV)#y9IZm2-+{iJGoQm%=BGa0mzz=!YJW<4R=Olq4#1dwN;722k~{>p z2p@ea%L4Bk`4l??K`)Fz76~m(Vhbo_c-=5icHJ{Kle)4a!n6R`0`~2p#1_GvpwqlU&s*1a~k$l0>TrpbL$DN@Y5HLc$;hS zA2sndUzN3z=lP3T&35MS|1b^UB8}HBGdGAjy3ALNHknrrYWls$n@Y+Ze*AYjDuFtQ z$$!kJo_24G7tHRO^X3~9tt+^B{}j!$pan%C_S?bPy@d3iAVk%pE!4;k#D@=2G5LbeeGZ$s(9XYp|-^H!iqCg1An|1G@``k zwdC6XcG<2oQ!6-Ku06Vg%bh52y$GUs&@@mpY+rqig8-O!7WBN{L$?j&=v7?Gp97xm znUw}x1cUXJPE7Y2t09@6f^_SiIvE2R(W5eo$3Di6=9x))9QjeJkZ}9eUF0v&f(eiv z_9Vr$UjJk8j;_t6zFg1=oxTBh(`~~=dX6C{xb1+k|E8lzv>2I2vK!ao*c#3+pnATq zl0s42-B9|+sL#1u>Bbv3bf@qPC`6^`*v6uExKr-Jzxsy2j^#`)6Lf=FEI;`7cRM2z zZw#)q2LgJ7^0wzVhS6(4=u$d=SmdjmHJhpVZe|ZYO3U_p9k>eO!i!C+)s$BbS5{i_ zY7|#|&=T+;(f%zqrt~vr7QG6svjaVNQU#vq?l!4eWDk;{_NI- zeAfy>z*JC=F$Iech7|H*lp>6#CZduC%DO~|#k&a#_u*R{aZ`EIXWL}rV#sAs;L%P8 zVpzVOJo#Bu)lKH7Vg&O8fJkz>T>2mgig}1tAo?b&Z5cnm($#vOmio-yPt8|X`y>~t z2Y+d#FmllN)8lD>K9J4#$edRB#GilS*H3+&qf$ptM~Cr}cQPr2rR{NonJp{Yyr z;i-{I*>3~q$HzzA_TxIP#2ofSp65y~rc|(Y85AFfO5FL}YH1s)#MzgCzgcuukYac{ z)vVJTx$`PR`O;BS8^D=%Ont^h0_Bn_w*}2g*7np1=yP;?r0GMgJB6E7Mjn&PT73`Q zHg!3jmT&11!#%EDl8$r}pR>Gz_Pu-N$Ccden>kMs+^nO!k$>TtcW1;ltwF_k^~LKQ zNPd<)QPl5|8ApQ#dJ1~i2H5Be{hcm!!_F4uqfZsh*>H|edq7TRWCN?%B~%GY8{QJo zqtH6Ek>c-XgGL2R6)C6gIgr(OXlmLd9_iGIy(P!8jo_0VaZyjn+p~u1v?+NG-KD3r zi&%VE`KzP?jW})NKZyEFRaMwVBTx8RU5#V3h&B5?C?GSHsjK?Bil~3E8x1?M{?u7f?c^uhN zgjy8U5ARC7-?~$x8>Ky1bX6_0U+uwLLH$J39J+Rk$DDt=>Zj*ve2h+a7<<(A5C~U0 zyX(~j>O|E?9T~reKNs@cnRYTwKIIyS{SGUBCHm4h9EN3Bm8`4cmyE=ohhd&ab4T=y zw+}07fovG96_aCBHl8)4HfJs07UTCoMruD^=Ms;F_P2cRV35$mD4yaiYDbUD!m+)8=He&&`u| zg46pQw%xj|rW-#pnW1m&A@e#bErZtX>WlmL)Az_f9{nG`XWxqy-Yk>1*P-I|Ls~J+ zrJYz#y~NZ=gw6Iv#i8>s+&A@iFoZ6obX#QfDtSrT-p&1a?;acuqwSqie&G2U!byF$ zCR^b1&js8j&t~($);(vX5D30;GAwC+T{6*)nnoy|BVQE(Ff5y2aKU2vOJTe3tj}xy z@!Ef3Pt!Olj;|}v*dMXk3O}+;J4-08rh^#XM?#s#Md2tOMbO7|9KY%j1 zw`0HN3|nIn4X@KmwT9DDDwjg0FA2ftHd}}qu}wdpPBWI8$ua9lD{08q-0Oh!Y0$oJ zrAs|FL<8Y0dv}Hm8cuHPzOy>ws6J9-vy8mKb;~Bjv8vRa@lx_tmH-t08lYd$wArBh z>LTCm;MsoGfFDrgFC=yv<0Lkt+xgf|kP_T=mn?H&uCqtCW)XeL*GeM~QNg>xQM1xY zH1TMNMt9VDzW_qZI%1j5-4e1I?$&;X2Vu3*a$80c4p9ybl@bH-I|GS0*F^jOdI-^3 z+(}ckR84`EzHyXDd$3=p3I}C|?1iOkUVK)>$CyGQkX6z7wF!+^!ibIswu5M=&E$Oj z=C;kItp!f}e*T_s2rWEE;_W0v1U!nbVYX}5dzUnQ1-zP@JEanhL+FbCW=rBndWRyz z8a=UFOz06HZ_^NbvS!**j-}{!Kxai}Yrtx*P7H>s&|<^l`bG);EF#&jQ=!2xw6YwVl>F2{(AwnGJR@|c!pwf=DL6Mtx)=~4aJ8GceLLN zX?mtzxY@WWm#8j5H3X_^lg%FGN}6Y1gr@)r|LAxo|-oyH(z;#KwXI zYh=E2{{uN*i{?)~0cW;+z4n=Tnn|Qpc~?_EJc&5;)c<^_+7H-j3FOFE;)#J7QC2(# z@N3d4&G{IKYH55wxSS_AEMAzp_t&PMP%G6+{2>?crAB~8-~sh?aX0m0phPHy@-`>V`?{Ehki&r78ap`b3|fPyRWpCn*pH}Q0vWio?lU_5uZ_B+scGy^ddm-)iswO>!qI?j zV33R}APM+4nm-OO^)}2`G;te)lAYlqEq+BX%9+r=9ECd%Jv@h_(K*<%F1;}$s|^JM zu|Co9mlyPmw(cg-AWjEVuS))0y$W`E>@RovL%%pSAV&f8HmCu~<+t3n zYhFpyl*p%m97=v~ou4{TNFOf!-HOxeyH$3BouWJTZC1}N{hJ^Qe)rxk(0P#V3G27h zzGL!lTsTRO$u!yrk3aotWLP)-8w=NJ@0tK^BORSM?J&?w)PN9XdZ)7gGFw_3u5%$L zt{?@Qm#_2Te-m>V+%EH_MT&F}PJC7e561_jh&`)-L%#FhM2!EZ?legHY1*9B`ZwVq z`b|R&P;PW5n7&zo|FE^oK6&VxufWAhKmuW(JdNo>cY*73rW@Fj%m1$r5j`;P4a%n_EdIkCWdPlB1`kM$^n`)VQ-6O|t@?QxS^NLf593z--yc?p zes%GGQh-*V=js35od1=Z6PxEADxt-)^%4j8XLg`JWIfU475yDqUPcWzK`#QEBgYeW zCLfxXGO#F9S6cJ=4=;TH_=1KScws~0?er&}uCFYnJz^FYENJEtesexGhBhP^S1%A0 zo__#ltT`Caov@@?Ba+~8^E|qInhGO`QFM2G8T7^iDD{82nw=pD6oH!5arJ}tyRhB1 z153l(m#24$BN_@mIh&+OS9F1yex#J4f@Z_hbGn7%zx;vLCpLBlVIk0Cf*U9TfiJV6 zd$Ol&Dmr)vs30SMwac0zbPn|F3~jJ4I+*TFG=O1_;|6s!)xWCSZ^L}nC;wXyQ#1go zh&(1XsZVUG_w5;lV9V`GD=EE*@H&Q17uWkI`3x!dy_@fIXr&}q3D(3UE`0d3G*@Ei z-3`;7?Ik_}#YmD(s48Z<6B|BaMVlFT88h);v>Dx<9RT5a_yQDi1iB`~J_f*6^`vq& z27CazPy_A86==vr=tz9JGBW?sBXQn_bjvTsfn(SgAJAhj1CZ_TtJOLeKOe_$_pvD5 z>dw)nDJZqr+gWvd2PA->Lwg={$rtc?o9un4QXlk$eCBt%MVO9m&$cCACaaGx#i2SO zbhpGmTV1*nw?JCq=|)iXH3xi`&S>s4M`PQocP09}lREqgP^FOySL;@}$g;$qBpu*o zoB|R=$Gssafuvxk{qJP8K6!VevXSZ{#@L~~O^ zOzW+py*ZQlb=VNrLYQB2k5`vVc%3r3KWCZ|dCK*muHdjJBSpnA$`XmKCPcBK1Kw(% z_bjiy4cVm$+S-J$W=!~-rbP~6oNvt}SYH;*xvW2TJi@vU<6?wXX$T$MUi%Rm@LRg#VQmnkk#4~Z>Ax)P=Z^5>kS%UtSBC7p_bQh zlS!EJgD}(3ni0I27&)Wn91oXv4iiyy;TT(2d+DiMu$CE3n6{~^*W1Y&YU>5pgTSt`%{j8IMss+_$EvYmn~ zN2V0i%#Z`UT7BJ_W*xE#XYUw5QHK`B%p51G=O9=GI8~E97!Gk*_xbgkFS_NkAN1>4 zXNkW##&$PL^l~oX-)!8(0JtbGBK+K2L zSBYXq(bWfaweC}HN8cm|p225UA<4X{WobiMOAoduS~pi+B{WIk<%U_SSah17&o^u>NSnMHSUp$BMhGAm zzfib|_NAvws-Fu&tlA7Z{ro{w8(7<%lnc9?CoF&{u5%$yq;!FYqK=^QHuHr-ORo4` zolj#r!gU!xpC>AaQ%pTCW@;iN(@QR{wZmxT-^;(jeb#KE61{EWVcGdfb%L~hHwwM5 z+0Ck1P`hVdwAU?+cT<*+|ZNPOh~XS>Ky}G!`Na?mrk++39mtCuDGcmC?}tIQlu8P;`Ms zdg$VeWrp41#9cRgcc~sZ`*xC^uGt<>m1Ru=r5Y=3wgf+l>7A$wDk22^EH9M-#d=%p zPPPx&?i~{F$RjEO#ZR&)oZpERWt;Fa+3b)wRY%E2WLeZKo~j^>3ds^YUQobEUj~J= z9Q->~cV?9vU-xddi-*5C>iFC)b{nGGyDd#OqI7nxAGOxS^Z}AYsNB;6*MkPh>>-!2 zN>86Oybf2HNbu;(F(Ae0;I9{~qTB0s8O-~H=n6)wjq6P6jRc~-5K39UT0Zk(4z9u# z$v{X-3vHxrcyoYERcU}p>o!;a{JehNY|0@hH51l!FHlPMoMfxk`8(u0X+$;YUQMKD ztF*GIkHsnC=-^JGyixGICi5weWT1E*;%ZtLK>KrMa*(Q|?1)M_{u*|?%Hn3PZp%!{ zR*QHkpnpQCj)qRaJgYBpI~t3{PSOJV9eQo%oXQce=q#!tvzYiF~7Sv$WMqs_4L?O zzr}kkZg4+WV)$F2KivG>^yikM9fZ?#)%32b-ZI-IU|ccOP04PZf8lX(Qfte!+G@I_ z@MDzQ>n}(wyHtO$;dy(lRU1q=Coz{VwyCPIqQY2X9L=`2aVd?mR`2#s6s;BWTSA*< zy$EP!cr*{WseCqQ?tYG<=OLBHMBgh7+DcbWw%SFb=U@1&R_$n6w7cus%22{e1oK7A zt{1OTc2zT*P&6sj!j-jRR@YF99w>ZDwz?rS?ZHkwdpAtZAhb7hweJ2XfF5Lne=I$}`L?TH?Dff-ik%r-SQaO!#0&oa|;y_O8 zGe@fzky=F1PM&FGvm3h32VG&xju?AbrUy0tDiW|n3kuSH-Nt$g+@fXtJ)iu%3>M;G zp_psF9GjL(b*~gU*RMQ{l&)!b-v>HUd>MXyLhV6zx$)ehW}+b-9opd|ZLYxcU1_dl zxR{vx$f(oPV&Vi%U!_f#M%s%xZtys6YSRs7>!}?Wp{hD=YW2d1(w0XYm+%{VI59E} zH~wVKdC9Y{NSMDqM?A9}d)I)iDoa07e}uTHNqM*+k|hc;LhTJXShnuKCHNjsyEbfN()__ycFlNty5W?kLE3bi z!K-qA)ELZMXYAG!u8N=TP*n@d3}bC+Ic{>&oT<$zN?yXe)-ER$8(VIy#LcCdI-EPy z;jDjem4Oxf=JAZ$TaoWnL1yAB- zgNKy7GLX4D!#XCYMOT#`h)NRG#Qcx3&9d?Z>>Zm3nXc%VSzQUyt~X+<+*oon z{LRU?Hff>#+4>RSAj~8Z#8WpqUBU{Jd_pv|?oZC_mScAe z+3w^uD-KU|##kYZ+497EMx+ZKh>}MFPXbvQA*K#E%{pE@26di=9n`$9q~DkCjCit27sK>7nqCwf~EWD4yHqZG&DRksIOUWo^;gI%f!?M@jCU{$z0J7?=8>9|_!Zk<`GmfG@c#~jKk`eo{TF-lgid{F0*QdK|Jf{mM%4lSgVR-? zGllg9P`JGN0=!{E@!s5hi$w2m>OvEB&(dNawQ^?cth%)gyhXcaH|qY8`yP#oHTJh{ zkNGd)g`}qY&f83Q45?Jk5WHK3pWOPr5AgM4dn$yMK3=ik-``>FCZR?tYvQu7^*joD zwc~ay`-Ng>(7SK^v2{VcWI1P3Q14`zDy6&dZ2+YwT-LcG*0-ZD;pmx?vucHJJ+Zd+ z!&Op#E#YC{e@hf*`a{C)A{8?fW7vP+s^Hwmdtv44H03Ju>ME3Um z53}1N!1ZxJDyXcK+N$Er_U-OOuIExmA!)(YHD0N!3A?AD|_!wy+l) z+$1BFiKVzpn~X$_)Cg&~*pli>g{d~P`ul;Mjx}3QiIDrgwOeZLo=vd4Up4EjT~Zk^ zx!4A8#z(47zx`C!c0pk{DdhFeOT0|fkL#%>a_o^RpI+jgTR<$k{U;j+qSnf=4Ti6% zCN7krYA+ZO3LP;SxFU>^IAsJJcY=iu(;RrYF8>@0|5B|yH%$O-?)%`b*+)^Y?{5@s zR2qGN>-K2e-3a6Yr!r7688+FZUj0V7cOr5hkIi|_iAL|L!ozdLu9!vg9S=G6V}^_p zluHfu>eFw7BqJ4YS8>e;*4e7HYUm1NW_`S7?4L3Neqojn%+fQo@>b{d!0H5QcB#+4 z`c$Nb7%#S%xPDe8)#oW2#3W&#p5aCL>e+^xi8>)@#bT`4YZ3ZJwfV91Gf#Yna%C9F zo}@m9wV>uL&G+`FJa37iUZx3}-F3-kTs2W_PMkIYQ|&b+Ra3dR z)#@{vr1qrnl?C=qZj=Au{u=APxsFHDNuz7V3hD$02m$cyM7(?uw8nS5JwJSdl+f1Z zL+?0;7x{G8X6l=`tUG9zl&AQS=w0a?UNO`|g1kcXn#r*@Dw7u6`IRJEtRt24d@%QV z%^_VHRHt)T8xKR@N=75qHpAb$2w!dBU}J7cuT_G9Lt?=6Zm%9s>?7%q*%p=AD(Ofg zp|mb@ALJR0V#TD`2zuEye%E$t7He{VM%f-o=QzycR*{IZOxt)MKJU3Low)B?L>lYL zI#js%Jm-6j5v-&xlBBBU+VgK=MKwxFSF|m6_$YlrK@(EcPf`PA3sfS(SSn$@d*~Jq zf5(PZPHRC&qIMmPyAF)o`@%(7S_d_Xr9m@5y3q4NHz}9HxHS>3sFlc*-^@0(qMmptv%k) z_fZ336E!?M%UTP-k-0Nhz~x`3Hq(!jaPvLnJC{IqxKOm=VGTu&%11HVpETzNz*rs4 zVnq(!b>w(RCYE0hxw)Bolx(r;K*YsEz0@UKO1Pxe>-k;_IZl}bjFEb!%F)*MSA-yt z91UHSZXbNaK+Wwa^_6E9kD8p!IZk~8)T$5d3PR3mgu-oyDd3)2iV-QS)cTshMZUg6 zd`uII9}x8vW8PJcphMI;Q74u(_TZ7IRZeu7*OHiP*C~&gEOh2CT1}+wQq58r98L{i zANVn(X0_Zo(GIsNWQxwkI5sENVO}QiW@F?|h4+^>g^A}^JSrW{EB7nBVDmNW{(F~U zcu)M9A#v!e0c<$=3U~R~qeBHl2?*}hf<7mFlcDhmy4q8sBRMyyk!hx&s-fs5RFFN1 znll5f1g)_^!ztoRdTre`=iWX{wrNyfc&^UbJa1zF)Ckmv5?mEYSloR=?GoHyfGh@|ag@JK5DXQvX5#}|n zLNLGUbvO@&cU7tkOVMF0KM+WG#6>%#>SLb~vqYyXxfgawvMjAap}WBUNN+_KqDeOR7cZxX*PKWyy=bj96JW z8?{0v(N#~_pfk^K_EHE-U(So*Z9kkZC+TRj1q{M78_=EuISQ$m@ytiq`a)$l!CyS3 z8Sj45$gC+cXI)X6VuydxIK_231;ROy9Y z(jo+EC%lw@Zr-~3C`4T|B8>gE%@MgZt(hm2>_=WQ+gA6N;v>a7@@%amEqEMs0$0|D z@J5=U?%v*9jh4HZ zvQyLV^;TJfHh-TQafs=;?$QGJLoY*DK8!|FkrT)sZz)Kpa_$Y**%tn*s&ib6P(;`0 zvnr&|3z1vl6YZ7LB2JqZ2B1s!6SeYH1vZdQ{;SNI;GZE(6oZoA`vPRZIp6Ki)E6=8 zHxZQ4#~~eg5=&%hhPlwCA=&){&R5_(s(%=E}(-vJJ z+l74URP}2S&bGD9S>a1W(o){cc;C|aCtu8Ejf2>&Z(YmB!$1zMT)}P9Su|gEZ_@50 zHXf)SA-%pOK+>;o{x$5r@8I2E6Xl3K3gn!)S zDsH?hjrnN~ba4ciNS(cd8!K!S3n#a%ZN^Seuja9T1Vdp59Q~PPSpuie20ixqAR=U` zGHTf*CbjcHt(FYyV{i%l@*1u=vsb)lcN1Nzqs|D~hX{vJX(wa5q#hu-m@}MtahJ;b zH8s+8{I(E(pEBu(ClAcJ`6?wt%=$xaL(pV5@QNRGbV(^%gPkqji!hb1p6SzxNjNrE zOQ$wJ)7B^okIVG^Z`_Ts|R@_k4T5?YPeOh z%j0)v!Y^xV4_IeAsew{HvPlao-aN(lT7)S&l__OQQmsZON9N$8dP#AQSA%sUdJMKP z8YsC|$IDAgTbe|d{mAJqH&TP}nVOZA?5>5npaosn8|k`O6u!lG(X){{*`(~2uIIL~ zfq`qfSa(rsu~kZfXS{unPjiT1(L&G;iLsn!s(AG$@d4R2@W3FhkDlAL%ElU~Rc9xw zc}Dsu6{v-3Nsfh_>bacydi{G0ghxWt53k%rN&D5!4(0RjIAJ6Nx0DhxSfVD^OLlF$ z4Gr|&(vx9Ncvhpt6&<(BnP$`HtEuzu=O{hiP&aOAw%?z?(~<7;&)L1ya$45Op^e@; zrHs0d11-nKCBHtzy+xbnov-oaRDMt;#q4&*s2ri1f0B)$8q%kTLGh%*^LDFd>zt`K7H9&I9ZPKvrkjXeK zC(^Gi^;Y;yRMA5!P2tUe$Y=^z))e6C`#PBd^@qLVEZzI5mvW0wQ_A<%p|C4JKt5o9C+{< z1d@_8HxOr*IA`v*Q<{yq{=hN=>*wtM>k3op(mCGMTr8d=h8CLI}VgVElVnYO%bz$a-{7@3X+LQWT?P%a{ZM3s6TA)vd70eXcT zPcj`igb~1jF)oWL>p!Q-QR!UHWZRzrC){%6Mvn#l>>_EGmCkTYp}zZGNO+? zkCSx{0}@s(wodWG4IBu>h8uQfG%O}(&=?x@7ao@}oUw%qBvnp#=FsAchuYn>A0M`H zX?aA3=@N?%W>0Q}Q3ULb@lJzT{X>w%=zH*{1vm*2|LoD+QgfsvkyP(^P`S&z4xf@r z*GhS>VA+6pT;I}1ausB@kDan|C2ex4tC`6`SU06ynC&42dWTD!BmH37{v~$r_8bwo zU7w_5Y-^-MNRt>my`eC!DK&*sGOt)#nn)gpZB2yy$kKJ5y1^Dz2ph%{w9?|g^|qEFpQC^XO?esc@sij z3V*+_NfIgA3^7A5U6|jIJ^0jEt)ISz1av$1>guJbf!c6);D;^8qe~kyQrWW&nHQlb zu{i)qEaHNwB&w|nLEl(x351CiZvh|?7S!$ChkH=iXyrB!6?=RBEZKx|z01O#-$>bPiHAsm>@i ziiC1rXXDv^wC0NX!utUojn2)R+c>V8^Q|&KzoB`ZDomKFd7^csHs4jhB~lP|zH&>A zOnOjrI*sMYaN=?H(5x4tC_NOZ*N9rZ#j^>oXM57V`d$zGp$~s|Gh7MWAHnJ9nnIVL+4Kwq-$N7A}|H1cpy~;21dY=2apZmVA>v~`B z_jS=%T=@@!?|+_b^hrK4!~m&sR$(8#^!S&XxMM*Rj4Pf?SS1sAZdjdelY(D>SDlY? zMRMLcqc?}2J(QiOek2}$*s$kH)$oOsrpAz0yc-@uxtOW9#_&RMW}nED_>Ly6?Tnmb zM@W#PUu&6a$?I}54@!w4(u62w7rbn7_<<@w-?j3zDS2%21tI?w)$HivB~M5hNDGG7Ko++S$(&+j6za=j(T z8+JR)cuJofN<-7;l(NTRiir4dqkM7!>qY!Is+iv_(jk{ zPDlLyJ{TRcK{7|6|CmQaqO3)sGj@M7;9UTUQI&c|89v%w!T`EX<_f%^3-nl3WRWWt+$cn>@324zU}GEr?jVopx@- zj(QtZxSt*W9qHKiZHN%T2=}{rQ!wfF?KhieZ=1Eh77{THo-!*|HO~$vc1uyO& z4(hDbZ00aE#z(tT!w=dQ+4O{*VMV8vSze{{68{upcDIs9J4*yhe`EONq?-OdL0fMqEyM^n=Z5<)VC8)6&Rn*mXOB&~9>> zuAC@S3D;Zi*mrA6oR+U2y&=n(l#7P?k;+X5ecxQ~_H9z?Z!jCXvdZc0FzTGS^^bXU z;6^jzpm`BHudL|k+nD9tl*|!VAGykUuCFFKO=gp2e|SBP98^2_VMk-s5~3k07_(D( z89A3d={K@&0`dGyiI=?lIB&ROjmYAw>8Y6_dLi}`!qeGOl-JLaoMN$DJrg4 z8(?;(@s=!uVFN))uCzs01q74!-X|UfVOB-NejmWCSDdlR0Jy^TsQO)67se@GN@)zZ!+PVzGp*9c zlsTGjz^ElG3nq5hhdKPKK477H(}5`?9gES>wpgEAoQg1oM2XV7cdK3LeHV2sBbQ$m zUecjfnr8`Pyu&>Qb^yA*8SII=t!%aSalK=RQ-^)WzKpO+Gg-s1??1tE- zmzp)7lO%2154Wsj)R&yjVOZ(PAJhcZwzm&?J^iDc<0NvJ`r_#>8<_Pum+KP6BdqNU zqU+Kw)MYz?!Kk&MWDnhy+gPiD&CGcd^YB|6Fa#Nfl@i-XyqD|SBopnvQkz_O&{`;W z1X%rN%IVZOMKfJ0`8@+7WT0D*m#!7IV&4KImq=exIvf7$F97}r{_=(xmJ~hYc$j8( zvh>2UoU4hVZ zy=7}aGvdRfJjvzTm;nOKj>ttEZ_)nkd|p@K*6Reiq|4YbCK)&|}-vGsNEE zA+SO1g9zHzV$xq+%&Q~}G_F&LDU+uQ4{UD4$V#SW62OvOIZ#onKFM>`nK}9B&5MZl zHyuVp_rCyS?|r9OKNCMGcr~`UebpCR_i@cZ>+mO!Vs^=a(MyR}mFx6g)ZvW{0)j?Z zjE_@xQD%k9O7QQQt1o8GdznW#?4yf+h?@vA1vpX~ix(p)BZUe&2j2%@;qdEWgAqw~ z9h+I$WY@#_c_=up3+@@GW-yWzzxtPdVP~mcI8(x|-->|8HsATN>rC5iB*p6k;@o#m z!vzD-b(U6FoCUDq=KbajobYAIYV@ByQkx^b35ioCGBXLrBRiF8BksuUOtMm!68{ol zX5U|BMDhV!{i@k=68RJYBL|W^r(tjh1lXukyj-!1Cpi(nI{ftIW}yEo=;%cPsbVwq<*`k0ZD>b>xp0qAtNL*bKe=k`+Pq!sT)&V~`P`iA45 zZmWsbJ{r#FNUmcD{QQZXRcLuCQOgw}2;$ zlOKcxHte=VTb4#pdK48?zx4MPS)ZhO^?VGEj!ZgayeI@h#oLZr_F0;n_$X&w(DW`x zTBo5?3ls}-ugU+L%Et6Qv_~{F)0C;!9-bra{Ll_L^jzxLv?a3_*dr%-VQ_gS=j(cS z_KJ|(C0BUqRqs$MoSuX9hRfnGCSs;O#SW=4eAgSZv=D^p%sjy20NS=b>F}$M%V9wJf4LLGrS?byIAV@C~54ya=Ld*gTCA@ z@qSP1;dWmU#bM>|f|r_RQ!mA4%S%A9EXH*?s(#DEP&wE0QYq3>Xg55~+khBA+UB?Z zFcS1`gzyW1zdIcuTak?%wZt8aTA9h14;GzVdj;c&{2j-V%belK8A*KK2fkDF1WJ1+ zI10i~bc1G{B`>UigwH3eRpDl4pt@}DN48k>dyQR;pC%(Kmtb%SiEcwbY~LPVTp8YU zD(Q@>C5&3KxKf6*lNhFB5ucNMokzQ&Z7miwq++B=#mX)#hz26@HCc_I+Cpr4;8zED z>d5t>c>#`Rg^Yv^VBi#1P)m_EsVhcl;YQCV-YR+Dm{iZoH@=t-z6r8@)*nqOpHCSv zS2PQsno8Ol&~9!aMy)&gflL;6W@;=za1;)Pp7oZn@#QDGB4_s3=~Rp&D#p4kow>tI zrqqfR3pN);od0`pm%h^RVmCM3~U=3MvUU8PZ}Maf(~ z>h*_88`{)}R5N)p*mV7|sK`Y*cYRmbnY@o-(G0kWaV&{N@FD2C2v-JPPwFp6^0%Z7 z4RJi4xS?q~uEA$2x6)#a8u-9<^pcQK%YM0Kiz+#6Wm-c1yzzEb1(dYm2}qal&j12+ zK1&SNpZhSV^ReZ(_PUI@ytOY|7e?cjUMiEQd=ar8UGdJ$vUII%XFQ$%rb7*$^c0-O zuuSB?&)J@E>_)7$dhG8t7^6y4W0lYfF=pFAy;E~8S_=Tlir&vgw63>S(dpj{so&?p z;W4|pP~B%Pe7bNtZ_p{iH_YL@GW)0=4&$J|++d;@@x8B??bB8v{cv-8`Nn~Md}Q#Q zVDCcxeu(Iaq8@K-b^x{g&ZxySUduPu2=8Y}yXpzp#~KSDWo;Bj zW#X?^Z29qIo+{wlHp*)uC1D!apr^zJ*LCLII|73Z^=gc*i_#_AcgXn4$1dAdc3G*% zSK~2XxHU7m;u!hqMQHpp6}G<-s!@~?>{zb&76p&#I6_<(2{#Khsh9#f!{G{(k2Cj= zei;1ylrj&zG$w}yfTMPOOPv_n3g#7Fe29arj0!UiyCI>h+#qQ)q7T#doQ0<~lhvgh z-Y#E36Hx^WD+;c!@i~yHh_Th*=+&mFSN+TiiCQ{B$B2CSZuG;gK}C?AY@2TvaIqJI z7P09o9UJcM%mVr5qlgroe6#O6Q3eQyOmhrvA3(G7gWy6t3VHq{lzQ!#-WVI>)S)#x9h9~RPsk_lt4)&BV3LE&7QEada- zjxy({NMcU5S!!*L0K=Ki4+Lz4EU2&YiP^2S&};zWXBya%bC^#7?DXH5v||kWefubj z<{AXDB337~>0yI%0}QWQI<{pXhGt`>$HgKqr;SaQn}+FZ|6_i(aN=-cAzimat9?lP z@RN9E|MR1hJ(`L~wC|0%QpYwkuk(a`z1~}L4u0x>{-m)RE`!ZqcwOB(+c&Xk(1zS_+if!?sWyeaZq0-GAU~iOBrkq zz|AVC@GG}+hpn0;@!g()+ZEJ7UG>j~aTDK3MosAM#qwNIJw7U!xD;ciTq?O=l$=-b znAU68@xF~%pTh*IUyn*8wsgnjFm0fc_GO2AFv6;eD>Liib{kF2?X^c4MAeRs)J15r z>nFnW*`*Edf<5W-`^o!^jnDn`g799M#ULOSd4&RxlPU%OHN*Sl zoB8GrmsFDn5o{=)rl9=$%?L~8?Y?n8hfN4z;Y*JU!fwaG*CjHJtVi6IV)ey037&x6%wMZ2{B zjThi=c#O-M+QGYL+BG%%q?J9kb<5ICI)ZtoWcJW^{9yf!7GK-|t+t!}XvC^0Yahsb))Q*nvU;)3Dp9z8PNRXFIl4uW6K1oKWYb;l6CO&0QaoR3#j1*8tH{k{h*^*Tq zZ!k4h0Kf%{`}pPmmJI|R8}qM>kwLbba)R75kwO0JHOdt|+1_+KvZoHyD5sFU9!qmOj^}ju;?>@W&I^ zk#w{ZAZYY~PS=%BM+J`v9!B6G%HUymYEErCjVO7=(wgKmzO6eS}Np zzUu#H8XcNaogL-Ho(n!^wbcJaZOHS8XSmE@nWo zodQiZV!4EqcwEEW_oMjfC>jygCv{v0y-%mu%~_q%w{(;ETZIi2Xh!?+bXgu-!~=2E zhJPuA?hS@Gy@anEVJB5E<=-Ic(iU`+Kr5K`huo12j89lZBk<1ZWMdy*$s*_u15#%= zVfSXx!F@3HLy!RToeLHuBWf*zr()T~CUTv@y0|$>-JNrt4jR;Mr-K*Lv-Z&3=sMHq zFviHykJlxv9#UTSXq9U<@*?qmz-l~@L?e0u*{9X%n{5aH4i_H+7FGx=FHV_NZ1cr4 zKE$>i!lrFo-e1OCwG?nT_CQ1S#8~nHj@P)PJf;|A8U+&#;{d0mNRs~ULQFDfzRUJC zyMtUd?~2)J1WUpD_~9J=0P!EA4AViQtn~RPifojtW(ffPISYH+X4WFBy%Ib6(H8g_ z9i`gmIP8mdoxEi6EGtVI@-GybH4^L|4MM|!uqbK~yLLqzq`eNd;OR`u1*!W*Dp^w+ zrZH)Xf@0FU%cR)M0eU^3PTxzl5iq`^yGd$%Cbvq*}vRm$TBH>ojN^8b!v?> zke&4)4R$U9GSIyMkbBt{YcxQFlC&u`9@;*og}EFgWI?!h{lVJDY{JXhj%N1MMl&s= z1re2JFZY~Co_5sKk2!;%E)hM-Tf@mE;-*%>oYmws1z59;&goHvZ$hJ}rsTaI-3~@( z`5kudZ`0z0*jLpbo)N>yk>Rt@Nf&!Ap<|w@D#cDX-6SgI1)68Q!t#T}tFnp-(ZRRc zOJnXSPcS(U(kTdNp`Jdqz25yV-77&<{deUadRW9FLzh;2mR3y%m8em=j7TLlmJu5* zlAZ$A03dmlFao!}2T2@K;X3`*X*oka;{|loMBC>POO{DqJT_^a5el2TT~?O7rw)nH z@}#2X{MSP72sN)2;Mrn1y1WzY2%YZf+B^1%%nyJN^%S-CRnonnnN=HPVKikkY9`_% zsLwh_pyJ$P0zs-gijxf|lT z0Vngx%bm{GhC=rPr~pWm-EF~#9oR(L)$6t!#c&)1!1c~49|J~*?w{tvZCHGT7k71A zYr|i;?pzU3$$)XpCMibJwy<`7EpPW2`Pz8~d1~{B8)OXe{Z-Xh6;#m&dh;f?2Fck;T5c$~wz zMVBAu*cElQEU~h+rh|R*>W#QN7Wyu_&44)BvsNaKeL!8Um|~~4%@f3T^9{l5MSxw% z1&+tF@wBz);d#Z(QKQQZs?nprGxs#TM-4YzpKBl3IF4>LIOnAsJ)w=?=vk|Cv@rek zx~7M;QN^Ob0c_QoR7jLW@rlbfE-K7?aZR@=UO*b+{fDCg{Fg1K!ap@8ZE@a3I9Rqf z+wxO~U4z|L(L*7!5JbVjq(oP1fwCTx|y1JC>uaM3?w9N_^ z0)6H>cH7spK(k%=i0PtN1|#h-&yc}>7dZ+pwPhN!|2?9C9OVskA$p-@&@XqPEfXbZ z2j2W1HvMTtCO-3Q)U(yB+2D=nH`cMOfJxL9p&Vt7#4csG{re{iqG`hkJ$?(UsZ_Su zV$ALQCS5y*s;*sY4(C4rExhYHDnD0 zOl*j{Kg33q=zaaI)2A1X0nFo_qe+HC>jD2 zIG4N>%W*IXu^yIUeU&a~5#9`Qa?|U(xA0&pc>Z`!7pm@-(UAU{`T(P!;~I= zooXmfFr9{a&_VON;p!%`ZFzA?H|plhVNcKsp&GStC7iomA!@MyubIKeLoIpwy7ay8 z>60C)= zfX;e-p8mQjbxzyd`O9fQkB2o%Q)lavlYUtKvb*Ah5H^I{Cg&y7d~rS_KBGS4+#_*9 z>^T>mVRv23%)u&-t#n-Cu77?VK{iUi9*w?~##nFyw6WO(@6#2$sA6iiDs0ZG;b-a6 zCqhJj+zJ3z-p3a4w9%-)0QrpUe|o0;L7Wg1H~?zhz4pCtdj45Mu)!G$n}c}F&GPyW z0OrVI#%~x8MlEL9on3$2quIM6BN9Anxp;~hg`lqVm49QzPxGvbkM)mSc%&2sMW>)< z<&FW75+Bp{Gom#4pwyv4*!t_uE?}~k9g0KtITNM)wmh;EM@Ju#+KCvEc zp(2g!`n=`o@_rUokFg%C&&bNqoH4o|OXXzm$K1+Km;SnJ&_P<5C%mmE@#$3R2cc3Z zvwwr>R{=En2$SZIpFa>iDyJH*b(IPoo4hME%kC#qO?8qPEA(kYR)sOLNwg`lwoo^< zjVA(AruzXNtpJE^@@qgzx>=6#DgHXQtufb7xrU@v)H(iGu9*Dp5Ue>S_%Vs?6Z5T4 z8rrw?xR`unR{CcbRktpC^Ho&TeQrwv9JyY*UTrFdj8%Mvjm)ot;h8PSjXOKyXJ^b! zA=*Y;6tF!@9)JOfC*H>kaPDNTn$e1BpCFsX`mL1Q0h{J0FvNM^FSQy_wO zW%tgnyH2~W(Vq(=>h=m=Atl4L(p_AC$%viX(a8N~()juus?1^fCZUX?wQ)#Vsh*{G zvhX;$6zq(rZP*enS0} zLAF41Mkg5$Gmb>iqQTl_pD9deQC+Ib)t{M1reop$xS>Qzd?wP}^ZX zziroZc6Vf#y}d)P;(+ir!4??hMAzRlBx{FOj~OUT(bXk5ggBOzTb9zX^UN1l`WuUAq4KH~Bs1nwGuPZxIpWBmmG_Zr3ssw5-rh`%O}H6q#+Gft{3|lpgn01##V?*E8!0d}|Ph$a(k$P_C{D2blmoo85fX z%m)*XvJQ)i1w_J@BibCWP+c);Vvnb$W^Eamw^pyd@JmR{zEZ`WI(KuPWzv_i`9e-P zG@6j~xkRquFRced_69H21KiT<%Lc30z4j^XPVx=id8N=%d%v02Z2j~i{7;T{FQ$;p z;!sM^I8J!MC8)@IXi%4`o_2cGxv)x3#qK1Dvfs7E6Ryh{fznvJLJ}$0O;$nF-P(Qg za6#Ll`ImJtZDf6{|1L!^-&T4lZ3)a(=PPT)l>GPAh`FUSuw#c?KMY^LLvG}b#j&{$ z2#6H0pb!z0H>wP1%3QyEL?VpQqQeyK zaKNMuJFx>H$Ncmyh z@yQ_;$hYPT*x#9s1JZpV*x|cS{Bj^n2GlivqG7t!mD=ubGj*ft$2mf?`TBad`dVJ; z+{pU`Y-+QElh_|(FPAdXBk#9LeXi&`9_O+mjWQWLXd`H&rY(!BD3kZXNI}@$dBWn7 z3gp}3SH!St&~o>-*Mhc&XTg(*)i1ODYwe9WgBQU3NCLGNI4Cte zLQil#VJ$Q2%$+5dcLcf1OukE&dsTf$o0!+UWrn|$Xm!fVpJoc67(1r`=tf;=d-V}x zR+#;nc=Y4%hH9Rxlk8CGyLY#m50uq)YgJZMV;iEc7_){^=Bn+V} z0Uv#mrZyy#xCYn?^Wfi#_BBw3BgMf<{DH;!Ad8LB84r70BgJV$D1n~~=F6+}=8WC1 zl#TA)`EBSGm7US?iIt^?)9NM|<8qE=Je+=lPhaIrrh z&FTCIziph{D{eWoZMLSjK4O$DmQ%AQA|Ks)^JER^Pzg%lpJ}!!44qc5JeZYE;D7iG zH@GlrWiHQXo}AtHJVhfr&c&y#933Xu-QEPJL3OL)`*BMF6NA`utZ2|RM^{NbVmO+*-C&3 zV&O3@>B0ADg!!!;ciOF%Q0%9>3ju>RcCUF#R8ASB+|85xRn%h`YXfRT-1}3$rF{3V z+6QLcQT=!AKZQ7LaMB?kce! zcudtthP!pDC(4|u^OC2BQEl~P(z2xGR$>=-rkB%}KBf->&mEW1Q2yv$Fd2(Rrw#3r z_t%#R`D{!^t96O|FxcgS{tadl`>R9*9LuMOL?<@xT;_S|H5}c8rq*h^v z(URVLYcqi(1k;o6EhU0kLD7#QxjWWYkzWlyw+9!GU?UI7R*J{kk>oe26Ehtl? zu$yhWl8nz~aZ0zladNk!W@!t2FBPJPt@ByPzxTn>Ke=GHVkJ;Jbs^ukc_t*8Fp5?Z zEi^Md-IxK@S-f^xt_rd2uN)<|ea;z9EurQP|rkPKc*fC>LIXNij1ynt-dW!oz3WW zH41X_-nRZheS)^uVxcr>e?f~pH7spP!nnsZio4x^zRB`rD>&Bv5IT06b)TUeiwaUp zX4Bu+#&r+c3@?gBk#X(o3SJbkEOY=Dr43cCFR|gYMqq|)86$$MSGZ*Vg_%mu=kPeB zH)W8&aV04v2n|LIn_QGn|I3Z_vVCN^%@4eXabaakLQL}V-}NOQ#E=+E0?={aoB^}g zbeJsXdqJA=4y*Xl(#*FZ#~M*7EBl}#83ne~sh{wh8Ds%JWswaC#PbHLD%C6y^KqCV z^l69H2wEH3#408w0AIH5jyP05n}tW~-6dPw!oRSdsh_lsuuy9B7`{a1xM4i5LFS5d zPPRVlHXQYPS@7PV4-~Uioxq=Er%AuDO;E47vr-y=H@k_0_!20U)|;1oKX~#QYaqdL z01O7J;a$gG^w^} zvNyUSD4F}OB-eqGKWvSik3)*o`MUt+jAz&Rj%~d5s(#^GWuB0=AwU0mb)QIsR%M!0 z+QY>5H#0$`CVa}!m<3G2583oaf|D3Q0+sV=DQhuAWypv8DVE z&Fhk?lmjUpmPwtV1Dk%-<8^#KcSR0hN|!$@(gre3#SoBicpv)?=tKCB`5_Jg3DGe~vaLmJSM9(u-^h->_5W(Q}eCGna^;xnyPFLOBtzju@65YTytqC1^O z_mlate}UZKqH6)k>$!E!8Z9zVi3*hLc>r2hju!=9s`2~Ak? zJpZ6tG5fP=z54lxPLJhrhgoS&Pe_SzGL3XfnS@hXP-!O@j2$>?@~><#^f$NhR;e2= zu5;fGhUXY7^Qr(>>`?vnGbzrB<-6YGSaU$6!=n^+tuN+1GN=cHg3Y)p*ITkp>BGko ztys$hG{=(+`vw~O@(WzNGAo{+Ldov}p9whRYq(ilm3}GgPs6+8V{XGlohm{b$<$vq z`|Tvp*_Yk{UZ!&LJIHkz_t7P5WyVpkZ@;Q1(w8)k3E>EVQoR-#dXbg9@Kue?AFmw! zNc}fyAT<$;J3hoNnFA<47L>P^*Y)!CoZIZh{dV8l4J!m6zW>Rq`rp$@iEIXW!%$6c zZnR&ipVcQ@O>KqG`%?t{U*B>s$gkO*JnU_W*v9|4vttME6_?jEJ18NJ>Ux>h`=~Rd zrzaKL-qm<4O)3HQNB0_frS6DX!7AWn5z;sP?0jG+6FbOshr(lQA(V0D5t?JC0PmkX}T;?|18@o6@BW+%VO z-mKs&v#pk3qyeKfzoG9N?{ihU5HU8Bvj(ejAcsxqlg}S$sLYl^* z8U7gR&g@5T3V6`N*Z3Wj-ZrWvw0QDqX)k&K{JIrLw(qyU^ zF2bVxc9HnS05O`9#*HuS2?QYfb>!QY`9%=TuX6VAexm|fWaM(k1^Cb34FiOWj<%~K zifpxC|684xbsKuxIB?#_O5<0R1w(c;O6PTzXGV+_-u^ys1ie+_bWGgnmB6c zEk?9ZQf2}=f@k$Y$Gzq~k3svauAM*4#R|0>15gFH?3HlGhR%stE8hO_!1OjOAox|{ zvV1z=9VR=6d@s}Td0M^BYtZz~3z={0lDo}lZy!Y|PiA8(H^SJDvW_TbGjxCt#fU6F zbOfva0mR!rwkO4|hB(NPfQI&DnDx=LA}XNx%fh`@uTgpPT+ZGypoD>b(En-h?PvrN z?3UF-mXIp9F77u~Z(DMVg`DlKhIEWBv=k|xUw{T%uD(8GWOR0)=ZOj(`)Z`bJ5OYR z+O7J1%mB1hl&5r;Oe$Y6diyVh_c>C0wlDSVX49=Mw01dh{lzVp7gib;yp?aX?hBrE zM~tD}Xh%W*mENJ)F=+COllr3q4QI-#OV|D(uBm;}aD+&R`x&dA&S;wf4bvVcaZa z3_n_SxQwEC?+Yz&0{KMH`+5HGAQ3JQppnLuvB03I=%&uWvL z=zBYVVa_+1yVusy*JfO%K~$vgxzMwLp&!fVpT79{|IVqyZ&e|c8V}aMdcQjjdS>;d zvbqBvSRYqBVDf*Ct^iHv%B7>v*?jc)(BK(p{?hNT)*OY)qvRc7kge!m#7RbtK#h@ z0Q}K={d0%?o9R-k=YG;2RV9m^K^T|evxmgt8$F`PhX6zGY_q(6hao{W|L8y!resHx zvU{IgKn`|k4M*rUZ4Y;~?vHpnsy7Kpz0?rWo*^lkZIuu`3*f@9i*?Vh8o`(XdOJ@zH?2 z%cOHLI2XbpH~8oR`@0}og#RtXtg*fbWDqL#K3p%bW=>riz86Xb-uZ=VKVPnV4zEX& z(;c0gC8%!pKb=sJi*NR`|!sB zzcl}~iXvv}QrZQOR7-T^a-kP+Va#yx+M|3wh>*Xn7-SxKn%Yg&xwl)!-QwAlk`d|^ z^rW@wWB6;Y?ev3XOU_e3jsX>~Ju{7#EZ%-G&hKFEMdeL3rs6mu#B#OMdiY~QXzd)x zmjU-W15C6c(Q^{1wJ5VVaAj?M+OlLMw-mu+_W_iWc(@T-oy<|c5xP}Wvs2;vw?A1m z<>0nmiD=Vw#Kq#>_Yric^!%B>Lx%yc@fqfH#J(KkEL?Avm;`mA^4~6XTEax#?IfSV zuZ(p+;chphcg}$A(!3Y<*nR`$)qpgo9A=OkOuT0I2SWWePHKM6;O_iI1PzQts?;k$ z`{*wv1u6ytAJVt`88nJ}AZ%JWm`37&@xO3!oOC140Se3ap3zyx-YofD_1Qb`gA;NF zj>sKwn{26b*!Cww6Vr-Ag06TsP=7>=J$M)(&HG6n!j02eHM?y=HfOY1<0DD6I zH2hjzK6xjRt6Ry>yrwDrzM!(Kj%`nNd3a8lw~@ADZ5@;u9&1KjnEm3Fkne+!dL>C| z`#5;d5$E9$pDp-T${Q;oCcX9sA}U}0o@fqD6uDjPxQ_Pp53gNsbbBr)9AU9y%)GlR z1!~BiCj2xH`ot=5i5`6;Xv9?2*K!p3PPY*FTGy-}J(5!~FxJEs=y-iOU)c1H~b^2*auJj>i?>o@8eel-(za!GSgGvjh$T@Ngzo-rZ@)x6OZ#3Qx zWgKwzv6+gH0FV)N9K!Q3-#x^Lp1TjGQb8OoJO7KUctDO9RI~N4`8g zcY6izzoB_Iv!#96S(CtlPcrZtjy4Zgxlv}uhVIx!(QiOy-9;z?z$hJa#MF(qzLrT7K*8!+lk&?JP~Zz~bayrS-#Ws;sQ=ML7u5|&27sNp8y&&y35r-=;>^!6?vI<` zoqBhdh3gojKyr#`{?$^47;Csg26!D)XDP|zm0K;JrO&HB7^++tPF_Zj=6_Bd*#I}R z%wOu2LtO$fSh(5l@tYu8FCqZn#kJ!_O7tmg!EHvtk^Pf51UdsSZQ#zl2IU#c+ahf4 z6Y+B+oIXw|FGcFYhRZz7qg2yNx>xmeFO69dT0|aoGVN#^gWossJKNoAJUiyxAazlI z%=!S-qI!3OvdGUBuU3{(Y}Oq84^+({_J38KkDpIIJ9gb#0LSpMT7M=8dme+FE7phH zd^6B53|xngUmYj!Ck{Q7_`j8zzt#kiaj@)Q5bK^_7PMR#Iwu5y14{87Ge#oSQAuR5Q> z1sLu3WbC9oLa3ekzeTNEFZ|D-UScDuT!td<)Z-)|F{hv-3&4kUpnbW4xQ`WgQaXJ! zVT@VG012kM$;=2e3{xyRH7to?hE#)U(U1!g3it9=&J3Tl57ItyboZ8%T$c&bsWb#8iPgsUGQ+ow zLQH?uu2=i}=-c1dDQ+ii@8*YG!p%k3vu`tM8_l|=06!FsjKCO0|ku z=1GN?BGi7-qf(ah`xiNGjI{weo}yw=C~co0Am9wgoi#NwBk3JKKVs_i!x|BUopasT zeG|e50xe!fVP!MHki^}0K_le?&&BxCUPw5b@I`~=+!`|DA#?SgcG!aY@Styae-^_% z?08^s{5H8%z#ug^GW?U(Kn5uI+YJTZEyjjIZw_T|KEa~Tr+2X4>D($P9wj04JnKT= zlLbS2;U#U7>YdAp)W_viLERfJTGVW6#kd@}b+Wfu7-0h2^Vp3O|WQE~tS2lze^mJ@{qWt8Ol-X?=eM!@^WP z_p6CPVz&4IFV{j3Gx*ac?JR~M!Y|-)@7qZ0rM|0eX}bMHaWaeqBc#0douWFkgGMck zUxUly1>+&$;<&|o^jA-x1Ng4sk~Rh}#JE^x0Pz7_MG}m`gNv_J;^=S8lm9O_>200q Zfb^vJsD8<18DTug1ZrkjXK?4q{{hl7Az@1E=UnHy_TJY%V)S&>9uPASdyeE34ZVJc2q42)_ z!CiD@^~b@v`J@3;H1xOn-FCOh`&mF^?%qv$FYe@c+JcB8uPs@27}zk_?Lf{SaIu_(Jpl z_!Qmp|1SQ26ZU@zk|8#Q^M2io(~g@f#_e!?(iwH3(1Wg!Eq9^A>D))EvlO5`S0)*UFHc+yU%{x^i&;?nH z!#T<7yf$735?H+_9WQL8xtQ3H%j;9PK6o;(nv`~Py?4XXzXqAw~8gDedhXOAvAZZ0NIr=N|H_K92ZoG2eD!R$lEQpnTU(#Q$2 z?#EqaFP&$*EZ0#We~`aG`j>AAPcMYC<+tou?wS3}{Sa$Mp~%q|exFJO27}qpv0oRb zJ?RuxmGl-UR?W}8WQ#3+p~w$SRy=`W0gBT`ouSN}ala?S?Ap0480yqgSpy%UV__K2xG~<-un+5NMlLn+WOi zmd!tf2!yLA@Acd;i5stIMiB3~MjPb{ia)i{d&euBk-u9{p0rUYDNN;Zk;}I!o^YzD zWaOG@hk8Vi6({d)4h*tm zRX%Srwr5>3(YM`{-t)TWV133bK2`L!o- zn3!|OGs1F)Jh5lf@~IX!49Q8VIqo_S!8IacT(Bv+2rA+~^=#1>>ifd9|FmGjtp3_~ zjf(5gCQx1u~mPz*qZZ$Sf!n!po%2?1MUNNttZk0!m9_o{AySxlGGjD_+N>M z7Qx(u#~IjKj*eycPKJ=DC7U%7yn4!=H~#JjhnL6+#=@}$F(#dbpCw^q7XNPq{*&x| z+)gHUG6H@0LK8iNB#R!Ien>Z2%N{897OatHJY>eDOm!HL(3(nmQBA{*@*<}K{r#vR z(r05xK6G@i>kx}Nx;O5hwDSNLoEzla@b39n-P?d(Q<7DWN9taIMLF$+vY+(3bTmgqvk($#{A@W{#?7ZjLuXgX(V#a(n$v{`e!jh#Bca;*-fS z(pvlgo%NL9D7PiJyxj=y2;m4(yXZR8x_9CI#8&mTk5VP&LN+F^T^+P6wL6*?UmPev-r%3l4J^ zCVvUC-@v8m%Y7c4kt{%gPZ4oxawL`f{I+NjI3zj8#uvtFh;L+DAQWEQRq2G-+x)wu z+07v#UZ5t$&^N?ZyeVb#d(_>!ZRmVKHJw~PD-jb!kqx(Zi`gN-{^Aw=LUn!@D~2V* zr1s#y=hJce0XNo{4rk@ws79ma*OI_r^rCo4!7|&jRISem`*H zuWgmvS0YFAF_hhS-Apf0M5rfV?O1VcxutVY-`wrZ5=*72#a?SK0u3&Juv79RzkUP{ zhrP|YB#3_b&1f`}?>^EDhXGf4UVhZ|Ve+EsuL{gXC38^3Z&M~mEfBk|g@zW8OYE-^ ztK!v+2evGIDFxkx^P{s7GvR4fPsYrONr?S|-PcKj6H!>y&w7k3tmFgT1MOfP#^7r@ z(oZ(j2kp$}G)WEch#RS})z;<9mCH3Vr4jW-#p~*i0bhphW^w3ylxoxV*2nLpOtXSa zsemZ3B_I7@um|(N4UOl?=B2n#{`@0h5T5RRM62*CMWpkUi0`Bm!71lgZKS zz7*=Bn)W>cfqvQj!f;h6HmWdolqzsWbL)| zGKIslDN#@IkJlAjNy3TL!U0SL=!|&$QASj(j zjEe?wuie$m)h^EhC(vk`58YoP`!BBJEN-Q(R@q&>E`)~a-c|*4rEsCWJE@}v*yG*Be#_?txD?tau9(;r@~ zd-7pHhyhLXbP$QC5<$V1s}9=)X~(xq!9EX;=5Ny?pmbU>u1$i_@-xqeK{%Cl)2uOU zn37l8N(|krecHrCe`iWw(ApJX-ugb>Z@2w3)^@rm!(3u2YIqn`1Pgr=40V;Y%M|g_dG*jUM)rsSI%p`R@xvTz z7AM=WnIr}j6&=W12Qts0YR@_wMiM!GH!CyC{AjdO6-L7tYD`Z=-;usB^_3QBs%Bu@ zn5ccm_d8A4MfynEYLR z&JKoeHcV#tw>@srckEkb#a)gb{6J~dy+=8$Q3My-1v0w(RskL~4Nge`&=eSqoA3Zv z1A2hV%!wdtNgP_A8$3y)*5BW3OnHPAFiP`7oPsy+Q$A!p9zV{yHxYpyzf)a=jX)sy zrGLO(Ix?Hx11B;ckp(Z~r-lZtHBxObOT9y&>+&JcNZ~HF%^3l09EwKub&WahmH49! z8za5=QhMsfmdT3orH;$Nj;#5`vlGoUZQcUd9)&g+2q}Hpi~KIq^OPzhm2vkmC}S7# z0L=af^l@wJaKx{@cGhRwaw4EJfFj#iHHJUG9@S_QIYNW+kMGW5RCi# z!$VdigR1J~$Q<-BY>GrX1`>e>i3vV`qd4B1gc8#=_)bP!2pM2SXa4-{=u8l;@Umu+ z9Hqi8puhvyf8Ko=ry?uh4P@Fb5ASxt$x@a-HnOM;gAg=;v}C?vN2lEHh_C7WE1ue z@0zgH_`lFB$CpHxSCi9P#S_KhOO(s8i|~;fZpbNYZFio|At}K%Iq$yO{FoV1&BBbrUv5|ojBc5jJNm=T#I+$8vn1Nr`fy7W)shmt~!xhBn%i1yH+YW363Y! z$NMe%QctI^c!d`nqLgeT3Ir}~nD8nYl#OE_hTI8gj4s~=F;w${k?WO$0@ifJ?9`uZ&!<5z49FZ!HjM_0d z`Reor-}Fi?P?6;-G!G*3)0VQWhDSC8!E4_mCh4*Ql7tiP-99#wk*%*c5ADSFn2sjC z^3@a`a#q=(z==+$Hxh)MiVT3!+*MWo`rMd`^6EMc?e$#sx$Jrj^_`NK54ZPL&raJE z+Z$DWkf%q>_@C&Z z?lVGHf_E|dly2+@U`YC2=4^S$D(b!#b4KRHE|1<8^Q?Qh~$2Wfo&H8EOuZ2 z_DYbcK)_u#N2raNAt+r(j4SZ@#crc6t!$u590JFn2}I!O_DWg;*%S47!Pca?A9?$9 z=s886&e92XI}hYG5Ud~cUdDspD0jm+qaz!d)+q+o8IN3_UoMFU%E zCioC^yQ|m22MiWpytzIt*+I$e1z=X>z%}>QnQ1LX%>ZTxvlp=dcsWGSiJZpBvY z?lr~)a(=UI)}*s=)+?a{@4vakDzM4}SRtO7_VyweH<>gZs zr!H2VHmxOQrzcV7&&=h7!j-{z=UvtXi@@zqiCN_727mnfWQzCXCM08SzW{CTzs|v$ zzIv!kCg<&+gwVpzpy1<-3aj?ts8eFMPqp-Qb`L$uED2HRI5zK?eEDs+VHm4$bG~B4 z7%}U0F~215c6yK$7VN+0UA8y zD=EVxWXHTaNX4E3Sa9}g|6MWCo0fmS%2H$53k~^HF=Y@%kG}x)2`aSHn;@0>J!%nl zb=>VVA_OE?WxBM?mo@#WQ7}O@ZNw05+PmOW>&sPIvc3O;19==l`nlssrsKWspAV#eN*f5AS%zMC7`~K*e|$zDYp~9K+eEv@=kCI=RlZQhs$zAw)6% z6q*z;G#=zwg#KV`B^CVlj;*1_OZZ;UQjkqNk#I&MFJ>~%9H;@8ms`dqn_(k&nW*k#$&Aehk1OO}|1C+?y0e+`z>Ynh zpuHs6dfH5jo~~+JY36p%fv+BitN~h+Pi*t&X}Miz-LlP}`4c)a0vq>6%-CwKUub&2 z#k)f*5lgGp|Cl|WU*resXew?{@Ed=dqqEo#^n>`;)J?BqnAA9)+&Vki=SqDL;dR3m z{jpj3)pzeF=Ye$4igC$e*zayh?k7xr{yL%ME>-jw2BHxK75@Au(KliHZ&-_R8qb5` z#{}F^2bkOm-^;c7^WbJ?%!;_b^@6dCpj+-i=~c4ykSTq)%C@#8Nra2^A(|t5@2S1k z*~mHvgDpX~X2PAR2%Xwj<;K9i@ZxPtCCeqgv2)vppX>(ceD*p zszXe_T7QNhlZ<#(6hn3@8g&}KrBOh^_6z!C8`bf?19q8=H1&2y@g-u_?ury~>CCTnOWsnq(r zO`680o;#ij&{H50Sq;~wQU){~w4ndxL7;C@F^eDE;E(NeQlh%Y)L64w3co|0Kkf`K zeGpW|ZM!UVlJ8ah`^6(@1X$PwwIHfLYd-#AeXL=@EedrD7Z$_Nn21ofx61D8DJqwj zKC8z^r^fCbd+is3^?mmuXO<4rHu|`%5i$yb8wW|J;fI)bC1pmNUcIknZL0H55JqJs z4Aia&rHNlqJ0i`;9EMbRizJI5UG+r~5c<>6iX=>v6;>MK)6t zw|}jhTluB)z%UmZ6;BTF1q{2+Kcjyt|@nZi78jU-{V`IYhgHSm`fZB?D9!F zg{(oJV5<>BLa5VA!Le=LO0^%#hdY$EbtuP7w?|XugzUvWUO=4GJFIXJ5wrZQ8xpdx zm|;0bs|jlNkKQ3N8hX~J)c?N7XxW;`Z8tun;NGFF?^gBBbE_3yd~oo$aryHZE{^IEvpgDm|Eit^30A187r0%4Ya3a_R+u8$e%$vw4PRJG^j6Qr*T7uD*_gRUCZ ztdqk=1}ogy3uD&kz-ONcr7Rt)T+$_)rYwQ#y4_gI|LQH+^WIVC+sF1-Tk|Q8gG+cO zV*u_cJEuidT)6(PjpERk+d)%UB=~uz|UZ86^ zZ{mF~QPQ12lS$(GP(e=G1y_eQ+ix+TdrHMIRbMWZoS9JgU$di5;NN_7fk6fZ6Te=fGUuqIOa14W#opVT~@s5qQSB@kEmV#`hvzXUqeq$_BQoh8;OGJo=jN^p6=J$)m z)Aj_4#L~`a94yE=qJ$uRTHHWw*cdf_gsl!KM;#b#yRIRCHr1&VV6P?US8;<8 zOp_5O>u7L`{QT>n`Pf<0%gw}NKuK+BeOLF(@*>Y*It5>PFC^@`C=pqV`UUhikRQ6l z>EN#eiK-u$V>03_GJ;?0XzxHBD5Qw8iw;9p9vyd!u&Sk61#a)BgU9c}Sv6j*#GPYZ zdb$E^ngivR_?wz2c1v z%i5!A>J@k%gI?d7NMZBspI?=Lx7}um@swq0mTH|B3(i@GSQpJ9L7;^?POUnrKfTfd z61|&Z=0RET;E*cxVqodW%d7-|1#V~ef%R!l={8RLePAaS<{5Q8#2f7$KIS(RQ^;9K$m36oV>Pu89 zIA5t~Th!DdqVu`TcYF*)5r3n{pj`V4y|4Y0q7?HR#U`;}GPtpCdZP&KjsZf8PpdQK zR2Yo#gS|!n9xs8sHqC8}oVu8MM@z3qbfFH7SS1SU%a&;2xBdIzqT5MH?cND8r}(nN z$kD@Db3cQ(gDgQ5h{{&aB#ZxvlSfU{}6Fmx|Ci6&}C#3=o~c zmi;BVYU{*l3x$=?_fbpKCo&THkLF+2euAV8_pAJKaOWTrDce>=oH%m`eX&Dl zg`CVXQWaIT|NG?#KyA~O?}u;Rb$foH?m6;>c!gabkakHCOD*BTaV=$|_;OfQq zy+4v1EiilO{89QP*E$9Ryu$`PQ-q1Ler|!+qTq!khX*U6*7n>~(0j?2oxPycE7r!e zCtB(&>9X8mR)VTRTwANU+G20+@W_L5ua;@H z`@k}B{P!|^+soo`Nq3}MAG2aHG<@?^HrH-!!vdY8MknfkjUb15EN(VoJyC7Vk{y5y zyfTLt58rvR)M4QIAp1f8CeJ&*H6>g)R7E@m2mTP@#KH>Xi)TYw~}zU;N1={<-0*kK@GZg2^|z&ce#_{A4NF zSLu|KP*ROq6ZwK*9^hNlJT<^mWezh8%>l~7yG&MbDb3X=45BFE?fb_L zT+^v%p-*3wrjxm~Y-YGd2_Up`f-9(E+25PA8o{Qb$bsHMkN*Gr^Er*Oc(;tBI@z=-A z@I1X~`K%okCD)fU!7Mku{ae@oCfrMl=IA72hqG83k`;>qbC{rnId)qI+2fgHb zdo)wJv@CeBRG;<))KZ})d!Z(?fgpq}ijH_|7QPVW$}@WL=dk7cq)^^2RCi8Q4RzrW z6b!H~mWCR3U=oY{b2psoEkfTVFCR`RG^IK^ZQQ)zQwAH>l5xIf5@O55@MYQjDbPw`g9R>W`{Kd+#lTmS_@0)C&yM zOZl7bZlI$#RPmxTa?2dsH=gIA8e01f;cG_%^BXsFQX}xewWzs~*~{QzZL&FR+I~Q7 zSpD>l7mKSp0xg@&Na;OFft(ceD~8EycI9M(MJnEj!7JwM-)n!Q8DaPYACYo8(?a%B z^xPqK0*mAVRqsb^Z~dx$YC&kiWEw?li9X?_*W0^FHcj|k#s0)30ivjwTHsr;Z_3Dpd*0wixN}?bTYRk^l5|@J<}~hx z(HazFHGCfQY2eRGIx?-V&Vt}Nc=(ICq$ssp&O;xnJ@*!H#Ks{D8Ze*BAh_r4dJ7(+ zMTcv8f5PUmwAouqpOA*~i7h7s0+`vkpz;t_$w!uSJ}jx&gxh__cu9lu@L|oyfzf0) zi*niWmebw?rTcclK9#5pBhVXYp>&#pH0YNzPH^pT>EaUKGxI99t*1Y#s-GGZ>`+xX zcs98$wfw#T2z0;@+K8^wdk=S`x#l*2NoxV zy#VcUZmG*QKgViXq~?;iVNGX!&)axeS+ORgM)F<+A2=QzhQQXmH(h0t2H{bdZb?Ph zCKB*k9R%^!Yz<{YK%Lc!?+{ut)##P%Ki(x@Kp^S8)}ts4dAh94wUETKXvC0UNG8SK zhfLI&evn_&CZ8dl!B>`$xUcn)fd3iq?0jxPU(uGW=6A^n$&L9RiTYAL&*oo5KN?sw z7gg(pa%n1m@x3oed*}vmew_yTC+8{Vzx_1Mt$K%D2amZ1u&GPYo{2uYvX%4{mTJBT z#1I3D++qje2DA6M9igJpG^N;0KNpO4&c_GUvX#%nIS;k1SY2*SMIlSwXpykV`r@m>3* z3FZi)X`#>bx@&0^@4_nU&$|oZM5`9jbcBo#F(KC&)+&KjO9nZ&LftuDh4)@}ULRfv zk9fy#1X$$op`BAy>~n~eGhFKt<%z(m7hq!|DS%a17vXsAYX1A*0yOyI;=t@F(Nm{i;4aYx)Bx*0}Xe`AiYOv~;^hvM?3*1Q)_3GI)fK^S|D3k-wCbfvf`WKVI z;+l3{OBTrU0x>RLSS6Qb>_2fMTg~_js}`!QZ~w*RqU!F!u|1Ok9xqBr0)R~>yL2Do zf~$<`LHB_AxN({%R&*N3(Lbl|_40_~F1c@M>yt2JCI)Mnbg3_l1AH6O{ zRY6Gp*4z345Tq|9?QaS>a8JENUc~^9^ULcw=tJ#<$uA8U;E$IhHm%bQ06tQaUB^0H zTMeGLT+kT=MV)0cr+R9~c$TJ9)b)j??zWty0Na+<(p$f!{U9?^%5zll?kCx+4A)9} zcXsd^kaGyST{udaop`?>fR47;K)nml?*7aG`ZOYi&Dy*bN%v>L6S#6}M=X_p8NknJ zk+TlT#RMwzmA9+ehz)4QISSNXs#}m|a_t9Dt!;)rus=?x6G8L6Yin8fYr>TfT(>*; z92_pE$^n;MUwJ!>-3*vE?r6`Si^U!u51wjdp0BOx<@D7}o?O2J1YLCN_j*AumdZ$n z%FsFIl3B$k_F9`GDd8qt<-e%`(}gw)FNV|GL2sh?Xhg>2>?LyhH7V`}xR5H1cg{Q8 zzzS9zt&u@d$_LcuCOOiL7QFfh<b zy>s~L5$3ec)&8fPKki^y7SU6EE^ zK>I9oRcbM2y|+}p>D>02XiaN7Vhk2p4cG|CVPp1#Ge<;in!{(0k+Ke3=8(k&w&f5dBm*Dw=)0rrD)Yg z=6NY{i#Ij%0V>=r1?yvaW}P^$&R4=Tc*>m6?S+N*mBr&`^=i!VhPi4U{9MaYwumM# z^bE*xOf9F)fT$mB!1%Ps^;YT;NBUOR{nuPYS$d9a6>rM|H2CG|IM$>$?72k~1fJl#bDQy?g7` zTj40Acj~xj?;dtBUvl+p?%JyrkRqNa8o0f<5$nQsRkxhB?a6s^L=wanx$6f$!)`(} zJO$o4Q^JiImeF>t8m64P6eQ$*8%IZl4QU-OJ6t$>jp)8nx>=HZhvY4N-*%bbRg%Z-j1r-{Dt9I`<=dUJ0`hG z*A8fK&bg~M0Qw|~{S&-?Mw?l^597{~_{1*qOSEA5gNMvW^Y_yNF~R|sZyTpJOdn;E z@?}$z%q~TDmNeQ)EZ(0ldi{YXe!!Y$p1E%<1;zIDrjFC1z***=?QSjG#T;ttb=%`l zgnWn{ku;lADdA1w`*!tn%fTO4@S1>5fRLq@nsYR>@0MYf{MFxy)ExNx%!Q(JpieFu zT%<$Qp*&_+n$UXXsr6bu2tw$WcVSE>=E1!Opsk_6g|(O< z#emhb!h*Cibxqz$%E(pou^U5)9st9ZNH_%N5(B=kZB#Rh4}g~{cM7l@ywR6O?xJ5L z)sBvMj8ieZ63`a;=qvsXTIf$ho%0a7XhAHLd_GmhuEaCBedPk_)bGL(eBjTd@ zOvj59E_le4Knz(q6;g->P>ziFf9ikpS(9zUo3hFlmorT;9^6Cov3wOb?oZj%cESIg z78ie>`eR7`6()DKzGLQK`1pk72rG+~!q7J>5YVO(2K}z?n<-Xw*34^wJ+uPk$-`op zPNrh#%^)?oW8_wk>Z%EeNz1S0H)QUW-~P1Nl!0sUm*B)kRPdb3bsh;|>xPsOs!|bg z&U?AN;FFG34=Znk=+lJgo8!K>s&&v87fXb6)_)SHT)wW!GvoVn=T^_x?-dtEXb*;L z1h_RnF+Fq2y%2_92y^9S^+JC5#=Gq0>S(%gIGqVV)Moda6B%rfVU;iE#T`9@gbHmZ z4n@g)0*1}>b5G}d1%HgpJ~Akg?Ohw)kR?3?apwyb=E44j@8B%O3G)pc$)irA`kHeX z>;$A~#kQV%)Gt_Ur&<1uHN26GnCQmEw3=A@HswRZe-ICI#xy zF<*Y~bLE$aG_bmqzm+p`tlzi=T#<$Dzu|ktHIu7MDrLVOv~8A=MsKJ-(?|_3sG{f9e(tAOA%94 z^F28Z^?J8S^;H4~GHb*24O*;vv6$f9CAKQ&EN7w_u_w9YL;T}>Z6Wn$sV9Yv43UL1 z#$Bbzo-+-JTPUq)VqCvXl+(6?g{Z?_@(Zn@$7AvS$yepn{Q>T*0A;GvUIUgQ@8lZP zmvqGzy(YPzJ~?M4*yk!rJ6Z~&Y4zQeDwO^En?zdb#=73KciZv&ENR8}7QYH(2N3^L zBL~f3pcGlmHO{#TIBBk{TxNK^&mT^Cp6OpMD}P>HwyV4wP#loz?)yFpCz&NS;QM2CTSKs9!q*Ocz5Hb}lBd0sNHv!95iX?ZYl13Y!NwTE z4Z02W{C6N~HzIq%2E|)jeWu*$0{rtSqX-eXDN8%wxnC^au-Ti>k^=~S6{g3E>>X7V z;VIS<{z498At`9uk8u)*C(V|2S+;_E97zE!FMg;edTtM1SRp7cw@v04Pc6PUoBUo4ewUj^(7cuOecwsvlI%wd9LOHWe65%~e)q#Q zW%4IoP$4-9Bhe3f=J^aRNeOfE=*II-ve0)Y6-N7{h2h~LQWJTqQeGU_*!sb@E`}Ee zbeKWfo6V+P^`yf9w?5gEd|-;(KVV`S4yVzLB^7k^w}?S7A&d7Ek{EQJb+1%4Bxk}_ zeSM#KI7sDCF6WcYGU#&Q@MEJEk*UCA)0p4Pg0(19r|f5PNqy8y`NMz^Sq^p-OxB9! z;|FX~QW}xqk5f0*+6by)*$*j8FhuwG$;V;Cb>}#Y++bNZX^wR~&~?p0@diSCNves`@lXsWO6DG8iV z%ld93wRynLnL9p&YlMX99L-kj$3>wBO$>+vW*YRrF7YT=*=h8psB(Pl@{zrmufURt(0|RUHfmD~nyD1@ zN`#?RDY@XoqzZ@84x{*oO+sp!kTG9{AH=ItZasTmL31%D#)m8}7ipP<0g4?JSAtPG z!(xC4$CjuYs&IP1P!)EyBjHjeD_=NAI$)QzWPCBi7DgJmE9pD&Qhoj1+v*!c4q2JT z->KvoT|85YUuJqW4B3G8)NM?W9xB+n-}Ng%RDNFl0$N?Lk^Fm2*qz4Ma>8 z$|)p_G(5Ca31Fv6knvHqUakM{jL0Fm>-a%ra3vF=ilCG^VaN) z(W^bB%yVIvzuzT$Jcu`|!_H4Ut?N3HPrqj6cggS5E1F+;D$EO(T>7Ze-#xf~^8WQ2 z$kl1x?E|-Js-1q&-iD`8Odq^rJu97)ijsqub9C86o8&hMt_zd7{EZ0RwlY5hzX;!` zOua8l>Kx!a%p8_jYMs4R;@XuDAh?Ut}4L| ze6A++AObuTBSOAy0J!<4HC0c4jM%}*xI^Jb+v#V5QnFUJR*d2Yf!lVl^__a*0V8;U z0=iF(YV~X)-?@+3uY8kkf}8dmjp=g(Fq500#oFJ7bv3R%>i!=(6LYnm%|4*H zd$r-G6zd!hJ{nZuSn(zHUH9zlx6~^ITNlIJ8NRYYm4I?ahxM_M;^38F(ZuIgpgAzP zZuXfinT$_amI6#%T|y>x*)yO;Z~vNN_Zf9-8yr zx?@Ck-`(A0HrqB?tJ7Iiv|`=CzGF-=aEMGxb_S5elZn<%sh)DQ54#G@j}!zXv#Ckj z>tA#|ckB;7$gflkQK4;0Cy4M5FvqcL2WHKR!tU(t_9+nD1Ide;K9(TEdFv627k16q z$b;{8&5F3qAfyMa_iV`=wDM=FL6EFf$1a_YD1SSx;vnacV&JQN`on*SaPKynQHpeN zFT02_&~36xZI_AX&%iD@{bz8q)`UkeAwkqN?B4RWVq)26!fXRQDCPAttv;0cy_ZUl)y^J1}5P&@YX?fMVItV_uLhm`%_aZrlG-+ zFj4M8XSv2o;cqKxoXbHAB4^S3WwnYpjwwmA`o|#=r!3FjacP~u+;IEi&&Ues)lU2{xwqd6Z%YE>rfnx{8BCLE zwR6n1wc922?sTgOAm!iwyq*Bcu{Zz}W+TSP53W`&T*yTJTL+%fMwIluqXnstN-|)D z;_k)LjjWb2r9-1u;lD$_gMkg4RnYYs4pqb7=%Xw$!BxsCT#rwjm`CH~=--g4ZT zQvaV0zlzyn7kF6(MvX2<8iiQR`G9U6UYPmCZ}XQ1lzm?~6QA))2(Yn!(oZZ#=bFn4 z(bem=Ce;i#tg*xg2LC|EJ4Yi)KsXgDqiPp_16RztT-gGHgbB3;_Dx)8CzKqild0Pk zCTbqH-P#7#m-OZl&ZvHNC%25Jht^&?E-pVFp3J#cQS~(nNN1C9a1Y(h>Gn)BT$FXT zQRjau@YG(4W*{YRt5d~OUsWSzv@qxV-))=dbuYc;`Oe z==5UeWcvQsD~~ImEGEt9)-9+<>(P<@_~_5F=b^7E?>%{r&E304gp7z3;VLi|rL_d5 zdz|GQg;?*Rc~#Axzg)+qcU2XpUML#A=RE)^xqoVC-|*bZv|Tqi>A$;dGE1+betZh4 z5>kxLO;duPwyuR4go(ReqSY?_K=ar_<}PoOA0VL>Z$a-APMq7F_4(=U%AaS$~{*e^(j> z6<70?S3WhehYdLS_w5nyFVPD6IJ@b<_~-WS4YQ60vm_{e3XwsW6Yh{g2^%F4y?_b- zb1vl2FPqr;(|>KE`*%?2Yhh^Di^uEe`h};*B^*hzHK#~n@DaKzox&nb#UA>+>ETjP zU_Pvh5)X=3+rVB%0Jq@TN;q7l?Py}K*NS7}Vy`7#Qfv1M<}nr>&iK!zDyCdM*z#aK z1JzM(o}PJ+w^;4r@j8z}K)>O=$wOsvQ)Yl{XMn(VUx9g3z_B>nMmn!3+qc_nxlXfJ zq)}$Nw>bZj6L|u+6`?Y;pR%bVAfj7Rp%6=W^xqD20-sEpq_F}>(RmXJ=6jw`)6xzc zHO&ybmQDp9k@e`{$+aKFhkp0ZOC{o9YYIF4=~s1!sy2^OS5_bXZ1WD@*;$CAi3~@E zY{!3SWAXWJ7h2afASZ+Qw%t4&No%zQjIQi?z82ADJoavQ1kg572%bJ4u~Yql7h_7* zNfs4{mVHeG>KH?SvIzBo3N5295j5-|-s2A|0bg(s&)t)?Zu7vI2Ez2q_xV#v!OZ ziBp-U>M+>)ozUYl>jxe&XfY+77C=T8>Z#?ow;VkB;T-musvN3YRNnnYYfW;ag6)DYJC0b5vgyQUO@%Mo#4j6sSN->DPWeDh0LB}1qexMq>R2!dOU zBRHN$o-UM@nzMJ3;O<@M*l~4Ic89$-k3_KPJ7FD+n78-V(cb?me(Au1%>O%n24L6b zOZe!;842{)q|@+o|NSUQHhuMXOie;4Xm;@FYf89HSw(|O4qy`IpWsZh!?iW zbm~?OImBNLRaLa``{~oI`vg{;5D75u#g9;9@ko-*DjMW$q|LA3T!`LOM2hn?kV;-G za{@=0e7aC^du08ru6n}5faT7+M9l0V1XdHp0Ah zToo2Vu_Js-0Jl8?GW%vfVtb{jw1|A(=zAK%(d^NjM{lP4N@v1uuI^Ty&KbsU_?_MU z+k<^(1pl3^3oT{_<`t#&T<^DI@g@p3^6wN3`s@ha*4{@9(U5p(;*g+i)lo@Agb$*< zV}@9Q{mw}ZUS-t>$Y_vu+*;k2Vi4Z1VMQk)13mTO`A2EwoJsdTB`sZK%m}I)y|qz1 z1Wtq0&~N-=nnM zKecctyNP1={BzF$Jk2=9xa9w)$>W95=p$}Ij)#eICuwz$))XFuvI1Ft$(vF6Enywh zfd9^b?1UqX+!$~^p85 zvsIGp%#cwzdpn%1I$OzU<0Gr=y>}=w&#H7*xbEQzc}|=&*x)3xe8bn#ggSV z7&XNYg}@BOTo41#1UXSK!65KI2OWismnlW!uLn*iZqyx@{Def~n>}l;_X4`%XB;Du z^HD`^i8O2K2|;m^qB){!-)#&G`c_l4Nv^y+K`U{W#T6)FdhyF|x}6C_o47m+)7rH= zz;ab*pb@Odu^#m)-*7uW7;ik25$I_gsiC|7CUF*ggJ)_HL9x$~Ecm7Lx>rXtH? z8opmNlyCVUWaH^=>>~+B(A`anHAI_iPr9^SNq+*a2+Xc=s}JLQpJ6@D&peba7?&_W zs*tkoNXpXFN9-g@IV+tU$G0x2e>q_PZuWsCS3^EKk zT}@HB@w-Ovi<6=ksOU32VE2)BHT57D$B8!*;rMuf}Iq~m^)I~HMOx=yj zmQrDDG|8FmxDG=LGX ! zs2wT^ICPe65&CUKbuPve(;0p#=|9uom)6URJ>xWlA{alaSYxUh9WmVZ;Ep5j_{n=x zqAtarnV3j@n_fvyrfa{ zR7E`q(5PgG{kpsSxzl-xsygEPn=0jgff&cbq1$cpe;<3crdmcHc2kXAjEv;O_m*RcRd7J@MK{6Op;FxT!pP_UB1^ z#_7k=%qAMNlT0rHr;lqdv(~{apw?sm1ZNROA%&zvA09mN}>C?`cFCiruL_>P)rNDXk|e_HNVO z%;V_fr{HgGf(aRV?5=#dMHGBH3HgS#HT?E1zBFEXZGe{t0-2I^zW6sct#m3ye*4$! zO27X8GOjf`X(aFzKDF7Wx47iui|r~l&f2)}T9EZKX3EDtSi|eM8sh-d8hzXw9oOKh zlE!#S&05=TjqOy5_9n+ z3^Xgq@Y>aQFG3=n$`e$k{Wl-==s;CsP9_jJe00in_W`U9DuU6HQDL`2WZC^BTeEWC zumSQ9#X=4N*SM1JtQ6WVq?Oesqd+6dhVQJ-Zx)u%k9P2_@OsF9Qw7b=xq_ir=1L!>Y_R3?4xB7j)n%e zSZD}jl4rE8^zZx7(I`OQTE^9Y4YOp2A!tUZj{dz+1GK_f8=GBxO`3LX{_^6<3(u}* zqy`J50=KDDCmmg|?JUZrA@=U#8rRN~)eBPDMP4-DpXkOfVpK)`Qn7AMa^Y*c+>Y69 zZpRb~@$pi9)PCwUKgfS`mHo~Qa1uwmJ1JT1{!bFSpLP$LGxQeUeJ$ai3Zc^X@4~Cc zh9&9N71#@av(XpZ@&4Fd?&E<-LfxYKJx|88f0Nf9f8e&*<%GktPjR-GiJ~W(Mn-b~ z;zZLgsd8<6CL3}h09zNeLQVDZmLYeA?w!S)rG%hX=E2+s#msAY&gao3=K!2==ddo$(wa~0q-WMOnNDk&PNf2F zg??jDEq!e6t7x0Mk)J_zcP6a!cMFt5ZW-x>vJ>6_jRfGTr=|9*7fO7J5*ploigFJu zS3DyDC6RA5Pyu4wMZxG&0$>eXjJzN&2e$qDTCFT}aoRuqodTem?;iqYNBn4G``PZQ zLKPJQF{o{n64WXgyD^>a0!KiaMCG`0c9MPtm9Z6Rp-5mW{f{YYlqGeqhOLgz1q zwbi3(%fQlow3lMc-sPB@&{o+D`g5`eG|=h%;CYo)ksLI4i7+NM$+i1mAo?mc7ASbz z6wQAbEX_!eSRUPrNnO6qFpJX%wXj#{oeB(l$)F--gWJl^etV7nopUZz*K>UI^`;MQ zSnRoDF5EO`$IRIjDYRgG18l_a)w9i$saZ=~cKN5e<}sOJ)iQ!>?P(nJa<{C|e6{y1 zRWd7KGBo%;kq@SdHulq|yY`j*1mg3CE z30ENW6uEl+%PWI~C2i1f+0iSB$`@Uvs5Q>g?0~v#0TZePezJ&;UZOaggE}0(%%9 zjM%G2U+EmV;T%Q-iwFNhDD)T>zsvlWQ;&;S2DD?*Hn^BUGpAf8daP2HVu$dG15Y0{ z4GF-yBX`38U7W>SI3F&wpDm1<2L$Jd1}NxJ?9ZDAhEH$mvW8n-J!(I$ul``M+~e2d z+(SnP_u_v%ATnA|RaT0oGsp@Zp~q@T-v!~+F){d)XxRTyPVK)Z!+Y#j6r+Km4k8T~e@q8| z81(A%GULNdr~7JrN_D>uk!STbMblH<+f8w;goq5ym9Jc$v*yf8a*~sNa6V`mEl)E? zol9;)7>wza?-Xao=DXyV=ehi)`SLqg%Z!66T*cbH%8N6GAjDpro9)7&and~QUkYr* z|CL|9Cx)`&)}}V+8_wrqJi_GOES%X+t@^-))mr1_bB4H$SLKpAke>6Wt?tH5FFS4$ z|GcjvS)`3{InEVN`S>T9=)Q<8O{)l3v9VfF9}9fr=Qa3AXZ)wCk(7&tJXbCuaSV=j zoA>k?!s^?&YB8l2f~9mxMMal_N|T$i{Qlg!>;JVlbjoBfluiMnA|^SXvctaXZdxM* z`blm_v3|(+KDCF!Rn5cq{^T-cefK-O*bR8{CBM7n&+ocG%tt8&$g|MZq|q-xRG^rv zy-Q?`Gfo|>fYU~>{sn*m*WZyTi*b~yhQH=j!p9CZug6sR0u>lu2TX^iBatJ?JjqBs z)LIZ&5s5mHp01^ZfG_?Itkeqe8ksHrjXxgW<(-Tl?0UID+KBlCpz^Q$=bt&|6z7~| z_~-?djA!n=XVE6@DMFI1C9G!xIgxjLXlL^IsPFXzhGOU{57t{8tPjgI(P`d7`YGe_ zV} zW5)R4F|qhy%G>daC1qbi7>4L>(M!r+^hgxqBe!n&sP35>Sz8@#wXBgKE8^^fR6Swn zj%=Nh-MN=^Li&&CqfPjI8FMGo>7nr}pN=&P673Cc8+dXud4~Ib?8P^H2eP7ecD?{~ z+^xAvx}dZEiItPsWq!u4|CVO3C{Y%Np3}SkQpOC?k>z_AExPAAlLd>yDs-l<;E8vo zrT>bvFqdACV&JA$Ge3Yf(snGjh*ji#x%^Cb0a4d;1{P{;9`&~=a;%bS$xC@Q_nY*H z=S>{Ns1or5P}NM?nY-#aVhY$$)*B<2Vw*;f19>#E44W>NPu|ffeZ1FM?VYJ{fXe6G<@E^I50ebJ3T-4R#AWB`dIGmd1V5Bo_m+qFmWv;^F+-* zEr;pFqK7c;%6Hzk0x|XS?8EBe&IX&z=BZa60&K(07|C1L7?zNo7$Iah*L6zj57aIo zso8Y8SROqhV6RpZW1=pnwxY&Tw;er1eiPoV@?waSq!5Qw9eyZPI(=YFyDekDT4C>z z8GC~xUfu*Hh+r!5e63U_yUV^f<(C!v^sKy!8BUX`FZ~~at;^14{YbKl4z*IE0~=Gy zy%dhM0`uNfUE{|gtu?M*(F_g~+HeAw7vLnXR&crkZp9U&Aoh;itr+M0hJVhJQh{Curtw8`>&fGRYuO-4;4~Ol^g~7tc z?j}RUB{%EZXc_M-*sN$@9BQW+1?rzh=L$Ww1-z3}k30-eIdr66bO&2`HxE=842TX( zCYf+f5BjwxQ<*|2Dpt`7W8O}D>1nLNO&bSor+m%Jzi1Z@78Nf0XP@jBgFQOvTGVeC?OknN(Uc5W~u>qb@{6P5jG8NBM;%@l=i>>$4hS<5S z4@y6TT<`2{DdGePKtx1O9sQz#(hocLO2=@;XdFyAt$2Am;7esJNFi46`cdQ^d0{$( zlupURioRt~K1;$lTdIzXnlU{kM1%)*@vXFBEPB_^b}!u|XvW%TNiNqddxT9V#Buxn z(YNtv3(tKx`pbHE4LqV( z{-u5!P-;AGz3nIa@dCD`(u-{oUKD3yY^aLmx3zByNIEh^(A#optEs3tD@ne(_8zJm zt&5MqKDr;Ocp=++kwfKiaR~NfnHVmGgkq?gO{@xO!L;bNE~|bF3!yGAOH`N^(lw}n zM%{ZttC^|dlG`Y1DiL+z!?(UJdvPFZn^U}a`Op;#ed(q%LvB;6+7X0ASSMcAFeaFl ziS^t|K)VAajIY$UYYRmCzMR(zIPa)keUiY=fJ2gwCzJ&yN-tWrDyF9lb(0n>#S5R}pBz{`n>l~R!~&ZnE& zd=wp#2`EMC6iZ5996d0@*C6aDMF=`Hh_&#iTW?>$4&nMg_G%DV)3U>KMw0y z@oU}(kLu`3_SjiXLM74+n_q6RcOAX1*WPur1H|Skx9>f=8M0IP9Q(_ESG|1J5>#|L zIuPUj8H0m8qHcc#D#LK3VY+-?c!^zU9+Cv)#m(nmxaM0DZh=5~;EE?}x!iW4HlK$yT0Ue*Yq3qL(|c z900>wO&)aHSs?rkOASl+dvx1|j|?%Ch~9ks<(G9JHQ2&zvP%maQJLOF3=# z`Q9RHF>E&u3pm~TkZf4J=j=C>dh^}=zP*5ZQgJnIe%6cDP2pdAoc5!>D^x0&0!!&; ziY2$OgOaDe+RuO4VZ@)ccMJTf=|tWxq(^io>JEQ0#<9Pz%0EbR4d}G12a5vnBJNY6 z=14x|jUa7!|CqF|=0J=b^gEgkw5k93tn@??&&)iE5@Y_eP6!0l;M1@d6<_Nf&%Z#< zR0uxBUj6s3{olKze~!yANzBx1lFati12K5_Gy&ZJgQ_aO|J5PMjJ0-G=E=i@CUDL{+m6BB>hk?&JTH%~}!%G#PrPwt%|!?B=ZNWAx^X+LHnd)tWmY-~Xa z(m_UpLGrMVJf_ZH0$vZMc3nxPF_d;oid@?LuaOu$WOUv;z-SPJ3K3SUuDInz4@dWH z>Aq0Vx|T=)l|jpVcIyIcrPp|&57`9nNCwEqS9vSELBqv@m zn5qQouZm46Ba^|4LjE{C^=a{(L$<>ZAws`v!u(NAR#*?Mz*iu-#q9mphX(+6gC7V^ zZFGL98?qSGuf!TYkudeRe(Skg`0IYH<60j@U3BPxIqKC5iq7TGh?*bdmM?#K4DbG_ zmnJacF7JyD&~3zO&!?N{W0$C;?~mHvss6!*jRRDZ?NWab+QM5}J*v;A>T5{bz`pzk zucee!#jALz%4%!vxp3o7@vVpp-(v&E!5Qz(QpkTOa@JFT^0f9$wD&(Q6L}MBp8SIg z)3oF1OM{~LbZWU6OA++*r$-*ItS)l0B1LIhEW@YrYyykPe9qbFG^gvE+Xx;MM`ZBw z-g%R`u*3NWnkx2kxJzODw1bPf)zLGNOB=G91!33Y6et+d2Pc0qv_4{cJw>Y-0sh7g zmB`fkw{0iwZmithq9l6jI%PB?1HjKPxxnovL}HhtKel5Q>;2LSS$e;lNMfO{*7Y&m zDxW7a-tHT5Kb`)E^Mt=vRMJZas1v-!t}5F}em@ZW*BjLP;H|*LM~HITc#&$MGE8=@ z<#maQe-~XhH8kJ@k8=wgJ+ykZ-**4JQ_|f*mKkpYaan+k~P z5C{7N0X^UKj9V+s7kjK16Qp(RbN9N@>9W!^((lX3fNG<;N&B{s!QPF6bbky>8VS`z z+)0=#x8+4LEf;)$0`zn=wc}buQO+Fe{qb);Rf>A0zhr5RagWSm>RM#m14j?Ew1!u= z%J?{nB|=LVgzrhd(Uo82YccOnA| zoSh6jDr*9)5fn*H78T!>jLgg2W@sRNY4NHM<Wj-9~T`^o`=6}kgbIO z-FEtbVm%y(AZQcsu$7583_2dIr-cWoiFwdV{zxj}ZW$Zjn=b zI0KNDI3N*hmTnUyb_xOFjU+!LVFHoOi6|#eQHx3UK$+1r@U1MVDNmh5<2DmXdeg%b zgCJp!m{PMF_pk^ca;z=K>7-yh(i32z$Gx4@y;Hh0Df}1^^wKF;sjPa6Kbm!lF9gMq z1iXC~T=|eLX{NSr&86}%{52C=O^mT5&}oRwAK^T}r^p0lSPMAXJh(F?>^iZF2zf1W zD$f2=fNEy{72wAGMFFjqlWAH?4C<`c9APwa9KnJGa=5!HbOeX0@`t|O7r`TKcU4_Z z^ZU^lWo>LvY`wd721MNJvz6Q3CFi@27MCGt1~(P;a{Kp%{`M1v5N*Qp4glt)jlsk$ zi@Fje>pR`QHGt}1;BA+`K!{p<^LQ)%$KnxI#e8deG%)&bGu1NOhS%R5Ry4_u2cvcg zB`+>(5vU9Ud%S7>Y%LCFPzP)!>l0LNYj~--8kC;^%|g|(<{x)n32amN`3kY?Gb@+@ z_SI%L;;Z;U>AlC_#CQg8Fd6mMq5k?LjK^B<=e&E0bROCYdvK~sxcgbt4j1Y3Wwqhm zDDjk^fCw84__8}oB9vVqhX`&zWtgDw)58|#gSJku{=;w21T%5-zbBY&6(-h3zWB4V&mf6?xox87kw2s&-`ZR6Z}akt9{nCK1yoi^(eDpaeuyr ztCeBPZO#SnTO)!-0!WX#tV3i_hrQ<( zdddT=@CY5l_w9RB)+D21vsyYOEVZ9rKBEn=R_8H3@-vA$*~@S=df;yyYh*bA2z|vw zw|fgs$67N3T8c-9uVYC4p-b*pXWH~D2ZF!_@$7LgI*BpghL0_g!u{IgqY%7)5PFap zcBU|{3N^;&(~4zPM5pXp03zGY#bLFj&Z+d|#~SOou#E9o zzIo1xSc23raeg_^LIbuD^}f3k$=&}-!@~E>V6m4luC&nm*3jS?VDBk;v1bxHP+VRw z^j|%f2_%_{{{E4L->=qshaZ5$(R{Z*JKQNksdaJt(KFejj9T42%pqX$k^Rw+N-s%1 zM9D9UQ|Jk5aDd$&$c4xE#JSd>1y_|@ZOO>|V?)2%A z36@8T`+#O-WsZ4mSPbgQc9^ogU%G5@QD;8fz?WKj_(GRt=@c8(89#vICS_4{N}|$} z;Rf=;!03Wa4n%UCBmmyV^}DH8%5etkzj$Z5PO-6xyv~%$3b@Vw4L`=2O97^%h5TQ? zYqv^Essi0!U8*qLMjbD1X{r3^S8T=UBLn(^R*7A7T+xlE!}&KCJrik?`|<$f+5_$K zFgwHs=fxL109?7aNaWIU?Dhv-lt$adIk76ob-(0#h*r-hN9p(DUWEs3x*r>LmsC!F z!)}C?;p%X?{Q3tsGvoSt{-HuL#@7Iv^oeL9YJg!fA0tPK?Nv0IT*#rp_-RM_$xzm8 z|A5Or-DYkq9%_#8^FNVF-rO|d>$@B$p6l0Q^2t#_#FFt}i)l&M@1)JZbI*{J8;c?|t!Oyv@xh9s z6V*oN4o|}P;qT6^!f^HbttF=|^n&=ujbHq0<{br#gD-yk37^|E1aM7WI3lo$nQ}U= zNtPKeAPU9^G0AT7L$a||8^GL%mQOnOcI~hKXKaAL0Ti4O7=#eA{xW;DvX8sOuMc*O zt@hf2p96wL>qe#~;W9xN?dz?;oqP2}wt(e@E;=hG`&S8-b&Um71VB~!@(b9^fS1nQQP`H)cQWsdk*%JQD>Chz`)gHkE|-+VoVz0J)}@%i{eoK< z4TbT)2Mf63n5bolY_D-Q zEA^MW!GK$TO470CL{H>nbm@NjYClUCh3jO88s;Xy*gN{r7*N{$wWuD5{HYyZ9ej}kB{n5qX#uf}n zg}QDi_-rc*=Yi7+g}=){3?v10(mmEPQg6r@BA)V9_xe4I#6M{#R!$!O)+XjTMbuQY zUZlj#yA&?jXuyry-LurhOB8TnxF|CibojNv*q0jydFd>#0cF8Z>`9-YdM*Krg%9iFDSjP3i{J zeo?**H6~Vcde6fLnF6ZHL%|q$wPcTfE*E9wak}BLs%67s@Gxjw!OblvgIQRo?Cuq@^87AJ6PMRRTtrSlY4|x+(8RU^tW# zTul-%n%pJnsP*Yx-4V<8masBCE!u8mf=0sHVJbk|F|mdBPy3`5$NdG9tt_JJX&S;< zx327RnK3|vzb@zlx>Oc~(pysOr~#*!_>q zRRgymv2ns2a9EsmKHRQIW^s!wnR>kG55%y7FS9cTJM_k#0V;Gl-(Z7~G2rgBpLY9I z@y|O6TNCUV>z%b(8r2}^++ZrWvc_?#zuB_r)9uX&k?+!nTES)rieNLid$zW`07#%4 z{I|3ne*XD4D>12{<2zR|H{V8-KBt?*>adwv8LbG$c~e(5W47|FnW)#P zlU~qqtSjqB(q|Xc<;OlN&x=)Lg@^2i!%`%t@6;R{0=l`0@bDcuMa+d6Og%o)_2TTr z%)iP-F@DO`g_pwTBb~)_%9+jvS4466Pd{4vVKZAxNscSWK9iJo;ThI|G&*N6Rs``P zec8mEp;EjelHyVLh`V|Zpj~lVt3UnpE&zzLl`Y^Anf-6rJi`%YS^+ZbGU2fO1^9(p z+3qUb=PHS_0GN8klB>3-i4?US%1q2DmF@Z)nrl)zhul>0B&uoGVF~SK0-2561nMG} ztC0%diCMs4o1!AtV8(;X*z;A{GC!oFRL$X?M3K0mmXtRSb~dsGby*I{(5nfUUSuT6 zJ0gLYlC`n05u*>tAvwwb-*J(pQ#A4rfCFA3yM=GBwnWa>l|IF~x&0GwcvsSn(nyv{ zn|~Ii`ER>oYHbEgm6OuD>li5*1E7g{!8Kuc0x@d==Nl>EblSy@Wk2{d2OLXTD1qSk zvXz`B|E9I&%rSELPs|08HF)kemYp?7P`ZS5eKTsSw1}(U(_EM7Dz?6>++<@%7g`g z`5!#CLynbec!k|I?#(kfn6Wb508HXp{B)-uF3v|@j5Z5jH?C#Y8vOEu)u(Z14*K|6 zKySA?`akS;7=%iuGp;KKHpIeFrfcj_wo~|nNvag73b09hj;-J@lG9KY%RY$)K9ZK4 zlq6{HZht6!{jVk)-(ZGAh!8R^n3L+!9lRU60ly_aO5F$+#cA77Q>ueT0a;+%_ei5_ zXRlmaESW58OLLf7;00y*FH^JtszM!&Kut1!GIT`0>5T3>o^<*&C>e0Tg&oiYj2_c= z*5J#i1yIu+P~igjGNK(cG%9(0N9yQKh|L++sSqlKraPfXp zx6QtRyP7@5J(Qt>#Iw;!SD10owyIY1U`b`*(dn>SAE>SP321|`q~!yE`r9qIs2L48 zKGj**CRhY@GF6F^p@GLS@OW}=M>U};#OW+}1UmDLi7fHgDYxfJqK<81!D$_e?dCfA zIz^YasNYt`WnX?uO_WYH&k`G9MN^KXfG)8*r(dvRX^6MPIgk-SH<*i-TvI+-@k}ep z6tH!dD^iZ9UyHfZ6F}9vr73l1B`CKoGdo#{wo6?1FKN%B>}^2hZdnVtzd@CUkQRo=54)dCq_yUHq)_HR4YL5T7V!8y^)j;x3r?{rdPdgX{XMLY(XOiTJYP1b&He z0%R`2_Swn)bJE7Q8-FmF)-9F@3_x9J6YI3iO6Da|b${T#A*bqra9mWvx@n5)@wKrZ zr@#>;#bk;=T?X#(!0Pf(n7_w7IVL$imK{93w7{bVqobs!9tSK8Wt7sC7Rmbkhx+#y0A*=y*CCyp z85F__hYDx3<9idqyzG454}}&c^wVPtkZxsP4#!3-1pmISq?zw4=u6dsodQ~i+;Hqf zi1$Z|&%(Rg zeM=xwB1Tf+ANya+fVkqN)yZd zk1P+U^q0c9D@FlwI|pCx$v=`o0_|>l#bj{yf05`OrdBA4=j*Mmh#JdK(!Vb5HY?3O zoIfrKVRXv)r;>Mb(d(`|thY)cOed zMHK#P8q9g+>8B4upd!x+1t=6+&(@9Qg*_r`-$70#@Fh20-z9z99iId#{p_Z=v~o~o z4pTxqQ>`a+3i%E7dDZ)^I?CTSVd2QwO_M%;QvS8Uh>58cVZL8WxmB4a@9=V`7=^fI zh4rF_?NdbEUfh?()yXs~w@01X-Nb}CnfQyq%Ki&|yRD5nCrNrEoEu5+Sr)hoa zlL1a7l;!2A))0#BX{~mxM(aVrEGj7v$}JU=J0Wwi!dm#_@ed`LfP00MuBKKxp7$<) zEDPQK-;^HTyA_Ehar?S=n_<>hV}1PuPDD1gFq$FC$igbQ{5?cHc6}?&D z6%hJh@Q!^fuYP=_ct)=3$zsN#R{jRiNcMjh!bP$+0ht8)KvknS6hFy;%V7;)p~~Bz zdW_~Vw_NIiKHAY!nL35nK%7-hoYcVLW4i}TXuvJk>IS)Y-XtdQOK#?}wW zUE!)95%|_331EhxS+#zfI60Nc+jInWq*LG(5?`uBs;nBEl1x1uGpo3wJSAtGA=1EJ z4E%aP<)MC+=4^63$>q<{w1ruPIJjYW?}vj-*xg4V1`YSk4m@@{~f#L{E~^E>}4GI9qx${W3JE zys*3!UG#Ox*F>+u7&zWvV}vyxuj0Trzm!%bXN4L&}9Cx&;QQH46l zUCF%z3zI%*v!%_NEO^k|lGSgICMK?DS*i(jm4|&Dl&JD)Spz?HbC8(*RelC|jK+Mz zrPWhmPvrzYgLl}}oTr3i*72r?T1(m`c;K{&@w=-(0tP1_I14!#J6Z}kLBp&9-dUQ* z#=VczSf!dYE=U<5U0e6H3@HV#J94#D?^30qS(1S~P9eJhKF|5?l zqJq@eqcpcDlu=--Woxu8T&N1=oQ7@fC?fw4VUet4PA^iW6f zJWEHhz2tJ`3vxh=$%B4MZ;afC*l;vkxx9nh49J4t-AI&d^y&t2fVn`Uaxy5MVir@W zuZ z+RY)|>qGena!X)a1;qwJPC9i&Bp^aBjI?P&gDbuViH$?NUYuw{t?lb7l<@j8NM{Gu zmm`4mds%&exFk0~zw^E?$a|Rh=V8i?R~CNKR_1L+e~dDdI=fI$)C+$6ayl_>Bu^`- zip-i60OE0P|D;QXb=jFl&gKw@gf?k=v!8ztn^PA@&3OS+?8+r$TU#$~Yzf$Mi-z&Hl zKQ2$_&uDCoVgGb-9@k{vF}&5@4?vimhwVWQpf4 zA2hfqEj7myy9!<7Zsg&GKq34XZi z{&{W}02em_qZwi9SAI2LV?p6Fw;KeSbek>zt+m=~ADbW<=u@(4w2jL7?C0(2v)>Z7 zdv3-x4OB>a=oQJOxy);{v{|qW&SjB(t(zMSS#$ znJr0vD861-P7H!~|LN3rILV?W6ay2Oy@rQwrMG0wZSY490)`!SNz2GJ&T0HNvf~eE zUx00lo6NV@!K9^J@|-oY{N1(?AcYY-ty1AgilOYX3DgDD8iI1D1*J-V!i^Szn4Q(0 z8m9mu6;)45LF&fOIWOD&AHA_GKT23h2x~6;+ALYuQ|46qChd!RS16082; zTIEd7IBu9Pe9{V9@cb#Su66?o6 z72Dnn>yS+PK)WCp#l9sBka&)8_20?^83Xs5;PpHlFTi3!1PQI2(z?Tt(mZr_gOAtY z*@~<{vE)D_5KEXL(n&{;XpXr!iLqSf#0I*_(83KgfH5>?ngkx}J%Dk$z8kYZ_vaq4 z(esHgy@ZpoeRG0?AyTV<*QS0KpqZ@kr2FB^{jA67>s^Wt=-HL%V9nq*#m^qw#Wi0QbjmaI1sYD@evz`^kWhT(LI7<*`4+)c=Guan>of;0;oS9)HsVFwxJdm%FrWJiCjfRELWA_UHK&*@JGh zeQ~}1AiJOW3R0*)wY}n?tra^%puG-sU_a$4X942m7i+L7*6>A@ks zn6BoYR9V9!Am?5`s1Wqt$~AO`npd6!#hd!y8HsUVGR0|e5yxv! zH~@`=65WN&{B(Pq515bhcJecUfiH@bC2xXw24m?vP`T2++CGeq48>+ZE_hkPwk@-01O}(mTIq;b`4oe$Fok&Mcg4{d zGda_8-qbJ#3uoeYP%*sY4sA)0Gcran@}-8b*roeNR3Y!Nu}58en+ambatYHTV~BA^ ztYR)xyfLM1I7RIWPixw?kAWpHr9(rmz6>3&yJyUHhxVz`Mpj_W*+b`N4FZdqMEcE& z%beByZMmYb6X^;u`+*G6Sl5Z8Z4hwGzf~!!eb4Xb{PpI0TfW;&Dv1|vD|gQhY5~HX)0#^aWSoi?Ql$uQT$df8h&5RB%0b%* zqk&k!^Zq_4c2d{q1JKPYYyuj`$GmrRu6NbH>jSbd3p1rQd(;5Dz1m34?%)d}EpisF zCd9iL_O&HTBP)j$_c&nz#tYeq>i)%bA`-0CL%9mejavkDZ?XdNjUv7u+i)qodz{bg zp9;-PF@YY4C8Nwn;FaEWz6WJnQQZqc7b(E&v;!<9*_}8uC_9lj%6sS#CjE^BB>3si-Q+*BWIn;o3taT?~7WN3o$*v6)_;CL+vueU_o1g2R z>q%fGJ&kk=+5`D+IG_9}Gj#pJ%mPAKzU&e%+Fl^BYWap>fJIP%pUsir?Kga0gj zWQ*i1b~BZ;i5E0xkGxJ(qMx+S7UwN(D&S^7-Fe`eB3PJAi*Fp)lA;s4boK>EjoPd} z|5;r~?yE=3SSW|@o~;Tgw`&*QeM*E`Lgd8kaZ1}fA=5=mp@Zmw2#rcn_lZ7zLDCAS zm{SfO%$`aM!Mu{-(9As`YNKf5wx%w+fk-7|xN2J&KkCv`_s;AGh*W`6!pQ%iUwNnK z({3S_theN-j1l=G#N2y~AZ(YTBzAy(J4y&^P|7-aSn^V_nc7w=Cm~xRo6#V%W7)A; z#9BctIEOPa&dPQ)5=A_0uWTx_W&^V#=8gcr5VU|D;Ita^eEMF~tNXz?Jjh*+tqRP4 z+FkGvqZmva1`7PW_X5mN1=VL5j{9Dp8d_w}oCk?=qGLdS-;Cfi1-{|e$5DkR^CBM_ zjRJbU3jon*B}EGW8$ReQT;=|O70$cYvS{U|O*UM}@|e`OWYwz){+mcqzAPAO^}YI( z1PRoSd|b<77_F`LBN!fmHUPw;W73r5vR{2{d@-5`aHpGrQ_UyqLKk6ScEITr zPsb*XNHejDcl73$r!WA?obl6;OFtxq@7rJJW$6|JUU(N!57{PH-8`5PSe$IBKvE8G zk^URWLyPgAHdir+iUDh+BRZen`!hhpTcRQ3l2W`K+-h-^<%u!$Dp*OEgG2XfoRnq| z9fYS=7r36Qn-BV@cH@lgAl6N5Y1gLwm!Kitxl9v&$s*ID@0J0xSc=h2po9S?_l+>9 zUosTYfNO5ignn(8VmTbraC#Aa^2Pb*NbeH~t!pD3$LYmy zJrM?cpDxHO_27fG8~ulely~u>9choAQ^E{a=AB6AX{*^2fN;UzX&)x8Qly@mf zb1j=nJ~@h;V!bN^31c52gz^v9s$1k!S3p!r9U=xO-=RW`^}BB;+c}nKkh#2 zX^Kf66p4CTBp4X8X+RpgFgx)I(!9z{&+zxfRJOf5B>8PdZil`7SlH{GyfTspkg*(z zB>+CY8B+i4_Cl<07wWVcK#yi7Qztoa0ze=Y+`%l%di!V|7}8QYr}5J|%hb>0VYI7q zXxvV+y=qaWH!38TouM8O^|d-K8C5k55W)1;o8ADV^e-0Y3HnQjw2HhAtPVc{f7A~s zSorGm7}w)-z~l)S>X%h5j07Ip4N37>>pBg46~+7+PCbl!48eCZy=0zc^3V-B(Bk^y zDWf}f<^OAPJx>k zjmi#M=Ms40+49Ai2M2k?rPP*awE@Dfw>Gok3+hl94FOILG2Q%ij#5;eE_7kJ6e zz5f5Q$s%7iWUrh}N0L+!kQ0Ixd5d_IPdNpEqLfqYx>9K!N16#8`Ab)+Uy~=_9c~+G zt21wmCJY`ZX9dFMSt=4@YnUt!sS~19x62a>BLIBEY}eo}vV5q_|Lf|L9Re#r47^_vkBv*7;)d(c#g(jc_OfD}5&l!U7j4k~NPNhPxu&W$c~ zp?IKvJ4j=|OG_TL{v4g4%Wt_FEp;r>C-iy*77T^l2GEH-rqsADdvDtSogRONAKPiV z7P_^>YtHAv|1@}b_5r1$L;)Ly9rU?5%O?S>n+b?fyCW)BER7_w57dt)^z&ZSa)dD- zy!lVT0mJ5M5IRZ(OJ(Nh1{{@N)|BL-L`L6Q@)Yfz266y5(j!@bOWu8atIKbHX|V2P ziTAa@qR6bB_(LKfX89s+>s1UurL+LwE{co7#iAiH-xG-+%2;aRk)9CIMS2WFL|{Ce;gtgBmnH8)X1XXCNt`Ic;T z@7_Hoddird3yiX~T#8iZj5&I#yg!Tl&<-eeDC#u72>N>Sw!e!n&h6@}#T7d1rZMx_ zzg%!L|8~=y8wO04t_5JNkyuM+(56m+-6x-f9CoUD^Eo@)ma(b-WACk_s@}H0VL_0R z6bWgNQaVLoBi$WJ3y737NQZPIvXvB&1_@DGLK-M)f3j<^P_9+QMxK$`anc^Cn_+aHo}ekb(#48#G) z;jOxo06i%#2?1KocT)@OP)6Yu+3r{V$^NQ1@g%oFmUuGDYp}C=pTAfHI9*cKyJ^mx zbnWo=aqurZ-X_$UvO}++hT`z6Bfvo|+)-Wh^7LL<5}ksLHJB+da%4NLf`0!+z6#l( z>#36SPw95*8kQnRC6v0HbmqN0hm#FiW+^h}QV*ILv&mHe>k|>I4>I7sI%yih(ZCk2 z&#h)$<-0ozt6@yQN6F^IWePmv;)ooNcv!i>YCC#7ntGyr!=}>#2k@eBGCW}11eXrwS0l6*J-}%xM2eB83wfCK(fp@E zFre0QqvZ&{0K+v$aFRIzf5IhPcOo4D6dp?|wQ>D$B)4Ysnm??&uI33iPCyfyL6Tq7 zis*p1a~p2Ih|BC{+O9K?1!u6qZh_3rW<+jObgYQmq>rkf!;B&x;&5_F|H}O(5P3OZ zDh#Mh?ethp9Y(nv-z91Br6$3~_E+mdN9MbVimbc1`ABsI9rG}0y6$A%HdO(OD0glX z(R4hx78qE7p(Kr(6*5nKN+9HY@V-;cSBG14);7eb76H5Hu8gv0I$kBi2H}^%qvbH= zv_sZJb|p$M5ylAmVN<&|+^r6-;}XUr@WjCU;D+P_#4Z2h5m^1S=eo!#-Srb@E@@m> zDb|NKsAu85-izGbW<@pctF{MHZ6IDP*FRU@yAKK_pUs&9w|qJ7nhQ#4O85K#KtsZX z*BX}5qzX7_0YYLtKDr5V1~Q$0Ui5OLatuX$KS829;2bOmSB*6k@fxf+)ViJL87-aLmpE+()Pq)%(Z9!6Kvk~`Z35^+dC^tSR8;%K4)h#lwROSKioIq* zLKuU&TOB%b%TRFSWYg!2&^H=Wi8N631%7Q3y24>66NWqcIzSm?zGFIwT5I~ib>kcb zjtP<2f$5zz6^9^MekFAiF;@9=K-$tVF@U5|N4gum!z=}QWuYRi))8naFo39L{n_{7 zO_XrWI0h7-!&Fs*`?%#<1J@`@9z0AeJ0`JKe3q&gW|0Ucql@?)av z6E;GVI`0z(ui3;!^bD4Yu@Ym&?9e!H@6Yv#<5+;^jZ+(o08hn3?_%D!c_<0nH(30VTdGc*Zwwj!pCh92ixnE^*5F;}h;SGcJLF)ciU4DDm1~zJ+2ydL21FzD0!|F%U2!7@sW%1Bx@~RP$PpoboW?dpswLH9qpF*)V8tbA z{K>m=anRMgs#Rf`@_yk}H>p1?^w2>&23E39Z5!rHx1`L5L(*0HmQpLL|PdBISdVJeZn=9c!9@2jGQp9#hO|(V+vP_%Ds$(+{JsB!< zx%P>B(Nsj$*=876srtJcF6^i|RW#4E8)T5KK6Cg|g106uG)LMi)4-NNhb||MlJQ1I zMUMK055~=v1p*&-cwcb8oe5FHxL3tw|1v5OwTT>)6h~i@DJb7rr|b{r@F}|<&n1C~ z*+)S_|))n6j5dnL{zs?_ali!a+M*)$3)0sj$)j?p(6_ z9Ci+rBcdc)u3DA(oV2d$tMOOn37y!COCD!)7?+qiphRHKo-t_+h%!fpkt7mT88w_e zX546k~;v<39vCq4#ZN}ecwV?BHOJ< zR6m78?fK0$)NxyyXiT-i8){rZjy{FBtT36@biW8O6T{*WQX3T3XdVLDuEWJ~km(}N zE+6wKu1(Yj9$^syN7vCAuf)7vZ(T9UzHSFeclHab<&GJR4gPBjGlB^9r{3^A7XSL953k z@j<6<;K&fRVt6uS$chRs`5c{XIK&O^1Ye3vE4`{O;{9xPQ{LR>P5Rn{6Jkp|$G7Gpoz*P(I8x`n?nY>L1lRdXTcLPOPeRK=p z{gUQA=+=-{a3fsfOa{1|7Q6da20Mva)+<9kU*CWV0R?c>;3ie(iWLmN&T7c`j18m= zliPhlvhct>nZG+v5mEYJEe79OC1gpMb-~MDkGc2o#T7T|j5`~khgx%|4nDO6S^3H- z%zpRE z^fI;+EEi>Y5RB0T&kDXOUQU{>Sj;p<6^dFLkFJCvgJ{O&$MyKyq?Xo6>wY2I@M8e3 zW2@uuN6Y*AW&8DZv#B3PBRR}o9Jfi`(IV<>tUn!8q@f>?1dDW|6p!s(?}6 z0{s+0ol1RXbeD1L^b}T~x(!lBWPnPH>OKsm-fVh6y-A0AYX@@Itz^bgVZ3u%`eaUo zFDLb>&X^7BPF?$oWtHKni+@ctJb2wMNtMI%N(7#flY~NVOEqnc?cIrWKJvg`rmIr= z@1jr_(UyV`F*F#Q>WGGP3+V>Ztwj_hH_CXnNI8-aN?ri)t*4_B@i6&K#}`L>zkU_U zcqzMTQ4XDnsCy3NFOe)2Q3?<^LYNAq6!?!NbV4>(->T!1yUVN#%G`-phkk3X;U8}M z6jF71v=%IV4v#Cb_!80JXiVFCukbr(5B>U4~_4C6{V9!T0-PzsB197yBTibet3LP^B|u53x1^D zD_AL*I>gWJ_F2CF29<*PaXdINNzGeB3j@o{0L#P>7F(7T!vp#U!}jCyQ^(v#$-+<0 zUU_lF2SYBQD32(f0Q#!If;4_n)Z)0?<1>`@pzHFN?WaYRscE}m%3imy8(N%bs;H?W zCD*{=b9n;)E&}@L0|JPIk~`vx5kxftQ(6Y${{gyey?w)(2Cwb$ZjOi|T^lDI3GZ`- zP@|Oli(XD@CSNQSt`dDn0R=mWDcH)lTvrF3Y|F43+<_2$aM{Bnep zbSYw_su>bvEWjx`onIhVGPXZ-aMEIxC7-$*qJ2X!k$?+^ z2jv{XN1|(BdS*WNT)qb#rDmeA)KD2?@Kb?K2a`644I2VTr&rmQv?Qj> zVB4p-guFpm!iy+t==eriBt4zBt{7BDpvPDl2%taEMpr&Jazy_95$N5wo$8JdU{_Fn z#0s7_1vY$I*Xaq~PR4cafn$pM9a~Gf89tWk8)X3>7?~4}fqiL+SmK!EIHaHem*EXS z&jP=)XXCa08w4y5Pd}udJaI+5J)2AsLmORfGr_7@(b0k6A%SP>L@G)w6~%<~j|9Iy zIh8S@_{9e1^)Ff=>58`&wV(`XUB?SgDv2K@z9nh_&IA^`6<*!1KN{)=P?oQVis~@6rCbE)K7u2PFAG2P3J&f z4r3mVfNLlg?o%ZA(WG1cRL9hli=5dj!duPP;)qzL0jNt7;)W@Y{xz#d@1CZCy=8gB zOoMf~)(kQDi10h-bv2aW_)DqeQ&A6JKD?IU=gXskB^T$Xp2F?Q)*GG1kNhRE!xxH= zPl6xe{!jyLC*1%85A6JK;hRhgre`R<`TwJf*}UX9H#akq=i>iyRi%p z8VOY{Qk7YRK+)ctlHQPDWRs$jz#(#*Uhp4}sQ{Py5_Tl(h<%zu9>`9$t#Q*L)A@Nq zQ46$*e*nzF#eQ?w2=x8eoU2^aD+yEybAi#bYlNR%)6eSiV=?fVHu97(Z^H=$( zS@;pHYXnRt5)zvv?)%Lu`up5|YLs&VEL~3lo;Xi1mA5OV!r4mdX&x{y2K}HBURg%i z^g-WIr$6kx?n4_c+x`4rxJ3Llr~NVNP58tTA4n|+IzWAY~Q2I(I;AXJTExFi;z){yR!iKN#g^^w0IG-I@FcGgafW{ z5ZN^%d^jzt&#v5?V9W*!l(6%Lx-R4mI$sHt*wj`9l8{TWGrZs?3&Tk_p(s-WTW{p0 z_;NRF1$6g%1cnAmt%>(;231xXl=`LWHI!y>;4GL3hOYBQMm?;~_Q$!KJL=dgoCNTa z*;t=EU49dsot6Lt&8OfmTpqDNbT_I)&07b!4!0e+?gmOuN#n#Xd8d-j+uVQbHvOV~ zE6B}&&7n?cGb3`@wbiL+-Z5hAp@c+40OKazG&svcEgYrFCVfm}b@xrlV`>4)3_1i_ z`r?YRk2}HZKJzm~@$&}-us>ati3IO|96R7;o*uM`C|$Y4fb@*H;ieC%nmn}|DEVa7 zA1l8jq3wI3E=0WZY>KV4+dLRuYKNEBIG)X?>dXq@gIQ3Wg1ewqZUDY{0@SRFEfDwN z387qE#^5By{2X-)aewhfod*K)V+oig@HcoBqqO~@(($8sm=VGAO{1HhoSpFY$piSy zhBMO*Se9s19CVsrWj;I}*Xe17_1zRsWXccEM#53weum+l`FK3Pb_$=_Tb_Bk3)f!hM|Q}C%r5+Gh% zv8dbtV8$<{Bp*UJ6bE_)Hz$O^ye?%}EdcTbu!#@Pbui=}*u?inQ^5&#^mOD`j2{WU z?p#*U>V$85viBY?+euAHdqntwq#_v?*h<{@6zeZ^xf)N>McH5gBm9lP-rxui0$NCi z-%k}EaRj78_q=Aah27h}`b?baNTq{r)CDM@+dXx$OkZBcZD+;@KfX^Opp5UX6)Xaj zqEv;;MA8{%iV)Om;{?eBPrPkOo)h>IKnVf}-WiY_MiGi(N6}rjp3XF3;<0NJZy6D1%VMZ7Zf9 z16AQQVR{=)RHt@ec+C=z8TR&j1T=5A$27PTc@3OaB~FEsv)#>$fg343pI)HoYdRVrHm*yC7L(RU$v07Vou zqmF!>8q)LJYGIxMAYju88y;YI`in(W)7>USMTOq~^5t0o!fhQTG#f(b#3cdqy^JFx z?v(HEk4}<-b>p$&dG<934;3EjR+8 zBhT!rbuDPDRAfM@wIadnvN{h%LY&?_mZ4s`as~Bu0|~aMQmYP5oSuX1svVeIZpM%? z3knyq1FS|I^KR3fz(}h_Rlqks<~UzMOc#Mty};T4w0Fm*>}K-NrrjH57P$t@hb`RxVqxre7d@2id2RGqR)eMA|S%uKle2S8L%$MLG*=0+>WYIf$4M1Rm%8)_Rb7Z<16h(c<*xXJ; zfNB6Gb|*%V>xN&HEyAJ(AwE3;E-2hUfk#ivAgnC7MkR?*QFqI>>s9FB6ivp3hhD;c zK5BE)0`Iw{+_{Li&*xt6jwwhPvzG)v=%-M`h@t#)K7$B9MppfHBAvEy*<2VPFcZXC zw89|9KYw#NY6j#B7+$h3tl8pU-*;QApJJ zLjHL*kK#VU4@`pZtl%Tg8NpuyPg%Oaiy?KvA~2aiq8bF*{dCsZ&AcL~Q+8PAPsEgE z{l_;myP*fsYxTkt7oUD)o%et2Vql(U@>h`Ze&s~ee{dou*xR*U^j`k29M1TU)&4)v zVX&o$KQ0SPNynRSbDrwO0HJUKnL(yB5EaDVqyE9LMHwyS^-5Z>3oF3O$V8VW5X7Cq zG@Dq@pO6@S^`C3uQ=dJVKAHH7t@}S^F+e`S-)__7G^|OKT$BAY(B^Q1iU$UtaqbR> zz+=CC7!LYSbgI1r?JTA`t=K2uvlY>Ik0uXhd*`#2T=&L0s-fTom9kASRIm;f+#NZ6 z=)Z_1a=h>(<>l6U_S2i|ol&W$TR&1xLt(mdf8^s6pO!6uUyXCUc~l0*>pG}%fYHDL zL1^nPyl6+%?CBY7Eo%UqoWtAPk+}(X{#C%nNtNuYpowlc?E(c?dTR;3M&6F+k&rC%> zE||9dqYwAY+yV~4T8`zTkAHQ`<^z!^St7xDK`S(5X1tVJz22)E4yASogFz zf#Pthx8-CD!s%z(jDBfQ>btlA>-EjoPj|fLdB=x`+M}uSobJV>y-hz5GJp zy8ZaNn6^Y4Pso{DH18{J`t3#!MWGb#4rs`T<=VGYs_5efs9WB5*aQf-=G=IPqD;IC zI=mi>e615o5y-fTkwO+-#wzn#nL_ItoWqiH&9&D$bxn>LM)z-u3UKsYyw|qB5g|0W zKM>6Eb~A!(zUf(Kf~tS*32&aj;lBJuN~!eoDYPJaQgtwF*-h8fh+-RN@PZgV$`*y~ zv$HfLb-CH(&}tDLM`bp1=6ZE#%H_K<jQe z+>*29jqEKp<;>l|Os_^1LWfEP!*uXp@9)sM9J;%yiUiMkPfYWns!fg8^N`M-9=nQt zm)Gu!?xoJA&#&EdWihzTzEKfL(jE;)%g)2%GKBrcwz_&>md_DLsf?Quw zs$V~zIsF+lG-$Z4gS@)>7}d5H(t{5K=?i~SQPv}|MEUl86H#~egzF)4pDLymel zwian6=Va|d=vMO4lZtT8WHr-sER9c{c4IBy;Z}NOeL2Q_DmWO6xRdT3f75LX z0$E##h#j*hbuRGpOw#*q_T3}$Yf+(o$QQCI^EmiNr8dIN`Za;!K!;SZp9K(^R9ePz z^MQx&zjmDwhGoD`nHE^gTPXN0Ux)a0rPvUO72Zm$siZb%}S5#jr_u5i*9rhh|)#=uO#k#_1V*NZgHLF7-q zpROXPRKlKeO?dCJ`+_w7U5RL~@*F&+FO`M4RIm}u*0&Zeg!-84hg(J>V+M>Hb6YR* zdW+Yk6#@zA$c+atJw|D6$3QXCfvy=fdxSn6%cY28Yr8egU_i(JbWFj2fs(z!>6`Gd zLVmfIzw23<<8aa@emu zeWWSQT+cWgGjV5~<^LF##Y~F$3{z7NokxP&taFJ3gkC1_njgu;nbLc%wjQ;7>c(Y2 zF$zNrUXbAfupa??y)n$qPJHX~b!j1k8-$`Y5V~uw1)k*Fs#r#RgXrr1up8$jAas;7!4B<6X3qRc)za%`Pea=q0XW^Z$GgZ7LTZ04E5o7d)`RJtqg2M7i)gM!{0uz*yb=J8zrAVl4 zmNxxQdZLXE-4Ayx=Y#M%urIe`qYY}g_D0{YizZ(pF>NqeFq>F-5IM$hMlOIOQ1wQQ z&Ngmo(fY&Lp}j2`QsY*L^){?b=PyV~4`;%xxbEGFkCnybwA8X!b4S5mV46sB%Z+zE z%2)%xR*K~g#jS77JIHQHt|IgcI~}T*7q;@&Z6k>8WkiWWEZ;Cd<|b60v9(!NS#N`} z>zZFjRD1mwdXO{(i$p!2T4(nH-$V0nzUNod70xUglPLC7cN0z?)=`G+K^U=v?4&KR zcvkZ+g}CVcfDKva^)K?Sk)CH`Gkc>WB&5D~f(Tp3uTqS$O&fl8D5iKU9@pqW-s?%V zGpF6Z@W6RAXztTojg2>p@w9XynP}3JI4U$7N5gS@>{$W*o^SRcCrm%Jq7sY296V#$ zb~@Oc&evKcrsrF>_5LVPAZ56-XSGRTbCJk=kcb#tx!a$0+iHmIrw`9~pJyKl!p4&k z5NV!f^s5n}Wz_7imVO$0(e9wFg{Zi0SZRnyykH{U*a)wAkn&UI4(VcK3F;mrU^%V5 zVayszA#yVJP54Bes7w5h^!{C(-2PqtHXm~qG!eq-Zd#kSj`qi_>tFwEfe3WF7=Fv* zxZs0figL_Z*~;f(kfrhDgd{w6nFIsL3(&di5i$K!PIJZ1?%D;(FU( z^s$Sp%s5s}E^j3kk<_$50l8s6-Nn0<3%_PU)hv%P5y=c!(!X**g)p6%tD*PSC+_XY ztb5VMKyqK}{wv`-|1lS{r6ku)G|or#3XdNG`F)NWo33?JoK{7UzfVZbBUL67*K&#IH`d4`F_+BcDBn02g7FA1vhe*t<7+iwZOGU8a`5&{YM{0ld!Sn1pMppIq3mW{~*JS3Dd9}(n z`_alAvHmU9W{~`UpO~uU@%vXVX>t(9rTFhC4yDL$fC*OW_umW`eeHFi!M8G37 zSie3Zi%0|kxcsjb7=#Qwdc$WqehZ=92=#5R0cS10=onCwK$bx%YuzlU+5qEuw>CdQ zLoe(Fkd5boW4YFEf78O9^9s>#>hoTOtjzkQnw(-P!iGPZ0@b&bnCR1yI5g3W^BP5g zNSPSXs=v-hna9CnOTkBJ!)%F!WnQ9Qs#au(`nJsZ*XBiv&i1KkE@XBuN9(4fmx>kf z=kF@;V->2wG0E8Ua`s$yOKUoW5ncHs39_n)C%6O$AtHllWlz6k=B{I{hU<(Y?14n} zA66=Z~JaO}b`1+1Gf*8fHvAVRn z+_Ff-YcoOG`D+ymVIlsWTu|(QoqXE(mw^2J>-!(eO>ET)VpkwqhP25n|2IUO_A3~`YXM;d!b;2hx56rQUTI+vEtCmEi1UllH~WWgAh~7X43gG{Du#n& zQs*f&LIYENvBE01U!)_Rc=R;a%R3j>ay?yEb)0yRxU3veDGPA|r-PXQgdRxNBZ9%O zOvDqk2^5y8R0v|s)du%b_aqCg&riK35h_M{UhYgl`6uLN12IArbRo9@SqLZf_peV# zWPXMa^Whgd|3D4Yxo;voQ@f7ZKUt+^5DG%uwB`SaJS%|0GlH2`vj2qHd87mgrGLbl zcm40>l$%!^8DW45=>HiLWvCH0qAc?tD0?rW0*_$!tAE67MK;edYUW>TU)Dc)|G8Os zL2xbv+J^sxkrC(et>E`h_7fD%0r9bE|AdkYO}m-5W)(9FC~%rt>hxSgKyC+Y^=@af!%A`bFY6ncZ2`wD0|Ph zD57m|M?7CrJBvs=Y5K@_(M;s<@JCWV)nB~e{Deg9{0xdKY)7fG zKGmr@^>uEIPA}C-Gcq zxDs`?G?~jv{y+2J&OtQQT^YG^$3B*O-SDLv*<0nm*!yuq`{Q3cfklRvr>2~B0p#zL zCnEcQ$Aci8-8>#%I1guulKy^Mfrus_?!kT$QOlP5S%a;su{!t^e-ehD`>S^I|Np_C zXDR=fJzYqKo=v|OshvWK)BWbfHN!)jy%O2AAH;QqhaF}`*4_>$y+LN?1Lr=|b7no& zmeM)cKfhO-eNXo9+!0UN?At^`)d^h7Xk|63`rX@2!f*XmOP17oiy$t-gN%P}iqGTN zm@k82#g^VL)jd4bI=TtEf?aAiVl4)nt#CYTZwTQ3AfXesv@R(7XI7)T*a1)>7Js$j z%yUzE$Re>v@Z0-uMBUBVDSstzh=5~tWJ(Yba6Br>yKXpid@E=F;O6dVw6}GowBij? z)$uDvQYf+Ut$BZ?!PeO*FhpBZc5^y2;`fB%I^1&U`>yCsv=2{0$M~%B{*glKvvbnp zuAxe(-Z`^KYN3#BLWNn@HuqrRyRRjrs9TuHl*zH<>=yB=P(8lNEt!cw3dFv!S zq_%?n1D*W8TGe?dkO8d2)98&IaYZ3`Y$u`GtZGSI*Y;=vng%<`E&qyZfV&_i zhG9Jzw(BOE%I9!7D`0;-n;vtx6FLJ9&F+(w)$0dV;m^azvyVUI3)j8+t1XGhZXVmo zQufI}_`*apk=@M4or<`&eD!-sLlOpg7K7814rfkN4yO*3j*xJc8)ciVI$@1o0`H$S z^0YWXi`g%kejyV#8QkHd-EOn0-E>r^Ezjamrb*#DNFuIxV=2!Nj<{Mr=e#qLe|_lu zKiA7gjFS?p@Cyc^GpEO#A@B~9F37?>I1M3rP4KS%EhocvukoNe!JA{(r=*GlIX{s| zA`C|^-cByYYY9S#3IV_r<3j|53X-91Q!CFcRo)D;gzp?pm_WWBe`ge-O4*`~MPTZ= zIRXqd9xx+RIBEJIaymZOa{A@VTl^H2`nNwVNp8JIPbJQ>3c7qt+V~+QI2{PI%Pmt+ zWc=j)a$NN}E{9A<+s;W~xfffs{GsbRHFa93IwZ(pzzq8BxsOyCY*I5`1_^F3&T!vb z=;M>=pOL*t0m$wJWNRBDia%27>7ZHKI+go}CKgT4j;9WO%-$98^v8G#VgO!GPNG53 zoD3fipirxl^kQvvUT<{#;5*Vm)u|Y&3Xh3KCo#Pek*LPxLzS_g;5D>c}8=-9;0&k8<5Y9l9r) z=QfNqUQhG-jCQS?C*nE!P#xKA)v1ql*0sTS7)+AxVSTEeJsv|Y%zjJRVg{dj6fw#_ zr^eo%E+V&%xy=rZc7Iak)iZ5)=#I3$0E^QpWR8h`kt>{X+o!M`pSts}h!Rt9|B5xG zQ!B-M!6e;Zm_$`nzme08h>vfOGnJvcw_c92s)H3$;nd^Pu8DV($3rcr!(Wk22DEGcXDZc?s*)ZWNq_VZnEZhvQX(aF5`~rC?So< ztvi3IWN4}!hyBEC#JJ4`pPkG-Ug}oPGf0K%pd`eG7EoMB-51=CkkbfDm9#yPnDB?Z18ys->$EWpJ$GQKMnNlX^ux-LpW$2J=VFaYlMG>nd~F=9?Z+Pac(t?sBu6a>^IH-bPD--}8seTWF^Xc--6dAm>fE%P(vl#zu~HS0|QAgr%MT<9eP z4?S$?%Gcc^#NEdAr8;+iy5vUYBW4hN)+%t%6^(s{BqmRAr9Fo&y9*XW|O_QlM1T?E?-u=q@r~A;B?|;5&pAn z*o4%RBz6OV)eq>AIvSpZL;vZuxY*z2I*)ny#1>xbh|;*VzbilN&jYE{fCY$%lP4qUu_@;o`W z#ymQisX7gP1a>mmBdr2ZZtFK0^Zvv#CZL4~gbG`Y+`LG2F6G!0Ao|`AMWzP=yLtsD z2e-4HT2CG4M_;XHrnQm=wG%IO!L|`Ox8j5M%LccG@2B0NY}xZXK?>VkaFp{};2y!L znCjDrhca&^UY`E=Wv)u9wm$jzRLzYHoYXGNMOQb84p|>*Mfhs>*nK-d?R+g__2xhQ zSBzU)r|oOC@O*XLBWFEo+PA+{v$T4+`32t`H5EgvjYmX8 zBW$XQ22aXu>aBMb^3ytV9?8w)64?ZT_?ruJG*Oa-ONY9YNuFcrs%?>T1cOuKxn7co z=C4%SuCy#Q)D^bgT)ykaFzo`F{<%|)ar>l7AXl~)Q{e^DL0a0k=i&moM<_(R`t7jt zI76B7p^3a+D+ALYyOJ0VN~C!PWW~EUYa7{V+)0=)c^q@s&8T|)5KLvouV*P*dfb%T z=uxLnm5nm!Ub}s|tx8emwdydjZJjpUWWSvV&kZWtX1k(va_MA#e9ghe|TaMmd2~J~q8rSk;Y-gv<3iUha&-&!0ASsdb z-NRdmL*0^&<|`lCwT$6bChjW>@TQX4!z_$@9s)waz0a)Oy4l)X^%hbEtv_sTxmOuA zndlE+)5iKq$k%nZIkC(tMs0QE?raP3)p}0a_ct!Apt0%qz0wg)pC2#P>W6!hQn`*> zLkh4jr2p8!O4X@1e2JF{61|#LKe6*n%%$*?2(!9h%vCqe`T%PyI9Z1@)*!k#U2biK zr+&~S@r;S6ksD>jNShXekm!tw_}qrmK`GUOxSu%N$FC7l!D^Wd^PZLP98w$hAE+X^ zbi1skd}8;Ivl=dv zl*=<*`{E+xdJqZj{DL0reo$7q?N0@UCDs8}jvWu9Ay{c8exa-Nnm)G_L6m68_miNR z>(@78)6>31^j3m`u~w@;-{{99lVa$Y3Mi6Zyrn|Zrym+m_0vr(TYIi%X%gDL`UUzt zaGrIFH`itG0&^nP-H}?K1ErUhka(R&#lsrz%(f59| zV=Hnr{G)!sNH@h_)^2QsjdW_99jrEEUmTG4;J+p>VR346x~yt|zIXkR0=e4|YB!bP zahGVLoxf}vGpGKb_cBPQ zQw4A%!JmDc-pT!TYQzpH8367Jk$yQxeQ=21eC+;a`-Qy(FW`&$fB-6Z$dgLz%I7oP~ zXj3TO%u9?{SUNn1#^buAOE=pijWyHXd}KM{L5AO^7)mA)$7~0G+1dC~GP`kI7kQUr z1czp}^3uCIH|Za$G>3-T-Oee>la~{k^>2$Bz7#C@g%13$^(+Aa7w<-GWXN20Gj@6> zVdY7O>9-DA^>6#ENJmjt!Fcw1mmUBb`pBYc4xJYqX&9Y%bn$OsxzBy zHbp#3uiTjkrNnPTHNO`3{CS@JrnLk)KfMi}e)gyJ`)pYEi4rg?Y%%&=^aKM!=8!+l zK8N~FrJ0FWHk`T%!^_`FdnjSah9256x=WA~rzz@*iDkFeR^Z!DKr2O^5|Aqlt6223 zAKjX$qrW$8zm7*6g>@-hTn*X%vTUf)oYHQ{9kzQ(l>q??ksh{SRm}GO%Uq~7^$yyV z@7pyhz2trC=Ei8in=cUsXQJFQmXYiFua|GNtA{RZMa%d<`>l!<_Q9GN+y7we(nbQ7 z6iW9zL)@sDIjJ@zq5=C#L*-@K2PyI~n>{P92?GZ9F|g6lsLxG}hupD|o1m^%cs5?F zM^wbZb=_u~AZ@eqDLU9q-xeBXq*^KNn>;i1J40whsb~8X8TaGp zcWi6WGk=Nrce!lZqYinp3`y1y<7@qvZ+Gw?;}kk7f-|I*#5`p6xGKU&e8nbaS!q zWVG3=QTj!-K5n`Oc=^!HT2_y+F%oWmJRZm(GPc)iy!VTe!Vby(Y<eYuqBf%u@uYy(+rSEAkT`18JZ^)AFSPsWR&0*9>)SKm?o&?iqk6!YY4qFey| zT&1Wvon=GO>R^W%yq~@)?Jf^}^7hS?_;?G6(8p2wa~gMaRenKmo%MD0fxxnHY0F=1 zkdvVs>{Lp^bCJ@F5cE`k%osL?{BDg2-#^%k1Y}A;TF;30at4dl&g4!Cek=&SF@>LO ztvsdbBs$m3t6{M=lMf&VIu*{CtKUY@rk#|maLbF-;-Ftw@^hlkjaEinri6>-6^T!Z zhg$u#by@1fdzUZPJ!*F#xDE$BmA5!c+9NRjC4XL&a2DCnV~rOyX`{;dN{3wQ#t8)#j_7Pp(|lS{UKIKJch7TI=`Jj3Gd7YH!k4bJji7nr$eg zn>!1x8=V`LWxg;t-DbAOVPJo0uNa;dR7B}SjQ&m@%}RP-K-+r{pcvjZnb3)k*{d%~1xq>a$y-@MO#2^;RZ~0i_-t@5j8p_-#fwc$} z``k2^H)K48^whQCqV){%ROgn;`OPv?5LGw!HFb_8l;NJ7^sQ#L;nDWxb zLtkS>mrBup!^X}49#)TEj>B_saqLeY;#EFz z#xAbAR~DUis;f^$U&rS%xF@T&8@O9>ba^Z8RcY^P#ff-rDa)=dvZC|b8%HWzTVe^~ zR1A1Way{=-EtB_PnRQ=F^C3ttdke3TsZ366n_^x#i^vyPH-3zK53#W6EIo@P>)3nw z$sFqi!444fydg<#&yvMHRB)Mka=-d{a%pWYoI%=o#=XBTpV)FsGFcpsyA~8Kd!pf% zpPRB3XxdS&$)1w*3ibNV!R+*#@U`l^j~|9zZp>|0E|hHXyUm`7lU>+pzDjtJN0_k7 z-Ql`kuw%B~duURHt-HUoHQbd7&g&w1(bV}T*_CJCa`$D`U_0bnoH;9Sl*A*V*x3xz zyIS|W=qpks;l=|udL>e`dkN2!|Fy90l#$};ek50?L+UjPj0$(lwT6+K^ovcem(}x; zRu07Ei8ZU4`di)%20l^P^OMJj%wBhXc7xqz`Z$DLtEqa++X+dRRXUkkm7>(ZlQRda zOeN@G{MhI@1QNA>y*$ona?p8zZ-6a!EAV~a>2<8ax28w?D)$!bh?_nPy69XEE77HV zJBOm@sfKy(RK{oD??9eRFNK7NcE5_h{yRmy5|?!Zsm{i2_CnEK&(MJL>o9KUuE5?| zADd?J9l5C$TX^ir&OQn<2>)^_R!?6*b;O5MOG%}yb&X(*;k&em{)-lR`cfMOax>PX zY<9jv`(&r96-rOYgDZ=Z{Ldquw2|dQyc<7?KU&9{q*yE^&ot3-#jy?9FzdQHP8 zIxmwkG~j_fl~Dr)(^>=(#E5l~^q*7(NO08sz#ul= z^4-Y{e|OOMpe-z}h4@u$2R<8)r1L1x<(UD!%nrU)t=flAbchU@`1PTk+0HqIo25$E z=Duo=7)tOztO?ryC|WI{j42PmJz?RDc5zI-0@I{r?=85{vIg8+S^`Rj%W-p%cFH zdsk_z-RgzDCz@E-r)gG$dt#tp7vVj{awY#HymBJe#y`^?H6JcJM4U8S*-O+`+@n3R zsdf=3Td`H09I;aPmOZl;-mS)Q9fc_PS+Z&=#x$a&51s-mNA zS~ZxDN8D1f#rd{#7OQbJ(9~`Ws}gLNu)*Z}12V`__VZVYTq-Azzm)F19zJ;B{JXUv zAkkFkX;9f(-(&60SlKKDg!I%t6)+l9QwaW51dI9!b;@fD-|!F^c5yU3-IJ5miZLn)0IYRmy1kwD{L?W=4PDAUqc`48Z&tMOH?js z&S90iv1`q7-3Q~HquE(Zata;EoZnIw+i2GmyM;t^T6;0#&yMowkCBd;Chie`ai+en zFB2SI{GCAf*gYCfX*zutQkj^q7?1j^4C=oL2oN-6&xaqg4jky7YVw#DH+WzdeY9T4 zJRRXWauZ#b=f;`!R-hO9 zTV=U#sm(-%?=7Z4L+m@>wi3JU7!~%|nhvzXn83lB=WyqOeij^6H)_+oX9FzeajS zhP`^@{LbVpULSqKb_zxy+o8~Mj%`;1%n+)EyJ@;x-HM~l)t5F)O?UNIao;0{l z5A;N>$N{Ny-v${X*{t{djgML4GiY_Z8MIw#=439%uZ!G|%$Y%E26?&F(#1n8qM5*4 z(rs}eT&{-UIP=Q7)3VK5$@F~HaaIre&z`F4qd5!(I#nKYm^#d5`!FjBxteS(PwN>T zk9y%&q+&^s*L|2FxN?ys+@7eq8@TZyF8oH<$i3Pl?5)B`DIxiWM5>(rBhhlb@y7Bc}^<{`hRsNcz zzJFUN>LewT0b`xi$mSN;s1#x&NMJsC1oY)APv6^DEqP^2bb#QZwJn(epCBGaN@R@) zEtDzUBU7mCCl{@WFICOFARt(^XFSqqoo>%H$koEeJ?;lR=jIANx?j!fRe=<=Gu(*Xh3%v0yoEu6Fiz&3meJ?Q^z!%R>KCcIZ4TFG(*`0qgvfMCyr@8QN(}~3%^vo*sLNQQ>)W+-KCVKKL>rylzPH!NMPfV6BQq^E zncrrmL)2@WKp3l{MSm%uID25&g=no#Q-e3^&D~ozuc1X;MLR4s6l`@|XdufDX^Hzjj*DRT`TT$x)>V%vYTTCEv9Qp!?SN$fnW5_ZO) zUOmOK_qs)PldM*HwlY)b>Fc)aUVvG;@k3u5!e4-Z=?!s`cazIN$t|!TIaZsv#egwgWNVmw1)-pg43r>JFDhm zX_6{GyFP?fxEdHg4l&qZOUXuvoMg5xWybsbt6Tgbv+HFnQ{|Qy%Ts72UJ`@jI`@}O zT11J+dzqbKsoR=G=iH$(Ma-cY7uuS{bU6kcq%Oo>(DGl3EXKnYJ z$JdbAr-l>W+YHU|vSQs@+-k9*$j=ZwE!cZ4*}|}acW1Rub13MaZs!Wm3I7{sr|ymY zZ{@}Nu zdMapu3Rk*&QVyT(CLtB$`C`fkCF9tB%wnrnI zdNunm+!B8P*`)RgtL~14J`bxsMYA83yyHDkZp}ddD5Ro;KqZ3kEnn2gJTQRM7Y6VX zs1;7zr#ecIyZp-&1q$Bpl(bK+C3o_I+OZay+9ahNk*vx$kLUM(8(vROWfV`CtxNVE zDS26nzSe?)dP2ELw|vArc7J(1znH-M);O(KiQ5oFzecl1<8yTRFA^#hiq@T|qL%J% z#W=a0$2vRLEGB$jxkBhY>)-2rleeI?8nW573pRy44{!xltk%a;GPT*JIyv3CcQm8P z0^H9FI{K!1OS)or^*l{+K>hE#;D%#V$Xw5F0eF$!l4TXs#)sg;Jnd_V*l)D4V;^&v z?~A8Jj^ez%1u}7Aw`JZBH)+Od^wnQl3izo+pO>Hhp#*S<%#Gs8DO5UV+6Y`%A!sV} z-@*9BA9%!e!e6y~4phj7=xDyX@6h<(P)TT)vVz~k(CA#?i| za_!Y<;{pOI&pxJfcxqOxdjWAaV;qE*{q;P zFd{)qA4t70&Uu?+(|H;A08lUd*iqS25r7B`$n7vNMqMVB$no1=|0@*x)-&XwI$?&p zvyYu)eaq&sd41tYD9Plo><30@jotV+;|t5&kcM{uwrmL~AzQ{0y6bnA86@FWGca=s z{x|X=eqP>O{@nC10h(#2DV1|I;{m;DpLV9H{$5I%Ko07guCH~B;#FI# zCvnrRf+F(&h}Gi7hqW;B_gR1v6(N;PgDlYh6 z?0t7Umi_zpB_fqwW=1k16j|A%L{?_@C{eb$kjyA#-pI~~%aM%{`|b66J?q!=lq<)99a}Up zt^|rs&uEzDc@&(C8f#*j4eF3NirSD5YX--_t}&()c$)ww4c>>_tkb4mrAr>O)+px$_z45Zf+_T^mN<^HX|~ z4Uu1Gv#=yqK#`@Nh^J#-eEI|vTi9hE18cip0@kACVDr4@BE0)U8FDHQ=^Tuu>ui5~ zHit*JQQ|k(EW2HV^{d8;uHq&Dj&33dw_q;o7DC~~r+S@Ajdj}jgZ=#Hnln~jJ9W8T zJboxAyWEykVr*par4uKeh31m@jhCE5*AMiFB|j&%X}*M=XvM?jos_+rSUIyEl%l?} z*KEU-?z;MtlkQYlV@%_Z@Qv6Ou4X5Nu*DhK6G42}V$;N#A!U z2}eec=h0ZQ7mA#|Ah2}f_2awmWzL<&LG%1z&m~TDU>6+42E1kAEGM>vFm%V)0iSy; z{$Qex@X%IRl=|UB$0orJcT^pj5{G@K2?b43HhiMCumSrewGXno7&rD2ZVS3|?{cv& ze8thQs|%|WB-JJBJQ0|LLM%JYtF0pdxq|}Z(KOnRd`qyKWNJ#^@Aa-2+H}%nFLk8mk!R? z-wMH!A*4tCGR|y;UjYtG{ek%E>(djy#3YFC;`*_$V4FOx@NAdJ21kwCxRt$}e)=T~ zce)7%8nHiM7~J%pO6JsiPEpV1WRoRb8i{O&XB6xk4WwW_m~oOerB~(<1v6GgGlha2 z4tg4*ONuzfd z%Llwk#w}w=hmf?i^Kw0(=5%DtCGJB^ZyXMZZ4BuA)Qyl8M1PYv4}x8vnE@~JZ&=px zHWW}s<3^!tW=`lxVGm*iW@F-N65!}d>Y;?(aL<`8mXz%B=n3Mq$z$2xX6)Bh?UFK+ zy`EFpH2w8XtK)%Y2r1o`*OfC+oI!${^!CXd<6fz?7?9D-pet~8nI zz`xr`N*zWh>+AT*Em{ZnYMBHaCf4vWWDl+yIYReZu1ITGSftvA64&-lT0LfFROFo! z0jh{hwn3hpZ!R;NuXmV;M6-KAZ~fziV_3n2z>#is^xC`$SFG+zsG@Vuq9TzK8JQAf zv;CwnY@w$#R)`PM%gvfgEeKX|>7JAjhi{>o-XJPpUXO;mDTQix8zoVi()F?gK`mw4 zgdkso9BLcv)talJq-|lRlpowACVJJFBaEH>!uDp*218s{VzSq0$7Sajjy1Q;6&Q^U@Z2#)ntV!;-zAV+1=3e(VTH((Evk zljG$)zZ-OsE+WR7=HGk!=;G}C&ZN!&Zz@L&L3fb-RNgmoan8|3%(a)w#w2c5+$ZSd z)Jewg{-C@^_NiV|ViMc-Dki+Ep!lsw;i{2Pc^I#2-{(EyOGHA%#w9jX`kK`Q{tfUu zrmOoN;JjNpqfvXY1Q^7c9COQpTEZfk*)F&cFBUf4UNk~&8$v3R`-^muom|S&xs-w1 zWc`=KJ$-yKU4@O#?Sl|Wsbwhc%G_h0$kMvn;VKuIrPBBF3QLK2tP@4e_~3awRb_yU=xK!2jdeMi z1j*;*oJXQ{igh%K(p}pKUp1~ova)fXzgZTX?A5phKIoecj6`2=c@S6>e_C4CGX6;; zRZ{paL)($2(>bqev-sZS0F*sQ45E@36E0Eds|et5S8q+9)-^$URD6qafNA~(V)2aS za=^=eI@%{kLl1zK1ko%I3P6qR2|Ao!-b)f={Itg)Lt!|hA~kg332G=$0sE62F;1AH zPeeU?6p4+A6?>+?srJzhg`xXGcRSizQZ|Om`RkL-cd|M&f64DY`Htju`tiSZCEo`2 zL(R+>X4vY!@k*1vgb)9Mf}EK~T`fPYMkUKamF?*zC!OH1i~eLpeP&ATKA9s%N~Mmo zO|ZYQsvg8u=Y6a%Z`*kGIVm*n!WiBVdDdUJmRz$GIhy~@y<5hnE7=Rgc9NXoKt6>Y z6x^%3B{|v4Kfd>Z0|!;(MSKdxtA`f7Lg(Sr-JFRF**R{g|^UQbc@MbAG z8+YESs`B07J-Ck0E_3XSWzp3v={x(IlS#=ffl7e;1`Vsiz8kEPb?PcaZdEfn{j@GT z)!)Sd=(1NVX^5Q0bmpUXCt#VTM`>X!d`1~u`HTjOgG|r8b?FvQDdpe~W@kIBCdN!$ z_`tORdx||L#x_By&i2Co9NG}n z>_jilOsWsXI>m^D+Fj{LY~j1l?H0XBi6bYk7E1IAE)ZMTYZ=#tlBE}|r;AUnn>Awy zufxgCmpf-siH=E9!rAjT*S+dsw92_6G#Ym`L2^bg?}9gO;g}WX06H8G+sa)$t!7$6 zRYl4q5N{>ZOskDExR66pUJV~V;6$*2<_E!aGG*f<`ZC;sWV_%ak(Mm`P&XNpgolS(oH9j87zwp{ z^L?pE(LZ{gE=}uw>dP8-jC5(pDJRQltdY_QzQz98p50W?f!RVxm-Rf?mZ>7NREktYka&P_{0`l@5Pjn-|6V;UrAV#gI%2 zkjO!oY0{MJU#wdf#-Eqg6~$7KRH94ReNHZUsO!8nJ6+L??Yx(dAk&=KaAL>Y-<(m$ z{o`X6<{qJUMBn<01=(EF`l{O@Bk_2j5}{3}k=XZ^nVG8!efKr>iDS!m11mYt+3oU9 z>qAn++v(XZ=q>p7VFqk=mcd)mkRPi}7ART1;YN;h@=sNM=rUfD91e+<&^6jTx07ca zO=9=SNBJ*J&x1epY6Vp$V_wbZJl~LW0CWLOHwy^RW=edAu9WEvWi}3+tVELxt!PXc zR0Per-u?JDf82i8-~MsT(!#?6esXWIC4b`_Jp;M;{kC^-Ap0C4a1!&P8Hv|qX6d?} zj58ZmQb4jV*WxSJV=rre$Inmq0J5|8Mo1WC;I{$1I6#=F`S3s&EvU~J4njp$a2RX^ z7x_9E*8G*mG>^EfSyJ-sjO_zac~)89LBXAEfuPIXB{R8)c4hZU0=5BqpH8*q2x}pb z?k?d6JjfBtEwP#@R=jo%sI1~`X$kQE^V1o%9%ZwwI=0aJM)qAe<-3grf}}?ik}A8F z{m0DCxtn}t@QTjoZ@tS`fWi2tiSgrUaee8GDn(9A2G=FFQ%NnV1t=N&@fV zT;%`C!<8`svk&X~f zcL;2`Eb|YXl6aHQp&~K*WKd<^P?yiZhUL-#=VhwS{|XYim^%+bd0E$#=sOxqCf~B> z=0!p*7b@9u&j)W2KE}e#_CdWR$;=O^NVO1peA?Iy2D&n*cX7~s z$vWA3ApqnvQq;reiN9^CI5TxOJn$YOwwWLVd|vQgP)pEcAS|@s@|#`+acfpcV)DPR z^?wW*-|^`5O~tmuMyGIe%RGT{5JEQ+`~FKq!85}Gx?9u#;6h#zJFl3FtBi&liB;N6 z?UR|RTkZGTwB^=a|6vSxAeJdP>9#VhT{hd-EM|hN5qY~Ynk_uVwW0YmD>U?BFp=)}hYK;+HmxSF_N63wls*1U@wv*N!#W0&N@)1HOI)K0P^#_@Wf z-l;bkb}3oRxm79Pgz&8W@o&n?A-Nb({0m(}UawiN2z?O(+!6j_Hr;KevU2a!Lr9k0 z)J$dSN+xzZytb8N%W$)#jsxIwLa1+m4|c@URm>#b`_gq3*u%IL#IGnknTL@e(%<*) zWLL#PEYYuO?e>%ur$U0nw#5z7w8{^~&9YE9+O)Edg6OnkfNHUQ7U%fs>=gydubEbo zcq>xgpb{AIBnrp238PQp+gb_B-e#U7+E75v+d68hM^MmjE;24iM1?yf}L z*ZMJ##7}-Ab5gJ!$LFn+N3NA%-1Eo%wcKdOaPn)^ZpnW;;J~0LSa(fAG~u!o{HDmIhgJ=eu`nBay!5&=BF_vs zgK$4x8oi?SY|&8xd)2m6?@0<9LO;k>*0)3-K9tVFrPBADjlY4jWz&$o`*H!^xz~TI z<#1Cu)SI}a2&r0MpU&#_C9=IgG>A0+-T*G|Y8vO-ueWPF;FK2MW~08DtOK( zmcQX7%HZ<2#&ejui^LxDoZSc7kTY28_yaQHCa*P|y$-v)3Oxd{k{XF>X!ud=N* zBS`bqxyTThDM@98E-WWpWQUY2)daVnK~;OY^7Lz$brMZ2mm>~zKO8eE1bp`}RSv%VvbQx7_}*KImnJq1B|baJw^v-!gmt$j6%gYC8tFNeQx0P40Tuacg2JTuLJ zQ2h3_y15GvkLZ8cpZxfeg}+YRR{X0tthlM(pSU9W0?l(pPGs&<&Y>)&iL*RJ5W7eoy#^nW}qDKnF9Z&ydr>1LGz0%KlbNzW1L z%klH`lA$4_)X7Bh1udm(^|HRQCn-kN-ke#vuoia1?5j=fN+XtmE~=s zM2N6%gLX(8YnNAL>AnH{QO-omhp4l$*|z%9Jq$h& zl8YjJ>GKAAQjf;HMDE&$@dy3OlOv(r!armS`6lp9nQLPm#o3(NDHz0Rrdg}L=Ym52 zr}(fiAH1Q==2+@TA`U=`^Oq8+#2Th0m9~H=AcU>35_Ryt!AfMxDuz48-?sVsW~xin z)I}_**4GF;P#p(YONVO}K`=iYo&a^fLMM;;`gk9RufQBjQhIR>B^12f*Z*t|uO-H@ z$}Dp&VJP;r;mob_9SnPXmR9d|*h&LD%-Q;SBV9=*nKe_3{HF<-kLubPtEe!hl)i{! zWJ{#NRlr`t_y+?oU)?IjI8U)21&Yj9^{Kk1N{&7yFG2I@`mC>(!uRhupMdugDlN6L zuNd3s^n9>Pd|B&$U-vIUM8KNk`C}zI__6OHqzv+J8?7Da;SlV7QW2_H%mJHC*$Qr6t{X7j&{>A5Xx4x#8|2G9Q*O*`DSWTloqpT^10{KNyJ`korp!j zSpXS}HOCdl2FRk2qj_>qaWYo?n=783WHv@2BTT+Hg69!$9Kd&W4r(0q32o=()SyCo zgl%cGtcazd>eK?X07_H8r~tdU80I^B9Yh{Nxz^9xbxkj9V>j*WB2`%I7PYqD z9RK!aAY>8+t=VBP{_`yE6S3_r&={1w|IH1**iAu$pL_3n8$SuzI4I-b3;F(dFE%Ec z`_n2E{<@-uGi!0zu@fTx@Ft3mBLYJh*-s~w=3EWMVK*@B62eEcl=Q&iF@^NB;;v#c zdTT}cx*Mf)GsF$5hf07gjW7{*G5J)q1eoj^N zXhMq8Tw6vZ z>j(sPSP^ZC3+%T{qKl3MMA>qg`|#oTuFalNMg?5@X* z-v=UpdEd+kfarPy*6h2IabB@(7T(s%A(BmZb;%&w1_%`X!(UuVry_{1NzfvY6Don< zj^-wbEaXx=zV!#v`r>4pd}B#TpqVcj=TGlIW3c`|{zIoGCLZ2sPInKXw4#kw+G0A0 zS($lHO1T|3j%o7$GARlaF~XZoX$bB*nK%aMN$8oEUu_*9ORVpj;r_R4(ADe+xt?bS;>w*-_sC z{g!88B~GA(NA^ahI-P*WMy8!6$_k{93%I(?N0zFq!i#Gec~lvX|Hr?K0F!5`(0Jf+ z)AMyB#fs6QiSO@p6H8P5*DBlbyVp4$KPU2ZcNkN30omgYg?yW$&^9i%uS|HZ>^(@C`nuOIIb z_1n^_C*``_2DQEZfBVpqc97_S{>lU?wy=SV;gi*w{>n>*_D%q`1pbGS1B_H}bs+W| zY19#FKJI?Q_D+l{A&OKx1zzf&T=&Ztbum^UhQD*eMY-8@Xb~NRSlRok7Wx8S+3|Ff zOs}uz9e*7HL|@Dsn#WFmmdd*O1gk;;<9mPtPihwk|HDIgfeGE$;$I`+N^CPAqP|4H z&F45HCd%ec1?jcSP0x(X%Y#{s)OD+wP7=69*J@Oroooo{+^^mNH2=L;`_=YZo`7KW zo$bAE3*8mz9*32vMRK^4IJ5gC8wp8&9NUYyi)Xi#aF6{%lBGo_F9Uw`NAMA~kBgra z3};Jk?7$b-xd6dudU*?9j9G1R`Af6OFc#&CGpde?URM+Z&&kdHGV_8V@rQ0-;laYG z2*8AVfd>K*Z+OqyNd-o>M;5m?U-l#m%U_pNP##k*>!9{RDgHb;8iDERS)#A`QEV8Z zjlbl_vry0AFD0eDhP&FMNaYmAzogxFafd=lh4toU{~^{s1tan!^j|ZD%PSMmkocM@ zAQxqfk2_F(;3yU*SHauz$w-kszw*@XQ*cbILMR@B-?|We?%b#05Z{t#x2wj`vOT zl_?^#wN<2=5tYG<+5rDfU@uK!LNj@eWl!37zuHnU`HLhHl> z(AbS22Gzl=yT!|VGny^nG{Vf5cSwC6&{*?nEZrm5RTvjnhZoR?SF^|e1(9J0EJM(h}+lnN@_gZYT*j_0r(xGWM(+YzvkBz>mnknL@0c&n4P zcmmdp@?FPp8Or3Kpd^<&6DAi0;Jt+}3!9UlA52<1My{>djM8CFKg7k&ecna&9bARc z{(>&6(ma-?)!*6ZGpnhMV!neiz0MH_fev<)aNWXTT$>`IWg4LGfqLgjN_!=!K`YAo zbyj3Xi*K4L!eW%?6mSauvU7kgSX=IOF&Cpdgk*3i=h*MGPvGeB%#++1KvE}BoYoyw zywA+7eTdqONUfR5zd6%mShD*XpS!Y&eK_x$L+ z-u{(Ysoi@<)*GBYq39MwpBKmYoGJy1+OR2|3b#4258bIJ_H9v{TltD&Q=l|_@QXlc zHv<7^Lq~WGOR4pOLH}kgQeoXZD~l+7^O;km+zu{N;*Ehpb6{Sw6$Y2U?odEreDM&q zu$!?sHrS}VE|!E#_01@caoM5PX$g4eV_Dx)X-|tJD^R>E zkcka$mG||u7D|Ph-dIl~7i&6HeDQlH)Av2)w#~O>Wky+dB1Op#r%}PEW5Ii%ln9Ey zaN_EKZUchm9^N1toE&=?!*C0(6?-m{h3&Q42QcBPAi~SJuPNeMNG%nzjJoRTSd3f< zX>-l}&+{DH%pm~m?}JO`-^83dJ0O>~a8u+uIgsaXHcqx+&OvCa#{6|~Vmrm#{7|}( zYVp~F-6_W}??*~vH19=9rAPeSH`EeL-V&8-;?<{e(|wBjP%Ht*?kL!QIaOYcxBW=~ znDWv@aKzmt0aH3n5_82GZ5;yl;kF}Bfj&Uw??WFUmdo`yK$vv#lh{6kq_`1NZtmd-dL~%%h9wq8$ zfz7&lJiOX$9kZNx=bDNDRVm1C3!Hg`L@1blw+g$Eoj=mZxS1LzCBX&nYsj6 zDu1eHDQk)xPZVX*O~;sh8!$R=jb~{454kYHI<|?pP25=~-BfKlX?u4~o-sSbX|XK3 z9@ga!lv%jF_hhl($#J|`X}#7vD!bBJz}m$^cOz(bkT6z?T^H7v5Ga5%Fow5!tJjh} z#!Ftbn_$+*a9ZOOfSa6ni=(wq~FK1l7s{={X*k4JO+u8;B2| zY4Q&~6e*C$%{eHjUV~P=ogQmnU8)F{%3Y7%dZm5HheWAy#g(CHex~hO>k;XC2arvn zF4ccyXP4to0dCGx*r((kUBL#8O#FWLp$DPcxQ+{(85>&i(bd9)3U23&i9C#D2{}hC z#9G)XZ;W?m(^c@$r_Z1C6(k|qN9VvO{|L7nTLHTR-hkZ)_R-jFzD9lp(G+;sa!NiI zpM=RBq&V`bH z(kt@$VseJJei{7s;9xWLdqU5b7|(ntf*DJI-*bH~OII{bc2%qflV>C5ysL)(J}+pH$UxpivZXoewi8ME`LIZ*tH3_D}D z$wQ&am1uLnIlKqw?RMd%zdHU^m^25QfNt#cIhK)5Qon>@Su^p?i3v*8bSjt!)DT1u zIEcJ^3^qWtF*rzcYa)CJWC;>=j(|B+s%KVma?h$C%KB~&$G7D>k~b$udgZSJgu)%J z%gDwp`i*g=5xV0*O;Ly=8b30)>gR*5TxzGMbWt(9Z@WcBZ+bw4Y*8h}gQ7ga*(TEi zc;m&1@602}?uky`3R^2@{4g>pOn0HudTzZJ=z9HH`WElM7N$+mfszrVix^69%`lZK zR1j2D|5OrcB8RS-DjlXUYZVo_Bq@%5e@0|P4^a_9Pkn+&4KLG_>e(a^^{FB)!;__B zM~LACe5j3pv}^&8ECri4c#8Z`LO1h?O6;~~Nj*m0C31n@2de#_iRDk7Rw|gFXUukq zIas~JH*{IDUy;IKAAoj#7WZXvYr;CHR%2EUw;#?+1T!3Dtc=DrXdyi|_1lssv34!% z_1C?H75iIXV#@IBYnQY|xRm!W?*o?`2o3R4-d8vAiO1(|W^maa3mv`4-Q||n7S*WB z*N!nwx87^IWRUVhR>$6C-68tM|m z(ld1hhpx~jD`_FLLP=G)gUE>BX@QfAKU(bx35bi|v|521;+HlL2QMSIX!(uNqDDEe zV1}-c-epe#b22Ge+pEadnIlqC5B;=A8N&+L9d*4kIr(7Oc>Il?1JuDt_gf;}39o>Z z&@j8k1rZQy!f;DPMGAYSOGaenw8@_4VQ{t!h?{^2%|mW5aFy+8wC)NA`pOc;xN+>S z7z1~+l?TzSD-Gh0Z)I7o0Bu4`58D4VE3U@Dt(MJZy=oU#B6J=Gi=+oK7vV7fJ=m+! zrxH!&OT0CX8G*KdqeQWqvD8VHQiemDXWa+5ukXTK4Ge1J^MG`Exxe)^g042khSV5EB3#j~`UP~(}AWM(Cna-FI_}D(+1VrZd72X=5Afn*PH(vzdVA7Jv4{?%|+GNRwS~#|QmAEHHH6 z>}W!;z`Dd9=-uwL@64_{B8bF!&=@5^cK*Zt>y`l$=jk={j-~(?nWiZ|3^oJ8djj(x zxn)p=*20Scjs89U+8+!Fc_1o%o&Y%s-eqpr-$xoeGkj2~4+`mk7RSS%``umh1)$9P zSvZGSwjt)?<2y9024DTeBYGeH}AhJ^8OBdv(xc^W<;}q)PObLaX9gf3Fy6ez5`zV zjvXx%$l|*XJr$<>#tOKunC!q2J6-u_rnGi98K>HAkamA7DN*k%V+iTVf$jI`r?nG| z|AsM0RRO(XuC5~(3Jtrw+LofA|jmeq*-X-fMH8^?_`Pf+H$r z&QTfi2xrth3Zk?sR_>wtD^~+h6%j5O9Ek3ejE=VDF0O>Nt5udrsvq5WE3t3Ig323X zNDJ?MB#5O>nkt^;ML-(U?3MC?58Zw*M+C`fL2pzuUMK; zJw8Drh4oU`Tl_$+U&s9i@Ul1yVLeF2v!ysAul;!n)?M*lQ^TJ2hz%jNed0xWfIa^0 zV{gIN$`O&RrQH4RRwwNADzY!jJMVw_(Ci2|)-SV`aKwWJqwbGVb*G_`VJjdX+W&2V z_H6*8pKk*cI>hsxW!8=%z<}ZJLpn0}UW@kf&^F0S&G)_b98D)VPQ)%tlBQ!y@{3Fk z-uiIW2*7>3)FIWpY1`>aaoEWF{-OJ-*Ot?gi*p2 zWlz*{!>v_?n`?A&tOLcq@b0mBaq0vs>c|dzEYTc^oU3b&hQi~i+JspYMC0Dm9WH47 z6(TbO>T^hQ%s}aUVhtw6dZMxM2AH$%VksxLp7KEi5zGa|e@w_%VxKC!w&8J=6sO(s zE)u;^&D(NsPaU`1;h&=_T3V>(ZQ+BMWae*secua?)ari zULts}^w26;ySowJONe)195*c!2+2%dS3j9=x}ggpk}CntG|!bq<2ndT4%$9Y*RL18@>iW#F#$(Nn9s&AW*Od4 zGBmR{Gr;`xm-f?VyvPc5pQ^!(VeCS^Lr{mitXV_d1tph?37^A+ou}zstfr|*v3};r z?;jpLJUH5W_i2&u3^kFIxqDCVuA_7ZkS&7g#6)ssUY>8wG2?gy%Z<%^C3LEYctH{d zu=!J{i;Ippr-PL%Crw!65XD4Jsq^b(=@WfQd{iX3r%YU;rVq{ z|11bTISS2kXF1U9Me@Hg7jZWbILd{tSp~z~o{epUUYeo1F%odNa%uJIRMV?oEb03mUyYIyRKo3&&5w%QG}P7 zndSbeY=b#RXk@wWSuzzK&%hN2dGkX_DV@hL`w2;qInlWpF@uAZm%(I^%3zoBmkxKt zc4gTFHMmcllPhcth*^Imh#3f|2eXMq(1K@683Jz8zY(2f|1?^0-OIeLvln^g)g_S; zI#&D?KDzR3nj3)up?fhf``$5i^j!3FnutuHYEknj>~_g@!6@RY$^9jz^((fX7)*6# zxDt=zfwwQ2qAv3dCh(}mlaW3@n4`HCuSQ0gk*VJ%hB9?9Gr({}JJS38$_bzeqk27? z^OU&XW{s_>AgH+wCXF6+tCZ9rZ~Ehn#NaNC`B&BFcw9j!wo8aedxr+RO}-kzb56Z^jnmRn;`5GMfUrG=V{Z9H>kD2X)6u!dw6 zsg)gYQCQ24hTQ}`c&r5OcxWf}=JvuDS^^ivni-s`+d2D!jvP*9Kv2a8-gkk;K7mD{AdDfr*WE5O^MooRi>phxt>HL`LexE= zY1&C{^$AXg)){*d3dFr-Ktiba7&i+WGjM&|)VjkQ&9p!4ABkDRjM?%4!VP7ThpDa8 z>qV`VOxLMJ3>n5oMuWA1r7o%x2rs*_7sr5$>xKW!#c_BCxvqi5R(7(#HY^jJEyME6 z^qf?5iP0Oo%AoDmNc6m8;%3H}WY_$$ewwb)?kFr?%_k;Nzzp0JIni6_(l+2M;@-;}Ntcs~ zE`?uilW;4Se@hVAIQE1`fehhDJ2>B_rjfqZ&=gxbt+64a;Oj2iFhq!-mIA+_i%`@f zWxvRIo#v#ZVUg`b{!epH0=~lqpzXhZ{^^NtquutDDnzdOfoJP}N>IsVys8UxG1n`A z@k(&Pn;$vyOT%-^gmTA=gYZ&;g48`{ZkHY_v)A)fN&BqKc=pp0Ls>M+LFk8+B`#(U zls9B$@i~$6?L3W$PSUP;6m>_t7)!mQ26`j?`N7eYI?1^;6@l8bW4MKV98;NU0OWL; z{3MJMZoH@m17+m@;_Ml?cUTi8O%PeQ)o71VA>NV+E4*aMQFodWqK2_Y=j75}U<_Rk za%R%lL}-%}J=Vm>p3exifvbx2h-KKmagBaXt<017G5ma+wgUetmUbWqMbgV!{N+iY@ye-)^t}{b0!U7FHQTh8aM(BF)=tTuj0Go>l8oKBZWT5gxY0 ze!j)*c-ts-T!NIw?)G#XcieU~mh)OR@~Oq0lw>b8s!Um0isKVXC-)b|3;so7EMggD z${jaH63Hy4!kux;;L*7RUi@D~CV;I*;IQAnThtAWP*N+}LxF$JC2WOc~E`r ztyzAkLj$4Ge9oSMW1B?xAIjJVHwo`Q1U&9-65l_Khl)$9-C!XA=j20;5AMezyo?6E zDf5tAP0-{P)b63EZ`UfmL*smAv(@m^$TjSO>HT*BmT{91|5-+aRM_CFE0kGSnf||@ z7=LYbXTh#RP@xZ*5nMF+eF*mtHwkW$?2p|dxWRvsUVnXq{}NOD`s)5AHve-DyE+&| zcMZ>w#P-&&^5(y|H)tNa2s;;yhk+3%<5^!1_4+^Ia?m$_4DpPBJQD0KdzX#0tm%yaG<~Zmd*h`Sx-f!pd-4wFPdZ_=ryadWe`&%1>NqmO)ZGSHfS@t)-7h# z-W}Y>+uDBcp?Zf+@lw&t?fHW5*_Yo9uJ(6ujb-Hr*fYKAz}GTPEla~55B@a!{eH~0 z_q`%tzN%$igk9`&S_5HWd>2RXPk4)o&BP;tgF#(Og2Ik|+xwPUy?$!fzhC-4;ovn# zfz8H@r#w8>rpCUkHl1>W1^t1akHUuLdh74j_G@h}w*X5Sk3u}8eF6oy4Agj=cFA1G z>1%Wn$Cmf|1Anj6R5z9hCShO$0S~18b7=VKbLG6;n*@7C`TLc#OGCZvF4*ku&8TFV z3eB>8rifGfMfbYZ3!@E{02$Hp7~hpNB_&7YU7@h~(a6@R}_9N5UdO<>=p2+cx%!Qxf74#23uhZBDni?@^r%EH_$2OyWvo(O}c%|4Un zvt=?^!O%vj-$Yjbd#wMxt32vnVFc}|J0M>E_JT}+lO62D zWuPc4eCE=>1XfTR+Ip@-6xn41TZ+=H{}>q$1b!OWK%K{#-=?mF_^ds>sNR!M1$E0h zHGA%GF>e0*zzW27?e5?c$9|yRf$#`e+?j#GU4wc^O_eCF8zh_mxW#4VV2^RZ4{Lh? z05tfg{sVvtCa5lEd~-0YPT2^dLWz?AHJonT(td*-oMt2-a(Zva6D(M`uXzO1<3Zyi zMu(s{1bbOhtV&3`tt3_1m2d`B6tvrs3HVdIxTawFl)Wesxus*)wE)4L0Ts=sBZaw5+~pu|RN2oKsVXxwuEI-)i@a=@YCJKU!sIx9&}TGs{ktE1hMm213o`lbavWC8V>=Pz z#Rt|i_@hxwsw70X<_s6bTLgg?{*BX90Tf>WqXiMP6`8eyNLKDG*zrIBDwjm`mU6%3 z&2F>5z?T?G6t*|<1H=FOmz%;!x1X>|X@+yo#*aqS6Z%m`HjP#SK|M_{xT$cwIQfdZl#!@O4`fim?&^nprR$}OIgFT~-5y3cGunu)>8prhNC^jB-V_F|TemNGtP^guMCO)XTXj|D zIMii&u_{pc?&vN3JpW4^>ZzqsjN0OlQ#TTe3EVOdb-9%*&bcw8EU&m6y%}#~nR-ZQ zdzJ)>AfO>H^qI|t<;sIrxDf%^wu3GaY*MT9tYO^mD9|g!y5H>DiGorWf7}Q(){RtL z<4n&{queJ#k^1cf#OA^L7X8UIKJCS!ffTMegtHlhm;^g@O(l}>V}bDQOnC*9HhZoo z1!hsRbY@**fkvx9uSn3o@Ynjn;8f`X3altw-LTW>7q_BK&%ZPMac$fO{XPVC_^;Fr zBY9mV)5ZSAI(+ZZTY5vS%L+gu$8}oq+@2jK0R`4ynr^S54g3=?%l_(XpTIN7Q%WP3 zF#>IT?sV3gv})Oeh1YsdoXC`%b+oAzO4Fx(LD>B<71!`|XYGKcymODE&V5k}3V%E& z_4r&}6Th*Hezc%kC>}!ZQln=h^?u}ZiSDu}M-E|bDu=3wO_pV?>s*1HPvW|1 zfwBvIdf?&2M`*PTO~yl+%j+bV6^Ru>_}iAni`vIo=w3h{FladM=56w(T{MhUF}H50 zb-(u~eGR=LeV>ALP1`ke{_Y>uTwH*ThUncCQ06) zI9WlC`!1&P!PFH_uZiSinm&mgepd_R6*junWbqSSypc~=I8(UTNUFShS7b)!aus7Q z`vhq*uWn>+;H_mLPmAb49aOmXzj(aD3`hnOc+o;>ornCMSG0~nzFXSk03Tyq-`l<;Y-&{rbMq)XJVVU=B zMbOg~1$HV@vcO02+(tANK{0!#W=bBzr({X`jKIFA##1`76G z@9(0hT!YY5q{Pd*yGNhvGb^%qZJ6jbEDCaCgfRZevW+ys6r*&A1#?_!3eHUXt~%@r!5Y{ip?!V?ME&vRVNZ8SX#j9M=?U=I%# zjUq6aUUO16(aTEa&iFu`MHH-)50L?=H+b!gc+=U=z>FYS)Vn+UQPh zt~jg;x7z$*hCMkSD>$Sc9?5n)7cz4F;2x9sFhSpDvcBt+MeG=%Ja*HgE9?Vb9i!#_ zF+Er$n0ELX42c5g9ysAh-@>v75#noLPA#t?CDB})U=fNLxYlcUUA|3--QZ&1Wf7Z0 z`k6HE3Dl5&W8ztpB^Yz=P-7AzF}yCW&@>&^FvL|I8Qm)~l;aVH=fU-ly)>?_Kbf-p zq*ZB+mK1KJA$>Gd40~CpyI!6qwL~PbZ}Ye+L;GZ_ua)23iB;Ai;|FTGpWgZf0m^Z! z!2`H_=uR?txA}u>JW|*N)Wq$Te33M6*kW|L1lYw2o~iILuR2*}lMW##J?sVyq8E)d z_^FHWB=d*E7CHigqHN?q$CLnUzZ5QYGo~0W&tA}{G`N-u!g02r!n>BoCd6EE+=JIi zt_XT9#PsPfy1MxW7y6hw`Y6xm#tWgQy%u6`WyzH*3Z6X|`Al|dCUNJjJ8P=LP8|G| z@xwi9+I0l);7G+L6T`c`YqZmAT7hUHjYc<%#v;&m%nQpf9gXZwVR=kOq+N#0C^0=z z*BCooENIkSidMXL=1{Ffw+ShD$Z3AdvDRgyczB)XDE0dsKZVGbC$3ia52C2Z#PH;T zeQX{tcE}I%O&ojiDUAh-Wz7J4(v2#DyPPN!m>TIF_No1H*s{+xJ1^MIkUgK%uxfsITQb$gkWXgacvDf zF4TgGD(YzYado7GZo?qmFs=Qig%yI}i%6*OP-QXcBhIE$URTp{#K z2jSwFWi_DM&q1^jhN=FT?BO`rfuGaPOs+P+7_Ne;zPTDOJBsMKQ~W?ppEIb6o1P3e zvB*kf5AD3BfX~z@6&VpvW1$wy1%#rYRa-G(7X5su*K?{3`pbO$w(_G_&W~)Qd$>|X z6agbj3>>Ub6Lobwe#fqqr_MKNbUaByH@uW*)Ip|A=A@D+f! zpVe^Rq4ku9S5F8!lZlMrDvcErVIx#L`wvGY)?6g$(!dKx*SyZPgy#x0WRXRj!Ok&C z&}-DtLwSJ}fKF%Lr9LN*=(MDX5U9)wEmmIxqW7VU4z_ZA&hypnCt2v613^Z6X!Sr@ zpJ3h_t#Dd5PPT4Ljw0qnt;FbpAh+t8Tf;`PV4M??pcD`5#Q@1zn_#XcW|R{ULiXJ7 z|3sDEz{7P(cRn%&UYL_>U2pVk$Lj%MG~rC#>}ypE6%@4R4m9NN{e4{&bx+o_#^{sE zHN!GFpg%GUKx9$lKCkV^R8MTaq}PV#d^eT(T*)Qj~0U)JRiLH%tCeO<-n`;6>F0hjP5UPyf;n~s`vF3>b+G;U2u&S?G<#x7mJzn>GU<{ zOQ?k~)j5AM_J?eP#F2%Ht8Ukp#TRIIWV4hqDJ=IVj-!qG;0sHTN&&Rieu|B`!3(0} zg?nZybdS-XyTs_;w=-lGwR>uIS_>P#8^iFt2Ui{_%g`dY z$XyzX9@vd+P1weN%mxn6^>c@3NBB|=JSFMM(8_TwfzufN=~8gXkLOlZ>KVO)75RdkT zvMr!s53*1*JXEXAAb!nynVPIdc=xbugT z@oarduN=ZsHwm#!WQTgdk zy`RA<3ia$r;8A_Mw-@Tq>raQEB9nr+0{f;_@qLa2iR8;)E+08_oSjf~wiWfH#l;FU zZYo|T_^BEjY|kJ)D5ql4QQPWFDxp#rlgRQxb?^wGZ1M;z;E6hD` zq+UHIqDQ5CrFV);Q3O+mI@NMh5#ygKUh&Q}-sL$?-N`tNKPvb%AsgAgF=Wnh{qP$+s3wJJ&E86xw873co;Gl2&D!l(uc*T`w zC%GGDWvYs&9*Km9(8(OKm5y3ewnI&=Pfk6TuE%GMRW1h$WbSoam1V`|N!~WT_`960 zp~(dvDa85G!Mil~3R=XHBmSHJ9V&a&@&V{Hmzs^}%q< z`z5WeO8xm8s)|dEsG;L-H*IIn2lfdiNfjImd$tI8Pi5!1Oao5qDV(*&-@g8)4=-c< zh+IE;4snJO3J$oVxPxxWW5QBJ9+lIEf=}?$yE)r-T}?fhb86;=T|@0|3f`X%Y6~vcG5rS6n)leXMf& ze$IjZwMhq=A`h{jP^3Q)_wM)6N%U)GnCF_6`SNE+mWWp-5C%8Ln0n8CEac2Nb~vGP zpHsqIM-=gqX6d>S(@3hsI%&ScBq1bld|!bIOhEV22Z4&KG1jivqtd{s{hIAY!j)1h zf#Edk&*x8T9b8V&*K=E&8=5&@lBFvCyMdwlxeYi-1mdbwM?swWco9p+QQ?(huvQU?!osx z&-EmEHp|*&%wD``6~(#IagtL}e64W$aAzakEsIkH=q~dd&dQ~i*5v&g>kBePcYA*O zz7jxKs#Mhl-~Fv`i<>Vro~l^jTA!@O_Dc#B%J@Iky=PRDUDq`lMJWo>LAprqC{?Od z1?jyA%{ABF;s>L;ypSZ`TB0GZc39`Z7}P zqXj$Rrjj?NBwMRz1e~sRiHw`+f`-h|DqVT?ZrqP#^kNappLN{HLA9J67?7G#@3_$Y>M$a}-ZbUO z!SEhC+*7~@Ie`Kc`$DWg;+Em zEW+pCB>25Rb;zPSOv%YGn{DTaVJ7rfCf;Q7wmr!<-R2D|0UrJ~^zQDJ@y3eeU-hof z8#GhYYaU*p{wBw~qxW}D&8Y|GTUq<{um2CO_kTkNUvdUFAkqT!myY!)5OcKXNFe>w z1m}?1GKV#o?5dB}{!NRW;N2?|0s*L)URcVP!Jp9)vgkiu*-{&pU5vgP+EVkR37j@& zD-9F^-rt`@yY)Y?X#x~MGAS}t(L23}lZ%vtwKnd@PI}u(`t$FRJBVMah5?0sjNwTv zhGqfYsqZ88ljP4v32#X!%u`l*DY+j1iFmh&RA^9+%oF7hCH4`Nz z5mxyi%YLL1F&mR4;i=+tp6n#co+K~kv{|#Dza^j_qsV1ZT zGi7Qdwv#UBV=gICQHE`&$VHhoGBQwd7aD32*v0jMqH0#>R-g6Y=3B5UyQ~P#0v46H zww=wmG+k3Hk3ah@dzwE#aj+iqWOn!M=g`jS**cMXx!FErp?c5mwq_NF)BP4+kVzYR8ULz0NkHk({fKZp3z;ZnfJ3A)Lxx%6=lcH{;g7zV-|uI5NcG8eOU zVIdc_fdA@~-t#Vk%k@I`$19CA*O(UT9eZi0F+0QI&p>!1I~ zK1t2y0`~S1HJyfRi(f!!mL#dQGAE68DQL!AE0SmSuhl}qID#Qe$dy->r z_RF@Z5r$q14ImE0J1CE6L-)4vy1W^M!;eu+7}Wd~Vy}m&;~v>ozdN6kXqX>-0>`zj z8JQ9e#ES#>8I3uS#n`06@d+ZB&WD)zF!2e6**Y~WjE5g1uy|YN1hQW79hf}Mz_$o{ za0c)!s^7EnyquM7A2Bu_OTeb${-g{b-aN0-d`5lxSKpYsKFA!D%%1^w$LaHt_rG0I zgASJm-J5Uw7^3z8h814{!w%raJ4%~Om_aHpepDo=Z=X}RDi^p7#>r|pH;o>+kgwUN zCE45on4`cpuZz9xwmOU#RHFOa&O--j1$l&HBj$X&&7AD+Z6<|*kAoEj@Z-Tfj(xw# zSIUaQJa<{|z+)qmN%X6lcYh4`A{@(T$bGs)o#_fq#m_gNGwNo%Y$xc#B2DdUmd5|} z7>%RP+AzMZyWct9AtZ*~X!i*tVgwp(O`mveLjz)M4QNy1)Qc0a-YU+b$VpMH+u)aP z5s^MKUDPh=M3&Bd?u*|%l>*z=fAApoO3Ny_k@q*B5Vwsv6~R9mBaUXf<}Nnp-dZ(* zx%Wsr)aqYl*Z&}A+x>p|?e&Rf=^qp_N*_5f9%Ou;@tAfhba%Dg9eyJ4*)`$3ow`-< zwCd~NOU!nuPeT2XM)ClNp%A{%Er3_YyfT?j0S@k3dq$;)nLcOAfI!MXR(FNZN3{Ks z?CH>}rC?l40+3Yf8YnedX^W8l(R(&O@jQXg1K{O~s4JVxVFG@Z-jOn8S4irWY0%rTVQ9PRLXzLE&CEA*$A(Q zs)JKHS?>m`KIS~px~OFBY?}SN#7RSH+W+2bdiuwGyE&hg1F++`F&2k*Mab;uYO`9> z)W>LFR+j&db*P|#Gl-NBB~o3hD{>axk|XvR9CI+FuUkXZ9|g_QZAr6~ZQm=IUayo8 zoAt_%i^DB7r!Nb^d}=(eIt%<`Uvl)?H}LVykExcb0$--2oNGb!K+E2;*e|)wD`|ko zjIKl>lGmUB<#jzJErZ zy%W02Jnl-yEGpG}dK9pI6#X1Tc;w`1DR&N}@T6@`LohzpVbiUphX;ufQU&4w;f*bom&`(Pt-d;nG`maADA^lIGdxW15wnMaqY9c zrM`Sy`SJP~g@3x{j)?PMt%mgYY7ow?_p7GSurZ?6rE=VIGxK0%{k56K5x@M#wM1MR z^Ya(ZokAq@#<-2rwg>0A0^{}Tz5Jupex-}9_H_zqnT#&)*&2U?@ooNF>KY@Ji-$7W zvi$J2(~4ay!nA<%b?96rA#zfh-}QGZIKa7V@s%jsyESaI)?%(^Fyt+hptJ3A6!@|c zV>jMd5b?x=laX0ewe(u+0iO@2ikrodIc8k0xffAC4E zj}|{L+jG{tD~cn_C;lTKyS=h>m?J0?&Da_IbQ*Sk=5(z=BwG ze!NumhT!*JQD@$M>E(>wcFh{@(kPm~yiEB8T(@h8;SBYNBNfVAio{Y3qt;yv7aV9N^ zn>#|X8u`Uric&(rfnS5Bm+@E44fj0c@9!Yu)nccE!`~yty|uTV$Ed2U99=RG3yeqg z^Wy=V<3C)8L$8Gd%&uD;aR&e@s>N$bC`()Bsi_cI0i&Kj@C8(wUg(A1m>Dcv#m~6+ zz6Va699f$l|z!;(=Ctp@wJqwx4)MC=R4KfDKnTIz@}*~jUhVhDe7&$?!& zwQBP>P~!cK_dR@kV4#egWZbG5DncF>Ouen|yrLp``-baP>6Ih~l#OEJz%Xz3crfZ` z?2giPndgv>FmPh_+e+2gN^d~e{L_4Cm@KTO3}X>O@PY$a#9RjSrK)KsNbV0|W9Ne{mV zCrU+<-$KqU6ewi)MFv)t`afY~bH6*j%^l+Ga*#*eQruhtCnJww^sz-@DH00pm89cm z0;1URUkI;;U&5-rPOgt>WL;|)mE)wE&asa=Yb zbV_flTfb5fF=aukr;5WBy)Bd-Eyw_)ZR8)fO2vwqg zk6E2cpPuPFXk*g(DDZH$mPL8*8Nq+6*Sz3O_9ZZZ$ z6pgH{MlpRrz1cw6E~cexBG%$%4NkX3Zx5lxRawD6)O|K0OCv;^5d-ul>nE8@3Fd59&K%115e?-XCXBJI`E$oU{1F zTOIrLzU^W#I1Z285#8W4Jw4C*WDD*1bt3TFF?L2}sFE)81&YGu3$==o_XG+?+8{{Z5=o zks@CFgj4N#hI?c(u?8EhTdr6St$uup?t`T$-klJI-AXnMC z@-Ws}zqpRsEI&eKwP1bkB~hi5@Wt1kH-e-tz2@gCeV%Gb~bX*5?pbSo)Xu};b z=h`YKb&1Zk1`^7Ypa}``XD=Sh!=oYvd7cTM$q`)ZoAvs7(?Sb9#B{FxfalMKTR+#V z+vaDhq?~&VBp8_w+cSCbdlyG-ZF+4yC3z9S4s|``2>3DvQRr5I7pid7iQ(zn*Iq7@ z;57D(i4nX#?|9}RV7|UZ*;3d8ArACHjRTUs3mZ|x zT_-Ig7&clnX=4e`#u3sTGG*D%$v`eLZ%+>0Ft%(wS2^m4H)Br(8P5OuFjD~OGU81J zxkJfpm%EO7*;L$UOtmIi%+&o(_{v*6taqc`8Q-Jdzq58zp!s9-=J42G1#rHc^XR~i zPpy=ORA(U1m0ZOR5ksiCS;L}YVJZpj==e{(zEG`sIfVPL!{Qw9|CMEbgRMDjJvzy= zk2~jW0uOC^lV=k^vaFBiQ^4I58CKD5zlqw zLLj%<8_U9*DznFmY(92r>~)E;JuLMPy@SXJ(Fcm?eJZxAV^vUShR<3_S6Kcu3zF@& z>fB+SlkB55heL(Oyep|B+pSA!^Elgqfe(tSQmL`jjB9rp)SO+WK!a6c5`6$7mw*nB zZP@yc^@`~peM7>jZwO?2fB+2pF#jrB5U?*S>^}?uj7H{8D8^I zi-a+tivqbpkgX?k#(dnmql>VhJ^$6{2lpD>{$u0Sa(X7~{~HHj%;T@~9ZaWM;1J3@ zrF)XUgK&QMtW1AZ{r$`TXePh75?7r#P2X%jCWaqZZpMG!YR1VWjo-Q+cCDQIPrA1L zf~lasz9gfy%8IcZYI(rlK$mu)Hu1E`fYUHz^iD1w1iS>9)+8g=H(UE}C!7&}JwB26 zv~}{z@4<~%SSLe8RL$h}^PZKCd=1&YT2x}tM4IDmHu~;>_#_g!ndnt4hwi$P8*z!X zqdBB5P+csHsK{p^gCr1eO8)@gUHdE=f z=brka(?(lC9}!cD{d%c@0@PH&@nD3E-q!X`2eCjh*(D<}2*7OpG3X;~HY>mQFy?rA z3i(%FN|$-DDm&Ewu>AwE#WNo$%dQe2 zT8)vvhjhS5q!1P#5|kQbt5Zt4KrJmql*yQ&LXQ+4l-0DJBvI5}$1XOoJ~)1K>!=X) z*-r3tS&|X&ZvHs}&9fm|@le)5SPw^mRF97~imnYs*F}8soA_;a)V1YpbpJLymogb@(`mY^a27MQRg0A&DuKiJ_80uV8P|%)glVvQm zrk%jOPMJjbRs4kHZCBfq&1LMdWT;OG{^fdYZGchc2dS!MO3lF2k(dvgZGqlr>}<~g zSh{#lfm|fFzSoK4-w5?BO@jO0^^3k$=xB%@}O3rg)SPSI;HgOad`!7eAnjDe_6W5sa8 za+c|>dI$DS50yymU1nD1I+=n~hHXydQ%$YFwu1^6KBkP8 z2&{fzO|kgi2p@d^i}g$v=g-iWHO%v@idw{1Ktycg7hCW zDymFH?L@y{@+HaH=ohJegXLr?NgRK;@;_z{GadOh@MxU~K*u@ZJ{ZrG}K$ zEg%b62$C;jFBEm<^VF2hyscapn`ZU<;}d=Af}QR5WiNU#6H_Z(mLy5IjpoVD9TZvM zWK|x!r%)jtd5~YaE-!!AplWqO)ko?#<_y#Ayh_2ugRaO1247ZRW?i1Rd@P{-;(3R| zsdtO>^!}%W6oROMfWsOqGPxRdizYT1Y)-hhpfliX(-6Hmcj1KUd0$guF;T!O#}@>N9%k9KRaUzcq^>gLY4V6NLCEg+fK{c zOlG$@S^40+6M>lX-pz&1Ai#=$^63w8&UasOu+WuSx|hHeaA*_gv0;R41LR>~v)68N zb~Eg3?P7uT8y@0#2w2@_t7I}V)v1*av{o}oYulKMZO}fMvkl#`BS2!(DZSdvE&Cz7 zUZcqtzTWAWKoFN0KqsKATmK>lowT;;P%x~YkcO=r}LXDD})Av%3) zlA1}VSlMiPMR0gCp#hfpfTh&BwaEiyCTX=02p< z#pdGun1qZjp|gxv9HuejcZKXZA`ZRZr^`v&OZ~Hq2kmix(*Dd2n5*9wz9P zW(}F}$RCj^Z*|vi%n|UA1E0z+VQ_`S`Ze=y?wUq>&cKbH0LS%D&lUbz7F|~)lxi2tnBPepW82bW$@a0-2H%) zlvGb%UWiqA;m>8N?`GT1&F2JBI|%2I+JWS3GqaZ$CyS1eJHPPH_3p~6+}Px4^-p?2 zbxn33xO1k7>P;+^nr&P~1fC&!L%#`}4+~JX9mlj8q0s{vKX1toU_@mW%Za2Pn(t$G*?ovUa_kqax{Ih0zDnx{W^}#SH&n0OV>7wz{&6j0>)~hKQO&~cqt1|%aVfi4%GBZ z)ks-CRt-JpVa_!b<^pfV{wKXqexN%Mpv*o#?&*y%b%>sNjmK!j&g$M<1PZle{{y{h zWY20|$^P3ch=NiLhx{{nPmJ3}1fCvVU z+fDkz9T&$5F$?jMl^JV=tYGtDEuDu#EYB1GMS5d?PGSD(`T!sI8&VghLmD!A=GB~Q z-M*DAb!vGa1-s2@<6tYB=Bj;x9*l@i2-weG6k>HxXJ=!*IDle4?+az0sCoOA<|oKB zdL7neo3pcxu5g2v$pNO8-ztRg-$xcy1iBdkICKn%cD7C9PgdiZY289DpZ?MNd!JlE zo>UMDJYVc!4dp&B!OW5hI5b7Ybr4+glJMv#z*BWF2)3rSJx`3pSBVmoyvs^nTEhzG zoY>mdCcB%(#eDE_O(h)GahgU%+EzJtKp&Ux(%RtoR76r90o9pF$n! z40%9_o$i$w{Qp^EJaK2T}xmJI6i1IL~82 z<%yuP^zTy_%%Mw+^x;Il*Ea=59htJb&hYeW|Mu*+xT?VO^~K{^t`8YHvkV1kp^2wD zTa6%?`E>u=O=Sj4l3!j6ano${*lbFQ5F<9DJHKgYri~Tu{1{JpS-%DN4;$5H&)&Jy zl5u!_qN?(>g%^q~?3Y^2wXyG{?*5&gl(>une7pO)=cTtwzgJSHq7 z;__}{+u(F5!vI9=@`?cVGYPHD^hZmD2L=Z~p7W8uDQ!P&8c%vfZqX^d9_EepBjxzU z8s6ahP7Dvz3x(iBCC3P^mYoMX}5Nr>8D*ZDy5=yKR zX~cH70BnMP|1Q`v1qQ4p6+0VaMk6dai9h>d|3ggR1$w#HRD_EFg-y}$VZn4h`n)LJ znLE1>wfnB69H1m?6)BAO01wlA{_T}NbKq;|ZQ5|equyGJj2tcY)Nne;9Rc@V8EK9c zn}8)7P(gSp4B(JG`M$UpMsMF6c=9f=!Ax^GhkmGB2C1~1Z#?w#8#evhb(x8CQ2UDm zNZU)TQfeoZQl1{xH;S7US8_C~2_h~yG&+)CyXH9XHyWE^o(EYO2B*(N=ANt4ry$1{ zP>M;%-5vl4?b)3F5#KhknZJuz%IElxaX%h#g**9G3YQs<*YEk=di(mqCK|bYKD+(q zF_`W_4cbhPo(DDJ4vV}eBWPszSy5mz`31XWRv&djh2Hqj;hlN-~U1rTdU^mA}E>0UegrYF)yQQ5e z(($Lkl-9T}UTYaj+}w)IU}55{;b{D`E07>5t+T4VbVB#pBqM3XxwwKrz?=i`ANLIyXR4o7cA1 zA!TZ1mf|(gcP(vr*E_dWQf@eIZ6|Q>i=MU^ucxC-Mt0U)1 zAlvPE8yU`25^Fg)H$g54Bz$A|nMn!1N9G)sEQDt3n_rb*qf%!AN%9!YfO+yR8(_?i zmjQB_=YgL57)!+>!R`==i689iSzc9si###U6Qt|JPgnB6d6iiAQ#V_wg1QO`x*#Jy zyf}2hczA0w5kt5^Z7ca7sZuxVpCrj-C`jd~+M9$x^g@22L#Q#EWu`ujxIS;$_G>+$ z7O_>mx`Ofe6GlBXiEkNXIv#H_yN|hn!F+V41AFps(}Nh^VLnuT6#p#@G*}mi-n+%;;d{>?d5mn znA#J)-m@><9(XZWcmIW`)i>w5zN0qGdG$Rcq%Db@7H#-QCn`vXjX*i-DjP3Q9dfSz z<|QX(LHHKK;P98>*Az1%2V)~O{pQIR%kfiyL2%}=kz4U5Z3H7tI)`2o13iM6^>Og- zExE~Gp98Y+3%#M8Sk>k(UH+-)3W%$B<_iVM)xtL*nYmd(x zzz%GnYkKG7CATIdtT`4Oa=qhvt|(N?)!c3u&xuc^LkgHVSa%oDFsRzv9!4^wwat>kw$J;$F+ z%3a3zqGDQeb&~W$riY35fE63-zSeph=B!PC@pGZjS$&UmrC&WFi5dbKbZO6-6UHe+ zwhIv(@w8D*XLlo#cM3ZrY6uf^u zb%5Owg+B^hzj>|EIePuJHDZ)>p2tQ zxn}`8i&`k9$vKq{VCo6=S-VN=#L8CN2ZRrXZ*#Z&MK_nZ(FyWDXD}kIlqqgQN47tC zvyVPz7agTvc=VJ!Ndjy6VSp{K>hh+9$PObJA#Kq3XE`m;?Qai;5^o^YVS1SdY@0pS@iF@Et7MdvHqkk$3I2-2V0L?xiy1)*7}uP~wC!-s^1aAp52G)uyg^yg1e><<;+{RUK+gV^v&YLQEms~`NeYoG~qHJAsb z%wRUA3horg%-Ic|6iA3q2z${I3mYI$kzWT@a9UtJH>MjFY=ic&!l08g5H$!+JXkM} zu;=XvDE$;iPQ`DH+?1cuBQ|HTOC32UPM;SjL*a*f@wx5ZY0sHoQo-ZyL$7s6C2w;+nXJkmy7R@+}O%6<2zZUr@!%J>(LD>zQTg* z%l^Y>d>7eWsD@o2Ixr;$(|uQYT!i`4;E`)<87-isO01PYRq zzsbEXIxnT#IU%>Wu}a-bv7d&-YQcRJ3h;2AdMpsgie!oN@_qHZhau5_(uXC8!(DX7 zopi+}R^llwMlOV3GR5bghPia&aUk8^yw}6iQZO&YDRng~?IGw%ST{7seC)V2-6-qN zBMnE;)`;_?Lh2Xl^%j`c?kr$ZD}~nZzuz_=Xn6kf{>xwc7~+Fe>p;svsd#@hW=Q1C z{FpmEvZrP4YVvGZ{F*2VQz!8S>bc>4QPtjp=s;2XCq#RtAGeI`duQ(lxT!?#O!2y6 zBkkKa8mUG%NZGjD4O3t8v59m%`&Of}1SmR3Hop$d$rfYDGX=TK2e9xIDXqK8A?Hjd zE020j`Bz=oXy&hl=tXD{#Uv5wAWU=~sja1ws0wpl$(=S1V+|esiC=NHDBxeB_F~0o zyk)y_9)Nfr{^sAouM9eQEKt$&q2wBzk{z^0S{+4rMh=4u*ud3$y|_OA1_aWPWA_C{ zwRT93TULgX_1a5NQj4LsVm^Kmm;d?v>j9Ng@x}xmijV7&M=HgEpB*iw zTfp}CMb%?}>IfE#8S}R$_R!F?c`Y(BnG5T7l{b45lE1}vXG{*?p>*b zBW&cYqNWHIeMM-Aa-&$GNdy5o8u^|NvB28nvQXJo{`!q3N2O1Li64_=1!qH?x{ zaW+vH;~G6{|8T_=U`Ek_8OnWkBTMLhSKgXk$B@U*?FYQyw}90<&EM|E#K19z+DEBs zD8`CuPc@MXlmqNuECOi#TXwR;#<;C!GCsR{H{an3WY-R#h zf4L3tWuM&nTxtDa#S)ozJ@-Wi=_7h=8HgUj+Na+wOIJo}#e2ZlBDKJ)*K}6L+7R}H zv#(KW8OZv=`|jfG+;f&4*_b98)Sz9d*z!#Ks`Urgf+41}Go?i$i0((3+}KWYu$RAK zzwvXjwjzJ^;S_{K&Wz#&`yo~Ucd{5^cSLGix-JYGcFjir<#-3}FV?9roq+n4@0c71 zHca4x;$nK(bm+K#YoeK3PZm4w*R^|VGCW+f`RcAW>KiqE+8U0=q_Wj7=hH(WcK4P7 zfzS?G0AeKJeqNKk7NQ>8LM8n#yoOtGzo&0mO1bY7M!!t|fC=HTmUmciW8Y5{ z;ERWKQE=(tee}5jWmJq=i_hnm zq|PD)YqN%vZhSueYtdPzrwt$HK4F+z>WbFRZ!#7pHBHf zGdpWFJS+{*gh!r*yY?cq$XQ4C&vqN8A7hAtI_RSJM>J31TCy0l+eOo9YHQ-!kuVIN zH$-y-@>JAVyUunkA5KZ&pF0^Hr;QTkUP>!|XsW-WzKw7u&vn+7FJ0OY(AhUR&2u){ zuWKuuo){Qzo8A}UIz>p7MtAD(2l$t)!KKX^B44|52A>DVq;tG~EAHCgXDGHlwU7Iyr|*AcnBN;qM#` z5Q?^z(UN9~K6Ha6$2itaLbg z*j)9rk+xyrG<9GXwfFh9cStk4dUj0-H<_5#K*`o}*+#?EUb!!{qo?&H zwaD9Gn}4d~XV0`P2W@kW&n--H__%+W)ZA%=Vm$pxC!(vhNsY?y&`_$!M8gl=3X7kn zMPF!;LLVOvbWIG1_&lsi4wT;bJaTtPLN@BcLZ8_;aU6=vMfRbT(G)qLYt`m5P_yM< zn73@5t#RM?E`zv?0#_kT>58T3GJ-G{IqTpqQ|_#n6BD$861hE97Ys zJPtmX(l?c@Jk;v+%lq$}N2eD>hlLj?yD93jxSzZ3Q(ru^&vlpWrx-uSoxUNFIZfsN zW-ZD0NcZY<8}*yhFDV(!KEJs&+`Kci!y);UM92`_HL8T(tab4;vS;c+=VwPQ-b9Fet~UYf%Ba@pwmIDo8crAMvf<~kszVFh z)3bPXs*&dvEB;r4_=g`nGI7z``(jV_w)ju(`3mQ}O|e#OPUZQG+j9Q_<2y#4pjUP3 zWhFUIkEh`k1f)tZm8N(QLbl)o3mes#RMswetQH}2sw@3Q6c^teS@>n zM9%Po9kV^=J@3Vx?C>`XkRZ#FZy%oPxNq!wgK9%D7gSYsdqs4#L9tr?TteD4gUHz3 zS>Nr&>%;plC6LMI~3>IbgZ+o|U_V!j-C?7?aLH&$DE3o7&BW?#b%we`DM~ zFdROrDSb?j>RRE<=blO^%M}~T z`Yg&2$fw$`x&Ads1~|*3_F9(s@~K-e z$(e|)n<4pJuS=GRf61bE6hviZvl*nk1g8-$&^pjtFCX2v8%h)a+I#Y80u2QKxpYY{ z){teUR9pu4v{|mBDJLzA{}_x4KHjd`xM20C7Y**HoQl7A8*m6DiHDR*6~<4m|E%RS ziKyHkqh0~>?rP7rXvUHDcKHhC5d$+mZb9mEwbC1tFpEI*k}W8;IZ3X!ovyyp{N16s z!G)pqk-q_;*_KCT*@ep#(@1z?DOYD&bCvRRB-6~oBSpeJnu9dQZT)OSb@sa!7f29l z@IeAnY4{DTsBTzZ%)QOqS{!xO;mA9Vaa#OeItzwQBAjqe19Aq+Xq^uy1=8%f`nG18 z_KId+Cw5avn*}tvTBr zmI!olZc&`5zxBb%SlG|T^FJLCdyQH4u^bv1x5d+fb=6~@yyHKp!%^0O=Rb>d`j8px zB3@oz{+Didvc{&Sp`pQVIR_{I1{y|7EJ~CN6*QF;m^mu&*gGH9hvjugNh4ISu@pFE zRHpHUnFzk@X?yfnZRzeuZTUX^KrNg&7hx~^UcI#IB<-z>;PC)l2f_T-dc4y7#0fT3 zJ@Zb4-ktf?=wn+RoBoXN>lr>Johw_u0xItRtH2d!^#rE>W3nkY- zepZO`5RTsNp1uyE2$Zn^{#l<-aQzYHtQQlp9()CpoU8jIHsmFNs9L|D-Xq` zb?7ave|l_1G_F8PZu-XW(wl|r#Dr;bWApoAht;){6t-lhhF>4$Yv(P$++P`LRleF6 z`aQnr>v*iNxxDUGmV9RAp>W+4Ae5*?;2^&~#`|aVA?^{%xW&g6OCbV9p7+wSq?||! zwB1ixyC3Oo2s{z?xpTvTDRDD;Y;zMkSTua?uhvFOUgnpOn{G_q zQnqss8Vnv^BV7AZc-`-x3ksUoLTYZH16-}lGiZ@9_{QK+?p!?xeyA2+jQ(Aol zi+y5qKeN1-QvF&8_(~Vj$?Zn37rDuISm6E7cni{&UN0HTGv*hbRvJ1bHGvz~SkX&*@Rna8mA{AsMU*Dz zNk!L8+`zJMbaLX86)(|tJ=~also+4XepV137JgEK`sgy(s;qvKi4K;#axwblqY=46 zL%{jzQVo_X28)wn%xh4Mvh*GOgIBCo`HC>Am^D7UTlC*Awc}gxqpqL6BEVU{K8s2MD(M!WgQT)i}*vVxqiGBI3%V<_C!~AMAeM5KAS>M&xbGwFUM%rDbG@ zd$3fUC^9jlTiP6$TXrM&!Os#UkyT4x+}gPXA+R& z!sJSN#LS_3%jlE6$=%&ot$n2)B@#=#z_F$xT3crwtU1fd%39dFf!nKRu@g$W`a=UU zOfTVH?3t9v?&L?I1ZB)4C%tbr`a5!#nn`^TdwVrHk-Nei&8?cpd(eKD*Y;_xlVTM7 z7R?jmdV_U~ZDLe>6f?r2jg|vh(k*9W`>F=eoIel0?F_~8mvY$qoH~qGF2amUn^E=03G*lcYIAjW)d~W#z&$pl%t!rH4 z5jE`;g=(}i-^unDVOo3|CopLaI)HatJiFRAns=JF7Hb<`bWK9t?UUVd4tZ2c3MDNu zYpjS#JfrlKWa>y%X69cJCkrECy|JwUv3nZXGBcj?yS`(N;$_EYWOFgv&k+3D>A8wZY4k7+c$o^FCqNBUYRIX zXlNOfz~mU`SqCfMRsv}&=7oefdoAJ2q z2^2?hFL;WeLc=|u{I^_k!1rO2+5MYJ5+)s2b4>MYhh>}NZPih9m@4Tp9NWU4t8uBck25yRQc4EAKkH}W_ z=~@Xh>Q4kyxFo-P(LFmMg^sCnm4n$9-!qN&vK#Ro%7(%xZ7wKXofE(FgK>Wj0xD&9 z$n+y!aXU#p1)b@Vx<8G&uh3w#jnz$;TZ~fgr2)%oTIb7jP6YXKJRxKL$<9Hz(ctW` z@#ehAC&MnY^biZ(H09+Y^Pik!-=7Q&*)Y@cF}6^_^0$eH&gAe{o&6NPKFg=#Eu}Pi zE@v6NKKW4hs;-N-_k&+3()(p9>9mJzNRGyN$59s1HRbCA`>2xwU8BMh$$^h!Z?6=+ zF4B*d>5$QP<9IZk1Q2&EUp)6zk^aV~o@WWEt9g)|_b$RKSBa-1PWQw&q50>|6mhhJ z7Z%htD|H@)^~!3B%L$<*@{tu~ziVo1Mg7RK0m9bVYp#{$*764a-z2n2zM; zLx0ohsm%3lph^D1)$L-EybFv&_kJi2@I<#xm<~OCPZ7sYG$<%LL0UXN(ygfLYH z>nX3E()7c9Qr1(b#l81{*5P}2(Zdc<90F0d<~(0g0jkeu)I{eFMhi%pl~&9SQ7k-yw? zc`E^EH~nGUKV31@XRUB`d7N8c{_4Kz-jO=#S@rwMgxI!G$+i%!{gr*DiNhjtZ2E369ndeCsmV-+mf2s%e$e8ji0VQ)JM-Rb`;pU zf3MH);>~Y=oQ_g@FPc|&o`001f}5(D`fPZt_|0!93x?L=wLYdb&IdJYJ0&h1Ub|Dw zlaViwA^afdJ84|~UOqYR5E_$j3qPH>J4BT(@qIpliJlst`Nh6vqt;U&U=}z^j6OCt zrd5gMD#7wXD4D@%774A^zOoC^>f?akb}YN{p>2^VLTO~C@VZWR>1WsD;5a)SQNC>D zdrH$mg^u>$Y}4srd0ZRAJ$WLG=nIaiN2K!jc4D-XIi&cIB0ONE39%q!koqpeM_U6D zd3@%YRDj%D^YX~dl{UxwcW4ff$d0A2cuc=`Ct~uJX(&VT^+cYeg@zHQm(=|BH!h{> zNFZ~wc)T0$@Q%^MX*z<2PO&SyC=RM*`}*bc6MB{oc5%JD?uvwpudKd zhYue7n5Sm0Qq`|1P+_+uO1FzvW>u_uKBLHTy);SV3B}?uYT=JfB6tWI{aTG;d%n`9 zm3eKdFxkG_rkp`Bm)OizYV!I-50eC)vv5Ek$niDPDnqu2`uDQSXt6gkPn3)7bdV zjtU)^z^vi4huDfx!N+_%^MIk+B7oA;9XPv88Jch-Ia3Ue_G#2m43LmkRaPn zMNRFy-1-*a)g6yeHQ&5}rdKDsi>=DRWFq8aHn((4{)N+U2*x1-A1fCMdp8St>DppTGGW=XU3-Me?d)WfP7GdsyIpOvgDx`lgbihe(B*xexZ zS!VM-y+2jn(EN~twiv=?Zq^SZnnvP5x8!I}jn)Hw)>{FJAxfLri96VbTU8def4J<~ z_+Du_z@zXOi#7)UAqT+)XdNPG(3tmK>;Z3MDZi5k=aVN-OlcW!ut?yiqOlecuntMU zA|ef;R@4F(8xD^5&2gDSYw1i`4VTS4F07Vq8pQ$Pdio1IKcvV6xpPw55PmMdU}edQ zpZeD5Qwi@scHb()@cY!<&U6J-!N$^(*{?s8Xd3KJWNJ*!r)x&adnN17b$KcXA55R1K zK)zfXbmz4j(j9{H*}We9P<&!JB*CJ6?`@)r+GMR?faMaW(#XO+Bq{jj3$UWVFMfV> z_m8hWR{B<^gXFa%D;l(aySF?L@qb&yR?nY5-_r$S8DtE+2KdS4t2X%Z5ikF?1<~7o z{tX!fVc@@i=TKg@_wwUI9_(QJ^9nM+_UeCL6*-sBarwyvti6B#|Nqk)BwAsJ?Tieq Ux z_ufKpLF#kk_nr6mH#{>>W`Id%!hO!3J-gRldu_Ouh7#qi`?v7$@F-Q3VK4FUNT~7f z2vx{PfKMbMidTR?_|7ktp5vADF>U~Fh^*w)5(^6_&+bs$|4@yL{~Y_{)A)a*WMJ?M z9{>d7xpPJbbezo0veYH_%+qj|b_-3lF-~Z|`SPEtE3sF)Uo7}McV58P% zGYi*X<&`xxTxJ_;U;Ohgn&oQG#1RIAYyba!q~as2>}chg|KB&PuKiNDx3{ZjSA~CW zT>dV-_^nz<#htK)y!7vsm@RjEtDNGJ>gacvz9Dol5GL)iJw9{vMMOPzw{RoIy}{fI z!|1i1YukxjdH{u1wk`*D(aAeT@P7D3md~YV4;m??+~kd0wO3Qx<*K&I@Rh|iUtf+T zMKg0=@3UOfAwT!xm;IrJQK|oon?#HJ{F_@B5ot_*aE9y@L#Xv)vDu{ zbCHtIOfj~_T-9ifU}V>FiX#JL zcP3*acNKzGgi1ZtZ46h|S80*=>Zfg1uDV2l*LLT&?KSD;ETS3)Q;h6Mt-M=a-4#eAl1CWRLKnf@UbV?)^S)}L zmgCiU)>6U5tJ(?n+DK4-w8?``>y*p;5hiX-N6|~xT&WvK?6VlI&Lr~&?TS!anLfg` zvh4r~l^|u-!S44NzvFxFMPY+a;D>F~)CdQVAAe`&Qg&wY8`LzKg;M5SwhpW=s+$l+ z*OJ1@n?=vw5XP=ZlcOFM$bpY-1HHdr808=SM?4%qV(A3|p8Pk5+aLGa)+*P#gXKa^ zL%}mHIfz@Le(yHlu>+PqBxJZfMWirKu0Z{III+A#iJaj{3@Oy(4NEB*vakN$DTj%p z*=~nZMjnlX4>SJ!I?Ox(feq*0Sa)g{n<%&^zD9K&bSPZX+~$k#{~$iVpgva__q7_1N&e)?3i`#$B|dloVo=@m6#mJ(#6+N)G)vB*U=1IX9L|b&obhy z{P2dXrZT2(?DiC2B)nD8q`@RZIMW~o{m?vd*OX^uE_~NitvuF{GL&(xG4)O>*d+bN zn>mTSK@54!2T(8G*gp)eDWAW3eyY8O2{4-$k?uk4{BN>FSC+A0+dnb$mXdu+UsM5yf`(h;90zFt-6nZdr8h za2>{8`Cy0kZBbslqWXfrle+Wep6>=TM;`RA+K}~l6tzj~~bIq&-utCzsSlL)ge6FA9EB?%_LpGqF%Q_wh4GOmfPj-MWj zF>)azV?k1l<+nS_ThXEUgxZx-qupnJeFp7KZSMIf>=0uLx4+alG{|)E);R7--lv!L65pb}o8Eu~H_g4&TnP1v>6GlVd?$_MZ#aqb zOeXKB1q+_i_K8v^HAZD1bsI=QyP~#38}+C7)Cc*3EY|M?+6Q1nG@K0RZWGvLi1?89 zv7d;!xx4kryF3lwG~05XoWDqbSaT-*n*B+rii5bR@5zj5zP{v{HZMa5u@tYpVTHXqM?c9~x)pR(J@l(E2om?L=_>4k9^Ri`$xy z^NzWG{?>h)2yA#u8CuSE#vF^ewzY`oLz0nKH-HV&t=(?dmCq#+zU1wn(f}9cg&G zB`Kc|@s8N^u0r+w3x|>(%eCJ~v2m~ljP7m%=@7Rh$a8PRz?EREhi>43+<*%_Sqc%L z{Ze8kgEpSDC{DHoADK_x7~w(&gXvLcY?3vEc|0|DABM{H2}r)G9Gm+bY2{wcqTQPM zOA#FWD-%@wa%47FDg^VRqj_3@#S|B+I#dvcgKf_Llf zeAl0I(+OHKJAWc}-d{<+{=mXA#pz`=8_4{YM3v$isL1->aAcb|8s>hV{;AdImvxEg zrROfFrk@IOR)exKm@_I=1ROfXzDN!AlCDs`kCY{{Iwpq?F4Xooi)BTh?#%YU;3!_t zGT5Hh0^87*wut>RaYo@L%>epNzTd4}uCu&d<6o?kiJqs&tTmW4o7wdeQiSUz!fQsP6^{&^_zzcTHU#mXh$gWXzBSZoZJZ{TL@z(z{s4_Y(xe z$K}O|x^Hv7L__-9Y}#?@o%Du+)$D}nK_U2=%4yrC>=n^=&G=F_geB@F-*wl?*r79_ zYut$+_j{MC!d<}zL~6`DtVD=BQfBI?I+1I|$%3)B&YufRBizPGsx9=tJ)^FyTVteJ zD1_{2yS7|C5qS65dl^SdE>!Xk47Rz)O^I;w)G*@$ab&f1keSYf_`bviS-t#2rcwIb z%o~Mt4%>WB4Re*vh*e3TLcwc#-t7$4PmYvS?+9!?EV&yNjWP(xe8H~@gX^-Yun6Dn zf1RBT<#z-YMaJjS`_Sr12DShso9-D0bF5x(q-z`rJtk}G{<>yzM7MN~5;dtuD8D8@ zN%R%KYxF5rT~va>jZ9eP8_ZY+Q26I2)2d24jXat!*$DnfzOZo~vHPe?>ix{FPnm8+ zmt)C@7WH<%{zu@GjVb{1zYFuwIGHYX#n>8Ex__0JvDuzr=zpo>ULy-Yu$JZ4jGRut zDEujk(Iu0Q=xAr5STzA`R6c=RFi);iBlcbC#pROB)l%a2j6;&Y7~43wQAq6yiCo@` zLJz{NbIHgYb);m=QdY_+e<4Op6W8Mos(&_q|B0LRPR0gdImA<=XoM|^T+Va*bV* z@>9@{`Lu}Kk_zlIm{pqcOH&z%kVGWXg)%F9uzX43nU}U_(t+CY1SGI&41)(^BWsotRtVT12k#W7J_x?%y;{hH5S3l=FBV8W5Rn#TPTGn#>Q~Nnv=sZ7& z4O&E|!9xBj=sM5KuTzU(G-8l8dab@ok4B!IkLRUiv(kf~WFLy(w-+Ii%CuX8S^gK9 zcjECR&FPP!@r06AgJlbawhFE$z3K{vX9Lg~^l~djEB!C@;W-nP*_T^pd+?R)w?&*ZFu1`2eUyBcubob~L^evT?AD7U;*xF1^MqT! zJia98gTUa8TjTabd*ut3t!pyZf2%m8``?P!I(+I@n7>jqGu5$5gq+1&?6-cubH{*Ejrj+KhL@BiSftN# zzT!5FCUE{^R|9KHhhtn82;D_P-q0~WI1Wa6qJ5E8+`5DY6#+P94wyn908)`%#cZi8 zXf~8ifdp!F(O3Lp!2V$gVH;A=`kRSsW7HpY7`O5>GNt93sTq^k+%8us65Ii6;&ycDWHm+=^q86yiN~?q&9!EQ_vFxL!s(5uT2Ez zmqXC-wqd=*>f@;e<=Vv#!4fmud(2a}sD{;Dw$(?Kc!3@0K;Bs=i|q3+v- z)Ft1+-3}A~$6cf{i!Zck{X&KWIYW`X%n79CznmU`$#S@IkuD57!U%s8eH!ovCxyzL#_R%R z{?vyzr^xU9i$#g**;9T7HRdR}DEplO4(L$GY=^e*e99_xCO9|Z^J2gz%u6o(-;zc_ zyuB5J4n`szG+?)r(N=L;^)dp8D8C3IPA zSSkHTf$KaH>O@iOU&-a zm?ggg^FX)F4onEmx}aRfV3aAZ8aXb!$oO*8qWBPqAy&bfFnD5l@c-`Dg(;co*1_Bb zW{$Ce9cph1e6METiSPrDGnigs`tiwxRrV}ciBY={TvD?b(fSoA9mZQ_Z=MIg;x*uR z6GPt%zu6cB-~3*B?Hv@tqzk%puYR}5dw2KxYB!Qf`gDHw?^?FwgP^X64}a2Ue_ZU) zH!0uz17O8cyPo}K$t(al5bO@ie*)N(^>dc2=`cE9lYSwFKq z8biJ)$?P_6npp@9U-Fm_B&C`~8GsW>)duc#2M>^QWen7BRrHX&i0CQ=(N^+x6#jDy zJ1M?T>$?|yyGKobF^*KTcTv@VLj|P}xq^GLo;Ds0Rpqolw2)iURc9WkKMx?J8efIL zC+&aEc)d3AT$xWVitG;l&PEeG1$-nN9{fg+4OvXbar^JK%(jgt17Pc$mmx8elK=LY z-}mw5Sf6Ef@3jnPja`B4zrFLXz&3;lr0mE5Rx}L{4fw)p%E1?Fm|Q-yDJvRITnIj8 z6e8>_N|9t`_0B$@wzALu)=+c07)hFKq@ZKd#{aW%+g>6;7Fe;NnNNHA%$B9iP|j#K zSN2=KU?{(T%2q}U0b2(3PO|!T?ON6Y(>WcA*VQO%`G4m!iJyHo2;7{s#%Oz^^O-1d z#7^znNz-BGE=3a?^bg=$MAK0<@VVEqsRE_V3Jo;&8_x#+c7_8Pm^EzNPN|+Zi#8Prq6`_i+POL7osN$`M%PByERK5 z5JCKn)#sHzs1wZ1Ea(TwQye34?PEp-^#iJ;O39m z9Vke~&Rg+&WGy+wvLLIJEtEEm!xJ>ctHRF_WA5`+T5m$!+`A$~{m0$x_LIHq8%Am< zp=!3XfR0{~@%l^x9phh|e%OOOrNWvtdpwhPitgJl*p6rH(23$#@#3=TQ2oLlBl>F} zqQDt4r}mBwbQk{*Cs9ff2f+ndXRup3lpIVR{zaKck(gl0)J*Hf?)koDjo9DDG-R57 z2MMqIC1^*;ewfn8!TH70B~6r}L2XA6W|4JJD{+%NZ(vpkSah5lio~3C2IBb&j7xFn z7?b9toBg#k@ts_jn>lZOL@-C~e~RwGBH~H4P5Er@${p$}N?^O@q33uDL+ftCY)AFCsWn%UPK%_e0nX{$SbK%>?ets++i|}5cB|A9bFhK0hcMHJ zF1AMO+ck0QmY>~@@5uz$ais{2U(HEf*QpD)XF#yLW4o#OodlRQCrOO>X2Ah{Akwo^ zd-oJU&y}ND`geUpg8=IFjrzQgqdV9m_Jpjg(`&qWDMq5Cfo0NKMg%B-_Of&-hRKsH z%NmU|i<@VgR}cFAPAbPH^E&n~&Fi zvTxmAP0{w`{l4&_gWl@X(z79j0*;);@U^G7{ODCsi^{yGnk(zvf?sc?*RYghk%{qV z0RkM+<4B;k`uXP~TAjVbo1lH1?~sGWBln*@6a@xryXLXOQxP>k9YX8An|4}1UXbqf z`wi#$OGXL7qRU^LJa7gk!qF7kc(R1emi!I67dvH_~TZl*Kvse8&%63Q|ar+0<&&PWz z3%2O*C6Fed9#9Wh?)-F>IMiU?D`rFWz|;8YIjMn~CyqBq{&}T5xCy`iiH}oK?knE? z1~2+Mx?Kqr7A^yFq?i#uumOqQ)QLEr=uMRWdP%t^-tPaZ*YLR^)A#=Pk5 zGtC6aaqIQ}PWuY%$%UQOD(qwJi^h7qe_U_AZuUxt$uTDI7YcpM$q8u`F&E z>BDQDdA0Z8f(S-=$fHy~{*tZ#c#24Hb?yyIOe+%;6tIwAEwLPdq4iy(gKh_S`{`M) ztr&pa@bP%I@J3BHf6aBUGU_Je#!Q5b1Aro-Qf;gp$s@xTW#qf7h{9t|9A5SONG&%a z_bxYJeONZgbQ(->Bo7O%j3335ITOF#tscC!@?)tYe&TIN)_6Mkr!n|;)E_rGyKF&E zUWeTi9%OcTs(HMP5>{{oJL4!I)xqs7kELC9}PKzMVHVE-)v@@R5t#YKI!uA5Vlxm=6s!uT)N` zwGTxQ?lSOkdr0xjQ%>;z;iMM6bprV0crRZ!!ESluzR{L32kqxuf%YtJy>wEZcmQPZ zu0~Ki2aQeX}p7+EZ^g2iX6Ae zp6?qj;Mk#&==|;)#)cO+KTm z1!Sj8ZDDEXT#9z(Ao3S(UQ3xp$UZUbVcIxPIcxMMQ36P^YQXxS|Y@SnS|LpA1-Oz5_f^_VC_yB zb0B87{1sjK^vVlY(Dxr>jY*to^`&Ef1~xIi9SQGA1s z_&92UFsk+k72`h=B?BxE;=Iv%e<+lHsLxzA5G>hOXdjrQEktha_G2NblH-y$7wb(8 zX#x?eQP306Vc6)e_k;5f0F#uhzp%lBqv*bzeirmwyCQ9G!7SP&*W1mF=#YZW-(!j*zq4t@TT z7Z*s#CPxLfs+8VMXqQ~~BrDYrC>gq~IjL)6!@kp|xd5kB|NlEB{--+Mz+($d;KWmP zd)EpR$mt`=^R)iMRVPIN8EnooKxudyg=E|1IH(}ZrX$|sqjIa!1RY0ambI1vlDCcI ziH4*r@5in8;6+NoCNA^OQv&O)p;?Jg@+^ zKN`M?8{k0S8<|T#f`E_K#Av7F;%w3`jT4vg&zZ*_mrh+sfgAGPmGH&92I@~J|I_2L z1v2A6_)&p(Z^J_EFSoJo7$yMr+OM1Xen8n9ytfTt@%^NdAexehXtW+~b)@04%JN*T zYuW!V*=TagwzP57A!NG77HAah)j1@a99hYnPaIsWBpWx48XZcwz6=cT@(IJmO6=5B z*%vg6Y)Wjsup_)L;;HpB9P(uYpj(-JyzYux93$xIoE)olxgcrT7WQiCk`T9xK$w<~ zUUt7q0_pLI$XKf@ZMKC<;?uz34!(JPR*FcK4wGfZcHDZ^m>Nw~ygASB&#k-oT&#Z7 zlI~pJ;%HFqAp!7Nqan+>Q2*@yvoLm6@7ZhevxA3HM*~mS0@>k1rum8k`Xa4E-#kF8IPGt+Qn7o?#!*}M>#(k?qsKVh|$1fvzx8MsFW_1dD|j< z!@D-ojVNzCTyk~xtIAM~z|&2{T-}aqsiF9FCZdBr_yLSVe{)%`7ZHFMt_oKq7Zjna zSE~ou=y`@_qCBD7Mue^F;vUA4E0qD-?;Z^d-w-@BaSkPsvO-gFzF|2hODxx?2VU`b zcLVpuP5D$AleJq<3gEIBd*m(rw&05HAOCz&`_M-tO)@}S1=U>`T+|2dyBots(k_Tg zKJ}#mb;T2*T_!A&Dc^unWscu66FphwBQHeuh6*Q;PCwqP))G*DLn`1Y^%RJ^9&WMb zkMj_rYxGvs#q?ntBiRie-GKr(cxev(zKfucQD1<>c=Be3u5m1VxV0A%RMq;UJJ{0EO`Nza7ELhfBfLp3 z*>@7l;POCUvN%j^N=X893om3&pqux39wbRJfQMDG&kMVvlxd#Dg)XEtyAJbhTFdgL zdSjq@ctQPY%j)p0{W8n&-EX;PDHbO6V?9=Wn1USXDP-vORDtTknFPm^3hbjhiR5yJ z;}m(GnPn{F{ZMERN&j`3NJDbCUC$6F^{)Viue~}jICGot`%WfzHCkfzi5@vRVv2RL zX^;!=w+9toK%$tx8lX_Klq$xWtQNFt#(CB8CtMrRQpALR8RbYjEEhIz;2X-{a4OO5EFRpGF;Xe|L= zX2Hkg!iB|=aIfz?Dthvt*^?|-($}I7r|goiD{V7&g<~1+yJ1GhY%?=*d}GMh(zkm? zMfzOr7G+_2DDgm9C2nwS#D8kc!@8s=A$L#;#A`|3BW^$qEsX!?VdJK5>3yG9@Ftj6 z0A4b(m=l1L74r^sFh;J^tnySKE(&rF%oYO;W*Ht?Y2Y|$T^=YKJrm%m1(!)-;6Q7u zD_WJgMGy$8Jya5krVJlNR~e4azLNSkKFJF@S>mKl>xtfMpS$=zeBae~WQ;;3hZFOj zD}x{*6!AqG|`2=v%*xTH%G3nB{1HeEPTwTRY~x9R#8ypYrW|h z;xKK&$C?Y-#Z7~&7tZ?mzoq^{j_89?3S68$^%EF}Bud!=qcgu?9Z z>q+rOt?pyuAqgDRY2kTW5T_@@J$spFX^csDg<)xC_345*iR+#Jf zXEEg|tA%k=riiSKb>KyPMnSok`p1m%j+bDrj1Eok7ZjW$cfPMqYK4C2PL^M z5f`hwrtzj^>3}`o$WgHX)uS3mOzrE)u6W?wxx(-%!3Hi)B7+D@PR*?RyZ;bkk zMnav4c$$?`fl557By9&hkRl`{6fsMc1{V1HK*Gm_C?0y1$iyx@_TU_yThJdBjI}?M z9IIwa`(kD5%!GL#cjl##{;iGvi%NnFVAAK~$_6hD@*{aH4p@H+W**AIk^-IP*ZGox z%0tqdB?2x;OD65Cpce@Ms(=L^df@8wsUMgO`ORw4uaJLCFFw+}GbBx^=7kBt@<14y0#AB>dCl$9kCEq)HV z>2_SiTe3>sR*kK^1deJ|>dvqHZbEB4>zq2A=cS)pR9bf!hI?uiu#DuIa-3C<$W-BD zvQ2Eo?3ktZgm6b(5?fYf0>90H2@Q~Qx65ZRZkY@!Fumx1<>yt0KqSX6IZ`H_i=&>W z^>$?;$~gVs%lIq#ral@kgC0REM&@B3N+%uaw}(RHUX^-{6nOzCuAgL%&VXV)+yDpp z?;cfX6_V%Kp&B#jEmQK%d7dmgXe`(3qUr1fHQRVnIXwf^1>OTd`*I6XZs#N2EyPQn zz)5YQ4-HTa-tx6(ZdT?I^nZ;GJ^4oa2wn13TX1Y{T63~kCOc%+Rm~86LM`TlLKfee z#{ODcFd9D^(UdyYk$9=XWdJO+EyMt0Ljuwg%LVXX)TKLE9 z%AgitvQTU-uj|I~tF*rdm*gE>0Ii%&UBC%n;#%*gF;kp@9_u(qe%3o7FrKSAeP#%|N*X{in_>`zijQg??4pCA#NX za|2^CARKhVGXI8DgaKs(EOaBe`C?_Zs?>M;;1aNI`YA@X!e$l;t}AJ7oeK@e`JVtIyWbiGtSr@q1*~XS8n_JzSPZr$%O~NDU5zZkN+1{qdH(&Wwh5 z5+%$s%#@XX)3;+8QcAK%tjC?iUC$f(tY@jy1-)x%)mV}(=Y1=i`hgN*fHCOXM1r)0 z;zIpLMdC35Q4+?b_0|k2bJ6T$@eUPc*-Tk8CX6RJfAbez)_sb`139Z#FFPEh%4h6;`{b-kg(?GunP(bK4GF z^1WuZdd}}0b(a+Fa`ksj;;5`x@I|I%z-jKG)j>-<1sR6Bls?bUahjMN91*~_JAYP0p` zH|VWP%Q6>s2|;U;l`vw&lrpm*?cIjeMnpmI;rQKji^^`otvWB`wBIq{{)kog4oZTG zx0j9Doh3#N)7Ux|QIJ)+_Fbhq02L z%AMi<)3O`rEiopHgK`(wQ2k{Z8Pk7tAzVxKm#SGQ424pe7lVvJaPv&=(|pI>og+Z^ z#biy!z#vK56K^4EFL;e)Kxi{Sc=D##bI;gkfBsL=yj&g73i|$}Qk%7ws!r)HTCw$j z?4`LV%`{6@%=oIl+azGFbD${!U=UH5sHJ*X$lMdDem%_i(qyEODWoMekT0fBVz)sq z654}5CQZdC_laR=Dnim)SPi7!B9Q{6cFfpA48e)R-3c{Rb>jP&#Yv1ULoD)N=K$- zy@8Nc_O2=UgOb6svu{FuVucBmOMYS7c2`f$QvOQ=k~2+5Z4CZY6aBR7Db$9+?|K@y z-&pIvw`Hv{Z4^1jF~&Ovo#V@8Rrk0W85{UVYb9h~EDzty)`?VA++G0IUPUJN_H z+eEPNHR#ofI43mXX6v_bqWA~md(yvciU|9(*~(A}ul?8dWBo6>wp+5-M zZal{!dyHPao|ACuN9}hX$CTY6ih)W%r}_@?LRsh2&jV%VpSEQ(!$WmH@A25^eFsEC zx;(>ci58tz6Jgsu52t>3_Q@|53*2t1EJc@m+)86g^08rFQh}_AQ*A~>4~Xh2KqdiA**IOeMLcN>29FTMfR7)c z9XeYG3OrH?S^}#vA7?5n@3F?X+6lU7Gv!O~)GUoQWw%xoUtjL}Uk`T^RbhRZ>laSIU2HZWxuWkmrm&JRUMUWh_&7u(A`vaz9#u zu(8$o-O(3Y(T^U*FV|e6cp>!IDS#X@+6RgmsIl0JBs;%zUYS}L3|iBIr?L*JZaBC} z(eeOIK^B7`+M^>IlIQPD=PMa;WIG5^pB^7akO2o^cs$XKV{ve^vpD`f!`e>`*4nEK z+~#$s3iCW^h-QFwf-8vEN(y5lc%LqWa`VJ9lh0uwv9QQXtWDTl05tt83ocPx{?*VX^FjBnC1O2WRPT$BNW{N&D2$z-%1qNo{b+^$>+7FWJZ z?f3aYR9+b%ROTmrzT@6p|82Qdq-j68%D!i`3dpBa)mA|B2^~+$Lz^uWtLeK{Vc*px z@;==Wf14V@#%IZVKoCq+xQc5V zSm~3k3Lql^_mr%dnwjwzl8~=!=koRr7Pa%QQ@Pj3J2qdQ7-H2!1xFQxL+4a4)1h(v zw#rx0su1CiOaV*A%_2MlujWL?lP#TmKJDETt`PZWbCrR_%L4l>gkT}R*~`hBl1`j} zQbG~G@lSgAXGEKuBT@B-lXoH6q7)_ls|Rlx@~p372J-#ryFaOv5?9*}JMkPJM{t_P zVM*8YY`Gt5N|LT-G6P89%E2nylHB#;~B)pRFWJTQGQs zf$3gJ=BkjeMo^xLu;eSwtwlu1#Hyd#ulzASI5`J^2NgbgQ}>f{qbfK!yT$yhCc}CN z*FJeaJMr_?Tou#o%&%S*OwqY#(B!Jg;aH2hN& zeJ4qR?Yz+uikC{IXO?E{NlTZANqeAMQ(QFBS8%ci#0x;-Oc%8526j^su4r+Rj#(V(4=~u)f4I`;+SQyO12a$BMVe<9Y*9^fWSf zdfNCp854{;myjW?8WP(&8MQ_4w%^<00zmlONv#{+Xogv>ok$97$H7?r?6Ft#K11_h zJs@Og!r(Y{Gd&90cQd>_4bwQgIEF|>CsDHUhMD;tRGmqSxVP6$zoaQV-Z^qjWy6HNRNbYioc1U~PY!}j?)mcsZ-Obh&Y*y;VuCWFBCP$4o#T|H zcY>V=c2#0araMGb^DRSz$aa-V{dg>*Ir>(Ww$r=Ob3Tm+hKCJfW4rlfSF2S4r_CF$ zqCYno4RWY?GmXv3kr-JR%)9pq1kN#@7~50FE6>yO_ch8^)9vt0FV!lIu2E=PwEWGl z6FU^CR=wc?Ol)tCM1y(QX~}w43uK@oo&Fy}`mrK$hlrW}fywxJ9C3+lDDk)SoHNjo01U6dS)`+RA0Vw%@RI@KZ;WV+pX z&Qp)tJdV1x*Lfw9fX^74GL`F4lxhcA(}$nWO75sH9=`eWR^Tus#~9)WA!0022()jF zi!$%|>v*5i9@%ZBkVNd|Z8?T`b-q=p=?L(RTY%8T&9*uBlnLWKZQwVBaw*Wonc2(h zG2aL{c$mk7PB+K@tIGUcW-=Zextve}Wi*Z#ayiW<$d@KXYIwUyE?$(Wt=je)lCt>R zj3NO?%2NHXBZgydoZ{r*`nJ(t&}^zzmVuX$rAWT%n~Czx@5<0BlcFiLfuKJ9G)#WWHY!~5eA$|BJF!3h6^Yt%ZpP2eYU5^^ry;(tOy z>j7+Lh@4b5nQjp$c#?1~O+yIHS*^(EFV4Ju)9s8cxBf5$H@K@O?g^qdbKp%lGFo0W z#__|I^Axrp)eP2LqLDe$=QP7oIFXlh1${x|<-X<2qv^!GQ>x6vt-jUlUKi9anAIwb z#vhu#;v!26k3Z9IvpV)fv0xS zkVQ$T9yDs)cVbyKczok!73=e)qfD9`cuP)-34z8ehxPLef?>#8e0K(^B(}6dMZWt+ zSfCE+eixQibO%EUk?8}HVNxkVV6`mH)7c9RjysCL>=r2V`?K3-opqbCSNZsdK%0~l zlwJAce5c-V@=8%9z|`)jQ5m#nkf|IXZmRX{UR0&}1Yh55QMYvLF||Z!Bt=5aM+9Fi z2eTAZG_07#RMcSvrUva%%#_WUoUa>e+?jL?Q_a-%lfKdXbZri)LFd^u_`&|Ka}q!! z?Jm{q+5;J%#6x2Hd0{$qpnlu4Up<_mJQbhc=zUC7V|JolTScqeOmNC&g_04)(gu_g zVhupqI3?mg*pyAr^jj0sw!ejG12$?F{N%*WcB8&RGVT{&!F zZ(!QNK!!{Drt8=m&?smvt4<=0k(!DLEZ3!mkD`~=iti0NdwtDxQ>FZ9(AAv;PZhg7 z`ZKml|Jgk$k>sDXZ}GlVAZq&-|FzO^jCC~7S948zQHnx<5q)lH)+7*f7XdE3l|uUD zFfiHROrk=y7=FN7(Htc+M!YG@YxZ(I@>!F|-iGdgp;u|+$s5Bj^wu$WhoVx0VZ=3I z#O3U9{x^c|^nky`0Ig{rUuDeoa@;cXi2UKR$o@^Z(u@OLuYJi+s$LNpTV^guwR*C# z-`~lsyB3)&$ww@J)tppTJRJ(N8S9| z8-62U?BbSdc+jz7yrNM|)CRudW5Oy@0s<@-l$oMnOarMv;hLc6la%YUz~y*QJ(h9xu1Sqol(=@31InJq>Euy{nhRK zsiJ!7i~1iomkEY-sWF=&XZ4s};=JncOY3T}ts2riX%^j$vUM$TQ0Q--D1phZ_sDTH zqk-#Etpkr!19@#HoaK`4X58|ViR2%wy$LwVQ=lp2LghYNvb~4Kg|Ux@+50x`lR5uu zvrg*th8jBZ1ZA2%rWka?#j0myn_RLPYKT(rsi&+{Q2OiFg;Z$+@|pX~4(|0+-|JIp zk0b%9%@Ch&>2sL@8#bTi^wU+J7CBH{4@Do+~56(^jQ+KAWR^ z_D$bNWoQ4ZX6-N#>|R)P?k zf2H;%{z-fdT-SMN<=v{KuJM_i&DL{3BL^rDYYvM_U|o4*b#kAyHTYe?ii{&F5SZ!s#{&L&-@^O+XcK0BdhQ-o4(e0& ze_B`Hd|!wTh-(sU|&V!36R1z-oT~e4iB7hpOZS4894>$ zOQVtVKKCX8(L-oax9S6GGUgA?%b^dUGprN>QDvqeA1l#koCbYfCUH*FreREU6|aGj zh>Bj=%WRHJdB^{G@2|K{qNPqI0_!*bGE_Jo>^~n41}Iy=9!g;DWz|iwu9J!afB%s`U5gn+20v@ro=e_LS>G(ka z9r&+1Bgh4<)SBtRztLvqo9}q zGP&>bB_sV7TdCuXy4XM{#qin1pWgmgJ$Yyy3}Lg>2aJ zKYg*l;~{(CDz#8&FbIik-HZhXyDPwT!%aBMVV2Za7JphvS+?3LDu(8D+C|GyFjn$) z0bsNhn8&*--VR$dNffVkRp6jVQ5xYU1cVE<%lN!-auGYu=XX&fAG3N*bDo^FbuRs8 z8_Rz@Z_=)%$d)zN;J6YEL@M12oc}d$J`u?SJv2G@qbGg#=*xkG6~%Ect3Ib`gD8H23)t(FS4l$c$R5iLcpU*VL`fiyw0&JdhBamGTNzkzBfSW<=|03w7?i#x37B0NjwaP#!?grg{ zy8g~>!XjAUA#|xMzMD|=Xh4390K^G`>Cyg{`x|}J6<3Q6wipDiv7M&vhU5i_Q_G_J zyGYZRf~Q`uoyXaDq9s(G!L)HHASJ$B3uBe zWDYK_`MiGiY5msFlrL_k$2fG)=M>H2mk0ro9cZdl((;81vRZ#Q8dOSd zGm-4Ho!O6Z-@2J;|L?5pHxb~%Ze)x8i?rDf`9_;CyT$2idw^I`?DP;KtcJST=x0GBTZjbm4~c_rr$hj0LgrhlL|0cdi8)A7pS2VQi_TfvKo|Qg7BF%9;~;egW~~k9#s3WoAPrSXeyXb*d=yU1GiM zNIR)aWoA5DRJ{X&V&kgSCiDFCNU?WIL8y-p8|Eo50JF?+&O z69V1`3K(4-&@4X#X6osVuCv;)t#itZ8A4D`Eo{|#RcWJYgNQQsfN(bv_njEA)pdUN z`8iy6?2Tf%$Cl=vTASJsIw!N3A5B9to(KRs|J4i%EX>cZ)X zN8$RMy6sF(mUSo~uIr5=bRBG{^R7Nie%jR#0w!+^ zRoj+#w?LI>AiG)kWGSiVmO6&37Vp_vVr>EilaTPl^D&iT3;sa$Bg*20o0+N^-*U!% zQ*5n~%?Sdo z)pbk5z#}w3ssTN9&%nZBM=}d0SU>X5Q>mtuSzk~B$=sMf%_HueUzuJYs?zr-)T*f! z%xs6XD}1t7Bql7c$?f>W3i#q!vHypP6V#W5dg#lIv~JQ3%4(Oifeo%2bF#H$Oua!~ z6^w>k!q@<-?B-jY#0RlK{j^BBT0{gpM`|f$G-uGVss@vX&a6+nXKeF@t_yh<#Q|6K zn`gi&nJ0BV-sLu^682VC*F$98>|&FJ#ztV``PkXNz<7=2=RYIG+keM5H=~VN>~#bi zh)?80*x<)<>5-qrg;~M#Uxal$NV{sHU;F$Y^FZhic`@^g%m0L5d)?}fP16rZSf;_f zW+)jaNF%`*Tlj~n4=rr$fAWDV6Cq0-S|kpxHrl5mBl(GDPl?G2L(^g=mijRzdk9

ww^S4p zxvASiCzGsnQZz;44)|=~@nYl2zF^{`M#3C6a;u76H!DI+k5A)h#8BTtEA?XA^;!lR zw$J^i`uC^}Aw&HtQ|qN&{^BuDQVLXDbk#y#|5WR~bu{kuM13`YWM5y(Db0WOMv`~j zSlweL*`u5JVL77BHy^L3!PrmHWl}Mwpw;t$qj@vw%VC~7VvYJ{*dFosmkYiZe4$9HX=QUYiMY9* zfZXn9-&8jCfb>;;E`v64zH2olj%tj=k##Yfp3B4h>l;YP+XUCgf4?g|kG&$#1YiH! z3opoh@ok2RJy=A0>T2YwXzCTPOsGLNj5F&`hrbMguWGbY^4)>nCmWCkHXodMjTcCr zI07|F?TfHo^w}Kx=qci#d)RQ~Vt@Lsq8t83pD7wG^E~MEt z%3(+LQ~Y`E8ja9x*-N0MlaIeA=>Az8fB$PL7b&9gX+6y~DEh~w?h*Bb#vgy1w2FWl zN)__)lhqRcz=1BkjlM@HLje%_!D2Oz>oa6g`8k(t}*iBtL zVG=d98(I?j2dNE}p0!no9w}H8gwWgaTUtf=|Kz2!MLVylPDu_wC+}&Ij6#%%iyt4} zg#41eUV?}rI*915iw zQhGB+MPJVUEq1>Cj)R}JBJ~hk`~$O{Clq0?$x?rn(d2tm(Xb=;#0xWsv42Z5I)0ru zy30>qN8cknl5|jvo5!``Uc_~X@b4wg+Z65R%nK#7)PeW9EVX_uXdbU_(dmT8oV4^s z;5=m`yhkO^u!T=I-}|(t@@(G!xbI>N*uGRMv+00bd+P@*Fjny~kyZ!n`&(xK)+f*e z+Wk0cY8^ouCjTK!IG;`YKhB0bs_?_Vee0*d6Fvn6hn1R@YrX?OyJ-hLB+|9OhApNINO zSU1wT-P?o$Vs&A_sFgfJnEcYFh+lQnrqZnW;u*ET8C?}>&y1uyfYZpi7(d#O3f!n_{VsVM=lHe@ve7xd|`ZZpMNpHKNFs za*1DG%cn3dD3xl?CWxeY2-LE3M>Ws3&sLmCo>)No3c~__+_ODVo*RiK$pd#8Z|)01 z7+}mzCcK$B>pn6eaAWJbNGS$D5BNM^#(z{f?|(Mw|8Wlcnh`{rUu1ciW+Cjk62`KmWUJ>_z_^d8&JSLA;BBw%REGX@tOTPa8=e6 z7)deW`AJLv%h$OMo-#IG+UyQ~X8czdqVwjOD<*b;wCHN)LEV$o#U7fnEO~cRUjX4$ zi)#Za*B5eXX;`FJhM8kEZuHQHoVtQ>Ea%dVNmj6g;pyN zDHuvv(2Ne>d6A_pIMPN5mCad@QDiK6>kLaiLxoK>_bMg_n`a=py{1}L6~mqZ@yYAj zB(B3PT5K(+yR_DZYxT$Ku!g%_%d-ey;t0zK z8FUY2{YTCiHWE%i*=p`mn!9il8g|}3Y#B`~<`QEv;v^5TaRwLxB$ARmK?oTnm5`W7 zx(B#}s6sL?e#mQe_Tw7n?-(8Fi5&;1t6Pp6aKoDM!(4(rm3O_LW2}d>+G9th;!bpH zA!0vB0KUvA)dk!Z%c5EdO@}@=dlbKzIGPxkXmzp-{M2g@+M;<~Q2T~tw=>BInx(=5 z!WQqwi68O<5t$>3DR^whrug*tk{NMa>&(W)mbjasWsUWs@5|h+8NzCVp6Pih%J|hyA?w7m?A=5g2snuOG)Cn%i1vJ z&1LH7BjX$T1Q_cy3(Y2L$Pc}rt?H|Hr$1rG|1Mql0z5L`IU=I$(p)7TUaNjESRF4} z1)=j%#r>TJ<_E`$S@wcD9ZwgxGPOI%uJ&&!!vYS18lDAI#dxK!X_TW79e8l<1tS`a zqGeyN=-dHbGxF3dP~V$+_E7@dId8QS8A~bpki7Fb6I!AQvB^sv!{fsx4AaXezCsZ* zj)B2i19)KR@{&RW8m7z;^LPi^y8+a+vRq=ef%>}<`Ma~PbO=Cf5y88cn(l(IISQQr zkQg$;&-na)aW~Ui%#9a+PON8>(fNr#gkARqqpb}>GrW}deV%)?QoU+KQ@y}usiPXjbzX8sa49+B72-{K$-NT?&_J0jmk1ZF*6ZnHCmk3VF8m4IuiowPLAaqHli}SO zM!IPB!JRxwBY~hrz=}vgAstMZ?IcOUG}H!jgMFUz--0YAM?1{gSyo8b#iF8PcA}_9A>r?{s67K z6w;wTi089?nt{RW76^JfidXMlVjx+lo@_HY<2(2H!sUpvs&UVU`&u|bCwo1{EDIHU z;k!&>M!b7VOB?~|$-`5)@m*}^nmfvvMGnT*CQzI$=n_ISAR10y5Bq$nu;19!vYa&7 zmeDV___x8iU~PKXz{Zv?ZqtKGi3&Gq`II>Eq%*hiqLcmw_H24RN``vu(&;?|mv1cp z_Tld;oVeSYyDf$D>u$!qG2K`PYUEzGX?F>?br)^7k}>z?kO)jc5kE8)8Uq7CSr1c5 zUpwws;FvX@x;4myG4Q{yd&3VINhTnkV6t8yh-QUbayQKABj9%!>Exi=B~IwYu0D^&Z*2hqqe7uW~nXP82l= z53nYA_lmwt@H|$t`@}J9TSTw!ziB#PCf(Jbt`|JNA0BAW^HOx$<7EHD$uTo6`|1^LioAPCwYqnar2ZL+au;`_Fr z|DAY)6(=5&A)f!&Q};;PaJDMJ%@Z(mGDj$DGw6AxF1{5_XtfSG+s`X@f}9H)i&{+D z^ytt6BhLlxyU0Y3kcTeOaWR1AUXr63^EN`r{^Vo-*s?GDk;QnUUvK<_b5rklvz2;j zAxti^HCMPpxz5?r?1ojSQlV2;ro~jlvOt1D0jC=kI4AaO8(c(l8nF$3sSSOZFt9(D zhnsE3VhR@R+SYfgiEa5?!d0BjPp35@YPPy@S_bshs`s_bFa>pkI$7PhpBG= z_!}R9`Y5qKmVLp}L-|-q-|`DflN;zmC;)2FR(S|b`m_r03QZiuqha8yp|4!DbLFIp z_fp+dAfGGx7&J^KA?Ki}v}IX)Y8ZbxetJVUhFA@Sr4*rz0N&FjL~g}L1?RnFx3@?$ zmHi(gHC1NoYJAXdyxgJN;iu!pS6)zG0?;10u59sHg^oUNBo;kGAogXD^W#!tU)=ca zVqjhkeh#oe;!Bvh{w?~QV%WK_YxhuLieZ7|47vA==O?0PU4`r0_d%iV>vU^3Gn*3M zSiaIR1?W(A9E|c;1|LTubo`&jE0oXVlc)ZXcd4t$C#iCK8;v*WRATT!a1_s9@j8na zG#nBfQSZvww_EOwIN^C<%uX4n+n9loYR%QF_r;i&5Hn&rdwmFEpJ;v>RuAd&I!*^E z@#D#S$l41OI7pu+dQG+?B%Bq(K^#_ptlde4%1gg~)MO0jh{wB*L*%co(2=!rVjHe3augqOvIZsq$Wg8-h2~XVh4CK z6gZj-?Y)=U+EAq+2z3IT`-7W(&TGNFZA0=7o$w1#|HGY{HWNY%cPd+BoS+6h)CEU#YTOmBw7DF*FNoxDAf#NWO4avh1nR)+ zp=-s6$gk*oIO@hAVTo>qvdG@l?7?&)j^Igln41L5_k4mL(z`_duor00z6qtVDTVm0 zUF|s%pNmh|`1`DGs`xagf^)Voj;g~ANo!8fit~?R-Q6FzkZm)$8wPgl%GCKK`rtm(cb| zkf`ej6j=$QliDMzjfSj!90%+$HNv^B3?lJQI)^)lgI&;Q&uRV`99YNJpT5+FLsM?x z-f)`L68=CVp5ASTW)*-$tTOZpMEtfAb+wdYIz0O0emuOgr;ci*C=qR6l#kh5yweZ{dH!oG}tNa-UMRNkbCojiy zEuR>cksA6>nBD!%tM)cz zjW%-bmzHu~4pn`PrvO0(2Y3N~vS}dp#Szw%!)Jy1G}nBx7EWo=WSK(mU`9S#@6Eb-2fBXO7efI&sL+lG1U zsHrU9Ps7(Y>0TyN_iz1-^1YbhsvSR>+80gzHH|h4nhCaubN%Jq9TuMFBx&|DXi(0G zTLj|zPd-i*di zu$wjvY^yKx&W7pT<^B_-U^4Lt%OQnV0E))c4&J{@Q*7jCgrtcASnkG+%)B{R4ql^E?u58~?OzVZj$ z!vamdU)A83fu&~y_%(nn+S#HicgVh^nbr`Nep}sui?*{jxm~eSDQQ8W$}g|!`J7E{ zSpKFq;g-~F?mNSy%=r&>tXq%S`>FITwT6UV-TQE8^1L-|E_qu?n!U$sx(pQXRr$x} zUIrPTAsYP4A4K3q3&wP3OT`QdLBP{wJQS}0I`$8Uy_8dexa$s9?j}DwO+iUaX^_sp z7+m*@(2Dsw2Nh0S%-mIEn9N=mWHT?N&T4VtgPof$W;kZO&RKG=LGU`Xgd&KRo0G;a zBry|blZs0x^4v8L`;7uuQhCndLCGdy{LsxPCPYI28Ua*y6FWf9l&ft&S z4J!2FcV8yL^S!jJ)Gl4Mi^%N$?&w6{bGAwVG&7Qek#1)@%cCyF^_oGW4qsim_R~s! z)Ay4q9J;ly8Zg>!??MLaytmwwne+Jw2AoRQx;)%w8xURp9;u#YTDCteD@)WVUx`o3 zV(i6`3!lz-i>mPIje>1pOs{U^92%u{ydcz1;zGx=i++Ef^YfqmzN%R3P*dUKOqgk< z*Id^r4}DppFhS?Pow5=#G*ZS#j$XK0iqpbA-kzXFI87x*ucB}76{hKTQnlg)$o1;D z;Ecr-=*))68Jg(;!iLWfif=$qz!!1<8mF8@7r)Pz{4D6twAe1Dts3mI^Er*^DaL&2 zSi}3T9BD5eyjY{|#=gA)B}<6GyB1;1+7?2gw5|d2@!p9I zwc_me5;cS*p-e|0@kyOg@8g~_}}!6)C$P`ct(f1+#E zcI`*oCK+>wb6=gNL%^P#NpI_L^7W}E&sQ)%MAFx{zn~+_6XZyGAcC?rUZ`VohQt(=mRQ#pVnbX7Z8<$OJX@=LgBiP>>-MudNQm&tNRr>x7-@D>;o8;I1 zQD!ju&8bAw*xMA3NGPRL8#qWgX56t6-310!EzfF!$=stkpks*CGhf75Zs>GIb<+~a zz^D5KAI(diQD#E1_Q>^O-OpsT&JN{2u(xq$bLF}E(Uay4H3e?3;S|H$R0A#JOSWr^ z7qq%ICJQ%#f>afCbjQ=pCtm72sumU_h0560*o)&xM)#?+-+dNn_NvdsudwcWGwG|B z+D3iilXKbh3Q<&|@x1Q0?y(j)FnOhSQ>8l}9$%ci^x)ICMP`5dnGEYkldUhE+z*$k z#8btnqqFP|03Gg2i_y6*{@B1PJgi9i5Wi*D_N=Iqi`2Bm`xaGl!RG!MMjD$|IgAnj$y8p_1;6pu&x=_@h!zoYK|CZSlvL9fCA&1|_h$6GdC3+Klm^gCBH)wX}D z)u3c^>c?X5n@70s|B7%&HW}*%_|-fAqvv8$Dat-x*gyuHXBYus!odri<6#p;>85^w zLzRK(Chm@TXq%*KEwpN#D794c>vjE)0HrD23h5jHh4Wn@TvysL^_^5xdg$77qI&U zqOQvR+i1)iPQlAL=XUu^wM||5>xhK0Ce?HZ2@FZxf-DP%o~&$he{rU(q8_6`_#M zgyNRc4Su+n_vTfwc@Ire0zELo7LC>srYX*LQ6E^)OW!ASu2rA4$zSzb!tI?r2B3b{ z-dw1Scf$$L^kl}FYZX1%EkfuPv5oXqT(To_X?W@SBk-QxH99f2Cd0cv1u0CjEh9f^ z*f*{MAX_T_t8y(Chx{JGK$=m}$5q0>UoJF4AKQ@joA-{A&v$bxj=nK8)x&_Gbb#?Ts7d~3fdy$$RxBU zUJ!YiyoETcoi~5@DBG=I?7P;?`?MeS^i^p9m3r-9kQ5@Lkx(_SSKy!8a%XPy)|Qw| zb(--!YC^{UPuQkSk@Zin4UNx3QU6kKrVc)6c0m&z2bn20I#~_wVtluFZqiVL`ybCm z_A^GAwUI;J49lk(YE?n}GO4}!z zd>W*Oy*@wC{fPT+fDSfRfao$xAZ)>!Z>-4^8xpksxwcZ8N6+<&RsT{+nlI8u39=A+ z7;oi>SP4JLej6tz4S8I?fIjQ>CmLd(MXo(FHBu&7pQH^Zp!(Q!TiSYL9$G~vz#M+E z8NPUcs=dKql2;V|=;gnQ&Ka9@HPoafj6%Vc$a~vc6SaHSfG&&l0rz)Jy#gk(nVq*4QX#D;L zlR6)e-uY5^mz)TkIJkVrXEO2pt&#A*T~XlJD_{*I_)zuhUYdW)y*g$N(Q?FT1>!c? z7Q8bP45pR8&hIiZdTE)WJ4u>*M)-vt_-H`3hCnx~&9laR&?1|x_|dm%^45Rm5yJ`$tYAHy248@qBF@ciwjtgj#@ z)Pug~yrsK2k2nA0Pqm2AK#}tvoRjMQnr^}i|7(eNZA2$n#Ix#G)PJZz$UwlhagX^o zqLhAOG5#M?f&#(;OTld3W>8b{w&d21{}!5f;30SysldzcuxNa6zTl*-|zcY9TxOjHSX~#pG&p%J=_6?I9z>D+N8x)MH|3U zpP6PL`wsb}z?R_JN)?8(np-)chP4QAKO5a$KYL`pi*B{Ce%z@2<iRhQQ1I-A^<$EsmqTxi4|?hAtOC5)n0BnzdAMAtV@ZoMUcgJ#gu%7^j@IbrU) zBz|%MFNw)9CKAK*oST_+Z%b@?R<$6+wm2L1L|r%GWms?@H1c~cRu1@07=s8K(IP*9sVqu-&A$$#ccbyruiYBd%cn}{P3f1q$VkGC!5_}} zDtBCOl;ope=XbS?S^g0h=y4=KQU68()4vB*zAqyEuTM4-+Rl+^_2zf;4rbJAK%LjP zvsARrQ3*nKHxw=8X#`e_NgKt<4EO|N8vWU=d4cd-vUX(VENQ{O-T!^4drY$bBG&Z; zHe26es{Mk~Pn8NYZgl&_|ya$D7AKdtu+Z_;yBcj?T7H3`?r^ z-}%Lk2t%sXW(|V{&tORCP?G-jDb;kVGvh~8glh=n(M|S(rjGA2;^r0bw)i|rNL6woR zxk5ZTOADnbSENdrX%1nuyEeOP(}w9fPtBKNM_(7QxLf@3sU1s72QiVRU)3siW8EK8 zg)UflBU0%Wr=HC}_d*3#2ds>f;7i5)YQ-ZqDmB%FyimDi;tef@- zbW`o|ky)OCvXtN(M*L~~m5)nB05!9b>+l+^(cb4aJ!-E_dLAUb;BdY{=s;KrUhV%kg$ik?UN6 zKvV0n(W}y!=uJAQ?;G&v&Yf*?pvxLtCh2f3-Oqge(N=EjqVZC~-o*D75miJ{dmSZl?a!oxf$h%)lDt0$EVAQ%1&@=3;#`e+0>ZU^`@VjYY80XW`M zqa*^};0#L<;Q+Ssr(&6YTAEe-qkoqeK}|_4w}D@8ZOlCt9gps-QO8H>+%2}NIrHCGD8MpJIM^{j2BnEIzn_BTLJQ?Ln} zO6*1ih|6>pDf)xa9_pGCtiOxf^#77(i$XIRY;8S>-Xtu050 z0TGmZb$e@u%`sXvg>Sda532;DEKI~S?2Ld7no-0E=&F(IcI-Ya=Ah15zcv2xH zPS@;Vk7{#oA>Lm9?dt$Qi|jY~t@ba=`T@KC5|tVWFht69?JXpXBqa!*RL1F4dK26S z#s>-)!}Ft*!?WI5K)&txpWVVz4B%oW59zQXA=)K*A@t3NvAxX<(t5^NlVOqv4deNl zDh>woi7ii>2napU5s>e8lfkt5+Qr?}2MwbgNiH}FV%;xYMw5wyCtIbxSn?*lS7GBv zbb?fI?J*($HBB)#9UvEAGr8O9Y-L6W0$Te+&%W81WP;UtZ7VQ1xwqp<5n2f#U3>)C z!az8-iV=DF2p6BUm^STv9DDFr9q03E1dF*HcJO-scbEaXLIXhAgtA8N#!gMfqJXUy zV@d#zl{fUshewd;A}M0|TJPn?5x+y~!MaY&Xwc02 zid-qs&zq8Weu1^(vVJUk_VGqMk>i)dt`NKqnb8zcW;UlQe*L9xEq4KRXp7}`z|{A@ z<%bX<*fQpGA77X+ zHYcz31E_CE%$j8!+;1ZOVzGJ&s@M}?I4G_|P)42n8mO~;vg*d*sOn^OjZM?p3XQ;E zKSv4>EX1#+Up8S*mn*CVf>txV%N@yeRVJXAnS|p;fC-aZqM{Sy1}b_yq;%fB;Y2f@ zi!s5?g(X)q{+{z8tV5#bN4K#DUZ{%sfgT%eR*?vd5k3;Y1{d7$>?WSW&3jk4rH&7* zTzU5Ox@2GZRUD&5FhCubi^&k%7*SRaga$}UaIN@5Ga5UfZX*sB_Ks@hS5ohIBvw(=w_Zy-ZihOZxPEl#_we!SMj>m)8yxmt$YqAV9Nii1 zkv0N6>%=yJJ;3kTjLQS8Y~^$IMwL8l6$cz$#YoPQ!f$7*r<$i(8HZPP2&G_y!yehl z`X?+v4HPZ_;lu0WMGiB?N7DRr`0R+%;TJ;3ZT@r=K=jTuuXbZEA8=hgYa^kRkIw)Z zKSEdaMIdkdNdzE}nwzf4i>daayKr57!tA=|t`&BW4lT%^TOzwf_^pTX>T^ zh)$0ou%-)#x&4FKHUf)8pG1tZ%=R=k1Dw!Y7I)hs1=%i2ZmGit*oXO+kFp!=P^mrf z7r3F^7QOIxkW+*e!w}2Rm05zYF~*HBG3vBEv9ILqZ@`Q6 z(`jRcoepLwWVly7tXh4j+G*)YfZsA?T1TO3N^fKy(ZLiE2Ec?MV&g|&P>?jEQ zjPjh_%B~GgK1k{Ju0P=kO?czZaKoLDM;=AUiRV!tT?z81x zqwJ&ryQ~vPWD--ZnXT#Zq9iunU&W8*wb@3}0>@0(X z_0%k%cY=O6d{yDgwI+c4sjnYtGPoV<2GyjA$?`~i!#S~eepX^g`6>4l)kJHcqZtk3 zW#moJC3DM?YZBl%g*h#ii|fHXAWt=Z!1fTY8v^f9}5Li)EFO3lZTO;ceD3>BGvqgx!<*KXwPa%3PYR`0zkx zvr?di6H9tm#uq7|H~FaL8VShe`?>9x(7FuD%@gItAjZ4^eNeMpJPV@ulm1IoOT4=H4)2Cyv;mXpL8Bn6}j=}M#)z^ok=?s zMU9AewFZ0uuXMsfJGDMx2`;MJ0_T03&d*1Q)&S zrCqhtnW?s0PMEGtc-f=Z-PG=T9Mgc`sqlKq>z^_Ig5~eBXJ78~S4L885u2ksu^5%T zXF2FEt6R*67f3AOnpN7ng#0NM=j^wguh3KE??c#2_;BLNvq7)F7Sm{zVF_aM>5<{Z zzBRo?Tp)8D?=bJscG)Ru{_M0b|3NY(E*twj9XMXp^3~U&sr0EGU!>EST5aI44E6mV z)u}()qT__7uhNXx;Zj_uEukrItdTQQv-78u)uAsBdwfC*KV16q#6`uhRyb9oihW(^ z6A&kP;hG^)Uv6X!4Kn}869w?^NL#0$f(BBBCONXpBTC4xwtHPF)bpJr4&N;X@!A~E z^(O(Vm6|S8>25^@9fYK(S)dA~ z6bGJ|@LTewSy0-`7uQfd;GY5c zDeNc7cAO&e;I4OpP^==lHcj95QaUu*mIF?AUygUU^+AhuYIx{VeO7_gemHLzPy2LN z)LT1d4zJPc2}Np$AFi#Rla<)ci;6`5=$iJqhdBR%&{~)dP%cC1UaoqjCG+()t>8u+>(*-jSe(x<%-NTX1&#|5! z^2hW@2kn*kR_9P!oXvcsDCwz*AdnLRi+nza6}T%lv+^Zdl*R4QGTT$~Z8&208>yIz zJcDk-vygPdi=Oq z7RQ13s@$4|kz&9^6Ju%-5zfBj$Wu}9$P{So*(pg@Qo{qmJ?#8n+^43!lacnm>t~uo zbt%T(?bF(_ZzaGqk#GSk6t3B=KW@bn>L9{*>Rf!NG9D9Y^JUGNXmGdMpxCSWW(KG5W){k2eLtNrWp zi+f@JtibmtW8ZMMTI>4Ka-D~6tQ;*MNHsiZv>zifruN7SM+v8NZgQuJXaI`OA5c?Fmvo&5!dh!zbQYhK@B5@XVb_csZAdCIKWp3TwI5%AP32yMPwH@tVLbH^$~Mpbm$YnwkFW^sKF8f>x?3Szf^c7ARt$G?{cq@6d3-1Rqb%Z8bT-lVph-;Xfoo+4lzN<);h_a z7a%PP97m%3shqH15Z`gHW9zj-ieX03OlZ)D*dj4Xx@8JU7sOh+1U{T?-g4ZrPQ4HQ z9zfG6qz#QY{P!lo;*3PFLTle8Aa+&5SSzA2guOO6?AnDKVPHECpu}we-jZihj7R}s zEF4=VMfqI^z#6UQQqt+rhlxX~c!tA!8Ou7`tfScl3vz8BJ%+{D1@Q%@xQur6?Vu&W z>-@hv#S^s=@1#wD{Q`*BOA%G)joIL4qm)@S@+uxkZQVrPu@xG5pZqhK!U6z0bO#vV zfGD`B=ple~=;^qrc2SB?B^Mxo7xn^G`wF=mD-swm>EQL^7)pl&di1%l!H3^poGk37 z<=o75U)Bm}CCFKY({;r8$*94KBH_n$IduC__l+&IV*me|mhyrDL?B)3=yX-~ zx^$@})sc@g+$L1<4&`MK5`!LQgsCu&y0y2=?pkNwg6z#-p!Z$9YqH4?Vgn)cp7%>n zkLdbi@s}Qu(43mR6XhfF&6&za#! zfk=V=SoyUM29#_#3iz7VV$$7g>EP^FH3ixn@ZOEX7s!-Qh-_gEe!Kgt@OvOdW8=vf zcR%(R5Udd>*mL}^y|dGTB__=WQ;q{oJ%q(s#hZu=1CN+9Rod6|3Va~9U_Pc5^>a@z z&l*=K0^3x89YA8N9p9ftC`Vsx-x6*}(dy?2ZD;2u0m9vJn#eWKDG1}z(;);6Gi zan6-WiMb>A*Rto~JIP+e1T83*4YN-X60o>PEUwABVzTyZruGQPU)_0eLM=2=czpS8l$eCuSGnyXRYh^(FFC)KlCh(Sa`c zd}1!|x}Zz1-u59@aTB%5`-JuI3&2@+&RpOlFk3>gpi>vr*64deIXdh6)$3l(XuskPn_2hiWhMEJD|s+ z@%b5$rMh2OZzs--zs?GYzgkNCthC!zvL?&L2!rthr-^@dYT{G2o6J){dc*X+^iAq7 z%{?-v*3q8!^zlwAOc;sKVi#@eru69Hro!M(M$Z`e$!PYF@3V6?P<(oXB;_P3s}x`A zt$|VTa;TI6pdex9f@2oMM0J-iMA;a0tk`L zhm9;-#_W;2D`TXpw@#d;YHjU;1^x z9_bAG3vE-X*32O95h4$i5uZQ@lqA^F<0U)c_{U53Mzfg2EkTGXKB7P*e55QxwF)1e zcvRO$nJMz}-UJG`r*Po7`9)b7=myPFr>vqf^%m13a(31G!!L9N#_c6`MumH!qu%1^ zyqm)$p@TStDJVu8-dOlj&5m0l<#7Bg&ZL$;ZO`)k+eQdF4ju z4LzmxWI3A@d6RD+ecPN;VLViIC0g}f?8)~Sv`q!VfTX>i#O`3PX;BKLC`&1cqDYOH zDV1Cq>eJ?;;gB3>OvXfO9lUAdLtR+F&hCMxr+g8<#I{$OhK2A-E)&`r$)wmeVQRQp zP^q93N2Ve7QN;O}G3V1I?tzoHV+#~YkI4lfX)X9G44kKDpkx9g@*lrwSLe%xR;`cd zvC1SRc)Rf7ZGPQw&yohfn$5t=J_Y05P1^}yQ_E|Q*e+Idwt2Zr@lxPZ3K9mfnCZt( z_S}T@Vy@tC-l=g++Tkllhw_pB^v?kEcF7`oU~HdG44DW5}}1`wt!v;un6o;A5h3a zwLAe5;BPZ^dWRA~CqVfA#?WKDvZ94c+&d3I#5{`y!bd@jG@Nvvk0WehBi9+-+mv7- ze97dKfo~FbL<6Iu)A7a2=Q&87#QxW4TH42trnlY#ywj!Mk9rtd4R_Gsmnt#7yN(>={IpT>s-Xffb3;>dIWw!ED|Hyp{F#f{=E@r=Q>n&8azz3YmVBR~J+gGyQf9_ed zwz3J2avWb=mtPou`xdyFi{@+c4t>mqmn}%p;i4wjWb>d@(ynX+-7POjjnTF-?x0(CbvQTe>`4S7Obvo# zEathWV#wyj^XTf9$7W2@ef)M*K{z8}b_p2S4Y+<^%IHn7H3V)_d#S20kop@x{DN47 zHJa~n)a52g)+HqRhM+|5OD23}vt~Jxmrju!L9~vbRo0$R4!$C3QKF_*)8-!kM=GhN zgx1rpEK{CHI1E}3*X2=Yx((kmxv7+v`*?1a*Vgs|=onu^$#{dcxWdkUbS*@an!* zRDY)X3A)BFV1Y^dr~>IXY3s;TH3PvTiD*?udm)Q22+it8dtU-yeZ>W}GWgL#S~b9r zC<_D3f3^WMCAxxH@}lUihcnz3FgaJ4Jg6xPOYzxI97JmgZj!`iomJr#eoShAm~RLQ z4h1P$RcnVB#s|^^;q{k7fctDvm^yCvr#eKJOsqJa$ z>Rlo9q(zENV=3NueArB2{MAby7I+t#~Ky6M1}$nDO)O3_<* zk)f@$%(Ib!BGTf zVmnB^OL)<1xOX${uwi|FhJSv>!^1GjA5HsAaqk>N7C%I#D9M)k8zSn?w3vH^m)QEV zcm2i&Qc1<%Nmyfk3-@Vhb_rBpOE zE(i(@&2oZ@<#_lOsT`otsR~tJZHgxw@t|>xi9dQEBs5kp)f3kVYP6EO}2!xviG#^3cC~ zkc_~)^x9)90Y*tFhmwj5ae{jSpp%!n3egGZ36sZoZsGayzSr^mMb?5(972T4;-@50#EtaQi&HrZH()>rbv5a`^WJuJ??E%MuBvBXmI|^^kZz zZfSMzwEAM)B1wD@o;LUf>-?zfn^Bd6(Uw{yG9;c%*|%s zK)iwJWC%OpTTwBmCQwnK+7pI^EiwDp3m;@Qrv*J{1%r8>H!HtHhqhF`F2A6ZfeEx% zN|us?xX|Tt^yjymgo?MhUFBfj?RVO|(;Z(3yg)=ZHyp}-vfOVY9>+t(~^fm|%W14LDCb;PQP9Z!Iia;t-*NJW* zvw0<#^GYERroGh^pN%FzW0u2Evz!YNPetLMMe7@r7?n6J_dGs^DI~<~d8j^7>pz|X zjj?lj-aTmq9d7j9RRg%m=a8qpN8n5>iG0Iw_Lp<2Mn@T3`AmL$A(D!6;@X$KAb7+s zQB93y39zH4oMQk3q1EpffETm)t{Lktd@s=J&UO0bR&=E^kf}>m_BRcPA9(tqQk_4r zW=x>X^7s#sc7-b7x9x>AD-=fUxi#ZRXmr`csoEx4h^1*^az_!%(rI3hf=7ZTe;Hts zwOBgB8wqPX&BDtlbIx*u)joBH8Cg`NanrX5eb8u)YP!?z(&{6%ed_@sE*t(^&;a2w zkSb|>A5cp#*~oF)-IqS(T(b*C<3|dhqmq1YN~s=n_lv8Nhek-rpd%%HyBrzWw6XoZ z$|T;I_KHo3_hD=fl-O>*Xqjbl`51Eq^K@1^m@==0>L@oX`ZZD((&yS+8UmN$au;Fd z$s_V45Z`_mImRYLZ6m6EKJ8FqH;}Of)pKCGz_sUL!SZYEWqH9G&Bb?pJZ6U3oR%$c zH!oNqZ_tUiP4ONIfE*Mf}~K89u}1V;CoZO5(KQjUAuXAtzOuPQGO&8AKDI zlA9l1#Bn5@rF5_pUfc87^DTsYV|PQsD`D{jUt4E%Hel~#r{hrwZlk(%fHBs#CuPG(I@S&JzyIoixwL96cO@**YUyz=> z=q%wPjUqijRoAGDpd&Z8l1|(o4Ffg-(7s+%c-8~&FF^*#iP2bPG~Z#YZFSHpYD&fM zVDRE0NZ=n*(TJn-Bwb>eJ14X=d|QQoyW3#5q}*(g$!jbnaF-C$d=AnF`Bd6fl#hfr zdf~aC>f2VSz`%MlSB%X)5zrQZ^JC4R5h>Qk@htwvLOA;f>VB6fooz;^vPOFeaWuYa zryEYyGB`ui^B&H=O5iT(E`Hdkcq`JVNzkk}pc33nXGHrR(QRl}2Er7g1A{SpUGYUh znU>sH35LWW#kFZf)C;5c*3r1`?Kzl0>k@+)c(KU^l*fkNonxi-Hb6+EYDM#0%h$3~~s5y)%9@U-1JfnG4s$a781k43% zohJ=mFgY46#(yw#J(_8SOZ+CQb|zn(f&2;$AzHmJH$Bg3Nh@N_6H!az_o8#```PaA zqk5h5Dqu95iV%NcpYE%h8!6AnBv@xz_abczs%Qk^3bEva3jq>Lv^QxJg^AXYifGe_FF5>15+Wu%k00UdcEj9` zKylnn(VgLv&m2b$>x;aw!eelCF?%E}T9=vQ?;!Qz%m_9Q2l19c5zH~vtt~kxF$X(` z^tFW#_S7(?4N zY^4G&RQFoi)DimGU*sp~R3(iC6K@{#(7qD@h;&^4%Akr$#1#mocrBcidydJhYK3A; zFp|4^vx^-^LHYDxbY9Y&?6sS5V!C5Na<7k~!!@hVx6qzKlT`Vn6E8>iE*In9{c5nx z$dg^wHs69c*BGI^25R#x7-iQ65YI`wUJ`2eq&IUMHW+(OR(TrYt9S3uy7M&ir?!wb za3CE)QRVjA7z!{2>jbG$RbH2)EG*vq&~Ho9Ok)e(~sqx+5RARjYrYwR_$-!Y)0xL85#?B_nCK*(XHqb_YZ9w zs51ujR#HQh&vZ22f6{r^q8Mz0GEzfm{*419uyH{SL~$@gD7bCjy2af{6~lMk|0Q5N z9iR|(FhW@Z_L_@YEL){Q4H!uS)n<8y`RD_8#Plr02>H5PD49d$v>Fu#z44+Nf%^hl zk@ycNcJd(Q;FlyMK_h?AN96I1xQ@^-!Mm<)*OmKXz}-~}BDKM|)8G1Z3xfplN`C!0 zGA!>v3F8T?=Os^?=NRr)idgF+Tl*TTTPejy4e~Q+C$?;jh05gpS2+S$-;bIkts@t3 z+n$n|lbnPTngCSWZDI(5%GK+l#8LG>LILcLPz-Gz0pbBNW&0Q1TwErgk;DVWwy_ta z9yDu>fl+rtKeW0~noE6>XIvf70czN{CA59QD0GyLx%0uTygsHj6Gno)ZX~0u!NK6G zUC`9Nh!>q){_B*w7X;o+&I})PW1XIaeTP>B3OM78;QK^5@DkV==(-c ze^ZXA7=$BRS-S2!pBz^AfW|q1{#IDpJ*LLb?0$&6W{MNdrd$0 z$jD9<*rfcnuReK~x8;efnrz$1YIt<}r62B-Za)siAOS(D(!tM_EP?8b)y>$B;^U zR`@AJjx*Y6H(aLeT{h$vPtVqgkUqYFpHTW~Pu!)e0`+=I&EGp}GWLnY~~V&4z_PT8V0Yc>AVsh86|5hXC^$hXEdc1gTxC zc^F5#j6#~)t|1vuC2EpMg)*7b7Z&KHjj`ncJDU{R3+B{+!Ti(!%Q|R)es~G1WOlFf zNzy%sO6ap>5DDVJzjjQieO`<7hMBM@&9MP+c0)hza@TQQq94)=6<%H6$QE#EyZ&~- z4V7VZ!-8kx1Z2mHjme_m1wccQX0C&_uc#pRVm8a`2=wOz?S{%qJbS37Zkw-8c$Q>H z{aY@>n3Sa87bY?xw4rSfLO)jZZ(MM%9d^U3&~;S#ay{yD1#X?;Z7{B#6Z->C z!v&-Z80P5ltWh!A`=(Wy8V(Ozm(tmyhSz(fUPK!wl?M`E8h1w(6v|N8%q^w$=vQ^= zj#omI{ZKQ{K3c7#`Xl4(s>or$NI-XJELCd7tmM3xQxsTVcrGtm$q-$Hgd1IcfP3*U zi|=w2R?w&+ym8LUKT44a{r#Qv5_G@fIM!)?c(Fu7U<%|*yW|u|3!T!wh@F+>dH3pV zanSx)x8B?| zay;xhY?y%MdPs-_d_fFQYo7sh-J-jAX3vj9p>{7;E3`2U-dzt$ffo~>bag{eEr{Yq zz1jSZ5U|FN#(^+IS(bQy-H8v8d-7hCO)XIJsVMT{InWPp(Q`ir_fv@@qO+mbA@;yF zT>NYieGQT`EK5|(AnI3V7PlQT3>(w$>gPo;t0<&{D=NTB#E8tM~d{*uo0>c>nD3j zeRpCR(WwSrpLkE7xWZi&tPtBn>Tr#HVG#BwmZAkrJq&MuNx>h)B57eU?=mHhHgnJBHj@mEP zgQP8Z;?pVD58UnmsnD4^9f;JHpB_K$1SVSErT4wj37RT_naY{w|}up(yGKFsaX1gbn6fn|IeXXc zdk~POX9xe>&==^{QBoISugH&n3`LEr$?1$s^QN;T@)`(%fJ1%+Kf~oB4L~ywJEbct zsBWnem~&;ott+4we(ZrZ{9kPXXr+?FkPJly*#gp zt647V!y&p#SNiWgyLji*=^Y0>FCnlYoi34z$wOC0&g_|f{8OGYB`;}3k9Icd#X6J-C_egVA#vOHMAiFn6~Kf!)hnEJMOqoRoth%c z7^z)ok|Mr5-q>HKddHdU7Z0R`_ra!=sf^uTZ~Jc8Cej|*Fz|`Wr&pn*9TyvaEO*l! zT(9W^kfp=_^R~X*Hh}`_<_~;$B}=9SqI+VfbOHSb`BkZdRD(J}Kme5MRL^Mz_k^?GC|=;0!LMt>6U3bF~Dvd3Ba>1fd!myV@~bLXZaG>lG$MJ&zgWv z%qToS+tYV#F`u(zI9(3-=l8|D7W<9`yT+WUjIw#VQbiAzU0{sb3}`CNi5z%}qjLJj zppUVCdL=K1>-tOfM*cf8-w&|DwAq$1fkm`H5oC=%1don8|F2!z|BvqS^IW|;oFW{Y zAnIf4`KNV8)_SZ9d$bJv>v$vnwAcUk;{}vPeLCtoeW8j1>dyD0KnB_<28LY;^O*Q-ac$GX067_$t(O2+<@m4uG(N5AVJI&XYIqf$6)Los380aLVX< zK@o0Vdv9sBolm|-K$4KnT-Y!hnu!J|j+fA${VwG`m!uw4Vb`8=X?8@Q%%d$slIpP1 zeYiblbf{!V!Lw>nVA?h5Ri3KhWWu}W~VA$BUF z2)ktZR(o^0=H$^xgS~)}g!+Uc^$iMJrYOa;15>;#W;d?*?AZ!3{h1YcA1)aQH9PoL zs%=O#e-_CeaK`Z2xdFW=SAX-y=1iUakcxI)-plged^ZOJLX?&O#qJ8AB<80k$9v8?e3p$c0f{SU$! zlUbfMN5N!K1?L-AGk-6}n+qY~%imem)LAuJ3=N~GSPW(xBC=kmJ-l4ESX)3og&mfY z!|lrb=D_7<4Gm)|JQB!xhM9;KV-?HoI_@#=qAgXV!eQS*Jn^|5 z-tzd)=StAYAdxY(_p|{Y$+We3Zi4jLg;nb2N3AD%x9Hox+6N;{Bm;L^BdB*QNn0>B zA9I)_U09y2w}CC2e3;+i*0I4^9qBe5y>*mmPAtWkF&1E4L^zRM88=#2IZ#dkD?X4i z6`2tneert@gA##`JTL{ki4u1saqdPLmc??iD>Fu`lefq{?2%4CtBJ`V^P+@l&qH-7 zF_W~f(p0p4t@Hd~7FaPS28?WHqoY@UMg2N$<3RD((mB`s2yKT1y|=SdVsH7=F5)x^ zY>pQx6S!#6`xL2u)H zT^10Ib>hb=Obhh9?xW#FB$p7y=M9N-AzGS^KC`#%@orS_67*%_iK1BY+~c!Lwh4^Q zjP$w}8k7FO4yS6zT#ahD0J9-2+ppfKU&OZ+w31-JsNXgyeCJoICNQ+dT4E%)s*vjI z?d0IGvynp=LW}lGfUFS%Ss`kd_(@yPgc}}8t(O!V_d;OH-cKD8!HiTM4kD;z}4*T^x($1T8lJnstBlztLqDs^3h+E$>F0b{-A zC|F9UdD}(bOAxX(+8JRCok}m@cz&Zf+k|+yyJ*U#UQ>o8e5dH!k~Qw};BJvEsa#&5 z11){bg~s_m5C~-hHw)`6iu?gD&t+qF&0?D_Q?IytUFJ}!<DAXs@y_*g9%>l;&5IZ%HWNoe>UM-JMIcm>ge6I4T|(3&hy8>A54mDpS;rBj|S zB<`+_g^im$*3R;({ViRd;RmpN4vOCFPI;xX7szgIRg(OWo1M7b?`TvhQ89+UT|}3D z0D&pk?`h_|gMNHnF{wGc{BgIQIz$o!iaH+zv!+_zD_eyX2g+sKbOoY=v0mKZ_PygC zMrp8+W`|hWVi*M#d-f}78$(7T`TXm?2gL=({Su>6W#hy0u!x<|(i8fUw{!4oKd}BN zmAhAz{3zx?)Tz(eKoGNb+neQ1_tV$e6~}gJR4#TUan1^wg$`p43Qc6iR4tz_!8i8# zS`nqIL3G{^6d8{2686j&eQU^l`r?yh6LFuXOUdhBJMTao>W~+3?RI05HpvaM4@F}D5nk%3^rncE7)OU83$=#Y z(NTO)g=lb%twBVpuoxj=6mlJprj41Z6mvAu22mSPdf|)E0sOLdo}jJkHWc*x17cq2 za5)Mv=U!MRE%y0W`CUDaW8S5{W$Tdm>bHO3kd|iNr0$=6 z(`0wMj;48B<9g6NoW%WmIF@=92I|=XJFUn(t}z>w*6m!@9PSQ?A8rpC-QjsqyNq=M zs5u1hk~P|}s>HA?L5eZ@CPZ@VEkxKr;R*T(RI<02yj<0TIsyF{0!c9`=Y2 z0eK45?$fj_5~Oe*y(~)gSN}oRefNQD(C|VOD@Glt*D$^bzov>yF|AYWL# zcwxmp_kcEsaDw`*Qu@PT>D9ZxKS8oskW!WlCqMOoOYU-C<@G5IW0sx@dcACfP(QX@ z4-ZmR`O}gk!DQYkfarkF_}TwXpBY3PKa9z^#pBQmUffc?n(^XR+V)F!FP?SQiU1pm z$lt^PnJm|vUVi@*>lddH1FB^JD%dlE@M7La{S^FOz7rL%qhPN+zxna>ov z>ibWX!@zL2Ul2J{8H3|;#A*CF6iGIH`gY~3{K}^>$DH5yaPfCbGerfKrV_t|bCXOC zw2>cUS6(w*h~kW%B#Oc{9mT#YS8{ZN-ZoPI-fttn|JgqU^z@sQbe%E6)6?d~!RWN< z3>Ut5VUd3P==^gjXWL|LMyNU%NIhQu3=rshoD3MpWm~SDAU0C_|CC(n6^_s4|0rJ@eH~_TPx7d7QM=H(aLXSLIy;y{{kr%IR8)iQxJZyY)ARwsC48+ z3!hgsS8@Ir1qxR?*8&x>N*-e7(~o=7M+tNkT>BO7=_vZzJSnmFrukw?&fh#jP*+$B z{**j$#qAdXe%A2h8yEIlKcEI?0B~z6qe|`g>SKq(Y@~b3yePW|TC<dW&W4vg_5ymIMJoYCLtM7>ZC8K~>1I8!e7NdPspcJbn`yQ5U( zV=r+^DTt!NM17$Ho1?9jOcCgqkSh^0ohL#)B%WlvBDtbtLLMxfULU~79sZ!S5b*GG zbGZu6Vg3>mZ`2n?`Vw4I1j{hCUaewm;L73YL$>IlSB9_XL4hW{k*@L^tvis{@#$HO zyfc13>dOs)ajYEsPtZOj>D-J=ltewm(!dnzJ3;@D0yQ+%5f5c3P~nLM916mdJhp%M zdXyqfXm}X$oj)1liN|X+MmxgMQC}j#Y>vpuBowvi^{7j>0#WPf39-4SanIBi1%gI# zo??lo+~{-TpO73(3s{R5jj5XCR(HLB`!A zqXX?f5v<#hOhhQOpHSi@%2)WOkBH0@_=juvMO_n>|I*QEnGZWxR5?cw}ZTKE8GC$L_*U zwA$*{uC6EOtx6TH?pLCGt&|#)z~E-@y5A0wJQ?T0)-6KZ9Hb^`Ko}}N z;y+izR<1nZifnPCae>Zb>mILkzBT-@AM_J-Z50?pB*sNh!dBh|*%+FtW75X`PxqHF z+r{oV2t^)eW%+1l)Fg{P6{|iZG*{X^JT>)y_U3+UbUL>CXAiE5CdOlHyUb~Gm#vz#uI{LKZ2EE$dGf6Or_9Ss#v(CKWmSZFM*W_ZJ@w&(3A&#jG4Nx*-<_5O z|5=x*w#}|NKOpDORzA8FQ8QcYXQ(Rr*Gd6|vF5<720`o}z51Bqt=+(^=35!VTu$%= zYO%c!WwJjf)DQip4$~EvBg`SAcekwTCm4UaryuKdQ{EC<@WXrM|FPhhno5IJS6IjV zr_A2j;hV1f&US?PKNb0ys5440Z$Wd^O6Ey^?8RRN(Vp6$y$xoDbJ1)W71{|ur_ztD zma6;}Mr~!=T!Eh}xangW@v@&v5IDSZMaHOO&wyE-AklO#;x9~c16++ z?$&JqnxJ+{FFvhM{%1SPFTj0|Gd{mHtk8EdXw>~gk#z+Td3^|O_w1i-{I33pX;Pnx z(=9*7W~kx*#;s@TB_wsZTJ%`%^51TJYRmg)dUIqchZ*TkO;2|IaQ>;+YeIF$-3=1_ z*o7Y3j*P$1Zbo-Dr(YB{Jp76A0_yFT2On$)Hj0d;8ocA{h?Qm}@O8yE9R3Rh51`NW zhP)r3Tqqs?%Oit3quz;hfS$p3a9`8V-7}B23QvZ(d&HW&rfeItn3OKNZI9EvF$r!5w+sY^33J@KwNbK)U~z%TzGjPSYx#`DTc; z$^j17+IN(S7l@1FCwgxKoayU|xRI0{4SkXP6dp7IJ2wksaJJ29My^1c4>YLO?PVzR zxa$e)hU60$EM<@_0ke1&Y_3hkH0Al+)^6>@NSa)hB>1SMv{s-EmS5T*7ZB4rWd;o^wt^ zfu(=OIe{}%`ej}cDThb>8DSon-dldFo1Jv2R$o=pp zS1J0meb@SWZkvRJ_Kba3Zre>-t)WBwk@{cPzko)?w#i@fC$Ls|o}ex8d#Cw&oOjVwSr(MCOTN*)gPgCF!3Sy9tNVJH3@& z+26K}K2xjtV?-Q;b-SS4;DfrG!;&g{d6&rgK;hNV#txlQTwM%L8PrtTsx0_N1WCh3He4lF=O8~-p(~B(5u(TCA5q`YOLA=>mTb}l!QUraUZtpxvtEikR&`h!|>q+z7Kwlk! z3u;$Jt=?1HDy_NeXMJ{JLJ_@N5K5sC!;HzS-=J0w(wgOejPrxYaKadlOnNIapzNf? zcs@@mGN1AE<@OKAZ3WgT>SySXb?-!~>Tx^$<}B1kn%x?7y{_=V?5)Qn0s}mD zXAYQSHu8_ps}Y<_=d#{JJL7Ku29ZEs(U%fGXR-4%i*Di_!j-gmrK(*>t5W>tj?!PU z-0Af#%C{VP^2P0h$?5IOr4ottiar8QI#fF7Oj<=}!Is`T!o%=OtajET>_khe-`sXA zq_>VT16CcfGxzn5CavbVrFJBU7-I8TGHIMRWzv|l-j@HhWG2j}R0{K+zHQB|RF<+q zvBDofkQ2;|5s{jXbT0&P+624VCm2cm221Y2@Yl(jaK;-$q_f-@Ks403uYu7!J#i@1_d~P zJ{x+^t$n;-Or({A|#7C z@YTt-NY5JSY2%crQh(HOG9tizKXC5l5pB^OuL@%ETaD|Tg+!m2c_{$qX`Qfg@HS&f zYNN=M#^;N%&$fuS*b0*I>XH%2BsGAYQ#jMnUT+b8wqrC&T8F3kctrc+xImc0=Or`R zhZe&XsUnLQEo@>-4p_5VzWBEjwNiUHc%+ccb#E*GLa8-_E73GA5xXLP(>G4r$lFQqXPZ6pZpQlGsmP3z3KNiLQq!mxr(|z{ z;eQ%3Ab@=lE8FfKo5#USf9_=yfM4)%c4eHrg~2+4WjrM=d#5&hSzCrE&Hg{sq>Uf1-^6bj`&0V7!NY6=L$Oz*aA{Y zO5|MYDB}HhPSC^os^B4iv5c@r(0JU&P1XsH3{@1v8gIA|YA-XBQcbx`UY?JRvi1o&u`C2GewMTrTczM}@^+7SrIJ^QYmwMu47)SC$D?lTD<8t-7DMh;V4$HD zDO*w-StUAbz5MX4((bC|?(@0kgDQeKiM02R@8avw-G!O!YRYM*NN8WXmAldJ=tZ12 zw4D3Qi|JZwyY0}oY&3l;g^7-Skp<@(4~=HYwn$G=iL(levzB^~y_oEvh?+$S+rry? z1utR?tNU%85_kP^$patKs+Km`UgB$CJK%%7nV!q)Lo5ACj-w3w?2xcc5|7gzBT@aJ zauBETzM1CdJ1-il%-F#}<@(Q|msEbqNekwJd3G;&#Vl6TL9eC&DK#R!iXsNY!$WN{ z{2qn($~8tD^(U&bAL6qv!sWw!mUf2n>=PFDFD%UosU^Ua4AIRyzY|jc5Yvsm$Im!R zy+H!m1OwTKj_*&-~Zw zTeMtue$|E9k(63@>_ptv?ml`h<9wIY`PnjGje5UH#%PAzw$g0>P6|XnLB^?u+KB+& z?8>svH7$Pqtl~5LxP!|%RyDTJ9oqx}hd1UE(5HC6A+ZwdQZBsK^v=)7OzUP%oy`p! zmg@iVoZ9mP`nOg38W^7&hwALdLJ!N__TYXo%Q=D9Nach4of?x}h3zm1@qo6=b6*t* z{*lrdJ0|guH}94yg)GFJ{cQCm>vV~blT4nz2a`F^ax#}wm2TO}SEVoOCpK0rLj`Q- zgnG&<;TMf!@6SptCb-$f97i{>=)j(K77eoKuIL<0$L4YbQ-lnXRN9XJ zy!toGo#%b~Gk(LSv!z`yJTlb0PIqkz?%K0)9SWtD+cNU_jO}2!coz`SKT_qcVgY+m z)~nidlLCX$OpQtBM2lj(k@nnLPW?}i^oRjx50>ZqU*F)|(f&mo@#toMMkFKdL38Pv zET2@_%ZvSTTQa}A%Ie;o0+lX(L$yD@>-O4#^+eviosFdel~?7|izay%9*K?;vXhiq zN~0MO4xD^vUNemfX&lVGh5AQsY2Nvt8a$~?^ZCh3xyL4&2Q#txKzQ>m#^aE_Df2lW$Q@r^iWRce|$v8I7H-lP$JJQ2RSJla;K@Qp1;|W4m-nt<|Te@v4xi1>xvk zm81xLl3!*1l1$ssPlO%qlh40Q4SivQ9?f>?E{8_3t`ZT9VPwX!++}qw$p9XFP-;mX z)Rx1O-u^8q^EIfo2W+?~!Xz#hX}Mo~Q^ZRup*_jmBkTEG*})ij47Kd+&BEL@0-oHz z$1Pb~R~GK$3jf0GaIHqBwQSPQ+p7pA1PO7}WJ=V54fO&~&Y*pp`aM;+10cTOJJ)2( z-XR%xs{Ay!Lp^??%ROonE>D(r$6m{M>pcm>%&=dpR>LJzPr6@xZ_)2wK?$oJhqB@4 z5@IwoZ*7?^wDF~$%uZn zLw}*$Xx%1erJn7ta*fySZLU^^a_V!$<1Eh#yavDd{lX^}87iUMUxo{(%t~1ciVA>8eIxe`@WKa#CxdH;5l62>MnzR7X_DRi`ZLrZomISy(Bbxo2n3;JfXyXx{CQ<#q;df?e<_*qrXI^j2`b*IUW15IL>Fbp# zO26M_?kfT!ks6_sVfD+fMkG$!(?HLvKRm^fnuDlP`rp4>y#S>)O@jGHj(jW-rPOra z^X-e6qN{Ou=J6Z<0WA;nlq%8xrivD;W1qcDhxL5NQSY)D7nbgr?r*eelgKbXk@I2y zIr&QOSpnLApXFlJ{Mx=6E?wW$zW+=(v_TM3d57lrza@Qxa!|y4N(e134=BAr)b75B zOQfyNDR3>C{Ln`^i4hKUVf^(doezEBrC=qvn!{2HB{;t9E9}4VVe#991r7B+pQKI- z9t}tsl&Pn+y?q|rPmXtMxFpGAy$*=#Ygn1-In{JOxt&TS^DT8il(gZ zu?+6>?9QsUEhK;Bi(xDcV*@veGGWRAz;}jI24Mku-<8L&n~Qr^yH-~_W>(v>vi0V? z3_aYXML_{hzWT>UIafcK&6FIbx&8Khb-qyRK;F${Rg|%BqX&|EYDak4=aUZbkYX(U zkwLo>uVa6I+@|XDTpGp=Ymel5A#2yeYUa@2^)-*yf3V|-9_hXpQJ?D47pDtd?zsE? zlwt`zMUv3{Bj*+vmxmtxj^n&nTVC1pWXiRz4 z`!zQ6Kq_a}a4;ofW~~;^nIyOnnDEdn)=_LLOJc8lcORU7*9K05{dV|3_#f8Eb<;Pm zg`_-1mRPR2rbqbVC%?JoZSaQ6@i?n9XKQoc_z_7|xlbk2*oD8;tKEr(_e;_G56_K@ zCUHY5E!+P<&!@dTx^@S$9{FhbF)V_brL?;u{nY15pL8P{%3W2{^#dlv_PPzn?_8;o zbo&;z3*ptD8xiX_j@lN5&PIfnj?Po-j_H3Bn?@&MJ>7(f8MPyZ8KLnF+{fcifeiBS z%d5W^<0e|M!(dE-qv8e~f1TS>f!w!lOAm7c7kamDZm)+$S;yR|BlUcQ?1Y(R4<>P< zwtK@?cx@L9p<8&8S+B3}c>lz!)~XwOuF}4~es3>h^i>b;Q#ayT=#<2@riX7vz2@dN zPg0Q?^OyQ<9pfzZ%WjUCWp=x5*jd<=i-jpIM^70DKY%$XRIanUcODfTaSbz93)SNb zuS!|{GcYU78LevxaM{me1D z8Vi1I_irVo@DXX5>PU-bPZ!8ILhXxk_Ywurw;h~Z7fU8S8=N`X=1Ju)NOhU`toSMo z+WI7?d-xt5JN|gb#2*NK|@9L_9)NXhPxW- zg+oV!_Mab$(NW!l(BwabB(BjAoSEdT7i%@MS}KTWSAIpTG|!^X(xY-;*Y-hK=X0(` zmt1E5PYMyR3c9kOUr!TUo9G^@JpSrAPaLt|6ZRo#3ND4Lq4nqR%KUN``KwWX|49g2 zi2#EtmbEAEX88Sfej@7iV~fy&XR`tqNyvyJv~PsZRAqPMJt(a`O1E^SyEc(Ex?H?X zdf;{UVY2P=x(hAwzqj!Hu-uOwc$Cq z`Qm){O08?MaO5_({76+>J0x|^k6O}}yc&9qH}@lPIq`OTPhm7Bh%Ewo>wAIWi3|9x z?BAR1czZK4FSV}MwFp+8^>MZ6MvPVh_Jv^wisvD!<*r3j_GJpG+;6WOBwReRWlbj@ z#{OO%zySpht*QCK7}iMK%(f@Rg1$ZM!#rA|V8CFbRm+WXbTVs!&z877K;5IY8*z=ebbk*^wW45hY9IUU+zg({cZmV*yQR7>Z5 z$SEI>r?=y+)fDt#hAEsRX>S?Thb3gGR~E%1WcpmT~S1asB8$OFM^NOnxTE`i52NXWKh(w`l7*)E1` z^-$yj5lCDNM zm|dWeB#*#b(-6{p6j6`sn4mHGCTQj>_hZ8+R}-VCsafmm3S7@e zq*T9yLS-Wg%f?0N^jY|s`4DT))#fj&Q!9LrtM;{@Oq1hu^;eGy0~7ft&6b7jvn!*q zl?+j2pjxuj8EjWNB?2NlGGC@F_zQ@VQ!NYX&kf4dd44jBzS5ia+OWQ!S}<1oTDF3* z`xQV21`iJ6$uyr^*CrH9(nJJ{D{m+khP3BQDMXNUCzx|CrSdFD6p-=y=ke+e>-5tI zHYyVWXoE}yA;RJxYC-;6Kh-A8rzy!Kr1#95Sr?eqcRx9q&ZJn$O-s98BW ze3qXnk%ze#3Y;1A^&sazpHr!O!Qhz_P(6Swj)}orkB`v@`qTpP2A!;Y442PW5{)1& z>r<7Iy@r;{8pze1I0NcPnjt0sRzQCxgw-+hxq3zO{Ox_)K>E{7lu4ADr|60nllU&TskKeyWT(L?&uGJbJCuF^XK6;U+OkZJD`Ro z2;fe(hwNB$a-_zg{M)iw6fqR9(8S~HoBcf|OT9#!8&?D{Nb3Z=n){>6&ZT0;ygh!4 z)nPYE_WH#-xc;8#lqvQ2>#c=JZ5e$(4nCsIZZ-!w+cPL5{5jeuXF)V*USLxTg_i?srhfo@W$Y_2(R`QuWr1H3ES{ z_*ow1_x`QZ>zIOjJUUVH$}S|HD}UOIa>U;N{5tI+$zMIFb8}wY!a%=G|JCi|Omwx+*QaFOZrjsutdT0G7Wu!KNhf1ppgDfsba zdVBoDj~A-)$#DP-c=`U_WK196C<5&`tczeEfL^2B{RhyKiLs^wM~gvDkg~WovUXqJqvu(SgdIN z>d!Pbb&YY@k}^~c+M*ERBdU1x%XJ2@`&}q59h-YkkZ{aR!_}ouvFgFC!bg+|?89@S z9>0;^KeK5`U1zy#a+}o1PEvK81NHE4o)!+ghq*~I`rMgp=g>Z5ZTBNpcE<8=16{uYf{DGR>3Jz|DB&jyq79=_8 zCCC)lHWEHfOD%2qu(oyy&#?YD;oFIc-r|=hj`~i*HHon_l_Bl96!v%XMr~)Vi(CtS zcu3Q@ebCl-E{q9WxA@-?WTFbZEqHtfwsRalA>V!W?lJHwtLnt`;Sx0V;(vCF;?dc< z`Zf>GEEf+c5OTC@14tVvg2$Gc19aEi)8+h>G#{tm?dUHtsDqN-o9ulj5q_3|%{ToS z_O;qIN<3*q2))lII@_C;lVu;5IxjgPGchzTi~Ft>LKULk_h?>r{{Pr}^LVJ&|8HDL zijcBpOs!tWZX zqfVz&=f1yxd>_C2pY!;f^Wp7UUi<6$d|h1;wc;)rxdrzm%lgrxyH_W znOt2R(My0?p>A$X6VjD5#cL2;`V}KFE$i8z6{R`sN6dC0a_fh(sM{nTfpiV3%-`wB z9`}}X>z|fO+!*b(C2WZ|<@>m=w+ZRz2^Xj3!wB#DeC;9I+;sAIaE3na3*nTqOIZWL zZI`0F9BgoEhBnJ1%P#Mfn}f+UXhpGG!$You`-bK4GW<#m!o^H$uC+liBm&ixiAC7A@q}0gYSHj?Rd??c>i;u$OGW5MEYYI(-D4w z&Pim1$wbpUZ<|wiCS{tuh?jz3TW*gm!WPH~)HveUGY6CStTdyx;@0~!T|f}=P{ zK0$b6Gy4rJY1(|G0y~Zh95=lqnlAD+ihUWzO%H)^uv3;=_xkEH``W=Kf;w`c^8v{m z1lTeetvOR|J3;K|&L(sDz8rDGG{&GCPlhdbY=m|@W>06fRFBLMoiu0AuE%GN=xH@( zr4`{sT?pCZNAyWs)51>KOw`06WtxM;R_mSA)JU!QN{AiwvFSb&JrKYsuu%&i*4zxR z=Afb)*wbN-{4Q#(B-kEe7_G*$U}((hW^U#^?VcpOt73f+1MN7vLce@C-F;7}sIM@$ zpJte39s40K0fm}QlyAy5hg)Sd?ALfvI(xXc5z%Vz)Nz$h^yHSvrMWjckBK?oSeghm zJvs>LZj#(Ht{3Qx|8lT!I2bK>cIXd7=me|VwuxGd@s@}d?zW*Yajc)`{6`$wwzxYt z(gcyF+kr40RxChIjvSFSj=zlzkqoaa*qqT)6lFUO=41NF@uPZ)PB!=<_}Rp6qzus) zEC2e*YFh<_fd|{!JnHAmfN8rTj{Wnt6J9z09KZjEBpmSBh1D13dLhDtab7~`$V|_9 zCImZc7h8SS2Lmy=XRkA#6Z%8v&s3{jj_OrvzpF1Phk2rXQ@5`|$2}>xS?=MDhMc3C zVW&Za?1Tp1>E9nkKeQG?D{_t=kWNwnJqHa8Y2jqUQg^U1YV{e z`^>M}Sn0tj-L#wxjoB=un)o3JC2=6-*|Z`O`2sE)DxRgST}0T zj%+(ufu&xvmQ1F})nNx!1)JRb^zDs^i>Syas^!C5uYJf3U#M`mY~AD*y57VfJ9hrfp3XLQ>)abPtVNDn?!wdec8hp^bG6Xv`_C&V z*R@>cg9DPDIbAP1s-yP^7uNd}OFBgy=(swvh|P{PvMF(C>q+V&)^V!!p+Lo)vRSuW%2EJWT&$87;UMl=6ZkB-9 za_pe+AKE{;V z1|QrLiHiqMT|KO=^^$j+I8yYt>_Gxl*v^EVf;H3L@Z4n`Kzh$qG?NKGSY3iQuw#3E zNF<-cbJL~HPKk8bW@sF{*Hv#gDcI$*ItJ{Q0qoN7gL79!DJBV~?-UcayId9wT~Bn> zzL`Pf`m^np<^+$mp>or<@GRv1ZJ31+v^%-+0v4$1U1BmlHoKsX07>(s7OAt!&25k# zMc>@qEo2V~VS1y5r63@UskwCNsc8?XpiX8fGY{m`(B44V5gFQAPKd z#|@Ss4KrXyU85;m9XP|C+SDSEM;8*BG|oLhTfZ~?T#2G447NRwgl#Hu3&k-tPPl3% znLP+QH|+I}1xS8CL^h_WXtQow0g+&g6Xo+vYPoEnkWt33B*{L5ZLyRY^pYRkWw+2{j{)?$z7&DdJqikgi2?|Xghs9uM0uPEFf)hjWc)r487 zm=smPnIv%)MU~N@e!Qat+jT8ne3f(=r`qK61NKTvIl;Pf8?|$&f|t~VUvsT+GLMu49lkF-IE)@a7z?+} zw4L61H!QApiyx~_5^bvgtTV@32Gm~_lD+|4czD&`e! z+zwPMJenug3(l ziF*|tfP8fZ7J)q!Cay1#SCSohq^Qw3>HF}t&VV+fYq!T6j}AjCzFue3)K7mpj1sW& z&iZsl+?$?;hcao~WC(_`!u(XD${XtLqWtrc_Z360S*;1YpwpRN1GdZ4ngC}cCt_Z; zP*{;7y>n!^x&{(idaFutTiF5c>dcnJ)^_>U1Z<}NZR9yQawPI3&nA;LpX)6Z=tFtU z@#z~+`0_ME59Hn8_l#3p^xE=G0?Nh9m#Z1F8`De2%7@h4XPi2)Ii@IesQ~BJbtxU* zdV5ycr$ce#K2Ox{i4%q|_#i4ww1#zAzI+y8%qGwH=?Op3aLOgPTK(y2yF5DBVsTR! zTPSI~&+B!y<_jBv%?L>r@&iS0vb)?LVpW!pN>1`}A9SM`cCz6}b20QN;dyY3_q0ux zI-yWn!AnWZDlPB95^p$+^&8__i>fj2cd#G9WL^(t(e}0IKHe;% z)-vskJe@4svo@Mv@rAa^^C!#UZy~C|(cj${bFq=l^xG>|NN)UkEXH<|h&1*DmtKE& z3K4aLz;n0Ar=O5J3`fi!is$sk!zs?WZ!4bM{U(G2ayGF!yS7!{JoRt-t2QLndgjLb zivukP1Dw3-IwneCK5jZ~pU8K#rQ32n1+#Fftg!0$E^Q9S&K4!N_oH~;cMQ2BsRKmo?Dt^9%N zG>z(DsHb*BPjJ;?(eYBYmmy#8ejK6o`Mi*t+SIO3k5l# z+ju#p?f^wvvrYbSRAqm1j1cM_@@1&s0lMjTUrnE%-KoL)<}l1{(HKwzJit#q;GdN&pXmH0K862e;LA8)PrPnRlm%+J>IQ?AlW6dM5r zz^dnG|4&3jNR)bT*KvYj?Kg1a5a z@IzyzZLR&sg54uh-y}Tydexvu{Mo?tZtq#36Fhs8zjRC`%S`9kw@owZfuEM{^&IS| zA7?q%2{GPw`2BgG*0y?(!(`4a;gz@)y5Id}>_InhB@{Y!q^(+F>+y$YsdbQQ`!47j zd<(ER=KB)q7ttd@cH&`05Qms3$IwtAftt6|Sx$cbK9GJ`qD;@$VaE$9@Beu_90pby)8j z76hOV@t1a=WuF>N(H9=C81u_A+wg-kd*#>POS?(XYO4NRjiPUT8R1*-!9BgafEn5( z>7CB}UMhr3QRN%g`|UjcmvIN3!4;oI8!{-Atr*$6^r1~O=NrJ)!-mVSOn56(h{&$9 zCvD4Hs?RJn21IKJZjSB0jy_wz%0HqTV*P{gB zeR;7$RZJSkO^+s@fQNr|V4$JCqWUadPc`@Hc$Wl%ALt^zMIM{r|G|e1>-yN=GUu=m=Ssc6}6lujzaP zB)SVdyT^^68j0VX-DR%NQ94wIRhmJ!iM@5EZF7^|mL@c-fSMb z;l_?xwBXQuOOG`&wzI{i&%1XrI5IBs2iX%s?n3SKC@C$<fk_^~Ib3_4j7+Ok-EL#(fyILj@7H4xE{H2i>V-MV;~n*u5`{;P+Cu ztBdn|^|YY-yb=bam4!s>-5Li%Vv*yl-+m0T&^vtlTTC5@TvD3c7p+SH5`*n?FSHfK zHsE<~cdL9tZ!MneRyC>FkhR`F9e%Jc9~vvoeAc#^b|4Jrk09q4{rNXVmSNYSbP;_P z_?4fFoETcJ0JyE2w&10JZ$skb9EKBN*eQI;i zih>xL#eOdsjvQt5PwMmo!w>>H&)#{k?9kip5*hUN+pljFLa9^RRExkWjj8Y60Xj<` z)g3zJad(`il|znzZrJz577IBlUh`Pr#OZ|q<>!Y%NKJ)&58vra`4+gsmCeh&88j{$ z1-ZLGQ_a7I6va<&QFskOC)CJ zvIwIHOvM7pLt2g_zzEvI-d0{rwi>g{jT?*0YD&yj8#Vt!lGDqE_ku=bM(N1hB6LAB zjnp}amgJ6vSS`lYE-j}XDS1c;FZM=s?{+?Fi4;GH+b^D^L2iC&GWazFT(uH+^3EaW z;`;&8R5W$|E$-EfXKYkW=FnK|MfqHxkE!mWiWmQkf1&Et{0;ikieN6{y6bah`?`dE zO21|@rcG)w3zP|0oJ8~+r*yuB(! zNj!AsYTv4xLu-xyf>=GZAvL)IUvB)=spc=m`WkR?keXdi#&f!1SdkN??op9HL`B;3 z3e{Yt_!GxVuE2Z|@nwsJ%wjkwJ=k=u)AE+w8Ez5-yj$j#O#Z>QfxWvU7+=zIcO)<^3y3C z$vKdtXuH;_LR`^K{zAgdY=Vi3g4+ROECsELmDl9qgoUr$vxv_>WKbROd+XWx49*lV z5wzewpM@aVFUsr3B%=Xqr=cOURX%?xG#jCI?S1-_3)pw(FuT0i?qlt%MXmGN5Lfs` ztHs4+^|?ckEFGj=H~x014Yw?cyCng}Ml4??%GOL5>(-5Qw*%1GHQw_{#ftZ|uBbG; zWb*!7RljfIz3Z%_AyZI0eJymK^&d@I+s}8LLhGu&`HNV{4l6 zTT{%_(d_!EvbXXDk5f3F7U6Q}mZd>acZI9Obme=lk{Lj12mfV)4kD?(X%8m^!giW{ zEp8X2R>k={(sPxOOhIg)Z^llG@qI@>EGhdMQ99&lf#?B!BaiV1@Yb?d56n^EIUJk# z@js(dt1|Xy_{!!1T9nzy;2Hk4mg%RvKBaIVI&srcsV$)V9;AU7y$77$066!Yb7v}v zTaSyoL{}jnD;B&>j;QptLHpy8zSWo?u#XCoT3mBK+RUb`(HYU3qEtWmL!A*4b(vQ7 z;~rkNIoy=1YBPO0FOpXlO;<=gaVjHd&j7MyuUIIK{q;WfWb7fcl9TavW}~+Hhwy-* zl=PXwL%iQ9gt$3VTw)}X)}b?9HF^wyJHABzKhpvYQ{xZbbRTC1sZa^AN`TSMrHWdP z+nGx7QTV+*Zk=FU0}PkbG~ydWct|>?h4(i-(mZj00(82+))UTHuQ*2Wo*v=HA{V|5 z2QAtJLks;_yf*vszprQ4S_oypW)$4BjxRgde3WHx$qJL|+yj0$>_xf?KxwQkPzLFQ-8w_hKubN#C5#R8wtEL^D=ISv+IfIg(9ttCl~WM zZs+ZnZ7G7MldBF z62ot*UG~X54^Z2nMO13h!gI;mrWyc?`r75V23;xVRC;)3(G)%Z4#nKLf_yl2*6cC0 ztldPa1>XC z(0t%sJM*((UXl9Kr=|W1#~BDKNza9MgX-%{qrZz=ZoO_gox~_}ex86JWmeD1x5CiP z@*u)X6^(f%B4SK>R_jt~dCil(0qZ`2%Nbu1IbXDCVmwR7$Ro8~-e8?glO`p%^`FQ_ zk}Re{KeUow-u3Keulo=uaQYsV(G^C8Z`$p7zTA zPKlf0Co|v%E$mvLA_Gk9&fL{b+Zq$w%GVt9?z{BRqU|U{S-grQ9cK9630JP{kUgQ* ztQ>9fb1(S%xOlRTPp5;^`wWd!(OK?DvoR9>-8S5+CdYZ)@_E`o<<_;IsyVU&((?mZ_*(=_%np$P1W``2gL|$P*Rvm3 zc(t_x`UTm(M%n&$+BrE-xtphY=&3H4A@^!jdBqjSz8&jjAgkS+pSguYn}&M)9ZLc9 zH-6|)t5&p-oN?PDy(nuFocvBjdOHe-)xkYQ@gV(Do1~^Exae}PfzY%U|Fp6(a&))b z{DluN@2(X#F_3R5zAO2@{6Xkp1GVY%yMU1smt?sY*RQBf`{^1!p z-a-7hOVKCueV2lkhGxrV&^9nlMx`fGsf#@%s)fC2lh^bIJT<62MQN_3v~l0eDx(RM z&;vwN-!^=~HLtNfam|#8C6&tft}K*NPmKmBZLMj&4DVo}p^1_J+sY|}rYo#KXZokC zaG?<<#LY46Qd_+evf$SncgG%SAFQ)mdeLydb@7d;dl@d4c(`QnGILmV-y8lwujFb) z%0HjuEyoLQDsdReouaG?Ei)7_u|WA1Ac*bA_9EdMg3^p|Zit zp|3;~`{0c>0~7N_xIk<#QXD+;T#GLo$o8e;XZs29wsz7&J!9pQuV-gn*4Yvs0qS)8 zGACX_A?*?*tLX$O6ILjG#HKgQ`q6==^fe{chgH1=ug*!HvwxX+ zNXIYYs`$o(*YL2OfU+m^2> z5U&BX22Fd0(gW;dEHt~Xu!N%>OY*8E^H8|;H5=o4HApG8c?%kK4( zaa6;6)WT^^Z=?46-7fSuN%R(O&X{QOd9nQ6f9zs+WMLn3<`K3 z3@T@iPfav#*LyEk*}BS|U=6Hhy8f^qT6lR#`WDCk5Zej+&q@_MdNoMm{zTB#Vtd<~ zp>9yP1UzebYNGauI))=`Vr4u?%nb3|(b#OJAjuCs>X==z0X)@_yDqRjo)Lq4Bcu#9 z^(iOv)zt!S1P5)S6!|5;?cCRSRIFFuGIg8%9fS;vBz+8jLq0cd&RoCUzm<@uE970J z_7fr9(qSU-={|yG_u1Ri?-&)8e6N8kKfu4ze55k&qd4xk0=`e5bL5FL@?vC}Jq&{# z$9=iYuBMS?>uhlC^3L2EJrc7ohO6LPn{cW0^Ka_;6kQbBQkg6_HV4U9{=j(O%INx# zo;BvTQ?Mvm!#z+oL;?(Vc|(=58=1AQ5Utl?SZBNH!hu^6!|bhUU40sd?hEwGa8W6<>e1!+!* zIpxoYtaTaHEPsf(ab*K3jJOaM+Dj6XL>(QvoVX2b+jlYY_`GimJjyn1Zw1L7kLgDw zL9ad>k~gSR%#Lq#$N_XCFnB`J#dT9<_fQX7GZQ zq=3$?pT(uVffwOfC%cXf4T?531dV@Y7<*mB1gijjekzR1w@6p*dL|e?!Z73FmG+kT z+IBk1>o8^1W?1tL;Q#;(OfZ>N?vc&hpIQ3Mk@y(TZ`Q<88_X9AjCfhABy}t#)PO>K#lbvKns==pNyOwQ+d~;I`~I{<9TQJ4s`H z0-zI=T0Olv%M7UP<9?vF2MS!aUh^5dk?y&(B37WNH2n|NWM>OQS{1*YFIDCLkowRQ z+;(5>+L-gU>!CA-_c(2EUVe+oy|(pJBeq+BFrA21_Nwx-?y#@j=Er!QVHvG2N#iw_ z5!Jg-Avqe7#-FQ6vfxv_Y1U(X;HM`zT8^Fke1cWu9?yo^K^SmP7Wfz|SFVaD{zmQ2 z31$T4fKT|UF6d)V9`z<}#B_BRn>IAsQFp*b{AL&mh$?)yf z1a+u@yQ)2k#uHgHp?fbc>6T#UUFAC}xu$G4khIK@a|K&2|4;=IZ5|$bSwmq3JuU#I zkoT>psvk2@zeLcsrHJH*%}Tf4h{5^A49s+m_d9h>QWtf0@=p8Bozwb1`!2OSyU?q# z>5UxtVps#fYrmtG5>ja_nAS^ezXg!n${z#y9y%L>$g|OnEqaA{MSQ`obX(Aa@P!1o zCKy&F^ino~aSlK^Btct=8Ssl_5R}d~v8W3?YG)@i;8Auz6N?Ip0!RkIQaHlzLeqo5 z*cP+#xrSj5&C2jyp9xk!@mJ103;dvgy1J3pbs#UO_|LxvmhtNgr3HB`lt&G8V1E*P zWk4tVz)w(bj@yc$OpU4u(xKq6e&aYl-vTR`s`3+;*ibzIeu65o&ga8v`9NeG(Jj0S zOr-heuxd-VU!M>d^Z@Kc+iPxmInV{-Lm8d`b4-3BJlvET4KNe~Xl`by6tfqggULa% zu7f1?XEt;k5ea&Bz)7n)oZ}t7G+5`=qt05;vSwnzh2LMNzoOUD(2Jwk+Hv3eJ->0B z{1@v_f+MYSV`BxSh@zBVUpTcSsyTg{0g~mM|8ZsD!0gJvfq5hVEsDz(1IV%8r#9&9 ze8$h>gzrurFaxY-?((RklwY{9F^P$sDl$iaZqRKKxr0>e;y#q=$ptuOec~Xf0nzsb z3yI#bn|C2Y#sV76VUc#eh{~Jkj<^&d!QlYQIA=c0;MGpuCY?rMbag|jxI{AuyREF3 z?<8rUY4L7q*(%{yFM$n>Wxs0p;x@{Bh+F; zRpJJfCd15if-Y@VtLz?;k;WNU>1;~J3>7F|BrAY2yMn|b2$Na+qr{IOBfB@CIIoTi z*cU_7xMIam0!N~qv~kkBF1%J8ozf5mrU}SM9Se^7_1mF})ly4j?Q;m%Kw|C_ukQYb znfCA=RM+|IxmOqli35}2^R9KktJTBtGJGL%HfHx&(C%`<6@kTBaXWBo_BYY)zVK0t zoi3%eO~ukDF$?uv<$22ZIlS!NfoJh{k4&~7C#2-o#Txydjd-&{buok(mRhI{31h-S zF(P_Z-TK;+>kHMq)apIGZEQg2a)y1fXtXoX=(+CL_u!41{GlYC3HmsQh{xkWYPDhzVqjXz^ zB)!Y_=Xi0{DEcXDRvYs7{xG9}cOw4a3$c#DI^WuLX?tyQhd;=Rq~qA9!5=r=jC_aeKHmY>akiQ&?a;9i=^G@YccaX%NE=KZ_rhpHJ;wT-YB!czG!x zEI8Qt=6tsb!P8ECcq%7a{A*wV%=W}5Bc(Gk5y9Ks&gX_uv=|96!whS>G4z!{Ui&=V z>78Qaym$@CnkbH$pl;{L#zHGjH=Pjj5>hLA@9ZC%@jOkgU0ZSJ{cf{**Gt11Vow^{ zSAXU-V8ef=JIm1nx|Y{l20Z2XVwadbQCcjQ&ApQ>*80xsiN3`kdw@o|$D^ql%Frib zje3)y!#LOx{s;S97HhOEr`qJm)Jz4`&nBMZZHKG}o!_2{@L6X~=gN-iO_H-d@>&xm zX+aRq_;WhMjoxw`HhB$~oQsL6Jj6wE0ukMz=72+B2DV6j#>|N0YJV#5EW4YMdJ^f0 zoMIz2H(77gUM81R1$3@C%Hoy~iMdC3Wy`^Ao>wA?q-De5c-L6vJ~Rv3%{L*f>>Utz z;*je*g^KWt_=jluJ>sC_hv(Ue7ggbTOI++%L?5V*j@-@u%tq!fVkST05CZ0k-P__dtR4(OV;>m!+6(I=y6fOC9h+ zNOGMZ-9PXb!vKW>;DDZ)=$b@&ZjG+D z9*F@O4>aXcbJd%QznUH}LQK43ps-D>^#mPug_U?9`cqcsrBf8$N5b6gV@xWu5-rP6 zl33sVp#uGXTp@9UIvt8SCdwYni@HbZb9z=S@ak~K)9Hep#Vvag0sA|S2b3ou8&t82 z9S1c_ymdYC;?KYwS?9>=5!+3ZM+*Z@4&uhh?p@DXVI7U33tIAV<3^}0_y+cdAitZE zM08FwZF3g#q=0A&%4hlkPRr3aexkIdUS1=nT|1$K*%hdB~X`0eEV zL`J=4+8g6-pJl0b*|kljeqDj6X4GQXqQG=+FGY3}@^s#hlP{unI4!F8!SxEtGmBiy z4Hwf+il~RUmdcAY;Mk*!{G^9H4^}IR-3wb7HO4eFzTuRB3%lR~1FEPJM1qbU;V-o+rg%R8q1UHg|tU!J+%9vhy}X_e3?R zt!s|~l-(cQI5F%g&>l1(WErkNao4O`pajU>l19VwGN^ z;pyuUtuwJP0cSE=GHVj|O>$XAdg*Uid~|&yP`@v!6OHOXs6Innkm&3EYq|%k%mHev z`STf>?M^Y-%Z}W)N9;V9-PGoAl^2-x0dZnRTp@u$mte9t9FCbt4>Px&=YkbR9^3EA zksThYHGMD)oWqx_v-KIf&n?~x=zeqNZ$)X9J3;O8gIzi~np#JDncgw3NWFCnRE5yT zeSP6ZtmyHj4swUQ!Eu=NnNw~4n1p?c%;@U_Igy5W^A&C}sYg@?5t`~>?A@iob%_=0 zBV%Y~#Oa#q*w?M88hoJ%Q1L$K3#8(gq0}CAECVj~{-_@q03|9JZgxj;2>KlXVw7)RfoM z`B#DKRD=-VZ^{7@N@(_jP`xWWh4quJ{d3DA92%_h3h(ZRzVBEt_FQy=@Z)_+$2~2x z)10Q?QqzYHScl|YI}t!w_1XcnP3K6jV&>3Qej~rzW$;JjNA!?S52yvP)wG&M*ZQ)? zpO<;!uME5my|ku9_JsyQg}K;N!c6}Foo1)o zwjt;A(TZK^Yg&D)d=@IoPTLHUa@zu`h5@!axwA!NLs8V->=1mk>!C`^6BjA^CEm^J z@ZvA4;5*SeA;WEMQnOx)#!)!loF)TI>Geb=$PQiI?R)r&8Zs8l8k5J%1v`#*9>yFp z+n|0M(rtXTgyT(7=H%9%gmSZB9@Uu*?TLgk6$6dPH-qmxVl!dq5|h&V z3aXanzdChZf4tTC>9^TD68!k}0L1iF>o?`E@pM1ZdRxOf^S*Tbum%zJBITakoi^Tq z>_n4K7b%7u)QYBMN!g9`z;fn}g$^)(V-fqLhF{fh<1@G8_=NJCwWsyaTpRF`z`z9i z|M-zdAE0?}>;c;9Wcyj5;GerZzq1N3ciZ0T0Cg)X1B3tDR;UcKu9a2P_%!1*O1MD4 zSr0f!prP>VRtiI{W-$U>(_$ECna>U1rg~0uYRiN=p9dqaEcUBfM5UFy&IE_@g&Re+ zUty~qtj|v!m^=PzEI?kY3N)bBQXhI~KNr#PQ>n?V%6&+$tT4Due)!Ky5<(viS2y^i0TGDepPU?)f;jg}?eR_{h}b-}Gnn zd^N*hwDW1kf~&=+ytYk#<|+Zp8%0lT7ygDIJ<30=O?$ccLc8p@u$tczf!Nha0M|?a znn=!=)sGhllJ)0q)-Sscj(1;Z`wyRMQ&~lxdJ!OeztH%5XJf%OcI^Y0<(Ga#IqtBp zZ5rs|*V}maD)>?z>3ga){YJzS6C`0fJ<~r&+h;~q`+DlY`BDGcAUBn`DBkJoZY&~c zDBq1^t1og=BLT+%bi z)GhydQdI(sIRN3b*q0>wr%vN}kNke>H@c|p&h)Q?_5a)NuUNOtYrm3CZ@H7S50q?Z zl>I*UfI$TIA2z)raiJW)lw+TTq_R)vp zhNJ&M*EEpu50@xP4qjpa+W#MnLo}FIe(AscBJcnE#m~g9mE8FolN$|ap8xMuS6FZV zLx&Umg1vf^;MJ|i!9U)|gSRbw%J$Ij^p<3~6fsVz$-~ND8VH@H+S6MZ7XqWUQGX2l z?4MvR%%ykfa2l^N>R{^Tprjf<(l7^jF-*3E>gINcQ0Vusel_Y7ct(heIgwsj10;OF zD}}d--7B<)+ER_}VdHU@Q>z~p{0N4j9OR|`X%JUMh`th~)>?vJEUIX)u5dRP>_Za_ zhPkw|f}|B%52yO#7Y3C|nw!6D0X)a|*aQ5OTqgXI-0Eu9T~fO+agw1ERBjKx`Vt9H z*CWYd(75UsY3^x)@?;%1;JG$@arzq5G{XQ|I#RLf!e}`D1eG3h!k~Jc>=*y;%umDD zCa=u5>aA!V@2aHip*sgEoLoa+TzNBXx=Etht@$12SHcvFCqd`sjiWH!I-UN=HJOHRnut_1MDWRlk zOni-(SMyoFiE4@|h3>t=1YCbI4)w^9Tze5Slo0?SL`V9ch5Idb=UKT|m-|Cl-msfl zm%u2@CVFe)A((S+`)8u z1&Dk}$jw0z%Mj+yvH#>4we1SktOnASKc;EmI*l0$CsvHmG9h zC2%+q^s8?YN=(wT=xygg7vbKIPbx>krOlMiYSHh>=6yGjcRBkG;!+u)f$4yAaF__! zoKEMbR?HhFaU!j4;DxnTX%^&sCsUTyX_LwyUb40wCe!Ux&!ANw)R_}NmBv}fZSvRm z#-%#w`qcqeF%S`&OVCf{3|_`K`MI|;C43;(dhuhKnvdadgFT|mRTen&gdFH{LxI+G zZB{JkKD{>_4tI{E8>@cHzfVk=1jbC_pQ_;WL)s`P5E} z{==ZfXx4m-T*HkL$HMf`^3B%0;x?-(pX$~6yixBP+>(XY+O=8}${h9_lUlB#WU{f*&+Q#_cU5?r; zVQVp8GXg`UNN&SoQa?j3dLp|qEUk#n;;yRYr@IYz^PbHlHli2K>F7FO7p=GFk`lp~Rtz8p}-+o;og4PDLLnoIbNo=U`L#bt~F%hbMTb_AZkP5r&-Zn*l~H+y3kEVFoL#(x0(t2^{fP|YIolI>h%yAC-eb^ce;HSz5Uib zTV#_#CaB`YrJ4>&EkYJt`LDMz9v2U*EzHO9Ph@`cZMb7H!Ooo+xyVAJbq9v|je_M$%s<{|x)UIz%)l zrN(Y+iFU111{H0&yLav^4ib8kF$sbbv4W2gjjp zXI*!srg=QHadM0#{0hge)2+#v?6R&LDV*%;nIt!v;POtYQ&eoXSx%ob?)9EUFh_&+ zHQucMKDsfbES1O`Y!Rt70@+S*LziTAHy$?fO|73$U(VIdKv&*SJ*+DdqX7ob*Cw@W zrJHj#+LgF9v1RUPN{chwFpPbq!S*)CBEkDk#34kov2T(WOPW?BJvi&6r4kbwEASqy z+-mgvozui{nw9B>y>Ka&4#l__Wgv%1`Ev!CxuFFjqw0p{T4CvK3`K5XCET@fcXt(s z<{S2yVAgwEn=W4TGwBg;NJ0jJr%YMna~!mEEnCVodH+z@TTrEY6Gg1ilN&57+kwfY z5kR>mdAVwkYF+N|BMrgxzdgHBGwj(JAQ$NFXFf^eq-=+anZhN{dT`CUJ&?o=GHC@P zq~l-|e49a7^%i>_U#8(@v|Zttd=BBp%*A+<9F(DCjdQ2T5F>a;@f{F|vY+`>n3|RM zaHg^6pfVDVR#44!7J8{>0TN`oXw#+uQ5TFVW%RW@ls;XMHRy z!kf@w#sELG54~&Z`vvQ8KSTrNpUGJjR(uoW!Y$L1M7?W8}}^CV^{{)DF> z-r>0YXlb$>(Wn3Dka&@{`}RoIa3)90G%w91$FiE*n>6QtzVPmmjIhksH0kZx<4cCd zCdOqtJj@x$O_pYCdX?QLGECbDIKI?9kXVj*yraoD?>eFba>(N#SaD;DB7rk5hEBSvZ=7ILNAA+%a{zrcU&53;k#v_ zuq;23qay2hw^v`84Z;Y1ii`h2D3&AU~B)~06Z?K0&KceE|vCL15*^iHZMMy^XQ%?mlD&DcYfc?5tr zoOo}H4-7HSL^fs%gLRjg^EMTUKCGJ2$*F(aexPwTIIG50n~~(4Oq@_Dc%>`159TK@ zOewhXC?=vDqG(haF=<_>7$6^SpA6aJ5|oFQ0ZhG9GU|(?lK8!eJh~Kmn$tU^mT#{+ zz3V52*+rzQL8eFu`P{;LS@@oa$SDo1ikcC-SrOgavg?C)378l6M5yt*!pGRg*MoI*C~GM+o$2k>EdKlW+VNDIbm+}chE@~s z;;EoywY!vIYs7LMU8feEClqC9SZ4XYWUqp00IcM?7R7zO;bB8xSxsnM3diL=$RdvP zrz`qt@_;+G9iMAyZq}7RmM_*0)Q3RI^jv5&#K(`?q&ygr%MIUA&;G&WLnNtaI!Qat zNF12UNkQH4%Lj?l#EAkTWeYIYE)=tkmn`*{+ex5b-d+-L8nnkF?L&e7^Qc6pdZp5dA9$@>*E-*~<8iYDp?}92z-93Q!_WJc2;Fd-ir3Mq0^m0=&2A{n+IwekWTc4T5sPu`Qr5PBR6T_LB^TVLs2{rAAP?IIJ-P zWGTwMKhFv4&O4W^PZ@nkyxIi5&Bg!oC=L7wP1*mdM3lN>=g2QP`f9zL=0FSpx!h}L z4!;8ZQg>|wS$fydk$qi*by_mE^8c)QU%%K!eKAy;#p|eP(vOw&>rbxK2ma-6uT%&= zmkPfNc0TtC{(pTj|91{2fAXook_Xx7$UplE>XmhY^2hFg4?zNK-guZ9bYTp|*|#){ z3Uf!0tm*?lH3qVQg2S?<|AmgNR zrt;&^NHA9JRvw$*c%@V6!gv)YkMw!r>8tzXGhRX>1N}=$$f~$Dx3tNdPHf=+b%%ba zqvzBRKzKnx`GL(naG^VlC2;O(eSGbwf&Pcx5YeS+rR4|bjZatp%kuWPxL=X*f5%wA z&`YVgU$Go&_9)Y5X*$hLe)5L?0iKPn4DyRaeTme?Q76v8+KHNaM%xcp`s*bEpp&5V zQ|9wVg`Pcx*WUyBTrh-9LW$hk->SP@X!zlNe0A}8*+=j9NbI*IXL7Q)`1MYQ4k=P9 z>wEnsY^3?y4GfOFdo=w@6j?Jr(l2WFQM=MRh?~n?@5f2O7d3iQQz=vsU`AA~Ma`fAV9obRb9_30?GwRtosRkAVW1xKN+D)hIR7^GO2#wV7L=Y@Hp&sgi}#jDFICL4H~6m~lAJ^)gemHyd36z2{| zNilgPq!%I4g|Z*t$2L{3OP#uvcgt`xpmuRqG>I;xwx7LTX^Ei3(I^n;|Axi~o78KZ ze6h=={*F_!VKRL1PQAqo3nzA`G{nU_GPNI@9ed|HQ5^2@CaV|ON+dbF9_6S57SVCK z^+IHK*(ZmHkB$8%CB7!mVZjhcud0flX#TqoZIJzhWwqIo(}!AQg|r`M!JjQ z5LkHK_(GL#tQ==s?*RU#-$mcg63zvN4B0M@m~l4p`<zn54i7xC)t{T_jQ-9D9pajl0O^8EZ{Yo+hkIK>!p!9G&QKe zsJ@?PV^*MpJ}r38F+9kbyIqR8cj+O@?Y8%$#WAa?2=7}=*B-o*tKtn|hLO8)k8*tm zMC~k6PpT}to;S0FJHi7tGCN7?{EJMAP<0#blZlvpllK~ivuVn$W3-!lGIdZzZg(`& z$WW1+uA|}dDQTv5Wv)Hkn>q$nB&o}}4>xe(eS~N~c>U3I%0!RIx$vtGUQD{UZwjXj zNCd*+!a3fx3;6o@8gkB5@+K~hf03>0;dxi+4KXZVw++G&VlVS zd6{Rr#-{5?ZjNcPZwV@c8n|(vAf%&*>IPNW-M|zw{%5^__bxk>?D^sm$!4N!#Lgyg zHrJ7q%-G21eI9;);3@O5;vVo~Mw7T`4OlLl(x-PU8t1}${>8q0s9C^Ia15md1_09~ zpY9PJ0R|FE=>4Y!?*Q z7w`68$aaa6X2CRE&iq5AOFn-bnm%}mdy6Y%w1N;(FR|1w!4c{6Oei!fQm)Wv!mrQj z(a;mduxV+$y5V+}aC$JlQf~v_6V3mxwl@!lx((lll~55XOAi^eAZv>~YZ5A3_Pvtq z#?BaHlB5WgqU>9C#=ei?5sDbQtYe9>YiwhNG4DN|-*LRh@gBeT`+NU+??0ZWKg@Q2 z?)zHK^SrJLE_g9u!mI6Dg01C*|G0aWg<8q~9$x;Bp#}}EwH1A_+?c(#*IM}Z*dLdAWM>@C&l~`o3|gIG>QU|AcKS)| zgJ7cjNz0BTk9ue6%RfH+&(RR$5;*vG%Dm>PZWs@k=~RWi_Ea&Yr(+ zbZ{Vd%#bDrzhf!C7us8pBq{2*U$KXavGKaEaHJI6HCs}r85g&;r#dY28DEdK!bam( zr-O^zSm7*xtV+H7pI(iwd;gl4*~lbv{%QZ;L*}&LfEN9RWkJVRf*JLZ5?*0` zib?TW`RNtI-)3cY;qVmCy>O}EC$LNNv}-xn-V9LKnS%2)13zO)fW?Q`1Re9BNkwMj{)WZB}3Y=ovZWmRv_7BLV5qU`P7A8GOd& zsdZorg9E)_bmA$?oZUCQq;s}gi6b0Lkif?ZwkhH~B(MK5&TLK(1_w`!c^|%7rUl#M zm!Y?%l1CEYr|%l7MjnVx6zcpPP^Anwc-i9CF~H8+91QAHjA5ht2jBHMh>dvVDEP!2 z#6i$*gfa}Jn2xFiw(?FHNM@CIv3Ju084SraMj?X!fm}k zXS{dMPt|$;AAVDwPH6`Shp-U70&UGhr;FcH=^_tN(500ttr&74roPU=j#7=h+x<#) zzd}{amJn(7sp|nR6YVZA5dz0r)!@oXe+1dC5g+eGfbZswqO%F;4Q1j&g7M%9-KU9P zI=~ z@(%XzJm><4-uoM&YJGr59^##bOSS)JFL&XUl}Ft-rMn*znWTdHq9Q@CoE0^of4f+G zS}RLUwS#(Dk-Nq2pv~@61fz=!KftT;ih=lxo!Q?h1{w6y%!$*9P{l1IA;=xHp zqBLGrh+-C8K<=(6akqv+d*Q`s$RJF9ikFnB8ocd=W5 ztL=ZbRipbvB$YV3m=!C@M#$PaxpQ5gAV~M{SFQAYA*CrG()~8OkZ}#T_mUK%v>h<(_b@Wz zyu|&Id)TwY3Fpp=G>Y5)fpt}F-B%8GWCJdYnU00CoBo+@$2#?ou&TxSsq{;fLOaUx zCcCntv3}K)=}g9dpG5GPy46hjCo%6?_C(no%+7*xz}|)9$SV?L+*T@4JY*>$BtLL7 zF3lR!zBq|bvy)|+`bPnu>`lL9fekYCqID+R0@WH!L~yzyC;i8ZCp6R|gh4NczUy!D zywZi#Nfn6<;2>Gv(+!iJhn(C92~ZG{uoBjva!9ZNQ`jb}_VzkdRT6c?U+!la(&PyL z58mBjG|#}=rXy!IgB8CN`J4@;sB+Y``|-EOJiM^Sl;tLT?&Yg=aPXP>583#1%lLa3 z8~AViHqIV-0-fB5Dl*+x^2D-fMtJ&T#oCnFoUa^TWCpvk2C^Lyxfi?RP|R$47^^5P z`6+*of)1HwDIf1|S6`Lz+@={8#{tGZ4gSsdvsEaVF6<3ICuL_VE_Ltw=Chy9WvaT# zCrHGQ4Ps=gtcN)7Npd_UbL-6Ft8UT$mE_Z)=*`K34Y8;Z)yk$CywTYH6tn4S@ZzbA^KE~$WE9XG@==aI$Zn;l|7CBGTtyHhd zEy=Z-YWnM2&-7IO|X!5OoW85*{KX{^`i+Aep>*9rHoE51fS(*5nedXF( z+*0FQ;`x$m8KgILhH)&-E?KY_MN735vi-sa^>8D~483g9_ER{`I@M=7Wh2N4OfDqrcFE6e4|FM?-F6pC*=R;I7nJ?YBGzgV zcrgUtwiYS4MctFEWaJdAElE$|+X1~U{F*T@I~l`@+_u8(ShZ0PanuG7ctQ*hex@Dh z5NbP=OZN5=LKGO5uk}Kt<(Jvq$WkVq4f{pH}modVc|&Sl7uMqpJpO^9{rYrMo{ zuW0eByN&C&#)P8gb2lzK+v~I;YamNss?Kn9eRY_zL*WCHrTsQSbv1*~5p+WfraXv{ zdc4V`t8`3LZ$LjDQDyNtq`frYT&a>1M8MUK+@H`1f&qF%&6ojwRkYjbJlJ*jej$yz zce@N!&vGhumsXsUvjr&(b6=H5uLc{PVMY^lBcubm5*D3 zT4N#h3XjZuzsmY)_9tik`_U?4=b3Uxtlb~E_@s|q9G5+$qAQ#8FfE^aLq6{qJh350 zfh4UmOZHgolXd%%*eeUORk{t-oAy z?L*T&4x(kE&=T(DQYtGU{J5<>4LcTaJ<9C2&M*GGP1ewhm^ZvEz{>aM5l9USM%t)5 zsKjGqSu@S_Y~ql^zY*Ny9u4lJ@&=b@1leHPFcAS6UdhJ4|89aNtQ{{-@6@NU+GTh7 z0aW0mZ{6;3gBu{&7un2>4qe7N`v|z7%T_hZau9QYEYh2)y0R!14Lq>j{J80P-$kHt zQBz9Pqkbu;@7>eXe$~!?ny%|uuT2ok9~S~9NdA=tLQEXg6cZ{9milw{Vul7QwW1yc zG(t5s>50L~BTv)|!ZpyWl@W!k)NCIk=XZt^$qN_$EXmy%7>Q?ndv5EF*NH+&TV?|J z&B#L>{Kg_e2oeR|rl%Ch3iK~%j9HsatoS^d^-<)36BIgAS(;}-S=O*|HjWCziV;2y(8BUr9Xmp?hQr|A&ef&1z+Lh92jeTKoqacn@?t)uIg9ea2bdh7Rnwuq@u~ z*r@ya?<_hgB<4H>s-hLzV|KkQ^+bta?Wgy)z#Y_=B7X z--VU)4~A#Xr|o^8rTxe0-VOaFeiLV!9$WlQa8?C&aBa9DPkJp!CCVUuS)VM?St+1c zsBx)QLm(S_^=i{MlQX476I(XOG!r}CA*eL5N=vU%a?UIBeG6P-dZ{X7tiq`4$j>*YLL2fZ?$IUu05tcW9-~bY@OV1i%q)k}<x=zsyh4{)bYu5TPeoj22F< zbXKBbba`78`=l47C^pX6f84K_L`C>T_`k^v?*=kY2%dx@~>U+X!2i2Hmtcy50mQ$;AzV{KH3+w#;Mxz5W;Ma!%9(w7V$(I*R7} z+Z~g=?!js^x^-V>pJG?gr?$`k+;I*QpkR0yTuxdC{k+FA4wtm8vU4m|5=8L8~q)cpxO7Zf=@9w|m$N{fuO z_R@rnzfoB<-sX=gL0NN!=XVq3R9#6y7ZI-bEPjfUfblX9%d&S~X`r6u(F~~Q zZzv63UURjxO1_~eZeVjc{Z|7HJ&)_djwK23&?!2$&=BIiMJ<&_T(~OXR_ELl)8xOe zNn)=0||vY@}F;2v(P!N7Z6t50BDS;I zI#hSdX3z6e1M8j?y?(RchC=U(j%eVjO|s@o8rFHbmtC9`pX4uGrCfdtX}ceA(dXN` zr<5+z*Yn4TqJq5~LmAL%qM&a-aMdr}XEYn7O0-346s2=B1-7!)% zp`|sVfII>Ie8&o7lI-1i&0$VpSHAWyK;Jr44+&Ol5HLV$55pRrv9GcMynRQ>f|~T% z&ettDiv}7lFY+?ZCTI>`$U987&2h4z`NK#WJYP#*E{uvr9?Z>evMT*;E{7d~5NvP| z=T=}<8uoT;Fv^KTPjoO8Yxm>XxPy(Y*b~HVgxR0i^Flc@8oU=|N76mJ-~QHB)Ez&M zHp!YSq1D>_dVQEW;@{LXktMaAU4Yyl(bU{umQ|M-@)7=Ku~GeRP!^94d2j6et#*sa zs6?q-8K-DL{H-+7LsCx8Lg+60?*iCko)ew$Sv&yrFyW}yJrMvgt6T@JG=T#Ij2Od% z#n?lqua(mqo3}Arw;c$|JWQg~E7nXXBxNOvmWa@>8avRYCz|n&xKRT2080%f2qQOz z=XKu6*aDa`P>_?VuSEDh3wQ$GI@>;$H`%%`Yb7Zbecmd765>cB59W3*;sYAz_}aG8 zs0XuOvBA#?@05w+Y*yJhKWQA=yXSs{r>GZ|0=aW9!Wc8nf&SSq` z`s?c9Tn9ZL;-Y2|`q73o=&d4aE#zv4G6@`d$=0*=QBc?b2Jhwv-X=EMEjv z-9LtDxWH^XFH{_t>?@xkhhEZkcw!Cb0@?NjnNyh-rKD#a8wlt>oDP@B)CK?#Z=U$o zuv-4W;y0>E$25w%tXEje9~~w#A?9+QhRr#I&7=a{>v#Dj#ZP@w)J>@bVPln*qKZz3 zrR?_lv|Vrc#q=;)satv>$tp2X9$9Esm7SmZTxo~fxm`~BXJjmPM;+6=vGgg@7IP!D zG)OJ_xxfE*F&yzG8-DUTQ&RiPLe8}zA+@nOvQkw&tT zzUEgZ^*Ux^95iRWmNUm!3^d1X&-tY7TN6gHA=Pf@oTSb~Yr-LU8buDSkfC==VN-iq z^bkC2FO#O9&B{jzy%HwV)Q+vlsz)-An8x;&KLOX=TI$a|jK zG0mJo0^Dv9g4lqQU>nGKxu+wXY7W^{7p6)OuLF#nmzVK_6Hg;GGph6a^}@61Q1VLf z3DK#JBy-Ev*t8AA2AmrSEWqb3!C4#L-Rupv-wl2xa!{Kxwx3G6<`~*SsDg zQ@+4?^8#FTw&)gCoQA5&%AHB%VR9Il&WwtTnxY4@$cB# zCRU^DR<d3rbvJuix4Z2Jw0o;_9Q(gboZu#uU*Qtd4%$#5hL7YtXx{< zdz1zTWf^to0{fEYB$=0o0mw}}7+tn^e@t3CYm0sHuexv(A^Jbo5Dz?kI}jaH(?F^! zPGdgZnvi}Z=ZabTq|Kj&C`mSx?Do(^F|rvnRgq)BCv_{i9QK!nyjkM_E9)m6=PJBm zj5m#7c5&fwVmm%*2JNg@Jwv00!TR-aS-*_&c?p`;Tn|@$Nel#k-M*~|ogPDSS5QHc@Ysho$Gi>Oe1%esq ztI|-#9BcBIv*^)f6~$v^kpK0#euVR!D1Z+k{_$^Es}|!um7GkQ{B-?-Vh$BpADd*q zVT(2e8qh!tO=Rj5*G^(gunltd8g)qE1Z19`#evy*0g2zasvwl0`W{*OHX1(W4FfpN z?!~}4UYz+VhI;5=XoI%_y(HhXx3p~_k)v0Kc*khOfLlnBwDZ;-Qkd#q*zBJ;eMzi? zLCrxS3b@GKG1o5eycmJuq&|{mS1EP2kqKD?BFYyahKakm(yK|`LLOp^A!hbZ<)r?5 zN-Q7rN{ghJ3%{nfs}DB%*18Wh_JRhp7v6#7vRFK@F!XOs4F-J>4=#-F&%7t>hI4B0 zi%x7WX|DW;Ws8wvouw)&^%r!_kUw+$`{sl` zT_T8~?7K9$DByDVkJj$Z+a1o&CIGN6(rz!@PK3?gH*J3+cY^tj@U!8WkJ4Og8Gk!l z*`zj5$}9!3SzCg6UY?Ylkp$f^UT9<4UIHrko11K2Uxv_I&9>ROy@JWKWP8@tZr_sd6$nz4bjtm^$3O)Sc$%yx+q6=fwhf?h-~v=K(ozx#&1lQq zbc|P!=cM8#CbBw>CTrbUJYa&xqS++toqXm55}6X*BO{5TsZfw@*hicU+T*7fdhN|b zBs9q9TL9+NxN#(v(K*wZoq@8A7x@c43@{q>)ZXCldUx-xG}EBd-n2u)=k6FHPyozN zv029KJ{F-;_Bx_yB=)=lt8d^X8P>xcJ8IQ0ZeZd!OCLr+K+-&cSE+G>EOvu7Y<$O^ zL2Eq`oIEYk0@0|$_Gj?K4j!#h)&nr*3%Qp)^A=u*fVt2DZIF`yuClf81rr2Zcou(C z6-Po@q1ksDcOU)+2(LsnKzKLL+!YoYt~uCoM@*{lFoIGX^qI^>yU7(b21@avDrg@D zhlnUH5wgF#&+U#i2%xQ1SCrUBYyxaZ_wvwZe18iTH}IUY+_)U8R6Y^+1P2f~{f`HW zfU??T*F3_Wnk<%snXrNFw>sz0Lo~VSyP)$N}4YQxO-s`(>{K1a7lerC>U+M~*2X zBpNUEADg+T!Ec%RKoGIzMw2vw^*)IvmU2LBe6f$Y7F%uT&Lu+LTz!3px6|?;verC% zm{+&Vh}+PGBPqqYx+lQIIF8^DdO&*Hmb5p|^OFtg@GTLt6g%qjO_>WEGG{J152OQ9 z{q~6ZD#GAUDFen%y;nd*0W@77YN^lnQ5(*?`1dZrSE;r%ZbY1y=?M5+h}e~v|JzJ2 zm!_c}9cJS{`t3K6#zaQ*%6Uu`PSa|~I(qg&4M?}?2%l&3v8++B&CNxV2;yWLu;@3) zU_J`nUBBwNSk$O0P~K=2L%q%geWg8;CzkK zB&?J^W0pd%PBs-s-A86wOeK~Kto7e}saVn2a$L>UH%~F8V}W*WD~`pRm%*sp1f*XnC4%zfK$IZfOg_ zRFfw>cwAFzW7`#+Sse-W{kG*~-T-A(m}c+BL!TWuh6tAiTIl9_XI?ECHOiT6OpEc~ z5!_ui`0v(88u@HRkr=(|BIH!3xcmm96`R{(^KC8M0yMF)b)xT*Igxobox2qNq$Zl@ zRGGMD_}@Sl#DMMOPbWq&J9AwjJh?{_ zLB2ksz>OyuP>+&qhS@$m6G1D*Z8aFmT6te)=39vVRsmX~vS-YG8kRK0QdJWw+wV8~ zr(wO`b$i??M@Ung2{hwCQ&+aS5sW!r8lXIqEWb-?(okET@=$ zxvRK7wr3{aVKGX>vc%S;-!!#OcGl{II|KjwP%ZY6K6@xz2T~U#& z=fL?8sJdR!VcODXE?MS4gb$0`WlnSOB`(IL9XtccKyc39tltPHEj_fR3A1pGx!^Tp zVQRepF83^daYq61NF+@XB)<*B6=>E};CYhRjIv3`=~&DxKT&|cTicA?s5Hn0;m^G{ zSVP3~ocJ=>doD}PH5g3>8RWZ``1`?Sj|x!+y>5pch28|(7}BTc5GX*FUQ_&$9GN>c zStU?1qHROf<95_SOE#XR8+2U&uDgGQYnIfE#xYu94p1WVj`bI{Yt@N|gxy80~XI{$kHTq)dCe7aJWt^M* z*J2+K#^y~+`Rpj6myz3J(?%^#?;=TAFPnIn9WBQ8D) zp*O;n0J#XiMI((=fHKitD5*@B&sXEdeJ|m9kWdC=uYp$RIjaZu*NjF;rb<pfoggCQq#Ng55 zT73Y9zDP^@tgn1JHe|QLfnbY2(~BkVX6ijG>dGuj&&0^Ge)eSx>xT1)WUX8-aZY#0 zcg|ofNMumFSJlLq|2nijUGY>ot1buppNWwDHHQH;`=L`G{C;0e8J`A}lSJ&PqV`a| zn1f`zQf}aOPIM0~wwu?<9C`-S_EsGDF%GqXS$oUB$;N+**6Y$2-v_K;JRNtsTsQXH z>)ON#XD?Y+VQJ9By8XItpX|bo^;`J{ymMZfeJ(B1?OD{qJ`^UY-|rn-bNTy0E-^oe z8t6s|+3}eGGoW|+9XxE8LppTlyc0vHga+uAwO^MG-UM#EjNgVONA3)AUwhuC)Qg~L z$-G(ouocy)!acsWT}hH?XBk4Tv=w`2~8{_5AnyO%_0lM92h8iHVt23~1E@x5sKfZFEDC}D+ z)a=q>7_A3AhwC~F1vlU72R|kGBrT|OT+N+~N>@w(!@(wUq8a2IhxXg*ot3xcK9=}+ zVOn!YW(8Yk+bmOz<+RNR_fveePqb6?eVzG@qG34eJ5KCc?cCB{qi?>tq}ek14FUs=kbJz`8;Dsp^jA{WC?(anar23;(Ug*S!kU`=v^(zXMvB)*R*?*@gS zW>d!rdtjSCP6;E{rO{v{5Do;6l1a~}Kr9^}e#kXAb-_hwQAC1J^C?rAE8c5^C6P%? zsOd(o$7m(*eAgXbn=vPo4|ZqHbIzj<{|I+!oLQo}FlI;7Y4X|z(Hj`4^$EVNY{_0s z2IN4VVS1~)W`$Z`Dr5bcE=WQ~J$vnK4rjWewy>(0BQ_k(awL4yy6APcuCL(ui>VjB zm!5G7PXXC-e8j{1aw5m*x-#;wD@NDP-!-hW{KDegr(hgaXtG{r9eU$4mxwTB&Cu+E zdzRwv1y?_tr%Kr1g_qt_!eu0Nc~PW>)@&xnAcqykselDSGf_hY(Mzlj)m|el(ig`QA8bV&GLr$ zA&PJ>3vAZo&(8X+YcO_v6dC|n4Zdf<6nilt|FXWahQVuA4yt=CY@N}voK%xRGj+R& zGeKQBjqm|%0&-DfKI84|iHg_&$KE*d>42y~t#ui=l24e+!XKLkddRZ6wN9i05N*+reM9 zt^Fnt{R$6}+=xTlZ|gFn9X^#Fqxs7Rxd}tvPlEXQ3PcuS+QD8m4;xFplX5eoHt{Kf zUAot?d_SNN@FvCgc#{;;4gw**PFWiv#0Cc=kTN5nG*#)52$t_pTYpL=Rnx^_Td$x*e2KSf1l^ElWv)?ulX9Ly>nyPRt%w}m9%iJ)-P>4*aus@ z(`VWP3u9G(ij6X*l@2 zJKKbBlB4p9#r)b(a__akIUYD2;Y0AUm3I~;I?7!NiX89%LPPhvx<7Ua`Y4QZv zJJ3IvPLot)b8$&CLdvrGGP+mE+-nRdt53LlwiD{C!4Oc)UKB2$|MpI`UoxQzdd z)Ui}XyzGfh*Wk+E1EdEMb6`dtsXH$TD1l7_ZNRV#caASBy2~&7D?a;}iRR;=Yj%m8 zb)FPN7G!=&;ChuMvKX0MvdCjC==Vsyx_+X%?XbF={;TgplA@o_S1!B4wxvMvN#T-0 zmGw%WM*$YRaglX#i$t$}9brzIB)Dt-?pTk*Kz+O7PIS1UaosC8y7X; zo3>q7bfdlIaDNYdf57$Iice*C?L@tPP*dAZeJra9M{HaS8=ZHy)Wc=OfTq?t1LaoD z4IjGeZ>Q|HYu?BF$@ICn2)(Rn*FOyZSx&1%vIcUTd1f{K0v8b{{a1l!2Q_t>CQV5+ z(d%YY-(v$)il;Um-Qd@1Iv$42%D~0b5$=)X5>I(&rS-Dq$lVP0Fv0H^a<28tP6|h& zf>tZF#hh=*qHSE1eQvHPM(DInIJYTQAwpz|U5gyY9ZY1Das5vz*?9ji+i))-uni;f zcA(H_XBYlCXWt(YQ$pNPSt2czr0ps&&_$(7DK4W6PuyH7K3uF|X)aw- z){KCgbsO20lr(8A-b5cJ?Cj`m(G@$fF(Cdf(Hlx}A~Q!L3Prp3@0jS;#O}C(y8jvvg3{nb z+t1LQfG2rLR$u)mv%3+qb=*sHL{VLa!wVxpX<6l|M?uNJMp3;u-4C4sFpe^(bV}c5 zdrEeNCO5QF&Y5~JKv?n=HsrOKZ`G!c$|UC=nhvZOqWXNXFQx1C?2>K6N3M0#Z(mAe zCLA}~7R=)w2ufset{m47E)^x0#&#Gi``>;>Yn#A+cg7$MMt+{8_dShkvk91eP5?gm z$RQ<{E2K=!9_uC)&Ze>6z6459wif11HsZJ#O^V*_FK&*Y*Zq<@-cO;HR4fxNg!Na$ z-b)&J3C|1(9v^_^i@h*S_{^nLI8x{EP*h(3HZ}8}fpx;6O0GL3dk&@YI#tfgX8aO# zpuQ&)CSX{E{GkE4DH{>x1TjuKk2tWsYO@aF8<~1v-4T4=V07WqPE+ba=y&@%95bEx zWlFbUv0UB{ewnv#z~e?##%5~;8~8pQ4xEr{oH>)!@vZE*6Bo*vle)vx?<(43F`Zfe zEclcqaR8TB_-f(U!g9Qo$LK*uyetm~ntd*;w0q{`aNIIeN#>o1dMdd(LC+~U=Gw=Q z3udjU=jdLP7{42E{J6h*zXB8_y<0ESGzv9o!-$BOW{o#I4dGz1VU?eLQU2ZnAan6-PIhZeA36!{lKV9nIa4GVeh8@K!tZAa}ZwGN2NI5=4|-TiPn_@{yK~?mCK`5=+u5nHcGs3uP~DPhIq5 zasZVORzqU5h+t(MqW7EU8kXa9@g{?ixgE}EWtn3Wu2-WIPX_TVhgiOjuUZCZF?&DT zZz6_DX`|^@j}YcE(4mNH+^r%S(Sqk%Tjt=Oa6bn%)i_C)ew(vP^=~NKyOdQ^O;yB} z3gxv=L4LES=&D)5Xr)qq%;nuTZ=mW89sPb%u%8dAMQ!gHs-BJ>nswkMFI39<0&j>! zZh3P?FVV`x3T?u(Ks$w#B@KE)oXO+AFioVCo~WkU^tl{UU0}z(VlxO%AvqR3pdi1@ z+Qy8M^wf}M5EqM_Ls06d55CZ^ATgBuFG~V(QO-(I2$b%{XfIC5kUM{!#I6-$u>I}l z9*a|)e6Gfz!0g5NV8e5DeK>vsPw#GMD$3#a=CLpR%#Yq`2-pC;ah}8pB%`^Uu_4=8QEN50 zreH6c%(qf1gxim0PWKPsI(HY?hPMs0M4y2Y59~F$%E9;ASsie|pA80Df6uW=GQA2M z4#+X242cFlx0eOI2API#PwXOOyhN6M!_~W7x8~2JM^_5IUw<379)8PR;~~~U8M6~^ zKS>2*1Z#^CqiDi=4OWW)-$fl6ZkkT68x>~q`&MWH|H2(8qqF@qt@hE*6BJijdrgNj z#Y;U!yvS$A<*2hq@ZZ;OERy?2;`YdTV9<{oS;Mf)!xF@!@AG1&ucp8xOq=-pO=fXn zM|PjPF&0KES(DVL;x7^!n(a?C9XqL=W^{kN-9&~a*n`<2>g3}&qmLn;{N_Bse;xr< zkPazED<#TYN0Pf=Ed0R!h$fy0D!Ut|7IEReoq-EiURd7wYb)U!Q|zBA8~FI|uFC#L z0$k_svwqY1eeprEEP0s!QBCGaL4;$pvY@SLT(~LOVUp{AW zCz4h8(=bOw{CPe3j6nQtoW=01h%o~I=;_fC)!Bl=5>Xm@9d9E`yz>^&nNmPE<$*em zR>*sBL3jfML13vh8M6<`{hF)Y8nTSdeE!l!xiDm6ugO@y9?UEFcK>`t-u(fyK1^ce zsrT#uq<^0})(NV^oLyfRav=K1K=#V_&Dygfhed-(io_K}{5q0nZE|LK22?g~nld0G4`Esn$dR+Q-avY0 z)K?<2eoEyUtx81})3>Cd0p0xXJ+N|%Ajy&u7<#!*Bi`A7 z&c-bRF_x!36S=ADg=-I(`F-%run*?o1G=6V_5D-=Nr%Y(ACEYBXYXJq<19Jv6nTpj zSw!>V-Ru9o=LN2mA7GHYq-O}$4M+MJ|Wf}f=3?84I{nJt~x(GDstpdx6E>~*F z?1IlE0M;+=Q9JXxuTYc?G#-7sd)MHyI{uFQYH920d1T^Z*xfS>GN-p&ZszB+_pLqU zu5`M-C=Vx3Xa4-}Yxc4Yy)<_1Gra7({ic44ckxe?BKf<@{;IvJ+N<{xeF>F5MRuSw zF6xLg8*@cTsNNkkkYBHzTV;Maw&Pw9ND%G<#n(5J|SyF1beyP5gKD%3dF<2#i0by zUhoSuVlfY%!DK( z4A|-L3ik4Sbe7@l2`_JNUoS6T4(o&S7jM^(3Z_3+Z#k`*5c$vXw+5wQRvj#?d^df4 z7vE=SFh;Nv_Ur$oY>Ls+ zNcgm{@Hc-9oWLGF<{Y%vT!;Knx@S}LRpHZAvbI%ESrPNCEk9Q7cuBJbO`pEa3P)^D z>W9Lv*<)fET-?hg;hzTDxY0ih=A(@2I*fgGtaP1(Mvu6~GXM%(zP4dQ<-pb4Xqp%>vCt zhK)*Mis%g_1e(1onUCe8-(UARyJI2iczRnU%6702)ui|}_XmEO?Bf!1`S$JY1&u4+ z>+6#Zxo|i<4)3-gc`LSVT^v%%850|e<>u?3nVBIyZSCpNBc8(iD&H|g8^-Pf83q>j zt0S6QBMH8bOFMw5ZgkwJk%W$dLeG|%2B z<7v7Vx^ZnUQB7o*^3N-QEEI4{bcJra|NJS`X^&A^sT#7Nb0-y9r*Ri1)kmSx0;Scg z_v@JRC@gO3YL;$waDlA|Hi*)fMy_Z0xL;DwQ@waClpe1+ph}hAZoNi&dOi+Sn{-kC z10>T*{Jsu!reS4Wk~fX(G%F7q{mW)R)fYdDQq7JoV=WBER+)FIx$&lC_n!3J(7RYv z`TWmX9yVg933ly|E9zl?wLRY1qVc!VKONg4BXdFLN$xOlA_Qrovb6(gkQ)L-zt^F~ zt*U_I+1A^paa5BHpQ7xx&k{Yi9L@1;*_Idn9^Oo8qaW7eVlKxnv_`N&SKa8{1N_qc z8+v;oIf%(EvG#Gk`RRQB=_H?XW1-&VHR9KGxg^I&;;sL&jJsav0C}-yy#LMdLwdD# zozul6DiO3pNNECRDi;*3_B@`wh2HEGn?zX+EsQ?(H6=aljTxxPn8ME7oE$XSle5?$ zq>eGS6-;F#*MBb|Ni(Iv`pvSUk!|8_#We=}^vNG$SrxGUFI7=;V3Vs@SHRY=Lc_gFJ^pBq?imgif z>oFO+mHc&qAODrscKGwD5a%ja?qg%O=^st5!!`2*4&*xvTZzG^~YnVu^J06 zb zYmF-4l5*|t?$%2g^jFK;2IsNGxueBuxe!d>8y%i{A5f~IYdm=5HdJaA_D>9}SD#;2 zem(wtZEYMbX##5^rbb1HVwWCv4iX>XD%?NP<+yU6@D{v>eqB9R+t{>g8vvgdJ!qW5 zXT}A)+rUz8vj@#->3np-QL85>C%1^X)x!FzEJ6pmWTvV;+N=O)2>@{nrZ2|VJ;CpXAMenU!nMf^8I>;0D`-OU6=!s3^~BuU1FzAh1_ajGmAJdX5cQbwqUr

>=o|`&`BDzwT^BO?e4^j^VzepavlGe{GH&Y{;3yx3*QSJU4&StXoeEskaZ+ zoeOWIP$(@CxhCc!^rm(~Mq?u}&dfb)E7->I6Ws;MpQ>!<##_zSeoE?8>@Ori^)@CO zMpB$GZcI!}VZ>LkWt(VR*VKXAX|P+L6{Sf%DYqx(&gvxAkkeHPciC50q}M#6lO!W9 z?FwCwx43Ol{?2MAnoU04X`HE zTsT&k6~JT#uR;!ur-htlPIUMC?P+4gXtK5+L1fUe46gq9Y95%=vCar`YisLI*hz)t zZ^WESIvveMw~3#tIv?0&Dbj@-3gI`YhVkk@tL|28Xk&UZ{8MwhZ@wgb$|t?v z>B09YACJDBY7btdltNfKg0h6Zr}Hu1YMtW;C#BgN*vG6t(N~yHlcqn)aYdc}c*Wh( z4s=9$yeYL)a(|sqGK~vSwdn^3N>bassoc*h?@qVSM=^iAvefUu`;qYHS*PjMxwpTnoufERdRi8B6Ym%P20y2Y>0mdpS|V8@ zN6FewK@E8kwq!3<=58oyuO0ECHweXObD~+!DG>=i?QLECT5) zx6BGVx!NL%C&8Js$J`>F=5cdzU!(qldM5p)`;VjCCEz4P$s) ztrZJ7!zDD<&df0|Hafb*dV%&To&M*>0n8H^BsF+SVEpvZ!OQStzg4){UWBhqJ}HxQ zD4UN}J(Q<_@^K;hTx-KVUgM+hRasEQePVc6{aOQmWm>4jNjmPbK)UM@mh7<2KR-$7 zV)Ugv?<}6Zr+tD%CO`7P>pBTHb?Uu$pH&0hdpeJoZS*e~3hArH!(Z=ScgLG)f4t&6 zP_U*)v!VlV;(AIfqHw$h8i3KWBnHJ2xBt$xw!A_v>yr8T`O^>|PnaunvC-LP#>K_8 zG?yu7%}!5G2Ty-J<_t|2rF~+B`0;1Ki4C4?Y;3~ZJ=R+PnSF?Ah|-tfwa+?ZJaTrQ z8p7pJw*%IFkt1{7H_SH5jONQG;0Go`d!g zD01VpWPlp@h3@z2POHu}So?k~v$KIwR!1u;&R(V~T@#1UdAir#$+LNv=lyvs(D2gQ z`g&98^$!z*g2f>+qtff38ASKQE}$Rm^JD{iU$o?#Q^&(QSc8 z-Q1bvH@;Vd_8g}#l>zAhZQndgF2Z3N;;sU+}jbh15xx2p(uY`NZ!ooWOIGOm&g zYy>DidDQdK#SRIA($BO%y8t^pAOTxI0S;5@;kjMb1pR8ekEXf*-SIT+sGj>lBX;;L z9o=~6EXc0Jb*csb(bvmyGr5`i!!4;=+i?EkyQ%E_%1E0^J{x#56y-er@8~RO$VdRY zOV|9GH;v!Ru!1!MnpBnN_0^5fuWo$`Jx)>RvD)a|w}`HpTk`Yv_TJ5-r+YkU0Te&9 z#YlT8ZPA10Nn0aJqV(gD8XRV z`^tCS`?-I?{prqHmNl01zI&gu>$9H|uBD+wh);u$hK5F{q72hPL&FB6p<$}xVgr8( z@pK>oexbYQD9NE!jnM4?UqIHfa9K38&#@1#&9H#)c#g^jE@)_^uJ=FaORpI{(9rIR zRA91t9>#yN@V*Ktcs87{D;BKMkVWTzMD)N6d8;^j9=!>AH5Gtg+dK%#|3iX>js-HX zRH9JOqi~N?P!M>ts3lOvi;rE93WMb%=I<7f!`>Cu?Yp9q3!?m!=e|axZkt1=r#inT zpWR43bGR{n1o`iyBSR(&`|lHB13~=vQ3k_7;Qv0H`Qc3et%N8Dfd5+vD@3pb{kIZ9 zJ`N-KZ)H3r9ryoQsRR4}F9r7M|M~U~iL_t*;Q18m`^RF>=I-X)MCsd~S~cX?UdeZ# z<}G3+BNj&7Zc$r2`&+Z^x5(T0K7qWS5#wnt&a?J&@Ak&Hf#AVZ2B&LEL&r{? zCeuvUG{)Pbupf4okxv`+AAchhn#SOx#E+gu4IHh#=9paz2#2eSqBJ(fL; zu=xYCh|8w-?BaN_R1*_A@kaPlfiU^i$f}^X|L*qi?rfIh-qvcVV6UX- z2f!Efy;P-*mD=@{F7!^_V6}yu4Gf zn1#1>!*d%U`7QFPIw(YDN3`6Mbn5%eQAg*6hmli8p8#!f(djl7Oih;Gp=2 z7?T0mkS^HWcI<8G+!(cjM93I)Rn{!MOUk7y04Miq>Ada74fV4`6@lYzD~m3Td(U}I zKfeqz!PDx&4Ql8d#f>`gA(7RXN+Or>M|<_pT-PIvua>&D`)OGdeDl)Z6=*Cwc_jGw(N@EYClBHrMZs}TxH zPSn=D5+s-1m$;zau(3`XN9^$oB-9o~rSRK-JzJA-Bx0xc=;gv?2_JcGub7^gjkR`Z z>dPm^D-6q|?RMeY&_Jb(s8vBx9t_c2t~n|Sg@ZsqQYWE#2-pyR}o*Po2Ry%ocHs76q0G<}{&c8~Y8}GJI&Y)RfM9xKYz(F{+Bg2)CF7lN_O5V;&hqHU6BJayA060} z#I6We>U}cO@7y{e>Mmj8xHK=t<7Bep`DmzP!b{$a+>!pTde1G2i~m)(4OJC-RR)wA z`)0H0FpTrZ4SZ4w)*QqZG$epJT9KH&&CSLfw_qZV_VUV7-~0WcLwupnyR(LI5=xjH ztVj?&bt(UJ16n#haBd^8u^fIlUb;&4f`-O5^SoK~J0|)SE1(1)S3Qoc#d;YuU&$q7 zsSF;Gz14I)o}O16UouG~(d*O*zDhmh-|xKsI$ykJs{?wW)_VGa1x=GSO+%E53C==b z^QzYc>uT2~2o<=M=~28+Cv-C++G~hu_`s0t`nAXAO4_?P=6IZ>64Vgq6E!M=MPdt( zZ$eXtZ?N5yAqY5L0f^nNL$@X6)*|tn^+YvQK}BoKrkVB9fA|SMT+2pav-Naxb$m7> z=)N7_X6DGD#SnSZ`4CM5ja7ogQ$CaSxqzG=s<6r<56`#Arl9s!YyP~P$SwcR~ zSb?Juz+uVcN$3^~5oXTs6{6|!$%PNQe@B?LChYzg_N29>fk8z_&fmBe$M2Ay<5f+| zZfYAz_&dT~ZjO9+7*ci2tbR+k<@YH@8KeV=64vIbIcf{U~11tx5!v{8!k zmBWsmJ{O*+VrG)?h2MdprsBjI_Kc)+ic66n!ZHo)nH<#x-dmX1ZgF z;}QCuN%DBpI3#$Lk^`cn0-F8x3j#)2a_KvFd@KVxSCayrWB5v%I+c4)dls7eC~M z@KpmsN03IJ7n@2E6P+fO@b=bD1}*8BnI_UiX?F_mW43-=Wp>N<>T+2usx8r$i0yjk zxjo7#;2C!>*AJGU;rd@TJe&Ke&D%_!e6BIM_A(jO@Hm6l4>0UAg|q2JV(Uk3-BU(9 z5gKf~^QmW|dn?x#BvXXNHirw~B5wgBvg=VK*(}y9@hsyxDG+iGR!|n{qh+;Jj?u7| zyhN!;Z|ZZ-Lum+~=Dnmcm=)O(Y>OU`N2mR23XY3q^@(dHwYs5w-dSUas8L>t%}Q{; z(`K(S=Ido>K^uWTkavjUW*$>>uq=uKsQ3jJZ=#m~6nIHy14UzJLt zHLBMx#iZwb1gQ&U`yNCZz45V_zOPzSM4}pX=5kCfbN+4l=JIfaxG8YVmD?k?M7XM=>s+nRZ0TFLE0%^vRcJq$cD{Cv~A`BW<_#j0uo zmq5>fMKMd{(}iDarfp=8Ut%si&`HMn~Dx6jC5Rng3iV5c%>il=LaSlgUI}HO^)e8ed4Q*HUUEPVx2+niNB^_IS4PP zK6LyY<~O1x>OW+U609-;QY2TD#JX&X*T?r5ovUW^RLt|j<5K-nXzWWVNhCztGV9i!ry)l&s;{mC!dYjv9zQa8~Kq)3N|2z?iIilZrV6@Jlg6ki?(K1gKZ+-y0~&oCAY8C0zIczo$+rQJ5+|`bK`N_M0TfwvU0V{-$Pyqa#+UrOu zX3lFY8>iCaXp`AaFw?q$dK05F_~YlJ693DRokL89qks?l`&E0=IV7iuCE9cu2*j#% z&0~diLkkp|LJOA}OWm-c?Z&Jit|Fz^l{yL}*86tQY}d^FRU^NypJ}`&DpwgKudW7U zaHD{)TJ_)-RS~JeLa2^Vrp${O*?LAZ6)X`Il*-?4yvE0E z#z)e!k{&^>U$n;qD@liz+el~3tHNN-*hp*FBab!O<N5Is@@#)s<@Bv zOi4cz1c*S-sTdabgk2e;JW|tpmkvM_IpG#Rx6=1O4F^z)TwZj@y zY^~mpSS;!oy9QHv# z5(_BMqPSws+k=j6yWqjq{x^GSuch3$vy4*sPr*n&B>%EOrNAPjmd^&F4rUl?ir@77 z(A0Sx*S>8UH#H2xd2I-$(MTB9@(l8`8Jj#E&K+EUY*^!>_i{aGRUAY=h;z<*%Jh9!^bNkG5!=aBn^hYNtoG>eKpxpK2VwcYgqa0p-2`u>89LL zngHeDWK*oQi#P^ih&>&b3_C1Y6k}B}JbtC?I=zVuwuwa}>p6<=rE~P{y=4%hf>pxQ z?0d>4e}_Pa){5UojnjQooAwZK2YW0hc9OJdv?3|iVe=RKu zIUvJ$aofXwmm&TK=48O{R5OZ?#@)-!h$wkUHyZr4j*)-u_ryc0Xtk|HuZ7flrTS?4 z@F%sGHjpTE*&oVoa;Bdn$=D-Z32AuZb25#)HX)SpW~M=w1pO_&Nj-u0oqZpTM^BGd zUmZFV0k$Gf>O&bzw=ozMX6OqimM&^H2vz(+2QG*W5wVif?hiH~8p4bUx|YS2pTJ@M zCpBOE8UJB`JVA_xXhWXDa|(C}xbxx0<_}yDCIa${g)tl!9Ez5QP^Le4SWoRS7mmXy z#w@ZcbKfWxN+R`gCBhhi_U%Sf!EzoD8jXyu2R=xy2>Hbp1yW?2Ba?$U+pw&+7JoHK z#em;0vUJ^!BI67N_XN4HA=DY+A&L z^s~Uj|E)AUCK9*AV}_R^)QN$0KVN6qPY^~J_d*~ts{Axh7irZU*e2|i?J2q{d{gh0 z1E(>#?na8x*X}>%lN11l2CSHZu;?B?f{3dB>AneceFT|+D?cM|&7;aIEc@4;^7*cM z(xtsOv=p;}5Xi1e30s9Drt;36q7jEW}@_!K|mRSs{-gIL(R$%I9-H`#y1a*LL1oolp^Ze_Rz9uA6yqjRiv(TO^yD zT8zjl!j%Own~qQpzXt$zr2gjONS5BkAY21m3IfSE{$~*p(4Nb_N#U2%|DR=$r1*q- zgfdwn&u=NG@>jneZ^*Up6lYxK0Kv;b3G?5{PKQl>uOD>qzgjq72FI)9g^!WGlUYOz zxp6~+5#B%EecOLd|9;NQ*7ZAb)@1ok4@LnNr@0pqQ6Z)NN&Q=9y&{CqKmhzw=AA{B zI@lJoEb6PtpPDYBY3aKYX`o|V37meEVz}A|ipR1FCKOU`_nx2$zhB?Cdz4rr@#xDS zvDC%NtvG~_6L<IS4EVU7Mi+!Ds@8Ji?6U{=ZR-gwryg3S! z{?q;hk|0NxhsA5K%S9B{y!)vLAY6ivRi?>6c<}vpcXOEI+`fVC1UN7Ik?1F!ILdJt6ZERSMACjI zl{(z%$HNz=(nj)8^9U=3n==< zR5#=)DE#p8Z0teW-VQj{qx&Uc3LCxWdOW8GCnRAD07oW1a>{5-K`|glqlbyhd-V$V zt#id>JpYVZ9eb75y=l-$CnLk-7sac$+CB$FSw6@8JJg*OXpn-uaIJs)Kv5?LY6UzPb!G8G#aYnqT_@jXrZM7FIMx+H~`eCnw`W#)C zU`)@zo#tL7jf7ILxWGdayjmh$ z5VYItEotf2cYt1qNHe8}Q-gdnx;zVurW{EIH{MQf>2PKr7utyQwGerkX@OTVF5y{02?6$d4)YQMd_O^31OmXMr_A1Hy& zaDJ(|Y!sul!`ot0-#!hxt?-^0D`rA6Uv(`1Peg{jrmR}Hh$bkXw!!4VX+QB{WQVu; z8K>kL7B>+mgm{~^RU_VCiLCFvdCZdLySXDq5&t8sc_%lR=+l8muXxq;LCJ9I!nMPs@b7T8t27m-S3M$lzqz3>rGV7vH8Z%{!Q;=YVdq4!J-lruOcSm`XE&&^(b?!IjS&}9w(69&;o zYs|u6)mHb_lS?Tc;r#ql&p)pg))-w06%1{vkYvR;AAOhlCpgJ#Pw zquTll9JEVAV8r$-@%I>vBz_uWEg%LD8KWRUtL5;QV1&<=h%GyXC)ix?7|Iz#B(f6l z%)T8lgqdYSc;raliXjhr6iOJ^Q&_fkHbR{ui@svUQCR{dbpOrX%|-wI!~>$`aDeLy7)!;B+%D63Z&r{TCd+q;-kEt z55i2>MSDrE^1`7K|4#0jYzKMlEsW3N5!VFw{lO0^AUOsth$cKjs9`M*c2^7)*HBUZc9~!k2N%UbEcY@XYz6Gd;cOw+≺ zOUSuqwYL+UG@Ik=U$!tBEURyC`dmZzH_K3OPMvS+J-ty_55b0FSE%zE&)uX&{uGmK zLEWg-xAyn(C@ZZ|rjXCEyrYsXUzEwehu$`?Cs56B) z`WMj2*QqCj2Pp1~Bvo5{Q3vhj`A7p*k`gclD#kmv-DNr$MK)(_?QUO)t6mey2O>8^ zzYo8AUpFQ6(=3cWV)S>Dj}(}*uBH-wDCnz!2&pNQbivp1`GRM;RBXDalE(GbP=i8PM}`U6IOs54*YF{s1U_)?JBYJ` zzU^*cxJp8`{}+t)1WQpev&4Eu)cK3@C;@QK{TV5K@P@ud`%5~H!P{=bon7Q8jnB92N89Dbqx^ak5uFcD7 zTn&9s8)I{jnz<{68{tdEh9;>Z}=pkXry=;JO3-lPP^nYIrKW)ORh%ZPZCTV=iN7-*Dp$`^UrlD)aT zo}hW)FAod)U`q(aU?u=fuyJ{f_DamP7_Oum4|BaBPD}}!Bk8=E@H*Mw4DEJCzs6Nf z!T1Xg+`XXtLRgy8FbVs^Ke*LP+P!r;Qj&RmjHtEHF@HQTai+)%Hq}DO_d}^>VEXTt zldoFrNKE?~3q44TxB(o*s;_m9?a-Wi^94!TGi8;;^Od~ueFP@pWgpovHoe-o>nF}b zB{%|hYhppfxbKhL=URG^xm|^3{vzzIhNg@={rz{7eAatx7z;3zw@vE(@r6ER3A&r& z|I7%=P!zpY;024EeKq!!>|Z96m6#b6RP>w%#zOH8>pR`xQT)`2-~--rLL~lGRt7`H z+uD8|Rr8#Fg&8a6mzdWV78e58-|K09)+sW8dSyh{qWEX>naVvV=J?=^iVqVUNU3&+&b$#xZ%57kiYtw*T z7C))_nt!)L;~_FQSj2f`Z1Uorz?AfpN(()*ys~R_c@C+;(XATbfA5g?j=#FCAGs8% z9px%gYf&Jud!V8;qDp@yz5Y%Q2g&l`6b#W^Gk8!TmNAhBP?lntr4Tcey4_A7CL9gb ztR?9PeM6GX_6^qNM;^CYU*^ubzukcJ&bVO|x=_uCli?lZMV&kIikZ^bzEoqA zyM6mGKWbjeVq@9PJElxCUtT{!S@g5v;q)cSfwb3vQB)qqt@JB%rKO%TrR8>AjP8`a z>c?V5b>yKgg?-hB7K!i5W$xIxT$L9lzHa`6 zkaA6_S)9(u=~S*~u;MOOIOyQv{ch@~;|O~GO4bH)?}3oL)fAh(Ca{fc7pgT@ah_U~ z_8-mWe++8#fdgDb-@Gii79Y&A7#W53#;Wcg zS|%E;dbGVgb@ozWs&^1;=j3=rxEt~D(v$G7->os8M-;E ziZOT890xLy_6ICrLTHY0z&aJl#kY1=j9{=6fW2R^Z_GE-(vjQ-fL5(h#X}?Ka6{2 zvA8l4=L8AHHY9L1j6{qs`-Ti2>1{gQ9D!&l#G1q9brFxRt^ZRyUFkb`#9Bp8`9?PJ zG5Awn%aH2W`_U90$yoyYgSyz#ojL4ix{>x^PwnPxIbI#+(iAuuaxY{p_l66?=b&|` z$LyJou}oev1lg19n2TGO^<3l)CXWIw_3zn z$zFzAvct0In_>m&xXcGuMQBc(S{gCyZ1eY8*!}A3sCkN&%1e9fDuR1rM#@rylZIR5 zqAJS$f^vP3Sge;fT>{n-+QhW$m?^QhF_ucHR%(DMoZ}b`8pfgm$ z+#u$&-;zi>5_#;uL$mb_=`0VQee2h{$%eI8qAs%h$Hdm#zRH3S1U7&%o4oT%DUXfjazCSHlUUpCEux|sy5yPgT;OES6 zH008z%@{|3Pg619r&vcDTAva2b{KrCtP+TYZ6r|+d~wIlrHB5Ls7MWmyym~UcXVI& zkuTd{tM%$%N@@w&Q@PU5R@2^ZuR!U8{Hp8_Tb^3np)cVi^71#bk$n|p#q5&Qsy(vY zO3(W%NIJu0J0ajS2W(^&!!vkmejc2p?Y=TuNGw5`zME|O^79Vpp1sn@;@+uMWSn*9 z8lTwPT0lsY%W#HqiUbEzo+N4euJ=NFJB6CsR=@pG3O7>^X;ztVwcprEdT-?SRKUm@ z={D<6i5v~%d@z#~J0ybygHclXW@5{NM!iV8&=WIpSr|q9*JXHq+d~7;<~$71QxQ!8 zj0DYfS_y?0Yi#I3Mx?I(+zP{<=Ro&T)Qp%RCxeA>kk>xpn~X-h?F;-eogl#Uu5Q^Fh z%xM5AK|w&~z_mpD;V`D_N+8bjSrdQXJ6a&_f+z_|5nS9rjrLV@jMlqp-1XjGf$$xg z*A}fK(>Q#~V-1;_921})R2>6ixmUHP-s6Jn6CLUgvh*}Uj>b9u1(xIhE+OM*tcI#C z;KyBk8AfGA^U37uI>+BQU7-2hkU;c-O}?MTF3ag&dzje-*-Z7?<(DA!CtQ$7b*jF_ zas|r~c*yooGgEnhtHOZ47FcfUyx}q;TGC$M_qM}rkTuS*kp>SEsqzc9(x`D%6TOWE zCrNN4NY@uCxi5VY3^%z9pitQ=;`@{` z`t>nZPZ;1!J&HG8Bhs<;6jR|ScaFhKub(rcE=xkNf>YN@hXN@v)^_7@5f+zpfeJie z1jPfREwki~bd3j`-~6K31*pL#NQj+JbDyN)+6a2HL?o8d;>|QcA{BnYm>fmm^Pt~q zQRWZ=Z!UX`UHdbCQ8H!|rJa)`ODZyS+)SR78IHROJw>ESQSY;|usfjexN+AKjyrZq zo()D_A??@8LRDRar_P-cnV$K!?|FXPn|=A~h#K~a%xvtM3IaK~-?Y(TDki=yHaP*W zlA9V92p`_6S-B;{y4RuiGJt>ey^W*AL&${Pqj{L{kY#P+(v+Y{Kolx6voE@=1a=S^ z-)`&y?}Dwvl!4NBa#7_IQp9!;tx>bYl;rB_Cyd&0CMl@TGqW$|dzIa&^Rwxb&EO$s z9BH@}u{TxKvrP#w%ki%(K@TQwqQxHY{|>+;QXbv;m(20v4|r$UFuK$Wz+yvV>frdK z&@h#MaT3_l(!G5Le{Z)*xG=K)DIe_^KmVbuYBe3r9E7jEqBvY8?#t7HRNSt!KUJC+ z-*k4Ok~5Ud(}ArVE2d7I;qY(QQ{&Vb5Ap;R3y!-3VP2(D0^?-<0#n+sko=kjBKT8CHC@eIFEB}`!k+346hH{hhnka^3bS7~)9rMc-nRVhv3oWmU_&gr9+yW`x_oos zUM{})n`r0Co`H+I{rY%!Q@Gs|*|H^BJ>7uYo#Q&8GTpH7E`uijAJ(2j@H+J-|F=`D z_ae*wiv=W4Z&8YII*n*i-a#Gi)`wcJK6!@P-5wlb35gK5qFLv6?~h4dz3~tTUyKw| zww(DbrB5uxgz;oCXWxpA@7oln_;qrLie%}};-@m=+@n0P>GRh}WFw*0mYd)k)w+c0 zoY_aa=Urk*hC|Twf(~&W2iM%Yve#a*bC-u^RLS3B^8B8%h<7OC z`6XOad}TlRwlTj&Q*L4nUu{gfJHR`eZ%b5>eHCK&q^dDmXx?T8H-zoJRW4>t{_vVv z9fV+%NE-Yaz2g~5JCp5w(ByhTTe#n_Q1uLoO4QXbxE!f;@ZH<(mA-Yl19CwHkwR=H z+cA=uY<(2KJKBV8$pW4I<|nh08!E%0bjUE?s#pbK^3~rTaawgOEJW`y^0SWkrhpE- z&OEPCRoKnY)#*op4kkYFv3Dc>bth$$ z`&F|dc=&~xcw(}OD#Zy7ns-Beo_h9}WjEr|eI6UrfctJKw{|ea&f91U8)t7s>6K|z zN~uYXCsRbTgBER-l(R*uU0^&Z%DqWwSA7AO)7Epf$z0I*65bUllFNBGGZZq zTL2(ApPE-Ao?PZs1>(Ei&ud=3ZVGT_@QKwX9K;%C(T8JxWV*|>@0RMV1>9$lK9cSG zpHy54s=oox{h`0z)imoB>`tBb6?k}Qz88fm(i(aE{%|80F@$4yCD8{~Z@T(**fw)0 z+3m~ZmGD&f4IJo!R5Ngq*|URKC^b%9tyg5|PCPWAK-+od&k_rE_(2-q0UaMR9V88Q z-Z;-4a`k=%>i7wo59tG?eq2#DHjhsNM)$15ZOG-@3>Q=y_6l&1Pkvc)IYn>IYE}tt zaR}4T`-R<9+;Ky0bTn?xp#(sgn`>`Ee4IX`%tqMme{dz??Q)lUP^x*99l6Xp3!Q~5 zkL$;YP5Gk)>w%c_yxM2uN#y8iSHxQkfU4Sf^@`Mhj$!~7Ai={*Sfg<8%g}n($Q|DM zi%lyVX9Y*HWg~ElinnI5%lI}crDgpQ=6P5TTIbDd+u0X+925X3yzx2;-?xEOw1vk_ zT5=rSITK%>$eog|$yQHw*py=uOVl*qUhZAlJxpV~$Raa^TpVX^NtAeP%QLBXgRo*o|vE5L&0eEJnphs^WQB*G@WrdFOuySUOR{- z%L2$|L$@$j_1Vj1~(T8zL5S;962W{lk~P(Mql z1OQm6YcclISEva4KB+rHzfS_R0JkU-qV)D}skUryV2vofSeI^=6pLL=;Z@;^l{?(Ee;*_f+o zXrDD2WLGlxr-CO+|MxjGbiPnD+Zbd%OB2GB<(^OYW6fDQ?9SdL_Pb$5etXtUl(FkceI~vrMsi#CMPwCG*$G#-$;(zb`($U;RQ7XJQOOb#3 zmM`&m?;)Z5!k$Pe&*)+0{@+M-8o%l(vTHwV>IY8k<9hmUzbZKs4~z4CDAV)ONK1s0 zLL(F?K70@W2ZX*|aGp^Mj9by;Yhx$1EW=>ORkTa$5eVUTIw}<@%b_yA?nNvhXTT z4nOe5<)pOuC?_QFG|rE$6yTT|can)vovsK)*0h7sm}OqR(IY7DA`<5^QiGge5L*`6 zHL0kZ_Hf8yct`2mc&!Zn;M@L9?Cfjp>l3QMAULiSbS@kvpk_#|U&~d24+{THR z(Bj%>$&dOEY3bA?m8Fy=c(`Vl`esM>NV`BLqA@MQlZwHLssw|D>Y&otWEr>>`Pi%0 zcT``%SFLpQNovaq66`{qNCT5>I|~xzGMMJ9i9pwC&MxqVCb9StP#r@FT<9^|$D4mn z3JfS)3a-#>w8>=Y@KHDU*#?{M3R1i9Nt0l%`pk+GQ~_L;NnEh#b{{8xIR zN*ayurN2+l`Eh?S=PZ?q_MNeATCdd9Ap3ITrMtNiO6YjQ;6;?geff~A$ToG(Ina8W zWrId2mQ!cWw0=Z8>`i|xo?T)#KCa(%kA*ShsuD(MTOQh_u>*BT{i>Tp#RZ{#Z9khl z7QM?~EoCT3p?ZWwmNrPb&!=fZVYgG$kNpXHd*g(1fZ_Efi@wCCa5Ps|8rQoOhR&PZ z;kr(s)5{&!9gQ?0-4NWlngU>~Qk+e|D027zvSibS+CG?$<>^L35ne~WP0qjP%Sfw*Zx!<`A&%|0#g|^1zS+WB4>g$IGl2gP{>W|aXQeCe{-ZG95XX+lb)}Nnv z^C2bZ6WIi}I%_T$x1?s5<>OJWe*>>}dL~Rp(i)6MI_h1dg)i4w#DE}94_XI1GS*jm z)rfihoF$CWk2zncXw(3vOs|kg0$@8!${MwHPBsQgjI*68c>MlGPA*@|7FtRWsQQBb zdbVkPjxOe_$Vs`#@qJpPl>X2|YlzXD?dR3Imt!PWCbku(A&E4k1p|1=R@oxQeJqi) zPPArpZySET-pM<74X_O-B$;5j5mp`-;sEnt(l_4Kf$Q#`u{Uk+;JvU5+*UXjTc&;9 zgdQKcEP8&dVw-51(8szGC>|wHKk-^{-*H~&I{Re#MLjX5@zzzpUka0{ffz+{iM#Es zcrpDChiY4+N5@EEETy0CxPs?{w1YnPO9uKz)-plGD`mK3_k2ux_kCZPEJLq`8&E{O zv1KG%;da62imgHhJo~+0mwOOjWF3t*d&gf}zPf4Inmw$kxw-rjaM6CNE{M4HQs{#2 zx@G#~PzNM=1}=-bVYG|R`+Itm$OnoQ4!6oYr#RqUTx(L=+#=xJ4LIqy*_t@%QQi4d zH+pbb+2=EfN5&jRt9;WFdO+~CI4Hm1&+DHu zeZTXo*i;u6z-fee5dP3 zWGS6EJJ&RY22py-Ai`w)$~lM)^UZWs)K%ZUy609rXPi%W)%)#PB{hJs)}Ak@6&q_~ z*O(9p0<8srjmiagb6F=yBe^iLc)_KhW3$><_FtYM*V(0;nm3+0q$Mu9$}Pr0N;}+H zRssg8(GdpQqI2X-4)O^G&{FqXXy+S@#n1kzhWDZ9s+ze;$nLzg-V+FuzX)RjTx{i4+&hxZ=AIj*w(fX2|S?S;9vmu6h zEYIg9M(K^ZDwK-ej>*|7l;8o%$s{nFgSqip{d!b1 zJrQUHfRwfudv5Sv^otUdwwXIc zEw2#R>#FcMRz8PyMT`RCd%*1J&3me*x;|vxy~teLZv27P-DYfm4)I+n%6{N+@IpT4kS|>L59}e1{9A0@!?sIoY78H6aU1cvx6sdYpgHF_ zSkosP$Jzv1_|KJ0GkqibKb#!GyI=tv30k%{X6XcEJ|^5_j8{D^v~(|Se~HXoE#KXi z9n-zfIkw;0dPh!{XKQqVVKv$|Ii_D0k+u&FCtFZBEnEWVP!WWowtXsTmf51nDczJ! z=KRKF7UFxSwgfY|D1dsX1vN_=t7I#J&m^<15$AD!A``dC-99#n51qh@)KJZrJJcT8 z8z(Vbq=5J#wCaA%+;KP|-~=TTfVp*}IV*FxL+`%mWSi#IA&N0#=s?3Lrl-u@Gz;i|9bFE~lt*=kUtjHW! zkcsB@Vg=i6N?WPYrHlKX0r!f1ZjmiXn?%+&@w~?Y|M}M7taL_lIGU$So9)e?S6sTJ zR?pZ69w%lH#Ki`c#y;B z38QmX{tOum-Y+7TbUS81+E46;Xm?m6J5T~}kWIqw&ZqJ!)z<5i4oS|iQVBK3YgB1W z^Iy^pt@+K|QRg{!9mo$M5*GF2aneo^w(q$v{KR85X3INRyqp(=-M*~dAsXdbDdUTO z`C=V^9n-GLzA4g){YQtaz?Lvk!bvw!r5#enBf!XZ^E^=c!~XIet1L$phPj$g?AqQy zUr>V>z!RhkWO~s5Jso%4E;XYN!6kG(f@+NwKSsn8P=P%$BSeXnqZ{To(Zy~r)~>uC z^O?j^CM}b-v;5m6Smaqav5>UPO)eQ~D%H$$kgQ<)~)m2$&T%w-mn~@W?kQ5Mk=2@y#(}Svv`-i>s@Xe*l2GO6icJG>B2+<^x60Bz3QVZKob=w&yjxS z-Fma{P+iq}Hh-H&X`oIq0b@e+!9UU#0I#&k9jCGjVv?|JOO0xpV!>Q?F9pF}1qlX#Lj3cZ`(dFQ7NTmy*KbKOem zh@r>#L4@UD{JV}LxZnBdF~XQ$Ak#)!knnfm-ygm~OAPlk&ClAhs`By2PI36>FH-jyao@0y(&AH9lCz)GZX=r&9CwVW8?qQpBoC#4ti=(!0DG9OHuhmA_56E07vK2VG_F3~ zJ;hO~SJ~QNE<7oXGdttUNN(S%yyM4E>UK{>N>lQ&$Y3ybOZz=Hju!1C*CIw#kzbDj zn`Tj4ntvz*EN{GgPh+jMfu0*nq#E{kbpE^0Rw=0ZMt#uWL?tkbq2<^QOWH5*!D*Atwq+7f>-8K==2E= zKxcfL_Hak&fgR*XehX0bDopy??9K>mpaiUFBcKTD^%ezdM5tY&9VuOd&Lvk6o z>&7u1`DFlHpK>xPEqyc6|JnEr)lh;>w}^IvE7UbmB0!kR!&FNetAf*ajS~ zIW;|1KgUCP?wxMm^J!MtG8(b@-)|!dmn;A@<=BaJQ?wOpa(6j9&Et<6+`ZhZuD-o$ zzx#GM9_y!fGwXlz;!gLUT9h^kGm|cD$4S*(QhR07WSkM)P3s?bfy>M9?}ozr?$b6J z@9)PGz?-@H%10cofR4c6%c#^9IW6HyE>QcoYRs|f1bfQflg2Gc6eY9w0Mae&OD}_W z;ka@gpU&^b_8WU7z^P`t$#wwf%9as6zbz<6*`e3$w@(%^k_}=z-DKsHn$oRa z0Jrz$e#^28^(@0%~E&5Reo;M_=zZBxN>@YT{sMKeeLi)|(8m%bZMOv-L= zmhW2c>A;yoxc4d<7$|$n8-~BPsaKhOv^Wg!Uj1o(Nf4s(>^z8GNt!F$wzaLE6bzfC` z{CM&S$hf@J_}@;u-7j*o-|~3>9Gu{*2;OL%e^b7T#p5CSa`fQap>Zp~z1AdFmcIHq zIw56h{x1YrGFwZ1X4TnNTu7KwkO&)bv2O630myF2*~B*I`~v~;Z4f?5F$)Mch3 zUm*4|Ph{V9?GK7qh0FZtKXeMrXONx5eq*6A%4*x=u{#v)j0`ilpAyb&03w@uLHueU zHzlzbm;9mMJbHo zyid=3?{*0tJmir*!fl_$u8+DVrCK-oSjr1x#XgB`ZWokW#EP=*Y%kd>HwXsB@N>+;uL zBDOTes%#i4GNBJV{McfYaA=hNMpj5<0kjc3HC~d{O-;1#%o>mroOUC>E)ee4)5CRu zpl4*{z5nHg1spGQw4!w>xv^^8q2;WO$#6#Xk^$+f!bQnK`Q3EI>@(qz)e&H6k2mxs zR{}66Y|s^P-rjtte17jb<+ClDg0`)oJ6_Bf$+J0u!+y@z4QdR3uS1U!iM6QRA^y>d z5udAt^2YPi821(nm1{H9@C3-hKX z1keYUp`GHFuR9IW%p8IK^(kILyeA1swM*-R);*&g!9jB3=Gl5e$|aR8CXnmnuL_JyP0}#pI*0(=U=3z0X&2 z_CbFzQtwAk_H_n4pmO1bwI z9+aCR21##)F(P-&DokP`rn+|pUsJH9f968=+Z*i`ml-)kT`Qj^_vUBL8@w4C~g z9P9jp(%5q7rGQ})rkP=7C9MZ!oefSrQV(AOX z|LI-zM#M1jKyW*An2oSUMz>=It}N&6Ql<%%8_X!EsrqWE!o8>rBRC7Tqo1EOC2Y6k zRq)ij;F!>Ho6zgAbsoI|DWFRK04h1H%w5q{?+HqAl`Z;yRo_A-d7PlH!h8yJ-k#J*Ji`5hO8*em>4M0C%>_#t=mjgAJpKcql)NnmhN6~BzH@idy+090 zUde$l`dT!+`lsi z)SBp|F%n^t0Oiup4p#fBiGW|6rr(L*F}oe>Zx%Ngc<1$+>7z!g!#r5ojtX(^l21_I zEiLNZ4c$47@#i-74X&UV9UZYqv8(iA0g}_7t9*;Q1lzDvYXGO!a>HUw_ZMBWndqZ7 zM(!*o&GK_7`_FqTlBzz?)aCkTDe7~9MlF5Mx!SZr4|fNA>ms{*+wX$)jxxe>)47=b z{*Du}C#>koR2Kk%mCgSIOr3A~dovaK)LVM=opj-{(D#&W>i8l5P6S1cQ&@?U!~|+b z-w=OpaR-6uk4`sLk;H`s64MJZ^o-x;yNWe!gpLIdYP6_On|6qgCfHw;U6j>b38lQx zBwYMx0l)S;x*Yf!7)sZkx_cFHVuc$6JEj=Zh9d{uqWeKQA+gCt7mW{#b$Q$zkFYv- z=uKjnR;p|ogVJK`zEzHL zwnbcR(0A{#mvMqQmUOy9La=TJBhJxDb|Ncmvx^_`%_0Xl2wX9en*$#P4)YUI-*^I^ z^h*pcE70r{(v#wDupK@}-s9gwr@x6OoYQ~K*H;1(YKd$6`@#O_5%BDYY+r95fxp^` zMy+a21u+%sqXiddCl(8G;WMWzL9Rv9$qIumI--z2!Mcj#9Ko*etL8XSZ%}u zy{Z&ry`g{G(9P4+`40up?KNl`W0lN}*ogjNeWCoQt6=_$G6>Ic7naz3QC$ zN>RqI6$V11gbpFV-Uo9(1;+dr#c8+!6#uJ&SZ2ujU_(RhQ~RikU15X0UoS0bh>g$+ zGHdSb7RWegyt?F`&Js5%M=gmBGi3OiyDHYAl+W8!ZlT!pDS0!GyPN^FhlC5}jJdz^ zXx+JWvM-q~Ary6J;Z1gLRCKNZ4e%_#z-_8cUn?mx%xC~?l>l@_C-~Y}Y1`r(16Dl_ z^j~QS$MsA;@6W;}r6&i2;mwDw%<8EiNwCEyKxt6Gz7VXU75G->tD-VNhB>Y~&sEp6 z21GH6EDA7%UqCFyh{LJ=?y-mflU9hIN&4+zK&~=g6V=q-Ty{8Jba>{pwNpq{OL~~a zWor{Oe|8ux)~c)R`*BXVpq2Z`W+U`!>IINx+3bK(?`&yzNL#2^9+y7Wx+@w@S)rBT z(}Sz42BCnW%W{~`5g!a^?~SKBaS=M2AOWpV2tIWD%gp66E~KdW3eakqRcoX9v!*_K zBcbpfHgHEby`EyzD~kGRJp6J*P{jV(k@>Wg5LaF=D8+)PqH~YABlN`_D@yXk*%*5a z_n{+IhT?`jBlfiOY|vLN=4-U?V1?;?D1ic9P@5Rx^flkm0?|!%Nq+Iz-R}SXh-A_a z(u0I8tIirumPB`cQ5!}o}KlrkNe-l_(y7#GHV9jR#ie6surzu8=>Ry3kXH;xn z3}oK2shg$UizYGjslnMZ3uSzV%FYIE>K7vCw8rNmLoW;cSk>D8CKD!Wg6!#d1~x{Y zp|x~nni`SeGbKu^Yxec!N~^RBnd?6ChHlv3dA!Q+{rOj%W5uJdgTzOl9F-ptU#@2yW zwUg4)l~(@9^ZF^gz8S`=wF7TAa(N!>?*Y1qXK~^m%DQ-BdR@D87n*he*3Lpu(PYJz zAj|WF%11JtI<4Sjggkv1=n%G`58jgH`2`j_ex;Oerg9%Kg#|=o(Pr)zk1AV+gzB|bW zOGjElZ_27e%#TO>3v)@^m4mXeaN&5^_WJ^5A^6c~OP)U|4F5rn_3?(eJMfgTp+%d4 zZdm+7A?)1Wt~xzf@2*4{wp3vB+g^RQnkJ?VqpI{K$a?~i_R19vrPmhKVXPzc7K4ws zBG7WqE$8iIErB`^lwo0ir_AqKNy4YsCG)zj=ZAG}#P-RwGzGc{*?=o|=wzPDVJMAs z?28IumJ6@Bwua1nbV0JE*@!^1=r}qM+yC4cV_`?@x%e>X4dmMtSxuRN5&Uv29rU1P zr|HM;h3~=7^vof;Me#*vJuWJ@yiSRLYF&sD`paCEflqM5DMMQ~EBs zv39ne;2V(F&~6^CmEXJz!LYwoQuroce)1r?vsmlOU5G5f@~-ay33_d(AVP12+WwG18zz9BfYf`7prK4wl(dWkE&i9CPcBT7p@&%OgBo1-!5wowc3y;g$VxmnNpduT9xoqXwft`Lb0_%{h)^g3>pl_v+lGX zYpEve*s^2&ru|M5x=C#t=|}z;(Q`P%$u#CyZvsEPe(L@z(Da^^%B{t=Be8F`^j^Az z+rRW(SzrEy3UI9UUqH$|y^E}iV17zu3*$h3&SkdqID4@%TQe0QICuA=DIZbbtqI7e z6kc2*+{TPYt?!X+D&`<<;BBqK5Tap={MjsiPA7QG1L%^L2Am7IpUxcR2jfCs1OEws z;cn-i7l!XGORDnS{~h;+r|RuSbCvkn#j7dfG^dqEX{+BI5Iq}j?C^xNo##vVufA>g z&2+)ur_LM~Keb&pg;v+ed=Tj^EGS35SN5fL@GlhHrheyi6+@gvaW^5#vQb$fMjHjT zjVa5{&lch^f1So?;3KX-`j{+4-4e2)Sy`-xp5Zu(2G^1fA6BBAw_WknSs+i)zOh1X zJHmpE+>@@IsQ!5wqhx?tm%UEM4GBZ@`Sx^eVaR+6h;@{shLnz^{kMc<^qAD8Vt z7JdV%4VIxmU{2-fa`223hXxmm$V3_$m z%i`(ZD-8b&^SUKxf}$S|?EMZFynomF(!H>Uz4FPpoN^Wqc1Zu`rch9tp_QiDx3A|g z3OvjnrEMM+Z+P5%@60N%Nb)eBv<&-aXj+3Ka`4Y;{^KG^ihb)B?>hU=CnQCaDU#h1 zG3@y)Lh;C8LqAF-?X+riCylatjU#E@V)?)BxUD7aKv-2;an~7w{>~t@3i0O)IK*hJ z5GP9l{K~nsDZV6K|3dffbu-kk{q{4iMD_L0_2t8EQ}w9ILhRfr6)<*^{z6vbJOFV; zJJNz7{2((tdp!-@u=;QCZmbxCa24eWWf-Xcy*=Nk&gz|V%g@uCL%dg7@s>}D;kcn- zf$Cf)(RbKHgChH4in`dDs^aa)#+;mOD-ZKu2X0z2H{Tij!q^#>{U=9836H>?KW z)Wq{YJu31o3Gp7jqqk=)1;VEuRLzv0c4h#w$Ym5`N%J|~{3POmXJxH6;MY+OtKm#! z91viq*otS!mxF30efqC2EqOQmH8Yxu7W@q3-I)D578Bl91Q}Wf!EtH^t-^u4dbP^06wH8$f7A>C& z(gfGX0hcQZn_oOgZCRQTsBKu5k87vdXv2;>7mqC~$I`S6Y=MW6Z5BGjq{lixLSHttmQUV*Hh;lZ1!eu-1mk#ybVDoi*h%(%VJgfm>$Zj}iK+YXM zV|1x8@YMB`{X1})!~q&MhFJ&yH1k4~;S(-2+3QGs7dD!;^CeV(U^pXKUM^fUXDQmNi(_Gqri1pHtpP%xCW>VQ%Exy&Mv-cdF% z@jT4@kIWxTb1vw-c)`Tv2Fh~7Eas5O6gR- zJkoGj3!6qn^^Sg{O-?e`TWD{XrNG17$*DV4rcdX>j|m6geG2euBd-dJG-BHt2uGpS z-1v6z+^Lz})nw|5d1@{b@az37Jh>?+203={+xq5-jm~)hEpL1FV2Bz#tgrt5lXTDZ-I6@|ND!yufyr zs!LFhcq1J7*&$hhtVs4J3<$a+MhE?;H{Ti>P z(cR%6drIe&o(e~NF8|7*z}i#7+YDAz*^BfOF0k9)#wgG-$+~Bnn#vm zwE_3sLCmaVi;3mPShz-F!91mN8G5D!WkE04WBZ5 z2s&>Mv&2*NS>6wV)Q&Hc^|TZu9xTQ^ZXKfax?JYM2HG>Ocyr5}^Sd&PLNhZ;%idJW8pVt@nSxzAQs=UXnm84qd

lL~0r+uVGsx<3@ja z=C9>MrVg0Yns(lJIkObr{B=)xWAr!B_zG9qPK1*@En&cuTWHG~QeyE-aR&?LT>Hbn zAf_ony#3O0^8tKV5jl}^SO0@)jXYr69d}D#5jHXN`1R&>ee!ER*Z#lf$AwsS|5R`*~!jmUzX1Hfa`uL=YSXsUoOfI(?xtS-bq^tpo9aoY4- z>XEK~*a4yeBR+ZfZ3nz)>qhwgA1dGwlOR{R%h}JAjE}$VYGvSyWXBtFq)u!-uf?{p z=!rmMQtY32GV*LwkO){|SMXN&#aU=pC2&5kE{I)aRdb_fiGnrV3Ft^K*e%_4Gy;k( zHJA5j;Uz#%(*O!V90ykT%`i=msbLnpSGbkvu6+DRXX}foMq_-yneFlP^X_jfAcWwH z6xa2U9s@-DluejW3YCR79q&G9Kix?vfH5wUJ21HxOesPAEgl z>Cr)vWvJxLO=MVdZjFym$gfh(UdirBsY-cfn0jWusA5V)vqz^}XF2{D_!=Gk;JzTb zI}SV;13TTfbpZ}uQtK^nWjN>HKeJ{tpD>cnlB9EoW3_*Y_qtT=hxyCoElW(kBx%K# ze3;{JBX=^=us%M1Y_hyW*f3dhTbMh-*QWoR4K5t~$z4-*`A$3E$h-S3Cwm?WA|+-y zVjbs(*AwOr5R3Gb=hhw$qzfNS#6@ei&|p6+Iv9|BOZP@c8dqZzR#G>;FYsb7d+=_G zoF$`+7U0@}^b%5zKrNBwb&gp~fPT$%{f|=B=<5X2#5%tC$ABq`gBHx@w5AraQ)FJP zQ!X6E*oSEy3Y^!96MUf7iXE|ycUsDVo5X6xGl{cDr~-*sx4LxDd2!k=et&sg@x6nn z0gT#-4-F&Vj$M~|Z9j6GJ@TR8%Ia`7^MCDJ2J~^wkhzPDJb-g_-p9SZ}O(k)3XO^k_?Ro?gRDj*P=}ERXKDe#2Wf`PBkPm^!H~-U8+i?p4ysl zYkFoG??pCn+WPkNMwrqVEb*2qF!@W@>I=;Yz7I|^?$uas9+UvBZ{1pGL)p}CU;scD-?v2Xq8JUaZJe$LVG$~5M<#* z=;SIYF-U9>FDpF#Q=jalGx=iP^Iqmouz01>WYRelQ>N>S-wnwscN&&eu<8Z+vBUdFg9^MaE>7;fOm&+-dMy-Pl<=yi@dEi6_53SfKe77valAmX)wDzj#2l|lk6~KH zaQd@DC5qmQPkh}z7KNtcmG`2dLB7b0TJFWj1Y8shqf2)IpTi;2HdVDepr;nd;finr zYw;0Z}r|# zOw>1tsIETAOOp=j0J=TJ)TDo+hi6)4A3&|Zyo0;lf9cSw0Q{~A4c zuSBG^#*CJXD(w=NvkJ(s-OJLV;S#ck2$DT%D&tdpqmos1$_L8GcGG%G=1fJwI#s~h zCQf3lX(ky4d7v)o-yHX|EglqgHyr3P3iNpL@T96$e=IoWB^1RhDMRw@zc7G`1$CKJ zmsmEWGQ}to{dy-Iq^gL`ql=Z@A9YnzW?2RB=<~${8_V5^^87aq2r0u-{`rD$W)?;fP+lTtfLrqrKbSrla-k_ULJFP^?1M)~4k zRHhT!-t6nJY(MC^+r}PRdFX3~^=;zn-{1q6r7^xlv-&MAwIZDOV58 z2{Z?>GN$?GAhnKRq7eSvw{^`v6DxI=@%!mIs|&qV+Cw?7sYShVN9hjRGqTm6J$LSP z?*q0x!ZS~nuTMPRdbn!EFRQ3je1k+kC|JwLd6b6CK0NU+Jjz3{>6DHD2o%CvIc+a4 z&NymXt?0#tYLBPP`zx69Nj-|y%LSL-1V1azG(Jt$jefx_DQ2-GT*xeU7Hr8hG@qUZ zR(J-ZX8^HS@Bdw+HT4y{ut!bv0wbBR#q?YyB?Qmx6nF$M5UgD= zL5|2zk=qd+RfL@&y^SUgWg`;vGv(PVPTDN|IsRqm)&dh~gE|(varh^gcoOK_$i zr!Zp{9(hA6H7bH-9J(sJ!nV7e*`mgH!N~2Wn=GJq`@rafN1|IdZ;4s$nwnw8f{WvhhV=!m{d>PN(9<**o(KYs#U~W3M)r4u#I)|TyMPX- zC_x(~gmLiEWEMk6?dr*tM0|_zFR`t|c_C^b836Z+|2I;ng7+FSy+4j!mt-482i3@a zlI3rIEB+r*iVfs-wP(?$pipcIu9mBN|R*Kuy!coh-} z`2Hms536nBYJh)#4MPp%fH>8vf@s>kw%WKlDDn$#>9ie(=KQQUA&oi@QTLtk2$tmr zOQspQl{HGLd_C(Tjrdh_v9tIa4FGq5nKbqQkAskv{|`OO}zC3q8Tdf88}yy;4quH~l7F z#+6e}cg?7EpG`U*3Vi|Sut;Y9RD2zW^^?)_yXGdO%Xg4-8E0cD1er^HVZ#%`tx;9& z@vPYA<#jA}oXcIq%t#Jso>=#@C2i%C-GD+xNO@i7rQXp7^wB(zXMK}U5gekfr049e(O_Ie!Td$5=( zZuetSx=RO|*8tDD5!46BR6OXvO7z=A0=Ls>)9<3_XKhId5!uOA#_T6knni-B71K~^ zefUwmVJSIy-M{cQrp0DfzM6ycbnx`=;4}D%LB6TXO;S@y@DX&a=UVM67!!TDhDV|$ zNpe&P3O$N7e8%jzR>HKJ+UoklXJN{9Neg}|`y_QO&g;SVVZ9=+P1+Pai9bLZ^)c`6 zJjZBK1iH=*L5)4=c_gaMYeIINS!P&vwf+N`G#vdU;^zvLCn=14^G2LUTWP*9{n z>eC2%`V%-Kv@HSxS%{=R`-DdD8OQ2?mHl)zk)QMtAkN69vE2pX&zcd@p`sY#?CwmT z_>b2<6tmL>Gs}AryfsIqaBCe`{0adWob}>gA?-Qq5OkekX;wLFF-2zxx;$w^Zm39q z7Z-CKl4GM^xCpmKI!gZD{T>K}y#CEN{OFb(#2gMTqih%XnN5AsXulhk5~jeo9CRb; zDA34w)G86(%8x(~o_YaHc2)h>$woLe<8;NVq9Esmn}CzV0`kPX^7Lj%^FT0xJPJ@N z{n0cb%J9!+GE5BQPjB9m`Xa^ARnzQ7?7shO(wuVD-ip9Uby#z_9s;W49>xqhzL+~+ zG3o~HuGA=Lel11%uCX7jVW1TzmRy{_LVDnnO@9|cZck&Lwb)T~4J)pYS`7vG0Zr#o^F~`xBsgv3Nsxne5 z2^D5DpLJHanRBhxG0E|A?*?14A3Pt;;J3Jlb+0;Bdof^@{+WA8Oe>MM!o^~>(W2TI ziILS)C(E^{>YcZx`NA9k55QS~^3C%lkJ(hjZCEZ&h;FqKfFRg%1XJ5-M)IFgtMLVW z^EWk(f)`mSd`GFO0-+TIIv0c}Znpo_)hG*tyd9E~ zApQqC7JkgpmV9?*x!4`r_A-<*E&fI|n+fx67IM|`{KAvDk!NW`w-pm(0Q15-Jb*f+ zgQRvHT?!i&^+EJ}pj$|!C?w3^L5);d@*@kfoL}z>5?QQ0dIDoKt_45>QJALKrddQG zmu|=a;eco?ZCG;lvp(nNJ9QIlz)Ysj3-oW4Pd1Z&iM}oPH2i0u{q<>@4lI>wvJt#w zjmT$TyK}QY=3_^276=oHq_$9o`0r>PPL8Y0t`Y9=*oTwS3ty}6WDklsiTIw)B92Od zTV?wV({=%0=qHD2&*;b_z%W<+%RdEE&AmtRB<`adHVwrKfc%nC-5~P~IbL+KYHe*v zf!^qw#QR0u!en>AkCXr)NDmo&xm9rM>HKG+6dZ*)?e8E<~!ux1^qjjd_<(h4lFNW8&Bd&vuuG>SQ1G@5nNU?G;=rLfPka z?sk$tiJx&kL2#wtA*(Qa1~rEjk0w4E{hKhHnkQdCRgTNb=Ve49M}Yf185q9!e6eKw z#i)zUYi*Olvu~*dj=V~7q;HEXee}lA0{UbQTx*!%3piBeF8A-WYGRZlSu{z)SZ4g* z&QNr=CIb1U*2g*~G8G#$v%C;;C;4&6K(zVm!WM8W8h*OIaayCYYvNq6hxTR+9Serv@MVWVlJstX2tprfwxg-@BAQNxehUrz{3zBiLKslE44uyF zy!|X=?>{K^X3E1S_%;r|A^f5xYcgx9^dtyy$5>;40c)+`LA-t`-7XWQ$(?sAR=8E$ zr~g{3`W7A5XOtGrU`#e3gdO%BO^J`Wm2$Mx?E_F)_L6kB?oiZzDHQrb* z3~#JY4hO8nZ`8**^+1c7IZXn1+?f(O+N!3CQ1|u$j{e&^(+$&mla%1E>kc%5If)5W zY$`fr`j+!+OW5&&C&@g@V|2KVe&0Te#R)MwZenNBh}2_yPqiqgtUi}4hb#(ijNy)E z+(&;h3kGU7+E-mU*eg``J@x;*=K!%T3qd;GiH zq<6g?Zrf12Ot99tTuXxvrp1hZ`-A$7!{t&M>wNK3;xbqsl8XK*7u)9#c%m|X#ru^o z-><^v#%O6r#0y?28+6y&43Q4Bi;AU#)Zr*$>^22O;J7>H}jAwL` zOp+n;z&=xd4u<`Z8TC_1p|suV3+tB55l zX@reFBnEwa|ED3cE_ftIB$FKbJEA>6a}?vGhDb~#s!JC;mukl2uk=2a>+Qn=wg4aj z{>tM7XZI_usvfXS;kPD(nC%NYZ%w3Kh;UusB151(7LaY&_VV`6RdA=rs05+onG^7I zk(!Ksw5=4_D;YOukKoyx1(Z@vO>DP8bUc>7fGL18O_{*3{U9Rs+_(j|v>WfqLhf5$y51_9lkJer0lo z)i`)p`{s1s_{iw1ek!nYthmYCo@py*fNpoQ>~9syfKRs}_NNfjRrqO0XFO|SF}m{0Joy$W_cSC9ud;LpF%kbe#W3=BZCX)=W%_?O zC)(hbZBQx59HV2$A4&OCJkt|RF)8+z3T-j0V=+344^iiY-3$RX%J4^hvFn-aUPu6M zuZ|h8TVlBcJH{U?Q?)kC@CdnQzY}K|)Yj%M)5GwWe=z(f3{qSu4FlHK z6?`($JjwGPH1S}Aym%{!O)$u;%UdDqS9`&9Oc?0=Pgl^<4w`@V)XuZum7Y*k|_MYpH!1G(Rpp$B~q zHPRdZW^bop6thA7e41vriS#D`BNF_;G=|p7_k6zN&FmMO?!0l4w03LS)<%vCPrlrh zmMQGdef-Vg_?zXElBTm)6Zaf}$Q9+S7|tJXj+2L4a_on(8p!Xnb^zQ_muySMrO(8> zD7V;jIZVBBXkfZpw&vKgxv^S2vsM}=P{4O;VdmejFBBR;E*5xLS#VlcQHIYM4JlW& zG^*O_AY>d)E;9q1OiyvbTf~sIQ`+~KtiaTQRO1rpA>sVE#d+l$hb@%11CJoRO$VD_ ztu{KitXEbE%Y_d4e%n1B)}Tn%C>RV|`E+iuM37ub>P96SL^ArR?}TnUrcc5-i+3^j z4C3u)wi94|_{rN<7oppPeO(!&wr$Z5h%?Hs{|j7s<;@TM%=$P@v-PPa3&x9O&oLy` zozKdtVGjKNX22YYy}@tZh7Zp_o-;hua@ zoshC|?^T0U}auMIQYm)^?WwxXt-D%Brzcm!rg z3qETbauDNT!@z72sa%*VhGnVDF37j7F@0H#iT4mI9eGTpVvb?a;ef%%l>>Sl_!sy# zfc<;WsEs+wsMHO@pWh-aR^qm6QZcbis-1?NOlxY71`T3z@9w6?aJL;55Uo^(2Aq zkkT;C{shhG&j17^!r*lDufCRs?3Lo*b^t!FEWPElnG_31>7C*bLwbYh zT&c5RTsYacBEOB(cPUyuzXr=k1WgPBQg?skpX@x+0x9Z;W-RORonBTJx7m6&6aCT~(a^v(> zVE_r|+ISavQ36cAl4No3{`a!IS&cGTXAv!G7Gcbq1Bg_T z2AYnAGke$~!?!Jh_q(sLE5vA}w$w=VM=NN#n>C3IeLD#MxBjIff?cm2U^s@9IkXtG zbQ-}F)u{GS@u{7`wP|WY?Km4l21PlAPLAS9JojKjymg@IN)Vlj{Z6JJx%90I7_l|IQH`!DdV$nnhF$i}96Nb6Mz%B??pBwO!@u`^(pC1t7<=9W{d~TqP%UG! z-^OLKc;~U|5jjLo0KW!tO644Fp%69**5?`|7-m|4lwR#-wP z@w}ez)J_4go~$=$!M~qFPu@2#fVYUDRW*3r`2UVFO3n#cXDB&nn#G@kenYU%x z4X$aQkZJo@PRx9RX|Ymkz&+>9o1v5QQYP&8nI4IyFW{z~q97o4vnbE-#ZLfKHCkhn z{S!H=3um4^{83K~VJ?+#7kTNfrWLG*G%rMu@;HD#n38@o>D|>Y(c5Lx#m#IbMM=dq zoqx^r0L#i+0h$-Go(_sXc;Y8dpB|e4?8n=m<0|b^gNz7iN70S;Ih=002BaFrlixN6 z%mgpz913iO+iU0(@^hJ9-l#Fj7sM&ndZ;eMYIJGyUe!mwZobQ>%d0o=UkfVgMH>DA zd`0;CNo=b)5a@3vId<`^M_BaN(>)q&`u;950D{-sLSs^5LG*Ax#u2I11T>3SX%Y2c zxwZt&uuXm1w>N8y;qoWo`qOf($%+nmW#QhNZGn5B0p7t>Yn&ITaWSIiu}E{sq>2|_wYCi7Zx z{Wj=soqa5I!(C%1o0OjEP(a)oGA?Khx?gYjw~Mo2Gsd;ig=2JF;Bb5}Owpt?F;Y{N zo`L?IL*msUcQwpmJ-`Tat=zGmyJllICiCs1aCf6;ZF70p%Nf@Id%3^CWG^^_R|X%; zDsE3hrS?(HeqTHzkx~7xI_#nvLHW|mJTm}7dqGo7VBg>2<56l<^43T=$%+cMh6=rZqxj;^gx6MuUoqW`%)Mp^ctc0ddbra3n$1zIUVvd zfScb+uqD-f+5ZOwb>ul1Rn4-DL@Y~@M3<_3 zrsm{I7g;<-2l>Wu5o0{8f28$z|Na}dTk-#N?EjhV+JBhc4Mff93=Y%$GOM@@$*y&@ zBWzWUMod-9Lv}~{@`KeW6id47V7WrroZI${T5XuOAex>!tG4@65{)H9yz2|iE>feW zC&zioaku+1fe!CGl>Ye{vhzJXvQ^PJIJ!fP709-m${~j?$*gnyXfxu&)pu-2*Va@*q>1_Actcq)q?VA5=3i~@mUx_Jm~Onjwt=Om>dV5pAs ziR4=<5ME6VIlC2Zc(CkwX?8ZV%q_Tf{zMJ&ZEwN`%SQA<^Zu4i3Br;r@V$~1r8DI~ zHACBTjUxlN#^o`2a90&4`YGy?U07koxrru4aV-hZA#J!_O>@-%ZwS!o^@SD&%d?^) zTgndDokxMP7?9Hx4iP5+;*>6nb&`E9) znEt7json#n$5=!s))m#XWxWjR|F1LbROQs+R;)@BHH;W>m>2qOMWbaF@L$SWqRV(( zI~+Ht=u_FVP?U-RkIv?kMfG3o`{Qg8VyL3sFnb$z%hB=pWTrYLU_Y!u%6IB&p(SfI z4Wx7^{)fQ132ORSdW2uUS{7Q>XJ|1VJIs2l-tbWNJn5fH*^-4?S6X}05oi!O^@VmZ zh7IYY>IGJ!hBUQh@Zlz}9&vrWep90@CvdJmI1R?-I0?2`NiyV(h9HX6ic)hK4%~P9 z#l_{2E3Ka({X?iUI^EvMkbx_bSvvR55S3Gd@p1p^&8|G*vC~vxJsShLAdJ8DEOt)% zQG;<##FZ!`YaVWpbjcD%cNlL03knLmg`Hxrq{npQaYJ0OE^-@$5YAcsBf` z$}G%Ja;_ujt4>kB{cbV$waNPg9C7EdcIqrCHd@ggZm;fqzvy za)v;m(ztEFo%!f?mzpL3ME$e6z`Ooos&C6uwOu9WQVv6b zUhDZ8vg~pK)k5wVhB7)_em19pk}o((p=OC$g#iJo&jwb%;K}N^05HM0I`*#tmfM%U6b4Ztt<`H)$ftdAN+1#;G+xo{()h|}%eY}ip*YsbS$@7w>wh4p%9;Br{ilX%F`nVcgrO2GPv zBs%HA5WAYbnLjE0E4%7z{QZprK}w*GCVn<_&rs{%@hLyk)oC3~Q3m0Y!fa;AmDymE zp~558KbMUP-TVADsK9P4htQYeVos-jxLdML&H6eI@! z&c@S{G(7?YN}vYscJ{k8)RQjm11{@dGVkR0RjU$bLONh$s}*kyFsCF`Y zq;_hC3pA4ywJ=-7)gD(#$qt}IVd>K8DlGmHg2(ZV$&2j}R?dPttz7R$4;&D#fM1<* zV#TZ)ni+MnEc1RSB!@TEhrst&kABVu3ZOtEv!|Xl>2rR-p*2W8Pn(1+Lz ztnKXpXQ;;+v7)7@TWsIJ3sV(eFZu=m+aA0B6el43>9reKu#U*Qu)|eJG%PZ<(c*0~ z@WW{i$qS`5(s4#vFww?IH>VG;*H?Q3s#OILd`vxRDLfmoe?)zc06I;t3_YX{I)RR! z{t3h=wG;V*4JF(U){}s`I(L9dI3OZJ6MA46{6w=6g8!>CCmCgqTP!Ra$H4Z5&37M% z&Bc%N&wJYMcGkJrZGG*4aK##M7V|xZ(o>x>5~B);v+c|AgOx(SN2x6vW~TY8o&{|JBWqCS(O&EVHH|9K4RfBTR$#10f2fV4M{s(%kot=%l^_gg~UJ`kDWSZ-M&%q;XMDf zAMEolSKBO=+9Jsa9Qo7a{d7xqzdY>mCAo81XTZ4mng2?j7`Hi=<#6fI4@%hT2MF?& zqiBIJ7tiHDBp$3krjpJh0GlUo`h&6Qy7YVj?y?~6ndBhaiywewWlrY?!c zG*HdBguPv@6^eD8$9DiV*9!&7Yi)6!vA= zA#+d(=h@_c7_QVONV50T!^!{g0~oVx18W_f-XVs(f)|O(j!}!Q{803ILW}VFhX>SU z9Kjp%_(AJ?+>T?9a<{b-z29?ev=;J)$@C@}82u|8&e3?DB_N7(J6+*Ik|qo{P7@&+ z-vfO9AnEd#e=o$WJEwpt3xP=a6{V$xNdneh9=ak&6Qe~(ifXMNQPzBjY~_bvWJnK} z&J;aTM?osZwSxq5p9aJPD9#-_A$;xk`@+z_da0pP3 zi5(?5OH8?aws(_M$2qGc^ zDxDJ2f^^={VuGS(1O9;J3%rEhwTXmy>C8Ah*sam!ZO4p0=qOx3QTY^d1Sf ze2LXh2vV=J>4#!p-%jQ{t~&Vsc?X?*^iGoqzYRZ<)Mw0FRkifVm?JvFo&eibIS|)J zg4r`>c_R4`*t@)}UidH$e;iFlN|p&Et9veYdESy!`McM*DVh73o*nJ9LJ71K$RRDk zK2Vtt&a2VZ;S{*|o=GMCM|^sUN}d5SP7rwoiAmbd*=Ue-P>PEm&n!_t{+21CDQRN) zRR#Ojc;Ie|p$PNRfa3uzh8Fr<-3Myg!+p1RDOIJTha%%rCg~8EcQ8 z@pU(}F@026@E8n{>dzKgALx67nYt72xFRLZ6e+nJu?DK{)8)VI?KoYDIlzv>eIDyE z$27uv!2BIt&*Zz@EV6ENsN1QRNRfQsj2I?SV6;Wj?ZDCqhp5d-<)fNY-@i$sC&zXY zAK*Xx(6+M$f9|X}%?rHciy4YUr3uPSjjJCz*^xoH`hGX z0%4uU^?&0Hs_!-hYSP#e~w}|oVY}la5cw5zb`_HrMTw|RdNqb0S zg+R}*r#!AjCv`dz#u9OekZva*7$?&>c*HW;F(QXq)^9ITAFqj08d+a>Y$g4}|*j13b0FKn?MC|`(AT7cXj+w4OFE~+4|X0#`K;Dxdmo*vZs_Lt zX1r#P8WjjkZ1g%d{t*(utl&CY0rk+|c~Nk6eEXw_)`Y*|D~L^Vf$9xl&`E%H1qH(6 zF6(`hnnj>D_ZTzp=s~3eoKeZx9CYe*+54b9S46 ziazc$h1jyK&l3f@CD$}Ws#1Is(>uVwPZT22Jb!<$@6h90(Z_g37J z+<1hz$K!)&bnx<&Nem9Ct1w$4R3)9a8m6Z?3{u2)dIO;*Awif~KJ#lB+4m{IOutD- zbW*$*96~z#W;;CalCnGBDaD&U&;;@DJ@<+SP*k{H*hYK*sRU_@W#{1*($<_ ztH}Keh)yW8h++z=5B7C!Mj%>H(l4takM)PIyN*;aVv{dq)FJH3saqFu&w0ThrBLS8 zXb)oejpwa#DUdX};~p!Z>$pveHRw2%cE!e-&G4h@TQFt1N0R1>r?J#6GnykicQ%VQ z7a^nlhSSeqsuqd|v&_chsjwlc#&zyfGxyh5>WWxC_*T>D4>EC5K{b<9z`)T?@=wGIV$KdlM!IFaWX&mEhgbmR(+aJuBjkg~xZ3k*LRQO+&528zl<4&^yO$~V5 z%7Uf&3&M#IOmG%`()n&Y@!@%P&_aZv(MX5a+3s)oYKDz#||cO zY~MSz-t5^@bS1YW-%fVu^5*ZMnXdQhx>2n{d;t^1$}Y&sq8Lnxd#Z;n{AR2s(IS~x z!a5ECD-#q`n5gx@%a{n4&Wk)qia88<>KY#ERkE#o91R@b^Qt_=ADUHoG^0xeizS7$ zxI0V+e^v)E++2{Kw>Rg;Adgqww!_4y%(Wo_5+`#HL8h1r;y`yP7qsM&Uv)PMUt+^n zTLj%I^S1Ojt7>ypXK-!(AHH>Npm+3DX#2jo&Tx$0RCTR=7<)1$c&3f~aLv_30$vAGV z4=2gzPCR+g6lsjXok4Is8AV3zd+(M2BXE8;EkxNetO2RGupD4aAgND$$%L^BP7O-| zbq}nkpf$$KynguAbg_aFx8*<(pLc_skUQJ^?P)mgOj5g15Dux~82jh0Ygz7{GfAqF z)X%o`LST?KOAo!eSr1-P-Y&kAfI=BlYQ0;Hegr zjFbjREczs*Q@CDOXH;tfht(?uzvZM)bB4ZhfXvES_e4x=C)Yv79n(B`I7xtq0`$EX zhB$^P-3;4tDW?S3s(p45jBzf~sKKF|Ozui{ptTlDFad(j3m)`bbUVenr^uM4D>vLQ zE=YDlH)c@_iOeM08gdzfEUouxV(LKMfNO%&MW$;2xe|nJH|w?@MtIcH5XC@ah+{}x z{FVi7o!v-U{!A4lczL}|AP1X7DLxaEmg`L>#SuFI(mQoF=5=btV_Q^9)eV|!G~88t zC7`@IgPo7J<}HGPw@&iz^DG^Fm>qmF8Qja^ot3sO9v^~3_5}Ff*y^O$fle<#Ho4XO zY*uab>w@f?&fgMTa<&Wr0}Q&~Ef{mzpJXzUoZ$=2W(1iMufk7)Oi*`iNf0B*$J(~n zK-UhPxqA&X4O=&fsV^Pps5+*6RQk21=pu zC>%9d$P|%v%mn9(!=e7+_>TEjhYCCBmlCIi#fnX7Dd)&V4V`l3CjtzE8OFn_Cz*p` z2x2^WRq`Dl(Ds3rYigMq4EgfBsz5^mnXgbc#c1*H`gP8|N{m`+g{)UR)*jdJ(;zA& z{fM&+QQ2Grpi`_ zx+^g+FJEXPzYor2etEiO1>C*ypJAHW7OS3oRm1jFb9AM))P@CnSE`?rws7kZKja0r zf@9x(Xv63J(SJj8547rXQWNpR%7S%fnVqD4AmO_-LwmG`GqZU=`W=F`fz zqQ35#Y_s;q(nI@(Xbx$J6Ygm7m@GAB)uTZl9LqI}Akv`Y*2JLIIueeUq4N@wNQZ|h z)dvLjPhC5OZ<0OWu8tWz_qiTh0C{)4T||AypSWjg2EiBx#ea#?@WPR0#MrQU5$}vY z2kkvVRd0~ukvkS#!-EHzKRNDR3Zn3z^WQDSImJJ`*S73oTTD@nl0&A`&U3cus~XR9 zXraT){BWc>tv5$(Y6W!=kW5;+I-{Q6GhKW8VcukF5u_1uA=A2UwPSbE&$CdCmw-Yi z`(^3f<9?bTS%L>pZLX>Ag4t>ZIS3 z7TyPg4Dyiy={o1_HNUSBgIt(b=RP9 zZ2JVuL+^pbvYR<0?=hhuC2<}BYJ7WF#YOg&5R?T(*@g-t#HOB+-l{%lSP8Ss`3{v9 z8lgn;d>T3tPGOGZG3EXNDT%6jKem4c1<`{xSF6@oFs?-etQ3X5=7Sc86N2<`MvrEy zdMFYY%#qFb6pp+sI+8Ku^}Z4-mErV5TBZjcAHFw76|h!N;xc`HvJ>>_l9^f zX$e|rx(9P}!@2gUhvxjKnk$v;z-qL1TdtPoe&%FN{$-MOnwN){Kg8+O6)?8%k|HZ? z-dFk~u>%hwK3rBic~w02g5Cj2@{Id?88GEf(}?Hu2rJ#;&bWRN11C}Jm$+`G^h+eY z$&Wq(y&;x(`jq%=%H2@OO~o|A*b`rAJDMNiS1`M>kRWrG~m!`5!T_PTjF@!0N{y zO}=iSG(tXD(pu!J^nggQr0KRFay48}25jV%me|Tl2l6?D>WN|~B_YVJ(xzAP;4B_#dg}JDPHmh#4ey#qQXu4PgTw^SG8}2b-+twk z*tzMC=9CTj1y0vCz!)p`Sm;y(kfA%NX3QyazT$Dac9wm{>Y6-$mMZ}@mSGn`GJHp7 zjbVPreSY$+=t&zTO`U=96TQ;&*78gmHb=`xhc-Foe3XMmY`4vk1a^A7Bqr#@M>)X$ zZOX7mx|%sBN~#63(%GI=K+3J+sJP#F-xS1b{6j>&ENE9V(Jxb1WLctI#= zdEuV?@FE~f@wDgf<+`6Cmi`^GaT!z|YexI0T5cgRM@6kXt)zQFt-F1*y zcpXoeQF(coWWyG;26ZDMA0_xfHxo2G#qUTgis?Hth&7x4$ zhVVMw>rJ154-Wkp!R9|9$x7LbXfrxw=a6|YVYKIohX?XRW{CvW zJdlv{x|#VSF>(nzEB0jx`fT60J-6(wO6ek2~-a{grnA}}9u$@9t&D)(v z`<fQeRLee@B>-sXrKS?ox<93I&IazHo^ zgyI_yD{arXstdI_?l?+b&c-z_-kSVL$^Z-NDHa1w2-9qEfTN6zmnJbpat!3Y=&&c+ zYtgyN?6P>l-YwTSzX7ofotyWHiPP3HiQsQ?}`U}p1UD-4NU0T+z|pVLfM z&<+pob4{_i=WCK4@sc(O8atcpYx@ZldpyGD479j{96d9GyS!cvn%IeCP^G(>pMq%7 zRIgDLD9#aLn?bYLdF~qi*d8Oe@KaljH#!oZW@a;1*GR^}MYtbQR59z;K?3%t-AO&j zCC|rGj(_0V29{BLKdJ!fb%L+^R-3KN1a7ZKZPiir(ROI*aq(y_=&&aFIeK;kb2k|0Z%7NJL#YUjUZ;yh_h`^ zJD;BQP~xrQg{Co6p25lT){{;=0a}e=vYXzE8v7Xcjq=?J>(mo+sR6C6N$RBX%y^oi+FnmthLRPb8OMo)r^J3L~ESyP&>1#-BDprXHwY}FxR zS?Gwh2gX;71KVaE^gw8eklyk#D{I=~rI*^;>C`!G1iFHsQj^?>?DJj){bJSAPVt_A z%2r`AcwPfPOb6V6f_}oUHsTfZkY=_Vw9u?vji!TQ9ck@5Gv=~EjQjHDE2iJvUvKT` z6jVKY-R)zvvlbokwGiWO#Pxnx_w@MfGxj*fmsP`5&m_|y^?eQ6p5*xmdTm(~YF$VK zlXpMcf;0qq(&w2V0}4BM{4TbVwhUZ(_7P8{8lG{-4sZ2Z1LX-(ycu{ z+2&LrWS)DztV4!E;83k9a0B}q+n$Azw@z1dZ?PnTSZ3D?tas(}Q*0peNj<@5>?JgY zQ7n8ev3b_(N7Mr1TOY2#sCVYk>`P7*EaKd9?a|?}$=5@<8r@BJ51m)ip=@~?svqVA zqyTmFb5D<{$Hr_LO#I)-?2^K9+Rk7=lSYXQ9x&O!L0BG_4VRUW7pj}2NnnC8CH2`( z-n!C_>j5GcX2$eE=TbUAOD2IFxYLFxoQ=u8i@qldKgeC{B>%i|LG`9`rt}%ups+RZ z51lP13rD2mdf`mn$waeQl4EDA_Pq;ZJ|bpM2-Bhgjk@t8XzL))Ah1X7->q`1o!yO& zDhIBC6jh@*(%7Vcpi6@`YaQ%liW{d9B&zs57syv0e3OHPFKO_Thvl8f z4&mJeohPsRSFVFr@do^>N_&roZbxUpT+%t(wCP-To?VQZ(KbE>Ipk-@i{LFer5f-U zG!6&7x3XU)JfGhIv>~2x!D)1%zfHXqo#dQexp$k#S&tt!dk$Dru3WSyAW`QVc=OEVN`4Pe3;*W!}uofRGlobFQ zty5nCKx>Wt-bbReBx7k-YN<64$L=Ocr#EY?A5oJO%DC8Q_5}1?*TUYv=Opb?zougguclZ+?eGY~jp_Sp&pT;#S zRun|8mG9O$n7(G6sI2bwE6AWhRujqs{LNXHScCPLMU z5_k49FAU17fa6@DNzElNchHC2HlS5~NGVIc_vZP!wJLqct8;(h8lZsnSiMZG@oUpX zo-Hq~WPt0~cft^>Pgj^c9UHC2a$mg&n6OoH@YS=SUrP~bqF7)sBj+k7{YYXN-f#~Q zLs_LGVlar-&Ab#9I*^gH)BT=N=(`GoHYYFBZQ2F@hg17e{>8U$a>3_bZ_^JT43iuN z$3<--QPo_xTu~!Ln_^|KXLcgZUEiF!T7{{fR*^pZJ4w+-2V=NM;1=(1%!@!X;8koe z+bBUCyoK2sI2Nq0)NP!rW6Rd~f$O)bl6+~uZ+D73>^bEstWzr(lF#A9+8SN_&w zhjS;o`u&ayvjpC!{ntb;rimF7`=SeHkdm_~53#b|tBk9TuF|yJ@FXJuml+D*~Q|zpw7lMjq9pLA(qS>1mW|XumWMW8BXp#OAGn^Hv1tv2VA4J0; z7aoJkUsXRkE|z^V z_t?kPqXM>w`$WQtR_#(H7WTqJgPONk%T9aR84k2^s|LHcKTI}@) z?Ifh7h%;Ej@DU1qseeRJ>*Yz*ZRvu>qQ3Kg5t<h7N2j%P${( zdGgi0RG-$5FPxqbb^ApG51bH>&TMh&_GqcTTXoU>5JwHM=;rcXGmADjIKh8M(DalH z`EbeM=o2}xI<_Y&T_Rc?ja&1ci%=P!(-XcX{g;6rFktT)PjPYc?s>Gv{P^bdLeO&b zCM(|VPL{`$&`4wjAIv9PbGd@4Rr9`gb0|B_)$0f@?bEl1kc?k!SeQPC1+I5gj>O>Y zJbEIzJT)EmS4oN$-~JPWDH9J8q13<$!pG}F)lcbf7=!7qhi<&{PDHSUNt-ix114%+ zxzbLU=&}f+(UBa?L66&mFD_Bh4vRXFPSZXFr0G3Qc055yJ`fu)_>w278_=Br(!ahXw9_q-yP9CjR$YlTwaa!N;)kpg+ zbZw{iEIID%?jCOk0BYo(_@=}PL(`36HO^Tn(p3NtxkRXgU4m_1B!YYzzDLP+g@y@{ zcV`&nIEvuyR=}==)glc)ZX8&9@lRCQsSRFtNghBg04Lc5m^ObhOt9hxoK8nT(kcg; zJbD@4$JTX|CF+y+$}t3!`H#u1@g^N@c3qadT`uoP34b4FX0aGAW$NC;RxDf;c>r2X zGR*}mBb>(+T3=|!Q0&b53E#eUBQv|r%hr1@hR|`Ivn3T-lPEkFYMv+>Rrwc%fwfiY z$fO61WX)~|93PMxhO1y}Hw5RQcBox5e#M5zLzmjQ1I>ZU{<>Q!rf8b9a%To-*UNn3 zDTi)1w@-~*4~K3uOfuu`(~uzUB_B*3?4l7gEEQrJEFsa>1lBD%ma$KgH~LZ3EzzAC zpOD6mHJwuEb;Z5_2f-Kaktc3IzUj{Y#h?pkgMYOiuPv?hX>OsYFGAFtFb~q>-n&Ys zrI7NLbFgzOO+hk;$a!)PwH#VGhG?vezPwo_;@bP@mI0(C-lW zCf^RXt@^iI#rjsc>+L14Vu&$oSfFzK7m4kJS7%t7JH^*zr00HSbgsF!mA|Mn%m`oqGOCfEVUmS>TJ!H!hbBqnNebL?iDsr1L&+4Q)3{%t zf&<=Q`f4mW77|htr-8E%K(!L_y@9hS24tH9ABy@~c|@3HX+*^!os%U!hcjuUgf9^B zYi2h$T<>XL_l`1gH9>01@9c7x4?codC}~kF+~YSMyv{XH+Ex|L2WoxlsE`IC9m)a=`q`#Of)aXhPRH2 zIK)eyZqhMwzfTca*8XU6UD)$s|LLaCTTBZxa$T8uAVpi`1V>te=;kiRQ-;l0*R}#! zOYB-RDnMNG5!XA8#?^tpV|Esn1uvLP7Hd@|D9gB+7ZQbue-(U>_U0|ICbVKK zbXWbBplpzAjQq3o&unD((0?WRgWAImW$enNGq{$)gs6!x)HAZo!QClJ(dZZdE6&X? zjB~+QD7))&>LCU2guMUOod9oC@c=i;_kRggn#7Zrc8ByAY?JqQ^sVA~4#)MajtY)$ z-FK)Hao4N9rgP;hm*eJZIQs)xq4&MuXf-1=+Xsi&OgiL zhS^9wab?a7>YMJE!({5Nf+-PTdF0L7Ew4UpB5j%nr ziJbr8ZvOu3NUhxSK_thXDCe;^MdY$RTJ5KX^3mjwth$&Hsipin3hR70&F3!=Flks0mF*6`5ou4nbhwJD z9G_l-?Mdp@j$H=Zq-q|xl?YG&OA_M8Q3|hkuc@Zzv17S&!d)qd7-kE zV1UY&u^JkNN%t??QrW&mk3r6U%DQ}Vf98vID(jrkj8+$2(9|S&7kxR5cxyEtO(G1Ek zS$+fM+acimI7S7+es)(YRek{?D4>kik|FtI&-p@(0%n=^onz@i&Lw#slgV$viHG%}HM*88_7T5WVrTG;&UFA}`u{5+Qv-f^)WGf-TofSM zj1H6g6&`^H-sJi)`9C{L4SMBqZNN2=EpO`Oq!-E=j*)hq2^+OJMya1`pKs3=U_8!@ zhn67LfE|POTV!c815+3}tg)Mf{o~b3*mx3l=H0&tpK(+3U#n+egF|3=oDVjJf<4Nf z_fmJS%sFE}tyS@ZrOl$cj^k2*ikt=&tT|lOv46Y}jg6*&06gf2%fh-gceG=^d{!O) zGBA>Hv%8eT`h-KU7Hx{9<}mdSx`)B$e!K~IJF5pd%a&2cA4i>G{W4$k0=^)(@`&sY zvH|sbATElHk^r(R49b+VyqRSc*@A-#>?!+=F8vjw{{;~VR~q&k^K=>fGQFv#+`kb% zOV9u87q8XgMr7I3O8IQkE-YX_*wo+Op7>wb{52@xt-o{R$1oH062wc;g0XR|$_n{J|MWWaYn(L(7;JyK#*Hju*ICZ2h?I1v2Q;zYd#H zS020ZJ|X4X9$0Ms#@onrl^=o@D;xeRKxszR9ynwKbfJ`gxo;Xkh7rHsH{r1~_~pLA z^gEGX@7olNO8X~JB2|4hq>EjTwDqq31JIGGkaK~kUlXi1xLhzR`Uj}6F?%lIUo!`( zG9ljc51GF{dF+jS@nGaHsh|F(5r~Q{;5F9`HaBBp}eb_&+ch~PB^JW&UUvq&B z{AK(<&{Eews!>v)MwNaomGDtM_y0>k@xJ4>IiU=H>HH7-9-IkOxc1+5{6ucs75^Fc zk8K{P?5X_!$NyJ@?mwVJPoa(Z`Ke8!3Thue8PR0#P|25ut0zneLJ^$wG(;|As=*#$!L7jbuN4QeO- zTXX2$ZMBb{o&Nn72Ea|g{$kAqvwu;D>?(Vs!{JK->G9gNAHf8Wf(i$gHWng=ASqG% z=q+mR*UH?*o8vQybG!dqM((#|_`f_j;K@xCzFa|Ld@bjM(^u9pt%E5)>4hVf-|b^_ zqTkjdeJ8cvcgy%%_9bH0dKmF<9t5^>#6PIMd;B1bts#b?_UP#cj~p$7zJx^{H$ho_B z;`i9@4}6yX&ZKnh;F~Xfu8r$X9M$E_ErzY^!>HdecK!74i&~3_RnkaYvkLSOuD9Ag zEYIh@RMK<93~sX3-kIgL8t4b5_N+~camk888 zSF(^ZS+J<;&KLV0b}Tn^;sL}|n#+&70*YOd)wo!bcJIY_A$`t4Z5KVJcE7%A|5 ztZSZJbtmRr4Pm`>kr4H{vInUv#@E2ikulO>)~wBd+S?8pMSC4a{eC*v$$o=9Sh7sC zghue%f->CXcIl{T$lUVAL^%J>j&ZuIWvtR%hPp&e?fIX-CkT_DlncFF_WREoo4qF% z(|C9;!CMqqdBtCrww=R#2_EYk|4}jr+}?StCj>l#v{f>C23^uPwJQ*xIld%x2|H9( z&DkkAx+WqQ^(P0)F-k!GKWSjSV zghZL9Dx^h1y=8+`4{3C$ltJ@9#cu^IZ^mJJDG&;8Iz+$X;_%18nrr3tD5Mg7=GW>0abOAjM2U%uQ@s1M|Ik3el zA}C52)!MsAz8&h??A)rLAvu0(;n{MU?xUWjkB^7ldX*5(Qk_Cs*MZ-^aX>n~r(!HA zLNgzSDf%4jg-D(zl#f7otl4=ZG>%+iCaqcXLsPPY?B0m6M?A-d9l&#p5xe(Sq{^(` zeEq;6ug}?knBhxEdR;kH5E3nC3$I&dEYt>b39a{c+IMO!XB$^4EF?9Uo z27}7}lQB@pEDLB z(*v7NMsiTJXu3x`w!a59iifdfadlq^7hE3%f*xs#6GsUK`4YG1>>3pz^5;||LJgd! zdp1E(=r?p799)IV?3PW<_9IhxC{Gx-XV^3P1nZ_d++Qt`?}os zLy*i{CJi&%+?*b{dtp-l{UvD-68!O8rw4Te7axK)NuU=c)f)5RDI@Vmchkro0+vm~ z?)KwJUNU9wt6Gd2_eo08%h8d`cE?{SYmx{y&9y0*D{(PM3$sc4zIsU^@|E3j&^O#Y4+Os(f;%xKR2OR~s=>JbWg+9@#R8lIV0 zndJjmHPS01LTd!aE`lLoK+cxk67*IwcD0n8<{*K|2`7s z7DPjmahvUb#2o<2{P{tR+x55sV=-&MN&RuGFH1?|u0KlyH-@&!UtZPvL}K|n1FKgK zujdGUdT1G|p}MJpBjz==)7S=d^N#p<_QFl0n#@|vFz$DdE3j~1i?J@>y`OD+OgKvl zi*}o?J7R5D!rX;}h8dT6TMFW*TYLkOylq3$f`2+$rI?Wv$^@os?C#6o4&&HCyTW4> zQB*g3Cm&9s@x7}Y>*AUDmtm2ow%racS2XzG^n9I4MztVi>ff?82!_0_sRnGDhK#xx zF{p#L=^$W1$0qAGD)>U6rIkD)0|@RP5qOYAiX~xH&?a^edk9w<^X|9Qs)tFeO{|NE z(62E&^llN0qa}M55UYSi_3I?Y4d>QVINwUDYPj|QVjWBAd}xXn=d_PT6VA7uw5xh= zQL*4_b&e-m>Ha&VKl16Z-o{dr5^OQ!m1~`qJRLbk&hZ9Q7E$&BVzFmyy;G(Bz%m9} zS5r*pICf~_H6I}bD1p$`cdZmrw>udVW0caq=_fX3f{g7iZ!zDXo@tr8wxlG_^5px51R%bD;oL z)2a|;EE;!*P4r{W=BwK*%q?spDawMu6EVI&9SeO7G8RYD{SLtoVgKqpUjI~nr*}W3 zi#QBjy%XPuamD)tNl+O_LQR;GT+NfL7sE&Nul#o!aG& z>Y3ip$p&w&`JN=7@cw#P`pD$yW-kJ6@;3mO<=4sRE_>hPB3N)t3`GvEe2acf)rPLN z{Gmm&weA}HB!5JBbC~6sSGJ~>4Za+iSu5Ud?W%+{-Bc=S_{g*L1gv@ zB&=273V7g1rjZS&a}EQmFmsxZA@k`E7FW)8_=z#UtdJ#3F%!(jidJxk?^@h|b6XvY zYOZvUZ?`yD>roXS@vp*2;zU9rhLZkhiwlz#wnmelio z&B55=4O^rI=UgF^EUlc&jPG$^1#>T| zr9I2j^Og>dzE}tbG@hmK)4!!rVdw^f7o6RqyNbLbdx&d$%K}%^+~30=iq}5aCdl8~ z*XEtYd{S^&MqubJemk>QY6@a@x1kfYj6Ct->H2bOWs=8a80z^ z)Yu!^TNLQKu^~Z#1D=hS0UrH@5$CP+(hMz#Sug5uJv{Xk0U|Hbf-rws_{(x6!G>)I zE|~OFYlD3sN5<8HB}M3xtJx>y*&FP7m(nsl+hw~*eN7xO1EK0c0hp*VVc6mK0`wHY z@-nw0Z&eZ|x-t%W1C&dYydJmHdg9s(r|M}E%grlRKCHn#UK0z%bv@_R8u$kbA)?aK z@VFDHA3dYEhc`PS*wwP~NUb(!gzsB*AMEcC+S41bIbCv6n-f0R+#JSK zDUI~TVD$IDzesyjoo5%g?K9N95sq&k3F9J|H2VmJx~j;ubquVB zQ;|r>^;H2{F2KHD@Y*x?kWw#4mw#^ker<3o z)P&$6Rg-JPdmDxFqVMS=eFF#gc@hKo6yb=G(isn_c`G61MJGx1afz;txwmPV%9NvO z?PRr*u8cy+xR@+|siof#b<2j~b@~utfzjJ*y6M*iP3z4$NN-}ca}7&e(KnE(w=CgW z*B>msv9Q)GGPt_3`N4ghOQUG)QaMXSzDoRwGH$BP1JQlWO-qweqgQ)7tSdr{lT9*n!Envhch>5BW$iifP^XiPJT{SR zcRffcgwA5NYaA&@@3RSXq!N1J{m(Y9uxnknHAEu^zb^?`-OSI5FLg9V6lLj(M<~TZ zy&1pWFT$(f*^d4|g0@7AvS0Z4*qH%tpwo}!p!XZ?G`GAuiY)wY#pWdyO2M5gs3_Qr z7y-95s+#zSKOFDNb>_TMW)BOtGO?<)*Rcb+bOzNxe`Ai71DEcC1)SX%Mq-l z&K6aU)>xt-@7fFFpw%4ocl2~Svd;VrumW0AW0G02sJO<^{ZoR=P@4D--|<@3vi4?` zQ7pylWd2eEx4U=u<%;keHEpF)(gLu)*}~RJ$&i5j`1^3gWcR@PyDX%`b(|{n>Uk1> zLI?`2*wrIn))y`(K;5S?cr+I1>y~=^=&ck7HI+&{HB~JUx9HYGHHZ+qeRYUixz}zA z8o3g^6EiFBe80wjyj4`S0FBi6I=0>Vy=Z^(Vs!%iWpbpDZ|aB$_axU{W{zXjrx-2< zo0?_mrDS@>5zQ4Vyw_i9mJT6%CikHyQyzuS?O>{MhKg#@)t(8?9d7#cas0KEk(gAr zr&RR^pM3m2Bf~5h`Wd=)7x|?(Ey{e2gqw{F`;diAT~^wHdsjjWF#I>`rP+lzFvAMv zR(C(@^~q=)e^#b?kiMx|BTc4+q7SJUE#5<+`2HJH6VV62X1!@%Wh6Zpo+%8xD*9Go zPQUF{1ENulmV2rvMqHLFR&eyvZfYNU3}R z@bS4UIfDCE)c(&lufIKQp!3Mtb;+h6)lodxL>C1C|9>Cd^n&_;DqfQLF3zk}KeVeD z`Ek67$1Z(jZ#obo(aSgZI4?Gn!zDH>hbtB50=y9 zWu2UZS$6BA#%GN&lNK;w{urw&Z>Jx zkHFjPPi!i0zh)+MvaEW2>g6S!zF?*Z>=|nDug~>IGH?8ar)^jSGd!7rENM@l@x*SN zGj^v7X<_*D2`N~$RlB>n^-O)vALZm4&i%v-M?Jk(FeJtB+u|<+x~hUovOH6car;Ah z_XIrud^P5c{e2T{MD&8w==~V>>zM&vwOP8#=2C*NxM*8yA#%#&A87Dwe&nO56r%DK zy9}TZWOzJoTqBcTxjZRs>qb%VjQHh@z0qH2)JSZt%3yWxq_B zX(*%=f-yeXJ)L-ynTkq<_^kGyWlqMp-Pyk1zI@i~PxPr^l~-$~rkiJES)b=p<{8CD zHxuN|A_&_({kLmPo)KA;(o7k+=WV?#A@&Xvem>Fa&MB17Avgxv=Dt6nsUIum*3UmH zP1ls}vzXnIIsnoNiz8@k+|LN=rW1ynjCl_{x-@q`Y!4Io15bYgEol#VVFXVv(jp2h z^UQ8FAh0C2qn5iWBDOlW6fw6MAXyuWneTa9m^ghx} z+VR$q_DPMRpn+*abk! za8#D4^@qnrcrFDBb-8-RrDs0S!M+8KS9UyG*v%@q_N9E`v;E4}=Z%_`g3fE{t*6+~0(g#4E zvQ#fEG`+MwO|=vZ{$adTj?S_kcA%zDTUy{Lk0tyTxH)V-EV#N=!gqH@rh7Zh*1mO) z$VecY_T}nk@2sWPpNQ*Xwq@bwH&^yVmmwe*X-_Qh#A>UUzRU_J#H{XJE||ch1UC zMrmsb-FrdbPOO#rXqKWr(7_KYvWJ)}J4DF2-1ZNPb_0^iZEpG3Y!)a)tk=BQS_pEI z_}P*PiNn|I9utA}8F$?lCtfe4CzeC`&@;Y!XLlmK>?V4u&|e&^yEswvjhyVUnuteqe~*g_9uUnD z7+$6PqkQYWP!iRV$kDTaY>l%`k@u|GMEQ&^N!fjSRN2l8^0CIz!s6^)al+h|aFZ_9 zZ?5~oa;=+LVTM=xcebGgS zE>(yt4>p*F8cXbtk@Bl zAuVIj7!3$9*0FW&nhv78XfZ+|oped1+&b8!H0*xPeHIIsyD{77d;7N^xm%GdR&uN8 z!C#)9vs)IjHtLw28XBMd3$}fM>+(?EP!o<=OduBFzNx8t287xV_T~|HKQgP1?OGwmO&fi)8`4iHqoRmDXs}3b!js@-`8tfg$*aO3O$B1 zvvBh9%II*qH>7GFBvDsfn=SYCsqJ_+Ik&m-_K~vz`o!v8X5>@n4@kL3R;m{7=JN1@ zM;X=k4>l@R6%MUb`)Od()CR8zJuULw*!*gf8GEJ6Q!N%NJMHiI2%e35y7Hx@6W!_l zC(Y}tmYMghN-Z*v(32BTZ?7l(qR4X=^2~Hr*!`;#0|VDrqD%Es(pG}+FGL@$ z1`{cjXLR=BRRNS#T31SbxU@c^eurpVkL2#D?Y$va``B7_LAMXHm8G$Kr;5xw-u`UK zofJCNN3P-N_QvXQoCRGv3eqmFd+h7(W0i2Ni!Qjf>g;~kPIe+Yje#n_wMf4dqTXFB zd6z-A$bjjASCLmHfxoQ%0;-u;d@?m{+cth9te0zvFjepcR<<5HJg*_|BbVIc;iI8pz`8JuD z3xD(s@OzQ)mp2BC9z8Dmde`sihwD9U_Lt9=42n@TpXlC803PX2$5AH;M0dW6y(OA@ zHro7r)~u?)OUbX0Pt^*`3nxOWIh~h=(3cA+S$^Wt;PiDyi;C17{x&;SV6Sz!%~p1B z^PZ8eTE8>&siZdCy1e7l&_^qV7q9m!@f#Yr&Z64(u8;A!kIx_EZWWDn&Z7S4R4A~{ z?GtL6xOHWP^KuEoy39qsJh&3Ww(Gs4?n4_jTSVE%`o|5Xg?o{CtW2`k|S-aAZBu+Rfc zS*B*C6p*T5bV=r6KhfLW8#T?HQo4ZP?v=mmT-3iw_D`QU-!6saj#!@Ig@sD~ zD2>WK3150o291c>ns@_@<*1J{@u1rf)WZ8$cq+x}vfG>Wc^P(hTsA!)*Hs(E2}+#+ zupxc{n_z$0L>E=5>PINSSz`tug{qy=wTmx=lH=6#mFCM416>c*EFu0E&_d^TH&6Q3Zj8>3d=NSm&q$D^z_mf-KdahwfqX0R&IQLoag22w7gQXO0bsg#uCU z)4@$%F~2|3fOjFlt}j3O_V~>;<0l5A6{~B`;-EzjlTN|F8?mj?4aLI*%zo-ZZikNg z&ZEO8|A)Qzj%spS*GCmp5L8q|5Tu9-3IZy<29SVAGm2CpBE8F^NeK~@rGN-nKtPH? z1f_(Iv_w%rK}rCL0Ra^uK|)O^AtbpoxYpi#Ej|0(anHSH-18g9KlUDjmE@aqes6i+ z=Y8g!f8#7t2H+>%&*?E2d28F#)P&s>FP&A|wWabygT=Ol0+-*|MVslKGI4gLr4sD^ zDTCW<YB zM+&3IM7Ymc^Xt*RWI?91zF&?1OLUBtQr+VrNu6zW_UB1>>f+@g`QB7%Njg>gLzt98 zVP)Kv1+ssTSn%Hvzj>c94=C7|X|}|h(DNt3*}UHqTZ{2^r?bp%h~l-YDTQN4|B?w-p z%E4hG=bnR=(Ewt2W0sNVUy<)YhD45tiItq~nC(ES#m9aRnJ8G>zZ=J6xVbg3ak;?oJ<9d$4%B$K7 zH;@zhWlm3#LIkP-uh>*&Q?kW?z_{>Y316^%LyKVcbWN0|*RdyKbKAFTa}Ar)m$ z5?VXPBm11*hN~enCvdGj4|e8WfDY zA1Lprx`A6YnQ#f5%^9s*oclp?l$^w<8p^LC%B z5*_aLh?rcIxt$sGXfMQ3U;uIbfZ2!ck{qcR|4Vz6x%aS|VAmy@FgZkfD6q!ce=!QH za*9~v*zdyyd#0zf(knv8^GphELxD9NlS#D_5V)Vn^WL>%aOHB9KotU~BXfyP(lJaL zM^j>neq%k0Qcb0!Qu;7w-F>ZrQw4Fk<@=O*)`C6T{f4F}B{DzFa7-ZUxNZ8g*67gJ z&Y>3j(thwNB{Iw-ODJWAoJO-_OOQZ*$>(YO$5|_q)!Kq4#$$%Jdzfb!b0pi5$jfR{ z+ST5wb(@%~!qZ+_>1I55|JK)>(ACw&)yN_qvm5Du#T}=;cnZ~f`dg!ofER;z`g}z{ z%9eSVIr(f>D# z!JVG`4eBMO^eo^rK#(dgXvtl2$?@^|7hLN%PgLZ`qE;@4!X7u-e<38PH+A{LYfaGB z;fSu+SN$f(1RRL9%G@j=@Y8=bOqCci;HEvJ5pvJ@ z#_IButV6Pv{gK-4y}=Bice(nPL?z^@D%T)A1iFXmaXrV`ub;#nL3vYAa3=$PGb zivw@UaQjA4Pk(Bin{eUh;uTlKA-Qt}P%??hTrGStYVn02*pfG;op`}{j;KT`D0Ey5 zG!aLWHChx@4-aCr3)pe9ply~&vr37=q+R$s-#)U=U2Cb!d_#v!o6{B{QQvW0B>)ku zJJ9#Sl+Q^|lL~DdLX;wF=?U>8xVy$+QV5tVe@ZDB_u3<2F+0$ zKaWG)2d+8{`o2%RMWRAtTQA}H>@3k=>$dkAoTUyvKg{h$^0U7gVq)mzK@%Q#QI9%FD=ko`CStEI^<&|07+rxUjzv-nsN2e!*n>^=iRc&3rZg z?VCrB1N0ydE5E<<#xF$UNGuZ*@rKk#&~J zt=5u%Vl1mV&`u$+E4Un@uCzss$JV@h^CypFyd;y=xIWSI0gh}{5X^a@*1*QSQ*Yx< ztu1d@|MfX`dM5n&MD-)_smGsJrUL|u?JJzgwSOXdlH-RybvIy^2^0#ilQ;JW=~Y$nlHE33saQRN{96mHB%=yBgHW z!v)aa?mykLU=&=|c4)Y7K&lzbSbWs@nbCBZ?|1w?CL8;99G;A*S&T5}LHmaTF1%UR zcW0vgKl|5-`GNawzSwp~J3b4zRLS3eweWi4y&#LfC^x45JCz%qK~U(`{Oza!+4XnD zZYJlIllOBoly=_sKUBEygb(Jld3#@~R7`xQjE{)G$c5yY#akf)uMmp5IR!(Mq3`2M zGGuyN8Ao0G80OuV+PtBUA-%rer=n`py50yqiOco13)B@~tQI~T(v)4`FGgAo`UE?F zINq;d;^t_!PLi;s+52CNA*D(wg{RAF)3)%tE^>$`zNAlEUr!`_)42tDuToEnKY#MZ z4WceL6n>sgU}0=?FE=^(L4R{dQxWvB2g3DMp{YwOW%pM~%9NfT+XX zS+ACoCerY}fD|5a3@ev_M63n&PF=?5ciwjVZS@u2)XR`WBh5$nZtFDo)%#NdnuA7e zbkg;6lvnYz>nf7ru1WW{tcx6AyKI4?;%)+1C=H|9*}cAiCvL(zCgr#F;4y`8%buE6 z!+L`h<5^w?4ApLuBxue3(*jcqWf38GiV6MGG|C+nf4ZitPlCZUEpU4Auj1AeC}u=eSu zg9buW?$88*w}@BRV^(Swyx(!|r?7=If!- zcMNU;Svvk-BZ6VYS8P|}aZwHNm>N(%+Je@-sg#DKL(6x)G({PiWI<@shv_9VZ^@6o zzke_wK?!Od&A%Bc?fMayW+N7q$!YJWz65rnb588@9p+b+E5`Pf8Y2ms%&E zFhEp@7kHZxPxo9+kIOZ@=`b)IU>Y{hBT2wxEg8z%!3~@z3ChJDm}o zE4g-t*KK>`ITvpO50&OJ+K&~k@`TMt^uz=z0AWU;K7NW6DqF}GZoUbbo)lMFNt{Sn zX}bNI3jP3kaoA5{9S}@!hx)EnV_WAV^@zTc4zOL0p4UA-{R?YYj92(1qwod|I@QFx zBMyLRXx#XiK8u`%W|`bqN<+#{vW;g}rAW8-1k{X2 zHimw0D_>EZ1Wv739aa9(HHwV$*^c!|#x{bEOwwcgQ;(&aVsLg-0%`7bmQ+Jm2GEc^V+JW7b$jopw2xA z)YH=T-m(jV8eXw@qGAeE)r9z4GDHj9(10s@<$(=AFg;V#DYRp7z0nNXI-l8%3D=(o70vSxxy4IhbS@LXFT;K@id+r= z7x)EC-o3vmrBC_Ao7CM5uz>UrX~(Y~1K^Ma5GmX+{YCoW6aWA$=ZB7BGCqFp%wNC= zmkh}JkRR}@Pe9XfrG}1o8H+3lnlA6JZ<0?VDOX6DqQ?~CmF*3j zdz=kxz3qSX7TCu4d)v&+Ck{s-9x<_eRP(jLW+MiF@biab#|Q6RPUN0%@po`<2}bne zWoCvJy);(n-^1Z6c%n@2(6m6_R1iEO(tF2>@8DvH2!CgM4K0yt$vW0JEZ!>QPcLsq|d}40h9bc*XUuX}vad88=p7#*vT+i_{xQJsw~4%*MGH zqN*%nfCpfrC21651;J64%(mh1%tepiMrs$LvS57jKLOD~_6U4HW6lZ39>I_$EON<+ zT=aRwB!HbXoMkmbbuB-sUe8v1xkAqba?tI3qd-YP8&B`0F6@tpYt6^MRK1QGQkD}z z2UxmST~GM6r?PtqY*oe+vm1Izx0dIJ_Q(z8>4(E$>tccV3b$*+c)?jS1+z`s@L_Z4 z8r7g91Zj^l?xouY+0T!a;q}-kVo$^!pj1%JnCxkliplW(j~u`2q2kBibc3ZeVjNng z0g5bAq2n&SCo3t;#3jc7x?I<0~$2^rj0Jqli1j)cH{N97f9 z4C+Onn&=ud-BZNN$L7oMNA{zl>~%si3*(Mw{cZ}hFKnq2j#7A8$~fx>TYmjNcq-P` zA0l<^k&3p=ExtV65)O>=(a6^?g*P%!wzQrdSKmecv{~2)7Wjt!k`Auk`#9*^s50Lo6W<9R{Mv?^>X+D=_@VpT+;X4uD$#0B zqQi3f%IJ0rePHm8Ah;xsv79Ci3=eCjj|^kb)2N$9?mWgts{;T)5`_`9C~kHRhWzdfBm zS9z_Qbl9`+kDc0Su=EQ({!5_s)m3yh@uy-pm*a;{fU~#4 zP_s0`%jWFiycE>o^tazgE@KuDa0_Mi^E1B~DoU#PL6ZFRCk|IjwPC-kd#{^iJfoCe z>mJP*21RPTn^E#Gg>wB^1l5{0Wtsnr#{v~rrFea5Aa79KzO7u53nos{50o@BoFwe- z9?|ByUNVawPYGAoTTpXb=F7T3+qQ}Smzg_Q9zq}R8ODq5+-q;F*f)LS{bi!1go43r zAX5Lk)2(0HlwG$rJu;;Ak#_~sVLZ2N}YH>v|%i8PePY5iU z2S|ysH5D^C0FmO-Wo)2lDabMk0WHT$xzVu58s_txH=wrq8T*_3RpFG6S(oOj^o1O-rn zUK%GX#nCgy<06mYsh{l@;I$+C|L$qIao0}%?+^SJ*FbHl&AP`x_wm1bS1$>CfDhdm zi;`^W-GqCw=l1Wv4iZ4pRri16y??nE`lzRFbF1zDaF6&uz^VPNlKuWOr#|8ZwnI`5 zWZ7SO1pRk04%8x3k=`N1y+ZE)>y`gSulz5Ewik4kHqa*hdzag9?O4X1pf#4#Q*=N@ELGDKsEMnWASE5;(6Y7sz(b9+K&mHQSkJ;#pL9$&mZNx7Z#7_J8kD z04hnKu*p6BM?UYhg1x%EQ~xdR<8|qDE?jBXwRnIrQvSpk>~C$@00#V*ul?vaZs7jg z(|&ZKT56v2%a?89dn%d?Wr(!~OB+Yhb`K z;2Y3Cfy|FT>w+uH!W5`R<1)HzP(`W@S*N$gDRHR$-mqe za?Q0P)fL>;cAi)?LRb>AM~f(V_Iz$1WY66S zPCfcBFH-2@paH3RL$Q7lR=nj5Nqhdeb(0JdLhZoveRy|qor-0rT6$^!b1^_q(j6dyUFq(5&FpYJOrFEmEL=GTKft9DVedpQQQ~g z;=kDGaW%M)Wwd3Etc=p$a#X$_+^U$`f=3xZFEp5MhRKE)#%1gju1!QA8FZtrk)PDV zipz?+^N4mK@WV0#tIgF4j|y;8Bwnm%)%4q-w*KkGIkZ!dh-m21D|2|FBj{0^3S9c z_Du7BhmKvqec+)m>sBvcf$3S3J%W*NNGeLd!U0aT`{->$e7NSjwv>mjvBpt$Mqnqa zEpigHQ;{r^N=O~j|H+#7H=y}ji+GdtTFhds3a^NO*q?u$)TXM@{*ki0ojanWeP#-7 zF{;}$C8RvT9`U97KUq?jph%*?{yxbHfpdryoq8mijKS#2)SDV7lshWa#u;qBqS=1& zsBBO21HSA5PLU=X|7xB?qralqd2#3xd#CB3O8a`oFqEyZd2F*pD ze+jusT2!*?S?=86ZAfZz$|+c`p122Dg~MfsN3a7A=SDkF_;yNdd5(JvWL;Dv1TJ|0 zYeKr7z;oB?qInXj_G^{Dyuq>pisNZ~qs*h#X18#7Lu2vF!46-8SQqWm*5a6Afgl0d zLc1?&2+YxjEOE3pE9!EKi#Eo=%JNh7R6;h<^!7873KQ^C4;hr>QM5yl^KaxS=)@*5 z#v6adaP33^Dx$ALzK`CaDs@{~xi|e#h~{YWtrenkyQ8dgt#KZn9Yi-6g1fE%l67Bw zM#Vgl!=YC4>ZVWoAZ=~+&O==VED&FG&VVs~61;gHS_?aIF^wh#g%xjbv{G9_4G}1_ z(n~KeB)_zL@+t~{S*q1CNCX*%1^0}H2_Y<|n+lfiDr=F;*Sww4Mv%A}@x<3|!Yj5L zRpjj@-;PWz)!T3$^4&{1iENN$(jHde+dum5NqpyqJ2EV`4oC*?{4FbAx&qy7EZaO( zeBI;d!K3w9fs2SB5dp;uLLZjmXS{2dTZX{^1k(B@qT?F}G4XZ6_uwCk%wY#Tw*>FL|*v7-4|GT}ZA zXoVdGs3Dt;);P7k<`RR=bA@L`%Jb?NSEo-faFb2(t#>P?5a*H|WsqZRA~ z1%?y$2#jerU`W+v#Ph_5@qS|pv({9dGm}j&qnr^C88EcjAr!vYlo}o$(j?4f^?5l_ zIU+K#PdLDH%&ho8Zwb!1+d9cLJgg+%&pFMz;kuG7dxW{$*|C!Fb;7lVXD*S zSDR~Q?5U9#lm@2PU{lbRtKGn}<$Nv%-}&Jz(Am6Okc^SL7?m11?OK%WajVaGU&IOR zaBb~~JA*Y%?!EYT^0l*imc`47*@f>UnA$|~yfplCk_zVCxez3K)E?lvU|pzASld=7 z{x4u_$kZo}zm9r9tIVLKi^Rk{ES9WM`1V~xlV|9zPK|@3rCJ(EMP)D4x%z7zPl3#! z9Sr}Kw=(Me;GINUu($VO!$@UJ6^c0JuIQo3q^-`cwo#quQS>mC8jZGfhk`jZ-a^dw z5_gpk+4bTLySq#KmM@M*upGWgYE2JJ_qoLoZOlL+_GE_Hw_WxncLBGY6iyN#cNg&p!;>vpuw zTSs7nY?S<$0;2D+K03Zt=EbU;VS79d3iW0i(T3xczt8ZvLx^Pv?D|WEz`hRL`1*$~ zx&1xCU8=8YOcLH?ccwMxzO8umr`vK#mNhrFt$+Gq*x&QbLwRN1wLuyzs7ZM}#c$A6 zWY=QRmR{||@V(=v->(YxHo|D`?= zRup81%S3#QldfnJM{3c>6_Du+B9iGI(k2?}lI9R%8?riC;7-g6b*#DarI~C$x@uKJ zj~S~-%UXU+PQrrf;@+Qpz>kr#OWjoZv_CRab(T&Yli#(te~(`*x4uA4SP*bc)9PNhkgo58FhY%_@1L z=B|sojIOk*E=aN--xSM0ELG-ostoy5HU{KQyp)E}-uZwjzt?G+DkX?TkW;3s@s0!? zI{Dr-b~K6*4US?Hz4|$t@QO?HzG&52p70j>EEYL(^<%_rQ>FIuCq?>ucb$9F6&>;f zaCQ29Rf&F^v*(?dYczsy?Qp90+)GZH50~=E;~9Sz$UjC07=TN~q(YW^4nn127DKO? zDs7P0TqWgIS|C^Z2s?)SbA0Q@Q^Q_gx+xm+He?jB+_>vFTj71{;GOs2mh%_nC-=Hj$Js z)e=RYPE(cXH(gmqvX&dmuk^!=T=8;t_qA6(U#H#X7Us!2{735jr@ytvWN_K(cue-@ z6B@%P3xtj0td%xO;VtZtU&FZB_18PJmFVE+?BuM-g?C{GKZASF+q=|>kH~A3u8uAU zYmLk?9>ZI~tI&A78!G5N7|uxy{g5}i zj9j=xulBsTy}8rz?AVu~QD(?e0(?ypKEpjN_!A{_(4SD@O6XJ_eWY-pYB*%bRh;(L zsKO%hD?e?)z-#}0V3343>FkGDz^rMvV*wW*U5V7$A(!ByDA8~F0+??_4ukAYKqDDbU6pzwKe@om(+!NJ zp-O&pwF5w!ytV}pIKi0v$*BSw0kmn-TpVQ;*r+&A~>y-Wfdl z(_1p^J(#3*SHZrD(xvGx;@=oBqP6mgsFS83{vC@Y>aa2!1D%!t<6gOB;W4}rrG z!2fK&(HNJkv=h_ox!*>(1k$W$dyy#?KK}SC#)TMml2jb5uGY~CUbLGvF&I1%5-i_bg~Lx zaddK*!9$y751J9s01>zbbYD<=O(>Dm-tbH+3=e-1Iiw-|+E_a4Va|P8@~Iu~+|4f{ z8H)sT)M62N8OuTtZSy97_9quD%6mn^cp5z0x3W`(@HEpegF!dfbmiKAMK@$^zKv+I znP$5gV|#qEVqAPW#7pRjcuCyn%&nfBuiPX|ZQBd`bmtWLsMW%pUcVKFT^Sd!W(Pt- zJQ!D4pWaw{=tMfL!W8(UP1MY$&POkR+b-}M=Fxs0$stnYMj4WS#XBiN8-zK(*2pDO zGxhBaF(-5+ev58_`f=RO9;1f$s{G{NLJ4oC9VjnVcSUmQfkQ%6clGY$_S#*D%av-& z@GebnTB=5Ojx1xAUEAJgWg-|;@a|H(GKoy=no4}eRxjPcfZRYS56^?0XVfO2+^c{l z>~*!!p}7z*=$`+{Hg$_UjdR4Ab2kZkAei}9;S32iLw=dlApX$a#Z~V~=9#rxu`Xvx z;!Vq>V*EFKtK#-9(Prlu3+sVOeyndr@h<*Af?Ujw{S@;cl9X z|JBzb6~FMM_7u=f1DMVtWEETr=;RUrZ2(wAqSV>W@d;ZH!@tH)_(C>QLV9?0^iKxu(ha4-_suTqFk-=I;qu+RNbN>c(r}&EQk`a<>#J~LpYiX2epAA`i z4SAor6-lo}W{O6wd?7rrc1+JXYumB^D23SFUHh!uGqpwVj=GfQT<-OS-x#?P6H$oorWr3YdMy7 zLsC?ciuqxe;Ic)`ML3ZdcvjK*)dTB^#7*ML0##<6$vw0^?2O>EL?+O#2A}g(viO5R z{b$~<>Saf)#+TT|0efNx$FrkzEecU5a?~%iAY_+{uA$vtJ{qqW=FM+~qXAmu*O)N93B65F* zT<-WyC5o=N@@psHf*p>mRlJ3l&5I##l-wk+T?l0u z10Olvxkvek4kf+YB|%VOrtyqN{Ll7rSedtG#H+}st!uZT%#uBD+AT*`?Tn_UT;BLc zj)_R~EKTBAdzA&4v>cYYCbj1jg}ogDgmunWVit-!lz1-R&}5`*;@Tk%M}CcMEv zVrWPToMY&EV~v<`G&g-aWui0FV>d8YZwXVM21=dzlVYjnPj!LdBn2$fTBlEMJEz<| z>K8twT0~#w$bCquzpzb^1z8omsgRp%pSTVua%TC^L;&0|2+HihELBJD z2LlWV=}$45kah#BS5m=7OY4xStLXRiKeaXggiIw1q`agF6TxS3WyI_VH~32P2|^w5 z(LKS15~tkmY43!t3v+1JDw=jz4=5cWj6O)G6&$fhb{41GL~*z%ix;OKe-@ofDo<_e zLR^`9#pTW#L#`z?#$DPT17VIqy0A-0`AP9^;>Ar%gM<@p?>j9XYT>j%SYbU>aOn5k zAIT6IwV6NRDM|7kc2wNm-`}&_0zfW!&6nRr+(4*`2;0-HI3vhH3b`=vPCLMrTXYcrwF1MGkuFiwP1GVrE8V7td!4ScyCKW-xB5cDNh z;k^oXs*K&ocOPb^iUj2!-S;l7lS(S>s|l)bm1}sirK8wPwNqymmo(wbE)q1*l5YC{ zT;b&U<&lWjERkN4#Qv;WpJbAj(-c5@HiyGS+kYdtrp2Ngx;go@dT6Ci{RX46O5sTc zvso477h`w6&;vj1Zc-UWF=k2hotrld#!GS7>3P#f0T!jb-ykrRq_yxia#Bq0%RQAH zsKS&hZx7sb0SV^2!2$RX!5iIFQHy0v^T$RdC@`@rEec)C1qIg0q00$!3*(8UFV+?s z1Fpo40}LUWFB*rDkM>< zwA=CSvyntiX=do*JkjY|gV~Kus;K4LcQI{y^>ERS_(i)Ns;f~c z^YJ5GIQl7EZx@b!CT`@W(w>c$v0xd#OcvyHh297m@~!p3GL|~bH71`l=AyxdGmqb| z`Ad8xM>|h+buzmbMDs#Rs;xo*92_@c6|SJWRY!d)*PgUvNVCq;CQ)sgBPpUM-OWc% z_rO^3T}HY5nngC~KtL{AP@;reuzPjnkU18Hj%q-(B`eI&!|^XN^6 zOY*W$W*%!a5C8aB)0(6AAl-l-pu(gUPNyIFO^3NMcCR(LD?5&dfqUhym=bgm)}EmU zRUf~9UaCoI?4e$im_QRYZ}!xEQiNS7N($QlsAtLvotWXep%q*zQ57?=h=(ZWFsTKV z2k)p!W~%x-Mw!Q$$k!dp5lEKumpYbor@a;px|3uwh;&^OATGpjIYm@SlOJsjBW7oI zoA%(WHN^F)H?6k+4vEAiRMa+(%MmuxXLDvhA4%)Z$zj)6G>BJ5b+U>iwK^3VK4m|e z!I)(+u$9YAvj_rxl*RPPOH^rJuPH$lq=-9IR(Rl&IHI@p6$+XlHJ&k^=IM4lLj;uG zku~g;ENyG0=rsSeg}ufU*2C3xi+kw-gQ>0BTC;J?QO!i1NprV7tk9&}7V&pnY6>@q zH5Ke(!1p$ZryaBH4a3*;Rd(xW&R^`kd>`q{4#{)MqDnAaO>y!p?ug!txGc z<3WNm4~d zecslVYk3_aQO53Q$`85RGpkT-nluXw9TDbOT|o&p9f_c1jy{@x@p=bsYgX_ZEQbEg)cDoWJC#E$L@D&raed;?)vCLI+{ZwhD$KI6* zJ=?yQcUAcIU^`{ejVIwVo@~~j4V86Tn+Y&gUlC%sjJ?=M#h zJ9^hK=~B%e0r;vJ*v#?{7JW2a{<=%@;<)<)_e8}?GwN_g^)AtOj++HOGM3xK!!)w= zpF8@q9<|^3Xl0YZVJ4WRc`(Z%wd?7vD3#ySsmsQz4Tof?eJ-yH=eGNs^go(|96Up< z?6+8B#Y9b97qxlWE!5)!&hX+<9gPf(VsglJE+~@k7Ud3#tfsNK&(L77_IjPFM<96An6FD48Z8yq% zFM8qM5;ZDu8nSH0F?wt+rvO(2I%(9K);ZqW>}EV?o0hxMY|kBZ0x9&p7{I<=vhf-; zWLM<6PhVPH6MpB(FX15NWMdR(+kOXds2xX|_Ix>!-R}0{h^xuDXIFPNiBH+dACi;! zPSjO&gv`fTd?S|j3YEMibPJC&-WByiWj=QdS>@U9J@2e z_56W~WF&vHD&YZ%SZPn5tx{eg&mK_}xt0!eCMCI-88bOFQyme#$_-U}QsS4I-emBk z#!XS{=&L95E45PG1U(3OzBL3X2w(FSfa`TKFEJOUK1lRzO+kaAh`zeeJ^kh_Kk;}E zZQJTY+nvf=+Ao`NdhfTPaxH>tu-&h5zI83c>-PT09zDP=`DcsAz5xI4T00W%O%#A; ztwF4H*m9Hftsytu9~{k?(L8@N6QgtcY~k}ekmtREhBvD%^{bR(kP1gb`mKa7Swd%* zJ=9C7+{EW@q>tVC+IIw$RvdWWP%9tj2+-{b-lw{v2G({TW%_5!xo*lukcl?sIsPq7 zx8*_8e%5e(lUwPa&fZS_OD_OfCm{dga|}5UFi@hw{V*CNStgkn%j&Rtl%@-dhO7-{ zY964r_?TxOJ@;~nJ?69&d)yOoK ziQ1y8FwZuHTd0XwZ0U&Bs$I8H$I;1K^+}N{uh;9pqGY+slAeyad-Kw8gHE> zk6U~8M!rfbh_?&-0Th8B#W zl|ogsxs2mGo^N`3lMRhFhi4_}O6%y%Hc}Q`Z%JirF5P!29i0?X*D#{WvxfH)Dm+m} z8uYG=?O>I8JdKW@%dpK&-{Q5$BkrI>Dw3VpeLrmL*|wom=VK(Lv(g&7`hh0?EDca@ zVTw+G)p&vNzlJSi{lDuyxbPjtpF zSY$+(ji=hX&4%L}7AV@eq2Y4V)wKpKOwyAFW@^G%dl;thW5(0b!&lY5jCsVF-?6!0 zvDl5Ue33A6Plr*gr*r#>;@0~lcf)RVgs9rrtsY_wpYNf3Mw*-(j%QSPL8(Xt`l#m3 zhZYK4&!0J^%pA0_xx3vLD9cK6n;C3QU@QruqlvD(coud_qFcbaaju+F=O$=#P?xCm z!ViZc4*`PO@dp0=?}1(F(wd9+&o3CpqTp+*V{@;ztG-XVG#oTgyq0vg%QrVaj@kk5 zjODk`IzcZ$t`?91_Z=3s+pR;KffIK{Uu}^EW#HU(0?tT0tNYSQS19J5oMWRJBs6+F za|vd$D_F<;;;82yQXt(Utsn?&NV-R%F?Ij@AdFVfR}VjPDy_+kE%NbOnzgnW&r( zGGp#1k7(>}ZynFvsq`6?XV+eNj1rimep9!7u-%vDi8trtx{_L7nF_Iw``awg!l$$H zxiKy`j~Q&f$y>-&iA!U9%u#VoGtPumsd^GBp@Pj-vjKBOCm`B=u5VX)yG|=1mqU?h zP4kKV@2zZIACMKS9M#v0|E6z;72Y{gQG%}QlAldZC;}|H?Z#%_y)KzP74M#S1`ZgM zp{refpJ{l#L-U)n^}UxFTf@dKg;i}z5kBDM^U-y$GIwt`!!^Dpn9`~0ZjvV7=?55p zaw=G-TGfapa${WCqLsbtY!tp>of&3#BQ(%n4J&z%``oVOY&|;;;l-t_!OBO?i%GA= z{d0#=hS2^eWs`k6P1!r;6Q4S>`)oox7!WigQuJFMXG9|v$wC!g&6(kUV%%NwO_79Y z&V?nufneO+2G#m(KkVXLx+Q{nH^@}Y*?X({RZ5^o7*oe(Lh>-(dvw<_G(%nD_iR5Nh8%=h~O zb|nG(c7(-TCQ54#T>YTdQ*p|R<5AS=BmwN@c?ePP=CO&ad|67#ksa(RsU67}4rmh% zqte(8O0LXd_|yRU*nP;S!58x=B|{p!Hm;zF{{FtwmIHIVV6nAmbu2^P=&reD|JW+z zVX^y;OF~Mn1Xd|*49AkM7>)2sW^+D5V$;jAW{(K7%lnSuqD`a3n+v|XK48=!v|ALy zOvjuefi!ZA!Cc06i$%`8T1&g1x=#ZXatj>bs3TJ^;h>Do14<9ojxOM_*+wn<5-`j` zJSH`#Fbp(vx_Q?o6*{W6=K58~uMOyyabQprZ=$)x9;ymEu6-4>Af!S~_A@@f85g3y zj`PaDkQhxhk1D2n4!j1Ho@%+7rf~)G(UJN@w*#L7=+lHyEPYrjqwcX=N0;X8qi%zq zcMp`K66ts>Gnn{5R7^A$4Uvj!y~c>{Q$yjO9`jUu8QRsixazqH%o6-F)yC(!LF~0# z@LtFI)F1XKjQRwNXlHAy$f{JaYk}qp*N%nO=qQ?p@qsJ}n~uegrq?}cqS@R@uS)`m z1%bk($jzR$0~uUPuoh(2vaTX`^^o?ONTuKzf98aL1s`(d zbr|O_Z*sx0EIvvN3dRU7+6SfD-!GJ4%B zBz)VBZNBor!(-jE!=&ICqu6;xbBH#aM_+ntmpkA}rt%Xx6O{Q%9bX)Wz$%3~G#21Q z*|WPwqta<8usM>=<|pd#b+p|X`qroPvEL%n z#oUM8A;X+*8l#be$R&N+VE2`XWi7LG=1tCQj*?yQ zrb)_~xDeHP&YhBZ<2?b0z2aN`+c$|jJZ-bOcX^RD%gU^HlY%@(w-bjm7t)ACub!=U zt3`(}Ne)kwOsa0F+C4pn!C!*a%kJO{hZxoLw_iz3HV=bAy6{J=N;n-wd zBu(7=WZ?_!bj{ENkX%HzsPaVyWpl{M2CaG){Agvd1H^eTS;ndbi)vAsgj^frU$&^7 z&D^W1&^--0jS5arw!~x{TP=j6>`;^Eb5<=!3_kwWAx9xbED_v89p4E^(=4T}JGdVx zZ&S+CUH+ipKAdCtM}zNo<3;Jr&fKT3K$mT)%rC#NG(Yh8aeF5=F1;WYPI|l+$t~jn zkDPBI2&BO=D9>EC=%mcxOP!p<=F%q|y-TVW(l;-47(yduzj?P_OJ&g5T_;u9ASD*N ziJ>aMrgpzc>(2~oT@gjjAWo564LTBa%uPrOhO{}$UCb_!;w44}(6eF>8e+wgqx6~^@xTa2H=rdsf4n$W{ zKA<*lc$Z={W;4DE4&|)9%Q4kTP4d5dgf+*z zI4ebUcd0$|qHM8Qa%gId)l5`VQDt;Ox%xy*K zJ^AT**kcWl#5CA_9>*1{gI|h3OFXI{ld4c()2CJj4xQY`odGL*Cza`fMofEy>oCaP za`sj1j(b)_mpaXdQ*$<2=XpTx)0mp^H2(N_I>^Wvb^6i*J^Sj{INCWwHaoqrr4

nIoB$7=YJM48$t2?E?DSxpm3kQ(cT}gD$gKTQLe+c8X`BI z=mj#9EMtub>2{a!;JFudAd&&NcW{ubm<^{MxWXmbG34@IfsYV6p?gBw%j&gmCnwk} zpIR7}`+GFP@)bNblK$cC=qfc5OGlmz3XD6i358N-w z3K=}=F9FUQLo$iTF6PWEQ+^#sMr!_;&&$GIGU%&%#O|;J;u$-Wjup}xH@uv{%`0fG zw6i$w3S*)07Fu%kjBJUL>tt^ADBwBDUhn8A(0K;zkXz=f_e69OIJl;47E-Ivdeb%z z8+$c6TI0EWtM~50FIQeK;)!NSY|ugT;r2CB6kbTG{d9MjO{A*ttnx__=4La-=|nEb ziXP@-AG_7ZRwsn<>tPRpdG(%V9~Q^t{c%3r1|cY))|_tCmFX$R<@&~n0s(c)z*EY= z?LYV!Hm}hrl&=kLl3;lQIY}3}?Uqh&4(qi17@X!%0h(s&EGUX!XsQq?+JqjmAA6a> ztwMhp&zd~8NnlADG3+V4lFl7(e&>^1hIahhvW&8wC}AqxzNk7D4w+-x}Mf<_EMi zhtwQ3b%*A+8QcT9w=%eORGeR`az>)uq8(-+hIJqWOQkCGRzSVPfc;?K=1~rKY-th1 z%*Fb!*%J$9F~1CwnkU{l;1D`Yc9;#f25otkN!76*FJHG$3lNxLh}n`WD8Qa+$7#-Ye#(D&+8>o49GG98((#%E4p7!eFZGz)lp(>4}LYjXliLVbhN7o zh`p{kMKEc^%7UDzdJ6mGDudvfdlowC=nExv6B%LC&xbZvuo-WP>usC%2#^>qwb}^6 zfJmZJnrEaPz(>UtutP<8?XVM0eFq@jtzB4vqQ9GUWo@3;YY2Mn+c^+^ihOJ114?tS zF|Zf=l`7vca8;X^MB%QU64*|t$-ZaC3+v$H9T4^?I6Qg!3NWfH)pcnSGHQ7^lt_$G z`#SfU!msSTw^G0)-(X1vCR3U?k{T74*vAXEOX{uVdmiCO=w8Az{vrYe3 zZ(sfobr<$OQixF5qAaQG`;sCC8B6voSqd!}dxa5V6shb*WQ1u($i5RdBX?2BGWI1@ z$c!an49)tSsqg*6_xS^!&kxMJUZ3rpIp?~rb6xNE`#4_EbF;tR39_k1X|bKrsbbts z%CLR6q7R5iRtLY*-ZvumOLIREEo)xczEw+|Dw#fz;J&(5bPsJB7h{#jP8?@w#KZ#V z(?VZ73(Ny1o$k_G5HQ!t7Tl2zX(_#f=^0)rn-q!aM;ZOfUBn53Ijgs#`*st6XU2aA zXF1e&HL*kB9CXI`Tr(jAZA)s4b_DiIy8LQE2Zw#rY}87v-0h~9kG=3r{{o?+pz{CB~Ozdp=jc40f0<8%&ZTp@XujK{F=1)8 zLFYLS`n8okevE>UU7QD|z>-PUKcN-bFr%fb1~zAkY2*#E)z-+uK91`EN?id5;o=(f zuSB^{0%yI_n5biea&kDAkkC)+HVgd*z3sVl$nKs8FB`Idj}S8`+ekv2cjR16b&jmR zluJdV7yk728M33pY;*`YvygTY_@3C)>RZ6|^vMnK)wVXe z0bvONn-6?v7cy2^0kiM%)w->IfnE{f_8v$>4gfl>1%>o7_wVe}13``6TSnS)NU=_m z^92zBd@L04mYE37|@-29Dn^C^K1+XqTdtVKuKbf|qy3K8 zKkI@>bnWuHk8WueO9p2)02n|!9(ZGmEa>)YTkoSPbHBfU3dv@sMfoJamFp-DZC~Wt zhM9Zrt~#$;fmDzix2kTBadTJTN||Uj>U6#Lo40ip3-(jQ0Pu;ZeeN)>jOxEWoI?87YdCr8vyV)vOLeADfN-4Heuc5}8fN?=-a83VHR9D$ zKJ3-9m8Q2T6CW#2m=|xJ>-dgMu5vhU+_wiHxyPCsVzgCB$!_W8T}g-=l2uyeptyhkWc0Kqz-Zj+?gK$@Zp?Rq!Vds>k)s+z%A2DVZyjKR z1o=ELrq@sL(Df~nBfa0-cpkCBPM5sz4Sq0*>8Yc_(y{j!eDZ>_k+Z-TCuP$670f*? zr)?-x6pr&G)T^C((B7BKCt-l|7VSc&C=yq$!rb%kPRtE-NQ&iU^K5?dh<-J`lbsdA zEDw|>Fi%~P6e@wuSzak&mjSwzgGSnbl`I0F@YgEeUw?-2}`@{&sGd8JvX3VNr zK+!Er=RjcbJw%z-bZ55wkeN1b!+BaElmG=R*&5B zVrA`Fv0Na?_4Tqcp@BcYyotnq|C7@ZWrIvrl`UFF$*-1k!Of&s*3sgxFNYOkzJtsG zBDbl;xJ@4zBk^0oMDn?kEmYAy+h`R(wh^2PaeiW+x|A~;3!t$169s9Mrj24iki0^B zTu5Je+QA?n6J+WSGeuz)kr?I@riV~6=uW0LFAevSD?Y4wMlrN0x^j9L5?mEJk07^`OTz(7lofZUqhN@9f^{C)4UN)GX z7X^m?5r=v8uwlN4@PfntKpcB1y&>=Q*M51%CBV6QvSENC8QHBrl$aGaef1%?Rj+!xU4evbGXNCnL^sac2X`i~?PPV3}o`^}o^hhjF74SRQ zvYpZcn_IJM^z7Jy)qvD-F+SkI=dCpLv;^Mv%Tj?z^z8*Ppab2VW!;XS@>qV6T0cks z8S%S64+T;9Szc4Un9$L1?vfIdR(v$%bBYo{xtw4#G8Vqg zy~fMPz};By1tbpd=q$Bn){yVP{lV{^U8|4}wx{m<4M#7LHrq*;&tV>!@YU0&nJukW z)8liC4Mzg1AFDP@A(Fct$&?)Z^wJ}%$qns--Si#TdP9mnr*YXTfFz~2o0t)!Vf%;; z6IJW!`mvMLm($VOhi7_liHvCb#T}=lSef!W>B2#P=Zi$TvRInfQz@&B*n6O()N+>} zAig3f%%Ew!$q@&)-d@{g{1Pe{o8K=}c=8RO+a@8`x8P$QyC=ZV)t?Rh0npH4b{+3B zxT*e-7c7GEkS#z68_fo`{OaP_YJA*y4DSkX--Y#t_#o|MLs_#iC3bC20D;2M5;EP& z2*ZVpu-H1(KrFdF(&5`vOO=mpId0Mx^^KQ^G^07W79j$>D`m-0pC@Jn_5qag}BA3T;JJn1z4-Cc%i77MEU5d z_H(lOKmUMUy^V9h)hoas>+->nc8)<>vT-#Z0HQ{gj(S*&+; z=Hr6s<{fv^tk{At@Frfz;HLK(okn1Ly|T>l8TW_|B7;iKSv`8g@aB)Ms}IGqb;QVd`g&BFN3=I}wLPL~d@~*8 zgw7mcMdkq6FY$a1LEfBZExv!RjTQ~A0)Xb=Z8KZ_ZAUVzY$G8GQR9nJ?u>A7UR6@8 zF>NM-j*;vwIN#iLt=c+)_>YXe(MWed&g548{YvqT%36_jA9{xjLnF1sorY)=3QxWa z3JnirW1Q`A<3Z2#$1&q2m++yMb0UbNRNbf`>*jUKqE!Q8ovBl-=PN>c(DaM`=mx@V z)mH1~oxCd{13fkw!K@mGVKy_wR}lwy#oD|729TlKs9bd7eZ;vSdX=0TgTO+NZT;v1 z%Rjv_UJfB@coln}%iwQ;hO8$j2!Kt6Y^77&mYiD{l$EVhPlMaH$7oHhHhLMY`PmmQ zYEi*%*eSA#7-8joS#_8K)dTLg)D#e=?=J}mIkpM;46l*hNb8M{rDn!ns9q$wQKSRi zikf6tQl{Jcc~CXabkUf0DPXKBi7y*Gh{h-XR>(#yqoP`O^v12Fq7 zqh==q=I?=}okr7mji0?I*&udBbH=4YpJEQFD@c(qeo5zkGy?<%o$WVfNmFpO(}}U% zjov%8(iIZZA_4D3yy+@{yQO(0lGj_D||dOX1^+uzmfG zq%*L)-^QUL*MYF~-F6$scFnkr?5Q!PEPg&*@f`mqrB@0zk934^|Y? z*NK)~ZmiGbT45SHkftu+2CSprq_^)VIoXx*FF<^-|&-Q-K#iN z0-aO>?Lz>x;bUAfWqL_S$c>J0+BJ}#K-&Bh);*m02QepS0i&KElDzlY#!4s}4- z#LJagPQ4v$Eo7L9%W54`J0Ss*VvnK09pBId&LM^rxh`c$%7XbzLE#Po4iTrn5|E^- zyV4{VwLZT9Rj{0-+mt*(`r0OI`swZ5F>-zB1T$1rD#ov2F&#pD*j0d=jWp7XQ4*@q zP9zv87%s1u8?Yv|LII^4=1OYK5}Kjo7l}t!xq@NHEr%KIf%p!_1qyxDc_elB`>m|9 zq*b7Yy}RQcHDd+316K^jLMpOaozbV2a}bk{n$*l<$vm&Y|+!_+}YC+Rgj7KEABXXUGskh+KGBsW%{ z3Aw@cF~ah^r!&Kjoj%`{mXs!8Ilk7uGn<+8-1$rM{p)V;Rv)Aljq$C|G3j%*ftT>l zSy`Tf;)Cw$4W&|-!}7xv&+TkdR?KfQTL}=3%5v1Q^N8|c{lsqUcuC>fXA^<9P30>? zOnIL&U=g!NmY1mhB+c)>1G}P}!;$Gx^uN>MiYGaS9dh6yW2v^)TvwpW`MzD)uOd1x z;S{2uv)pLntjbxh!`4_Pbk*08${B?#GxAxdg8*@;0w9eeGuME6O9YD{@WVPWKVtSQ z3&V&2bgG4V%k3i(b1@N&P@SKO`5;%0g_m4_K2K6k4Fj3PA4{IQ?_>?01hsrioCHws zY-R=vE6a!6Z(`4hkIiKPaRrcG^uy)~@VmCfhnvEC)m; zVEOD*+xigo#hJg>Ny>5k5qW)h;_&e4JfrEAMJYbCNQe4Y-ygfKXX&TANd==+cTR~F z28-0^G47DM(aFw#?2Oyfi`Iz%DPToAmh!LFzOvZTXR-3T9B)|(WyyasZFJ@H02`3; zZw2&*!iSw9xf<`swEd{(%-is5KCzz*=hDRO`n$A9QvEg$@ zwS1E@pjY}MKAy^1*#6vfS{NkM53}kuO<}~LRTlTHEf~+A;tjCoAC7Y3mDuS|?ZyXf zHd%NE(EUFyUUf8kG2Ke?t2DEBFlsEg<$0+?f%x%_5bpA`bmc3H4o(};)DVu{+&xKs z!gj1hR*laY8$8=MC}R0rXQs;RDTZCS5I&5NOauwmT>+_pN$E;h_vgQakT^U#>WNK% z#hxZrjq*E{x`T4ckqhHns!1NnrJdD;?O*Q^lHv&~p17;sIuNDPik%oCSj8c<)eddX z4Op0Alg$DRWVgd-o%#T3kKKN$WjZBZ?oU-A*`kk~4&n*c(Fq^6+9!mr^r~#NYmH@~ zMHenV?NIZ`)=l1}zw77uik+0ehXR_IvWyTzo}r`XChVcup#}W;0TYK{j80VZUBY=u z)b4{4s078E|IaPs@GnoSJ5@N>cZ%T5)ZMD|lnEvFn$ilt6l2$za`rK)DTpweiDK=; zAUiEZSGt-dv-Z7X^I7%hJRY~B>682a+ysJ!aX#_qi1Rlr+t&^lh8Wkde|y zNn75J)B4l9rsy|{F7l7?%HOsc zwhO$6Gv$neSZI^_Mf*J`VQY`OKovfC9Q6 z)Tz%c8DyTBCxz^pVSaSXQ_9^@Ug78yZqn5z< zKO48l=qAIqvsploNzLF(Arr z4RRrBgoh_7-$YN=`wsNy9Y|uhxMq5>lJd+)#3FsXWJ@gO^_`|GlHoHkCyal0>vX8U zKK}CNCj3u32lqOc4+icTRbNG0kJ@2SkJ9@?{W#&vu`d#yXD~3WrF0*&nDsszK{Qkg@r?SrGRhQkRz%X7K3 zc({mAw_?J59+eMB6(?%oa!NdqI2*jcG7Aj$oYThy>4s%QyG4x)evX69KjLAs2kM|7 zgy$aBjErWKO6!(M#n=RW3h>xM(as8bgJ=YGyD*lKyDZBh_$$+VN_Gl0gAt$8LW( z{!Nu_(-J-k)>Fn)#5i1!ZpiL-=?x{|GE{bP@Jx05j;^)i;0`|eY!uVAVL+rk;^8yk+#;`eI&5gN3yRZx ztRa>Sl9pVrRop0-wa@E8?_J~F!{`tMVbs{gVZ)W1Dj-J)Uow!I7uVZp3OTcz8Em^l z6DDey>l!^{a=I+p|6-~sR_ODfABjC@L?ovPHeO399%6@dXI7R}`P@^^zeq+_R7KAp zoqOI+8LjST*-49ic8egha_bJRxH#vPSsRSHm%$|6GAHShGOvn1gMKzyk9aSs2DZ;* zqTULuT{>)>DEZen(r4;VC1%-s_>`)!zze#fkHt7YYe-qMxKZjvNpmD0Pi24~Gj3UO zm>@Z3l=)N8??ON;dq#g^4djTj!U1B0F{!N!Gk2bH<>j0Mh3?gNfqtDA0+-FRM~4a$ zBHFaMTPrK8eBu}?aOa;aLn~=0KrfsQXvj)pBG2>z+oMHfj>##EO)>ktMZ?Hye!(QD z6{+0@8{dlANrSB~66n4!2W`#k=kwTNi{q}<@5=&VM$6WvgW*7`&l%7FK}~@Vi9a~h zUDU^Ey+vm3t*-4B%VhZdbe4J%9QG~)c{kY;^Kr@2lQL8UT^9DSf@qpqiV>IWcunXp zmVH~sPbq}$iKWJD0pz95G!Tv}p?#qe)FF_6uj7V=+`D1*m$uv5#|3KKZaKfdvqLaM)k zABZN^yEu_FE5E0tzVH6LX#uhOtiuszm`LZ_X7&(w0!Yz1Nok+P*Q3SnVyIJ3CQwff z(wXK!2XZ2k?XF74?)S$yTZ5fBB(tas`kuJ~1R^Ri7!y)&`oW9Vpl?DhxP*WtqunUsMkHn0|XZ^@CA%`rtY{ld_v@?RP!H)e188u3y`$R@5s=S^kD733)3+pd>2$E;owj};KO!z+Q+(*Ow8obf75IVjtFTir>LSv z4vAY!#_&@7TDuVL=5Hqk$Ie;*HA z;~*FbMeFd$rw!(>;rlZi&_sukiWQTvUo44GokCZzONIau%eS`t6#hfzOaAdN8- zvooWlykBdt_1?}%0F#iliN!*l5eeh(MLb_H4-H#HW1u%do4AgLpVY^hxVGk3%$B%^ zVhgpt9a9QQO508M=|s5)X=vl1HbS~pEY+Jh4Pm!HVThk39FHnJ*SwvS${N! zb3x?lQ8Kv9>)cZ#_Ru*BqNWQjII+O0gn_l6>pyokiZ~wFPL;}iI%Ib25M$o(zl$^Q zkNPA4BZWt1nZqsk!!nN+SKJ1O_d5qoG*zY!YhO{p(Kc6EIv>n?Lx+U%&`bZlrMbgA z|AB^64+JX{zwX@gI{=Xbmq93AsZT)89QnOam43p9nS~GhuUQviEXJdSH3X_@h<_W> zaR?3RR0E~$xZ||~A=JcpDDm`C^WT%P!tNZ4?*wc=gPNVr2CjM$PC;`I;{r? z?{)*ZK8T_Bf2P%K>V+N43d{3yKM)m2(1JRLT?l2Bi)86-pg>UHtI`&D@x;@`6JYeu zPFT2ZLv!d%Z=?^?`phF|IR8iZcGka;8#v+(k{H%#ygKgyIz+|N1)ne#?n~yU6&G^$KaPB+^F2O%LO=a7s!tz4OSDy-N z#U!DGg!5%jC=?tXdY7f_uw=XU*em#(GuaIA8l?ch3@-4pDq6~svuw^BrG^CrlLWG} zmQ`6R{asx$ieOF)w#Xqq-dxDEMa+hSv*93`2LJvXQotep_c?*pQGbuPgMaS(=gYyr z?fCQA`2X!o2)-Bsc*5V4ArLMw+WtF^|6koa!<&f|{KaQ1icsBPJ=_9jV^U@8b^m_= D4YCr- diff --git a/doc/source/deploy_install_guides/r1_release/figures/starlingx-deployment-options-simplex.png b/doc/source/deploy_install_guides/r1_release/figures/starlingx-deployment-options-simplex.png deleted file mode 100644 index 317b7cf49a8ec9e84e223792e5cd819aac9c2342..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 81291 zcmeFY7<3FuiF9`i-SHDeq#F?dX&6!%q@}w{k&uuYLXd``K|nx> zp^+SLh_ms1&-MNX=hNBOH6Ld7wP&yAS@EoOuX{!6YO9bE(-MO~AW}6|xIPF(2nK-& zv>=4QFVArIfG;3CcYPHFP~`~yCh!GpC$A+B0@cLbxv;ned?$LN`rI7^qI`Sv!CSOt z@&`$+%*OGBZXxTsu+4ifGDz7-W zG7(0+T{c#7uW_rMbA<-&t$ZRuE;zSGbIQMjK_gCUe-=_uB)As*zZw;QD}Vwpl1oj@ zv2BORRVGkfrmH^@qU~6}cG1LyJKw3PT`wM(djI<7(+N(uL;MM4GTcuX7G3iHweb1t zqVLp^q|?D{uS|n4n*Qym{2dJP=n)LorKl)p-8Z_;!o{OkQ`ieP?eAx;dZr{R;IkHjwibUkR0 z{n$4Ta+d!odrBq$)l>7b8@10*b380nm^~ z{JajHhl~64?(~5?WZ3!jzIn=uP^ZIU-hlF!;)6d-*9T0Sv-YJmIwlzT?^j~v=h7cC zrH_)rIYsr57db>L4x>kdm*279gnZC`i;2@uU@)gqD3k`um4_k;D)V2JUiUj$&3B_5 zRC?58!rs|X1|jdF&-AGrE(r2xJu%__Sfj!$lPxRgSFW>u6X)aH)x;te3Dx2cJ=_H{ z$+`Y7;fBaF|GUz!%dGW&6j+*wyf5EyzgjPU5DkQ&X!5ORlUhhS>6PlwIL}5{B1)5R@*{W*#g9U>mDUnmJLDj(dZ}q0c;s)Z7FhJ zPyRQx5gnJE33hxV&kZdT39NyH_(Xn-+NU{k!(l%{FRP6Qsf1$!qsYd?SajeFULnst6Y8b60_;f2Ko5;;Uni!b0-V08N) zC-Ja-w4a;Hgm0qyCIr@75mxSS)!vRuE?)yIv zh2NGX8PK57!ZQg2C}1_Jx~F%Qm$x6SPQv!h6)r#d z@^kGpt_rVbs83C=0TYIXulU9lT17{vcx%6@Iu!^R$h+*69=`0t+FW&*6D!iNmhCS7 zqPdUep-6C0Qj`lPyXQ)*&vouB%~SS9Pri^jM%_qO@$iskaf~kPq|P~_hv=I)X)ogO z#VgkRmkOaa`gimcCbGAq>6o1c|&ICc|UQ z5wuj%e#CF*@kJ$B7Dfy+d2r-38^@kz`IjQ#^|9caVvS-D)Ut?njOW%-Sw^k zh7NIi>p`<1D#KJnnnRbQ;yg!aLyqRo@shEETW5?y!nS$Lw9_MI*{Dlg&VSgx?UJx_g&UUdb^CAp*W(N8AF|;+gK8;x;Xwj45YwW7EL}^ z$IsR8gKrJ>Uhjq!k0TXAmjz?kDAM6VVC(0)fAl&tO7MA!w_EYvC&+*29Rd*_IMCdS zPt2rg*==}1Io_3)eo72UKI6+Oo1LFmfWuQ1kJU{->lzvxgd3o@9&H`cSeh1LDau_> zri?`AU$;2dj!0}*c#ykZ_gw@(f9CnO;B$vy1P0aTsMwN;`?AAFlM$Ld54ZjRs4O@y zzL0P5r%U&S1C;~CWqOdS3NGw38jPRjTZlKAmOFE_DzTYpg^K1qE4UzcUp)E?!X#mo}A?Wk@IS*__LD8Iqc}Q7DoH)33=2E}LaKFJ# zptu2fQcb?2G0*pcxU4mTE~fQ)d35gvDApw-{VPkv1>)PomBo7$3BSG}zR9^&>-z!eq_SEl0P#KOJ)xddg{&;A>G`znGC7(KWKj0SZmXl~Que}We|Z%%=t2;GlY*`Ml*!K-RFZ0@55 z=6v_Y-jqg|9dG@{SrAq)2?^K{#U@)B80N^>ejlQspm{J!ZXd5No9B*y5{giHc(`NZ z6CDE0tqm!=5ETe4x8e1v)c#I{9wba`^7&%&m*mm}l# zSubxAN-u@dhn-jfZvD(25)JX4R?(i)4=NqI8)Hwax$-9Lhb{Fj2%d1_vd-12&iGP< z%yGWp{GFGg2nqQPr0G3c2^h?SW5r(T!!$d5vDo*V6;w;_5o#Yj2T9(rKKw-<*!aUH z_2qa#X8l~c;tihJ=q}}lU=9&BKox=iH`&dYb=Eg8}433<%Mce>rCcqF#*}<5#gHM+iCCZ z7fTrf`UCKR9wdiBr2M#+O5XmTpU-l`gONdi5P1})GFc9*qkI`XrW=qNB(YAwmcauC zs@}eu_t6C1_RJx8e=1xre2EXz-&zB6iF-)IQ>HOzl zwL)XsR6;qBz&@Is;J7}M5dd zyn2$ijN!@=;T-~b3B!u~=&r%84}`di&>woV1nP*I5DzUF;XhcBAIuB5w8SV+$*yL$z)*-OgD!0M;ovx-7d*G` zxPXO^S*Z1BQcj9QgWru2Vg-^{ur^`NIG`))RiG1g51KKwtmr`YHU1KZr>pN@W#D!A zr4fuBnf*(vC(TDyxM0yCtycDotvV{wbL$y@VH2U@a=FV{9}Hv}ebewohGvF@nFXHc z=J)$ajdleu)w2@9t%dVz!tzZAujBB7#5;}#@_+m*BslY~;mxuV>r?BT%hD3H_E4mz z2rYhq+(^B@VGw>n-`mi1l}C>d6Blh-EiACYhnhjg`&_;+$LtH*SpNON6Wzd=vC4X1 zp6r*@H9EGW9zqHI@`~m})CEk5pZ_qs8wU05=$3#ccBm386bQ;~@!?%%M$Lj0z?I+- zN>Pa#xA!iO<^gR0&!L)d32v-gcmm^HXeJAJ>l7}5> zrQt_YS4V^(S9MkT`~(kL`G(VOp6NTxx6&#)c*IAPWhG}VWDj}E@}H{E-sS;2?1&T% zUZ-46@6c7Ipcv|ul7_}4{VQB`fE*5pbj7RLE`5vgT-p>gJhb>P8y0=HkE`=VtC5g+ zk!WHFn$Q3lIV4&{9+f{NqIvTKT=_P`u|g?pg;u6WkRyxOgN}1$b(v`h)MN9_mL%T_p8g*dG59Ncf8y5qb9za#j(`TbiHYy z2tRIN_lUpIFfuyAPHKgw+!Qe?f7@e;A|aV?CR~n0+_IoU?G}Y)FN4>sJhE@o#{0esXkuzY zt>Hg?Jz9|KinHmivhKu<(q@1mGVjQLJDI@_YLDnv^UXwJzj7eTw>(btVfv+~$*@ zT&iMfsi<%eY`Zq+q~e{GZCLk|k=f77x1{_TuoRzFRwi-L65#Z*kMw`HUDb}5g7mGN zt;FfH%Tv(EYC>YqnE(s}V?$HrzxFth$V|D2_yyOqh=1xJxji>|1Cl5NWH$RO?y*UB z-+Ev&y5PMM^V0>{$1D~hhv^KN7vo(0hSd)_iL((ePb~`EU>LeQ1|T3$y+=h)V#R(VAHv`F{W%{`ZL4Gclc*>J zzl0u~XCL}8c*K|RG;9`i{quk>ynq!`Y_riv_re+Hw)6EVPp|HN_S~#FNbK~3&D*Byr{P!m3_E?? z-8JTO4DzriL2?fd(c%{oD4Z4BxwI=NKnVSB2L~|*vJh6>XVI*^M9976y|rTs3*g~O z?K~`g)@Gu}ykBfaXn7iCcJceTnMsjZS%GA3zFjJ{Cg*Tr-Bx}#D|so(YDKKk?5yH` zz0>UW1=ZR)L~&V(*LSR7|NDvg(umkf^xnABhR0qcV*kl=0xSb2X0fAQU8SnyZsYlS zW{VSLLJ*^r)V?<(%Q)6IWj*1}#f8YZOefrmWx00GLNPn!IAn()P!{(C?I}x-$wD?ycs#4Xwq~Yht-B#jV0R+#a)*W_ub-T*Hna(pNO;@TNgQhw`io!wb$hn(w_{-i!uMvA*k{@6&6% zb7&!D$yi+#lVN2mL-$;&^QDGxpBvkRxf zFnqn7q5N9d8sreqv81fzs8nSEM4MRhAhY?Ztb4JXIyQ3Or#^xVBrj(2AtOjh@1pwC9cIkD2G z^-?LbxvA|JYnv{M1|_zz)o{7bMq2)+dq?`L434?IZ6|&gsJ(o#)Cw0}cN@lECW}Wo zSWS#mD5*%Is68$x<#yC(-lJyo$~&n{R3~B&2viQIiIGE5IR1G$xX_P(V5&@b*{< zJ($X3S@(z8A?$Q1@VaK&49=EZUWqq48oB680U-%}pUrQvq3$Vb5l3x8 zb(m@e;Z8o~Xq#{{3rWsOoNMcCTbo~#o(`OTZuj}oRj+t?`a@^j) z{;+*SW7vin6?sH0|Gn^O=Z5Hx7I!Tny7>-oD_?SUaU+x>`4oEfIXbF>u}cIDK}@V{ z$rZBjQ9Fl&IH5iW-Uxr`6#+0c#Rz{l!X830BJ{HtCU6NSZn^lO6;?h!SXRoOn#p?(Vp~Y4=kYFF;o@ zZ^?8+*rKgReMHT9Nh4VH^Z~_Huk4lU+_XO7w>-?lz&MX5_v$Z)wL*%K`>XQ52Eme- zl~#-Smfw5|KYa69;k}+n%zxUn!9F5`+u55_DoHh!_JnBqYI^3RuP}PB3+yKWM~OKv zU*)+rI0ma9#?Eo4e5OJq(H!!}e?>}JQvg_G&4RY>xkQf*M3-z0m(Ri{26Tc1)V;M0 z2oL;u24BxjjYWEi|7BPQZ4VCz&o8Wtl)wIRc{*=2|I24qhT@#Tz=%NZERIQr9FO*K zqR_7&>KjIyX75cy-ew|6>upk;Al#3Zu}+YR)vU?x;b|bMY>B#31Lut%JuAKzF-umm;#53##aN% z5LceVQ_3Pgq7&hKzou{yZc?LTe+C*T;e+~@B^Zq76n|3*{R?TshU5cc1)3hHF6i3K5D$SC7mR^@Ma@Y31JW@nV~ z|6ItC2$81rSqpM2g47k`?YbNd-jj5(nO!$_?^%3FVyVuWlt0Jzdc+EWp8_x*lKVkU zCj__gX!4e&%!rh|#)N5};+SL6X1+u7P?+3k1OD_}qtiK)IscFBv z*tkTIN_a00ZtYJp0nOX{P!%QMUOxt=}RIB)}pt(uSC9`>_)wX+B;Y5J1}CE!^Q#%GvM`#oI$cAyXAL&ZF=yo+)Q z5em~ad*RadbHU`9dNg@(6WhnHks}Amre&}Gy;EM7;P3K#sQE^8(Co??(y94>jL>q45Puf}wbf5a#fQ0%cr z&X>%*&q19F+cbi&IgDoa7dmF`3uEq&U(K;Sc-{q{0Rl@e)MhA1@4qzm7?aT+67iL2 z!TXV&GcUbf)&i+9kJN%UHRer@W60Y!Q}FstO|W@M_qx%-B4EwStq_zT)z*bmVepvz zCbPP}CH8mzd6Nj_WD43md-o%B0ezM@R{ z5n;!Q2IcT}@sui)GF;k!>UG~{#5SsIje5;FlzOB>(_Pr+ph$6ovOh!f)>+728=KGf zZ=hx@U3=(zd#!jv@VZGnI&{qmrn^|!9*sJkdmK5m)&R}@5i#cl{b+XZ-l%9M6se8; z*+ewkKUwgH~Sj2;9d5vkYL(`l~z;ewCo`_=A5!! zhxT0fSNoI7_N%{pwD2As8Bs!oZZS6EdkJHFnu}g*Xj_vfTSsluDsX=$?VUL^1=XEkEi z#+^^Y44VL>d-+Oe*3jMGU;>@tazavN9h$%Sil#t#7dHXkN#R+Tt#2O&)$Z;~G#>QK ztg?3IZ{9*2brV#2+-d%IEr23hC5SO71R(bY9nSa)g4J>1fW=muh6Gri8OdTbAiK^5 z0rPg%l!_qBFcpL;wVK{`X9K+=$Z_60P)s(o!Y<{x18>BJnsTuv;0K@IU)OWox|`rC zFHVPYq;M|zJQIgJwoMBMoz(lkJQm>XzcqjW&zd)d%l+7HILr&HE{+N}Ow2M}x0R<%9e2y3N1JNz-Rsgo`=0efP)+Xqx}5=Pqfz za;E5gZu+Ts?)G`#81f=(DsL}`*UV|=m~!ifO2O`|Z_LJUdnkooOD@b3EU%lBDKdZy zTgkiPh6y<9Ua16h*`@cd$2rrIg@3@=~QDKdci!o|%QCD6IAK^yw{06hf4f z`*!%b6@xH}oFdb{3K)DF-kL^hU=?8WmyFpLRH%N=1!Y;>QdPWh24z~6a1HeevyQl; z`9l&b>$kj$d7fJ0aT>|D&JR(QuF;3Fa{d;3VU)3n4W@0}V}n^pG8&5FS%xI(t5jON z2ZTP1!Yhw&AHh=As0X)uPM*vRUf26&?WbU3>|5-PaKfVW&tx%S+rw8=4KwI~3cwC( zRbLa2imO}aq^l}2GclOQDFINTef435v0b*ueKyXmdjJs8(!6w+hIedKr4H~t>u2F| zTGgM4LN6g(!cQ$BZ!}TeM{d>xmVTKVKLKU17Qy^6gLO3b@o)yTkS^7w=|N}^fJzLc zI!mhPiN0UX;+>Mr%{e`9JEr`N69x~g`JOcJ20r#VZf-yHBeW_lqW9=0oFWnQynAAIa!q`_rjb)+=+DAMm1L@>m(je|Hs`wNxW zf}sR|vtJp&OX8BL@sZ__0pYP45ed+t&3yN7S|BX`-4!!@|K;+y@%8*Qf+SerKV4b$ z5B*lgRpa`aBo>ej@0$Xn{R{u526w|)sSP955q8AGxk`ifaL_6)qzXzxYxUw)WKtBmhuK`*ANP zEK!>}?U=7D9poeSTaE1TZ!uM!oCP*9SWSxOJ8|+c6U$mQ z^Q@9Z4snX$yftb}n+C)%PQ|>Pwb*4op1=HH^LQY33DmnAmS{L`uPrJ2Ae?%-nZxBA z2&YEyunKJ?Oa1%(A_nX_N8O0jq+S90mWC{yybHv+AN8uq%-%`{&FDUo@CKrl0HYwBbiPoZr%^+XsT?5ixI0S3z+T!fE3K3}TmAxorP7wVKI@KvK`?URYX&~7 zR?PwO=Y)XSL(ZOMzr-g*ic&h zwf#Jy&_kz`)X;O>n#kc>nffNOfdG@(Wy3wMbWC&WjQUZ@gG*X`)OsRdZnob@07i!@ zBHif51c`Ub=y(8P5;Lu~Fe`H$x&JZ&V1Sy0O`LMf#$v{D)*_?OGlpU@Q>qNyk81#5 za4lt_299I5hqn^2l<1|Z?80%~XAYC6KDvrQZe$ZJ4gO7)t)+nov-Mu%%BqIA1Z{y3 zH&0zcVK8C7Eu>oJw8f;#oiwtq!u1BU#n9Q@@9DV0?dQ&I&X@%Tco8L>o5M))!rheL zxyApAgTX$Lk}Br>2Y`y&Q(%r20IxMV`eb(b5$BxHAH4LUq>@s)SE*&u^T=hkNC&K2X2Q-AL#MII#9dsrRuj2l>H#L5KU@Curna?ds0vb^Q>&tQ9ZDT`C_^U5%&~7}a9fSHF|e_;(Zzd2*JV|_vWzQ{5Nn-= zw_Vxtdix@<8z@0sFxKflz%iPqqGhODh|l)Lcr+B3^5XU875lh0lBAxI5cO^GsX)2z z)p*`xcX`&V(LOr6I3tS9TnB!zIzmql7Ky(5es^{;zGno0;2#$-QkrBB(sHDCSEAXXp|mmcG*+X?~Y$X~O=)REQtX zILdd}4iTj|Rw^Pa^C(VQI)vlX5A3VW67QxsEkEIN- znaNf;C84`Md|{Ws_i0bE{Hs1M^Ozr;rx|E?>J2!UeT&jD<&e`GGO^yViN>crZ={c$ zj{%E$OA~5{q!9lf2K5)xB;WM0{7F~=3%mQ} zoh~1i@X^+YuM4;ZtF?gX`xgy|OVZyypJ>qBpHyo6`WrEC9!lyPOJW}dl*f~G?E>za zbu6HRmEyc-4&S{qe*LQLW%T2g>ht{v`=|2x4{(-p`(t9gTCI)>nJ&w4YT3{n)`C(^ zy7RxcDR$fy&CB;m=b_6|vfIzm>hse;mHWlw`z8POx}4Bmhq@^)GL7#PD)bg;>U3hL zJk)o9F%G;YxIf{iS0iWbmbaL7{glE)S?$N2_FRm7(a*uc&uwPJc^XrSq5AeNRJIWo zkfe2jDxWGQx6W+e@9NLXS>#YWvMBB+~gWL7T1rU%rW@qwv+h1Qedpd=d^oCWH?6oU5KIlBw2nl5^5tB#C zJo;2Oy&HFcf8!vKoV? z0RcjpEavl5zYC&xwkq|kC6*UU^}_kwmT-$+0N)`5 zBX@jg>?o9uj1Hd?0S_>aX%L;(*FA&-sZ?ie*#qRzq@txy!wj1}Sr;@&;3pY+pm^Cw ze8VfnvN#+xsefCkF1zsX8MVWx=LmreFWR|k?AE#4r8eKo(>-*RSEgFGbjFgb&#`-q z8$tfkes%8JK1`o}EvY?1egh*zxOG}=?zF{BBXV)&vo~?NelGt*Py2Pw?RK?2i#?^b zLN(?`NrC6mbwJBW^dI8yd>|jHceQkN`nBZ+W%}!qZ_psAI9PJ|^F0p}peSl7TG>-M z9{GN3N?KzAkIlKz5MDUkZ~c9*YNJW^?hfR{#eaqF_Wd0V#UOj9?ru*ZaE}XQwJx3D zqTO&Mz!t-UK6SagXi;hEm5E@S$m(bV10RfcdNkKM{c0x7H{LIP4BL!HmfsgnBUrC$tpU)AHm(-(Fwk}0Mh6Necp z$F;*5c_TFqKkwB0H4N)=q7Rsl-I;)@=sgmle2pX_$RW7k`NqMqkAomY{YQ=_CD#4F zxqra?hlm3@Y7(1m9P>+$Nwx6O@0IjGL5O9;zh|zj62~7~hlyEY$zk3Ratqs%76Q7B zJt8UUbV+y6|9}jvQ#JQ|`^Dj4sxzco_BNxpIofKo7upE)^TszK7p!N2K3C=q5c2cU zbbP7U005YbY&cMMH&qZFI$H+p7`zHC+okH35SwX@UGeTyWc(1@2z&DJ+( zn+uy_z6q4akBbB(xXfbBbIS#ppXudV%R1o;FEJ2y34rJHZ`WtDmNCe7o?FSl|)HoOtp2%V4G9j97B8;?o?#@1-sR@euWI6Mcg^s%_8MD zurg!=Yv(AS2LS5|UwXU-ZqGGklb3Q4g4ojKBuFV9X{%X4r{*}jh&Ayv%@Q1JKa$|( z>1P<>(+~>{_Q`Vkj+v2u?F{~Bl# zH&wgTJ3q03tm6AVaSLuAhMK3JRY=L6H+|Yw-1S49MtUTbC}w%FxsS9zfCVC69v&%j zW%xI_Dz3%k`1n}FKt?}Nh(uPmv)D3wPIEy*dv5yGdyf(vf_whkHGO@DZQt@O6O4hC zXpYv!r<&v-tyik#hx6B;_k9B>o^~jugfFRIWh&6q2vhr_G&=;!ZjYv+mz=0v4l#ti z`oxQ2Dpwc!zTlA(y7aTLbm` zlyy||%U9f~n8gjHb4eJXbE-u=i7#)p8A?BY75kVU61vda;Zi5`dJeGnXo5YxoI6RJ z!d>yWR0$5kmzn)+69lx-nHHgI0H^qw|8{y?R9ohJb&oMplik1$0xquZ3(X~dn0)zs zv!?pPv9L3Ye^O?<-anq#eL_pLIN(#{Fw3~Xb5r%|D!tfe$m<`TKhiequg;?P*QlPj zn_7h_o}(Jv8G(c^*MDhXzq|R+d3CV1l9~eOmy2>oQ*&TBNBqvS%Z84da}q5HSO3rr z`w<*U=9J|3>K!!pO7A7mD%KBlx_vVp6VS@?oO77Md5BE%a06l&|=g7+e9lXONXGw@5uY->>Io)+@(*Md30rG z=ER9)yG0w|6Kb7?`mKB`S^YHm{p}Lv&-&F1Z`>@>*=}0mTLB9?=J>CgH%rQcJ#Pqv zzi6Pr8{Gmzt0U6bg=3S4#k7Oh{ka!v?l+?tJ{<&%)zetQm<7$g&?Ry7p~ZK%FxCVM zxfO9ue#`n8yRBc7#b?r(_Np=_!qyRN;$>y<*)z%eDWx-ZSCS=+-(9MlUkV?dd?m_$ zC7QzW_tpeK;s-l?+i$cUR1ioU)s+5N38TRBe%OzoqmHT(dWD; zz21vGs$Wds0Hw_s8d-bTjKS{bRbL*OGM}}-GB|T*-ZO6Y%;G|Q{F>wTz zWky0Ralog~+D-^&IM~qaKCwtQeqpuX+JSfbZJaXTW`C396QU^iYwo@|zaDl$xV!hz z*cB~C)JJH(&{T+PL-;0r)uT!{Isy8byHnH8-!Il^UZ90(fe;Ji6%8l7IPMn1V<$+r z#LAhKY!@?f4F4Rlwq1!b(tlwKRSeokoqgxkuCi(`xfRyg7csE!OPPmpJ=V@s2;tX# ziXTn`o4`k_E7wo%S%u_CCN=q}Gb1#}`tJj3OHd14+)M+VU(iSMOi@!a)_vaOm=HM^ z>^v_O96OzNF>|)kG#0C=))X{whJ+;!Dq6*xhD(heEd~`)WlS;#XsmU*u!i}@KI-$E z<-I3-(8Q+Md-dIO_O%w6DTO8e&gqWI@sNuknD7S=x6QZJf0A_1`-aRNsc0j)_*yhCrxGK?|^Ek9s&`=>~h%V>{Ff*asYff763EL*qJS!^@u*5X-}$N>d{}iGnR{Xa|gLm zF`Myh*yTE68c$8NcaLTf^Ws_7X&c;JBrAOD8%-U;);Mr-=Tt_8s`Xr-7M}90g%w8Z zv$I{k0^5{9yBmqqU#eRLiTq|xoI>Audtq^xk6{CPJs6qEYQK_*kE8%?_}IMgo(p*^ zAM2muV9P~{$2cUV>piMD5APgg>Hdj;pO|o05goNIX)vQx2UQ-(X?c?+WClbWo`R0;aBhonS zVvBm>=M7z8$0+rqw`RorL!?ou@U`PNZ{YvriY#wEJdvR>qmP{b}nx@XBa6q1_a|N2OdXOB`d z%m06i9#n?cf@|+P8}$P*_zJ=|`fKF0^S8Iiqnj*fhO$$|29ks+YPedUx5!m1rQ)l5 zEHg+N?T-=;ZdiED(~z2*j3Jsk-2{sHXN`!p8UWh~nw@6GAU+@?{Z*uMK`5!l+lM(M zalVsfGh%f(b!_NE5m>-UG-f)0$LSM}3>e5}H7$`|kOE*!r-S1p~y%f-1EtfHj6ji#tx|vB)(yYBM)m`WSwpBT zg39BK!qZrTj;&Ti@R2KVvTZG;u!&nf@N?+{Ny>ko=CJ{$+7yTYOd{JE=BxuQoKsv? zDI(98W!hZSsrFwSlm%b=>~6}c@&)rT@GIFymJ5LUG=@S+^mO3sq14~RROgtvY@=ZX zAE=V+A<6`QWD3b0-(89+gc_72^MTK_ZpPIB`u$l^u^~#%e~z#HmjC0V>%ym z5FxRzA(!B7>z|pgn;j@|UzZR#N8H4QEHGc`B`mt=ZG|0(8X_~WfiOc3J62c#DzCg@ zL)o+X;5==vCv33FlcWy#0?^53`+^NEB(TmPDr8(4t~2_#gHiFXse@5V$C86F9srw1 zeu15OjFC_Qc>#7_HJ%@*Hl_F7$X8^-g9)f<7PE9H>cQ6u!c`AjO0i1E4SAIC;xgy7 zhxa&hsE)tQ`e3p@-MT0W1Ku(B3){CJyR@pV@Aq$QngWv^{S!Jb694iZ-Cf6*q2Tlx z0BU8^YUT}<$+?Ig?-e9#>?kC@$s8zm7~7=YZbp`EFbmA{EqqzBNTMd7dsQvJCCslS z4y8eG2<-By2lbG*E77WCnEYGCApED1UZCgi)kK{J23Gg)lUiIu(HJRjj~%!zQ z^NaP(lei6?ePZ9MqpQl6J>w@sr7W@H>(nt?=`>|hD(6GGj>?DLfxr|6FjUfM;xQ)k zx&A16GcuH1rm<-`)dL2w_%NY{fJpwq&H*uGfj$9H^pCPa9Te26UJIX(gN zfPF}UBx?N%`p<0GsK0CX5N|b4`Z+mETOEdu0d%Y@fNML2`T{%Zout9Pu=hDTgkJqG zAJ#S*O5NY|?D0_P6Ed-75W87&dU&}0>VKqGAS<-MiyOBsxhK&aM#HC(J+=Ob4=*is zats7>N|R6osXq9onAWeLWbK*X>uT7{7T~sw=z41>z&mRHUPyr=X{mJ|Li0~3Li@yj z1IJ}(0f#rAv+XpW@^M`QL|L_67lZWo6~l(K_^VuG38Qbpu-d_MOl~d$v-+^=-r>Yu zL)EMz)pZKr-+UOAqhr4Wzg2ss|198%F8dP$^R{*2 zs`7@D=!07hK|HAA@%8zoD^Kh|q-wk7XBH6u4~~3JW`P&+5m`&8&ad4wZTC^w%BP?b z7MVZ6` z2S4`_Uz@f*e#*eMVNt{Uy^Ql&Z+}M)Zka-$HTn|bWT8`iISPsmL;sNg9|mNzP3r1cmFJhN91 zkBU---W9Hn*9`$-R;iwg19=mG(Zm`MU6w z@Lwo8msZzW0FdEH+VtUjfX5lmam0VeXyRc9s1cy!X6y&-`wibzTI;`~c(p^W0mUW3 zuWo+ed^8?qdR(v$%u_q~YW=w)liV5IX-10!|#Z%k9|-zp!3iHgd@vdk9C-!k6`q* zcVyDtFU88TzEQGn)I_m>js>C@x{-vdk8j#8N5i5z?RMRr#UaRFA{P*^ldb z<)W6zNqNC;`gcA9^bCh2U7?Y~ys;jEni+8Ph1jkdA2_IAf}h~G zd~Dh>A1q-rbcv_kqPxvuaKiiahn?uZ2(Jn+VzLKMB6NKIaGN)Z5Q0cW!(CK-%{mh z@#0#kt|6U$dUU#7)>xL$dirqsP4BBxyA}6y-xP8cXHGLjIMNC5(Z{pAe@8k5kVM+T z4nJyDx^I8}>WMYJQMK=wExvA*|70QK8a*B> z$yPnfg#oY1r`n&~0;aYAx;P#^YQPuR$jWp27$4c^O(YmZAxkn}@gEx-Ka@O#0)<+J$RpVW%ucG zgE|{%z5pw$aCra(BgB!~h059f`|JHZ;%hsb-`7C>RS%^OAEJ}{BN2zC+z)W^9sZJb ztN-D~tB7OxE9?^&@jRfr7Vv@pPl+gs)A?xNag}CI2XEl{;2uCv0Is|oHB{7JSRy{= zM1C$a4dnmylO1iS3i4{wu23*m`bvo{HU0mg>b%3*Z2zzy1TjiNTbmFKy2RcRD=4Mt z^K_|E6xCK0MU2EKQPgbhP^0SUpw%j^O^q0_N?WsL?2*_c@9p;paiT`Bet9N@}ZaA`+nCPLJ$MU}YY1%9%5F8vq``=Dn+>ZPHXEmqF-j;&~}i?k^L= zms|j-!N7HS0W-zJcW*YmgyXuTbKs1@%}PxTQ#JU|w6udL4q(7}%NZ zcy+?E2b?&1RWjUT1T*5^DCLOxXFR$g$$SHo>qFZ zX>;)d){d!DC0?vE$t`&OC2R(3wFtDYlUF{0uv5Pls-On->Cu`ms$W~GY10-Kd9-OR zSKP;2bfM{_lfa!h@xUfQQt#+m*p3%tf_Z?CThxn;qM>4m?L`e9x@06SfZvw{&ph#_ zqIV(H3Ldmi)y+tJRyn7dpzpYnUnpjX_USVbI`c7)o<=-6_KSD!$F;vx8i>X~jed}5 zIrHa5)u6D8N>-2QZxAmdwmylUI#p+}#*X{*(W+8TnfuMIlgE~CqLudHlcw@)R~3Sv zM7jg6v{uSEnz!}liiQR`kd{4>gZqUjKm(hnMYvW2(;J|0Y@1Wu1*?yMz~U(;Y|1Md zgBw$0leq*K%Lc{|!KkxN?~_@ciePdA#)G;!(YuXvqrQ~Ojmq!x`dGTO9<@t*TX;sH zI5Vav&nO0UG|7X=al#^)M$!ceggonvCn0@Y5rL#r@m-NpP z^5;1gw8-4uRT0llzL3Kyx*W!~QzyUvdm!;#2E|5{c=AiyU*Ol&8K9m6FgE8J*!V4* z^IZ%l*mwjSOQ|(uQL>a`2434sgCr8}z}P_N1O= zgs*mY;ec0g)*Jx_2CATjsS4>PJ0nn%e%J05W7HQYwaj= z`&mGy`FfL@*4P_TXC3YjqzAMI9k6@|o2ngZqxJ*%2imO;Q}#!?UnXYnaTvm<#A=b^ z?C?+DfTO65=9h^%6r0Lcc{87v!}h0iH42_V%Rb&hJyXUJ+G_&?Vae3Qc8X&cVY&8@ zX_DsxUU#?)nP~;`Gf*PatC)w}1!6@^7NuHUk`N(ne=aGu;k_>>!X|a-L<^@;ynE1V zHFSyXNH?u?VR8Di;Gb_DUM$MTKPm46`dbD-3L6FQFY7d_=2n=_>?d0C_?=ujb0|nv z@mqAgVGHiQw1!`Dmr=erM}~rMy+0*eBC-0G53+*qb^3+pOL~@3^^`84WSr)60~}QI zID;gw`CbLpGGM>ngtUUqfXW%)0DcqK9H*8OZ$mz?7qYe|?tdGu{qXxf;5ZGhezxdxC)BjekZ zrGia!xkvLyH0{oi@(SM04Ivi-j8mN7XfbHcXLQhp1Q2=Z0d=%oyBJQ@yh&yr z)HA&pz{mIMV{`vpS&j1Sv- z9n<2g#z-MjTl4usgfM&gfR#?Md8EjR-Dr*FKjM$ur4_oZAiLm#L&LMAp0K2EoEws_ z@>C5y`NBU?rC6E4K#M{^G^X+c09l#b#mF^5oW9@B`;6)0B(SV=;@3HODArQ|zIVH# zkwZ+@=tbz=hb$2=Het5;Cqs?;EgmfK(798Az%ih@J?#t%qA3?oS{G4}k(rKo{N{Y& zpNLO9A2YV0cT^h9Ldi;|ONpl~#d=hH08+5n*ZLrB$$*}n5|rydWImiM$qY%{p7L^_ zW!=+z_|hdydp8z{Kn6sEo?c&Zt{MFmcCaGUV#SR)i%`~rA2K)7>+e4VboRM}31%4W zy?5x_J>b068$vIXx?GBQ6S(|&`g!Sa6DfE#GwPnLIZF3MJ#)8azIa$MY$MJN$Mw>{ zUTdFPnA#BOVf0jf&8J7*l*Q=Wf;73d(#1WmI$aLd!#*$g7hSfi#GA(LvJ&uF)Sw4Q zIfewjOlf_)ts|*AzWMTNkrr!Uw0A|fy230UCCnB)+oY$r1R!gI)|Q6aBj~-E)NDa3 zO=-2jpw}zodl#Dr7W|n*U+dJ~$8d#OqmSsoS6(;X&+DW!b0l}Vi?CCxD8drY-H_yT zK*0@FWa*4=JdY#23OcL@9>6S9{mtZV15U||e$LP;yVE9DF6Iv3;2&|31s$}@lFLF@ zyarSkZY8k(@tWQ6wVFDF_qGL{8}T~=S07d1wZAoF z5R7v$VOCDZ3DtAVI7_VLQAn$div6p9wcdEO&@10X2B7MT~JnR^tCg8sN9>h(J^$$Oz36)L*n8^RpPOV;lCI~a(bmf zWIIxd0}w#ivGNQy`!2ZAz^RXVA)Uc#xqM5Ml_*{HgK@5{)L4_Ha5NV%G$cCw z*hagUz)GB#FBOytWo`65{VEE^$8#4`k`q^ze~><}%mEfW<8r@d79irT)$ji-6?f6e zLA1a`7wEl9Ki?*{>Qa1q#^iC1b6D+JWD^>(1H6FNidOo5Po=~uKD_vy-me-F5h}Me z0GJG!G1gRscX=zT%??^An9r^lLpP{G5MfgA@LLVXA z=A9uqefXUAxaNXKw#{9^<9x^2LMZ8mRJgFjk_5KA2iit+!W&`MG(5h(Fbuiy*rzTp zKmNlCA~|pV1xFU=QsIY_OC^OY!x7I@zAU-DlNg*ZHg4^yG|S zkhIfy{)S#pw1%Ee9iZU9<~o^q7510yFB3o$Z3I?e8$pQ8T=^>85Pn1g2rUI0;dNzZMQd?N%~9Dhlu#_b4A)cxiX%17jqvGAC6*^w-64kbSVkR*Zms`en`&Abv*bpM`0{e{u_}MK85)& zf7oC2$UR_a4~9Iwn#GaX_1v|EwPA zp%xVI)pKb_bY(X`$i%Czsj5;jCsfE<@PtLH9)kZ@qD{hTYM+gTg_)j*qDKsGBUj2h{qQ#!K`*N+g?Km+`1{yGczxbcK<@VcV6*Lr}n+u z#>l7Ds^CdLTX~~jbWN1lU47kx#Uk-r5P?Jeg*G_ir;O-2UB>vT^b0ma-4{YFptHGU z_@kxl(4F6MTkRNG!y?m}l7LyyT(8IsqcEy2ziO=>O_C(N4wc@AmnWT#SnAw|20(M5 z%D?#gd7K53IJJ?Vi&-)I1qN6?c$4Xm%u6>%y@+RsvP9)tW3g3(I-#b^B7K5Sr{&Sj zGtbD*WzOH|r(bPqmNsL$<<2S}IjIjUiP_X|>rmKK2;&F0{K+h2LbEo-iR2^QlOBHE z`ddD*YcP0fHwxXuej70XHN{)tKLs|RcuE6YuuNQ0ibeT?on+C=&iodXE&$cr@SONH z;r@j5;cOs@JkZhNig*3eD%2L2=A`*JMWJFk6Own2WQ@4L{#k0%_IgL1T zJB1v#&KaGRQi70uuknzt0;`-IV(fb1I&xFnZrrvmP2o1GU5SNi{AlBcP|1ce70%tR67<+85CT|`91zaXe>0CeTjbvE*1rMX&| zD3&G&m0Je}(W-uv%E`*VAPix+2MzhRE|ipv4hVx|B%V;SVBmx0RNR|K4%FEF7iA%5 zwk93P!kC==6roe|e`-&|n%!?m+THur>=v5=diLN^B0~P>wp&UB&6@uTEK?#d><)dS z>jItz{Ej<;Yl(&JS&gW_cG{GgKfb#BNJtoPG8hA}#;-RzA?=RLKB*%c8odOq$CdO> z@S~oh26^QQwxy+!PR1X*^6Qpv#-PFz zZpsMlH$smj>T_~zD>-`pr4*)sBTa`&eGhM2co*Ij$*apsw&xHLHhu)At zu>>+?GUn?|ur#=zwb4N%D*Du*j`%6KOlmvOgMhkZN642+0~XTu4ZQoFzHg7a_>%ky zs4WltQ*TnDZc`C!KIh+8G2$tf1Xb3_&jUkr2D-wF)lVi9G*;hNC}^Y5l2a*3iUX6Z zTB4HnT9RPPViQJbm=<_9v{nRG^4k=5MyA*JS@F$8e*0#X5z6)52fqk0_|=wi#Q9z0h?qGI2h-)*dsY!3k8WvZ$G;x>%3PrJ)VpW-5BKy z*BALV#zdgN@)bro{A_TC`8iPS9&=NXsjP>9y<2!nk&jeYft$?xk_vaKDWRv|>r7x7 zLM~HEi9wc&eH5InXuj}?-XIAZQP3BsOko8~wQ(7aSFm3wd6Q4Dc>B=a3QmvGl5p$F z0|HGNI{?F;1>|p0wUnUN7Wb2F$4VvHgqKkGT=$a}qiWi=+I%meF>Ef=3%hO-Bmr|% zPyXO&5hT&*4md&c`i-)afBLS>>;Khtfv#uK5_~AS9L+gAX8-bIA3dhbE<`~VXM*%f zco%QVC~NxlHziF6q%r3p+GjULrT)1IZ_a3ee?hHW(GdpZ1m&G*P;Y1Xh4j_(0#y!= z{9Y&0kE=*w7N4AEb#}9_v{>sf<$vTeg@u(klvr4Zq$t&OAxlC)?YXVfUEKtBM804M zDUSD8+dy7CFA(%C88~d#quCe2Ar3KS#%0)O?oWBkinSI>7cTy4+9h9(l8etIRCCP9y9PNNyqCQEU|Edjd6>z$*&-uU3f-}P`t zzzIS>xJv%u;A7mydlzM!n}A9lM!f2g=PuY5zip1%C-~{bk2VwX zNADVg5GS`6@8>;`A*Vh`+&5GP$=82(+cL}?Q^>Xp8Vk)$A9eC9uY0?q$rxcQXi>v>tRtx@9{;DPC$yJd>TVu%nQT)|XlcH)-H}})YHzF#z zX>CpgFA5(+x}4@X;JFVSE(*84<6N+FRUa6ZG5i_N_K@6rUDY-0MiJ;h>381$42 z%Fz(P)q51Y0rbFXUaSke?B`IyhxB;OiwNzh9JxPmcr?Kb&5BR2Ir!qf@Ho;PRhljQ zBL>#s0g6HxU&G3ye9->kW?OdW-U=1mva)+^w{byxG$}d6Oi*@VtidXWtNo!qWl$)-6$)gCAWa{A3zI zE;E<9HJyUAmmZ-{*qWZoR~nD^ns6920oozH6sKWK+ojgVxN zFMB{-C#O;#=Wi!TJ?WKyZIF^E3g5+RMeNC9j6S?ihZxL4zlL0a1_5>oMb-!0_*AzU zShL9=;f_#&@t>#mE10Rf6QO8_m^Vqx3qPI`ZC&4FvE)L+rCZpMnseXjnwAQZ`iFl9 z^M}b-$FG&W`^j+qos*2m>NTRQf z8|z)vRA5<0BmyNu)oplUeXMb&SX|u8-JLl4zRoledN0D>d(`cGGRvKU+G< z!QCw&?PpNtBBa66~7HV6-oMVxx}(n_SNVdVCHXEt)~6;4qa+os3~Uxz|+A2 zu-(?e?+A95j##Ql^S*3UYiBRCA(hwLZfBv zi>;RKp?Cnodj^_nxD!p}fgLc-1g$`mmg!*0vB z{>b#|JH5jg3DuVidsnmAz-tKZ)Ks4oEVQ>U?vjiQ`c&g5=^xDhdAtif#-D3Uz26xm zhPMjIaMTLHgr0ohjz^IulpESA{YW2mQ-iGJ>_7%pVtc;23{w!Ywp%jyQ-Zsm-VtR9Ou3I^qBml# z?Nx8)pFUQzY^!@}*oj@>3DaLCmiJXyGQNZCq>*Z`mt9j_kc?v8OA&a$0LpD=$IFPY z-stU&*5V{rDLRw})xn zW9^;GftQ17u2{Ll-25cng1W!F71>?58PMs)cK@2CYrwlZpE~mk4 zFQ<=oM`EA4eP3$-!Crtw%`_SQ9!MgylqsE;-0zKfElHZmz>3Svf@>Ac&BK33Q3<;Z z0lOCuntY_Ql1Kz@ttEqZ9hBle9RTQ@O9#w5^%t;sq|S1AbINbBZ*c#c_T9 zSW9vx^z!WApy2+^dV|+01f!fZ=bb%NN>$4ER|oTixzfqY539dJogp*K0LS@GtVmuu z@C(1KvgUOcllI%ER%!jlOKmO$O+HwmuvxgF#aWhpnB+xhG_H+vaSLO?7U*u3T3;Sc zrmKDlc7BNv+C)$x0uf=0k>8UzziUEoGnwA86H8;VOfKZVCC#s11r7$RDU-#`Lf`=f7OM%l{)LT9NREUTW&8YI|12!F{foS+~o z_Mld6Q(nxukLP}=lg?g1`k&K!t#4#M-LF5P`!ZpzBCLg>4umhh4I&c#xNbf8;$JaO z3YPtt!+oC!0w;vwHv8V5dAv11Et$ktIR`Oh{wpHI+%}LF5|!E95~yx3e_7re3r#KH zl#k%VUe5H&%7?`|VQzAOg>CuZP!qUzxx{vQAFFrp(yeSjnF;t?bB8Z&e&D+Jp}N}f zvcD~>(~e!}y3p*KHjjhU8$%i`Om0?w54i|$vj^3f?nPZO^X`Chnah1%4P6_#U-$d2 z!UZd3d{AouX@}lkGOD@Qj z4!cPj9^2_ZNE;ZduO%-+di)(8wzU(gNIAZBF+K*?c<@K`K?T~PmT9fGHAvTr28C-u z5&N2sX@7;S?M=H_o@e_RexVuucVf}Z!o-1jv-{18g~;=N?ZpRayYG9oI8)(^!C#1^ z!NCeOZdbL~&knj3Rm|Pmoo|kw!^y9o&kC!xR=j<}6l>K5|6$pZCH=PIJug!c5A;`J z{EA-T4>#Jb@g&=Do=|OJycykE{PMXUv+Q)F6rcT|tSCUJ_Wh>$3#C(U-pw5XryHv^ zrGAhPYj{je^U0oS2&P%mE<9SRdB-DdAUJWD4lRCVT~`0T^3T~VLXpM<&=vJU-~Gtk zsa?i#M@A+89HV5sK>DJe341)mq2fW0jrcWTmJPIl+rf?Ohgo3hxsw1qO5_iHv)90h z&KP?7v7z>q-ffW^7`L$E>Rfj%XnfAHjcc8>24hKwVu9uE%g%P!ms@0=dunoR1T3koa8L=Gf9(M=ArnLwrY?UciT;~5}!nLgbGFNefZ_L zv>^p6z)M#5PMkxr$o!II?UU1K^cuRHxLd0;E8{B$pQELlXL?b7-@Kx(3WWw0DhoHJrwKy%l{_`9JO|CXFa)Mk5G`=Sx`V2Cxs_yl)=S^g5Abs)KGiS8T+`aejgEI`) zQfnHGXVb7SLCAnpiO*A!hVl^Ho&M%LZbgG>DH}plcIZ(ddcQEO;4c6-24_K19Kv>h zH)JZvdYUw-CyXo#sA3+iwe*q96JELZmP|*#FwgVHC9g z?c)^%qbecjYT?+w-vc%qPUb%_A@@TWD_h=O!M&BQYcKCh&2^XW)DydOL|I)TxE{3jb{INN7J``*AMU;}<=j zVNNa}s9ISCc1m0u@|o;_y?OKHQNdKi^$3F|Gfv)=%0V#gw7rxmJJF2L8}F1d$FF%r zr{`D|gk5W)Fk6?t6r7`%w2xcR>Y!ueQ!ph~!ffD6#Hg_o2);kCl!tjUzvi^b%8j=yY%+^>T9scw?TUq)|lJgOm+5Bn!|3Bkhrp;H;+YFVb4XiC8I(TNgvDROm5Hj2D6O zX&ASBOhy^k*^hK9*~AU?T=IDZ$a7$_$J1n%zDY`CD|#w~-jf&|s=7+U>fdc%a%Aqa z`%1Sw(>1gwu1KGCf+WpnN~%NHiKmv&DG(X2X%70OuGM3JVt}?<5TY&+sS(#d!_WFT z$RP;rxMYDEECJJXr@pQ;&sAz@d?y68|`10|NoXi>FH@Z?Cw<#?R@pCt!TL^8+ z)YJO0>(GN(=z-VTEUS-P;1hhj0|VGn1^##jw)*N8GZu{Lho)3hS9hj5pq~!%>`Lx|#kmRpVQsv3BcyI9ICm=zz*Ddd^@pAHMU!f?FrYb=rr>B68dEOZ zYxKgIt{Y%PMdnJ>zH}V!PNcMhz&>+En0M~KYjlgx8!Z;DZP!ie5vzE;tNa;jnOOEvPJ5?byOplM}~>oXwubDQ4`9 zeac?y37Q@^7vu|ARl};F?yw3*YMm5UaC#@Zd;5J0ia4qBk*}*CN{T)FJxPt66>JKV z+zWa=Z5JltHC%cj@bp{+K7Q_X>Xnr`rT8FjTaXLc?jr4bVH-0+WBk{V+cTmW8d%s& zprK7)t;magOqV@jULs&riAw;oqcGcCTJoVoZq##mpnTq2qzIh9qwg6GJt_0XY`$zQ zWL`%DPt(As;?||h5t1_nhSd(0ZQqo@Pz&mNL4|PWV>7#`M?fu~F7;z%FF*|im-x%E z^VZ5 zOA|{zkV1f@NleGB|E{U=2R5*sj_s#EbLV5VohyI%@`v#ClQl676S3B_%mC2_>BAD> z30exy9X{W@L~zQVR*ht#eIw4)T4j z!+?N4CSOc0xyQfsjf7p$A$aTH&z`7ifjhd<-(@UkqU!Y=-SI}RO3of*bBPj6Z1WR- z6WW$hd9KS6!44t;^b2N6X@_<-^h&l9#x2K|MQ0e;!*5zK$qyggVuM#KlqWcQt z-;pOU#*h;=$d!f_zy!S7(Id83+)K!}#!2ylaiar-Mq$iVv!$ghK4%VDqkNi{R!U|n zJP!ev8KO8EOLj%nAAGO(;tLuXNy(^(%S0t5#d1}%^qwwCb<%@K6D8=nvX@~9`MFn| zGE<@vIar`NkNuA3)DvM=T^*x!(^1L^!b$1FnDvnp4zw<$|A^;Wh`TSY#DMG=e~;J8 zc1d@|)7p!)nO35j7`*I~no%=;d~hg`UL7DLj53x56K>#Q$5$Q(+>$pXZ!RcG?KWI} znf!rMi8+wR@FQ>Kak2tZD15n17qp?_Fg#8{Gw-`g08SX0>uRuL0#Wk>P{_&S*k=-);cW<*yH{^cRW-1^pXA)Ms4M@ZO5ghZcWg zO$@%p0ZmZKw)<8Qbm` z?j#wF$yzF=jq+|tC2Qc0Vpz)IhXU0>BV42r_u6?q^TDx6X?}CPE(LdLP#nu;EyF{D zlA4ZAHf)UabJK@-UKY}Hm!sX>)8}hH9EU6vaY*c(4p6Nz8=(ZP-P>8xMeLn#VOC-$ z>o!L{oS?wKJ)pjNPiIBG4|<5$Lz6W#hD^8Uvk zr{j2^>Smy{gnl44zwK$t*sh*G^~Gf>kTxy1pZjR+`dI!L=H7Rk%g|0-vo5>|1D6kO zGKQnh+&j>WgX!%e%8^U#g~me)^|uDa-=Y3?}Xub0vv^oLO5OZEcIHcBg*y1tq#cKcnO`YS#ZL3vtUz z+c-`aC?^4(i^gXzla_BE1b}bpm13SD(5Z!7%0BdKrktGhyv>Ki z2UlL+ui0qrSpNa30&-b)H|QzpHL_gZ8#T*vz$^K#U&B0*cTrs?C`D8yJhYc2l-O{wG;-9cKHtH~i;zyOaNMHw{bhNw#(>1$3f z8DgvA)xcW$Zyfp) zuX3JO^FsNQ)|7yCS7YaGMn#LIJw1935!U$Z{Wx4V;*+K^JuLFEoY2%r#HaV$N0s?j zS4K>mwlj(C_ko!Xui%3{79=AipK)5rS7|*RC1a1Piq9TSqZ0=s>uEwZ5e}JjUe~Bb zk=$0zrAf6Zj@lCzebTHOPsMwVk%NIsSQ|xaXEaS4^fz+L31xh#pg3aOtSDvjPcmBD zIFh<&edZ!K>g3q4(uOP&Q`0l?eI1Bu9kepwxTH_4ufS}qMnz8?I`gMSWc4OSD-@O$7cyb&M%u8+Z+omVr}nH`TXLS!JCe zu7G8ApZy?nne&#ur>U6cK6&Q;{+f1)L&o#l*ghxuA7l3`U$pR6t zz?`|^4$`<@w$pz(1S4w(g~1kFC;p$|8&{sTgLGyV03&M57$S{D4jW^YIfF7X=h#`Y z-Noe;sS<1bK8n z?Ry5Wwax+v;V->HFQaGDwp3V*_+v9=$2+nZw83qTY0~4=!`XO3{$cCnoMxvllqs0O zks)8ieg`b=Pe8GvZoCn5y5ADQvKJKZ-{Lj&1qehI*}%lv=EIk6JK$w357=p>P3?2v zX_LOIN{i4UKAGE4&q(>V=4@*19{SBF-su1XElUyg|2|`YC^3x~-H?WQ+X^z=GRV!} zIU~c@^mx3N0%VLfL!&^JQLd-`(#>BR$U(WGPYYtsEO0+|K4Z*^6vOVie`aA7@CBg` z^Y%at=Yh+qlZiG zvA`@X&CA7WZ^N#%uaLuZ-;NxVr}s8!Rmvq0yR?fwOPd1BhIlG2RfX#U)~##WRt2~I4(e3H@ww{2_t;z>6 zn~TRu$fb_UEDokE!5hF86~$&&hC#)E+@_B~r!K-u<;aI1fXhoFH;MvdCcQ+}Ou6;2 zoJkBK%_2*WJg(dHPOjkmoZ3PBLirC1hZN+!yACW}!HhetE@VYD(L@^oK-T?fxYwgE z-QXhNRQ_3nIa}Q_nW^9dIAhA)m%zUM}Lh55q(A~#MS`M^y(rQtx ziz{eN`d^pc&39NLC76mJyKu~e_l93dyl!>x+i~bTR@JbWkju2@3n8Dc>%=vIiNhaj zA-3$vNC;vwd*bl!erH|sQ1n(g#WJGvkc0lG%m*kWQEQXJhg8sdbV?pSJ?ZCZEa~=8 zc;m%&`E;E!1+>!diGd6Aso}jhOu=_GSdZ8w*9lK)Nu2Y9oy>;3K9Dd={7f_5`67t- zF)w=$|7$M9xm7&#poB*DpYe_7$BI14@dGt<;jQPxxY*zttW(};e{0E`x>f0KOq~eJ z>xOlKp!8sZcQ{>aVn*rIZb~y3MS^maC>s-OvWdxs23Xk zJrcFjE@=&7R_zXSd+&XnKO+jp5X_jR`ZKw642zM0aH!$#ItivOL z>z+}3k4aEGsK4<_m>y91Z^lGiT?5*pJSC)C=Q%JJ%w}mn6hovl>q3M!w1paI^)TYN zC93O*@R=*Oyuk>V8GjVlIuLt4*UgV1!+H5}?+^_DFSZ$#-&MK+D4>cWlnmKH9UvxV zlJ-@4e@D>fUzbt20l5COzZ~iWbkV$``B1-FiSW0nsGC#D?~1^v5^GaKn?1%7cPwvO z^7L<&OAe)f2%f)bS0{Lwmrk*H2>f5h=ZCE`CEe7^N_A%D^xBO6Lz_b4(Qm{|{xkY; zsvZGuH}lqn(Cz1fB8eS1uMrjALOoRa-U+__5nxnC@(ZAFpRLy=HhM!fi;bu-GgSOl zG8H4kE6c(>qzylVZqt}=JD*Hg=yB4hIfW3Myz)G#*6ha1)?o4lph_RgU(iN9BXuiP zLm0;996Me}+^&WuF{KK^&@fg*@QW$sUk;X6I+)@-O`Lk#O5jRhlFOH#b2|~oYk~mM zDa>@z56A(eNmnJPQt=Y|z$v^Db@n$|C9`8Tk3la{oGFlN;)OUfjst;<|4{Z}=_0X& zax2A0#?@UR>r-~Jgu7HSDNwJ>Ds_rco*0XzK2swRcU2%rK?vm;bP-WbLo0ayLi%!^ zcjJIwdlKoVk^P|ZhBDhP?ESK9sI>+F82)-U6qrVQbHr%|lfhD?$z_xFIkKqzRS6o& z5e*7D`mN8wMnerwW>AAD9{SHyCHI`kU)kqER*rO2!t;I@W{xYAnIq_xK!AVtuRA&u zv|E^~EJl-LgBM4T=bkq3RxS6dDFp8_`zR40h~w`$+kOWPw|C*`p;^Y{>j! z-+?28@(mA2m*&+556iv=Qc*|=-Kiu+IAJm^Vv;^!_bd+zPLWSCskv5{$HOpw$O>oe zQ#siO7hw^yFUQJLReL;Y1P>F-p-2pbU3DE6(EhOon5cE;RrF`5>LM)aI$mG_y;b^D zG8T5|77e~wF*mrMb zE5fmCvWQ9FJc~ls{s{nmL@LTCc?PRb+^RJKo@)3Y7B`v0ffbEwRYzKp0aqzz_mo&S?2F? zPkZsndu+{-eIda4?p>qntB@{)<^G}nVSPETTj0*oNjwZkp26JHjRnYpKCPsrm1u#DEc-E1La98}|7Znkp=S z!#h&!M7UNIhiC!Ii%RMXwf`I}cu%+;K@|G}yMhDy8r(-9GV~PLe=tNA*W2U;i!!{ez7t0j#<-U)nx&yi$+8@c=NuTDgD%M{a5CUyuVErWF(<1EXkoaqqr7?^4vfa>y0)d=`h$HH z;I$YL*y7&|oy@6Sc2o4K9KZK=PAM_WPxQ+pz=ZOn{6{1La7n${l&%cB8_$$-ZTs+| z#P}W_K%Tu;f!W{h+`!O)+NIle--JjNx@8tBa3tTV8%N6$ihU}xXQxn3=Kz~Y+_egd zCRi!r<_w&Q08Ke3#dfadXvN#w4cU2U;hxR2v;tO$5*8usCWW{D z^IF#`mw@$k#q~myOi(piIRC!y<@f28CYf))IC|&~V6dZ3QK04@Mo`GBy!vWt-uS_K zRtJk+8S^1ZfI!N()FeLoxI+q72XZ4umtxkx;t#%dH%o4p&m9*LWTSyGUvt)s-Nfwg z3KX|RBmAU|7upxh>%{L%y}fmk2GNJ z+6tyVYwu&r*_8siQt0&{Gr{ycOp#xNFl|MdN4z@-VzsC`z4Q^9IwAE?O4s}mRJjHd+HU_Nc&u( zcOesQ?-d_B#O&zVbZ#wKbH`8n#}8WIzn4{8_douzGwnMhHJte=&&8>TwUx&+vFa-| z3Erlr1okcuFj)K?Z#LGo0SY*Z1F7xM0t1EpGB;MgA7EUU zU=e4-mHZv1BV*Q4J)ovp;(vsq0{j1HY&j(~gMrVSJSOgnV64)-eZNfaL&C$a!am;5 zV0Gq2Jq9%rlfm()F(>nJPbsvNO+N|f<+b}mmHKQ>l?>f7KWi&vxem(vI3>~+v2o@+_XI7nq#h0T< zxu)W{v+0j`;AFVxM0+)baWoBFX31Y;^ysg;9f7)xZb8y|l%L+zzRzvw*j~@^1>@@Y z{H$Nv2>;?BXXWp^*?teEwSR0`_9@V+U%ulvBJ4CB{#{FH+|kC1yl>p9dgk>L0J+s< zYNgz^)Ngs`_8<76vt($+pl&N`_?$R0}(vGGbCHdv7BK@N~>EcfLbTLU!dyfp-=||ChY%uy@L>&KR_Y z%Y3|Oi-AIPh@ucU@n4{{|6gHYzTc-{rOjq6q+;DXE?m0G~dt>Ne@St~HFL zRJwkGlnU3R#;Vm>E-5kUQyUVgL@Qiu z=Y_MWG-Xo#AiE@htd+P`GveDPzxh0jDwYQhA;riX*FLQsx>W`R=U-PaJHYQ(*L9CA9&3p+otpTh~2V{365ubyNlit7bq!vi~rOMX=<IJ2G?2924y1$;e37CWA;|8DTxDl8P&Jy4PNSXoBVg$AFMlHjZg z%V4n=VtkUad=lT$cdmOv>abBt^?&lCYxn)^r4D%$TWIp#by#Acu|V&Xs|0%{71uv68wMt~u|aFQT#M`g62imq&@*qzV7|&t)fdB;tQQ;q<=ET#MS5 z$m5Bi^vGyJ{0o3~aX0^r@qk}LrKL}zUlO_Z|DkbQQoPU z*Bhvd4oowxdw-}_djfX4ZvSVQ`f+CBB`-@95AtN#k8=*myy59JGiMZLlZnLhC$Oqh zS`j!;5VWS}>9}seeWKHzywoKXf`UYnEAAAJC{mdM(Ilno?t)|y zX!45H3{v0C|FF2`ZcrCDFa4%SZhf0^W6@up|HIvzheO@{|Kno}Mp;IbHESg$`@YTC zg_7kiMb;3qi>zZeLMU0Y6hbK?WLFf~h7#Gc4%v-uvi;7e`~9iA?(grqKG)~^{C?N> zb>04G?(=$`bDrCIKA-2D$5WKE?gZSzUEo%`y~#(QM6~C}(7uAEw38xusv;`-)1rc} zdyJfh3P7wlgJ-OnR?R=JS2avWkf&>PIVwy_MDNMY+_pYO#zV#TR2as-mZzSxbFtu_ zEw_qw(8y&KM@~eCQ&BY$24_MW}i3sthlir!juP zv*xKZ2*1&iESceSsAHm;A5TV{CCADxR>vO#n_^xXe^G%mut5Zp-IV zXD!f(>kW3pZe<^~V1UeoZ~E5`!=tu{Nc-=Z>g!|X1Z@S(2GgPZ z!sz_E4-+%zV%$7x_!noQ4r}wpT@Lq=m!z)+KCGY!!^)TB`;lXG?nj#(yh0WtKox4=qRXMf{4>4S?{%9G? z9*LPiuiK!@I$zOp1)v}(_f2s13qSSTv&P;#h512|8li6dLpdgd_mk8-J*(q-B zV8s-1y}8aTcEv;+(ID?bqq0~6S#SVO1UvVfY4B+jMnesS17JBBYpWtqjPW)Oy&mjm zAqIKp+(w7U4`iYYphOWOmeiO7PwGf(%0x(ljX1u)5MJMe?=YVWOR8l<6iHv2qp*;b zzrxtI)geK*$EXH#Z~ZC)OyqgvK|Z7xEnTdL>|(oVLKYoA{^dD|vrUGgurY7vbm{Q; zF73>=>^Cv8qAH&!Qo)1W=IswhZsGB zB7xVqQL*O5gJLoDeKxt(jTIP#lG5!qxLGZv(HC~xMt=5kzNe|!HX*gn`h!wqIPvWM zjvu%V7<)qang+7Q>-uzf-i3p(^v$hMEV`Dkdiavq)?RRBDFqd=AlQWl=sCYs?IC%2b<8}kzQ z9!LN@t54$`MdJPN?pT<~lht7)NWI(zVN&s#^1=53A!|7JX8Q zXOCFk;!RnL1C9s{ej-AGORPJ{Bp;&)KZw!CC~m86n~A8qB6);_`o9pcXn%0vXe-;e z6I8nQohHL(H!zU`GF|m1x1`~0qmTMLhEB)A>)RGr_S3KpaBRLO`qCFu#P;}(e~?#QGi3T5H))-b^+&gKFK2M7zo|5#uUf}zzqqp3 z%Ds#SErx9*YSI_h_0N|xlX#i+gS()G8w>IG(aVhJ7d`7OD=FWg_vlLs#Xs_noUpD> z1h??7k(&)W&u>P~ye`GKD@ILaDMN7QKsX8l(nG-BLZfZvsLU~2I!x6ASzmyfHv#`7G(t}O@ zF8VxjJW7o3m^EZ32;qZJ|BQCKdmBSVp|WTSwt?{X_I5_5fV*bm%^uE&T6EgwWvaRF z9kMr2C%y+Rg&hx6NZ9%+-dhl{S;rcuccK>DqtG@j3nmGu&=TDK05cP-N8eOXc7AsO z<*Pp31iv*fFq|-z`x^ck>|cFo7FMepZ-7j|62l z;Ry|Vuqd<$p(p5B@`p5XkdCST$PDr^}=xkt43?R1|)=`4KgK{S-Y$&crg6YS@rbk+e~LJyj56 z53Y(4R|LxI@a9HE9$8B2MKs#3jVC088L_p{@{WQ#Xnu)|?D%nPi zH_hDwRBch01W;;bB9DNX$4-IFte*%b`C58$tlz_JrW`tiS$t8(;%t0Z5(CGa`LO8+ zLZt1B(J!+W}FI4guIvBYQBbzHgXLP*Rg5OEphwkEa+nWK*FS zXafV&!!T5Ek!pW{&63!-EXODuy~7hD#l3bx1qB~fXaraBP{z$6aHPe2F=nYaf5^qum?qgC|xihyh*1yoRR=<2SF0s!q6`b*9Q4XLXbLX$W zZf4=XzR@O%)y|?$q8M%LASgU`tEH7)?R0-Gd|X3t^?8SgFS5-i=;o9)#7bgH{xPIC zc~y-`TsUPhRM6KvMT%J;O0V&K4bUU50kF|fa>+5xLo5O&_rj&x0z!v3(=vIF&%lV7 zVB*C6la`UlFLzl@Gcmm&n6ii?!d8i_(oJ73<1cAlNy)qaX&HSR zu~Y>d9_RSC=0{YP{1x82rEs#0E3`QFbX`rL%*txBK1RWpd9s|j@3kD#*ys7_DfyY8 zq}D(gN^+W;`+&B!-wlKF}FB)zC@aCD!H|b_wug_MHzp9@sJ`C5CMpA1pTxN z=K33BSQ6|G6)0>+lSJH&-&8wAdNTI|Jn($-TQ{P=;N<<7=a}UtH@B!dWRl(rrX-4{ zOFt|AvOf#*jZ5u-Pzwp3J-AkEktdp6ep*@~|n(@gKxE21NGz8+I!7pe>>PFeMDW387%Y6s1!y!mc3 zBY@3RQGRZ*a{8m0PFOv!!V9%ItQrIXKTwers}4U1djt)vkBvN7Q537rM-}268wp>o zykrLJB&Bn~8G%T;MLH@8C8z`A*}dx@)J^V$oGZFU9&1hVI)w7}d%rf7yT0M^n!pruCqnk+@xtiFC(j}dQ?ZrmZ3bB{)xZ1>Sdw3xI(Pbfc@8^0-{QM{7sDzh8L zd_ffUsM_RYd7|ww4voi5YRon@c0{#s%3omG?AEI7=flomoWBH8NK`G>`mnS&4U%BJ zI@~^-473MP^#b!g{5D-OKL{00aqbByui37u>%2iwDxvbgQb|`65-OtU!pTV44*=Jj zM;hRno})xa(9l&>Ho1k~**gba0?b=zbQISA($R^PsiUidU|9>t3q3vZPFtiXXSO&>Smplhlxp| zqBI+ND?(_AZkzcq%A2$8R*M~#FK{!cA9%fE=9{FyCnuT$GM;Dml2ww%FSl&&d)feg zjs+?r9xD(SCUx&5H=^^)9WfGcZmOS2iS!;x!kAKO5#Uptpp-W&H_b~*%8E^nLLS6H zjg6(!LVxkKZ5tJc`~fi6w-w{b&@y-{iYNyIHzEf9)_M?F=kLxMm;{D$2aJUZ|92< zobi057z5cOEZD0A9Q(?{=1vwWVa|2t<4$TVeUOqh{G}@V03Dn%34)=FvgUk?TIJ8a z#AN}k*%pQ-VPYqfIXA%t7%e`Eq>#JDAF^3C0qWjXd?XVH$UyN|B5OqAyY}&P*`(w1 z!9_aDwRK6dW)I%aXiaYpQ3H3yg0l+4VMMU*aJP%3Z|uCms~pd^T}t}}*m z_0%;a9Rt`=jan2Uj1jA|SI;{*Y2BmS1-St?JlOUVSQ9w5Cq#cvgf0hz(dHEw4M?JJ ztXb=ccLIT=$i0=DiXn^fPb(Cc1eqYobe-1ZDidn;nNxn-99B}3l5Q}SzN2ni7d%El zcsnDwXnB!{-plulgSf=-kd_Tur;3dtt)y-5?XN2;k4eB9ZZ{nf{^k66fA1+_y8yX& zNieY$y02a_>FCB!mrRFzDY@$CS3A`iFm+Kv8t9TQC5T;uqsUR2S<9gtq;!G9AyF_) zJc{dBr`91Jh)ZA>6wU-3lkk*#=Vkb!4{)j?-n?(i}^t+tin8_$+c|@vDW}G^D!UO5BoTt;Z15A zn5PV8s0LZY*8o&y$()5OU+WIY2Uv}D_)$I0I>y?i(Dx@Zs~Pu|D)|U74WM8_Av(=< zox7H&6TltS;{=sp)aVlw6M}m@Q|g_;FV2ir!S{Mid>pPw){xO1u(s zpkQ94(NmsX>n`wYFP%= zYAP75JfkMSww32D0hb%+8$Tf2M9V`ES~9JiOvtCQ8Tu}SAH%`|+89rZcz=xp zDT))i0cx^i$Qly5)wAL%oCg|b7d=hzNJRjBw@r^>f>R_>=WKG^BQ22!cZHol;gBQ7 zuFG%V!=%=__4TlC0LCkSG&yQh{lcxu)24mk);rBiO$yX&AP|3S(I<@QelO4*U7pJg%ej@I9J1BIKNVO9wYqd?R z2)7WoUl{M^xn+6i zfX2~)fB>!lMdzW7+C(+h0_M=AocN9}AG8E)J3x{YfZ^!q$RCJN_?9=d)IjS*1MXqO z+c438DJ}GKz=ugzb45_*K5*64j1I^L(Dfzi04sUwXp~Q*JJrpWVJv#|V7ra1mDnQ% zZvUu8ME|DM4^eSU@8mog}mw3vNB~ zKu z$-PXS+W|4Y6Flvzj90sj-A6;)iRrRccIl8AagD;gjhc;`gHzD4Jy6lIi_IGVi5^DK z!xljp+YYXr-_;{oPSl0mz=2wRn)%cSE)Az+U~*buauc3rR2SGq4$)?%v43kT#RK$Q zksLTk4q8b(LIxq_33OYR(}#D>`*~K>mynCpC(|}*w7sRDwS3|sr8(qLdZI&)E z-FnHiMraS>M!u9N4ND40x@jg<4Xz-cy zf8Z?F5-8swltar+rnqXLvaLSoYyzQ+BV=2XBZ|f1R$|1InC9ZkSBGub*!h751SRj7D8|8${_M&12a&@;sEFY(Y$pE-ZW1@>spB zj=XpdtWoF|*njEzexnK;tdk@bY7|*wu2JttsU0LdwRlRjIt&&RfdEKqK;*{jlkDTe2oo%7O+_6r06+;|{DdLRh{4x{Is zxJWO;W`|4IFQq{jH~jz7l|xwl+TOfI2yhxykNznoGfk zX7}h4GZ2=K9W`4eQ$>s0kG7t56)pCnhpX35BNuliy?4JAX9%!a)-@ez-TU}gx%&t+ zP3~3C+0NdI{zk&YqHD!;c%9wC(rD_%mv;iT*4a5~@(KMq=#PFj9+<5ns^7-bPZjud zcVl4axXQ)El<7~W+5HIZJamS_Y=(Pwx5p~DIt!iIT4~*o!it7CA(bT;5h`WQo$q0a)-3?4AY3-ynuN>E(AkFDo2^vt&+A<`5?t%{+={p(lVTwoh$7GJ~iql z{e!;|5;#sD;18dg(j_t|EvL=bt)hoK8H1NJhu0B(lqPtSs&Y{a3vu-(X;O=_^_%4g$`Tw3QZE+WBqF)xtr{*#nG3!kQ843Mmll2 z@@RwyU920zO6zsm5%^0*WLUjx&j9U<4ykqHMklSK3>m#Do5rip$ucHq=RwKSj8At? zOA7TrzsjZ~P`u$LU{9{(|GZ^#+<2mO0vtyTdEY4FFfpZi#%`AS7Ba!U>iI`C|G9td zKL;}qiSTb_@AWENukMvV)0HYSOgZrlzmu_7+S2S9h}5fB|a|h9Qys@L`9(&WFk%m_o zH}=+vCf)SJ{T8Dkxl=*;xi*|%4>)=aFA3gB zCX-6|UEYh<7-Q^!aNPyM#gOF_7x|8)W>)!?1HC_2ZEqo0(TBBl?j9p{AIx0o@HVK> zhrE1ZSl!);hjGGf%r{{xF2=BVgQtv78X|{?$XlsXb zSQv=-$I5C<<&Ex^ZvF* zPJ*r^vJ~brJ(v8CEaJA3V=kPe4tZew1^adpRJ&AqfQ>ob=m1-}b=6vG+^@#I8n2s3I`#CFAPsLa^E?uFx>ie9hhaZb7I50Xxd8Mge%_MV7FRC-g^ z9Pj$*%NIx`%))hqMDjyr26!}_pqL5{B`ge;|QaMB`D2SP^WG)EO`^=mo!J!@((Ys=*@I+-YP?*Vn4 zt$q(zlA4h`zq&FGHpz@hoXq;^kR>K+gpy|xbIuahhv4ck(L}#0b4ih3xk#tNrMs-% zIB$^*$3dEHO@*i)X=Q3IFX>*^Atk)P{mBc^X5n&QJLIi3CTm5zI$gmYc(Tpgi$hov z%b0O+3}N9)P$&R&!8nv1^%3B1deKv+Pv1$wRcksx8?t05*~Hw`A`KtgZd3?0N1RYY z%rdXRN!F=d6eRyb%-K)iUJZ^&NKqJjKBpYGy@;=LI0`}y_-_l`z8y^LOr@9ai7+CzF0P|?t6z4VIe<-LJZg-z3R5*;BGvO-|QQgi=Sm?xP2 zZB#%lXs=qV0uC<_-zd}HfquYfaRg(@_nWW~*TuAvs)DMJ=C6m8E(tzlL^vu(ozQ$O ztui7pn!c#6cEEO$iVZfzUeWyn0cX5+sNswSy}jf9iG(Q1Eb2HsF1s=A$QD_}#@rIxDkGa_2c zTta8&5DC!`dsBWsj_Is88KZGENb2f=4J&8!0pNYgk*^oOYFZ6gBf0pY14|xhZn*p z3D=<}IQgy1I@P9cY$`I@A8l&(4yYlyJ81kcwCfeq9l~72<>zi4^iAL}t=KhQ zDs)Jle}~(_3>OIA$-wyWM`M5xm3E6%EMcWvA}j^fX(x)XbC&)w-~g4oFJKQ6Z1#S*JaG3k54UoDx0#sY8Bh`3&3 zX;%Fz_s5Us)AJ>3kcsniN9!7$%C?wa)$ruPsdlx|8AG*cGL!oB|F2SjwL zadyXVqzl@q-AyNY-q|#2ko;ipb0&j=ZASrwya_#x&guUpkNV%7_sn*L)JzqlXCjD) zX3qV|hrccgyJe~Z%7p!|#9J)TR-2kgw9KdF37x$gPb_BzcSj7G{7v@=-S2iswpH;R zi$gM{E>kz_ZYa2n7e1DFzPVhOviE9IlKwCtW!{;sVAJigEr$F4`Tq?6ihS+HqRg4X zga?+xIli6!bnU2B_j+*NnJNRh=?^m!A(A_T?yPSL2`ksBNAXUZR^g5dG* zx6PT}y@GyJ+z&_n!$HXTdUwRvG?yfwtBB2x+6CPI1-DIILWyxGh+i#;q0TU&rd5Vo zgF0~Xf<1;6+~^K7k2+0^f53C(duR&2{^xhaU?=VoXU7wh5{v3in3vq2wSWMjt5Bvc z*eF-v{I`W?X(P6NdhgHPso9&yoh?c!`@H?c=n4IU^WJjnE2&TEThDtB&b~=~g5_-x z@}|I^-jA0FV9g>%(s-?N8k`{N^V;5)%o29D$J#wAn{ypYN%g-fuFWg2upK-j<{ne) z;U2a?klZfzk-SZu82o$K+$JdQ5&=TI_m9>KPVCP|c>%5x&3|tJe7&##-Xbupep`<|5e|-R^V?zVevR^l>be_`gP%@B_Lrpm8s+~t zhWp>^%6PLuPy*2Q?4M`&n%A-VaTg*<$8PKph{5lv&R;%9q$sBO0QtG5 z>vNI*yBPim!vhI9Cj{ug#@XfW^iRKr;b#8%5nA9U?IWc&;y=gsoromUf9VQ@z2}gg zC{N1dzy7@iFWP%?;gHDF|1)8y!}~XY@Pq$W3>U{TJnU)q2R^R2pCbT+6CaH5&-23) zTTt=P5)%sG2JerA4qofo==s(CE51NIn7oL#70mw?F*UJ2d}_}}9Cjn3`yDhZ6H^YL zM9KG*4-f|XSM)mJ%V-a z>&IL|G2JW+jd^(vk>5pzI5c9OiEPiMl@?swB4nTFpwD_#cIJn$0m&w2sK6glsM47Z zmpTBZ{CKiJN(7`ui2T6+>6`mn_kdST)xqco2fX@AHDLa6z^7o?#vRWEI zZI2Q(uum=Uk2p=`xB>2v{As=7Q}qZ zJ}v(IZYCE|ZM-ZDy316Fgx`OnfbRhkKSYW9|90-L3;nld)s)Q?{!GuqfXDa#JTJxn z;g{^f>MJ=0o^R#1o%%D^mD&-U*UJ87oM1bItK{6dKXE?)f+#6G*}?9QybmR2sBh^1 zk*TMMDO&5)KTrQ5$QFwX{F$)_zy@J#-{U{B)*vsLB&1E^&r^IO!*~OvP1`vB<$rrK z)>Q-JhWztf$o^HA41k^ki})wu|8Kn%3Zjf}ds{BRwyFO4v&0riM}qmkxA<>${QrxW zK2P74X92X%`ZI%nq#pC`|<>==aK(n7{HE(Y@O%j{~KBH??LP{T^ruI@~It`WRpvOZy%%ILUMW_{0R zzE^H+!$UYKA5&M;q%c!ExjU&aT;6R)L5TRkFdtW8n`_xUl4g+}j4BtDZ3O91xRW14WnD^3Ky@sUlTQin1 zH~hDQGd$4$alFP=f!`GrR`2|IvLg4QDrlBl&)}TBABur4wV}lB?$oaHus}~wZ0-m= zxt$dz9J4$%KQgdm^zYrD8x>rqa8E7rbYsfr-Tm?RvHs=X`s|u` zk(-|u{<`tOe{HMpW#b4at?kaXcXLOlQvHJ%vTm|x%E+|V{L`J8ohHA>RaQT^5cf&_ z`wUn5th2J7D&@V9Lgdmt8ub~ed{NnE*Tl~Xt#a^C!{6iBEAWBcyx5Rr9{>03n_mG3 zGaopKH}-NYtF$zzy-j*mE?CZ^3}}H&uqFvc!Qes`=Y8>SXQY_A?xH;=b4H##w@g}& z7WAvD693N#h%{CLLEQHcO?=pIbMh~eZbMly*hRr<0!O#r6?3Ku+YmKB-=+mWb5E_m zo#LmFz>5V-_f?F>%u5cCA!A z5*5AvL(l#eqymBO(w)#m-_w_MDu6~5aTA|DD2|93@D5%q>tojP=jcC?ct&+RrzaGX zhDKL}LALbYxJ*F_LNN{ih#w~>$z{j6RFYA;Nb6m_qf(13#p1tslM`+-{l`gdqS)|})xs2~7p=%CA^Y}|ODck7+@^qQZ_^fq3vjn~y& zE}^|QIL~-N-SNCL6@OxGv0`J4U$f7Pa8$Ze_|3N)5r!V0o8EbX8cAk#u7*flkQE_{ z?jXsQt|%F~^sqnA7q(snZ16m+6ffHLw~1k<0C{i^iMp?yQ?ke{#f`cg^UJltDD;Y_ z;7qNo@!unxP?9aQuX*cc&JrlS#}Bi)PVd`F2hV}09USj0W3OfGZk#su71$8v9x+u} z8RS1{`MK%h?cExM)^?1xUdXuEq&3m z?Gj@qQ#<6Q+({&BH{v=yAwrkUi0|9RwEnaRIF9 zzxUr@44E}9@&X7?WSdAEoc;OBn-2i)1P__odysFiHunKR_3GmjzBH#@yQ&znw<3&h zEbtyaClG-5&fl<)b1K;`;8>R4^DneyfBWM8fc+Lfhf6FrwDWY3$bCIxw-W<)vQ1u8 zmD`%XP+KK76}ml%h6ZyoPL%I`c)`PZI5vx`NY3sJuE-+C!liIkzO?!6s6>|>y6y-; zAu(f(M`6RKElaA*)yDyBtX`oZNPLqY&cWbk*r0z~i^wi;Y@JIIvI0=|X96`?UtYNm z=Z{HQk}jCO#P1mSpdV*7G3K0lJ-yB}(l?_OU^r!L$xjh~UUj=Mx!$kP+FQ!D;=qr) z1-5HMuY++Jq>Q+b19E&Iai3e} zOZ^fG?Q^)j>zb+<2n4o?!3UdDkyTm(eh!yd{vPZ&@vhsQK?cmK;?r}$G|u2?rUkgf zi3EVYkOpXC<*EV_vf=d~nl3sP&X@S#$r_p7xJ416*m2H3Dv7kzD(vvjpSpP8ug?Es z3WZrdNaQIqw)0&u3S;_<JEL=Z-|t>5lr_Jd22vHW>QA-;WV)ipBx5qR96%Sx?hj)9i8(V=rASZNjDa}gUK_%6bWX?Fxzl4lwsTQ$5Y3CJ zWq9og9HJo`7;fbs9qy~{6M#oGK-5t+0lD(Yr|L_0s+YIhql1l|9k&#quEYA(46oeG zefgGUM@;7NndkD@RX91;fw<1DU3L^f8R=|q_oFHXIh$lP_-~Fl$4ua?k_H?P{=Is+ z5ECWD)r8mu`I|HHUr0?vp%9Y9W_=urPbx9UeSV986MyK>5C$nKoKsH6`6B{-f&C%Q zLM1(g!Vt|yPuSe*+a>nke7@D8MCV5EP6zU|`kAOxKT|I1=oE>WV<5Oh@VztjzSJsm zs8gZIS1msdM3}v8M3^nSDEe+S#a1TK;6EE2)(eBYmd3talaPAXzpictM?6R!)PB+> zQEb8RcOplG2JC>(2?YvS$f9|Pi>WTXg8E?$cETG=cD>QLaiKcV&*-Hehc46dtM#K6 zNnwyjQnSsWcI#XUrq59dQIVt`v?1-_Jn8k!-E>uZ8uf8ovZoBLfNBMS9r95@uaCeAKgHR96&rG*eS2ptik{f1TaP((g zBf5)3iT>?(;Ntwqx7q#SbM#HbNvB*(GEkz^7OTdK=SJN)G$AKz)H zkn}Ahe2gs1Kd|g&cElHFgPiua7yEA5ew!C}J(VFYsGTvy(*(x@BQ9ooIX8+wz2}M0ez6s+k~g;%98T))e`4>;2NdQCtx~&e#~B zkof^+z;N4owFT>bw}QWO5l@>jgp8QiW*HQWGr4YXkIH`E9{)D%IUx>+g^$sbOqNzc z2j@#>sG85*#@dEKsE+0C*j!fO^?i3ZgW3LK1j;$yBHRa%=9SMNNt0ZLKbW~0)c=E-MS8E3JF7@f0c~~J`FaE zDpn_$7Rbm^Q8Z@PUgvGT7TonT&xqQ!xI!IRSGTu&wtBb4rp{<*kct0dD}wVlUGI$n zUUvN*-w(ftr^*tL_A7`4x^HJWLUbWXkZkh)U9Bbo?GxHjr>s>>h9SP0Y-n41IpXh&@nW}V>u4wD30^_GXtdk!hY!$gw zBZow`F0niFv*}lK`1%1i{@tUs7dmWOwQ|d4X&s9Kx*7bH>t4|-)nO#`TU2umnQkTM;>Ghp2-4J)+l>jwnM$nc`$nD(c1y<+;*99s+atN@LU7 z=l%)m+1PSA3rQtUN5hF(^JGJviu1c1?tYW-h)E`BfoO>T?h5j;x^IWelo})>aqFt6 zhTUsdCT7C7TUSLTPYC~P@U$7Cpqu-`-2vmFw3w*R%XdH%wPD8qXan{v#$?Q;4(bkj zBMl0=D)|d+^Heu&aoxgSwq*eO`ZM^QW}mu5Zm(VDkyf8~B}m0uCxWNc!nSBF#|e_w z$wi7~6LyD;rm~frsuMU~X_+yk0>kF-e{;zwFH z9`>**ge;e>O*Vmky8%y}&FkYAGG~uzuZ*C$DT!>KBpxY<|c*#A6EanUJD?@yzi~y?8ZL z$V+{Cg(l`4uA;$o937VjZp^O`PFKy)gwLa#)pFp?^Xq9vOqX&j*D%Qo-vDPAv2YTT z-bV?Q*QH;>VLjlU$`A8c%tW**ZLCCdEO=-rS=|i(l;-GD>DWab_7CTQD{Is3eVa#4 zP}1r`>gS;&H|+B#dD{^fD>WUR1Cf(cbb9HKPd~3&dH>0$t`i^vO^)7nciyZ=iFzImCcQ?zB zP?CI$Jb+saH>pO;mUe1>byO~Ade*b~AgqObJb59vt(Su!AO2~ogyXNAKKUoQBZY6H z5E|EYX;R(gRp(zlqlOjB6MQP5foG^K-`!UYB>|s4qQ+To(2@d8R>;%lH8{mXd5C7t z?d?E|6{ON*w%<0}wNS)^;#={m1k-GOCn!W5u zn)n(1?)Ii8#Cb2$q^u7UU_jIABHiwKp0&GfSdTbkNBjHMH*L4oS(b7rIiwv2XYf87 ztF{3f>a6^iI4`j5#eKY4{&b{X=YGvMp7!krxngUgYdT%>I-aK&XxXX|z7$4SJ0WZc0|c-()7_V0Z@SpFO zh6d9^=DhoKTV;-S9vgD_dL-);ONQN=y=Sig&!mV+Ci?<)_(+vUy(R+AZ}Mz8Kfb@3`0oDHH##FX z3MGcijp`mBC5z1uN^m~YkJNeSU(2n zshQvYUo6GeY`^kg$<$_j$wWzg#3%jjA3D9H1}~`jHdvv2V&E>GKLKU7Y!|JQ(>?XK z(iK#mv0X?E4JU(s%mH)Fn(gKhu-lz{mQlc-TQ&~`V>hIRl3X-k*}Tk?Y2+zwk1Oj+ ze;c~h^yx{}RK4qSaZZF`^_6k`PqV>`H8&s5Z5JFZ{OP^!P~ZagIqsy`W%<3huM2HG z`aNK|1*YH{M-*}wzcjDa8mCsjE>v2hbbrCR2+SUBlB@QLY@tS5=E)x%HGJ{ z=Q@WT^wikXr%g@{l&~WgllA!ag0Jp=ZT`Aka)n4~BA1?M1tX)^Cyi;%wB(i=e4PI4 z6Bljea!GcA7l#Ii9~b)1eET|McVC=jcRt0b92e;{vNW__Y*IaLBq4qE+@AL#4d3l* z!O}$CiDLC<(ibLtD+-z&rpak494gutB-GAlI4qi&l$(^`X4(@K{N@Mqordl_PzYC_ zS2z{eqEwDHxc}u?F?B^p|BUrB;?VYmpd5SH$-bAo*^uErfk&+Ej#RV7}& zBbdu)mvz{6_t6b|X`Q~uY(4Ti&!4iw;%C90I`WBY< zK4~;J;N2b$XKLW!f8IXYUPADtd736^^@DN_&iG8ub4v@OR@e=HdSL8W7Nng#WnKHS zQkGOZ28P01cU@WCk|$s3S+TkegJv+4JL^(Kn?K}(ylLONxh|yLmi>Tm{vEGL=~URk zzTvka5+4oz=8wVI@3!y#n}(tM5RtoI9x^W0adW-SLzy*1U+PE;sttEUqe=ER?v)hX0jvCAEWS?r^@wb$_A9id0m2M#Fad(8+QdM|jOBv%(KIZoBWR7dPF}iNl z^vMlN_taUdl+1ps$C}NZH4c6Yge9@quJ*Dl4WT&A6=_+)BIPXjXTd+7oEBB-yl2)ckT4i`!&DB%q zn;4ey!!-M0c)SCvWUv1-UDF#gY+I@u+i&v*^xs4}a$YEVCQGJQcf^&IQLpd$AjObb zu1BTq)23m(xSJ7Ck&BAKx)&r3`4Q4Un9bh|dE&EC$_PwONxgHN8E5!S z(!i4s>#uh7do9FHa)AL@Zj2Q3d0wov^GV3nt;x|R&(U@|)2I zV2=ufokyw5CDamwfpx0&nABlyD7j#JSMcqlH#?eNVrv##SEW_UFC$NZ>+uBL=p6%T zCxJS)i`^ZG1A1yC6Dw}D#%fBpflIL8Z)M`AXRaw%IE%zbTk=}0JV?U_69(_(Fpa*r zyB6A7tKdl_JLF;lSc@*P?1h_DI4;B*MIVH{J6di4gBn@4*O(YN1fBQEsiQ>cxidxl(2st^3v< zDP6Wxy>}KbmQxNp8RpuWz6o7$$>|!Z+ctKR_PaAH@rjVQIC)ym$E>4T{*g} z#@N&yn=ul(z)t9Ue8^SB)5z60Whc&I{!YyeOJi1d8&P z8B=8$B~*zmW{qrOhnH2) z52RV-vU02J6|eZzC7S?(JSanZ<+~bgtZezrd#clBca6xKO6$KTN_+7aBYUUzx+lKa~?5R3%8EygHk{ozuDmvnh zU7TDDf#tgzpE7^#N)Nx0rhRm^jiN5UpY5*!wdj;}4Tme2uW$KC?iAG&?oZ_&Dj+}Z zLgvV3;inYpa7U5SPFJt7d^&+J`+DtmrZz>qE+j|fuM0?jv&ZE!^d$bh#J#j_yez@unPSmL*_HFqyVNnVRAl6!Fv{ zI$qk0fsoUuW?|PfGjpCy8f%#ua5}%agw2p8Ga5gb=vO0cx40pxgZ`r1Zn;QEnR@N% zuUh*4Nw-)}@WSfKx=U)46MK`F9C3i!vin~m=}wt5xj#QU-uxX9%v2O|DhCEv7_FTmF;grssNhz6mS4#J>P2q721y#gmL-Buj@s{^VA(QWF7r5s zvaQB#L@^kifs$BXK0~EJq@s{9urXKHcd`ADp~pUIWY=ES+Z}=nwc44Zh|7Jz=plH~ zlVSmsrva*m+R$gM0{D{8Zx~6!Paa2@9qE1(K#WKr4d5StRd4l2O0pg<0<(Fla4K{5 z@TF?Md-JFN+3xK;aPm{dJ`;88v9$pTkoWS%pGkYal%%qKO`9=3z)b7(EbYFl{NhrE zsONzslb;A z5(tDufoLG%(|^r}D6zkAN+{^pfkMf!&OD--Y~f0l;d2N6PF>s^ZqNdD`; z=KtGgiyrmdka}6ML6Kf}ZEe9`FuiIbhxga9nyKbQnA#UR**+t>>RKk=SKdXL%O8^z^&3Eg&4h+AKCoRVb8vh>U#ogh>LwfA=_;{a z9{=mi0}gwRQfD}%`w(2(L6p^VB6{8SAjLn(Rq(`?=AXZ5NB`bVJI5COTe}*U(Rx>M z(tps?S~DnczNawRsiTlMPs@b#e~c@CeG>R*#5gR4s1NNdcuMjpL_py7m-2lqBzG z?d$Hx-7YUZNYR_J;)&e2JilzZyKvJj*TnlD41KK0OkFheO*~b6OjL=pX;SR;KQyM^ zfJu^tb8WCSCRKK_h3;2uAH$$-tX7)TprKI^Z9^aw7{vPS&GfuLikouoH2E8U_tcsx~m@jYcfT^ zQwtyTie>HC7L+Cs5gyQ3e}c3f-A_K=9OvYI(pMsJ96ZR$bw7Q%#nIuUu!)5@2(A*h>!^{oKZ0r3FzD?d+vQ;e7ziw>1@Q>5pW7%!oAs9+DD=aa8lb$2?k89k1 zUyHAau^-7JrF9BtT{$Wqul_CF-28BoT7yG?i~jkT zw51B=RcBfV%npev<%sS0t>k`12DxT-&^Aqf_s`eQ#ZlA!gonvj$&EWyRPe~{Uyi>F zS+_mcE~fC0NG@wF_$Xz?4PADl0Czd=w!P~9mc57G4A&em!MhKw z|BO%M$&w6G{))NU2$~-M07?S!9%h{c08ymr2XTVTqml1__R7a{L@$YN+nyX-b&${h3)_pHcKG)}6KVoh8nPvwz!=!Cv!Q!H zu=eu@fI#H(x^v>b64 z&R+hH9^whtb!i6xG7Hx~$U>tO!#_QY#YPcXWL*FVEi!)kO5n+)T+p21qwc4E z`u+b25C8wd3f>uL-Ue1N;ip%!tzQDzrPrnPD|sDc8I)jIij8phPiqB|(v#ncsgRTY zKXCj1%L=|_Q*D8}{dqmgtG?5EO~wX_i76mxELeXeo7O^bt#v_w(DnZ<5Bh(3)BkeY zws9Bt{&UyI@0Vw){daBx2%38S%ZUd!1Ufm8v;WCL{Ey$#|L2GQ|KPSoj;*w96lu@> z$99i-$m_fR_pHDs)Ex$hXM=vSn*WEM1yupDe2eJI^Xu*Pli~(;hmXQ7j1*lPq@*@K z{R~ufSX6`S|7BhNV}ty^WUK$VOHX_o(4gp+vi=w!e!Wp7)Q}4gZ2s`m7ViWg+b-+M z^{2!X7|!=U*@T@CVDSHwUwWT0DsTWUvtXUew0^_WBfb_B>5miu1gmkW@ZUL|&`v0F zSQ*i!0@v}={{eyW?)5HH99-g8>(?;``1_x>09ca8>phhyI9?amd8wBsAgo<~|8|0% zJ+uCxih!Ww_4)_@&mW?yIgGe_vwGl94;B)gavuXgJv&Q`I z|91cR5*sW$|5y~$n9`4cAeEn9@x8rTl)3i*9U%O)EdMjM>OX&(|NOj!2$oL#J2?3H z^^cX^iO}BO@=d+;r^E8U;?({RFU6h`NNO*T5DPH4_1D(j4z)Tiud6#68OS6vP{<6#3d?_0DyO@P%=QC>Q+0 z?U|jS4V9cPkBoZ2h*204Su>qaIcvOfQP!x@XPq5u)Hxc#L-Uy!{}BP7jhEzJt)IEv zA>lTE*Q+2S#K$~ZYX!5?Q=mhPq-ds5=c>Ic!N6B-HPpi6wB&}RybdEZbXX+=OhKFj zqozBKu}S5F{^LX~0W@e)=k%S=R&HH&Q)kqCGJ%+tcEsGA>de}V(x(Ps{V$xAC+}lYbajEwn4fcVsViw8diZvS zIG7-ue(QsH$8A}(?PQg%zk#dS!*m81;p$s{EaqbyjK8Q8bWVNVRB*7nHGrfI3WO{-1J!Xtjo$Y^6jOEO1FdTd1m}Uuf-h4r zk${#FnqXIB4sG5ey*X%he_?3d^#+>^i7f$xM>21j)t+1cTHq@o`Wnl2dsE`w$394? z`8DvD%XPtgRVgY`Ql)gAUue&@QmxJn13Hag#DpEC+`*7hc){%F9>cSK1_m8J=CGJg z_o!!u+AqtBwDVLHMRsgi`WU@K^vRYDBb=w9ewP^GRDHA)BmAoDj`YaIqqLA4soDMV zs5^mQOgCYDcTRZYXx|^JA^Y{!leSxxu5*Q&lh8FQ5E}xM_|uxf5KqMR`47?!Z!%sT z=@y=>(i*a266D2lhZGdD8(os@vg9`>fii^#11hV`zrg@`SA~<{ zwV?VIYMfBo^@FkRipA!jkI|^@b|0eon`1ceyE^%-7gqVKcu6ASo`%<*HAJx zY_QF(PqjU5Is{M$F05+NNBhLZEET>WX7GSp$k5_)3pz$6Hj7%sZawF@t8ry{mej^6 zK(7>dacOve6vZ2rUkXY5bujpJh7KeblDgB@;H{+CNG;M;f98O3;E3N<B{@AA5tcuF zRB~l58}r~n92l}od8tdN=7kLpVG)`}RN`&g?;itA8_h&wT)d8NRmu^muxJEAKz#<_ zKKi5RR20%^>koecjeuRQH0D+!)aQ?&7msw9Zra}i4Lhg({vpLu35z7xurw+WdwKIU z{SCOmPy%o0mixztl7Z|kDnFeu8`fXM6(LB6F3lUvk*6uesO(Gk3WN6*#9+K4cTYxr zlYkAV>a2DpH@q`Me7N^S=}wEeT$jNZpY1QVI<`qyDq`T{&@(Z|NA6%;G2*E{z3Re; zXb0WRQ;&pcJti3@S+Zgi27?ccS3epLt87+67vKc)f*eLxZF~~y-EuLNz zW_|Kt;`7He$aj)QR9X}t9)0*cVIkJvk3FRpyV6xHm)8~`XgZthH_#L&j z`m{dvu_u}o^O)84A(6uSBIKj@cRV@hcV~o|+3ync^-LgphxPjUY2ouGfvP@Z*dP#@ znx#dz+GEEWu$^SgUBEoJ!vNYJ9lE33h{ z?ndKwh^@8}+WS{DJ8y1yjuiUwJ?pKly<$Y8cWRa^ zhV?E)_#05Ld4(7Wy%&x2Wbm|@U?jZY4r-T4Xi+AeF?i2daU1ZK`lIt|IU<&O)X{^1 z1n*zIiHbaeZa11w6u{3a{DfAAON1#da^qo5-&yjIwxutf0|8)#XD^;Kr}rq?a# zyz|}oL|nMy%RD44!)b-vpotMfG@w$x6S(b_UfQd_!2t6>X0}w+YtGj=lvZfD>3YmQ z|3h%UYrlz*axO{D7Wf zgjO7Sb)57Gz4KtAyL*DVLelKeHP6!Mt3YC-L$HbwR7#3kRtl(SK9xkM?N7oKKG{+w z;4wz)SlCCn#~X>8glGHl#-!;Oidi(fUckfi=QfIP^b3gRVnlbPSimt+ZX*WYe~G)9 z36!LDA*Io@HCxY?^IKmhD5k$~M#4KGIgY&`D5|6aJyjr&WEVL1wiy?@vO^?jL(HmM zDx1Rvp;iECo}o*rjWH>NM46F%ATeGy=v!WotY4*jPM)F^smP^kZ_v2##g!4>e?bIL zNZwWt;cOwuB4O&P8|LjP6>s1$J6!CAiPg8yie%VtVD8^zCYKIFq6?^))Ws zfeD36)%=xND&2Hoz0J5nhQu&*A!%jObg+gRnlfiR2?C9w#BvAmO7u{IG;xc8aA!z(x^+Ugl(0{d-B|R7Z8veiA#w5}RjHrUP`3liBgnoDa99zk zg#eT;NUK2gHDoQ2$S|9F!fwDz3fml822lbm90&m5DOXXGS1ClmimMvm&ls4i8h=X5 zTuqUA4XB^nvm8D|Yw<~=JB8AtSf$$1qCv&`kKSt9OVgRGsBD~vMkdhe3vCSrOve;(pBEcRjPs{%7 z+PR9hBKC#Uzp>ogF5`ywoqc?m&$XmxQ`*9_)}_zb=F3H_le@NwID-O8(F%||>qixa z0o5K-9Z-w%haz=gV!;(pGGy0!m<$#Ru#e=1R*hu|6T_j8_NPLjo_@WJ42Q!L*QfQU zDh(sXLW@;)MKU5rYxUd(Jd&M4#CU-Q8ogWFX57$sS5N0?xl3OZ_%Wq%gH&Dc5N3yv z-)g-xoR5j>)T23^F9azQzEo6bl1=vz|8=DHHc7)$!S{HHV`V<4mcXrrM(87uRo@;~ zN9;ruv9eEWeADA2*>+pI=vl>pOz)3$ie=^N5NBNO?usL~30gm{xP=nA^pWM1=M{n< zEl-bQiOI(<4p!$A46&_ld~)-*-+ip)Dl1($t8TUOO}%Dr{rR-p&l$Hpx!ef*a*L0P zO|t&OH)L0GoO~{Dho0UjzR05$^;WriJM0Ie_0xurn3o(6Gs<85QO1+^xy;3s1@($N za{3a_%^B7eZ;1Z3cEF@iMp=;PEPR{Mk1;RW5SF%&57IcNT0Dv{(=CKbE4 z$C{*a`G7Zu)n++UKij9>EFbE^%|4bRzLIUm@9Z&0FP%mAtd0t}=(J6SQ>GnInyb4O zU_psv;P*d|bn32J7gTGX+3(fQf+_S6aBRu&6`aF!UK7(?kC?j0<8wE zQ2!6M!Nx+N5(Bv0_s$Vz1r>jw1QPD}71$o%-l$RgkA)W__9RTx(iu9Cy5^sfpvFgnFam-X;jQ>%<5Z&#a{cx=|w&T~#MR+%{x^2BiKgx+ia{UB3>> zo{UG}C^M@-0>9?bbhOnvc&l|F$mm|>GXyARJ2}KxTC+3rN1@7=$kl~rU44-9(>8Sg zA5HLqG?1|p+=iLUNNb{< z&(Pp)=q|(coksUuMJJlms^6yfq7A1BFM3j0BAU2g$@4W1$8SygppW%1`49s|HW?3(2!DX$ariwAZ*(d{50<~J^;?RF(gnf3%=+c-EZdw0EqZMS zpU)saMB^7mdG)aBIR}xLx<4swKl6Nta0sQa@l3Q^^Z$@$SvxuBRx$liBU0G8T)*HJ zA$t__mwPp9L|GeYOGh%_UXg&m*0dhC$joiJzy)1rw1uim_5n+2F=28y4$jzTE+&SQ z7WiFG!4ZROvi>ay{xMqk)AqluMHRC2VFh*aQs3(X z*y79M5C2d*3qN%{gFf<s1swz+fV{U{hc6^B;tSeY5k`!=eNtaQScNp2Ww z9T9kE4$5UN3kUGT4_OM?nMKe2IjY0g?W?AycR$>i(y8>`d?dc>oqTUQ>|C%cNPy9$ zJ47R=%;kNKp{cAJt*_>$S+CKn&14B3(fe`{uC5$Sv_&>Q`r3AMEl@q_8WsWPFK(4i*n7 zVQ2!E>|be@t)&sjcd>EPk6u_D8A4|!{o?Bx`*<-^>Dq=G4MR6K*;enR#f+dXDsyqK z0rkA#;~ydervSCH7gATFfK(fId)fKNQ^hogkrOgmq;N?T!@e|4sJ0* zBvz#{{o*#;fht1*qe%_t_#~ybH^VH~IVbstN9_-55{WTKG^FY?NYF=9vK~JXPNM+%JSWCq>E+|%jO7fupobSxXrB*N^ zB`kv)$Wm^1OGc9Y$zpYd3CdA>TYCc3tL_P+=uVbVSwYj z`FxcX?hAZfUdD`f!@?+hF4-v=GdbV6K+Z?A8Crtw31bEjfUeYOIDbRbL}q4i+*nZv z^z~_(>6P%f>48Jt`EN0XOikr6aoam)%vl0|mL}Ut^G9=a_6z{^*3{63@%?ujn;|UW4m&Ub~Z^}ay+EbbjC^XLl=jWH;=4g~6*cvtzD z2W?S~bnYc=QxxKT6MVo5b?IJ|!}vSc;|xmE?~h0?hCW2+_zXvWBU|n)W4)Z~`<*i9 z_H>5v4O3+39gxOl-!pvXzA{mr(k~ZrU_&GBXyy4Hqkgq_O{LYnr4QzUUd(3;_Gc%; zi7yX3c{L353)lh(Guqe;ZhTzztXB*{#5@p(B)tc8CvxJ^Utwd|KCOeS-qdFgrQZsJ* z#v3(Wc^0Q7FBoV}wT)aIrzMl`@2e(e0>vCWUNPd+VS{QQD@~>MdhEf!_NFJ(Wx1AG z3ck#{1r`^u8uWYjr?>1WsyJ&$sOjb}9V;LA3^M6^IBg{GA@=5#&^O<6VA&~?dL?(= zhl2(h&qZ=|)_#MUKa{|FK(Rl0uaOvg^lkH5VNnvEO620qI58BCc<`S6!)1@Ec>#M3vtTo#Hz zjoXC!&~H7`*TUD5X{n@PC_>_WmDg_GAL=42miP>0cjf+&$TdPkt5j5El3{K2j7bMr zH4Rtr4R$w1M|9v?3gt*PXjTchRtWGVLa3D0WCbKMqzxg-Mx4*KI*@=Gsf`rDs3)1Y zCuf8r>7k=s9Y|=43C?Q--7VudxjvB_%cIM!SaF(Qq>l}KRcep7gtW2mD}QT ziWGlLDiy;U#2|`Ef0y@SRzG9jNiOdY%RP$0ZW#H|q^lDbHFrI&c6d^iHaYR`&@QFq zl#l3fT~rPSx`rXyqkjHo(blwthx`-G`?}ZCU;nG{`Q#ZLe%o#GsC{+1ZRGcz9eK%a zLswAf{@Rh=y0MLFH!~NWcx%~`g8M^SvqTR78;PgTdwZ|4Mi@GS8piBP^%q$Mt5Z_6 zw&jq~)pmiT%A>6k^oG8Jr{@}WC-v9g&j9TF#m{VhkJi&F2FhFMGU;d`cmFGAE5qR1 z?21}mBK_S5v-^lN&`ZKhz^vw0ugnyaq|>b@13`#}@1Q>s8aOEQ(swmk$Q@-m29U{8 zEho!K1}J(M(ti6S6*Xl}@`@5XC?EY|`&atIDDe%Jnnp=k9#D>9evdT5!lk)hDYRBx z(kC$WX|Fy)9xuYt@rN$8?dJVtAgIescHF(0?q&;mnLsbi(sQd+2zNtxo<4IofgCzo zzyCn|g9nwoLApGD{!t)%Zt?TTLfG{w`e)ckNyUCF*UM#DmPn`a4!*>AzAvcbo13?Mxd0?FY3h=IgK zI*n#aLY{rsVppC;QP{TT4Rz|lvOgx-Pywdnqde;kE1>Is`9_iRu9~6fr}{vlmn4+! zVk20z=*3O1I&y9;ehF0byN~d(pQ&Ok_pVgRcbk4SM5qL@uRR8Fx>u zvIYE6D(qHQiJBzW`j^B)bZe?mO6QRa%TJV)VocyI$?93odMf=Hjo;)z(&n!dYsao> z9p$V=3A7Tjp^6Sx6HDk>k3Z^C&8*&3iR7BE` zK6-BB<-fXkw+qqf9i9b@FOs%P|B(8*928V3C5|Fm3u;VF@EYale7YW`!ygG{P1?Y^ z5E=%9mj(P!0Kuc2w+-)F<#3ZnB^8WtZ&f)HM@aCyJH!sEe_A9oYiKZga5#(97-iFJ{QKco0?z`T1 z?cA*XYr{%!Ic|1Su3pqkVS$b}P|U-N3BgxGi#27kM1}QSch8dnKtE*2Z<9DHvzT`j zW606Oc7o!>2c0`DZY*{+F={A!EQ}c8R=aurZ-p#o;Kw6IUtOve3;>vA%ZwnfBbcDo zj!qw~=07r+I6!j}#SGjT;d>@qUW80y7J8*<__KWUid#;|Ei#HrBi(8gX|e*aO;5`{4&-?P z7e61-Wf;-kfs{lfW`|JFy=Z2qet9*BCsUyG)T@_F`u6*4;ZcC#sL7R}zuk?RDpPAJkSqtOf@c%bv?!11BA8LlCt( zjj!7T6AvXjCX-R&rzK=pE-u-roK36jZ+8^M_9Wenj)i1=!EaUTIt3 zuJvT?_Wb4hoKSkSf``d;m}k-KQXLdW=Qmx@CHLsO-MOW1HiO~E&L{3NrFK3L%G)7! z7-+S6 zUEbHIVxjKrzT2nuUBAc+7Uc0Be=}A)8CnD$i9lYZ`18H=AAH%*xYHc+&TRMbPKPst zFPM-sT3l%-&*dysw)WZy^M&Cpa1Rs*$>gy((lHf>g!0| zY1}Z>*8bSTV$;Ea_(bUa-W)$as$vgI9)abzd9{I-6=eay3HzRIZBfrQs2*jj2{hz4 zAKa|uVUoYi(mrzd)j{|R0^~5IkJ z$P$U_3f)IsK{nmd-@w9Bx-lybwehzeo-v$tB>H@ew%)mfM|1HV82&Uy2hG$)ce`za z4xeAKhELXgkrcgq#{nf{=0;I^$&vX^4a>2TN(!h5Z+3a}wkzJ&JQ5VgNPgj&TtP2P z8`53WuTz3*hUd(U6h&$--;M6dW$@inSxjTyD_}|zr_J-lt!%B;opNhwkI*iP4C0=(_5O=T<`i`PK%-SpUdzSws{ca3Ts$4*?6F3KcyhMHlZTgIAIwGc(zK zu&t22c6Scyy?hm`-#P*cvB(Hi%27o_U0gco(sZ!cQsRs+L*#mc-jV3`JP`e8U?Cp7 z=^F^253T9W7?OUVGLlxmP>o}ZC`F2pf-J~=3xZR>jCRz7|u_js0p0<4Cb%Hat39VPh zt-JyiD5wRSTYF5zMH)CA{kyE*dK_$Vjk;|`hJ9ioXdV!}KV_nskP&qNb0_r6Ki zs!Fe*7A7uYgk1>nI+gWgOG}T50Ib)D3!1l#*fS5n_qUQ-8XE45dUhr(LBXRD!pFVX z;J~xMm|9M~K=4hT?@<}NYcUj9&EYmTRz-D$v{3Y9NZWC|7Dxfv6uyX%LYKEb#P)FO zjRFw?E>s)t-B0-Om~gXTi-s!;c!xI=mNm(zK#_`))?c{EXg-FC<*`UtG4pv9hZ`YF zL4hjCsk(LiW!jP{oX<|-oL;=zjAxq#aLv03h9Z0Sg&wS64CynER z69Y2+sJYx*dYM=EcBB%koEHtQNpdig4K?5t9sgTM2zRYvJa^Meq6uf~i^C|Roq)E* z_644AR(hf*zQ zx+5;vIw_>Se{luF#t%if<9*7>Bp-$Nhqpd3_)&Jn0224yF4^X|S=4f}(&;K(HSSac z0~B}Cj1jcA_1KukTx#1T3MbHkem2@UK{G;$9S`%LY2$frB{$*b#^Pz)S* zY9>F+hzY2k{_~8?%4ChD@oWmg&O#>TlB9Vh5KSMf~9h=xNdEw5u1jZ)d| zWr!2or*v%X_a1omfK}Ui^RIx^Y^~#gFqZrVE6)Qlja6cie1C|ZR}}FrnG#^6Px*0M zP`)ToD{y^k;@)-LLP24>P;_<+HM1+uD(?U+Ja~}Qurz;ZGO)+2Sc_}#N#rf<4m7kP zKT&&cYUCS?ugB3%2(3?B^kAJBqp^5#QL%h2K2sFn%?}PD$c8@xM;y*CT{_h3j5G#0 z{E&2oR{zeexeJ+Ux8Wb~Nn$*g1S1bq*&XfLtG>Mtg#xjkMLqzs!<9VFsHCvQj6kWhOWGU3*x?$WsvWdCU7;}{b?o*B{}|5+bi&UCygr`FbMH!@_Br4-jozg|Of z8A0I5pvu}7>{*(7F^-nES@aU8-KnyNcq|448BRcJyoQtM3PAgtR>h=EDzW^zde};I zbtk-gbWl%m$Klu;=U&ENlydAj8TBE1`)0rKMbQi6MzE~rjzQSN-ozteEH{_W7J?T_ z?@jW*g952hx6Xv76dFZzd+1oF`zYy+LhNefH>=>YBJJQjbnJ%}?G~M=*m3&cw6##Y z9;Qf%Spgq8`2BeDRx8n8x**ADC(e| zMM5#0YHs=%C}dudK}x`VLS+9UAEx9sd7|%|DtCAE_8olLb7Oy~t9bQJmr&Ua zc}qmOB?&H86MY5!^rf@dp`qrR{l8~2CIgxbM;1eA;T9Vcg&LR6t0^-`Im#CpUBk9a zeT<}~XWw6Nw!I>>8WHZH{iLMsB%nE ztm_WZtbS16INL;q0q;Viu1~&kXiz$&@?**6+O0ugx?)T-$2eirhmwa^D(&@DznRGh zz)ThW=ilU&X}X>q}jwz5$VT_*tR3 zN}>^B^BOA?1cjMhC9bu&3^$M%u6!LnF6#awDIaEZNA>iG?MiI*?btSCLODz?itvkG z;pbB`HLV<<{shW*DA3?H#G7Pk$w=4Y(Sin*yMeA*B5l^a_ zEGXpjF3P-dyn~NuSQND2JS{WJZnL9&vg1nkum!MI69r6iKxFCHeH<92YHsz7ON>d# z7o|8b71D2-soX0dyl8eHgba8*Vp02yEFOO{8a-k-QX{CO^8x{}0TFOY$h~GV@B(~> z7>@DJ%VQ+-Z}#nfy?n7UFnA?o`UKJnEcZ*T*R_hmJA@`ALgj`@L-+8<-kYRO!T&Bu zS$v=tnN3a*1Y&r8q&i}ceoC8h(rBfwAh&fIfYD(A1k`dd43Q=P(~=q#Ja?I-Y*8}a zDKybW(*<@BWNUFKpjyAzJN@e#RrJ|exk11jDM#FkUL)RSM$iWhc+`nG$`^Af zg!!X2@CUy++7a(y|A$KMdCWt%LGzQ0d!AC?FH-mRP8GXe)l*4M&JU~39B!yMa;NY- zKG2t*fMQk*zd&hLMi7?D3tZ4_*0L?;0k3V+(|@j_p2sbTAOuMp(nr*IT*B}}2R8Zz zac@qd!a)qxr~mECd|H(NU2P~)UDx%7KEfsoY>jqKqGUr2s|~Tu&L^hdI&~Y{ve6{} zvbY-haSp+P_SUrw?JJ)HCe*RtYSKAI(+gK5L|Z)`SC0w{;eO?)yu7$me6vQHB}XNx zwdF3tbJqhCcUgOupH&fdKy8ThSLCx+>91P!op*D;@;_Ut!V5T`N8$6KY23odl-7h( zv3!So_UGg*hd!Zm37{9+I@>`c+5r%=-t|Y)d=Y=d&(_SFOY1N|29SnN54xl;GdBNG z%73l41Ut>lGg4D_R5>a62uf3FL1)Nne+v1@HfifiU+%vM{3c zX0$_tD78v0YT+?W%M3o@O(%hCT^q)z38s0<1FCxm#2$qX9K3(iKt7b7;GQ zqKL++u~`4e>y;?pO2{tr1_O~d2$}vlmnTD$D!F@y{aK%K5Bt(;EOXxWsl)|j-X>l0 z>xjBUVpSl>vmGAQV7MAvws_KLTIWLB7wskh-{ezJRnp++?(-sKzqYV z6HibpXnx?p%4Ep&y3lnynS!JJ#`FbsaMbMeZP`Y1e6<&g0-2o51gnKT`-2Bv!MTkX zc+Gtik!iitfv)cX;LrRnH5Gjiw()4^Z!wKJhXY~3kKRqNx57V5x4_*L?i{+|l+8d3 zxQHA9lqgn0v~oc6gz3lHrY^xLgy{?ZJ_T1#aV8Q-V`GW-HgM`WFggRHh6Wzjw5G_O6C+xk1+ZQoWh?J40>?QN+iB5~Oz7P)K+`URK za_uxzt?k>F(Q|_aqnpV*yXYI<_pdcVG2i+5%cOgvR_N2dr0M}~Zp1ZJ-%GtX{HV2D zL3)8Rs52N2?U&jezV}lVsV1J3I2+ZKkl91u^R=IVm|U#szr5|3pnNFG*?NW0^W>DR zo&o9V-O{08wFx7oUc%Fh#H74CPoCCd{u)AHmhKcA;&2ny;zH`8dymEwtp@i-^ofh& zOyR5YL0?SMI)am0rK>Am-I3`Tr<9QUJUe1Qa?9!)edA#sNUx^qfaFC#_4>#vMMvr6 zJb*a9jIA*anU7(^bxViT;BIvb-YgbT1Of5#DxvtLfE+Onhj>h^CGmY4$_Es;fT;rz zm_(tZ`DfO82|aYr?pQkCq^;VlZRJ~#0tM6+I`v*7kc8+(2k8UHC) zVAW9t`0?AES_QsO!u^ulhEtoTUVp6hDM(qmbF4X;WWRfp8c9sZq#K1hrde@gCJW(V zu^Sv8RYkEK+a|1Tq%exEr2Ia`0NErdYYem!$Oc`DZ;I*@YdLqfL^po=Zr2w;e{ar#I9b{hR z9EutL$RM{q{gOnzS~IyXAkBg-mC%E9X7l4#%WIO2>8SK2bm896O!{>_(lu5m>@V>0 z5oLa~>p=%dmuqPWa{iM)(vN_Qe|8!v->B7U6CXw{xoojofVo&)*C}lMy#Hn7?$#&A z95od%v6luHPL&@biNrKEx246S#dZm zq~7{_T58@j8L_!9HAVv7)1MlXfGY@b&5>F7WM+QvmEXtTQ_IFX?PZFp>Bw>I8p%HT zbPaC8$Z-y#dRY6Wbn$Th1EU78n*sXL;f_(`a{gqo)!gQg6VrlAn$rf8Km4eV-IiV* z;u4ywm`LzWRu~3&BkZ^|_oc`+$-%G_<(I84Pd`q~JX=`t@dn<vrPonSHX#z272qt=>4U$NLR(V^lW5GFDq`G$4yrGuU=twR&$)+*~|CN8w+E>h9o z!M?2JRi>URLGM%%+(~8`+eUNq#|t~lyuyn4C3?A+dgv9IUVCaA>vM(GTjrgJ+=-8H z{wpAol}hCG)El=(C2tI4a&kkW5>i{70|d=4v~F?_BS^X9+@_3%;m!wcS70<;QnLrW zwjvs7B)vO_PP#USc>Ex}z<_0W{F6YtNt@Odf|$Opg`0pps}3FAM^K4|Yas8Nu%1#)J{uXH|CggcTeT_U2tLox z+$TH6gsowZec+>M2xFu6_V&!duHgS1G%gF-3zp<@y+HAsjb0g7;Nqw7h0Ny%Pu#YD z>U?uNWEcUGIR(oNs7HVjG-u=zYmy~+c?}%qAT>7dRT=tASDd+fVlR@k>70f`F(!$# zMLd`g?hL2>D?>N;HY|Kc9@u=hv&pY&G&OT8?!c=@0G<(!s;ww(yfdkn@eq}19%hrI zE##BbaAWYT9<|N82a#bCeJB`&Umb*t!5{BAWV%dtAP(67ia5VKdfFcDb}*0V=IFSD zuf3305C$d1`zGC7y68m+9EMiBL!9q=;JkUSO@k3PCM@F@53Rznb1ube~Qt% zBobYNs*3NYbcLQPb*%JCK%EKOKl*&;sfCiT86Gc8D(Z?*A(rpx%XsBoH(`6$~P4X+^f*;l*1umHnF}3KvDRBsMno zS#4NdWfDjIOb4_UD;`CL+D??+zR-QHvH_hkuBx^|x@e)ASfAwEpEM4N$;p0Q@hX6% zZ!o8OQ2MuslT>hUKxMfDhEyg6&A;EIcJn0??)TJ({`3?u2G67e1m03KI`4VLFB($t z(OfZ_5_YzQHNkgmpDeLZuv67-UN*KbxuUQ=A-~kAU4U%~%+)W-)8FClE0^Q?crB=k z)kh5rB%>#v5e@Rxy5zI%yl$TJJlnD;_a zb2ssbW0AFS5Y+fL`|DaimfXT0XSE==M>;Zx0BnSroi$g^vsxuSYGOF;9Njj$mO0$U zfICP;5)2OAn7UHN01TE717Tv#lE-8$AxOGAZ^>}SwPe(}l#Bzsr$cNmDhZz6rgYC` z#4MyG`oWYAr&iIcCdYHPY{2A+wC2!|-#R(+%$LpYqUx9S0E~0=c$qc#WurT9WtmC5 zhX@vpv5~j>&2}DHi6(;xFkz|%vO5s&p}if*1(zjW7#Q7T}mSh{=fdy|9{81X?WWXn_=*_l@`3{VtlJ#P-86LXR)W2*N}X z^U?Y2X`}N1cbabd{bQI$f96CXa*OMT%T`Bd6yUYJht!qq-`!|#zddV2snWVxnJ{ig zg<-Tksbpku8i)4~Uw8J<}l7) zrayM7G)m&;kWMnLguJGWpxYeDUZ}zfJgTsL>0;_iVQEGjjO;X6ed_TZ7=XJ2>T2)#-R{`-e|d~1lB96NdGFT)Q6{yMO^K(%Xnx9eaLRW4Ir#c z&y=sWmcKJKr99X4fj-2Y^nAZrr8g?vWO^eR;H>`i@c!B>Y1GH1_qSm!xK%|oZP>9u za&d1_Nq5bVsEFTh5^np#r?PuD&6yRcsJM)5UP+Rss;H))R`Hi{RDotQMh`y!gzR=< zsNP81Z|=+cEw86EDdX)`K=|mm@ih^Un{F20jd8e=jfVI@Woq#otwF0C;rZ%el@=H8 z^Di_vxr*E?F01iD7DEqsP0}-lyyRDrbxT)NDJtXs1}s1R(oEkF)Y)~c9E{s>#Dkj)JU6PL0~5;~A{nE~C_hxuAOO>^^=Lr~3y ztAsVODqM1=1B0~ICpYAHz=yX#uO}ZHLK_M}0DQCBlRk)F5fxGSv+mi!$=0;bVbqNN zha1Bh`!hE?UjnS9P}x1Xi%s@2{I&cCReG1{{)=J)WD|m+X8DpCLV6TPi9&JH3V7@^)XHe(ZI2Le{_THhr(2tEfoH zA3OFWe%)ADQdHmb-n6jJF-a)f`eLHx^9)_=C1)_#*veC!H#^RR=OS`&494`eNr z_k2HQFPss%_?gDks3*c@#MS=-WxfE=Ux>BMMBRyRO*kg};gZeeo^ma!RlJ?@>kSp5>^+_bGdlQUiy+XcqqFj*l*Qx1oi-;u=wHEr*vg|3CtjQ} zdm!>g1DHgIP-^4SZ>^z&?O$PB)l+4FI97|Zea3h{8DJTwsHxtwa=^0i^K!m!eW4!h zUH1^xFFbkrI!I@QNcU&U2`Hm;=MV#LJd8|Ef+|e0?f0Y-Ykh~2NbWLlPIvf{H89>6 z4~ONe?5kGx;?h2XWTfYc5~vVriwkRPy3=4AWGq;Tlt}Pw9Ybmgmbz_6bF(qjE9{8z z*Jr|{ojuF>wE%==CTARtvP7F!!U{{v+iyHa{hoiCF!k#3kkR#(rzB_q)$AtFB^Jpv z_HR5S1OkK&MYcDWyNhD)zf7`>4uE<$IBTV(k9Mrc*HLydm-TEpV?D0&zsZlaKGL&S z7Z!R`dS2)amtKqSe$6sA7Yvp2oJfsY`wx>|8L-+y>yb&-%e6_2)=BQ~g_AOf5%TA9 zz*lO$nL!VAzktenfrHM{BZ!Fylh80fzw&rmbK3*3amm&A#lPFre$)idYVj^(En5~K zBgVhyVC0Y_b?vd_HcQVtUe$HT=v!c?5Q`oG=lu6IwzfuOW$lQ5&`Rx!H0q%CMjDMg zpSD=JY$VmM9C0L6wg_uEj^z%9Ifx&`8FKd7b7Ab_zI4VFxi)MwtT2*VY#5SU3{lrR z(EZlI>;YTPv$(D=YL~fk#feTetxMmh_rBn)+UE^2c%Jqkw6YP2Zg&m?P~>rvld#Xg z<=q+dhnvV73-BR^fAAg59n%ZB9y+tzf{a)5+k3Y>d9Gf;9eQqf((3x5kG;Zs@-+l^ zWCWh!&u?R{2M&YIR6M00a52(qN0!Udv^4FZKJ#K~TAx$PQf7kksCW&g`;i@%>v00> z649pS-7Ci^q<6ydd}3FhloUplJ6Ik^C)IQ8Q$8GFM0m#s zK{31tcthU=se5E?c@3!>9Q72b6s#1+*@>ria<9&iKz&p`&u$Co=J=e@e}BmLOkv%& zN$hXs_F+*<@2?vj+@PM;n#oV;HZG^-O&h~i7qwW-hWM`)Yh9ul9zK{rX{VI3Ty9tu z4C*P-;S4(!Yq_;iDYvnCIpMuaSByUP@cVhK+nlh?HiZT+eB%h0QdyQ4LW2SG&G3i4 zry9QpiXYgjEdgL8?yozzIF~fq@L4wKsN!Dt&}!Ac#f;MIkefpI$OAMP=DFD1;Q_3VJWaIb6G$H#jib zfLt!PFw<{FP3my^O%T5V!BOEo}bmAm;El`Cw+)T zZ|Yx*GDEz5$^HF9v&hm4e54zrQt^DJGb_IHT+9&lY+mA}qV}B8QhQs&U_P(V`Knvk zzDMWJ6-+W>(}+FUVWdOZbLskafxO`r2Cw%)SZQ;OfSTiEfhfM{`wwdWxuGAb7c);H z8G>Xq^Vy8^A>GUf~tmRu2_>O#H)Cjf}0j#Ndf3N04d~3;RL1r{tq^Zd; zz%u@H;F$3#Sdt9|lo9oMnUP-3l{$tRG!bRByz%rjLf!sXcXO7f=vgMTtFwqZIY~dK z#~$}7=#>tZ7o7alfz^t*O&wgCQDICR2?qlC5xiAM804^>`VFx%5nD3m5@&*z5IQjv zt>>sPKqn#Y1FX?5zo;ldA=q={Bvgjs^>;KQ$GS5umIw_IZJTAJbaQV&*y8#6Rb7Kn ztUa0I^J;=(mh;th`dv?CU*k72cDmpIA(WD^dpW4<6rusK6L(4AL(BNevqjUtWFtL! zsTB3hK+4pmfQ%ew5<3&baQY7qj!Ma41q$NB}%?7_voE&XLJ%BB$Dt^sMrTC_Mg7>0c{J(XH5YN;Wpj8F{vdyD z_;VVGX)km8;*b*e+0hfUeLh^N2Mq#scDU_O!#1GpZMPSOJk6hbP5?%XiYl1O0oJYd z>V91x?(hzqtWLypebjXsjhqu~eK>#kW7bG((TE5yC`o1xf__k3`LGrP8*9w8E9md_ zaC)gN<5WdKEKpLM8uEWI)FlB~jO=>wD}tX4ZmtY=4jEXYfWMt5OE<-V%s} ztVBz^a!?C3Pgz0$l|*N2TY%OCq9YCMJE-%g8%LSyKgP9cs#P3F!j-L!- zm*{K4jFsGtq8R&&JN?lRHKH7#k$09r;}vpLo|%-l2@ev8Wg3-E)L z0JF7-w7>5;^|z9JzGrdJS-LxP_6e{sxc2-+w^vOCdijw_PZf`Kim$2=#@I&GLnAO;?md6u?`;If_A~-H< z0ZC$2uLF9}9nV!`6NF2K+v|H5#Yyxm=#|E}SR--c8F;i2JE@v_w8!D*M2OY%*2LBR zk6yJmiaAn41Y5>wOPz58^?~#?q2$ZUc~5tQM?V}YREY0kd@Rgi1}VEK9piF^&GF)~ zrr05`We^-%_U)M_qz!WF=U)4-*j@JUnihlxORbXqcKx#gd<#j&3o?FM&V{xSDYB;Q zO&Kh?u3Tp(h6J!E>_+1x*9(;X*l~H}MSx%1>1_->siPl`C%qYNlzQLoq3G-3F?EM8 zy%1KnoG0`%P%m4Ei7mHgFbJ_$Q<=XJon%98nF@ z-5=o&pMPnl(;$AG!zWem53)3vYrG41yd64y+9 zM-g(s$(r+Sp6QJK(o=v*(N*{h%e87Sz%4#7T(uR-jr?8@+yv~&O?sexfSy2_YRUr~ z1STd-b`Tgcn07*NR{?3~x+{O7&F;n<2dV&)0@MGI&4g+m99_bPW$*-?IOqb5I|b>Z z25BJI0Xc0=?zZ0Kl4`U99Qb%(o&bs{EBDu&U8pB_D1Z$)m<1rAco^dBqy(K}^7Hmw zRE*!|c9DU;6!Xi~mEfGYUttGMYWGiS+lQLrkOhDMl9z&5R5=i4iQFkLuajZqQuE}- zkWA-H&1(WL z;udXqbJ=O9-_QS2#<(hLJ3zUd^2ok>3rACE@`UDZ>xCl^8?_7g`h(c0^|>Ok}vk3-5fhSq*Ecv-)XjUFp!5lLO=F_B@l&J=vqX z-zVB`SB}hM;cu#W2XsKWyYdhm!B?v~uPZEQWt&ZWtBLZuF>PX9gY~RGNY&d(2%quy LK6!%UiOc^tnK;Wy diff --git a/doc/source/deploy_install_guides/r1_release/index.rst b/doc/source/deploy_install_guides/r1_release/index.rst deleted file mode 100644 index f712ae237..000000000 --- a/doc/source/deploy_install_guides/r1_release/index.rst +++ /dev/null @@ -1,300 +0,0 @@ -=========================== -StarlingX R1.0 Installation -=========================== - -.. important:: - - Significant changes in the underlying StarlingX infrastructure have occurred - since the R1.0 release. Due to these changes, the R1.0 installation - instructions may not work as described. - - Installation of the current :ref:`latest_release` is recommended. - -This is the installation guide for the StarlingX R1.0 release. If this is not -the installation guide you want to use, see the :doc:`available installation -guides `. - ------------- -Introduction ------------- - -StarlingX may be installed in: - -- **Bare metal**: Real deployments of StarlingX are only supported on - physical servers. -- **Virtual environment**: It should only be used for evaluation or - development purposes. - -StarlingX installed in virtual environments has two options: - -- :doc:`Libvirt/QEMU ` -- VirtualBox - ------------- -Requirements ------------- - -Different use cases require different configurations. - -********** -Bare metal -********** - -The minimum requirements for the physical servers where StarlingX might -be deployed, include: - -- **Controller hosts** - - - Minimum processor is: - - - Dual-CPU Intel® Xeon® E5 26xx family (SandyBridge) 8 - cores/socket - - - Minimum memory: 64 GB - - Hard drives: - - - Primary hard drive, minimum 500 GB for OS and system databases. - - Secondary hard drive, minimum 500 GB for persistent VM storage. - - - 2 physical Ethernet interfaces: OAM and MGMT network. - - USB boot support. - - PXE boot support. - -- **Storage hosts** - - - Minimum processor is: - - - Dual-CPU Intel® Xeon® E5 26xx family (SandyBridge) 8 - cores/socket. - - - Minimum memory: 64 GB. - - Hard drives: - - - Primary hard drive, minimum 500 GB for OS. - - 1 or more additional hard drives for CEPH OSD storage, and - - Optionally 1 or more SSD or NVMe drives for CEPH journals. - - - 1 physical Ethernet interface: MGMT network - - PXE boot support. - -- **Compute hosts** - - - Minimum processor is: - - - Dual-CPU Intel® Xeon® E5 26xx family (SandyBridge) 8 - cores/socket. - - - Minimum memory: 32 GB. - - Hard drives: - - - Primary hard drive, minimum 500 GB for OS. - - 1 or more additional hard drives for ephemeral VM storage. - - - 2 or more physical Ethernet interfaces: MGMT network and 1 or more - provider networks. - - PXE boot support. - -- **All-In-One Simplex or Duplex, controller + compute hosts** - - - Minimum processor is: - - - Typical hardware form factor: - - - Dual-CPU Intel® Xeon® E5 26xx family (SandyBridge) 8 cores/socket - - Low cost / low power hardware form factor - - - Single-CPU Intel Xeon D-15xx family, 8 cores - - - Minimum memory: 64 GB. - - Hard drives: - - - Primary hard drive, minimum 500 GB SSD or NVMe. - - 0 or more 500 GB disks (min. 10K RPM). - - - Network ports: - - **NOTE:** Duplex and Simplex configurations require one or more data - ports. - The Duplex configuration requires a management port. - - - Management: 10GE (Duplex only) - - OAM: 10GE - - Data: n x 10GE - -The recommended minimum requirements for the physical servers are -described later in each StarlingX deployment guide. - -^^^^^^^^^^^^^^^^^^^^^^^^ -NVMe drive as boot drive -^^^^^^^^^^^^^^^^^^^^^^^^ - -To use a Non-Volatile Memory Express (NVMe) drive as the boot drive for any of -your nodes, you must configure your host and adjust kernel parameters during -installation: - -- Configure the host to be in UEFI mode. -- Edit the kernel boot parameter. After you are presented with the StarlingX - ISO boot options and after you have selected the preferred installation option - (e.g. Standard Configuration / All-in-One Controller Configuration), press the - TAB key to edit the kernel boot parameters. Modify the **boot_device** and - **rootfs_device** from the default **sda** so that it is the correct device - name for the NVMe drive (e.g. "nvme0n1"). - - :: - - vmlinuz rootwait console=tty0 inst.text inst.stage2=hd:LABEL=oe_iso_boot - inst.ks=hd:LABEL=oe_iso_boot:/smallsystem_ks.cfg boot_device=nvme0n1 - rootfs_device=nvme0n1 biosdevname=0 usbcore.autosuspend=-1 inst.gpt - security_profile=standard user_namespace.enable=1 initrd=initrd.img - - -******************* -Virtual environment -******************* - -The recommended minimum requirements for the workstation, hosting the -virtual machine(s) where StarlingX will be deployed, include: - -^^^^^^^^^^^^^^^^^^^^^ -Hardware requirements -^^^^^^^^^^^^^^^^^^^^^ - -A workstation computer with: - -- Processor: x86_64 only supported architecture with BIOS enabled - hardware virtualization extensions -- Cores: 8 (4 with careful monitoring of cpu load) -- Memory: At least 32GB RAM -- Hard Disk: 500GB HDD -- Network: Two network adapters with active Internet connection - -^^^^^^^^^^^^^^^^^^^^^ -Software requirements -^^^^^^^^^^^^^^^^^^^^^ - -A workstation computer with: - -- Operating System: Freshly installed Ubuntu 16.04 LTS 64-bit -- Proxy settings configured (if applies) -- Git -- KVM/VirtManager -- Libvirt library -- QEMU full-system emulation binaries -- stx-tools project -- StarlingX ISO image - -^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -Deployment environment setup -^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -This section describes how to set up the workstation computer which will -host the virtual machine(s) where StarlingX will be deployed. - -'''''''''''''''''''''''''''''' -Updating your operating system -'''''''''''''''''''''''''''''' - -Before proceeding with the build, ensure your OS is up to date. You’ll -first need to update the local database list of available packages: - -:: - - $ sudo apt-get update - -''''''''''''''''''''''''' -Install stx-tools project -''''''''''''''''''''''''' - -Clone the stx-tools project. Usually you’ll want to clone it under your -user’s home directory. - -:: - - $ cd $HOME - $ git clone https://git.starlingx.io/stx-tools - - -'''''''''''''''''''''''''''''''''''''''' -Installing requirements and dependencies -'''''''''''''''''''''''''''''''''''''''' - -Navigate to the stx-tools installation libvirt directory: - -:: - - $ cd $HOME/stx-tools/deployment/libvirt/ - - -Install the required packages: - -:: - - $ bash install_packages.sh - - -'''''''''''''''''' -Disabling firewall -'''''''''''''''''' - -Unload firewall and disable firewall on boot: - -:: - - $ sudo ufw disable - Firewall stopped and disabled on system startup - $ sudo ufw status - Status: inactive - - -------------------------------- -Getting the StarlingX ISO image -------------------------------- - -Follow the instructions from the :doc:`/developer_resources/build_guide` to build a -StarlingX ISO image. - -********** -Bare metal -********** - -A bootable USB flash drive containing StarlingX ISO image. - - -******************* -Virtual environment -******************* - -Copy the StarlingX ISO Image to the stx-tools deployment libvirt project -directory: - -:: - - $ cp $HOME/stx-tools/deployment/libvirt/ - - ------------------- -Deployment options ------------------- - -- Standard controller - - .. toctree:: - :maxdepth: 1 - - controller_storage - dedicated_storage - -- All-in-one - - .. toctree:: - :maxdepth: 1 - - simplex - duplex - - -.. toctree:: - :hidden: - - installation_libvirt_qemu - diff --git a/doc/source/deploy_install_guides/r1_release/installation_libvirt_qemu.rst b/doc/source/deploy_install_guides/r1_release/installation_libvirt_qemu.rst deleted file mode 100644 index 504cda311..000000000 --- a/doc/source/deploy_install_guides/r1_release/installation_libvirt_qemu.rst +++ /dev/null @@ -1,204 +0,0 @@ -============================== -Installation libvirt qemu R1.0 -============================== - -Installation for StarlingX R1.0 using Libvirt/QEMU virtualization. - ---------------------- -Hardware requirements ---------------------- - -A workstation computer with: - -- Processor: x86_64 only supported architecture with BIOS enabled - hardware virtualization extensions -- Memory: At least 32GB RAM -- Hard disk: 500GB HDD -- Network: One network adapter with active Internet connection - ---------------------- -Software requirements ---------------------- - -A workstation computer with: - -- Operating system: This process is known to work on Ubuntu 16.04 and - is likely to work on other Linux OS's with some appropriate adjustments. -- Proxy settings configured (if applies) -- Git -- KVM/VirtManager -- Libvirt library -- QEMU full-system emulation binaries -- stx-tools project -- StarlingX ISO image - ----------------------------- -Deployment environment setup ----------------------------- - -************* -Configuration -************* - -These scripts are configured using environment variables that all have -built-in defaults. On shared systems you probably do not want to use the -defaults. The simplest way to handle this is to keep a rc file that can -be sourced into an interactive shell that configures everything. Here's -an example called stxcloud.rc: - -:: - - export CONTROLLER=stxcloud - export COMPUTE=stxnode - export STORAGE=stxstorage - export BRIDGE_INTERFACE=stxbr - export INTERNAL_NETWORK=172.30.20.0/24 - export INTERNAL_IP=172.30.20.1/24 - export EXTERNAL_NETWORK=192.168.20.0/24 - export EXTERNAL_IP=192.168.20.1/24 - - -This rc file shows the defaults baked into the scripts: - -:: - - export CONTROLLER=controller - export COMPUTE=compute - export STORAGE=storage - export BRIDGE_INTERFACE=stxbr - export INTERNAL_NETWORK=10.10.10.0/24 - export INTERNAL_IP=10.10.10.1/24 - export EXTERNAL_NETWORK=192.168.204.0/24 - export EXTERNAL_IP=192.168.204.1/24 - - -************************* -Install stx-tools project -************************* - -Clone the stx-tools project into a working directory. - -:: - - git clone https://git.openstack.org/openstack/stx-tools.git - - -It is convenient to set up a shortcut to the deployment script -directory: - -:: - - SCRIPTS=$(pwd)/stx-tools/deployment/libvirt - - -If you created a configuration, load it from stxcloud.rc: - -:: - - source stxcloud.rc - - -**************************************** -Installing requirements and dependencies -**************************************** - -Install the required packages and configure QEMU. This only needs to be -done once per host. (NOTE: this script only knows about Ubuntu at this -time): - -:: - - $SCRIPTS/install_packages.sh - - -****************** -Disabling firewall -****************** - -Unload firewall and disable firewall on boot: - -:: - - sudo ufw disable - sudo ufw status - - -****************** -Configure networks -****************** - -Configure the network bridges using setup_network.sh before doing -anything else. It will create 4 bridges named stxbr1, stxbr2, stxbr3 and -stxbr4. Set the BRIDGE_INTERFACE environment variable if you need to -change stxbr to something unique. - -:: - - $SCRIPTS/setup_network.sh - - -The destroy_network.sh script does the reverse, and should not be used -lightly. It should also only be used after all of the VMs created below -have been destroyed. - -There is also a script cleanup_network.sh that will remove networking -configuration from libvirt. - -********************* -Configure controllers -********************* - -One script exists for building different StarlingX cloud configurations: -setup_configuration.sh. - -The script uses the cloud configuration with the -c option: - -- simplex -- duplex -- controllerstorage -- dedicatedstorage - -You need an ISO file for the installation, the script takes a file name -with the -i option: - -:: - - $SCRIPTS/setup_configuration.sh -c -i - - -And the setup will begin. The scripts create one or more VMs and start -the boot of the first controller, named oddly enough \``controller-0``. -If you have Xwindows available you will get virt-manager running. If -not, Ctrl-C out of that attempt if it doesn't return to a shell prompt. -Then connect to the serial console: - -:: - - virsh console controller-0 - - -Continue the usual StarlingX installation from this point forward. - -Tear down the VMs using destroy_configuration.sh. - -:: - - $SCRIPTS/destroy_configuration.sh -c - - --------- -Continue --------- - -Pick up the installation in one of the existing guides at the initializing -controller-0 step. - -- Standard controller - - - :doc:`StarlingX Cloud with Dedicated Storage Virtual Environment ` - - :doc:`StarlingX Cloud with Controller Storage Virtual Environment ` - -- All-in-one - - - :doc:`StarlingX Cloud Duplex Virtual Environment ` - - :doc:`StarlingX Cloud Simplex Virtual Environment ` diff --git a/doc/source/deploy_install_guides/r1_release/simplex.rst b/doc/source/deploy_install_guides/r1_release/simplex.rst deleted file mode 100644 index c751ac962..000000000 --- a/doc/source/deploy_install_guides/r1_release/simplex.rst +++ /dev/null @@ -1,748 +0,0 @@ -======================= -All-in-one Simplex R1.0 -======================= - -.. contents:: - :local: - :depth: 1 - -**NOTE:** The instructions to set up a StarlingX One Node Configuration -(AIO-SX) system with containerized openstack services in this guide -are under development. -For approved instructions, see the -`One Node Configuration wiki page `__. - ----------------------- -Deployment description ----------------------- - -The All-In-One Simplex (AIO-SX) deployment option provides all three cloud -functions (controller, compute, and storage) on a single physical server. With -these cloud functions, multiple application types can be deployed and -consolidated onto a single physical server. For example, with a AIO-SX -deployment you can do the following: - -- Consolidate legacy applications that must run standalone on a server by using - multiple virtual machines on a single physical server. -- Consolidate legacy applications that run on different operating systems or - different distributions of operating systems by using multiple virtual - machines on a single physical server. - -Only a small amount of cloud processing / storage power is required with an -All-In-One Simplex deployment. - -.. figure:: figures/starlingx-deployment-options-simplex.png - :scale: 50% - :alt: All-In-One Simplex deployment configuration - - *All-In-One Simplex deployment configuration* - -An All-In-One Simplex deployment provides no protection against an overall -server hardware fault. Protection against overall server hardware faults is -either not required, or done at a higher level. Hardware component protection -could be enabled if, for example, an HW RAID or 2x Port LAG is used in the -deployment. - --------------------------------------- -Preparing an All-In-One Simplex server --------------------------------------- - -********** -Bare metal -********** - -Required Server: - -- Combined server (controller + compute): 1 - -^^^^^^^^^^^^^^^^^^^^^ -Hardware requirements -^^^^^^^^^^^^^^^^^^^^^ - -The recommended minimum requirements for the physical servers where -All-In-One Simplex is deployed are as follows: - -- Minimum processor: - - - Typical hardware form factor: - - - Dual-CPU Intel® Xeon® E5 26xx family (SandyBridge) 8 cores/socket - - Low cost / low power hardware form factor - - - Single-CPU Intel Xeon D-15xx family, 8 cores - -- Memory: 64 GB -- BIOS: - - - Hyper-Threading technology: Enabled - - Virtualization technology: Enabled - - VT for directed I/O: Enabled - - CPU power and performance policy: Performance - - CPU C state control: Disabled - - Plug & play BMC detection: Disabled - -- Primary disk: - - - 500 GB SSD or NVMe - -- Additional disks: - - - Zero or more 500 GB disks (min. 10K RPM) - -- Network ports - - **NOTE:** All-In-One Simplex configuration requires one or more data ports. - This configuration does not require a management port. - - - OAM: 10GE - - Data: n x 10GE - -******************* -Virtual environment -******************* - -Run the libvirt QEMU setup scripts to set up virtualized OAM and -management networks: - -:: - - $ bash setup_network.sh - -Building XML for definition of virtual servers: - -:: - - $ bash setup_configuration.sh -c simplex -i - -The default XML server definition created by the previous script is as follows: - -- simplex-controller-0 - -^^^^^^^^^^^^^^^^^^^^^^^^^ -Power up a virtual server -^^^^^^^^^^^^^^^^^^^^^^^^^ - -To power up the virtual server, run the following command: - -:: - - $ sudo virsh start - -Here is an example: - -:: - - $ sudo virsh start simplex-controller-0 - -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -Access a virtual server console -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -The XML for virtual servers in stx-tools repo, deployment/libvirt, -provides both graphical and text consoles. -Follow these steps to access a virtual server console: - -#. Access the graphical console in virt-manager by right-clicking on the - domain (i.e. the server) and selecting "Open". - -#. Access the textual console using the command "virsh console $DOMAIN", - where DOMAIN is the name of the server shown in virsh. - -#. When booting controller-0 for the first time, both the serial and - graphical consoles present the initial configuration menu for the - cluster. You can select the serial or graphical console for controller-0. - However, for the other nodes, you can only use the serial console - regardless of the selected option. - -#. Open the graphic console on all servers before powering them on to - observe the boot device selection and PXI boot progress. Run the "virsh - console $DOMAIN" command promptly after powering up to see the initial boot - sequence that follows the boot device selection. Only a few seconds exist - during which you can see the sequence. - ------------------------------- -Installing the controller host ------------------------------- - -Installing controller-0 involves initializing a host with software and -then applying a bootstrap configuration from the command line. The -configured bootstrapped host becomes controller-0. - -Following is the general procedure: - -#. Be sure the StarlingX ISO is on a USB device and it is plugged into - the USB port of the server that will be controller-0 and then - power on the server. - -#. Configure the controller using the config_controller script. - -************************* -Initializing controller-0 -************************* - -This section describes how to initialize StarlingX in host controller-0. -Except where noted, you must execute all the commands from a console of -the host. - -#. Be sure the StarlingX ISO is on a USB device and it is plugged into - the USB port of the server that will be controller-0. - -#. Power on the server. - -#. Wait for the console to show the StarlingX ISO booting options: - - - **All-in-one Controller Configuration** - - - When the installer is loaded and the installer welcome screen - appears in the controller-0 host, select "All-in-one Controller Configuration" - for the type of installation. - - - **Graphical Console** - - - Select the "Graphical Console" as the console to use during - installation. - - - **Standard Security Boot Profile** - - - Select "Standard Security Boot Profile" as the Security Profile. - -#. Monitor the initialization. When the installation is complete, a reboot is initiated - on the controller-0 host. The GNU GRUB screen briefly displays and then - boots automatically into the StarlingX image. - -#. Log into controller-0 as user wrsroot and use wrsroot as the password. The - first time you log in as wrsroot, you are required to change your - password. Enter the current password (i.e. wrsroot): - - :: - - Changing password for wrsroot. - (current) UNIX Password: - -#. Enter a new password for the wrsroot account: - - :: - - New password: - -#. Enter the new password again to confirm it: - - :: - - Retype new password: - -#. The controller-0 is initialized with StarlingX and is ready for configuration. - - -************************ -Configuring controller-0 -************************ - -This section describes how to interactively configure controller-0 -to bootstrap the system with minimal critical data. -Except where noted, you must execute all commands from the console -of the active controller (i.e. controller-0). - -When run interactively, the config_controller script presents a series -of prompts for initial configuration of StarlingX: - -- For the virtual environment, you can accept all the default values - immediately after "system date and time". -- For a physical deployment, answer the bootstrap configuration - questions with answers applicable to your particular physical setup. - -The script configures the first controller in the StarlingX -cluster as controller-0. The prompts are grouped by configuration -area. - -Follow this procedure to interactively configure controller-0: - -#. Start the script with no parameters: - - :: - - controller-0:~$ sudo config_controller - System Configuration - ================ - Enter ! at any prompt to abort... - ... - -#. Select [y] for System date and time: - - :: - - System date and time: - ----------------------------- - - Is the current date and time correct? [y/N]: y - -#. For System mode choose "simplex": - - :: - - ... - 1) duplex-direct: two node-redundant configuration. Management and - infrastructure networks are directly connected to peer ports - 2) duplex - two node redundant configuration - 3) simplex - single node non-redundant configuration - System mode [duplex-direct]: 3 - -#. After System date and time and System mode: - - :: - - Applying configuration (this will take several minutes): - - 01/08: Creating bootstrap configuration ... DONE - 02/08: Applying bootstrap manifest ... DONE - 03/08: Persisting local configuration ... DONE - 04/08: Populating initial system inventory ... DONE - 05:08: Creating system configuration ... DONE - 06:08: Applying controller manifest ... DONE - 07:08: Finalize controller configuration ... DONE - 08:08: Waiting for service activation ... DONE - - Configuration was applied - - Please complete any out of service commissioning steps with system - commands and unlock controller to proceed. - -#. After config_controller bootstrap configuration, REST API, CLI and - Horizon interfaces are enabled on the controller-0 OAM IP address. The - remaining installation instructions use the CLI. - --------------------------------- -Provisioning the controller host --------------------------------- - -On controller-0, acquire Keystone administrative privileges: - -:: - - controller-0:~$ source /etc/nova/openrc - -********************************************* -Configuring provider networks at installation -********************************************* - -Set up one provider network of the vlan type and name it providernet-a: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ neutron providernet-create providernet-a --type=vlan - [wrsroot@controller-0 ~(keystone_admin)]$ neutron providernet-range-create --name providernet-a-range1 --range 100-400 providernet-a - -***************************************** -Providing data interfaces on controller-0 -***************************************** - -Follow these steps: - -#. List all interfaces: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-if-list -a controller-0 - +--------------------------------------+---------+----------+...+------+--------------+------+---------+------------+.. - | uuid | name | class |...| vlan | ports | uses | used by | attributes |.. - | | | |...| id | | i/f | i/f | |.. - +--------------------------------------+----------+---------+...+------+--------------+------+---------+------------+.. - | 49fd8938-e76f-49f1-879e-83c431a9f1af | enp0s3 | platform |...| None | [u'enp0s3'] | [] | [] | MTU=1500 |.. - | 8957bb2c-fec3-4e5d-b4ed-78071f9f781c | eth1000 | None |...| None | [u'eth1000'] | [] | [] | MTU=1500 |.. - | bf6f4cad-1022-4dd7-962b-4d7c47d16d54 | eth1001 | None |...| None | [u'eth1001'] | [] | [] | MTU=1500 |.. - | f59b9469-7702-4b46-bad5-683b95f0a1cb | enp0s8 | platform |...| None | [u'enp0s8'] | [] | [] | MTU=1500 |.. - +--------------------------------------+---------+----------+...+------+--------------+------+---------+------------+.. - -#. Configure the data interfaces: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-if-modify -c data controller-0 eth1000 -p providernet-a - +------------------+--------------------------------------+ - | Property | Value | - +------------------+--------------------------------------+ - | ifname | eth1000 | - | iftype | ethernet | - | ports | [u'eth1000'] | - | providernetworks | providernet-a | - | imac | 08:00:27:c4:ad:3e | - | imtu | 1500 | - | ifclass | data | - | aemode | None | - | schedpolicy | None | - | txhashpolicy | None | - | uuid | 8957bb2c-fec3-4e5d-b4ed-78071f9f781c | - | ihost_uuid | 9c332b27-6f22-433b-bf51-396371ac4608 | - | vlan_id | None | - | uses | [] | - | used_by | [] | - | created_at | 2018-08-28T12:50:51.820151+00:00 | - | updated_at | 2018-08-28T14:46:18.333109+00:00 | - | sriov_numvfs | 0 | - | ipv4_mode | disabled | - | ipv6_mode | disabled | - | accelerated | [True] | - +------------------+--------------------------------------+ - -************************************* -Configuring Cinder on controller disk -************************************* - -Follow these steps: - -#. Review the available disk space and capacity and obtain the uuid of the - physical disk: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-list controller-0 - +--------------------------------------+-----------+---------+---------+---------+------------+... - | uuid | device_no | device_ | device_ | size_mi | available_ |... - | | de | num | type | b | mib |... - +--------------------------------------+-----------+---------+---------+---------+------------+... - | 6b42c9dc-f7c0-42f1-a410-6576f5f069f1 | /dev/sda | 2048 | HDD | 600000 | 434072 |... - | | | | | | |... - | | | | | | |... - | 534352d8-fec2-4ca5-bda7-0e0abe5a8e17 | /dev/sdb | 2064 | HDD | 16240 | 16237 |... - | | | | | | |... - | | | | | | |... - | 146195b2-f3d7-42f9-935d-057a53736929 | /dev/sdc | 2080 | HDD | 16240 | 16237 |... - | | | | | | |... - | | | | | | |... - +--------------------------------------+-----------+---------+---------+---------+------------+... - -#. Create the 'cinder-volumes' local volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-lvg-add controller-0 cinder-volumes - +-----------------+--------------------------------------+ - | lvm_vg_name | cinder-volumes | - | vg_state | adding | - | uuid | 61cb5cd2-171e-4ef7-8228-915d3560cdc3 | - | ihost_uuid | 9c332b27-6f22-433b-bf51-396371ac4608 | - | lvm_vg_access | None | - | lvm_max_lv | 0 | - | lvm_cur_lv | 0 | - | lvm_max_pv | 0 | - | lvm_cur_pv | 0 | - | lvm_vg_size | 0.00 | - | lvm_vg_total_pe | 0 | - | lvm_vg_free_pe | 0 | - | created_at | 2018-08-28T13:45:20.218905+00:00 | - | updated_at | None | - | parameters | {u'lvm_type': u'thin'} | - +-----------------+--------------------------------------+ - -#. Create a disk partition to add to the volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-partition-add controller-0 534352d8-fec2-4ca5-bda7-0e0abe5a8e17 16237 -t lvm_phys_vol - +-------------+--------------------------------------------------+ - | Property | Value | - +-------------+--------------------------------------------------+ - | device_path | /dev/disk/by-path/pci-0000:00:0d.0-ata-2.0-part1 | - | device_node | /dev/sdb1 | - | type_guid | ba5eba11-0000-1111-2222-000000000001 | - | type_name | None | - | start_mib | None | - | end_mib | None | - | size_mib | 16237 | - | uuid | 0494615f-bd79-4490-84b9-dcebbe5f377a | - | ihost_uuid | 9c332b27-6f22-433b-bf51-396371ac4608 | - | idisk_uuid | 534352d8-fec2-4ca5-bda7-0e0abe5a8e17 | - | ipv_uuid | None | - | status | Creating | - | created_at | 2018-08-28T13:45:48.512226+00:00 | - | updated_at | None | - +-------------+--------------------------------------------------+ - -#. Wait for the new partition to be created (i.e. status=Ready): - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-partition-list controller-0 --disk 534352d8-fec2-4ca5-bda7-0e0abe5a8e17 - +--------------------------------------+...+------------+...+---------------------+----------+--------+ - | uuid |...| device_nod |...| type_name | size_mib | status | - | |...| e |...| | | | - +--------------------------------------+...+------------+...+---------------------+----------+--------+ - | 0494615f-bd79-4490-84b9-dcebbe5f377a |...| /dev/sdb1 |...| LVM Physical Volume | 16237 | Ready | - | |...| |...| | | | - | |...| |...| | | | - +--------------------------------------+...+------------+...+---------------------+----------+--------+ - -#. Add the partition to the volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-pv-add controller-0 cinder-volumes 0494615f-bd79-4490-84b9-dcebbe5f377a - +--------------------------+--------------------------------------------------+ - | Property | Value | - +--------------------------+--------------------------------------------------+ - | uuid | 9a0ad568-0ace-4d57-9e03-e7a63f609cf2 | - | pv_state | adding | - | pv_type | partition | - | disk_or_part_uuid | 0494615f-bd79-4490-84b9-dcebbe5f377a | - | disk_or_part_device_node | /dev/sdb1 | - | disk_or_part_device_path | /dev/disk/by-path/pci-0000:00:0d.0-ata-2.0-part1 | - | lvm_pv_name | /dev/sdb1 | - | lvm_vg_name | cinder-volumes | - | lvm_pv_uuid | None | - | lvm_pv_size | 0 | - | lvm_pe_total | 0 | - | lvm_pe_alloced | 0 | - | ihost_uuid | 9c332b27-6f22-433b-bf51-396371ac4608 | - | created_at | 2018-08-28T13:47:39.450763+00:00 | - | updated_at | None | - +--------------------------+--------------------------------------------------+ - -********************************************* -Adding an LVM storage backend at installation -********************************************* - -Follow these steps: - -#. Ensure requirements are met to add LVM storage: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system storage-backend-add lvm -s cinder - - WARNING : THIS OPERATION IS NOT REVERSIBLE AND CANNOT BE CANCELLED. - - By confirming this operation, the LVM backend will be created. - - Please refer to the system admin guide for minimum spec for LVM - storage. Set the 'confirmed' field to execute this operation - for the lvm backend. - -#. Add the LVM storage backend: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system storage-backend-add lvm -s cinder --confirmed - - System configuration has changed. - Please follow the administrator guide to complete configuring the system. - - +--------------------------------------+------------+---------+-------------+...+----------+--------------+ - | uuid | name | backend | state |...| services | capabilities | - +--------------------------------------+------------+---------+-------------+...+----------+--------------+ - | 6d750a68-115a-4c26-adf4-58d6e358a00d | file-store | file | configured |...| glance | {} | - | e2697426-2d79-4a83-beb7-2eafa9ceaee5 | lvm-store | lvm | configuring |...| cinder | {} | - +--------------------------------------+------------+---------+-------------+...+----------+--------------+ - -#. Wait for the LVM storage backend to be configured (i.e. state=configured): - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system storage-backend-list - +--------------------------------------+------------+---------+------------+------+----------+--------------+ - | uuid | name | backend | state | task | services | capabilities | - +--------------------------------------+------------+---------+------------+------+----------+--------------+ - | 6d750a68-115a-4c26-adf4-58d6e358a00d | file-store | file | configured | None | glance | {} | - | e2697426-2d79-4a83-beb7-2eafa9ceaee5 | lvm-store | lvm | configured | None | cinder | {} | - +--------------------------------------+------------+---------+------------+------+----------+--------------+ - -*********************************************** -Configuring VM local storage on controller disk -*********************************************** - -Follow these steps: - -#. Review the available disk space and capacity and obtain the uuid of the - physical disk: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-list controller-0 - +--------------------------------------+-----------+---------+---------+---------+------------+... - | uuid | device_no | device_ | device_ | size_mi | available_ |... - | | de | num | type | b | mib |... - +--------------------------------------+-----------+---------+---------+---------+------------+... - | 6b42c9dc-f7c0-42f1-a410-6576f5f069f1 | /dev/sda | 2048 | HDD | 600000 | 434072 |... - | | | | | | |... - | | | | | | |... - | 534352d8-fec2-4ca5-bda7-0e0abe5a8e17 | /dev/sdb | 2064 | HDD | 16240 | 0 |... - | | | | | | |... - | | | | | | |... - | 146195b2-f3d7-42f9-935d-057a53736929 | /dev/sdc | 2080 | HDD | 16240 | 16237 |... - | | | | | | |... - | | | | | | |... - +--------------------------------------+-----------+---------+---------+---------+------------+... - -#. Create the 'nova-local' volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-lvg-add controller-0 nova-local - +-----------------+-------------------------------------------------------------------+ - | Property | Value | - +-----------------+-------------------------------------------------------------------+ - | lvm_vg_name | nova-local | - | vg_state | adding | - | uuid | 517d313e-8aa0-4b4d-92e6-774b9085f336 | - | ihost_uuid | 9c332b27-6f22-433b-bf51-396371ac4608 | - | lvm_vg_access | None | - | lvm_max_lv | 0 | - | lvm_cur_lv | 0 | - | lvm_max_pv | 0 | - | lvm_cur_pv | 0 | - | lvm_vg_size | 0.00 | - | lvm_vg_total_pe | 0 | - | lvm_vg_free_pe | 0 | - | created_at | 2018-08-28T14:02:58.486716+00:00 | - | updated_at | None | - | parameters | {u'concurrent_disk_operations': 2, u'instance_backing': u'image'} | - +-----------------+-------------------------------------------------------------------+ - -#. Create a disk partition to add to the volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-partition-add controller-0 146195b2-f3d7-42f9-935d-057a53736929 16237 -t lvm_phys_vol - +-------------+--------------------------------------------------+ - | Property | Value | - +-------------+--------------------------------------------------+ - | device_path | /dev/disk/by-path/pci-0000:00:0d.0-ata-3.0-part1 | - | device_node | /dev/sdc1 | - | type_guid | ba5eba11-0000-1111-2222-000000000001 | - | type_name | None | - | start_mib | None | - | end_mib | None | - | size_mib | 16237 | - | uuid | 009ce3b1-ed07-46e9-9560-9d2371676748 | - | ihost_uuid | 9c332b27-6f22-433b-bf51-396371ac4608 | - | idisk_uuid | 146195b2-f3d7-42f9-935d-057a53736929 | - | ipv_uuid | None | - | status | Creating | - | created_at | 2018-08-28T14:04:29.714030+00:00 | - | updated_at | None | - +-------------+--------------------------------------------------+ - -#. Wait for the new partition to be created (i.e. status=Ready): - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-disk-partition-list controller-0 --disk 146195b2-f3d7-42f9-935d-057a53736929 - +--------------------------------------+...+------------+...+---------------------+----------+--------+ - | uuid |...| device_nod |...| type_name | size_mib | status | - | |...| e |...| | | | - +--------------------------------------+...+------------+...+---------------------+----------+--------+ - | 009ce3b1-ed07-46e9-9560-9d2371676748 |...| /dev/sdc1 |...| LVM Physical Volume | 16237 | Ready | - | |...| |...| | | | - | |...| |...| | | | - +--------------------------------------+...+------------+...+---------------------+----------+--------+ - -#. Add the partition to the volume group: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-pv-add controller-0 nova-local 009ce3b1-ed07-46e9-9560-9d2371676748 - +--------------------------+--------------------------------------------------+ - | Property | Value | - +--------------------------+--------------------------------------------------+ - | uuid | 830c9dc8-c71a-4cb2-83be-c4d955ef4f6b | - | pv_state | adding | - | pv_type | partition | - | disk_or_part_uuid | 009ce3b1-ed07-46e9-9560-9d2371676748 | - | disk_or_part_device_node | /dev/sdc1 | - | disk_or_part_device_path | /dev/disk/by-path/pci-0000:00:0d.0-ata-3.0-part1 | - | lvm_pv_name | /dev/sdc1 | - | lvm_vg_name | nova-local | - | lvm_pv_uuid | None | - | lvm_pv_size | 0 | - | lvm_pe_total | 0 | - | lvm_pe_alloced | 0 | - | ihost_uuid | 9c332b27-6f22-433b-bf51-396371ac4608 | - | created_at | 2018-08-28T14:06:05.705546+00:00 | - | updated_at | None | - +--------------------------+--------------------------------------------------+ - -********************** -Unlocking controller-0 -********************** - -You must unlock controller-0 so that you can use it to install -controller-1. Use the system host-unlock command: - -:: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-unlock controller-0 - -The host reboots. During the reboot, the command line is -unavailable and any ssh connections are dropped. To monitor the -progress of the reboot, use the controller-0 console. - -**************************************** -Verifying the controller-0 configuration -**************************************** - -Follow these steps: - -#. On controller-0, acquire Keystone administrative privileges: - - :: - - controller-0:~$ source /etc/nova/openrc - -#. Verify that the controller-0 services are running: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system service-list - +-----+-------------------------------+--------------+----------------+ - | id | service_name | hostname | state | - +-----+-------------------------------+--------------+----------------+ - ... - | 1 | oam-ip | controller-0 | enabled-active | - | 2 | management-ip | controller-0 | enabled-active | - ... - +-----+-------------------------------+--------------+----------------+ - -#. Verify that controller-0 has controller and compute subfunctions: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-show 1 | grep subfunctions - | subfunctions | controller,compute | - -#. Verify that controller-0 is unlocked, enabled, and available: - - :: - - [wrsroot@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - +----+--------------+-------------+----------------+-------------+--------------+ - -***************** -System alarm list -***************** - -When all nodes are unlocked, enabled, and available, check 'fm alarm-list' for -issues. - -Your StarlingX deployment is now up and running with one controller with Cinder -storage and all OpenStack services up and running. You can now proceed with -standard OpenStack APIs, CLIs and/or Horizon to load Glance images, configure -Nova Flavors, configure Neutron networks, and launch Nova virtual machines. - ----------------------- -Deployment terminology ----------------------- - -.. include:: deployment_terminology.rst - :start-after: incl-simplex-deployment-terminology: - :end-before: incl-simplex-deployment-terminology-end: - -.. include:: deployment_terminology.rst - :start-after: incl-standard-controller-deployment-terminology: - :end-before: incl-standard-controller-deployment-terminology-end: - -.. include:: deployment_terminology.rst - :start-after: incl-common-deployment-terminology: - :end-before: incl-common-deployment-terminology-end: diff --git a/doc/source/deploy_install_guides/r2_release/ansible_bootstrap_configs.rst b/doc/source/deploy_install_guides/r2_release/ansible_bootstrap_configs.rst deleted file mode 100644 index a57095f6f..000000000 --- a/doc/source/deploy_install_guides/r2_release/ansible_bootstrap_configs.rst +++ /dev/null @@ -1,246 +0,0 @@ -================================ -Ansible Bootstrap Configurations -================================ - -This section describes additional Ansible bootstrap configurations for advanced -Ansible bootstrap scenarios. - -.. contents:: - :local: - :depth: 1 - ----- -IPv6 ----- - -If you are using IPv6, provide IPv6 configuration overrides for the Ansible -bootstrap playbook. Note that all addressing, except pxeboot_subnet, should be -updated to IPv6 addressing. - -Example IPv6 override values are shown below: - -:: - - dns_servers: - ‐ 2001:4860:4860::8888 - ‐ 2001:4860:4860::8844 - pxeboot_subnet: 169.254.202.0/24 - management_subnet: 2001:db8:2::/64 - cluster_host_subnet: 2001:db8:3::/64 - cluster_pod_subnet: 2001:db8:4::/64 - cluster_service_subnet: 2001:db8:4::/112 - external_oam_subnet: 2001:db8:1::/64 - external_oam_gateway_address: 2001:db8::1 - external_oam_floating_address: 2001:db8::2 - external_oam_node_0_address: 2001:db8::3 - external_oam_node_1_address: 2001:db8::4 - management_multicast_subnet: ff08::1:1:0/124 - -.. note:: - - The `external_oam_node_0_address`, and `external_oam_node_1_address` parameters - are not required for the AIO‐SX installation. - ----------------- -Private registry ----------------- - -To bootstrap StarlingX requires pulling container images for multiple system -services. By default these container images are pulled from public registries: -k8s.gcr.io, gcr.io, quay.io, and docker.io. - -It may be required (or desired) to copy the container images to a private -registry and pull the images from the private registry (instead of the public -registries) as part of the StarlingX bootstrap. For example, a private registry -would be required if a StarlingX system was deployed in an air-gapped network -environment. - -Use the `docker_registries` structure in the bootstrap overrides file to specify -alternate registry(s) for the public registries from which container images are -pulled. These alternate registries are used during the bootstrapping of -controller-0, and on :command:`system application-apply` of application packages. - -The `docker_registries` structure is a map of public registries and the -alternate registry values for each public registry. For each public registry the -key is a fully scoped registry name of a public registry (for example "k8s.gcr.io") -and the alternate registry URL and username/password (if authenticated). - -url - The fully scoped registry name (and optionally namespace/) for the alternate - registry location where the images associated with this public registry - should now be pulled from. - - Valid formats for the `url` value are: - - * Domain. For example: - - :: - example.domain - - * Domain with port. For example: - - :: - example.domain:5000 - - * IPv4 address. For example: - - :: - 1.2.3.4 - - * IPv4 address with port. For example: - - :: - 1.2.3.4:5000 - - * IPv6 address. For example: - - :: - FD01::0100 - - * IPv6 address with port. For example: - - :: - [FD01::0100]:5000 - -username - The username for logging into the alternate registry, if authenticated. - -password - The password for logging into the alternate registry, if authenticated. - - -Additional configuration options in the `docker_registries` structure are: - -unified - A special public registry key which, if defined, will specify that images - from all public registries should be retrieved from this single source. - Alternate registry values, if specified, are ignored. The `unified` key - supports the same set of alternate registry values of `url`, `username`, and - `password`. - -is_secure_registry - Specifies whether the registry(s) supports HTTPS (secure) or HTTP (not secure). - Applies to all alternate registries. A boolean value. The default value is - True (secure, HTTPS). - - -If an alternate registry is specified to be secure (using HTTPS), the certificate -used by the registry may not be signed by a well-known Certificate Authority (CA). -This results in the :command:`docker pull` of images from this registry to fail. -Use the `ssl_ca_cert` override to specify the public certificate of the CA that -signed the alternate registry’s certificate. This will add the CA as a trusted -CA to the StarlingX system. - -ssl_ca_cert - The `ssl_ca_cert` value is the absolute path of the certificate file. The - certificate must be in PEM format and the file may contain a single CA - certificate or multiple CA certificates in a bundle. - - -The following example specifies a single alternate registry from which to -bootstrap StarlingX, where the images of the public registries have been -copied to the single alternate registry. It additionally defines an alternate -registry certificate: - -:: - - docker_registries: - k8s.gcr.io: - url: - gcr.io: - url: - quay.io: - url: - docker.io: - url: - unified: - url: my.registry.io - username: myreguser - password: myregP@ssw0rd - is_secure_registry: True - - ssl_ca_cert: /path/to/ssl_ca_cert_file - ------------- -Docker proxy ------------- - -If the StarlingX OAM interface or network is behind a http/https proxy, relative -to the Docker registries used by StarlingX or applications running on StarlingX, -then Docker within StarlingX must be configured to use these http/https proxies. - -Use the following configuration overrides to configure your Docker proxy settings. - -docker_http_proxy - Specify the HTTP proxy URL to use. For example: - - :: - - docker_http_proxy: http://my.proxy.com:1080 - -docker_https_proxy - Specify the HTTPS proxy URL to use. For example: - - :: - - docker_https_proxy: https://my.proxy.com:1443 - -docker_no_proxy - A no-proxy address list can be provided for registries not on the other side - of the proxies. This list will be added to the default no-proxy list derived - from localhost, loopback, management, and OAM floating addresses at run time. - Each address in the no-proxy list must neither contain a wildcard nor have - subnet format. For example: - - :: - - docker_no_proxy: - - 1.2.3.4 - - 5.6.7.8 - -------------------------------- -K8S Root CA Certificate and Key -------------------------------- - -By default the K8S Root CA Certificate and Key are auto-generated and result in -the use of self-signed certificates for the Kubernetes API server. In the case -where self-signed certificates are not acceptable, use the bootstrap override -values `k8s_root_ca_cert` and `k8s_root_ca_key` to specify the certificate and -key for the Kubernetes root CA. - -k8s_root_ca_cert - Specifies the certificate for the Kubernetes root CA. The `k8s_root_ca_cert` - value is the absolute path of the certificate file. The certificate must be - in PEM format and the value must be provided as part of a pair with - `k8s_root_ca_key`. The playbook will not proceed if only one value is provided. - -k8s_root_ca_key - Specifies the key for the Kubernetes root CA. The `k8s_root_ca_key` - value is the absolute path of the certificate file. The certificate must be - in PEM format and the value must be provided as part of a pair with - `k8s_root_ca_cert`. The playbook will not proceed if only one value is provided. - -.. important:: - - The default length for the generated Kubernetes root CA certificate is 10 - years. Replacing the root CA certificate is an involved process so the custom - certificate expiry should be as long as possible. We recommend ensuring root - CA certificate has an expiry of at least 5-10 years. - -The administrator can also provide values to add to the Kubernetes API server -certificate Subject Alternative Name list using the 'apiserver_cert_sans` -override parameter. - -apiserver_cert_sans - Specifies a list of Subject Alternative Name entries that will be added to the - Kubernetes API server certificate. Each entry in the list must be an IP address - or domain name. For example: - - :: - - apiserver_cert_sans: - - hostname.domain - - 198.51.100.75 - -StarlingX automatically updates this parameter to include IP records for the OAM -floating IP and both OAM unit IP addresses. diff --git a/doc/source/deploy_install_guides/r2_release/bare_metal/aio_duplex.rst b/doc/source/deploy_install_guides/r2_release/bare_metal/aio_duplex.rst deleted file mode 100644 index 7d85e038f..000000000 --- a/doc/source/deploy_install_guides/r2_release/bare_metal/aio_duplex.rst +++ /dev/null @@ -1,26 +0,0 @@ -============================================== -Bare metal All-in-one Duplex Installation R2.0 -============================================== - --------- -Overview --------- - -.. include:: ../desc_aio_duplex.txt - -The bare metal AIO-DX deployment configuration may be extended with up to four -worker/compute nodes (not shown in the diagram). Installation instructions for -these additional nodes are described in :doc:`aio_duplex_extend`. - -.. include:: ../ipv6_note.txt - ------------- -Installation ------------- - -.. toctree:: - :maxdepth: 1 - - aio_duplex_hardware - aio_duplex_install_kubernetes - aio_duplex_extend \ No newline at end of file diff --git a/doc/source/deploy_install_guides/r2_release/bare_metal/aio_duplex_extend.rst b/doc/source/deploy_install_guides/r2_release/bare_metal/aio_duplex_extend.rst deleted file mode 100644 index b42411f1c..000000000 --- a/doc/source/deploy_install_guides/r2_release/bare_metal/aio_duplex_extend.rst +++ /dev/null @@ -1,192 +0,0 @@ -================================================ -Extend Capacity with Worker and/or Compute Nodes -================================================ - -This section describes the steps to extend capacity with worker and/or compute -nodes on a **StarlingX R2.0 bare metal All-in-one Duplex** deployment -configuration. - -.. contents:: - :local: - :depth: 1 - ---------------------------------- -Install software on compute nodes ---------------------------------- - -#. Power on the compute servers and force them to network boot with the - appropriate BIOS boot options for your particular server. - -#. As the compute servers boot, a message appears on their console instructing - you to configure the personality of the node. - -#. On the console of controller-0, list hosts to see newly discovered compute - hosts (hostname=None): - - :: - - system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-0 | controller | unlocked | enabled | available | - | 3 | None | None | locked | disabled | offline | - | 4 | None | None | locked | disabled | offline | - +----+--------------+-------------+----------------+-------------+--------------+ - -#. Using the host id, set the personality of this host to 'controller': - - :: - - system host-update 3 personality=worker hostname=compute-0 - system host-update 4 personality=worker hostname=compute-1 - - This initiates the install of software on compute nodes. - This can take 5-10 minutes, depending on the performance of the host machine. - -#. Wait for the install of software on the computes to complete, the computes to - reboot and to both show as locked/disabled/online in 'system host-list'. - - :: - - system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-1 | controller | unlocked | enabled | available | - | 3 | compute-0 | compute | locked | disabled | online | - | 4 | compute-1 | compute | locked | disabled | online | - +----+--------------+-------------+----------------+-------------+--------------+ - ------------------------ -Configure compute nodes ------------------------ - -#. Assign the cluster-host network to the MGMT interface for the compute nodes: - - (Note that the MGMT interfaces are partially set up automatically by the - network install procedure.) - - :: - - for COMPUTE in compute-0 compute-1; do - system interface-network-assign $COMPUTE mgmt0 cluster-host - done - -#. Configure data interfaces for compute nodes. Use the DATA port names, for - example eth0, that are applicable to your deployment environment. - - .. important:: - - This step is **required** for OpenStack. - - This step is optional for Kubernetes: Do this step if using SRIOV network - attachments in hosted application containers. - - For Kubernetes SRIOV network attachments: - - * Configure SRIOV device plug in: - - :: - - system host-label-assign controller-1 sriovdp=enabled - - * If planning on running DPDK in containers on this host, configure the number - of 1G Huge pages required on both NUMA nodes: - - :: - - system host-memory-modify controller-1 0 -1G 100 - system host-memory-modify controller-1 1 -1G 100 - - For both Kubernetes and OpenStack: - - :: - - DATA0IF= - DATA1IF= - PHYSNET0='physnet0' - PHYSNET1='physnet1' - SPL=/tmp/tmp-system-port-list - SPIL=/tmp/tmp-system-host-if-list - - # configure the datanetworks in sysinv, prior to referencing it - # in the ``system host-if-modify`` command'. - system datanetwork-add ${PHYSNET0} vlan - system datanetwork-add ${PHYSNET1} vlan - - for COMPUTE in compute-0 compute-1; do - echo "Configuring interface for: $COMPUTE" - set -ex - system host-port-list ${COMPUTE} --nowrap > ${SPL} - system host-if-list -a ${COMPUTE} --nowrap > ${SPIL} - DATA0PCIADDR=$(cat $SPL | grep $DATA0IF |awk '{print $8}') - DATA1PCIADDR=$(cat $SPL | grep $DATA1IF |awk '{print $8}') - DATA0PORTUUID=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $2}') - DATA1PORTUUID=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $2}') - DATA0PORTNAME=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $4}') - DATA1PORTNAME=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $4}') - DATA0IFUUID=$(cat $SPIL | awk -v DATA0PORTNAME=$DATA0PORTNAME '($12 ~ DATA0PORTNAME) {print $2}') - DATA1IFUUID=$(cat $SPIL | awk -v DATA1PORTNAME=$DATA1PORTNAME '($12 ~ DATA1PORTNAME) {print $2}') - system host-if-modify -m 1500 -n data0 -c data ${COMPUTE} ${DATA0IFUUID} - system host-if-modify -m 1500 -n data1 -c data ${COMPUTE} ${DATA1IFUUID} - system interface-datanetwork-assign ${COMPUTE} ${DATA0IFUUID} ${PHYSNET0} - system interface-datanetwork-assign ${COMPUTE} ${DATA1IFUUID} ${PHYSNET1} - set +ex - done - -************************************* -OpenStack-specific host configuration -************************************* - -.. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - -#. **For OpenStack only:** Assign OpenStack host labels to the compute nodes in - support of installing the stx-openstack manifest and helm-charts later. - - :: - - for NODE in compute-0 compute-1; do - system host-label-assign $NODE openstack-compute-node=enabled - system host-label-assign $NODE openvswitch=enabled - system host-label-assign $NODE sriov=enabled - done - -#. **For OpenStack only:** Setup disk partition for nova-local volume group, - needed for stx-openstack nova ephemeral disks. - - :: - - for COMPUTE in compute-0 compute-1; do - echo "Configuring Nova local for: $COMPUTE" - ROOT_DISK=$(system host-show ${COMPUTE} | grep rootfs | awk '{print $4}') - ROOT_DISK_UUID=$(system host-disk-list ${COMPUTE} --nowrap | grep ${ROOT_DISK} | awk '{print $2}') - PARTITION_SIZE=10 - NOVA_PARTITION=$(system host-disk-partition-add -t lvm_phys_vol ${COMPUTE} ${ROOT_DISK_UUID} ${PARTITION_SIZE}) - NOVA_PARTITION_UUID=$(echo ${NOVA_PARTITION} | grep -ow "| uuid | [a-z0-9\-]* |" | awk '{print $4}') - system host-lvg-add ${COMPUTE} nova-local - system host-pv-add ${COMPUTE} nova-local ${NOVA_PARTITION_UUID} - done - - --------------------- -Unlock compute nodes --------------------- - -Unlock compute nodes in order to bring them into service: - -:: - - for COMPUTE in compute-0 compute-1; do - system host-unlock $COMPUTE - done - -The compute nodes will reboot to apply configuration changes and come into -service. This can take 5-10 minutes, depending on the performance of the host -machine. - diff --git a/doc/source/deploy_install_guides/r2_release/bare_metal/aio_duplex_hardware.rst b/doc/source/deploy_install_guides/r2_release/bare_metal/aio_duplex_hardware.rst deleted file mode 100644 index b8f55d119..000000000 --- a/doc/source/deploy_install_guides/r2_release/bare_metal/aio_duplex_hardware.rst +++ /dev/null @@ -1,58 +0,0 @@ -===================== -Hardware Requirements -===================== - -This section describes the hardware requirements and server preparation for a -**StarlingX R2.0 bare metal All-in-one Duplex** deployment configuration. - -.. contents:: - :local: - :depth: 1 - ------------------------------ -Minimum hardware requirements ------------------------------ - -The recommended minimum hardware requirements for bare metal servers for various -host types are: - -+-------------------------+-----------------------------------------------------------+ -| Minimum Requirement | All-in-one Controller Node | -+=========================+===========================================================+ -| Number of servers | 2 | -+-------------------------+-----------------------------------------------------------+ -| Minimum processor class | - Dual-CPU Intel® Xeon® E5 26xx family (SandyBridge) | -| | 8 cores/socket | -| | | -| | or | -| | | -| | - Single-CPU Intel® Xeon® D-15xx family, 8 cores | -| | (low-power/low-cost option) | -+-------------------------+-----------------------------------------------------------+ -| Minimum memory | 64 GB | -+-------------------------+-----------------------------------------------------------+ -| Primary disk | 500 GB SSD or NVMe (see :doc:`../../nvme_config`) | -+-------------------------+-----------------------------------------------------------+ -| Additional disks | - 1 or more 500 GB (min. 10K RPM) for Ceph OSD | -| | - Recommended, but not required: 1 or more SSDs or NVMe | -| | drives for Ceph journals (min. 1024 MiB per OSD journal)| -| | - For OpenStack, recommend 1 or more 500 GB (min. 10K RPM)| -| | for VM local ephemeral storage | -+-------------------------+-----------------------------------------------------------+ -| Minimum network ports | - Mgmt/Cluster: 1x10GE | -| | - OAM: 1x1GE | -| | - Data: 1 or more x 10GE | -+-------------------------+-----------------------------------------------------------+ -| BIOS settings | - Hyper-Threading technology enabled | -| | - Virtualization technology enabled | -| | - VT for directed I/O enabled | -| | - CPU power and performance policy set to performance | -| | - CPU C state control disabled | -| | - Plug & play BMC detection disabled | -+-------------------------+-----------------------------------------------------------+ - --------------------------- -Prepare bare metal servers --------------------------- - -.. include:: prep_servers.txt \ No newline at end of file diff --git a/doc/source/deploy_install_guides/r2_release/bare_metal/aio_duplex_install_kubernetes.rst b/doc/source/deploy_install_guides/r2_release/bare_metal/aio_duplex_install_kubernetes.rst deleted file mode 100644 index c4f0f2bc6..000000000 --- a/doc/source/deploy_install_guides/r2_release/bare_metal/aio_duplex_install_kubernetes.rst +++ /dev/null @@ -1,435 +0,0 @@ -================================================= -Install StarlingX Kubernetes on Bare Metal AIO-DX -================================================= - -This section describes the steps to install the StarlingX Kubernetes platform -on a **StarlingX R2.0 bare metal All-in-one Duplex** deployment configuration. - -.. contents:: - :local: - :depth: 1 - ---------------------- -Create a bootable USB ---------------------- - -Refer to :doc:`/deploy_install_guides/bootable_usb` for instructions on how to -create a bootable USB with the StarlingX ISO on your system. - --------------------------------- -Install software on controller-0 --------------------------------- - -.. include:: aio_simplex_install_kubernetes.rst - :start-after: incl-install-software-controller-0-aio-simplex-start: - :end-before: incl-install-software-controller-0-aio-simplex-end: - --------------------------------- -Bootstrap system on controller-0 --------------------------------- - -#. Login using the username / password of "sysadmin" / "sysadmin". - When logging in for the first time, you will be forced to change the password. - - :: - - Login: sysadmin - Password: - Changing password for sysadmin. - (current) UNIX Password: sysadmin - New Password: - (repeat) New Password: - -#. Verify and/or configure IP connectivity. - - External connectivity is required to run the Ansible bootstrap playbook. The - StarlingX boot image will DHCP out all interfaces so the server may have - obtained an IP address and have external IP connectivity if a DHCP server is - present in your environment. Verify this using the :command:`ip addr` and - :command:`ping 8.8.8.8` commands. - - Otherwise, manually configure an IP address and default IP route. Use the - PORT, IP-ADDRESS/SUBNET-LENGTH and GATEWAY-IP-ADDRESS applicable to your - deployment environment. - - :: - - sudo ip address add / dev - sudo ip link set up dev - sudo ip route add default via dev - ping 8.8.8.8 - -#. Specify user configuration overrides for the Ansible bootstrap playbook. - - Ansible is used to bootstrap StarlingX on controller-0. Key files for Ansible - configuration are: - - ``/etc/ansible/hosts`` - The default Ansible inventory file. Contains a single host: localhost. - - ``/usr/share/ansible/stx-ansible/playbooks/bootstrap/bootstrap.yml`` - The Ansible bootstrap playbook. - - ``/usr/share/ansible/stx-ansible/playbooks/host_vars/bootstrap/default.yml`` - The default configuration values for the bootstrap playbook. - - sysadmin home directory ($HOME) - The default location where Ansible looks for and imports user - configuration override files for hosts. For example: ``$HOME/.yml``. - - Specify the user configuration override file for the Ansible bootstrap - playbook using one of the following methods: - - #. Use a copy of the default.yml file listed above to provide your overrides. - - The default.yml file lists all available parameters for bootstrap - configuration with a brief description for each parameter in the file comments. - - To use this method, copy the default.yml file listed above to - ``$HOME/localhost.yml`` and edit the configurable values as desired. - - #. Create a minimal user configuration override file. - - To use this method, create your override file at ``$HOME/localhost.yml`` - and provide the minimum required parameters for the deployment configuration - as shown in the example below. Use the OAM IP SUBNET and IP ADDRESSing - applicable to your deployment environment. - - :: - - cd ~ - cat < localhost.yml - system_mode: duplex - - dns_servers: - - 8.8.8.8 - - 8.8.4.4 - - external_oam_subnet: / - external_oam_gateway_address: - external_oam_floating_address: - external_oam_node_0_address: - external_oam_node_1_address: - - admin_username: admin - admin_password: - ansible_become_pass: - EOF - - Refer to :doc:`/deploy_install_guides/r2_release/ansible_bootstrap_configs` - for information on additional Ansible bootstrap configurations for advanced - Ansible bootstrap scenarios. - -#. Run the Ansible bootstrap playbook: - - :: - - ansible-playbook /usr/share/ansible/stx-ansible/playbooks/bootstrap/bootstrap.yml - - Wait for Ansible bootstrap playbook to complete. - This can take 5-10 minutes, depending on the performance of the host machine. - ----------------------- -Configure controller-0 ----------------------- - -#. Acquire admin credentials: - - :: - - source /etc/platform/openrc - -#. Configure the OAM and MGMT interfaces of controller-0 and specify the - attached networks. Use the OAM and MGMT port names, for example eth0, that are - applicable to your deployment environment. - - :: - - OAM_IF= - MGMT_IF= - system host-if-modify controller-0 lo -c none - IFNET_UUIDS=$(system interface-network-list controller-0 | awk '{if ($6=="lo") print $4;}') - for UUID in $IFNET_UUIDS; do - system interface-network-remove ${UUID} - done - system host-if-modify controller-0 $OAM_IF -c platform - system interface-network-assign controller-0 $OAM_IF oam - system host-if-modify controller-0 $MGMT_IF -c platform - system interface-network-assign controller-0 $MGMT_IF mgmt - system interface-network-assign controller-0 $MGMT_IF cluster-host - -#. Configure NTP Servers for network time synchronization: - - :: - - system ntp-modify ntpservers=0.pool.ntp.org,1.pool.ntp.org - -#. Configure data interfaces for controller-0. Use the DATA port names, for example - eth0, applicable to your deployment environment. - - .. important:: - - This step is **required** for OpenStack. - - This step is optional for Kubernetes: Do this step if using SRIOV network - attachments in hosted application containers. - - For Kubernetes SRIOV network attachments: - - * Configure the SRIOV device plugin - - :: - - system host-label-assign controller-0 sriovdp=enabled - - * If planning on running DPDK in containers on this host, configure the number - of 1G Huge pages required on both NUMA nodes. - - :: - - system host-memory-modify controller-0 0 -1G 100 - system host-memory-modify controller-0 1 -1G 100 - - For both Kubernetes and OpenStack: - - :: - - DATA0IF= - DATA1IF= - export COMPUTE=controller-0 - PHYSNET0='physnet0' - PHYSNET1='physnet1' - SPL=/tmp/tmp-system-port-list - SPIL=/tmp/tmp-system-host-if-list - system host-port-list ${COMPUTE} --nowrap > ${SPL} - system host-if-list -a ${COMPUTE} --nowrap > ${SPIL} - DATA0PCIADDR=$(cat $SPL | grep $DATA0IF |awk '{print $8}') - DATA1PCIADDR=$(cat $SPL | grep $DATA1IF |awk '{print $8}') - DATA0PORTUUID=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $2}') - DATA1PORTUUID=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $2}') - DATA0PORTNAME=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $4}') - DATA1PORTNAME=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $4}') - DATA0IFUUID=$(cat $SPIL | awk -v DATA0PORTNAME=$DATA0PORTNAME '($12 ~ DATA0PORTNAME) {print $2}') - DATA1IFUUID=$(cat $SPIL | awk -v DATA1PORTNAME=$DATA1PORTNAME '($12 ~ DATA1PORTNAME) {print $2}') - - system datanetwork-add ${PHYSNET0} vlan - system datanetwork-add ${PHYSNET1} vlan - - system host-if-modify -m 1500 -n data0 -c data ${COMPUTE} ${DATA0IFUUID} - system host-if-modify -m 1500 -n data1 -c data ${COMPUTE} ${DATA1IFUUID} - system interface-datanetwork-assign ${COMPUTE} ${DATA0IFUUID} ${PHYSNET0} - system interface-datanetwork-assign ${COMPUTE} ${DATA1IFUUID} ${PHYSNET1} - -#. Add an OSD on controller-0 for Ceph. The following example adds an OSD - to the `sdb` disk: - - :: - - echo ">>> Add OSDs to primary tier" - system host-disk-list controller-0 - system host-disk-list controller-0 | awk '/\/dev\/sdb/{print $2}' | xargs -i system host-stor-add controller-0 {} - system host-stor-list controller-0 - -************************************* -OpenStack-specific host configuration -************************************* - -.. include:: aio_simplex_install_kubernetes.rst - :start-after: incl-config-controller-0-openstack-specific-aio-simplex-start: - :end-before: incl-config-controller-0-openstack-specific-aio-simplex-end: - -------------------- -Unlock controller-0 -------------------- - -.. include:: aio_simplex_install_kubernetes.rst - :start-after: incl-unlock-controller-0-aio-simplex-start: - :end-before: incl-unlock-controller-0-aio-simplex-end: - -------------------------------------- -Install software on controller-1 node -------------------------------------- - -#. Power on the controller-1 server and force it to network boot with the - appropriate BIOS boot options for your particular server. - -#. As controller-1 boots, a message appears on its console instructing you to - configure the personality of the node. - -#. On the console of controller-0, list hosts to see newly discovered controller-1 - host (hostname=None): - - :: - - system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | None | None | locked | disabled | offline | - +----+--------------+-------------+----------------+-------------+--------------+ - -#. Using the host id, set the personality of this host to 'controller': - - :: - - system host-update 2 personality=controller - -#. Wait for the software installation on controller-1 to complete, for controller-1 to - reboot, and for controller-1 to show as locked/disabled/online in 'system host-list'. - - This can take 5-10 minutes, depending on the performance of the host machine. - - :: - - system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-1 | controller | locked | disabled | online | - +----+--------------+-------------+----------------+-------------+--------------+ - ----------------------- -Configure controller-1 ----------------------- - -#. Configure the OAM and MGMT interfaces of controller-1 and specify the - attached networks. Use the OAM and MGMT port names, for example eth0, that are - applicable to your deployment environment: - - (Note that the MGMT interface is partially set up automatically by the network - install procedure.) - - :: - - OAM_IF= - MGMT_IF= - system host-if-modify controller-1 $OAM_IF -c platform - system interface-network-assign controller-1 $OAM_IF oam - system interface-network-assign controller-1 mgmt0 cluster-host - -#. Configure data interfaces for controller-1. Use the DATA port names, for example - eth0, applicable to your deployment environment. - - .. important:: - - This step is **required** for OpenStack. - - This step is optional for Kubernetes: Do this step if using SRIOV network - attachments in hosted application containers. - - For Kubernetes SRIOV network attachments: - - * Configure the SRIOV device plugin: - - :: - - system host-label-assign controller-1 sriovdp=enabled - - * If planning on running DPDK in containers on this host, configure the number - of 1G Huge pages required on both NUMA nodes: - - :: - - system host-memory-modify controller-1 0 -1G 100 - system host-memory-modify controller-1 1 -1G 100 - - - For both Kubernetes and OpenStack: - - :: - - DATA0IF= - DATA1IF= - export COMPUTE=controller-1 - PHYSNET0='physnet0' - PHYSNET1='physnet1' - SPL=/tmp/tmp-system-port-list - SPIL=/tmp/tmp-system-host-if-list - system host-port-list ${COMPUTE} --nowrap > ${SPL} - system host-if-list -a ${COMPUTE} --nowrap > ${SPIL} - DATA0PCIADDR=$(cat $SPL | grep $DATA0IF |awk '{print $8}') - DATA1PCIADDR=$(cat $SPL | grep $DATA1IF |awk '{print $8}') - DATA0PORTUUID=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $2}') - DATA1PORTUUID=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $2}') - DATA0PORTNAME=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $4}') - DATA1PORTNAME=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $4}') - DATA0IFUUID=$(cat $SPIL | awk -v DATA0PORTNAME=$DATA0PORTNAME '($12 ~ DATA0PORTNAME) {print $2}') - DATA1IFUUID=$(cat $SPIL | awk -v DATA1PORTNAME=$DATA1PORTNAME '($12 ~ DATA1PORTNAME) {print $2}') - - system datanetwork-add ${PHYSNET0} vlan - system datanetwork-add ${PHYSNET1} vlan - - system host-if-modify -m 1500 -n data0 -c data ${COMPUTE} ${DATA0IFUUID} - system host-if-modify -m 1500 -n data1 -c data ${COMPUTE} ${DATA1IFUUID} - system interface-datanetwork-assign ${COMPUTE} ${DATA0IFUUID} ${PHYSNET0} - system interface-datanetwork-assign ${COMPUTE} ${DATA1IFUUID} ${PHYSNET1} - -#. Add an OSD on controller-1 for Ceph: - - :: - - echo ">>> Add OSDs to primary tier" - system host-disk-list controller-1 - system host-disk-list controller-1 | awk '/\/dev\/sdb/{print $2}' | xargs -i system host-stor-add controller-1 {} - system host-stor-list controller-1 - -************************************* -OpenStack-specific host configuration -************************************* - -.. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - -#. **For OpenStack only:** Assign OpenStack host labels to controller-1 in - support of installing the stx-openstack manifest and helm-charts later. - - :: - - system host-label-assign controller-1 openstack-control-plane=enabled - system host-label-assign controller-1 openstack-compute-node=enabled - system host-label-assign controller-1 openvswitch=enabled - system host-label-assign controller-1 sriov=enabled - -#. **For OpenStack only:** Set up disk partition for nova-local volume group, - which is needed for stx-openstack nova ephemeral disks. - - :: - - export COMPUTE=controller-1 - - echo ">>> Getting root disk info" - ROOT_DISK=$(system host-show ${COMPUTE} | grep rootfs | awk '{print $4}') - ROOT_DISK_UUID=$(system host-disk-list ${COMPUTE} --nowrap | grep ${ROOT_DISK} | awk '{print $2}') - echo "Root disk: $ROOT_DISK, UUID: $ROOT_DISK_UUID" - - echo ">>>> Configuring nova-local" - NOVA_SIZE=34 - NOVA_PARTITION=$(system host-disk-partition-add -t lvm_phys_vol ${COMPUTE} ${ROOT_DISK_UUID} ${NOVA_SIZE}) - NOVA_PARTITION_UUID=$(echo ${NOVA_PARTITION} | grep -ow "| uuid | [a-z0-9\-]* |" | awk '{print $4}') - system host-lvg-add ${COMPUTE} nova-local - system host-pv-add ${COMPUTE} nova-local ${NOVA_PARTITION_UUID} - sleep 2 - -------------------- -Unlock controller-1 -------------------- - -Unlock controller-1 in order to bring it into service: - -:: - - system host-unlock controller-1 - -Controller-1 will reboot in order to apply configuration changes and come into -service. This can take 5-10 minutes, depending on the performance of the host -machine. - ----------- -Next steps ----------- - -.. include:: ../kubernetes_install_next.txt diff --git a/doc/source/deploy_install_guides/r2_release/bare_metal/aio_simplex.rst b/doc/source/deploy_install_guides/r2_release/bare_metal/aio_simplex.rst deleted file mode 100644 index 6f8dbdb54..000000000 --- a/doc/source/deploy_install_guides/r2_release/bare_metal/aio_simplex.rst +++ /dev/null @@ -1,21 +0,0 @@ -=============================================== -Bare metal All-in-one Simplex Installation R2.0 -=============================================== - --------- -Overview --------- - -.. include:: ../desc_aio_simplex.txt - -.. include:: ../ipv6_note.txt - ------------- -Installation ------------- - -.. toctree:: - :maxdepth: 1 - - aio_simplex_hardware - aio_simplex_install_kubernetes diff --git a/doc/source/deploy_install_guides/r2_release/bare_metal/aio_simplex_hardware.rst b/doc/source/deploy_install_guides/r2_release/bare_metal/aio_simplex_hardware.rst deleted file mode 100644 index ede69cd8c..000000000 --- a/doc/source/deploy_install_guides/r2_release/bare_metal/aio_simplex_hardware.rst +++ /dev/null @@ -1,58 +0,0 @@ -===================== -Hardware Requirements -===================== - -This section describes the hardware requirements and server preparation for a -**StarlingX R2.0 bare metal All-in-one Simplex** deployment configuration. - -.. contents:: - :local: - :depth: 1 - ------------------------------ -Minimum hardware requirements ------------------------------ - -The recommended minimum hardware requirements for bare metal servers for various -host types are: - -+-------------------------+-----------------------------------------------------------+ -| Minimum Requirement | All-in-one Controller Node | -+=========================+===========================================================+ -| Number of servers | 1 | -+-------------------------+-----------------------------------------------------------+ -| Minimum processor class | - Dual-CPU Intel® Xeon® E5 26xx family (SandyBridge) | -| | 8 cores/socket | -| | | -| | or | -| | | -| | - Single-CPU Intel® Xeon® D-15xx family, 8 cores | -| | (low-power/low-cost option) | -+-------------------------+-----------------------------------------------------------+ -| Minimum memory | 64 GB | -+-------------------------+-----------------------------------------------------------+ -| Primary disk | 500 GB SSD or NVMe (see :doc:`../../nvme_config`) | -+-------------------------+-----------------------------------------------------------+ -| Additional disks | - 1 or more 500 GB (min. 10K RPM) for Ceph OSD | -| | - Recommended, but not required: 1 or more SSDs or NVMe | -| | drives for Ceph journals (min. 1024 MiB per OSD | -| | journal) | -| | - For OpenStack, recommend 1 or more 500 GB (min. 10K | -| | RPM) for VM local ephemeral storage | -+-------------------------+-----------------------------------------------------------+ -| Minimum network ports | - OAM: 1x1GE | -| | - Data: 1 or more x 10GE | -+-------------------------+-----------------------------------------------------------+ -| BIOS settings | - Hyper-Threading technology enabled | -| | - Virtualization technology enabled | -| | - VT for directed I/O enabled | -| | - CPU power and performance policy set to performance | -| | - CPU C state control disabled | -| | - Plug & play BMC detection disabled | -+-------------------------+-----------------------------------------------------------+ - --------------------------- -Prepare bare metal servers --------------------------- - -.. include:: prep_servers.txt \ No newline at end of file diff --git a/doc/source/deploy_install_guides/r2_release/bare_metal/aio_simplex_install_kubernetes.rst b/doc/source/deploy_install_guides/r2_release/bare_metal/aio_simplex_install_kubernetes.rst deleted file mode 100644 index 80ed575e0..000000000 --- a/doc/source/deploy_install_guides/r2_release/bare_metal/aio_simplex_install_kubernetes.rst +++ /dev/null @@ -1,347 +0,0 @@ -================================================= -Install StarlingX Kubernetes on Bare Metal AIO-SX -================================================= - -This section describes the steps to install the StarlingX Kubernetes platform -on a **StarlingX R2.0 bare metal All-in-one Simplex** deployment configuration. - -.. contents:: - :local: - :depth: 1 - ---------------------- -Create a bootable USB ---------------------- - -Refer to :doc:`/deploy_install_guides/bootable_usb` for instructions on how to -create a bootable USB with the StarlingX ISO on your system. - --------------------------------- -Install software on controller-0 --------------------------------- - -.. incl-install-software-controller-0-aio-simplex-start: - -#. Insert the bootable USB into a bootable USB port on the host you are - configuring as controller-0. - -#. Power on the host. - -#. Attach to a console, ensure the host boots from the USB, and wait for the - StarlingX Installer Menus. - -#. Make the following menu selections in the installer: - - #. First menu: Select 'All-in-one Controller Configuration' - #. Second menu: Select 'Graphical Console' or 'Textual Console' depending on - your terminal access to the console port - #. Third menu: Select 'Standard Security Profile' - -#. Wait for non-interactive install of software to complete and server to reboot. - This can take 5-10 minutes, depending on the performance of the server. - -.. incl-install-software-controller-0-aio-simplex-end: - --------------------------------- -Bootstrap system on controller-0 --------------------------------- - -#. Login using the username / password of "sysadmin" / "sysadmin". - When logging in for the first time, you will be forced to change the password. - - :: - - Login: sysadmin - Password: - Changing password for sysadmin. - (current) UNIX Password: sysadmin - New Password: - (repeat) New Password: - -#. Verify and/or configure IP connectivity. - - External connectivity is required to run the Ansible bootstrap playbook. The - StarlingX boot image will DHCP out all interfaces so the server may have - obtained an IP address and have external IP connectivity if a DHCP server is - present in your environment. Verify this using the :command:`ip addr` and - :command:`ping 8.8.8.8` commands. - - Otherwise, manually configure an IP address and default IP route. Use the - PORT, IP-ADDRESS/SUBNET-LENGTH and GATEWAY-IP-ADDRESS applicable to your - deployment environment. - - :: - - sudo ip address add / dev - sudo ip link set up dev - sudo ip route add default via dev - ping 8.8.8.8 - -#. Specify user configuration overrides for the Ansible bootstrap playbook. - - Ansible is used to bootstrap StarlingX on controller-0. Key files for Ansible - configuration are: - - ``/etc/ansible/hosts`` - The default Ansible inventory file. Contains a single host: localhost. - - ``/usr/share/ansible/stx-ansible/playbooks/bootstrap/bootstrap.yml`` - The Ansible bootstrap playbook. - - ``/usr/share/ansible/stx-ansible/playbooks/host_vars/bootstrap/default.yml`` - The default configuration values for the bootstrap playbook. - - sysadmin home directory ($HOME) - The default location where Ansible looks for and imports user - configuration override files for hosts. For example: ``$HOME/.yml``. - - Specify the user configuration override file for the Ansible bootstrap - playbook using one of the following methods: - - #. Use a copy of the default.yml file listed above to provide your overrides. - - The default.yml file lists all available parameters for bootstrap - configuration with a brief description for each parameter in the file comments. - - To use this method, copy the default.yml file listed above to - ``$HOME/localhost.yml`` and edit the configurable values as desired. - - #. Create a minimal user configuration override file. - - To use this method, create your override file at ``$HOME/localhost.yml`` - and provide the minimum required parameters for the deployment configuration - as shown in the example below. Use the OAM IP SUBNET and IP ADDRESSing - applicable to your deployment environment. - - :: - - cd ~ - cat < localhost.yml - system_mode: simplex - - dns_servers: - - 8.8.8.8 - - 8.8.4.4 - - external_oam_subnet: / - external_oam_gateway_address: - external_oam_floating_address: - - admin_username: admin - admin_password: - ansible_become_pass: - EOF - - Refer to :doc:`/deploy_install_guides/r2_release/ansible_bootstrap_configs` - for information on additional Ansible bootstrap configurations for advanced - Ansible bootstrap scenarios. - -#. Run the Ansible bootstrap playbook: - - :: - - ansible-playbook /usr/share/ansible/stx-ansible/playbooks/bootstrap/bootstrap.yml - - Wait for Ansible bootstrap playbook to complete. - This can take 5-10 minutes, depending on the performance of the host machine. - ----------------------- -Configure controller-0 ----------------------- - -#. Acquire admin credentials: - - :: - - source /etc/platform/openrc - -#. Configure the OAM interface of controller-0 and specify the attached network - as "oam". Use the OAM port name, for example eth0, that is applicable to your - deployment environment: - - :: - - OAM_IF= - system host-if-modify controller-0 $OAM_IF -c platform - system interface-network-assign controller-0 $OAM_IF oam - -#. Configure NTP Servers for network time synchronization: - - :: - - system ntp-modify ntpservers=0.pool.ntp.org,1.pool.ntp.org - -#. Configure data interfaces for controller-0. Use the DATA port names, for example - eth0, applicable to your deployment environment. - - .. important:: - - This step is **required** for OpenStack. - - This step is optional for Kubernetes: Do this step if using SRIOV network - attachments in hosted application containers. - - For Kubernetes SRIOV network attachments: - - * Configure the SRIOV device plugin - - :: - - system host-label-assign controller-0 sriovdp=enabled - - * If planning on running DPDK in containers on this host, configure the number - of 1G Huge pages required on both NUMA nodes. - - :: - - system host-memory-modify controller-0 0 -1G 100 - system host-memory-modify controller-0 1 -1G 100 - - For both Kubernetes and OpenStack: - - :: - - DATA0IF= - DATA1IF= - export COMPUTE=controller-0 - PHYSNET0='physnet0' - PHYSNET1='physnet1' - SPL=/tmp/tmp-system-port-list - SPIL=/tmp/tmp-system-host-if-list - system host-port-list ${COMPUTE} --nowrap > ${SPL} - system host-if-list -a ${COMPUTE} --nowrap > ${SPIL} - DATA0PCIADDR=$(cat $SPL | grep $DATA0IF |awk '{print $8}') - DATA1PCIADDR=$(cat $SPL | grep $DATA1IF |awk '{print $8}') - DATA0PORTUUID=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $2}') - DATA1PORTUUID=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $2}') - DATA0PORTNAME=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $4}') - DATA1PORTNAME=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $4}') - DATA0IFUUID=$(cat $SPIL | awk -v DATA0PORTNAME=$DATA0PORTNAME '($12 ~ DATA0PORTNAME) {print $2}') - DATA1IFUUID=$(cat $SPIL | awk -v DATA1PORTNAME=$DATA1PORTNAME '($12 ~ DATA1PORTNAME) {print $2}') - - system datanetwork-add ${PHYSNET0} vlan - system datanetwork-add ${PHYSNET1} vlan - - system host-if-modify -m 1500 -n data0 -c data ${COMPUTE} ${DATA0IFUUID} - system host-if-modify -m 1500 -n data1 -c data ${COMPUTE} ${DATA1IFUUID} - system interface-datanetwork-assign ${COMPUTE} ${DATA0IFUUID} ${PHYSNET0} - system interface-datanetwork-assign ${COMPUTE} ${DATA1IFUUID} ${PHYSNET1} - -#. Add an OSD on controller-0 for Ceph. The following example adds an OSD - to the `sdb` disk: - - :: - - echo ">>> Add OSDs to primary tier" - system host-disk-list controller-0 - system host-disk-list controller-0 | awk '/\/dev\/sdb/{print $2}' | xargs -i system host-stor-add controller-0 {} - system host-stor-list controller-0 - -************************************* -OpenStack-specific host configuration -************************************* - -.. incl-config-controller-0-openstack-specific-aio-simplex-start: - -.. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - -#. **For OpenStack only:** Assign OpenStack host labels to controller-0 in - support of installing the stx-openstack manifest and helm-charts later. - - :: - - system host-label-assign controller-0 openstack-control-plane=enabled - system host-label-assign controller-0 openstack-compute-node=enabled - system host-label-assign controller-0 openvswitch=enabled - system host-label-assign controller-0 sriov=enabled - -#. **For OpenStack only:** Configure the system setting for the vSwitch. - - StarlingX has OVS (kernel-based) vSwitch configured as default: - - * Runs in a container; defined within the helm charts of stx-openstack - manifest. - * Shares the core(s) assigned to the platform. - - If you require better performance, OVS-DPDK should be used: - - * Runs directly on the host (it is not containerized). - * Requires that at least 1 core be assigned/dedicated to the vSwitch function. - - To deploy the default containerized OVS: - - :: - - system modify --vswitch_type none - - Do not run any vSwitch directly on the host, instead, use the containerized - OVS defined in the helm charts of stx-openstack manifest. - - To deploy OVS-DPDK (OVS with the Data Plane Development Kit, which is - supported only on bare metal hardware), run the following command: - - :: - - system modify --vswitch_type ovs-dpdk - system host-cpu-modify -f vswitch -p0 1 controller-0 - - Once vswitch_type is set to OVS-DPDK, any subsequent nodes created will - default to automatically assigning 1 vSwitch core for AIO controllers and 2 - vSwitch cores for computes. - - When using OVS-DPDK, virtual machines must be configured to use a flavor with - property: hw:mem_page_size=large - - .. note:: - - After controller-0 is unlocked, changing vswitch_type requires - locking and unlocking all computes (and/or AIO Controllers) to - apply the change. - -#. **For OpenStack only:** Set up disk partition for nova-local volume group, - which is needed for stx-openstack nova ephemeral disks. - - :: - - export COMPUTE=controller-0 - - echo ">>> Getting root disk info" - ROOT_DISK=$(system host-show ${COMPUTE} | grep rootfs | awk '{print $4}') - ROOT_DISK_UUID=$(system host-disk-list ${COMPUTE} --nowrap | grep ${ROOT_DISK} | awk '{print $2}') - echo "Root disk: $ROOT_DISK, UUID: $ROOT_DISK_UUID" - - echo ">>>> Configuring nova-local" - NOVA_SIZE=34 - NOVA_PARTITION=$(system host-disk-partition-add -t lvm_phys_vol ${COMPUTE} ${ROOT_DISK_UUID} ${NOVA_SIZE}) - NOVA_PARTITION_UUID=$(echo ${NOVA_PARTITION} | grep -ow "| uuid | [a-z0-9\-]* |" | awk '{print $4}') - system host-lvg-add ${COMPUTE} nova-local - system host-pv-add ${COMPUTE} nova-local ${NOVA_PARTITION_UUID} - sleep 2 - -.. incl-config-controller-0-openstack-specific-aio-simplex-end: - -------------------- -Unlock controller-0 -------------------- - -.. incl-unlock-controller-0-aio-simplex-start: - -Unlock controller-0 in order to bring it into service: - -:: - - system host-unlock controller-0 - -Controller-0 will reboot in order to apply configuration changes and come into -service. This can take 5-10 minutes, depending on the performance of the host machine. - -.. incl-unlock-controller-0-aio-simplex-end: - ----------- -Next steps ----------- - -.. include:: ../kubernetes_install_next.txt diff --git a/doc/source/deploy_install_guides/r2_release/bare_metal/controller_storage.rst b/doc/source/deploy_install_guides/r2_release/bare_metal/controller_storage.rst deleted file mode 100644 index a73dc5e7c..000000000 --- a/doc/source/deploy_install_guides/r2_release/bare_metal/controller_storage.rst +++ /dev/null @@ -1,22 +0,0 @@ -============================================================= -Bare metal Standard with Controller Storage Installation R2.0 -============================================================= - --------- -Overview --------- - -.. include:: ../desc_controller_storage.txt - -.. include:: ../ipv6_note.txt - - ------------- -Installation ------------- - -.. toctree:: - :maxdepth: 1 - - controller_storage_hardware - controller_storage_install_kubernetes diff --git a/doc/source/deploy_install_guides/r2_release/bare_metal/controller_storage_hardware.rst b/doc/source/deploy_install_guides/r2_release/bare_metal/controller_storage_hardware.rst deleted file mode 100644 index e326e0df7..000000000 --- a/doc/source/deploy_install_guides/r2_release/bare_metal/controller_storage_hardware.rst +++ /dev/null @@ -1,56 +0,0 @@ -===================== -Hardware Requirements -===================== - -This section describes the hardware requirements and server preparation for a -**StarlingX R2.0 bare metal Standard with Controller Storage** deployment -configuration. - -.. contents:: - :local: - :depth: 1 - ------------------------------ -Minimum hardware requirements ------------------------------ - -The recommended minimum hardware requirements for bare metal servers for various -host types are: - -+-------------------------+-----------------------------+-----------------------------+ -| Minimum Requirement | Controller Node | Compute Node | -+=========================+=============================+=============================+ -| Number of servers | 2 | 2-10 | -+-------------------------+-----------------------------+-----------------------------+ -| Minimum processor class | - Dual-CPU Intel® Xeon® E5 26xx family (SandyBridge) | -| | 8 cores/socket | -+-------------------------+-----------------------------+-----------------------------+ -| Minimum memory | 64 GB | 32 GB | -+-------------------------+-----------------------------+-----------------------------+ -| Primary disk | 500 GB SSD or NVMe (see | 120 GB (Minimum 10k RPM) | -| | :doc:`../../nvme_config`) | | -+-------------------------+-----------------------------+-----------------------------+ -| Additional disks | - 1 or more 500 GB (min. | - For OpenStack, recommend | -| | 10K RPM) for Ceph OSD | 1 or more 500 GB (min. | -| | - Recommended, but not | 10K RPM) for VM local | -| | required: 1 or more SSDs | ephemeral storage | -| | or NVMe drives for Ceph | | -| | journals (min. 1024 MiB | | -| | per OSD journal) | | -+-------------------------+-----------------------------+-----------------------------+ -| Minimum network ports | - Mgmt/Cluster: 1x10GE | - Mgmt/Cluster: 1x10GE | -| | - OAM: 1x1GE | - Data: 1 or more x 10GE | -+-------------------------+-----------------------------+-----------------------------+ -| BIOS settings | - Hyper-Threading technology enabled | -| | - Virtualization technology enabled | -| | - VT for directed I/O enabled | -| | - CPU power and performance policy set to performance | -| | - CPU C state control disabled | -| | - Plug & play BMC detection disabled | -+-------------------------+-----------------------------+-----------------------------+ - --------------------------- -Prepare bare metal servers --------------------------- - -.. include:: prep_servers.txt \ No newline at end of file diff --git a/doc/source/deploy_install_guides/r2_release/bare_metal/controller_storage_install_kubernetes.rst b/doc/source/deploy_install_guides/r2_release/bare_metal/controller_storage_install_kubernetes.rst deleted file mode 100644 index 35ed0f6df..000000000 --- a/doc/source/deploy_install_guides/r2_release/bare_metal/controller_storage_install_kubernetes.rst +++ /dev/null @@ -1,586 +0,0 @@ -=========================================================================== -Install StarlingX Kubernetes on Bare Metal Standard with Controller Storage -=========================================================================== - -This section describes the steps to install the StarlingX Kubernetes platform -on a **StarlingX R2.0 bare metal Standard with Controller Storage** deployment -configuration. - -.. contents:: - :local: - :depth: 1 - -------------------- -Create bootable USB -------------------- - -Refer to :doc:`/deploy_install_guides/bootable_usb` for instructions on how to -create a bootable USB with the StarlingX ISO on your system. - --------------------------------- -Install software on controller-0 --------------------------------- - -.. incl-install-software-controller-0-standard-start: - -#. Insert the bootable USB into a bootable USB port on the host you are - configuring as controller-0. - -#. Power on the host. - -#. Attach to a console, ensure the host boots from the USB, and wait for the - StarlingX Installer Menus. - -#. Make the following menu selections in the installer: - - #. First menu: Select 'Standard Controller Configuration' - #. Second menu: Select 'Graphical Console' or 'Textual Console' depending on - your terminal access to the console port - #. Third menu: Select 'Standard Security Profile' - -#. Wait for non-interactive install of software to complete and server to reboot. - This can take 5-10 minutes, depending on the performance of the server. - -.. incl-install-software-controller-0-standard-end: - --------------------------------- -Bootstrap system on controller-0 --------------------------------- - -.. incl-bootstrap-sys-controller-0-standard-start: - -#. Login using the username / password of "sysadmin" / "sysadmin". - - When logging in for the first time, you will be forced to change the password. - - :: - - Login: sysadmin - Password: - Changing password for sysadmin. - (current) UNIX Password: sysadmin - New Password: - (repeat) New Password: - -#. Verify and/or configure IP connectivity. - - External connectivity is required to run the Ansible bootstrap playbook. The - StarlingX boot image will DHCP out all interfaces so the server may have - obtained an IP address and have external IP connectivity if a DHCP server is - present in your environment. Verify this using the :command:`ip addr` and - :command:`ping 8.8.8.8` commands. - - Otherwise, manually configure an IP address and default IP route. Use the - PORT, IP-ADDRESS/SUBNET-LENGTH and GATEWAY-IP-ADDRESS applicable to your - deployment environment. - - :: - - sudo ip address add / dev - sudo ip link set up dev - sudo ip route add default via dev - ping 8.8.8.8 - -#. Specify user configuration overrides for the Ansible bootstrap playbook. - - Ansible is used to bootstrap StarlingX on controller-0. Key files for Ansible - configuration are: - - ``/etc/ansible/hosts`` - The default Ansible inventory file. Contains a single host: localhost. - - ``/usr/share/ansible/stx-ansible/playbooks/bootstrap/bootstrap.yml`` - The Ansible bootstrap playbook. - - ``/usr/share/ansible/stx-ansible/playbooks/host_vars/bootstrap/default.yml`` - The default configuration values for the bootstrap playbook. - - sysadmin home directory ($HOME) - The default location where Ansible looks for and imports user - configuration override files for hosts. For example: ``$HOME/.yml``. - - Specify the user configuration override file for the Ansible bootstrap - playbook using one of the following methods: - - #. Use a copy of the default.yml file listed above to provide your overrides. - - The default.yml file lists all available parameters for bootstrap - configuration with a brief description for each parameter in the file comments. - - To use this method, copy the default.yml file listed above to - ``$HOME/localhost.yml`` and edit the configurable values as desired. - - #. Create a minimal user configuration override file. - - To use this method, create your override file at ``$HOME/localhost.yml`` - and provide the minimum required parameters for the deployment configuration - as shown in the example below. Use the OAM IP SUBNET and IP ADDRESSing - applicable to your deployment environment. - - :: - - cd ~ - cat < localhost.yml - system_mode: duplex - - dns_servers: - - 8.8.8.8 - - 8.8.4.4 - - external_oam_subnet: / - external_oam_gateway_address: - external_oam_floating_address: - external_oam_node_0_address: - external_oam_node_1_address: - - admin_username: admin - admin_password: - ansible_become_pass: - EOF - - Refer to :doc:`/deploy_install_guides/r2_release/ansible_bootstrap_configs` - for information on additional Ansible bootstrap configurations for advanced - Ansible bootstrap scenarios. - -#. Run the Ansible bootstrap playbook: - - :: - - ansible-playbook /usr/share/ansible/stx-ansible/playbooks/bootstrap/bootstrap.yml - - Wait for Ansible bootstrap playbook to complete. - This can take 5-10 minutes, depending on the performance of the host machine. - -.. incl-bootstrap-sys-controller-0-standard-end: - - ----------------------- -Configure controller-0 ----------------------- - -.. incl-config-controller-0-storage-start: - -#. Acquire admin credentials: - - :: - - source /etc/platform/openrc - -#. Configure the OAM and MGMT interfaces of controller-0 and specify the - attached networks. Use the OAM and MGMT port names, for example eth0, that are - applicable to your deployment environment. - - :: - - OAM_IF= - MGMT_IF= - system host-if-modify controller-0 lo -c none - IFNET_UUIDS=$(system interface-network-list controller-0 | awk '{if ($6=="lo") print $4;}') - for UUID in $IFNET_UUIDS; do - system interface-network-remove ${UUID} - done - system host-if-modify controller-0 $OAM_IF -c platform - system interface-network-assign controller-0 $OAM_IF oam - system host-if-modify controller-0 $MGMT_IF -c platform - system interface-network-assign controller-0 $MGMT_IF mgmt - system interface-network-assign controller-0 $MGMT_IF cluster-host - -#. Configure NTP Servers for network time synchronization: - - :: - - system ntp-modify ntpservers=0.pool.ntp.org,1.pool.ntp.org - -************************************* -OpenStack-specific host configuration -************************************* - -.. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - -#. **For OpenStack only:** Assign OpenStack host labels to controller-0 in - support of installing the stx-openstack manifest and helm-charts later. - - :: - - system host-label-assign controller-0 openstack-control-plane=enabled - -#. **For OpenStack only:** Configure the system setting for the vSwitch. - - StarlingX has OVS (kernel-based) vSwitch configured as default: - - * Runs in a container; defined within the helm charts of stx-openstack - manifest. - * Shares the core(s) assigned to the platform. - - If you require better performance, OVS-DPDK should be used: - - * Runs directly on the host (it is not containerized). - * Requires that at least 1 core be assigned/dedicated to the vSwitch function. - - To deploy the default containerized OVS: - - :: - - system modify --vswitch_type none - - Do not run any vSwitch directly on the host, instead, use the containerized - OVS defined in the helm charts of stx-openstack manifest. - - To deploy OVS-DPDK (OVS with the Data Plane Development Kit, which is - supported only on bare metal hardware), run the following command: - - :: - - system modify --vswitch_type ovs-dpdk - system host-cpu-modify -f vswitch -p0 1 controller-0 - - Once vswitch_type is set to OVS-DPDK, any subsequent nodes created will - default to automatically assigning 1 vSwitch core for AIO controllers and 2 - vSwitch cores for computes. - - When using OVS-DPDK, Virtual Machines must be configured to use a flavor with - property: hw:mem_page_size=large. - - .. note:: - - After controller-0 is unlocked, changing vswitch_type requires - locking and unlocking all computes (and/or AIO controllers) to - apply the change. - -.. incl-config-controller-0-storage-end: - -------------------- -Unlock controller-0 -------------------- - -Unlock controller-0 in order to bring it into service: - -:: - - system host-unlock controller-0 - -Controller-0 will reboot in order to apply configuration changes and come into -service. This can take 5-10 minutes, depending on the performance of the host machine. - --------------------------------------------------- -Install software on controller-1 and compute nodes --------------------------------------------------- - -#. Power on the controller-1 server and force it to network boot with the - appropriate BIOS boot options for your particular server. - -#. As controller-1 boots, a message appears on its console instructing you to - configure the personality of the node. - -#. On the console of controller-0, list hosts to see newly discovered controller-1 - host (hostname=None): - - :: - - system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | None | None | locked | disabled | offline | - +----+--------------+-------------+----------------+-------------+--------------+ - -#. Using the host id, set the personality of this host to 'controller': - - :: - - system host-update 2 personality=controller - - This initiates the install of software on controller-1. - This can take 5-10 minutes, depending on the performance of the host machine. - -#. While waiting for the previous step to complete, power on the compute-0 and - compute-1 servers. Set the personality to 'worker' and assign a unique - hostname for each. - - For example, power on compute-0 and wait for the new host (hostname=None) to - be discovered by checking 'system host-list': - - :: - - system host-update 3 personality=worker hostname=compute-0 - - Repeat for compute-1. Power on compute-1 and wait for the new host (hostname=None) to - be discovered by checking 'system host-list': - - :: - - system host-update 4 personality=worker hostname=compute-1 - -#. Wait for the software installation on controller-1, compute-0, and compute-1 to - complete, for all servers to reboot, and for all to show as locked/disabled/online in - 'system host-list'. - - :: - - system host-list - - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-1 | controller | locked | disabled | online | - | 3 | compute-0 | compute | locked | disabled | online | - | 4 | compute-1 | compute | locked | disabled | online | - +----+--------------+-------------+----------------+-------------+--------------+ - ----------------------- -Configure controller-1 ----------------------- - -.. incl-config-controller-1-start: - -Configure the OAM and MGMT interfaces of controller-0 and specify the attached -networks. Use the OAM and MGMT port names, for example eth0, that are applicable -to your deployment environment. - -(Note that the MGMT interface is partially set up automatically by the network -install procedure.) - -:: - - OAM_IF= - MGMT_IF= - system host-if-modify controller-1 $OAM_IF -c platform - system interface-network-assign controller-1 $OAM_IF oam - system interface-network-assign controller-1 $MGMT_IF cluster-host - -************************************* -OpenStack-specific host configuration -************************************* - -.. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - -**For OpenStack only:** Assign OpenStack host labels to controller-1 in support -of installing the stx-openstack manifest and helm-charts later. - -:: - - system host-label-assign controller-1 openstack-control-plane=enabled - -.. incl-config-controller-1-end: - -------------------- -Unlock controller-1 -------------------- - -.. incl-unlock-controller-1-start: - -Unlock controller-1 in order to bring it into service: - -:: - - system host-unlock controller-1 - -Controller-1 will reboot in order to apply configuration changes and come into -service. This can take 5-10 minutes, depending on the performance of the host -machine. - -.. incl-unlock-controller-1-end: - ------------------------ -Configure compute nodes ------------------------ - -#. Add the third Ceph monitor to compute-0: - - (The first two Ceph monitors are automatically assigned to controller-0 and - controller-1.) - - :: - - system ceph-mon-add compute-0 - -#. Wait for the compute node monitor to complete configuration: - - :: - - system ceph-mon-list - +--------------------------------------+-------+--------------+------------+------+ - | uuid | ceph_ | hostname | state | task | - | | mon_g | | | | - | | ib | | | | - +--------------------------------------+-------+--------------+------------+------+ - | 64176b6c-e284-4485-bb2a-115dee215279 | 20 | controller-1 | configured | None | - | a9ca151b-7f2c-4551-8167-035d49e2df8c | 20 | controller-0 | configured | None | - | f76bc385-190c-4d9a-aa0f-107346a9907b | 20 | compute-0 | configured | None | - +--------------------------------------+-------+--------------+------------+------+ - -#. Assign the cluster-host network to the MGMT interface for the compute nodes: - - (Note that the MGMT interfaces are partially set up automatically by the - network install procedure.) - - :: - - for COMPUTE in compute-0 compute-1; do - system interface-network-assign $COMPUTE mgmt0 cluster-host - done - -#. Configure data interfaces for compute nodes. Use the DATA port names, for - example eth0, that are applicable to your deployment environment. - - .. important:: - - This step is **required** for OpenStack. - - This step is optional for Kubernetes: Do this step if using SRIOV network - attachments in hosted application containers. - - For Kubernetes SRIOV network attachments: - - * Configure SRIOV device plug in: - - :: - - for COMPUTE in compute-0 compute-1; do - system host-label-assign ${COMPUTE} sriovdp=enabled - done - - * If planning on running DPDK in containers on this host, configure the number - of 1G Huge pages required on both NUMA nodes: - - :: - - for COMPUTE in compute-0 compute-1; do - system host-memory-modify ${COMPUTE} 0 -1G 100 - system host-memory-modify ${COMPUTE} 1 -1G 100 - done - - For both Kubernetes and OpenStack: - - :: - - DATA0IF= - DATA1IF= - PHYSNET0='physnet0' - PHYSNET1='physnet1' - SPL=/tmp/tmp-system-port-list - SPIL=/tmp/tmp-system-host-if-list - - # configure the datanetworks in sysinv, prior to referencing it - # in the ``system host-if-modify`` command'. - system datanetwork-add ${PHYSNET0} vlan - system datanetwork-add ${PHYSNET1} vlan - - for COMPUTE in compute-0 compute-1; do - echo "Configuring interface for: $COMPUTE" - set -ex - system host-port-list ${COMPUTE} --nowrap > ${SPL} - system host-if-list -a ${COMPUTE} --nowrap > ${SPIL} - DATA0PCIADDR=$(cat $SPL | grep $DATA0IF |awk '{print $8}') - DATA1PCIADDR=$(cat $SPL | grep $DATA1IF |awk '{print $8}') - DATA0PORTUUID=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $2}') - DATA1PORTUUID=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $2}') - DATA0PORTNAME=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $4}') - DATA1PORTNAME=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $4}') - DATA0IFUUID=$(cat $SPIL | awk -v DATA0PORTNAME=$DATA0PORTNAME '($12 ~ DATA0PORTNAME) {print $2}') - DATA1IFUUID=$(cat $SPIL | awk -v DATA1PORTNAME=$DATA1PORTNAME '($12 ~ DATA1PORTNAME) {print $2}') - system host-if-modify -m 1500 -n data0 -c data ${COMPUTE} ${DATA0IFUUID} - system host-if-modify -m 1500 -n data1 -c data ${COMPUTE} ${DATA1IFUUID} - system interface-datanetwork-assign ${COMPUTE} ${DATA0IFUUID} ${PHYSNET0} - system interface-datanetwork-assign ${COMPUTE} ${DATA1IFUUID} ${PHYSNET1} - set +ex - done - -************************************* -OpenStack-specific host configuration -************************************* - -.. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - -#. **For OpenStack only:** Assign OpenStack host labels to the compute nodes in - support of installing the stx-openstack manifest and helm-charts later. - - :: - - for NODE in compute-0 compute-1; do - system host-label-assign $NODE openstack-compute-node=enabled - system host-label-assign $NODE openvswitch=enabled - system host-label-assign $NODE sriov=enabled - done - -#. **For OpenStack only:** Set up disk partition for nova-local volume group, - which is needed for stx-openstack nova ephemeral disks. - - :: - - for COMPUTE in compute-0 compute-1; do - echo "Configuring Nova local for: $COMPUTE" - ROOT_DISK=$(system host-show ${COMPUTE} | grep rootfs | awk '{print $4}') - ROOT_DISK_UUID=$(system host-disk-list ${COMPUTE} --nowrap | grep ${ROOT_DISK} | awk '{print $2}') - PARTITION_SIZE=10 - NOVA_PARTITION=$(system host-disk-partition-add -t lvm_phys_vol ${COMPUTE} ${ROOT_DISK_UUID} ${PARTITION_SIZE}) - NOVA_PARTITION_UUID=$(echo ${NOVA_PARTITION} | grep -ow "| uuid | [a-z0-9\-]* |" | awk '{print $4}') - system host-lvg-add ${COMPUTE} nova-local - system host-pv-add ${COMPUTE} nova-local ${NOVA_PARTITION_UUID} - done - --------------------- -Unlock compute nodes --------------------- - -Unlock compute nodes in order to bring them into service: - -:: - - for COMPUTE in compute-0 compute-1; do - system host-unlock $COMPUTE - done - -The compute nodes will reboot in order to apply configuration changes and come into -service. This can take 5-10 minutes, depending on the performance of the host machine. - ----------------------------- -Add Ceph OSDs to controllers ----------------------------- - -#. Add OSDs to controller-0. The following example adds OSDs to the `sdb` disk: - - :: - - HOST=controller-0 - DISKS=$(system host-disk-list ${HOST}) - TIERS=$(system storage-tier-list ceph_cluster) - OSDs="/dev/sdb" - for OSD in $OSDs; do - system host-stor-add ${HOST} $(echo "$DISKS" | grep "$OSD" | awk '{print $2}') --tier-uuid $(echo "$TIERS" | grep storage | awk '{print $2}') - while true; do system host-stor-list ${HOST} | grep ${OSD} | grep configuring; if [ $? -ne 0 ]; then break; fi; sleep 1; done - done - - system host-stor-list $HOST - -#. Add OSDs to controller-1. The following example adds OSDs to the `sdb` disk: - - :: - - HOST=controller-1 - DISKS=$(system host-disk-list ${HOST}) - TIERS=$(system storage-tier-list ceph_cluster) - OSDs="/dev/sdb" - for OSD in $OSDs; do - system host-stor-add ${HOST} $(echo "$DISKS" | grep "$OSD" | awk '{print $2}') --tier-uuid $(echo "$TIERS" | grep storage | awk '{print $2}') - while true; do system host-stor-list ${HOST} | grep ${OSD} | grep configuring; if [ $? -ne 0 ]; then break; fi; sleep 1; done - done - - system host-stor-list $HOST - ----------- -Next steps ----------- - -.. include:: ../kubernetes_install_next.txt diff --git a/doc/source/deploy_install_guides/r2_release/bare_metal/dedicated_storage.rst b/doc/source/deploy_install_guides/r2_release/bare_metal/dedicated_storage.rst deleted file mode 100644 index 7562ff134..000000000 --- a/doc/source/deploy_install_guides/r2_release/bare_metal/dedicated_storage.rst +++ /dev/null @@ -1,21 +0,0 @@ -============================================================ -Bare metal Standard with Dedicated Storage Installation R2.0 -============================================================ - --------- -Overview --------- - -.. include:: ../desc_dedicated_storage.txt - -.. include:: ../ipv6_note.txt - ------------- -Installation ------------- - -.. toctree:: - :maxdepth: 1 - - dedicated_storage_hardware - dedicated_storage_install_kubernetes diff --git a/doc/source/deploy_install_guides/r2_release/bare_metal/dedicated_storage_hardware.rst b/doc/source/deploy_install_guides/r2_release/bare_metal/dedicated_storage_hardware.rst deleted file mode 100644 index dbb4ccd01..000000000 --- a/doc/source/deploy_install_guides/r2_release/bare_metal/dedicated_storage_hardware.rst +++ /dev/null @@ -1,61 +0,0 @@ -===================== -Hardware Requirements -===================== - -This section describes the hardware requirements and server preparation for a -**StarlingX R2.0 bare metal Standard with Dedicated Storage** deployment -configuration. - -.. contents:: - :local: - :depth: 1 - ------------------------------ -Minimum hardware requirements ------------------------------ - -The recommended minimum hardware requirements for bare metal servers for various -host types are: - -+---------------------+---------------------------+-----------------------+-----------------------+ -| Minimum Requirement | Controller Node | Storage Node | Compute Node | -+=====================+===========================+=======================+=======================+ -| Number of servers | 2 | 2-9 | 2-100 | -+---------------------+---------------------------+-----------------------+-----------------------+ -| Minimum processor | Dual-CPU Intel® Xeon® E5 26xx family (SandyBridge) 8 cores/socket | -| class | | -+---------------------+---------------------------+-----------------------+-----------------------+ -| Minimum memory | 64 GB | 64 GB | 32 GB | -+---------------------+---------------------------+-----------------------+-----------------------+ -| Primary disk | 500 GB SSD or NVMe ( see | 120 GB (min. 10k RPM) | 120 GB (min. 10k RPM) | -| | :doc:`../../nvme_config`) | | | -+---------------------+---------------------------+-----------------------+-----------------------+ -| Additional disks | None | - 1 or more 500 GB | - For OpenStack, | -| | | (min. 10K RPM) for | recommend 1 or more | -| | | Ceph OSD | 500 GB (min. 10K | -| | | - Recommended, but | RPM) for VM | -| | | not required: 1 or | ephemeral storage | -| | | more SSDs or NVMe | | -| | | drives for Ceph | | -| | | journals (min. 1024 | | -| | | MiB per OSD | | -| | | journal) | | -+---------------------+---------------------------+-----------------------+-----------------------+ -| Minimum network | - Mgmt/Cluster: | - Mgmt/Cluster: | - Mgmt/Cluster: | -| ports | 1x10GE | 1x10GE | 1x10GE | -| | - OAM: 1x1GE | | - Data: 1 or more | -| | | | x 10GE | -+---------------------+---------------------------+-----------------------+-----------------------+ -| BIOS settings | - Hyper-Threading technology enabled | -| | - Virtualization technology enabled | -| | - VT for directed I/O enabled | -| | - CPU power and performance policy set to performance | -| | - CPU C state control disabled | -| | - Plug & play BMC detection disabled | -+---------------------+---------------------------+-----------------------+-----------------------+ - --------------------------- -Prepare bare metal servers --------------------------- - -.. include:: prep_servers.txt \ No newline at end of file diff --git a/doc/source/deploy_install_guides/r2_release/bare_metal/dedicated_storage_install_kubernetes.rst b/doc/source/deploy_install_guides/r2_release/bare_metal/dedicated_storage_install_kubernetes.rst deleted file mode 100644 index e901a545b..000000000 --- a/doc/source/deploy_install_guides/r2_release/bare_metal/dedicated_storage_install_kubernetes.rst +++ /dev/null @@ -1,362 +0,0 @@ -========================================================================== -Install StarlingX Kubernetes on Bare Metal Standard with Dedicated Storage -========================================================================== - -This section describes the steps to install the StarlingX Kubernetes platform -on a **StarlingX R2.0 bare metal Standard with Dedicated Storage** deployment -configuration. - -.. contents:: - :local: - :depth: 1 - -------------------- -Create bootable USB -------------------- - -Refer to :doc:`/deploy_install_guides/bootable_usb` for instructions on how to -create a bootable USB with the StarlingX ISO on your system. - --------------------------------- -Install software on controller-0 --------------------------------- - -.. include:: controller_storage_install_kubernetes.rst - :start-after: incl-install-software-controller-0-standard-start: - :end-before: incl-install-software-controller-0-standard-end: - --------------------------------- -Bootstrap system on controller-0 --------------------------------- - -.. include:: controller_storage_install_kubernetes.rst - :start-after: incl-bootstrap-sys-controller-0-standard-start: - :end-before: incl-bootstrap-sys-controller-0-standard-end: - ----------------------- -Configure controller-0 ----------------------- - -.. include:: controller_storage_install_kubernetes.rst - :start-after: incl-config-controller-0-storage-start: - :end-before: incl-config-controller-0-storage-end: - -------------------- -Unlock controller-0 -------------------- - -Unlock controller-0 in order to bring it into service: - -:: - - system host-unlock controller-0 - -Controller-0 will reboot in order to apply configuration changes and come into -service. This can take 5-10 minutes, depending on the performance of the host machine. - ------------------------------------------------------------------- -Install software on controller-1, storage nodes, and compute nodes ------------------------------------------------------------------- - -#. Power on the controller-1 server and force it to network boot with the - appropriate BIOS boot options for your particular server. - -#. As controller-1 boots, a message appears on its console instructing you to - configure the personality of the node. - -#. On the console of controller-0, list hosts to see newly discovered controller-1 - host (hostname=None): - - :: - - system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | None | None | locked | disabled | offline | - +----+--------------+-------------+----------------+-------------+--------------+ - -#. Using the host id, set the personality of this host to 'controller': - - :: - - system host-update 2 personality=controller - - This initiates the install of software on controller-1. - This can take 5-10 minutes, depending on the performance of the host machine. - -#. While waiting for the previous step to complete, power on the storage-0 and - storage-1 servers. Set the personality to 'storage' and assign a unique - hostname for each. - - For example, power on storage-0 and wait for the new host (hostname=None) to - be discovered by checking 'system host-list': - - :: - - system host-update 3 personality=storage - - Repeat for storage-1. Power on storage-1 and wait for the new host - (hostname=None) to be discovered by checking 'system host-list': - - :: - - system host-update 4 personality=storage - - This initiates the software installation on storage-0 and storage-1. - This can take 5-10 minutes, depending on the performance of the host machine. - -#. While waiting for the previous step to complete, power on the compute-0 and - compute-1 servers. Set the personality to 'worker' and assign a unique - hostname for each. - - For example, power on compute-0 and wait for the new host (hostname=None) to - be discovered by checking 'system host-list': - - :: - - system host-update 5 personality=worker hostname=compute-0 - - Repeat for compute-1. Power on compute-1 and wait for the new host - (hostname=None) to be discovered by checking 'system host-list': - - :: - - system host-update 6 personality=worker hostname=compute-1 - - This initiates the install of software on compute-0 and compute-1. - -#. Wait for the software installation on controller-1, storage-0, storage-1, - compute-0, and compute-1 to complete, for all servers to reboot, and for all to - show as locked/disabled/online in 'system host-list'. - - :: - - system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-1 | controller | locked | disabled | online | - | 3 | storage-0 | storage | locked | disabled | online | - | 4 | storage-1 | storage | locked | disabled | online | - | 5 | compute-0 | compute | locked | disabled | online | - | 6 | compute-1 | compute | locked | disabled | online | - +----+--------------+-------------+----------------+-------------+--------------+ - ----------------------- -Configure controller-1 ----------------------- - -.. include:: controller_storage_install_kubernetes.rst - :start-after: incl-config-controller-1-start: - :end-before: incl-config-controller-1-end: - -------------------- -Unlock controller-1 -------------------- - -.. include:: controller_storage_install_kubernetes.rst - :start-after: incl-unlock-controller-1-start: - :end-before: incl-unlock-controller-1-end: - ------------------------ -Configure storage nodes ------------------------ - -#. Assign the cluster-host network to the MGMT interface for the storage nodes: - - (Note that the MGMT interfaces are partially set up automatically by the - network install procedure.) - - :: - - for COMPUTE in storage-0 storage-1; do - system interface-network-assign $COMPUTE mgmt0 cluster-host - done - -#. Add OSDs to storage-0. The following example adds OSDs to the `sdb` disk: - - :: - - HOST=storage-0 - DISKS=$(system host-disk-list ${HOST}) - TIERS=$(system storage-tier-list ceph_cluster) - OSDs="/dev/sdb" - for OSD in $OSDs; do - system host-stor-add ${HOST} $(echo "$DISKS" | grep "$OSD" | awk '{print $2}') --tier-uuid $(echo "$TIERS" | grep storage | awk '{print $2}') - while true; do system host-stor-list ${HOST} | grep ${OSD} | grep configuring; if [ $? -ne 0 ]; then break; fi; sleep 1; done - done - - system host-stor-list $HOST - -#. Add OSDs to storage-1. The following example adds OSDs to the `sdb` disk: - - :: - - HOST=storage-1 - DISKS=$(system host-disk-list ${HOST}) - TIERS=$(system storage-tier-list ceph_cluster) - OSDs="/dev/sdb" - for OSD in $OSDs; do - system host-stor-add ${HOST} $(echo "$DISKS" | grep "$OSD" | awk '{print $2}') --tier-uuid $(echo "$TIERS" | grep storage | awk '{print $2}') - while true; do system host-stor-list ${HOST} | grep ${OSD} | grep configuring; if [ $? -ne 0 ]; then break; fi; sleep 1; done - done - - system host-stor-list $HOST - --------------------- -Unlock storage nodes --------------------- - -Unlock storage nodes in order to bring them into service: - -:: - - for STORAGE in storage-0 storage-1; do - system host-unlock $STORAGE - done - -The storage nodes will reboot in order to apply configuration changes and come -into service. This can take 5-10 minutes, depending on the performance of the -host machine. - ------------------------ -Configure compute nodes ------------------------ - -#. Assign the cluster-host network to the MGMT interface for the compute nodes: - - (Note that the MGMT interfaces are partially set up automatically by the - network install procedure.) - - :: - - for COMPUTE in compute-0 compute-1; do - system interface-network-assign $COMPUTE mgmt0 cluster-host - done - -#. Configure data interfaces for compute nodes. Use the DATA port names, for - example eth0, that are applicable to your deployment environment. - - .. important:: - - This step is **required** for OpenStack. - - This step is optional for Kubernetes: Do this step if using SRIOV network - attachments in hosted application containers. - - For Kubernetes SRIOV network attachments: - - * Configure SRIOV device plug in: - - :: - - for COMPUTE in compute-0 compute-1; do - system host-label-assign ${COMPUTE} sriovdp=enabled - done - - * If planning on running DPDK in containers on this host, configure the number - of 1G Huge pages required on both NUMA nodes: - - :: - - for COMPUTE in compute-0 compute-1; do - system host-memory-modify ${COMPUTE} 0 -1G 100 - system host-memory-modify ${COMPUTE} 1 -1G 100 - done - - For both Kubernetes and OpenStack: - - :: - - DATA0IF= - DATA1IF= - PHYSNET0='physnet0' - PHYSNET1='physnet1' - SPL=/tmp/tmp-system-port-list - SPIL=/tmp/tmp-system-host-if-list - - # configure the datanetworks in sysinv, prior to referencing it - # in the ``system host-if-modify`` command'. - system datanetwork-add ${PHYSNET0} vlan - system datanetwork-add ${PHYSNET1} vlan - - for COMPUTE in compute-0 compute-1; do - echo "Configuring interface for: $COMPUTE" - set -ex - system host-port-list ${COMPUTE} --nowrap > ${SPL} - system host-if-list -a ${COMPUTE} --nowrap > ${SPIL} - DATA0PCIADDR=$(cat $SPL | grep $DATA0IF |awk '{print $8}') - DATA1PCIADDR=$(cat $SPL | grep $DATA1IF |awk '{print $8}') - DATA0PORTUUID=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $2}') - DATA1PORTUUID=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $2}') - DATA0PORTNAME=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $4}') - DATA1PORTNAME=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $4}') - DATA0IFUUID=$(cat $SPIL | awk -v DATA0PORTNAME=$DATA0PORTNAME '($12 ~ DATA0PORTNAME) {print $2}') - DATA1IFUUID=$(cat $SPIL | awk -v DATA1PORTNAME=$DATA1PORTNAME '($12 ~ DATA1PORTNAME) {print $2}') - system host-if-modify -m 1500 -n data0 -c data ${COMPUTE} ${DATA0IFUUID} - system host-if-modify -m 1500 -n data1 -c data ${COMPUTE} ${DATA1IFUUID} - system interface-datanetwork-assign ${COMPUTE} ${DATA0IFUUID} ${PHYSNET0} - system interface-datanetwork-assign ${COMPUTE} ${DATA1IFUUID} ${PHYSNET1} - set +ex - done - -************************************* -OpenStack-specific host configuration -************************************* - -.. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - -#. **For OpenStack only:** Assign OpenStack host labels to the compute nodes in - support of installing the stx-openstack manifest and helm-charts later. - - :: - - for NODE in compute-0 compute-1; do - system host-label-assign $NODE openstack-compute-node=enabled - system host-label-assign $NODE openvswitch=enabled - system host-label-assign $NODE sriov=enabled - done - -#. **For OpenStack only:** Set up disk partition for nova-local volume group, - which is needed for stx-openstack nova ephemeral disks. - - :: - - for COMPUTE in compute-0 compute-1; do - echo "Configuring Nova local for: $COMPUTE" - ROOT_DISK=$(system host-show ${COMPUTE} | grep rootfs | awk '{print $4}') - ROOT_DISK_UUID=$(system host-disk-list ${COMPUTE} --nowrap | grep ${ROOT_DISK} | awk '{print $2}') - PARTITION_SIZE=10 - NOVA_PARTITION=$(system host-disk-partition-add -t lvm_phys_vol ${COMPUTE} ${ROOT_DISK_UUID} ${PARTITION_SIZE}) - NOVA_PARTITION_UUID=$(echo ${NOVA_PARTITION} | grep -ow "| uuid | [a-z0-9\-]* |" | awk '{print $4}') - system host-lvg-add ${COMPUTE} nova-local - system host-pv-add ${COMPUTE} nova-local ${NOVA_PARTITION_UUID} - done - --------------------- -Unlock compute nodes --------------------- - -Unlock compute nodes in order to bring them into service: - -:: - - for COMPUTE in compute-0 compute-1; do - system host-unlock $COMPUTE - done - -The compute nodes will reboot in order to apply configuration changes and come -into service. This can take 5-10 minutes, depending on the performance of the -host machine. - ----------- -Next steps ----------- - -.. include:: ../kubernetes_install_next.txt diff --git a/doc/source/deploy_install_guides/r2_release/bare_metal/ironic.rst b/doc/source/deploy_install_guides/r2_release/bare_metal/ironic.rst deleted file mode 100644 index a722163d5..000000000 --- a/doc/source/deploy_install_guides/r2_release/bare_metal/ironic.rst +++ /dev/null @@ -1,66 +0,0 @@ -==================================== -Bare metal Standard with Ironic R2.0 -==================================== - --------- -Overview --------- - -Ironic is an OpenStack project that provisions bare metal machines. For -information about the Ironic project, see -`Ironic Documentation `__. - -End user applications can be deployed on bare metal servers (instead of -virtual machines) by configuring OpenStack Ironic and deploying a pool of 1 or -more bare metal servers. - -.. figure:: ../figures/starlingx-deployment-options-ironic.png - :scale: 90% - :alt: Standard with Ironic deployment configuration - - *Figure 1: Standard with Ironic deployment configuration* - -Bare metal servers must be connected to: - -* IPMI for OpenStack Ironic control -* ironic-provisioning-net tenant network via their untagged physical interface, - which supports PXE booting - -As part of configuring OpenStack Ironic in StarlingX: - -* An ironic-provisioning-net tenant network must be identified as the boot - network for bare metal nodes. -* An additional untagged physical interface must be configured on controller - nodes and connected to the ironic-provisioning-net tenant network. The - OpenStack Ironic tftpboot server will PXE boot the bare metal servers over - this interface. - -.. note:: - - Bare metal servers are NOT: - - * Running any OpenStack / StarlingX software; they are running end user - applications (for example, Glance Images). - * To be connected to the internal management network. - ------------- -Installation ------------- - -StarlingX currently supports only a bare metal installation of Ironic with a -standard configuration, either: - -* :doc:`controller_storage` - -* :doc:`dedicated_storage` - - -This guide assumes that you have a standard deployment installed and configured -with 2x controllers and at least 1x compute node, with the StarlingX OpenStack -application (stx-openstack) applied. - -.. toctree:: - :maxdepth: 1 - - ironic_hardware - ironic_install diff --git a/doc/source/deploy_install_guides/r2_release/bare_metal/ironic_hardware.rst b/doc/source/deploy_install_guides/r2_release/bare_metal/ironic_hardware.rst deleted file mode 100644 index f63500a6e..000000000 --- a/doc/source/deploy_install_guides/r2_release/bare_metal/ironic_hardware.rst +++ /dev/null @@ -1,51 +0,0 @@ -===================== -Hardware Requirements -===================== - -This section describes the hardware requirements and server preparation for a -**StarlingX R2.0 bare metal Ironic** deployment configuration. - -.. contents:: - :local: - :depth: 1 - ------------------------------ -Minimum hardware requirements ------------------------------ - -* One or more bare metal hosts as Ironic nodes as well as tenant instance node. - -* BMC support on bare metal host and controller node connectivity to the BMC IP - address of bare metal hosts. - -For controller nodes: - -* Additional NIC port on both controller nodes for connecting to the - ironic-provisioning-net. - -For compute nodes: - -* If using a flat data network for the Ironic provisioning network, an additional - NIC port on one of the compute nodes is required. - -* Alternatively, use a VLAN data network for the Ironic provisioning network and - simply add the new data network to an existing interface on the compute node. - -* Additional switch ports / configuration for new ports on controller, compute, - and Ironic nodes, for connectivity to the Ironic provisioning network. - ------------------------------------ -BMC configuration of Ironic node(s) ------------------------------------ - -Enable BMC and allocate a static IP, username, and password in the BIOS settings. -For example, set: - -IP address - 10.10.10.126 - -username - root - -password - test123 diff --git a/doc/source/deploy_install_guides/r2_release/bare_metal/ironic_install.rst b/doc/source/deploy_install_guides/r2_release/bare_metal/ironic_install.rst deleted file mode 100644 index 17ce389f2..000000000 --- a/doc/source/deploy_install_guides/r2_release/bare_metal/ironic_install.rst +++ /dev/null @@ -1,392 +0,0 @@ -================================ -Install Ironic on StarlingX R2.0 -================================ - -This section describes the steps to install Ironic on a standard configuration, -either: - -* **StarlingX R2.0 bare metal Standard with Controller Storage** deployment - configuration - -* **StarlingX R2.0 bare metal Standard with Dedicated Storage** deployment - configuration - -.. contents:: - :local: - :depth: 1 - ---------------------- -Enable Ironic service ---------------------- - -This section describes the pre-configuration required to enable the Ironic service. -All the commands in this section are for the StarlingX platform. - -First acquire administrative privileges: - -:: - - source /etc/platform/openrc - -******************************** -Download Ironic deployment image -******************************** - -The Ironic service requires a deployment image (kernel and ramdisk) which is -used to clean Ironic nodes and install the end-user's image. The cleaning done -by the deployment image wipes the disks and tests connectivity to the Ironic -conductor on the controller nodes via the Ironic Python Agent (IPA). - -The Ironic deployment Stein image (**Ironic-kernel** and **Ironic-ramdisk**) -can be found here: - -* `Ironic-kernel coreos_production_pxe-stable-stein.vmlinuz - `__ -* `Ironic-ramdisk coreos_production_pxe_image-oem-stable-stein.cpio.gz - `__ - - -******************************************************* -Configure Ironic network on deployed standard StarlingX -******************************************************* - -#. Add an address pool for the Ironic network. This example uses `ironic-pool`: - - :: - - system addrpool-add --ranges 10.10.20.1-10.10.20.100 ironic-pool 10.10.20.0 24 - -#. Add the Ironic platform network. This example uses `ironic-net`: - - :: - - system addrpool-list | grep ironic-pool | awk '{print$2}' | xargs system network-add ironic-net ironic false - -#. Add the Ironic tenant network. This example uses `ironic-data`: - - .. note:: - - The tenant network is not the same as the platform network described in - the previous step. You can specify any name for the tenant network other - than ‘ironic’. If the name 'ironic' is used, a user override must be - generated to indicate the tenant network name. - - Refer to section `Generate user Helm overrides`_ for details. - - :: - - system datanetwork-add ironic-data flat - -#. Configure the new interfaces (for Ironic) on controller nodes and assign - them to the platform network. Host must be locked. This example uses the - platform network `ironic-net` that was named in a previous step. - - These new interfaces to the controllers are used to connect to the Ironic - provisioning network: - - **controller-0** - - :: - - system interface-network-assign controller-0 enp2s0 ironic-net - system host-if-modify -n ironic -c platform \ - --ipv4-mode static --ipv4-pool ironic-pool controller-0 enp2s0 - - # Apply the OpenStack Ironic node labels - system host-label-assign controller-0 openstack-ironic=enabled - - # Unlock the node to apply changes - system host-unlock controller-0 - - - **controller-1** - - :: - - system interface-network-assign controller-1 enp2s0 ironic-net - system host-if-modify -n ironic -c platform \ - --ipv4-mode static --ipv4-pool ironic-pool controller-1 enp2s0 - - # Apply the OpenStack Ironic node labels - system host-label-assign controller-1 openstack-ironic=enabled - - # Unlock the node to apply changes - system host-unlock controller-1 - -#. Configure the new interface (for Ironic) on one of the compute nodes and - assign it to the Ironic data network. This example uses the data network - `ironic-data` that was named in a previous step. - - :: - - system interface-datanetwork-assign compute-0 eno1 ironic-data - system host-if-modify -n ironicdata -c data compute-0 eno1 - -**************************** -Generate user Helm overrides -**************************** - -Ironic Helm Charts are included in the stx-openstack application. By default, -Ironic is disabled. - -To enable Ironic, update the following Ironic Helm Chart attributes: - -:: - - system helm-override-update stx-openstack ironic openstack \ - --set network.pxe.neutron_subnet_alloc_start=10.10.20.10 \ - --set network.pxe.neutron_subnet_gateway=10.10.20.1 \ - --set network.pxe.neutron_provider_network=ironic-data - -:command:`network.pxe.neutron_subnet_alloc_start` sets the DHCP start IP to -Neutron for Ironic node provision, and reserves several IPs for the platform. - -If the data network name for Ironic is changed, modify -:command:`network.pxe.neutron_provider_network` to the command above: - -:: - - --set network.pxe.neutron_provider_network=ironic-data - -******************************* -Apply stx-openstack application -******************************* - -Re-apply the stx-openstack application to apply the changes to Ironic: - -:: - - system helm-chart-attribute-modify stx-openstack ironic openstack \ - --enabled true - - system application-apply stx-openstack - --------------------- -Start an Ironic node --------------------- - -All the commands in this section are for the OpenStack application with -administrative privileges. - -From a new shell as a root user, without sourcing ``/etc/platform/openrc``: - -:: - - mkdir -p /etc/openstack - - tee /etc/openstack/clouds.yaml << EOF - clouds: - openstack_helm: - region_name: RegionOne - identity_api_version: 3 - endpoint_type: internalURL - auth: - username: 'admin' - password: 'Li69nux*' - project_name: 'admin' - project_domain_name: 'default' - user_domain_name: 'default' - auth_url: 'http://keystone.openstack.svc.cluster.local/v3' - EOF - - export OS_CLOUD=openstack_helm - -******************** -Create Glance images -******************** - -#. Create the **ironic-kernel** image: - - :: - - openstack image create \ - --file ~/coreos_production_pxe-stable-stein.vmlinuz \ - --disk-format aki \ - --container-format aki \ - --public \ - ironic-kernel - -#. Create the **ironic-ramdisk** image: - - :: - - openstack image create \ - --file ~/coreos_production_pxe_image-oem-stable-stein.cpio.gz \ - --disk-format ari \ - --container-format ari \ - --public \ - ironic-ramdisk - -#. Create the end user application image (for example, CentOS): - - :: - - openstack image create \ - --file ~/CentOS-7-x86_64-GenericCloud-root.qcow2 \ - --public --disk-format \ - qcow2 --container-format bare centos - -********************* -Create an Ironic node -********************* - -#. Create a node: - - :: - - openstack baremetal node create --driver ipmi --name ironic-test0 - -#. Add IPMI information: - - :: - - openstack baremetal node set \ - --driver-info ipmi_address=10.10.10.126 \ - --driver-info ipmi_username=root \ - --driver-info ipmi_password=test123 \ - --driver-info ipmi_terminal_port=623 ironic-test0 - -#. Set `ironic-kernel` and `ironic-ramdisk` images driver information, - on this bare metal node: - - :: - - openstack baremetal node set \ - --driver-info deploy_kernel=$(openstack image list | grep ironic-kernel | awk '{print$2}') \ - --driver-info deploy_ramdisk=$(openstack image list | grep ironic-ramdisk | awk '{print$2}') \ - ironic-test0 - -#. Set resource properties on this bare metal node based on actual Ironic node - capacities: - - :: - - openstack baremetal node set \ - --property cpus=4 \ - --property cpu_arch=x86_64\ - --property capabilities="boot_option:local" \ - --property memory_mb=65536 \ - --property local_gb=400 \ - --resource-class bm ironic-test0 - -#. Add pxe_template location: - - :: - - openstack baremetal node set --driver-info \ - pxe_template='/var/lib/openstack/lib64/python2.7/site-packages/ironic/drivers/modules/ipxe_config.template' \ - ironic-test0 - -#. Create a port to identify the specific port used by the Ironic node. - Substitute **a4:bf:01:2b:3b:c8** with the MAC address for the Ironic node - port which connects to the Ironic network: - - :: - - openstack baremetal port create \ - --node $(openstack baremetal node list | grep ironic-test0 | awk '{print$2}') \ - --pxe-enabled true a4:bf:01:2b:3b:c8 - -#. Change node state to `manage`: - - :: - - openstack baremetal node manage ironic-test0 - -#. Make node available for deployment: - - :: - - openstack baremetal node provide ironic-test0 - -#. Wait for ironic-test0 provision-state: available: - - :: - - openstack baremetal node show ironic-test0 - ---------------------------------- -Deploy an instance on Ironic node ---------------------------------- - -All the commands in this section are for the OpenStack application, but this -time with *tenant* specific privileges. - -#. From a new shell as a root user, without sourcing ``/etc/platform/openrc``: - - :: - - mkdir -p /etc/openstack - - tee /etc/openstack/clouds.yaml << EOF - clouds: - openstack_helm: - region_name: RegionOne - identity_api_version: 3 - endpoint_type: internalURL - auth: - username: 'joeuser' - password: 'mypasswrd' - project_name: 'intel' - project_domain_name: 'default' - user_domain_name: 'default' - auth_url: 'http://keystone.openstack.svc.cluster.local/v3' - EOF - - export OS_CLOUD=openstack_helm - -#. Create flavor. - - Set resource CUSTOM_BM corresponding to **--resource-class bm**: - - :: - - openstack flavor create --ram 4096 --vcpus 4 --disk 400 \ - --property resources:CUSTOM_BM=1 \ - --property resources:VCPU=0 \ - --property resources:MEMORY_MB=0 \ - --property resources:DISK_GB=0 \ - --property capabilities:boot_option='local' \ - bm-flavor - - See `Adding scheduling information - `__ - and `Configure Nova flavors - `__ - for more information. - -#. Enable service - - List the compute services: - - :: - - openstack compute service list - - Set compute service properties: - - :: - - openstack compute service set --enable controller-0 nova-compute - -#. Create instance - - .. note:: - - The :command:`keypair create` command is optional. It is not required to - enable a bare metal instance. - - :: - - openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey - - - Create 2 new servers, one bare metal and one virtual: - - :: - - openstack server create --image centos --flavor bm-flavor \ - --network baremetal --key-name mykey bm - - openstack server create --image centos --flavor m1.small \ - --network baremetal --key-name mykey vm diff --git a/doc/source/deploy_install_guides/r2_release/desc_aio_duplex.txt b/doc/source/deploy_install_guides/r2_release/desc_aio_duplex.txt deleted file mode 100644 index 952f5836c..000000000 --- a/doc/source/deploy_install_guides/r2_release/desc_aio_duplex.txt +++ /dev/null @@ -1,23 +0,0 @@ -The All-in-one Duplex (AIO-DX) deployment option provides a pair of high -availability (HA) servers with each server providing all three cloud functions -(controller, compute, and storage). - -An AIO-DX configuration provides the following benefits: - -* Only a small amount of cloud processing and storage power is required -* Application consolidation using multiple virtual machines on a single pair of - physical servers -* High availability (HA) services run on the controller function across two - physical servers in either active/active or active/standby mode -* A storage back end solution using a two-node CEPH deployment across two servers -* Virtual machines scheduled on both compute functions -* Protection against overall server hardware fault, where - - * All controller HA services go active on the remaining healthy server - * All virtual machines are recovered on the remaining healthy server - -.. figure:: ../figures/starlingx-deployment-options-duplex.png - :scale: 50% - :alt: All-in-one Duplex deployment configuration - - *Figure 1: All-in-one Duplex deployment configuration* \ No newline at end of file diff --git a/doc/source/deploy_install_guides/r2_release/desc_aio_simplex.txt b/doc/source/deploy_install_guides/r2_release/desc_aio_simplex.txt deleted file mode 100644 index b3bd342ef..000000000 --- a/doc/source/deploy_install_guides/r2_release/desc_aio_simplex.txt +++ /dev/null @@ -1,18 +0,0 @@ -The All-in-one Simplex (AIO-SX) deployment option provides all three cloud -functions (controller, compute, and storage) on a single server with the -following benefits: - -* Requires only a small amount of cloud processing and storage power -* Application consolidation using multiple virtual machines on a single pair of - physical servers -* A storage backend solution using a single-node CEPH deployment - -.. figure:: ../figures/starlingx-deployment-options-simplex.png - :scale: 50% - :alt: All-in-one Simplex deployment configuration - - *Figure 1: All-in-one Simplex deployment configuration* - -An AIO-SX deployment gives no protection against overall server hardware fault. -Hardware component protection can be enabled with, for example, a hardware RAID -or 2x Port LAG in the deployment. \ No newline at end of file diff --git a/doc/source/deploy_install_guides/r2_release/desc_controller_storage.txt b/doc/source/deploy_install_guides/r2_release/desc_controller_storage.txt deleted file mode 100644 index cf53c35ad..000000000 --- a/doc/source/deploy_install_guides/r2_release/desc_controller_storage.txt +++ /dev/null @@ -1,22 +0,0 @@ -The Standard with Controller Storage deployment option provides two high -availability (HA) controller nodes and a pool of up to 10 compute nodes. - -A Standard with Controller Storage configuration provides the following benefits: - -* A pool of up to 10 compute nodes -* High availability (HA) services run across the controller nodes in either - active/active or active/standby mode -* A storage back end solution using a two-node CEPH deployment across two - controller servers -* Protection against overall controller and compute node failure, where - - * On overall controller node failure, all controller HA services go active on - the remaining healthy controller node - * On overall compute node failure, virtual machines and containers are - recovered on the remaining healthy compute nodes - -.. figure:: ../figures/starlingx-deployment-options-controller-storage.png - :scale: 50% - :alt: Standard with Controller Storage deployment configuration - - *Figure 1: Standard with Controller Storage deployment configuration* \ No newline at end of file diff --git a/doc/source/deploy_install_guides/r2_release/desc_dedicated_storage.txt b/doc/source/deploy_install_guides/r2_release/desc_dedicated_storage.txt deleted file mode 100644 index ef41856fd..000000000 --- a/doc/source/deploy_install_guides/r2_release/desc_dedicated_storage.txt +++ /dev/null @@ -1,17 +0,0 @@ -The Standard with Dedicated Storage deployment option is a standard installation -with independent controller, compute, and storage nodes. - -A Standard with Dedicated Storage configuration provides the following benefits: - -* A pool of up to 100 compute nodes -* A 2x node high availability (HA) controller cluster with HA services running - across the controller nodes in either active/active or active/standby mode -* A storage back end solution using a two-to-9x node HA CEPH storage cluster - that supports a replication factor of two or three -* Up to four groups of 2x storage nodes, or up to three groups of 3x storage nodes - -.. figure:: ../figures/starlingx-deployment-options-dedicated-storage.png - :scale: 50% - :alt: Standard with Dedicated Storage deployment configuration - - *Figure 1: Standard with Dedicated Storage deployment configuration* \ No newline at end of file diff --git a/doc/source/deploy_install_guides/r2_release/figures/starlingx-deployment-options-duplex.png b/doc/source/deploy_install_guides/r2_release/figures/starlingx-deployment-options-duplex.png deleted file mode 100644 index 1d7db9e7f0e50cdb7bf128d35308c600634f493a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 105153 zcmdqIhdZ2K*EXCcf&__Z(IOJPi#kel5+yoO2V)|7??lw-B2i~Z5WSCH6KybKL^pb` zgXo?2^1Gk=d*AzcpYQtvKF8s3%-Gky)?T};bDihfpWmt}J|KKTc;m*62g*uvnm2CX zaoxCa%jVwQ8#it`4~0?y|G4R*sVH-!1Vg(9e7FOZR+YYSqdb=A9E=BiCU8_TaJg}V z^5OOG%^v1GsT()0ek#jJYkQjDE(jW5$on0|nmV?^PAeW@lxL7&0G^NTcqS^d$< ziA^vv&xMKgxqVw^_>*L5y!Mcrldl}LNgsZV_tW2|I~)ejILSH5I(=$?@vtcfg-RA5 zxbhw?-cG6a+kg%F)%S_|VNM!NOScOf3jg_OxmYV$-(ur?sSBD|wdGbB6*F8fB16G? zMJ5)bHibkC*K8}WwN4fk3!hpiDROdi+a_g}wWzG!T`6L6L^yPdx)QkzDH0pBob{$kLwww6LcW<)UtJQ&- zF*fo$X?cR0nDuXhaf?`q)=Beu&$!p=`0@4jE2Vy$HUVqQj7#312dBJN;1|2@6Lu@P zx_qM3=a+U^_M8sEWZ}Y~w~63<5!<$EH+bYY7HGlnz{@z;>z>-L%d_q6mA$uKqE2z8 z$zF-v#^dZ!^@Pu#bJhRyQZVdXGF|b?gR7>U1_*CM!9~UmLOA(fKf>r!Ik&&k`5(`{ zk>L|cbkslCD}qXJm_AKwleA${yV}0G+(sZU;sT&E90IY2kq|zcT#;OHFdVCu2@;3X zIEgOy>d1%@D3E||2-6UIFiwUR|M1T6JM31Iy4bg!s&~WY=ccFnolVRfZX8a!^y$9v z?2k10%0pW}cpA!aJiP5Qb5;>c=c01hO4-Z{T7kJVGK(X1{&1AkKJ&Rco0$=7u4z6f zHaYXV+{@@A7F{F_P>~0pu}cVSKAkf1I1ZG82W7v+N#Yejp9x{QbN*s zz%p7Ezr3l?QWJeqr^4$n}x7cJIiHT1O6Qq!iyGiT`lVH>^CR@#1Fb)oCfh zrleV{VL8>N!ltxoB;&k|7-XA==UQGEx45tq8{iAfQ4Pe@_1gg6*~!J>1kc$lzEthn zCnD}HjMSAcLkwlpQljBG-`l`gk@;{uaHUcJ7-Eg<=PVQ$LYeWSSM zlx=6b>1Y}kuSkD#6|RS`ZL%ea(Z#p$f9W>O>bMXsobI#ND}2`D2{_EsW7-RPc(ENY z@Z=>GeFyK>Gw~z_2DsG9U~F9iA829?RU!eevru}?NZxW<)-;K$`kq*sjE?H^MwVo zTS4b77#b=Hvdl3Uy07A^*gBV7tANAvk$P+|4GccNVqvx1OtDPC?;c_-uu~puY#{jC zqQLwxlzlnwZ3hl5r-x3ddlAnSZHw$mloz7IMs(@kHJqxz_S!r%q`|6KPG0s3DO9uR zFWYkSCpJuokTNL7TRh2Mu&+RJw$^G_n7r*!Df{#0!QkJI`G4ny3i8aW!8k&T_O~6j zLF~)Fu-5C}(NPsuCs3S=j!kn~NcNK$_T{d)0?W<&yI?8r_iyBhm4&Eu(D95VmbyFi zjaSIxlc7_01#b^^RR|ot?fO2?Jm$V`e$jw&%cZ1)LL;$|)H#uq!(AbUFSe2FIjky1 z-39NID!2-g&4~n1dS`q6o%0cHyYYHwY$pBUKfJn3FLp=$PrprE4%6&;>gHJ4J4DT{ zG(GEV+#SE)YgO#>GlGqfOpjB5{yi~v!BxtEe1EAA#NKc<&2S6}Uq}mizE{~wW6Gz6 zKU^5{Ts}6tr&5nddAVCp#V}^2)Ybj(xvdnNJ|7Qg!Cq?V!%JH_u*&cGDnwk-YM`${ zYHp>WNIS|?HHQs&#yX@SLNu<%oRYucd<9&h*-=SIt%nAcG__R0Dy|>U_B#B)*ezcC z*QeU|d19GF+v77D=nTQ0r~0p;tyy%UjoHTw-R7C_Z{Kd8-7b|+_8))t;>Ew-k zbKP>l)|(u%4adbR$kzLY)rTrR_ip9rEAgvKP9_Gd+x}W9vFxa1ksj~6QA*$>%R|wJ zr1(NEL7J5Ht<+7qb7THsvsLDcSE#SQRbq<(`T)mQN4Ow!lRbZGU{B(KzLMs?QnPp= z&|hC%p9Vp+LGVUNLyUd#%k`7|Xl=X=%lB8>BFkUej{QLat_uW{SKmkX#SeJ4D2Zm!y zC4f32aH;Y}KU;PmVI>L^#!wW(B>=dZ-Ay6@iD+tQ#Z_7 zUI!0D4qrqD@~e>}c7;E5=JG0JI29xdfJ>l+6nAGDyix_`$A#@ZO}(bhi>@vo>=o6N zety_Du-xIZyx@m*rX6`m$tOx7U}81x)i}kQm@@92R$taPUXj+4a>C4e-RlN19#I=R z#n@MegRvv;qEEMG_PQ-5-WqH>TRGk1sR)QIl;bg57y2$E(K>`ybgccm61vvQm|mI; z_W#)t-Kx!J19h*jpm>teO4=LP$Dt=jt~Jz&l)Buxn)!{-0Q1{T$Uy5BzgyZ;Xv&IU z`!KhdppF6X%qk9t=)+(@+l{!oK0kXQ0fB_3ZNKd^gK$kk9Tklfb>De18z8Wp-*<_` zHlJ;!89R5szz*w~!i{}4tFS<{HQ_l&{Xs@_Pxx}cci6}>Oc5{MBw7NI)1ulITVd<% zJx;S1%w=5fDm~ft{>g$1>n{cxUy%uC@FC&Em(ZWkYV(eWsEYj7@hY1OC;2tqM3d-6 zBGcp64W1TU1uoL`JX7iqjeRYn588r0Vaj)}7c1d01NS>9G?nm|%#r$x?fJ$b`|z{I zC&JznA}dM@#L2wds27hHimS%bW70{{eFg4eMI&sFp59A8I=*fFXptp@#qu7m97*q= z$`aFeew#%6Pbz+*2NpspCB+u(Y)cFmPv1+&hESR$(|Ik%V*}2S0l|Nk=ZKlmy?t7I zTu~=*kLfx=2U_Xgho0TT9)eFXTy&v z?}=AcDqS>$?8X-bxmRd>t}#ooNt1V=2G5f~$a^5{IzXsmQw#DkMQ3?M^cuG6H!^#4 z`cvlwqvh^$P^)KerU!eywvwRyl`3e{$ddEjf+@&EmPW|2OF4>;j zg1?qwy|oPs@5OQZpFp*AqQA^I;Kf#{9QO>a>|$I<)gq~0Onx?O4OtkYg8vb-Yix?6 zqInO4);@i3MYSi-&VAeJk6WXl*^Jc6#7Y9ng5hi|13!N;B`t059h-Us?*Nrk;}HkZ z#5cU?`{LwBx6bxO=~+C(mHN3GS$|A8-D`15d#9?^{k#otsR!)JVIvaL+-kpkG-4XM zGbF(toER7nR_>}nazRO?&K>pNg&%y~e_i|OtQ&T^3L@*t@2_;@(tfp(iaL5=>W+mp z&p+}XR24pnxWCEnqGC+$0$?A%m(Q`nxZ_AOh@2PI)alR^IJoYzmF{^<=}nRFX#y`= z)*pOLkAnV0>*h~xoey>K(2U@#cUaP+ay4ESOV1t7=o6A0yEwHO@vVMS{{8LU!tl7e zlw07arIZi@8R`km5ZHs%_Uhv32t29G8C{PbQ09lV2fx$#AW3pSwwoF}OjTna`NToy zSabzOmRMoiuvtyyVofZu|K}Z%R5UhOji7os1auWq`B<=03U;Y z-*VKmx&wN47%b2E73`8P7TiL1!F|8}F_)bH&WuH2vVWI53U0MK^34LkB;nEy>*)Wts8 zp)|x5A?d*5xAx}Z{HL0I8QMG4|KZ`XaEs`|&w6#gbuFx*p6TYE=^Yx6cfy`x-rn=O z1?FFoV{_tfZ63cZBH%NT1kDALRa_q-&6>`w8GEo5%SQbD-z5Hy(vxE{1Aa^2gNS#( zS&d-5R?;_`mfc2;S7y}fFHbiRK_rr%0pr5meZ(N#?4G(&jdivE#i_g(_Xpcpa%x(; zcOb{%1EmL0<^VF!1-3P?s^^*-8Ji%@&s>a=qh( z%l%v_3BcDA=i-CgzAGTKy0PPLJZkrX!lwdT`jSU=eJ8@=rFF}xxG{@ZW7kGDi|3E5 zJ18Ahbx%-UWJKv5YLYxzO$&6}fA?ypy*cQ+GtR-gy$=2^KD+Xe#TRwJmgDeQj90AC zYdl|~EWaFh!_!;hcrx>$u=qR;&YkDR8Ak7{RD7~xEv!8)r~>CJP}(O_d&Y8b=(x+* z+Pc2XE0E+HcDkHqzk8CqJ8qahb5#?7qW9bHX9;CB|LXPkH-4Y*rj6;D^a=qz!>7~^ z+;TM~iY*tmI|L+fYyB3n7y8wGl4ri0cOu2zo&xNRuRaK9l*PY(yC8X3gZkj64thNbLfwnz`fQso zOzdi9{|}zsw3EaDh*qJx9)d_4m8%x2Na@0j#M(vKCJ32`Z$}@wpL}~6 zUvWYR0Jv_IWfKo&$X!_VLs}0nC&(&#Nv<-hq6~ieob1JX2+>f^k2`VXe4e%#6Mz0E ziGBHPIEM~^6;$Whm+$#IYmg%X&}z_4PSbL)3n(Z-}3T0TQ?IFjrts5hYBzX}b z0Qk%9K>&Xfp40mu2Z)1{FKp=NPkujSxc4m8@U~uFh?84|O6?T4ezhS%@^R-iMk>1B z>wkbUy@uUA^vUzmY#tyz3VK5&p>D_Yo>BD{F|^wY$v8LU%p!-GQNJd6!bCXvory8= zYiKyzK$)-2yuC-qLsRUG0nLFD`EW#<`BqA*Fx{qH*y zo@hFlgq^?pdM=nyP)8ws*W6h>p!_Gho(6)Yb*z=1CK5GUw(Du0JfiMLj_7;4M);*v ze2H~1MBU8YI%p|p zg`X-Cfmzc1$%4Fya~SaC@hkM-)ca3<8Tv0(2ONZ0rVn*FSOBxwA5J*O-yiOqUB-Wh z!$BZ1+Sk;pA?$mc?H9(Wo}{a%fWO>cCBdCMHogbmuE`tmb0&@Jn!*YgQ8tHhcMscbsAb4$t@dR9_Ht8`C3iaub?0@#!2q#`OU zq{#eJv`%=R!Fsp&^NFWciQ8n$%P9ua?v>7$W(7}JBq8>C-GBWj&Nb{A$w!`RLdJul zyEb|RP!pF-%ua8=pg{iN>vBS#JprXsTo*-Q8|{YeR|;b zld0c{T-<u7}2Tf1C z5@B%45OUI*_rvjtMlClPlgAfio%uk#Dd44LUJN;6AJkru+zW; zY{>fuee0nI@N@njG#SvomK< z)Y9rCv0an)WRiLY5KkMA52mfi;!5BEF7V)0fo)PME>43cTBbG~`Rxaf>d zI}vy7(>B9&@AZ6a!}LK3ZoRM+Q*s^F1Ts!keh>=%is(L5x{qSIz^is$8?Xgv7Bs+b zCaS8dpRp;70gNI=hlj$%{1d1U_s~^-U@eDU3Hlm#;)^APZ0eSpG`-JQ4C3DsG#;yU z%2EftPI7tx@2ra9PBL;hYewnfc{d(3Z$@V9-&B>RfogxxGEN zVY#`yQA%1Y>PT1ED8SDhV0)l7Q|^ZDfF+(j$8%wb6^U)HOS9BlULTO$4Y)_k<1PS% z!*=hWRK=>LTaEkad=UQek9Mo?l@thIM3_K(XaPi))M-EIxQaVK7@2nOev5~&^JtAQ z0Krr8oK4*;BI6xZhuK|~nhAT5R9|%%ox8qGvuu1c`Ibmp;2^t+)(_%wmJID)(vrJxwYTqp!Gn_dc!O8P@YgG3NO;oZsQtNTjKVeie+UxSXA^uW}$U~Bs6a&-)Y4CicrB8F9_ zqyw1P?_kYri#g7!Ga?>8=!Dl=tC?*Dk3iC3(WR76z*LVqgUB|)`5u4tm`b#2-ID!i zx-(WE7rBfaMn27aI9s*${Vz$s#FNqpk26ZKv%e&^ZpuRRTk+x9H1|D^_fSfe>~xG? zad{eHZ`MW^KuEV<>oA?EXnbb8JDYB(ZY z&1X!Qrc+=k`?r8At3z;?=OK42@7&91ZrZlM)n&Y5AIz00 z(7EkLysi~{S#ryq^|(5fKi1B+O$l~!G$R#^jxF<=4a7gsqopa96=xzo+f8c0Eg-=Z z!o-Mv$);b2;xegqOF7am_(5?O7Tl_In@`oqo-&kIF|}~(FpS5?wkef92B=%L%G=~c1mlD1 z;@3g!ueM*uHxBdYDA{*-w-W}g?9 z(-EDarV`zGR&{cIc}8$s6eOX1|CX2ojjKe|^Jd|yiO*5rZcMblUCaBvV=PIsQARbN zN`3fDt-9!jAgeL^x&DcKPPW^20*Um|#(`B@HZ)SKQjYVa&ZfOq#>JxSl zUsG1^;WlZJyr%J!BsL8Cc9-~j?6OrE{cqC#)H`^X!b~}2Rz%St!OT+BEqu}a!YT6| zOWj}xRf~evTkLW2a>^W&;+O#xE*Q`cg8s7DH$0l)Nvm7U!~v;ivYvYW1*KrkcKnJg z!|9*YJ&cqTXhyWdZ3VV~S|w2T{KTV2yE>SD_)_Xhal$Ui*sFuQ*x{A=w&&Rd$e z_nwm4^W77otAfJwj;q6(CN4D_)iRMHh}!4qDaAW65{F|BCeAw@*q@kqr%3{NZ!>Mq3uFF`Qwt~u2*eCl~r zy2_2WK|Aea4z=wP?9OvpW@^X#xqf}y4p)Z`&{5NXrWXCWaEIEtyW5;jcdYVMxy=Vs zv`d-}$JIe7N&iVFEQjgIYg2CDvXjFJdz5|4#UT!$jL-m6&vT;K1e)BHC6QR9TPLYdh?OQ%*kFt#(BGN^eiuRXeA)J%q*qz))4m_{=q1pwCqGX?62<I=XBjuj%(X`KYu~F2uFwtmX8Noi^3QbY$ zUP2{hPzycWOrC;yaRhRl>6o7M=)H|DZV{QK^^!OM2sX6;3Ci>olP%n|rrJWB7Vh-Z za%xQpZvB~i|L?Z)-0E*IcV^7X_V=1AUV3y-o;oKtX@nsPnI7<^4tY)Mgxyslqg_T% zjde1JXFSUYvmctntt-h!F>hjgcn%n=qStjY-hXO?O*M9lHi23jU7p3? zhFxIy+9nfU|2hTKj*D~jvhn%uX-0E5s41nlWq%Hlwi3X_+i>z#*C;s!Wd24>W868} zJgyS7-82+7Bvhd1ClkBaBpp)pj&0+=y(w>=SCp*+JZ41W@>;^0rs?zYFE15<=poCu z^Hx@TY(`3mC`k~u|Mqb~qa$5q9DZc7F8hIIxKNTYOjKNiUI*8mJ>|9iQ!=|+qiLNi z$TeBOrSPJ$$cy>zn+E>vC8O->e$h>`HqB%=-TOMkd><+c5pE`wnIv6cLJba(YVmm4 z;E=SzZ9A>5%vEYp6~+%Q=JL)xq+$VTzR$t`m=b%ivAwqk=nL)oW2g*|uNgIvoR-t2 zQp9yuwPFx()g<-4qr8&K-ga@jBtO5dAvZ^;ehn?5rDZeadO)Y8#WCrclD1Xr^x?H> z^oK~=9MY;U9-7Ow<}2?hKsAk7h&8&=>Fr#KyVX%COhP_?FB#6PCFvi?^Rk_?^ z+*?Zp|1oPjJJpggQeqCaR7sojPdComZiXg06oN@j&xBTN`y+|P>rvpI>v6FuLK3}I zI@Kh1*YQv%p5j(Wu!ss%Op+`*MaR!xEn-Aw+av(1A^BtiDntfk=B(N4mRg*a z<@eaa>e!r27q>umYiGdDOR{kU;Jc?c&3SYvXQ z7uq_X%n$N=jk->0WNQAr3Nc8M5EB$+DYUfkciKGnr{`cK4p#OZa#0C8Dkn`wT`p%p&k``EPdB#+gNwUp8n(x zcB3%9+Sv9)#Oj|}5?=i`#P><020a2dDv@YwLJ_uh-ZR=aF{a2aXr{1;) zVpls43>~!0rW3UoW}ZH9$UsEktYZkaB)oo)X*2yFcC+0nxN_ z!5sI$DUv*2x3B2WxXB#qDZ$?0{Dpc49mbGZn=As`iwruNV zq$KsFk8|7FR%bo#2$t2kc<%ODgHyo zFf2`eJrzytsBSLby5#ym2|l_E;-dmh-yr%)og3J(GhqOnQz>3y%1jQ{nk;wlp&1zA zux^6t1Z%CnmxC2H4a{xZ1`G+W2=;CHRwdq8s^Os6}dB_*)Z)MT;!_RZ3m~AP>DpOgTSm(AadupUow3g zI8pijhX<#@B@f>CE!A(7*c4jkQ~8z9$`7O`_pA|DZj@7eW-4F`6Mc;ap##q&z8iML zwb9c4HF*1!{iYE?K%u7fsbH*ti@SVs3y(?*a>x_kAS-Ymd-uze6=;&NyMg;|Hw!f5e36BOAZ<7T2$`AvmIl=a z*J1B$@hqU2_$dNhaRb)f4s& z7vn6NWX{Pl;R-H*t|wXM?=F<)*11o(Lh2Nehq5WDV?Jx3Y!UG}YM6l=2V5Lr9|%v* z!YTGf8`e4~O<{2NaqEl+%HKkyGzOA;k)MUd_F_aKZxT7X-6x%pfQkvhMv!wS{h6F2#W4S6H`e7l@?-fZ`tL%=xk~BI5!F#r6u%;K)}1^(eCJ8|y6ygE|S>{zxBK2q1&G^3dhvAeq)|5xJ{b)Stzu?(OD=X-o- zm7~{?Z<=*Q=f9l>#Ag>2fjz(?`BSgR(W1@hCdS3vF@I=NiUn*L6mWl^N-^-z;FvHh zXM)hKdVG4%UtxUFZ~?pNgd1w1Ig}-7U06=uh7yGzUUze!EctyF06S*(zE2{PxsOj< z(C~a>Txh~J;h*FbGdjL~UEkCKubLxiH8PPS)DyAU4H+i+hYxz;*kDVIDx&EiPRLaH zofL-b*6(misELtUCsJ2nmE6E>>>nH4-JpGLJWvz!Yi-RsBf}m3QKW9OW@Z{xEiG0R zA>;xuU_34-ln^Jpnj!MpP@}+}CuT+;Cv6?6jK1cPaKH5!e*(@4@0y4-*?+ceG<`Z! z!yGGL-6hmuqaNFqDQOgv>b|@_vQ7<6laWt|Zu#+%>JxJ?>9be4&lm1fJ9L@8rVi?A z$>v=q$YM#_hU@wTTbf4Q%pv>gN-b}G7KxOs;OUfjeL-NlmdC68i2VUMQ)~-r<;P~Y z+nz?w$hBA*n=>9eHd0*UnOWz!m4Dm4x#x*nc>Pd!JQo(&Z$b_E0Y;^TO?(BBRK&#R zykg@|Ht3mP8%6y|pE{EvBGr!534bJ)=Zo1iQv%Lv0w#n*DS!X8CO5cGvQ4^H`Cgc~ zhI^hb@L~)1%<|=QN0k zmQsh6iVac3Jd@JKTVXv_ua$;vt2FgKcn-?}QXx}ek&y33<;vd=Rt>ZRk7&48>*)hK z%rzt6{ITm2IWdJdE1ZWo#J}~>Aw{MG*GN~-EJ~>ST8~x7edJs2K_n=GWuFk$SK$-& z6YKePuD^Rv_`?%@4tj}ehzb>zC5q&!G}%oKd--IZGb!ej z^|r@-usywDwaa@g%#UIGNDD1c%i*1V?%s3nv|UT{nND;mB44!CQ}l{)(HExt$-EmG@>f}X~(8~EjE!<~ zT_-5;Z78+YuXyw|>N|ekF8oX$^g~6%{~XW4k?dFCqjY}0>9K|*H!$WHAgPTV>Dre^ zB5!^DBFNpGG5$A0+#M;*DT(2;moiTQfrwvj@wV=a3;nT|;&VEuYE3iZqd%%eUWi%h zgg@U=t)y|KPqmn|O0%Qq+R-_gL60i+N536fxEV{W{Z%gHy@ANq4}owbH(&kVODRmO z*k%Fh*@6en&<|}o9t&EBP3mfN04P{p7chzqmW4;` zzJtM7|NSg%#^qYZXpUWRUzqUa`;-DAJiCO#4UVP9_%}l6D4U50bAifB z<*C)f9HMW9#uM3voJ=QlsB@>;=juS&Fs>1(roc#^;c&E2DBLa4BT=LWs5xNuS=Y)) z^*e53z*tQ-g6sn@W4hX5745iCqoo(b>jGJ{^M{K5dxnRj&Gw-F$Ga?H2`GH}h({jp z+KIQX)tJLAj}{Q!R_6P5tUkm0xGl7W&u!}fVAp7G$*#$C))w%q$^%7aULNKD)JUHct*Udxo&y)Z}# zr~IH2oRywnid||Z=5K5q4j@Wp?sZoHrPo)O>8s15Go+#e6juI{Eu5E=6A~Y}*!y$$OYiJZQk>N0RA=L19H< z>3XR7JSgqMI1+x_&BYa;_dST+WgQ~oZv0adB)QBNyJL+EO=w#) zpWB$Qi>7~fS0dN`y-?9l<)FV@>WiR^8Rq1|zSD;@dB2#75#RF3u)Wm)zly6}h}ome zdDBA^8(~yrl&4rL0>YIAkwB?KUT)BGQ+lvB*(>-X@n~rv{roFW*)j^@7VT{5p7Wov z0EL?5w-af)uYkDIIi@4_ku{bnR(ya&P9eH^%dK=zoxs6=FU{{HOP|M?co(3U<9M!w zYx$A=>4zaamH;C=lv%NvU@Tixu-D@9Je1zz>Df0uqj+PlrEeyTKi-mvt$x=PE4jt>d9atd z#gq=@m?(loO=bx$?T#TON0Nqt+V*kpm(aK?0F~l=x}ClVi!}g@Btoxop1dey++)V? zDj|*ZuofwSao7VGcj1OVqRKvmzdVap_%0(Hi6yU2`p%Ghat7+z#6CDKIDx8yVJ=-rgXD&B!BZdwKOO`RaF`%u#OTj_F#s?wJ05FVen7OcD z9Pq) zN5}4OGP;5ndKNZBkYgJ2v;Y`A18VnisH7hXU;&a?oGZ*LWSzdW7#}WVIbbnHh!RnK zECGfkm5Ly*#j?iorC1BM>e=|w-_faxrilbAcT09c&0Sw4M zuVoVbL!c<@59m`Ey*Ddp_T%k}>)qki#@g z;&?Xbvj228h-A6^8ceSrB8AXyr z3-I{jc(fuJ5v1l%fn-gPk}(2Lag7{O`_>}Fb;j=q5-Yx|bO^}YPkq{GrvKKJ)hY1_ ztb`@Jt@f|GEo>5S!B%;5ke)iJMGAk*i3Z{FH;dt-t45$@p5by1AMC=|{`~|vP#aLA z&4*PpzSlQAVjfzgD|TIHmCXPV$z!oCeNDxue?4ES?5M_id^= zjS!)}(twK%th)bh0uIn{6B+pT$AR9Mzyf?FUyG#d@;T`G<5@($?WK{aiOl%{I`Y`s zw)bcQ)w_P37oT6nejAz!uNJ%5AM}s_#FFhLF8cA8QoC~`gL8+f9$DT_;mn56dZgE6$N>`O-_TlZ%y)!!ZV!~dISWH7I;TNZrTbutKBc$wtVtQ zHmfzJ3R1kFqK!umz1DM_7P-iC+_LK4UR{DD$Rmsh1o5Bl_*|2gayCAMURJMNdkAF4 zTVF=J2U4aQmx36)SU_ipm9RSVAq{GsA1p~jbpRh|^k3`aV1D5=)axmB6b#kLlO2|^8Csx*cZomP*k ze?<3!@;VYdENRIGzwWh}vl#TsA(Y?=CK#;-J6DX2)wIFkQJFX#($d-X%Nb_!AK*`BXP|w>qD;y{kUU?nX)KC zTVHtGZt%^!%-eeyXFL6Mk{x9WlM%U%?FU+%q0W5?gc}MCfOhi6)$9*u;As)A+qOm( z>l*z2mfP@>`^0K}-t|23@LXg3SnX%cl z+O{HUIUf<0(=aoTqM}GU=1cxVWG~N3uW0))hR>?$od}vh4x<_VPFa){aeY-p7y3D{ z*8(UDJNmTL7-D-E3|qqO8v&mGKYgI6Nn9{!A)@8-DUIPWBqO!T=RQ!kZ@<&4goHUy z%Lw_%U^IbF$CX6$m;vHdz01J-A{!pWv9UOArzJ$kc&gMRE!YjTGarC2!2sVJ#5=!r zqlw+k|NCsYLce_#slVTJL-dX48%7EXb>kOYOW)0JhvM<6r~Rxl95}I{6BTkm2~~Dg z*Tg){8OgEUux*CdF9xmVcJ*{vfr?NrcFf!yO_!s{~J7%EOZhT9J+mOMq zD~I&<3saK4&giM}r{%t3DviX5je864z)e+JopAX|NVSg*OEqB7-=ko8CzhsO=NtwM zzZ8Svd4aBpyv(%06AB6k2P;`Nb0X|x^Y4or;2y`1UPvqAIQmTyansR<_sbL7=k-_{ zfE6H2_4;KX#@YR(uWcXS|4G}G$K7nsUQNtEVx5hXtk((*iT>8F-!cVPo)d@O3Vzp#e zDL%L-s#aW=xLFQ!!anrh)*0VFGlN`Bch{LNQi`#n#>)MW)PM`nCmj==d-*XL?q_QP za2Vs&eFiP)8u4r0{?>eYk1fK%^Btl2V`1B|KcWnqoz!|X0qE+;YMwRDz~g03Mq=S7 z%bdNtQRRsH*vAs{gpQAT%CsD8aW_IcN#RSG+mqE^_hWs2Eg&74+!J|7v=Rww_+x7D zBBji@Q>QVY_LQZg;5aTcr|Fb)wuF9kP3 ze*Gna)mf*QV!CBcpQlUT(W~v{(-K94dYY>jOeKOwgVqV#Q!y>~?Go2-#`Z$W^~i|z zNE0+E^1ct1>xx}6R~a1s*uLJ&KTSxcCtDV1zTTVWIJp#NL}(NcM8ty)pweI zZUOE7n!Z1VePm_vvfLAA03yP2-kwl-1z`>4xc3dXmbPv|#%Wo4uif|$Tcy*756T#W zcZS>QZ7)rrv2z=M*mxp-u8}MhoU)Wu9ZIsahCpyyEOTyD0NPBMs`|BR_UWy`{;L9R ziYhhrH>5=2_9NW(z`6*pc@;g)Cs<`c38@PbFzkDoF3c%z0+o$@@(aD|aTnqxcMsc& z-X&LcN^~;>B%JvKk)3~cwfnq7i+peAhVz|U4u8iC#VIiS>Y6I3OF~ME06`HH9z*t= zaGf3O1^lJ!WILUZQ>jOzs(7r6;M?yHz!&?432J~hDq#?!>b3l94Uv>Rl3oc=XNw33 zan?Pwh9HRYf1Q_tg})7Umwr&F8I*L1qH2qUiJ_~csGa(+H`TrzKlqU#K>HC9rJmEf zlFP#29;ikDPH1Owns>tcQ2|`SGk%#RfKa6HF{foCnP#&=>KxlvOfzjDn~s<{2_GO!PHeWF33`infcClenCdI>2Al)4>#5ewbh zgdCNCQU4qt$Paqt?Y++*<0$hA$fa@p|8o{5uL*ExhpI^KNeg$M69c z`*spDKLODq%1U3orS%&kDh`2*cJ;H339;q=L;?vuYRPrV!|;_fLqB{dHk{_AhJ*g} zQXj5zrU4_NR~-LIUSV*zI^`pw1~B-4ty;k4IZBUOIubG!|2g?m#FCUGmQ10w7>6~Qrifrq|o-5;C z0lKIJ(y-n5dqBoq!^vIqLc=+6>Y zY&iX+kwQgZ@Bh9&Pz(M)4%CtxG`A6bL z(7s?7LDA(98+~!s)_G7LorSYx^x+G3`yWR23Bh^0rG9h2VM0=ma9}IZ|3Bw!iIwju zv|D-Gb$*ExKkR?ctD+u;2C&{{DR@1}*+!Ck9duJ9a%n=mh4wPB35J zr|Db*>Q4d|qIeH&Vulm9ci$N9-buXbsfD+D83wz2jZH?l4z7r0`BKcbN`4HHPuzBK zw@sE3nhrDce~#vF87TI&*0=P6cf6S73K+q7lw zVvF0P%cUlAd(+wwj_+$Qv;_~hlWG$g!fPVE-X+WYFT&nBAgbyI*v9K3(@t^%kx@)cFs^tAuDdLHz3KawTPd3rBSNQIJ`CO%5AY5k>_?%%o-Ol^bot|g(Kg4t5k0$0GHrP6QnR{09H-9DIbe{>z0SDnml~c$fZguM10i$Hg zxIKF^JU3u{lQTzE8?B62jz{?#-kgBtcfJguRd53=l*>ks5gn+cqAY?nK(-`o0tV=DcB$Q9TUS@%y0f((0IQ>ht?p>TrX29( zLp*=~Fnp7WLn{ZZ$ri+;D27!H(9G&CP(PW#f?mF=BwGHvD;jIpsP1V&n6(Srral)m zNd;&&dYiV%f@b-Gdv#33ISqg*+O{|4@fBTfZ!avHjv7!J9EdCf3WPHt8=fH2{ZW7! zGFh_ud7mg%*ltfv3(zGTSt!x4?V-h1L|62M2snp5mI+EjM~nN5oFYIS!DT28sX0Q8 zPV7PcM<|-yhoBS`Gm91RA)1UUfHKZXjJ87V6?(9ua{`3o^L<`YA+zPd(tFhCT&# zJjML2uGB(77OBY?JnQJ(H}+1??Ks`h*b}JJ`ti1Bwb^)!Oo19(mK~3Os)etc6$%#J zr{fY4DPrWeQkObi7@0qe?=##D0i2wNSI14#b%!H*4MWDKzCeC4x$r~Z0ibj~a>Zs5 zi#?~;wW(TvXz_Fek^j6o_YDrZ44{=3IftLMkM9jLecx#Vqzh_VhVEZ|3w#D+GZu)b z*xgST6Fm?ALPxOKKkt(=s;03Z@BP%-9;wS!4JcOZ!1xn<2ds#LA{rGKZCtszOx<5Q z7f4&ClHRfqO}mKD6oLk0IXOPqwCGt?571#Bzg@X{`G(sPaFF*M&H7#gN5kC`fdYly z14@jWc{!E9>BOn~9**ZmX;9{aH%D4Zh6>knDGFnbjcKd=jU*K$XR>QY+81AWy*cWZ zGd#m2N z(10d=PSs|mb>z-YAet)ypA&`2mpZi)V#bnU)HfC|&b>MUz2Y4brxzt85z{T>jp=ed z4qS?feL6M2y#ExPJfaI_BSeGw4%ZZ`)kCk&?J_M!$)1B;bVkZ6lTz8 z+VxTjX$dAK!j;|=X5y#i?k)2|Ng{1ewsz#(5%}x!)*`R`)L&wRyv=W)hBEZhv_CYx zD}AvOpVkQlG#rglQ5y;#1$HZHKFDwy>#((7G+;cL7xptq!?i%0IGflC&H0zrvp$~J zZt7A`lF}^ond}F|g@N=vf?}F^5;z~NN67s8^T+TYi^>8p{n}IkU&hkGdtI*_5U~rn z+ItHoCU&)Rpslq)v>4erNE|I_J#iD}R~Ju_4Qlv=ng1GKS3Q07vWSOac7DA$co{7g~-IBO7KSd-lD`3c;zV1^K}q z=y{tw*XP8nh&$Xn-zF(0<;&CP%w))L#~#f``*)CXaz;W%Mkab4J73#Y&ELwtHTffk zno7o2pL&x!qC=tkC`TbB$Icx+dwXJh9)RQEqH~4VzGjms$%`#9Du`7d39+odOHJE_ zBiTgjE#7{X|k&#Gjgi>;NYG! zP2tbU)RTV0#+%LjyLeWUW-S}Y&d~6;rSqJgwx{!)zdotYbY@E_JVH_Xkz;u8T=|LM zhh#Uyl34ihTRcK(xv#pVOb0viWjAbpf2!L72j>YaFF0neybh1 z4caDi3~Oe;F`Kq&?&g;`vpG>^hu3rBVn_T2??a0Dg0UY@^8m&Z%p`*cL6zy2t;lRFwjX+X)ZA3uG0r--G9y-2L6 zxTUFLy*!!}_4=YClj4L3bFzud09nu9>1c-ylHp6xMLs!cGeMlOkv*pT)~1PIkl{Yd zv&)$H@zDvBE9)_T5T{3}EBVOZ*jap0PYiY9ccLp);rEsg-ie&4zo#{Vp<)yX~ z)6gU=V$Gz;r}1KuH>hT=MVs#2`I)WP%4mG)3Vm&b`+f@5$dg7FwbOm(2RKKY`wyMp zSaW{`nZD3I7WGA_O_3gq)KcH^kzf_+7$zwl)$oh56t|rQGH-I+<;k? zhb%GQ8!S7{Fh{6rH*;jMiep_yk|oM^f0W6{{ift2(Iu?1&nM*r+fTQ7ZEm>6Oodd6 z^xats+b3^F+})nqR2Px!2TfPa=|WQNMYxMM8FY1mt{=%oo2^nUxM-hKHuxhdioYA5 z6ia-unW81FACUaS2R`dlO`nDK_!ES+v9xTJwBFs{x1S}-HQq1XuPQ-WypNPT(tZeG z1mF_5*5H#p>vH<2#zhuZ$av!PL*z}}w0fj@W&&G9-RdwQ>5cqt-w7zhl-+NY%4nbW z_X{ag(HB?RA@v02QoeS}^GQte9%k<-kJ)kt!;6jfsY=KFq2dU+S_v+$;Yrn{Zhc8PeZP-EdDQ(iOYCO>M zR;D;vmP5}D34~v2C%oAJP~Ck(5-)qa8W+0Dn8)BU<-TH7`pCTI8?r|(37B`u5;t`> zFq@hsGkcb@Je0A!Wrh7tgU{G`2>KaSe8g`%UulChJXN{wFsDl*QC7E7bYwL&&~g(IeZ~ zep(aZut0b6#HvVF%bdNIGC~=>prne6j@{(yout?OYTWRjDAuep1DgVB=@mBLIU=LZ zelhq8EiJyw{9|aQM;E>}RqXrP(>x!RO1q|23r1(yFUiSb2L@(t>xQs43qG+J_Y<~n z#k^_wl~bg6T>H!*Ug;&VChu;Mq$Gja!Dsrn(C(!Q+IbL@k>xg4)bxHrt_%MV8I6Aw z%ak&GsGUkJOoh`#n@;gq*u<9H3`Vjv8LZOU&7CHF|K*`;$nkH<5<4p>5|Z_s2^bVaA|2XIM|EQ~PcQjJU-SwL~$Wim)@g zo9wPvwHqU9RhQ4FAwq8*ZJAbN*Ri|c@Vdd+SN|K%p!>SsY|8rwmS~JpHB&EoIfSmx&U;b~*p%u#yCkQPj-&Br8vWQ9lVIJ=F^V8U%Gq3g%E0*! zj)^KbxuxZ}s!Z*q}KP0mqz zOODdc%OaS^j$;=PSFs-N9k|I|o7L9n7aC_;LU{S|T9z z#_dqj-THe$3)!qKWja5}P=gmc%d1>36Nw3m1kSG?5@*i7#JDSc#;iC7(1j#vRXzjx%*G6$=DqZu1LR+7rw6*5z>6MLk;-zFji+k8 z&E8UjAXy&#T33h2SCLRt;^&2fravb}CdgeJFv%N-SB(=sm-@{n4>)5l=U&}w^<&q` zFeX?3tmSEbbr5pvSJ`@p_NoFSSYBkqL7#*&?r85W^ZUy3XV*)m)XY~JlJ#Qjctlw- z_7k1_2c|R0E7lbcV9D=!e%UEd#p_iz+lGXr<3$MYt7y+S};{mXb^ug{idHCANiuI}?;-h~#G@Aejai?X^Z@<4EQoF+3G!5&Z zPyDM&k^&SEfho-L`+V1rzcW3kiI}G{D|uoRK`1r@aoA?3rF=O{Yzpb`JZlzhv+&g6Q5WA7vcZvx@_YiiQ_n zXuX*jEI$jqg@r3>HJ!atHsNc*?(IY0&R zjnOCoDFF~M8#c@PrLLZwV0WAwV*T#wN1jc`o>IgzG(>3L0)zE{g|owTs<2Y;3-XL8 z`qjZk>^4>f0!YXfFrnUD?1zJkt)o;nlEL9Z$gb-7>&vF=L~lU!e#o3~sd+7Z@P*VO zFYWzv*J+p0(Rx(d!r+0YkcVr#%GJR?tB+q~ydFJIwhxF08NoK`DZiFYO z-5u20@jHFiiIgL9uu_dEXWY7|(XR6MTO#{!8XkkOWq;Lh8yf}1W)fi+rJ4Z%zW*rNn;TZbye!sqX$?zIzr9Hd7&&_OlZfxDRiIi#3l;yMa1820_L*5lzP^F8S^j;^+)xIL2qAzHIz4u>e z?<8^W?U2q$KS}O4&y+qK#%&q2FLE{edVdwW;j?LKI@D`g)bp^CG4;UYNpI?jMLLUY zi1PaLEf=_rKNq@*Qvfysj=Am{8s$O!yNwcTk+j ztXH{%O#Oe&N;HgLP)$D>(QNuKX(uABC}^Z)6>yEU4R5?Y=98ap@5?O`-$&c~9y!Jr zUpK1EEGBapvAHd6U)j615VD_K7_PKP&lfSub0y3=%vjO4AccFmx$pb_8rfnw-5nc; z!MBXg7u05EQzGrU#U9+8+z8vUJGB7gh1cyoam^dGs2BS5XTMNsOR`fiXQc3?-k?>IdhNf<&y6Dx(M&|Wt zW~|7`12tb|E4~goryk#zksu?9IOCq7aPNG;@bimp`Dg{FRfc*BpR0<7w<}v90}go=+f|ce?-VG`|TWXpyX%1 zx~^du>i~3W@!o%M7?ppImkP@Z+#-f4CWAX)@w$-=?in-@M>1vRUy%OV2$1EipNfM8 zaOqRelZXU}s_`2Jj<47jqFLsdeq$b?zRf}YOwbcCDqimdNpCo$Ia`}e30VhxsSFrl zu|L6z;3!2c>@%F@8i7I9lL6S!EqxEQeB-hD&4cOS4y2H^ObaNvf?-iF*6JpckGiq_ zlIY~8au;EGU|aV9C7G25*j<#;0m6u(mjMIA(*myZ2U-r)^P$S2b&dBvBRcl(ZQh5Olyhjw!vw_Z*ss+EWtRZaW`gW*oMN`F)4kjO@3EN6$G5wO-t{B%t)CCO0Ym#tKi2zTpsb{))%-TBhS`) zfxY|Ert8Mh;7Vd=NCanVhWZ74Bg z!buI!R8qWsQ%Al^Z|;@;9A{<}{9-w)h}zH;dH0)KRuvDJ!@I?4&J`2Wx7%}BIh;+* zrs%F$Gq3VpT05vkf}>3Dmx^W_kXfL7a68u<= z-qW#gdvX4sqNRs(Hm&|dF1K$|j?(Hf>}T!W)r#y{*@_5%+lytb{iCS6a`5I7KT9$z zi^pe3x@?ucXtgs*}9|*`FrDoDPw`(j>2v6&EIY&&x`M6w#Yn; zff6c!;VUR$(bLGLjY?g8gXKgYY>f@FX)xX}#zl>i(2+Gml=s3u6`TwCi1_`K=U zi)+!IcKFQC%KSB|T} z1wEAB>wm9RmimLO!G4&SWf;RQ=I!gfww-7|jyij^%PoZ&!Wb_c12pa9QAz{MUn=(& z#%@uS01T&=o(jJtRA;&ppN_4d+r4#r8sSwH@HWwlE5TNz&38Jq#7*xqT2K0{~uFZh=9}A#T`W)QAVX&4kswKT2UhGZ)G5fR|5Mc%q z%^c*46uR{TEDY6Z9gYE4AW_;ca5Yq0xe8fk6|P+(3|*IQiK*Q#_Wu>~TvBPr^jNg+ zcU$(4i@Vhs)nV@6&Z>RSMP^OA{C}$$?!{~e7!ZNsp!t3+K;}wSm%3&vMnNYc|W^fR-eGZD12BgTBYVlNbRtg@|>xRcas_PedJmJ#>FEhq_bO6dYDv1a<{r><=+x?$7K2b@ zU>FBp_}>Z*am6uxA4Emld?-3@tR2WO43L?5ZN9ia}#t@;-0vx z>&_MqqFnYD(w&p)3mmz?aw+=HFXd06MvC?QK2OgqTXQ&0L9)aV0;3n7FXYJgAIh^< zAb-S5#<2@IKl^v~CS^q)VL#k?YZ;1tp78l~11 z1TuAut69QdWK2n72XmGx=ob-#{Y@U&%*7L(7tF;tWvU#&x@-s z!R};PWNZ*<-Y7h3Am@L(GzoC&HNPPhIRPCV+RY$UaIJ|;1AztR?LXI;=Z0u%*ZUZy zSsZDy6@g?CGaU0a_=}0D|Mpyc*z2$0LU+%+VF}|J$v~Pe>n)=&yc`)zg2x!zo3>_(pXQ`mcmvO;da1eR7y5^6OEg_c|Z0nXk z6g`ttsc{}c&gK67$L)X?QY}v*t|0cM{TG4&YCb*GVmnA6MM$kP{-4(QO>*FxO`BL1 zEa}Yk{6eigo+^MN$$f0ph6Pqq=9F)pq++p^rZQ=+lp!w=H(6lgjNKb~s`_Af65p#V z4hO_fEP=hy;%OXxS;wl+6+l<-4!U0X(#vDg4mb!~n%++~RgJV^$dtJZtB`D0-1No| zLecfV9x{H=_w?nG;&ZS@;n`-Ah9*wZEPlXZGytqgnMtyAuxZN}Gejf+`$=SrdVIQ3 z_hk`;EUYPeBkHzaTX=|X2J5(S-vDCZ`@HuphrG1!=uw4sP`BL6!a@~o8rp&rCv_gR zOpJ*>u3V_f&;L3G5K_dkBHkXtPHT~-Tldxzw9K$t-e_c+IWS0T{`;$u*PH?QpC+j2 z-qhqtq%4j_%JC*Uw$t18|^6`}tl^flrRN5#(N#Z6m?RZt;Zx|1L%o^FAgT zxk37Gy+DG0YY~70yL$G17kajTi660eur`Z} zy_b0oZ}%_}cC(=Y%mtyWeahuFwI6CaK*8u|ff}G^`Xd_u-p3T53&rz$no0Nw(&2b| zPNEFC&zLf*Qmd`2OSJWMsVTR~S?*GJv((38FGQanZ8_?k{%wj0Cf2pH>l}14M1f%;YUVsa8MRLS>ubhzhv)?wB3Q` zj6XKWn^<~+Kuf@qdQ-oJ$%LhRv`q|Zf(2S_;Q7TMvv_;d9jFtKss;p?RbIz(FSEs4 zuSQ-hYjW}_cI4)Zx)Zgr14B=yo3uLw=w7wjt6@TQxi&3i(KLQx!&SgVfduGWK4qT- zSz@@cGG_42nc8XS=k#5w+X&yb0PxAjpTCZlZxK@~$%&3pQ&ou&m?d-g4Z-PG$6R+$ z($q0!23O5{)Yq}XhK#)A$5)=dB}@h3;Yaw}0idkggp6b5o3Iaof?V2sGJQY>-b*o*a>a}29xC|XXI3Z^16?cJFFSBM%h}s^(L1z7br@IT| zV#;cW>4|~78TZM_!)WgWf}{?mp^wHURgxtcBg%D3Fb&fT$J|{>#AS)J%50cdC3$m0 z5|>E3@(3Ytl#HwgRDX8B9iTV%GCiY{s8Z6C(hVnH!>rqJiB9crJKfgLIkn#vWf%*v zo2C_wtw*B1JBQ9YKUrk4I3f`|(rM3!n*!RBV3WN3H#VAACBf~NEnECiAw$x7zl%p& z)cT$Wqw8{W-v%-H+qtKTw-07}rd1>N$2@9F3%RD5!XWlcX`Ay~TcY+7ne0swLVND3 z6_-hXXfm@(`22elQR#%>EzGN`v8k?@u0Z>__mtThUPDsR9|>Aa%V}#IZO2N$tu3Yw zaiap&ac05%xnTZJ3 zQ(7~R`$2$Hob!NBVg)JOo|D8=r!77N++j*2NL8 z)X$CRZ7~HC)=#ynNKq!tCM=3_$5%xgC3dUiZMNNd2;tIewDAT3Jp=LO59eppqFZxs z?KD(x<3gZP_)m9+iQK-%cb|j@4Jk=QJpbVL4rdf6l;{3I*qlg5PVyXf!D*f zX=Xl8h42cX^+fBNZM3xKre?G>EY|*oH2pNi(2PS$OEV6;sjr(srD?{uhL)ZQGWZ6M zyY&y(mM!&7eO7fi3syjefMH@%zhr5MRL{dgqow;1J;O+3u(@oT#pt?5W-AS=HroHM-+5=EPEhjwXT4z3anoB8_Abl$qiSeOEynaD|4V@yKA; za0_r0;TbDF6PTcmkoGn==_#j2oo@vNm~ODUg6~!sA_kh@+zD3U=Ucm?7|5Ysqzoy6 zY-BWd3{T41Sm48w?}X~LY=-Y9iidV+2{1M}`%~MBj0{>)-Ax|}ekh2JB=9Re{{Vp| z6jO`9bb`QSKPtG7CT01L$d63eP`C8IMju=Rw*T#p*6^Gd%RwQl`#%E`wy8fiX*sZuGQY`np*!u1IDIK%CpArs`fhAP1# z3Q6~jsBKJREGQX7thu?)aujK=G`+A=Gl$(7*iK3i%OHeP@fZ?^O2k0 zEPAD^AMz=B?~}V6@sb{77oDG=5<2=!e~+qq%t-HV)G^q;nzwgT0oN=Usr~mJ3g&75 zd{9#>OhD36StiVqFLeVG#ds8IG37$xSLitIzrU_X39;f0bH-L>G3s3;bQm1@Jk7_I37aUnw3wU>c|i&XjA2kK32P8hrq-jOm|NyqJvSG zOy&n6NI0;#_U1qWU-Byl9FM;3g=5x5mgE=cP|W|Bo*Smp|a7^9C5+oqMf1t)_dN+qG>UjewCG9 zz%LO3i_3TM7YJ0oPs95xO<<+LoG5tgh(#5sUmQZ&#^mC zAey<)U($b>LyWPwZ9q3WGFdTQuf|WC$QU&4#SNKHjGSm72pLCz&UXPGa_%X=NpL5z zjH&q?Kzc;?!>TmUA>lRp%&;0zunMU=|9^f|GBt~y8S2Pc;*Ms++mA~Vedi_qdz3Ur zrS={8sGrD!(Q062RXVc7&?w|V6qO*D@(*VKu#pDB$l-^8rHMRj&xzS#9BV9?a(+Df zx!&yEy8v?EA^5%sz0W8Tb`_AW%LiMv1(s3rE>PRo9~Y^6RQ?5pBxRwW&W!(a7|#(| z;D+zXy;k&dFm7iLz96JvA;v^G7(gmaoBZfv{#yj}D>83bz&a54+#4PL`M&;%f@HxS z@NM0_bhIHK>>1VRN5}X^$52*A!Jrc@eQG~aYU1A1kCb=AvcYt=VMLR(@X{WNpVs~* z&pN6?JC>b+lkz?MgpQNUic`_uiq9ljxa4`}|K&DuJca8>7g}rZKc0H~yVI7_G`ZpA zw7E_>*q)y()52lCb5KTC#xhUYwY&%a5%Sy_V0oj<5X1tBrINMPFNxAkB(0V{%o+J) zFlIcb-&x88zqs+vIE5^6H`BMrk?p7^^rBY%EgJ+oeV35_mv_#n-M%wT(CX?7EB6d1 zlxgXib=ofB>$%OQO|2+F9&vhD(5f6OY6(lL*U46RXFx-w@JK!~>8ZZe^fk|2%FKQ; z62!1VRCOG(!hX}str!zSBoU$YM!$W;+F+&|)%M@!Rqb3^2z*x)y<@z-hrEzd&S{Kjy87vgxdq15 z)oDAiMsrwzC^kG2M)LMcku&^JD|UaGdtpKzejYGw)_r!oR`uM$IyB`e9VDr7Z97fd zD=%|fv9;~1Z7FsI+Gte`Biu57u74*wyE|{0)3-_;q1ft+x`(JRPSNJ>ri9gS!w=Hq zjAQPXcK{T9C$x%WdcoR>4zRei-~J%L3JK^0Mxng8s(zI%U{y=mQr3T4<~8a8@Lh~v z{*X0TMc~b;=c2xX#2!Kdtne{>8sq$lI8||uobQDD_@$X1;EV{)1RMetMh%b-p`?lY(m)rp`L*b5fp;E-t+y1){`t5WGn~J z{@q{|@Du*J3w)m4x6bvfw&Rvh{@ym{I|2#i%MbTUp|btNuh481^L9zwaf*ieOQVaW zNJ|1OPZPxD!YEbci!cst=-YtW!Fwbv>8ilh-Ye_h86XAreV@Fmm{^n61pakJN7?w$ z>OKKq9YhE4_q&3&>li6R`2UBSI{OK{LV>^c@-F5-7Ux{!be;Qa&y|D-{__<|0}HDd zQCpIqi{+bdfJ>Zdsw)mj!5jp!1 zubm=k_!e0o(27`_a8DA+sOsd>PPISZ6aFAE0vN2UCHet(JKhuC^|7-t?qZklHsb%e z>1Gt*W=#PNesE2C;-~{`9Ups^;=P34;&nLUU|!nS6hs(p@c#tjxd)+gMCI1v<%wPs z!GFryeO=}FbDO)8-vHfG-rtd36Y~lIOpvk%{$PZP<1MFW&n3b`WH{?Hm%0lkd7r@E z|IbfND~orx5T-6+*AvPyE<;;a@p|d!|8!A21iH4As4+3LvAc@oqeSYzH2db_l3s#YLYf%oJOe=9z}DyHn<~2-3*!ZMT)whAfQu&s&$#dnv#oSu2$s(r2ht&d zQPCZc6GO-u=cMqBJ==fjWUqIRS-grtS^diTkk9|eo#%oC_Qr5$(F#TulXy=vdjD(x zkKnxWfp6cJJ)j9jPZnn=F~2vF>Ug^=P--2uQJ&*aS==m2R<4O{nRE6iLyfM|&FyDb+0XO6FQ_V#vuw^n0PCDgFN8##GBV^RgxXES_YY4dY& zb%~FQ4bFLG2=t%{@ZYBj861Aut`%r)AaqqPe)HfKH1hWTtpSUP<;mPYo;tTW{(fQm zvsZdmhkshOh+q*UGKRLL;pHyiPI8P+%5i`(MtXGoSk_HNqW07Uyb)63C5TRn1Ub&t z;g$;-g5G`|6df6K+&|XQ7r88GyD4(rz<0PiUBSxKDzM9FGCoqX`W#v~Pd2Y|-?td( zt(!^d8PUio*?2pf1!L%Ja%TF(Q1arUb)Rhp2l{Cm`7)Ghs=)4QvCkA{Jhx#6cv+gf zIqh1WG45IG(Gguo38IyxiWAy>`d+yM3GlkF^nmWJye@6rBO=|q>{_&_5c=GmmRple z`cQ?01(A_(BB-BxxjQzDXq|SQHS=t0nOoXtUe_*n6K4b~Nu^b!f$x~T4ElAD6?sx% zCRL!GyEzi8xPHQ|KGtYp%|J>u%OvR?6@Io4Avn0jI|E^3w6|`X zgAnttw`F}@&h4)hh3U6qg4*8FQH_wbLp~;G%??uM{q%ssxHx%=d}u`sf&xyf+#S~o z7GvzZ#X@#-Lz*0#fvz41M43QWA5p#sdlpK!k9b(JBRae5TCrBzS0#v?D^s;GptCRZ zJ$);gJuR`TQ{^R7&%kYjn7MeOOwXG$Smnh+0FKDinAH6wzF0VPB#YqB{`V^jh&KRJ z5z(6}dKr*88}mI6AWaPi-T!A01O1r*i~`b*WQls;$_lang8xTPCjhgBkb1Ak^?Ly# zorZmrAo`;$Y>`vAf$R8U^H)Z%MZzW*U;%$=p$A-17Ex+}J-XWbVRX3`q{ZN7TxHpt zvN5cw(cAZAzbD~uO%b3fS!^Lz4|P1{1Tb=E+rZKC@2o;g=wncXW73gxN zuaE0)8x=HXSGsCeN_=r4wj3~;9M7?*Im%*LG&{6f1}?w11E(J+aNa8IuKN2v%s!FF z`kp3K*RzU`2g{(Cvv%V&)n(`^Z2`XJp$UOXm}te@BEyC!lYrBvj3q*pdD3IOupC>5 zq{Da9#xT|Z)^>lqEm1$lU}<9y&D#%w4GF4COL_txkF23Q<>ul@S_YiNY?ql1d zb_Xz>`%rvFuM&qZIeL?+2$^jOae8Qb$w5)$llyGjki-^(IK<7E}>`9 zODI_tP6(mR3mBK;o810pY=MFmI<{xpjfkegs(y~ML7n<2PeS>BR&+C|L%K) zBYym*k9G2uv@#b&??`UEY!=2lJNC*V{H1W*BC@Gz`FLZ@hpXlvKS}0(df;`da+lf7C;RVsp2!QFP5pM;;wc`uYW}r z*8`dsw`lgi)}tsCV1#0mZa7^^EyotgYjkl2h8AWqb2}!Ip(M}UGeqf8JQ`g|s(>c|IUL zhy5r3GFo*&0jRZQ>1!ulHtS$ik+Y)K5w>>bCLrl9yaSX`n1n{U_n4Kd3XvZ+SVi)V3gcEGp%jvn1+0_wWKmpwC1MuPTy%i*z#5BZQ<}ciH@L{6ToKL{YjCXI1*8_sxXdjBw^Lq~>)EXTQgRgZ|1Fi-L@i_BbvsAz2cC)_!Yd z?8TMDSr}dICF-Gv=MBGPU`ql4KnPgM@FM5=N_(I9Hr>*M977k^!oDe5RTHSC>;7tT zhZW(PGq{4?Pnf2C!H+y=<%v63gUzbCRFb#X4o78m7StISY?|`x0op=Kk==L%du%PB z?(~`G5;EOMoxRAV`ZzUKy6tmZ_ZPGaly;PBRESC40z8H>mw-m_aF?dZ9Uuc^<)4V{ zTamb5L2o|yRkx0`!Ctit$qxZyk6E&J@WnQZI`4apSfH+ZQ4nB5?CX!E%v@zI{L3`H zM|!j8$z-5Ks>WukJln1^Z*Dp=XZdG>-MjP7ZLUfUqU?HP#?NjJVA1iPf0+4H>;=Qq zanl6fTy8lj$re(8fd^uSQ{#ovD`+^XJ;|1NuF6;c%QXHct-*xE^g;P!&|GlT#c989 z29^}q*?4`q4aMqMGcEzXSdR}-s47TXc36X3n|RIp-5mraN}J9S!()GwRozg(jFH?D zZ!#r`SxqIe!dA+DSCBtRqXRL&WFie~{Gy5eYBEPBZrb0CZqb}s~vDC+`E!Lkj9o`7eea-n5&{vsn@BA|5tA_8{kkKx_ z?+!kr+mc|W`w+I)=(V%S%z)P8ltt@^4ma`1lokH8aIrL3#n`3>yP#bmRyfF1Kn5{E zJC1n0#Y$i6btxI>cDXV@i(60+3WT(`M{A2Jn3P<<9JW-Tf9KTI23^lGR;XmBfi(}gPa{~_5-OC)~o-m{q*3S zG7i{^L@+0_se|;FTacV8XVER&?l%MuuX~2c8L4ir*Sr`u0LFu9+MgLpB9*%3E)M}i z0cB{)iVFR4vbw=s#lbF*<<>K-IqlM$)8#tmepPtih^Rrc78L$SdKj*YAy=3<_4`E`sCmqSGYe(si` zdj@M<{!bUX^3AGiRoP;@%;osj*9?|a3q52JKj+dS!ev~1zCFfs>C@@f=`t74nc1O2 zBvp%MhsN~RBbl}}F!(#q_PFSNxXix4h{IWw5gQPd5d)tMrvs7!{~OSC;(^flwwvcv zC4M?Tc2oWoY%T@Nb@Hdx(x^9Di#$fhE)ML`&mwe1Si;QicG!!sb))RnsTY3_sd3se zN*hN-zHYRbw-}b`JJkKKm9I6-?h<_m+hN{2V%U9lN`go|Zv->S>XI@)P9{8$OCHl8 z^x-`#btL#3G|7gs5*SJ~2yBKKt?&I@sq7OLoi{?K`t>e`@r{s2I@~a|t)8G+jhf+; zULD**cIMHi(i>eNH^wmYW}Xpt0fJX+StCFP+fl)_NMZ{O57*=zSXoyP{ z8$Iq>oitT-z$?XzPKfY!wTLnEWoDs~k-#VPbjqwg(mW>#><4t3L$YCF5mApzjdx*^^ej{n%B2&G>Y_3B;s!k39H}5r<$i1o; zsrX*bKAS_n#|GC9lYC)cf?qQR;#i^zWPNSQIQ-=?_wPIHrE_^+X#%9*)Zk?r!KIv1 z)z&Zi$&P9IvO!sMznE9kUl)tqp}S#iJQcNaEB}r=xPc1L=lbYUE$}S7K|E`hH~$e3 zivPTb6!nZ;uR6rB1>5fsBr;p!isy;M)@xFC^G(6&<^jTYkS^mUG8BpD_O$GJliE3&jP^+CpJT!QfMI#@f zAVgJLG8_(Mw`gB#B+STCv9#e;z7~%BCCLmOlsGwv{BQ!u6bZ6+Pdv``!)||B3(5Ui zlPs-}1wNsg6vERX;3wXZ?(?`z{|3S_QJil{Au2Ql>S7Hox73ievZv7i+ZYLn;V06l zWBULr?k}|=Y%T1Z8)gUC#l=|^YAVXT7%Ky`!0i?~b;|6M%Or0`_`6a9TRQIufb+A8 zpRHt<1Dn8c+7d5p9qm&?<;7LB(N!5K`zBD4jD;o-0+eVj;S=$qhSmVlv4;tbs>XN! z01bkHO%(Duyn%5Y4wDiR25$7xi6xs9;=CDHRf|d!vR*otFOYLc9G--9rxtplDv52W z%F&QIb8J~}Be;ds#wUD+P9UDGD|yXJFq+#8Q_3o{fao9GJ!FjTgi26e;IcbZyx2Qs z*A2gSiVX$I0d%bNh*Dnw2*-cR!3!j{3V5P=XGsslnE8c}$!DpL7@y{S4Tu!+1(2uf ztJ0H*4j_!;;O0TWSuv59z!Av+A;AlO$IpvS*fIpB11-dZ&x0i~rG0xp1q#0jljd|( zZ4AL5@%-Q}m$tEBm0Bkh>=fCx`q{H=4cc+A=u_(pPRd^_qbBIY#oQ}JDChhxrTT>M zAI+;-nmY?c3p?n`S(wz>FAPD-)YyBJDm}lM8}Obt7n6i~(F70pdmfMjyOXzoSOKbFw@$Td~r}g?6G>j(?{*_Ro(?Lm>10R5%3z_Z` zz;uNf#XUnaXW64P$iMsJ&H3G6Hp13|XJ+>kQ_2#-p^`fWWlbj1-+EOTddcFFPOI-< zFn_b0cyllmte&0~T%k-}j{k>RPbe0mNsrl7Eq(=E3IR74_k6|Pd=n3i!rHt{@jyKSRxox1HP8P zayCbfadc6Rba?0Ll3$)oE{p`9j<|I*uObw#R~~YIa@jpJgsZR8pjH!0R5zOp+(bOa zb0K5ZaEtOe1v;;U-@F%64Z#Z1P(_^Elh|4e@207y%0S-!sdh$9)kjRsnY+o7$$Jy+Zi%IpL|Y zOF0<>;d8NQo)dff%UDm*xO)j~GkYLPBBq2*3(4{ee~Wji)Lv@!-ag(8XxhSf)qMj@ zzK|_K)fQ$0^`Z9(u~uFC67St%GO|ajSI>y{v~3oGu&5{r;d{JZ+c99{Yc=wKuaE*} zgF}CR}a*lmc1miCAQdYLv)@Q%DN2(@LkYQ zx_-obTb3&|6Z2-dT(sJOs7j#QO5w)b;4|&_y(N7NH`Hz{g1IT5a+|SbB$cIYuL1>; z$9!y?qR1TiVKY6_<5!;+-8}adPJ^aJ@8%?EuC}{dBujk!N^@R!QK~)DrAch^Rxv@n z-hto8F(N%*T>l{a#cvd{S*({3{mhq^FD{Ill8t*(=OT(Kw3@m_^~O!~DSpjGRlXhZ z(mcMw(-$slF&bZI?Zlc$nd%K1KU$E7Hw%y!yARm%WqN#Lor0T7ZR42~lm~eRcXxes z+Ehg}g1#qHQ;Fu4mZVAdlB+$U;pbM>W)3rzlUVe;UrWf8J?$ReDsI>6HFZlH?ll84 z;Z6nI#!aLiHe(RsmdV4U8y03JBWu>0C2tK`ni^z8t!1!HjMR=p==pu%`#kbS1iw|o zh|-3%wbw|VUJvXw)~B(B4CHf3Xt3WzJ;^rkfVt(_B~^nV3eOgM15cAWd$zM80SZs2sf5%j*}V6Ynu{y<-**9cLSU@w@A3AULz(3h)B%vmW3#>$#JjomB|=? z=!+JCrcCw8g;5%3gJr#!;p*<8y~a|~x%>+C{~v8{85i}oJ^mjB36WMpx zRE(h=kQ5j|Iu!;O98zQeDG5Q2fI|pK%1|ODpmazpLk&pRe-EB}&$-`w&%F0&mXd@H#tZ7Kt8&0o8PisXj`(dawVTaVJT z1!%LX#4ZbjIcHkJVNp%eS;$Tsg~m%8rC5 zInCsG2)=BoiCAa5YzFHIRy*b8FSX-j)9BleKI7#C2in}8hDh;HvYOm+Jv+`CF`7h{ z`-!x%rwcKe^=@TQa{Q$7NhGa z&^GjLl4`(ngcQAav5h*f!sbel0xQ|W?Y{U#<{-(foX?`Gh!z{-olm#Nbcl{SFB=-) z?~MI)xrdt5zKU~FQC#4NZDL?dM)k{6c%8J`+7~w>z9PjjrzKk&3T&-h)EO3>Ylskx z-0flBvebmP@;L!Gm0W!Z#;~(`FvUc9{ReG^_mPbR>1ScZJ7s~NbeiWgG0GtECaI&xl=GzUPh9x#W06GD1V>6qVo5b& zq;FLO)izA&<4UxnW*&ODlyZJ-Sfs>PQ7%zG>jp2AXl+*_@Ts=?b6K%-w-Y-*T%ksQWXvPG*;E!rUV?d$8KtCJ*b2)favMRInv}=UO|Cy2pA~}Xj1-g@)!lcf z2t{Sem6s-ZUUE?=p{ctdig-<2=fCqz@|(BMOPgAm>GMHdwQ!grnbt0LR4Slfm3|BZap!6{>pR)n}LsZrU zimCpKS+gM9Rd$UBsfL)3J7Z-$`b{Z|Ch&fng#|0^W)rUw^4=A8ATm zx2UBccpXY|HzlV0Qyo*m+D{yk_gWrYg-MvnQIl(ZF1tdSZK!oV)O~%f=Q9y_g{3Yg zc7v){MqBSGtT%}|7iIPBw?&Uz-SOYcXzP0EQkX>OY}z=Fm+VwJ>NktvHsCht;eGOtOAuHkbB#dD%k@bZtB zS0iDKF`5Zdo2&MIfmQu&o}1JK*SSg=Q9vLV>!%2+bbLaqiOV~TTmUGhE>J-|lMn*v zK6#;j@<^CK=~^N@K=fKH$hQUcc}=`pne84Bo*qvEZ_}5z4$rue9mu)UnUiqR|WP^o&~pE?;aUSbie;j^!;+2@MwiC z9C6fQd7!b?aJ+roZE?IexW8s(pges1Y5`(rC(q>z9;n-Zq8=5p%4P3d#^vF^ilBif z$7tQ@;KhW@pG7He1LlMebxlQuQ6Q;QqyMEvOut>tl9&vBbev%Rj9X8lhSJIiexC*m zHpTB{^LI6kdChs-ni1Zc3;6Z-lyGkE@}FGg+}xpeuhZ!{w! zzsP))EznjmY*puQO!sU}%Pg%qD=O;l1w`-btFkkMdIRCF zCccSXyEFN+E$gOBvCpAw=la}8qs$ep-28!4k2egTAD^CqeFFgqQ?Kbr0YAJ?;~B=C zfwo5>$Y!$Guvd(U113MzXI~{*yb!Uh9~%s_5essw2=W?Warhi?rBAXm4 zraSRE$Bacr@d1-a%2Gm>22#_6-GNny(q`&NL-#@E(fxkONG&e+DvHqjqS-T{DOaDW zERLUN2WMqz*EfA7dGgPLGAtg^xD_8v(Iz^ zg3SCo;!^h4>TkEKm6kOpBD+#$?Eu57riWB^#JhHe&7%C-DqzR)?8kx<4m6L-zf}nl zQ4TV*-kmRBeAUe4d0wS0@JaPk9~2J985Ov`%c0IA5*roDt}0t0yHIv{>n8Gi0R_Jd zYZPj}$TGLjWjk+$@D6sedHmQJ-l6=nk$SJVrGHHSAWEvIv)fDd9xmpAW2^23ff^t1 z%vb9W|M}TZ5OlnhD@QHsmX^ro-3vR-WH6w9_3eBgtr~Wm6aD_t2cP_<*Eunt2(KxZ z$^_EC(4iR3J#KD+G9`nVI6@q6l+=7&&6WFmVRwfi!$o z+A#~-ovWWP4+7Wyqo=~fYd-+ZEwgh1lw;mIY~4IHquJe+;9=$8NMR8NDlNl5fhUf# z4?sn@myB5Cbql6F(Az@I1Z@l1Ac)lsc+YW^JKpgse{(!Z*&xPtVOqrqzopcs!!)fq zxllwERFNfCEIs`5^edWiZ8JGk6ay>cSC;NNgQeg?q*UIR`1*JV!Dqg5eAv|$#*)W@ zV~E1LxFzL|f0yu&3}Mi9nMDL{f#@fAy`H>;Hg&-}lv!r<8MP^qJ(3NoOYWzcz{hx- zbr6x6k3=OtxPG{+GIfpT$e%7d7Ol0&;0B6NAe;zp5p2Td3E!YcAu9qYEfHxRY3^&| zHFxLUuKfGH$foVu1*P_CS{6?Z+Upcu;6<&_F@N>j{j8(W%b1r(H32YIQuE}tD_QNM zi?y%1Q&*aJCySUVG=;6DiVctU;T?)Q4&Sf(t~bPM=ncqCxSDmX0QIK&{FEELXht!E z_b}HdKex59+u9v2+$-VBnJPjx7*HTSCmlZj0&7YP_n`g8_2E?-u6~c$c!W zvSF2m70)BhVEo>u1=(lp2BGf9ekkBUWJO-LV;Oftg@158OPoqB=`ZfvlNI52vvmP+ z)ONhXQM7k#3YZ7=XAZdqVqWVq#2j|79vEyHf-)n+cMPst%prLD|4~`UM3X5bwz7rZ zvxx;L%155wUw^+-KQ}(;yBPd>Tf>68dJRiaho_^(ok0Fb**tD+wFMuvQLK-3R~bkY z2TDOkxniX7+{9{y$Xe_ zwB0?gy2x$%VC)H{y;om(vAc?cRM~dpcxe+$3Y~ibV~MIb+kSbkBwm#LFqYU z%{C%d>`Zu%mwJvm2f11exYw9WBR|e+h_fSIs_?BER&>?@;yBp=JZhLw4k(N+TjnNs zp)y54C0M8zKk|Gb->oQiii>+@;QE{6}ODq4fA;7UHxETzPSZi(ojd9p;WU}+7VNY0v{mWtlFl0uMNk|%WKtw-V zM&)E6c;qi87jGj*+k2^l=pwdxOTnPkZHi(&TUdrzXgXnnu3LwmSkPBcUj4&F5c)C1 zMml4Slx5|iUzsTqHY2KioUPUnt&+CJt@^MqwMM7@M>O2&%AMBI!zqrVtY8ZC0B^97 zr>1VVQRd#4Gc!{eAbxL`UtMmmqk2w!zN@tkui7H-Ju@G!uY3EFm}kl(tHrwxf-9%y zGJR4=8nu%ozztFZPlw2@>E#)EtwnZ2`9-%rN3ZsqSp$XTS=O%*w*&+E%h zB#(d3lQj#jv)r1Wf9vhF?_6mkTfJHSsb+6`V>eAtKk#^e@>oRRQt+8JM`)FG2^CoWTmDyI+7xz_<5BOwA4N zDADPW=z*r3SmhD#g_iI~fk2O^0aTjU!z(ZoZbC?Re}K{DU<^u#=~uYaGl@aWm=U>k zinOu*Gb9}>^8_$Qf_bPYB@6#&JiWe9({5>7LVgnrRMov-GSp4*86= zFYn}wn>@4kROjWUD)MB_;fwOqyeCt%*es={HxaPW6{Po#FL;6(b1gc**bOJRKYjPEf<>Ewkhq%lyGM@lwgfJAF2W$uv)X>k#G*S!HBjn zChsu~i)#N`Bp2j8bN@wa%{RO=LhpO~{F?IbEJ=wE5ik?`1N;*gwF1_Qu9-M68MS8` zhRgTLVc1>|~VjB0$d5!PABG)eSSz<9y(A)iqI%K@~sO{_B+fVV za~Wa9E1yN!8?Na;oE5gfpFQr-LU6ar-u*G6DZWy+JwegT2A|=EM5>w1(^KGWBSIA&Q z(ZrBh_(y)sOE#x46IO)c85Aa4qu#cVKo2Z!OiG_wwS|efxtUnswoyt6;t@vJvv*5y zNeV~TWGReLXjvq?PWQ(8qw=EYXEZ-{O*W8CxkQy$yO!m?`q6Xr(=bq&Pecc)dpu3d zP$x$_+9f+aJHsCEkt>K((OP8gz5um}NRP_#L9p7(n@K)v_nFREPe7Fb^Jut+O8#S| z+$~EQ2c(7+F^~Ct@bPwV<}#>h2H0I7Y##irP4QM6q`MN>TT28nIvo8JmFYj+VX>9I z%c`djs?rAOGLwWLqb#}C=dlNuX`=$xD>Myh zzSwP$P35b0=sz2}w;IK;Q-zaUDfLKNT)Z5Q7vSj>)56~}PbK=%=dtfx8LnkhoH~*;pONC@1Su2%P(+jeNC=Pr@YNh~D3^avg*O2yb%tnR(6j zF8p@T>b8l9M(}|^@U*F`J)bJs=azQV`7vz?6Zd5IvW1-9fYDf4mq7kzb$4L%9c1{s z?((VezcwtlsQ<|)hA#^7Fr8dd=gaP@erJ7C$6Ia_c~>{dU~5h+c$j6wyJ{1m0;sve z0R6xtM!b7w=8eVX?~|;4-?M_xd#QMW>eI&}<0E8RVAne>__KvmeZ#}69=3r8UNoA# zCf-V!s?!~0U;K}!vvOAz@!)pK0Y*rZbTX$M7bpvF$!i&zlyGy@5on2z?@zH#9fqaJYo@oRD zCVkWoiHcPF4XWspr?=`Udu%$^m6#-m7PCA$9+R;O@dYUh88eH+Y5@_?B4SO=$5qRX z1C4nvrE^`fR=eN2^%YQj_W?~g^APZ7@Y!phw`(Jc7qlh;@?-g;7w!rmiXG~zlj(w4 zD#x~5{vh{hL2=8M_SpBDt(Y)J8HkY}h1U6GPf0 zmzv1t$hSMrb|#jo5M^iN2a_aA_C7|Xmw*65mIm-a3mfDY=o7#ci{H1RK23s(mhf@8 z_l@hrTrO*4yhWQxmnIdIMeYZhmzH~dNwtDkS?>dmP9+CUvl@(y8oPdx@gA9pn9B6x z$Kc*RdumaXI-f}5&4+xN0eNHFHCTm1__&3T-DNa% zhvJy77ufj}CQGAr>dm90>X&D-+Sj#$m_j3WK%j$*jP~hA-puC9*1G`z6&`#ohV+eh z9nKsSSy8`6^QfC9cULxp*1tZYwUd^b9<#}WcYgibkMDd}xe%}Ey?KIO(4&tvP+fOc zG@tg`v<0X68aJ9a`m{%gsvhyU$oiGl0C-E$il$EOkapRHHuB%p`K%|XuFTQ|&x`}x zk<>|LoWFFJgnoyoo?)s@NMogqbQ)CQ?;j>vg|3x#exOjzhNXk2ie;iJ(L(7IXxo zmHHS}rzHdLCeQ%KQM%Q6hHjp54d0i*${a5vChR75ySprP(SeO4!V)E&yxOf88Y0c_cY{jFl&(%FpT~x$t_1`vbv4#wif60_M z-(q)?{VAJvRS|iY#pUxDjjvIftPAb)C|W@5xY$|ECxLq=UFM276|%09_S?7cE?tGU z0WHEu8z9~ocpcz%oOgi}Yrm?0uy}kK7_@$q058A#jU`U8meq4M{s=`9@bTCjc(o4U z{-dMy2YIr!Q_X~=T`^E}vPvMli(+bV{Z@4&EwWZ!eOqSo<7~}yKxcO`C)(Xxt(iAx zv%4<*`@7tU6)a8m*0-=V4W=?mu_pYFT+j~XTe2EPF#gsAVA6hrr(@D)NIphCXW=(; zDNG)}aj5^5S+)zR*Q&|L51;GP01ETKj+u51T+3%0x)nD%7sAZX-i!gPnTh$~Ps7&p zc5kMdC%5idxV4Dc2QD-|tu_?4H9IcS9bIf7*Db3$D(jpKvVRo-YL*|$tOic*9}G={ zu<%SAhLCP-RqJNuI!XvXHgyNR?~PP*c^1HJb4@q8>>&C%gRaR#AD-<-QjX3b0D{~D zmeI|PKrE27^!j~;B~2u_oTmBWh&&o=_5$}rDkt^?vwKZ0ZDc<~`_U)59m>v>X-yuk zcps{L1$PYV<8(a}Wy|C0LHt)lVABdA*SUR)Ab6{UOf{7~aN^VVw<;T!+q8pl0P5~j zFs&@W4i1(wyf&%~q?vZMY+Jc+%y$iMA1_ZHkQN!rO%YFC-`xW!p(lhRAx5o3(W?-6 z9v%LsN5Ofl3jc!OcRQZ5O2YbLu^ zyt5NTRZKjYfG3^2%}$He^GgnV9Nu8L43c#78-9XI=S^)*VA7OE2Jko|Ay}(kn%WwqlZQiTsp8Az?gpc`_GQPvFzo z+2+gYK%YM8KQC|zByv1}4F)6>?-Ld%BOY_U>7|gt?QSzJb-qdNkjN!1LZ<8pD*wrM%~ecrRV{$Q$wgsP}x^(DMK?E|O654UOV`Nw+sQY*lQg0W5$Q!q~TL zwY<<`W;e2onCl!H#G3h6llREmKecu`!7()!?{W_Yrc~YeMY&-*n;;6YlUbDvj+dup zuq=e|U`(bAUUxYisS6j!&dk8cDyk0VE5~Q^l6K1VzQlKT&Re?Z?A!HBO0MP=O3iP( zJC7wG;&xpaLv-yHU#a&ZD-OGU<$%4J$gBqiWgrt@~K_YtSc( zEa?MZPyN{T=g|0@rs>cWv7>0yqJ(Z5YhM_7y+*=j{T$qF*B7=xoB?x7p6|j^_NApL zSXppZ48YI!hwWc?hL8F_3hBdI!G;}of68Q5(B^-oc4}z)1$!c?nMavz6L3Q(I2E*h&aqFfiR4^X)3{ugzwFyN zBPh0W>=|7}c~J}FD0+=ecchd~X8dc#Y{c9JK4%*pQ}a)@vNanPLj&mYlxMaa*zk7wlw(rG+bF;>qKGwU;VJeQN5EIOWymxwNehx zT`~mOaMOU6@U4_UH5zhQe0jyrnEBzZiCw{FiIR2Z8xyq2q@wBNnNPNDH}q7`MW)Pk zfL&1k$8WRcddqo5UO(`q(BN;TiNh>${A09a+&7IURC~!K?t}mT&%Q!(5ebDgVbkZvHW|O6>R36qUu+&78?TM9sFfF}|jZ zJwzK$D5f*I5z;g%ot5?ZCYmKz~_VN0O)n-i1Nnl z3=GjSJ813EHd-+bkSETcMGUs(#%Dc}6sF{&d&7bNckO!hmmd~Mn6%sf*6=M6^uXnG zMw_|{=zN&XSB8!u`J$$ET$a(GuTvHiX-wpG0qF(6CL^;&i-CRr=XpTJ)9DHk(FaEr zNN16!w?ZW^qmni@N-%oSCFO^&5U;v;98*@&v98A0#ui6)7b2Tj`xrsA|QLLYvoS)ko7Rg2BA1Is_fT;^pV->T>CFd7MnFzK% zvBvhLDEms^)P`=wO71h?&Hxrbvvwq(u^UB;oGUl%Jr{9gm9x13$%8jbZ-ARiiCyAaonx^y6@bRV$vG;N_58md4T-u&&fLU=m2pg zFi@aM0Ke^*D!EhQ-};*fAikL#=)8mhXxc_=rsu6Gn`L98;FiEw90Qv<3;d8>7DE64 z2{o^!LvP;tW2m?J=mJ7ZpW9z@+;Z047xQ-dpw+R<&KJB|qOvn2%L5{F!nRxYk?Je(?*zjjSn9L_v#N_$|P~issPC~LKBIP_-L*6 z{oTF@PxwnUnpW<3q3oXd4H(nD9=UEFy8h6muW($er=7^ndEWv^u6Z2$-Kv&bSa-T% zZisI-v;KctON~x-=Go&HpgMtdS0*Fr` z4t`M|DxVW}Tkky3_26Q4qU%q_S2+Ck{ERpv|K0iZQO(xN-0CTn&i1_!ZiurUFW#7+ z(*I_}TrK87`YW}u02FWe!xqTHEGAsYPfT%xgEY){5IllSCLB`$Wc;Pb3CGmj)|z=H z$tIbUK1KuaDmpW2a<9U}YU<JmkScf~hxP?V~enKR6*JOo+*j z1-rlz%}c8c=<98Ay(#23X7an&rzH~WUx#s>{Z(wTn&yE+PA&M7a5byPt%sFP1BMEi z0&Xu=lOD~opyK@?mzXPrdWzI7Xu~)7g%kyj7qT(>F2`Q+<_plq7Y$CFQ`UEII=QuX zuMtisfDc7@9_r_icVO(x=@ATKG4TDTly2m?@vCPm?_Qt2kVW_@SeTb^mu2a9j%thC z-}CY9B-%wd+X^;wb{WgBPHPpE-$i%0#)>n2f$i&=H!z&0E#Gyo; zSCv&IBi~yM??zK zICSe5Ig!Hw{PASe8_?1ZlH=6f;WPM+(NZUC2?cUp?1nYOp?3@(RH309c$0;a5lwbQ znT7&yNw>uEfF^kQ$xiui>#3qhl{p&gj&rr)JEJyNN8Bj5#k(kUD|F{#6`>PGlRVZ9 zTjXb@kOYdQDoC97zom@1SJp!@m1;CK|Aum-x4@8QSOzj0$a{1qXIyy6LY>K$!`U$K zC+qaSG20(|uyYJomiTfF+G;*jxcc+14?6`&fmZdI(i=Y4`lh+L!8pWc>}85HyJ~MgqZO zvJq_d*ynwE*vZb@MHCQu>+Lp{+KN2c-B)wML$?pk=WO;8XYG3Tby3_JFkMXyYavjz zZVXQP0JzEPm3==h81TWABj#R9Db(#y77fp-P(Mm%&SKCNy({WiXoRwvaBIdnDO15K z$8=Gzm`7W%l5i(dH)zlwy+(4*k@{Z_5DQYIBJv-K4Xl5s*ym@T9qZ`?KT>L7pO$vk zOqfYieuk!N@eT-pJkvO z^oVngq$mOPtAFpO8YMlNt-(K#fNQ0~KC3JvUub#Z*}XLLous4IsmX6X(i+1iHq$($ z>{FKJyFb83V=K0a5j`$7JlOIHYN+U*E{$gBKz(3RnrY+=)K?OcM7mQs|mi2=rCqa*&v2h>A_dZ8cg@y0cl_ak}q7ew)-p z*~o3rrnqo=QgDELo1@Tr&)`Xs3lHS@Bl9$*m6#v&jnhzPb$k31X`Lx>dXyA~?Dom@ zg$+|xlo>KJ@9uzb*tw!-W&Qc(PPTg_lkN^38unF~=OPs+7}eeeDyXZRNtK<7Fn(x#6E^ISF2RL$ z-?|gL&|;$?9DMOLX8G9X-yeLwrS9Y8FHau>=-Ur$xn3)l zrH(7fL1jNRFH_$om7hk;jmTh2M=O>GOsn*N7*vY7QFNfRtD84qoo%*7IcQA*es$C{BffGr&AiL#)}TvTI&^|H0Udm{`1EyX40V*V?)dlRF_5V&J9w~) z=YK{{kM;;In=Ibok?G!4DGSoU62tK#qwjY5}PWuOK7Y`2y7wGd2HeJ(>;p!k7U$ub(b*NTYu=>~eZ!CG*Qy#74$y zUoISOSvN%WP+mB^eZxF6jm*yAgkXu7+qwEiZ_$QTp_1%+=Sz(U#z2HM7Qx4%Vb@^3 zy?m*ipS>>c&B^uY)} zt9XnaxT#X*)*DAY77mH5OPNC^K8Xii6{d=Z1~74O_4KsiZ*9o5+!{^BM43WnHfJS{ zKKMCpwPk#%=AM6Qh`n`=5)k(wZPfc?G})5J@3U$#tc$;DNHf%1UrE}IPH=u>yLZ5* z8?@i)yXv=M&i5h#!|FNTVCQQHeX&0N%_hudF?c4BHxT9_OK(#GjiOwK;W^y&p0}R# ztf!ubUB^m>dooN$;gdh8IBejanh0Wpj6Oa=wm0253tTa-n#(;3P31Qpcs5lQ>(o5l zm6@dhWW8dOIp$*Vjt*Yok*dX=o_Q82m~er_3#=b4!TUc1I;+q;qg7 zE4K7Lwqyp?pPVygHt(0YsncOY_7t`c>ICiD%+va9o$}ymnDn`lm~Q}g+!%Mv^iVR(2oNF^O@H{=?T|lrYf2yUe_K7*N||?XzoBRl;Nj>BEDGhLTB9W$1{CKd*+(a7 z>CxRX;eazcGthn>t$bRVA*%vjw)2prLSL`4*wxfFpu|EGhm5XNhcLiU7&E}f0=Z)L z&l2DJkUD3P?MIt?oPaUGE{XdH@y(I$JJ(GR?eRgD9}32qOt!9Li_c0cyLEZjt$-~v z;Q?14#DjxUXzkmBAma)*bb;c9!dh4-fCnjtVfx}*x^0pneQ_87Nz)jD55=|a z#0QJ@a?j4uY9IDwJJW|sxDebVzvKvvJ;xkbISm}UW zFWz-t#{`Z!>OABcAMwyy=+|WRy7*|=z(Z947FiW-Dp)jX#tSQ)B|wHtpa>DHWf=dW=!9Aah{f$C~nS9f$CX>yv}3KrJ*m z{L&jZd1C??v{hbE1hSd}pVNa)>d)yrsk4E1Pg$*7cKfY*Q5W&@Q3HDPC|{|e3=cBh zciCrquq$gks`hsL+EDkB{CbfqfCz_~oE1~$QUpj+;7BDPNt-GcYLX-l0xgg&FqsoO z9$!b~q|AY)Ls#@D?)osnBp6)KXK@dJ1@zd(xexckmKQ?0cMJ2Hz8Y(n*RVWECDy@2 zrpp3K0aO|uH#3Tf8#0DRzlp5Ta6KzS)mBmIa=x>5ZH?IRhu5CH!jBef??r;J=fx4x zCPe%ak=%g$6DPh1N;jXkB4}Tj@w*nu3Ip8wFK#214=sTfDg;#G7rbs85PmWh7CGn1 zH&K)l_94Bj=NN0QkYcK2;6|MlkqbKgAe9)l%Ne!nH7?N{Azu$?2D3iz&S|y&&vn;h zP7ZFpmnuf`kX8JN-8RX6M+UKl1#4K!MQewBU2@&j%7zb~9a;jy^x*CVB@IY;_K(ds zJRccvjS}x1UeAnRN*^xOKUyxTe^&k5CniRheDqaOC}#|L4;1RP-^HV8R#D=b`l5u& z+CR0YEi&3CeE<*y|83?9Wu!hEKWyjyi)24xxd`qLvfobJA8xB9t&{-`VZi$YO^e-` zIOA6P2gs6Y2SxS6Q@6oSAP4`tBF`^W0x7?0V#_80^KCmgZfW@_Nw{8eX56ZJ zM;9&tk)0EJe2GCt!ir3pm~HAR6FB^ok|vVAe$CUO^rP(dUwP|`Dpx4_cssYqWn2Up z3YmVi8GgJBJz_LI%>K(>^9H;uM1)xt67@;qkmR~{{ao5ntVeK#{>h9?Eoik(vlVRx zS%-YXXG?(B6u)FE0+6hSl+pnsj7pmV=cghG^Bw*2g_A{1eYq3TAV3$H zavbbK3k>koR?k86%8L}JI*FR$#DX$z0?xKGlI(Q?^ zCOA0E5-s4P+o5CIp=5m@4XCuvOxDvIcRk1w>mHbVb;p*90?$Kwh(_Gg_?9DTc2nAl z<|NEHZK&Tz!~S*Ni;oEhF+ndNmO1W~y3tMCPaXMhDE6rIg*RMVq?tafN@9-d@2DwI z3&uSGtgVA;>tf!|NcTngr?%4PE}gw z9cFGi@mE)|tfA09z6!a-Mzm_>Ty!(k@onLsA8wm!p1T&o8KuG9zZ1c-D;^aHuA)Y| z9F6uk%z@ov=f^+XL^B^=CITN3>($!~Y(^<|D9q9x`4gRM*gmzOS*83?B;38ahTj zR7Z|*3=V}eba7+*TGi~Ol7@DI#f>b%)I_m>k0jv zl_{VG%(pKdV}?Myia7Wvfz$v*V;F&G47uEHRWhs&JmD!XOdbK0@}fe1-re zShbh(^cLS=rl=xFaGz4BCCQo3c*IAzEIUN4JgV;daV!7f_^^qr%FKZChp~ga`;U;< zrxCm@+LC~Szk!XLlyAL@;3C((H$^&e*d@Ti`K~y1*vrFrD8Rh+u?q{C#Rrnh4Cp=1 zsedjeIftMyEQ={jP^VY+gV9=Fw=2SC9XOBf(1ul*k7Ff|NvvppT?o>i{Zj-3zHx%9 zSB@?C-S;OcKUlD4SAhS3);)leVY-2LNcJP=Q8N+V;nb|GIZf~;s&26GI(8D0om>nd>F_)1crGWSIQ>BNFwR;D`+ z>0Pgy3=l#tg|K)c|Ar)vV=gQ4b zEZkJLPWR^7?mS!}^3BxWDTaOl&#=;0r)<+Q2Wv@nJ$I@{%vdmcsuCr@aen#9?g&vq^4Tz;Gu<2lbF z3YlTJ_BZ~T3l~s;n+&eWl>70n|B!od%U}AsHoSwEJGZt?Rz0*}+QCy4!M_J>+nO)i zz;PM$x89~}4MYv}$`uWL8Y6uQ6;$RT(F+Z;xlTrBYkhYly2MEU;wA{n9Jh7wLs3yB z<&C2Zq!F+gN3dO0( zlVRWb{^bivFzuFh+FgKsT8(;9Mf_I>3p(72K3i-4xO}F0_NS1GpL%k=RN=B-Qy5@C zx5#bbWQ|V5v#&?Ed)8?1}JQ@Mu z(Z3^`E{&d*s0WJo`5BmT^Y6C+`gswqau|B7jM=T=TxGmUi&;wk3CsCP;*`h~ZK8yd=aZt=w__nG2 zD`5VT0p>3h@UfrD6#{r>7r)r0Q>X4BXwRd!vL4mL9XNDk)xOUiKl>ng`g|F6vKnhF zJQ~mT$wvvc>zr)0Rirl{WvHColTXird*ToTXybN&+w^?)k7b4cn(+oc_6e$0O$dZk z`?~mr5*O^bby&cXq6$ZwE-3n=>uimcbSa4%OlaF7!j%kj_}{_-nZ$Zw>SG=m|A%!^ zMou`=LUsn(m?U5h*$@U)$u(uj5l>8HpPYr`L|$^_$JF^R_lxd49ZAIv&XIcjVtlgLn0z_Qyw`n5)Ak!*<8F<>-?J0>(WQ{eyah;W* z_rH%f+IVaqU0LD*DC$>`IN0Wk6KZ~rO}QCXP6CUByN|I2v8 zEU#UMib|4qjQsl;;(wWwe>YVPtotnRLMT8j+uj!fCN~XWa%0YOYh7?7AWK^r$vfhK z?YDeCkZqw9V6N5vMZ%dZZP9Nt&coVM#|q%OF)zZnok(#wxg-K7Is|Z{(SQ@pP4xzl zg?A)Luzf*^$pkZNR^@(oK#d^{K9XynGfbkr zfJRmuh&(|m{!jDgzbyl+2Fw9C;txU<-m#w;G2|V87%@SV?aJ#oV=cd>!9G1^?4ZeA zg%)Ap!2H`SKc@p-A(WzcZol}I#uqOcLVb;~lDp46^5cUHw4Mo#1g^fqN5=3CKi*l1 zn^rqPd{lsj@ze_rJDt4&KFf$@@pq1%;IO!||IJqL!pIE-yXM0BUnjqNoHwx9JFnX7 z8L|QWj}njsGGxN}AdQi)qOah;K-IM8O|OyKy^%q1<46`t{?l=c5>sP9htnHAWIz=} zR$dVhv?GAkbp-Rc|87KmG%#aXLQPpm2n21_%ywqCm}m7r2~i%l^izxSbWBLVVEp!9 z4qS4>YRkesp!@JPw!1*(scMehj9ZmoxA;?6P;G42?Hv4}VnzQ$C*r}AsGhe#|IMHf zbKL*6fli1eKkR)Rt@ruanwZ+bKQ(C6L7wgHiCf5Dbe_KsB*bedkwjKYo z0pP-T#r0sez`Z2)zsT1A`+PyJg!efv9>YXb;Gaic{@Yof%^V}6M?|HT8fX*Ck7gOB zSjl%56`!#M43sVZJYTXPkM(V;^;-04|RI~)&gqg~xz z6sRz_Q8QXw-6rKGr=BWlWg1)m)>rspaZ_gRUR-si_&*Q34{!kgcID}lQp@DKF!SVr z#zdI>Ezb3{L>lDvQLC#sT z(`X(aZ*>zJJj>SG@8Sx1^H{dHxO95^J??i_Ty>SjOc>-+zdPk6tZO@^)Z>@P?%$q{ z5xIxTvAXjpjmd_-#EO4-{Fs!Ch#iTQ&v{)KB){9DB0u@!`}fy5HJ60Te$O~w-S)7X zqoqwrOvJY)(5ApWtR{MrX)&K8ce6mmhJFLeKyqi+VS^GKfg|!gaPjEda2J>_iAf|U z;}i)#ef|E$mc~~_O~)9$f^rec1X_c#23C5EB*GVXhCY-~ZdkMLn+lm>HsboD0``*4 zD2X}(-cvtY-+b6;t_&y5mpJw6&@NC#3OjHr)eC1aI}6vZIX-@{v8*ywZkpi%FU;EvA4Lc_^=66}EbYgGoiXq3>z1!74s-M^> z8-urWX+v7VIhoyq_&L{OLvNO#ZTi8vj}eCq3C|@+~Jeil``8Q;J!#7dx?#$D!h{OXma= zD@3HAZKsV*HP>uM5u+x4(Wg6TDx9BJ6!nyFCeNxkn7(vq^kni0ab}#?dQr$oGLVS9 zAfv3TT*a+zC2z+57B`SGrT%y!6k^K$*6vFx^=yjazyNBHTBT-_e4gy+Kv7mH{zIQ| zrV@#4!(FO8XaA#7$?b-@56^72R5C^Om}({r=U+^ASE&A!?I7y-v745WpU&a0A$lHm zG$s9n`Wk&B{i(P!DHR4xAD(nAG@OZNNXv3v(_?+zf^Zn!A{o7bmJ8-dga0t(#W+3p zs#5M}I4`NcH?LT65n8H@yW3aNNyJ@q!QdrQYOu59T++JOf^&&P>_$l+ok0s_Xn^*_3{BfD*Ps-cQpbxw^9Bmj6 z|MOB;aH2kqp4M<#9g%liv)O2pCVK&SsXM1uz3CFhQt(0YfLbn$VJCcaM4p};l4UV6 z6#)2Hqb(gvcjel|JkQ;lD`XX2D^T!hJFFa?Q2zFSeQkJtp)7fuW@FufrFMo$Wq!Ey zyi2;hIHnTuf_m{&|aT9i>3s=gYx|E{ka8TZP$?UZ0bQBQq~sEto&lz0Os&C3jw zvw8ZjJuv>Zi3+@vusf>- zD-O~rLhgTlsIb9s=8&*Zd4WzC$1zrrLcbv<{Ywufll;C(_*U~JZdhDCY4iK$fw$sl zUi-hl%tZ%YX0h+T{^2Q1l@0lj{`aAHssG=H@X?sJF-H5hF9hE(|07wv*;or_(?47Z z!16r@qC-!jfFum7tpq03)|!6$ba{ivlHxba@c;WxS|EmqW_lLz9+@kpb03yvy3Ot0 z`dq;n(z(3U-7dyuEdCKAfKYoHfv21G>bxla_vu1jZne)(_ZDD_5pO%d`rEu$GO6UJ zlw|f{Q}*)h{|Yj>z7vQkAGTz#5&qvVXuq1b z_v_-Gw}~g)go8Sd@-f_Bd2X96yS=7+W~rbpBE{3>$I;XWqV@GP^ntLJ?svd`ED-2& zbFdG1n{tED2+HCuls*4!aqTgN6L7M}>PXovMa{Fj z6LPHmFDd=U+GQpJzn zpSP(VR7+I43MP?l(>xY8Pwg%>mHIr$hDnhQwsQZ2_1W5U->MB<#Qd z-(E&({n`(NFZy1Ge>B|we$g<~05WH`&Q5$du4hf6(Yy=ZN&oNZpoIaBRr}`wjaC(B zDpWYYm4`J0Ct1^tuX8iM;PznwZV)i$*}}w-$r4(w7mv$I?|*1CQwzL=9$A+)&^O)f z{jUDK_zc8-aC7bn*rpDX0-fnHL$27Wr2!oS*c|JpBSNuDR!PhVbz;WoUs= zPaxaD9IzLUhS{Zm%Kg7*-57T$1+-31P9)jBvk52NwH~l^3MAo^c^y>3e$QzC#usdT z*kl`h;hh`^u!?2~xZ7R%1E~_V=ss(B*?nd1uk&XvXDoPl7d_S^^?4Ru;Fyj;qNIn$eGc&ivzfoRBNK!3S9CiaB5#%fzWbzB2 z?7TucXd3~(MT=d_CjPPRny+2MX3};%Y;WWaS;AtIu zp>ihG0$MIX!3?#pdUAuNo|I?uiNzSoM9$uw11akkV)nX3Iyrs(q&l@qzxJhG&h0Ok zx(_sAAHFR}DjeS|oPcd4iCHV|lIDQmzPB|hBEr;pYv}Y|#OKcCS?JuSAWG}^Co-Kg z%5qjbNdo*HuXM&;m z)Dd{jF3!Q$=ayqLk(&-I4sz>@rR!E6omv~1+*z(mK*GG47};wLXih;^5pxWpkZw_t zAoe?O;>R6MP4>Vd`2)h#`kmAwQ*j*LKmU2?#Q!4OlI1HgmQYt5un|MK?-Z`|+ro6| zG}7_8{96rpXfI*N0IB0(GW)4!G@4_!5*y$Z^qp>H;E0<(&BZsW^94n^S!aYqI$1}A zL^@c1Ljw_#IuC(ho5^}x_D1WU(g?jJDsHl$Z?j<^3~mRs4F-V3_hICihZEta)9C2i zaUk?s5$2DG*6ii^64+O_>?q>~1hvh$gxq^yFS>i3LO$M^G#=8UiKzM3KZM>op3_jM zW@$z)u)?u^DcLmaC_}78NLno|z3~E+u67ccucs~RdOT+t>v}w9QRQyHj=iv#4gl}2Rc!|ni76TZ>(C2Y4uwjxO>~8ry9V`hIzl1BPyBChlv#n8v~iqfg^+I?q{G9d zc1Rm5YPf1^YOSY{_Cre#TRivQ;^tupDeioW$Nr5hbqiH)an(;iH~{XkeieBK-SctV z^V5rET}xV|3kdxXz8|s>cK)f8O&Legl`=o}5M%ksWcV^;>`7pMeQl{3&A;mHq@y2t zwB|o(v7_p_uE667IxzwV%AX7U&PK~N@VV>iS&BGubmpKqvjLSCH$$&I5& zKuoyJam)2p-cUpL2xP(d^D8D`^mf5K+Cp>%yT1zB!4$b0kJcY4bwJw1R^#~G>)#6G z00j6>@jTKDdzK(3xG#Qjrt@17b`B>gj1S2@56wMZa!beJr|?+$e$da5ePOq$0Sw1B zA!KfSOHWsI761fjSjq2Yj&LEq3&hnetC{%ZM_76qw1W$TzC7!cH(kw%z>4hdB(hv4 zWd8`qIU35gTYjgj662#!zmCs-puGp!F7ZOQU3f5M8Hz*X!{%e3s)!x!4%@#Y7%tqHs#@6Q8Aez!Qf?wvnCZDKq1 z-KFZ=1k&k06yAK7~XzV_BzCBwIO%5inr zrMSo*-o95b3p7+_RPT>7lpgDgH&TYLoxmj-r%z|FfgaFmoeehWdGn_{eM2I<$pd#- zSk7l)?k+WghZKQPNmZ4GR!;q%&)A+-y#AAJ79^;Al{ftNT4jok@8;K1fQQcNsNa+G z6%7HQ@XbnqZ~L$~0rQ&Z+GpI)tSfD*glbDbYKO0nqVN0L?WYsu<-)ib9&)!?BSG}V zXikD$JqIS$!0-5z5172i5$vHxL=L|55N@{oB|-9DGcm#r`tRuq@SarD81T{q+7DOiq%sI}2absaAC&#N`Db3KM_H#XltOkTmFK)vl(*;Y|3GjRU8Xipur zCKOPoz*|&M=%FRy@?cVKz%Y4JG8)X$+~gU#=D@Zi3zO5i@j`Jw0xsJaF< z+JP`0@2vl@<3mJ$e0v{+sBQF3!ofsL=Y449Gqxg0@vEU}8cjH19rDPDQl3#bRvL5; zs4aRr0df*=+*PVm$S(Fn(0$w-+tw)w)-_sRufOHfe9bST{n%`U-e;-|i+j>Ssz638 zV^rVph7C(h%BR~X&2_1Bz?(meoYEW=B7+DL&yab0t06X$zCCy{Y@d}%<};=I)Frqh zXK?lib_56Q&?5Z!iAH4nU7eKkRN%Wq>u~j}w>J782{VXl^;60ebYPt|otI1iTVsH@ z%pxWH(~^AeEO)-dEz2;wD4kC&U7s{F+Orf(av!PqAx%?a#9K^yAUEK((tH(&U<9dvd{$9G7 z-FcPhYWwK$47H*W7Ou@i3{=Nn+B^)+9-LJqGOj?tU!A9 zgJzo@{7gE(4eL&^JD?XvI%G8z7~bPkC>220Z38FWym2P6S+UO1x5Jl0`02cdsa!E! zF#|sBu=Vl2YCTssy?nPDV?N#^+a~dO6tp1_){5NobqBvbg>%2<>QDLO!pkZF4VVfw zp2mDImC9tp;}gP>){MW^$567OPyZ-oP;_}af(N)+>kT2;MYx(O44j0g2m9pHRIkV+ zQHc5U4@6w8Rz#<3_Wt|Ly3T70aNe3LHVBUDqlVJBtZVVy#eys&1eAjpWx>5xOrv#c z$o;aL__ufw9U>VX8Qg$A^Yp%vOw7oCjmr+n2Uuizd~!F8%WWL5KpT#ot(c^JAn0GA9>ApuT!MBVQL| zhup`~KAa6;zL89%5_SHPPcT_3o=KEWZ=RI$S{yP}?$(Qe7qT(}*AcdGCxcIUraOSa zvoMAn2E^%418cM{v0EAuvvaWD`(+Nh8J9zV%)RE(bvtX2Wc102bsxIL}E zpy_Ms*A#Ve#Tuxjs1Mk?c(1gR+5AP(5C+ka1Xvb1C`1>Mg=t(lC>8JOH@mO`Dc}aJ zf>41oe1x;3iOT)!ZP$az<9KI9+jERdu6Rxz`xoa@tlYt(htV1+v6Bk#**+X8SV*s<-*a zWt=Nj_cqSHGx`WI6K*08vb^>kszJHMX)^Uv2kxqJJ?q}xxG+AgqUqQhOxn7_;&9Dm zTNT&jsj4J?kcxM3Jkn8Uzl6iCVu4gg|KG_sY#$>tG+EUV`nKAg#MV3MA!x4a*o*%A z@H0Qua-f1`Ji6}nPY!yh@MQjUNM5sg0f zinTGr;-hx=m^-_FVVg1limm=l?5KGD3eTWt=W*%^qi}h>utV!FII^uuvhUchaj1EX zeIzR+)7+AgW656={x?TPF%ZB=vMHGWLn@=Z3iCljF3a&HtydA#iuvfy11F{1!=y-T zNHahsLZr&@dn&gikzAe9sC#^O!2jZ7vS3NonlZWl7*jlA1HCgo%6}@k)C&Fnm5@)r zf|%RJhS|0FN*8J=4&uqc33Jb3dx&fvVzmSBf13hnq7WxOYNfM6`Gmwrl@%C8zFp~= z-g#!>2x3=5?{V^S_1&f{*;_Hn#UWxFmlO3easOWyhk3rRZRQm?)JUW|{*=wky-JjLi#y6VTgN8-VWTL;dvOix`?%Epg* zqvN|{zM&fEdc>~WM-{C+S+uX_&LvH!7!X@0aHP5c<~mvxCSDS0;)k zj*r4lU<8UGOK4B=C_bud1gXr#bH;9q`4~!XMTo+xN;e zBC~gyWaBn!nD2&4|5mK-o8QhH2D`f=9X1;0C9i+~KuQr6k5mSRwTFQNQP7@Yh;+g=UE}5*qfZ?yFc? zA}Vk@4-Sxxv)6i^D~^B8cT|emHjv-eKHbD6Cs1_<;M;Gr?xkZGVg92G$U8s~ujv>aasL zwfbdx8|%J9egA4SjAIb-rBJ4S9sMUI);el36c1}fZ=+_`O7An3KZRe{X=}z2xyjaQuQmx!p!zT4{Q( zC2tR!s*b~a2=ScDDmvfDEj~{@UH^BpG+TEfu%CFW@N$4YNMb}{C>{MNIY9(rC)D`* zL!I-xYjyWQ_LbE$PUrMZuxg8Yf~cD7=Vgd?KQZ=m?)(jfb z^RP}nvmTml1G#0@n;z@?tl1E?A()cp0jaM={LRwmo5fRs?K~4ht#mANw0aUb zQBjlpFL{w?LzshNuf!?UUB;yDHt-My5TX!33D%1L=^`jCe)GoNT))A!d>O7YzujTt z1wp)Y*_y(7P%9gZr3pJNbMz%ru-xL=IQ5F|<;~jz|C6a#ObPxK&RjlL^Fsj}EIx#u z`i%;A5FHmRHH>cCi$I14<%=Agi4wSnwsP~E8?QMi!uX(kad((bLOWf2>~=(LIJI2s zvCgW?s;9H|*~d}KALEzZEaic?JM3J_BFkPvdwj-s?}l*EvA_LA-LOQ_su1oTkoq?4 zW(KX)^n1MQO-OC8`9v!(e>C;-8LAYW>G(mCn8+cSa18bXW?^=CU>M$5nN0-^fHFnP z*}(#%ZfPXG_Wza*;j5-DiO9W~%P7lCZDjYp*x5XDmU%V+l=MIAs7l4ZYjPlb-=>s- z8s*MoR)QHdbcM3&mxnIp)dhCRq9+4mReP-sBYa0@A_fk+8r4bxIznPX*h--2+fI)2 zwy!6PNWH2pY(dyxz6WPqF6HU3ArT`HuW7%-#H(FxK*{SdmGCI-HDHt{dy9!|$63Rn zKU#}rW)+{E*fAi*$HbOF z({*=N#(2uYs~DcGcx&uKRv=A7%N|=|hCQtAHQ;F92VENH;Fv`IR}Z%zXlXd^k?R-- zxq7piqr5p&h+Fyoe>%&m(Jvn~mKt3_0zn-G6SJuo6nd4*P)&2o`tO)IYomgBqXddKMtq8B;hv;bPV z-V=}Iwi3PxL1)T#jGU49n~>qgND+ zvJ|jFHM^L9W`StNhs5>D!$TlTLn={1jzOup$~5(5Ky5IaRP#|4s6aptnZJ%~E{PXK zrze*oH>!Sl6%1{_@CQPAADSlCe;#1j_vO#2bc1D)rYBA$0kN>LLr$fD>z>;4BhSvM ziI5v`0pZPQFXJfQ93&k4RnmKx7CjBGRIqM{O`H`uq&N)}oyyEpExOJP_&lAEJ7-&I zUFadda4d<2qLGr1F_JOz%P0j$aLMbLoxDihyQW9v~`O# z(;z!1?kk6VU=<@Drx1#e?#c^AWY0I@mmF5;2YwafWM5Kg^$5Qk!F#V> zfu&e7psN7`f^gHzx!#;>`u38!Z#Xw1d&cpYSt1UMG#-Q>65RK-R*kmw$%x!3w^0}~ z3qpg}tANDqI}1JOGy&^r=B#ywuAC0fV=wBLu}mDDc%cSE+H{zn7r68w$FCT2tR;fh z5p}td5fL8mE)Ob!PJfR_bhL3fwN6ehD8U=G#6-w}y= z%naUTbV96n1!fAs`AwYLNGASdU7??bC<<}}l0(56TfCrrt5!U$#KLP@wjA-Nh3tqT zXOC98QSX0K_ztoq$r$~LSwNRS4IU6b&enD4-(99hi3hwLPVArR8Ck0=!vEqyb(&87 z5x}o@U3qa-3h3ymb`5c>BA&gYysWC2IYlGYjyvv;+eFg2ZPT)&Q@HW|qym%tMUf4X z8Ld#nU;q%ls}ye^dMO;Kptq$;pYsrEYioc#xPGY8`=eR4_s3(6Q>=k5cfe&yMkvQc z8j*mOI5ckiuVlwZy#`7|)sLan?H-(yvHQa2G}0!j0XTTE=R`EX4>&d_J*&%kd*qU* zx`?8_p}Qeko9ZF+#DHxThYBC7=KUVa9?@Rb6viku%Ko%l1tHQeV^ke!Uo)JfSQDXf z6Px*5y9LAAdh-|*KXCE+N0f2Bm;Q!L(_!tPIzXBO&4?Oj0eUqq7=96r9WH=*S(XTJ zRkT!`z}^)9C{d|Q6OZ=$vX+?`?FR$#SkHXwX~<7PVHy$BQyTveFwM;dsS|ESQ<6c^tsf|_oXIk4=FLDGIcw{+EL81@cF=$4Ay{hsf zs?;kC=irPAb}>>qhhzeF)g;>e^#gXtXgS$WG^ZIwYeYHz_@GCAV;2H5*)ChAR1Qr; z^J_Q)ds$f9V)@mR%$cnbh~?`hEIV^*^wX1smt|V?Q(G{@ z8&Ods&bavhZE!sH*hlPdC?pThr9iq|zX(MK?nn(K&`L8b{lJg`GiV9J2#1D-*!3cY_z#io6oGrHBmqq_ z@_XvkPR!ygHI~-O`zdqEk1ro0t=nS3Jm*Y)VL2oDIQs(pV7FUFO&~F+3{H*){$Ty3-{~cC}@Ht5MkH8^kPJ z$&AVNj-+YcrfuRC{6&c(s+3LV!q@iW}dH8-QeHx>aRm;`5| zrCS7`f-3$e0@iAnXH}PbiwMX~l@WX0?j;hCgMiXO_by>>0sK`*?bCsc&L6bT1s2dWttX|@fImH zW%Vl3o%G~)(bjeN|N5YZ64S|wp)$y zCSZN)#A?8L5SlX!(aGgK`O_{K{Lpy`W1F8j(VX`U!axw_vF7}Ks8k=Fggp89>NQjn z!iKk!(g7QAw$Wwp3|HzhPMOIcpvmt0=H%NQc}f;)4Yq9l8o#pPXsW$47mB( zD1}GYA5o*dEI$_%S!nl|o8_GWM}%b?^uSXZs|94BnpCPPU01x#UH&;k+BWHTo9q`B z`Kc!28Pazpnzvt%9W^_Y8p>X(VvaurURHTI$lf#}vDK%pEt6_*`X)UFt0awCJPxxd z7{}Z6B)r9F>0aE(2$>dneZva2fE?6DPeRGIcJdI!t)T4U^BdJCI7#f{m(-XK?K z6%SYmD4~M>Fl0z)05iSCXA_OkA0{mr4nvh|j`!@TW)}2#Ti-Dn0?g{D(L_*(t ziwF9iR%*SaIlwDtWcBmkb>ht)%LtEbSDY+~z!t8eXH{*v#XjmaeT!G15q$!ZG#XU| z8ysqe(3{sU|CA+3`@ZT);%9J)qA=x=ep1hK9|dhz`1w6;&lBhuD41%$p@JmtDt_I0 zqip2yji*gDOCX(tHPu4i&#Lcc4NFn*Fx>wlu|Fy4rP^)SBC7rlN*D zPCRYXWYAdR1Lp`a2F5YM@PMUZdysT0#_!tEqF5`~P>OXBdyDi*OJ$Ug-%l|j^3fAs z2@ksh{Z^Afn@97&UDtsc^pNi%<{ZlkE&6@pp@0V*|6gY^T>pemX0(ey`~vQ&A*uN! zPsg4cFL(aJ$==v2{st&>NRfyxYo-t>QZ&RJY|B$qP-x=MC0q8TL~x1Oi&O)5xxH#l zEPa1PG&*>KC)vH9j55^05@Si-!RnUMe6b8SbfDsIvY_DO-4PIZ^{&`hxoB>i~XP%cXpD-nA%)Ovrwa zBYduK)IMb5&3dp}rovpUU}7{2OR(kRLxr_^xc*(gz)q%%k7zotU6lN zvN6}W?)%6XHOw*q>z&Cs{;b&)k61`{%53X;0z3ckhMM}bXi8#DCJ)%65~tO z5~I&Qt5Mnv(g*y~L!5&}yLF`eq-OBzYS8DZ&UzJFrO;V%G2!4C+nGsV-FR-I?Af<@B$Sh_A@{_&d=#Piu%MsdC)?ZPtgbzRNTGM^smVLovwVUodaOX}{CZ=W(*o zCf+U5`xUPnfl6IYgk~12n|kcry$BNh`f+KJ+c(8OB>GuyzHTa3V4Q{paH0(zVAdfP z78_0yQ;3R^mYWE1_YeB_nZGtoDY)bfoy3@V?JtAoq$RCiOMx%1ivI!rHN#{=&?S>s zs4Yo)BdJC@0rz`Nk)iloBT?&fW`p@`4-p$Loh5|>EjASRYWZ_IkE5aGI)Jrq`fB_? z_99(v@u~J9#movQuzDqJE!t*xky17@Wy!mWkecI}aO*GNhHTTdylGx}l z4k~}wg!eoXV4;`1__YpE8efIfw4pr3>B!+Q39odM!BZOgH_;zP3pZvJYZ*2rY1dUy zl+D-$w*<`oH8fa%9Q!@rH++n0u$+$P5-#p){GOUbXfj;k3K~I&Sa7f%{j%CJ5)|QF z974c2-Y_9ddunXS3U zgq|Zit50gFgxZ#vlm1NN0SSj^P(CF#v=Q;w6{73!qkro>;yqhCPHo-q>?wsh*ZlAhy_WF)S@9c+<0DsQseLSFl@JrlYGJ<;mSezrs%Ya`&^CJU13H&HPprsar2Ysm*;n7m2eTeBx3q-VCCJ-sPFi?pF*TP^FfRpkk? zpM)reY$i^4a%kwT3SA{bcz=lb+MX6;8yh2sLFjwYu`FyjUG8N`jxA~<&+N~B^WQ6w zvZe3@J-s>yJjY*}i9nowr!3iMBH0WBbGCl&Uv*(g-gmDV2^DUj#}q56^PM-@DD zDar$t5tV{0LQm&>oIKynm}oful-tPhGd^Vvbow*F#i&#DQMHFBjoyIC^T5ED0<^GDsVd`)lP?7B&(OwU-b)P*i*eC$nA?05=p^nj6N zZEAGaaYW~y5qwo@(&lq=BX?JY01|NVwY*13-osIKF(L>(u)c)%gWPplu#L4CkE(Dt zTn2L@=%6Y!uY_10ZwL5TfE75(xNWFdsNOosBa;y=HTp+%DPxB<+uCkTPG=lg_&qyO z80>z^(niKyCHGd4yN}ES=&_@+3qV>6e_>~K!4=;`{YDfQ`(;q;;tpgt`VGruY(v;v zUrwYEwS|FYx*$)Kx;2r%u-nBhMwTgX$Mr$Zqh5fnD@TH|``8HR?>&0uu9ZjVp8Vtq z3U@n=Mn(-{8a?^&(i{j?6!$iwN!lU&Tp9JMrJ!P)R(p-J_YYP9FQ`!(h3YO!d;JTB zI;ben-IvH57ZLtT3`G40b?Ta=(onY|7Y*Jxo_`M_wDBf0VR#u(d>jDK3hS!{=TWm4 zC}$NzmIt-h-EQIeua{?qkz_8R3-gNJmb_4HIxhhtUr80lPDeC-=%p}_@)oF3pUf~q zrN6!-E);ix&)WYg_O2x=PxL2x5LO?(sImifS*prO$IR{t+fIu|H256xS37@BqnhG4&sMgNtdzsxIHQBqh zzec_x2=%!gG$^=sytzNk#uC0UYqiu$RQw@fvtv692tCc15khFB9FUD zEw{3*gGnrda{n%#dQMB9f`Z+R4s#?sQy7{@vx=sOoXN)UM+S)Oh(jC|Ft4(7b~}}+ zmVyQ{Ia(@YE=ZbV$07)yG&YXP$zxbP^=5{I=bcv-v-2EcWIbf1rDp8B?0sD|&a|-3 z8wOxhy)X<%gfEMg%m86Y6Avwxz(K{q&3g2xqR8XL!9jy_^^3k$;P^#4J0id)@ceN8 ze;QhUG}aTO{N3DeR${jF<0rp)TNxld`F!XgKVESlO7QHXy@T)O2ZR0>sgmi747S!` zRoq~C(f9rk#xdzNWjjCjs;Q}|a3>@UL}YP=8X`De zM?P~tyg)bpX@vmbtI`y)hnijPGi5y$V`=XAFkio?g?oS;=Lb{=cE*r*W1;`8jtrxw zCzXck$3JZIgouUh@ZACsoxka!%Ruj1TA|gcR1LD8yH3B;(2f14rR}zZ0rxmP)9r2-2I?hUAK)EKFVwNAl&S@YN9H(#x1>eH*4BhXk5bIn}j#;v!_ zFNBkGA-tb%pTxd++5muFAf zE1bF&GBWz~0@=8R*1SBM_p6J55X$BXXeSbLF=VoT=p{_>v>!;*>gRZxZ*DJ%z!(g7 zuAX>G*SgI-_U0Xu3s-12hN_xbw;_U?Skj3(LOXr{MIa5F*G+kWWr zdRgRt1z9BJ1pzmxu4xoBH_Ttg0=&@^*xTopQNYz4?=>K?t2c5x>t~qZ=MBADC7djv z-l~m#WiA?QTajQ{IBvJ@WmJPu>G(IBZ+Fc~X!&JB-bYtzbuZk7ZbDuyx0z*xZe0rN z9SG#HMa=f|X3*eiE&Cp5kVc!ms8xJSGK~@t{Cl$<{Ouzq^IQS!@71U)l$p0 z0{qK5xaOMxL}SP6!9!NCpSoIoZW3j`EjFvhj(iUPML!Bn?@%6*2hEb^6= z$|GZzB`TP7bOU&Wg$-CzX((9&` z!$I*2p@uM7Hu+$UU%q(yx;pg*CpvFaN^+ zDiS7LG@25_pKCJ+8ypRMYAtD6_PxLD⋙{^jr7%#{x6OCy3IK#JQ`NF}9`S)(&|; z_V)oDRoaWV{E0V?twp^*WL-|HURElaK6oCS%`qYI79`}nCEpg|s+s)Y1~VhD$2})i zD!cZ3I?uio&-Gss*h~po7TQK$_EZK1VoP5tJz5wV2 zTW4r7JmH9l3qr`9LU~w50U4{0QXXj3Jv>BZEAqBN%w8x)Ua+l{+mwT#B@DLQf>J+n3bjkmEa+#k}{w%Lq*xq@74tRifiPs?Qf>T zox9p4@;a@0j6%q`odDkWGZD?<`Tg;+eT?o(nH>7xt-1B*?HTGU7SB7YLbDfSQ_rQZ zDIs@mY#-OF^*C$1(VPv4*$lTFfhvwk{C?NKhw_6-O{-st-o#1to+Y;v$>zsi&-X2< zVIa>%*BMV$+{uabgc<$)?O$E|8-72VT78H0NE)KXt26ga*XG9JijEH;H~(n3b$<7C z|G<3JFIXg4ukcmnOPl_DYwdORb90-l)T6^(ap9fGs=;T;%$2f7()E+MQNO6@zwlg} z`xO{GHSA(a!n?G7=iwGnPU}C&3z?gMqNCa(%Trp2Z~hzqgk8Ji`f#iBUds!Bdjzlp zB+lK!K2C*C1&F(lj2MjQjkJwrNOswDnQ_eLb8iZ~+F0{E7SvIZ{sq)*Bj1eH-={>i z)Vv1&kS>&iL|Beh3Lbn{q5lcG1?bpj@>*89W0W2FrY+`UzhkA*g@AGr>R?Cw>%!wg zdc*U!dTF6X!%*#RyU9p%D;MzTmy}N*b!u}AmoUf97 zoO{{Z`I-Lo1ziN&7QW^Ke%EMTd&fmH86hLzr_r+a1vXWz+CnsN&d@+^0>8-w(J7EoSAW1$KZ+B>mg~e12ozPNY_Nw@q$E+PfYHI z^Iw0LHjgLoxx(bHoTwopP6~^@cNYik@R)r7P90_W!xO0nmIDT6_N~@$_%r^FJ^zzC zd)IGz&kC!R*F2^E{I85q;#q~xm0Wtm?kuNE%00mGOKIrQb&p+rIaz3412poOB*L;} zmhaQp*;Hqpv#YvWt|e%2991JcpmqgRdoE44yvjz6^BDD0!*vNT37=0-gyO}VT0K_@ znUA=}RVO5snn~yHU9+5@oR-d-V)&T;6a%-HFrnE>hvyks|G8jkoDMl8e(qfsl*3jU zQ!8H;bx;zOq8z>B{D{)k8LaxF!YE+2hZsCf;vX#iUI}fZZxXIy%)v}xLcY>vS7o^< z9~lFKfH?Rf<0ojqn>dOvqV?x4aaJoqWNNHuzyF6l;IB)Xn_Bie z6;RCcQAnQhvwxz-$dgY1hBwWnK$(#*-TsOHo0&1_O+H9YNxs%`x$gK8&sW2T8Lie- z{f%nIVOE`n?dq^#P@1 zRKpdu{*Qo;ey+%EC1dTgA~Z<(=>!jidBWMTdYJp1CvXR+zhVy-Lb~P^>zvs}?tBIy zgxTp1MYc>!((PM4BQ%q%&QmbYM0LT#fi|@AZGhoyK*S`zG4j#yiHRY*`Jo|`Fz%5~ivu@jPNj~|CrgQv{=PA!AGeNnxU_$uoH`hX+kw0%|T$bA39tRjb zAAp5KU%Ud-5kmV+(M2S~JJ1?%_p(vpyDhU^^aNz(+WKqZ+^pV@l3h674Ce3CDmCe< zgU^)Juk!Te1DRQkNy5V<{Y*|vE)VFUHg(J0v+9@oI7aZo&9p>>muZU?PK`h5f9fY` zcqagC$QIFiN(H6%$2h$&SNk=cgi?dD0VT&pFgAkrzoR3n(1IdWMsk^VE@2l7rZaJ} z<3t_bv)QJQ3R(KQYs>u9>#3nApib?Z+O#*?`lAD8wNNWdI3k0=pDXs}xlVBB!YK`Nk+7 zrx`p9Pm^PGY!E{ZPF#s^S<=PpW9xTbPuWH*;Du8h@hPKZJvS|{Y`{X$g3wT=g>__p zhxul@n{!>en{$hfN6}-FcV?~lhNeGi$f3`l5B)Oj7W7iix!l`(dN~d};~i$`--ae~UH7b5Y5p8CS?983qAg-+77dWq8$Ra;r=e!`2<_tgs`@@->WKLhuQCR( zK$zdhUUVgh>vYp=W`6kI83m8QV)#n0;h$)6T90(fV^9Q5W}4M8iT;ECsvN5g^4WtZMgS z;FQTso5Vd|1fq98q@67-5SqC8oX(^_G(s)V#lcv+RQ()Vi!SStzT}e(nch`xFle|B z;n$Hrq1GFj?u&^&0D1X$YSa$*q-|Yf>azT@>psvOTpsmx*v|CTu{$_%N@rR4bG%OR ze4_;TMX%hqLjoWX`^Y>8(oy_-MIsI?1@1yfa6-x;+J>Wfu5|L~DXhvc!Z(w~@e16h zLJP$byd&n?Q4LQ9PGJT;4o7;rJ{`^=~y`R^#cz5?beD(F;9eRfrlJ?R*yEpL#skx5F!t(s`DuGrOZ36Ow zBsh2j(t|0)IOQaTX668Fw16~}Ls=M%i?fLpt?E&t4I(sg^e(kv7qVI>*?~6{)<&pzMl<#cTee*WC*NsJE!{VsAZwJ}~^bWdR4SHN7XybiZ+CL0Jc8VpS+0y053hSo! zO=g4!Ez<0x5qYPdjv3Fk`Rr1VmY6>_$8=`hZxt>!hF-FhT2kI8tIDTu1y~0+*NuHE z#c06Xa+PqT?2WM((vS(|c8I)V3Zd}5DSsGrU%33X4<|$oYWONtt85r}n@+8$tHFN4 zPRw(^!BCAQpSl*=`$AWI3P!VkE)X026Rp3!A!gruyyzIhLl4p#qD3iB)D_s}`pEXN zEF>iv4WGFW;7PLj9j-wV+0A^0JzKN+I99h}!n-eoCXzy@$EWOF_Pzc|@IbOCCg{N?f%)?YA`(S+!`% zBIixm`JSfki?nb6GCCSR^pDXdgsnG07amsQ`^zUt_NHfstD40no0ltaH1ZNhYjmW9wetmgg$at$F5UBm4PnF4tE(G>qcs-)Q_JLoaP`_ zrJjl*ua1tjP5K-f>9MM)|Fhk^6z~a?Kp!X`80WT||1uw;@LtZZ$hH0j}VUhfJr1xxDMJ+L%3N%}{&#qb5J>JAMoGFX$ z3ATSWlZ0coQ*9L@1{wAdzYMvj9ZjdMzeP$bb|DTkj6UQFlnRAwc)Xf7@LUUH(06}0 z?R}0UVY(>dbe0wzCoHx5t5+*U8oFBIvZj&24dr7@YD3ET?lG_$|gf(<*xt8nAEO{dJA>88u zVLdyQb^tJ#ujd+NE!FaZyAy%VmN<8s(Sk66DCQ?ss>;Iyk5?2ahGwwbMCf++TfwGy zs(`TdPB3+dOq&#yq)3bz?9EF;mDecHnd?poNpT=dWQw1NVDI`9u>VHr;)Sg{Ezbpp z)i;Q$RSA=6rZDV-w)!qXpySwklVe4ND@*lUG!uEqIFh#wi4?nYps#)8=3K} z?8tHtZF_ru)sfvxGB$}jSGNzre`yqlQpLD`$CaRe54s3giY82MzG!bl@8uFbB$DO) zq&mr|0`+|0fq_>n6DB^yFD0bJT=*AXCUl@XU?^r?2YYPMLYb^|CuUnWr^g9YQ&K2= zr3q2{3Jz}-S8KwI;x8nP>*?=%$E1S8CgowR zYU1;!+8Jh#U}w-zagJ}=a$qqE1q-3=e%awJMU^;x$L8l*y9xN{_eo|5%e+#I1xI7| z6)e?yv>j&jU}SdbKwp4=-Vl%$=aZq~#iV~Ic46lL9(7-P^%uwI`DiP&y{p1hlNUMy z+O1u18k`&vx?b>e*p2+&>u$)+p_Wdfs7qnu7!fy+e4C8Bxn_>vv!%@H7o6Ybv*`Lb zre+uFSXz#8SRnKJH`)$SKi6E=YQLl8(0XGukyUU$Q4Et-3$|}<#P`%$YH*J~dMik@SOCD$ln#PkqCK6SpZtrFn@6oEN?$tan;=4x~eR3)* zp2`2WVbWBe^8+csZv>+wNtFTKlNe;AgmR{JoS>@cdGTU|hF)9daOB7IxE~_EZFs0& zcG6266xNYQkp3XVWc6wi988|kjNsn`j&vrD_`e09%2duy~T)N@f^@MegJX47^XB(J8K=ZO+c<(C}x$TF$Rr_rtbU^4?__KG8EOch z@#oxn8M9$c^d}RJIq(P2R6Qm~LI(MkMYd0Eo7)81lwN!l5RTD*E#CWWm%YleTv%bELTKlgWApN^#%jK@*HCfsLF1Ol_?A#H`bcs{BH4 z5BMKdsop*@qvw-~8q|BQ-2Wfu-aD!ZY>OKmWyD5PKnMtk6zKti^rG|0m*6kroIDNEf6Ns(?!90Ya0iARrw?s)YJZoVjyn?p)uUx7PQq_5N{LFga(ReRli( z_CA_3a`kgH+|SOnKS*^DYMr-n=aXpYoYQ4~7@p_yit%vE?C1lfnOw^X@6f?&&4IO4 zB;^C873H{tv`4Sl3R-y|9E&Z^Um;8m%&uV z4Iei0z$tN*n?lq85g84bzja$-ySb?Mp)h!!kE_2whB@Z2nWl)<1@Ha(d#4yf9vQC> z-g{i%JI82o#9Dfc>}j7@Z%<yf1J>_`%Lv z8p*<~E`!8hrr|N(ZN|f9jM;m6l5w-{!~t>C$nrY1JlQ4CfnGe+FoQDDs+-M!?boVF z+bPm1;7<~e%T%C9~1 zdUq@4A|wy}ydvTJvonh%<4N6j9l~4iZ=~Jt4(X@5b@n(HEzn07dw*Km5A*a$6@to6 z*WybXcdV-=x1R8}(3c*bl-p#Lqe-g`oNg~wqDODmev!J&BpdWV-9BkW+kxFm)2>01HvGk^BBf=HV^Z~Y#%5>+jd-!dof~&*C>GgEZ*Y{m~0~Za6ROT ztRkK{RY+}mfH5}b<4dyUjd35Bq-5vyrGD7D+~KsGJvn|DleN}?W4EgdiqMhm7tD=r zhxN@961~z%yez&wVHuB8!@mR*KB{bJ0xmlp#vW!Ug_W@!%&UxGDdm>Ek9rgq-O~16 zxQO^KTe0jBNGPRCVl}{n&F`umCi6i9{66N*g-`d#oT?7c4k{k?jltHEBHRiemMkF2 z@#(CPuqwYO!gABqui!avi|zT$D4VxC&CohE0{AnlH|T3Vh@dYTx$R#Qjn!ENp@8Fv z|Iv5<2?7D{?>D^C-$D4wftK?>|KRBk$UC-%>Ia#m0 zRId{;cVnH;LdtJ{&SNc+szYmacc60Mgd?uOqUA8{Xv2TsByNGp9yz>LwaP)W^l>_J zfs)1J(%$4#N-u0|`nQkQ+=l#|lMZG;+$q&J!=V^slu62^%)n{abxMh%QwJ_arb{Lc z?^T!H&L!79{8oB=TlJWA6s`HubnBTmJ7V8Z097-9s%|ZNjMvN^hK`GpK`|}Jm1i^} zI(JB@dvVVuy*4|6mF6!`05HfjL-Ns1)KQ{lvS^o_*fPMOD*WFp=jEmvdq*pNd{-4% zze)~%M&L5D7$0mP|8>!#cYBXv^Qn^ijTp71^dRPSXtoCke)fI5XpEq^!phM_e2>)}es47mo3 z_mh91TTq~NSK{sJ9<$e~37a)G2b;Nagb{HjP=CL(FqNqHV*o z3N*wcz}yjEpD_MP@l9}F{SXa|{F6lojA>pS+}b@P(H4shbO>uLVzFZNnw5Ab`{{&K$Rn@Md_qS)Fx- z9ZLq$tL~Ou+7VjdrS#Cz?HqMVoYPf2!z5AJZNi&ma)j} zm%RPDex5Par5z^f$x1m?>Qp&0n}_VrxwBAYCH3N72X}Etm=yQNiru#Y0IpQ=DB=_= zoHtT~svlWi{yqVMpbsRsv5?EMfaUM+`!G2&kHp~q(ZpJ$`_4V#rWaM={)_r)9owT0 zQ2$Kc2M1#4QruV@5dd+lxOuBEn5$_m`)xK3$Si{)Ws=nKhGa-AYpl zubzImWebqXbX zG(G+W6d>{Etn8TkMR=mO9;IIoQA0*(baoiKWL+EFXuCg=p)_)!1@gqS)tM&IEE7hr z1#7$)_S)xcnoaeLx$`o?^AU=a8Vo%|^OZIMZkn9?muQs+_6Y>&l%o1-yhHhQbf*Y( zMtD~NtZAif^|seS;ii03K{=zy?c5#z;y0;6is)o+JKaN{JI;M~eVb2xsX=caFK3IA zzAQxq6qo2ICFcpB+{c{S!Gx%{9)K87=a>wRU{7Y%6aUtwtew*Va6n&A_N<10Ksl;z zebk{?W(^?ehRVflOU3n-5Bo!x)cK}3$RXF#yhxtLNIpv6 zq{r6P%?T!uLIb7)$8wUL)tT-_Xv}FAE&sS7;1@6Q)YVyr7^#W72U}4+b`^At!((rd z?0teWCnUD_1-%y@bBpj5mfGiEHQpd~km)UPVP`y4abbXWfC&9)O(x;1`-bP(R}ct% ze@8;ONj@0myKLqE2~^It?!xVMK$M4RJEO%bSt#N#SU`6$EB4kCudgk$Rd|xw!@S{* z^7vwrXVi~4=P=d#Yt7~(5{jL9VDe$0d!2E$8cdX0b_e%l^$ih%-faLu8j16vKhbkT zzjHrC11886n16B)#{swoGZRARgm`N#n$Ly^o)$VLWFR(T9qX7GA=;q@0xbWCDzA4p ziYZQ!YxrZ4$A`SB73vSDe5=U&$v)+N=Mj7TQRw@FW2BriGH*c#$xdqO*F>ANot;*H z3E$mK-}O7Rzl*FF_br2Y=(Asn1ATYh65uP1gMzrMXoE&)X=^7WZ_tu7Nph#{@;leqAY-LLDy`LG8dhlg7 znPrw?658Po2E){1>#|40w|>zEoQ&6>uKLe9Reh>#TUfpQwkBt+V!UXzR2P}=ejxTN z5aF@nqV%!AYez+HU4|#`Wc4A`sEpkk;O4%?I*Y%U4!QwaiZw9J{85aAm4{M#B(m? z$Q_jBJU7`uU<(0fxg6-Z2Dlu1o3D__&NMlHggd`q`J0^8siGk^t+)4wmJqjJd&0zq z?s|1j5T33V9~QY#_OFaS?lw) zVxJk_k#GpCtV?WSA4>EJMI#{Sn^5@_zZyyO4WTyH?aQv`r+Zz&6T?$RU_{bc7O(mA zs_K?`0r!utttX1E?@|v9?=uFnMW~r-tu;+GA3mez4E)wBHM?MTG%9v24MdE_+7Rz^ z&8r_bUHtbZ)|@ zQ(L&DzyOsTmB_7c!Sxl88ZDj zo12HHp3miKCT|aOCOh8S1$T^~b*r21ixM#-Ruo$(AI=rLPb96=7*v0W(J(+?br@VM z(k0A>3Dnxn}@yt!}$9#G?_Nf+2A=NqJ+R9Wl0v_!V`v^iz zv(?$cq&dK5`(XLYaXqp|07}e|6VJfl)@|43Qh*GMxI5QP1_lu)TM??1Wk*&^5FU%GVz?h=r2S!SfHTSRZcG39? zVgX8@?ea94RV>Tlw;~Xx92Dbyzq&bmY5u|VM3Y@x?mzcK9F5`d6pP)~rH6?d+C!`N z8!5i0?nF7at83NKy2n$4seaE2ctD7O`{iU-ZkpfjS<~;eLxtOA3H6R!5n|&z@u03b zOek$--s}40K2g66Oz-aA){xoTWnz}R7Z0ozo(@F4#l#YCs|!#GI>-90!6Bj=4z1LG z9}jZE^eTJ%4Njuo`T}3#`GGiGWxK;%~>loxkGlN+BZrpvxzZ zN`CX?8P(Q|Y4B5EDro+ai9#!Y>3PE88mvv1UOu|dC&^4acmK@VhO58rvke0%a>xJM zf9kB8Y(Cw8Z{`2+$Np_C`Zw;#m053#ZwX6k0T!giEICv?5w$d<(R>M3_GPj+)VsZb z@FE2Ko+_aQO~@U$7>@}X8(qzK3D2BpZzjB$?cBqf1S+Erk$Mv(V>?cF80xj?gOf-h zOq4(l8E?7si=aH8%DC+PL)CAcVkJF;MrAOsB%xx3hVvhZ@r@0yUPjLgRcr}GUBRtO zzjl}Ad@>QF`ZPQ;2pEgr37VTjbn(tcG!=46*}MT%B+uX)*P*qZ8gp~?Yl79OYn-=a z`uo18-Y$D-K!|kSC`oe}s3fPQce=IjEG6dRnVM-VZIhxr5U$kG@Fjl+F(-#RFGEsK zxDc0okVQ6GTj>~ndpEOxW1~VDBIBI7R3gW^sbhWE);GN&@imd};FY$OqY+*Bgy;kq z3GfZEHKU!3@{>zsi7Tyi&Im%>M)iu&?MUknA2!X&Lv_dS*M7S2=DJA&I8gP58=F$N zuAT-7#cqb;jt+`p?%5M;ztsa}a{~;HZW5RhNSF zGbmd)|G_K1tp=#o{p8sR&6^MzEvu_-^B%+?{XkRqfv@fYN=bK5|3)pSpX#(>F5d3U z$`CUPP2#3YbSK>qtgkyZ>phR=u97aa;iL~tF>6h>OLWP!;j|BgxGa=K+_4GF#A6fO z3ksHTLo9D(nv}n+<2@yvN6Bnhic?dYt~#V&RB zt~k__wB{l<2O<65(FCooVB7`ahL6;+vBhjAifB=VA^McJ=Jz4}kFOhP z6hF;DbV(N$zNx!)W!P)0!Q|^Z?ksqa8=W3a#sP1-@*ZNSIwXpq?!#W&|ca9y=)q{ek* z`f>O~*R^kVdGW*dhP1s0hH>5jfqU^T3e0(|132>crLEoHMZ2m@oPRMnjDX_=S3&Wh z?-v{_$8tz@Og4I^O`2q5X+>`bN8Z=aQ3yrTQ3KlO%|pta6^1>aHs+E6nV7`)HHuK zdSD9@U<=9(7`gY3YBw*(fMGB`ZvXpek&}>@7bNrb@HZjSFh0d4Bt&D zVuSkMZ^?6{5&w;vt17Lk!P~v7sy{jF|GiD%%05_Ljvs4_8EN0*P>W&DgXu|M3ZSZ2 zU#uNJ9r|b0v9w;?3_wbVneo(iDe{P+QN*(;jR6|>-+o#?2T{S5agX-_meX$$Npj$=+Tld1o>6gvopqMbZcm%ZP5R6 zs6<&-ar0F2|A&wMkP+Nb7%YOz`dwd$_NG=-x76t`n%0IXxS({ySt-ki^LNt-z8-W& zgoZl($IbbN8)DPXWryPk1U>K>uReyVmcxI)eMEOf(psyq2RHJ!n^4j+g6vk^Vv^L# z+saaR=mmeTh1cc=YJJVx*dXk3c=_c%zS!T*B3OCTwUVzrvJORZB5r<-J~3GjD}pz8 zy31wWP#M z?ryNPBb4UbRZ`nOSMoCFcS+f=o|B_&e1IF|bP?}Na9b$%@6<>@XdhW3ANGd0vk$o_ zgl*_+0}Xu=rJD-z`+Lk$H%KSON!5MN z8ujVe-A_B5N_a3__aZj!2{?k*A4fxP``4ohZa^HQ`_h4?lnM15gz?Y|_bBMuK!m-7 z@O)m9vFvI7cJ1rH0$Kf6Au3M92*!@aYz>nHLaaugVI!u;y?iQDectWbY#zf|W_EVA zsxW)xS323hDQPt~q(F`AR(>oI*@+6FD}tfRM%N8AHP!{eAYbff7`7TrX~f|wC;h8U zWsG($AfUM`xe%s1ll!^nlY#>5D}0X9ELs*u-2qGSXS=6IFv7Y^@hZPxtHL+qnL&0ATIHv7BsR-pS@7Ih!b~3zhud z2!H!*f0o$GF0uX?MCs$8g1Jka2=R$ZjTu|>?q*z%HLhc~ClrZXin%2|5x{C65LlpF zyxe82Q#5dIV18KBfWR#tkQbyT9(-@Fh&fk&^Xh+B5f?SIT5PYPCO=#(v-kNljG|u1 z%%SGJt>*{tbS)YE654)Y#K#K#K?6Sm#v~cueUV0U|qjQ zp;+PmTu;wv&ItvDrCzq)`}m$7!LsqtHZMU-pQM6ZtMMh*qU1Sm`C2F6)wbIWty#$~ z^<2Ki>S9o&z=gbhDxhfRfyK%=HC^!6i``q5)tS|9myu&|1&-^fJ{vE5LN`;GfqS}W zEGN6m;ifWMe`&NaWY-CFXI^%?1-30{-q8}sp^R)WJk^`<6HVhlaB3=(MTstwQ&!nt zNm~2x_1iaRH0l*27Q2E@-U{?IVJ--|Zod)Ho`mXx8*QJQn%rLDkvnmc)GLY;uHgxK zl&`Ys55W^rwI;e3l>V;D;0r3)VBg=Fl3Lj?A6e-;3PY>V1xPhX<^2qX%;+_-A36uu zP-G@usE7#?GU`8X5uB7q_66cs^!-KG!??63BqZ2RR{ecy&~q0uilhI#CD7=AgJEr4 z#D$?z@?@8Pe#kKcGdKVRkW>@>9<9CLFjHvvrIWzSN3T_+C^1%%tSOqV6 ziT{Vo*yQJism0W$@6%kQ|H{me6fMX<_azKGZV(2?E$Rfg8Ym_q^nMSmh;GnC&nAYQ zws44CGrh3!4Oh?9?YcP9wHGQ)JxFSq^XE8Ol9=q2ixz4E-84^QOp7Yq3em3}KoV=I zGubRvifljYrTCruKUZO?13^nlxj1YV8c6z=XXUZS=Z+P5a6Qf3W>yneJvozufaa}O zd^{TzXw#a*v9V6v4g%BI)uNh%kocPvgkFUwp#+K+U9#cX&WrDmb2f5y8>d|cj^*63 zuh+4?=w-FN2}RACSo2$rg10Z_e5yZPt1?~dH-&B>1N0?tqfJ_t)BU2=K3KhM$6tZ#* zBq~dZoSJYMSy)6~(3;)SCD^5|YM4UQ7IssRa{gy+fUh zrXb{~=>bv8f7LU+s(?JZ7H0E?UMs=nQhJ=1ps{wl&gL*XIqcMeE`71WXb-Yq_-k(n z*ICP2Q(0F}9Ud3>_``6e$Oqy+DfgnaGp+7m*7Zw5X)KM$VIm@O!hD`N9MIF}f3w3s z*)Jl*G=U!36)2hPifl-c2$28FLj2_G z^_GPD%j^Tqp}?HHKBatl=IqspJpKz5GD-m#?d>9{BNq4#!EVhc^6aJ z@=5epg+8yF!k>bRB`g}9r{uDuk=$N!$FB0bmB)<7wX0u?k$hRnBL1U6mo;DG@?mUN z5mDBvtT_lr!wetY(2&FcgO=w5bvDR8TwnP6>hC#DWAMp`m70#Pv@U?!lnUfp|2-hd zAbq++KN`xE+4sG92&J|_j{r)nO?A+@B9jwqm+pCUiP5ZaUhA&f9{}^&z=nJkdA4JJ zxQW+oWLIF5aJLtn=Y`C&6+hx4cD`{QSR>Y4?TzF@ravr1-%|Ra+4VfY40)MpB^`(3 zGEAGSmdr&1>jg|kM3r`K9=5TCohz#@%Yyk0w#? z9<#QQE|rmwF=RoUt#VkFj7RfUy2UqJMn%s$`&q*!4C$ifaOg?`RgNvK$jqt!DiJc2 zkyj4r>hFqVNt=H3zQg=TAK}6tNnWC9FVR@wSlO)zH2cR{WoWB5`yfKZ6Ne=o9jI_E zPGN=@UXNMDJkNeFvedM}r#Z@U?V?tAmvC4wR(y25#3OBs&&ecB#dyRA$Lpxk?8%yQ zE}(^P?D2|zwE){|$ND(KZc&tgPNm=h&yVfni?e*vJ-TPIj08n6rjEvvR~Kn4IW5!^ zAJKc5NPWN#k|RHOkWE~2hPEJYq#ANl)52m*<7}h@mxSL&8zF&1mFcLPj1EAKRN+5s z-1&Be_qDl|Ri8DjKsA z(!+7Tz4^t$MR6O_xUv|ZIkNV;%B-tn99}7d(BxN%i2P*zZ(-aOGF6dMgezYd>-&01 zz-5Nhk1K3~z~ZiY3PBjQ4NE92qz)DSWh`JxH1w_2GlJ2ZOYsR0L@!awnn-b0Kr0lQmht=ZNMxJ9i{rC;WX=6|kw z{Dt`JQsq?YUxJkQWoh+-dvD&;HMmFJqmHBrT zGv-W7`_Ub^zFE1n!WR)G50XQCu$y*KSC?u=IV!d+lb=9bLp5=g`_H^TZbw_Rf4jSW z4h)yT1r0$M(6v^Fc{0|p=9HNa2t*&Mxm$j-AA&sK)d@!Er@gN&cWAAr;XNN4L0DrE_ zydKm{%ZKG6C-`S0yHxvNj;S-Ws92%nnL}pVYEsRkqSp%G1x%Gj z!O{GI6jr{o)Og0qLVlG&X4U4^FHQ@`k<@!8Do;z8-eKZnA0A)fckmBbxzx0OH;p*_ z&;4pSofqADLHjV~HXhmcQAR|B&BC~HbSy66t4~+EY28!5*`~9ON%iqk75w<7y0*OW za#pm5hZNh^a;MiGBdUV-15SVQB0Y*eA$UA4T{k2z#B)S# zmK;ysC)Qt9XsdMtz1i%)F3fiRm1CYYR$Z)!9^1kEN_wP)>{@VDsk$r~g(bul;j~~p z(w0VmEAZSE)Qv2;?PxW2496!EdxG4;XbFwtlJ?6QQfIELBkBO8+s8!jmK%R_UpyeX8f^|Zer2Iea&npFyeceAeRvTG{vR0o^{#2 zj0ZtB-EG==rWw;YGmYu#BOtJ^^Km`nZQ?G|kALTbNeu`@r*u`GfGr4ahWAvLV+@(! zPD&xZRh07!QfmIH!7FN}UqazIxRh>Od^^K-4f~!ATk;?Uo!iGO%+Ha>d+(MDD3-M& z(c?Ry{zcLSI0V8{1`V&?beb%Vg4uqcnz>C{H}c|uydtMREBzM2(YS9<*z85)y5?4i zW1!QR<9zkw>#e)=52+a4vz`hu6p?U0ElzQI>{-YK$8|)hjS6gaaO{R^Q64$B{3xB4 z(XGy76n`XgZFlNHsV?ibX9ZsX7mFA5TC(D%XhzWavh=86ywG55NK2j*HP6R}cxDaD zM~QO&eiwMn2JVCk(}9APSjmL%tIE&W#8e08x!%m(Iq%Sl3HKHo#KPrZ$Cn`P4>d7M z7WVZID^JX(hnORA7#eN%zEl?R zSg2k4Q0z$y@6uH-iX?hLYvXPH%~#fD3cVX;{2!I@H_*r!yz!e1Qy}V2$X2?gmEZ-I{|=*7P7-Ym=%L z_SX4F6>_rKA1D#H!Mmj-L2rKPz|drPeUozBs#3K|eINvlFo0{2X)`nyh@qLaGql0T zv8r#&>f2Xo@YRlCYKbWGAui|6tRlJ2az^1b&3LW4;M`PKy75z?Lk_kkB?Ri`b&i#R zFpsu`1M3uJn<6-lSe#+i`d;};VZHFbeYr6_$D(~V*y%mlW1Eb}8c%NpGYIqVq2%E> z?~mNn5L8{Tt$IT>a7AGk+wd=^!Zu z`RJO<(X`W}yqSZHeL64|;;*6+?@dLC%o{0VZv|%40~^|akh!vbb>MPtWp!)zxn$H? z<&E?5_fvGA#*9aPuRU_B)0MC{uU(i_QAwzIAgR=WSq9?;vYqXNzNda6ubn&Eq;naR zA+*8Tx8#|`S3WLBpG;j}!V(kJ?k{6s$b%3du?;b<-JgSPV7DGQK_%BH(kQ;A;rS?W z#1z*{zqb+rd2VCKoHGJ7p}cNCk$4hr;>GIfXP~S)6B}dE$}LNZXge77;Ju8$zd#ou zUa`e_jkU@Av%n(&qP$`rWD7J^hzM`KD{eUq%Z)~!-hLqx$KcFGN{>eQo~>tDad$~t z9k>AU@(ZBSkdj$1`HbpLw&;yF?>BgiMC}{8+UJO_r13#Zy4Ya25uj~&nf&O#2QU5r^szp zhDIWX1r_?J8`=8HTqY%AmmRnyB{9$51oMSx;*=JpSrtzwB0ZbG*$`f=l{gOg@OERY zP18UrFfkSFVx05WH8-bqCb849OHh}gtarW z>WR$Y)B97>md$$zJcF_Y#K|<@QC`ISKE1dM6yG_M!$`)M#wX0LL9LJgF-Q?+SFm_z zQHyR5sjpU16oE>xHz;3-8v|==uT{1Gl zZlR+b-!5(OTrJgrSN8ekXv2Ef!bAk7yTOr~!2iy83ja@-?4KLNvr zNXp(Y89$CM3Mbb{bwxvqRCd+{bCxWkYF>TcIRo4E5O5JsX(W3$U{dpVj>H5lpBQ9p zQRXt|Y#>^q;@MVBLr#D73Tz@1q>@T?{L;!f*&@d*EMeC>zc&p!2<8Z&B6p<& zzz?xT^&Ai<(HTZ_kF`3O&nhuC%^KyNIW<(6w2VGFfk{q+JVeBJT{JL>N=?o}B029! zL62qTUPhW5FbpmUBLYN)NrjGg(S+lgqzBH#UgdW(6NICkH`lMS8e4CU#M=&z(>qUf zO|t1zLTY_HQhd6$0gB@b-_5jtbJqQ)+U?Ch()IetoB8Q~I^zUl5#S-u*CiDrsY_cs zxfugtIUJd7j@A&G0q1=CD{LJ~Oe~?}39&XHWb`UUE?~IKZd2mC%M7(O;T_LQPTGc} zQIkCmvFH>VhCo4V)l@uMDtJYK53j6H;uP$;;|SL%rsW*#FM}k;4^qd?frr|H zM!((t5)^EfAtlNkRhgn=QFOd~KT>Py(t7>%ghnNX#PJW5^b?a*5gAeb zRi}f9FE-~h2F9?uc9%xSS`=Vq%!7>mf!@i;5jzj@P|fSfEH2a?>!&ma2fRwjI@M)O zOeeSDWBVTSwN(61)Iy9T2HTbgzI~f~S0HlrjazSdmcY&d504ekN(PTQ(voThfp0>+{lQ-9ah_E3O;E_(mUN}+gYIzzaQ$U* z)~-@5#`c~CT8XHA%Au>zNX^CH>OvxJyvh6>8_6AmE9drK1&8(F^9czcQ7^67*{|v8 zkkkET`OwSfGw^HJ#$3}B|NJQb*E<6T>)I=<{be_FB}@=xWY~8lj@IvtvO8;Ud~Qn> zvZ9s5D)ZfeZ6#{=n7h+E$sVy@ylm+y7?Y$stR%>gx=l4}$tr<*>qE zcLS04!a)h5bH3vK<1$*>OK^Zo4KFoaSADyjK$UUrH`kc~RcrQ%JttJH>*7%@liVvQ zW=N*($Xpz@NM6I~90>A4#L6$H=Eff8?T34itL9+tvo@~R?*v+Ixi0Hpdl%4ufpICtfWx`df^&(eJ=*SA`>Uj@igku~fM zpWRIiCX=rREuf5xQyZ^k_I^?~ffjH*estwF-uf|B{{^yuWAZQ~9gDP)w>M1VAbd_R zKK*(PCnMOj@C8r9yT2-(I7_YjlXEhYIx~H1%5KU5wz0#~df3!adC_pf@}8;_btOk5 zfz#pSHSq~ckCL(x;Y{6586qx3++0w>$}hxp4Q%YJvhK=r;>N&5UbqPo>dl5uy0ffj zY&SjQ$@ zIyDN%5JERHSc0EY0iMJkK8F3=hT0FScGD_^8gZ7G4^0x{LHgk)K!knt(ywrGa#l)rSHI*yXlRrC| ztSQ+a@KuSuPLZKg>0LWJVve$#?Zlx-*=W*O?>cYxuH2{E!>OUaZQ$%i#hC3oxW>C{ z>UVa$)e^%+UoZ*^2^~{li(M!gvJhu+!w1?Xj?g)ey~^eAY^|3P5`v7Ar>BRYk(?ZY zUH5|fZTt+!2V}Q0J`x7C-H%H#2Lm{hfxvCZF|VsuBTvkkK!B#p(V3VP zlr3a`ITh_+HfJtetdGashH67^yd^^v0#qGj;sV=YQ(6B*EXzob;2a@ z>-t4z!6fJYdK5>$AH@^fTY5!0($i)90H#i2`8_)U@Xt+Uv&vY)e{dWj-4~0r>ErA7L&$hF(C1tk)nwchkfz;5$0-gIawFh?h9`^l)^tw7+$^3S-CyJX!xyR}uNm!l`v>^9|@m($ykndouMX6MwE9BcwIW9L~?UaRy7 zPKxmM^Q?+JbeCPGvWo5zLsk{mTRY#$g_Lcn8M;a~d0ez*u1wP*G2GJ+KcWG7T*I@99=}C7uzwc3ZYC(%(Ux_Osn;$JtLJ z_?nB*aGVxcDdrJeBiibi>c7KKODd2YyIPc3Bw1Wyp!X@AG}LyaOms;%Y863RF0P@G z@cNx*w9U07SKC15rJw~1Qu%#7Eg0=eIU3bTS#`y?WF2E~d|4ybY04AOF|?hSr`+uQ zWGu1*XZen}t?Wu3Y7mO~NMV${)V)n5PNuh?dMs5Uy^0_;HYcaD-_l3soV((snMA)G z@r|6y<+MuNSs_gZr{u6wi;#6C`QRd$z3Rj7DqO!W9qStM?-L7dU`KG$a>FJBafzv~ zj8MXxmgwt-_*2a}uw*=*JARnO;w1j;8iIUG99sAfyq;o8DePp|q++9mo| zfoRM350C@k)Nm>}#IvVb<|u2>^>94Aa!et(;I52$<)vHV(Z2(!zV<0;PYkm!0f+ z570=Xs|qD_M8OeVCpQQZR>We?vU;6HqpS?w?b5iHD7s#(@H|n{(zwULdj|P=raJ=7 z_Vwsuck({XqWh`mmVds}A(jfrCoxC~&wue|&bOGVG;OfC@hdxzXWZV1P8PGQb+@x~ zE|O^LN_NT!w*wLX{V$bF%FZJ+)b%_N3g;sydO*X*PaG!-dTUS&>*di&+`Li zm#r0~8-pxhAF;$#%)>)snBP5}zL1 z8n)zc;A@u^NZU*Juzbrm`}@ZAPNj(Q>#{%+epUVJp-wgU(F*y}PixEo>I!i_YB>Cp z%YewoO<%%`uY%WdW-iIR1y3zl=@w<<4|@}q7R>mzo?M1&|AkZtCwjC~d{2@6U|~wWmCKna!I(6nYcr4Tzo*f_w+x?&e14eHZOvC0tm6>Es}6 zCrJGOscff%k;rZEK{(IS=`1{3q83loB`v^-IyyYJsg6MVrI(^czlJNg6gZUw)7cXD z^uako`3qz+rG=Nlb^S;|Uk$7|I@>ns6>?;GXH9~FzJP37?&h{Zlc)uOzaHc|ey90{ zqYVEV!kZagrr@lk7-MLvavi&jYF>0yxfsqz9u_w3iQ-(LyhM?E@Lo79kH9i#u?BMc z(Ms7UOc?>Z`G5-DkcYFKiZEhSLhR8L;n>pu6H6mXbZ5@UlAgkUNON^qCuKQ8!Y~K1 zo*@S@I>E>o%lZ0l9y`I2l!?|{#*M!K<78^Lo6VyUF2+_6fL&?aik?w0nnJYkcnxas z=k6Oso4Jk4R1lV7L@Yz4eEOEl+oX8kva&ggQn-vB z_3)%CLD6}N?a$cQ+8@}M7JE0vM)||*JkV`OL5lTC;y}Z2SqL**UzyYUbsk-fAGP1w zQ~0tb!DUf^*$;Jg0OHHr`mN#E>d)HhTjABp03l0nr^E4hln`q-Di(DO?WcHqlo5{B zJtJq4FaHNb*7YPydEucvQL9Q={-UGR^e$Q#Hy)U{;;$WAl{^zWFgaH$GiH>0A~?#a zrnzH#Wa{f(%q_0I(iNvqH(o@XgET(8|GDH|N#uh=)fohGBMooRtvn2Ps|^-jnAW7N z+bc1(dlY0~>Y476lf;&N?!k-N-hREDnO_m{Y+0z>fg&V?l)N;&wq%9LI>m+}WV1sK}gXsM?J zbG)}7Wz!X5A0}qGCcpRMNP2Hu>VMJJWQlKo~o*g)3iwMkNy@#&*EilpOXz3Um#qwf}*6k#AL=!RRU>jj@94Yu3!U)|UIyNHK2cX6`FT*EQa;I|6+yC!So#f9H~ur9a~~Qzc1a<-IGUS5Y={M<<7sRy>hQ#ZaKKbmb8OmD>I!5ac>=4H{;-J_im;lkr!}vAVho zNhor1{)GoMX;jKs`s~42_B=fXSGhsGH2szJ1VBrk_a@dfHR(3^L#?jm!PJ`<67&BA zRDDQD2?f;UmbP!1(_~Gq>n;~ozl>oKpakpL~WmG3GsSQTzKFA%Gr z!41}cSCRW>r}!SW#oLHJE)nH=^0|kdCkqk~cwx3*a^t{*bB}t{Cq{Z`vB?DdKFd|A z1jabOlsx=Qn&eY}q43;xeOga9<0n7; z+L*)REoZ_2&E&=f7(X_BVzcfd+RNn-8K-Nt*1500M=Vw~{&C%Pg+5Z2>v3BAw#-wy zml5b7#0=;*%DCg`u`@r0^%TOt5K0pgRFPXvaOsuZ2%Os!QHX%2fFPNd$e1Ih9=~5Z zTI_)!FXDU);yU3npoMVgp*#%@8o=@-pRq7BEbQ%z$Us$cK$NX<=)TS&4PwfeGyNbC z1+R<6%}T|q<->sjO!_6p3!k1Yd+7uC@WJP~angLeX5iCOe$kJaoM^Z;GcdPKx7veU z?~G(b{rCv|AWe-MoHu!+s4hR=voPpj5C4}`viLSi3VgtHBn)o7Dk#m!o0U>f6RP3D zRr^3vtpl@Zv+ym(um4BLj>=lUKQPXAxZ+<&E?7}#7I!qtd1kDcCpJG`$pKNTD zb?b6!Vy|gpW{yoRu>mDlf=V5t{%HVk>e?Ca*nWXcUiGGF=uq<5w;W| z#S*Kjt}V89;l#MzDWl|0fpDI&X8_gdpQ>1Awc_>^llN)-Iw1wd$BHnHgfn%6JI@Wv zQ$-U<>AgzVhT+@_P!7W%409X1QQP3ICNILU4~)=>AsZ5Ewqb`4f)ZaM9S&uLHl}Ui z3(Sr-&Q%35p`yhbLxf%hc(3VvHH%F)ys?^(%M2v78Hydkl(-JikEeJA;u|>=X*#*V zFV*$0P8m$GDq8K+`M_*Q@U>#)@D^okiV>*=r82e5slt<-Jxju-Cxuv+VNEtuiki4M zg1U>cbsAWB%Z%EL(`<%s>Z@hLF+umkjhguM86{xvul#Q<@;Zk`We2C@$X;tfV$uaa z3x4YS()6)>vRm}xMOZhPWSLJXK8~+yog6k+YGNk6%$G{Z1=F?) z3MO|uRVpX8yyBCFIhlFPDgm|j9~=N3AYWB*g)0bB>)YP}+-BWj0R!}nLTUNnU%v(! zamNY@ob8|koi<$2Wu4fvbK%(iZL0y!hXmJ+DNpe^377 z4@Q`UR^8nob(ZljWB7;v$r=Espoc}uZ1fi3i}Re$j86D;8^lxXGt|8=>qJgkp?p69 z*pegR766w2p&0oze=v5xu;D%2&Y@)YR9p;2g+B|jI^F4%Y!VUdlB7%VP~j(5M5DNg zEe^sqvPX{zsN$LTfQ;#5XtN-@{!YK*kE$qs*2pV({W$Kz$NjcM5eel=Q+1n7I|L8hEg$;9NVus<1m4d_X$Ry!a172I!V;e_+Xv{fuz0%Zf{C)phLrEJM>W#-p z7{3~uX>n?2CkDT4#slpj0~It>-gtIp0ooN3CfynSjE6q)AIjp}KA;hQkx1}u+a-3M zbY(e*jfW??4#rY(_QR;yD6ItGC#QQ*plm0kzT(COBP2Ro8<+W>BIx_^o?J3-lCQ6O z*H?K@^zzNfxJKrjN63!4f!a?WI%|mEf9kVkyxNBjwgA=7KXEPfZNH#VC5Jr?VXevP zGdy1*!);lxOkrkuXPb>Vt;FnrcAJ0Ibm(Gx_mR zNXTh=1~fdVo&rlq^xh^@h3z#u0dRwTwb~t2KCy3DMMQ*PU0J{87*V*6c2eS!M{~#f zI|)wosB6FcFJ~~XMB0N1co4L0au&D+MmjA;dYQro; z{<&-*=vvc8%Qxbn}91L$Sa{^!O4Fr|N=l=14+KemXk!F50Ve`~kGE*`qTI6%#Kc;tVanbxBb zEsb5Bi*tr~TeaCBn_6V)a$S`C`fKWnNVg6M2*ogtph$b@c0nHgr0ic-``>GHKW=WU z$Egq9mw!9eA3T4m4Em0L8Tdb)A!xH@2jv4_{GHpLS`)K`g2s}%^{6{+ z6K_{%STr6_CnroN`WPT@OnMAtb|9$b?+5;uJ>3dE?iocrw|4AMzvlm`?5x9@Y~RNJ zsE)dsHK8C9g2B#iGcMQ2bWi0m<=`VbGv&KW({IS&g z|NG}Sc22PUumJ?J^Z&G7&~eZc!Cpbx7qTz7jHM(tJ$Ja6e#qd&4+&T z7*c?nBwZa{@YMP$zCg03{LDCNYui}3Ss>~$uz`DoG};dKR*B*>b_?{XX4NVQkHHv4 z#vv6CO-HwlAl(?u_l5Kto04@T_;#UuvC|+XucZJ5Z{Lpgnxw-%4Wrn$Oz)6|!zs4& zq?U;TY%8S5Zl$b%6S?I<=&%Oo;Cx+dDBu90(SK=yDVkSxO*LXJdj^MO8?9PrGx`2~ zg{IfY>;{VvETekhylsO8+dG^xi}k6oLQapj4oL!7Wt@58^Yi^UL}IKgD{7qQx^tQ6 zk+OcEhiSQ;cZ|Q^JSyS2o#z6i6VsPfst`5US9)M-B%Aw0)_(*I2#x_BS7dW-El4@G z(-7@m>(L(T@~Iz<;)&f7k6}j|dpv1%UX3z5I9{=a_DepGVi=bF3CBpp-6D=<-h5IU zx5>~gM^=^NZfo+yxzH3ZJ^B!=S3Ij0*g{`Y4g0}ny1c*zw@+csn$?hlb+5({Ds?`A(@qKQC!cH&5*Zt^s z?B6yL@D!*ZXA(MWrnIfScUYNRlx=zfrV z`hOWCIovD?M2hHPzY}hsR+G0ugA3}e&rAv`HWTJ3f!KP|<+4B%=-QjAqK;W0OTA!@ zGtRal#{w>O)E9R?&`bw?iNdv7YC3;ISJ;mnHFd*TSYm|kIwtNMR=NZd^%6Pl_!W`7 z$9Z4l>dNbwv9O0h@nNp}M3y3sBjpoKLtmZ!R(bX>n=Sga#CLBEG1RJ!PCtJx1ub*{mp1iVd~rH`ddCjuc4dr-M9! zX|yb)-xh)DUcbN}!)k!)8ysWi)f(%w=KpA1E;1Emz>;CwQXF58xQIFTI@Vw>%PGxL za-}UQ(Q3gzuH14V%{%XD3nQsVqkp6-=aF9iKC#k*Ej|Caw258CAcFt$&liI$R%hcB zOK=BV7LO~e6tZDQ`VE~s)l2nA+tml9Y8F-YyR5b;6zr0f6`aRg4F26YNfo*w@fac^ zFly7o@Y0oSn5n0;Xu8j*b{C8JS!{*x`O}5OitgN*$j{^}13TCU(b8epJr8TQy~`HC zt~A>{?-z+BDJhzsML_WE`@ho~jy)yuhDats{no8tac+vn45eec8Lty9{>IF=6*y65 zMVryn{);2qLNiE|Uj}+Nei0eauj2W*nQ~r<0UqODeY6xk7G~PMYvxl%-%r%F#^848 z`%MqlM*JH)h_dR@yiF>73nZ0xqgDN0=NPhW!;!m*^kiIb8nZY)B}Qnb5bvSPnR;vd z7%kS>vRmacDfoy`zVPE!Qo36!hS+;j9=^6U?zD8qcHTyD8CWFUvB?)UDa`^W zC0FF1kh3oz#>bGWb`7GXum_(-ockp|;x)sijlIsrghH&y#DOJ9;#;e;KZ}yXL_{?|^V!Mk0}(ch=RRR%i9>&5;EX zE95{PDLQEl0G-EJ_6=T#jonZX4y@aM#@<)7X?Gh=evCJ3i1wH+pamU^;nudl%j~KI z>WY0c9P@+L+U9vo&PfR zn&@2fYKb%a6+u%Og#KrV0h)^|9x$cqAE2R`dvi+_btrcQcqNyKJEhf`wi( zHOGEJYvZNtMsu`cFMF-kWf}uqZ+~9x;U26LUH0i(AM87`-0|f9a zqf4iJD38Dg@LtLUrbGv6cm-8S;Ya}H#}0t~i}gkhWm6?_aM|hI*`i-AJ7A(J1hi4v zUv5nYtef%niUVeBd7sqXEn4>d6~t_k4D6Bi6XnhX6!3bXT>I__AX_dwYq$dM3X;kO zoMJfai}l$__dQqPxlP0iaAEe>6S3%}EE^N2Hoh-&O-v_s{!eSA&KLrG+?UmghjX$KUVmTZe&*K4{GNJQesI;m#Na*#Vex$ej(SCvsYeF=$vAd~j z?=9xg-X>;~B%^oB_g&if@aeI}kD11j;BNM=OG26EEuHa^-dkTxI?us3ds=`9G{_+d z-~v|-s@x0Eh)aL}E`R^-RBxO{tuno5ih#@JD=>#|ne2=p7^cS70XOked}IwFO=#CP z18Mmn!NBSW(XcVon!lMbpB{^%s)D2(Cgp00Z${CkqO9=`hM3{e-DXIe*o#L=d?5-iL?$l zfd_$=#6nu-TtLjw_&ekllr0<(7KvMVm}(fqBctboRKsBRkUk=mcuNeeQ!;A(1u5pU z9$W;=Ez&9()O&(#;lg;iMvU=GfU2N`aNDdp&?Fv(Q$fEO9uS6wt7Jd)hYk{;H@g9h zv5#cs-sdlcfNwv_9`gvY;u1;;d3}dLBOn_y%Rco~kYYmZ-X8W-lTpAYA<6+!{9UpC zJ&i=sIUG(R!r@_~fa!R&;V2V1vZukKGw@QMHlt->k@B09zlbqMTFQcNaf4wY^OQzO}Xa z^69O+T!T-) z&i@}>?=JwuRv(IkAevtT;w%CC!^mR@R=XIg$ewH0%vW!jc6#;@jNR%5$-MP|87hf5 z2aqiBKm%w9W!0q0p9-n2fJ1{gmXufwLH48AkRux_>$-A_0ubsB2KWRn2-IhrQ~I?P z;FXIRiB$&D&2b?vC!ChuC!Q(0g4;(86HW;r(}xa^YAv5kn2|`b0sF09q6i60U?WY$Z4$4@T}wwL^@>jq4jox%56Koq9ys#AX) zCNs&)$#pHZCMwx=Da%J*xuP3RNU{aqo(=$*KWt#Q=yoT(Uv`SzMI1qdtq1Ul^-a@% zKROI^Gryi)W>(UE?TdS4;~NF z*{z12(Xu}`_3dVRWqQI1Cuzj?aqVV0TVGay^R9Oz{X%|0lC|KY>IjW;;yzusx-7%W zc#(6?TT-z5aYyIpfW`U6sy#{wzqXb?yt&w4Z7BSppNKE2Ucklc_K%l4R|lCYH9a2y zVEksQ^_iyGV)M3lxkAyH&q>oheiTcJeIdfEF0yFnK?;C{z;{uqMhBu31T$0V{5W%S)}9XT^|O@hwh|rWM`ID zt^4>>Lh5HDWUx9-T~?8UBGcs)KlXF2IjGUKxEU7@C2+d*DB|x3B+mufA&5Ky4_oT< zRixmkatbc^nS06AW`ZJ^4lvtSFYZ#cNGPg9>A)$#mPB_KtzcYNBrxHsfl!$Qh-^HV zIwPolF48eo_zCe8E>VVCXaJJ8aZOaGg@p4ggK?9ISy(8x>c0f=saQ`nA3>E9Gv68h z4U<8Z=HK4uN}!%tHD<8oWd(eZ9Iv0!8~I)o@O0$Gg{`yUx}SOMTFP`jO4|#=tOeb& zBKB=Ej~w^>`=MIFR1WHt*V&R(*>6ucJX=L_RXU~x{+*N%kIPL;L-79 zKXh%NT$(k)ekp0t<9bEtpokt;pTq3=>EXv;u8)4=4MGIj5K)gU*Qnij0ts3!*!^%0 z)-BV)9$pn%nc+e5@(*gpxmDDQKnpmJJdT|cs|N?T=!R=f&aP!77P32(@l;NFqdt{v zy=$~=yq!eJaX?}xQ0!Bb2yN8&}S| z6-wOCCpDqF^cj5fV_%*e=I>JL>YPaKa;g}3y@Hw9^vrzVb4RoJg$_b*lP2j)ma|U- zJ#15~X$;K6`v~JD$*_1-O_xWnX4#Na%II@^Zkwyf5LvLXaoVlHA*d|CrgGv8_o+9_ zum5heXnY!%2r@Gj3u&N*;@aOEuKn4mjMgyrXu8<(d_EeHnd~LjW{6Xu5Q`3qu7t~M zv=RYv*{ftMw-N7O7&`Wup`XYaK2~> zs6!6Fg2%q?u$hARBn4k$sb87Gb+T71N-s7-1s4@rYyS*1j*%01$GosMb2*lHld8HV zIh-w>4Eq7{Pf~X~Rg7EoOJz!HvRm&s29yofhph2MsLl*ms8uIwuA(uAAIHb5BPs094+LWkt%dL=gY*=AwJn1ihcX5e_4D()8aQq~1!Wyf)! zp~#cRE^+&v`oQXI${==?>0Xc%BvMjBZ!7T^6yOJER^sF|{puPDwsM^v{sI@L`L&y0 zkWLq>ZpD>|}@1Dnciq0}2QI z3jZW7*s*i7?>OVuF)H16aqYkKQpybQIeLSXoN|ymBe7(hMIo?o|LCHM7ag8iW!xY| zv^VXT+inYsL0KToo%(6_C3JO~e>EkT7B>~9HEl=zP;V2YWsV`h5hIA~)+;`6{?u`2 z!YvPjN5+cCQO))pqSXUCxtrbCIfE!N#`7GXSn2dF_$JzGV%a!0r)=g8Li95=(K;Bb z376d-AqMe=waV|-F`&JdpGLdkr-4RI#zY00PR;f? zk;j2k1|N>up9OLbPLi2|yRuBRaF%dDU?2vlxN1meVu!|~SYIErTHw7Hs-gDpf{AgW zQA2w)Juca?Qj)ouzxpQVcnV~Y4jwQJ0~~Y#v*EKk6OR(UY7vKu_2$vUau2Di4wF8^ zm6OpqRU7TIqEVY~leVJsb|>SdY{$^L8y+E9ESd;$GkGV0C7@mD+8zfvH@g#MrF7>M zuX6b!YdIN}h&-xZZ^l<1E!P(2WNLy(GxyH+7HBKQ-fDz%aFF$E?0U~B{u=L0iy56TQwk1|mmo`_+8Y874D$7c% zm5{5-h`w&O{%MN~z;|P1ReilPTSG`nR8zPiZO-iABiDf-umQ9bnH=p6<5zulWb@Rx zyd@}I$XJh}4fWGpM3X;?fqn=DR;YF>O_G**)!Q50SQm<{YSo%r!#97%SsqBQJPr5^x$)W#S{nC!nEAS;HS zDhPTC-1d%@3P&`!d|FHTzRQM#u8%}s$mYsruD7W9f*L6a9kP?mxj1?aN&4+g_|(^fWZy{5+axs(w-@`!WJ8oKxFqr_)tHkazqY2j9H?oU1WVwG-b zF{Twsg_ZN1Vjpc-f6~$b3+s<5VP5L#QZ)^4(QDkZwcy>)_O@Ty(39!)Yqr==#a=Sm zP!8my(}v1QW*eS?oYJ@>%Gg$V-E?YmUa!qv^`^@Hcg)gFD5 zYSufPhcPJZ=fiGVt?8f?vMH0E2aFDr7wj9V44P$tTIPibHYJiJQsOPk&>3f5{lJyP^X$(wT3Q-5Lh0}I zm3r8Aqj3n&b_+`5K4VD%dAdO9!`T)YT+!CdK7CAqDA|7zl9#e>IZ`r>&hp^FS$Mc7 z31gNtGZ0MU8s=f89I=dJHLTO92}N5VSj#wKIHsAZ9}w0PXY1-)n$i4ZoU3rNOTcI%~w%IjE)A>0eK ziHH*)nGliZ6P1FFz2b~Kywci~%Pi*9T!`!_tlgg%t0C~h*&tkt@I}wtlb(5)^XHgV zVjv+DYDB(Cm6f!mfFcHQSQ|d?=_0>A7dg3`=Ee^f^gu0?F8ExRT}+EC1WGJ93b3!n zc?02Q>p39KAoeITbc$B|xZ>b?xO#NxV0;a1R6d20H;vNx6Y7Q=5O?O2Fr#B{w_O(J zV7seo+w*iL4NWw1?v(VYMj>-!wP}XFR&^Q{ZHy8?*y}uk>Gp1SY)gyQp69v_O}P)} zvx`q}bGc6WCUaS=oh>0HhcTAH)|gjPoMsl$aP%y3pn#^-L8U6iTTJN0;5WLt-L$6$ z?kP=UPIB=UghcNWFFP!;YEI!svJ9q1r$?OQ4Q&#pBrHky7FkgS@&y z$6kQ+#qG-edib&det93rp0*lFv0fW@rq0yqrv=XEl#ahMI!s>OEsf}Zvhl&h+&s-t!6kQR0k%btZVxcd^) zT9Dxth3~U=O`6$Iv^Iv$6gt(!MYLiP0|pA-l;){f!)pMiAYPFzw}F5Xj|=OEFuq{W|LhIg6@0WGJKZj)CEtS zuxjp>(>zI8`^bFf+>FRzqfnFR# z3tPxO#qQ$B-;SPfEhpDzP0?U=Js$f69BAENrr~K1bfvHD)e`bLtffB@7I^$gRKB!+ImgiY~h+3&z*=R{Wy+pg$7Jl8cDlA!j zoy@w*i~LFoEv8!-lj0eoh01Gl%VU1+=*<`Ys+~34Sd!+OuyqB%D5Z*}EipZuAMBK5 zn~bfMC`}sb8XBWA#h#2S?_bxr^Ifvimu;6x(a(%D_Et?53|})`xV*5R4)2myrBt<% z+k<`9>DWV|jXzVK;wOxc0PV^Fh5M!&|A!_mUM*(};H4U~dc%~Q z;m3F-wDNX#a^hQ3a?H)p%CcuVGfEc|BUr*wGKDEW=ct@_aCw#0m+P!MpJ~T@_(w6t z2l|+M`6+=zlpYNwC{3p@9eqQ-n%ziwhHkR8;n+AWq8E2-dp#0t*?F z5~7XoU+OH1{-I6^t}EQf+&BC&&Tni;-5&m{D!Qo<_pJD|GGsJV$6-iy|J!N#@1f=T zsDY-!^N#$`bs5vSi+ni6>j=xg5_E!Y&?+}DHaIQkly0}+LX=1Q;{xH9+3@NhAZM2Ga4c(U?UR}TOO0i;@|KDeMaITsb0)hO<<|qSpvm*uQf?2!{ zb32+R0rxF3LO@dmEW~Ce*ukWDj44v~($C}HNPPU}s4Lg5E$`X8br=?k1lx^BNhn0X zqWjmk*C=e#s4dO_|+ zEc3?NnxWf49DMk-g_)TuuQ)8#)_yhPam6j#m92>nq*im7KW2Eq)9Ak2=~oM(7_EEGls2y3 zhW+Ko_|O-fEF(|UL_yTtHEI2`5Cvyo`osDNdIfj{dol7&VZaqm8YHYav2CWvUNBnW zO^5xP9mw;`pRZJwYfDS#)w6F09TbPrUZ#aIyp9y{q1RMleSP1*Ngds3p3NF62xHIe zFLA4XW;k{y<0E6Ln0NU%wBt2~1eNeH%Wn&YG>E zr%HQINTJZXuyRexW%6ea;!-^EocuyW+t0P&y80To3n>h)VccD;vf&!0;S7!C7KGH~ z#H36Iu+H^H1e11=Vx9)uRMWgijkZdf4M75VQHhSzwR48;qH!dVO~w1p1pc$m{L)s1 z@*~RNJ_ONWKD>61h=JlIYuWG4hu=r4t;=VG`CfgflC#NAjJiRm-2Zl4qM3)|1x{|R z*A~US@kt7L-n;wOTy8SxqX~5&^29 z=gE*WvYA2-*0uas`nW~<_`EkhRL$AVpK&-I2aXTt;d~%LelS_$DK#(M2A_ugl=>+# z>zy5&Vc}dISEHH7=EK~T3nN?2J{|9_(kCf7i(Wz*35Hba7eh5Cdz5qOm!?X;`xP+L zM0SVBLn#`lJp%@%soCQi( zk8#3Hf^|0(k#PqxFyvYKM@;ju0&V_ns02cD2r+~+fLbaWXs_s_^y6_jdgQ4`(2KXO z<)QCJD?F&G6_n>+FQ5(o!eJBXeR_K$jwoBS3Xx}y@IG>te?LIJ?^mD5;p)p;4 zoe$ZWpIHr2f5!JBt93hHNXEZ3KNZ)8#svh#vEJi{wwlG8B5CL)B3TVP=RVIUMYVrP zxj)ZvaaHV1_#H1|{j7D%sQJ`OZx}zNi|ARrI#go=J;d!p)4P}f5l@~Gb=3|sYQE`` zma`Cet#Y}FI#J1lelfSx|Kp;l@+qZ;3y{Wd4Dk0(u7w}YZgNWUMjNM5xh2}~KL4QV zFMj=0!B_Q#fMqy52u8{ajITaQu>)Ih65r z{7QM~^jP9~ND1qkLwvBu8PQ)cqW#r-VTP{k9h;nC8_u4laJsjO*Qggc$k7YoqvJ92 zEpMdLGFnzthE$L~j*6A+&XY9pWM*u#eIjZZC}fniXGc+I`%cw-pTRjV74@y0fWzQnx- z$rf~?PItoMRRpkr{kosV#`h3bA!1w4=lT@J9Kk`~)Q9OC4r%U31MZ?MZXwb?y&g@6 zzS=$Ya^iA+;_(Vr?mNjkUc3k#J>8CMF+1~ztRNTf-`+s5KS8Qo2oZ2ioFwA!;ir_0L9M_kCiEhV3c`8t+-g5OYZ diff --git a/doc/source/deploy_install_guides/r2_release/index.rst b/doc/source/deploy_install_guides/r2_release/index.rst deleted file mode 100644 index 2dbf2c58e..000000000 --- a/doc/source/deploy_install_guides/r2_release/index.rst +++ /dev/null @@ -1,63 +0,0 @@ -=========================== -StarlingX R2.0 Installation -=========================== - -.. important:: - - Changes in the underlying StarlingX infrastructure have occurred - since the R2.0 release. Due to these changes, the R2.0 installation - instructions may not work as described. - - Installation of the current :ref:`latest_release` is recommended. - -StarlingX provides a pre-defined set of standard :doc:`deployment configurations -`. Most deployment options may be installed in a -virtual environment or on bare metal. - ------------------------------------------------------ -Install StarlingX Kubernetes in a virtual environment ------------------------------------------------------ - -.. toctree:: - :maxdepth: 1 - - virtual/aio_simplex - virtual/aio_duplex - virtual/controller_storage - virtual/dedicated_storage - ------------------------------------------- -Install StarlingX Kubernetes on bare metal ------------------------------------------- - -.. toctree:: - :maxdepth: 1 - - bare_metal/aio_simplex - bare_metal/aio_duplex - bare_metal/controller_storage - bare_metal/dedicated_storage - bare_metal/ironic - -.. toctree:: - :hidden: - - ansible_bootstrap_configs - ------------------ -Access Kubernetes ------------------ - -.. toctree:: - :maxdepth: 1 - - kubernetes_access - --------------------------- -Access StarlingX OpenStack --------------------------- - -.. toctree:: - :maxdepth: 1 - - openstack/index diff --git a/doc/source/deploy_install_guides/r2_release/kubernetes_access.rst b/doc/source/deploy_install_guides/r2_release/kubernetes_access.rst deleted file mode 100644 index 1231ef425..000000000 --- a/doc/source/deploy_install_guides/r2_release/kubernetes_access.rst +++ /dev/null @@ -1,181 +0,0 @@ -================================ -Access StarlingX Kubernetes R2.0 -================================ - -Use local/remote CLIs, GUIs, and/or REST APIs to access and manage StarlingX -Kubernetes and hosted containerized applications. - -.. contents:: - :local: - :depth: 1 - ----------- -Local CLIs ----------- - -In order to access the StarlingX and Kubernetes commands on controller-O, first -follow these steps: - -#. Log in to controller-0 via the console or SSH with a sysadmin/. - -#. Acquire Keystone admin and Kubernetes admin credentials: - - :: - - source /etc/platform/openrc - -********************************************* -StarlingX system and host management commands -********************************************* - -Access StarlingX system and host management commands using the :command:`system` -command. For example: - -:: - - system host-list - - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - +----+--------------+-------------+----------------+-------------+--------------+ - -Use the :command:`system help` command for the full list of options. - -*********************************** -StarlingX fault management commands -*********************************** - -Access StarlingX fault management commands using the :command:`fm` command, for example: - -:: - - fm alarm-list - -******************* -Kubernetes commands -******************* - -Access Kubernetes commands using the :command:`kubectl` command, for example: - -:: - - kubectl get nodes - - NAME STATUS ROLES AGE VERSION - controller-0 Ready master 5d19h v1.13.5 - -See https://kubernetes.io/docs/reference/kubectl/overview/ for details. - ------------ -Remote CLIs ------------ - -Documentation coming soon. - ---- -GUI ---- - -.. note:: - - For a virtual installation, run the browser on the host machine. - -********************* -StarlingX Horizon GUI -********************* - -Access the StarlingX Horizon GUI with the following steps: - -#. Enter the OAM floating IP address in your browser: - `\http://:8080` - - Discover your OAM floating IP address with the :command:`system oam-show` command. - -#. Log in to Horizon with an admin/. - -******************** -Kubernetes dashboard -******************** - -The Kubernetes dashboard is not installed by default. - -To install the Kubernetes dashboard, execute the following steps on controller-0: - -#. Use the kubernetes-dashboard helm chart from the stable helm repository with - the override values shown below: - - :: - - cat < dashboard-values.yaml - service: - type: NodePort - nodePort: 30000 - - rbac: - create: true - clusterAdminRole: true - - serviceAccount: - create: true - name: kubernetes-dashboard - EOF - - helm repo update - - helm install stable/kubernetes-dashboard --name dashboard -f dashboard-values.yaml - -#. Create an ``admin-user`` service account with ``cluster-admin`` privileges, and - display its token for logging into the Kubernetes dashboard. - - :: - - cat < admin-login.yaml - apiVersion: v1 - kind: ServiceAccount - metadata: - name: admin-user - namespace: kube-system - --- - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRoleBinding - metadata: - name: admin-user - roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: cluster-admin - subjects: - - kind: ServiceAccount - name: admin-user - namespace: kube-system - EOF - - kubectl apply -f admin-login.yaml - - kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}') - - -Access the Kubernetes dashboard GUI with the following steps: - -#. Enter the OAM floating IP address in your browser: - `\https://:30000`. - - Discover your OAM floating IP address with the :command:`system oam-show` command. - -#. Log in to the Kubernetes dashboard using the ``admin-user`` token. - ---------- -REST APIs ---------- - -List the StarlingX platform-related public REST API endpoints using the -following command: - -:: - - openstack endpoint list | grep public - -Use these URLs as the prefix for the URL target of StarlingX Platform Services' -REST API messages. diff --git a/doc/source/deploy_install_guides/r2_release/openstack/access.rst b/doc/source/deploy_install_guides/r2_release/openstack/access.rst deleted file mode 100644 index 19f6f91df..000000000 --- a/doc/source/deploy_install_guides/r2_release/openstack/access.rst +++ /dev/null @@ -1,273 +0,0 @@ -========================== -Access StarlingX OpenStack -========================== - -Use local/remote CLIs, GUIs and/or REST APIs to access and manage StarlingX -OpenStack and hosted virtualized applications. - -.. contents:: - :local: - :depth: 1 - ------------------------------- -Configure helm endpoint domain ------------------------------- - -Containerized OpenStack services in StarlingX are deployed behind an ingress -controller (nginx) that listens on either port 80 (HTTP) or port 443 (HTTPS). -The ingress controller routes packets to the specific OpenStack service, such as -the Cinder service, or the Neutron service, by parsing the FQDN in the packet. -For example, `neutron.openstack.svc.cluster.local` is for the Neutron service, -`cinder‐api.openstack.svc.cluster.local` is for the Cinder service. - -This routing requires that access to OpenStack REST APIs must be via a FQDN -or by using a remote OpenStack CLI that uses the REST APIs. You cannot access -OpenStack REST APIs using an IP address. - -FQDNs (such as `cinder‐api.openstack.svc.cluster.local`) must be in a DNS server -that is publicly accessible. - -.. note:: - - There is a way to wild‐card a set of FQDNs to the same IP address in a DNS - server configuration so that you don’t need to update the DNS server every - time an OpenStack service is added. Check your particular DNS server for - details on how to wild-card a set of FQDNs. - -In a “real” deployment, that is, not a lab scenario, you can not use the default -`openstack.svc.cluster.local` domain name externally. You must set a unique -domain name for your StarlingX system. StarlingX provides the -:command:`system service‐parameter-add` command to configure and set the -OpenStack domain name: - -:: - - system service-parameter-add openstack helm endpoint_domain= - -`` should be a fully qualified domain name that you own, such that -you can configure the DNS Server that owns `` with the OpenStack -service names underneath the domain. - -For example: -:: - - system service-parameter-add openstack helm endpoint_domain=my-starlingx-domain.my-company.com - system application-apply stx-openstack - -This command updates the helm charts of all OpenStack services and restarts them. -For example it would change `cinder‐api.openstack.svc.cluster.local` to -`cinder‐api.my-starlingx-domain.my-company.com`, and so on for all OpenStack -services. - -.. note:: - - This command also changes the containerized OpenStack Horizon to listen on - `horizon.my-starlingx-domain.my-company.com:80` instead of the initial - `:31000`. - -You must configure `{ ‘*.my-starlingx-domain.my-company.com’: --> oam‐floating‐ip‐address }` -in the external DNS server that owns `my-company.com`. - ---------- -Local CLI ---------- - -Access OpenStack using the local CLI with the following steps: - -#. Log in to controller-0 via the console or SSH with a sysadmin/. - *Do not use* source /etc/platform/openrc . - -#. Set the CLI context to the StarlingX OpenStack Cloud Application and set up - OpenStack admin credentials: - - :: - - sudo su - - mkdir -p /etc/openstack - tee /etc/openstack/clouds.yaml << EOF - clouds: - openstack_helm: - region_name: RegionOne - identity_api_version: 3 - endpoint_type: internalURL - auth: - username: 'admin' - password: '' - project_name: 'admin' - project_domain_name: 'default' - user_domain_name: 'default' - auth_url: 'http://keystone.openstack.svc.cluster.local/v3' - EOF - exit - - export OS_CLOUD=openstack_helm - -********************** -OpenStack CLI commands -********************** - -Access OpenStack CLI commands for the StarlingX OpenStack cloud application -using the :command:`openstack` command. For example: - -:: - - [sysadmin@controller-0 ~(keystone_admin)]$ openstack flavor list - [sysadmin@controller-0 ~(keystone_admin)]$ openstack image list - ----------- -Remote CLI ----------- - -Documentation coming soon. - ---- -GUI ---- - -Access the StarlingX containerized OpenStack Horizon GUI in your browser at the -following address: - -:: - - http://:31000 - -Log in to the Containerized OpenStack Horizon GUI with an admin/. - ---------- -REST APIs ---------- - -This section provides an overview of accessing REST APIs with examples of -`curl`-based REST API commands. - -**************** -Public endpoints -**************** - -Use the `Local CLI`_ to display OpenStack public REST API endpoints. For example: - -:: - - openstack endpoint list - -The public endpoints will look like: - -* `\http://keystone.openstack.svc.cluster.local:80/v3` -* `\http://nova.openstack.svc.cluster.local:80/v2.1/%(tenant_id)s` -* `\http://neutron.openstack.svc.cluster.local:80/` -* `etc.` - -If you have set a unique domain name, then the public endpoints will look like: - -* `\http://keystone.my-starlingx-domain.my-company.com:80/v3` -* `\http://nova.my-starlingx-domain.my-company.com:80/v2.1/%(tenant_id)s` -* `\http://neutron.my-starlingx-domain.my-company.com:80/` -* `etc.` - -Documentation for the OpenStack REST APIs is available at -`OpenStack API Documentation `_. - -*********** -Get a token -*********** - -The following command will request the Keystone token: - -:: - - curl -i -H "Content-Type: application/json" -d - '{ "auth": { - "identity": { - "methods": ["password"], - "password": { - "user": { - "name": "admin", - "domain": { "id": "default" }, - "password": "St8rlingX*" - } - } - }, - "scope": { - "project": { - "name": "admin", - "domain": { "id": "default" } - } - } - } - }' http://keystone.openstack.svc.cluster.local:80/v3/auth/tokens - -The token will be returned in the "X-Subject-Token" header field of the response: - -:: - - HTTP/1.1 201 CREATED - Date: Wed, 02 Oct 2019 18:27:38 GMT - Content-Type: application/json - Content-Length: 8128 - Connection: keep-alive - X-Subject-Token: gAAAAABdlOwafP71DXZjbyEf4gsNYA8ftso910S-RdJhg0fnqWuMGyMUhYUUJSossuUIitrvu2VXYXDNPbnaGzFveOoXxYTPlM6Fgo1aCl6wW85zzuXqT6AsxoCn95OMFhj_HHeYNPTkcyjbuW-HH_rJfhuUXt85iytZ_YAQQUfSXM7N3zAk7Pg - Vary: X-Auth-Token - x-openstack-request-id: req-d1bbe060-32f0-4cf1-ba1d-7b38c56b79fb - - {"token": {"is_domain": false, - - ... - -You can set an environment variable to hold the token value from the response. -For example: - -:: - - TOKEN=gAAAAABdlOwafP71DXZjbyEf4gsNYA8ftso910S - -***************** -List Nova flavors -***************** - -The following command will request a list of all Nova flavors: - -:: - - curl -i http://nova.openstack.svc.cluster.local:80/v2.1/flavors -X GET -H "Content-Type: application/json" -H "Accept: application/json" -H "X-Auth-Token:${TOKEN}" | tail -1 | python -m json.tool - -The list will be returned in the response. For example: - -:: - - % Total % Received % Xferd Average Speed Time Time Time Current - Dload Upload Total Spent Left Speed - 100 2529 100 2529 0 0 24187 0 --:--:-- --:--:-- --:--:-- 24317 - { - "flavors": [ - { - "id": "04cfe4e5-0d8c-49b3-ba94-54371e13ddce", - "links": [ - { - "href": "http://nova.openstack.svc.cluster.local/v2.1/flavors/04cfe4e5-0d8c-49b3-ba94-54371e13ddce", - "rel": "self" - }, - { - "href": "http://nova.openstack.svc.cluster.local/flavors/04cfe4e5-0d8c-49b3-ba94-54371e13ddce", - "rel": "bookmark" - } - ], - "name": "m1.tiny" - }, - { - "id": "14c725b1-1658-48ec-90e6-05048d269e89", - "links": [ - { - "href": "http://nova.openstack.svc.cluster.local/v2.1/flavors/14c725b1-1658-48ec-90e6-05048d269e89", - "rel": "self" - }, - { - "href": "http://nova.openstack.svc.cluster.local/flavors/14c725b1-1658-48ec-90e6-05048d269e89", - "rel": "bookmark" - } - ], - "name": "medium.dpdk" - }, - { - - ... - diff --git a/doc/source/deploy_install_guides/r2_release/openstack/install.rst b/doc/source/deploy_install_guides/r2_release/openstack/install.rst deleted file mode 100644 index 7f66478f4..000000000 --- a/doc/source/deploy_install_guides/r2_release/openstack/install.rst +++ /dev/null @@ -1,65 +0,0 @@ -=========================== -Install StarlingX OpenStack -=========================== - -These instructions assume that you have completed the following -OpenStack-specific configuration tasks that are required by the underlying -StarlingX Kubernetes platform: - -* All nodes have been labeled appropriately for their OpenStack role(s). -* The vSwitch type has been configured. -* The nova-local volume group has been configured on any node's host, if running - the compute function. - --------------------------------------------- -Install application manifest and helm-charts --------------------------------------------- - -#. Get the StarlingX OpenStack application (stx-openstack) manifest and helm-charts. - This can be from a private StarlingX build or, as shown below, from the public - Cengen StarlingX build off ``master`` branch: - - :: - - wget http://mirror.starlingx.cengn.ca/mirror/starlingx/release/2.0.0/centos/outputs/helm-charts/stx-openstack-1.0-17-centos-stable-latest.tgz - -#. Load the stx-openstack application's package into StarlingX. The tarball - package contains stx-openstack's Airship Armada manifest and stx-openstack's - set of helm charts: - - :: - - system application-upload stx-openstack-1.0-17-centos-stable-latest.tgz - - This will: - - * Load the Armada manifest and helm charts. - * Internally manage helm chart override values for each chart. - * Automatically generate system helm chart overrides for each chart based on - the current state of the underlying StarlingX Kubernetes platform and the - recommended StarlingX configuration of OpenStack services. - -#. Apply the stx-openstack application in order to bring StarlingX OpenStack into - service. - - :: - - system application-apply stx-openstack - -#. Wait for the activation of stx-openstack to complete. - - This can take 5-10 minutes depending on the performance of your host machine. - - Monitor progress with the command: - - :: - - watch -n 5 system application-list - ----------- -Next steps ----------- - -Your OpenStack cloud is now up and running. - -See :doc:`access` for details on how to access StarlingX OpenStack. diff --git a/doc/source/deploy_install_guides/r2_release/virtual/aio_duplex.rst b/doc/source/deploy_install_guides/r2_release/virtual/aio_duplex.rst deleted file mode 100644 index 74f1bab8f..000000000 --- a/doc/source/deploy_install_guides/r2_release/virtual/aio_duplex.rst +++ /dev/null @@ -1,21 +0,0 @@ -=========================================== -Virtual All-in-one Duplex Installation R2.0 -=========================================== - --------- -Overview --------- - -.. include:: ../desc_aio_duplex.txt - -.. include:: ../ipv6_note.txt - ------------- -Installation ------------- - -.. toctree:: - :maxdepth: 1 - - aio_duplex_environ - aio_duplex_install_kubernetes diff --git a/doc/source/deploy_install_guides/r2_release/virtual/aio_duplex_environ.rst b/doc/source/deploy_install_guides/r2_release/virtual/aio_duplex_environ.rst deleted file mode 100644 index 95b389425..000000000 --- a/doc/source/deploy_install_guides/r2_release/virtual/aio_duplex_environ.rst +++ /dev/null @@ -1,53 +0,0 @@ -============================ -Prepare Host and Environment -============================ - -This section describes how to prepare the physical host and virtual environment -for a **StarlingX R2.0 virtual All-in-one Duplex** deployment configuration. - -.. contents:: - :local: - :depth: 1 - ------------------------------------- -Physical host requirements and setup ------------------------------------- - -.. include:: physical_host_req.txt - ---------------------------------------- -Prepare virtual environment and servers ---------------------------------------- - -The following steps explain how to prepare the virtual environment and servers -on a physical host for a StarlingX R2.0 virtual All-in-one Duplex deployment -configuration. - -#. Prepare virtual environment. - - Set up the virtual platform networks for virtual deployment: - - :: - - bash setup_network.sh - -#. Prepare virtual servers. - - Create the XML definitions for the virtual servers required by this - configuration option. This will create the XML virtual server definition for: - - * duplex-controller-0 - * duplex-controller-1 - - The following command will start/virtually power on: - - * The 'duplex-controller-0' virtual server - * The X-based graphical virt-manager application - - :: - - bash setup_configuration.sh -c duplex -i ./bootimage.iso - - If there is no X-server present errors will occur and the X-based GUI for the - virt-manager application will not start. The virt-manager GUI is not absolutely - required and you can safely ignore errors and continue. \ No newline at end of file diff --git a/doc/source/deploy_install_guides/r2_release/virtual/aio_duplex_install_kubernetes.rst b/doc/source/deploy_install_guides/r2_release/virtual/aio_duplex_install_kubernetes.rst deleted file mode 100644 index 920a9afa8..000000000 --- a/doc/source/deploy_install_guides/r2_release/virtual/aio_duplex_install_kubernetes.rst +++ /dev/null @@ -1,423 +0,0 @@ -============================================== -Install StarlingX Kubernetes on Virtual AIO-DX -============================================== - -This section describes the steps to install the StarlingX Kubernetes platform -on a **StarlingX R2.0 virtual All-in-one Duplex** deployment configuration. - -.. contents:: - :local: - :depth: 1 - --------------------------------- -Install software on controller-0 --------------------------------- - -In the last step of :doc:`aio_duplex_environ`, the controller-0 virtual server 'duplex-controller-0' was started by the :command:`setup_configuration.sh` command. - -On the host, attach to the console of virtual controller-0 and select the appropriate -installer menu options to start the non-interactive install of -StarlingX software on controller-0. - -.. note:: - - When entering the console, it is very easy to miss the first installer menu - selection. Use ESC to navigate to previous menus, to ensure you are at the - first installer menu. - -:: - - virsh console duplex-controller-0 - -Make the following menu selections in the installer: - -#. First menu: Select 'All-in-one Controller Configuration' -#. Second menu: Select 'Serial Console' -#. Third menu: Select 'Standard Security Profile' - -Wait for the non-interactive install of software to complete and for the server -to reboot. This can take 5-10 minutes, depending on the performance of the host -machine. - --------------------------------- -Bootstrap system on controller-0 --------------------------------- - -On virtual controller-0: - -#. Log in using the username / password of "sysadmin" / "sysadmin". - When logging in for the first time, you will be forced to change the password. - - :: - - Login: sysadmin - Password: - Changing password for sysadmin. - (current) UNIX Password: sysadmin - New Password: - (repeat) New Password: - -#. External connectivity is required to run the Ansible bootstrap playbook. - - :: - - export CONTROLLER0_OAM_CIDR=10.10.10.3/24 - export DEFAULT_OAM_GATEWAY=10.10.10.1 - sudo ip address add $CONTROLLER0_OAM_CIDR dev enp7s1 - sudo ip link set up dev enp7s1 - sudo ip route add default via $DEFAULT_OAM_GATEWAY dev enp7s1 - -#. Specify user configuration overrides for the Ansible bootstrap playbook. - - Ansible is used to bootstrap StarlingX on controller-0. Key files for Ansible - configuration are: - - ``/etc/ansible/hosts`` - The default Ansible inventory file. Contains a single host: localhost. - - ``/usr/share/ansible/stx-ansible/playbooks/bootstrap/bootstrap.yml`` - The Ansible bootstrap playbook. - - ``/usr/share/ansible/stx-ansible/playbooks/host_vars/bootstrap/default.yml`` - The default configuration values for the bootstrap playbook. - - sysadmin home directory ($HOME) - The default location where Ansible looks for and imports user - configuration override files for hosts. For example: ``$HOME/.yml``. - - - Specify the user configuration override file for the Ansible bootstrap - playbook using one of the following methods: - - * Copy the default.yml file listed above to ``$HOME/localhost.yml`` and edit - the configurable values as desired (use the commented instructions in - the file). - - or - - * Create the minimal user configuration override file as shown in the example - below: - - :: - - cd ~ - cat < localhost.yml - system_mode: duplex - - dns_servers: - - 8.8.8.8 - - 8.8.4.4 - - external_oam_subnet: 10.10.10.0/24 - external_oam_gateway_address: 10.10.10.1 - external_oam_floating_address: 10.10.10.2 - external_oam_node_0_address: 10.10.10.3 - external_oam_node_1_address: 10.10.10.4 - - admin_username: admin - admin_password: - ansible_become_pass: - EOF - - Refer to :doc:`/deploy_install_guides/r2_release/ansible_bootstrap_configs` - for information on additional Ansible bootstrap configurations for advanced - Ansible bootstrap scenarios. - -#. Run the Ansible bootstrap playbook: - - :: - - ansible-playbook /usr/share/ansible/stx-ansible/playbooks/bootstrap/bootstrap.yml - - Wait for Ansible bootstrap playbook to complete. - This can take 5-10 minutes, depending on the performance of the host machine. - ----------------------- -Configure controller-0 ----------------------- - -On virtual controller-0: - -#. Acquire admin credentials: - - :: - - source /etc/platform/openrc - -#. Configure the OAM and MGMT interfaces of controller-0 and specify the - attached networks: - - :: - - OAM_IF=enp7s1 - MGMT_IF=enp7s2 - system host-if-modify controller-0 lo -c none - IFNET_UUIDS=$(system interface-network-list controller-0 | awk '{if ($6=="lo") print $4;}') - for UUID in $IFNET_UUIDS; do - system interface-network-remove ${UUID} - done - system host-if-modify controller-0 $OAM_IF -c platform - system interface-network-assign controller-0 $OAM_IF oam - system host-if-modify controller-0 $MGMT_IF -c platform - system interface-network-assign controller-0 $MGMT_IF mgmt - system interface-network-assign controller-0 $MGMT_IF cluster-host - -#. Configure NTP Servers for network time synchronization: - - .. note:: - - In a virtual environment, this can sometimes cause Ceph clock skew alarms. - Also, the virtual instances clock is synchronized with the host clock, - so it is not absolutely required to configure NTP in this step. - - :: - - system ntp-modify ntpservers=0.pool.ntp.org,1.pool.ntp.org - -#. Configure data interfaces for controller-0. - - .. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - - 1G Huge Pages are not supported in the virtual environment and there is no - virtual NIC supporting SRIOV. For that reason, data interfaces are not - applicable in the virtual environment for the Kubernetes-only scenario. - - For OpenStack only: - - :: - - DATA0IF=eth1000 - DATA1IF=eth1001 - export COMPUTE=controller-0 - PHYSNET0='physnet0' - PHYSNET1='physnet1' - SPL=/tmp/tmp-system-port-list - SPIL=/tmp/tmp-system-host-if-list - system host-port-list ${COMPUTE} --nowrap > ${SPL} - system host-if-list -a ${COMPUTE} --nowrap > ${SPIL} - DATA0PCIADDR=$(cat $SPL | grep $DATA0IF |awk '{print $8}') - DATA1PCIADDR=$(cat $SPL | grep $DATA1IF |awk '{print $8}') - DATA0PORTUUID=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $2}') - DATA1PORTUUID=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $2}') - DATA0PORTNAME=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $4}') - DATA1PORTNAME=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $4}') - DATA0IFUUID=$(cat $SPIL | awk -v DATA0PORTNAME=$DATA0PORTNAME '($12 ~ DATA0PORTNAME) {print $2}') - DATA1IFUUID=$(cat $SPIL | awk -v DATA1PORTNAME=$DATA1PORTNAME '($12 ~ DATA1PORTNAME) {print $2}') - - system datanetwork-add ${PHYSNET0} vlan - system datanetwork-add ${PHYSNET1} vlan - - system host-if-modify -m 1500 -n data0 -c data ${COMPUTE} ${DATA0IFUUID} - system host-if-modify -m 1500 -n data1 -c data ${COMPUTE} ${DATA1IFUUID} - system interface-datanetwork-assign ${COMPUTE} ${DATA0IFUUID} ${PHYSNET0} - system interface-datanetwork-assign ${COMPUTE} ${DATA1IFUUID} ${PHYSNET1} - -#. Add an OSD on controller-0 for Ceph: - - :: - - system host-disk-list controller-0 - system host-disk-list controller-0 | awk '/\/dev\/sdb/{print $2}' | xargs -i system host-stor-add controller-0 {} - system host-stor-list controller-0 - -************************************* -OpenStack-specific host configuration -************************************* - -.. include:: aio_simplex_install_kubernetes.rst - :start-after: incl-config-controller-0-openstack-specific-aio-simplex-start: - :end-before: incl-config-controller-0-openstack-specific-aio-simplex-end: - -------------------- -Unlock controller-0 -------------------- - -Unlock virtual controller-0 to bring it into service: - -:: - - system host-unlock controller-0 - -Controller-0 will reboot in order to apply configuration changes and come into -service. This can take 5-10 minutes, depending on the performance of the host machine. - -------------------------------------- -Install software on controller-1 node -------------------------------------- - -#. On the host, power on the controller-1 virtual server, 'duplex-controller-1'. It will - automatically attempt to network boot over the management network: - - :: - - virsh start duplex-controller-1 - -#. Attach to the console of virtual controller-1: - - :: - - virsh console duplex-controller-1 - - As controller-1 VM boots, a message appears on its console instructing you to - configure the personality of the node. - -#. On the console of virtual controller-0, list hosts to see the newly discovered - controller-1 host (hostname=None): - - :: - - system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | None | None | locked | disabled | offline | - +----+--------------+-------------+----------------+-------------+--------------+ - -#. On virtual controller-0, using the host id, set the personality of this host - to 'controller': - - :: - - system host-update 2 personality=controller - -#. Wait for the software installation on controller-1 to complete, controller-1 to - reboot, and controller-1 to show as locked/disabled/online in 'system host-list'. - This can take 5-10 minutes, depending on the performance of the host machine. - - :: - - system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-1 | controller | locked | disabled | online | - +----+--------------+-------------+----------------+-------------+--------------+ - ----------------------- -Configure controller-1 ----------------------- - -On virtual controller-0: - -#. Configure the OAM and MGMT interfaces of controller-1 and specify the - attached networks. Note that the MGMT interface is partially set up - automatically by the network install procedure. - - :: - - OAM_IF=enp7s1 - system host-if-modify controller-1 $OAM_IF -c platform - system interface-network-assign controller-1 $OAM_IF oam - system interface-network-assign controller-1 mgmt0 cluster-host - -#. Configure data interfaces for controller-1. - - .. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - - 1G Huge Pages are not supported in the virtual environment and there is no - virtual NIC supporting SRIOV. For that reason, data interfaces are not - applicable in the virtual environment for the Kubernetes-only scenario. - - For OpenStack only: - - :: - - DATA0IF=eth1000 - DATA1IF=eth1001 - export COMPUTE=controller-1 - PHYSNET0='physnet0' - PHYSNET1='physnet1' - SPL=/tmp/tmp-system-port-list - SPIL=/tmp/tmp-system-host-if-list - system host-port-list ${COMPUTE} --nowrap > ${SPL} - system host-if-list -a ${COMPUTE} --nowrap > ${SPIL} - DATA0PCIADDR=$(cat $SPL | grep $DATA0IF |awk '{print $8}') - DATA1PCIADDR=$(cat $SPL | grep $DATA1IF |awk '{print $8}') - DATA0PORTUUID=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $2}') - DATA1PORTUUID=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $2}') - DATA0PORTNAME=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $4}') - DATA1PORTNAME=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $4}') - DATA0IFUUID=$(cat $SPIL | awk -v DATA0PORTNAME=$DATA0PORTNAME '($12 ~ DATA0PORTNAME) {print $2}') - DATA1IFUUID=$(cat $SPIL | awk -v DATA1PORTNAME=$DATA1PORTNAME '($12 ~ DATA1PORTNAME) {print $2}') - - system datanetwork-add ${PHYSNET0} vlan - system datanetwork-add ${PHYSNET1} vlan - - system host-if-modify -m 1500 -n data0 -c data ${COMPUTE} ${DATA0IFUUID} - system host-if-modify -m 1500 -n data1 -c data ${COMPUTE} ${DATA1IFUUID} - system interface-datanetwork-assign ${COMPUTE} ${DATA0IFUUID} ${PHYSNET0} - system interface-datanetwork-assign ${COMPUTE} ${DATA1IFUUID} ${PHYSNET1} - -#. Add an OSD on controller-1 for Ceph: - - :: - - echo ">>> Add OSDs to primary tier" - system host-disk-list controller-1 - system host-disk-list controller-1 | awk '/\/dev\/sdb/{print $2}' | xargs -i system host-stor-add controller-1 {} - system host-stor-list controller-1 - -************************************* -OpenStack-specific host configuration -************************************* - -.. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - -#. **For OpenStack only:** Assign OpenStack host labels to controller-1 in - support of installing the stx-openstack manifest/helm-charts later: - - :: - - system host-label-assign controller-1 openstack-control-plane=enabled - system host-label-assign controller-1 openstack-compute-node=enabled - system host-label-assign controller-1 openvswitch=enabled - system host-label-assign controller-1 sriov=enabled - -#. **For OpenStack only:** Set up disk partition for nova-local volume group, - which is needed for stx-openstack nova ephemeral disks: - - :: - - export COMPUTE=controller-1 - - echo ">>> Getting root disk info" - ROOT_DISK=$(system host-show ${COMPUTE} | grep rootfs | awk '{print $4}') - ROOT_DISK_UUID=$(system host-disk-list ${COMPUTE} --nowrap | grep ${ROOT_DISK} | awk '{print $2}') - echo "Root disk: $ROOT_DISK, UUID: $ROOT_DISK_UUID" - - echo ">>>> Configuring nova-local" - NOVA_SIZE=34 - NOVA_PARTITION=$(system host-disk-partition-add -t lvm_phys_vol ${COMPUTE} ${ROOT_DISK_UUID} ${NOVA_SIZE}) - NOVA_PARTITION_UUID=$(echo ${NOVA_PARTITION} | grep -ow "| uuid | [a-z0-9\-]* |" | awk '{print $4}') - system host-lvg-add ${COMPUTE} nova-local - system host-pv-add ${COMPUTE} nova-local ${NOVA_PARTITION_UUID} - -------------------- -Unlock controller-1 -------------------- - -Unlock virtual controller-1 in order to bring it into service: - -:: - - system host-unlock controller-1 - -Controller-1 will reboot in order to apply configuration changes and come into -service. This can take 5-10 minutes, depending on the performance of the host machine. - ----------- -Next steps ----------- - -.. include:: ../kubernetes_install_next.txt diff --git a/doc/source/deploy_install_guides/r2_release/virtual/aio_simplex.rst b/doc/source/deploy_install_guides/r2_release/virtual/aio_simplex.rst deleted file mode 100644 index a016b91d7..000000000 --- a/doc/source/deploy_install_guides/r2_release/virtual/aio_simplex.rst +++ /dev/null @@ -1,21 +0,0 @@ -============================================ -Virtual All-in-one Simplex Installation R2.0 -============================================ - --------- -Overview --------- - -.. include:: ../desc_aio_simplex.txt - -.. include:: ../ipv6_note.txt - ------------- -Installation ------------- - -.. toctree:: - :maxdepth: 1 - - aio_simplex_environ - aio_simplex_install_kubernetes diff --git a/doc/source/deploy_install_guides/r2_release/virtual/aio_simplex_environ.rst b/doc/source/deploy_install_guides/r2_release/virtual/aio_simplex_environ.rst deleted file mode 100644 index 49e7ad9e4..000000000 --- a/doc/source/deploy_install_guides/r2_release/virtual/aio_simplex_environ.rst +++ /dev/null @@ -1,52 +0,0 @@ -============================ -Prepare Host and Environment -============================ - -This section describes how to prepare the physical host and virtual environment -for a **StarlingX R2.0 virtual All-in-one Simplex** deployment configuration. - -.. contents:: - :local: - :depth: 1 - ------------------------------------- -Physical host requirements and setup ------------------------------------- - -.. include:: physical_host_req.txt - ---------------------------------------- -Prepare virtual environment and servers ---------------------------------------- - -The following steps explain how to prepare the virtual environment and servers -on a physical host for a StarlingX R2.0 virtual All-in-one Simplex deployment -configuration. - -#. Prepare virtual environment. - - Set up the virtual platform networks for virtual deployment: - - :: - - bash setup_network.sh - -#. Prepare virtual servers. - - Create the XML definitions for the virtual servers required by this - configuration option. This will create the XML virtual server definition for: - - * simplex-controller-0 - - The following command will start/virtually power on: - - * The 'simplex-controller-0' virtual server - * The X-based graphical virt-manager application - - :: - - bash setup_configuration.sh -c simplex -i ./bootimage.iso - - If there is no X-server present errors will occur and the X-based GUI for the - virt-manager application will not start. The virt-manager GUI is not absolutely - required and you can safely ignore errors and continue. diff --git a/doc/source/deploy_install_guides/r2_release/virtual/aio_simplex_install_kubernetes.rst b/doc/source/deploy_install_guides/r2_release/virtual/aio_simplex_install_kubernetes.rst deleted file mode 100644 index 977c11c00..000000000 --- a/doc/source/deploy_install_guides/r2_release/virtual/aio_simplex_install_kubernetes.rst +++ /dev/null @@ -1,284 +0,0 @@ -============================================== -Install StarlingX Kubernetes on Virtual AIO-SX -============================================== - -This section describes the steps to install the StarlingX Kubernetes platform -on a **StarlingX R2.0 virtual All-in-one Simplex** deployment configuration. - -.. contents:: - :local: - :depth: 1 - --------------------------------- -Install software on controller-0 --------------------------------- - -In the last step of :doc:`aio_simplex_environ`, the controller-0 virtual server 'simplex-controller-0' was started by the :command:`setup_configuration.sh` command. - -On the host, attach to the console of virtual controller-0 and select the -appropriate installer menu options to start the non-interactive install of -StarlingX software on controller-0. - -.. note:: - - When entering the console, it is very easy to miss the first installer menu - selection. Use ESC to navigate to previous menus, to ensure you are at the - first installer menu. - -:: - - virsh console simplex-controller-0 - -Make the following menu selections in the installer: - -#. First menu: Select 'All-in-one Controller Configuration' -#. Second menu: Select 'Serial Console' -#. Third menu: Select 'Standard Security Profile' - -Wait for the non-interactive install of software to complete and for the server -to reboot. This can take 5-10 minutes, depending on the performance of the host -machine. - --------------------------------- -Bootstrap system on controller-0 --------------------------------- - -On virtual controller-0: - -#. Log in using the username / password of "sysadmin" / "sysadmin". - When logging in for the first time, you will be forced to change the password. - - :: - - Login: sysadmin - Password: - Changing password for sysadmin. - (current) UNIX Password: sysadmin - New Password: - (repeat) New Password: - -#. External connectivity is required to run the Ansible bootstrap playbook. - - :: - - export CONTROLLER0_OAM_CIDR=10.10.10.3/24 - export DEFAULT_OAM_GATEWAY=10.10.10.1 - sudo ip address add $CONTROLLER0_OAM_CIDR dev enp7s1 - sudo ip link set up dev enp7s1 - sudo ip route add default via $DEFAULT_OAM_GATEWAY dev enp7s1 - -#. Specify user configuration overrides for the Ansible bootstrap playbook. - - Ansible is used to bootstrap StarlingX on controller-0. Key files for Ansible - configuration are: - - ``/etc/ansible/hosts`` - The default Ansible inventory file. Contains a single host: localhost. - - ``/usr/share/ansible/stx-ansible/playbooks/bootstrap/bootstrap.yml`` - The Ansible bootstrap playbook. - - ``/usr/share/ansible/stx-ansible/playbooks/host_vars/bootstrap/default.yml`` - The default configuration values for the bootstrap playbook. - - sysadmin home directory ($HOME) - The default location where Ansible looks for and imports user - configuration override files for hosts. For example: ``$HOME/.yml``. - - - Specify the user configuration override file for the Ansible bootstrap - playbook using one of the following methods: - - * Copy the default.yml file listed above to ``$HOME/localhost.yml`` and edit - the configurable values as desired (use the commented instructions in - the file). - - or - - * Create the minimal user configuration override file as shown in the example - below: - - :: - - cd ~ - cat < localhost.yml - system_mode: simplex - - dns_servers: - - 8.8.8.8 - - 8.8.4.4 - - external_oam_subnet: 10.10.10.0/24 - external_oam_gateway_address: 10.10.10.1 - external_oam_floating_address: 10.10.10.2 - - admin_username: admin - admin_password: - ansible_become_pass: - EOF - - Refer to :doc:`/deploy_install_guides/r2_release/ansible_bootstrap_configs` - for information on additional Ansible bootstrap configurations for advanced - Ansible bootstrap scenarios. - -#. Run the Ansible bootstrap playbook: - - :: - - ansible-playbook /usr/share/ansible/stx-ansible/playbooks/bootstrap/bootstrap.yml - - Wait for Ansible bootstrap playbook to complete. - This can take 5-10 minutes, depending on the performance of the host machine. - ----------------------- -Configure controller-0 ----------------------- - -On virtual controller-0: - -#. Acquire admin credentials: - - :: - - source /etc/platform/openrc - -#. Configure the OAM interface of controller-0 and specify the attached network - as "oam". Use the OAM port name, for example eth0, that is applicable to your - deployment environment: - - :: - - OAM_IF=enp7s1 - system host-if-modify controller-0 $OAM_IF -c platform - system interface-network-assign controller-0 $OAM_IF oam - -#. Configure NTP Servers for network time synchronization: - - .. note:: - - In a virtual environment, this can sometimes cause Ceph clock skew alarms. - Also, the virtual instances clock is synchronized with the host clock, - so it is not absolutely required to configure NTP in this step. - - :: - - system ntp-modify ntpservers=0.pool.ntp.org,1.pool.ntp.org - -#. Configure data interfaces for controller-0. - - .. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - - 1G Huge Pages are not supported in the virtual environment and there is no - virtual NIC supporting SRIOV. For that reason, data interfaces are not - applicable in the virtual environment for the Kubernetes-only scenario. - - For OpenStack only: - - :: - - DATA0IF=eth1000 - DATA1IF=eth1001 - export COMPUTE=controller-0 - PHYSNET0='physnet0' - PHYSNET1='physnet1' - SPL=/tmp/tmp-system-port-list - SPIL=/tmp/tmp-system-host-if-list - system host-port-list ${COMPUTE} --nowrap > ${SPL} - system host-if-list -a ${COMPUTE} --nowrap > ${SPIL} - DATA0PCIADDR=$(cat $SPL | grep $DATA0IF |awk '{print $8}') - DATA1PCIADDR=$(cat $SPL | grep $DATA1IF |awk '{print $8}') - DATA0PORTUUID=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $2}') - DATA1PORTUUID=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $2}') - DATA0PORTNAME=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $4}') - DATA1PORTNAME=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $4}') - DATA0IFUUID=$(cat $SPIL | awk -v DATA0PORTNAME=$DATA0PORTNAME '($12 ~ DATA0PORTNAME) {print $2}') - DATA1IFUUID=$(cat $SPIL | awk -v DATA1PORTNAME=$DATA1PORTNAME '($12 ~ DATA1PORTNAME) {print $2}') - - system datanetwork-add ${PHYSNET0} vlan - system datanetwork-add ${PHYSNET1} vlan - - system host-if-modify -m 1500 -n data0 -c data ${COMPUTE} ${DATA0IFUUID} - system host-if-modify -m 1500 -n data1 -c data ${COMPUTE} ${DATA1IFUUID} - system interface-datanetwork-assign ${COMPUTE} ${DATA0IFUUID} ${PHYSNET0} - system interface-datanetwork-assign ${COMPUTE} ${DATA1IFUUID} ${PHYSNET1} - -#. Add an OSD on controller-0 for Ceph: - - :: - - system host-disk-list controller-0 - system host-disk-list controller-0 | awk '/\/dev\/sdb/{print $2}' | xargs -i system host-stor-add controller-0 {} - system host-stor-list controller-0 - -************************************* -OpenStack-specific host configuration -************************************* - -.. incl-config-controller-0-openstack-specific-aio-simplex-start: - -.. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - -#. **For OpenStack only:** Assign OpenStack host labels to controller-0 in - support of installing the stx-openstack manifest/helm-charts later. - - :: - - system host-label-assign controller-0 openstack-control-plane=enabled - system host-label-assign controller-0 openstack-compute-node=enabled - system host-label-assign controller-0 openvswitch=enabled - system host-label-assign controller-0 sriov=enabled - -#. **For OpenStack only:** A vSwitch is required. - - The default vSwitch is containerized OVS that is packaged with the - stx-openstack manifest/helm-charts. StarlingX provides the option to use - OVS-DPDK on the host, however, in the virtual environment OVS-DPDK is NOT - supported, only OVS is supported. Therefore, simply use the default OVS - vSwitch here. - -#. **For OpenStack Only:** Set up disk partition for nova-local volume group, - which is needed for stx-openstack nova ephemeral disks. - - :: - - export COMPUTE=controller-0 - - echo ">>> Getting root disk info" - ROOT_DISK=$(system host-show ${COMPUTE} | grep rootfs | awk '{print $4}') - ROOT_DISK_UUID=$(system host-disk-list ${COMPUTE} --nowrap | grep ${ROOT_DISK} | awk '{print $2}') - echo "Root disk: $ROOT_DISK, UUID: $ROOT_DISK_UUID" - - echo ">>>> Configuring nova-local" - NOVA_SIZE=34 - NOVA_PARTITION=$(system host-disk-partition-add -t lvm_phys_vol ${COMPUTE} ${ROOT_DISK_UUID} ${NOVA_SIZE}) - NOVA_PARTITION_UUID=$(echo ${NOVA_PARTITION} | grep -ow "| uuid | [a-z0-9\-]* |" | awk '{print $4}') - system host-lvg-add ${COMPUTE} nova-local - system host-pv-add ${COMPUTE} nova-local ${NOVA_PARTITION_UUID} - sleep 2 - -.. incl-config-controller-0-openstack-specific-aio-simplex-end: - -------------------- -Unlock controller-0 -------------------- - -Unlock virtual controller-0 to bring it into service: - -:: - - system host-unlock controller-0 - -Controller-0 will reboot to apply configuration changes and come into -service. This can take 5-10 minutes, depending on the performance of the host machine. - ----------- -Next steps ----------- - -.. include:: ../kubernetes_install_next.txt \ No newline at end of file diff --git a/doc/source/deploy_install_guides/r2_release/virtual/controller_storage_environ.rst b/doc/source/deploy_install_guides/r2_release/virtual/controller_storage_environ.rst deleted file mode 100644 index 83d13c89e..000000000 --- a/doc/source/deploy_install_guides/r2_release/virtual/controller_storage_environ.rst +++ /dev/null @@ -1,56 +0,0 @@ -============================ -Prepare Host and Environment -============================ - -This section describes how to prepare the physical host and virtual environment -for a **StarlingX R2.0 virtual Standard with Controller Storage** deployment -configuration. - -.. contents:: - :local: - :depth: 1 - ------------------------------------- -Physical host requirements and setup ------------------------------------- - -.. include:: physical_host_req.txt - ---------------------------------------- -Prepare virtual environment and servers ---------------------------------------- - -The following steps explain how to prepare the virtual environment and servers -on a physical host for a StarlingX R2.0 virtual Standard with Controller Storage -deployment configuration. - -#. Prepare virtual environment. - - Set up virtual platform networks for virtual deployment: - - :: - - bash setup_network.sh - -#. Prepare virtual servers. - - Create the XML definitions for the virtual servers required by this - configuration option. This will create the XML virtual server definition for: - - * controllerstorage-controller-0 - * controllerstorage-controller-1 - * controllerstorage-worker-0 - * controllerstorage-worker-1 - - The following command will start/virtually power on: - - * The 'controllerstorage-controller-0' virtual server - * The X-based graphical virt-manager application - - :: - - bash setup_configuration.sh -c controllerstorage -i ./bootimage.iso - - If there is no X-server present errors will occur and the X-based GUI for the - virt-manager application will not start. The virt-manager GUI is not absolutely - required and you can safely ignore errors and continue. \ No newline at end of file diff --git a/doc/source/deploy_install_guides/r2_release/virtual/controller_storage_install_kubernetes.rst b/doc/source/deploy_install_guides/r2_release/virtual/controller_storage_install_kubernetes.rst deleted file mode 100644 index 1e8f6d4ef..000000000 --- a/doc/source/deploy_install_guides/r2_release/virtual/controller_storage_install_kubernetes.rst +++ /dev/null @@ -1,550 +0,0 @@ -======================================================================== -Install StarlingX Kubernetes on Virtual Standard with Controller Storage -======================================================================== - -This section describes the steps to install the StarlingX Kubernetes platform -on a **StarlingX R2.0 virtual Standard with Controller Storage** deployment -configuration. - -.. contents:: - :local: - :depth: 1 - --------------------------------- -Install software on controller-0 --------------------------------- - -In the last step of :doc:`controller_storage_environ`, the controller-0 virtual -server 'controllerstorage-controller-0' was started by the -:command:`setup_configuration.sh` command. - -On the host, attach to the console of virtual controller-0 and select the appropriate -installer menu options to start the non-interactive install of -StarlingX software on controller-0. - -.. note:: - - When entering the console, it is very easy to miss the first installer menu - selection. Use ESC to navigate to previous menus, to ensure you are at the - first installer menu. - -:: - - virsh console controllerstorage-controller-0 - -Make the following menu selections in the installer: - -#. First menu: Select 'Standard Controller Configuration' -#. Second menu: Select 'Serial Console' -#. Third menu: Select 'Standard Security Profile' - -Wait for the non-interactive install of software to complete and for the server -to reboot. This can take 5-10 minutes depending on the performance of the host -machine. - --------------------------------- -Bootstrap system on controller-0 --------------------------------- - -.. incl-bootstrap-controller-0-virt-controller-storage-start: - -On virtual controller-0: - -#. Log in using the username / password of "sysadmin" / "sysadmin". - When logging in for the first time, you will be forced to change the password. - - :: - - Login: sysadmin - Password: - Changing password for sysadmin. - (current) UNIX Password: sysadmin - New Password: - (repeat) New Password: - -#. External connectivity is required to run the Ansible bootstrap playbook: - - :: - - export CONTROLLER0_OAM_CIDR=10.10.10.3/24 - export DEFAULT_OAM_GATEWAY=10.10.10.1 - sudo ip address add $CONTROLLER0_OAM_CIDR dev enp7s1 - sudo ip link set up dev enp7s1 - sudo ip route add default via $DEFAULT_OAM_GATEWAY dev enp7s1 - -#. Specify user configuration overrides for the Ansible bootstrap playbook. - - Ansible is used to bootstrap StarlingX on controller-0. Key files for Ansible - configuration are: - - ``/etc/ansible/hosts`` - The default Ansible inventory file. Contains a single host: localhost. - - ``/usr/share/ansible/stx-ansible/playbooks/bootstrap/bootstrap.yml`` - The Ansible bootstrap playbook. - - ``/usr/share/ansible/stx-ansible/playbooks/host_vars/bootstrap/default.yml`` - The default configuration values for the bootstrap playbook. - - sysadmin home directory ($HOME) - The default location where Ansible looks for and imports user - configuration override files for hosts. For example: ``$HOME/.yml``. - - - Specify the user configuration override file for the Ansible bootstrap - playbook using one of the following methods: - - * Copy the default.yml file listed above to ``$HOME/localhost.yml`` and edit - the configurable values as desired (use the commented instructions in - the file). - - or - - * Create the minimal user configuration override file as shown in the example - below: - - :: - - cd ~ - cat < localhost.yml - system_mode: duplex - - dns_servers: - - 8.8.8.8 - - 8.8.4.4 - - external_oam_subnet: 10.10.10.0/24 - external_oam_gateway_address: 10.10.10.1 - external_oam_floating_address: 10.10.10.2 - external_oam_node_0_address: 10.10.10.3 - external_oam_node_1_address: 10.10.10.4 - - admin_username: admin - admin_password: - ansible_become_pass: - EOF - - Refer to :doc:`/deploy_install_guides/r2_release/ansible_bootstrap_configs` - for information on additional Ansible bootstrap configurations for advanced - Ansible bootstrap scenarios. - -#. Run the Ansible bootstrap playbook: - - :: - - ansible-playbook /usr/share/ansible/stx-ansible/playbooks/bootstrap/bootstrap.yml - - Wait for Ansible bootstrap playbook to complete. - This can take 5-10 minutes, depending on the performance of the host machine. - -.. incl-bootstrap-controller-0-virt-controller-storage-end: - ----------------------- -Configure controller-0 ----------------------- - -.. incl-config-controller-0-virt-controller-storage-start: - -On virtual controller-0: - -#. Acquire admin credentials: - - :: - - source /etc/platform/openrc - -#. Configure the OAM and MGMT interfaces of controller-0 and specify the - attached networks: - - :: - - OAM_IF=enp7s1 - MGMT_IF=enp7s2 - system host-if-modify controller-0 lo -c none - IFNET_UUIDS=$(system interface-network-list controller-0 | awk '{if ($6=="lo") print $4;}') - for UUID in $IFNET_UUIDS; do - system interface-network-remove ${UUID} - done - system host-if-modify controller-0 $OAM_IF -c platform - system interface-network-assign controller-0 $OAM_IF oam - system host-if-modify controller-0 $MGMT_IF -c platform - system interface-network-assign controller-0 $MGMT_IF mgmt - system interface-network-assign controller-0 $MGMT_IF cluster-host - -#. Configure NTP Servers for network time synchronization: - - .. note:: - - In a virtual environment, this can sometimes cause Ceph clock skew alarms. - Also, the virtual instance clock is synchronized with the host clock, - so it is not absolutely required to configure NTP here. - - :: - - system ntp-modify ntpservers=0.pool.ntp.org,1.pool.ntp.org - -************************************* -OpenStack-specific host configuration -************************************* - -.. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - -#. **For OpenStack only:** Assign OpenStack host labels to controller-0 in - support of installing the stx-openstack manifest/helm-charts later: - - :: - - system host-label-assign controller-0 openstack-control-plane=enabled - -#. **For OpenStack only:** A vSwitch is required. - - The default vSwitch is containerized OVS that is packaged with the - stx-openstack manifest/helm-charts. StarlingX provides the option to use - OVS-DPDK on the host, however, in the virtual environment OVS-DPDK is NOT - supported, only OVS is supported. Therefore, simply use the default OVS - vSwitch here. - -.. incl-config-controller-0-virt-controller-storage-end: - -------------------- -Unlock controller-0 -------------------- - -Unlock virtual controller-0 in order to bring it into service: - -:: - - system host-unlock controller-0 - -Controller-0 will reboot in order to apply configuration changes and come into -service. This can take 5-10 minutes, depending on the performance of the host machine. - --------------------------------------------------- -Install software on controller-1 and compute nodes --------------------------------------------------- - -#. On the host, power on the controller-1 virtual server, - 'controllerstorage-controller-1'. It will automatically attempt to network - boot over the management network: - - :: - - virsh start controllerstorage-controller-1 - -#. Attach to the console of virtual controller-1: - - :: - - virsh console controllerstorage-controller-1 - - As controller-1 VM boots, a message appears on its console instructing you to - configure the personality of the node. - -#. On console of virtual controller-0, list hosts to see the newly discovered - controller-1 host (hostname=None): - - :: - - system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | None | None | locked | disabled | offline | - +----+--------------+-------------+----------------+-------------+--------------+ - -#. On virtual controller-0, using the host id, set the personality of this host - to 'controller': - - :: - - system host-update 2 personality=controller - - This initiates the install of software on controller-1. - This can take 5-10 minutes, depending on the performance of the host machine. - -#. While waiting on the previous step to complete, start up and set the personality - for 'controllerstorage-worker-0' and 'controllerstorage-worker-1'. Set the - personality to 'worker' and assign a unique hostname for each. - - For example, start 'controllerstorage-worker-0' from the host: - - :: - - virsh start controllerstorage-worker-0 - - Wait for new host (hostname=None) to be discovered by checking - ‘system host-list’ on virtual controller-0: - - :: - - system host-update 3 personality=worker hostname=compute-0 - - Repeat for 'controllerstorage-worker-1'. On the host: - - :: - - virsh start controllerstorage-worker-1 - - And wait for new host (hostname=None) to be discovered by checking - ‘system host-list’ on virtual controller-0: - - :: - - system host-update 4 personality=worker hostname=compute-1 - -#. Wait for the software installation on controller-1, compute-0, and compute-1 to - complete, for all virtual servers to reboot, and for all to show as - locked/disabled/online in 'system host-list'. - - :: - - system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-1 | controller | locked | disabled | online | - | 3 | compute-0 | compute | locked | disabled | online | - | 4 | compute-1 | compute | locked | disabled | online | - +----+--------------+-------------+----------------+-------------+--------------+ - ----------------------- -Configure controller-1 ----------------------- - -.. incl-config-controller-1-virt-controller-storage-start: - -Configure the OAM and MGMT interfaces of virtual controller-0 and specify the -attached networks. Note that the MGMT interface is partially set up by the -network install procedure. - -:: - - OAM_IF=enp7s1 - system host-if-modify controller-1 $OAM_IF -c platform - system interface-network-assign controller-1 $OAM_IF oam - system interface-network-assign controller-1 mgmt0 cluster-host - -************************************* -OpenStack-specific host configuration -************************************* - -.. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - -**For OpenStack only:** Assign OpenStack host labels to controller-1 in support -of installing the stx-openstack manifest/helm-charts later: - -:: - - system host-label-assign controller-1 openstack-control-plane=enabled - -.. incl-config-controller-1-virt-controller-storage-end: - -------------------- -Unlock controller-1 -------------------- - -.. incl-unlock-controller-1-virt-controller-storage-start: - -Unlock virtual controller-1 in order to bring it into service: - -:: - - system host-unlock controller-1 - -Controller-1 will reboot in order to apply configuration changes and come into -service. This can take 5-10 minutes, depending on the performance of the host machine. - -.. incl-unlock-controller-1-virt-controller-storage-end: - ------------------------ -Configure compute nodes ------------------------ - -On virtual controller-0: - -#. Add the third Ceph monitor to compute-0: - - (The first two Ceph monitors are automatically assigned to controller-0 and - controller-1.) - - :: - - system ceph-mon-add compute-0 - -#. Wait for the compute node monitor to complete configuration: - - :: - - system ceph-mon-list - +--------------------------------------+-------+--------------+------------+------+ - | uuid | ceph_ | hostname | state | task | - | | mon_g | | | | - | | ib | | | | - +--------------------------------------+-------+--------------+------------+------+ - | 64176b6c-e284-4485-bb2a-115dee215279 | 20 | controller-1 | configured | None | - | a9ca151b-7f2c-4551-8167-035d49e2df8c | 20 | controller-0 | configured | None | - | f76bc385-190c-4d9a-aa0f-107346a9907b | 20 | compute-0 | configured | None | - +--------------------------------------+-------+--------------+------------+------+ - -#. Assign the cluster-host network to the MGMT interface for the compute nodes. - - Note that the MGMT interfaces are partially set up automatically by the - network install procedure. - - :: - - for COMPUTE in compute-0 compute-1; do - system interface-network-assign $COMPUTE mgmt0 cluster-host - done - -#. Configure data interfaces for compute nodes. - - .. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - - 1G Huge Pages are not supported in the virtual environment and there is no - virtual NIC supporting SRIOV. For that reason, data interfaces are not - applicable in the virtual environment for the Kubernetes-only scenario. - - For OpenStack only: - - :: - - DATA0IF=eth1000 - DATA1IF=eth1001 - PHYSNET0='physnet0' - PHYSNET1='physnet1' - SPL=/tmp/tmp-system-port-list - SPIL=/tmp/tmp-system-host-if-list - - # configure the datanetworks in sysinv, prior to referencing it - # in the ``system host-if-modify`` command'. - system datanetwork-add ${PHYSNET0} vlan - system datanetwork-add ${PHYSNET1} vlan - - for COMPUTE in compute-0 compute-1; do - echo "Configuring interface for: $COMPUTE" - set -ex - system host-port-list ${COMPUTE} --nowrap > ${SPL} - system host-if-list -a ${COMPUTE} --nowrap > ${SPIL} - DATA0PCIADDR=$(cat $SPL | grep $DATA0IF |awk '{print $8}') - DATA1PCIADDR=$(cat $SPL | grep $DATA1IF |awk '{print $8}') - DATA0PORTUUID=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $2}') - DATA1PORTUUID=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $2}') - DATA0PORTNAME=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $4}') - DATA1PORTNAME=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $4}') - DATA0IFUUID=$(cat $SPIL | awk -v DATA0PORTNAME=$DATA0PORTNAME '($12 ~ DATA0PORTNAME) {print $2}') - DATA1IFUUID=$(cat $SPIL | awk -v DATA1PORTNAME=$DATA1PORTNAME '($12 ~ DATA1PORTNAME) {print $2}') - system host-if-modify -m 1500 -n data0 -c data ${COMPUTE} ${DATA0IFUUID} - system host-if-modify -m 1500 -n data1 -c data ${COMPUTE} ${DATA1IFUUID} - system interface-datanetwork-assign ${COMPUTE} ${DATA0IFUUID} ${PHYSNET0} - system interface-datanetwork-assign ${COMPUTE} ${DATA1IFUUID} ${PHYSNET1} - set +ex - done - -************************************* -OpenStack-specific host configuration -************************************* - -.. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - -#. **For OpenStack only:** Assign OpenStack host labels to the compute nodes in - support of installing the stx-openstack manifest/helm-charts later: - - :: - - for NODE in compute-0 compute-1; do - system host-label-assign $NODE openstack-compute-node=enabled - system host-label-assign $NODE openvswitch=enabled - system host-label-assign $NODE sriov=enabled - done - -#. **For OpenStack only:** Set up disk partition for nova-local volume group, - which is needed for stx-openstack nova ephemeral disks: - - :: - - for COMPUTE in compute-0 compute-1; do - echo "Configuring Nova local for: $COMPUTE" - ROOT_DISK=$(system host-show ${COMPUTE} | grep rootfs | awk '{print $4}') - ROOT_DISK_UUID=$(system host-disk-list ${COMPUTE} --nowrap | grep ${ROOT_DISK} | awk '{print $2}') - PARTITION_SIZE=10 - NOVA_PARTITION=$(system host-disk-partition-add -t lvm_phys_vol ${COMPUTE} ${ROOT_DISK_UUID} ${PARTITION_SIZE}) - NOVA_PARTITION_UUID=$(echo ${NOVA_PARTITION} | grep -ow "| uuid | [a-z0-9\-]* |" | awk '{print $4}') - system host-lvg-add ${COMPUTE} nova-local - system host-pv-add ${COMPUTE} nova-local ${NOVA_PARTITION_UUID} - done - --------------------- -Unlock compute nodes --------------------- - -.. incl-unlock-compute-nodes-virt-controller-storage-start: - -Unlock virtual compute nodes to bring them into service: - -:: - - for COMPUTE in compute-0 compute-1; do - system host-unlock $COMPUTE - done - -The compute nodes will reboot in order to apply configuration changes and come into -service. This can take 5-10 minutes, depending on the performance of the host machine. - -.. incl-unlock-compute-nodes-virt-controller-storage-end: - ----------------------------- -Add Ceph OSDs to controllers ----------------------------- - -On virtual controller-0: - -#. Add OSDs to controller-0: - - :: - - HOST=controller-0 - DISKS=$(system host-disk-list ${HOST}) - TIERS=$(system storage-tier-list ceph_cluster) - OSDs="/dev/sdb" - for OSD in $OSDs; do - system host-stor-add ${HOST} $(echo "$DISKS" | grep "$OSD" | awk '{print $2}') --tier-uuid $(echo "$TIERS" | grep storage | awk '{print $2}') - while true; do system host-stor-list ${HOST} | grep ${OSD} | grep configuring; if [ $? -ne 0 ]; then break; fi; sleep 1; done - done - - system host-stor-list $HOST - -#. Add OSDs to controller-1: - - :: - - HOST=controller-1 - DISKS=$(system host-disk-list ${HOST}) - TIERS=$(system storage-tier-list ceph_cluster) - OSDs="/dev/sdb" - for OSD in $OSDs; do - system host-stor-add ${HOST} $(echo "$DISKS" | grep "$OSD" | awk '{print $2}') --tier-uuid $(echo "$TIERS" | grep storage | awk '{print $2}') - while true; do system host-stor-list ${HOST} | grep ${OSD} | grep configuring; if [ $? -ne 0 ]; then break; fi; sleep 1; done - done - - system host-stor-list $HOST - ----------- -Next steps ----------- - -.. include:: ../kubernetes_install_next.txt diff --git a/doc/source/deploy_install_guides/r2_release/virtual/dedicated_storage_environ.rst b/doc/source/deploy_install_guides/r2_release/virtual/dedicated_storage_environ.rst deleted file mode 100644 index 6cc83f249..000000000 --- a/doc/source/deploy_install_guides/r2_release/virtual/dedicated_storage_environ.rst +++ /dev/null @@ -1,58 +0,0 @@ -============================ -Prepare Host and Environment -============================ - -This section describes how to prepare the physical host and virtual environment -for a **StarlingX R2.0 virtual Standard with Dedicated Storage** deployment -configuration. - -.. contents:: - :local: - :depth: 1 - ------------------------------------- -Physical host requirements and setup ------------------------------------- - -.. include:: physical_host_req.txt - ---------------------------------------- -Prepare virtual environment and servers ---------------------------------------- - -The following steps explain how to prepare the virtual environment and servers -on a physical host for a StarlingX R2.0 virtual Standard with Dedicated Storage -deployment configuration. - -#. Prepare virtual environment. - - Set up virtual platform networks for virtual deployment: - - :: - - bash setup_network.sh - -#. Prepare virtual servers. - - Create the XML definitions for the virtual servers required by this - configuration option. This will create the XML virtual server definition for: - - * dedicatedstorage-controller-0 - * dedicatedstorage-controller-1 - * dedicatedstorage-storage-0 - * dedicatedstorage-storage-1 - * dedicatedstorage-worker-0 - * dedicatedstorage-worker-1 - - The following command will start/virtually power on: - - * The 'dedicatedstorage-controller-0' virtual server - * The X-based graphical virt-manager application - - :: - - bash setup_configuration.sh -c dedicatedstorage -i ./bootimage.iso - - If there is no X-server present errors will occur and the X-based GUI for the - virt-manager application will not start. The virt-manager GUI is not absolutely - required and you can safely ignore errors and continue. diff --git a/doc/source/deploy_install_guides/r2_release/virtual/dedicated_storage_install_kubernetes.rst b/doc/source/deploy_install_guides/r2_release/virtual/dedicated_storage_install_kubernetes.rst deleted file mode 100644 index f69d75693..000000000 --- a/doc/source/deploy_install_guides/r2_release/virtual/dedicated_storage_install_kubernetes.rst +++ /dev/null @@ -1,390 +0,0 @@ -======================================================================= -Install StarlingX Kubernetes on Virtual Standard with Dedicated Storage -======================================================================= - -This section describes the steps to install the StarlingX Kubernetes platform -on a **StarlingX R2.0 virtual Standard with Dedicated Storage** deployment -configuration. - -.. contents:: - :local: - :depth: 1 - --------------------------------- -Install software on controller-0 --------------------------------- - -In the last step of :doc:`dedicated_storage_environ`, the controller-0 virtual -server 'dedicatedstorage-controller-0' was started by the -:command:`setup_configuration.sh` command. - -On the host, attach to the console of virtual controller-0 and select the appropriate -installer menu options to start the non-interactive install of -StarlingX software on controller-0. - -.. note:: - - When entering the console, it is very easy to miss the first installer menu - selection. Use ESC to navigate to previous menus, to ensure you are at the - first installer menu. - -:: - - virsh console dedicatedstorage-controller-0 - -Make the following menu selections in the installer: - -#. First menu: Select 'Standard Controller Configuration' -#. Second menu: Select 'Serial Console' -#. Third menu: Select 'Standard Security Profile' - -Wait for the non-interactive install of software to complete and for the server -to reboot. This can take 5-10 minutes depending on the performance of the host -machine. - --------------------------------- -Bootstrap system on controller-0 --------------------------------- - -.. include:: controller_storage_install_kubernetes.rst - :start-after: incl-bootstrap-controller-0-virt-controller-storage-start: - :end-before: incl-bootstrap-controller-0-virt-controller-storage-end: - ----------------------- -Configure controller-0 ----------------------- - -.. include:: controller_storage_install_kubernetes.rst - :start-after: incl-config-controller-0-virt-controller-storage-start: - :end-before: incl-config-controller-0-virt-controller-storage-end: - -------------------- -Unlock controller-0 -------------------- - -Unlock virtual controller-0 in order to bring it into service: - -:: - - system host-unlock controller-0 - -Controller-0 will reboot in order to apply configuration changes and come into -service. This can take 5-10 minutes, depending on the performance of the host machine. - ------------------------------------------------------------------- -Install software on controller-1, storage nodes, and compute nodes ------------------------------------------------------------------- - -#. On the host, power on the controller-1 virtual server, - 'dedicatedstorage-controller-1'. It will automatically attempt to network - boot over the management network: - - :: - - virsh start dedicatedstorage-controller-1 - -#. Attach to the console of virtual controller-1: - - :: - - virsh console dedicatedstorage-controller-1 - -#. As controller-1 VM boots, a message appears on its console instructing you to - configure the personality of the node. - -#. On the console of controller-0, list hosts to see newly discovered - controller-1 host (hostname=None): - - :: - - system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | None | None | locked | disabled | offline | - +----+--------------+-------------+----------------+-------------+--------------+ - -#. Using the host id, set the personality of this host to 'controller': - - :: - - system host-update 2 personality=controller - - This initiates software installation on controller-1. - This can take 5-10 minutes, depending on the performance of the host machine. - -#. While waiting on the previous step to complete, start up and set the personality - for 'dedicatedstorage-storage-0' and 'dedicatedstorage-storage-1'. Set the - personality to 'storage' and assign a unique hostname for each. - - For example, start 'dedicatedstorage-storage-0' from the host: - - :: - - virsh start dedicatedstorage-storage-0 - - Wait for new host (hostname=None) to be discovered by checking - ‘system host-list’ on virtual controller-0: - - :: - - system host-update 3 personality=storage - - Repeat for 'dedicatedstorage-storage-1'. On the host: - - :: - - virsh start dedicatedstorage-storage-1 - - And wait for new host (hostname=None) to be discovered by checking - ‘system host-list’ on virtual controller-0: - - :: - - system host-update 4 personality=storage - - This initiates software installation on storage-0 and storage-1. - This can take 5-10 minutes, depending on the performance of the host machine. - -#. While waiting on the previous step to complete, start up and set the personality - for 'dedicatedstorage-worker-0' and 'dedicatedstorage-worker-1'. Set the - personality to 'worker' and assign a unique hostname for each. - - For example, start 'dedicatedstorage-worker-0' from the host: - - :: - - virsh start dedicatedstorage-worker-0 - - Wait for new host (hostname=None) to be discovered by checking - ‘system host-list’ on virtual controller-0: - - :: - - system host-update 5 personality=worker hostname=compute-0 - - Repeat for 'dedicatedstorage-worker-1'. On the host: - - :: - - virsh start dedicatedstorage-worker-1 - - And wait for new host (hostname=None) to be discovered by checking - ‘system host-list’ on virtual controller-0: - - :: - - system host-update 6 personality=worker hostname=compute-1 - - This initiates software installation on compute-0 and compute-1. - -#. Wait for the software installation on controller-1, storage-0, storage-1, - compute-0, and compute-1 to complete, for all virtual servers to reboot, and for all - to show as locked/disabled/online in 'system host-list'. - - :: - - system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-1 | controller | locked | disabled | online | - | 3 | storage-0 | storage | locked | disabled | online | - | 4 | storage-1 | storage | locked | disabled | online | - | 5 | compute-0 | compute | locked | disabled | online | - | 6 | compute-1 | compute | locked | disabled | online | - +----+--------------+-------------+----------------+-------------+--------------+ - ----------------------- -Configure controller-1 ----------------------- - -.. include:: controller_storage_install_kubernetes.rst - :start-after: incl-config-controller-1-virt-controller-storage-start: - :end-before: incl-config-controller-1-virt-controller-storage-end: - -------------------- -Unlock controller-1 -------------------- - -.. include:: controller_storage_install_kubernetes.rst - :start-after: incl-unlock-controller-1-virt-controller-storage-start: - :end-before: incl-unlock-controller-1-virt-controller-storage-end: - ------------------------ -Configure storage nodes ------------------------ - -On virtual controller-0: - -#. Assign the cluster-host network to the MGMT interface for the storage nodes. - - Note that the MGMT interfaces are partially set up by the network install procedure. - - :: - - for COMPUTE in storage-0 storage-1; do - system interface-network-assign $COMPUTE mgmt0 cluster-host - done - -#. Add OSDs to storage-0: - - :: - - HOST=storage-0 - DISKS=$(system host-disk-list ${HOST}) - TIERS=$(system storage-tier-list ceph_cluster) - OSDs="/dev/sdb" - for OSD in $OSDs; do - system host-stor-add ${HOST} $(echo "$DISKS" | grep "$OSD" | awk '{print $2}') --tier-uuid $(echo "$TIERS" | grep storage | awk '{print $2}') - done - - system host-stor-list $HOST - -#. Add OSDs to storage-1: - - :: - - HOST=storage-1 - DISKS=$(system host-disk-list ${HOST}) - TIERS=$(system storage-tier-list ceph_cluster) - OSDs="/dev/sdb" - for OSD in $OSDs; do - system host-stor-add ${HOST} $(echo "$DISKS" | grep "$OSD" | awk '{print $2}') --tier-uuid $(echo "$TIERS" | grep storage | awk '{print $2}') - done - - system host-stor-list $HOST - --------------------- -Unlock storage nodes --------------------- - -Unlock virtual storage nodes in order to bring them into service: - -:: - - for STORAGE in storage-0 storage-1; do - system host-unlock $STORAGE - done - -The storage nodes will reboot in order to apply configuration changes and come -into service. This can take 5-10 minutes, depending on the performance of the host machine. - ------------------------ -Configure compute nodes ------------------------ - -On virtual controller-0: - -#. Assign the cluster-host network to the MGMT interface for the compute nodes. - - Note that the MGMT interfaces are partially set up automatically by the - network install procedure. - - :: - - for COMPUTE in compute-0 compute-1; do - system interface-network-assign $COMPUTE mgmt0 cluster-host - done - -#. Configure data interfaces for compute nodes. - - .. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - - 1G Huge Pages are not supported in the virtual environment and there is no - virtual NIC supporting SRIOV. For that reason, data interfaces are not - applicable in the virtual environment for the Kubernetes-only scenario. - - For OpenStack only: - - :: - - DATA0IF=eth1000 - DATA1IF=eth1001 - PHYSNET0='physnet0' - PHYSNET1='physnet1' - SPL=/tmp/tmp-system-port-list - SPIL=/tmp/tmp-system-host-if-list - - Configure the datanetworks in sysinv, prior to referencing it in the - :command:`system host-if-modify` command. - - :: - - system datanetwork-add ${PHYSNET0} vlan - system datanetwork-add ${PHYSNET1} vlan - - for COMPUTE in compute-0 compute-1; do - echo "Configuring interface for: $COMPUTE" - set -ex - system host-port-list ${COMPUTE} --nowrap > ${SPL} - system host-if-list -a ${COMPUTE} --nowrap > ${SPIL} - DATA0PCIADDR=$(cat $SPL | grep $DATA0IF |awk '{print $8}') - DATA1PCIADDR=$(cat $SPL | grep $DATA1IF |awk '{print $8}') - DATA0PORTUUID=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $2}') - DATA1PORTUUID=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $2}') - DATA0PORTNAME=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $4}') - DATA1PORTNAME=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $4}') - DATA0IFUUID=$(cat $SPIL | awk -v DATA0PORTNAME=$DATA0PORTNAME '($12 ~ DATA0PORTNAME) {print $2}') - DATA1IFUUID=$(cat $SPIL | awk -v DATA1PORTNAME=$DATA1PORTNAME '($12 ~ DATA1PORTNAME) {print $2}') - system host-if-modify -m 1500 -n data0 -c data ${COMPUTE} ${DATA0IFUUID} - system host-if-modify -m 1500 -n data1 -c data ${COMPUTE} ${DATA1IFUUID} - system interface-datanetwork-assign ${COMPUTE} ${DATA0IFUUID} ${PHYSNET0} - system interface-datanetwork-assign ${COMPUTE} ${DATA1IFUUID} ${PHYSNET1} - set +ex - done - -************************************* -OpenStack-specific host configuration -************************************* - -.. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - -#. **For OpenStack only:** Assign OpenStack host labels to the compute nodes in - support of installing the stx-openstack manifest/helm-charts later: - - :: - - for NODE in compute-0 compute-1; do - system host-label-assign $NODE openstack-compute-node=enabled - system host-label-assign $NODE openvswitch=enabled - system host-label-assign $NODE sriov=enabled - done - -#. **For OpenStack only:** Set up disk partition for nova-local volume group, - which is needed for stx-openstack nova ephemeral disks: - - :: - - for COMPUTE in compute-0 compute-1; do - echo "Configuring Nova local for: $COMPUTE" - ROOT_DISK=$(system host-show ${COMPUTE} | grep rootfs | awk '{print $4}') - ROOT_DISK_UUID=$(system host-disk-list ${COMPUTE} --nowrap | grep ${ROOT_DISK} | awk '{print $2}') - PARTITION_SIZE=10 - NOVA_PARTITION=$(system host-disk-partition-add -t lvm_phys_vol ${COMPUTE} ${ROOT_DISK_UUID} ${PARTITION_SIZE}) - NOVA_PARTITION_UUID=$(echo ${NOVA_PARTITION} | grep -ow "| uuid | [a-z0-9\-]* |" | awk '{print $4}') - system host-lvg-add ${COMPUTE} nova-local - system host-pv-add ${COMPUTE} nova-local ${NOVA_PARTITION_UUID} - done - --------------------- -Unlock compute nodes --------------------- - -.. include:: controller_storage_install_kubernetes.rst - :start-after: incl-unlock-compute-nodes-virt-controller-storage-start: - :end-before: incl-unlock-compute-nodes-virt-controller-storage-end: - ----------- -Next steps ----------- - -.. include:: ../kubernetes_install_next.txt diff --git a/doc/source/deploy_install_guides/r2_release/virtual/physical_host_req.txt b/doc/source/deploy_install_guides/r2_release/virtual/physical_host_req.txt deleted file mode 100644 index 51a57eefe..000000000 --- a/doc/source/deploy_install_guides/r2_release/virtual/physical_host_req.txt +++ /dev/null @@ -1,78 +0,0 @@ -The following sections describe system requirements and host setup for a -workstation hosting virtual machine(s) where StarlingX will be deployed. - -********************* -Hardware requirements -********************* - -The host system should have at least: - -* **Processor:** x86_64 only supported architecture with BIOS enabled hardware - virtualization extensions - -* **Cores:** 8 - -* **Memory:** 32GB RAM - -* **Hard Disk:** 500GB HDD - -* **Network:** One network adapter with active Internet connection - -********************* -Software requirements -********************* - -The host system should have at least: - -* A workstation computer with Ubuntu 16.04 LTS 64-bit - -All other required packages will be installed by scripts in the StarlingX tools repository. - -********** -Host setup -********** - -Set up the host with the following steps: - -#. Update OS: - - :: - - apt-get update - -#. Clone the StarlingX tools repository: - - :: - - apt-get install -y git - cd $HOME - git clone https://opendev.org/starlingx/tools.git - -#. Install required packages: - - :: - - cd $HOME/tools/deployment/libvirt/ - bash install_packages.sh - apt install -y apparmor-profiles - apt-get install -y ufw - ufw disable - ufw status - - - .. note:: - - On Ubuntu 16.04, if apparmor-profile modules were installed as shown in - the example above, you must reboot the server to fully install the - apparmor-profile modules. - - -#. Get the StarlingX ISO. This can be from a private StarlingX build or from - the public `CENGN StarlingX mirror `_. - - For example, to get the ISO for the StarlingX R2.0 build, use the command - shown below: - - :: - - wget http://mirror.starlingx.cengn.ca/mirror/starlingx/release/2.0.0/centos/outputs/iso/bootimage.iso diff --git a/doc/source/deploy_install_guides/r3_release/ansible_bootstrap_configs.rst b/doc/source/deploy_install_guides/r3_release/ansible_bootstrap_configs.rst deleted file mode 100644 index 2a82d1c77..000000000 --- a/doc/source/deploy_install_guides/r3_release/ansible_bootstrap_configs.rst +++ /dev/null @@ -1,422 +0,0 @@ -================================ -Ansible Bootstrap Configurations -================================ - -This section describes Ansible bootstrap configuration options. - -.. contents:: - :local: - :depth: 1 - - -.. _install-time-only-params: - ----------------------------- -Install-time-only parameters ----------------------------- - -Some Ansible bootstrap parameters can not be changed or are very difficult to -change after installation is complete. - -Review the set of install-time-only parameters before installation and confirm -that your values for these parameters are correct for the desired installation. - -.. note:: - - If you notice an incorrect install-time-only parameter value *before you - unlock controller-0 for the first time*, you can re-run the Ansible bootstrap - playbook with updated override values and the updated values will take effect. - -**************************** -Install-time-only parameters -**************************** - -**System Properties** - -* ``system_mode`` -* ``distributed_cloud_role`` - -**Network Properties** - -* ``pxeboot_subnet`` -* ``pxeboot_start_address`` -* ``pxeboot_end_address`` -* ``management_subnet`` -* ``management_start_address`` -* ``management_end_address`` -* ``cluster_host_subnet`` -* ``cluster_host_start_address`` -* ``cluster_host_end_address`` -* ``cluster_pod_subnet`` -* ``cluster_pod_start_address`` -* ``cluster_pod_end_address`` -* ``cluster_service_subnet`` -* ``cluster_service_start_address`` -* ``cluster_service_end_address`` -* ``management_multicast_subnet`` -* ``management_multicast_start_address`` -* ``management_multicast_end_address`` - -**Docker Proxies** - -* ``docker_http_proxy`` -* ``docker_https_proxy`` -* ``docker_no_proxy`` - -**Docker Registry Overrides** - -* ``docker_registries`` - - * ``k8s.gcr.io`` - - * ``url`` - * ``username`` - * ``password`` - * ``secure`` - - * ``gcr.io`` - - * ``url`` - * ``username`` - * ``password`` - * ``secure`` - - * ``quay.io`` - - * ``url`` - * ``username`` - * ``password`` - * ``secure`` - - * ``docker.io`` - - * ``url`` - * ``username`` - * ``password`` - * ``secure`` - - * ``docker.elastic.co`` - - * ``url`` - * ``username`` - * ``password`` - * ``secure`` - - * ``defaults`` - - * ``url`` - * ``username`` - * ``password`` - * ``secure`` - -**Certificates** - -* ``k8s_root_ca_cert`` -* ``k8s_root_ca_key`` - -**Kubernetes Parameters** - -* ``apiserver_oidc`` - - * ``client_id`` - * ``issuer_id`` - * ``username_claim`` - ----- -IPv6 ----- - -If you are using IPv6, provide IPv6 configuration overrides for the Ansible -bootstrap playbook. Note that all addressing, except pxeboot_subnet, should be -updated to IPv6 addressing. - -Example IPv6 override values are shown below: - -:: - - dns_servers: - ‐ 2001:4860:4860::8888 - ‐ 2001:4860:4860::8844 - pxeboot_subnet: 169.254.202.0/24 - management_subnet: 2001:db8:2::/64 - cluster_host_subnet: 2001:db8:3::/64 - cluster_pod_subnet: 2001:db8:4::/64 - cluster_service_subnet: 2001:db8:4::/112 - external_oam_subnet: 2001:db8:1::/64 - external_oam_gateway_address: 2001:db8::1 - external_oam_floating_address: 2001:db8::2 - external_oam_node_0_address: 2001:db8::3 - external_oam_node_1_address: 2001:db8::4 - management_multicast_subnet: ff08::1:1:0/124 - -.. note:: - - The `external_oam_node_0_address`, and `external_oam_node_1_address` parameters - are not required for the AIO‐SX installation. - ----------------- -Private registry ----------------- - -To bootstrap StarlingX you must pull container images for multiple system -services. By default these container images are pulled from public registries: -k8s.gcr.io, gcr.io, quay.io, and docker.io. - -It may be required (or desired) to copy the container images to a private -registry and pull the images from the private registry (instead of the public -registries) as part of the StarlingX bootstrap. For example, a private registry -would be required if a StarlingX system was deployed in an air-gapped network -environment. - -Use the `docker_registries` structure in the bootstrap overrides file to specify -alternate registry(s) for the public registries from which container images are -pulled. These alternate registries are used during the bootstrapping of -controller-0, and on :command:`system application-apply` of application packages. - -The `docker_registries` structure is a map of public registries and the -alternate registry values for each public registry. For each public registry the -key is a fully scoped registry name of a public registry (for example "k8s.gcr.io") -and the alternate registry URL and username/password (if authenticated). - -url - The fully scoped registry name (and optionally namespace/) for the alternate - registry location where the images associated with this public registry - should now be pulled from. - - Valid formats for the `url` value are: - - * Domain. For example: - - :: - - example.domain - - * Domain with port. For example: - - :: - - example.domain:5000 - - * IPv4 address. For example: - - :: - - 1.2.3.4 - - * IPv4 address with port. For example: - - :: - - 1.2.3.4:5000 - - * IPv6 address. For example: - - :: - - FD01::0100 - - * IPv6 address with port. For example: - - :: - - [FD01::0100]:5000 - -username - The username for logging into the alternate registry, if authenticated. - -password - The password for logging into the alternate registry, if authenticated. - - -Additional configuration options in the `docker_registries` structure are: - -defaults - A special public registry key which defines common values to be applied to - all overrideable public registries. If only the `defaults` registry - is defined, it will apply `url`, `username`, and `password` for all - registries. - - If values under specific registries are defined, they will override the - values defined in the defaults registry. - - .. note:: - - The `defaults` key was formerly called `unified`. It was renamed - in StarlingX R3.0 and updated semantics were applied. - - This change affects anyone with a StarlingX installation prior to R3.0 that - specifies alternate Docker registries using the `unified` key. - -secure - Specifies whether the registry(s) supports HTTPS (secure) or HTTP (not secure). - Applies to all alternate registries. A boolean value. The default value is - True (secure, HTTPS). - -.. note:: - - The ``secure`` parameter was formerly called ``is_secure_registry``. It was - renamed in StarlingX R3.0. - -If an alternate registry is specified to be secure (using HTTPS), the certificate -used by the registry may not be signed by a well-known Certificate Authority (CA). -This results in the :command:`docker pull` of images from this registry to fail. -Use the `ssl_ca_cert` override to specify the public certificate of the CA that -signed the alternate registry’s certificate. This will add the CA as a trusted -CA to the StarlingX system. - -ssl_ca_cert - The `ssl_ca_cert` value is the absolute path of the certificate file. The - certificate must be in PEM format and the file may contain a single CA - certificate or multiple CA certificates in a bundle. - -The following example will apply `url`, `username`, and `password` to all -registries. - -:: - - docker_registries: - defaults: - url: my.registry.io - username: myreguser - password: myregP@ssw0rd - -The next example applies `username` and `password` from the defaults registry -to all public registries. `url` is different for each public registry. It -additionally specifies an alternate CA certificate. - -:: - - docker_registries: - k8s.gcr.io: - url: my.k8sregistry.io - gcr.io: - url: my.gcrregistry.io - quay.io: - url: my.quayregistry.io - docker.io: - url: my.dockerregistry.io - defaults: - url: my.registry.io - username: myreguser - password: myregP@ssw0rd - - ssl_ca_cert: /path/to/ssl_ca_cert_file - ------------- -Docker proxy ------------- - -If the StarlingX OAM interface or network is behind a http/https proxy, relative -to the Docker registries used by StarlingX or applications running on StarlingX, -then Docker within StarlingX must be configured to use these http/https proxies. - -Use the following configuration overrides to configure your Docker proxy settings. - -docker_http_proxy - Specify the HTTP proxy URL to use. For example: - - :: - - docker_http_proxy: http://my.proxy.com:1080 - -docker_https_proxy - Specify the HTTPS proxy URL to use. For example: - - :: - - docker_https_proxy: https://my.proxy.com:1443 - -docker_no_proxy - A no-proxy address list can be provided for registries not on the other side - of the proxies. This list will be added to the default no-proxy list derived - from localhost, loopback, management, and OAM floating addresses at run time. - Each address in the no-proxy list must neither contain a wildcard nor have - subnet format. For example: - - :: - - docker_no_proxy: - - 1.2.3.4 - - 5.6.7.8 - --------------------------------------- -Kubernetes root CA certificate and key --------------------------------------- - -By default the Kubernetes Root CA Certificate and Key are auto-generated and -result in the use of self-signed certificates for the Kubernetes API server. In -the case where self-signed certificates are not acceptable, use the bootstrap -override values `k8s_root_ca_cert` and `k8s_root_ca_key` to specify the -certificate and key for the Kubernetes root CA. - -k8s_root_ca_cert - Specifies the certificate for the Kubernetes root CA. The `k8s_root_ca_cert` - value is the absolute path of the certificate file. The certificate must be - in PEM format and the value must be provided as part of a pair with - `k8s_root_ca_key`. The playbook will not proceed if only one value is provided. - -k8s_root_ca_key - Specifies the key for the Kubernetes root CA. The `k8s_root_ca_key` - value is the absolute path of the certificate file. The certificate must be - in PEM format and the value must be provided as part of a pair with - `k8s_root_ca_cert`. The playbook will not proceed if only one value is provided. - -.. important:: - - The default length for the generated Kubernetes root CA certificate is 10 - years. Replacing the root CA certificate is an involved process so the custom - certificate expiry should be as long as possible. We recommend ensuring root - CA certificate has an expiry of at least 5-10 years. - -The administrator can also provide values to add to the Kubernetes API server -certificate Subject Alternative Name list using the 'apiserver_cert_sans` -override parameter. - -apiserver_cert_sans - Specifies a list of Subject Alternative Name entries that will be added to the - Kubernetes API server certificate. Each entry in the list must be an IP address - or domain name. For example: - - :: - - apiserver_cert_sans: - - hostname.domain - - 198.51.100.75 - -StarlingX automatically updates this parameter to include IP records for the OAM -floating IP and both OAM unit IP addresses. - ----------------------------------------------------- -OpenID Connect authentication for Kubernetes cluster ----------------------------------------------------- - -The Kubernetes cluster can be configured to use an external OpenID Connect -:abbr:`IDP (identity provider)`, such as Azure Active Directory, Salesforce, or -Google, for Kubernetes API authentication. - -By default, OpenID Connect authentication is disabled. To enable OpenID Connect, -use the following configuration values in the Ansible bootstrap overrides file -to specify the IDP for OpenID Connect: - -:: - - apiserver_oidc: - client_id: - issuer_url: - username_claim: - -When the three required fields of the `apiserver_oidc` parameter are defined, -OpenID Connect is considered active. The values will be used to configure the -Kubernetes cluster to use the specified external OpenID Connect IDP for -Kubernetes API authentication. - -In addition, you will need to configure the external OpenID Connect IDP and any -required OpenID client application according to the specific IDP's documentation. - -If not configuring OpenID Connect, all values should be absent from the -configuration file. - -.. note:: - - Default authentication via service account tokens is always supported, - even when OpenID Connect authentication is configured. \ No newline at end of file diff --git a/doc/source/deploy_install_guides/r3_release/ansible_install_time_only.txt b/doc/source/deploy_install_guides/r3_release/ansible_install_time_only.txt deleted file mode 100644 index 962bf3fc2..000000000 --- a/doc/source/deploy_install_guides/r3_release/ansible_install_time_only.txt +++ /dev/null @@ -1,7 +0,0 @@ -.. important:: - - Some Ansible bootstrap parameters cannot be changed or are very difficult to change after installation is complete. - - Review the set of install-time-only parameters before installation and confirm that your values for these parameters are correct for the desired installation. - - Refer to :ref:`Ansible install-time-only parameters ` for details. \ No newline at end of file diff --git a/doc/source/deploy_install_guides/r3_release/bare_metal/aio_duplex.rst b/doc/source/deploy_install_guides/r3_release/bare_metal/aio_duplex.rst deleted file mode 100644 index 103a933fa..000000000 --- a/doc/source/deploy_install_guides/r3_release/bare_metal/aio_duplex.rst +++ /dev/null @@ -1,26 +0,0 @@ -============================================== -Bare metal All-in-one Duplex Installation R3.0 -============================================== - --------- -Overview --------- - -.. include:: ../desc_aio_duplex.txt - -The bare metal AIO-DX deployment configuration may be extended with up to four -worker nodes (not shown in the diagram). Installation instructions for -these additional nodes are described in :doc:`aio_duplex_extend`. - -.. include:: ../ipv6_note.txt - ------------- -Installation ------------- - -.. toctree:: - :maxdepth: 1 - - aio_duplex_hardware - aio_duplex_install_kubernetes - aio_duplex_extend \ No newline at end of file diff --git a/doc/source/deploy_install_guides/r3_release/bare_metal/aio_duplex_extend.rst b/doc/source/deploy_install_guides/r3_release/bare_metal/aio_duplex_extend.rst deleted file mode 100644 index 754d674f8..000000000 --- a/doc/source/deploy_install_guides/r3_release/bare_metal/aio_duplex_extend.rst +++ /dev/null @@ -1,192 +0,0 @@ -================================= -Extend Capacity with Worker Nodes -================================= - -This section describes the steps to extend capacity with worker nodes on a -**StarlingX R3.0 bare metal All-in-one Duplex** deployment configuration. - -.. contents:: - :local: - :depth: 1 - --------------------------------- -Install software on worker nodes --------------------------------- - -#. Power on the worker node servers and force them to network boot with the - appropriate BIOS boot options for your particular server. - -#. As the worker nodes boot, a message appears on their console instructing - you to configure the personality of the node. - -#. On the console of controller-0, list hosts to see newly discovered worker node - hosts (hostname=None): - - :: - - system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-0 | controller | unlocked | enabled | available | - | 3 | None | None | locked | disabled | offline | - | 4 | None | None | locked | disabled | offline | - +----+--------------+-------------+----------------+-------------+--------------+ - -#. Using the host id, set the personality of this host to 'worker': - - :: - - system host-update 3 personality=worker hostname=worker-0 - system host-update 4 personality=worker hostname=worker-1 - - This initiates the install of software on worker nodes. - This can take 5-10 minutes, depending on the performance of the host machine. - -#. Wait for the install of software on the worker nodes to complete, for the - worker nodes to reboot, and for both to show as locked/disabled/online in - 'system host-list'. - - :: - - system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-1 | controller | unlocked | enabled | available | - | 3 | worker-0 | worker | locked | disabled | online | - | 4 | worker-1 | worker | locked | disabled | online | - +----+--------------+-------------+----------------+-------------+--------------+ - ----------------------- -Configure worker nodes ----------------------- - -#. Assign the cluster-host network to the MGMT interface for the worker nodes: - - (Note that the MGMT interfaces are partially set up automatically by the - network install procedure.) - - :: - - for NODE in worker-0 worker-1; do - system interface-network-assign $NODE mgmt0 cluster-host - done - -#. Configure data interfaces for worker nodes. Use the DATA port names, for - example eth0, that are applicable to your deployment environment. - - .. important:: - - This step is **required** for OpenStack. - - This step is optional for Kubernetes: Do this step if using SRIOV network - attachments in hosted application containers. - - For Kubernetes SRIOV network attachments: - - * Configure SRIOV device plug in: - - :: - - system host-label-assign controller-1 sriovdp=enabled - - * If planning on running DPDK in containers on this host, configure the number - of 1G Huge pages required on both NUMA nodes: - - :: - - system host-memory-modify controller-1 0 -1G 100 - system host-memory-modify controller-1 1 -1G 100 - - For both Kubernetes and OpenStack: - - :: - - DATA0IF= - DATA1IF= - PHYSNET0='physnet0' - PHYSNET1='physnet1' - SPL=/tmp/tmp-system-port-list - SPIL=/tmp/tmp-system-host-if-list - - # configure the datanetworks in sysinv, prior to referencing it - # in the ``system host-if-modify`` command'. - system datanetwork-add ${PHYSNET0} vlan - system datanetwork-add ${PHYSNET1} vlan - - for NODE in worker-0 worker-1; do - echo "Configuring interface for: $NODE" - set -ex - system host-port-list ${NODE} --nowrap > ${SPL} - system host-if-list -a ${NODE} --nowrap > ${SPIL} - DATA0PCIADDR=$(cat $SPL | grep $DATA0IF |awk '{print $8}') - DATA1PCIADDR=$(cat $SPL | grep $DATA1IF |awk '{print $8}') - DATA0PORTUUID=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $2}') - DATA1PORTUUID=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $2}') - DATA0PORTNAME=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $4}') - DATA1PORTNAME=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $4}') - DATA0IFUUID=$(cat $SPIL | awk -v DATA0PORTNAME=$DATA0PORTNAME '($12 ~ DATA0PORTNAME) {print $2}') - DATA1IFUUID=$(cat $SPIL | awk -v DATA1PORTNAME=$DATA1PORTNAME '($12 ~ DATA1PORTNAME) {print $2}') - system host-if-modify -m 1500 -n data0 -c data ${NODE} ${DATA0IFUUID} - system host-if-modify -m 1500 -n data1 -c data ${NODE} ${DATA1IFUUID} - system interface-datanetwork-assign ${NODE} ${DATA0IFUUID} ${PHYSNET0} - system interface-datanetwork-assign ${NODE} ${DATA1IFUUID} ${PHYSNET1} - set +ex - done - -************************************* -OpenStack-specific host configuration -************************************* - -.. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - -#. **For OpenStack only:** Assign OpenStack host labels to the worker nodes in - support of installing the stx-openstack manifest and helm-charts later. - - :: - - for NODE in worker-0 worker-1; do - system host-label-assign $NODE openstack-compute-node=enabled - system host-label-assign $NODE openvswitch=enabled - system host-label-assign $NODE sriov=enabled - done - -#. **For OpenStack only:** Setup disk partition for nova-local volume group, - needed for stx-openstack nova ephemeral disks. - - :: - - for NODE in worker-0 worker-1; do - echo "Configuring Nova local for: $NODE" - ROOT_DISK=$(system host-show ${NODE} | grep rootfs | awk '{print $4}') - ROOT_DISK_UUID=$(system host-disk-list ${NODE} --nowrap | grep ${ROOT_DISK} | awk '{print $2}') - PARTITION_SIZE=10 - NOVA_PARTITION=$(system host-disk-partition-add -t lvm_phys_vol ${NODE} ${ROOT_DISK_UUID} ${PARTITION_SIZE}) - NOVA_PARTITION_UUID=$(echo ${NOVA_PARTITION} | grep -ow "| uuid | [a-z0-9\-]* |" | awk '{print $4}') - system host-lvg-add ${NODE} nova-local - system host-pv-add ${NODE} nova-local ${NOVA_PARTITION_UUID} - done - - -------------------- -Unlock worker nodes -------------------- - -Unlock worker nodes in order to bring them into service: - -:: - - for NODE in worker-0 worker-1; do - system host-unlock $NODE - done - -The worker nodes will reboot to apply configuration changes and come into -service. This can take 5-10 minutes, depending on the performance of the host -machine. - diff --git a/doc/source/deploy_install_guides/r3_release/bare_metal/aio_duplex_hardware.rst b/doc/source/deploy_install_guides/r3_release/bare_metal/aio_duplex_hardware.rst deleted file mode 100644 index 722f1daa3..000000000 --- a/doc/source/deploy_install_guides/r3_release/bare_metal/aio_duplex_hardware.rst +++ /dev/null @@ -1,58 +0,0 @@ -===================== -Hardware Requirements -===================== - -This section describes the hardware requirements and server preparation for a -**StarlingX R3.0 bare metal All-in-one Duplex** deployment configuration. - -.. contents:: - :local: - :depth: 1 - ------------------------------ -Minimum hardware requirements ------------------------------ - -The recommended minimum hardware requirements for bare metal servers for various -host types are: - -+-------------------------+-----------------------------------------------------------+ -| Minimum Requirement | All-in-one Controller Node | -+=========================+===========================================================+ -| Number of servers | 2 | -+-------------------------+-----------------------------------------------------------+ -| Minimum processor class | - Dual-CPU Intel® Xeon® E5 26xx family (SandyBridge) | -| | 8 cores/socket | -| | | -| | or | -| | | -| | - Single-CPU Intel® Xeon® D-15xx family, 8 cores | -| | (low-power/low-cost option) | -+-------------------------+-----------------------------------------------------------+ -| Minimum memory | 64 GB | -+-------------------------+-----------------------------------------------------------+ -| Primary disk | 500 GB SSD or NVMe (see :doc:`../../nvme_config`) | -+-------------------------+-----------------------------------------------------------+ -| Additional disks | - 1 or more 500 GB (min. 10K RPM) for Ceph OSD | -| | - Recommended, but not required: 1 or more SSDs or NVMe | -| | drives for Ceph journals (min. 1024 MiB per OSD journal)| -| | - For OpenStack, recommend 1 or more 500 GB (min. 10K RPM)| -| | for VM local ephemeral storage | -+-------------------------+-----------------------------------------------------------+ -| Minimum network ports | - Mgmt/Cluster: 1x10GE | -| | - OAM: 1x1GE | -| | - Data: 1 or more x 10GE | -+-------------------------+-----------------------------------------------------------+ -| BIOS settings | - Hyper-Threading technology enabled | -| | - Virtualization technology enabled | -| | - VT for directed I/O enabled | -| | - CPU power and performance policy set to performance | -| | - CPU C state control disabled | -| | - Plug & play BMC detection disabled | -+-------------------------+-----------------------------------------------------------+ - --------------------------- -Prepare bare metal servers --------------------------- - -.. include:: prep_servers.txt \ No newline at end of file diff --git a/doc/source/deploy_install_guides/r3_release/bare_metal/aio_duplex_install_kubernetes.rst b/doc/source/deploy_install_guides/r3_release/bare_metal/aio_duplex_install_kubernetes.rst deleted file mode 100644 index 9ee67feab..000000000 --- a/doc/source/deploy_install_guides/r3_release/bare_metal/aio_duplex_install_kubernetes.rst +++ /dev/null @@ -1,523 +0,0 @@ -================================================= -Install StarlingX Kubernetes on Bare Metal AIO-DX -================================================= - -This section describes the steps to install the StarlingX Kubernetes platform -on a **StarlingX R3.0 bare metal All-in-one Duplex** deployment configuration. - -.. contents:: - :local: - :depth: 1 - ---------------------- -Create a bootable USB ---------------------- - -Refer to :doc:`/deploy_install_guides/bootable_usb` for instructions on how to -create a bootable USB with the StarlingX ISO on your system. - --------------------------------- -Install software on controller-0 --------------------------------- - -.. include:: aio_simplex_install_kubernetes.rst - :start-after: incl-install-software-controller-0-aio-simplex-start: - :end-before: incl-install-software-controller-0-aio-simplex-end: - --------------------------------- -Bootstrap system on controller-0 --------------------------------- - -#. Login using the username / password of "sysadmin" / "sysadmin". - When logging in for the first time, you will be forced to change the password. - - :: - - Login: sysadmin - Password: - Changing password for sysadmin. - (current) UNIX Password: sysadmin - New Password: - (repeat) New Password: - -#. Verify and/or configure IP connectivity. - - External connectivity is required to run the Ansible bootstrap playbook. The - StarlingX boot image will DHCP out all interfaces so the server may have - obtained an IP address and have external IP connectivity if a DHCP server is - present in your environment. Verify this using the :command:`ip addr` and - :command:`ping 8.8.8.8` commands. - - Otherwise, manually configure an IP address and default IP route. Use the - PORT, IP-ADDRESS/SUBNET-LENGTH and GATEWAY-IP-ADDRESS applicable to your - deployment environment. - - :: - - sudo ip address add / dev - sudo ip link set up dev - sudo ip route add default via dev - ping 8.8.8.8 - -#. Specify user configuration overrides for the Ansible bootstrap playbook. - - Ansible is used to bootstrap StarlingX on controller-0. Key files for Ansible - configuration are: - - ``/etc/ansible/hosts`` - The default Ansible inventory file. Contains a single host: localhost. - - ``/usr/share/ansible/stx-ansible/playbooks/bootstrap.yml`` - The Ansible bootstrap playbook. - - ``/usr/share/ansible/stx-ansible/playbooks/host_vars/bootstrap/default.yml`` - The default configuration values for the bootstrap playbook. - - ``sysadmin home directory ($HOME)`` - The default location where Ansible looks for and imports user - configuration override files for hosts. For example: ``$HOME/.yml``. - - .. include:: ../ansible_install_time_only.txt - - Specify the user configuration override file for the Ansible bootstrap - playbook using one of the following methods: - - #. Use a copy of the default.yml file listed above to provide your overrides. - - The default.yml file lists all available parameters for bootstrap - configuration with a brief description for each parameter in the file comments. - - To use this method, copy the default.yml file listed above to - ``$HOME/localhost.yml`` and edit the configurable values as desired. - - #. Create a minimal user configuration override file. - - To use this method, create your override file at ``$HOME/localhost.yml`` - and provide the minimum required parameters for the deployment configuration - as shown in the example below. Use the OAM IP SUBNET and IP ADDRESSing - applicable to your deployment environment. - - :: - - cd ~ - cat < localhost.yml - system_mode: duplex - - dns_servers: - - 8.8.8.8 - - 8.8.4.4 - - external_oam_subnet: / - external_oam_gateway_address: - external_oam_floating_address: - external_oam_node_0_address: - external_oam_node_1_address: - - admin_username: admin - admin_password: - ansible_become_pass: - - # Add these lines to configure Docker to use a proxy server - # docker_http_proxy: http://my.proxy.com:1080 - # docker_https_proxy: https://my.proxy.com:1443 - # docker_no_proxy: - # - 1.2.3.4 - - EOF - - Refer to :doc:`/deploy_install_guides/r3_release/ansible_bootstrap_configs` - for information on additional Ansible bootstrap configurations for advanced - Ansible bootstrap scenarios, such as Docker proxies when deploying behind a - firewall, etc. Refer to :doc:`/../../configuration/docker_proxy_config` for - details about Docker proxy settings. - -#. Run the Ansible bootstrap playbook: - - :: - - ansible-playbook /usr/share/ansible/stx-ansible/playbooks/bootstrap.yml - - Wait for Ansible bootstrap playbook to complete. - This can take 5-10 minutes, depending on the performance of the host machine. - - The image below shows a typical successful run. - - .. figure:: ../figures/starlingx-release3-ansible-bootstrap-simplex.png - :alt: ansible bootstrap install screen - :width: 800 - - *Figure 3: StarlingX Ansible Bootstrap* - ----------------------- -Configure controller-0 ----------------------- - -#. Acquire admin credentials: - - :: - - source /etc/platform/openrc - -#. Configure the OAM and MGMT interfaces of controller-0 and specify the - attached networks. Use the OAM and MGMT port names, for example eth0, that are - applicable to your deployment environment. - - :: - - OAM_IF= - MGMT_IF= - system host-if-modify controller-0 lo -c none - IFNET_UUIDS=$(system interface-network-list controller-0 | awk '{if ($6=="lo") print $4;}') - for UUID in $IFNET_UUIDS; do - system interface-network-remove ${UUID} - done - system host-if-modify controller-0 $OAM_IF -c platform - system interface-network-assign controller-0 $OAM_IF oam - system host-if-modify controller-0 $MGMT_IF -c platform - system interface-network-assign controller-0 $MGMT_IF mgmt - system interface-network-assign controller-0 $MGMT_IF cluster-host - -#. Configure NTP Servers for network time synchronization: - - :: - - system ntp-modify ntpservers=0.pool.ntp.org,1.pool.ntp.org - -#. Configure data interfaces for controller-0. Use the DATA port names, for example - eth0, applicable to your deployment environment. - - .. important:: - - This step is **required** for OpenStack. - - This step is optional for Kubernetes: Do this step if using SRIOV network - attachments in hosted application containers. - - For Kubernetes SRIOV network attachments: - - * Configure the SRIOV device plugin - - :: - - system host-label-assign controller-0 sriovdp=enabled - - * If planning on running DPDK in containers on this host, configure the number - of 1G Huge pages required on both NUMA nodes. - - :: - - system host-memory-modify controller-0 0 -1G 100 - system host-memory-modify controller-0 1 -1G 100 - - For both Kubernetes and OpenStack: - - :: - - DATA0IF= - DATA1IF= - export NODE=controller-0 - PHYSNET0='physnet0' - PHYSNET1='physnet1' - SPL=/tmp/tmp-system-port-list - SPIL=/tmp/tmp-system-host-if-list - system host-port-list ${NODE} --nowrap > ${SPL} - system host-if-list -a ${NODE} --nowrap > ${SPIL} - DATA0PCIADDR=$(cat $SPL | grep $DATA0IF |awk '{print $8}') - DATA1PCIADDR=$(cat $SPL | grep $DATA1IF |awk '{print $8}') - DATA0PORTUUID=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $2}') - DATA1PORTUUID=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $2}') - DATA0PORTNAME=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $4}') - DATA1PORTNAME=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $4}') - DATA0IFUUID=$(cat $SPIL | awk -v DATA0PORTNAME=$DATA0PORTNAME '($12 ~ DATA0PORTNAME) {print $2}') - DATA1IFUUID=$(cat $SPIL | awk -v DATA1PORTNAME=$DATA1PORTNAME '($12 ~ DATA1PORTNAME) {print $2}') - - system datanetwork-add ${PHYSNET0} vlan - system datanetwork-add ${PHYSNET1} vlan - - system host-if-modify -m 1500 -n data0 -c data ${NODE} ${DATA0IFUUID} - system host-if-modify -m 1500 -n data1 -c data ${NODE} ${DATA1IFUUID} - system interface-datanetwork-assign ${NODE} ${DATA0IFUUID} ${PHYSNET0} - system interface-datanetwork-assign ${NODE} ${DATA1IFUUID} ${PHYSNET1} - -#. Add an OSD on controller-0 for Ceph. The following example adds an OSD - to the `sdb` disk: - - :: - - echo ">>> Add OSDs to primary tier" - system host-disk-list controller-0 - system host-disk-list controller-0 | awk '/\/dev\/sdb/{print $2}' | xargs -i system host-stor-add controller-0 {} - system host-stor-list controller-0 - -#. If required, and not already done as part of bootstrap, configure Docker to - use a proxy server. - - #. List Docker proxy parameters: - - :: - - system service-parameter-list platform docker - - #. Refer to :doc:`/../../configuration/docker_proxy_config` for - details about Docker proxy settings. - - -************************************* -OpenStack-specific host configuration -************************************* - -.. include:: aio_simplex_install_kubernetes.rst - :start-after: incl-config-controller-0-openstack-specific-aio-simplex-start: - :end-before: incl-config-controller-0-openstack-specific-aio-simplex-end: - -------------------- -Unlock controller-0 -------------------- - -.. include:: aio_simplex_install_kubernetes.rst - :start-after: incl-unlock-controller-0-aio-simplex-start: - :end-before: incl-unlock-controller-0-aio-simplex-end: - -------------------------------------- -Install software on controller-1 node -------------------------------------- - -#. Power on the controller-1 server and force it to network boot with the - appropriate BIOS boot options for your particular server. - -#. As controller-1 boots, a message appears on its console instructing you to - configure the personality of the node. - -#. On the console of controller-0, list hosts to see newly discovered controller-1 - host (hostname=None): - - :: - - system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | None | None | locked | disabled | offline | - +----+--------------+-------------+----------------+-------------+--------------+ - -#. Using the host id, set the personality of this host to 'controller': - - :: - - system host-update 2 personality=controller - -#. Wait for the software installation on controller-1 to complete, for controller-1 to - reboot, and for controller-1 to show as locked/disabled/online in 'system host-list'. - - This can take 5-10 minutes, depending on the performance of the host machine. - - :: - - system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-1 | controller | locked | disabled | online | - +----+--------------+-------------+----------------+-------------+--------------+ - ----------------------- -Configure controller-1 ----------------------- - -#. Configure the OAM and MGMT interfaces of controller-1 and specify the - attached networks. Use the OAM and MGMT port names, for example eth0, that are - applicable to your deployment environment: - - (Note that the MGMT interface is partially set up automatically by the network - install procedure.) - - :: - - OAM_IF= - MGMT_IF= - system host-if-modify controller-1 $OAM_IF -c platform - system interface-network-assign controller-1 $OAM_IF oam - system interface-network-assign controller-1 mgmt0 cluster-host - -#. Configure data interfaces for controller-1. Use the DATA port names, for example - eth0, applicable to your deployment environment. - - .. important:: - - This step is **required** for OpenStack. - - This step is optional for Kubernetes: Do this step if using SRIOV network - attachments in hosted application containers. - - For Kubernetes SRIOV network attachments: - - * Configure the SRIOV device plugin: - - :: - - system host-label-assign controller-1 sriovdp=enabled - - * If planning on running DPDK in containers on this host, configure the number - of 1G Huge pages required on both NUMA nodes: - - :: - - system host-memory-modify controller-1 0 -1G 100 - system host-memory-modify controller-1 1 -1G 100 - - - For both Kubernetes and OpenStack: - - :: - - DATA0IF= - DATA1IF= - export NODE=controller-1 - PHYSNET0='physnet0' - PHYSNET1='physnet1' - SPL=/tmp/tmp-system-port-list - SPIL=/tmp/tmp-system-host-if-list - system host-port-list ${NODE} --nowrap > ${SPL} - system host-if-list -a ${NODE} --nowrap > ${SPIL} - DATA0PCIADDR=$(cat $SPL | grep $DATA0IF |awk '{print $8}') - DATA1PCIADDR=$(cat $SPL | grep $DATA1IF |awk '{print $8}') - DATA0PORTUUID=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $2}') - DATA1PORTUUID=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $2}') - DATA0PORTNAME=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $4}') - DATA1PORTNAME=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $4}') - DATA0IFUUID=$(cat $SPIL | awk -v DATA0PORTNAME=$DATA0PORTNAME '($12 ~ DATA0PORTNAME) {print $2}') - DATA1IFUUID=$(cat $SPIL | awk -v DATA1PORTNAME=$DATA1PORTNAME '($12 ~ DATA1PORTNAME) {print $2}') - - system datanetwork-add ${PHYSNET0} vlan - system datanetwork-add ${PHYSNET1} vlan - - system host-if-modify -m 1500 -n data0 -c data ${NODE} ${DATA0IFUUID} - system host-if-modify -m 1500 -n data1 -c data ${NODE} ${DATA1IFUUID} - system interface-datanetwork-assign ${NODE} ${DATA0IFUUID} ${PHYSNET0} - system interface-datanetwork-assign ${NODE} ${DATA1IFUUID} ${PHYSNET1} - -#. Add an OSD on controller-1 for Ceph: - - :: - - echo ">>> Add OSDs to primary tier" - system host-disk-list controller-1 - system host-disk-list controller-1 | awk '/\/dev\/sdb/{print $2}' | xargs -i system host-stor-add controller-1 {} - system host-stor-list controller-1 - -************************************* -OpenStack-specific host configuration -************************************* - -.. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - -#. **For OpenStack only:** Assign OpenStack host labels to controller-1 in - support of installing the stx-openstack manifest and helm-charts later. - - :: - - system host-label-assign controller-1 openstack-control-plane=enabled - system host-label-assign controller-1 openstack-compute-node=enabled - system host-label-assign controller-1 openvswitch=enabled - system host-label-assign controller-1 sriov=enabled - -#. **For OpenStack only:** Set up disk partition for nova-local volume group, - which is needed for stx-openstack nova ephemeral disks. - - :: - - export NODE=controller-1 - - echo ">>> Getting root disk info" - ROOT_DISK=$(system host-show ${NODE} | grep rootfs | awk '{print $4}') - ROOT_DISK_UUID=$(system host-disk-list ${NODE} --nowrap | grep ${ROOT_DISK} | awk '{print $2}') - echo "Root disk: $ROOT_DISK, UUID: $ROOT_DISK_UUID" - - echo ">>>> Configuring nova-local" - NOVA_SIZE=34 - NOVA_PARTITION=$(system host-disk-partition-add -t lvm_phys_vol ${NODE} ${ROOT_DISK_UUID} ${NOVA_SIZE}) - NOVA_PARTITION_UUID=$(echo ${NOVA_PARTITION} | grep -ow "| uuid | [a-z0-9\-]* |" | awk '{print $4}') - system host-lvg-add ${NODE} nova-local - system host-pv-add ${NODE} nova-local ${NOVA_PARTITION_UUID} - sleep 2 - -------------------- -Unlock controller-1 -------------------- - -Unlock controller-1 in order to bring it into service: - -:: - - system host-unlock controller-1 - -Controller-1 will reboot in order to apply configuration changes and come into -service. This can take 5-10 minutes, depending on the performance of the host -machine. - -:: - - [sysadmin@controller-1 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-1 | controller | unlocked | enabled | available | - +----+--------------+-------------+----------------+-------------+--------------+ - - [sysadmin@controller-1 ~(keystone_admin)]$ system host-show controller-1 - +-----------------------+----------------------------------------------------------------------+ - | Property | Value | - +-----------------------+----------------------------------------------------------------------+ - | action | none | - | administrative | unlocked | - | availability | available | - | bm_ip | None | - | bm_type | none | - | bm_username | None | - | boot_device | /dev/sda | - | capabilities | {u'stor_function': u'monitor', u'Personality': u'Controller-Active'} | - | clock_synchronization | ntp | - | config_applied | 19e0dada-c2ac-4faf-a513-b713c07441af | - | config_status | None | - | config_target | 19e0dada-c2ac-4faf-a513-b713c07441af | - | console | ttyS0,115200 | - | created_at | 2020-04-22T02:42:06.956004+00:00 | - | hostname | controller-1 | - | id | 2 | - | install_output | text | - | install_state | completed | - | install_state_info | None | - | inv_state | inventoried | - | invprovision | provisioned | - | location | {} | - | mgmt_ip | 10.10.53.12 | - | mgmt_mac | a4:bf:01:55:03:bb | - | operational | enabled | - | personality | controller | - | reserved | False | - | rootfs_device | /dev/sda | - | serialid | None | - | software_load | 20.01 | - | subfunction_avail | available | - | subfunction_oper | enabled | - | subfunctions | controller,worker | - | task | | - | tboot | false | - | ttys_dcd | None | - | updated_at | 2020-04-22T12:20:25.248838+00:00 | - | uptime | 10587 | - | uuid | 41296fac-5b16-4c52-9296-5b720100f8b5 | - | vim_progress_status | services-enabled | - +-----------------------+----------------------------------------------------------------------+ - ----------- -Next steps ----------- - -.. include:: ../kubernetes_install_next.txt diff --git a/doc/source/deploy_install_guides/r3_release/bare_metal/aio_simplex.rst b/doc/source/deploy_install_guides/r3_release/bare_metal/aio_simplex.rst deleted file mode 100644 index c2ac9b6a5..000000000 --- a/doc/source/deploy_install_guides/r3_release/bare_metal/aio_simplex.rst +++ /dev/null @@ -1,21 +0,0 @@ -=============================================== -Bare metal All-in-one Simplex Installation R3.0 -=============================================== - --------- -Overview --------- - -.. include:: ../desc_aio_simplex.txt - -.. include:: ../ipv6_note.txt - ------------- -Installation ------------- - -.. toctree:: - :maxdepth: 1 - - aio_simplex_hardware - aio_simplex_install_kubernetes diff --git a/doc/source/deploy_install_guides/r3_release/bare_metal/aio_simplex_install_kubernetes.rst b/doc/source/deploy_install_guides/r3_release/bare_metal/aio_simplex_install_kubernetes.rst deleted file mode 100644 index ddd0e489f..000000000 --- a/doc/source/deploy_install_guides/r3_release/bare_metal/aio_simplex_install_kubernetes.rst +++ /dev/null @@ -1,510 +0,0 @@ -================================================= -Install StarlingX Kubernetes on Bare Metal AIO-SX -================================================= - -This section describes the steps to install the StarlingX Kubernetes platform -on a **StarlingX R3.0 bare metal All-in-one Simplex** deployment configuration. - -.. contents:: - :local: - :depth: 1 - ---------------------- -Create a bootable USB ---------------------- - -Refer to :doc:`/deploy_install_guides/bootable_usb` for instructions on how to -create a bootable USB with the StarlingX ISO on your system. - --------------------------------- -Install software on controller-0 --------------------------------- - -.. incl-install-software-controller-0-aio-simplex-start: - -#. Insert the bootable USB into a bootable USB port on the host you are - configuring as controller-0. - -#. Power on the host. - -#. Attach to a console, ensure the host boots from the USB, and wait for the - StarlingX Installer Menus. - -#. Make the following menu selections in the installer: - - #. First menu: Select 'All-in-one Controller Configuration'. - #. Second menu: Select 'Graphical Console' or 'Serial Console' depending on - your terminal access to the console port. - - .. figure:: ../figures/starlingx-aio-controller-configuration.png - :alt: starlingx-controller-configuration - - *Figure 1: StarlingX Controller Configuration* - - - .. figure:: ../figures/starlingx-aio-serial-console.png - :alt: starlingx-serial-console - - *Figure 2: StarlingX Serial Console* - -Wait for non-interactive install of software to complete and server to reboot. -This can take 5-10 minutes, depending on the performance of the server. - -.. incl-install-software-controller-0-aio-simplex-end: - --------------------------------- -Bootstrap system on controller-0 --------------------------------- - -#. Login using the username / password of "sysadmin" / "sysadmin". - When logging in for the first time, you will be forced to change the password. - - :: - - Login: sysadmin - Password: - Changing password for sysadmin. - (current) UNIX Password: sysadmin - New Password: - (repeat) New Password: - -#. Verify and/or configure IP connectivity. - - External connectivity is required to run the Ansible bootstrap playbook. The - StarlingX boot image will DHCP out all interfaces so the server may have - obtained an IP address and have external IP connectivity if a DHCP server is - present in your environment. Verify this using the :command:`ip addr` and - :command:`ping 8.8.8.8` commands. - - Otherwise, manually configure an IP address and default IP route. Use the - PORT, IP-ADDRESS/SUBNET-LENGTH and GATEWAY-IP-ADDRESS applicable to your - deployment environment. - - :: - - sudo ip address add / dev - sudo ip link set up dev - sudo ip route add default via dev - ping 8.8.8.8 - -#. Specify user configuration overrides for the Ansible bootstrap playbook. - - Ansible is used to bootstrap StarlingX on controller-0. Key files for Ansible - configuration are: - - ``/etc/ansible/hosts`` - The default Ansible inventory file. Contains a single host: localhost. - - ``/usr/share/ansible/stx-ansible/playbooks/bootstrap.yml`` - The Ansible bootstrap playbook. - - ``/usr/share/ansible/stx-ansible/playbooks/host_vars/bootstrap/default.yml`` - The default configuration values for the bootstrap playbook. - - ``sysadmin home directory ($HOME)`` - The default location where Ansible looks for and imports user - configuration override files for hosts. For example: ``$HOME/.yml``. - - .. include:: ../ansible_install_time_only.txt - - Specify the user configuration override file for the Ansible bootstrap - playbook using one of the following methods: - - #. Use a copy of the default.yml file listed above to provide your overrides. - - The default.yml file lists all available parameters for bootstrap - configuration with a brief description for each parameter in the file comments. - - To use this method, copy the default.yml file listed above to - ``$HOME/localhost.yml`` and edit the configurable values as desired. - - #. Create a minimal user configuration override file. - - To use this method, create your override file at ``$HOME/localhost.yml`` - and provide the minimum required parameters for the deployment configuration - as shown in the example below. Use the OAM IP SUBNET and IP ADDRESSing - applicable to your deployment environment. - - :: - - cd ~ - cat < localhost.yml - system_mode: simplex - - dns_servers: - - 8.8.8.8 - - 8.8.4.4 - - external_oam_subnet: / - external_oam_gateway_address: - external_oam_floating_address: - - admin_username: admin - admin_password: - ansible_become_pass: - - # Add these lines to configure Docker to use a proxy server - # docker_http_proxy: http://my.proxy.com:1080 - # docker_https_proxy: https://my.proxy.com:1443 - # docker_no_proxy: - # - 1.2.3.4 - - EOF - - Refer to :doc:`/deploy_install_guides/r3_release/ansible_bootstrap_configs` - for information on additional Ansible bootstrap configurations for advanced - Ansible bootstrap scenarios, such as Docker proxies when deploying behind a - firewall, etc. Refer to :doc:`/../../configuration/docker_proxy_config` for - details about Docker proxy settings. - -#. Run the Ansible bootstrap playbook: - - :: - - ansible-playbook /usr/share/ansible/stx-ansible/playbooks/bootstrap.yml - - Wait for Ansible bootstrap playbook to complete. - This can take 5-10 minutes, depending on the performance of the host machine. - - The image below shows a typical successful run. - - .. figure:: ../figures/starlingx-release3-ansible-bootstrap-simplex.png - :alt: ansible bootstarp install screen - :width: 800 - - *Figure 3: StarlingX Ansible Bootstrap* - ----------------------- -Configure controller-0 ----------------------- - -#. Acquire admin credentials: - - :: - - source /etc/platform/openrc - -#. At this stage, you can see the controller status, it will be in the locked state. - - :: - - [sysadmin@localhost ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | locked | disabled | online | - +----+--------------+-------------+----------------+-------------+--------------+ - -#. Configure the OAM interface of controller-0 and specify the attached network - as "oam". Use the OAM port name that is applicable to your deployment - environment, for example eth0: - - :: - - OAM_IF= - system host-if-modify controller-0 $OAM_IF -c platform - system interface-network-assign controller-0 $OAM_IF oam - -#. If the system is a subcloud in a distributed cloud environment, then the mgmt - network and cluster-host networks must be configured on an actual interface - and not left on the loopback interface. - - .. important:: - - Complete this step only if the system is a subcloud in a distributed cloud - environment! - - For example: - - :: - - MGMT_IF= - system host-if-modify controller-0 lo -c none - IFNET_UUIDS=$(system interface-network-list controller-0 | awk '{if ($6=="lo") print $4;}') - for UUID in $IFNET_UUIDS; do - system interface-network-remove ${UUID} - done - system host-if-modify controller-0 $MGMT_IF -c platform - system interface-network-assign controller-0 $MGMT_IF mgmt - system interface-network-assign controller-0 $MGMT_IF cluster-host - -#. Configure NTP Servers for network time synchronization: - - :: - - system ntp-modify ntpservers=0.pool.ntp.org,1.pool.ntp.org - -#. Configure data interfaces for controller-0. Use the DATA port names, for example - eth0, applicable to your deployment environment. - - .. important:: - - This step is **required** for OpenStack. - - This step is optional for Kubernetes: Do this step if using SRIOV network - attachments in hosted application containers. - - For Kubernetes SRIOV network attachments: - - * Configure the SRIOV device plugin - - :: - - system host-label-assign controller-0 sriovdp=enabled - - * If planning on running DPDK in containers on this host, configure the number - of 1G Huge pages required on both NUMA nodes. - - :: - - system host-memory-modify controller-0 0 -1G 100 - system host-memory-modify controller-0 1 -1G 100 - - For both Kubernetes and OpenStack: - - :: - - DATA0IF= - DATA1IF= - export NODE=controller-0 - PHYSNET0='physnet0' - PHYSNET1='physnet1' - SPL=/tmp/tmp-system-port-list - SPIL=/tmp/tmp-system-host-if-list - system host-port-list ${NODE} --nowrap > ${SPL} - system host-if-list -a ${NODE} --nowrap > ${SPIL} - DATA0PCIADDR=$(cat $SPL | grep $DATA0IF |awk '{print $8}') - DATA1PCIADDR=$(cat $SPL | grep $DATA1IF |awk '{print $8}') - DATA0PORTUUID=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $2}') - DATA1PORTUUID=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $2}') - DATA0PORTNAME=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $4}') - DATA1PORTNAME=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $4}') - DATA0IFUUID=$(cat $SPIL | awk -v DATA0PORTNAME=$DATA0PORTNAME '($12 ~ DATA0PORTNAME) {print $2}') - DATA1IFUUID=$(cat $SPIL | awk -v DATA1PORTNAME=$DATA1PORTNAME '($12 ~ DATA1PORTNAME) {print $2}') - - system datanetwork-add ${PHYSNET0} vlan - system datanetwork-add ${PHYSNET1} vlan - - system host-if-modify -m 1500 -n data0 -c data ${NODE} ${DATA0IFUUID} - system host-if-modify -m 1500 -n data1 -c data ${NODE} ${DATA1IFUUID} - system interface-datanetwork-assign ${NODE} ${DATA0IFUUID} ${PHYSNET0} - system interface-datanetwork-assign ${NODE} ${DATA1IFUUID} ${PHYSNET1} - -#. Add an OSD on controller-0 for Ceph. The following example adds an OSD - to the `sdb` disk: - - :: - - echo ">>> Add OSDs to primary tier" - system host-disk-list controller-0 - system host-disk-list controller-0 | awk '/\/dev\/sdb/{print $2}' | xargs -i system host-stor-add controller-0 {} - system host-stor-list controller-0 - -#. If required, and not already done as part of bootstrap, configure Docker to - use a proxy server. - - #. List Docker proxy parameters: - - :: - - system service-parameter-list platform docker - - #. Refer to :doc:`/../../configuration/docker_proxy_config` for - details about Docker proxy settings. - -************************************* -OpenStack-specific host configuration -************************************* - -.. incl-config-controller-0-openstack-specific-aio-simplex-start: - -.. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - -#. **For OpenStack only:** Assign OpenStack host labels to controller-0 in - support of installing the stx-openstack manifest and helm-charts later. - - :: - - system host-label-assign controller-0 openstack-control-plane=enabled - system host-label-assign controller-0 openstack-compute-node=enabled - system host-label-assign controller-0 openvswitch=enabled - system host-label-assign controller-0 sriov=enabled - -#. **For OpenStack only:** Configure the system setting for the vSwitch. - - StarlingX has OVS (kernel-based) vSwitch configured as default: - - * Runs in a container; defined within the helm charts of stx-openstack - manifest. - * Shares the core(s) assigned to the platform. - - If you require better performance, OVS-DPDK (OVS with the Data Plane - Development Kit, which is supported only on bare metal hardware) should be - used: - - * Runs directly on the host (it is not containerized). - * Requires that at least 1 core be assigned/dedicated to the vSwitch function. - - To deploy the default containerized OVS: - - :: - - system modify --vswitch_type none - - Do not run any vSwitch directly on the host, instead, use the containerized - OVS defined in the helm charts of stx-openstack manifest. - - To deploy OVS-DPDK, run the following command: - - :: - - system modify --vswitch_type ovs-dpdk - system host-cpu-modify -f vswitch -p0 1 controller-0 - - Once vswitch_type is set to OVS-DPDK, any subsequent nodes created will - default to automatically assigning 1 vSwitch core for AIO controllers and 2 - vSwitch cores for compute-labeled worker nodes. - - When using OVS-DPDK, configure vSwitch memory per NUMA node with the following - command: - - :: - - system host-memory-modify -f -1G <1G hugepages number> - - For example: - - :: - - system host-memory-modify -f vswitch -1G 1 worker-0 0 - - VMs created in an OVS-DPDK environment must be configured to use huge pages - to enable networking and must use a flavor with property: hw:mem_page_size=large - - Configure the huge pages for VMs in an OVS-DPDK environment with the command: - - :: - - system host-memory-modify -1G <1G hugepages number> - - For example: - - :: - - system host-memory-modify worker-0 0 -1G 10 - - .. note:: - - After controller-0 is unlocked, changing vswitch_type requires - locking and unlocking all compute-labeled worker nodes (and/or AIO - controllers) to apply the change. - -#. **For OpenStack only:** Set up disk partition for nova-local volume group, - which is needed for stx-openstack nova ephemeral disks. - - :: - - export NODE=controller-0 - - echo ">>> Getting root disk info" - ROOT_DISK=$(system host-show ${NODE} | grep rootfs | awk '{print $4}') - ROOT_DISK_UUID=$(system host-disk-list ${NODE} --nowrap | grep ${ROOT_DISK} | awk '{print $2}') - echo "Root disk: $ROOT_DISK, UUID: $ROOT_DISK_UUID" - - echo ">>>> Configuring nova-local" - NOVA_SIZE=34 - NOVA_PARTITION=$(system host-disk-partition-add -t lvm_phys_vol ${NODE} ${ROOT_DISK_UUID} ${NOVA_SIZE}) - NOVA_PARTITION_UUID=$(echo ${NOVA_PARTITION} | grep -ow "| uuid | [a-z0-9\-]* |" | awk '{print $4}') - system host-lvg-add ${NODE} nova-local - system host-pv-add ${NODE} nova-local ${NOVA_PARTITION_UUID} - sleep 2 - -.. incl-config-controller-0-openstack-specific-aio-simplex-end: - -------------------- -Unlock controller-0 -------------------- - -.. incl-unlock-controller-0-aio-simplex-start: - -Unlock controller-0 in order to bring it into service: - -:: - - system host-unlock controller-0 - -Controller-0 will reboot in order to apply configuration changes and come into -service. This can take 5-10 minutes, depending on the performance of the host machine. - -.. note:: - - Once the controller comes back up, check the status of controller-0. It should - now show "unlocked", "enabled", "available" and "provisioned". - -:: - - [sysadmin@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - +----+--------------+-------------+----------------+-------------+--------------+ - [sysadmin@controller-0 ~(keystone_admin)]$ - - =============================================== - [sysadmin@controller-0 ~(keystone_admin)]$ system host-show controller-0 - +-----------------------+------------------------------------------------------------ ----------+ - | Property | Value | - +-----------------------+------------------------------------------------------------ ----------+ - | action | none | - | administrative | unlocked | - | availability | available | - | bm_ip | None | - | bm_type | none | - | bm_username | None - | boot_device | /dev/disk/by-path/pci-0000:00:1f.2-ata-1.0 | - | capabilities | {u'stor_function': u'monitor', u'Personality': u'Controller-Active'} | - | clock_synchronization | ntp | - | config_applied | 03e22d8b-1b1f-4c52-9500-96afad295d9a | - | config_status | None | - | config_target | 03e22d8b-1b1f-4c52-9500-96afad295d9a | - | console | ttyS0,115200 | - | created_at | 2020-03-09T12:34:34.866469+00:00 | - | hostname | controller-0 | - | id | 1 | - | install_output | text | - | install_state | None | - | install_state_info | None | - | inv_state | inventoried | - | invprovision | provisioned | - | location | {} | - | mgmt_ip | 192.168.204.2 | - | mgmt_mac | 00:00:00:00:00:00 | - | operational | enabled | - | personality | controller | - | reserved | False | - | rootfs_device | /dev/disk/by-path/pci-0000:00:1f.2-ata-1.0 | - | serialid | None | - | software_load | 19.12 | - | subfunction_avail | available | - | subfunction_oper | enabled | - | subfunctions | controller,worker | - | task | | - | tboot | false | - | ttys_dcd | None | - | updated_at | 2020-03-09T14:10:42.362846+00:00 | - | uptime | 991 | - | uuid | 66aa842e-84a2-4041-b93e-f0275cde8784 | - | vim_progress_status | services-enabled | - +-----------------------+------------------------------------------------------------ ----------+ - -.. incl-unlock-controller-0-aio-simplex-end: - ----------- -Next steps ----------- - -.. include:: ../kubernetes_install_next.txt diff --git a/doc/source/deploy_install_guides/r3_release/bare_metal/controller_storage.rst b/doc/source/deploy_install_guides/r3_release/bare_metal/controller_storage.rst deleted file mode 100644 index 3478944cc..000000000 --- a/doc/source/deploy_install_guides/r3_release/bare_metal/controller_storage.rst +++ /dev/null @@ -1,22 +0,0 @@ -============================================================= -Bare metal Standard with Controller Storage Installation R3.0 -============================================================= - --------- -Overview --------- - -.. include:: ../desc_controller_storage.txt - -.. include:: ../ipv6_note.txt - - ------------- -Installation ------------- - -.. toctree:: - :maxdepth: 1 - - controller_storage_hardware - controller_storage_install_kubernetes diff --git a/doc/source/deploy_install_guides/r3_release/bare_metal/controller_storage_hardware.rst b/doc/source/deploy_install_guides/r3_release/bare_metal/controller_storage_hardware.rst deleted file mode 100644 index 06567788b..000000000 --- a/doc/source/deploy_install_guides/r3_release/bare_metal/controller_storage_hardware.rst +++ /dev/null @@ -1,56 +0,0 @@ -===================== -Hardware Requirements -===================== - -This section describes the hardware requirements and server preparation for a -**StarlingX R3.0 bare metal Standard with Controller Storage** deployment -configuration. - -.. contents:: - :local: - :depth: 1 - ------------------------------ -Minimum hardware requirements ------------------------------ - -The recommended minimum hardware requirements for bare metal servers for various -host types are: - -+-------------------------+-----------------------------+-----------------------------+ -| Minimum Requirement | Controller Node | Worker Node | -+=========================+=============================+=============================+ -| Number of servers | 2 | 2-10 | -+-------------------------+-----------------------------+-----------------------------+ -| Minimum processor class | - Dual-CPU Intel® Xeon® E5 26xx family (SandyBridge) | -| | 8 cores/socket | -+-------------------------+-----------------------------+-----------------------------+ -| Minimum memory | 64 GB | 32 GB | -+-------------------------+-----------------------------+-----------------------------+ -| Primary disk | 500 GB SSD or NVMe (see | 120 GB (Minimum 10k RPM) | -| | :doc:`../../nvme_config`) | | -+-------------------------+-----------------------------+-----------------------------+ -| Additional disks | - 1 or more 500 GB (min. | - For OpenStack, recommend | -| | 10K RPM) for Ceph OSD | 1 or more 500 GB (min. | -| | - Recommended, but not | 10K RPM) for VM local | -| | required: 1 or more SSDs | ephemeral storage | -| | or NVMe drives for Ceph | | -| | journals (min. 1024 MiB | | -| | per OSD journal) | | -+-------------------------+-----------------------------+-----------------------------+ -| Minimum network ports | - Mgmt/Cluster: 1x10GE | - Mgmt/Cluster: 1x10GE | -| | - OAM: 1x1GE | - Data: 1 or more x 10GE | -+-------------------------+-----------------------------+-----------------------------+ -| BIOS settings | - Hyper-Threading technology enabled | -| | - Virtualization technology enabled | -| | - VT for directed I/O enabled | -| | - CPU power and performance policy set to performance | -| | - CPU C state control disabled | -| | - Plug & play BMC detection disabled | -+-------------------------+-----------------------------+-----------------------------+ - --------------------------- -Prepare bare metal servers --------------------------- - -.. include:: prep_servers.txt \ No newline at end of file diff --git a/doc/source/deploy_install_guides/r3_release/bare_metal/controller_storage_install_kubernetes.rst b/doc/source/deploy_install_guides/r3_release/bare_metal/controller_storage_install_kubernetes.rst deleted file mode 100644 index 31a8dfde5..000000000 --- a/doc/source/deploy_install_guides/r3_release/bare_metal/controller_storage_install_kubernetes.rst +++ /dev/null @@ -1,773 +0,0 @@ -=========================================================================== -Install StarlingX Kubernetes on Bare Metal Standard with Controller Storage -=========================================================================== - -This section describes the steps to install the StarlingX Kubernetes platform -on a **StarlingX R3.0 bare metal Standard with Controller Storage** deployment -configuration. - -.. contents:: - :local: - :depth: 1 - -------------------- -Create bootable USB -------------------- - -Refer to :doc:`/deploy_install_guides/bootable_usb` for instructions on how to -create a bootable USB with the StarlingX ISO on your system. - --------------------------------- -Install software on controller-0 --------------------------------- - -.. incl-install-software-controller-0-standard-start: - -#. Insert the bootable USB into a bootable USB port on the host you are - configuring as controller-0. - -#. Power on the host. - -#. Attach to a console, ensure the host boots from the USB, and wait for the - StarlingX Installer Menus. - -#. Make the following menu selections in the installer: - - #. First menu: Select 'Standard Controller Configuration'. - #. Second menu: Select 'Graphical Console' or 'Serial Console' depending on - your terminal access to the console port. - - .. figure:: ../figures/starlingx-standard-controller-configuration.png - :scale: 47% - :alt: starlingx-controller-configuration - - *Figure 1: StarlingX Controller Configuration* - - - .. figure:: ../figures/starlingx-aio-serial-console.png - :alt: starlingx--serial-console - - *Figure 2: StarlingX Serial Console* - - Wait for non-interactive install of software to complete and server to reboot. - This can take 5-10 minutes, depending on the performance of the server. - -.. incl-install-software-controller-0-standard-end: - --------------------------------- -Bootstrap system on controller-0 --------------------------------- - -.. incl-bootstrap-sys-controller-0-standard-start: - -#. Login using the username / password of "sysadmin" / "sysadmin". - - When logging in for the first time, you will be forced to change the password. - - :: - - Login: sysadmin - Password: - Changing password for sysadmin. - (current) UNIX Password: sysadmin - New Password: - (repeat) New Password: - -#. Verify and/or configure IP connectivity. - - External connectivity is required to run the Ansible bootstrap playbook. The - StarlingX boot image will DHCP out all interfaces so the server may have - obtained an IP address and have external IP connectivity if a DHCP server is - present in your environment. Verify this using the :command:`ip addr` and - :command:`ping 8.8.8.8` commands. - - Otherwise, manually configure an IP address and default IP route. Use the - PORT, IP-ADDRESS/SUBNET-LENGTH and GATEWAY-IP-ADDRESS applicable to your - deployment environment. - - :: - - sudo ip address add / dev - sudo ip link set up dev - sudo ip route add default via dev - ping 8.8.8.8 - -#. Specify user configuration overrides for the Ansible bootstrap playbook. - - Ansible is used to bootstrap StarlingX on controller-0. Key files for Ansible - configuration are: - - ``/etc/ansible/hosts`` - The default Ansible inventory file. Contains a single host: localhost. - - ``/usr/share/ansible/stx-ansible/playbooks/bootstrap.yml`` - The Ansible bootstrap playbook. - - ``/usr/share/ansible/stx-ansible/playbooks/host_vars/bootstrap/default.yml`` - The default configuration values for the bootstrap playbook. - - ``sysadmin home directory ($HOME)`` - The default location where Ansible looks for and imports user - configuration override files for hosts. For example: ``$HOME/.yml``. - - .. include:: ../ansible_install_time_only.txt - - Specify the user configuration override file for the Ansible bootstrap - playbook using one of the following methods: - - #. Use a copy of the default.yml file listed above to provide your overrides. - - The default.yml file lists all available parameters for bootstrap - configuration with a brief description for each parameter in the file comments. - - To use this method, copy the default.yml file listed above to - ``$HOME/localhost.yml`` and edit the configurable values as desired. - - #. Create a minimal user configuration override file. - - To use this method, create your override file at ``$HOME/localhost.yml`` - and provide the minimum required parameters for the deployment configuration - as shown in the example below. Use the OAM IP SUBNET and IP ADDRESSing - applicable to your deployment environment. - - :: - - cd ~ - cat < localhost.yml - system_mode: duplex - - dns_servers: - - 8.8.8.8 - - 8.8.4.4 - - external_oam_subnet: / - external_oam_gateway_address: - external_oam_floating_address: - external_oam_node_0_address: - external_oam_node_1_address: - - admin_username: admin - admin_password: - ansible_become_pass: - - # Add these lines to configure Docker to use a proxy server - # docker_http_proxy: http://my.proxy.com:1080 - # docker_https_proxy: https://my.proxy.com:1443 - # docker_no_proxy: - # - 1.2.3.4 - - EOF - - Refer to :doc:`/deploy_install_guides/r3_release/ansible_bootstrap_configs` - for information on additional Ansible bootstrap configurations for advanced - Ansible bootstrap scenarios, such as Docker proxies when deploying behind a - firewall, etc. Refer to :doc:`/../../configuration/docker_proxy_config` for - details about Docker proxy settings. - -#. Run the Ansible bootstrap playbook: - - :: - - ansible-playbook /usr/share/ansible/stx-ansible/playbooks/bootstrap.yml - - Wait for Ansible bootstrap playbook to complete. - This can take 5-10 minutes, depending on the performance of the host machine. - - The image below shows a typical successful run. - - .. figure:: ../figures/starlingx-release3-ansible-bootstrap-simplex.png - :alt: ansible bootstrap install screen - :width: 800 - - *Figure 3: StarlingX Ansible Bootstrap* - -.. incl-bootstrap-sys-controller-0-standard-end: - - ----------------------- -Configure controller-0 ----------------------- - -.. incl-config-controller-0-storage-start: - -#. Acquire admin credentials: - - :: - - source /etc/platform/openrc - -#. Configure the OAM and MGMT interfaces of controller-0 and specify the - attached networks. Use the OAM and MGMT port names, for example eth0, that are - applicable to your deployment environment. - - :: - - OAM_IF= - MGMT_IF= - system host-if-modify controller-0 lo -c none - IFNET_UUIDS=$(system interface-network-list controller-0 | awk '{if ($6=="lo") print $4;}') - for UUID in $IFNET_UUIDS; do - system interface-network-remove ${UUID} - done - system host-if-modify controller-0 $OAM_IF -c platform - system interface-network-assign controller-0 $OAM_IF oam - system host-if-modify controller-0 $MGMT_IF -c platform - system interface-network-assign controller-0 $MGMT_IF mgmt - system interface-network-assign controller-0 $MGMT_IF cluster-host - -#. Configure NTP Servers for network time synchronization: - - :: - - system ntp-modify ntpservers=0.pool.ntp.org,1.pool.ntp.org - -#. If required, and not already done as part of bootstrap, configure Docker to - use a proxy server. - - #. List Docker proxy parameters: - - :: - - system service-parameter-list platform docker - - #. Refer to :doc:`/../../configuration/docker_proxy_config` for - details about Docker proxy settings. - -************************************* -OpenStack-specific host configuration -************************************* - -.. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - -#. **For OpenStack only:** Assign OpenStack host labels to controller-0 in - support of installing the stx-openstack manifest and helm-charts later. - - :: - - system host-label-assign controller-0 openstack-control-plane=enabled - -#. **For OpenStack only:** Configure the system setting for the vSwitch. - - StarlingX has OVS (kernel-based) vSwitch configured as default: - - * Runs in a container; defined within the helm charts of stx-openstack - manifest. - * Shares the core(s) assigned to the platform. - - If you require better performance, OVS-DPDK (OVS with the Data Plane - Development Kit, which is supported only on bare metal hardware) should be - used: - - * Runs directly on the host (it is not containerized). - * Requires that at least 1 core be assigned/dedicated to the vSwitch function. - - To deploy the default containerized OVS: - - :: - - system modify --vswitch_type none - - Do not run any vSwitch directly on the host, instead, use the containerized - OVS defined in the helm charts of stx-openstack manifest. - - To deploy OVS-DPDK, run the following command: - - :: - - system modify --vswitch_type ovs-dpdk - system host-cpu-modify -f vswitch -p0 1 controller-0 - - Once vswitch_type is set to OVS-DPDK, any subsequent nodes created will - default to automatically assigning 1 vSwitch core for AIO controllers and 2 - vSwitch cores for compute-labeled worker nodes. - - When using OVS-DPDK, configure vSwitch memory per NUMA node with the following - command: - - :: - - system host-memory-modify -f -1G <1G hugepages number> - - For example: - - :: - - system host-memory-modify -f vswitch -1G 1 worker-0 0 - - VMs created in an OVS-DPDK environment must be configured to use huge pages - to enable networking and must use a flavor with property: hw:mem_page_size=large - - Configure the huge pages for VMs in an OVS-DPDK environment with the command: - - :: - - system host-memory-modify -1G <1G hugepages number> - - For example: - - :: - - system host-memory-modify worker-0 0 -1G 10 - - .. note:: - - After controller-0 is unlocked, changing vswitch_type requires - locking and unlocking all compute-labeled worker nodes (and/or AIO - controllers) to apply the change. - -.. incl-config-controller-0-storage-end: - -------------------- -Unlock controller-0 -------------------- - -.. incl-unlock-controller-0-storage-start: - -Unlock controller-0 in order to bring it into service: - -:: - - system host-unlock controller-0 - -Controller-0 will reboot in order to apply configuration changes and come into -service. This can take 5-10 minutes, depending on the performance of the host machine. - -.. note:: - - Once the controller comes back up, check the status of controller-0. It should - now show "unlocked", "enabled", "available" and "provisioned". - -:: - - [sysadmin@controller-0 ~(keystone_admin)]$ system host-show controller-0 - +-----------------------+----------------------------------------------------------------------+ - | Property | Value | - +-----------------------+----------------------------------------------------------------------+ - | action | none | - | administrative | unlocked | - | availability | available | - | bm_ip | None | - | bm_type | none | - | bm_username | None | - | boot_device | /dev/disk/by-path/pci-0000:00:17.0-ata-1.0 | - | capabilities | {u'stor_function': u'monitor', u'Personality': u'Controller-Active'} | - | clock_synchronization | ntp | - | config_applied | 4bb28c10-7546-49be-8cf9-afc82fccf6fb | - | config_status | None | - | config_target | 4bb28c10-7546-49be-8cf9-afc82fccf6fb | - | console | ttyS0,115200 | - | created_at | 2020-04-22T06:03:45.823265+00:00 | - | hostname | controller-0 | - | id | 1 | - | install_output | text | - | install_state | None | - | install_state_info | None | - | inv_state | inventoried | - | invprovision | provisioned | - | location | {} | - | mgmt_ip | 10.10.54.11 | - | mgmt_mac | a4:bf:01:54:97:96 | - | operational | enabled | - | personality | controller | - | reserved | False | - | rootfs_device | /dev/disk/by-path/pci-0000:00:17.0-ata-1.0 | - | serialid | None | - | software_load | 20.01 | - | task | | - | tboot | false | - | ttys_dcd | None | - | updated_at | 2020-04-22T10:36:37.034403+00:00 | - | uptime | 15224 | - | uuid | 770f6596-f631-489b-83c0-e64099748243 | - | vim_progress_status | services-enabled | - +-----------------------+----------------------------------------------------------------------+ - -.. incl-unlock-controller-0-storage-end: - -------------------------------------------------- -Install software on controller-1 and worker nodes -------------------------------------------------- - -#. Power on the controller-1 server and force it to network boot with the - appropriate BIOS boot options for your particular server. - -#. As controller-1 boots, a message appears on its console instructing you to - configure the personality of the node. - -#. On the console of controller-0, list hosts to see newly discovered controller-1 - host (hostname=None): - - :: - - system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | None | None | locked | disabled | offline | - +----+--------------+-------------+----------------+-------------+--------------+ - -#. Using the host id, set the personality of this host to 'controller': - - :: - - system host-update 2 personality=controller - - This initiates the install of software on controller-1. - This can take 5-10 minutes, depending on the performance of the host machine. - -#. While waiting for the previous step to complete, power on the worker nodes. - Set the personality to 'worker' and assign a unique hostname for each. - - For example, power on worker-0 and wait for the new host (hostname=None) to - be discovered by checking 'system host-list': - - :: - - system host-update 3 personality=worker hostname=worker-0 - - Repeat for worker-1. Power on worker-1 and wait for the new host (hostname=None) to - be discovered by checking 'system host-list': - - :: - - system host-update 4 personality=worker hostname=worker-1 - -#. Wait for the software installation on controller-1, worker-0, and worker-1 to - complete, for all servers to reboot, and for all to show as locked/disabled/online in - 'system host-list'. - - :: - - system host-list - - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-1 | controller | locked | disabled | online | - | 3 | worker-0 | worker | locked | disabled | online | - | 4 | worker-1 | worker | locked | disabled | online | - +----+--------------+-------------+----------------+-------------+--------------+ - ----------------------- -Configure controller-1 ----------------------- - -.. incl-config-controller-1-start: - -Configure the OAM and MGMT interfaces of controller-1 and specify the attached -networks. Use the OAM and MGMT port names, for example eth0, that are applicable -to your deployment environment. - -(Note that the MGMT interface is partially set up automatically by the network -install procedure.) - -:: - - OAM_IF= - MGMT_IF= - system host-if-modify controller-1 $OAM_IF -c platform - system interface-network-assign controller-1 $OAM_IF oam - system interface-network-assign controller-1 $MGMT_IF cluster-host - -************************************* -OpenStack-specific host configuration -************************************* - -.. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - -**For OpenStack only:** Assign OpenStack host labels to controller-1 in support -of installing the stx-openstack manifest and helm-charts later. - -:: - - system host-label-assign controller-1 openstack-control-plane=enabled - -.. incl-config-controller-1-end: - -------------------- -Unlock controller-1 -------------------- - -.. incl-unlock-controller-1-start: - -Unlock controller-1 in order to bring it into service: - -:: - - system host-unlock controller-1 - -Controller-1 will reboot in order to apply configuration changes and come into -service. This can take 5-10 minutes, depending on the performance of the host -machine. - -:: - - [sysadmin@controller-0 ~(keystone_admin)]$ system host-show controller-1 - +-----------------------+-----------------------------------------------------------------------+ - | Property | Value | - +-----------------------+-----------------------------------------------------------------------+ - | action | none | - | administrative | unlocked | - | availability | available | - | bm_ip | None | - | bm_type | none | - | bm_username | None | - | boot_device | /dev/sda | - | capabilities | {u'stor_function': u'monitor', u'Personality': u'Controller-Standby'} | - | clock_synchronization | ntp | - | config_applied | 4bb28c10-7546-49be-8cf9-afc82fccf6fb | - | config_status | None | - | config_target | 4bb28c10-7546-49be-8cf9-afc82fccf6fb | - | console | ttyS0,115200 | - | created_at | 2020-04-22T06:45:14.914066+00:00 | - | hostname | controller-1 | - | id | 4 | - | install_output | text | - | install_state | completed | - | install_state_info | None | - | inv_state | inventoried | - | invprovision | provisioned | - | location | {} | - | mgmt_ip | 10.10.54.12 | - | mgmt_mac | a4:bf:01:55:05:eb | - | operational | enabled | - | personality | controller | - | reserved | False | - | rootfs_device | /dev/sda | - | serialid | None | - | software_load | 20.01 | - | task | | - | tboot | false | - | ttys_dcd | None | - | updated_at | 2020-04-22T10:37:11.563565+00:00 | - | uptime | 1611 | - | uuid | c296480a-3303-4e1a-a131-178a0d7d5a6d | - | vim_progress_status | services-enabled | - +-----------------------+-----------------------------------------------------------------------+ - -.. incl-unlock-controller-1-end: - ----------------------- -Configure worker nodes ----------------------- - -#. Add the third Ceph monitor to a worker node: - - (The first two Ceph monitors are automatically assigned to controller-0 and - controller-1.) - - :: - - system ceph-mon-add worker-0 - -#. Wait for the worker node monitor to complete configuration: - - :: - - system ceph-mon-list - +--------------------------------------+-------+--------------+------------+------+ - | uuid | ceph_ | hostname | state | task | - | | mon_g | | | | - | | ib | | | | - +--------------------------------------+-------+--------------+------------+------+ - | 64176b6c-e284-4485-bb2a-115dee215279 | 20 | controller-1 | configured | None | - | a9ca151b-7f2c-4551-8167-035d49e2df8c | 20 | controller-0 | configured | None | - | f76bc385-190c-4d9a-aa0f-107346a9907b | 20 | worker-0 | configured | None | - +--------------------------------------+-------+--------------+------------+------+ - -#. Assign the cluster-host network to the MGMT interface for the worker nodes: - - (Note that the MGMT interfaces are partially set up automatically by the - network install procedure.) - - :: - - for NODE in worker-0 worker-1; do - system interface-network-assign $NODE mgmt0 cluster-host - done - -#. Configure data interfaces for worker nodes. Use the DATA port names, for - example eth0, that are applicable to your deployment environment. - - .. important:: - - This step is **required** for OpenStack. - - This step is optional for Kubernetes: Do this step if using SRIOV network - attachments in hosted application containers. - - For Kubernetes SRIOV network attachments: - - * Configure SRIOV device plug in: - - :: - - for NODE in worker-0 worker-1; do - system host-label-assign ${NODE} sriovdp=enabled - done - - * If planning on running DPDK in containers on this host, configure the number - of 1G Huge pages required on both NUMA nodes: - - :: - - for NODE in worker-0 worker-1; do - system host-memory-modify ${NODE} 0 -1G 100 - system host-memory-modify ${NODE} 1 -1G 100 - done - - For both Kubernetes and OpenStack: - - :: - - DATA0IF= - DATA1IF= - PHYSNET0='physnet0' - PHYSNET1='physnet1' - SPL=/tmp/tmp-system-port-list - SPIL=/tmp/tmp-system-host-if-list - - # configure the datanetworks in sysinv, prior to referencing it - # in the ``system host-if-modify`` command'. - system datanetwork-add ${PHYSNET0} vlan - system datanetwork-add ${PHYSNET1} vlan - - for NODE in worker-0 worker-1; do - echo "Configuring interface for: $NODE" - set -ex - system host-port-list ${NODE} --nowrap > ${SPL} - system host-if-list -a ${NODE} --nowrap > ${SPIL} - DATA0PCIADDR=$(cat $SPL | grep $DATA0IF |awk '{print $8}') - DATA1PCIADDR=$(cat $SPL | grep $DATA1IF |awk '{print $8}') - DATA0PORTUUID=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $2}') - DATA1PORTUUID=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $2}') - DATA0PORTNAME=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $4}') - DATA1PORTNAME=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $4}') - DATA0IFUUID=$(cat $SPIL | awk -v DATA0PORTNAME=$DATA0PORTNAME '($12 ~ DATA0PORTNAME) {print $2}') - DATA1IFUUID=$(cat $SPIL | awk -v DATA1PORTNAME=$DATA1PORTNAME '($12 ~ DATA1PORTNAME) {print $2}') - system host-if-modify -m 1500 -n data0 -c data ${NODE} ${DATA0IFUUID} - system host-if-modify -m 1500 -n data1 -c data ${NODE} ${DATA1IFUUID} - system interface-datanetwork-assign ${NODE} ${DATA0IFUUID} ${PHYSNET0} - system interface-datanetwork-assign ${NODE} ${DATA1IFUUID} ${PHYSNET1} - set +ex - done - -************************************* -OpenStack-specific host configuration -************************************* - -.. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - -#. **For OpenStack only:** Assign OpenStack host labels to the worker nodes in - support of installing the stx-openstack manifest and helm-charts later. - - :: - - for NODE in worker-0 worker-1; do - system host-label-assign $NODE openstack-compute-node=enabled - system host-label-assign $NODE openvswitch=enabled - system host-label-assign $NODE sriov=enabled - done - -#. **For OpenStack only:** Set up disk partition for nova-local volume group, - which is needed for stx-openstack nova ephemeral disks. - - :: - - for NODE in worker-0 worker-1; do - echo "Configuring Nova local for: $NODE" - ROOT_DISK=$(system host-show ${NODE} | grep rootfs | awk '{print $4}') - ROOT_DISK_UUID=$(system host-disk-list ${NODE} --nowrap | grep ${ROOT_DISK} | awk '{print $2}') - PARTITION_SIZE=10 - NOVA_PARTITION=$(system host-disk-partition-add -t lvm_phys_vol ${NODE} ${ROOT_DISK_UUID} ${PARTITION_SIZE}) - NOVA_PARTITION_UUID=$(echo ${NOVA_PARTITION} | grep -ow "| uuid | [a-z0-9\-]* |" | awk '{print $4}') - system host-lvg-add ${NODE} nova-local - system host-pv-add ${NODE} nova-local ${NOVA_PARTITION_UUID} - done - --------------------- -Unlock worker nodes --------------------- - -.. incl-unlock-worker-baremetal-start: - -Unlock worker nodes in order to bring them into service: - -:: - - for NODE in worker-0 worker-1; do - system host-unlock $NODE - done - -The worker nodes will reboot in order to apply configuration changes and come into -service. This can take 5-10 minutes, depending on the performance of the host machine. - -.. incl-unlock-worker-baremetal-end: - ----------------------------- -Add Ceph OSDs to controllers ----------------------------- - -#. Add OSDs to controller-0. The following example adds OSDs to the `sdb` disk: - - :: - - HOST=controller-0 - DISKS=$(system host-disk-list ${HOST}) - TIERS=$(system storage-tier-list ceph_cluster) - OSDs="/dev/sdb" - for OSD in $OSDs; do - system host-stor-add ${HOST} $(echo "$DISKS" | grep "$OSD" | awk '{print $2}') --tier-uuid $(echo "$TIERS" | grep storage | awk '{print $2}') - while true; do system host-stor-list ${HOST} | grep ${OSD} | grep configuring; if [ $? -ne 0 ]; then break; fi; sleep 1; done - done - - system host-stor-list $HOST - -#. Add OSDs to controller-1. The following example adds OSDs to the `sdb` disk: - - :: - - HOST=controller-1 - DISKS=$(system host-disk-list ${HOST}) - TIERS=$(system storage-tier-list ceph_cluster) - OSDs="/dev/sdb" - for OSD in $OSDs; do - system host-stor-add ${HOST} $(echo "$DISKS" | grep "$OSD" | awk '{print $2}') --tier-uuid $(echo "$TIERS" | grep storage | awk '{print $2}') - while true; do system host-stor-list ${HOST} | grep ${OSD} | grep configuring; if [ $? -ne 0 ]; then break; fi; sleep 1; done - done - - system host-stor-list $HOST - -.. note:: - - Check the status of the controller and worker nodes. It should - now show "unlocked", "enabled" and "available". - -:: - - [sysadmin@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | compute-0 | worker | unlocked | enabled | available | - | 3 | compute-1 | worker | unlocked | enabled | available | - | 4 | controller-1 | controller | unlocked | enabled | available | - +----+--------------+-------------+----------------+-------------+--------------+ - ----------- -Next steps ----------- - -.. include:: ../kubernetes_install_next.txt diff --git a/doc/source/deploy_install_guides/r3_release/bare_metal/dedicated_storage.rst b/doc/source/deploy_install_guides/r3_release/bare_metal/dedicated_storage.rst deleted file mode 100644 index 5a68c592b..000000000 --- a/doc/source/deploy_install_guides/r3_release/bare_metal/dedicated_storage.rst +++ /dev/null @@ -1,22 +0,0 @@ - -============================================================ -Bare metal Standard with Dedicated Storage Installation R3.0 -============================================================ - --------- -Overview --------- - -.. include:: ../desc_dedicated_storage.txt - -.. include:: ../ipv6_note.txt - ------------- -Installation ------------- - -.. toctree:: - :maxdepth: 1 - - dedicated_storage_hardware - dedicated_storage_install_kubernetes diff --git a/doc/source/deploy_install_guides/r3_release/bare_metal/dedicated_storage_hardware.rst b/doc/source/deploy_install_guides/r3_release/bare_metal/dedicated_storage_hardware.rst deleted file mode 100644 index 22280ecc1..000000000 --- a/doc/source/deploy_install_guides/r3_release/bare_metal/dedicated_storage_hardware.rst +++ /dev/null @@ -1,61 +0,0 @@ -===================== -Hardware Requirements -===================== - -This section describes the hardware requirements and server preparation for a -**StarlingX R3.0 bare metal Standard with Dedicated Storage** deployment -configuration. - -.. contents:: - :local: - :depth: 1 - ------------------------------ -Minimum hardware requirements ------------------------------ - -The recommended minimum hardware requirements for bare metal servers for various -host types are: - -+---------------------+---------------------------+-----------------------+-----------------------+ -| Minimum Requirement | Controller Node | Storage Node | Worker Node | -+=====================+===========================+=======================+=======================+ -| Number of servers | 2 | 2-9 | 2-100 | -+---------------------+---------------------------+-----------------------+-----------------------+ -| Minimum processor | Dual-CPU Intel® Xeon® E5 26xx family (SandyBridge) 8 cores/socket | -| class | | -+---------------------+---------------------------+-----------------------+-----------------------+ -| Minimum memory | 64 GB | 64 GB | 32 GB | -+---------------------+---------------------------+-----------------------+-----------------------+ -| Primary disk | 500 GB SSD or NVMe (see | 120 GB (min. 10k RPM) | 120 GB (min. 10k RPM) | -| | :doc:`../../nvme_config`) | | | -+---------------------+---------------------------+-----------------------+-----------------------+ -| Additional disks | None | - 1 or more 500 GB | - For OpenStack, | -| | | (min. 10K RPM) for | recommend 1 or more | -| | | Ceph OSD | 500 GB (min. 10K | -| | | - Recommended, but | RPM) for VM | -| | | not required: 1 or | ephemeral storage | -| | | more SSDs or NVMe | | -| | | drives for Ceph | | -| | | journals (min. 1024 | | -| | | MiB per OSD | | -| | | journal) | | -+---------------------+---------------------------+-----------------------+-----------------------+ -| Minimum network | - Mgmt/Cluster: | - Mgmt/Cluster: | - Mgmt/Cluster: | -| ports | 1x10GE | 1x10GE | 1x10GE | -| | - OAM: 1x1GE | | - Data: 1 or more | -| | | | x 10GE | -+---------------------+---------------------------+-----------------------+-----------------------+ -| BIOS settings | - Hyper-Threading technology enabled | -| | - Virtualization technology enabled | -| | - VT for directed I/O enabled | -| | - CPU power and performance policy set to performance | -| | - CPU C state control disabled | -| | - Plug & play BMC detection disabled | -+---------------------+---------------------------+-----------------------+-----------------------+ - --------------------------- -Prepare bare metal servers --------------------------- - -.. include:: prep_servers.txt \ No newline at end of file diff --git a/doc/source/deploy_install_guides/r3_release/bare_metal/dedicated_storage_install_kubernetes.rst b/doc/source/deploy_install_guides/r3_release/bare_metal/dedicated_storage_install_kubernetes.rst deleted file mode 100644 index 7ea0bdbcd..000000000 --- a/doc/source/deploy_install_guides/r3_release/bare_metal/dedicated_storage_install_kubernetes.rst +++ /dev/null @@ -1,367 +0,0 @@ -========================================================================== -Install StarlingX Kubernetes on Bare Metal Standard with Dedicated Storage -========================================================================== - -This section describes the steps to install the StarlingX Kubernetes platform -on a **StarlingX R3.0 bare metal Standard with Dedicated Storage** deployment -configuration. - -.. contents:: - :local: - :depth: 1 - -------------------- -Create bootable USB -------------------- - -Refer to :doc:`/deploy_install_guides/bootable_usb` for instructions on how to -create a bootable USB with the StarlingX ISO on your system. - --------------------------------- -Install software on controller-0 --------------------------------- - -.. include:: controller_storage_install_kubernetes.rst - :start-after: incl-install-software-controller-0-standard-start: - :end-before: incl-install-software-controller-0-standard-end: - --------------------------------- -Bootstrap system on controller-0 --------------------------------- - -.. include:: controller_storage_install_kubernetes.rst - :start-after: incl-bootstrap-sys-controller-0-standard-start: - :end-before: incl-bootstrap-sys-controller-0-standard-end: - ----------------------- -Configure controller-0 ----------------------- - -.. include:: controller_storage_install_kubernetes.rst - :start-after: incl-config-controller-0-storage-start: - :end-before: incl-config-controller-0-storage-end: - -------------------- -Unlock controller-0 -------------------- - -.. include:: controller_storage_install_kubernetes.rst - :start-after: incl-unlock-controller-0-storage-start: - :end-before: incl-unlock-controller-0-storage-end: - ------------------------------------------------------------------ -Install software on controller-1, storage nodes, and worker nodes ------------------------------------------------------------------ - -#. Power on the controller-1 server and force it to network boot with the - appropriate BIOS boot options for your particular server. - -#. As controller-1 boots, a message appears on its console instructing you to - configure the personality of the node. - -#. On the console of controller-0, list hosts to see newly discovered - controller-1 host (hostname=None): - - :: - - system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | None | None | locked | disabled | offline | - +----+--------------+-------------+----------------+-------------+--------------+ - -#. Using the host id, set the personality of this host to 'controller': - - :: - - system host-update 2 personality=controller - - This initiates the install of software on controller-1. - This can take 5-10 minutes, depending on the performance of the host machine. - -#. While waiting for the previous step to complete, power on the storage-0 and - storage-1 servers. Set the personality to 'storage' and assign a unique - hostname for each. - - For example, power on storage-0 and wait for the new host (hostname=None) to - be discovered by checking 'system host-list': - - :: - - system host-update 3 personality=storage - - Repeat for storage-1. Power on storage-1 and wait for the new host - (hostname=None) to be discovered by checking 'system host-list': - - :: - - system host-update 4 personality=storage - - This initiates the software installation on storage-0 and storage-1. - This can take 5-10 minutes, depending on the performance of the host machine. - -#. While waiting for the previous step to complete, power on the worker nodes. - Set the personality to 'worker' and assign a unique hostname for each. - - For example, power on worker-0 and wait for the new host (hostname=None) to - be discovered by checking 'system host-list': - - :: - - system host-update 5 personality=worker hostname=worker-0 - - Repeat for worker-1. Power on worker-1 and wait for the new host - (hostname=None) to be discovered by checking 'system host-list': - - :: - - system host-update 6 personality=worker hostname=worker-1 - - This initiates the install of software on worker-0 and worker-1. - -#. Wait for the software installation on controller-1, storage-0, storage-1, - worker-0, and worker-1 to complete, for all servers to reboot, and for all to - show as locked/disabled/online in 'system host-list'. - - :: - - system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | controller-1 | controller | locked | disabled | online | - | 3 | storage-0 | storage | locked | disabled | online | - | 4 | storage-1 | storage | locked | disabled | online | - | 5 | worker-0 | worker | locked | disabled | online | - | 6 | worker-1 | worker | locked | disabled | online | - +----+--------------+-------------+----------------+-------------+--------------+ - ----------------------- -Configure controller-1 ----------------------- - -.. include:: controller_storage_install_kubernetes.rst - :start-after: incl-config-controller-1-start: - :end-before: incl-config-controller-1-end: - -------------------- -Unlock controller-1 -------------------- - -.. include:: controller_storage_install_kubernetes.rst - :start-after: incl-unlock-controller-1-start: - :end-before: incl-unlock-controller-1-end: - ------------------------ -Configure storage nodes ------------------------ - -#. Assign the cluster-host network to the MGMT interface for the storage nodes: - - (Note that the MGMT interfaces are partially set up automatically by the - network install procedure.) - - :: - - for NODE in storage-0 storage-1; do - system interface-network-assign $NODE mgmt0 cluster-host - done - -#. Add OSDs to storage-0. The following example adds OSDs to the `sdb` disk: - - :: - - HOST=storage-0 - DISKS=$(system host-disk-list ${HOST}) - TIERS=$(system storage-tier-list ceph_cluster) - OSDs="/dev/sdb" - for OSD in $OSDs; do - system host-stor-add ${HOST} $(echo "$DISKS" | grep "$OSD" | awk '{print $2}') --tier-uuid $(echo "$TIERS" | grep storage | awk '{print $2}') - while true; do system host-stor-list ${HOST} | grep ${OSD} | grep configuring; if [ $? -ne 0 ]; then break; fi; sleep 1; done - done - - system host-stor-list $HOST - -#. Add OSDs to storage-1. The following example adds OSDs to the `sdb` disk: - - :: - - HOST=storage-1 - DISKS=$(system host-disk-list ${HOST}) - TIERS=$(system storage-tier-list ceph_cluster) - OSDs="/dev/sdb" - for OSD in $OSDs; do - system host-stor-add ${HOST} $(echo "$DISKS" | grep "$OSD" | awk '{print $2}') --tier-uuid $(echo "$TIERS" | grep storage | awk '{print $2}') - while true; do system host-stor-list ${HOST} | grep ${OSD} | grep configuring; if [ $? -ne 0 ]; then break; fi; sleep 1; done - done - - system host-stor-list $HOST - --------------------- -Unlock storage nodes --------------------- - -Unlock storage nodes in order to bring them into service: - -:: - - for STORAGE in storage-0 storage-1; do - system host-unlock $STORAGE - done - -The storage nodes will reboot in order to apply configuration changes and come -into service. This can take 5-10 minutes, depending on the performance of the -host machine. - ----------------------- -Configure worker nodes ----------------------- - -#. Assign the cluster-host network to the MGMT interface for the worker nodes: - - (Note that the MGMT interfaces are partially set up automatically by the - network install procedure.) - - :: - - for NODE in worker-0 worker-1; do - system interface-network-assign $NODE mgmt0 cluster-host - done - -#. Configure data interfaces for worker nodes. Use the DATA port names, for - example eth0, that are applicable to your deployment environment. - - .. important:: - - This step is **required** for OpenStack. - - This step is optional for Kubernetes: Do this step if using SRIOV network - attachments in hosted application containers. - - For Kubernetes SRIOV network attachments: - - * Configure SRIOV device plug in: - - :: - - for NODE in worker-0 worker-1; do - system host-label-assign ${NODE} sriovdp=enabled - done - - * If planning on running DPDK in containers on this host, configure the - number of 1G Huge pages required on both NUMA nodes: - - :: - - for NODE in worker-0 worker-1; do - system host-memory-modify ${NODE} 0 -1G 100 - system host-memory-modify ${NODE} 1 -1G 100 - done - - For both Kubernetes and OpenStack: - - :: - - DATA0IF= - DATA1IF= - PHYSNET0='physnet0' - PHYSNET1='physnet1' - SPL=/tmp/tmp-system-port-list - SPIL=/tmp/tmp-system-host-if-list - - # configure the datanetworks in sysinv, prior to referencing it - # in the ``system host-if-modify`` command'. - system datanetwork-add ${PHYSNET0} vlan - system datanetwork-add ${PHYSNET1} vlan - - for NODE in worker-0 worker-1; do - echo "Configuring interface for: $NODE" - set -ex - system host-port-list ${NODE} --nowrap > ${SPL} - system host-if-list -a ${NODE} --nowrap > ${SPIL} - DATA0PCIADDR=$(cat $SPL | grep $DATA0IF |awk '{print $8}') - DATA1PCIADDR=$(cat $SPL | grep $DATA1IF |awk '{print $8}') - DATA0PORTUUID=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $2}') - DATA1PORTUUID=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $2}') - DATA0PORTNAME=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $4}') - DATA1PORTNAME=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $4}') - DATA0IFUUID=$(cat $SPIL | awk -v DATA0PORTNAME=$DATA0PORTNAME '($12 ~ DATA0PORTNAME) {print $2}') - DATA1IFUUID=$(cat $SPIL | awk -v DATA1PORTNAME=$DATA1PORTNAME '($12 ~ DATA1PORTNAME) {print $2}') - system host-if-modify -m 1500 -n data0 -c data ${NODE} ${DATA0IFUUID} - system host-if-modify -m 1500 -n data1 -c data ${NODE} ${DATA1IFUUID} - system interface-datanetwork-assign ${NODE} ${DATA0IFUUID} ${PHYSNET0} - system interface-datanetwork-assign ${NODE} ${DATA1IFUUID} ${PHYSNET1} - set +ex - done - -************************************* -OpenStack-specific host configuration -************************************* - -.. important:: - - **This step is required only if the StarlingX OpenStack application - (stx-openstack) will be installed.** - -#. **For OpenStack only:** Assign OpenStack host labels to the worker nodes in - support of installing the stx-openstack manifest and helm-charts later. - - :: - - for NODE in worker-0 worker-1; do - system host-label-assign $NODE openstack-compute-node=enabled - system host-label-assign $NODE openvswitch=enabled - system host-label-assign $NODE sriov=enabled - done - -#. **For OpenStack only:** Set up disk partition for nova-local volume group, - which is needed for stx-openstack nova ephemeral disks. - - :: - - for NODE in worker-0 worker-1; do - echo "Configuring Nova local for: $NODE" - ROOT_DISK=$(system host-show ${NODE} | grep rootfs | awk '{print $4}') - ROOT_DISK_UUID=$(system host-disk-list ${NODE} --nowrap | grep ${ROOT_DISK} | awk '{print $2}') - PARTITION_SIZE=10 - NOVA_PARTITION=$(system host-disk-partition-add -t lvm_phys_vol ${NODE} ${ROOT_DISK_UUID} ${PARTITION_SIZE}) - NOVA_PARTITION_UUID=$(echo ${NOVA_PARTITION} | grep -ow "| uuid | [a-z0-9\-]* |" | awk '{print $4}') - system host-lvg-add ${NODE} nova-local - system host-pv-add ${NODE} nova-local ${NOVA_PARTITION_UUID} - done - -------------------- -Unlock worker nodes -------------------- - -.. include:: controller_storage_install_kubernetes.rst - :start-after: incl-unlock-worker-baremetal-start: - :end-before: incl-unlock-worker-baremetal-end: - -.. note:: - - Check the status of the controller, worker and storage nodes. It should - now show "unlocked", "enabled" and "available". - -:: - - [sysadmin@controller-0 ~(keystone_admin)]$ system host-list - +----+--------------+-------------+----------------+-------------+--------------+ - | id | hostname | personality | administrative | operational | availability | - +----+--------------+-------------+----------------+-------------+--------------+ - | 1 | controller-0 | controller | unlocked | enabled | available | - | 2 | compute-0 | worker | unlocked | enabled | available | - | 3 | compute-1 | worker | unlocked | enabled | available | - | 4 | controller-1 | controller | unlocked | enabled | available | - | 5 | storage-0 | storage | unlocked | enabled | available | - | 6 | storage-1 | storage | unlocked | enabled | available | - +----+--------------+-------------+----------------+-------------+--------------+ - ----------- -Next steps ----------- - -.. include:: ../kubernetes_install_next.txt diff --git a/doc/source/deploy_install_guides/r3_release/bare_metal/ironic_hardware.rst b/doc/source/deploy_install_guides/r3_release/bare_metal/ironic_hardware.rst deleted file mode 100644 index 5021666cb..000000000 --- a/doc/source/deploy_install_guides/r3_release/bare_metal/ironic_hardware.rst +++ /dev/null @@ -1,51 +0,0 @@ -===================== -Hardware Requirements -===================== - -This section describes the hardware requirements and server preparation for a -**StarlingX R3.0 bare metal Ironic** deployment configuration. - -.. contents:: - :local: - :depth: 1 - ------------------------------ -Minimum hardware requirements ------------------------------ - -* One or more bare metal hosts as Ironic nodes as well as tenant instance node. - -* BMC support on bare metal host and controller node connectivity to the BMC IP - address of bare metal hosts. - -For controller nodes: - -* Additional NIC port on both controller nodes for connecting to the - ironic-provisioning-net. - -For worker nodes: - -* If using a flat data network for the Ironic provisioning network, an additional - NIC port on one of the worker nodes is required. - -* Alternatively, use a VLAN data network for the Ironic provisioning network and - simply add the new data network to an existing interface on the worker node. - -* Additional switch ports / configuration for new ports on controller, worker, - and Ironic nodes, for connectivity to the Ironic provisioning network. - ------------------------------------ -BMC configuration of Ironic node(s) ------------------------------------ - -Enable BMC and allocate a static IP, username, and password in the BIOS settings. -For example, set: - -IP address - 10.10.10.126 - -username - root - -password - test123 diff --git a/doc/source/deploy_install_guides/r3_release/bare_metal/ironic_install.rst b/doc/source/deploy_install_guides/r3_release/bare_metal/ironic_install.rst deleted file mode 100644 index e9385f30f..000000000 --- a/doc/source/deploy_install_guides/r3_release/bare_metal/ironic_install.rst +++ /dev/null @@ -1,392 +0,0 @@ -================================ -Install Ironic on StarlingX R3.0 -================================ - -This section describes the steps to install Ironic on a standard configuration, -either: - -* **StarlingX R3.0 bare metal Standard with Controller Storage** deployment - configuration - -* **StarlingX R3.0 bare metal Standard with Dedicated Storage** deployment - configuration - -.. contents:: - :local: - :depth: 1 - ---------------------- -Enable Ironic service ---------------------- - -This section describes the pre-configuration required to enable the Ironic service. -All the commands in this section are for the StarlingX platform. - -First acquire administrative privileges: - -:: - - source /etc/platform/openrc - -******************************** -Download Ironic deployment image -******************************** - -The Ironic service requires a deployment image (kernel and ramdisk) which is -used to clean Ironic nodes and install the end-user's image. The cleaning done -by the deployment image wipes the disks and tests connectivity to the Ironic -conductor on the controller nodes via the Ironic Python Agent (IPA). - -The Ironic deployment Stein image (**Ironic-kernel** and **Ironic-ramdisk**) -can be found here: - -* `Ironic-kernel coreos_production_pxe-stable-stein.vmlinuz - `__ -* `Ironic-ramdisk coreos_production_pxe_image-oem-stable-stein.cpio.gz - `__ - - -******************************************************* -Configure Ironic network on deployed standard StarlingX -******************************************************* - -#. Add an address pool for the Ironic network. This example uses `ironic-pool`: - - :: - - system addrpool-add --ranges 10.10.20.1-10.10.20.100 ironic-pool 10.10.20.0 24 - -#. Add the Ironic platform network. This example uses `ironic-net`: - - :: - - system addrpool-list | grep ironic-pool | awk '{print$2}' | xargs system network-add ironic-net ironic false - -#. Add the Ironic tenant network. This example uses `ironic-data`: - - .. note:: - - The tenant network is not the same as the platform network described in - the previous step. You can specify any name for the tenant network other - than ‘ironic’. If the name 'ironic' is used, a user override must be - generated to indicate the tenant network name. - - Refer to section `Generate user Helm overrides`_ for details. - - :: - - system datanetwork-add ironic-data flat - -#. Configure the new interfaces (for Ironic) on controller nodes and assign - them to the platform network. Host must be locked. This example uses the - platform network `ironic-net` that was named in a previous step. - - These new interfaces to the controllers are used to connect to the Ironic - provisioning network: - - **controller-0** - - :: - - system interface-network-assign controller-0 enp2s0 ironic-net - system host-if-modify -n ironic -c platform \ - --ipv4-mode static --ipv4-pool ironic-pool controller-0 enp2s0 - - # Apply the OpenStack Ironic node labels - system host-label-assign controller-0 openstack-ironic=enabled - - # Unlock the node to apply changes - system host-unlock controller-0 - - - **controller-1** - - :: - - system interface-network-assign controller-1 enp2s0 ironic-net - system host-if-modify -n ironic -c platform \ - --ipv4-mode static --ipv4-pool ironic-pool controller-1 enp2s0 - - # Apply the OpenStack Ironic node labels - system host-label-assign controller-1 openstack-ironic=enabled - - # Unlock the node to apply changes - system host-unlock controller-1 - -#. Configure the new interface (for Ironic) on one of the compute-labeled worker - nodes and assign it to the Ironic data network. This example uses the data - network `ironic-data` that was named in a previous step. - - :: - - system interface-datanetwork-assign worker-0 eno1 ironic-data - system host-if-modify -n ironicdata -c data worker-0 eno1 - -**************************** -Generate user Helm overrides -**************************** - -Ironic Helm Charts are included in the stx-openstack application. By default, -Ironic is disabled. - -To enable Ironic, update the following Ironic Helm Chart attributes: - -:: - - system helm-override-update stx-openstack ironic openstack \ - --set network.pxe.neutron_subnet_alloc_start=10.10.20.10 \ - --set network.pxe.neutron_subnet_gateway=10.10.20.1 \ - --set network.pxe.neutron_provider_network=ironic-data - -:command:`network.pxe.neutron_subnet_alloc_start` sets the DHCP start IP to -Neutron for Ironic node provision, and reserves several IPs for the platform. - -If the data network name for Ironic is changed, modify -:command:`network.pxe.neutron_provider_network` to the command above: - -:: - - --set network.pxe.neutron_provider_network=ironic-data - -******************************* -Apply stx-openstack application -******************************* - -Re-apply the stx-openstack application to apply the changes to Ironic: - -:: - - system helm-chart-attribute-modify stx-openstack ironic openstack \ - --enabled true - - system application-apply stx-openstack - --------------------- -Start an Ironic node --------------------- - -All the commands in this section are for the OpenStack application with -administrative privileges. - -From a new shell as a root user, without sourcing ``/etc/platform/openrc``: - -:: - - mkdir -p /etc/openstack - - tee /etc/openstack/clouds.yaml << EOF - clouds: - openstack_helm: - region_name: RegionOne - identity_api_version: 3 - endpoint_type: internalURL - auth: - username: 'admin' - password: 'Li69nux*' - project_name: 'admin' - project_domain_name: 'default' - user_domain_name: 'default' - auth_url: 'http://keystone.openstack.svc.cluster.local/v3' - EOF - - export OS_CLOUD=openstack_helm - -******************** -Create Glance images -******************** - -#. Create the **ironic-kernel** image: - - :: - - openstack image create \ - --file ~/coreos_production_pxe-stable-stein.vmlinuz \ - --disk-format aki \ - --container-format aki \ - --public \ - ironic-kernel - -#. Create the **ironic-ramdisk** image: - - :: - - openstack image create \ - --file ~/coreos_production_pxe_image-oem-stable-stein.cpio.gz \ - --disk-format ari \ - --container-format ari \ - --public \ - ironic-ramdisk - -#. Create the end user application image (for example, CentOS): - - :: - - openstack image create \ - --file ~/CentOS-7-x86_64-GenericCloud-root.qcow2 \ - --public --disk-format \ - qcow2 --container-format bare centos - -********************* -Create an Ironic node -********************* - -#. Create a node: - - :: - - openstack baremetal node create --driver ipmi --name ironic-test0 - -#. Add IPMI information: - - :: - - openstack baremetal node set \ - --driver-info ipmi_address=10.10.10.126 \ - --driver-info ipmi_username=root \ - --driver-info ipmi_password=test123 \ - --driver-info ipmi_terminal_port=623 ironic-test0 - -#. Set `ironic-kernel` and `ironic-ramdisk` images driver information, - on this bare metal node: - - :: - - openstack baremetal node set \ - --driver-info deploy_kernel=$(openstack image list | grep ironic-kernel | awk '{print$2}') \ - --driver-info deploy_ramdisk=$(openstack image list | grep ironic-ramdisk | awk '{print$2}') \ - ironic-test0 - -#. Set resource properties on this bare metal node based on actual Ironic node - capacities: - - :: - - openstack baremetal node set \ - --property cpus=4 \ - --property cpu_arch=x86_64\ - --property capabilities="boot_option:local" \ - --property memory_mb=65536 \ - --property local_gb=400 \ - --resource-class bm ironic-test0 - -#. Add pxe_template location: - - :: - - openstack baremetal node set --driver-info \ - pxe_template='/var/lib/openstack/lib64/python2.7/site-packages/ironic/drivers/modules/ipxe_config.template' \ - ironic-test0 - -#. Create a port to identify the specific port used by the Ironic node. - Substitute **a4:bf:01:2b:3b:c8** with the MAC address for the Ironic node - port which connects to the Ironic network: - - :: - - openstack baremetal port create \ - --node $(openstack baremetal node list | grep ironic-test0 | awk '{print$2}') \ - --pxe-enabled true a4:bf:01:2b:3b:c8 - -#. Change node state to `manage`: - - :: - - openstack baremetal node manage ironic-test0 - -#. Make node available for deployment: - - :: - - openstack baremetal node provide ironic-test0 - -#. Wait for ironic-test0 provision-state: available: - - :: - - openstack baremetal node show ironic-test0 - ---------------------------------- -Deploy an instance on Ironic node ---------------------------------- - -All the commands in this section are for the OpenStack application, but this -time with *tenant* specific privileges. - -#. From a new shell as a root user, without sourcing ``/etc/platform/openrc``: - - :: - - mkdir -p /etc/openstack - - tee /etc/openstack/clouds.yaml << EOF - clouds: - openstack_helm: - region_name: RegionOne - identity_api_version: 3 - endpoint_type: internalURL - auth: - username: 'joeuser' - password: 'mypasswrd' - project_name: 'intel' - project_domain_name: 'default' - user_domain_name: 'default' - auth_url: 'http://keystone.openstack.svc.cluster.local/v3' - EOF - - export OS_CLOUD=openstack_helm - -#. Create flavor. - - Set resource CUSTOM_BM corresponding to **--resource-class bm**: - - :: - - openstack flavor create --ram 4096 --vcpus 4 --disk 400 \ - --property resources:CUSTOM_BM=1 \ - --property resources:VCPU=0 \ - --property resources:MEMORY_MB=0 \ - --property resources:DISK_GB=0 \ - --property capabilities:boot_option='local' \ - bm-flavor - - See `Adding scheduling information - `__ - and `Configure Nova flavors - `__ - for more information. - -#. Enable service - - List the compute services: - - :: - - openstack compute service list - - Set compute service properties: - - :: - - openstack compute service set --enable controller-0 nova-compute - -#. Create instance - - .. note:: - - The :command:`keypair create` command is optional. It is not required to - enable a bare metal instance. - - :: - - openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey - - - Create 2 new servers, one bare metal and one virtual: - - :: - - openstack server create --image centos --flavor bm-flavor \ - --network baremetal --key-name mykey bm - - openstack server create --image centos --flavor m1.small \ - --network baremetal --key-name mykey vm diff --git a/doc/source/deploy_install_guides/r3_release/bare_metal/prep_servers.txt b/doc/source/deploy_install_guides/r3_release/bare_metal/prep_servers.txt deleted file mode 100644 index 61a686201..000000000 --- a/doc/source/deploy_install_guides/r3_release/bare_metal/prep_servers.txt +++ /dev/null @@ -1,17 +0,0 @@ -Prior to starting the StarlingX installation, the bare metal servers must be in -the following condition: - -* Physically installed - -* Cabled for power - -* Cabled for networking - - * Far-end switch ports should be properly configured to realize the networking - shown in Figure 1. - -* All disks wiped - - * Ensures that servers will boot from either the network or USB storage (if present) - -* Powered off \ No newline at end of file diff --git a/doc/source/deploy_install_guides/r3_release/desc_dedicated_storage.txt b/doc/source/deploy_install_guides/r3_release/desc_dedicated_storage.txt deleted file mode 100644 index 371940210..000000000 --- a/doc/source/deploy_install_guides/r3_release/desc_dedicated_storage.txt +++ /dev/null @@ -1,23 +0,0 @@ -The Standard with Dedicated Storage deployment option is a standard installation -with independent controller, worker, and storage nodes. - -A Standard with Dedicated Storage configuration provides the following benefits: - -* A pool of up to 100 worker nodes -* A 2x node high availability (HA) controller cluster with HA services running - across the controller nodes in either active/active or active/standby mode -* A storage back end solution using a two-to-9x node HA CEPH storage cluster - that supports a replication factor of two or three -* Up to four groups of 2x storage nodes, or up to three groups of 3x storage nodes - -.. note:: - - If you are behind a corporate firewall or proxy, you need to set proxy - settings. Refer to :doc:`/../../configuration/docker_proxy_config` for - details. - -.. figure:: ../figures/starlingx-deployment-options-dedicated-storage.png - :scale: 50% - :alt: Standard with Dedicated Storage deployment configuration - - *Figure 1: Standard with Dedicated Storage deployment configuration* \ No newline at end of file diff --git a/doc/source/deploy_install_guides/r3_release/distributed_cloud/index.rst b/doc/source/deploy_install_guides/r3_release/distributed_cloud/index.rst deleted file mode 100644 index 1b7e1b0fc..000000000 --- a/doc/source/deploy_install_guides/r3_release/distributed_cloud/index.rst +++ /dev/null @@ -1,310 +0,0 @@ -=================================== -Distributed Cloud Installation R3.0 -=================================== - -This section describes how to install and configure the StarlingX distributed -cloud deployment. - -.. contents:: - :local: - :depth: 1 - --------- -Overview --------- - -Distributed cloud configuration supports an edge computing solution by -providing central management and orchestration for a geographically -distributed network of StarlingX Kubernetes edge systems/clusters. - -The StarlingX distributed cloud implements the OpenStack Edge Computing -Groups's MVP `Edge Reference Architecture -`_, -specifically the "Distributed Control Plane" scenario. - -The StarlingX distributed cloud deployment is designed to meet the needs of -edge-based data centers with centralized orchestration and independent control -planes, and in which Network Function Cloudification (NFC) worker resources -are localized for maximum responsiveness. The architecture features: - -- Centralized orchestration of edge cloud control planes. -- Full synchronized control planes at edge clouds (that is, Kubernetes cluster - master and nodes), with greater benefits for local services, such as: - - - Reduced network latency. - - Operational availability, even if northbound connectivity - to the central cloud is lost. - -The system supports a scalable number of StarlingX Kubernetes edge -systems/clusters, which are centrally managed and synchronized over L3 -networks from a central cloud. Each edge system is also highly scalable, from -a single node StarlingX Kubernetes deployment to a full standard cloud -configuration with controller, worker and storage nodes. - ------------------------------- -Distributed cloud architecture ------------------------------- - -A distributed cloud system consists of a central cloud, and one or more -subclouds connected to the System Controller region central cloud over L3 -networks, as shown in Figure 1. - -- **Central cloud** - - The central cloud provides a *RegionOne* region for managing the physical - platform of the central cloud and the *SystemController* region for managing - and orchestrating over the subclouds. - - - **RegionOne** - - In the Horizon GUI, RegionOne is the name of the access mode, or region, - used to manage the nodes in the central cloud. - - - **SystemController** - - In the Horizon GUI, SystemController is the name of the access mode, or - region, used to manage the subclouds. - - You can use the System Controller to add subclouds, synchronize select - configuration data across all subclouds and monitor subcloud operations - and alarms. System software updates for the subclouds are also centrally - managed and applied from the System Controller. - - DNS, NTP, and other select configuration settings are centrally managed - at the System Controller and pushed to the subclouds in parallel to - maintain synchronization across the distributed cloud. - -- **Subclouds** - - The subclouds are StarlingX Kubernetes edge systems/clusters used to host - containerized applications. Any type of StarlingX Kubernetes configuration, - (including simplex, duplex, or standard with or without storage nodes), can - be used for a subcloud. The two edge clouds shown in Figure 1 are subclouds. - - Alarms raised at the subclouds are sent to the System Controller for - central reporting. - -.. figure:: ../figures/starlingx-deployment-options-distributed-cloud.png - :scale: 45% - :alt: Distributed cloud deployment configuration - - *Figure 1: Distributed cloud deployment configuration* - - --------------------- -Network requirements --------------------- - -Subclouds are connected to the System Controller through both the OAM and the -Management interfaces. Because each subcloud is on a separate L3 subnet, the -OAM, Management and PXE boot L2 networks are local to the subclouds. They are -not connected via L2 to the central cloud, they are only connected via L3 -routing. The settings required to connect a subcloud to the System Controller -are specified when a subcloud is defined. A gateway router is required to -complete the L3 connections, which will provide IP routing between the -subcloud Management and OAM IP subnet and the System Controller Management and -OAM IP subnet, respectively. The System Controller bootstraps the subclouds via -the OAM network, and manages them via the management network. For more -information, see the `Install a Subcloud`_ section later in this guide. - -.. note:: - - All messaging between System Controllers and Subclouds uses the ``admin`` - REST API service endpoints which, in this distributed cloud environment, - are all configured for secure HTTPS. Certificates for these HTTPS - connections are managed internally by StarlingX. - ---------------------------------------- -Install and provision the central cloud ---------------------------------------- - -Installing the central cloud is similar to installing a standard -StarlingX Kubernetes system. The central cloud supports either an AIO-duplex -deployment configuration or a standard with dedicated storage nodes deployment -configuration. - -To configure controller-0 as a distributed cloud central controller, you must -set certain system parameters during the initial bootstrapping of -controller-0. Set the system parameter *distributed_cloud_role* to -*systemcontroller* in the Ansible bootstrap override file. Also, set the -management network IP address range to exclude IP addresses reserved for -gateway routers providing routing to the subclouds' management subnets. - -Procedure: - -- Follow the StarlingX R3.0 installation procedures with the extra step noted below: - - - AIO-duplex: - `Bare metal All-in-one Duplex Installation R3.0 `_ - - - Standard with dedicated storage nodes: - `Bare metal Standard with Dedicated Storage Installation R3.0 `_ - -- For the step "Bootstrap system on controller-0", add the following - parameters to the Ansible bootstrap override file. - - .. code:: yaml - - distributed_cloud_role: systemcontroller - management_start_address: - management_end_address: - ------------------- -Install a subcloud ------------------- - -At the subcloud location: - -1. Physically install and cable all subcloud servers. -2. Physically install the top of rack switch and configure it for the - required networks. -3. Physically install the gateway routers which will provide IP routing - between the subcloud OAM and Management subnets and the System Controller - OAM and management subnets. -4. On the server designated for controller-0, install the StarlingX - Kubernetes software from USB or a PXE Boot server. - -5. Establish an L3 connection to the System Controller by enabling the OAM - interface (with OAM IP/subnet) on the subcloud controller using the - ``config_management`` script. This step is for subcloud ansible bootstrap - preparation. - - .. note:: This step should **not** use an interface that uses the MGMT - IP/subnet because the MGMT IP subnet will get moved to the loopback - address by the Ansible bootstrap playbook during installation. - - Be prepared to provide the following information: - - - Subcloud OAM interface name (for example, enp0s3). - - Subcloud OAM interface address, in CIDR format (for example, 10.10.10.12/24). - - .. note:: This must match the *external_oam_floating_address* supplied in - the subcloud's ansible bootstrap override file. - - - Subcloud gateway address on the OAM network - (for example, 10.10.10.1). A default value is shown. - - System Controller OAM subnet (for example, 10,10.10.0/24). - - .. note:: To exit without completing the script, use ``CTRL+C``. Allow a few minutes for - the script to finish. - - .. note:: The `config_management` in the code snippet configures the OAM - interface/address/gateway. - - .. code:: sh - - $ sudo config_management - Enabling interfaces... DONE - Waiting 120 seconds for LLDP neighbor discovery... Retrieving neighbor details... DONE - Available interfaces: - local interface remote port - --------------- ---------- - enp0s3 08:00:27:c4:6c:7a - enp0s8 08:00:27:86:7a:13 - enp0s9 unknown - - Enter management interface name: enp0s3 - Enter management address CIDR: 10.10.10.12/24 - Enter management gateway address [10.10.10.1]: - Enter System Controller subnet: 10.10.10.0/24 - Disabling non-management interfaces... DONE - Configuring management interface... DONE - RTNETLINK answers: File exists - Adding route to System Controller... DONE - -At the System Controller: - -1. Create a ``bootstrap-values.yml`` override file for the subcloud. For - example: - - .. code:: yaml - - system_mode: duplex - name: "subcloud1" - description: "Ottawa Site" - location: "YOW" - - management_subnet: 192.168.101.0/24 - management_start_address: 192.168.101.2 - management_end_address: 192.168.101.50 - management_gateway_address: 192.168.101.1 - - external_oam_subnet: 10.10.10.0/24 - external_oam_gateway_address: 10.10.10.1 - external_oam_floating_address: 10.10.10.12 - - systemcontroller_gateway_address: 192.168.204.101 - - .. important:: The `management_*` entries in the override file are required - for all installation types, including AIO-Simplex. - - .. important:: The `management_subnet` must not overlap with any other subclouds. - - .. note:: The `systemcontroller_gateway_address` is the address of central - cloud management network gateway. - -2. Add the subcloud using the CLI command below: - - .. code:: sh - - dcmanager subcloud add --bootstrap-address - --bootstrap-values - - Where: - - - ** is the OAM interface address set earlier on the subcloud. - - ** is the Ansible override configuration file, ``bootstrap-values.yml``, - created earlier in step 1. - - You will be prompted for the Linux password of the subcloud. This command - will take 5- 10 minutes to complete. You can monitor the progress of the - subcloud bootstrap through logs: - - .. code:: sh - - tail –f /var/log/dcmanager/_bootstrap_

)a0Fm%WPU$Ojwgw&C zMW=IHp9_CZY=N|t0*quMY$RO1bj=QQZJ>c*7IRkrCI+BWPdAvhG zH2Tdz;EXEF6WT8C}q zGC2J05U1`7oiD<#fF=F^`nNnJS~WhfGUczzFEP#U*XOkM6XEPe$6DyM!^P5392(`o zRvk~2l18u2iK(Lu*#w-{Yp{e#y3;DoM-v#~$d=?e*KGIlOrGIC}A)AegR}6M- zr(WF}YV&q(NqJSOJ9jIt?=c@KRw5o7OWR{R!*A}J+Jh&i7$n#kw~a_-=a^c6sk3qU zg&DO&qVKKTsr)}p0mc@ouh=bZ8$?&6rGqWcTvZ^grba{O{ofi-slhTX_rOkkm9Qh| z1Kok)9Sq1me>;7zqa6_ZY@*6Sh7|f|ecSRTXKj>}nrQu$39JkYW@sf`ODE<{BMQzQirF?mE=?#Ea!4>HXx?pxyyhglZ<`L}*m zmUVxfTcEs|IZx6WDoys>TwiPLU&H;XCOTDtUkaDsBli8sD~!gxoNYc}`&*WtO+4qu zcL=MMjR|%xs6+5=&yl0Ikz45vE;&I9USETkn$B^+{{MeQfupY-Jy-6|WD)9*<%4VA z-$O(*-A_)_;>+InMWo&umijHBk{ZML)x93rSm2BdQt_KKOZ1!FJGxOXYyVpE2jBTA zs_#qo`OO;hQLMd90k%lXBeK7R-3NklOn^Z#2U;kV0!$qBF^gZ~FD#<*S82oo$2qn5 zwlf^0rJwC8|7$k=Z8hM(C8A_#oq1IMnMlAv@yEaQ*8jdN;BfvRQRxk)x*5>uJI=a7 zQ7;)*F>5@QT}VypeIf~%C0zB2AzZ=TK{zO%Tsdxi7Ypx=#_& zfL;ANHW=GQK)W+l!`44N3lL|ko_tWrlJB5F_LYe6g|Q*WzgEqEj8}}!n@1IkE|jny z48bMTam13Z5J4oy zH}bKo71F!`YrhtcE&)&krraUeW*t8nH5cp&z6J>C;NzTc9VN4-ak!hzN3l8#-+`uP z&V-=6xgvln9K_P5q#@ADZ%hX$T#mmeQGti#$amH_ci1DlPfp?`AGcztcW909p$6$H zjbkV`*$&`#sMlHl81SE&dH`(v66nh?%>Q*;9@eBF$e*+<_76G1DHD~F+8jhEMMd4gFCKZQgCcaevjVs$<`|mw|6Ig%H-Vm;G4(eZ2FR9>W+*$tjraLtSdLHa zbQ$ct{W5E$4DX1)OYV*Xmhl}22m`?k>^CiYw$QnVD+EdaY@R&j?2p{_eiwM@`i+0n z@YemoZ_CMnGU%C)N4pB@%;#m^plA&=HK#LO~l0?f+6}W*`_XadIe{z17z&)%$?l$ z0OOmeq+FnoduA#U$^59|>)JEn7dHTgn=JDUcQz86IQ0l$CHp%bU*o_~ zgUP^o)Ox0A{Dc78+p0NP^U_4G>l#EfspE1eSJO@iXXNB1pkqCS=A}!x0s;^zq8A9Y z)GIFSUl$tx)+npm&w2M#f@;IuBam4}%x$u)j{W19yV4ImI z1X)b!poF;FzdA#6_`t2j6(`YK-(Q~|o%O>cyNy|TQ1cvMFOn2Fm?9%uqt#^&2q_vQ z3OnW`hyZCa06mAn-`e_LHxoaUJO=V%6r*#n>D1U|{086vW^n)^-NA7^!7Onl3Ob+c zG@=xz=XKb*?=W?WGpI-WZ#7PESo6QmzAH~ga6@y~`Fm^`uFc%{1Ur>4db_4961-K~ zcuO|kBg!keXP>~*8~BPfv9_L{eFygU+N{(_+umK6@C}?Eaf2Kys#H04j*YgLvnIOM zF=vkg>;bq`M)(&MNxEfz0qG=qu=*_(B0fmdQ$o{_olZK-{dj*B{ zQff2&(ZWSk&zLK`Bwz(V7hLWPqQ%alyKk%4VgVs!z9;C^8tp$N&h#AH2)IxOK(ZLm zT;7s$A;-t&_aEi6q|C?7fn6#GRO6I^0FqpC%IyM>;mnqg(hL{CTqK6^H_-(N`~pO! zjN2E_r9uMcQ)?YJ648QUOs=!`?*S%*2!LfxjcDHCtB*%3l_b&fKUJ1Pt26679OW&o zY5R*00cM2apO^x9LE3=#BcHc_ZFx^cm?-q`I@JO}72);4q%#pfz9D;Wsnvv+*WMBh z87twlbI+f<1Zm^v>z)FCgNNVjKkXXlQ#(F(+##RKVPB3*c zn>`#YJD&uv&t(2r8^N#G6G*OCytfT^Qcyl=XVf2eHgHwCRB-PiFZWT_xpLhAzT>pj zWed8wlD2)auyV36r6CU`oC)?R={{XfJ3ah)V~#y{Hn^*t-FfKOfU1%cz2v{To^NV` zS(9W~508UM3G#metP3#@06L$T)G_5JV{#AqTD9#RgP3NpE@&M+ zf6;su{-YR%QYYQ^^SBD)`vz#|C**79CVu)vA!yP?Ecjvk;mkN#Rl8W%^i`>W^>~qv zi6TQK!8BgC&@`cSkinbECA2c$n}y49BTt!-uqxAf8hq;%Yc-~3bJu2l_BoMB{_Ms@ zz2T~^rg(As1!k3fE{ff|R)&I+y!kw4sqX7*bOR0N>q&dee<%~$YIVw;@}2EeB`@9~ zBV8NX8`d7#DzRAXHJ;6nZ=ta;FXWN@w@3VY=cxd$fC)QgFn~FQ6#C|V;0 zoiguxqq67T4_Z70Xp~2c)PB%0ABgq{MytwnE+8cU5&AQi^(#>HLp*sLISfLuOSSuX znin)d^5YGl+NWkkYtv`cY*(zo7_<{*+sy!)cmiO71-H*EKfPkVI#vPFBlZ?(I)6+YP| zJ^PhcI}yO01&@m+iaO>@0V0R?EmjZhziZl0q-A%u`UB~|Xi_MFV9Z@&rpI7IyBgF^ z9+k(T5{q)|L!B}}Qc>(aepDVx9#Me=ME54=8J{oph(9DHNoD|x*jbX3vhSsQ#-Bf` zL+6lurgIxobc>Gk!Y}#_r@PGnUP&15cBr(j_r z%BX*M`F$7@pUH@s4*YccK*~+;n}h^8P`bo0XO#HoO+cyYho%$0Czp8(E`UL#R;zDpCGJFYq=6T@CMsI;bk0e$`rQB^hd=j@zS~~ME;$Wgh}c+Q zLDiW02V;JP03v|XgKGhh%o4UYwEA5_l|zPU_hRsD9o8xOvWScOf}`PhYEpKMvSehb z9~bNBJz|0ciik+)53-|1J&+pHe*yFNT{xGfek7vhqn?73zXJHFX$W`Cfz(gvZG$_o z@CJUuPX%YP0>avOOB;+0;1{NhtSiCjOqPyg8VXYidQI&zih_&rKV>E^>|v3g48{Oe z|CWwVQm@A^dU=VKfOMkONHFU^td@p@Dw?CZMSmhIy5&~sc8E%VX$slb3{~=Fc4(UT z2EIgfU6JM^&Nr{}o|DLUE_vZitHM!MER(8ZRO!saEEv{A7T1qEpY*H;AE2pbKnSf4 zvx~1atwrO(+(GC1%#h`=Xs6VdFg6Pyi zdJkc`Q9jaIcC*1b7_?eoB6vK67EVUF3|z{_WJLz}S9*L`NKNEF8gXy#mQDF;CHaw6 zgsAUuhh+N%#mx|D9W0o+_iZV|2~O81CH7$s=6t+jGVl7tIfWH}vpg*==;F%%Sh9xw z%#hE|P9FyL5SW}XR1q+rk>F^ror;UJS#50uD6#8Wjb_mfaRd)oqb7FDJ=>)8amYj@7e}LS z6)h8erPln)ck8ODE(4Qq#jns{+mgKM1@3mdyxd|401Ms2%VJ-2rUDj80OC}BNf$(o zDI;|(?5ZcjzDnyc$P5#$na{+=h}7-D%+Cd&z~C)KDHgkzl`9w*W~GPBce=>6Y4aDi zp9dBX+p$N{ixKR6=bT~&Jjd*`mLG$zUdM?FUn%jPpGi6bnYSJ?Pz**#B=YOB6GGI; zJw7eUF4^)O^wsUp*#NSVffBO?p%NyD=*)Clj4E4o)*qFW-W5u$bLqL*6A2zsb;Fwe zw!fAVkI@_&gIw4IKaXyqEV6^Y<;}`<=uFRW7g@NSLo1MZQzg_*F-!k*4;fbxw1$jJ z(1PE5fB5F&%;(m%-siBIbIQgN2HWhU?FJ2P6+Mb3+JoqspLqQwq%~l2^!NgrNf-HO zX~MR;v>*hl36X)j&&7-@>;%`r^288(Eu8eAnGoyFrzSH?h;-)7kV^f{q84YbmpH+u zc*!&rw~1L4BZ?#MTjjs;+!rn)4-aE_O&uP^@Md8VCZKNVCi5cTm28F=n{Y^UY^n1I z#4_bOiRHt3QvnUWZGVr<8#yK;ko_mTt?$;8c&kJTM5J+$Hn*bZX5esW4#!Sjri6WX z%oMc7ZN!Me454mF*A=(k#+4k z)puKv<;|%F#c#Zb+8drl_q7B~x2Z zvw#I=&NT}NRxHLG*psloW1_>RNPa?xM+Xvyky`E8e}GUf&|FMT0D_U(+>XpHlvZ9y}_g#5~*Y1flU8=QI$LXZPD z0+bH+r_3hKk-w!+Q&u}PY(9-05-X+rik7iVdC_By#g6{d7NuR!f#rS($cGt0RyRmn zOup0{`ATd_Ez=vwyGKE`AmtZL>cbN16>TVDNIx{gH>O#wQq5nlUuS)D$}Ukw;*%Uv zidEqnPW+IQ5y&xn_Kv}8rj1JVZnD5h3&BUKM=_GT$>ELHN;WXXTwiS8Fqh$`#l6Q3 z6gjp#rcfO}kzdEw5{6SEW5D}|zyledx36q)M4)G}``y)&Vu~S)| z4+D159AqGQs=1Uw|2np2GOtB!muVh#5p8W49=)^E=TxlO<3&^pZso^DobN5t{*J3B zm%6R0Cy+_LIqmqLf4HnnpjKv}Ms}CJdAl!|*sf1+(#2*E&8r34oLh82bdsJ}KRyB; z%?wL?F~)^?6qPUghuORDmWD zA`0%Z+jD+%66rj7?d8`mu*=lvv)q( z_}eZoet+3K@Ary+zhjZ}`#g@TQ%!xv6$P!+sW~}p+s{BlY<6ygJBTi_S4-M4B%KU)+Y_;&1p9@!2U`j9vHz_#c&pKVag- z;8KzXOOcKE;j@@CGmvOTYxl5Aix-W07|}OsK**w5M>3x~#}3N`n#SZdYK26dfHc)@ zJ7m<I>+3&*N>5IXvAAeMCE$cz1m$d+-DZkgvS_!z$GaqD569vqMn2uGcSg&P9 z#AOWEv3$Sql)5TRWISipCl!TmBYdqOtJIKC;ncL?{Y4BYf65uj=dPcz1nO$eIS>-Q zk{ZP<1K@%~f6$M#w{?i(_D4D|_`*>gEV}#6f;9uF*D4y~TtmPEGk{BmjP?oQ}MMtRg-cxOT?S&t8Z*zR68RYK9VzfAVdVY6|<2dwTuh@E|9!235OU5n?9 zcQGUcw)5^d!%+?8TfUG7l0YWeF@=6ayT2(QW`F2y@fyTD5mVj7oNk7RU+rHmliCFG ziB;(G6#hjcZ6ZCbAhCgO1mNtu)%l^g_S0)9MBh&$TiFDmVl30qi~Of_4a7;`x@mVM zQ~NsL&#*;$6{~?PVfQ9*by(c&q|JBE6r-Dcw1Z94hsc;1_C#A>GBY{9^J>r6T>Qxk zFog{0X0`bA>&AxKw_ad}DZGULROL2=K3@syJNC>%UAXvrAXxI*W*t4;($$PuEe@fT zbutti3e4dTK}i0Q*WtfN;!q?On9>ueJA0QK}Cxrq2axO!NnBL zq0YH_www3M7wP|?rI%O+Lni;N&X`*Z`TP2jiVJSI0i0>o&$Kv~Rqb%)B2rt#H!G{O z!INRr9_p6dUtL_M4D{Rv@%Wa?M}zDNwt;3v6Z#P%@toH~r*vkc+`5smL@?E$C_|AS zYPymw5=(!9J!M0;+vZxh5GGI09rYuO39MM+bej_jO;6{A-`*V!QP@4eO zoRx^}ACKBhl378j+&OU1PdB(%x+Nrn?;vG%X2eo*HHXxyl07WS zckYPi^qtB-IN4rTZuN2rR{=pI`~{p9k2UVBJ2PHG-p5fR3cuVLE!pll;iMx9^=kr_ z;bq1=9DCuQAH~_yLKTxPvtku{Y@wD z5aWy!iLEX?3>-N(XXwyiT<-pvxrP`%o;qO&vX|Z-KrC;%aBqiP*#AHkIW9LJMS-{3 zE{5J3%n3(iUh#Y|xnlNG?ry|N1ucwk1*aN2djNt0E6xcYU=esH8u8ZYF5wZNIi(iz zO<$Sh2JqBdHi1&}lsm}-U=0~y>)>o=Qpt^^MYv1UR=5YR|9*WT@xoFTwQ=-%zdN+^ z8d)N-m57UPlNIo$k0Vn3s^vjoYkTg}y=M`}kpvqc;=Xj(wC)#U7ns|}n}cNQ*I||G zxf|S8Qn3v}l8G!s3Y)(^MWtT38|gPbNgp;5m~2(oeRyT-jfq$z85@5ZkaE1o-BT#m zhI)!s_BEp>0B=`t$h{I5abY03aY&&(tCuxjlTU=2&@Q<oft}=9TKUOyKxiOM9vY%)fXyu29IC2a}8;WO9s4#q6B#-y<`>gSow&KyJ#gV?K-$Uplg5u@DoOs{>bfvh4!uJ zA!PX2k)b)gj&R?cU->RvGV%Cudc{K3$o-ykdtW}Y{=P0=BGQ+)`#i?2O5FIDI~f6B zUeUZm{%hG56aGqqWEMI?g7U5iau`E~Nb+1=hIB5DN5StYKj8421d|YVr_DKT!)wu5YiF;7 zu~qLfc|G2A)ML)2kfn~UkRba&z zikn5Rbh=i#%9IxNUysFJ7>vyLUp!>U(FCh)8wokUefLr6&&7#?W!8e(Sr<1V>;{P> zR6GmRbuLepQOWI1iG$$OGapPH6zCD{uX- z-v%rAHIclk9-dBS~Pg` zkYKvE3d$l#3GiQmoPwr+XpyAC?+#rx(+p?V&pq$1T!l#PfR1dAej9Y{$T`~rgxtK?Ee{rXzEKf2k zLx}L6X3YuW+v|{^9B1E0pC;{BbKT&OtL7IyBY3-cZ-ifxYDCGv=i2!yA=>+Ns+);@ zXox;H&1T)uBfoaLk9QAWw3KG4cp6~N+|}L8(bj|4UH~arOq*^_N|TU3p$jO~2Gq6o zGx-fZj{UrL&z5x5&_f8M7@Nd`M7%34`ZRMcS0!2fG_1n`>wq)p5!+~0?TCoPL01r* zxh_Oth&1SqrWSW9f20b>q5|~t(-gqt8bBwSMDB(0t1_`XUpjuh0i=d3_QKx;(l`#H zV@Q8h>&<_0%w)NDQftSLszC=Khi-bW?l8q&ANPW;b<2Gu0g;~AVwN!aEa6P8On2iM zvyjOz3lD}T1*)FRs0YaMR@2g=S?%X1_nBCe>Ab!a1}b_+;!M}BwMkA?%e=fvD{lL4 z97WlS6>NHYeOA3d6Y$0H9uvzi;pI)K=^e*G;fdE5jgk{$-DZc&o$CNorUsomef>RH zT4e4WUp>mf-d~mf_?H?O1XlH=0E?O{k1e=59e{}pm2H-)onM8?%a#3hl-tZtxSzLLH;Fk2nDF66`|*jX3OzD z&RPd9%7uZzMbwm00Ev~}b0CqVqGQ;(8qiK2>% zI^H`zROP3d&Tq1#R1_+7q39FaCrL&}DN>E_S)8Ip4-r%YXl^oJ^X?PJdv*Su+?#@S z&$TuoO^VBCJ^Hd4Y?J6llh*%-xVH|ga_j!RQKTCrL>dG^TFON%LPA9v5hSHM1f-Eh zYJq?t(jeVPgVNoNbeAA4i#&7T-uu~m|DJQ6xZd}iKjB*Uea{?oj5+7{eEm?FqO4wj zrx!yfWvf#Fw0((cU$SD;61<%=;Y#c3I|2_mca&P<7N4T&tL?U?M<45mw!M(6oRlWB z>W3Bsy=P|kUC&T@1#obSl9<)WT%zcq{QZ*Wo$_URdZwlbY zHf9-8Uz>9!IWA-;6P+p>7keY;gj#?|&Nh%2C#d#0R2K+AZR~eA>#f_@V^>8O3{*-8OS~GLV{;F7j1aL#r9NsiL7xzXK zT!NH2LsvH|VrjH$aJ1P2!hIve3DjhheQtM?)HcKJ1)#`3czxCdXj;}HrxSf~5?_xc zUyuq2e(5PD60zprYXx&b)e+B|8~n)d|CCmi)HfA5Nz)HcSjou`1C$!kzoiv zHuav8Lz9FC=gCl)?FXw2*22T_zH|;A2MnKmkft9A07VRun$zu-ch;Vh zxYvCpe2q6iHe?>icb^&JZIk}|xcs9E#RDi~uu=O(V_HcyEI5}&KxXZMcO+84^;L`Z z>_Fl{@pkD?dWQQwB8_j@8vF!?Pk}Z?_f20*cJAZ~mSnXXbs}Un$S+VPY=vH?%}pg| zqJ9HYvImhiTycoVNiH*8bA}@*X*Ef^$JBNAip*_7tcZ-!aA6Q(e1FXP#2FS`0xI?S z{1S!JM#Tn5?aQQ+s@~C@Eu0C>&10GA-PT(!ISNb%qI$Q#uuZ<@l06nt%$mXsqQcHD^d>#xd@lfd z=;TLi?K#JWKQaAk_3fNcb`iEP8zv=nGyw%6IkXB2M=%ZEB2twB z*WqVuA;3Yv57=wQ@fc3F0*l`rf9bDiDL>&O^~v6CCA0Ve5+R=rZ6X`v@R5eyj_0Gi zkC_ti2u+(_#LA9Ks-2^P4kSQ+ZK3rEqd>1*e2VQnr<XXyAz`6GwmL) z6D1w{QpTih`Dx$6=6JJ+EQmP?Tol2KZ&*ID^XPC;?LL4jv}n_9%yt1{5%JB^0`XL} z-msG6W4vFAB^SbdGU$CI@Wwqacg5Z;9E?jpe@Sx$ z+>FRb%)TmHI&jkcVHEv28U|Bde7Mu}&?V_1;xzP#X!n9floCB~b&)JRKrFzimon!` zE&~&Jjl!dwHsQ;$Vtoob&r>z%1w?GZ`-$>l`{{7O41|(31lftgI^hO^Rj+QYZrV=Z zj~^G?Ke}Jc?2(iL*Hfbgjp=$At`$Bnb)EzV9HA(jaC_<|U05N=I`1p+1Zc>uqbbjiY-6x7W=`$uY?hiV;@M)<9C^Tp~m zb7kH7A8nf^GN@=arvi7*DcxQN;NqI%R0g`DX>|ETUVlvsagy^(WSCN&3zN*z^CQCT zYqI_66^W0$KLd8xKA~P)Q0;#)-C>M&{Uv@fKR!Ma z;DQS%4U|67&XP%H+Lg`{ctKmlUP4UQ%FRBEXG2d*p-(I(0N71xvmK#mw-O;u#Raad zS((k9UY;dg4ndxf5tZ33KR$hlwvdB}r}kq7pf*t=XY+VW)_NVqhA76Z6;)0(SbPY5 zWc$5u5Q}>*Lpw6qe5CwIhzxOMKGHgfjoqFF`}^W)vSfFld69%Gxb7?6g70FuGkmQ# z*h3(k8joQ_6t}tDjT5&QZ(GwIDH->A^D))Ijrjs(tm?88AiNP?xka0D|mZ#^j5lA`$bZ6u~tbS6eQ71`a`a3-ep zyLR34bhH8HhiLlBrU~w&>Z1iIXy0DD=zg4|SaXsT`qK77XH8M84>z7%Hl>Zqeb~bj zZCAzSU4IusLz~g%dvRMg0CMVE0kP}Jp)EWosXn~c{rX-ob4F z@2@@Qy5~@E99&djd77qxicr|htl02jKmZoxUXkMV9gQXfTY%^;ZzP^dK3(?>oQij^vrV$6jRNTYBCXKan@Q?8qlHg*v^Fk!yky zKMHEXa8b4NZFn|d6&-m!IO7^4b%bb#t@Xxk4^Gga#|<@#c;Y9R4;l{gxy*%7>Vk*b zB$*`wcSSf+fq{y5s_YUatA5P2Z5+&2UNqgfhTGcVAGzmw2D^-yf}a(BJ-PR4{Zq`h zNNj&(pC2}Z>qw&U>9Gr8n0?pV}tVtA<|4^#~0<&)z{j9Ic>Lc6GUIfT`!+pHd@*>sv9R9 zhEO_fO=waUS!``vR!oTX5b_eZxE@ z4=EU1wYT7*j*TEBTmo4Rm zzijexb2r|W6R+>{yx6aJyT3oX=GbEVjn@8hVM0I-B3#AENe*lwnWuaZtFE{cyYWrV=_JGq_m5vncz#Z!tnLom|uF0k|+6Hj+x zTgl7D&DsrCdQ{YgH(gB;+NM_msSqLgOK>-feSwJDsk>~mpr+vFWO-Q^B#_HU!uE~F zTP~>CtC(4bm~(2b^P>Tm)V|=*=BIb#NoHrn$(%xW;{rFaJgZV{0ajw>r7PfrcxrtH z5hgX$E;_B~Hl~P=EtE_lK+N7LLCHJcX4UJ5;#>jpYoe4IIw7^z7@1vGN}r7#ij#Kw zu%g#|fj(mro~*4me2`WXZ2g5lR7_gcv;iTH;*@+OT3;2U;zyCdRjCy&{JLG;)-QqM z8c6j4O;et~6$6N~hOVSyaqwg&+66sWXs6eie4XT;h`9SI7Y}jR5Y*(uabAj$zQFZK zf;fhrQ=rV#1b%Muqmx$QAd7J9AtZ>4*Fy$wvunLH2^X9)c zaCVDYY!?D-#R~LR;WgT3I=ODWHIJ5#&}(m;kg;bYc9N*g)mY?2(V1?=Q_CcIKa zpLh@LQ-8fE6Xvpgeb7Pac>GlwNOENqn1IU^belku_ti(hfB71Fulz^GYLe##t*u># z8^B;pX~&0JUT)1^Y@M&Q*xF(tE}6MofZYJk&(`+&&-JWDc2O*ZPWCL>Z=LWw@LRV)Q+3e|w>4>oGdV(DXJy5LR7tSJ_(L zwJh)~ooHWqDSL;i?;MDB7K_9B)WC@>LN;*498h?qwIY1O@hgX%4+f;=3D0q@G3L@; zWaR3lm}p%*b|809aTf{}mt%Cwk+1E_VD~lcMsNsi*tOt`%UJhIfkV0OfgIJ`qsVoR zuQg`TWuJoozw|mrd+(!zU(l|r%r$AWbdC~=T+T^tq0TQnrW4{;S zeqAZ6f8NUHbnP0Sljl{1DU}MMSTyPfN+XePg*0cpdxAV&h%=<<{FTnQd zNi&hWTN{YJDjJ+X^4BTZZFPD=9~wH}aF0(ly?r-Sv(adgaX_9{JB!g6M$36 zS+H06gy0z=vUq(&RpY~QhJC`lj4TXz5ouks%Kz@qiT{J2`-4nr1N^L@A;oAHeD3~` z&^(YSDuXw$minN2g_(cMMI+($OnFEFJoF=$a;vREK$`5gXG&MU1qq+&6(;rr-yK$s zzgPT-+#$AN?q2(LKcID#V&(n9AMZr`?j%Hqby-uZ2I4UAdET7l+YZo4BeFDieTt7d zmp9JC7uHPNM%Q(G63s1nvFHpFq*-*PhYH;Gm_dlEwN}`UvC0izTjCdyJZV`pJ>w)T z=t6RkPIR2vJiMj#N>hn(Ar&_$BlHe)jc)ZbJ5YM4lM6V8(Ph{ zVrSMpDyJ&RpEwKF-M9TmH9-=MZ+Iu?w$rX92gsd3BvogVd;E|Og+lf(&*X{LNQbujvNq>hJYGntTE%^zP!?3OB0ISVp3l7@oUo4yd`Q5apQjpj^ zD1LIdFxqRm(RS1+QQ@Fa9uxjp9DH~5fA`(~7E6n*IFWEGH508;1j;AU%Dnri_mwnA zTK*J*+lQDzSi2lnLDW);yFr(BJhbUZS5>@dd9vGdmqi=#2gu+AmA+`nrQ)*9c_>(s zEi+@d2QCHOy!wAJ>AH4Jc*U!aK}%YUp5o|_0L1`NCK5u|i0v{g=YRQoF+>Ia-5-OO zhk~wQV>qIlHYeQ!Z5>hDwIq*D%Zz9qjh7sQb&j;wt9-;AHL@4J`0uXz@y`GFu~b0j zAm{+UX6E%BLNOO|)9Kb(Q|XB04RG@g8ytR7=u0$oq%9Mh46FRpaeTmSBlLvZCY z0179XS)z2+ir0ReJYqcxq1MNQnXhJ9K1r9`U(JWL#ns2FC?rV{m3s3ZMO~LDCyx`3 ztC~~R%eQ+v8cT=!Sn>B}1bz-^g z$7SXg?JQh`)?P7lVJVI?=}+YZGzYwOqW|m>fK3Rwq)iXN z_?4Xdm$I3GA$sE5FPRV&Y2N7erz)qTg6hbl|3{DbgN)r0KmcR%pgpAM>bgVvi{Yn)Q!}PaS#j*F0Ny4wr`uT3IGRnc@P4AEM`B%zaTy{@m zFAW; z-adpVnz(-~Cf3$+oK=54N@0<>C3;E)V_!r&1cxjjt&U~F;iBYdN|$OE9LUezScl** zp4DILI+D5OsSXS+zIf1}F1SVj_{+GhV(fF)6PpZ9gS3NoZYw0m@o4B~yU$*8yI=a^@S#Ir6*! z0}aFCRnr!3nQG!22(1mz@U82It!KJ9doiWGuwHW^0nON-U4v&Jt}R72?vl@RIB2`$ zcY}u=_0c9@bLU?tloE16QX&}0fGag+QzK!iD!-9#K#9WY(?6;0A%v)_uKMh-Qs%=? zaQz^MjWbc3kl_d76B=!?+B9r^eH_pJUdpwzgLq9MT*C1c|4B--Tq~J`r2guhzke0v zhTmThhk&GP0E~JnAfx;7w$YB z&))!GP*w#Z$V+EY@b6zA56y>ZuYQaUJMXupyf}X6@~5|F{msk_X0nn`Fxxsx1>n8z z?G|yYA^@}jY|=pjan#CbvsT*y`+R$kGcd)C{?X*b#DAM^CuEyQ4R3EbkNPz$+ODGY zqRx0+o3PIGz4(c~I}quu=I?d+9w=Kb_K>}?{zQ{E@KHp46>VMoaLAVWc|a|Xrk@=_ z8y@n7UE)6)?H(eX|IdAYaBFS)*6k{Rfwgwwax|G3{VaePbl{njsc(3reEq-^HmtWh zlyx6@RT`=r(}Q>HDS0xt~X(NJDuNO4bQbY7JcX z>9Ia!gH1F}NyyXNgb7LFx*yHUUtA9Mt!eqSg{cfJF`>(Y*P*3veXsZP;%S{q`i&&|E1dhu?AQ?EquZT17i*RN)@!f1y;b4x8H zRi%~vaj`t*e1Jocz6e^*3+y;gs%+d9wGo)(M4C0tT0IkuW4v9UB#pUy=GBR$JPRK% z#Lhy6jNb~f^`Oa@m(`5Env0sH(}dx69->)wSsU$J8CPM=r(2XBLbe9UAEnA|%r_P@ z*OSHlBZ49)Um<3QQO%v?R`>^Qo>z8RJy~XdJX6o_u@hH=7au~#E%zw%CU=NRyg}hS z8@a4t3JZQ-@Qq;sXwYXOYA;macO!SPaXIhSbdQiQ7B5@R1r_mPG#xK7R z_Zb^I=WlgUEx?$>>CEo*V|-4E0Z2CbU}-}*)#*1EFE=hy9bQTW#60}Ej&jlrf9tGD zVGG$hn;UVyjD|mJ=hdqbd!Sm?e`AyG8o-Om7GMkkSIUYaXI6HuAO@k-IM@#Ha6a@sU=Emjy%|H z8ot)hhQh14>g5j*H@?}BNBCbzLeF+M_9s03$KZJf$U!L%l1p(#)5-BUnkL>35lFx~ zGLHG0UeT3OJgpU**A-oc;SFgF=OuR9FiaOc9^Citt8JI$rAMfyLRxs?RGkF@!wsDa zZHlIN#POf{Pv}7Q`{#`5cUr!|vPG=wTpioZy?UG6B7$Bw`r+$bRgAI-i0L2?S5 zK+*B?debXi zpzL0IW}P9~0JEdf;Dwgrz%>X(M@>0A{9_R9jGNmpsh^IjDV~hOP0P-xs073+(T_I; z?~M5Zm{xk{I{V_UP#2P` zWd;=t%?w$@QRysF!e}_x2eOv(g-L+WmOIsoeVh1{!WaL$^0-rQwdxbAY-2Q`bnCIpLC~yywolOeE z3UV{YoxY@>n_W$~Zr}ZP13S6wQtpg{c{a2FzWn=iV^V#OAiyD`0Y;l?X^JQAcCHW_ z?d<}&umY^Z8-DN4ojo6n!ZAWGz0#JyHpFIHRFge=F#_Tve5IiAU18ear=hDNbrPjC z32FmethUi?6u#SJABTg-cDi4Uy~;QWAAqyQ&9wDlVfyjD`>e_a0xw!%pG2k}aFI&? zJbAPI02oAIod$u=vn9px9ixQPq*p$?UZg{HR17Ia`U%48(W*1_oYCopKxqTe_IqmK zs*DNdjlWD?k&XkEv!feTFO0P*wCCm zGV!dS;Rg4bJEa*W&xVOVh%+9|R^&`_`0~c%=i?!`PtN`g@%euYgtKdXkXhv4oJG`k zm`}h_wyhvaSkf>T1Bfks`@du}Q3mGuyjKmKISNuowTXKJQD^DV=|ZWNL)+dg(UBGq zCD)dxxv32RPFMCL>Uv@2;%0AhKs>c%2pzT8h#LP9&L8gsD7v^#0h;Nk->WwOy|3DG zQR<2kpOjPV2H&d+e?g&QMu7ylRrClJ5g{;o=*++x4P|?Mj?SEGDbZ;-%KRn@U|{Ge z!4QNG@@wL!U9K+Q^M8A6??GYj!8(4SavPxUsDBTGe%a3NNgskbfi(sG6p4jr4h}#w z!9aL`aJ+uAnl^4P+l~zYR&U4f1zkV9Soc)f62Ry-&)OT893&*nlYd1!y}$a#3;8~z zR{k;9@1VRSGh}tL=RofUc4HhQjw4`14}NQuu(0z=J*mI{QkvwQS{Kv3lR0nkA(!0wWzAoKl;=Rqd@&N$;~==jS*Wx;bB9PtHz!E z-PyFrkNo_O?4FKc*a)SEVIUe4bL;jW#o>{Bg`6m8r2_DIIUHm52}p*YIwQf1Pi2+} z2=zU}QPml=y8qi(nf)$;1uqsF)vy6?ubFI5QSE_)nFUE$z%Umr7$KUK-_fYPwnSZ0 zav@5f)cj?F_&Rbz&ElCaHUly3pUjE&@iP!~2OQx=k9;RC=x9VNHc>|QOH}-7*uVVS zKP=A&8&2RUP4#<_+sx~S?;|91m*SYIuRbuh*}GAH90Z_ReIOzROIUUZg0RIX^yKZ{ z75|QTXFT_8_Qfx|4OU%*82~$LzQ)XoRKG3JZ&ph@Evj7ranTs4fRoM0APpg4xGOI{ z)j{0~s$2&m8ysk_mh6A>@T_`>Am^8tWHhUpx7s9!%9`L{`P}fnvbaw$jBo7z0tIRz z>Ss>@fhrCnoM)aw5KFQpB%S;+{7Q|t#DuPpW2U567NbF*WpG^uHxLe_)`l33e3>lO?JqIV@)sKSnaj<6`nuFEUBuo6$;*? z@pvYT*?jeAN1Ja)7OzZ#apa?A{BMgF_3|vZcVQ<)lXYlu>cFO=Tm)cK=WZet*BQEO z@DWU12c;5RlzN`ccn|{z89Z33TyrzIWeCF5;$a9BW^sO2QpDc3-VxL*FQK6Q^aGaz z^Lz+RBH($s^uViBeIZLDX#*$plGPUy=q9(XYPtip6M(qoC$vKDgRc!ov}1zf&ZsPq z4u@XHHsKIE`pScIZCuB{Uq4+Ba=4FVqv>`nuM5H>qAtyJy8)Z8L1Ssu z-NLJezC!5|u7do*!s2>{C*oP|3xHVXPrSry6KWU zuW%nZkr$`+oQ9&y(%$3cFe@({0qK-=dQZ4afEeO~bG9)ME_^D#76seYfX5(|zwwV| zT|4`X^=lqja(MRN4|FgBY$Kx8Odrgv%_HF$w9$%%>xz-E-^aZ6O=W*0IV?)7Vc!gF zO1>suQd$F=c8Ca)oD?>2`{bzYyH5Pt_aHd34QOMOSB@jQM zIxXCuk;d7Y)Y;B2lsfK}N5ddvV^IR3S^deg?_F_jf7E@0?$lM=@lrXI$JNhV1ROW` zz{nYe??vdmMn!z=pFKhN?Gi!TrU%%!R;iUC_&OWd0z=+>QOse!7XggYhaFas5(L<$ z->Xv2Q5SEXzZw0~j9Ztew|tDrAZ}^BT4efAYQW?F4Xcf!~e@mzN2@{X}pQ z!J!S(8JiRy1bV`2n0)zd8w)oW!h14e_;nS{L^ENGIop`{?OSrx~5_L;ChOifX0YR5Dn|u-#^TcFU86cqn zvho`6cfA%B3#C!Q&_yX6!rWHTJfl-=%Z$-X$b3O2;XFiDkJ9%5k`%g#wY!lI1EG~r zkqEIgNv8l?;K!gsXHoVn<-b~{hnB8y_v|pXTv@aWZh_rbQQ)PsY$51p%gkAx8*W-xqo?VYTk0?>r_M+| z%=a_c@5B={BLIHGClwwX{7weqRb zzcHXL5x9DO!X2n~&g|CSBG0?uUx*gyr4h;dTt%zpOo!k|-%O|TUk)Cxa~(A&p&JL2 zYTwLLyC5yAq&!a@6OJm^bZSh5-f-fK^+DGl2|r_Y;b=fYZw!?tefSie*{^OviGTIa<0&!!Gt0s-}J14{aRfCG+dGyIy3Q^~vy%|TOQPM&hwJi3oh zYF8{?i_csLO;SI^^MN2t$o(23lXu>rA$us1PK%V@R04o&Q|Nl-bJf4N!8P02NK%1c z4QSB!#r{eE5w3?EU#;k=<-#RGdAT3)(6##aZ@4so$cLLHZsynARbI`UL*YOGLyZ%F-lUqj=b`4 zTg~a#=NRsL-OM@DR#?g*V0od>m%e`)A|Q2Ti0apN&=Zn)5Pa3F*8qU3&}u67S1U<6 z9fNYj^qZZe?`o>9hF@tP%!P|iNIyJrdX#zboIH6S=qf_3XH9p}_%>C>XmJ*d(1gsV zYRAS7x7edHCy9g9R0) z0uKKx=A)qM>wjWlg15V_pAsRwMqpzimi4rz-9*>CXV?aS|9C)})-(iQj|kkWXdU3N z`fs*6ryy{!hjJrYB=4|t zu!64rZ9%ZtAsJ8lZAn1PEv3zf!cG*`jbb&9&a2TyMw$3{mFek!S_;)F8VL01uUGsx zwfO(?c~Aw}|E>xGQ1cQ}dln7zUrq%C%6kQnoyo550(4zLzANTJg@{CAZ~2L3Vb zM}o?JE9*pX5t_VIfrs^qw65@i~r?YvY`-{Vv9mb1{7*NvZ`bHJt< zIaYe6U3zgf+UF!~Mszc@5+do&>rN7tGD#iDzf$p9Is9qBF_PZ5_us-irr%^pkbg#| zP2bGg_t}NIi!Zg%$oyd+qNlfH{a-XLX+DZXhgJU}upI zFVDw~Nn+7pQ;}gRNqR#0p+;h=ZPA5iSf7SC9DY2%k-oH?A9izRf5cfp@a}Egh#%ec zRbmN>{7{PZwPSoGaNpqyU%i9#S(2nv^Etu)c_I95IMdQqaP_HQg8|wHW(HF?7orng2GA^!>DyoK3fI(Z}J3FZ(FN9qv?Z-3B=#V0eI6*T0l@Z zw)tGLi$Sa9^NWs)^dEOzE0B4{Yoe!~eWWnVRo_Bk8>K)+!!hM)k$$|tA?izk5$?dS z*Qr?IyvY+)VMQ+>dLvU|5_d9RSQ^|l5{J_z%)XEWmuIh-v4C`aWvD)2-TSxf6wAXU zzJ-?*i)V8YxV~6b5DX7Z2kg0H5G#K}zOfMs_Fm^1khJj5oM*j6E5o`JGaqecm}m^6 z*p?dXKNELuns2Cuuy|;68z+3}k4*~SM?P~Fml*@Q^^7&)iA;Mh@zeh>H2;3bU|Q*C zW}DT4<2oELoru4N^IX4L%>JV{)QE8eeYxeIi2oH0z`a;N#D9~xCj2JKfBYs8D&hCR zKWvD*BpR`!{#TP5IGzYrFrTJOIH{!K)>s^&hL%$9V>3yNP}E_5;X|Mq56I7JX9_n* zkT-6-K9zZ$ydRm0(~DPcd?N_+wWFc$d8~{TZzxMm@6czdca!pIdyUeM&7>anC;=F> zsK@hX2v+0-NE*vGaJCYAbhP-cJERk@&#Y#v{633%BK18}{Iqw={aPN07Jc=@*~&QS zT?B*LfpnOM9?f@$Ckg2-@S-{5E5Kd|;PqF=9-@HL$ZCHJ8Rf-CQGl|{@^T~fv}EEu z+psJbaGv)~T7c1P*F_NPziP?Yh=G}{^qD2;8G$lbhI+Q;*>bf2wK+-pUO5Q9P{IBQ z^U0RDH&#w3N^~kfK?lWFuYIv_^fXi7V&UMs6w)XT1(59L2*YPhN~o!z%AR!-;H6cY zhk*}UdaB%IrsiA>UmXatL{O+-Ho_Z3hrc9$2p0Q)^YPazC*EKroIBDspr|f;KOO+g zY)M%ydmX+SXjz_PG=N)E<&T4??G`IAOluWb80=ZV$OrvjYe>+C$I$eD(n2}Gtg?Hb zP6;~;_IVzNca*#89pBH7;$9xfBYoNxk>qJo7oQB@>pW;OzBvN?QguTH(^Zn_^p9%d z`%lb1`#y^r&OwY^bIcrT3nAJbi7P6;zAY)zrMGmMST#pV|H-r5q2=sqMaGfHM(QI% zan>uV#78pa<&65)EYe;_JmoO|S!S2ALz-+36XJTIFUD%7wH$UGS!IhjPb42n2L88@!u1ttHO#fv%%r)rlL2P!4=6&AK?Jmb3@}Gv5nYZpLbKi?kVmOZd$R_(? zucZBH3pf7@@(z7#{z;y9W4)rbKLYNR;2u6LmtSmmTafJ#n$ai?ds{)} zAhXv}(yPzXWn=X@j5-pYK5Z}qdCpzd3kwXxqm7nGNCMJeKx@JjpJ^-6 z8c9X>At23>*7rEJT9pKfC%HfaOPGF1*!F3R+rm2Pt9IkuaKp96&qj4}(F&F6O^)>) zj~mfxDG>tf)+Y$@Tz=Odbw5Wz0^#;|)1eG^!_%#bq}}&V{MXN%5Xf|_>6nCXNeS%o zrWvwT0x^IvQd2qECjWdi8>`UPZm-cR1BE>i!U&|qUNr9&%VgS~3Efl=5c2MY;k3^M z=xcYq+RsueV%0io(sC0}$dVZHDaN3Ua07Yu<4ZeDcu9ipCkFwDd+oD*@ehW&KM1zD zfy`4L;{=EI4^F?A_Ixl-G?f!RRJs3pTk{uWBT@KtL<0AL!R{SW?PFT~ZdCT%#8hCs z?wdX;>vx~XKA%|Mi!$nr3bxxQjxl(--y!Ff*QU?3DH}-0#CUToDW(!~aVNT$iHLgl z9Tns4ySmzq4rgH^8jWP}&0-D1(xb}|D4iz-EI+0IjnJr#waR%(pW5jGt7~#;XcJ1qM)c!-6j-X1V4CRjrzU z%WQDprTY(IS5Ac?3Hv$NGW;{qy*{)nnBv@TjUbvC}qhuQ+u8Qoh4PP#+*?fnK zy_Xj`(YAr4VWJ&(?kTEJ@GwC!ywW*+2%Lb5Ru=8k57l1lbF?XujV$KjPC5{0CM2=< zc;lOiDun!@0yaG5W)|`eiWiQn=ivgy9SpV?RML+|r)4uLtUEesrE>kQCr7-x9Mr|Z zucqbvsp@e&mFx)El8vX@#D>|i5kR(oAs2p1Sn&>!+2{PyJ^vWSR#AY0o>me>nQ0&jKjnI(Fkx zB)v#B?CR#0Ut@-BWTkb36p+3Mp6K*{S}~SVqaGLR!rZ3pV!}++#@x*pmy6Iiz-yVV zH81VaCCi^VDzEqu%wF9-byu$Y48GrUduGSqfbyV2-eYizMJ{Y4zann(Va2RR%?Rb| zDZM66RFl;NkiuD({Vv1qx2hGvED{WCONheMfkK3oT~uf$oI%_==kfa&M`-z>CIei- zCocty@|^^+blj2vc39(%2Ac-G_=9ss3(|7DNeD|Le_zr0{fFaY0#U^UmO!Yf zsj0~bWXUv`ZYf1=Ev5d5kq1Y*{oIDT>KzR~!3 z$oVa^(&v8PNDPznJgg^KC(2v7Rw{VEG4D+^R3)!oi)Z9E(G9;(K|vvdkID`U`mXYR zx18jCOrUME09CyGku3>D{G?T>zRR;I2er-yb#~k^xs)1%ItU6#JA+k$%=n%dT^d&C48{fnC2~ z*Sr!_)wl|sj8TcrPlpc^4#nSEHt@mgNWal5typz^txuI5#yC6*Re22VNckaIZs{1H zEz>F7)a2|Jxj;eQ3UHhP5c3}Y+g4;2)|x8esHTr>OSax(l~UEXbYK5YJw1u)& z0IHes-NVjXI9-3Z5J6WO9T1c6CF9{U0)inhwUGg3A89r8v4&nJdz8$Tko&!yx2-?Kc|6Z?0A$+k(^Q3sWsQka;t8NQ zaMU_`i}@ThhD2hZ;x@J*`}cm;AHw3h;ge~Z-uO1#oA%%z^=8~iX(b(WN$qt>X)f3O zSmf>!GZK^-Q~?nFD}W0QgM*xMwf%`ckJ0x55R(_-N8aawN3C2E=v<>mz82B#UyFxt z%Urf9T9cjMmaKckpt|sRNbWxWw2hCurr!)DF)Fw=1JCq4VL}K4(BGQe&)~1?fIJWo za2(eQ81^du@#QoQVD-OgCxf)C*(ujq_Z6U)@YFtu6}s0>|LiyyI|T2YyDXY@|@QxHgOYQ?O?)YMdeuIISaR9BCiq=g0{2E#Gn#&3>E&b~^r z{<_6C>$G56(!)3TU2!nt%_J?4g^487ZQgj zo|BSd5Sm^@<sml9O4%Ol>gWB-8? z!>%CUG>+AXB%L)g1p$j$BS5cNoTJCMY@JzK_H`DYm%(_UkR6FhAKPA6jg$aVu5? zu&n`b}5|(RXl2m`1ov})z<_UhjL|Gzy1(N-Bbn5+At?tQQflW=loDEU6oJs z?xo5JaB76+mju+)+E7{LAtIj|TXB6p5+qfXIkdq%RHlID{mk_IdlHUE%SWT26fdYU zFv!N5zWA9$R}wV-1b#u*y-;cv;{{$5-5vHCE8Wmaqvw#tv%Tp-sSi6Z_)O}#l3 z#~2l+M>X98Hj0bVfuluY{lg!4td!&%xevR$w2w+UG7T4Zls=<41zF6sUB82dt@boy z1oIN0@YT-Rd9|%-w)mhjaH+B6hK`2ylz~^smkEvjeZZku7+XbBBoIESnT2zS)OIc? zC!O3RB0phj_l;$)6lQL0MM{EG+RWV2lYByE<1y({&YEs^OIhr>gcmA7DApuoCBExjuKAzQqM?Qi;?IrZ{of9f5)BRDBwAvaj z=^g-%Tfy2mnza6jbBlfaOd702^1J&~%4UOk~ zUg_D;OW;Vy6f#^Kw?W?*V-7q}IZ`=c&f~&=)~HfHS|p?T`G~r)Pbw!ucT+J1dDfCT zbRl2EDD*nL1-joPSvjlK+1&T>*MpR;63BPDpRnk#F7i{YV2#6g500&q*l=IK&L>un zp}t+LeYOTUY%elvdZ zf=sPa#Pp$sghtaL_N%mU{v>^i+Y7YkB*x=`bROlOXamu)_NhJiEN)%e#w)E$l~0XU zaKEgY)+j}ddLXH5XgP^&>pO`-dxGo{Bj=7aWOP5VjSynE@YTvYvMDwZ3V1IqK(s{Z zY>5fFThT@3elTE%LtBl!>Wm)ELM%jF%IneS|0dr$ns>aUXfSlqPpZqpGw?B$G(&BI z;rQyaMLg5tH~E1yavH0P5;I)|UyXYi(ZTsGu?)@3CiV#2*Se~+4x<7IJs@-%d*c`2P? zF+NKC;J!+Ee3MGKO4hRn0ioBhn7Uhg#<@>%kmh+3v)nAz(L?XPAF9-=bD})8+PszB zXCd#xhJ#;VJV({C={H`&`ISpAt#K-=$d<^1uhDQt#A}(2U0x($+0r*D-;E%N78~#9 zEp}2+w8zJtXdC1k6sQZ_9-k6^Uej=w6l$K>>OC)#Xo}=sihbDTRoo;2WnMtNJceB! zUpS1auhtp^#t77Yw(0uX^CNHhW{hBg2?D0VL)4t+2GMzLU{BMqC|{8)^LS(tkqdP! zZBmVY(Nu8-Zk@y6TiD6Swx%vmKT>h)W5Eh|IPc5Y z3gg94aR2oKLXU*sh?BeVq)x8NU%~T>*32E;7-J1@W>Hch1vVYT%7VtDLO#uI&OlDr zPR_;ixYF`r-Qz|7Rt!21a%R3-AO9fUXD$=E9r<7CgjWd5jgNyAtUbC=VTeJGSha30%Vn~{S+~Cy8_6JH8C=|(f;9+=_z@|54+xPJ;*ju zos6ZOeg>3K6iJ64Oa-N~r&(0kttHN0zQFc}F|V;+_fk=BA2Bo+Ta{cP=c_iclCg@vS+jr*KN zL{5l$>!JT9?ih8!Jv~ENzg{HuS6u|VAIxX0d#gTmpq|hT%AQyzbCj5~!*wP>z=?abC7~|ipTfptWMj@}OP=_^ zwOUMFH~V_DM%1BWW3Z-^ZI`^0~{nYj&jUJBCN^Hb@-a2{)wshpll;J*s+76w1WyMd=ujCcT4FR9dJJ5drBS zMXK};Lg<8!^dg~m0tlg>9pCReXsy=R>BgE9EAv-e(W&o$RvbI#{^dKe?$<=Yx1 zp5HXtIa)fvXHot9h&0XNLQQ(e`zX!iJ}dqT85|mat}c>xsPg$yPfv>&guF((Z6L{b z*<6OIekt3_v@Gv4y0!TW*~<6UW(5-Z3xhrozuc>a$qmtrN2JZ@(CF|5k$ACGcKvY$ zf>=uaB8^4IU;ES<&bBQ4?Ha-vV-#KTD8VS=ri(8L@$=3{zp z2I1^^%erC#^W&BFD^*>doe`JtCB}K^qKOU?C}{`hx9NWoPAU38FZq7_p*|Z=OVO}H z^zu(vl?eEEKGxp;o1dNtQG6$a;%9qTh7 zfG1$l84Atx7g<$$*FG)idd?$}H~YS48dllTCYn`+JUbo0>k2=bDl1=7V$Q9UNZ$|U zEb_S4Jq78x&UPF7pzu~|fj7*59}!I~L4)O{3E(KSDmUl2w)%R7<-=cexLTAFTN_N@ z3Y^D{rkpjG*-xM{c9GGpH0NT(Ow2q*A9N4KpXwOilHs({-3 zmMj``^)N!lJZ5r_n-eCCFLoJR%u4p2_%K!^#%@33M=ep+4na|z`As94C3saI4ozN{$DuJbe9Ga<<5+{(q2+?|Qu z)Qe9OP%Dnt0}8mdC^@8n{^A8Rci0W%-` zihL4&%NZ>!=u+hPegn31TL?DBvP054fMV~hj2N)ApGiH*xRR9}kT)9FpSl z4q#){4UqEkBVSkmGG7mX(DP+Z>o3X6@n$OB#hOTnGKgK;E2lQsg2*-XfdV}3mr8t( z)Du14aq)GL?;nUpMnY>djuo>*gtZ`X9Q^xwtK_*!*Oz!*qFkEMx9%$(5etVpQW5^W zFUA69A)hGNj|IIO!yBFwnOYJTJ$OXLWJx7EJ-QAF_mP>A{nF8Y#Y_5?e?;{yg&iju z{9=+ICMgQNe&={gJ@rebB{T*~MRJdk%|0>%2spBRRvw#g$c>6pG;ucm=z(N1g|>1+ ziPbV|HJ6kwGplRK6(i=-xfx;GIb|_sCxLDZ$I3=3pbhFE(lw^8 z_yv`0cSC~VbS+J-y}J{3Nlz3=9ttrn<>}$VjrH1wqYran%C}1kV5d;JoX;*ga z&{|ykxbiW|AVTtfyoG5s%oxq80eG&t4_myRHiZ-Gc;ys%q9b3<7(&>dg^-(m1WkSK zK^~3?hn`p6RI9h$HhfD#`h*@~;gNv^zdLpaykMC1t&X)+fVbXM413!nH@@_R(e#<= z1A1}M`%0btw&dTS(Ijl+KwvX$n*XkD)s4?7I9hyVI;u8w#aDkf<@+|p7br3o0 zM^Ig+Uu56yN)8RwN2Y-#LsHg0 z_B*kJ-&Hq)6X{0Pn0MQTCr9#`fTt=PG0eWtO8uND`cYe9lL7t#cH92FyNy0UY$&m8 z3ngb0yBd5PgCI4QL9!WLd=>5~!8vn0I%c*=)Wfv-B+)?`@^3#&7NVaW@#k2QqdziBLZ?Cq$2;O+>G z|C0l0)K-J1Rm`d)cS6>0NLF41;6xjlZyHNF&r3&NQCQsi%?Df>Olw%Hs%D(uNWr0` z3H$O9v@=SK%S51qKo_sda2(DIMvbc?rQ87fo0jy^km8CF<nfW@iWL_nt>{R+W=SY_C;VPswoID$EtqDYd+cO9t zZ(Noh`v|_DKoSq@axko=q@bF9Ijl5x-t)BQ5A73ZnY|_eLv^6t0H4zu62cHA4-NqP zrJbT|-o|#(9=x&E;%Q7TtBmX-Tsws=YqnvN#u|MOkNis4ZSsk0DSm#SL|hBHIf6LN z414#N*)`Pky1AG+M3k>)_msvYP$x*CecbTLkvIHrpWSKv_3`-LWiY~j+tRh=Roxa% zH^Kd>%!;1ysPEZ<)WjGdGZj4a0YvbaoXqyNuvY?|m&hNhkbC7*OAGIY^-- zYeLq*UnmJF4YZOEC|)g)X9WDgySXO&CS>2cEl_=%SD{E|s35;4-zNW^j#zZPyg|*t z9eZSko^e~-q#7VEWFm*j-weNB>h<@-yI@DOJ8DjM>90?18mw=h_n zB*83aI<_z}W&_?-3<{9%e9Sl7uO>xhIgq$29>h=suHoi^apF+l=a}wLV}dS%&p7N> zU6{IRA)}qBZvi)MtHQ|(iPgvKqN(O>!5x2%oF+?m>^Tf%qI7od5L*T|v8rYNNKKYl z^m3Kr5vz;o%b>Wj)>(@s&ypHKtlH5|UsP6Ydv~t^%Bk%O4=b9z-pEt}l%(gLf4{t6 zr;@zw!Foy9(KEK^t*2|P_}Cz*ou1OqTJIT=kPC@y9=-0k3mD5t&xglB0E^}^ER52f z=^FY(v?P?>bpT!Z3N|Lo?iwNgYMc_lrvHN4hSy$&!OtmYF}%kzJB&9VM)~)8hJ09L zUH=*~WLC1wB%_#Qn(;K7C5`p&ga^;XQw*0nLo~83FILC`&^#>5*Uu+Ip5-O4YVrqt zI2%VVy35_qh3NTM7EmmTj$f@)|JU%&{z~7sAct6niAwGiPgX*L!uB<0URe`_U@Y+T zk3hApoWWrOHx;p$JyQbS9>yK0P$&|<wcFvV+8DS+xQ`$WRD#?6I%u8P2qxsWuX8uz>Dq2@z+!i6PxvrMA@=f;chL$KfN;@ z=?nBUJ5)tolJ-Sq&`rbnFCOwVzpDJwhn5$mml$K~*g{i(Qbta*2y>$)ACuU>a27M3 z*fhM8s4=_zv;JP$Jx}lK*z*2k%Ff>ey;0TB+Q3bpX@VDP-p^8?@0Mqdhq(e@ZDm>8 zW%4P>7BN|$KLkZX=|av`2-_^jxtO;5#tZ9X3B26z=~wL;gkigbiu)j}i2hzyUhh}_ zj}x$y2MgossmiZ*)Qn5x89pmS-S=V>`$8vGxrQ8;nhQ<#JywxMSNvu3h%>ms`9ThX z*S}8)3A(NQ!;lS0FQoSt#)jm97GAVPL_dpmxjIZ;v8MgN$GPhwQ)m#q&!5%NBU&A` z*H6$-hPGj#5(VoZ6k^SY$rz|bH}N~7@$F~Zf3~>zA6WU4_Dvr=5G}{f7cCNgO$Q^Y z$z;iHn|RF7Jym9hacDmt{98{f8MhHJ{F+ke9X(xy0*Mfele$XLAWz3U%zz30?YDCO zIH~%bLZMS<$2(UuZp6ehAZW#^tip(wE|5Uk$DcDhn1`)tQnm630S!SwB5rp8_9C7+6v1J+Wg zk2G%!baGr#|D00ci1Ubz_R_Lt5tmXrZ@9Jyh6Ug+&^=H%0-02vMrUyh?h9&0(yCu9 z)#>djL<#QD%6Ysol(S-N4`$k^b!QxPm>Y7*ylrN6@29lzP4HcXZ#!LWI-Q!fZo-0Q zZT=n>S9&>+0ftp55wSA&5@%HQu*v&v0hD{M3Nhk&#J;p@d{UBHruJw0zmzd=i4b<; zMES$MH!;4fcy5lzDV7>@X z`7#BAaft>@_bX?Y2k+N@f9OcfoE)@h3p%F!ro^(SvOTFntX}j&?duR%M0AB$F9$Ep zI3TTsdVgPmgnB&Ph2Hx<8(fk^;YdPsGwd{gb+pTVzR|bQ$vBFCYueI`zKI)}1gs3V zVGZT_sd{VhcT^Y^H4TwnHHbL!gp!`IEa`KywO#N&=1^Q+zmEl_%o#zrRLGj5^N`?sZ3iTMbZzcJ zBAFE-Q)m4IOMO-s!3d9#P{yv@H^M387T}+R`4a|~(fY&BEvetc3=Ovp9wHx=d-jX- zE6tG{K~z{{KjtmGtuHUo8K7sfF)6%*j8=~ z%*TYD;w#ARr?A-D3*zjs{js;u#1j``?FX>8mTcU-CtgwMSX$U|aHz@Sjr&bqF)!n5 z!@EfX?a5q%;0#d~*bH-Le}XX!Ig3o=mn0I6w`a!{k7mG8J`(E#LIq-I3Tv7}Ewt3yol8xDVizb>O z{UMoL%O_n00(L;iBHQ!t62JLjhKZn&G5-FML{=d3)1yaXRqcCKvK_cvT$=P|c%=D@ zt49@bj+v?@)T4VL(yM+N(dFTY=WlLp{51Kt65?W9vq>AW!K!KTbFq`mQ`*sTI&$p1 zGJJaXDIH9x1)Wt@J}+GlwOLc zo>=ILp2x4Z#}b`9fipG*5P7yx@gi2IDtQr7#CQ3Et58Vd2mYgIn zsxQf{VIo-5_8I>OT4-Uv`pqZq_*}?Wv>^eK( zC|82d<~ECXlH@HHbeZfTgRZ$NxTvg;f{$$G1CXNOt=cumK4aSbUsdimMRVI6k#o0VDH@l}%1$#vS0H6q95 z0{_Ux;QG|7huO*nYOGGo6fv2PHa~dLSZPe*cP*Ayu4HuqFhv<6QAxFTdVd_9-z8sb zpDbCzUVNx>Q*I00>U@x@@8p%&!GqNcaU>Pb(55K0WDA>2&~NYOSp;h|96sn`D7g*P zgtQ(;`5Vd>$txJ~lIl(SaqtysPAfXhOwwkXI2ulZEiYZtdC3^=R-=yXPs0ykGsZrt zlNF@|l=%rvlYb;;TbwHTMSCJ$3bW$&(DyCwleCW2>9992)B+KY<`q;;SQPx;45(V3 z4{E+0iOVe>Etq6h>}lU4FLQ1WQ2S0e{73$W2V1`@E(zfQQX`ly<+g-djrG(^jL9C= za2xj`M70e{P!oz%UXodPOg$HLr0c@`t~~$p5Ge-EK%<<*aBhl^emR~r%|}V_625yT zT{Zt|P%9V9*N*HE)cf#+u+9)V)kP+DH5wrZ%EPV;ds8T_O^O#I8QifNEpOl>7O~SN zoh)HxWxcQ@-F3R;PU{R$(!xte`qO_U6Y?{XaPoZ8_4()_f3+vMTv%Uz2QxX zh7fYs+ld#*IJZl5*U^|QL0%gSz-yi8uiDkKhuW{mTjbkG@hL;^WjV?JXw0bJWX2us zzGu#_T1QtsCg%us8c-AQ0=wF}hpYtGVyy8r2V$jny8m(>O-_757S1=ij@nr+(C^P} z^R`cRf3}_+dL<-?+W!^x>pk4c8gGlP>}Jph7+#bN+KL>1tJ?m8wmOg@hq45@W-W+C z9kaZk{*}*6Y*V-LL6B5grz~J|$_>ocrLsfG3rc+cLiS>hrsy+TY={(V>H_J|vy$6w zyGocXY2qKtBJy@}_$ARMVM9tf@HA>rK79=!`wb?)Bo?!_H6J~GQmGtzclx9<8{F7U zlS>Lss5()Eya{vrlgqGEDhb{5$jIR@wt!=@{qQhO+}Rf3$0~u+3ix0rloFxxnlQbH zB{_2mB?I`0IG!rwwOTX?o^C0IvJGFdt|Z?eRHqq#o&>IDUUb0!!oI-Ga21Ado|0V> zT$So06vL)X+oZf4F|Tqe{nMuYjhtgu4g6A$v7o0TAQ#~-@;THx0uP)O*E@??|1p|D zgFBhsnC`56O3tAw_avE1*kzq^^o1ZLr-)!zaFU|9yNAX4(7@h`Z7SU}=TmyOi>*0{ zI(#}cBIsOVPY@Uke$=Kd^@;;(JNEry%3o9>JepXA4)h5Ln2<8svs>U?I1Uf?q~n~; zKT$e3EZd%UZZV%3ToGO#RpxKxcd_=)mi#7+TZl9MWi>l96)4XP_TWAZ=0#>!#%FkX zSI2sf%!W}sQ1233*wKaaTqpr~qko6VraM6)UaHy0)pUZ#Dz!31%(7SNAZp0R&M5ln zg=o~bFFxC;T}7y0nU@2jH*Pzig+~hxuAfbW{o(s*acAHA{V9Zyg(Cy~$J-TXqEL6e zDi&nnrE-!3DmEONyh*ZIcWE(8gD(f{a0Usl&m>it5otF3cHf$$t-bY2CaK1|WJib% zDntHQkN|k%w&I&{l#=yP2D{qLKfMM~v>vqh0qqEKiLzcUFW}yU{3%UeP2LXkUwuP} z4~k4>;c^F?!P?T}Gjy?qg8qP?TSd71yu z+n|I*?knvDE!t#~9BSMYbQA6nGe`{f|CVh?lC&jK-p_cTL2P>cijouRORU}V8vjXj z0Hh$;`ynlGaL_uJr(a|PgsnBA2#j`x?eJK3yN91x!bMvsff4!|RK3y1bh9C-TCg1g z5i`y$bAuDLJ{U9_5O+Cr=Wf2f+!K&(Jedy|!&J{W88@CZ?ePKsG~l{V(yy<87N}b6 zy0V-RBS4GZ5zd)r;I~L@&eeReB0z(qjgP>c%YA?z%M01ye1@|xl}y{DFV&)l3hgNH z)XIJYfxUc``VjNL0mbbP=Z&YrN56m3WZyb8G3;nxuUWU4Ar6TvagCk0Yc@u-#<&Jr zV{!hGp`p_63UCl_pCBz?*T+5#CfD`FE`~)q`)?U{02)r_eiut10okKWvIh-;e{Ofo z*12DvAn!?`2Klh3gMssdB0j50Hq_=W6QdOal7-?xr*I^$3C9c&N7KOIwD=#>0RfGMNjkbK8Yd`2z5i zTEJx?d?{*FQy}Jgb}izrGUH;YexfG8pzetQ8fn2d zH=Ut}!JfzPa0aW&WUwoBotLzjqt!C}L$Jnr8<39;N7P^I25esp?Ud2lf6D#|83?2w z>|%6RD+5}2XmD*{oD4lC58LYO$BYZ4?m?j-J)a*(~#Wwj(+Sk#hzfI!|TbIgL#1x*7{|ao8v=T5wr!sPKI#a17rt*^|G*IzD zb`>RY)9V&Tf7-p}BDm$!_MP%Xy0s^1*IH&~w*dQXZkaS@^Ud|Pc^Y`|ZKAOgVSNMmI?i1Xe0c1_!AV_La-2FZ$9~Va;$@zzZ zhq+=J5Uq-6I+*BQkMD?OZ`?JU&*yqN(j*Q2yxdq* zr-H!VU{@f15m*p4cdYt-;kjiv`1S?nxTdAazy}4Hzo=VAM>g>T=zvRE2s}pO%vO$P z9Va-10o2Z`QHEx0`eExn+STSFOv$+&l%pgU{WfN) zjg)4(^HLTcVXtZ5{G4U;*X87_GykQc0|&p-Y>wx!k87S@CB8Qd(8z4T_MG`>TmVTl z{${}9&q9Bdbun)}9<@YBl}rM*ec4?w=QUF-4k!~|R?MkU*+$>pRf2>+?3HOh!NrGi z&3deQ3ZCEIZAW(A34LuaRTohlL%8B2tpm?Qnx2ULxriA!iG46Z5d|u7g{4wQgjOag zn&AI#rE?U&8dI$d@<7^SGaN%PZAz$rAu$31B6AcHa_~vnTDZPkh+LCiljtBe$F`wY z1On^CtgaS8SDDxb8<|3EL(92Tpp5U_mf1@`G-Y}s?M*6LxkVKa3Fs@++Oa!zoJ51a z<-FhT@Z)(vJ7^Qlt?AoaxitcabU%^xAXs|y)5J7eXMFP;umfHfm(7ZmF|j(}7}$5&&g4bJ9H52P)+=JB0~>*e**x;ZJ$V6wGbeNkZhDCdLzI-PX7`yXco?meurpHs}?)^2dV` znevjp3i2#|7b8l!&g%A%fu|ze{O^MZXngrgOfDL34u&qcb}<2}pC*gZ$#o?uxRytY z1XJ(7R-r$TO7Ha?fC*T;c>NyrwAD0OXh7W3Lg&c@*AqQSUbd)bpPr>IHl+i3Y(KW3 z8ijo?f;1Vq^P-9f91fv{0*w>he3=U*^Fm+13_BFrshMr!JR`WI4q7EBWCbZ+x(5L^Sc4E7~h&{@~no7zomhEyN!nfXg1I(yk)WaRqL&VfVRXk21o0$S0pleyPu zjJA>nd9P+Vp1(s>KhhO=b@VEDKglY$)PKj`EZCA2CJT8JZcm3O=m;fPkSMJS2#GuU zoaW_J&Ezp8KM&4k^mc2Bm5|z9&kM~^vx^f{6>(=BzISh?uF}M!47?>9U9{0Vaoe@PLCP{w6YnOlFzfd@W6^!_ zSk8erm^Ad~;;*4sa;N6p^z6Z|FC(O+X;q1Ve)N~M+sO?IQDBQoZ35q_&Z0u{msJ+E zKV#-DGY_)2xj1=Lcu+qDNgoejHK07Z%y2PhJ3(v6!4TMey6cj|r(HW&D^f5Hz6E;> z)#e(vN*)r=O3S>8O&S7eDNn1DNdEOgNjQ0k(@lMntS%Gh%*TIv{VU(j>6hzLRI;6P z_0yT&)j7;{YEhHtGKDfWR+e#)Q)WXo;Eu*7R&I%IkZT^>DR##2j>g=tEU>A;xvzEG5PLHq%Yth2jH#*b|w<1}+j% zRcsZ?@Bri`xb8gJkyVT5wj`E+6WDd1`?SmwlJ=**Y(ziM9eH*;8p=fKGH#ETZEs7k z3y8T~B{_s{9#rG+GM+vg)c4VQyQ6k1v4Er)f_{wDIaU+*_D&@D^!Ie|(?X<)Vm$a* zxdXuxVsHXPn1{$WcCTJxhg=B}OK{sCJRB@WU6*EwT(N}xbAw$BN~nNp@Y`-%b z>S!AC;c=iE?{rOYSz6MYO1nYt83D;d6dI6I;iBdhZ$pII+@WFJaZURk^MGEOATCVo z)dpSxc@X>@%iM%XYguw2O(UL%wCcXRjaDSsE zKH=iY7;#;oVSD7I35i6GVEZ=gJLv$sa~gMl@?`YdOEKSq$N z|G3i^@hO5#8*+FdObQ1gQPqw@Q^g>uXS1dj2Q87ND=L;rMDd|SY#+Dz3B7aLEJfPO ziJpfd$VHX{+^y*$hV|!kXWDu2i9FU#rfA{bN1Jk+9GhZ7Uq3~UD2;hr$4tW2mF8@% z2~!Q@q@qmqYXvCneo}k~>RV4Ex`|H}mSZozL4xuZ&NnDXMwE?ul-U$}r=L1lIE1sTwiX6nEy%Q^+>yAdUs{U^f+zjg*0T3H-K>k=cih+VprjGBkZ zpooN2;6V(YiNdG_czDncFdeTA)s@Bf2ltt9b+N!#^8- zJu3n;kGhkkux#kSbE+pnQhQ}|wH90AZ*mIM-XHDOzh`-RnLGSk$Gm6y={QH*g}D)m0hWyn}Aoowkp(Pc3md zx1mDCNNxWa`~lsuaC&_Z25cP!|L?#I04t6w4^tRY8LrP;Xq0&k zz_8{z!74BQHUd^Nz{_k_PN_bZ%1#Yc!f-LgHQk>x3mVuOwAvkn5xc?-tFKDgZ5Skt0pYpbs`|92h zwXwtEV<;*E_&V>=Yf*Htj0iP?VbPVpiigaqw{xIkBLz-bRjdtV&=hN4mSdZ9rxi@A zmgt+AF}Tm1IRCpxL$A+8DZ_-PmOj9}?m2=OWOkI5@vnC(k|Yz7Od2AFxf)F)Yuq4N zYx!)5qa7vaZ!M0-j)>&2*+-9<)sme9*Q5fZNGO@ti2A;2^H#PbVrjEi&$dbh0LUiL zTd{vBS+nB}M6cMG^DD=b^p#O6-Yyk%aTy?gu80A;Dt;kISp6$y769ec(}ZA`B>`z? z@>~LU-Gdi~-aChgnh-}5O1Ah!R8p)uOtvVsZ&rEFr%UQ0S_`UDrtWa|5R~vZaQ@AC z!ON!JE@i2&V*bTI6sFk>oo}CgM*HmDPF>zY%<)d87yor1@K=ZFfpq#=1WR!|Ks1nc z6J+p=a(qn^AJey9b{RFZjv>!7n|<148upo{-~)O5ZD+oWEG)K5_J!ZPzE;$)*2GpU z#x0)aU@*90@7->hG6q;_CzKC<$E9ySmMunJNUs|?ar`HkdmkcsJ=2=3TD8g+9>loTi z)2Y*<)BOB+3|@qxdp~v69Ho?zXNlTsNlm3FOP5fa#XYji7ar}xkBuG>g(-Eo$rXP` z|3%k2fH-EnH!)8RTH*H0_*tYhF%kDVNQDI^a*1YiXbGidy9p8|Q^3OmmSbYMeO0t# z8c}15!-CM!eIu+-yQr(oVbb8yDhZq8Bu#EN0L;O24&9%m4kfqNdbS;Oy>PzkeYxb& z_m%HZfC;8V!e#~zsQu6#t-RVoh!Dsn>q<_2`N3p;nuXm-Fp;tQ_ zk1Z&qwF`EsS&1%zJb0PA=p}rAex3eqScAU~#Q`1xkF;7wkLrz`Kw-j+@D;s`S%25A z{K+?ceE#fxbA=qMgH8GmDEm@ZYdw8Dg;QC18Z=^L9&pUqix-evJmfAl7Hx^`xBF5* zuljk+3RVD~U=ce2i~IQXMcpYK5r&iAoz`FQaO6M{LzNE+TF!mng@~Py1GyF>@EZjj zcI>fJBL?c+{c4$fP!fP;TN&%x@(g=un0--Ct=- zk+7sx)+S(4a+(zp6=4z0jg87~9eKtX^YVfVugf!P&&ubG@sH;g?Zk+{;ej^4SHTD| zACm^6klb54kEWl~;z@TtK(uup!8~GRSUc7MfM#Ccff$MJERhgL&Q_{Z?bR82HQDLF zv0dG?0WA8d&A)Niv-HqWF)AC(90j_nNSPR00QB)X0P2Gsbynt@HZbf9h1d}|P-mqz zML8+}Ho&rA?dgd6Y0A*YAhu%ZvFHY+8NQMkjptiw^^^O~bh*`XRR~%cU~?NEuzJS~ z>^gn@zejt$_#JJITP2Uz=@DhFjEy~`*2X8sR>lb{w1$*yLKv3&)DeEn`x~Y?8T#zG4>IE%iyfttPp%gJ^#T#k$Aa zzxFF;tlnf`E-7m@C2ewX$r|H)l=34{ZS)S%th3n37 zHiUQQn0}n;OMisbj)|P|=eVZL)UH+VSX(u}qX|?SVsk$ZY>CAlAeY0Z ztGIKf>yDunT8v~dq!tUPzV_D>sJi9e)gu7I=O*H<76SA~5?f^#8Y5Ti2tvJ=CkOHV zsY$l|e6>q53{FhJmKIH_y=cvR{(QjYB9`~lQ2immh z8wrcjezSMK3t3K}P`Ji`t{1~L1R0YWr1d@pD9CXfXJ;M2fuV`$)kX5H?fj^rFIa?t_+V*-s zk!DrXmSdlQ!Wn_)(~)lLP-=HjPLB3Uq$8^A+Kzq95MsHCT3*{KJ;~~~iW3NHYlnRw z=&za8nXUJ*bKNSp>Hr!7jd1+ixr7tT^r_^Zmi6}Z1;JuBf(PwrUirax6n2KKzK^FkW!4t_ivZnHm4kH< z9PLs|(+c=PMx>T*ka_dV{akWK5fn4@7+4G~+%HN@3}>%@-M+$O&PMihDU*r+LL5vv zRP+b500z%gwh(YGlP7(lIsoi3H39}d|By*jujVnh>C86O z8;0o=k|Y!C&!}F8;`EX)XOOmxTJnZ$ANTZL(8{ZYb`dZNeX@{YPZa*vz)4crbh?_% z$-tUf^g-c5l<*HgP_ekz2Cfe$B>d41>~!8&epBUE4fW!{>LXy`;8uUc`~j)*O*rn; zZN+ekvBYP`ZebsMJw9nqp&-b0^6BT5dA111bSQ)MdP8MS?=cmT@@XPRf7-}C#`TdJ zvl~^rw?lv7CaHKxfSyj#Dn;VtLMxYy(@HKemTbma@X4J{r`0@3=xWO#E{PivyM?c157)Ktl5}Xrlbtr`~~O&RZVki>*=Q z({6oym-bwyRJun%wrWuBC2EGur|%}^JSIx)LAnSRI`nol9*;n1Vf~AE5D`O{Jz77H zq&Nqi{Q-svb~S!#8+W5Tg|Nu6a`1(*9{-tA6Krp&ZuCwE9rQGG~?wl!PaxLy0cm3|9VZpy2=#Y~1 z28fUZ1mfnYUz&RUZZUIdz55b^4%e28+9y;``%7yza&LVQM-Uy{qFxP}OeF&I@ppkTg~w*Y+mtp?F4e&8%Uw;|?teO^;9I>%N6 z_~CSC0p)ev^l;%AADk!mRlaVt;)9OPfCl$1;7nFG7>vPEhu&W$cWmp3?7B3rrp5Rt z+GjKQ{P_?#2Tb4fMKe&5PQXLl23#H(Cog*pnK9o3{OSRLX}GR(vL5t8#lK>BKj)liyP#!85h3 z5vT2JW+k&%o6{o;-aGSRpS*DsLJ!nT|0?r09gW17xS3e3BBBo#eU}F7h|W^?{PI8> z$f5D73A2VtU}I>~ZYN-Tw<^vU`s}GqJWKq->!<5Hf=cYvy}PtYPOc9a<8BDjJp@FX zNiowZEbVjb^i+*I9~xAJReWBgEY>x4M8?Vjw#rwUbd5`-pI!kJ2+~cca-4q(w*6?& zP~r{%KAT}c^*Y@ja32odvp}&$QdTyAL5yTjc8ix;$S5SX;?F+v+HIXB>;glXj%_!m zt5Rf$@?`>GYu8(30sBD{I{@9tOQ6OMs&xU_4W)2p)CGHhkthI(ldMJnY(D3k#jhwNfJqUDES`>HyoOGQf58il~AvI>kS7*vjJtghd zrk9-Jc1$Khb5iZI3yO-LGXkNi$Aj#*wPmLOu74!iDN(M`pQM6lG)%c?{&Ls5bQ)l- z7zFrBnkM)vfcRA5yKDR|eTl{N&elsaUz$!bHdnC6cJysMCA|Q(dWU$>BCk+Le5U?; zjzTKkco-LSPx$@=_QMl!0e*Ivl$u^}P5nxv>tb99>vEFIJn!*J)RL9@8s;sQd-OIp8ok!ThwU^fJ7r)kunFIN-9`zC|#ii=%P( zsT2)mH;UQm&B%cNer8yNRN#fBoCwlJ_T11pAEQD)Du4nQ$|8Ve;<+Rk2|Pf_UQ1QL zxO)2(xAsh4`pzx$)X3>jxaNH%iY6N5d4fuR!K1KiguS*3NhrX=0i3-zw3eamaMc@d zFdhCUb8C;EaNK;&1sN1~UkjB|4`XzLmlAl-StaN@2hPkeza6AD_S^jYoc}ag(D>hg zSZN|(QjZEhoCVGonsqB*jprAqQ)ud{H=S)uM^@V_Gx_WtXC$ZVqFmNo>(eie@;U?p zPM=>-GP<)2kFUh?t8uM9kp%R-FAA4WW-SqD(>=d6%L=iX?OB zmBee_?6(8pAeNYF01!-@6_5e&e7g)d*>ihw3@F>>0{lBe=P+(6$-(dk_k*;VuRd@@ zS9M}hOhnAEwAvk&juYU3I7iYXv&Z6%Z#Z zoOFscyJD2(&W8I<&o6qc4uGftzWejd?}EJAX9o`^%mXj+O8}(3yXjreyu#Tl1*=fV zp>7nz%S;S!d3a`lo(tJ*U`wDU=L04-FR*+5{t$9ki1KDRzw@$D_4YX0_@%k2iBId@ zD~+x;OT^#Ox>@IzOCQAv{aW>r^Gb;CVsu#d9!aj>1-~BF9kHj zudwJu%NUF|n3^%57F6ZlM#xDO)-ZUuHYgyw#nY%6a1i(SWZJ$IKP8}HrljH0wu{O8 zVjNg}jV=kMUQ5()xIxaw90+Yn@2+u(~h1DA&z8=5pS!pLr5NUqkSd@WPsr7;x%ga zm&aQNAbh|49R~Cnou>p;Umnj0Bmv6zSwOV4aaodjo{sZ{k+KJ|h;^$+z{lrwZc0Is8TqDBWn zz&(k78iqWG2lQ+S7C&Lw{)POE-Rp@Fy}0Gz!pm%&1`ZhK`=7thw){W(eK!_|mkXx7 z_u514=?d=c#ia=nUUo!uB6AP{X-{=3o|6Y|=F8M#dPb3uDap1q2du+{T=Bjw= z=(4`%fheub-mxtA>1Yl}js(q@nT*hXL1H8D=ZC8{@^J)^FPlx$uIa#h5=W9d%^XjiJa8o7}7W**DrEGvb)vu)}tD??l z#ZIG-6A7W7oQHmyB#1L$=||g!E;x1EU1|R41BT9)Cx&ZF)70+c=M_mcqd&PtZ+Zxr zx&FA8Yd)BC>nEJ_vN#3xvLk@1BR#(ZDED`uMpQ0lCRVhjS%9Wx_daO#aIHB^%bId^ z0F?VBT>w<$RG{W>hP2#0srX)g;eX+@FxNhE|IHU|U)<~6qmu(>wjBj#d$hZ6d8<8D zT}Tp4V&QN(#HgA?wbQ8`f?zA#4bD`W4A#D7JsaHjD_K5=LZ~A{HD`taMD}%oBk>J7 zFy)VU z%TaDw_1OQOTLWoPz;Zf!wQwI@xJ~kqJLo2A5}rgWQ&B2*v(fP9$6@Z3?k^8ZhQ7n? zL}GXh1gzdXp$%mb#Q0m3e6tg*;D$er-?g(I`2Jz#Kr46dm3gM>@)B8_B?syE5qQ$1 zX8kO$W1Q7WwK^nLY$QPt!7E@@S1Y*R#Ul7o!9iHhK%=fqIE3Cxj~QoYik%3Yo0Et} z-Gq~V>QWxyO$QUbkiJsU=PCK}VZ@11|EF0zAw{UCg~9g`(qr2%*J@|k{@7ut6>}Sf zc))d1G|1Vu?r;B%2<3}PqpwjU2VJena@LLPP|F_d52pXsoKR8W6rhrOq$IS7es{Rn z9lk-xHL0RD_G|5iCb4#6F+6^Z4>*(Dc19|3NAvD$LMTSM=HW0@`u%a(B zPqW`}tW6OfNS8U)$EEX*x=np4cV5vhT~B-`6u!cr3TfY2a`)Y!raVt8_;1?;men&_ zIrsm}cjZShLe%?x3*kN%)wr9tUybm}J4s!y5A7ui*jN}_wyAKb-+#?!G!4%t0@{V? zKM@_ecAc}Q6S8IV%z^FRw_|4DiSfVL-f@s*JOo6AFm)eDh&5v+IsPa!#JkcX@;uK{ zWMmOv&c9QvUAf;=vL>H&{lT+mqV_$o;J?5Be>oHF{_m%h(LdkdqspCNp{qK{LjDjPa)K7(Y*Dr_|qf1KS#B#m|C5! zzsb~JU#2&H|92Iw1Tc6tTDkLoJ^>m_xU`0e0T?iJysPpX&z9M%1OOYfSpN4$tk6!x zBh|mp{$md!|5o(6&6q0#Bi>&F(l_-_-8~#|zA`Kd&~YHYjFNN;LS`@*%B$Dd#>5ok zyd-V9j2!F&C4h5@@cFEmnLptCt~XkveBZJyALAU{|HVCD$)-zpX(@E^gDq^VvXcyN6r6bBT`;``VRTCy-nPXd3SRb1`R0DNGwFuHhTYJPRh6 z%4Y+YD^bsJw`V0@s_44kIp{;jgM00-|DTur*RUj{MkJQ*kM`&{*P-p=Q_lP75`d?$ zC{h2{OuBh}ckg7+jVttX?-=EgI7txV2cDt;=l!oSE^n)>MLk#Je0jPWk*DvrD_~=S zn;UXN+Vm#XHmspeD31T9iQPt7(#FI>vaVO`rF8LU_dwvGxa+z<{^wh(4a9i--wpSF zH;zsl=TG2(uU~Ono|1FVRO|p5^+46VxU(_~3ik%%i&taULtF20 z_A>ltf9A{v;)}oG@wLg%cXL)5t#_xW-aA!^t9F z9u@qzKZJ@s$?-%NCK3P>?`F{Q(F%GjV{bZR@BSYI5FUu@%^<(9(u_@8m%4ACZR$MCh z3^kQFd=Gn8!jvpD^;*TJRXHDK`!|`fj&MsSc;VGOB^p-wj~&g1E>r(v>chvu?dk1I zNlqF2bdfW{3=#9e|7tzQDR7f4gQ)y!|J(J8OGvF$>3?A=jQW$c?% z_UsqlJ|K&5N2eO7@!KDw2g!*sdWMK>*ST*EyqCtbD<{3;@8-rU|NiZcm63M`tm9(8 z`jFVA_e|Y2vM+>)of^8MH8q=hpC+b=RZKh+oKiv@b114@(vtIAxd^f0ruzZdAf*qP zBRhh+i-iY=38n@?DH$8xNs*ZYQ&P`@4>#hzod_9_C(5zg0RI--m6bRM@W zBRrb4HD_cyHzDK2KoD=Vh*J6ehA~)T%82$gayP1&`%i=?cknnWI=lFFKi8MT%_Gkd zU9|Vx$Sr`fp(4|{uR$+Dx!6bH;jBsYNEo%3p3zxEMmL*OYdS)khCxe?@&p5;mgT#r zjpI^TjX^Ejm##C>dPwKjLVF*!t!#{EU{o_q-QU(eO{=wQj?;AaeWSpV)VNI+_!{3Z85PNDSBDH{J%t;E ze>>VdO0hUDg_ln&6G@?I$?#n1tn{e@*~l~s|M=zFRTkASS-J9!EW5wkx>VPWy8A$t zeg;n7ReQ-;tLY3T?@L0C1wxGWwCyTJ*1FK-TK#FLTPB=q^*Hf9?c_UK!&{21BLBgqfPs83BP4O{3X&<`zwVQLM3nH>r{iIEpiG=3 zj4VhCq8j8fe246bxmjwEi)s{u6jP(Ts)l(yI!QYK84W$Kaq4#njZ-xARoD2$YjQ`} z)9{g=j#NK`k>Kw`2A5tVaR@pU`z%8a4tWW#*sgN_elEWarWh3Jd0%pULDchZ#CXk~ z(aRgAR4_3mqjTKY?T*!}W``A?R@$$-nsHaW%_3R0GKT|qz{=2e7Rs@VS|w$*cO|Gw zn}N4x{MLU0f?;l(;hY)#tk`E-yXxD+7cda}sFO-t&EcWazqdvIrbZA8x;kWDo6gW9+A~oW3xO2g_;uw z{oA&u6*vtrs5^YNr z>qw%3+uNTE#YSxLCSfoG#ylG%QOyDH#rJ(T*PwRDJ&yzVln=qoRJt)L0`DFO@@u3$ z{8cq~exFPzE?|-#2G93Y$g$~1LAc$7!Xd<}L8lQfbk}ux)$T!y_-o@Aau#`7WC9)y@BZ7Y)s~QKl^gK!AQt}ih!w#LtLiF znFi}xbbxA0rg|ZHIoV6rln%P%4EgDA30)GtB3&L`;AD=d-5E|Jpb=6c{4Ce!$EC~g zlu}g8^Q~TFi~hcz!M)0=mV66^BpyC)ai}`d>6SdR6a}OtTXm92tFc0r+l~d!)HZ3D z3jIQ%S>3&zDrGpB(WiZo_Myhg!jNfr2 zg_8Mcg}COO`8#nGr(nEpQ1*!}S#Jvu%9MiOUByzgew&6WTca#P@j6AsG{Y=a_b*F7 zGLnZ(+03@}>|lbgW@Lotikqz#x5g_jPVtz1N7KIaMy}h2)Ab#*g3C%74KW|yj_MhK zhpF*hlI>5r%NK!+!i7EU%L-OROhMfgXo6g#NbVcv4vDEtNK$^QiQW*8; zzWSXrH^G#3EHY-;-FcmSpT|*VSJ^Zm)=2g{&g4p7d%2As<}Xdx%Cn0=!%lgHkm@t) z-i^#S;pwxe&+0ioUSBU&DVx?v{LYEPg6~Bd*@ow1&v`wn5h6T)>C?sfn1p3&NiC&JKnCx z`zpPKjGNJ!6+_>3{5H(d*1of}s|=^J!XOX24|KSY8q2Zm%7nLM7AjhGVvhp}tIc!S z0J^UQWR5G@zMa=(UTgH!uBY`y{`FGz@JJD4Mfvc7&RqK&eA4EpwEHc$A~l&Vu}m5_ zhnY~{RT`Xjv)G8cPY~P)Mvlnq3ykkHX4ao6F~CryoJ@9hznURx6K5*-i`E(G-kU<* zi4mkYQf7|tq5F9e=9#iEf&T{xc9%;@#eDAF5gBWuFQ6AMk&xLXApm1HZ1LH zf~1(9A75L;nbw`)WJ-{T0$LsoOnooR7;5Sn9wJW&<%I6X&XcXs{|MIqZgJwHxT zo-JJ6NOGw_ljl)D#3k9D6uV$vI${&bM+qO-`U@7}{^vqL3CRnf=P#m5J@YGfb&A`s zkEw(oZmkp&N7;7|xlBjH^j)`OSV8TdfW^7Y zsWzOdR#VS?xYIe#_wCD;E@WMRd^_-xTkGm#kh>G=`mFevy5*uS`N{o)vLPRf&Z^pj zJb+7kCvFHI&Ehuzn8P;6iZKqCh;34NqrsKK{xqC;LOy5E?7!QjKV~}Wsl{hyVb7pm zwwEW<91wxA?wH~)>|D@WP%)*&CT<<3mzid&qidrnG%Ox3sUE#U-PC=D@5Re^&xc$Wyjqp5 zyXff(ZpBPb{9%Z>qeKW4+4yTnnjp#ZIt6<#wwLmWX6SL{8ULNt)`IkY+wj4Z?$uer!m>8hDuSK4gap96cj%#Z|31~$Wvo4V324v(5 z8E)O78Jt_cX#R^+aY0?6uBp)y<+NLr=LqO}oqpKRRTvjkQfa&yc>zfz)t6rtB^G(T zgf{iUc_YSi=n-ZLDujNLshXU?qAEn3oN2Lfzr@Mnb6*wog}FLKsr~6%k*Hu5LzO7@ z6^HhB71J6=r>=h^jb{9oW>~)EL$*$yb>UKEj=2HmPEK>~{HwEhl4ujK5Vn6nA?xHn zxU&?K77Z<=vu~rAFVrc)kCOy{%A3`yLh10s-mcl497YA4d{)^2!j2Ie6+~Q#Z6O6+ z*Zy*i@!5}Ve3GAgy&1>`rKXsXDx=j0ZZRPLCUfHJ<5D!#&01e14mj%LtIJ-$Nd353 zI{PZ;<(P7=6R%3KNzB|3w$Ml%6d0XxLQ8*1=oAu)FMVoVkYIMN{@a>jci$GiTBlU@ zkVA>pp}xV;H|vLApRme7VOIl5CtBv0E23X^8Vor~DS~mqNEHAHgx-!s8OAWla9=+w$16{0xoo3$)_AnQ&bHkmcHGobhp6gOO*VoK&p@ zp-!4ft$0kIZOWG0)^Tuxk+c8xZZVc+qe6Gu27AuNv!VA*Z5vW(xT{5Z&pxf zm{MaWw%ELkeX6A?z!8C1-NS|@h(qho7{K^(PW-eZ7jS}edx1Y#QYsES|D2O{oXtE?QW>frP*kZU%>1n>4db!H5$i1$Q8AdLhYOs8qdH<1m)3+YmD+6 zm%3;67|DOLuNXx>x5)Q6nY3GH$8I)%qYiTMYJ&sxGBM3K!s&WCD@sxS(Q|9(q-Arr zBvwfRnBTgtXe&>#oG|xs*X_I>50{-!uvnuf$;M9B2-D0NJ@s5cH$LXcbG+<9DJt(k z_h`^Ipf<&ZLGd-Wso<=-b1UJw0W@*gzr88=ghgU}ssq!+j?Z*0a27CQLnY6c-!z1Y zU*;VQAh|9LWMcmi9u5^}NopXt?%ON>$-*7&K%QsOYi?`okE=$WD^3c$0NWztiiX3# zE>WHZAW4h+^A0_`HXo@}-wqdOQy8o}^>-JJ)PvNpNC{ z13(g}<}k7X4Qu9BLMYLKu8;m-h~&I}kRv+&L5aL;70R8c&X#MUQJx^^d5*Z*imU7& z9L1NvoNr1m@Iuk>dL}(lQfm@dxp3)K`zXbUX3gxoTDm3gg3++D->i!VMQp~-%D%xz z98xQJ&w#8~fj?>N4BDb;-W@3v1Oh7sugjj9&orL6@kLK{;*Y{GS;A`B3IBd_Y?o#- zjp$#+#5-SID|&xNUJyoPvla zo-v)%din9$BrV&&ZCT&i$ki$}i$7aWzh();+P;j^V9>QJx3RR7m=-0BQyAyw;LQWWVL2v$xj#T~5#fF#uX#Z*OF{Y`9{Af#q z=3!LrpG~LtIFm|gWGSx+?>?HE?g%KKTsgYg5wm`g(qXQ?{%>oyKcf(@2)z42!OSA+ zPjE~B4j4Nm%KPPFex9ns7v%t8=(p|(=CvxD4}JY~9;htR=tQVQ9iFp4kP3C5@01>f z9qGmZ+KC!5*SY?ZEE}1Ch9P#A-iw%Cy{jabV?8@uG0noyZf)TU+!hWy(VBqp{E?qx z0Mn=1iW_mom%H|vTcsg0|5C8fPse=F@_74p9lk=4vEviDWxOmLZUPp4Fx62iIGw>y z@O{mzgwN=`{#=pE?M4z?iVKfprO31f!=G{yumn~2XH^ZBpR(JlZzQ%mBB1AfnyhW& zi=q?a!g|QvQ@VKcKaz>jDo-wxp(6e&)J1oSO4L9k~56m3WTzR{w*}AXOavV4pvg z$d$aa`xN@Hv1(atwMRiv`bHmmn-?BLyI2hv@SfPC{%NG%pLa6o-SztZ zg71=N?e=vm`r0Q7rbE0tCmTESKLj*~{A>zifjF?Ica$fd68$s;UJ3@_egL^}SSd&z z)~EkcRYbNZiWgqD`_!2cNFvVd=B;pynz4=9lNoE4bJ6}*-}c{s%f)4iph1t@R1?(N z@5?4bnk89XQ-7fT|G~p9TFve7KjFQ!ICHbHQz7$`cUuBPeAQ_@?dALM&ks^9|A2@S z0z3*-osDxNUh+>zYs3RC571H@Ro^Rdu7y7lDjwG&=pD7n!;H~GJ>U#M0wSaW+QTri z#zx|5_s*#~%99`8j}-bdvgr9j==NK9NR6T~RMoas{r4K> zanBM4v{gIx76B-Rs;Ob-I&~)G3Xd~h9R_;y6vHU7jW@#FnBl(fNO;qTS6grt_4(A# zDC%v*tK6NvtDov{gN%7g89uWQl*+`<9JN$OW*G-B6HPOk0F z@X?+gJPEo^HC&Kvvo;Mbx0@b}p^CfO|)@JLu%*qBiu zGQOn$C4{sMuRSW1K(lkZzj+Q?TSf&MGcDaF?-eq(G{6`d!<_S}h5bcMJg~<=dQbcH zn;=W66Fw93`5Blfkt7qxp);I6o!;HU8yP?Pr>XhUH_~oJJ7rx85tXl;_*|v`hpg*Z z-l*OTxEeDtNx&=iB!v5MIymGIR%ByvgVHGM{veq)RWCRl4h)sFTkAoDIZ#Uyl1)!s6-r}Hqv zWP<|*9*o^1KjrH(DJ&rGo1WMd{0Wu%bdl$=DN?tjQi5=oH0hVdh%MBCQG3{}Fuv1R zkK0&kFE;%1=1GV+>_Q_BDf@^)$19iKaD38Jb{~<1HRo$}@!KyegI-c?4gNQM9MvpF z+bT@16YTL9A(P!T!_K)y^7YseLEq z#+;ClQ1m2WS^-&IYJbPD$gp5UvSk*gxcJ;i!@@O=w5ERzv8GTd-|NTF@JoU>#@-8L zu@5aE2Xu^C4~$-0`Bpvp=(dySt3BzX&DP0OmSSx-jg3iuxU%VoJ1dw-;f~#jj+nQx zI^aVu&-3&dEphscQm14oB+J3w7wtyD3wL=cu4XKy~0Pc5iTZ5*-`jVy--l~#M9Jf(AmlTr*GBn+p~sHkzaSb zE(0m56#0CNqj@5CJtqekH2Oyp(;PRyl&bAz z7Q6+KyS}*86X5Md(F~lXA74%)-0y@U#T% z8T+jm&|0NJ46F&+JXzj@8|2-ma{#P|{*|fP*T>{Fc+Cc0I!w!{3zaK}YFvM7Q@XBU zc`ypU7o_}OMyo-R75<#k$1|sA>-f7_etilu6$UOuJI3jhAA? zkqXT5AAi0>;A#}N5mfEKtqqe>3oO`d5*Oh!6g+x9U7|CB+veM}Eg9MHWboZSW5mdz zpTB+Pc7sa^YC z0yj6${ob1wefzAwpIUzxwq>Hg3)Cg?*f_?UxIoT$CbH$ZO|VAZ-4f9wVvr1{gqjD= z5uSJYdWkJ9+gMLIa$?M~V3I_D?p?pfm(= z8l6t=nR?#)6-2bgxRyRJW*Xt5>`Z9@O3C;653xNXGoSZ=OdtW=>a#*_gX&?x&qiO4Z& ze0$XQ_3^m6posnpq$rIb14DI8Uj-F{HZ7JZK1Z!O;Atc;xHN3ImO@u5m3yI-*$A?3`c@Isd zuvO^#;x|^VQn+;O^sBS0-b-grXY4MX58~!O+X=ww&xgR= zbnDdZBEV_D>(B>w5vZEYla#yve0%o3y^%*6m1E-$M5fmDQNWkS&38y)jL*86;i*9q zuQljU375ZE>zEspu9dDc-Z79Ou(@v`SygMHz-Hu!7^`#ju6Mphj1YQeAq)v4rIZc$ z!uQD2stg5AtAC2f<5pweJZK-l+`h|TFUdB#TP)+8*?#&Tig{W2aKN6@Q6uBX=O|h z5G=q^|L76Z3REYKLY#S2r%Z&%e?vB!gCo)mp~etwl(di&IxaNDR@?!f?hrqA3LGqeB^ktli@z$adw9~O5$JQ_j(qjcGEtUM zKbhobY4(c6J(AZvLe{L)<>3M)R6mNIB!*0tyZ1Eg8d=~?*cBdqq;*t=dL`ckBM(2y z{NpD6AfZ?HACamh?4@WA8ABBaPx|L~Qg7$UsDwSE9^u+Jah7i!C*#CZfLEN+V8PXI zJE~`x9a~~9TR*rFi&ef*Pw(|VOO`sTke%ZW)HEUYbdbfnOwGoiU~YY-yAUW#3g}F3 z!P`-hQjPKqrCM`PB7FxQ(>Ce$q!*TA%(US&T zH`i_M!#9o5UVd;@IPO2kU<{w%481UuBT? z@qPG|XY!$L;Xk?fc&W_K0y1j7iLb!uR;J_|Lh+9p4xg{d6vS7&4V(2|iU z@jNGXbw5jaX@VoHtLy2g;Ge?#}AJ;xIO7RS9mLPD_jm3P4vfyR~L6ne$MQ_%@%K_o+ z|CnTs+kwaZ2w?Q)q-Ii}YER;Xh;M-a`=U zc_s1hdge+=G6jK1Vo|pZ5j7M`}`t_$kR$Ifao;(`voD(*59E zqo@xNNBLSdKEp7M{&kj%%Ro{`%P$NPtp8$ts!K@n<_Q70t%8*KFNjtT&7 z%I15bvM)>5wr)+c{8$h4k-@hmZEXtO(m%aF^|6X9h&%Ua1|T>8+qkC(Oo1cC{Wx0+ zO@nJ%^Qp1evO(xq&yDO+bYu5fUXo!V>&Og6LRZMxte!RDvPj%vmy{+Y;Ohggxr7elWH z2+zL`RcsUNY*m&!c6M;G`Iob^(5QmisO!E@@jujB(xyDc4ZBO%gqC0Ty`AB-ne7KH zXhy6#aQ$v!MW15Xe`F4q@9jAgm}9Sbnq4r-ID_^UkP6^1SYZxW!G3{s%kkCUcRHNN zjP#$aZMHW;udIFS_MYjw73d@!W4fNKKnajte%Kcc&HaDmQO(hZ4$YwtxMH(c9}m?x zz1dJq8_K?JB%k5knfW5S)Q~ak%VxcayND^8&kP z+>Qhqsn{1Rp!{FH;KgXc$0ZidU}SM%seSA`&qf@P!|2I0Qdx>PyE>sS10?)A=5db~ zmrAMl{G(ikk0;U^i0%$O|q1K);R349+c_$rb0vyITriKlCj;+GcjSI8Q_sR$_* zk@Cl94ah30-Zv^a$zZ{rbKjdm{&1fY8;Bs{9)Ag|@xKvv(YhBB zh;U}LTof4L8;A;`3&W>NDj*UY+71w!CLgdI-5ydL^($?9URzezfuivU2e`@0D*w3dn9INL_m0rtG0BaA%~HwKO3KG>!(vNC zRP6E%7I9P7R8ksh#Nmw!zC4L4yX0Uk0GDxVy@qp#dhA|HH~LHo(AfE}uC%h4{=ie1|9jDY%+Y|`5# zdee7yACS(SK*^x|_C>}&Pk2D%0bC32pd^Wff&Vk3 z^npmF4EYipFgRt-_#A)edR`gine&^O`dt7Bw-CvJ{(eH>|IA;HWjjv>ju)b#;J$_A z?f9Oq*?n;wJ{oS0wTlb=w<<8yBDK#LyM9zjsm#6MukzEGw zs%0$?DfSK1$Rk?@a~f{5m%6%1c{y{JUrn37po;zBiOGvsC4F*kv ze|zetI)G!b=KRkMs zWuhp7+hoeG?MxUb9;~X{q4KHR=?n`UI+2#jkUsl`jw}j1rJz{*dl^mh6)c}3?OC?) z3`#>?ieTi^V9lGG&l>daU1%gGi=1Qlo-=PRc1Z-N;%s>eaHJDZI#1Y27y`IDVg*Bm zWDqR)R%~2K9Z|utkE__gew_w_6ZpL3lti8o4z?(x5lSy;O?Y!Y4ambFuf>^8U>f7L zZ{h9C9VS7e=y+KBIHolrSK0A97N}3B|0}KLNaFI|hxC#D_iuEpVG3UIpa3Q$-5W{r zr?>upc>1v#7buQ(F_+ND>fv%TmRtoVK*Xjzfjiw|Z@CmQ(*pMC*5}=Gy%ww<6>^`Q zvEL$ko=*bjV?X_-h=`_7%}_z!xA#SBLNF8OB^8`v+3EwnI+3W>gurxRcSMD(p~7H> zaNhAx_4?FAN|?ddlPrIlHJgSHk!dz}I#c~43B#^t(ui}c9-mUj++q-K;D!p)eR0*$ z&%h)W`{Ev8100xG`WHO<|5Vj~-a;pPdh`FRuVoz0aeeIV$G#VhW<9T|ZFi#w5VF~& zMVzY1#?BE%iE=6H18ga7F&SGpV9ai{LQ?1h@Fhk!=G{E@8~sr19w^axaHnSh1%9rv zAN__;dHXd_*WCj?8ruwhlZImZ`wOY|yPI90`%d#hE0iJ!!{TGyblgDVtJqB#u zEA82S`!}7A!pWouc4^9UaA8p;&KTFtnALPltAljdB7D&`t#)*Fq|H!A-#H^bqD_uv zaQMaaGzj+kC_cTwf`xf{?}loY{x3)>7*r2bK978@x?-7tNQ%W z`7_fC7wa|E?t81haa9j*tKE!M;w*gZgZ`qOTc}t*x;{C$L85ZQ>AaN_hCPsFCTf3$ z&e`Fp#eaI$OoCd>eMLMdXV}>$j&#w+d}w7>?A?WLPmKrI1`iC%hbF5uX#vHfov@*i z^Tz(vd(ua5V^bmGD}^cFFt)+ic*6L*ow{>7A5nMu52&n>?u)QA5_HAmirtPQ+wQ9w&~H&B!bom3gBW~8I7u*-;?nfG%w*Hk zZJGn4cNXRc&_JWpBgyNqYsjN%N2|>G(~CaNHOXrXHsH^VUh!uUl+b5mKAoRnpNt9* z6hKW_r0O0RIG3$PihTKMbJUJP@Vv^gY9w^tNQ$a?YMF(4vBef74Y9;|&~x0c_V!L> zzAp?0q6~b&^2j^|q@%0$LXWYOF@S8}@gQ1rdxN87Xu?s`vV59u^qqKlezj1JEusN% z(Hz!#U2^>bhAI04LXQIL#fzG&J5@SZLbfs6inXsE#A5Rk{@35wO@}?Gs^^s&WOigR zWn8%kA~M#|Z~8V8>|5ClZCvVUtHg<$>GP$d{q`2NEDITs6zdufe-L=trpthJD`o$(?pvF(3ZLi~=l%je}_hXDIc^HOLdrb17->Rp(*?`UQBf{ZaPBk2bPB%T$ zH5=tqg8#4-Z1Q=$rzo@H{!V1{U1?|=gk(l~FI2*OQu^S0qfoXc4#~j0Z+vRgsZnF9 z0-j}RFiV^sClE}l6a~a74ldiVf_6sLfOSi>cb-WYQ2nerj@S=2f$=%j6CoQjWIpcO zg$*`Mw3@N5>n#ls<5Fm886r7D!#uD@?*T1vV8XC6zeA}O# z3@ooJn zu|Hy76m65Z^2e~DcHW0w|d+qxKWT_;yj;^7Zu{MU|wgaY&o zKJTBH3XymF2Gr@^z&B#PF)O+~R2Nhs2$(#X2x-M%G+lJ%pJd{Bf?6v$DwwyEFxYdN zoNd$LtXdDtyXb%E`ZfZPOx>~R3zjC=v2V*Q!>msn6YYZf+$ z)!!+^GC0NB52&y1bphI+I%3zar$of2rN8MW>vlw{+o8CcE-q#l5(U)i1@I0qzd<97 zFM^=}MreNb4gLl&*rjjck^B=4^aLP`FZl#U>5FPK*0rJ%bMEv1n8!%Lg91t8u@jvC9F6^CN5tcg7@Z1Tr1V#Z- z2c;YUI%@}wrS35Y3y`taw6zk z;uStkSx%?h;FL&+)VBHicD@GEH*2RUy$`GXRwH@AoP><{C$s*R4<~Bo{G@lGj>KcL z9dVi>SZ?nTu~p~J7@n}3IpED2vJSUY8%_e!X!*{;yviObu`hGwzzo*ea+!1SHjDF~ z=Ili8%kKcHMOE>FO=IzmD80p;QqC{?U%t8RZuZK%XZSxT`hnTcCvw#tj!TRk{&ahIb_dHTMvPn+oZRgFP_7rG9kuHLHKULzJaXG7J6a1*}_GG!( zACQ@qI`xFSnX2}20Y0H!IZkM`W_Jof`Eav8PYyn?#3LrQLU(G!VZ?%oZt^VQRnPId zZQw3<(E(PjbyQ-?sJJ^i(v~!NdF~&|7BaJ5vfT^um2LtwlVvabGD?9qeYB#tzw&Nc zg3H$53zc7BQS(N{{S5m!KD;8oUbPIt6sM$+M{XHj&&k6mgNm;9^mv9d6(vfgY}2K2 zbx21_x4my^t#8FwA69qP*i{;6ZhfQwT!1q%`hLe}saY$hmBh6juO>dR6|^(rZk%L> z9Y>ndezsEV7Xcl_8$~tR`%>e(=Ceg%d0>QLy{;V~_G|xQ9RHM7Z(^#K>nUesq>5l@ zyd!RTCk1o7IAFQ@>OsURCpLezI<~2>Lu@ho#bEi-NcBOC`%>F&QCaLrA^)Txq1G5N zcn2z`T>Bt;@S?oa1gU@j1D(%Qw?+6G)88JCxANECOq|fs*~*-tS#^@;S_RZLoE39d ztY#t$^k)L`?U?)ct9NCuTTzzV54(MQaR#|Z-+}80sCPdcCzJjZS)RAw!?>?lN?72H zB%&KbUB!)7Lr@~B_JK$us&VDq`JRhj)1eE zO@ssOr*h+2jRzgqKau)UsZg2ce@x~ZHVDx(H%FO)T&|tV!IQDOG5dr=tIS%-pPXYo zk&u*?^L@&_2)SOsXqon?;U!ryOYxD4P@Su%b5UhXHat7_RajhDTG(~Nfb1nfa^@`o zcd22kPB*()yX}z)t)j6D)%19ISq`EW)3M8~&i)#Lj>3ZOicaQr`hiNbXMU%oj19=v zu%N}eifbaJRB>alT!8x}Yr&|(OIT{l27IR2uXG=4sU<|Nke%zr9iC+wUl9&rgAEeR zbU&v%DvS5`@&5`~5ZA%PupLk0Sv1?s6yjn>1FB)NWD;i70d(_F3mAR_F#Or;J*tdy zl_CVhw_V5f21;L=X=(Wyinx^k{^>nI-x5H*m$K@9w6CK~?qzaA>v`f2G;)h)p*~SV z=ycBG(@HeYR3^tLtH-U_%y~5Rh0HzuO>1rM+Dm04sq952h@_J`q-1FV_T$_ZH_xTv z#)XTGvULGy9lbwy2JKaImLEpi&|9Oqdxq(f4+=?-^qh0P+ zWrp4T*_?E$EX{1O0-^c^qTJ&94^Rn#2{e-L8!hj6GG?6DQ-~6FTv3{t6g)t}DxK>z z-!T?D6;!7uu(ZWFg;n@%?Q|x$!gEoT!XhsAyfbb5Rf<|$TX~lrRIG|P7$(_6&7k^V z41iI=fy2nIq5ymW)f{(iP-~JfhQ)SKPV;^%WuI!rw(uC*=t61_fN7jW0$)#5cLJ=J zI0P7@#~zY@wflUwc2!f9t)s+54!BqURGXSI#fP zKIu~20<19&_7hh7fKzsnkV0xj%NE@bwD|g7s++@llKtI+*ufl_V+YAO@{4r4U??2% zO4XBs$v|OpKo}^CPUZiQu@m9Gdr5p^7EI1aptGrKI9)iCo)ox_;KWz1r-{bSmvVbC z4~QIv8@^Q^J+&Hg-5(h{p0wveYV0@i1{&V*ZW~;3Y^-x@ zW1zH(%wr+Xvijg`62T|Pqi64^Sa`B)1Ft7u$ba88fG?$TVE|Gh_rm^V4wq4!zWuA) zFzoJm*)?@sgQYBsOvV-xW$@k?;O7b()U^6A0cf`U#2t0^dLs5@rUcWJXZPV`hxeEG zZ&n4844~u#?vyDaDsz0}?d>2->1`Vao;#(8G+#01o(4dBI(SqgH#VE!}k|kFyp62dZ~R z5jaHR3gU^W!=pGxJ-S_yf^}XENQnL6akmZ-dF|j^o$g`c327lncAdCPq6m!*VoIDFTl~O?4uxoWUSg9TBvje5|dW*zzO! z4XbgXnYko?z?)s^v=KA5WDh34?ve0Ein4HVB=A-JedgrPWiNl?2Sq$v)C$ zsSVTHb^wo%iyxwc{NJxujrhB+&2UTYuX#`bmg8wNo&8UB54HT2yoneCAp#gR!%-}5 z#)9W`QdreA|tsp@9t=9>HLy|2RgUDpn zv!+JQ@VEqorHN|(&qX^yfbyOVOdB&hV%?=0EisoDL9QV#b^$iy43>|XSj zIzTdu95p2?^63P~3Q^06pfJ4K_n8?JG(IM&pxO!nS17r0oP9VQ+9SA*su*g2)2`{d zV|?8zGoS0t$tJ1Y$ng**^TSBIy18-BqwXL#6%2@|Y=D{iaAMqtZhNmq-fcqXUeLH* z*GJra8Q{ydZF)X54w110kY&K!49qcNj79IlBhj8~p3Q{bTcD_byT>_$V7bE7APu5d zv5pkQB86u`teM&8eEDrz%4l?#B=IgLU(8Bg7|aPfaHwqQUT>R~@Nj*#O`RN=!jWXY zL(M9}#H{0C$ViKj`?xpmLhm}O##>inQDm8AlOnKMxv@7Bn{W5vyZKqqMXd8J0?zz$ zr%9@@xiqEmGt!$)IbvYSdP@?o&E|>ckLn~~A&sc0@G%0fQ_Wzr#-S6#HBJ+V7}rP= z7)$RY)@oj2sYV+>|6`^-g37Amk)A;ZAwQf_Xnc-V*<>d{rY?==DXJMifQGKxf23(u zY;0<~VUCvZQHgZfiu>1-R_n(s^;Yitnqw!7h_1Nt#2;>^9cb2Ir!wz$-(jM5cSZZ_ zU=mS&=Wq5A$7$uZJa)=TsOy|eGa_1xv)CKnp%>2{%qEquQp;=2o|A^^++?t1Ob#?G zoHWCcGszutB;af1IWsTCBFPY#cXoim4apQLWSP?#rpGuk!>B3;Y($D`uMRy@Q_KIn zJEBA;dfqt6dP2BG>IQ}^WR-P9PWHMVp;vUn%6&=4^T8m#4GHA3Sf+-mKebP1k*9AGov-GY4dD3@dikuC)0%48p$Iix(MMYXrl|OWumC+N(cwS08sj2*o>J`7-=cF%r3T_4t zxtr?PXf46S#Fr@|Wp0;iR^?Q-FfA&F(~qOi(TkR_+aG>%U}uu`=I{@K?K7hCmpQaR z9GR04@5PaixP7TiO$~K@=bS0udhgO6OIwd%z1etKO)_!K=EJ!1P=NZ z*Zmv~Rgvu>eYev@3}#SkiU!cf9(65@*NO^x38ih>YqxTP$yOh3<@sZWikBT#?PHn~ zpR9ZsjFAR&Kdutn;l-8Dp(Z>@<(S1lQF@W?Xs78QYm8Xn>$3^qX4s+Ku2vKW^YZSj z%7E$c;JN+RdGitv`&aE0`9!8eQM^k9S2ZI#5ox2o!sU-Wl^LV~W4Ud$b|KG$Wu`NW zpQ_pu@;5(y3y~KaKH}GJTsL$M?6s;lG>rS!=Sy?0P+)iTF0Go+`jwowHhpJp_G-d; zl^6=IaZ(-nj3l?Rj#iPNT^zKO7(<`Gy}6rwnO&rF!h%IUe0bMr%%VD+N%;CMv8!BM zwJu}m$61vx>Qa$$m)bj=L1xhltx2nydkLoxATT`z(h#+_+OuA%9Ri`CgWb+U#cV9& zIsX*Ym|}i|LmU67KX0$plgo4#i!Q*B>Z?amd4Qd`Q+(2Q!)YNSZEqU+74e3imP22K z#Kx2-2;l1cV4Q%OWL+Ae_vd5IJXXjODmRKPGQ+F^qN7uYcA<}al*v&fdNdBGvmTXd zlq_^3m)iXJmoQW|djTry=nuisVX9|QWUbMg!AAaB>VggP9)0hO>K{$Ja>2ZhwjoM} zWL7%2O+^E7ou!Ppy%yI#L=lKJp<{y2Ox4w@cZkuWuIIZs$$3Qv>nCsHgYmtSrcKGi zXzZ0VDSQ;&-V6X-Gpq|TOsR<^uzE(F5}Amn49QW}U(N9-anE=G#`Xy*a6DjzC)}P9 zSOwvKTR=*6szlDbPnUwk%7ndP?735R2Q=FbK1%;MSN+Rf+##V3mQ(m1HQOYPUCTDt zN=gGoBV}&w=_j>qlPRm-x7m{+ws|Km=8^K2q~xKA5Cypo!^Eb9sXA<;NCWZ-{Z2$8 zGkan=%cO{Q_nL@yQ=nZeov?VFebz+j7M`*2WqH?G*RSr8O_>|~TbkofOyf($>)ej%_oYpCm{2OdD_c_CVZedAsO#+hhFE@p6uIbwl}Le=yOEg2BwTD! zB*y|D(7*e5YJ-{fGs*S=d=rdlD>zKoWzaRhh=gz$l|+tTh~^w`&b5AaGxs@uuGNZ{ zpgs=aJ~V`p$JEGVVDoO|Es9$%r_|DPx65v7sguuTuDdJ6vRjf~m(%_6V(06KrEm^D zDu~#B?7cJ~?b;jjWvV?u&B&qt9TN<0f5U)1>wn)Vp}pmN{a?{!a)$Clrma(-VzKwls9*}EXh zY%$S7-Mp^k?Q>7_o7}Jv1Lk86Rgid41-poeruUh9wn!I*=eehRQ9MerXXE8G{EVMF zj(12a;^yW@dHTt`iF(yS3+CPQG7HKpFxUitT*D{4N<~XSeDd-8)t9~_+lF;p zC?t2(6AL2yNZco>y>HOBwnv$`Pqi6zdV6!*Wks1^$zz3NP z?TR)#anJ_0K86`Kc9Ys3r_zWVsmp3OPjD$roTW}YRfLhlXdU|gyeV9U&M?7&bq5(U z=Z8+IlR+9VQISxgRE^Fu1Ir!$j>Y!GMZ8vtAxi_5tBt6l@}&~Ckx)X2>F}Ege`EH$ z;`hXFiQkdTSRq8eLA_2LAC79UHb;0(3q{A++9KSfT64`c{pWUWa`jTAH5BckPB^J3$zpl{%p$si|!A6_sT;(#jebHnPeZ5Z1t}qfy6x zY`>(z(qw70N}lv1%ah#=vd7@;P7xh$lif+818%ZAO=7gLA`EMq>=GURr{!uFJD9&T593-hv)XJ!qT*7n-jTidU zm@f>XFaw5ZR?LK9+7&Zm{0JK4uAM^E2Pa*5lBP~-Ng7y%jW8ND*63;WIH27PqQQ&o zPLY{N$nGT3AU4^ZCik6ewa9C>^wqtZrQnpIQQ&av~x4O3mG=p!^U{( z+z-XN;W=-eIXkCGZz^Byh&YIgc!{6=kY4s}=?INfGf&MVlVK`Gk>6a(9J}7wZ&{M0kyB`J#KQ0hh4~SSex}KrBFObY{rs~| zm?NPuO3W-V!^C99iH&6OqghPu+9rf(7x&}w6GA)q!ScgST?iyelB5xrnXG28n#mLz zs@7RG!->u&olevX!_@XoT0+yxMEXtS$wWRwL(60%x6I%&lPi>s7>s3|ev=tuq0A&` zrf!kiSCvxf4;AMZ#bpwgU0AMG)+Rd!c5F;`%Z|4I_oiE)`Xc(JG9Gb(i zA#6r)YygMnp(IIC2Jslt64wvhz+J0^5Mny+0)gvl?krBNyKZ=Q*IeM9Oa?7Uk|ar? zY{ZnA1lE~0v%p44nTchxPPmx}CL6gGnhMs5H<`&0%R2q0(1b9VNzhELD(;F>`>IkZ z{h{LgqPR@rvJ1=A%GzYdz>bZ{j+q@tJGOSL%{(y!#gsZ4X?AXs@xiH<2MmF_{^~XeKU#_Ii7ix>!n*BuSDa zNs=Vht?+Rx`Y|?%FS19VWZ(!PgqV)2AZ&z|ADx99HbP6Ivm{B9BuSE_eplU-`qD-= z6NWak&0`b3RSD6?HdDsWMN>Axg%CoB!H0^itl(@E*5v4`vQms6|C7liNs=Tv|2 z=X9!R8!V#D;8fd42KG_PMw27&9PAr)U(!cSLa*^A%qY@h+aX1JW_Z^tyP70iD;Gg!@7m7yw0c@&$$Q%qp@J2dk*G-i;lk3t9`gb+dqAqJPSV{4`qG6OOm z4T$_GC=(s#vg2$r<0_POwCQx4Y*bdNgD&+>c3ez$yzCevJFaG&n0ew26jOPQgk}n| qb1F8uC(Y>cv=l-JA%>V)v;Kc;`OOe|c2|-B0000Z@oWQi|O87T~)jG-e1*M9ju|IKy;7l-i;eKh!kJH(z zhw>G=BTkiQXa+6EMAj`xBz9l8%s5olBvR(OXyTJO)S)X;dU#!(3PSohts!|=99%^K zaqPP9q23#LNr5w#35K%<>{vWv%Yip~hK~nV_!-rlNT)m&e9*CFcu>XZpwm+f-=n*} zlRJrRlGv3Pu2KDXPJJtce#M8lA9=*sk{$jtzp_4|PtBZ8GHO)<@d8$~Vyp^WE8-@! zVn1}AY6owBtYN>%(1t8~#8?5^Ahw*0K?BXx6%En^RX<-4jXJxr?U|InJQI+2OsM!% zS_I>)oP1^+d|1@`zB_I)LLvKEI03nI5e$4-V656NzEi()ju}vo=Qd6?@J3~KJ9qY_ zzTd?2fD^A|JX`3v{r*$i1BKWo|7Vnmdb;+HL8cU+oEvc2ip2Y#YFAl?|wI@uB6OpgUqg^`{#JF|Mlm_sTc* ztW%Q=JQoAr2GM{L^&dvW&X^yzMV63~81Awn@@{jjC0s97toyfYjM7M1kHc-L^C~gu|$urDm%X zQ8>RFDExfF*u&7};&6glc=n^eLzgUxWNaWMWv>u7qDn@Q(_K$Bk=S$jFbCRezaQoV zW~e#au0x+2ddyjhKS$Z>sv#EYSE4PDak@-E5SBU2P&?K0dKHV-t?WC(o81zP%&F|S z;Gq{%r$gm?7N>)V(=I0``>PFK(P)UhnhNK==!MOoMo&q%1RkS5 zKL}OE&*EQUR4EqcAwBwKJ7K6(T~G67oKpONY?iX(v!n%?xCvCe5mFC`NTVr{oW}Xo zn+y7#=dRrAW=PaxOxWIO12W9MQStfb$)*P+VHgMf`KJy37Q-}-KJaFRz;fJ1$EDxy z@`|th_VP2o?)`lK#P|1GaT7Yq7GjERl`&)~R1WwxM4U_WG0g^llvqTg9QOnM6BZgV z6Putnafnj3LKquN_}kKp)rc9td`6;Y7(&VI&*@@1aR`_1D0BQ*Tr+H0n}Pdid9E3~ za@?at)a`*$j+A!d#F`88tDETqAL-5w~ix-uxW&MLH@EM zJd}AaW%t8o>H?B z?QgF6ny;BDDAkXq0jVCaemz8O}&DcMY>6Gt+7=ScaAx_4PkFB7j<>E2no2xoSF zmVk`pZTJIssiu&P3t~?|-XBRLws~Bs@0g&NtVS~^oz3fW&v0BAM3x_#WgLr&fqhW#j(BHZUj@wHjb z@3PeUt~kgQX2@jQLi2GiU!&%Yr7LYTF@+1GK_wA9Ldt}>>D52t@4COZlc29E)H?6+ zV)f@f64CzPEBM{2tf_^olY|fYGn%@c!@g>kD@H($=6(o=3L}*bPE7{4cS%bEqVkIh z=j2FVm@9s)0M<5M%IyVd;#o`EE3}7)!4VO>gP1~$=)~it3aIftPgJvK5TMS7_0P@+ zaNOyV1xLZ}R|K>-+1y^xlffbo2uo@XZP2T0i&I!PaA-n zOic3i-4DS4?(Aa${nltufHj|dZst?9sH>f{jFuNqlN(-x%f9jxPdj1!&*hv1nvX#f zzCxt&aNl!%&wmLO1pR)H76HuA-Tw?^D#hj7?gHn~Vy$=fNxW{7aDArRL97}*EQ>Z& z7f(|UBBqcH2qef6jzaJM0%p_#Uu8La`THYM&lg{a*QIAz1|(=p5u!qBoF?3q{=_!E z!{OQq_S=l+2r=dx=3zh%%@@X8Oa@@Dkh)Oam#=2C{3m7lzv+8f1j&TL?v;j|# z7xA#I92k#x0L1!KKJ!!9D&@uCYm=IlPhk%b&j|~0In3wCV!Cohh}Zcgrw)&Q1XbhS zq`AHR`O@3%1>MqX+|qCo!~-b#`{Bd@jtSyKQ}5DE$hho0&RJky=+6k?b*S#5tGf+F zfib{Nq&QO4o3q`OQA^$)fj<(nI4~OjLfqtuoI7_29Z3#zov)AjfBj6Tt?4PZ6QQai z&*;^V_)t}Nmo48IdI;*1zNNysehQrj(UjEPN6ho}H#Q&h+u+%4?wtjVApLYh}z4q>Sea9pf zRaHh9w%0n72D)E!@9@f&HpkxMt@UB2d(R=UfNF71zWpHCP9XH+YZ@N?MZ z0lX?jky4$6+A)0SS!RWNWn%__cAn4Jm#OmkU7lOGxD1DQEv@!LA&Q&9^zZ+n4cBhuk@Jn{YvsnN~ZPdEoo-a_2gz%;dz^%^E4i_QH4eg zVl`{2pP~ir#-GDZN8$DXkXwh{6L*hsKvS0F;(g0->&suAw90E=b^*ywYn`_z!Y|;^ z+x+7^H3!4WF`40FY}g6E3tjRViC(Mfnj|l=v^L%*bmdGArX@Xy_5(aRJP$@fGpG(T zmfA>kK%Wx7V+|Ks`d)ML+-m%NokZIr!lYJC$@Mo$TUD4Pdb(m9-_kD=c%DnI)Iw4I z;78-L+rWuAZrffGnNFN1fKP~fwt;r?`=rdgp>!1+)MA|sfJ6{Shye9inN>&9jV4z1ok^c%D9o zlKkWMol+m`D0(PVUR?{i>d^$CVBdnl$l0G)Osk7%0~9=rq{YN@p9#vdULIJuzwcG>H8@CL7kC<5ijq~xmgtO|-LE)rp0j7w0|fX@>lQ9&tbQ<8WKUeB z>q9>PAW!wC=eC}Xj$uUt#?c73A9-)B?p=bv54uddB{o+yA0L|bj@WNl2Z*~{v^Vim^x zrTsi)ehG2zkKYnBQK(gj)3%xQBmk`EW(oIqzqZ8~i9LzL-{;J@`Yp?yKFfC;^5ahi zCI)tH0lKQQlzA5_(x;^5_h^Z`e)lE0QuNQt>7Kp-Th@BzF1RgxUK2jj;Byo-D;DQN z6Fv9E5t^#0b64L}vN}4}_rWwQ>VuDL>5M|{OjPk__R_cemfvU%J8|M6=NZ1PUu#aK zuIe#X^D#B+87t2+O>fXa;E;W^L7GePpVF^|v%$s}8@fkC!c>vk+onM@R?B)57I8}Z zq?&5Q-3gQosN58`4T%8$-ZB7(PSW6$a~h}CpNz_>*j1?U#QS&REEf+}R%WQ{&y6swaFJO@7Qcrq+TmrF^6NhPqpxkvS z3xyUc2IS2tHFZxF>C}A3iFtX+5l#bMORs(m|!zSXWE&X^|mV zl+|3GvVhSRvq{#@uB2a%Va1gN1PWuAh!g2fwb$w^C*9?Ej8;k^GUBk|U@ua9wLmeg zH#PPZ7*^^&NQksyMwC>X+!xz7oHF7mvN~yEJ5+gRt)(g!eNe0T_v1e=t1>2>uyjC>`r0 zTq^1hYLqH5b5RhUh#KqwF(f#=**Z-J*G2VFmSY5e40b&3mX5iG z_h(fsdSTEJ2|P0LonZ=F8;1bBPJI6{9kTh_#=I^HA@oXxA$|kg7-ursUPUX_>k-y-qCLjVE$vJ$~JkvYt&uDkWRD-V7>diL~p0}olko_Se}1dx+v)@UyLt)T~r;Y z*|PQn2|(hlqn#=94S|Pn!#}t$9fcTme1%=6!llwXI23zN9mE$1I@0f;zd2g)kM|3U zyrh0B$5r>tjHm`%iP&#P>)9Tvl-{CQrJ9%~`IrMmRO^cEA<<@pLXQsesMzXvATVp9%9G zQp&jvK-g58{)NJQJQZoX1c~Wk8-Gm-dt<#8Q;xM|_gM#b7#os*D0aMt)!GF2n&K&^ zbDssAhu5pbXGrjd36{nWoZp%$pq`qg##gT}5UPnI7{Z>6EIuuzzr4^}nAp8|xXK7^ zL;m&nJ45$I4WIlTOTEBevGo2<0iCyxC>K0-{dS+UkA7`w`bgsNPBMK<=GXFx)Z{c=s6f;z3s_^ z^Sw+ofuSrMBn80ESw9r@ewa@7(DmCkb9z6E;FkeG%0V?4BZY<53?+*o1 z$gzHM84@vLGW0m>`}hc_7UKR1nT=d1_f0f-E*+{q*gxS>j=3wj1!fvPHBf!%PSk#^ zE$5zF=IBT+kbucv_9h%wBw9F^H}aA>6nZW|3eBQsk=s^K}K1V9m zcXT{o9=?Ntpz*shtFXQqM8esw?7px3XZE7%XEi`&3*9m6+ey=nM{RGiw!?z~&Nd0m zZ@g)|Y@FCdv$B?TpXf>o4ZK zfQC%^o}uRqc&p|>kgXfkj>DCQr2URoGs@Cp6M{wOk441#C68xU>M{Mw;TJ9B2KM|@ zpcw}Tg&q%)7B`I?4(X#wbBA*PCON_%D)4{*jC!l@V7aDu3>2AE*JcE!UYk~y`B5x1 zpNgC)cQg7Wh6hVgHoJ!nci{0Ni6cB{X?(sTogfMkuuhT=Iq+N;qP zK*~|^=%vWIj+U*EL48TndB1khI=K&{POxJ+fMT8lfY7iMC{g7=-?v2tWw&D)f4+Mg zZo$E+9c(U&5_!7v{jg%MgBp(U7cl`d&)aVj7|@@g2k-ynegA<_b@AAPDkAUPptp4B zWu~0Ga$+*kS!z{!{-sTl?ODsfBr9&mR*E7>%Mm`7T_NA@_ul8=r)sNv)bpn~e?(zj|9}@o;{N?Sp6ZcrFeg50SnSXHL+=!QN3GXM zYFftOlGMz?vZsRE;mTWKj~J#ID`}|lt%+y8hvp1^Ke-T)aOU7o9+2<64=Lg(qE&jb zHDXC^U()Q&A6Hp6;jpE9#66+Z@Yz3J>V;_RT0+D;kTz`)mGXY}**X&KCt&altHIsM z7pX5H;)n1F4FS{dO-ZZmHJ@DN6)wwl7zdw2hbxV5t3qEZL>Ow?uv$I>9`HhJWSMe*RS)Iq>XA4 zkEp3&%_fQ1qx+8@yq8}Hp>J}mbMf5IV?*!1$;UJvHw;vAno)2ay(3w0u<@60y{qE& zN-dOBd%>n#VmA>=q39(+oaGL2U^}{t!anTN=FKw5F3wL>R{RyAK z-g*dXPe1qof40orRqu3uj=bz9-``Xc@q321@Ipx}l&u)@MFodpHm|7lmM-Nl-RG)b zkG9=rXW;ze4)1KN@3{$qPV(TX@2maw0>Q7@AFgEo$N=90y@rcnvhpb!@hE@CGlP)* z@GIh0e-bGhd=ScQKi5T^RZ06}r=GFnZ%sVQy>jnM!^nEi%Hb?%^H1r~F00);w=oj6 zbkiS4%i+Eb?T;+KE#B%^ydb&SCGju*{hgw0`T4*n3ux%O+qbWJKddik5ZK$izVPF& zecr*t9oygRc7Nw(7?rM}`dFVWV&Ye0}xN1(8z7; zB8sI>H5++nL(JiR`$(dw^Af~keftMbv_j%UvRS;m*0R-b|j8* zC|)TTG=jZc_TjLst+UPn+v(S2+$es1w z*%u!?u+iiR{8~QzTs58h*#jzuxVH{(f>jWRd!&^n?|1G`{Myp|LaK3mC zUn73CNC_mswXV zoHZ;cJ2qmiX1q?u2RN%{&BOiBAE@h0Ko%>0oML>T$H zso{A36Z%c4Q<~BTqRz+}Ld!(ngi7h9(wFs8V&C0b>UJ7ujHGsv*5-mSV@&7J9dM`G z-aTs<&fBi$vnKMo!%G61}q!tQPT$Qy5g{XF3N%c}u`H7mGf9BI(whlE* zHVT6cTa2C%r2>4&R&(J!_E(zq8Lu)soJ7{wnvHS_L3sHIfReTHVGAGAI=FuTO4|X$ z@m)$b8C^cHDhYfz5A+}WGFRX)33C!}efa)u>|0H$0IH_NrxqICmKHBN3UdnwOEbzt zhFPwkqxTn7ba}SF(bWg`Hn)9xnk;bfx{z%{2;!GA<{# z@H$t_Tm3&d(MT?#!)d+^2P2C= z`V^Tj#6lsfzh;*itoraEIT)MdeR*25Fo~jd66?NnCdO>S&fmCTLV}`cjLxP6)N-!r zi4@+GWOO(oYmRRxq{FT}eUzU(QztB>TSL5YjgRDI=d($- zl(WTuWdngc)0MM)8d|hRt<#w?t1^{dE2vnMT=p$gFG_}hlU+&t>C2f}vKlrvNmK9r zP#tZ8Be!2=xqAiFJr$M^SPgd~VqRk|`T0gNy+v;b;d>iB&1swm)2lgMZ!}Sq6xEc_ zMKdegv_11JHb2zk=&Yz;MfC=PXGF;9(moQuO{X>4Lu#vEs__r_eB~~3L$0%76R=TH zh|&P+*PgiJRi4Vb=Uw$}$;_c&(E(j@sZbJ(xDdil`$$8v8i9bK;D0hB(Sti zThmQ25JYGwSeN6cKx}z^x20{wAO0gOxT82get1BV|`IE#(Ezgsm>Z)dw zwWlr!ap{B%hUdwqaGLjjhOXr61-jAjYgfelN;OQ7*vAr1oYUBX`HkHlr1!U_$shR4`+FGmF*vkRiBiVFSgu zzwpg+IX5)w=<&S{WZh0RC#GzDX>{9-v?c>@cW}ha8^fPA@M-l@G+AO&qI7PDg!1U}!ji_NfdyZ{Ie`<%fhbByi=%9%?Nd}?_qN) z+=wqQ<5ooQ@F(rxJJtO!Zx#IikTThUMajy;SzX?2G1^l4LSD#R^<*7Su)Z!1CFAdK z`blsY3xekTHLaH{jx;8R^xqptCGWMDz8v0}5s~)kTK_v?&pBJ2NLkj6|MB|Y`F?}l zwYHsh&yjMg6ma6#)=^VQRx9}@ddsIe1f-gXZ;dn9FP|T%UH~uB&DLd6j;{1yVA2?D z;zM1y-viFh_Rzgegqq_-(&^yTaDAVOrYNtiSo1%taKwswfPgWdl>EvVM;hJAIv&C4WC@nC@8`l;=mm{kkvWG}oh z5k>q%%b3jZmJijO)8nwMG$^PJ2 z3;J?iYXIz^!BZXQVuOwifNj1Nb}?O5ittN0AjZ^CahjiXXGTvduAKpFJ;kf4vPp*hsg0!%>)M8p1uB*L@l~Yy_ zi_3HDb;&D6?#E+B<#-OocrL?afY_cAOTT7;?Iwy;D}X-0$5@2ofcMIm>k1U+xnEDZ zL{Ij)M#C#^KP)1q>FTVh%KcfBslUUUWSJtTJ(&mLL{hAs&Mo|3V&pG8NxUVhPnLef zY=)+volZ14QeU)w+KK{SR|0|RA6G#!)J>~a7VvxO3Xt}wrFt#}TNF1Ol{!-p$!P}S zdT>M#hgb&U=kTWua8Io`ihir@m>12Vx}XpdM{g4eL}dug@(Z$LSK)3Af=y14iD z;bV${+vC<)pei?C+V~U`d;A-hWD@IhJU5{h*Ze!~$Ch^6BLZDs12kE)SeEPN0n)$S z|E6xzz!02Bz+>CMj&N_bnowusHtsXLuSfGhy-(Y}a_p`C6i;BFz-trA%^r!9K-JJ_ z4$>^bW?`d9*m3Jk%ag+_173R$Am{9~f11tgW1Bxa3j|rD3(dKWSp49uED6-g_6oR|LmS-a87 z{>OyB?&pJt>H)P5Ks|I^186CfYIe}9uxSuIl0S~tMiGyQGKHx~>+xBZkGoTitrHA< z>&zgN(~PBElJ@JN(MXN`<0anaH}%x(GTcuv)_V6HoLrtNBGUTIvm=5!K31Vdt2je! z&ro?IE1?|6hKwpEFtgd_kHpayBUfltl@@WX>aH2 z8lgK&pwZz(=TcB6u;(*7TO;ufy&xe^Ra13&4r;Pli0a;9-KMIpjt-+4F{| zesi|0Qs1MXj*$G+#V@yIPo+mS`@Jl4ro8`KeZ3fuyT(#8q}x;J$>5gxk;4$~hWm^8 zSQ$O6crv#SN|_)3BdP7zU(_HQ*`ubZHDSsja%%Uft$a#_sRMU^`Xd9sc4*{%>uJ+$ zU1p{1sXrBB%j*U3)TInl>4L>KiD(LVvo2mfwJSE8rJ=*s<>fI+&+zRkp$;V;u;2%b@r)BJ31wmQgiH$e&g$BvdMiQrM|5A;p$X3Wde z0CJ;svr~L`%TSv(+P6sO+g!_NLnj(s?brj^yV;GxHdi)~I$M<=cQ}`SP=j&Wj61+A zoG{L3soX9%0yW0tihq0tYu@^f3A54TxtD?0)FRv9IX+Z*d%*A)srh^-;{^+Y!`Jfx z2W0p01KR{ObgTE}gzY(Z`%1T8dkzPB|84$a$9@bz0Q9QWG_!Wr-6bDE)rix@%=TF} zpFHBkERxFY(+FQ-WGRG~Uispum;I38z>SzQ>56hXSGiREJab$rrSu8xFAsU7X>kG^ z^_RhwQ0I`oGJu+zTMRcYP*Z1(4D_h)6Zo$Dm;~C^WWgB9E4xo5OqdQfc-S_1ci&J{ zh7i(*rO8sF!9*&^5-y}n;+Muzz6?~)dFsR1RA{r|XMO*NC89VOr**f2L8kY zgQwoP8_hyf>d_G{{TR7px=k?Je{O|*gC!eFm+ks@!4UNPgx-0RC=GeEt~)Wd_VnD4EzSreYpZm_$qyWDc|6^U zMW*s}`WgpED#YYs2w(n3Q7S6e&GbUd2rB!wZo}fY(={QnEOINMimBZ-X)CjAI=b~# zpp%LVJG&-jO&5gSvX+K`FEKE6V(If;i@l}x?y9B>hXf_mBVJt-LEA81mpCJ38l_@} zRSvBRnbWYm&1CSLkLew3)vrXzldJ~;@tK;dKv7x!Xx4RLB?V~L?ic?TwFIzjH^o!I zLjX`=OfZNxa0a?iSmCM3*JVVRgBRi+{?{M#|vn0FP;L7={^8@yhk+^YAR-A=lwg*z@KWlYt9yaD5S60O~pn@2fIAX z;Y#;?%n+mC+NDdZThUu4dWlSOs#gPezZH`aoB=)>G|=Q;Wj&8v?Nzpx*aJG>!^O8n z5?qdkA32448B^4$g*gm|-Lld@-S=xNXFi)EOA5J|T(Q2Fo%$peOaFx-LSmRo*9S(E3tTQ zs`JlY%OHxzAF2xVlPNyxKu^jF8(@ndVjkP?Q5kC}FX~>V)p9^@x?rvI*#cXG$>iwmmiBU;adQxf>L7T)!sS ztq5?AE_3b^j1xwmehPjDTHR&;cC!Q2pYM|QcCVddN-k1MuU?*zE&%~>ut`4Q?$ZZn zq-rAc*y5{G?kX$y$;VTmX^|$VY`(j!hk?tKO*u;mFHJk#EL{51({4rO?OP^pyOVVh zg=7KDYG2vjx8nMxdo#h;wD2v==JSn$Hq#@2+tQEX#AV^4s}wUq)nG%@@?lRGU1RsS z!wnucx-+<6sj%>_l@n0*7B@uZaCH9g9{{iN^Dlqtw|hk)wbU=R$zi7xJkv|z+;MO3 ziJq_@>(6Onc*^Yx4HXm1+KE@?BC5aAJg?F75p=CKu1G2Xb*WL1Oov5+>w31#GvT{g_p=KljyHs>n-6iSMPu`aYyrgmVXTpBw+&()1PG+Z!mN}mDfQ2nX zM;eZ%5#c1XE?x9fzMHEHd;K0v6SXlIp#3xUNFP-voOB5e;H?Fi4!_)f_wQGfZ{H}=ef3I5RYr=Re#Ap=*>T_QW$e7Bt~R%K02B?k)zVz0zdc2k>~xE92T33X#zH zIgbSgBHE5^puJUX-|6besT&{{d}fY;32&;Z8)NDXKK9r>Xe-(K!_RD6#v+)e9OnF7 zMFOkT)NXzb&<^6b*jooqpxk#$v=7q`v5^m}r2h`|+0>oOM|8Jzu7q zQ4Rn))O?(v-7=cBtp=-&Umy==o7-PF-#s5I_7&6v|M_xt3e4-71D772t8Lv^Wj*uz z4hs!H69Kw*{4>?h`VF?tDH=@80AoSe;<9Wm&|epsS`tSIWQ&pgElGT?-HZK=&&2wG zfOOcY_SyBPJFnF@)ZDQ2_9-{z3*0WF5I^N;s6s6{eiW>wk)ejca+ptnMr6p{yTH zVr9|-)hSu{1Jz-=TBkp#q%6~VDH?}96|36{0e8P-0C#U)|HEf~5_sgFt`w1Lrjs*a zZ9HzgH|pqE^hglg^Fp&#*jweNU;n+FiQ)=8Gw(S$ezWq9K?oJUNH6n0 zJdU7wm0)~D{JbxMcn<(lDT%8!@iDz^ZF;ywEUz5V!ule04rQyL`8to zuCS9?oA*Ow=i1uP(w-vi#vZGxWyfwdtVAoeXPpAZCjb~J$CX8RZ<96eD_h1KpPcOv zs>a21V|;IB{}^ixyw^l9tt86Us;@zR=rB1zKXB@5W+d{05eBbq`N{&-31ir}<$_-l zE$l{0mwa+B3EFqiRkP9K-pFRD;59$VxgJJuK1zT~+EZmHnr_*Un~*UY2&hGG5$bJf z@)BFg&Rkwdey9~Y4M?5R4U4sU$S2>x!;=o4i6ebK{==J9$pJ7-kSj|dDUx?1;LBa) zOi{{UsnMvi<_B5ez4!mG;Zr+htddA~Qv4!brTlenBX=F9`t~CB!t-jrYYyuKw;Y)N zC(J!b2tMD~7Tc320vX>mZgXFM{e;C>;cT zDSkcoo(DQK#RFtPqRdm*ot4+^leQ@;!2_MVhm6jpmjFMOXE}ABGWU#z#G!|D_THZ;uImk)l_&V{-?xoW3O1F z%A6IY41ms7nY!Mnqr|~U*%^xv;a{GLHr7G_&EcPxy`^z6?FB{?!c_E_cj$X8e-=i> z!#wqwR9_b*^M@ub68yt~9K>-E8rv`n0mRrp5B20j7dPGlV{#Wa3jmg(u|?ta*zTCB z@>KfiHGTH)>(fa_yM>U;Q8k~FCL%$w`-m1O*Y{t}J!J#lMRuKa<87is}TM3xM3fmw8{Aq^ObW+samDTb8@X zuG3pxSdgP7&ObjNx=+}(Td{fHk`P8QIG9NVX#SLQrgstxo(nVtEq{B!3${Ep49$u_ zlmoUZp|3j|1s$~swmo>ufR@B)s`h(5JFlj?Jx%$z2cX@VloAH)2;YlYCqCQXJD>lk z{~&w6UHS2TmL(*~P0F~5eqw9k5#g`J7+=||7++@RKgW7G&${5<>@edfz(3Q?uOHC| z7T-*VuJ2eR4H%CPYg#0^5vMAe-=lAxP>hf|8HpFsZqMI{7a-vuiCzd3p094}t7L4F zRE;UH8X=@ZT9M_~6^{u^d^k%w5JxFXFtEz2rv8d;JV)1EPN~r!yb#@2U&UHBs?fxx zesKoay>x;;z6ujfXkY}dFi1q(>$gzTGD^kMnS=rgM8gr26Kx8l%CeHHO{K%67!yWVOB<&CMQpIu1w=*o@X%_B7Tv1`DhcY3IRR`_0j@+ zJ@G0WQv3H2_~K@^f#BHgp&qb;6s9RF^KQG2?q+K={`AM9a=5N-Gb3Ek@aa(k_Gn~& zo}0xH1e^|`{%~TI4%Wv9UTt_iooy6S;{@)fz#jXC$QX7#PBj78@m%rpxKcebXzcY9 zVUE+!4TWO|zEd>j_(I#`mCxv@mnraC$uSx=1vw9a-eSq0FWpQ}UW(^X<{#9PqD^L6 z&fP|uuce26U348wF%2bzNxWR4X7O^=+Ww3%1YHquMayqjBcSfV+yIl9%>X6TmunUN z>c`#vcW&}jpZwLIh;C#MMD+f;XWx#Um9T1&fh%)R=&VQja(MvZ65RRwZX2>`Q&%o0 zT#4**hMJy@s&P>5x-9}>0(=acH_8<5Hm4y4>_X~=ox>i13&5H>WQ+o*DiJ1m+IxO} zxJE4{Gu(r_{u>Nee;WYs&2Cu=w8l1Y0bm!kG@+?W#r|8yhZFA*&WZDbw%s>z21_q} z_4EL~*f29t{r?&z(6c+ndTkbkkS0*Ty16-d*sGo`?!-BXxV7ZQaalBwc3UZ(|fkI1sSYQ>dJq`NTy9!_r_`oWv3$`mk!mj{g_mT`ABlgTsK<6Mxmg3jFZ=evTZx&L1dYjVtjPm_g6js3IudPX? ztNP_59If(S@+JUzj{%0>sQ4Fh@LFCEMI-R#MekjQ)-+^3eDq~lU-SL?27YM_mVk>E`!^GS6f@n< z>_am{7yTzm!}tnEZBCM(i0MY^4nWe3y$$CGInkzvjNVkr&H1%i|eU^Ow? zHX4jinW?(UVlFvrk!u$zDTrSmG>=9BqwTO=?c)?`Er8`QKF+F!7PGonSw4Q=r<*Q*f#JQk>yU7{h3 zTHBQ8f0?13xyX>B*+{cerYQ07Ii6z9Yg(G<0mkl5exMkc^vr9}AhnK6QS_ZF2(h#9<@K=TOkUo=k#Ae{5DIB zq>$pZc_y=Z;h98|H{zn(XJm%pkp|pGe9*l+6b0~Zv>pQcl~@QY!^P|$L*RX&c*9~w z)%ii5ai&1x<-oQAS+7=w_g?Q(5W0FnC7$ja1Jojs$o*gagR*OX4K?)zKq8GsD?qpY zokVpAnxoE0Ik`UFHrYV%Q!r=iIWU=GK;rWKUmg~k(E~N8c$57_l#blLEMI?`q)?El zgF8n7oe2O6y&uCAc)dY5RF-XdbE0HBauiGB(43Wo)3VdASZt03xcD0Q_;MFX|KD2s zbWI83;p8%OX}?rd_pybmHY`id(rZsYu0?**1!U2 zLi^vInK^g~$L~}ioFOh(XjHv7EgAMhr8pG8)&GuU+cK!-gdN0aeRP}1tOf$|pHrJ= zSYW#C5cz+bqsmQIe%38tN2Pd9EYEj!FB5KM^^><2_;jM98y@|f6JcRAUNiA}_*Y{r z1D0neff3^?@trB;}rMnxYOLEg7vg!WT_MGQD=bZO^@B4n=b$R&*;=R^AGizqn+`st^ zxElTY`j#UP zbh0nPJNF;0rg9@tX~!U@7P*06=~ICQ4*OePnPut`78-wI5i0t>r4G~97E_1QxdZ}V z&qIu=VvoT0_Gcv7zm3c21e0PzqfjiFg46pumnfUV6ImQrL2s^B5ZM!N@VWmT zRh)7^I6{y(l=`yJccSfLm26aa8@RUf7hj_`2%zw$5Jh&KXP zHVojV&{yzK`p3vYZJ$xh3o(A|=F3K|C(;uxp z%_fPA+bo`!ka;Jyy9O-@7Ni^&775BR&)ikC;hs2*F9QF3+}hs$BI^nNmtHI8k7oRA zhi1%W?TPPn5q<4!m?1$2Pek))x zB*%VVc#-+sm#Q4rTdQ=|2|K0-H1FKDUeIi`UXQF>wVKxke^)9Cvm)xPG#op69(3o4 zH!Nq<)wSH9&Sl_jKbMJ~S{uQORS1EY!^BDo;6_{_^_qq}l4)7lm-Y8vWIlfG@{)%|#Boz1tc6k}Vi- zw5@pAN(K#iI=x)AAy=RaPjr>n!MgG+jk9Sg-1)*226vk~4Yo-2@pPQ?Sfg9Z0<<&i z^}kyG0fRubyeH~8-n+Z!Q6=}qS>Q%jPL}46LECYX#7Z0KDc*0qBsWEn(UICT!HLH| z;jVI6LhF>TPdGdiefCp&Bs+g4oBnQ{|NWJs%&ad4w2W^Sn~xU-E1@k^J69CWObvK0 z4_EFm&fJ|g7ax=ca0xp@Ys^_mDZoTTB*=ZbFM93tdYi*D;5$L2AUg{E{k!KjaF4q_ zPH6Mv$W16a*%y=o=Bg`f1bZv}DyO3MJ0L!sr@5T=>%;O8#oPh99nixwjnFLi)GTvc z=|%k5^>K4-y~jX1GBVQRGNGTS=X-hB^MG$Q3Wdh(shc}2ns)WcyJe3qIL#}C5uQK{ zx?n8Yc`L?J`JG~FoYv_7Y~R<2jg2j!jo_gkH~OKHc5{!SQe8?OKq@w?&h=@EmQS?W2RkPksj^(&y=^KFDCVm?f zbhqo7e_>8%H>v? zNpG=IHYFjR(O*(XEfIp&->`ZYdf?SidgwC;Z&vOl?G~9qzFwiW0*!@(5oKkFQ8A}y zm*AWc$yG@kmi*89eWlko(62iTFC@!a2|Ga%_QxiuAIi;LUmchCTSTkAYUe;F#0!ha zWNZkGg);nnqZPK;o}v|yVq0rf^}490)1db1=k8UJ4I}29rk1{0LoMjKVnBT!x4F2e zs_*C&Mt0NmOaQbFs(GMqgpdyf5Fy2lFpIb>?INt%w*%l8gxvC}gU);DU_ZRJV1Ozi z7lbXnW7wXY2USbf2bK`D_~(^BTxU$@VaF~R#+FVL(-pcA!bjSIbj7Ha^FeirNx%`c zt+Ae4FR)p7Kpvr!`sgU}yS5%PcY--z^+?WIRpa3o1fVQZ{t2XvunkK~HvWbB6oFt6 zJ(WcwVwLGZm0S;58VO_d0F7$1FXYgt1+njjR30Q61-Qq_{O%HpgNpt@^?ps@XVLX> z*th$q8(^kmV`ussl9$YZ0`{&Lw^?cNyW@RRa&h)fy@W18x16f(#;0NUTuK8uc7oNc zN8={j_NMkJ+7ZEx`)~x{dn(0dU%r!eGFD7aaedOYbE{vDRMIA$&+<)lk2t9mPSz3$ zGbXWADAVc5-M%3$Op1~EjK0`n?5&sCbZLk0!*qT0&D=6qQIBxH(EhI7DmX*Q> zG3B0AS7gKQggsiUp9l!13sH?-ad-D2Z+zC~zyE;3;R=c4WAL`UN251R-ei+uzx~{U z1CoZwZ;OBE_H*T~*mp8tTlARR4Y!kmbhp#KtS4E0xYDGhA@H(}$GVdbI@uy>_L(F7 z5fnFZqq|B(1~V8hn>{q1lR{kDID1QF=Q7sF0O#3juX_r@)0P#OADbNLEyLq78U0)K zD_&H99<~?3x7Ti)d<9CSv-3Tli3JDX$&^JpEC%(>yD?)kSwUY4ZFx`eL->moJ4%b- z*|u0-R(3%P+(X2p9AbB4p@l{ia-_MmgRac?;)!afQrH#TusnJuDO^8&{=|UM)ReO% z%RBiqL-;F>)TLuQ%)78VG}PiOj%q)7H1OVwX4ACsALz2<&V+AK3GvjIhxGO2TC#~7 zniwIFw~4b9f`uTpw7Y%ZOzue6Cv1U}wu2-18aLFgOC zx-3M9fob+RdM6PfA%2-}aV3#;fAdc6YW1?Po*ChywMj)dEs z%Gby$d{Q*O|CLBycN-`TiJ4#M>)ci&#j+my_$S2 z(n?xZ@O+kJq45S^$O`yN1eY(NX0dNTrG4Zvbz0*uy1kf$!zf?>7q$xOO7BR9H>6X- zH{H`4a$o}R;Oy{=lmqMcv-XLu_rGd3!UewKpYjJkv0)hfY4upyJ4S6fluz)^g}~U( zMiujnrUmTVgO>-Qu;v_P`=?H0M&aqv7s3(O9ll{E-(GiV8xwAA&(iC@&ab_b6`X;` zF;4iY_G6k9&EXSnGseZqYzoKLRrdjkzG1E4XN10+10jBs6qPKi6w)$nu6d^pjxGG( zW9>*MWu_mb4Ayh}9E87#mG)Kh#OV68Mre!|cVFA2yG5aE=WZ%fDg$!)mAT&HW;(BZ zrpXyieCRNiRH%dH+o~pLBZ4;~EQV#LrHC`M*+GY=kZxDX_4O@$$qlwiA$DHq^F4l_ zH8&pym~hlG)cD{<`yE<>)(q9{=+-&%u}?8qG+KR1y(i6_UF#aP*Dl$zK&?{?8mo65 zB%op8O)0^ATfCB1e{5sZ*haHtJv;Np%aRJsWb9q{cS`aicUZv6xJ-CAEL6Q?dW2nt zj9c`#=-H0{n8_HLd1CLwLEOEpUvys%&*-{(VsY%0gq*(Xv_|u{=?FEN4C3cQI6#-z zu}Pf3W3$OupT5KZF2Vjl^C;h+3{8cz09MC#eE^7U&glsZ+(BiuS@h&M6tHeI4?K9B zwzWh@ympYYl$Dhm9`Ct0B`~cyXS_m3!p}Gp3Ttm`sh4Tt5W$+?GQ9Sz3quP%WRn8x z1`_N*A-~o_xBcf^?_$>l?OC*ntR2q8 z%oa(@M6jqh;ysw;k!VO$vQ*7akF~T!;)K=Qq0&A`cX=P93W+)%3f}3vU^`GD*!0AtWnvN}2Zage02{e3z=|%+Z@` z_;+6+Sm6JOx^Xn z3$m%AF~QFU1Yyb|r>67}(o*la&u9q9Av!-Sj;=ElS6DWdk2;RYLkuGQ_>RC0IPGp6 z&X7#Z+ArCz^@9gx4$TqI3G_!9W#xU21NkdiPtX)>IHoulHR24-b6jIb?p!Zyo zt9899F*A&Kj?Y`LEH|;r4aOmnTffjp*36Y&pW%1$tqJEv)r1C<_|Ku^SKV4^vioom zhReES)?{q5J}2)`wZ~`5bEQmgD;jr95aH1I1f0S7K{MwtcdCjA$|`Y~Sk-e_C@BM_ z0d0UaH%?-)R-?`2<9VxF4o66jhl5?RDLq*tJE@J{`eGY#bAF0uFW)&u2_?{;w-7|q z8Tre8ikxp3uN(I9BM_0Ox7S9u+nf%@@cO=fY9a9kc{}-d8T!(r^3J_e-J5>^$ZZX5 zkz%_n;+i!hVCC`6yArlE9Fftq5ahvr{NZF;{j-9%7i02dQJ{x>8*h4#`ie!9lhmOd zcjoqVo+Mz8`Sj#DsfPJiv1qAO8%%;urRybYp_kWP0x-%WnQgR@D7NVLh;KGJzOX14 z?-KQPlO}<&V)zIeD+XJl0Cj1x$ddKy1l{)hYG9_&(`n4QEx@-ozHzHHqe9MU@h86P znD5?Ahc$E3ZI(4$j}!t2_D%aV?B35LwEJpk4D3p#so(m!Se~X3R0S zG;;~rq7JwYqoH9qLE__dY0&8G*p;QQhY%^5-u(wrqw^45Oqn@%&A|HJh#S2y@6-7q zB`z!cV5`U{r$-r0DU#2ZjWqyNHHd7`&$uq->Xc=0|CG=Ddv1#D2WxpJ?{KULCgMxZrx6)Z*b?$Lf~vMMUkH=*Oaa6 zyytCiAHGc~TKt}qtp37cmAEEX?e3i{#SFV0myA3M*J8C8*{p+k-s;*B0^vBL1yo07 z%>2bFUk|E77lF#-$-RF)tCCQaB9U4_C=m{spbZAMv8UG3W$1qW@$x!ZTw3T18y;`8 z+#JD9v$dDFcNA}|AjlraJ0Kr)*3lh+XjCNfl)_o6ZA>X=B>C+O!Y{ z`qs`U$Q$a02$(TqFLwFrsrc8n%VY8By-VMTZUDqcx#G!0)74iN#f>|pv7{->o_fg7 zsrCIT&WmC5eohnb6NyvDi4=+0xL>@o7N)U;8exRfhp&>@nD7`}TXx*7yL&$rFI?7K zI{!l_DvbqVA(vGWy*xnBP@Kw?fl7c58MtKhPz9437e|Tiy;GjNWe;%jaw7Z5Lz6R9 zJDB8JMAnc@@lKHoWrjTezP5B{%W3w}+#S<#&ATB}XoMjPjYRZ|q^t9!;)I4pA3Q8| z$T~cuc~@z*0NB^PrBNe@tmR!>viQ}NxHJXKdGkhSTNnC**MNxV*5~pV(G!1BnUSjw z!z(i`mnpNJ6)nB!&pfr8g`Z+r`X5Qhl=%RFW8Lub%Zgv1rCxE6bC8i2-|PH)q|fNI z-Zq(`MDtH_&}PqjeG3apSpyLEv7o7VdWGY~%VYkz>;`@dM5H9{8r7-9BgoBPtbAQ2 z-!X0}M%PzAg_Sa4zAPbwzSbOc5Ps}tGad=2(YiAtll$ducv5t#%zCwp_}X=r=vmeQ zWwZP0JXB<-VkAcRXp-jiVofyNdzoauM63RYd9v;-p5H6>pZUmrHbxb0S`mjMu=DRPnJUf6=Zd1@_+I*ZrV{{e4_daqCi^zDQm%%$*k zaSeUV6^bM!)&5Gsw^B)0(EbtNR69nLr(b?{VgB+Z{=2kYJ16(1C2dy3JkQKiGTGxX zJY|JOKu|_23c5}7e+~p*4qkN|3XL5s!3za@X!xP-LS?zm@2wP+tWSfmW0m>o`0-2-{NBdi?Y};2mr_3o zTXzFFDJEeyX_jl%^%qZsj7@G7}_5awUb8LAGGIk z34{z>mepuqg%)f9eh1w80ahgz51+G?WcCK?f-v0U!OLQ$2c|hF&{gd*VBP{ZefDG=R?`70Wc#l4@EcF%LTB zr-F0E4+~^JS&B<;Fc7Mo85BVZi75@L7uY*jR+r**OSK4t@2#!NEiWu0_R#x4&U$9r z$5vHwgjv_+CSk`rNHVnE0AP0V@Fdama?$e2Uw}XO>(KrWm)Ls%N)=T~ zG>~@-VLfNQ=T*Kb-pDBN7>sZl21u}dA_9~aT|SrtdP;>k;O=#GS*Y3El(pG;-Lk@Y z<>pL>jSR(k3A%n+FV{D2>F<^iEX6bxU+hTUB{Vf9vS1%gdk|aio#>jZq2v_A{$ z++9>LGj)JXlm2m(u^!#ATbGmh?CQ8ll>g#an~ku$ zLDYACQfO(-_|FfXoMl~soDobzKOIWh%)Bo?`hRxnwOK%Qbh#ohr3V{btdaO$TQhp| zKbNYFofJi1TcuFpLFV@O86}BCXWvmfzm(Vj zE*V=d?iZ9*jeoLR)Fmoy^Q-HCW*>Px;~x65j3NvWwZjZ4~2J!4BX?%Uv zE6ugpZEt!H$W3^f_Tjs9zE1wSS9#B%tEn6-5ql_%31?mZZBZR(`T` z!W|?VB+7c58@f^MIr}Qd7U~hEaCK;S?efa0=1HF=b>#9d?Fj4l=+ci;`q)g<3fj!i z4+|)5Axqhu%;8x<>cv%r_-5MLrN$jo^&x(oH3>6io$DM!Y`W!>p#YDlMo3U(+d)ZP z^hT#rav=dtN_E)C-905@hDOikCjeZ|^KO7_?`|*XP&?WLV9RxNz-Zqb*?4`q%K%WF z)v)t;<-Ct5l8kqo#o07gtm!s6I0&>6_HcN>T8fKNUyeUajFOvR&6@ z>UL@T?WFA?(^AaO_*I)U{JQn)mfRpL$%xv9HxkNY*}PcXgle z)PZoo5ct2NO0+7cn!qw}PbXaoef~(&inX)GE72h>0adg86t**SY-8s&b3JF*bUAkk zbotArQ|c;O{`tM-gCCvUA1C$FN>{zS9p6t?)fl_YOzGj$M0!);1Y?s#v{eBXO2f@i z%}0{SD}W9CNH+|(=J=UYe77b|&|Uu#r1$%1J7<}`csi|KsK@N)OVdcSkQ)6xaDJ~R zfbX4PFCqkeW{WR9Va8)LVNOSRojyg)KFCf;<&*JMWX~g!k3;AP?jfPri-SDTuQUN+ zLLc65U3&sqdgZf7fw~8GqM^^}E{J$bCh7oPPlkiZ?{~VZXn{*_+QAiqGm4X06E7i;|>#*)jC&Oh!4Dk=RZg zVnw!Z%6XtbS9>tE!II5%sPf1RQ#DUnHO}EFTtrf}GfgK?*>Ftjk(u-FpO#Ah{^?DZ zvqzFdUgmI-%h1|P#;o@Ou+Ypf;mrf4P%f+2OiXcUR}EK!2Y&?n@MimS$PN`R+Y@izK%0BZR>qj~-h25!;uaJRm^iFBhS ztcracN1lsneC3@40b`#z^{oh=Q$3?Ki+uyLk(sk3vyrXmb?!PMDG)1KQPH$A>tr^w z0c*6A4cH`mfjTQfGtN-dN=_JTSlk@mC`*vVC>Q&S?DqUdU%PG>%hti7LbL%oKk;ex z$C0Y5fP{KKk9$M?#b5WMWG6Z|Qj&?KhrY~g9^fMil+uCNJis#o*?}_6>`$;Pa5You z|0avk4fRK6q$()Um0FB%=pu|CnF%GosG=37`lMl|5yZR&E>WXzfuPhNS?+3yHk%!; zhg`e#TuL*AjB;&BE@uhVz`AOU9w~2@DK<#I-chS~rQ;RoWWjT=2VU^8*HgdMT9*6NVTPl+CU(GJtkB~^(#L7eLEU<@68a2i|N zNSRs442<^$N{yRzs{z8+3`a?4o!R$r>kQ)S@j>M(QU`SJ{QiA2(j+4XW8+PdSbB+V zPfa8^g{nf}1>-!KmYXr(;{o=tBpxc`iBB0rV(7fa32!vDZk9=~TqOt~_don*Z}7 zOn@TRfFdmK@$(iAIu2+lgqb}4x0jL%m{4R*yU)*4$oQ3FBhsPYcsL+LzgTV#EEL-H zc_gn>gXq;C5n+V^dfY+p{`H@O1z^1)IF6liSr3{`lk741n1!eBO z_U{6h`CG#k4}vh6O}Vi`c6Tw6&G#n={WW=weg!@{wC{$_wwx-R%Y7K z=aRjG5>V$)cJ8B{RZeH7&dN)dxMJu7^3}R|#c-sRgAx(l!LmTl6O$yuF4n)>m@xf% zhm+Zcs4A05=bKa!tjgJzywHhim`q9|6Ep2MC7YG`xkEd6WnF_Vs0m)|SLyVmbLHqo znJu}?Y1{6`@a~4K(ygc-qgaSuesKL)6-VC7xGV^beJv(QgqO>ZcNcMR2m7gJsvdU) zhIMg%l#1X3Ih;_tvVWDLiI}Bt;S%D5ifT~UZ(0aez&4UN&e=S(;>U^+c&~!3&dx7q9R!cuR_oKVYP4Q8;yoNX0{*2qDll%wm z8hVX5&WuH+^!n(Kn}6_EpI+RtZ(fG_eZJMcme`XLjp#U2h|Z=7&rU=lxJe|H3>$r7 zq=s)gWK=P=VDIPVHu(tFn3EDr8mNZeGffrwrmV%I+Y&AMd%bba);X$DL*rfdTY5|P z`W%x($vXEQp7#jEFvz@UZKoN2%j%zLCTaJ{q)T?W%a4Mc1|=|41iZ4KM>o@UR|(+0 z1z@n}>o*R@e%>lSbx&n}7h8aiD8!*9Z;QUZ9ZV=J8e!GF5qpLUX>FEGYaUf*K_s4A zT~t#i3r|44a1rzPz|<5zc5L9Sg7fp}72nvxitBe)5LGzM+Sif=m`4XWAC~Ah?(FZ7 zVHsSNi$g85naXr#YnrWSuyvF~pw>PDI#L3uQn}PRt2BoXNm7RLLKV)LdU4*;xJ)6Q zvj>bE`^)6nscwcGMt^G|P`i4Wz;TjgLHGx!0_EPr2!}Hcxpvt}H(D4Cqr<63zzBnH zSG-{Y0YF5)VSmYb$s_4FFe%R{&SUx3h0{+gZ^&Y-Q1hN+OVPa@Y|VN-?!inYLtN|E zabi2Ovd9J*QLLo1Bld&!cLDoK=}qKF8%q%i-{e`&XfsBNqZLS-&S9IG*|f51P!yNl z_8HIYhI-)2htkAshDRjCtSz-kZ-DtRPK1@`k7(VVA^zHs;YxnjW%=_M9ZKx&3T)6} zen)uI2;bM283M32hKaBS2_>i^N9ce2ueOXVm-$|GwqaPr;}cs?D!)#cj%RNJj^(vaqZ=>WNN2(idb}C(u#*zYE^wa_ zX=1KGT#O~YV{;EDUdKtxd{i=2w%Q1$SD9QBxB2oaz`0#{vY0@eve(eU~^ zo&^BpEjuPDBeSx%_2d(+rjMc_Y6?IC%~wQml#k|3|1R-r5XU7o+yrP-2(?XxtKC zOG#SY_?MN|*G&&^6iDalZBjX^K4adNAFj;KBQ*_kUlFa=Dj3oFqw-04!$0SI>y*sW~xWXFQwZpk|ZGaD&<4$ZuN zu&mH;AYWq8cl!HrHuu`_r3S-IMp8u!6;L;9+X2}c1kUpdX@GvT>uYz`wd+##|$g7`Kb<)8KUjMoijJ)xo=Oei^`gIt{290u*%U zaaK-7!$xV;*$;7Q@+t9CIeuFW;%%S?qg}mfUNQQgRwIA?e%+sSH?H$x*)zp>p{_1& z*j2~^<=-q>x9-&9tXB{Qx9b>{SZ_uJcN0i7o>(p`UWlXjE2)3%`o0pOmF}=QmSc<9 zf3tZ?RIFf@3ty-(%LRFc!xC26J{+8zbp-JKDnX1Lw=+r8KSX<)_U4dN6X0jR#gm#& zIEVv&D(e2q;r&g@``>qvo+^38Aqkayei1N(GeZdqQxEwM1oZUd(M`os57fX8zhsW0 zUzfjM?hHwXI+TJt#J;}5&^12<&t2c z|8^8GLi5+TSO|!&q!V7DBw)=J^H>fC$GqfA^3IcgT9+94xQ222t4~T9#@`f@2N`>7 z@gruCXL2Jp(xi9m5GvEYZ^N)arGI^{j2GLHCWr}gmjy_OJ^A<1c-sqc99+nZH zRBGgpPrMEw{HHotC zL7MzBIiKY1Y0}fUWp!?~NQIhFaYW`@4f|G^nV2-kD2&Hy8TDcZ=f3e@$Db^6h*R_) z(43`rOMa!igk)lu)zdxjc(12%7b(0~PC&nVLLo1El9Z4Lzy(WKh3r($g*x$UiR=^zf7=bXW#d z0wmdU*8;*Sm<<|@j?6yr#w%83SilFs19@zx9kqYy`JA==1(0fgVbMD)eml7DVlKsh7>Rt&Bq ztwupM-PXaVkTZNueMZ@*I~-NjEosIW-IU1~ZVK+hOU9l`-7=_Ph!O<|^(!UrGUUlF z-M4C9Hbwp8Y_{GDtzg?=LaTX6<&uUYer|xeMYLhgL``A+<+7@>sqCWP_o`4|=kDF3 z*$kVLk%&<0dl$Qstr?30X0xMqw%XsADE3K8i>Ch#EG994Q0z=6i(ADVWt4^I)I;qStA+d>`3E<6%O9OxNn| z1LoDnYg!2$_mRgx8#-59x1nmB6xWSB?1MVx75u#)449?AecJ!xweqn~dVLl2QmOCt zX^6Zce?gChPr(Fw#6MSE^%&-?ob;K_VXuk4Veiv6L>`NNMPMLCrPE2XS*epgZVkxCC+Rb%a*huT+*Q9J;jE8Znx z=ZHfc9x|v$Qw$Ep=0T#&-d>X_c3-DNu+m^L@a%pJGM%=YjP{8#{!>Ro|EeRaHzQhn zKL~Se$8Bzm>ipl;^Y?rQL@tTAE-qDFvB9tq)hDEs_x4roQ>kquSIMYFw};#u&rA&x zdP1mVP&u)>==@EyxS`^5$kp&SifF_*`yknVd%0dhG{X#JF-i{)i<=GB{-^%Z{_d#$ z)Zf;DVog#;9!cBiK<$G!0w8Up>^0hp65`s5LUU~Kp*rl2lNXj?XO;;w7*I!xe^2CD%c=0=^URI> z^8dSyOeSXA$SU)9-@$mt7-^PS8IYRnBMWcz8yS{X00~Lr6~Xs4ow=BxdP#O>@pl)X z7D&5!V76}lS{r%K-e>IEG7=uFcsWT=YlSnTxU+zJ82_7lIKV(;zKHq{ zPX~oHVgl|1XOpB_ovNEE7T_{nA*_1)e-;k71|(dF4~C&GQo%%(ROMs`;MVc#8HnKN z79R4bNcxv&OUy`dA-Uo580>5YPx8ip@CpAWm`8Y)J)(&I{C{|cXV)O@d7KUMCXa-F zI3Zt9^y~pe&+!gS;eWO~8|6ng|AYH9GK~3q{HM(nNq;^ z{m*8@jW++ZQkC(H|CRmp+OU`<%nquq5cBN>3Cxtfg5`_nlA{h;;yT8^95NULN9oEFdBi{RC@n@IE$x}QAo449a*}ENceSTQ7 z{MwH{iz1l8$M85g#R2&}&G{cCf6q|lJWkVyq_Q*^@N9Ak% z#tXp8oy%?2IZ4!}GJX}XqzgpVIu|PI zpL6B1=D#qozM{(R7pPRXVjq^CK8&?J7t7fd*EOW7K$6O332M`$8!0)z_Z!uV6{xI# zI_fu?qYm4gPUJLuHik6b$EGqHFNMoFMT-m^hqa7Z zaBE(X_vX{h;Q|qtoxY^9kFPvRPlKblwkDNwYGf#^CX{P;FyOuGyuc6N1=lGe5JC!) z9u#b=oQ%dRlga1{jO7)(ik!*yU!`FhiGRJE3e6X^ zG7@ay;4ICLRj8%gF&$>z`DjMQGxqEgbp^fHYe7qW!DO3w7?fk>Ol)V<+|4V$jQgG|WD zfdCMt=ifxBWkr5Dm*~GPsAfLqI3O1`ZQWC!EHWVEzIk&&>3 zx>Fv}T>5&veUbK4kKX!s*U{g}*?)d9pGz>y#pb*-Ty6Djg9cKrP#Jk~m8br~uDE`5 zV}D6$f3=FI_JhZ}TX+^T10hGRdM1=-==+b~^GA^%dqVjI=0H)Hy*h2=hwY`Z9Os(-91%2mGUGpuY++e&T&tBWTx%3`Vxd;#(g8X2zE~;ISnSV9OWKd{1jN4$RjO_mJZ0(=+p5hpug^bbx zTnOiex&1SD?&4L=vIzNnoO!YB7e|tgC(P!$1*)0_*mp)A+O1;1P4Utr zUL1uAoQVl~!hxrt17NnM3uTIvX0*?3uAn`W0dPS64D+{Gh43hmkL=r@^^dxpv3D+V z*CGG{u@BNDL=|~$vGpaETS-*722A@T@g0_BpabB`gX1E=@upR?L@fV1p@?7oz6;|I zX{0ebs?*EyIH-mEHZp1srMc@m04Si#BVl;JfMxMBjC*k5qrz9v&ol)k6_Fs8I!<8K ziLnOi?g4nxWb5k1px?vKMw%?v;IW^I8wF}ELRn(srBIWR90QZnP%vC+(8GyX@W)mv z4oi{x@75P6ao!jfJqMGOjie8%gLxsz-L4Q5F9c68i%GSR;|{W^B5xQ@LB&@_IrzX}^k+y*So`b}&T7=KqS_8Bu* zxf8r{k4N-l&mV!qXC4_fdJ0tBLujk>9hsgcv3N)9N8t@l;!t<2;Q$y-cstanq{Gsr8qvIS z12?!z7tX@oG#g>5XO#jG%MUZt8nGAnt=Fije1#<41imtl8}FV_M;` zZ#Hq~tn^ePA%&C1)IX#D0#F;GEh0vV?FLkXB*s;Mdpu#9on5NbF!gnNki*s9jy9SD z`*LchWVL8$0pky&Go<{Wz<$34QI81%OW&lOZ3)M7aWD@gCF|qpe5e_RTkY&gZXvu;LUIUkGq# z32oGp(vm_+RW`$z0MbB?kW?jAiB$1gXtQ0PM6w4(G0JXOe*>VLT9f`wV`K6YXIzNL&irc;BbIbWoBlIz1Y9F zodIx-3}b-b^mQJlm*~}`Ne`HlW#ux+zeXEO;p1L55+O(rm;y_-LfQPQ#bbL zKln7jH$NK~g8(z@WZDjv3%?Bkt!fi|=opG^oK+-(PlBE+FzawMx>l@_{h>KA=xHCq zdlAgH{~mosHLw<`8mAg0Xpjma`o7FgxHj;O&16aYu_sSw>@4rNZf9FN7`Rw6r?5TP z5nG(HmhL;}%9C1w;vf_-PqqKP94VTH8tB^->3d-!__nL(7nr!Nl;*j~l#;e~3&m}S zh!V#tt#X7(E34M}i5Ld3?vDhJiaD4Aa>MyiKWg^f1N?Z&3jmceUgIaPoPNb3sBBOV zlQ#gM{=#q?vIuZtAZz8KU=~jm9ga>{jvncfX$UZ5HbeB?k7shIAn4+j5j@@4_b7pn z;#s0i-?G%DJ+zP`M4saMu4e?-0))@qn?v+V%JvGxoGRHoI0mLsaMO-2Iz@Lq`8|Wg zL;Q~c;W>R1z+A_mfRm^>Z|@O+(Ow?(z0X%`gsO=)(olWd6<2RgZk9zZw-+F#F=b=j z&KRXh>HSR61NII1rGiI{W2igkl4kkXZjE z=tR48yZBCV`F#=9%wabJ+S;$%+I4Qtejzk4*CyJl{EYd8ChQI2TWU^cHak(OA`t)` zirc%5raBkZ;epT_ULDU7?usfRaBB{_X$2vLP8Y88{sJapF;trS0FnrQMTj?j6oUw;0?j`h=4 zBZ_>AXe!;e&=l_~bc^~%>}I)3KeZw@@A^Ej!^k3_uzvsDV2`6f3055nN0fDYjdy-A z)+wzp#vNCJ==tvv@=~!<7z2ZP<`un+>pav_4;;u(1$jjpmJA21OFJIt6kC3vC%dQl zD2Fxd?B#jqVS+KdJEhR^eM~glAoq^#1{YUnl_@{N4oEeQgzyD?3o^fUS{CeKoZJuL zlBiE{(u!h@}YX^|d6T$vt>HEm+}uwMcQ*^3(8&9O5e|r79LO z@{D3JX>jI`<(Ktu{HeOU44|Y3{58-{-tIePlY|oFR~=lf9?yI{{NqNYH>LG)U8Jqi zs>pF?x+}{DtOW-Nc0OWh4|PyJSleTwA^jQ%eJyoH9rUo%8EZuAEnIetqvzfoBaM}I z>elsM*-p{#l$hnI_F@mk4Wu%>qf*hM;vg8}a`hmise}e|JTqkb z&R~au)ay-vd=o`h%2Q|s~>SAL^!^p3+%E3|TAgLUWK zE()ac=L)|+ghjy``nSE#@GoWU4pF8T%HrL#ud1 zwM%F8%x!>J`~BxGdRD4;naOZS(*;8L>=e4oMbkJ|*&A|gslR2V|FkTu;P3$0Y`95FwBJR>tLJKbwnoaq`< z*;_?$x;pa?Ni+X)EtNUqYZ`YKW)XU|TvS9jja1&t-uT<_%#kj_HB=s`oK&#m?L4Ry z6{OTFAQeZ~KlRf8!FWo6K6xyGJ3y~s#3JD7o6tT4@g&j0X%AqVS zX>U3ztMqu5315D4AhoBq=L#aKyxA41eDVkyQo(JrE$F}W?dt(9k}&6JZxOWVw$S-yj}(c`L0Izit@KZ~HzxH|Z>Xm-3P}FEkx6r+ZPHq+nXw-o3=J<;GQb^8 z@z(nRAfN{J2>TcIp)W`YqD9YWD=`I!5qM8{pOfNmfA+THsDPy*BuE`Gx!ok%DZhZ7rl<`XKzEq&?aTWY{pFlP;WnFZ!9;`qY5H%#QnLqJcUMwJQy((7`| z&@RvA*$+K^P_1PTq)~-BLfKN|>KbrJT}xsesj>Kj%zlQ12~@<+&OPel8|CFH$!KqJ zSpOj_etMHKhyGU~kl453J^-7vib}V5CRzk42ZKB3xzY&iS>N1X@)H zyKF{(3G&S&J3+_oC4@bxyeQe@cRSHD(bjlJc_VC;4nK!yEO(T;KhEZtaJ=xpnJx44k-36Hp8!SzOv`>XN+Uayv&^y!!RZrTga zBVS`k7T~24T(|rb>w1tEWHQ;b(_PvpYelF$YV3t@rJV`5WODam&O(u1Ty+q+Dij0> zaLcJjMO*9=c9ADzaU7v$TyhNsxBTj=r@?W(M`Z13!eYuiO=yH>~L5=&HgL z>(IMR+(YJ{xu!0Ce{0?0kBxXg8eg8G?#i{Gk2Mcf;}*D08^!Ym^{zjDaX5k+**^rZ zUH5#hYT7REI*eyDsjZ8y=%?mnReFbVmDlbNm-U^wJ?iDz#mNnBQ*f{b0_zy>U}Zqx zhIge|#4hMnbqqG~)3|KM^QvAf{#Nyh4~L9nWne+_b2 z9c~9h1(|`M=%?0ABhBz8O@XorA;MG6^Pp%-Gxx<2hI^5+`LQVU^_=_QeDmN=5wqOL z%lZCoYBTiGbjsm1BNQw*{n?L>l-6a95BDIB^*>#T&ueG2dViI~=~jVoWVC0EY-YnC#=>2nNK^qdL*? zaT-w>wKu+)izk?SYAxh}8g0|UoV-!3xGpEDCksWxtS7eQhIVTn!l!jy zbxrQL_c@EJTv1ybyd(5;KPIsr!Rb`A&Y$}6Le3s$)S-L>29P$LJ&||nxVTCknWU*p>y6fc-P+h-p}68 z^ZUPF_{3b-y4E^-t#zC*;UsYDM8pBr%H%k`F*ifwxWai9B~x|IyMQHcEU_@Et$}st zCR)FCLje7<7V9e;`W4~ziOv}nfq;g#iT7osW??0jb8NeTnl`)Odz#`v2kyE=C?D_a zWy?}`wPgg_QlfC;w61X0Ra}IsMJL#z;0~U`7`RcsB%$6gRnL+tR3`_&e7;$Uj)sh7 z6kK`xLc|2W;NS_)OytWgiAO6-$6%ujwAzTVLqlciBA8Oc(hT|G7j_t_8C(tocCbz- z!kuUAa1{l5)M${1X4cI`-i-$+=nX2;QK{VaM+WH7TrQ{CBN=V|Zhb<*LC6Y-r;d7! z5)`bnpzWVD$Y+DvKajl~@_TZ*iwWw`Dr=H72EwM*rw!+7L44DCTvk=lUEH!)?I(h# zJZD8X-RBtsi&$is3aMubBAp#z$PEz>vj&tD6>Jx6u3#$`nM0=-G2uqn72eUy5v;D5 zO!xqz2g||PR{Y?vSHwOu2ztm=EG{TVkflw`*23?+=nuLB(E$ZGf7ET{=X%mYwyKvQ zFxJO}_$i#P=@!fyE+M}2dv8^yNuHLCd&s&=>I!$1PvLgcUd56cZs2EK-Z*fW8^D5h zINhRFSz>@qrx8ZN+>*wl8azW5i2Wn?E>yY*1c(g<>^_p-XwWHT=1yZ6{4^$>&de#J zgPRY?NIg7yArM;98ac^sCZb$OQc6QT;?0)Vm-RvV%On=lS>x2GQ|*<7KCK!FO48bg)X`nC%?S%$Krprs!bZf07!9Kp&6^oFz%X-^|2Zajjv z&r#J?D!$fwxJZJ}Y&|n*Gb0!q(k;EQh3XB#*2@G5%0};jl*6^j(bffZp}-?6r$ar1kA~5w zBt>|1kkA^Z@hKL|eW#;ayM!882~;BUCwb_2Yr?xx<#Pkx$A<^^`U3OTw_A&G3aH(L zW){Ht)mP)@ctbbPn%CQ~hUZe5Q#}MP+t(Jev6pe($y2m~=oFrYl%Y!_l_L(55nsa* zgfe{nQ|*%ReEgh{BtGv8%f&|p=ayy0Bp@lYHx}4+q)u-K9v8Q~b*p4vXg+{ew>CN^ zItgtdQ(0sv(wA0PQXwa!pH}w{HJ`wq>LwjRCOXV$jJK_r9(R90&{L7>APaBF2qZoC z4&J$iOsHon;c2fEa2Y!ma&;JD%w*`T^ocS|y}cs&oTgAuyV$enI#c(x`Q^!(=A-4K zYtXt!PeDegQJJ1w;{0mj_A{wVyP4}7i=v=qTZSL;N3*tVww?n8lD^dqk}nfi`dbGA z`C9!m`JO$I3jLIn)a4z@Lmn6oL$wg>FUEA|LT7s)jXC*b2#F#dl0O@5r(c!cKitGm z>Jc5xK-Om{==eFqu@*<{=)PVvdsYqP}`q9q9KU6VXSK}Z82TEK(AaR}Y zGnUe(1u~4M6V2e=a@V+a9EIyVpUQ4Ae4L$qOhR!D(x^vvvA>?qg9`br{9%!Xs#n&* z#`lN)FvA~LB+IFuCsUiJq06U$`;qPlEuPXH0zDvBL^c~q?yR={FdC{Re%ge!$jaG* zb0g>~1eZsd-R%-Q>>6ne>Q%P6s35;nn0G{dWwp@7c1Z|r%OO(bJ=C2=Z{kYCccEz~ zY*kda;epun?18BGuyB6XOXqPu}LBlyN4qth)nDIGX6$yJd~gV##c~;Mkkt-g4%1#@EpY@w?l7>Ur`TGEV@qT7 z^ByesLdV<3(fm{qIldsKilA>E+{uwXA`3L2lcO1;uT}_N=6J&dp)S#P12T(%6I<9`hMm zYIjbE1Y&?Apeb>!>kRuf1*(HRSMM1wEGL6MS*nm12UmSuL1 zmAs#X_SuiHxws~4x7l+l=Y*|nwIy=b1wK-KwLJXDSUD9dnq#iq z%?%Ja>xzUx?;#X190(>%FT!xl#ZWWflmMPVqm{3FyauUhJ5nn1@!Iy;#di-ME}ySc zfO&L})M~X_2b7sr-_f#Yq4ySAMQlB4u)0}PsLjmcK94QBFK*c%W60=F3RT!0GzgxZ zp+(zUdMw5z9gQx8ozH}sO|<=W5`%}W3q-pQ6Hc6*3nd-jYJY` zi2)^F#V+vWMD~6!e7nBwez@_%lj%Xi45e}6ncGz1rZByq*Bt1t99`y6JxuA}K%J~3 zL=S4PMM9h~JOiXl6M1HMGqH5HfYU;f`JA9LsSaq=wF#&t0NMGdK)(_9sLa=@i=PQ_ zM4?0e*Uc`mp1AspkMBQyF;y3R>a)6CZNLQOr&f+jYFkIq$dVRhk?z8*Y2>UDNElnxSOj(^$MC#%K6ChH&BgZK+Wy zt=A1LBRo=8flUj?OB9UEwrw0XFU(xQ&E{ioyl3tj%v7Jp#0)dW9(1AqJkK762ZI;L zOJ(lREY-m8SxZ7i6(sL)F>M5$zmDCPztZg6m`pj@?0bM871n&OV^~uXb}LAhNDzc1 zA~B;D^;dV3ICjS!%^jZwC<}oGuf58l?hpaygP+o(u}**sldpypJsRpB9o8FEC8QR- z0ntVj6{V#b!l(#ND%;L+u8JD%VoC1Ro^aoNV;HjYFk)ORPL@*5nRD%MIkyA~n_QV{ zfM@RtuRAEdLRWz-wVlr~t=1t99a(bgjA1z?yeG#q{F)&ya*;`7(|7ic6`_B<-NzV9 zaetMwK2H3gYpQJZx6Kaj?m>ja^pKb~&D2Ymn)BF$mU;C)4l5iyq}Y+93IHZ_+74JR z7F4bLJ$(F7;*%>P3pdg3wVxS+P4O5I7r|cv)18jcsl!TV>I}>r)?4L zp$cpxtAZ8@4YjOHy;)ob%vUeehfYY>vpdY^{am7&VLu^jhLK6p#a>K3LXPbpRihn^ zla50}zZJd*XsgdQAzeaSa*oFRODXH3K^`tW<#QII^_d~7uO|?V2c6K8@*(4)>E`io zflc6*L)YZ^b&?Eebi8^zE`-DFM0jVhK?$|%L_7B+8aU)oN`+$dXm&#Gf=A5i*(zPnhL z*>|S6g|ymU(-JJ_U?ocwYY~QTGprsLJS1%ua3l8Q>z!(})I&}D187P^fLKV-jC9Wa z$;dN4v3mR+g0Y_ITN7RI8&e;u=I`gWHhfog7?B!xdfbS#o?2`GNaCT<6|CL%b@b_a zhC?OT{ZQ!Q=<53zrTr!WiD}&_;8Ac)i{7MNZ5hAcR3Bgt7GV-)7Jh=*xe;%r|k@uj_M}t*W=o^I|{oBQbWK!dCXmXh2{|jlh(5og-Xa|Jn}p;j`Z2v*nNy~Ci+PT z9R6_Lar@LNPm3O3rgZb{uVgd~@co93LF|}>shGq>h4H=9Jtjk!ljU9USMg$rp&0T< zIA98iQbZRTrgc*WoSWaD64#}Ypt(+?p1}cSzX-q1Pw1D*T#{`c*?dpl^rj*q?2Kmf zqBMIw;DD(< zno=;BAT~)6dLxO_8vBg2wpR@|USPN{zNy~!_?I2u2Es3tQMb$J_y9^o3zDT{L6?hX zVCY4D6@8p>g0PC+IPt3oVFH{zEj&(RCQPX=t5lsXwfsJK#Je!$L|(U%ip?6uZK}%0 zXrW|cU5cWkX*Ip$qNFv|l2*4-z z*CIsgyr*hk>)UfUr7dJVN4ZqPkJ+oIagX3nP%|?h`CMFt4{x2MkCPb$-Iu!Rpn`80 zs&?Yw9>Cjr&HTMOd8ELUoZl_TNrmz!L|_EpfuBXO(?Pq$GLO19m8Fbja=v=N_NEkD zsy@;rKHs3y9=_Dd#B@X{y}Fd0Q&3_8AGMe?;|hxBv*y|X3?SZ*1G&RPYDgmeEYV!@jDLd^l6cF$ zLT3gh4X0+(B ziIW895OM>9T$(__gY4?V><;nv_c>&=_`aiEjf8V=w#5pOnj~AGd+X7faV}5pJxG#s z^pKAYa}=ov%4YHXYc&<7hnXZn&w8tyUU|TY8)UCd+#~&@`Ht(2ceJ5L01JeydtAK& zcB^}Os%1*E(|Of6oENzn$g|e3VgA)l(~PIQk+@t!!Z=+K4{F39vBrf~) zw8PSd7Q1<=gH3i-%Ua}dN5J_t_aAJTvUiPxzTz*F)Eh!E4a8&9nP{YgyBn1dRL`W& zRd0WU4vjQCBp!RxTx|DtRxFINn5y zzjBC&{Or6D^aG!^Qo+ z)JehHkD+K3G&~9bj#`^2%}rKmf{41PNgH30YUBr0(1Vg-iOtW_Ym9-=@dDVv$=-yy z`2y$wzPr1s)8DM^(lV%)7+MSsBGXf;-Z<#afGP15zXy%68-^IDA&<_NjFd8|S^apFJE;AOB`%O>pVD(U)2&F#-dI`;>#G^Y{6{MZLI)>~V2 z+ywYKGx$Ny(J|ODRo*e2Qkn@E08Ib6g=GU&2$A8Ud++BAD2zF#-J-<_L-1y6+{8XBB=<}(X1D>c7%lv#y`@e9~s-F*w@l9A$ zO-9!m=Phebvec^X7+4+Lx)G!m+IhRfb}J0i2XU;2UGffjt44D^Y&e;z)L;NX^x##Zmjj=ZQF7K$zveb9l9$bP6y-vYi5Cl*SgLk{zd8?4y>0ppp3JWYn^LF}%mj zLzfQwnffh%Hib>6!ZY!euTvo{ASZPCVU=z%lvX8X2GofY`{%F)BICBD$@em82L}d8wUJPgmvI8Xr#F#oZCJLL*Ul z3;ixXVUF#Nu4=?-J>0P2=gqFL(SkY$-0>8yee=86AWi);Gtnk-x_VboB3RSrunwp= zdLlq&M`sk(z**;2g#tVy1xhfsP1cf^@UA5(R- zCJVMN@@GLG%lwmc8nj$PJ3%Ff{xB2CoOMCjXnLbjeGZp|T@_{7Oe3N8#)s3&OD3jf zHT`~O_l-XBLe1|!&#Q4Eo5*cH7lFuk^MB9MOZt=bExS_0^LYBkych1KA=rYPrDP)= z=Nq>iHJ=?4a2c4C#@-4VIVaRy@Hb3>ByHTaxxj^<>i&oEhFTS9TAdAaPqf8b1N`vKwogMF*<`RSj49T$DI`|(x) z9Zyu0kOg~w_NnPOhFG>+Cbr~T>KtEE;sdJ`a_eP5Kb{`QkRqv~XN6Fco@ZO2d#HR^ zlNu~i-r7T?V1L=*W(odm;QbutGTeFf>u7OUj@OBI_*MyTDXgaC!}wu;$qNRSMUE6X zTF?%47Gm&j-#)W!_!wFUkpGW$9)-QMnjs$Z;=a|DFvxtX#PH<1FnpsF=Ku2ayg_fG z{q&V12O<&cj&|zNHs>QidaA7aH09r&I2a`@6vqnHdR_r&PP>ixSuFZ56~~VoUALn) zRaZgt*RELt^ag=xLgTn!ztgftD}{Q_GWuk}w%lpW{k&IDNgv5W zat^};oBrFQksCU5QP?r?U5=ZKF(ln(8xA)(@AT7AU^QUNqD_{+a7*DdZ)h}q^AUfD zqT@b5)hf?yXqori0TmSwaF}X;JwOX|qTpX4DS_o1J?u*4b8spQGTg@S1sN4ZPl`^^ zFQ|CeqBop{4MuXT9~R{~9iUFg&UaJ`xur_eAhviB;ls-8#SSbF;+0oeY-ae8m_4(Y z5}W+)zA-!f%p=g%T7SJ|!}on_YwJRSJ7Y=zkqc-F8*zRU;~H~0AQK2nS=VYDiP7On zeggbJGGgtu$ug1v^2^NwRZTc+g?rG6-qu|(O&^!pnr_Rrnor-S4$ZXj=Q2--vJLyu&K1F zmCtFJ<1QIx&aIf~ZF)`tW`N;`20%)#m#)^v8D}KC&2kPIB5Oqpf$Ep`vLD#7Hsa}B z4u5)o3zG|KRCA;L;ROP8;E}P86If&<8_d3 zi5?DtGnN%O%$N=KfKdA%7_^}Q=4`x;=6w|Y_#UmpEeBw5!@UDs9l&1tXM2T<1_nJE zOy(ztJFSYRb2=-{kLI>6VvcyzIAVm~z5NB|aKg|0dM03Ms_hrSxzQ>F7mwX4u$qTL zz}`y9X}&SfuO1w2rbUb*>F@H89y$7#mCk<*1Xlds*OPG_;{IVo1hei_7*$FQD8x)4YCEgCk&rR67Uu-4KOVil&Z5^#vtefwG z7;+JlWtam4EgAJ52%7^qQil@&+CVQJ=`<}m9)m2^{uCVC$7Jd!KW|#ycfd4uc{>Oa zi|s_f^VRJFOuLy59{av|FgU%L1sc389+*2XYbauFA5>J& zP_OUTfuQo_prmTmbp3P`+)-%rha&A$V*uq(dFka_%Y;x)H%vo;)HYpeqo{)l)Bbnca$V$L&ffOZSb zU@yNyM|7g*NAMba!UQVMOdEoVvcpWl^%T>X7kje2r0ITzw-i+0+bsXW_H`(M z0ebl>1l8pUI`wuRm-*_TiT$DHcyp2=#p(MOjjMl zvaG{d7(}};eH*_oL1?v-x19IuT1$~!&l7C%{=nO86|-+`dVkF!=HtL&n7fDuSt`%P z9m7GGTfX}lo7e!lA$a_`rw^@gi}g?sEC1Mho9T~XP4KXoXyy2Fz9Ff#p$fK#JFJd|0^7?nW2 z6BoFpS4G}@pHk8O)sRWmi{1{CxMww20&jPw{?qu_vj? zXDkjN9?mq~EnP(B)WV71Svl(#;#qsTh1{9CmpkXLhS5atnO8p^IxyUKx+P>qIoRn~ z5)JG7)?aU8EQ015bc(vmA2|YK2N6h&{B}$y1w6~L&jc&;xLz5^&l2pZ;?Jtl zbY+v=n=dt*VUFMs8xCfUs{)p;R7H*4^ILu9VX|Cmk_+&IdT(m40}1~qCAH%*-fl|K zxO+#U*haHhO*z8r19*C0`=`Wjj%D(xgW3;Uii6sB!5OY=m}z=T{)6Z(w8V&bBpYX_ zA3mfFKFkda5|9z!O03WE1nN7I(2oePk7P4HmW+OpCj&k`GgMhPdCxLVD!yvS3+JeLsd!M+a%b2E*ul?04VwzJROXELb`R>_>ks2}rv%v|;PBkIhg zDwjSzO`c0(v(?fgdC_n1okmuRs8OYfg;n;ia}_|B8~0r3 zy_Mxty)SV2{unL=b@jh~60Ctkp<_5+CG}0NP0r%*KmJ~hEgH-p*PV_yJ`1kNZ=VEO zibf;`JQ^e5ZEa8fI$sPAT4IzNTkq>}!r}`GB3dgRgBx$m2EhVOZ8(I0?+9=m&*jK7 zKHvRgg)z^S@Sq|Gq#vRie|>8T84z(Pj}QjTefv87Ha-}P5WYx-~>47rKK-FPGHo=ZRu}c2 zu@cK~mNDK<4^UB!o;R<{d`|Nog^Y*`Phdq&_kWaf z!HROid141|ZIZlheo7ZKfZ>AZ`I0U?mTGHQ#DYU$)af4Z(wF30letWbbh8_+Z@HjG zneJ&vJ66??q7K?}y=w^U!i=hS|B$X=LQH#T+TrRf^-dsx$;Rvt$+<88+#sL1$7C&* zRhLqw*&9e1KP$`H=jEeZc5{Jcoq1C;As}%s>OhY?*&uOydXk<>RQ)n1I0a|uGD~=j zF@=}3dGqa`y`IQ&quBF*4ZBPJp`Mfv=Na{Etl6k;1$dSV&Vo!lpANG3hF^GQ3&8@l z$V8@O0lq#sIwmPYb72ww*dU?)X3Xvz#or|wO{Tj$)pIQJ%%*4hS?zDpLiViG3M-?X9Cc;p zC2W3dGeyd^hR^i_1G&N85Fw1^3L-MGYF>qWegBVUhZc^(hC&Ad{J0)G&md?vMPaiu zLjKEf8u0~8%PS^^zIlVXA=tw-1?(ZE0AMMBNr+r^siitEwfrEt_zAGKMt@q{Kj(v@ z3p5-z0cb{Gzb3x5-k;*D^V5 z159LcWBVvOUMfUK&10leaMR8?c|YB!n*HMG_3voDw1z#%UCfJa{hMeaR**b?DA1!E2lS@|)lKweTc1<*#*VpRQloGHPo% zTMX{*l}-c>)lEsEr>wNAJRgQn6&pWRP&BY37fGnqY7%)xg1#NiSb<@LtWl-`IPhcRMoe1}v8Jvd??`*f>7ML-W3G)Ig!8T%g^99veBlfFbW3tFCD_Hym zoU{nvERgBB&+3yM?6#FWd^Z-(VJq9?CR#3)$QO2fKE}wTIBh5C>Meqv_JZTL4}(kJ z(RPjO6kvFTk{2c>XTtA_@TqdnQsuj_SWnJ9v%Y3E7foA-4RLCCrtd=DTdB9PAldDv zi+@`o-G$~|E$Y%;gK@i`PJr(gb-&rz;ni^}*;wYKy|h$4x(suC=B> zbbQLBmi39j__?K~ao~HT{IxE)?veC$J9xm&D(489Y#}U`$-5U`!8w z#yNrk`4I7ZrCTGyy-z5xfx08$1I|S1KRAZTZF$uuj)l+FmGR%4%H;urQlD#=c=nE_dwd) z93W(UTOQiTzfQu$CLCbh=m)!)J%_;-6te?Tp-#WhN#o+6@RjhU>W{3O$rh)@Ul6jS z8tO%#6NsX!C$Z7C7V2liGI&$#nYeXh!k2PogMRXyG$7hG>7G-d+XTm7WA*|A8W>RL zT6^v8xEi$>5vN|(FT%02+_!io-oF!QE?CC6a^F(I=mKEJ;s66Cmvg1?Q$4BMD)HCb z0Jv=NTm4cBb@|MVwWW8U66M7Z$K>%JN@kO)uA1 zU})PH%oWB0G5%V$T3f&2>u(kq{RHVP2PCDo_1E8Q11K~g(}pe_SWIK0qha)ka;L{H z>%ANMDO^4Yr@!&Rr+VI(mh#aLsgc)AGCr{-+nQySHsXyIug;fM2w=R7*F~xAW5a#2 zx%y52-+bBsFn$b_9LR(C>5DG`sZ8ME)^7nNS}PZ38!9~H5gBvIYDHm%ww5T#SIOJF z<@d!^0Q9ca&%b#x^86=%umOm97zIsMYsq#HcrJ?%pKTEnTh0~@TV z4~$vW6Uncxio#cYtq#_!185OWu}WX0k|2gs2gV+-Vmij4W#Wi&B;bzkHv1BJ2>_@ytp3Z5-LjCidxOH>H61I! ze2%63pz#X@9!3x%(-$cY`zk7)o50(ecpR}Vg4#_%>uKoTnP8}|)feue7bTeNl->}1 zDjV-K)1kqHrNP&1jCX*ZSeNatGu(2-aBR84gOw(5iR3V)ztr zjuAGYFw5nqBJ9iPF&!6S_;9rO!iJ{^4ZB0j&xE_i8H3hHxudVYrV7A;7CD)5zZSmP z0G^|U$E<|qv3!Ss2|t^C|Hs$eD+1Y?m{^1k6N{|ej|gXxRp4lOxP#Yb%)*_{PC_LT zFVGX&bAt#$IjZ(hL0M!R!3dFHa7oS+UH3MiMt<9J;)^=fQ6pig)(()V8V%SS{7woEY!JyMmG~7YX-o3Q6v*jPQHk`tS1o}g(K7WqIWezv%aVDs_fLf% z2o)fMlSpwJZNiMQRe`|@-DRV+j23H|(ug%Td}h#aDJ`Y1qtDGfe#Ta6`zH;4*OW$_ zAjebqi{;q70pdiH5dS68h=C`sf@ z56s2~zZ4`I*8#ug86px5h^sie2TB^*vGgVW#2*<~s*UANbzjkVcYDCk6zuTygVE1P zrLR%OY2Tg$3#U8Mj8m&{9hj$Io1XdPZmvLrtPj!tO0XZ}B)i%dIIFUl5cAGsEMT?{ceuo67CmdJBnD6A zC;?8AUF z&&*s8HU=FGv?~Vl3VAt2_ODr>hQzjArwgGsL8MBmVm;{|7MPWj{W{Jz_*oW8{|#}fvs^e>18V% zy(4Z@-3tcG8&f}Ha5S`ky_EaR;VA%u-XGuPYGo)|8n1#6V!v;A?tnCX62rscns2i& zM>n?nYdQ>nvs?iBxwggr952~<=*#}TJu}j%4gFA09W(UHA0Rq-RUFZhI3r0$SVS@j zG^9VE%()*sqRU&5ck@LbF#)EV^@yaD76=C7F~I-d&-~=CKRoMWM%YTQ7jR z!FOPrDW5mr!}fHcM^Jh2bC#t%kci$fSxV>iXbfLkJ7@9mJPg*x z?b^2pS3Yq=y=V)_l!cxJi3(o3fmv1iBhbHjt6@M5f&W$n?bO!7ZKoFYg^N*N5Gb`6 zj+Kq!?)0q#0PkW4e^=8WNj*a86FaY#^EUV1Aoa;Y>J1?ms{%FTPu}*2orWwDF@^{T zvuEl2ay^Tl_0oeY*sIlZPmdE6e|eqX)~-R5!Q@fIg(L3A)h=ti{rURVYul+gvNO)! z!OEgNty~R1{Lu|rWI%7XK)&9vkXYKWTyxmr{%J|UoA9|c9(d%=UemXaF*ReQiF43sYuPB6PwIT(~&1C8*IOw^W2&wtyKZ7k0h`xf-w9ZyBCrAlVThF2dg) zUi{^&v;~~%Dt#MeC60_b8b5vO0d)2bc<0jqOhktfaEyrDb({O%wmR~fgkKj~ztDU% zm7-Ce%yB@%W^f0pHycH`-aH3tsXao#D#3@He#`Cja`U}hUfEtIVzz$!7XR1FT=<+s zNZM5X6kCFFUBbJhHn(1S>(5rl)2pb@dka<-(QjRk94UOK!UEBWiQ++(AS9o7D;m*^ z_Ix=#bGpDR?8ZihyIy&~FD(4-myle-4zR}Hbcc6w=U9L{&=tf$G{>;D@^B*k1+EuJ z*3;oM?x}!Q03R7&X%9bNl9&TKFxij^3t*>mjrhr<#Ugrpv3}{=Q;QlIjHZ1u%~eYL z!w-LV{&vY5N zkwEjF)ShQZz`#O_t0WvidH?sx6~|0&N|48j5>X?!!|3#-gUIm@bD)U`#c%bFs`R;+ zy8oL8g`D*}_$XESaT(zb;xxsvuwAglrR;593aW?$Me+E6iMqIW{+Ec|;nPjSP(=HR z)tD85k-s>?0>1mF$WOP2d76EpA=H>$J~^eYp+nS|jL95@&n?^|PhcrKl6scF|Bo}L zom<-EBS8EkwHKvG){5f2{vB+j;L)2V0YB}t=Fa~7Vmr9B&tXWMYJ-%pl>rv*v)>b< zQ}3vZ8=9{(@*(lR>L9vGr~DdvHW<2JD|KK! z&sOBxwws}0I*^U+pYEbpo9wQ0bRsywou3b!6OOoSco;cIjtBhpki>JEPpkiC-Ks$R zGbJ@F0+{{3OBPqOPf@P_AEReb2^R&e1!JZwIRo`Tvzt;rr!hX`0&OUjh!3cKM(=Cv zstAF9pE2cQKnUBf^|%KLODVUOe=Kf1(stUcN~EEm&mkh|7i{dn0*w~!*pp^>1e;hA&B6QBMlQi${dc(nNLWR??f~8{)PGs}y z(QeVK!N1dBYKO6g>1W9=#I#vI5l!61!`o_FCUgU`7Tre_zUF`?c~bh=##2@ z)#zslMfUHFk$PVL^fKZ|y1%=xRN`F}J+>mcbHBcL#$&)zwi~Bp9@4g?^Bo7yPfBB~ywJ13Xz@AsN z4B-ja25{itW1i4(6<;FaMa*J-T_tH_y#;vom`*95l@Mpa!0#3|#gyD;2efiK4E$xJ zALa>RDDd&`snR;rqJ;j;;AUr^PG5ZZ=ki=xb;NX%fUx%I{Qc7W=2!^tcBg?p3Wm3_ zjkp(Y6a0}}lk)Sw2UPh#WLiQ3;Ojv(yB>Fk6!l zWX`Y0BK^kQ-+Z9Y4fmH9l)D~7dS3O&()^h$TUy?MyWRZ5OM80kR$)s1-Xu%Ve>4$n zsX3>@82I;tl6I1hQ@@H1&mZ`UbN#;@@UPPP-IPYU7_o@LF!!RE?J#W1-=pGx5mQW$ z0MJ83&+`yNJum+iS;066P1`?ZBS1?7^WUE5HWzab@Z&$v(wQ<=fvy9;d%C|7PXhPj zYRbE;r;iCG9Ij!XPOue+|4%OfGyLRNlz|gz*aK|ve>3O_>pAq>ynuawiBr)yhtrgA z-PjG^!>h$2V4!c+zZbjCcV|ffJ3hJ5GsjJI7T7w{6@9h)5hyY%zf9aCC}>3RN9NR; z*>J`0kLVCIfI!Qu@q(NG!ttW<6_{PkNLXHT+%Vd;`hWVo%izi{XWKGL>ctOLPBcNA zOUH`rf2BfsXznoOJkU4qBOvHT^T~i~1@B2(1jGcU$(4y7(a4sLbran-KaCkY$k1J(Myr4P~EnR8uK;HXL z;z*-T(=PDF-?#eew!1ng^uxpL<8S#kbE2XSg0Al~z^=va)vr<^E3M|cWlLYbgrM|T zuu<(Gh$9-BQ2(W5gfZYyM4&+pBuN*4yQi{NmGiDx- zC#UZ_id6K2hX#GGt$9=2{MtUIe8~Hd;8uYQLhkQ8?cVO_+otMXIC<-wXqcW|5wsS&W{xN?cbu#1Z{Hoi`8l02 zkGi7x<53Uu^GCYlIR|V6#Ef4r&9U7ne5AE9d9UWY-+>(UXq1$x`Ewd0=lic~28_$) zv8ZaS->x|x4sa|8hbGt_F!U%;nF1X-W$hyl+1Dr;Ic>a zTq;{EOv$4#Bw1$ATD8!j*sI<63h9y8D!n4y{yMt)n*NefO^FZrM6&XFPI(11(Cz)j z`PJA7l$hQV4JB|7A+E2nc<$Ut_+Nxec*|AuT5me>hCK1VedzP&$b<_>vsX^uQdJd8 zYsh=Js@J1Sj9uEXJRg~gJNUPmJRu#4#4=Hw=e7Z(`dX#ukhar-Z7D7n_oRkb`E#)K z*Lr88QSABw0U2JKDaP%)sd}dpKADo|CvN_)9%}Q^T(j7O&7ryN66X^u&u4dp35Q^yMKF3UF~^bA?^+@W}5zW z@xVL>{&k-3;xbbFMYh7CL zhsuXAo=kt!_VdL|TQLHq(7@sGJfWWQp4I_kMwUrRWxe}dclsv!YX9R3{y!Y3|M;iA2#mG)}JbrXX5cD8DRX>3_n-6x2!}ClIL?0mE%AUpP2;*Z@y~u@r$e?0h>@?11}7f< zTe<#U%nB2@Jb0B@b>glhCC2*yjTQatGRpEq|HRs|?KF4zz>&$uY_1$5zob86`EIq< zDIEfgdol0b;G!IB)P2uKiKbCsG+Qp+djkEUiIZ&}nM@lk@J&={KlY;@g6W?Oqz3ck z@~b~w#DD(|YRzkfE^sA=AFrLCn-)S&YWiGHUF!z!{E8-X14Pul;a{^X3&|Lna@G$47xG2Iw->D%?13+;cefK2BwqPuL88tpO| ziCLK$5i(@I_;2F4WGvCag}YxKy-7{6vzAqH#3jd3`=1=+na=l!;SV-ByjtEs5U-J( zM(Ibd)^Ytme|&m_KXd{P>J~<{R_^VIF-?>l!iu{t3)*r6ye=#2v5eF}r;y>aqoO7wtC(Mq3Ux^R=7DZT3MG4JO}K7zJ*seDw z*hKS$o_mQA^n7SW>C*Jn^w1|ZrxU&YSWA5EgZc?h+GlpS3#Spkn3$o1l39F--ocAJ zoIYQk9xr=s*#!hu9?CgHm*C%x`oVb}(m#Bg*A>S9&i_#OT!vkL7hTwh*8FfGP2J-4 zR>LA(L~O$VLY-#glTrAYg%`2LE&jx;tn@Ub9h$DD+t0dguN|jNs(GEb$u+fh&-#U^ zNleb%-&v-|Agub+phoMu{inE6P2eE5F3t6|661OK>UY6tKDCQ%n?i78WU$tBk3?#6IFYcBe1wBDzkUa@sd;7VwJA;KMUlqAn*GBSt5t-O>*OC znm~jDpSRrnlbKio8whv(@Fy7+fw}&dDR(#lSeAy)?WY#vYZ+GSN>hp2Mc1 zR#F6kBm37}@&Yi?>%Rtkt)}NERQ1|AxZ4zrez&dd9JLq!JM)e8{X+-idD_#9(SwZa z|F|xfP5wXT-ZLnw?)&#tvXVu~&>%_>1X?mpMnNQr_z)yFSz;5KoO5gxBsU;Ya+DmU zp^+RUN69%gInLqv{pa4f|Ean)HC0nJFMNf4&JJhqz1G@meLqXJZOU2P@C|h$lCA$+ z(~Y|?lF6VYV>Rd%?i7Dptdlh6$tnvZi&ASH55kgA_?oM>i@<8`cqGFw2P{rwf-}}|tGA65pyUtdahVEw z);iJk;>AU}l=V^$)xLWfrdrl`&E{cjaOOve9E&?k zJj+&<(@J+mpsywRkz%EKX>?Pk|<;ihZ1f0|I_|({)$U7k3$YO?hH=2rTohN&i+l6 zBl*t%_%S`wO{?jqj491}P1kWWl8uO*qPqC@y_promE~I+@&EM*^a5+K|G(Da9Nc2N zQQ2tteO!0m@|Jfgj|80MW zKcuC=A|$3>d|}A|bHGM~#+j!4ie}m-%LaE>Kkv>-(3oCH zVpYrKN7A|&yf>hG`|u1E_Z^r|wRoF{5dSjSm`?WTc=iPSPc{kW$*+@!4ZB7BX;xA@ zv_#Bb#c$!ITwtYJ#W}t;UZEe0&b)F|DNeAmOXx}I?u&JfP_|7gTB3j8QlAd3f#jtc zr@esxb?g>7WeA#WB2z~JGdhzRHKD@c$q)*>F1#nT$5h#6k-cUq`r9-N-M!n$V(Kze zu8XXM*u|!>HDIDwR(p0DjXNOQsSc1`Ej@@e(6r>V|NLL$puXDB+D6{|C!K1!J=P0X zGgzt*LHK5ghaYr7m+#Mn`MD8#?dUHsH=8{t*R!dIOS?Wx{Xm>W1vmu1GfZ6>PFED~ zOv2qdg}a@Sh*Rfzd#JOxtdtZPgRvx-QBJ_15bg}F;!nrh*bG$n@X5U#!F^s^s+-%u zth9+EaRMUH=kopQ(-`Shb3S`|DdNS}yQIf=I*%`9G?kKQ7HFw~h*n>dkeu1jSRNK7 z$-MNIO+0g)z$1rc{`aPFjNmdih-we6VzWpz^m=-qfOL~d&r%6Y zJTq2qDtkvgqt}$<8`{EJZ7yBiiAIoIKQ3ZoNgpkp&+>!Ho{tceF!ryx*8d&;VVCD6 zh`5}2z%*+fOn+v`^)8PD>3MFOe!kaCF{sUuzAWJ~mU6ir@DAvwr%Ex72k-8U&@K=x zSwdkoJ9CZ&{<}Rs|6j%pXx!8J2cQP~r1Pt7$-spUh=!6&It(RRlG4}1fB5qpN#IJ* zOW^Bip9t-dNgRmZ5%$~VYugA5JwFG16@xJbr-X=AlNvxUfh)yCd!n5iwzPg+(x6+a zoM|5xq1l)65CSg9NM~Q|<$NvRHa=beuo%r-0952GM$cvT_zN1)Vdw_5t9OZ2J*GzB z&1jE!&V`6U5*zO_o5`^g>jp97xL0~ouRgZoGiMwmXq?;LwjaIm)0=fFGiB~IZ=1;U z7>A4!&iOYyO`7;Q##2p6$7! zA%gREE!P@%Wx(l^K+UWVfJpJsEYv71Ac1U`Z32QIC3ENfE*kO-&L5qD+Fy-A&C(M6 z>rG8fPR)|54xqr*dB_96#~2hA)XR2#&ZRcZ%l^N9y6mR)QrTNyOL|aiu{Zb${m=ga zNr^aP)yy;=mz7gfnjUtg$9v0XaYuHZ1<6qTmAHP-!P)4KK;(Stdz zaIzn{qDJi}d0v_7F!lXLtgwI-7324Su-FWZq%e2q>}@9!h+9eN4xS_c1<06wpEg4M z{g41siCR&B*i)dcD*jXS`g*TaMe^FIl&@bn3t-~#6;}3(7K(0dR~9;^_QOTnbC9mX z3Zu*+^dA_U2Bn4SefL{*7hEo5j+J=3RTLmq=WW%dI@6UqhmmSM&+K7@6fs=&mH|v1 zVfQ$j9(;Ek368}zkVxN8TG`GeZuo7q;5%?#+F;o}Z}|7drL(hcfT3o{ex%|)sCGk7 z$j0|_n};f7K+l+DX`t0XDIx)}X5_|ZB|kpV4g>$!M~hw7!`;wmoQH%LkT~C;&d*Ez z&~#fhQgGTJg}9~MC*O9)^;E&}1nQzo#)GKzwe;-UaJ}n*8tVdgpy9nK{(xDcF7?kpH6Ejd`p3uP%_l!cFULxb{TS}kNvGku&do+N>y)`v zkJPQDsv}+I+~!uMKNl7k%))1X)(_%(ZBbG-LR^8b;^r^#{dg#|+ZOz9-bAsQ>eye0 zxvP$zFVraB#BsE9>(Q}arH<9S9uI#q8ewphxv973uDSNLq|Rf_X90WEZ7od)>2q^F z3ak~aSwK8<4ZVHbt=U{rzn&RU5W(G8=3sgT_PG-zplKfDFpEQeg+~9ss4-yCNgnr=`=g+H5HDiK>7@#fA&=Jcx@=2tHF=teU9Wu z74;7vfru_L2KyBEYXAu^m({x29a~ND<9yX)<1>O2ZfVfP`{VC#h5ax0T6}&23ly{z zpY%>{lEX4YP;#Q$+RCF^FAW^_s>A8kZgU1;0O3pm75) zuSyYssG>Km@kO=ISY@qsW0a2B=6@~og%B2;x>6n7A@d=)z$djVCyAas7G1~K%jO_; z&c~aTe-hw>8oLE6eGn^TiT$TNr`QoZw(caMA?_)89ja7UR*s$d$uJw`78=|wmxKBo zqVD8V=ad(E<45JLdX;IPE_VpP>UW#~jF7o~JMLmdu~&4S_-Wlh@vi3@Tr&$_BIlYrXrEm=w4q=AjsObt^+63+4tqy`DJ9lK21HENU*<-rk@yCY zq-CZZEuj5)NVvio&Z;M%5z)2e4{QKfgg&4Vpr^s9QPlN9sC31&;uV?c>L$Ox@Y@RS z#eip9b{)wAR$M=#%I`(HY1MG0uTGL5=MYzoB41xn$eoa0QI3@w7|a6Xv(aE;x&pUA z_>ja@eOcN2atX^@0QA7vJCq28u{iE`B z-I#k8>pMV-S{nVPsjuDS-f~?4=t%s%t()Kf6SY!VA6%-uun<};3J8B(i#nwDP5$kT z4KVXGvz30hcrQ};NAd(slJH>X(+tZ3C+*l3h6KywGIwq9{7PK>svyA*?r$On?WzBu zrEyI^ux&EzB{rByCoo)Tjl&GfKazL`{F459OaXeP?Nfxlc&3vasY+Gf%NbZKUImK> zJP5CC#IrMH)D7?OZ~ zPn@IwXTKH1w|xVO(*8{PV^7JXSfnGB6YR5hVF-_pr!BYFg=}JfAB0ldy57Vb}O)EHfI#{!H$|%JHGM9~_w~d&q94%cj3L!l* z)HO!(*3o&-W4?h;W3R-esgQL0O!{ig=f->-VFXB2m6p`4((auw_*@-~vX#^qTmUG+ zp`m|vFU=({wR!YMI$b4eX3F-l7x6m~5g-Q1=8}u-%@q=If(>6G8ZLsLzOlYM&97r^ z<(UI5=%Q&1|67|jyo(S7>@P!?spS`bWT+7#wi;Z7FV?eK+WTmAlYc7ygv-B7u%?+u zS02}5C%n128n|t|ILedM)AKqW9W|H0(D-2E3pvCD?>eSmemrel6E6&ry!tx|$lB_7 z9mb{~VKPRqs96o%ZoT}c7~Pmfp~ZJ$NU&ddphY)e{VZPg27s;>HdE%W%*<)8owPPD3|+}8Kq;c{ZmwOs z)zcnH9CvP7ZnYjACbZ0`;-|2&rp0q|>aixsTP9a)6AXd;A!)@u$}9k$O6S;Tz~l?EhkpL7arkekWv<&xU8d z*tUqmy9ZC2b6}cp6RX)Z$-AZJQCl+LG9?=cIoS6;%jgkr^F?Q0@66xWta0F5x|5aP zbGiL&Jx}ztY2*9u{dDECJNn@!C%54xfJ$1ntEwHtg$cuj-ErK<_vblCPMY_Fc+So@ z;^;kn4lwDLV2?(*ojyBnK2q%ymz#&+7q#vpi}ykYu1MBh2xF3;U9$9KeXBTaf>Bd>IKoVP);eWjO6M6p4e}9m=%KEP*rR-Z zIN3ZcYQ~^-dEQ%ZY9O_5DJ?SLPz5fL*G(f+B)`;KF;UGelMg3`>>`c%U2eZ>=F&qS zfP?HWf7aO4LCom~VlH>=e6}EHfXulNAVl)vN?vH*)A1O&=b3kLbK0`UGkLRZPFIlL zzyxebm-@#FE@bZW9C>FAo&e5L^8$OR)aQCDrjV>%)>k$owjC=&c%Ny#%8tL%7G1^&^+yw5wSqB*Z?j6d1wrME5|R%bdm^{nJb`ar+y&2*@Z7JX3BfA zbgwuk$BHq|uBQ#EB_xoe_wz<1uI+SJXOc6L%+x~9MweU?|pjsNa%m3n?CR+w}f3T4FoGM zN%lia=DKpHud1UHZ4;tiTJX!0S?f(7N--Wd$b@eA&gaA?K6N!ET*6o{If+NQrY=l? z<@PjNF8*=eDz4EmxV;#^&RMvVSTiDF?!>+p3zqWF2sQ-VPvNuj^OsWhQz-FiEt?0e zlD~xzSlc%*D*g=ivQ73;D)k-d9x$>o)lZSM^|_jSJC1m1-UdiFsWK3d<&)mN>ZhPi_Q1AuOxhPpns4N#tOwQxvlM z(fT7DX)EFj=qX(aD3ff2=suoT;=KT-Uszv-?^QSrThpg1SI*yyQE7eKYBT~Rpifef zLVIqAoy@NCIizc+U3_9-N*ic>uCx|WZVB^HUzF6g!b|G+_d}pz^zoZZk$AaiJ$ZlyJ1I9dqMm;7Q9p2BuSTCrqxjR$ zsj$Les0NJAK4?18D%JMyx!BeFi3#rCcCNM;8M1@m-p?RhQ93s!QHG}mDAKXl=DlH+ z(vMXsfNeIpwLD}AZ`Ge+O$o=p(&0%DmQZv8J%xze2y66s(~KHpU&Tti&c!*wIv~YQ z3SviO2yjO)STaFrVRY-^CILhDy(Rl0?m=WSp_aj|zZsr3oy|OsPRdU*VhyIDSVkX= zmb^DAA#>9973_L$ZQ@5aFzNwFO6>&H06^#=eEUS9gM%jJx&=EONYjeJ3R^72K8H+8fMGo(eqoH&bzy(}qj9 zJ)Lp-jGT;9=aEuCv?BgXEHixHg{0m}OAxbZ+6eC>U>_HE%}l^!`)h2V8HLLjr&HAtL$My>+>#lfIG35Iwwn zvm+^o_OFq))o3kWdc}!;3cxL9$`wBs>7>>=x`5bb%fJY-qq?X@iK%tIVpsX0o;njY znT5~M&mpvMVQBTBJ+6L^`o_e()t`aQ1)B0e`xk z-CJ%V-%f%qPLqSK^*bCSnKsIfE5F)l73{J}S(CgyA2kYLs9u-qaA9`XPsvH&_h7Y9 zxO{Snf1$&D&xp2%JcH~9lRxFEJPvr-Qu7VjIXU%r%LW-4FEZz>v{2D$V!}|tq3W|> zTz-TQm(q7GSK|rF`}8F<2hrkl-xKD-VnOF0f*D><{O*K& z+B9j)``wRv0C!ltmk^7q;M~0uRMdF3J#TVc<*oyPY;J8RZt zgxvIlgmY#|mE!%so-qxtyQj^>^cr@00Vm_Kf5p~@#g1xw;Y``9*A<36!+X~PG0yqTfTCy( zJ1cyfOdFd9tT@XpME!7yw64C1w6L4jLMVav1HnZ_m#3;<^3U$)L6vYm#jScDB|y9cwsC-8WKYIMg(%u- z3^L@&gqj5+@%*x<5l7yv-+{ly`lz}+<0kK9%eMXMvt#P{#3X-5bK7?KC>VE)bW1^q zi-0*71b=U2-l5V1->*l#RH!WFPvkpjU^V=UqjoP08EJpL#T`oL=?ZcjS zEpJa^DF?eGd|Ja!4!NyeY_9&T9eX;?E zCkR)MAc}+hj%sI^%ZYZYqE;P-Yz*0PS)>WQaclbY4wQMjd_lIAxl7Mc!=0lXJ^<48 z87o~^uk(J+q6K6imKj6MJEDuM*w7K!t_N5=(1n+38#>jCH3}VjCk9RKKYiMyk`2fp z-K=;iG;V}74L~3Tb_;QP&!cbB8bLVh&b(f;9w$xYFvZ%;kgYfR?g zFe@4K=KJTWT4`xalzgDmt|rQOx4xDxY`O~>GLd5Qa!$TzZANgN*&A|2**o*SR0jn5 zraS+g>q2#8zBU0#p$)1K+OHrP7J7zWdz+bdcJ<}h{5o9X+m@zvz)bZ9^GREE`cJRV z`OVJ*EgtX{p4~6Cb6)^SZLPxpur@8=hnq)%FH>-+^#6=37*K|e7p@PHuucwzN=AH%9zA=+ap0r?Vf8H1W_=4;@ z#Gz<@d2x%3*_qoyi|ge zzZP9H;QyMF}IJGPG)lDM%ZZjNLx7%!U8MACXF;gT^O`*KeQq#>~YFxv&M5N2>&{2Q5HV@I(rp*?oO1%!L%OC zGf3;5eMMR%){2Sb>5M!xYP;1g@t(gFbm#}f;}1?JgY?7u5qD1j%tA3Z`W{s;9d&@N z@7gZSZuSsC+x-c&+z!m2C2-<3^lZZ~PezGHkk-!TA`+q`CO7}P^=>}~x(VmyD+?j- z3Y9|U$y*z<$wnHI$t)Y4fme$7H}Ds7Y6M9kxTo}Yca$w ze@Cf(XQFDJMM(xjF33sT(_+Z3|GGR9kNK!c7-*4DV%`A&hBHc*68`gxUkmiiZeO~- zx(?+EomteX!~|N9v{3cpdP}O%4zZ!m+GdQYn|(Bj@>6CaL#+fXy4tyFh!PEQv_=1rXk#U7f-idE2sCQ1~nEBtxk? zmqa;Zw^vc8NU!Qk_3*0pGKZ>LxLwG4C;ZV}Q1lwp@~Bwv=jU&87c8%7TzAua`h)+| zMH&8}hJDv_#x)8Ru{=B5ff38ZmX(+<$iPwl%p~wfc|l?!~-B zJHLVnSwX9FcMK$+sYDr_zO$YjRXz zSBFR=O;$vxbZKO*khM+mjKa-4X2IO~JeR5~0>1Gp?GnDdFq^`+( zKIxEcY&g_8znKL7L5lU`62|%rB?{RxNh;0sNffR3VQ*S{8@(MMkBG>bS^bh6=&6J= zVAidHeAu>3BgA}B^Y`#o zOCA^*xd6w9SG4`|yYAx+@RK^$er@;+4E<(pMZBsLS*hBGxe)f#p-6G#4-I#Kj&22p zQwY%Y3E6U;(em%VOW@0jB&IbErr*Gu_rSFXUP&73TitqcPdj7u+1m=YVijszvl+ji z_px8vh7@D-?HB2@rP}-7+9oPkO2@rS=trMAiO#EizR7uC<75I_DYvdyUX2nzovEx$ zBkPo_FkWYie8Maj?g&_}WjQ}a8nc_b$QkRXW&)$7- zqZRC1j?7`zvN!a*pT31f!?#5war$tONCKUk?DzN0r_y^}Sj97k9J-cK7(VrZsbD|3 zgF9|a!`EI7t8;m8ii;eNWYMz}SJ_VoKR5ZaiU8?uC)9ZZW- z+rI{7{Rmvgy>uaYvAqP|7xf~xX+B@2>nqDrh3%*OlchochM+FLOZU=7Xb%cUNkCJK zHWQ#QhR=_vl>KX?%R_%(=oJOIrj*TfD&+6HiqLAv`w4o${Ce8H-{0;@iak6*_XS;c z>pk55HpL6Qa<{~IMXz5y0y|e;+h!m(pPOt1-oR7}UZ2)GJB}!Ywep2lENqE!ahCoP zdOFX32Cb2E-eL#0Ph_J!_g*=cC-^CNu;X{Um+Tg#_+v=h#tTKFwCv-*mT-1|rqwE& zDU&9^OSh?U^F@+EC>lPs+C?#_k*pf00UGaI%>yk7)UfA)Z7-`dQ7q-)1L1{112ea5 zBpI~1%GL&M2F8swF7xE7eA#3izL-@QthdAI6P+?xXEc6VydffU_-Tl%_jQamE(L z`BdNR#(Vm?{+?&9SbU{rwMwL`JA>t|HFWqPGm5{xE@Ef=LlTUNR3ot(!_a@Jj@i3A z^Acun%f-+La;Z7(Q~^gGR*CnHhRYc$WG492NB7L{`{Ht$#e<^)_&3Zdz~Uq`)}n4` z%;f#ij7EOd_;O3nJ$Y-VFOoeOXA9|sjEla{1RpH<_D$JpEyT&V9b8rQOwpEFS!rGo zQ8k}Flp(TGosr`V7{J_vq)N-7E7V`f+9SkIc=<{-Mx07pEEsNGaoOe#)`gB9(6|9% zAM}Y1dz7L(Iob=Q0A4n>yoSbjV?GfDa`j8sX^lKaOUt!5aN)^{EV?swXItk|78jKR?lq$2`d#f8nvIOsbGnihj*ogcHG#tth-0ex{0?n@>aun) zCSxZCxCe-{aNMlR55_!?cpzkov30fYSpv0^%Whv8!H@i%A`ug*ziDW$iGC(}V?Lzi zWa%Tw!=m!eusDx6+4KdU3);FTS;J_kWdnu_qhZ%w5cAXyOxfHA=tzX%@zXRR7cgXw z`w!%~Acf-=7ej~nt@>ib(t%(UPi~g}^;3a&BPXaWhGV`}>tQ^tsy%(m3K-rx1k9W|Sue?F3mI=DSin zl`nGU8_SbE3Jr61uD$_ZcZU&IBuY=cdU4$y9tDo0Re;fbh_y?EPh7F*r2oc0U~l*n z$3GI~36d{fFOXr?pZEFHyLPw$bnHZ&iOn6}AGNIb7Cwf2ni)iAcm14ayon{{>y4qI}(<7y+ zu62pESAT>#m1B>CwVxo~MQlB;VJ^0si8gv%su+q<93dj&Nnv9Yp-%Z0{FB4hMaqNv1k;-JFD*uno;Y+1Et>mj&ff8o7%-b{27 z-?`j)oglf=SuSWG{v#u&wJ9T6gTzsS8 zp`xHuZn7PH*~YZ>vZQo&l~#4j^iTj?aY4Q|UO11c5uHBaQ|Ho8KX9+U+JjJA~bq zG7fXEe$!?w{%kiDWl%ROTT_c{6TC@yiON;;-d=JuGiEyz>afdrBonGYwilb6{9L(A z>{2|1TQI_*QzLb5z$7AlK7REHok*Pnbc8*4TFFMVTbz)GwcmVDN9b}C{JhC)+}7qz zzIM<9Q_DoP>nWq1PN{6}jVop4X4h+@vkqq!41X+993i#07`y1f|{$Z$Mi!kYZD^om$S|^l^!(;T`*mbTyUlvoYs$btexcJ z(axg7GC(y=3+kEHPqkH9CJRYoyr_+OF>8Q3H99YG$t`1t|U zl3^<0FW(I~nOXD9eHt#N%2$r~YW~=VW%pR9?xD2OP9%k9=7xjY4%6`DEYUx*OAB*L zRa5Hv`~vHVjrQF(PW045wm^iIKKT^*S^q}Ng|1Z2W?$QRZ*r^}-<)l7v@}g{#Tl`q zhFRy#k0QR{Jr{&HJZ)xyM;MpJO)z!S1eAw@w&Vsn(po6b6qy^X{-E&9SOW#ZB;- zWy5LGhMcG3iOELhnwC2cO>K`-a80E4WBO$ov(@8q!>+L=gjESwhdr0vm`FqwfK<>B znz%n5n^J?n%r}2s{SohsR}P>XD^%voiaSq~pW_*@Y(7Nw=$`)sPIHxM*w*CGhF1RG|&7u@qtQWYDnH%@H zgHt3TU9`UB(L{vKzsl5&l%sIwHG;0jSy>@XK0dq)@e#BuNkiX3hjeG&dA<|Hgm0kb zmPV6YLorNv>-NoHR=&~%!CFy%tbkU@o-m`Jk4FaxAI}{H-4~D{=$k6PBu{FE>oPZR zGEu|kw`eT>%9lvSl#gb#oh*C26TM}x0&K`)NqbFDOnggR$dIZ(KltAAWsz!e+g8$i zsqWwQm|Cs!@{Gnrf!l``9CdSzc6c32f5WY?z2pAi|8!mnLgGQ(I8TQV-cGwAkTU*c z)n$7xW3MUA3l70UT}lR+wV^0x-y>-mm#JG$P$s6(GSr=1Dv6+8i9X%o-SoWTh~Pu5 zI}cSxNeGpV`hpsQSw{(jo~t}rdM>ytOl7XKV30G74GgRqoe1fon3oKzzJWlUmrL7k zA%}@rLCDZ&O!k0W|Ccty!-OFH2H(Hrq zZ*XOlIE`&Hk4Ka{-;W%tbjsDC)5<#_P*`OX4@rW{l_-_L4WCV2{JpL6&6h@=5l3Qs zQ(aN-G<(*JoOx{^gD$^gs{diGsFkQ--Qi=s@UdPWQWZHfviMo2O7$NvjKgmuF4+h5 zH@uCiU9`>dS5Z6lPYku(`&GH=4(LAZ8U(&Z+M}H1HvZl#{r8^y-cX$xv0Q_ZlG?4) zGK1l8k`X1MeoKJ1pGiE8O<>yB$wN>+_4WrVD0?6t-1|`xWA>QoIE+|uwTH%55VUbJ zLo)V!UR&r2Vb}Ka)rfPiOKz;~zPP5@l*Xok&|Y@yV1`O463t$Q4PB!ko$QpNKaQW# z|0M9ss-|N&;7dBft=HIlUBX=*VeISwU(Pry{#v%+JzS%+z87ZQL#z$$opQrq8IsE4 zFllpWAOi+E1}o%Z*>O$6HDhpF?f!P1Umy95`+5cVCVEZyvif=j`DSXDdXny=`Vd`P|A0t=3mJqC7O}`m&Gx8$LJK{0wd3xy|NF?-BEqD7;v;%l8@ZqI{X!bU*6w^@yR|>3H112k zBvT#?l?Q5tml^*=zA%$Jl0{NlE~h0vOY~`MOH%WRAd&)-`A??*x`9N~2$)~n3EIwR z&AM+DkKUn;HUV(Y{(z=_jjf*Z(UAP5Ip_}fS*#CaR^Hh9uK_WSy9BSR&v$9JcgaI% zd!_E9g$4hn#{#!}8o(I?8@-%6ZQcYJLB$dPYFb0`VhB-im#x!G1kCFQ_8L-Gcx@(@ zYC)STDqkpHUP?h6C@b% zwID0!a*LsI`&vU2c2Ftspm|%_xX~iSmk8EaDHPlB)PgUH@DT99Q<_RzZrpk1&Thg~ zJ%5cyT&QV!DAL+URfSX!$-Qo{@v4X<%k=WT!K73|co>Eaq-4U3NC2uj3->YSMLGW!PJ*((4u!4 z)+Ou7P&}7!8D>$F6fe^LfnbQF<-E`C%0k>bfyeVNVd3@3^Z>dwvZ}pt>rrr8k~_7h zQK0_k{mHdI3+*%Qs0d<-NO7WO%z)(l9w9ZkD*$8DT&uIB(swob*{{5WvCK>RgtY(l z!21vAGCG30zH45vXxgJgthF4m#ESk9JugZUPK{v?jSWo+{ob3N(UN_T7)I`T;vl!m zMxv9+a=<%l{W_J#uKc_cX<^n1E3sl(F+nNQS(DWa)eG`6q)-rxx_SCPPABV-jJsQ) z5;0{Iq~3%DuN1TU0#M2ieN@PfdTR>MIpzmM6OXd}E zI}V=6el@lN(s6nvAk`08+HKF@9Eqq!1(&qG>#O5&LLqJ8$ekTKzqCL z36yp*af(qGw7U_~6YL5kU{`UAT`|P`^jFM!ky2JKW7J%FCKOk=po`1#~&F$VN zXx3d$EYf0<^61na97N47xbEJeRKCx#|8o23i-X4i83H<0mx!d=crXMKRh;rm4hJ#! z*YtEofbyt`N=k0-(yB;5tk!Ygp&$!Yy$@q0)*+ievabBLe*o1UCsS5DlF-BFJZ=ik z3x4<)=H>fj=7dCbzk0FL)HbI1)2^1;E_ZqeXyCtWXzSuSq*IYzjR9)~iiD)#6-pQ8 z_{Y16Wr(dyqV$1l)@(`?!J891oP3-@+sZ%T*O^KFTvlunGQCex)JIkqm}fjM9;Fyn z9DI!g@~1{67?;l7P-bTRFvZ=w#iZ$TV(z0MzHp!P$Ib5EO+TIe9UE7Fc1!gpyB>%c zuNW_*#a6+i0MEKpndS0nEDvK_NFBN=OHU+kKa*HfP;M4KHT0D6AXNUNOI?p1<@L?p zUB>Ew&m888pqW(PNzGY}7yI1v0AF&wPg+T4v%k2p)Vt5B;O>+tPVo}si4i`H*RjoS zzTUCZ9M|_Ko^Or}zQYI>X3d|g+@`hxu;ICu(7;%S2<>wzjjSBdLxl9ZGzT(jHr;O{t&vvovF%lkxvuD+FO(=Jn%a| zdZw{_v2p3JSfy(-tXGR~h}(+ICil9CP-l-aAx>+J+M!Esh`C>2vcGz6lInfJbI}Tt zNzD3~m3?GeOb4{KK{40r#SH_~%ZlYtDVY z)>IzE3#L7B+~mmn2%L~>*C~_#;+4M(HvKg;g21LX#*p@}X5n2`0TM>|VkGPbZLH#D zyps5cnfvWKSGQ7g*$B66eXbT+=az^aU4}rdL;Fa32T8)HvlPMd+sJgEuA5iQXJd-h zc0av@&dUv|y{gG#eVgU2rRJ3`xxBtfsDc>qeSnjv;NLt}D}4;D59~NbmgL}of;E*! z*{s_LtNAYX9WuM2(rkNo|6lJk-Y_?cR<7!Z=L_IvXbQ=fpE=FI7w=l@u)_du^~Z4n z))C6nM)PA3x51(~RDm%)Apf+D)O*m!EO|o~bP+?fK^;sT6)9(u?$;)ls!0p&wewt} z8ZZ^mfCE=@F-iVzKnjZ|aVoZ%Q$o zBPR}?9C!$34aG@3MfJ)QhXAy09fOUycDvXk9cmG11P#q(w@?(PLqic{S+(Mc&Neyd8m=_EM>hbYZ51UqIF$$)Hg@_#oaFA7mzWj`f8HGT*zrfY}crma^RCnFp7Gf9eY zWIx8Gu^nGCu5VP|pSh%@b5LVb;d17_G0QaHY-fHVnj{c@uL_$H|J#{iETdN9JPBi6 zBOBA4Zy~aPj2PBJm4c)}{l$F}FyrInnJw*=quc?hKX4qNTbN%k$G(w0HpkKt8y6x{FJt`@UGG##X&( z_3*saZSCBZxIJ9Wuh&lQ`^$kf{Mz}kEmGlD#8|_2J4oMTxugEEp1Y+y2#&#kSYoCl zz`gnvm%F1t+1z_Q=h1(@AGfzV-tsO}ABQHP>4NJfBFWt{IU}k{)*er-@m74{39HNqWZn(%$i&P< zgRiVFJ#rxf4I>ufUg6q(Gz>opXiznuPErmRh8y!PofHa*o0*#gm_@2c*Cv0omkr~ft$x9-ms=DuEl zhcqob&)}<&CFU>IE01b4xEM~jvU!9Po9K~x)-eqWd)xj!h?;L#D43&bU5XE{t~F5P z$8?~%mf*u*k+RVT^g?Q$Lm?63?TMk+ujfK5*kcd-tY4c^YkPsekfELVnEOKc`G$!U zQ00=N*}q4Bo8%^i32M`Qp|NBg3oB-sj%J^YE;6n*_-$js@_v!f@8HKHI%OF#h1pHH zFT5a3C70Vu_p2{LZWZ)fOC#wwRYE7VHgUHoU6f+tyYh0Abhn|7233i=DVLRZw@*nH zA!!llAAFl(=kg814s|;xe@T66TPAv5)=}LZ1HloO@EN0!{vT3lb>^&~k-OXbO`e-Y zo`So3|AG_m(L&Fe(=R>TThy+(Jv00i0}FiM0umq%ke9}i#pSDg1Q%6+n^P~-ezm$N6(ujnehSx^7xf6*Z-Lssp2hR8@?n2V zJmIRjnmTQ+5#6mdE(A(Oe%Vn~gM-ucUk`&$n74%{RLg93PC=(DT1U>_H75PF^-d?4QeUKov7A=dq-0}g@n?WsbgJ@5+)A8~CX$ah zL4Pcw}Z_K3`2`C%j~9ftc92PF1*vL|OUAbDW1B_*EF z`^r;oFrXeQjqHeQIYS6A32%aEa3Wmlmlz7=YcsxbcIXPMw)IlgN`%5`S<~=48OsSKFJqc&6xS z^s15+gO*EXiQWla5`E?PyH{rMKHoEPw(@*ks?;A2&aaXz%`%n81&CQjS&~KeQ+aGjN)<8hWmOnLO^QPU^U~ z>(bJ|gPAanKEUw4K%DdD_7bs>a(6?!4jN5~AVgvk25u|gByt7XxizepC(TDz5)5{o zgL>NI*=)rYe6b7G#MVT-ml^Q1B)tKT>+%XL5avu%j9wS4)dvvLSB{e6_yv&DSLLKeEp5&IrrW1H7?rP-VToUf=JkdIOGA>WGzaul zY&VVqaTU~m(ZwWUkQHS+cXhaUZ|x1)jib)4gzYtuiT6j!e!Z%4TD}-I>`3-JANPP> z!gkba`~dAC`+y?4_90k?=ce)P)|j)`+S3hH_)xCbDbhzEQ!%c((oR&XwwlaVSZFoZ^dq?3H5D&FV)~Glj>Y6MYwXD zK*-i(<=lk_ATeJ%P+L+ieTwYfX+dqF>H#crrPoXYkaniwbG(4BNeW*~3P{YKA&CNa zIXJ_(R~cEEsLH||uYbtbNVwU8vher3_B>oV>Ov!?5P+>(LL$B#qbygblSjGsR7vu1 z<(Fi+=oYQ|F|de~Ele*HY0y7Jwu}Yq<1ra$^gq(UR1uEMt3p}a;`m>+*%Y*mCdgf0 z3L8zq2#b{<%4yFDE->88h zAb__9V*g~^wmd3;k;0EH>mJP)G~LY2GGIGjoci3JZYB+Q<_@s*fs7F~6)+tFKN33~ zOk4Ej9%yje33jAQl}n!Sp%bWnT~9ClRZNd#LhVy`%!^$yRjpgtu!;%_ zh>FsPNK3O2L=Y6Eq!g5pZfWTT1!<6!4wVvViNzwN8>G7%q!u9ySnxh`8GCQf+2=jq z`Odkn@5lE~VKSc@&lvZ(N6dF!s(PL6PjNW&a|v+wx!~aM7Dgyk=nO9cJE z;Jzegf^xZ-rTj#6CRK$oR(5-+gin)zZxeYv zYWArsrX-q2W>%-&UNNko5Ec9+WwcJ67^!k(5(E`l2?|XO7~Eb~?)9MBdb_j(uXIs7 z6u`Z(x&Fp!Wj2zgLhaH#Qm7VjFn^7Am?SC0^fh&pE%lt93N@_1RZ|k13{SgwI~4zc zkJxaRY-@OaNCDT}>5FhtSD}NB6v<8C`)hl=F1^LEND@VxB;&&~;XU7o7B>(+DQpgv zw6LDbvBMsi$)2cFhG4U{6=)?Gij2-fL&?zCG4!hFf z(F0S;vN#VFT%40<;*=7wxvl8JUM$qHyXIA{)IVkC8Unvc1xnusZ7!x;;hJz~;n(S3nIclPU3c{LI4rN_>Putita+$WQ58s-^r;`N^Oh0o|d}D7A&5Iug=so7WVjXU6{Av#Xdd! zB+6PQ;Pdp(#HihPx#MT7E4d3Yc*qjKvMmPQ6#epu==8w!m2WrAoh_DG=cwv6WWuYC zWI+{SFZlR1Vrg$V=NtPgon&&mL`|ecUX*`pZG>$p&m0kPFt~2)uctkUdb%4BweTGw zKbs)Ir4LKcm)7}h=2t!kWcv?$FhQPN2f1f zc*sETjE6H`(>LRz8TpeAn<|341d1v9BrfCG!xFI3CbN6~1YQVdM_-RKEyj$6=Y<2# zz%`^bLWMuKSJQaZYPaW7A@_x6zBT zIj;dN;kIg6i#w24>-13g2>ZcXd7wriPSvcennf*_5jZ|ya3 zsP!+vHxnGYgC@LH^c_xLNg6F)8jwBt;$+}S&XW(MXgHMTQxoS?DOXQiOVH7N`334y z;09`bOc4*3%<)kZ*yW4$mkqK%UJOpKMmD)xQ>9WnSlM))5KE|N{wFJnjDYnqj-?= ziu$wXXM1i50l!y=-{b_n7hC5efl;}4usP(D&k;j{m~RsxR(v;b=bFql^=gVKg^{h* zvv`7Ll?B79q@>^a-O&AqQylPC?XuY|@ZocyP?tc-VqDOL#HFd~9+rR>dk|lq*10ED zeUnN`@DPRu0+KY zyo=RVvr~%!WVDAaIV$i>f`ksS(N3YmX`#JR#p1TXDbs`$JJX)U6*J-kZ5 zcApb|EuXUN9j|8Qe%|?IF3RrEfrtxUBZ6&N4G5cSfg*?1<@@oPQxW#S5TJ5S&dy;8#Zj2ULJ(kV?WyPP3*lq>dUMz4gGP&Hq|&8UA8ZT(h){`Sp+KGk5=(PAb z^9yr*2CdyU`{?TRtZ6%L&YU8Ra&kp$Eznt*${=p`kFikruT&M?4R5o$Ek;UsltY z?>m>hd-0_0m1YWelCV>-h4)wY&Dg6x_vj>FF~`%BGJDhpXJcIV(75AvOd z5A^D1XKR18D2$x{90!>FO1{P9F!cgMTueB(l>jh%D?+Y-B1U}{Ay(TmHtVfh@DHRh z!%1xwtxHus5Gr?xs*=j7OY<+|rm z$@X%_a&~1!36z_<9AAw8?I|xo(vecc+7WvENNw~05Q$K*sH_-23OcqA z2FrJbGIlnYYm)+|_+P^D6Rp}!H%z7DS`7TH5Sneyf;%>e2ojk%$=23J0nt_qI~;h! z#m$Rig!31jJ|(Edt!Uh-+T0&WUAHSb=+!_!DNM`Y_e#o=$CLNBU~OM1^P#Q%L{BwO z-)-NWOPXOae2?IEPs6~`j``7?dA}aFmf2{lZQnr7 z{Buz{ucsrF-Ra$l-AMv+x2W4TuwpnTisc%gXk|+sE>|8JGrY(fCfYT*_KbGms?WyD z0NjT-?{R#J#vGTk9i#=4Ua9cn1T%VH^&z$&$lt=zXIYohn_UNe{$GS%4V{<|=$8Ek zx79>mAW3l98RSJEF)_fo2y*kXjdzN!Uv<{@)>9%~k90t+>u59YqQ0C@Bu5+vde=Pf zQlhl}dh|QumY}hFAytvrdG;-}~S{X$&zb&1kbs;10M>55XVE}mg{6op{^-** zk3}KRv87!{@J!!Tbj+gVl=6G-bp-G$mUCz?;#>?+`rK%Df>286%H!6?TQFStQ98$W z*oq>E8&gnM3WkLMy(&i3Fjh?E!7TfJMn=HX8LiHfCbDjO-IZ3Lr@-1O5~OB&|2a@32vWqP}T zJ*X(D0o<50o}>zggZp4uc@`SbwtQcKDecDxi7}a#N?$eZYwN4$-0W{scdw!`wU4lJ zz8iZ)pGv5>_Xu>_C{zmP$$xF1N_F}Qd$@n(jXDc96d`YZX4a8CztWhGO;i3^pox}= zV1%25G~x4FI>;1un)Hy-Y_p`XB{RiuG?T$9mA1o))}4P5~`}m^45!K+yA}%84yzyd(_6typoOXI`u3hTa~t zuEC?N*rO1Q_gxE#!o~_hDZf?72YHqzW4 ziE!-L)2u>Wm)xM{KH1J7cw1uG7IVXm_@m%?&>&+_2)c8T0IesXND##2juvq(I093u zQhe&k8-OVPK0bKUQX3DK~f{BuNG<|Q)A7LG`l!Nh))uCinQze#`!2qj}G_86N@kz8Z0&>l;3)D zT(?&>cB_etY&i$bfIGTfnuFR(%dz4d&C=Kfja%$MsPEh8nk#${(25Ifd}bLp&@&7| z8++qNXbqw39W5^Ofhx~A2{=#qp6Sn0SvN18m3a*>Az68Wb#Au?SfA}u;sv3&9cRvFW?q@`lhh}q&oUgG&{Zk&LXN(OsHbCC+wD7MEh?~_io`x$$$ zRNco05*-bmytS9+_V@bz#m}QO-&$UXy-BQbURWpCYs}HP+B+3tbx) zEw;)7WWTC)rwF|G&a)&^7apKXJ<7UI=|EZr@atx>15iO4XeZYn>mHDqZ}6%Xe(`*d z(!{;D-DezCzqsQlX%D{9>?T&_sKJVHcnBlV(6>L2dK9cZwkxC(R*Q#2Bp4FrD|e-1Zfrva7Y=EYn4Zb{FE+R zo!IOwEY80EHE9W!XW@QkwFUe$lxw@_Ds0NFWnOS;+%&nbaFTRrsh2x$2SN8vqa1|A zR1X0i`ZX@zc4+Yn2#0v)jDU(jDm%~=>|hqO&vj7x}J8-AX@L@lPSM8wWjU8$)NJSZgN$=^zKR&qKui-XsoKtR_g8Nu- z{zS9}q4o1qp%b1H_3o4b6~M1mq(L8@ADMBdKn4j7UzW|bL^?;AyDqErf^sP=s;}!W z^v$p*qiIz`X3rw;VpGm|B#hb(n@-Dv5Ov~V|ITnFsv4L5An6NKJqLR7_}Rc8`*YJk z9~ieo0rG5}o7gI0O}qDqTAgmL_AO0B;XqN~%}9R5V!FNM@m|j(+MqtzHVQ7rJz;% zSa8+QYqUb5%1gX#wmdcHQn6ddu0EyRwT6h=va3y5b+SR*^xJ5wP4#s=&E&rm*OH{m z(mrdevMM@RT}bL!2_8Sdm9Sr>K26<0AOJN_1ZKLH+zD#3R}XPwLiPvKRF$iRz&_=x zI=iMlbis_=IZ$jdt)_Zs>r0389E`mb6t1;DuWIa9y}Idif>^59T(b)?;c4ISzG_MnG*%F-`GZA*)0Oao8qOe+2AQ_TIp3q~d&>OHrjeV(vrIN2rtI z5a?8CFTdIW6-8w@gw#U}4KW2s#`=ca`@MK@T3<%0;u72Q(wkd?Y(*}6y+BtFKuNY4 zLUt>KLZyeG#~}MvRI0yKC8_A>h5V-h{>67pE!gZ5l;WH+2os~*4+JD*R4j8!mI!;R zQS*vx4&O@AYD{H5uf^KSK#~}GWfN#4_F|H6F3>8!-CX~S1wZ$FbP|3z|9qU)Y8fzV zPI0zFh6H@enfbOtAYFg}^4R;bmGkvSeHjw$N1-6QM(I&+UIT?ZB}nc$Y@VTBv-hS7 zggQ1UtUXUu%u!b>A3eou?${k`<}k~wfucz}a%oy+M>YF{)-pjWCCk~yw!j$2gO(#f zVwFoza!M*=i5~-Tqv@TvR5;Lkt3G1^?~F^ttsos3)-Xn zx2G-y6^A9f!xY-0G)MjLW!P{63UZzOgRf(*nf|G0=h0^_(3-U+sKYRw2DAl((|ZH^ zyrF9tafu70se^yaVMRav^(1`emN4%aMo)1NL+BF;$LA1M7tFgF&rk`@BOUW2U5S zXa+uXo>HI&{k*nwfDsFxj<_^dx9Zy6Wv{#N=PfyL2^UlG&gs3k&_T2I$^CVjwF?~8 z{vpQtw3-XMhBv?jRAg*R(!*Z+)*^Z2T18){_$@|)8*EA5eojvWrRk0^WQrA?k6-C> z>$r}4T3fkHcO zY^qOoJMWKtBk3EYr&&`}TkgoA;x#vm-z%yg9*MLPS=sxBD*e>p+e`Nk^L!Sy_$G#* zL@+&1GnHuWpkhheqqWy92;InW}cHShmRZ| zG_c^M4yRfom)n;5loibeDPo62(Uzj`3h6S5;pYx)#ic4q$Y)7%(z=x5wORH4Dp7c{ z>@+xX`O8HYEO<@1Jb6ZJRZQ4&;*@!wU9sWNh@ZTahOZ+tyM%A+lyM}54&ypttp4I< zuN%)^ncFnqCdpeF?XoCdk-8ju!OfN5KB+^hua!|U+BxetvEt?loUv^9(rDt*ZkimD zr%C^C?;XkCzXiB)AgmW*U-qc3z zAmH}6XrEJqwaw8YmhT33k=jz99TQJ)rOF>-po_$0r1x}l?uCYgdA#7fW#&O3cMtdX zgTd(}C)aCSD8H+DGLZ^Z{O)L_n@${`wIIB64^mULp~Ccu;NFIN;%AIDt)G?%)t7-s zE5n(1#|sRl2lm71;26z8Jr@CbS?fwwxIlvElhQ~ZwpJ9T4SLjU7@0zkDMnykH*yWq ziTC}az^4U<-e7cruun(`q;<4oIwkhLa%2n}DJ-+@C7EK-1E^emiNF}NCZI$bZso^X+y6Tvbgz;Ws&aPWZqB~hvU7Itd&ph2ZM($Ht zsKfV42+s2uLnj5JlMV}Y@U07fTA6}0e9(jh1465%uDt`6%cg@=yC4Te8k*$(mqYzH zlfPeYUaoU&KoeXr8Iqf@lw?CWF7~`Axn=lcL1`vs^`Tj)P;vrsXEHOW*@_44b@*%2r7=VrzQWym37$KQc%2#cw{CTli0Lmq<_WKcUjveDZ2=d zUUh^>u%TsLNG%AhyX@|4xrk$xGcJ&H-MVU$@z0m;cwK7OF*y@(CnOW-%#aAI38Gca zVjipD@MP*jOVb5)&|8ORUbo`1DdH<6hk7gVWUHz)*X5@aZkb+aazed6l2PD*bw_=N0QoY8qsZW^awvav_CyQR9n^jJ|n zv-qp3;~B)^4S^KA>|a(ulBh0K&Vh;NGO)lk7jK}1kJVl7Y<>AK)Ndj6%V_OEjjyvY zS^W$QmeHOo>G@JGnPyviR*H|A`3jn-rIFO!Ml>Q?(?*|?t0v^uAa{}(Uxu+!c5k#9 z$`?4=;2PIR#}Q-n}U-MH096<)g8z5exZuHpwjZ43+FrPv3o;(6(yDcfzyFEhiA zgB8qN*taFf{1?pME&HN82~m&lg)NIEHMg>~CaXGryhyJRucbE=0KY}kB9(h9{~W#! za?tdXq1v((oL+x~!^o03J4;dY>|B>5<8RxqB*)0}W++@+9$YnpzN}(k)=Y`z=FcU_ zhVTzablnuG#8rFP$`IF>Mi!$=MfPNb$GB${)MtG8+Bf{jygv(89iSyuQBtB5y|_|R zE(N{~X6QI-naQ8jeo#DwzofJbS!*8Bvyb^Kb2V=6YR?u0Rec+Qos;}s_LMLapv6oel7%l! z)|@tsKIzM;I_K&g=^NaL!~7mSeZ^5zxE!e`+f9nU$jIq$!}2EArSHGP1-34V`MbYh zwIAm-a$E+ZLA3?7_EW*89Vst`Hub+2CZ>4(C*$EucW)KWC}GNIeHSQTE8x#b7>T^Y z^+UZ{i8Xp=i8e@=q}Sm8UB5)&A;#Zh6eckCQgNG#0``N|$kA$eC-68WvcStY6LVd_ zrezzLOy(9o>D4dx=_LeZvQ_Jq!$$o%8G zrfn(-qkHdg&x!rXy3~eJe^Uuh=DAez766Yt_bTsBZ;~uxa;K;lQ7&}KaBYyaOV0|h zSaLfh0xJ$P>t7p71Fih8ia?2L#??Qx$4i(P#IZWhQs$eByrCRa1paksk01Eq=9yvM z-Y+wILH}qlw3~wWSsy?Peh5%8=fMiXx2jK-!CO`I9(^Kh;rkya`lO{^ucfbq^y97B z?{5+Li$(p*TWXbm|z_EsLqIS-tTZye6W5662W`}#HF6PfAELybewC+$#gc2E| z!H1hESE_X-bg}`EYYJZM|2}IV+B_z@8nKNtu_`Nj13DQRM@#U_GhGeunAwY~BEPMW zyLCm|E@TiLaQn>17eMCVUe?DYvGMY{{=td;?knqaUoC5{|2SAMEHSAQb<^}-%U;2e zcxaE}GF-jr8_}dePh4odD!@{q)ZLM3G7OZ?(Lq5|yD~=EMLO-Nn0={LQdT;wTJH*k z#oK1|mKX@Kv2cQOo>K_p=-02CDFwD|Ynu<)I-(S<*JREz-QG_Y+%ZD@v5szs8wJ3~ zH(P`tt%Mw5R@t?K@R&zkQ2^H|Ko) zfOAB<-IBIVn#}&%b0Y?-rF-R5$S7|;OGQd=P86eg@OFQ}s!ek*=bN^glC~6rpZE5O zzvNd#{tDkJiP5sC>H(Ko2Rq|=Q7BTNBS3Lu~`fv^wUv>{UCR$cs`q7($P81eMe*b~Im^@d`P0=FXkq)M%8h z{^jG|r{qr(SmfRzJO1iI>=O&V8Pc>oio3^y;nK2^{%J`!mHd{?sxIo0^t7bXESXjj z=+zq{G*h#$l=o51s*qabdhhj?Cz?1c#Yl>k_l@SBt-SeDBKKpQKWBMoubGJNgHEV{ z1@s5uj`BYaNq28mNpFMxXnL{s5s_1hmpprZ^VCD_$5UxH18=tZ=oH;-f1o3=Z?Zv# zO5;?|A?X?ttFUOLXvhgJs%w_ivDRHl3-pL`3G?HN1;PkamX2Q7yM|{a9i>OcWqI(X zb*n^0XBYXH*tAQ0Vdm{`_#5%ByW`WGyXx3RpUM$8R{*{YF)<~ zbbA6*??suPpYQCMp}E85m?eZ;KXoiyV|2eMBJo8Ne8{kd!m!G4eO{xD!DRe#VR0?M zs25rVZ>PzIo+jK+KMd!d18z_RUUUV&LNt?DfXGNR*)zW0XlI_= zu8lL~4{9ia16`{Ev^JHM4K**f_-w8|X;8l_mNTmjz7KXv6@i*El=fL3ELdgYsXS#@ zeu5A8qEpu9-C0-DDCdJjUf<*W{*n}pGm?Xl1y@acI!!w*8|uh-p!?%kqD1>{PE4L!O`+>r3ZwUQ6jn{6-_HAF)pCQbox%H! zP&&A4sz;EItk61Bs#%v`9bOk))Rak<*wj$KM`!nfTvS>VX|c}0k>^o#>U_=XnPr=G z-l+c6x+*aN_D>}}r|#A#iy>!wa#qpz9YonEl}Q&_uO>Cx2t_+@w%l2+qkFB3tW&k9 zyZq#1F!zlaR|1S~{wn=l!;xt@5h-S`$vmhP*Z){&p}5G!K9AzMauOGDUp@ z*)wdGM7QhLZFyI-EWw1#4`2F3cBt=Vjbi9GV0*cqd-nyhHtV;usaV8$I$RH;J!avfjm!+Sw@5!5+pW!Jd{A!dHbNB(d(* zTKg;;ZF}2~-Mp=Mx?aP~g*(fM@Pd8H@VjhN2u~|B20>^ff-g$O{xp-4-Poq7?&F4K zZ8O65ONI5}-5z~#bQpj`LLS>HKzxbq=p|Ja?`!yCYU4~;vcjd3iA=)8fvDOSKwO%^ zPlzs+XqrDDvjVh9H_kAuw{d1Kn>&tUgJah6bV5@=IFb?i30P1$ zlVK}hhoopsIv&%6Etmd;F`NoKqp79!;}N9*XPLpq>UH;;ppBckmL46se}*-5zgwI< zlC`wDO(>_Bo=uLG&7yPfj06@COBG-s30=<6V z;`Un`zJW~sl8pMgZN~~&pRls!4U{M^(Nmd=b7P(P%IbHTrh(+H{^lm1OeF+l#!=>) z_v`eoY6_D3>bKOH8`l?+ew4>=t;jI_fVI>$;RbbNr;;OmVs_L6LP+bJTM-BAXSo$}Mq(4^=WadaK-r5j zI~2WVjl502zu(k^$KIN!S`uxh?*l|4&?+EVp(4Cpfnnl(~LCIy!k9@eT~t6 zK8|UN3K4}&3^WO%PJ#Bfn%@xO!oD;Xnm;6kw!3RkQ3RX~(aQYtR#Ye*%la;ukPyaN&iCEVE za;&j}nPC`vf=q(Vr%unl)2Y1|<`cufJ!-ug@A4#>h3(yjt9o8KEq*qJkJ~+ShPoE7 zN?b_lcEFv0@(qD7bBSnYXscsKUJ8fSGZFh_;(!}GNlW*HDDunhNrQ85P1B7meCzt! zUP)EFY(&#PXnfW^<3A6R4r^*~78NM>1@oXv!;5y-KAq>Hnfb?v45Tig>DvqVf@4x! z<@4#HVLSfrc%q0z(zz?~bo$8SUXrVKs3oSq#GSetmz)eXlPqzf_4v=#D>u_qb;Nj- z4BN=w+T}_#gO5cNtMMl2ll9I>rp1~dc6o+eQ{#G1O)Zv3 zOBf;2-v6wmtXlnf-=Quwl)JdPLkvtXT$;WA`Q1qv6>%yH4@z7zEwCCeBmvULdz%Xp z9$vKgX>SyZU2o(NoTQI>08P%>9ai&ea_Orfz_>rvLuDi&Kk}FozUe;q)T&8Z6!`evI&o0ifIF8~uIs1;h z4R%sK{ZsL)ce2m*&ksd>B#Klr83itv8YzN1J>X9^{)Y@Sx+b{naheO}JC6Fxen=>9 zQ^`lGhDLm>C2)N;2jaE@UkB8G_m*InQ^z2pw|G7=r5yEyYn&+%#TU(0H|A1rA~y__=^b^*pcr zfX}VY1Fd4iIm8n<#^3ES$LHej*{OIU+WGzQ{ENDNc{R4OV81W%RYhNTrt};}ro%RpjM+1w3aVCKroK`R8Xa4WL^wQCs zs!*u8bQG5>*z^z*=V$lCFIU6<<<>l51qM`QS%1Mu<;U#x{)9jvHBm@)pW5*1(}4zJ z>TmmDKL`scCZ5ooXqj`8kcsJhp?rp`Za}Lv4KiqP6RkKu@44Y5T*4L7F#bakxXqAh zG#mVr5eECnGDPeJzEiJ7rSWQHP4*{rxCJO+{HQlqfJgw~D^AFXy;WCBMjCBfBq3YX#JdP7gyO%2dad5EF+v@5W!Taj%`1O8LhHo(w*K zFadF)X}3AuK6z-e#Ybh9?`~t1D8K|jct!TBgSpRRL;!`Bjz8zp>&}~UHInT{ShN$^ zKEQv862&@8>U$%$Kb6CAM5T8=Q%l@?b{l=&I?utw<=#JTfXuNbc3{LU9u1F}YfB@^ zLy~!VzM|^?0AknuC6x-;@g%T1A@PnLA0OB*z%E0S>=tx95!zd2tup&~AYM+MbM%sT zYs!K1y=C&|M*OU4EmiJU8;MPC*)$He+9p+IH#KA03{YdpZVfMxz_~1etnkh(Orr`Mrag2lv79qwxcHnZcB~5mX^nU{2ENs-J>=fac!#p_Ma6N$S z^Oj#5x2`^Uy@CLxM~hDyO{=g+hXq+n^rH78qO`iNl{M+{iwbGQtv#ALS71|JB~SOS z@*G#D=OLt4Zx7%_O198Y8H=&&G%mvnj2tQr^906340SepewqD2>-;?WA(zRk z1-U`&!iVsig3(OghMv^*n>&`9bsu3UVBC;-7d)a=c-nl@@UPcM@wE!m+~AOovi6dO z>2Tb@(+Nqu5F1(}4uzJuCyU_AJf(HXmjpc6Z=mcI#wo6O$i}>yYh0kgSc=~i(wVC$ zNVV>msE~-X!DRC*FH4Z!6}Yao-r4;ZDOo_Un>?6wIe5wt!Jgf^X7RN;Sm$wUpp3uP zQ?vUC7i7(i6lUjOU5~8t#C4)6Hdaa_#JcxLc19zN{oW`xa4hRwv_ykgdTNyC?7k`2 zU;?U`BZV>|xG61!w(C{TL0{gY{v*w`@ZS`s{O(B(Y|I3C%*f|>D+6cX*Cafi0TxhU zm9V7e`CpFz-9|+&vFEo97Jec<*H}Wrq+XLAHIqAlsMy%j5<^C7MKt4yw>GLe3K(@D zN#?~XLPMcQzI4^ZCVcr8E6b5H0p+C#l6X2j8}*wS*7XU+2na@ymriz7p!$@h{Oe`Gk?r4dPjbXIgZ`sP7 zX9j+Sr8|t~Crn9QKcjgLiE(NAc%Hp;(N6!XI=r@DUA=!NLi))o)e#zec34N(BfnJj z`UyFC$hGCHvliWCJ$l>iDq|Wj69znT9R-MYaMsrRUHLLOpNR6nXkY(A{HM5l=%MzQ9ORMbF=N;OPL6*m8mtAf zEH;05>5y8`)ljmhYW$S$7wqr!6QEdqMloNZ5DaWDxx5V0a(Jk1vKuKWFu%RIT+47e z^>?#Y&G3S+5mM`UO2cnGcYIT1esM*q(9*x+;;vyS^E|m=Y4M%J2WZ7lS!rWi#B2B( zigzu-xilO2dt~|lru66sO2#W;r^j$DA#-e+S&wpL@+E$Z=(}GAd5fReS;`1>2OoR0KtDm^iQ}&ouum%RD72U;Mi3JYno1YM{)@2OR zOM}EjW7wZeJ|+~C5*5;<0hxqofhWK!Yk##Jl{W966`?RLsnFRq-K)@0(zXUszUp~W zV=a{J_Y<9a0>O*+ScK)`^cTn{Zkfi{NF?qok!MvV7Q8Ex% zchQ=3x!RJtF+TwAOI-)Xl*_c=plQ)#V&RKy_=nAV-mO9oA!y z9uLgi3rn_eQ58-i^x*sDS^Ope|9X3C>iCVjcEv*LbKV%=1A#Ojra54C6Gj}4W3NX) zavpnOwHZ!pfON33sPl5@rj&70m^;Q9r@grZ7#lcaTPp)BgQKpMr6$-9|8^HgNx(p+ zUki1|&A?d`S~7>>Eo+4REv|dGQzfw$Vx*_H!9z=?r|Ce1!XwK0dwfE_I(o0yMJcdl z2Ii?T{5DthqeNG+Alti6->SG@`1dzO5$Fl!+Kd9*nQhB(Rk3*dNLq$$mMdj%+3lud zh~?&u&bgdQeee%DOSI1H33T0dEW-H;lA`L6;m^9uaZ3N$$ZKgAzTpNsLyD576&M_6 z6f*7MBmTS~a}znNdm=)6)Xy_`KJ?+-RnAVjf z2HhoTTd*}<#8gYdZ z)c6h?x2IT0kRWWg|kUapGUJ=-{$1|$8Dr3oPK+ITpm3ffvvw^KzpOdD=RWyDXHL!wnL-+oGKLy?YSXtR_gF<~h6(ls{+H$}x?vlM9fKrM{X;Tng9J zEJsJcmV*r%FUx*Vye{JU;+^;SjpZACue3Zvbm@sS z54BS3>Jtr>!U(kb>M((UFYiHMpj83{2K)ng3A^6`ek*Oh`SWf|7D2Q#VG4BW;$SaN z|J=)`H(y@+lhL{~%%*|}hNcw-xV^iar2lLulb)lY8mvx`r5DO=YpPmgQuEeQEkd(c z5`p4+`WzNCUF0RQZ2<&X6sTa%pDMV!`phK^B*tjqig(W|4R4!2i17gt;jow6iNK@# zWsh%Lzyf++S8qcNtMAi%H@n!4(z7LBuOWm2XXn`Q9U#Oo^r55Rm(n1TdHW}DfiJSk z%l17UPpWkE_d5&j`wfr{l^A>rd_GhkU_Of%BagFN*Z}jcWOmpUYykPDfqPQ8e|Y>S z{r-St;}2(Cr@teIe`gIP6OhJZVbe;!Q${@#4VL^YNwE7Dg!uh15aY$)(;{>=(HQFC zCqe>xfu``U#{d#g7+E608%dbXo8$Z!wx=_(|5n~>d31(6p{QB{%CaRa2jp?|L5Ug=RFLM^(S~CY9uzf=YNPvQ=R-@Ed(R7 z5fM#rYWyfntmMCZE*OR2KEIX%7-oo7@D#xV_KKQB24JdyOFq1>1R#&e zw8!A-FCB!-@bFL0mDjZ+{>TT$AkR<*y{A~2bv06uZ3UthEGI!yV)9<6o%xyZk4yfE z6?~;50Nz}l`*46{v1^faBTaoQcpE-)6;ORrr~BM6^bO=T0#{_awv9uM|7<_#t@7%8 zppq~>RWYc$;(iv9%(;{bnQ@T?R}W#1xPMH(dVXlIDrVkZb&1qqg$ z@2xZBV_v_*J_wrURj#mEl)hZ@HVQBE2t&U9f#z3(cEAra0uTj-5wBL8yX9iH5(x6>Hp`kU!8hx!=K>3kTsH2B=;Vhrju5^F|}y;^eI7e z(e^V@Rrx_n!-PDOE5-!N-QxX`ObOoGA+c$`AR!^lzZ7e396D(!?7&p}hyv~6@-Uc( zQ>g>8I)A4gf6&H&i18e1;1apv*JJ?lGvk(8iyk9T0rrCOLep8Qnk}0!X(oAjDaAjBcWdx)kkWsFV3kUFzREz7I>poynZh9GhSgtH zmu0ND9WlRJw-|1qf89nRawTOzNlI*_&PE#UktN&g-&Sc|jwcrx2i;2Q(V!kP0t_qi zjOtk~#P)@&A=kfDRc3>H45HFY4NVB0@me zvUp08-gkScH%GHW;7;*!81+NUbKOG|`o!;giYCmQ{y)@HetmA|&lWyuCEj`|$?Fow*rWAyUnkZkDeiwf+VN=T@{p!} zir=+|DE+t;N4ln=+^k>roe=;O|ITTwl>Qm(V(bx&fHI0MWgT6;WVCD?ueAC!&HUAx zxy@cQVK=Jv$c`_hUcgy4khaC!I%0BPS&M8>k%5M_dyYNiTX|gO>I`9rarZRJkhpuQ zESjI(F9tg>(>0Q|HKe({f9jG=uy> ze?}X5zsIL2eZAX_zTC0x1_d^|2}MByQLm#IybQzjX8K~^)HwHaYQ|*IMCiDl%#=?h z4{s@B%&PhDQ0BXrn*7DJ>K`P>zEji)xgmUx^T~f?#6iS=SqR5-$nR0LCHv;M8J36l zVqTMWl!Uey&Sp$rxHc*`Kud2=5`L2&azgJNz%e><~C$jGo(W= zhu6&+6rj~oDM%G;CPipfr0ir@u zur#~HubESI?r;dC2Ymyw(=^0ymzok;>iB)fd>P!wb4hK%f6^VDt5JgdZGZqL&8SQA z!@;Y6Pq^AZM0Dc+G9vo8#rIm-MLSBYB{Ds&^exxl((+L(W>=&;ulD2?YpD;=c3`x! za|HJKJyGIEBP*UiOX<$Eg7-ds-pK$n{cY$`?1%;zD=m zy_|9e%CzmS4rWwmh8?n`-f-S=ypXR|K=}Xhiy8X)00P>ScEUz5OvGC7#FVt=#tbwk zA_d~61h-XwC+#r7p_D!PEH!gAIdC7*^;I&_a)yIo(y))v7IF3pA55WK(b7%2au4*a zaCs)RmPbB#Zwk&Hmvc|3KwvReUO%`2mG(P_K97$r)02?o{S9vne>h6Ebp2DwK;&ogllbNSq zkQ4vczQJar``CZWG4yapu30Ifvg$dG*kx6?XVJakVBbXkzck(S5=y(;fA+;SPp-26 zd!-~92tj~Ki3`Yb&K%Bu>=C2o3d_^2J~|1hu$FV8A`e{~SQ3UlRYoR)IQ{OhMsH=J zsSH&!JRg)8RQ0fe`mRbPZ(UU0jIj@o$EU(R9#ra?T-M;qobnF^!V|PfF_88$!uI_` zHwgBSVp9(TcFGMWdm)hLS}`0hJljg`eC&~?nJgV}rwDwrCXnJF?RGjVy`~k`;a?GP z)O*~thvR=8BlvLTFR-6Y{X@sUXUOO`a(FWO4p=*fDh81!Ko;7ZjjjY)=(}lYby4O_ z4o5RR^+y}oi^tz&zf7sb*@0H8bA?x8*oQG}Z`*V*E@zb^5zqOoPHNCd%pWM52I{Lj zp|TH4G2kThf81AXjsM5f;hCT3p44FFFFJKnLo?%9{reb6@qukjB*x~XhDx6&Y04*6 zxqrm5wn#a2on=);3mgm-thWeVgq_rgN`6M&_6YqH@h|Jy&A+B|_N}1uBX+j8i8tnb zZt*)l&RMSFtme%5#w(YktojdkOA%NjGd;&# z3xJ#vio^^)J5*zpeTtZ>d|yD&jJiK&HGlD6VVMVgo&KBbu$Un*V=n8~nCq!?B|DN_ z+JGER_6LVrf46#Ve#fPXacVdjy2B4Xn>lVm47DZmCRVJn4poMaN4xh_xQ@_1>c*qN0)Bh)>DiG#Rq+s8&MaN)QXix zn`(7LGfkf=es({y{l4?~Xwc`Y)t)XU6|Vi>XJ%hHmtbKKnM{4rYTgIP3$>b3E{h7f z>F-7-v%?z$vg%1g2HZxmnLO3HaupyB|Ew->1^`vUtluw<|2xwjv=b&LM=B}aS$ z$pw#3ec0_wvJ&}JdH3y4t?~womLW;9H_bU}f6gpN$TR+R8$Mr{e!S zH9M9R&2U~1$r2v)x6FNaJrS| z{K<}ZiNkpQB)<=2wXxe9W`QoO7<|~t{bh2|=tEjmSE3nDL*=WhFp}QNq-Fo@_v0=_ zbLLuI#P1T_@T;wbOY94vTU4V|{-11|@}}KHU@BpvA=%impdenW;oSe}a~f6f=`ve; zi zUxz=Xtj^hZW10Ium(2F%6_B0?{wTVI_Da-Wo>n(~WS_E@xp$={)m6)@#v(cW?E0mg zHIH^#$izGR$B z@mnb$+$j`y%t_e{uzX-we`q_F{$+~ZFxRK-;P7=-Vs>v`#-FD)mpdo_Y}SU*ENl4L zE6uR-h!&N0%#l;C1ZfONbS`}HZZSlVqDKd8D>z->$-Ki-qK!Ekyg2XIhb9`^oIyI; zMH~AT))ju3$w|$d(=J&{sexj9f6&P2PRIJWnw#`SpfzQ>D*@q(l=^L_(Cv3l>Psh8 ziyrmztsfEutUdY`s%N2NE_d!>=nD{`ZJuRA--B_RG{buUd(xdVA@nWeuQ zjpl0lpPJ43DL-G~ywC3sCVUKKdHj?Lhy?ZeWW@#3f18GhJ(fTO@6}4IqbTEstHwI6O1vDePMl3@Ra_Jrbh{+q+e4KsB zZ~jvfIYHqj>|8jTNF425;X^}p_4V)WI*RmMy}v}<6K9*48E~<-ORz0W=2tS)-tCZ7 zbA{_@?ecrZcHyz?cIKX_$M1A^Cv1PbaWoca*DkMl{IiMwNaJAf%sB$`@O-eeWmtsOv&siCrp<v;HU3p})xFYZ-0tzE-VsDv2salVx^Rc6hXn@XZb0`LxzhvCrTcrmfn?wG1~MQL z{7#~ZwBlB(Z~=p<21WT3>)Ta^YJBhq@NXxC9;^Z&RQ^u=s{bIB<62Lt7|1_l2Ipo5 z_`usZ?Vp7?=GIo|kJmX57Z*`gCl`P;WzlJ%f4R^N3-F-QM9Gr?COl~mll}Fgx7fU% zSe+Fu??jqLKm!UqfG&2=2Ole~KjDCK=meSs^O(S}L*^@8>y|y$0Q$xrl|sTvL2N|Cgcu1d3(1A%DCZ^$1NHc#UamkyK&hq^0WV=thi3ui}A2O`MK=o;7|i z);s5SZHixMsXad9K$o$hoHeL7)o(7t1S}!%!5a9Y-x!eDeZUhiVmU~MtHE4Bj+E#Np&!-zlMgvyt|_y z*U$?goW8MkGY})9I>y=j-h=S$L`$*t${jm%r%j1*wp2eQKFAJsZUj4RfIGy#Qqg1{ zPq)XcB1HBps(>`_V9lF13qbO>P}KdAEX6O=OMG9N7toBL-pkGwzE})^m^Q9Qv8q7+ z-8=q!s|3p3rrT<%;@gzHa3FdbA?7>URegL2G1em45(=?i`7VGcTnVI*Jl+>dW1f^R z@a|NreFY$D!@y0ozz5@7#a=}#o>jFEnS9oQ3aHxegZI>U9;VMGhG{Epgfc31K5tpH zSfyC6NZdvA)`ikQ5bjpvtqFT#lnt>#6C8kU2eF$y@LvP;DO%heKhK&G|MpGm*L+pX zjX(r_W@rkxTn1Q#rWkU5em(~2hkEhvtEN1D?C;kOZH24s|2QP|H9M^04wmp^+!M20 zRpL9om_Hq@(1RG8K4`s+^x2O!(=2UT*b z%Mr$RL24&yJ+yP`pD@P(7>cy+ol*NtYrrZlv5@dtRRqfGGW|>2#tsj+U0qxK2{t zoMMT`Ro5ryE}|6^q3bBt0)*d;zyx;j`ok#k{nRLDJhOM!0P?%}|~d#TtVT9HdN7yF2j zuAL4l5uFK{LlQ1(SXJlR4gfb4vRUjI$}O@Ok}8AuR^EKVeor^90aHL}^Jj0xh)q<^ zd+r=emXH@p@{Ld=SD&#EcmJa7{tchJ0w}D!Tl!%kApZn@BD>X2Z&@x1uk;S(x*X)| zf<>3i7_CJ7Jxf|D@749rYps>o?U~s87GXq|^ZxGNcFlL#t^FZg!zAP2iFUr#T#tz5 zyxg?=z+naqLJtO@dnR6HLlK*w)fDsPr`B5Po7*EG&sA0gc=x`8nbYVGpHsk%roO@w zyBwMT-UeF03zX&!D7#-m9_spz4dg!r=s!4lZ_anRN9zV;LyO~OsS@C!_;?5X=^kX{trr?OKppbvP&h}K?JM0N_zqd9*I_oD4 zhn370?$>3w3uRPB`=;9rrJLe)u0^Cjh<1c())xl09rP1FY$+}}ThCjdSVJRX*H2J@ zbh2TQQRz2l5FTv1m+Gk%7?x~50-O#t;Jmgj28SgS*KREii}eH3TA>bb3J%)H4Uerz z3`(lgZs$qi}6D;E{0e;wi1MCpsM~*uD0isFp_5p zS#d*xnu11_g2ncg?)=l6aG(rL#5hQNW3EExeEX%cjl4SUKiA5BgPSR9?Zt581XKY* zGl4r8$33LdiT&lPerzx(st%hql@qY;er?sY`x{*a1;sV_HN=I2gCj_wNtW9_U;2F& zFjb7;pSn&-M45!{0Qxrt-2~L3Ee|w-RJmI4Lw=taTFrmro7>7_El0n)Zw$|5i+PnL zDfE@Irtemr&Ac!grtkOd@L2lmLB3w8&kRKR`JiEW3Ku znqVo|I2X2MR zk#$rwzvt3p3+MK5mS`4~1WL+t{fab-s&1tK0G6h`1j58Y#?JGs=&C`_3fFY#i}%Iz zI_%Ywtc3MUcJsBVQyFpX%jHSd75*~)yP;!wz$z*+c+GW`nXHx$(H+}!N zym@tVXx-J~y8cuTGk1dMyK^=|x^N%|p1Ib>Pdim}O7!zKE-=snzm0)e05SAlA628X zA2US6Vcx+PVWO&O*~oe68WaQ5ZSlu#A!cThG$<`*h;o}B){1P|e0ES><=Fu%Rc)YlWN@_SL-y;Je5)Wj9sTk|{rcWg( z@`7@!Hssask(rz4*Ib^3aq@<~Xo_S~;0I%P6b4bY2@VY~qI@AM<4PNB*e?`j_RXRF zzBI)*bR2(82i9cXWH3Arz2X@Ecj~&QwX9_=4{GnURV42Q6SR3J0uV-JGB$pGc{za`ovAM zD9}R$_QlpFgSGdE^=ptSoKjt1Pg5|DX^yyVS{bn^6u2Qo7O9bbciIf#A;`voq?KCO z)|U{)!kR9#l`;op?Zj3wnKQ7!plCyE{&|O{`F+LTx0p7BmS+HZ$3H*LB3+3vuWPtS zrAUESV6{aBbou}mp8hgRq&gaIZ_;^oolrF>V0 zSB-DmeYb2&VQIgG(vnU8O${8W#&Mt3Vskd_2g4l*E1mcm>o{f)J+TKY%A0tA0$r-4 zCVpQJbCU_=9I?-ryytyGQ*6I#?)UojQ|9RA&o!iporXcMHb}+kKgL%)Whl~E0fg*F zpLT_bdy4B}x|?A1af@pGmP@m!Pz46)W=|HPn7qzM{%{p%lpGR?&r-q$*9wan_5etT zp+CSW6*cU2!+iQqPh3C?D|r@QH7MMj$l~4l>{VSighwkdC_olRB)YQyzzRUgNYL(# zyLq@=az+)c<+1B`!DT1u^%g$z8bS;(;{?Eah{UZwQBo!N&y;n^!-{7|J?m1oB@o_P zaL`7#zUVhB&kH6t1);=V*Q~F7K7Om$C*SrayC=g<=Vh0^wB*-sV+RnG7~3SXI{x;e zuaR{avT<)dc{)$Gh&)RnQSy1bMn1^zq(_>%s@cW z;hwpN7BusSVpru8*xTjn!u6B(dVOh_K)6iFF1<02jqZwZh^(goGn2pSH>W@zvT|j` zBLk^%dOqb*=_`9Wa-SdykEfci$iD2uK9hooM_wma z&#veUI4JSs&#w&6z0BD5lk?@jy?>uRL&hFvKRfxJyP79)?svV-&Uk^oj$A8Zrln%K zyOQI1Y3y8XZST5Q{5#*$4*RSfG`8!C6j3YNa-r0N)M?mo-+$2rmmjd(!e;;_jrP_x zkhe+<`D9mbz*g!fn`jPBK{E(xa}TJYj=Wg@%@V)as|N&vsc$Xnl+rVkV&;#MrfJnw zQ0fkZO264Z74ZXbZhqy0y>(hgEqmOUbiBss&kuZn;iBvBo19t2!S}T3NPyhLXV>Lf zLg6ii&%P(zG5tBEuDj>2uCNwb1UU-ws>BBEP48Ll_Eau}h+v#2a=d3{31~=ej;;}o zDw{oqLd*APA{17todC9^h?lb4PHMMY-_Yo3Uw)3giDdWv{fQR{!*D#?zu6rFFnH_S zkKDGs-{;md9CZ^5B;Kd@l{h9a=}tRL1>QZxQOG+50Bxl?;ZVEnk%^I+^bj3*H1z_*8s#juYoka8k`7jh>#vTe9>*gex~sVQKL_0L3t&n*u^2X z#Vw#M!JZNp=@L>=k1JYp7KLXjZ5x-J!6lyTQ7`m^A;;4TQSSJM?<{!GYUJcd;i~a> z_yp^CTg^BVT`(kx(rHY&u-Pcw_by~b{mmf46E?(W=ZkoIx!NFfPw#SFUB~;l5n(Nh zrM|UKybNp27bHFOs`gGwTugqx|Go_7G8@v%6wkNt9=hvBShS#wWxntufSJ+otc8)h z{5A4@?Rp#cL6>L)@UgxsF|3ysmSE)v`*Q~XnXEDFT6;OlySS0;1BD6@#5ZI={PM)` z?f;@1)D75R1zFM*d*f$UHy3*@La7o5+zaI2KGv&@u;)RImy_bU^>q~o!4@xtgbU$1 z#gDQPZ(*3WWp)>gNwMW%&4!GjRl8aVqc^VPeQ0iw=5-xA(C zPyFJp-x9O$!qo-g8!*Zs8mA`nwp^E1G&dBME=mq@l(u-(aEps@-#m?PU?EZ-z=r3# zv?DC#=huD8HsoA4I$_9iW+fv!#-`q+*2RB72XAlI zhQf#i6GtjcDPL!kb<)B8DOdYW!R{}!B4*UBm>_}{x3IO~`MDVmHx9@3$DBR(xwGf} z^<*vDE@W$0l!i!zvV7-xsT|5HezA8|azqY2rPBkbnmVYjn^x0a_S&yQ==)_uo*}-|Ohconn6&HTX7w z`C>5n!;R#v!A0|(8Ye2;j#`LWC@k;U!2f~;5K{H7g6!%vy0F=Z;}}E*ee62qqO>SO z?bo09S&t`89C;sJ&c|}Ic&@jyllF*%$l|o~XlL70PTQ@ot3qi{Ur}I!X(uQ#A z!wH;H$k^wJcHSFE4esQStvhDcabHe29yH}_-50YKF_YOxBy|)OJl`|VCX9M^a7NSO zITwZK9NnOrNw)siyNRj(RqjRFLt=YOemz?j;w^o@Jc^gK1iFcL8kMLA)URD$yCN>d zN~0%0e*L{kSZO5{5qK>^b){Rr@nC#)f4Kq&M#29_G)p^u1Hvr88&0NE`h^?n0&v8J zImN+skQ?F(YjFXjJ^M3H?@VUL>1+&ernGw;K`JKqy_(6p=c62I+^ovHbyOwXTU`2r zRIs?f0s|wYgH~#9*Hp$TtRf&dBx+;9-X}#aNW%8VIdH6?z0*p5uT2#ZJB0gQbhTmU zej_}AMj#5Veek(_b`YlcX)6d@5s(f4)R?^97D!@1!V^R-)LfM+>0DIpgxd&f^_dJx zxqGROCn{R{Q*=_8tJssFEBX?4W1PtAFCDW>&0JD9F&Wg@;r`Jqga@G;xH*A#4Iy43 z!PgF<^&Bncp_4Q{0pE7gwg7WQTpdA;aHOMnp4`weqk2!Sgg>k}Ka5$oEe1?#RL z{O#%-*;{0{r*n