From 78a0b856456eddfa47012ede968cdb1ee3c23b4d Mon Sep 17 00:00:00 2001 From: Abhilasha Agarwala <60489035+abhilashaagarwala@users.noreply.github.com> Date: Tue, 8 Mar 2022 15:58:40 -0800 Subject: [PATCH] Delete preview/node-pools-bugbash directory --- preview/node-pools-bugbash/README.md | 67 --- .../hybridaks-0.1.2-py3-none-any.whl | Bin 71078 -> 0 bytes .../node-pools-bug-bash-hardware.md | 355 --------------- .../node-pools-bugbash-azure-vm.md | 408 ------------------ 4 files changed, 830 deletions(-) delete mode 100644 preview/node-pools-bugbash/README.md delete mode 100644 preview/node-pools-bugbash/hybridaks-0.1.2-py3-none-any.whl delete mode 100644 preview/node-pools-bugbash/node-pools-bug-bash-hardware.md delete mode 100644 preview/node-pools-bugbash/node-pools-bugbash-azure-vm.md diff --git a/preview/node-pools-bugbash/README.md b/preview/node-pools-bugbash/README.md deleted file mode 100644 index 68c77775..00000000 --- a/preview/node-pools-bugbash/README.md +++ /dev/null @@ -1,67 +0,0 @@ -# Read this first, before you begin -Currently you can manage the life cycle of AKS on Azure Stack HCI clusters through PowerShell and Windows Admin Center via the AKS-HCI mgmt cluster. - -This preview feature will enable you to now manage AKS on Azure Stack HCI clusters through Az CLI using the Azure control plane. The preview is only intended for folks engaged in the private preview program who want to be able to PoC the core functionality, it is not a best practice guide! - -# Register for the preview! -You will need to get your subscription enabled for this private preview, please register at [https://aka.ms/arcAksHciPriPreview](https://aka.ms/arcAksHciPriPreview). - -# Bug bash goals -- Create AKS-HCI clusters using Az CLI -- Azure RBAC for cluster creation - an "admin" can do all the pre-requisite install operations, give Azure RBAC scope to a "user", who can then create an AKS-HCI cluster using Azure CLI -- Get the certificate based kubeconfig of the AKS-HCI cluster – this is an admin operation for this release and requires you to login to the Azure Stack HCI cluster to retrieve the kubeconfig -- Add nodepools on your AKS-HCI cluster using Az CLI -- List/show AKS-HCI cluster nodepools using Az CLI -- Delete AKS-HCI nodepools using Az CLI -- List/show AKS-HCI clusters using Az CLI -- Delete the AKS-HCI cluster using Az CLI -- Collect logs for troubleshooting - -# Do you have hardware? -If you have an Azure Stack HCI cluster, a Windows Server cluster or a single node Windows Server, follow [this document](https://github.com/Azure/aks-hci/blob/main/preview/node-pools-bugbash/node-pools-bug-bash-hardware.md) to create AKS clusters on your Azure Stack HCI/Windows Server cluster via Azure. - -# What to do if you do not have hardware? -If you do not have hardware, follow [this document](https://github.com/Azure/aks-hci/blob/main/preview/node-pools-bugbash/node-pools-bugbash-azure-vm.md) to setup an Azure VM demo environment and then create AKS clusters on your Azure VM. - -# How to file bugs for this bugbash? -Click on [this link](https://msazure.visualstudio.com/msk8s/_workitems/create/Bug?templateId=4374d822-3296-4097-bd84-2b0791978202&ownerId=14abcc74-dc70-4881-a373-f5c12c28f688) to create a new bug that you found in this bug bash. Please capture all the details of the bug and the required steps to reproduce it, and make sure to upload the logs to a share and link it in the bug. (Don't forget to hit the "Save" button on the top right :P ) - -# Glossary of terms you should know - -## AKS on Azure Stack HCI (AKS-HCI) - -If you aren't familiar with AKS on Azure Stack HCI, read this great introduction - [What is AKS on Azure Stack HCI?](https://docs.microsoft.com/azure-stack/aks-hci/overview) AKS on Azure Stack HCI is generally available since June 2021. You can create AKS on Azure Stack HCI clusters using both PowerShell and Windows Admin Center. This private preview covers creating AKS on Azure Stack HCI clusters through Azure using Az CLI. - -## AKS host/management cluster - -The management cluster is created for you when you install AKS on Azure Stack HCI. The management cluster is a specialized Kubernetes cluster that provisions and manages all AKS on Azure Stack HCI Kubernetes workload clusters (these Kubernetes workload clusters are the real deal, and they run your applications). The management cluster today is backed by a single VM. You can check that this VM exists by looking at Hyper-V or the Windows Admin Center VM extension. For this preview release, the management cluster is required to manage all the Kubernetes workload clusters created using PowerShell or Windows Admin Center. - -## Arc Appliance/Resource Bridge - -Arc Appliance (or Resource Bridge) connects a private cloud (for example, Azure Stack HCI, VMWare/VSPhere, OpenStack, or SCVMM) to Azure and enables on-premises resource management from Azure. Arc Appliance provides the line of sight to private clouds required to manage resources such as VMs and Kubernetes clusters on-premises through Azure. Technically, Arc Appliance is an AKS on Azure Stack HCI management cluster under covers with Azure magic on top. - -Today, you can manage AKS on Azure Stack HCI clusters through PowerShell and Windows Admin Center. This preview feature will enable you to also manage AKS on Azure Stack HCI clusters through Az CLI and the Azure portal. To use this preview feature, you're required to install Arc Appliance for HCI as a pre-requisite (similar to how you need to install the AKS on Azure Stack HCI management cluster before you can create workload clusters). - -## Arc Kubernetes cluster extensions - -A cluster extension is the on-premises equivalent of an Azure Resource Manager resource provider. Just as you have the `Microsoft.ContainerService` resource provider that manages AKS clusters in Azure, the AKS on Azure Stack HCI cluster extension, once added to your Appliance, helps manage AKS clusters on your Azure Stack HCI cluster. - -## Custom location - -A custom location is the on-premises equivalent of an Azure region and is an extension of the Azure location construct. Custom locations provide a way for tenant administrators to use their Azure Stack HCI clusters with the right extensions installed, as target locations for deploying Azure services instances. - -## Admin role - -The role of the infrastructure administrator is to set up the platform components: for example, setting up Azure Stack HCI, the management cluster, Arc resource bridge, the cluster extension, and the custom location. The admin role then creates networks on the Azure Stack HCI cluster that the "user" will use while creating AKS on Azure Stack HCI workload clusters. - -Apart from the above on-premises work, the admin also assigns permissions to "users" on the Azure subscription to create and access AKS on Azure Stack HCI clusters. - -While the admin needs to have some degree of understanding about Kubernetes, the end goal with this preview program is that the admin can do the previous operations without having to know a lot about Kubernetes. - -## User role - -The role of the user is to create AKS on Azure Stack HCI workload clusters and run applications on the AKS on Azure Stack HCI cluster. In this preview program, the user will be given pertinent information about creating AKS on Azure Stack HCI clusters, such as subscription, custom location, and network by the admin. The user will also be given Azure access to create the cluster by the administrator. - -Once the user has the details described in the previous paragraph, they are free to create an AKS on Azure Stack HCI cluster as they see fit - Windows/Linux node pools, Kubernetes versions, etc. The user can then run their containerized applications by downloading the cluster *kubeconfig*. - - diff --git a/preview/node-pools-bugbash/hybridaks-0.1.2-py3-none-any.whl b/preview/node-pools-bugbash/hybridaks-0.1.2-py3-none-any.whl deleted file mode 100644 index d8074c6ce72f2748b4b513c1addf8d74f512e4d5..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 71078 zcmb5WV~}NQ*Cm>^ZQHhO+qP}n&Puz|HY;u0&PrRA?mX{zZ*-g!r@Q0*vDc3su_IPI zV?GmOjJXx0fk99J001BW=A(2}y0%Fx(18E|fQpq>*c1j+FJ!*f&4Ae^H+#2CQVTSoQ@yaM1*C!imZIs0 zVy>_?ofv19NPAD{?P=1eOSiuQ(k_}0rneS&R`HmQx`a1BT&gACWTBE;d@*&~m{Pxq zIDsu(KXYS)7-NL1oUCKuJH>U%k%Ov)Uj`*0X|{~4>Z>QMDdb23i`MN~@S_CTv1u``>* z6z`=+63#m*M{Z;KGvdv7Jpf_Tl3>JY5v5(=ITUK#X;Gtxkn1_Fxeq3Zcyz{GDbcJgmzm7irk08Y`uo`?D$GD}E#m!hz!!Jh;SPg1vqO_8#=y2sWGdle( z@8}bGZP_YE!0Y|AczxEQY`PDe?-Sca{Q(vJ7Ef6gv$M8<005D|002b)7Ei`DmZo+t z`eug4F7{5Ie}z?2pItu#OxU$Al(fzX%PRo4j1W$XHU~({I93M|y`*4M1 zCm%+$Cg5rDA%@&b@H2ioe##$M3_G~SX4ZL@93S~V=M)^v3=+B+)Q(U4*k5r9D-*gX zvB$#IXG@NfZG=q0VdMzu;_dJoD|YJL&G6-?YK;v=1!GncTabw)k-|Y&iTK$mTx)hW z$8Qnw?oiNX+%xl#W(O#6!@c+D$~Iyik_7x?gX3Rcxq_=ZDMr-=Yc8%xXy^WK7n86agy=>4%WyEwqfZvSdQOdVf`yu_IA!L&i?^P);@~?W8~T=N_;%T- zu4w{}&O=p2j|fJ!HCl8Md7rW`k&))*iPSG_bkZE3qV z*ds&&sv4`A*-bYug)T;=8T`;80MJUnIJjeAzHwavstTK?pjvv-;0a=mtCQBd7hxol z6FcFtH@oRIxIaK`yjRZh+@(z^t?vGSbtwb(Q7Qz=x=Gb$_UW!*U-%WGn3Za1Sf?+Y zy3A!~dI#M#6c#5MI-(GFGjzTqetW;?q4?3qQ)q{b&1b_UE-_DY3+EC&ynCrZ_%kW#VU?uDe0{{vp-KC1J9Z)npI z001!l4PFaV8;5UjyVG~BdWT4&VIbnVyfDLGZgXlZ4x zl*~^`sm2(lneL)v&RQtcD#ln|n~&8qP~=mASk+O7OvwA&{2ZwhumOLX4x)L_RI2n( z(4Ljj)S#06euz?AWP?}E&32L_DA6S75DH6fIo>WkTK`a0(=Dnu+!NI(Yr41VF%pde zb5a8~PgOsbvNq@HL)Dfp2}A|5BMnU_Fo|+GoPQh5$z~xbs%O1c@eb8r&Y-#Ags{{| z+FPVTJ+3M<&J;rym9BPbqr~`yS<68Ei`G;Oa4eh2xNmAUbM)&I7m&9|HOGQ-H5OA; z-w>*3Zggg&W6)Wmxk8GcjT$LJHuYF$<=9~iDvjvLCi z7)(33FW)$tdY*33co{6uGX6FNJGyZPt%hQGUSXSZf~PWu^i73+5;ePmWn`DH%xqmH za!)I*M$Br?|ME6j!s0=`;A9;ES$*Kf5MYZ8Uimcvm~tz z_JvD_?Y~2wJbui(ctF6$MlJ|G%dj)Y{7_b>7kP~II0NCZL743*qhe6iICgzO>8C13 zCWUd%9EiP8pp>3MtvK*q+AVj6QgR- z8}FLBvnr*Yg0ugtF7Kia0@qU`jG)45S_v3LgA0tNSO=*U^_&d&FgL@hPq%*I=P&(0 zOuXs4qMaq+2?7_I353BJYbQ`$1E~_G^q<0tQz7{ecBGl!8;Xk(_s?S23<_HUS~>;e zY_&Kg!_hg<-UMNwGhrT!mh05wO1w!2(|fP}!9Fj(iF2gg(hCnk3zqm}jqT8%I(8$^ zU3!%a5crT+de9f$DB-gLxc$6UlsW4zkw_XEV@$7&EFrL~b#CakKfGV)o`&zueC1VK$+^Muja-+CRYmp4U^}Kvz7!^ZNPs z<^R{F?yrk)>hxD)Z&nnvJ79q6dP5cQk_=dcr`R1R3@_|;qwjPVPCQ8orNu(QW%2c; zG(F%5s67(hkHE4t!`rBIKi8_dC?BaT+y*BGen31>u&*~<`3bWJW=$(+BgB*GA%zGjVgcEGhL9q-Ko<1p|0MW+UE;E&rQj$*_`oB#p#7nfiOF2na zMvJ~?f&a?bi=iX%X*PEOWbatT;MC{9C`E2dEuT}H!MV&5!rm)ZL)1Cu^hf{=Mw`NF zj4P|2Gqe#dp6h@XE7kxyZ%t4py1GKs_z+Y9scC|ArRKdBa4hdUA^t8Ej9fOT`C{#n* zR-g>#iWJvAD#3c5*nE2=Wl2)n3Z~_^=6Pk3zKv7)CaTGNlx1A~0+$YCGo&Tdd?c$O8vsYvcxs$7yc*fve5)(OY)vfisuNPwbbipGZ;}K)6coP()|D(^9;4eud$kP zFYx3ed^SyF#^T*O%awJ}hQTQd79x3y50Ny5Ln-{_`XL{;X5>I=2{LtJ{~+&EwBE8Z zL@A|e9KJTkx>Xt2HH~!xpnf5*Bho*T+7BECO2HFwt#!R!5y3M}fL_Ze=UNRrD!!I_ zT2S^VGGI%vAZbn4(9ijCZt-~rnsRd#<7H`GyA9#9py7jL?M-x_cp-bqBCApY2z0^t zzI|*ew+0bjt5M0dgG0$~Wr^ULUP{c9=qsS@D`_K#F>OLt30-_B+kEM=arTT77WUlR z<=lAzItr3!cw}!U+}$y7PIJ$!q(G7bc>NIN^P+1&`hQ`LThs0MC}^c&7n$aWcA!3XzMDVl)?u-8qJ`#+RGrHaqo(yKDfrZjaLGv7~x zeh(3pyX}tfZajojoBuTaoVofd>>X++@;oEk`DXuh$sAln@u5im0}~lcxt>`crGMQy zWi_H0y2l0Q~mEuZg{9mLPVI_pg79k)uRZ5;5QT za2y%{0Po*gS2shOZ-U}`g#6ERqV}B=#SnVV)nN|NNU*KXQ7C7zZu%IamL+`ZwSh(V zk*J+0?3&g|-O`hmg#EnD(}*m2k(xw368`*n`F%SzIgL5lv(CyHjJ;u#qqPV)PZZ3p z%5iRsdeUuOl`N=9ysKp$A%utHRgK(yt{cfP5Nr&UiDjq9fw6mLw*&SG&-Vnx{}QCy z_}b3O679s0v{hl0tq^^glZ|&ot0vWzKo$~PbZ-i=i4;dw6dyWFIoALO?lwMTr~6y9b4t_Jec%aFD_$}9=XG707@Bm! zWudr+!RV=DpdHic=ib@S1j|gUj$y8O@>ua8)Ur}#QvXak|BFxTG%_b;^dB*_AG&e@ zHK#7GZOO!MyTQt4eQ^>NRnJy6h}$jBE?}BQ;KHe<0P3=Yd=&UR3O?}fcV1+XU_Vex;|g$za}+B5OwlUUzcU^r3@2VZ!PM8ECoNJu_!wHq z4_-gu3rdbsT1uDec#f?#VZ$yk=WVLBt(3lkk@HLB)7|o-OrU) z<-}dw-e`}f%x3&{-f+L2cTCXc{C4n`63ErrzaEeMUm}B^K!|rME%HI*XH(gc@}*3WdTfW9fhxk2kGKD&CY*j zcPU3F*0M@@KMoRab`bVZJC`EK^U6a;Ul1KnDT$9uZ7$5+)wi)vVUF%SOk~@~-|n6g z6nx!r?qG4RB%GnAqL&Ib6#0B-w#LFo9x#%?nzsg@5=8^I8!_U0Mz{f6QE}Nfb*VKM z#}g!L;A(y$3&74J8FSF)rXjZHZwb*N*1S}OVcTvX;aPDlg27k@gkcjV7m?o>X})Q3 zosDwh9?!DXHCIP-n$w>SrlQ(2h;HWmJpPJ0M^+kX%Ep(u_`LGZW^!5G;n#t$y0tla zvzx8an(@Z`(_-0F$fKYkGo+p5VFKxR*7UN_(zKb;1~qBMyTQEgv3x9MyqOuM1Yn)8 zA~(G&IjNm%*lXIqT@Jx?e3{s)R$N`oY-VFGhLdac{?-nBRAHYn#{c)e4&4wAEA*RQ zRR9A3!2Fjy_RWG>+S~m_u&BsJf0L`-$LcT_glr^1dcwL8hLq5qyf)JG(u`3oZi^gA zm}8dx^IzME+4S}eyw!3Izo)$I%}93o9tM_A;LvKelFQWrnNkOm6%V^Af%25kCBP1< z0z4N4fIJBvB(xWUobh9Y&J~5tS&>3e`xge{59$N1BTD1zpbc#Ln-2YopaiBt%WxQ# z7m6_YcCz$bUD7WsL$GKYP|>um=xNMmI43)IbLYbG{xpMgMO~p$TUtNVC3-6~NMDR2 zik_0z94>PJS+c$}>TDwwI8GW@94d-(9b|;vkl<_b*S!$`w0@4QHw0VvXt$}`-3DQc z@S;i;y0$m0%JQGHr1fmw>%jJx85irdu4!(BHm6p88>29nU6Q!o+ZN-d%)~t!(iz%2YD_7w z4{A_pupDQK&LvM!U;(6NKhZ9C0McG_IU(O&|Dp9NFuXj(Zhk9(oF2oZAYg*X8m2^6 zaAD@;Cw1Vc)niJ|n&|PK!Cup}UOI*;ytpm7pf-m|!|JUyS2&YFf% z+8;FnXbNn701^a}Szmeh^G|kDspA)@o(h(1`>?O$Dw!#Q&^uQ2ry#860ahE9$jsJ6 z_$7T2fp%;Wrzp^6_|_ryCJ|_`{VN7~R-nyP_1M7-!3N|G8=1+05l^7JC)Bl3vAr%| zr_L>5n+Gb-%6-G9YpP$H!56c@{LRd<(K}ufP59U~IiCK&dFa({j@gGS#q{s{dlCp?@fLE-58%JY?)vaLfY5i$%6@-{ z|1Ea^BNf=1x)^>JVnaGBXM4NK-%0>LC4&`=Lm4lg0-{o4Uc+KuU{X5G0Dpf4o;SOcu+$`9!!?izm8!c_*d!oR-tsZcMV%E z3R(ACdYg%oy}+n$DWhbVL~fMC(ME zZLyJ^%HjQEpabq9fX}6u9ydX!%C0fFMF76Uh9KFsGB?qg@e$44sdg-|2@398pCH08 z!p&)AHBJEkCu0-5NM?=vqIssYelf%SyKvRG8qTeDn!ND zEVNr2aRP7P&=toLXp>0XRf2qKaDQgZQO-nuDU4aBfa~6=?jmA$p9;mxh8m|JJAL?o zylN-;uqKHZPT!|W;fRVxs7~@^`n*8-0UPzmAnh)ZNrIB^8b;`ty*p$nXVReiq(7}Y zM~}|`dwG4+~flrEg3_Mps?c^`aNj%ve(4J5WaG*69$hY*Qxf+TTLJ zk2uwkq6h0e^yApUiT?%rp#Q6s-ItdhTR+x)v+wxwS}+`Uus#b6{>vG`Xca_4N*za0OKk@KDba#4B zTa%C#Wu|bOru1UI-{(|%%=9#o!HWg9`+`_DEwqo*J0^}J`~gN+~w{sGH8r?h#An{u;5=Cs=_~=>8p(&a)YnkX9*qz4+4&A zg%9JoPLw`VJCYZoF$!{^wtAw7HLbrJWS2Jud*n>HTi zmDFSr7+?^=k|dA=+4Dw%F}MzSB|#z)kVHXs3mBw7oCuteCw78yo$FRDhj zjS%3z4)CF$Tl5`n=kk(m+0JE(>!J{tK^fFWMq$bq#%GQ1Arc2o*dyWBQ|vCgI}ny2 z_6!E1>T;F98C%WDLC4+hWkSrECN}40Sxu%e$Oh2>kvFR2t>T2``LhlfUm)ND9tLFV zf)K-L?oB1&OM(#^nGgc~91Q|Q@`FL2x@9M973zog{7#E7XEbDbN-@aK-sS9ihrvSe zj{0if8;_d{$N4zM0>wK}2>$tm>>&D~Czuq^1~BqB3AlZ=q%F*TnMfbA_wxQh1_%w4 z(b9gnKF(sUrUh<8T2b|L{?;Eye>CGBjI21xNwG4(_h=yvSx2@IA_)^T`+b8f6AWMK z#Fuf#Ka7v$My@dA&5HKU+}MT|_HsJ2;l*p_dQbe?Gq+H8Lp!s#=*8&tJ~-tSGg+Wk zSAE&L@~UoZ)^y%n!qZ#*m(a)?_x@ZuFlEPWhTfCSdDqNBB}qaF zgZ)&(!}8N9gfG%gy=h~gZKGTi)PGcowdOaG%>MvEs&eca#CU%FxgWdb6OYxS=hCBw z2HS@fdyacw`-a+O|5Bw6P$NFEf$zk}alc&Jlg~=W;^q+1h5Lw_dk9%y05STsEmneb zDmZ@#^&Iyy@p=b|IR!+{w5Mnlx!C48xt9QCdH5hKrLxV3)%THNf@Ow1orDq0Gnmm2 zc7u07!E7c7BijHs%1~~?eDXoleQHKk+ zpxp+tCZ51=p`bOEpd>FTEail@&+$MMMBH{ppi7?U;y2Oa0jTE<@Ce!3n?<@`sR?f~u=fMg)R-`lXK>K6eW7`UTNc(7an*r`qf4tbm8G=1dFmEgv(=I_a>4po zqke6wYwql$1UeqF>ZoanoQp)oGtyWYm+P{`{Lu(RoF@p{)CyHMRs+3exP+fQ->NJB z>av0Yg6EVoHQ|Kygil2c%A@u|GPTKJKEW3Aj2qT+O4b}}J_0dAil6x>FU~qvu+aFA zz9nJct3~LchHG_bA<=MwyeT0Rl58>TlxL3+u*%N-_$&->}HYaxDZc90Lu*6dD%7_;G3C6M{a4uJLx zli%kwZRG=%zt!C2bivlUvYNFvuLcciWJl%LJz|W^(&}m-Rq0I4fhLuhShCDg`Q317|09moCT7nfX<6jl8YtWtCsB zQ61H9YRPpLOq|KCl`msiu~5O5)+-U5Ysq|=Tx7i>D2<7+53Mjl6TY&~?pEiczpEVz z=oX>E*|fkUaVQM=dgjp`^sHs(v#!ljT!J$kaBRKr^A%SO5`T<3@?@G} z4fop6vitUeUaVdMz)}%2uVwzlK#wG|=+2Y@BpqLc18f zMRY{FK)RJ*bYg*8TCn?{Fh}HA_tQNmmpB;{hS;>MPg5Q;|JA%hM?kn;i*#s7zy>~)L);7IbtAr zW#)*3T_BF1Yu{W!^CIE}?SKetCPyD)u#8wAu}eax2huW+ta;;SjYO&o1s~sQ zjT|ZWI3RTy#=v@P32x`F7S~pdg8HU+FPheI8R_R(-JY-_`o!RW3I0+iekjhJt-{?Z zgqCEDiT`ufJ~0!6S?x013m5|#e5D;j>2@H`EqUT@8p_^xqF&K9KtC?VozH0c^bZ|K zI1@x(=KCP$z7LZ5|9O!AZu(K+weM#@*!rNBGXel(QkQ^%C_pQ3LQ>JK7-yO$b;S0W zdl4G@RqF_GHj8NQetrHfW-d7@&@9g^|=WaQG9h0uNu+0-CxdVc{=ScD-5`VepX)f(ygR*VW1a1lx%2#wHeds z?^5nn0&YK_0du(t)Q1Y1X#dEZ)jO7uUOtQe(t!xm!~+et0U~N7BL!C z5)#649qs@SC)D(Dw#_3OD{an>sqC#85!Xp}urlAik3$N6{3FW6s0C=;zA4TnSO5Ud z{{|dmdpk2rb5|$B|DQTgv$Z~FL;1|rca-4gpp5ihktd!NOiSHp*r+MiHHYGQMg)k+z{j}D~7 zN!(p#u#C_Y976NTC0vQp+AWy-X?TnV8L`V5$~HJbVt$}?`qym50o&qw+gE*4e2dgi z131hQR1YZ;Y>$_tQ#OsQts1{B|92g!I)0~6K2E!@NZR;&BI2bCRqy)~iD71$wq7Z& zWDyqeEi{>f#gutcElK(nc=urweG{DIba^!16uXx`Y^trhgGaXypRa`j3lSK%eT|ra z9_UfH!w5}*LDmftk7Vd^Nf!FJ8K-Xxn)zdxTPYZa7L-%L@cIQsi~`1V()t&AyLf%Y zvv`r>4~FW!t2#vP|&6#tZptJyfSq=<}F82)9hR-JdGfrJX*cbnmu2DCUcr$ z7kb&mJD>Q50hys@~8VW;lA$q1P~?ZKj?^yRoG0=exI$rRV1_rS=#4 zKW}0W-d638M3d;o^QsxrLu!Dyc`P>9U^8{vXFbiRC*lg7LjF{*>Vn{YQC*iiMfoIp zK>*RUK?X%`)aMPGa966s&M|LrsGS21^Nx>9?a`T5GpD+~>FQnWM0#!Iw|nYA}tIIsFeIbt={rgdtU6lccdRb+zKa$X2#F4UpU#~GCl zNAp&?5!P^ z^g2q9{r$15pkA?PA?2`tYJp#@bi+$Ef4bIb)#L1Gmjg-&+#!JOm93tu6P ztX*!!RWB(2un*o8dmsF}8!7_S5XgN34-3o^N3M%_GYd%e@=WZ>pUlT{Zyyb>jN9BS zJSNxBYgG*W0<(>}_x|j3?dg%Bstfi}g|>#(_V+Ime*cgO&PjPQd>jGdC8j2K5dZTl6v6RL zhYwX0oENHCU`E@3lNZv$F2t@4ZUZyrwxdKk$2wj|$Yb(rk%M=(9k6J^6iXpCvw#0k1h+9)Cj5G|~YDpEy4O7EQfmnS$$ zT?)-@y4gYcw83^fr)iixK@y`}TeDC-{SPh=Fm?V5@nJL~eyN@{D-6-}n?P|Tiu&aT z-QPk?Q=(|SJd(XolnG@DSB!8H&%E&r${50lLllDchUqF_aO?f%;ITZ+Or0n{ zhb4khga))EB(h)OkI2maPkauM=W_tIjB>w8q`Qcyn8@x zZmMH~O&QhonO~(Q-*JDz5w@|J4U`6hRZdn%kc6R3fznzbh{QdK_V}#V+$BRYn`Am( zk-Bc*Je~fhgdk=32)cS9gJut|U&6$?hf+s$(P||1@K(qqGf`7g;p&uv-e*op|L|n{ zJm9)`)mc=ZL60PKo?^+C)`Bg6BP^2YE;xvHViUC6eQu#~#hch;Y1xsJN~{CTY*z7aHE@YhuN~CXPiA|Jft+f2td|p8ey%VG05D;)>gu- zR7a-3NzfAmG`?tCWCA9_P>w?G4S*LrqxLz)Vz^=QhKhIEwwlwJjc8~2`4b54m8um+6qOoP(ypE0@D^nf zv&$2*AF-O{=BK8j|`a0}V;2dd@C?+I7w>Ts%0T@fi-5QzC++jgS`^ zWAc==P9xErgMkkA-8_$|70GLWgzgnVRaApRxBhmJ{!i;s5Y(u&k;<3Mi$1iB)4XrV zX+e(}SB3Q$iei{GYLAa4$+2u1$EX6E?PdDbUzEm5UjE zxdBf`R1SaQ&9T<&%l%fMn+U6u$dOw!3E~Rb<~#*NkaSxIm~n?*^XiG2`WYxc){nlS zG!89U^5hg#6{qsPDlWZKQRu>`4#{&!7v4KZ9>DVPn}+i~)Pbr6Dsfi7r2z~b24;Sy z9lOT7WucR@Od9_USws8y1v?pd7OD0U0vKbwxju-tVU<`q*swu|jCmSjw4Hd`-SjUP zp&D_3hOHQYqO=XW%w{=-C`vqIiKAZQ6*TjkOe!pHE5_I9_tT>Dn(Eb&JFtTh3ZF$T z#?Pymf>=-Tl3UBVoCj`&9id88BH}?^6rG^2N`dFfAWC*~&d_S0cLx z1qeEYg5Is;U&!%t)=6Dx!bNA9TFE%O$$(hfh06T^DqHVn>eGz7 zH%cml&S)>TQf4Vs5NeoaGLjTB1JRX|4UY!RPXXc8RWWAP!WgXRL%;g6ka;iIz4+DLXPU}-#K9xh(|YFftsq0x@B5pmW7}k4 zy+i+f?6VqZ=7Rj5RJy*KVy6G5hWyVw_?L*LENj2P0Mq@Zj&M3er({23C;&IaU^B3c z+prbYuVBKZW-W~;O8yx3@vL|!o@5w~TM=xk6z>y{;tIN+I()^>tIlqpMBV0DPdc{U zZb#5qi>Z{;moxXRr)j(|aw^$mPwll>5(M!ecohSuwGa9+VpWeId1(^?u0Xiw^~_x1 z^bpd4@iSv!Gvc<3FTxz+2p>UYA`%}PH4~ess1aSv6^v=F)`fEfWtN}ku9!DACCUPW{02AN&9(HGEG8RA0))>EwCRXX3uqLT_zLkcfX`L zxlKk;sZwPCj4bejrYP2Qef9+a+@_e5kW5TQ0g~%LR{L;0HH&k`qNbqK>~`!6%Swd_ z+|N<&i3@5iL>^63M1TZeHTU*6UONOcLfz1GsxVgI8cCdY1GC%NFb8Ak4Z5D4x)`~s zO{bWhE$qsQytt@0|D!PXX?ZG|2c?79QI9oDX{CB);*kdQ0pOvkQ(J-;}jMs5R7Zyr7+3DoOfAH7+n(N#SY z{JvfZqlJkaUx`i!LRl-3?G)4axr`T-pJ-nGA!Hq`4Dz0R2h_>;DEwcI!EWCk$^TED zP55g`0YT*YB??hzHvqI%k0ZZANTMWFXsOfK9!b3qyBc@>-4|C}^aH?WV{6T`QLn$w zwPy{!ewznX+6M0_X^r{0sO@L0Mh5HjGz55!@tO2YVUcmI!wHv(Vt@icd!nl4^AhG= zAPtzkB!YJT%fs!8S{uSv^dICspXG;seG{S(&O$RmcI$Z_)s>8lB26LTT%{P0@?rm5 zwIi%>LMKVW>HY&6ld;O`Cs3H|!^ki$yit%B{jbpnt!U3$gKik>AIL^X(*M|1a*Op{4!bR)-Yp z?KT-;wmwinm=5jgn$ZB6aDs?nXK5r`3l&TvTb5P}3Fq98eS9e~-7jYu@j#S)e6DX# z!Du+~U*AGIU!`4vA4`3Oo&@f(eEAtJF7R@@V^hkE+vAx<2Xcjg!yQ9_q!1Vlc?zvf zp1wCekhnC01|WC{c=$isbl7jAJZS$+?h5x!Ci)ebMu@=Riej+GJd|XzO&LuQK42)= zL`Zag8rwfNgb(yT1Vys%9)J~Vh=C(}$uMM~R%t@DmS8m6L#Wymx6ZG}6fHZz z^V@&Hw|}Tc9<++hgk8=~o@?t_jM=9Gr@L%YdYQolm~$qJ^8rAQ!Y4K4ot%LVhSTf zqI~|`h;{@>4C|1vhptWX#nBl&P4O|cq=6p;NqhJ|Rh{QlmqV4T{n*PG=Wj1PL(1&r@b8#a5>KzS8n(q~(lAy*- zTA-@*;j&;93Ic)zc(=^K8x!8SYM`Dm|;W0Nv7n95m#<|594p%rHLPt?k{?%iFv zy)1kjlxoF(Xi~sHbbpYu@laMYUBJ_AWQmJA3!15kTxHoT4SHY%JY>%)}QV-mXHL@BzKj5zs?MW(ZHRYL|K_LyXJt zRL03eCsJr0PJMF`aTE#|MGV;`TqYeTioi>BdWUdB4T_ktVv6HUVVzFZ9x^hRVmf8! zRE8DpaL&oo&X<6Po)(+Ty?1CAbK|5H3c)g1FD5({oMTU^n?dYM$$z@09Y z5&7|3Mb-e(@r@QO&@sg@EVUA_Jq@i6czi9tj{XdvkNKBVs6Eckh#<9Sl8qvjEqaHK z3+(Ei;K8)r>>*VMos+hu8_E(fiN(+r(aG*cQ7KV{lK5{znD$*V7;?K2KdgnRCe3DN zM!Z6ApIO}fbAs-!&2Ho!FFWz*jYq>LUQv37Z3@LoJRYs_4x=~9VN1UrEh)RyBr7Jr zb#+#c@Bus%&?yDN%Me$yp!%Js1>raT>_?jHXNff-)|aT^ybhQ@g2@@Yj-O?W%j49W z0;E3;GvvF{2D9MMvhBt5s^f%3FBZ1X7?`kKwJQ|Qklhzb8!ESltPl~i<84Js8A7;{ zIAOo+Ld2b-?%D07SAuf&bxmdJK$w*vo|1_>q0Yqa{GMkFt-p7u)*Ho?H-30YqcCa2fewmZNK1t>#TUkuFo#VmEnP*C*3*QYfPY&q7P{dk~B*d`|4aGTnjw1&Fap5f~reXV*5 zRHa@9M)6ouZecM?aNNmKnvL2#b;#t6GKV+4lufikgplFa+5Q=!-$d)Q$GhtS-v*^- z5U09|+Ab;SdaqVC@gI$~T}{NkkLy?*1z&l?Y{<>B9xEDl6{zcGx$veTpnpC2DL-v4_?hpxLPJ z%oP!5n|d>5DFcD$V=yPrKo!h{nIKLzYc0L1v}IH;%_GrP_38~Z9pLMhvBA?QzYh`C z<|!L{;BbDWi=$-86_06Vn<-uV>3QnjwCduvN1b6;!Vn9jirN*CZG#lW_SG!-wNiam zokU)93i&&$a2YK1a}|=eqWPy8Q>zl%OhPw89q&n-hJ~nx92wG2#cQGN<5w2d)$L?GhCp);ged-%!1}EyN;M&V z8psD_K%i45_onl<=~xa7$tv=Y67de5&cu6z=}Lt231whRc{!uq)S6Z<<;^*r@p}*( z>+LSE)AALDW^v{OsE@YUWii;<*dW@4AIniZw%BhgozHqF5y#-=PV1mxRGJ8cm&zSv zjM%HzoAn(GH@$83T{a$(O<0q_M3>dzrz%Yon{S=*2y&NjA;m9@XFlEAh&Yq1j2 z#SPHPKiY6b`PDhE2uL?Ji%-l4c=+3VCi)TvjxUNl0krsYkD$ie~^Pha=)dl5Q zCV91|)5pWB09f&AiCvu{)%ZIINs=E1vGSTd6E%s1)`x+HG?kb`WIN5x!%bq2Ywp#G&H=`qZl&Tek6Z+{>geQ1ekwJgqAak_y zaf-PJmg0R;$t`4?tK9y;rg=27{I0KLO@=`lZzyZTfOKED?c3E_{a5OjMh0#;cBRPd zMw!Pyl=AL3ulrEnC6uFyn{kAV_tNmQu&Lzgxd3@2SE2=vLsX*-e%vcc%#}12-FRcQ zg8n)@wzuHQ4@LE%j)t4e3&2T67&t7yBku||Myy*{;gjk|HekVVX5T|MANH$=Y`C(5 z8g6JLU`jcIfTiIr65jYkph=>JUF(yxvs+6t$8p_kl^U2AUb!Ltm(NW&xWU=%Ymzp!?hLg+)XeC$2QSWlk5ZA9%Qrd}YWU3RgHD#e zJeytK@m4k7EfG?t-W#|`u-H(HsEFn^78RsO>d~NS{f(qRxexyuHFlW>gr!kBOB4cT zgZIh)5DgU$dR0Sh23P(CCS5LUCA}Uu2e##nnsg=Wm#X6cH+O7=*W${vfBI5)K2l5E zV7RCXLW*t~Xk-spd7buAc!tST<$r-L&!OXp9OG(1V+C%=v};hP8w$AqFQYRSweJK^ z38a0h*COk+uIdRonM)c5SEB2vLJP(x8rz=wm8E6clR+mt1S_Y!j>v2B;20f;Mz;JC z60P@{WU3VQR3}2724~IJU3)CQ4=#XSpxH+`khdv0ro18jo`Q&SOih9(n9 z`&u@XW+CmBRH1;9<5ul8@#W7f-W3KL2afygu8h4+#cFI;oL@3m3~xTp;*I=I?d`yu zLh z1lL*v9y)WYiuHFFjBDvuLPac|c%2>X3iZ1vNSh``(BESeq;*VvX*6 zb(ADKRp(}-pTtz~%7K)2Wcj@8)N(IXQbYFxx>ZA?$e>C2^dLT-to40O5ZGrw|n2}1s!i2sD|K7m_qn}}Zo$s)&2f8m``VeOw2fAR$0Bm9s zVZ|DPuKF5X_l$<;IH_46r>|QUF6yFt`?I}nRl8%7;DVVb$Zg^?HsEgjzIAw>YD*2V zI$?bzPz@HK`lV><1Gj95gt8t$2wnW8?wwQ1T1upyN>6i40=52oO}+k5`gIU0n_u*S zXxz1h8WN9FdP03%ZE#-wRl0a0;?K@THae&&XYZg{76e?S1p1gA<-EDqH&<=w2MUH> zXNpEqYY>EvXE$&^geCq&f~43Z7N8Z$^w?HOLoTMBmTpupts%Fe+cO0fhmr;$C)zRI zH^9zAd%PPO`$rw8Orw$H)t)dr*weYpZQY!P5P;i;4GR+YOr~JpI`PjDAaGQ>C*Nwkxp8 z&K}F7Q0Eu?__=o*c7s{J=JyY+`#@Jtm+qTJ*!rgTg#OFBX#c&b`X8zL?|(*;$oQ8p zA@un@Dj5Ty+~lf10HZ=mRJ2K3Rdcw9qy|Ud#m(a7xtrvFk@ikOq6OQwVAaGyHh<@}qcymX$k0Y3n zFtknmcsynB%+Xav_7L=;yM!L3_IXC=1+WYdsiZtY5FYx)R1GfoUvt!gVSgkc>DRF) z_of|eRhvSbQD%R5VDW9f8fS6_!J0UI=PfHN!&~b&^^2fCS~%3+oESE7`x4ID3ujC@ z*;k@CGf!K!JXGnH<0;mM`-Ra_su+8t!PqD)?AJVjRVVOB)_x5y@GsngWHdAeNtWSX zC?P6q+md&WJ0#wt#*!9yDS;&2CirHbcBvOT06Gm^EkDY;O?Lk^Lzcr?*}8`U0Lc5t z?3Vu@?1q8af1Et*?d+`e{+~_y7c_6Q_5Mjzk^J7u@E5_iphYC2xVJIx4;n9Q+uDDG zGI{n9K!9i#B3c{Ei^_{_6TYw6gcOk}CK{4RZ%ECG_^BP)nXqSJ{DdZbL=AI`KR%ih zpLY6Sa}##F{sJ@+=~9b$`Vvf#<0iFPP`gi@A#I8bfTmE)2|1>l2qUHl*C$3ur3TZ# z%3wBi8$(t+2163kp?m!OEVhN45F5P?`l6P|q{S5(1}!P865h{;?)VTHMm{HotkZSqEGuCIBo(sB`tks&5sWb&&Qyx;%CMgdLl0JuEOJU~<@Jnj3Do!V&4(tGr%2Dhu9 ziPjvB?t5ddPz*Y?n7zX3O+VLCp8_mMVXj-r&{8mIg4-48I`&BIL=y$Pi{1ANFay)9 zJa_jFE@P5Av!q2z=iV4;B%Z*WxsWJA75oL`6RH*##ec@~>%tR{u1)5skVPamu>{Uk+dOspN_ zAB!e^7R(q;E*utY@kDKzX$99rIg?0^3R6f16jDVvU>B;Fd|DyB;KhP-KA5@N`I0^1 zssyI=?*<1#aoj{RkU!lqTcyOfQ07t!J3HP2hqCBk;vXk+Qqnv0lrvTK%AAYGrt7Gp ziCbXpXciyFB|LXf5d^)<%7@>t;Wn3q|xw)QrL^+K{=n)eFT?VMp8tl@9U|G1=0Eq~kG6gw| zhPq;QaU4L2G$nBqtrJH(;&i?6d+wZFg06yomo;F92$XTcB}f%PRIS~i90#zub&2>a zP)($KLtHyAb0!aMDntB_vy6m+g>Wzy;x%@`g9%G!5;oF>r%*vp*J@%q9#^nCJQj7TnlTR8g47eZ0GKML<12K#oD z%;N`rytM}g*bQsKWc?6*1$#tGnd8C6OK}>Zl;SEt)cg#LGwz?;+q&Y3U8b6^?XI9H+aJiP2nY2_LB~+fwa#9;62N-hJYNSi0gtxrH1)%H;upV!7t1WGjmEq}z02 z97>RY@zV3cWHHjzLI}ThTVd(8Z8Y`F9U5gpZ`L<&8)Qkji32N>xhsZG@WqPUxgCA$ z#L{XCBs!{;@S#4~Si2A`Z6;?lis|8#%kxgnTf7fcA~(eV4lb(9cOFzEiRT&k4b z-&^ANfUDHHSM?Io5jCz@;I!AEs#uB1RJGDI!ijJ8pMAz{y z5fXXi8#kkhX?`$TneanJR(ezIuWC(TN40<}J(oQ{$VN9(VIB_UoI2{Lw+vN1H)4v`W|f6YeYdXyLRUw#s=fDBOHI&W8%j$*f1xd*R*46lx-Br!cEXuS3sJPD;KaEB#&^a5 zKAb{KaZj9>tZGgXMYx09`^v6s@}qqh`L9DMEyOxwg$Y{)CfhYWthBz{dOO-lZBrkY zjMW?07L7UeK5nO=kzPxc%5LTct^xtbC0=j(#tA}skDx1W-fzzAGK7RKsH|(+WIHayu)zY3bST41=x>x`Afnq1)d6$&?_o^6FWBoG*(2 zumc9n8-1DYOzZShYwE^w?)JDw<>UoCe?PAaYORZ{nnPXYy|xKH@tvcq`lu_nad-vp z%UtCI+Zucxd&1o;3b@!}+q-?4Y5R>zy4qT%Vf$MAI*7`MsfuUIKWPxuxAHUA-2G51 zJ!wVl2-7_NYxF$Ifs0VXCir97z7r8c6WF)X@C^1lHA*x#@5bfZJ3y;d-}U`{2LJtS zmUQ!jvc`P+6ETTDLTxXANdAQ~Wkyz_ng zSJr1xF=fJ#scz=;I&I;P>+6s&`L$*WI1QWDP@(hW?u2rcWDRWYm7;|~F(rG~q?2g` zWoZFWPgpe3omPgRg23n{A@IyJ>UtL&+YEzQ9>8E!2b(l%YU%PNo;d81Bu1-h=1DBr z-Gj{;eT^kXJuI@nCI0y3yaL@PyNOzh0$u@Q?0pK6@@Av0NJBv6&2T_TVQZsO3ClpO zKGiFdfk;9FS43%z{|VH|c*_bMi9@0^?EcqSr_Swso4J=xv1mm%W=+c`gA+N!^t7HX zN?5v%N*JM!k$i*-977kX$8GLUd__dg3}ehj9tnrcF+&$e@_pJo>~PLJC{&FooS=6t zi~Tc*y+C1-qIG9FuI-zEHU87Rorww9wtZgUNHyl}mA0S(J*n0gkrLJjnkE%a)7oe< zdO1?X0Nz1Wr3)0@t%9eE^Sf?F8kEx{-kop;01sR1-> zI|#S*0gn;k5u`VC@NrqGiFIA1(onca}F$q zub8o;*KiI#*J@0S!akLm%9_fjXp~4yWfKrnx>RmgAZtKbXVMCXWANEsd_aimXrZZe zOMK4*s(xq*i9mYP5+YQcb5C5zd@$l@#EaD&qi$gVGTL$7v5al#8zIgiRqBLka<_eC z;oHp3`kT6P7y2Zd=1QsCVf08*qSLL{`bEZ~cdUSbdB_%*>!EG3XcLMMRIXwCF4GvF z;vOtK7*8YS z!b~WkuHx;v>uFaK$*l;hT|oYz3KxSXAj3@#KPyqR@EE;9vxoSi38K z0ZuX4$7W!e&9>DhJ9ufmUA(TSyOq-;I6YTn1SGGaYVd71TVC|39sUqA1xakoPQtsn zj45c{O2$lQ+ke2mUbdcgb`D>eUrA_BaMwd}0~u>5Q>evyC{N4DT1p5Rd5~rK(2>~q z?`$*vo-H)wEo}H>2`s=5?Ofg*u9gbz9Gw~b4MEyj->fVRE#Ur@JfLnGM(cOEl~ucN zRG)WFD~6CsMD5Tk*o<}zR685HMbuV@%WSn7ENwM&E0D}@s&5c59U2Z3_Ths6CpqA0 z&e=OL1F1ts(SStFQ-_Uo>!F)I$fp1`sXMO*oJUz4xo3B=@XuWkH@1MaoQ)T~n;vSh z>T*G5tS2M=*gn~lLHLc_aZ{MEesUY75XF%io$Y85FJ#L>XyZ%g))e`}f^4=NX#sOY zCJzs!O$%P?EcSHZYR-`PmwQ$C20{V2zEI^V8n8OvLTN zb8?iYJi#ZkPdT7-??kL{j{OCgv>+0$9ih!4_qtc?r13u2F^U@y+q&*2@qv}pnn;oW zgA5Qt*N0TV2x^$h(K?#IJwUXbgKbFLf&)GfMy#8XTEusz+Z2zMc6J_Jm;n@Cx6f^K)3<_5$PxO{mf* z`5-SExP4LTbkeh1n(v#{Bi${E8@@y5+bQsj6&InY^<(vOi53s^@7<8z*2;P3Ml^57 z$hpQ}1GbONTX;vM{Yj?J|8_1d2eBYs!vFw`IsgD@{twP2dq+E0i~rD~{t2**tpBN% z|Bb1-ESj9tPH%LUTwN<;JVeU0sdJGM7L$LEkth_KMSs1X zc3ZnnfR9#!|3oCwqtaWXeoc7GHWD8g=Nc0y(%<9erY4r^)94!y7=l>?By30;***J8 z%R=RLn{lN1*OBNaM%1b?>(*yeUqrq)BeZ`LPsLwH>nvO$j4!g|vk`=|8WBqZ$g!h+ zeT35rD^MNY+J^CH53UDZi(EeuM?4O2|3jtf6w^%$b#sTQ!m^L6*8PS8A~c4v9VLsz zcY9!bZpAZ%_6YjQ*v*+8$3G}dehV^$e!>e%ik*d;(CyEFB_e)QjHg2Y4QNH6bS2R^ zEks;AMA4|_wYy=Rb}wgmKcwSlr+Uj2#tq?=oIw2q^`uX$sHOai^w{MLdKLXmDWv!jBz z%N!AyNjxKaV3}%9yBGw}PGr2ua$Ey;bHq8dhd2H%A0N+i$>LYFfRGDh%3Yd4J?L1?cXCKhzkjtD)eQI(nVRP6C9bCsKaA@mWMJydBH|Fz`3L&qzOp2Sh-u! zl1D^2Meqo`>Nd5N5kS{lQ)k7{U@A0&0Qgt4OvkgOH$_@J*88?v?#EfXBpLgQdbsw7 zF^PGf69P-+XHK~PnZe4@LHR5_PX-!De9j^7jP{`f!Z;E^m9yU6A&_J}R}sc80lq9k z8dDbv^tOIAW!+hfpGVLp*KZIlu%#MZc4_Q<3lU4egga2<#1x#GN3=DN9)}lptX!Rq zYSHx5FhCio05_oA|Iuzad^vpIFxD~tI(#1~rn>fV_?nBLk*$UBwqV+yJl8LlQttub z;Pbu0VAU*7K#`pxi4XxtXcH_? zU=S5GM+Q^cQRs|Gi(ObUtWc85+NfA+F3qu%2H9MfZt?m9;aJW*$X+u}NP#$h7burc z&-ZNj4-%T{oLXnJoPMH-{zxW#|Z3Q4r zI9S)Bbes@k5TM6cHB&q)sBh%T-0WUgkV5A}YfoaKjztSPIM&vQnV^dQHLX8?UM@7A z)+v#Hg{;azFhsO-`BXIbd6cz3rC@PXw=jIr^Y8@+^E#DKe*yr)Q`s7;jbV|US~UmW z@s3?`v%v9bZGjvfrf1oQMr)`Z3>GAszADS268m~TkOgbo$m_bLa=cbo4d2|T3Jl{3 zt>~#u`Z6kRRfj+!vm_ofx{&9AbVXh@1JLiI!E{ZaeZpfY#wHcGGG3|**U*VFbUg#0 zzXUh!hJbSZhh+s%nm#+KB0WJyK%}hhLMX;76cf(F_v4g)gDkmNFe-w(lZd0o zG(5)9XH|;wGTA}USF=E6iSY2So|tMczJ$G@TDU%2sFVK9BX+7pJ<|%D8fAceA3)T> zLgd(Rjb4QZbmEwlbTTV4q`+7J2N|C;9Ljf^c{9+qeDVCO* zGp_~fA7*i8zN-5|>*`jausu?H*K2Gfv%>mNsmkw>i{dFu1I0@#KZK*@BB0e{B?+I@ zBBl{|cJ6F)$ZFVZu#_2UT5ELdC8I9I7*s@?Q)0p?ZMT^^#|w+DxvD;ZJ2NEI&FFbV z@nmt#jP>SEiR>n!7LvNnW^yBFc(ZrgsWPf1JA6+82x9exVw1YVqi;Ss69j9I>+g9$2I-;+}wsD{`k?= zBEF<91M(tO0fq8p5J#qRML`5kNo$(Ek~@efTbOX?{rSlrH}C@|(*5L~vp8J@Qq7fI zF>c861lzaa2GHLcOpK85!my%p0rLW)`o41D7O|S6tmCr-J;uWZe)$!M^rGU!oQ>ko zNwev+scQQW<4T*>CjX1JR5SY3Z27OlrU41gDOsrF(|k0HDYMw6vqs4hI@8?&61-=%j-&|&~yl*U|m{Zo(+;QPNQ7>TLCf%+27R`ymgB)g>M=oHS1gWR9lrs zgVjM_@H3_xU{nr}Z;MGdStZ@)6|B_Dn5{fL@n5YREoNrtxT73V=_c@%KW52))qEgF zl=Lnt0e8cYpbC_(F3CSHBXU&ao>~6*%n0i-6(}2?{d+AD{tCV#YK_*p)g^uiL-5Js z!N+Ob1Kw;Rge(w?YlmG?lYCA=`uCe2g+aNi9z{djznPD)9-czN^%c?QXLv8~A>buZ z?@J|w3o;|w>)hiu51?KeYTDkJX4mG?S<`M*hSl-d6>lyeD~!@3ra8D+XORKI6)cb|dS!wbcg} z-J2o2uHhXs{u35mrqrytU`(G|XVzdfuE_qXJX4=cDld1zr1g+Os0w)9K2ARLbbLZ? z>b_uguj9*dz~f-_aIf+cvbX!OqsZ-pj^~EoA&3)aaa($US6PZ~| zb$gqYELKw^Tb94=hEtgtmrkXy%Bch+|D-L|Zrv@5&YxGIJG|E&wZ|8)W?hzqtT}hO ztz{Plac&Qu$%3>D&TllQi_Q%qw)32fEJr*`AE}>b=%YL9Gh6k+JQc)uxE0y6R%(QA zDoe~c16`yRIP9O(<#W;hhU*s=CZa90Y&=T+T?I>{_vAaGhK)FlOQs}Vri=d!AE!)z zuArQ=x{n(Y;jAFfK7Z2>uKc3Dn+-)h`$yB(7xKnIgzsgUcNt2{u%M{fT<@e<-VV+> zX-GD{-L|xdU9$~#SgB0|%FbY@^tI|67fPW%wtm>>r`tjQ{|E^Z%g6 zvavHZvHmaoh87K(|FBK}BV}3_at(-~>p=!|T=!fWKIgO=hV&$d3Q8Si)sjFax3qa# za}$K<>hKC}Kv3I7EY~|%1RD2x9gmLBmN@AQ6TXySH47}XUe*M%t^OP0 zWhn<^K}Vg?PGf-&3u!fAgpe3;@t$x$iiC~03sn{27LgacKbX;TN`~;EW}n*b@O8p& zjVA0KQo8Sj8V%bEk_ABr@(y9bOwR#m^Bms3NyU9b%@@tAZrDnX&mB~3eLPNuA4_nW z9$G8ZXUsM5Rf5?ztxA5YB%#Cp!P7DOH!{I{D~ee^=vy$vuMo)AgmzK*(SGO$O9Msc zC`9C9cGK;Z+p(U^ju8SxVl59GxFSn<#VlOuuiMGp1jD;Ztp%h6~+ z52Sq@zw*dn3Jb#!et@>_4Ij%un344a2vu@FWjUe=Y#?4X0JXIrJ#8RM2e7K&}7I`=%$Fbwoq42>tgtVTh)nl2O z@sw>x{1#=b;1Qf19Pw97SE9B!_Y%U(yRwDKXJHb@q}fOEq4fxBGz~lptwXIJE@qm} zn??mR6CpXR#44+s*{gOLb|+_UTiQZyZnfMy@^VFrTaIcyrF#FgJUnm0jGZoSC^j4J zY8X3kn#VrB0F z^J(lZid)FRJ7sbeJ#nV<7kcMP=NqeeU71ORF;PK^sT{W9j;+B&@moLfk*0%dg)iO{ zI@f)oH^<(qHby8p#j%B+zCJo@bSupv%dFpK<-Qh+}EnG#5K#*wmb9P@sL{{#NefGIzouJ1V%LNx)w*{w`ln4#R6AH6p7942r?5s5W^ zahb)ujW z8t$F<#Y6fphL!svM4&s(?ER4}G$vL#ZK)f|VGEY~>1hcaM~b-vmYgTK5{!2Sh;Z*y zSdO?>C7Yu;D-5+Hw4)Y4%9pr1qAtWjAk0-?12gIskQ@pk+aVzJ6zvRVO0WYFmr6d> zTO!**)Fn%nWP%EW3TjZ$p|}}02xHY<8*4te+9NmB+IB}&xE)xeU0Wue#1qT$5^2_^ z3d60T!Sj?@vMHZ$n|WE%PP#{*u`vOAfEA8>pu^nU^x-P^hk*U3muo8CqpUWQFCquG z^u1sh$V3?CN+&qAPKm`cMUgu0H-o$rjwgILy~a%~dS_SlBrFDy8Ea+>-}2uXUK-=R zmdSXIVwTH@EOq237=BJzot?|Qips-OA;V&SC;We7GkDx^&~*D=>{npbTKYV`c&-G3 zSQr7*T&!W9`<`Zkegst(UJ)J%XUr0)7exA@yC%x2h1aPh~b{grn zQ%zYbo%ZDL3la`}zC1TE6@VSkZ|z@iKz2Xe!1U@KunCH>usXdRZ1S4CTfek<^#{D6 zSeTUI<4@f=h>4PT;-jRtHVK5>$#@JG#g@xZ zU4J*|->CmP$Nb;V|IjpjY@D`P6Yt-?pmJ|3t?e|9y02|c zl;?D72syA+sI^QsCc?BWV+koDt}q-^kH=R_8~eUHA4HvjkNugBiQl%*gLsGoM2i-7 z%$YG`{9+OrXQI0J>awiGVyox3;l0l2Ex;#Pg#_D1BA&J|8^S4?(x+wA+aP*$~1 zOc|o)(4r=gD~qY9nym<>&gS1%aZf~YN)@>zn5ryqn=PD-aD98C>X>DCnDeqI=!P>^ zReouuGApR0$~bGOE(oRu+}$@P+dwTZQg=>8!p!@N+TzkY=l1%b=G10A+NiQM?(3Nh zG$N_o9UanE6`6dYlRRkl%T87fn%Xt~eJ2PrJtB7LY8RnhP%<)yYl4>ScU ziXV&m!VA>Q^Lf>148P*!lv!$Ir;6J8s`b63;^+#VrOD0lMjhB&SV$-b;2FiV;@Ez< zW_oxb_6w(axgbvDFFHE^d;RcEpj&N#ebik!0&w}+U&6maF1uueEeHte&m31Z4Iuec z{83?Bd4~A))U=|gI?NVD%@d(Ji8sF*_l5xzeoPICJSKt?oqtehtae8zG1ED5I^~Y?&G9MHJ=#Zx)I~BL!(=cxb(fyCzrnxXOeQu zEe*6zS$lX=IzTvc%WPUL<96(BclAP9mAlFPqdkAUF+H#N=LUn|Qu-AQftQuRKcB#>@mAJR5p$<5&4B<50OG~7BT+ItlJo|pzqzx!GtSE0 zBjgt_kt*8^D%~zvP&eo_6gQGlyv4Yow!ljvo7sv*q$hi4rm(8IKjYEk*;NPmU8wL` zR{(msT*iLJ@=j&C^AAcfVYl`pB|Cz>sP`M^`|P4 zeFCFMm|jIH)uD;$iaTsvbu6`j)d6_bDwn%)i!r38l>%v?HyI+*bi72LDZ=Jr_04-N zZ-i{fX}<+Bt{DyGVL|~Rr88#U3(@$NWA3PoH1$Shde$Ki?gmT_tx8)lIUB6SloN=uGOk(#y4GGH=*mtIB;vfWq8j z2LV);Ud~+>79;hKqKa?HWgkpI z*wob*9+a7NGE@4}w&-SG=x_Wp5?*8u4ZTOh4|7<=9jfyuBz5`0gCws2-ZR~>vNw>h z6;DQHDbY%Eu6ld&0x6iGt&#CTjEO+1J%i77rQ(CNjGwyXy&}N|q_aVXe?)Ed6}Fk_ z2uC0ZKyLBx9|}D4$?i|EUmth~-VBkmNCkh9=PFwMg@j;-XKqf<7ucUDl-Olw4_l{g z$Pd$S(!b!IAZRRD5~1I%EVSISXb-U7oDuQab;EWt6at_Mq0issU^W_a%RIgfbc2j% z?`&lY*_={p0E>^MdQ0`gEIxS!PTe^mTCOsR8Z68Z~<>#T*l2C25I--G}!?NW-@(O`G3K zzDT4eCk%)z3tA|KPI6DA04$=g!k)6H z-{@}MfUqxuxF_GxiTvs5qBbHA5sJ}Jlc96!jVrnNhSc9uY3C(V`A8s^y#L)DDuPx^ z-(}YAl4y)kZkNo^Av~;iwm~S=FJ{T&;jGY4zB>S;^AGTB7iXlN{3gk56#|`42UbHx z&}QC@R*DiKUbg{Szj#~Aq@462RaMQ<7D!`r)Dl!i0t-=!!a9cfd~L6_`k-?H0^E2~ z&WsxdPL|?hpk;Ab0EfS;bTQ?!wohoOh<4n0PHkAl%!=#`YDa88cap2nW8)ffJY<|( z;-yO^h@_;+^_s*2s(3u?DC^dx-f)@j>UHJ!NOHaJaBK62kE&G9YRT2<(E(h<0q-3p zsugYxZ8~tFeTHyvh$oaCtsEAir%o_^%mPK4hEvR_@#pN{PI8Hbt+V414x84kb!Kj= zM&H-4yyGtlDd0v0s5{`L)RxZcARU!-j#fMm+xHzYLzZ(eN7{R^hK zp_L=QYlFaH^!5B|nZ(WzR06yzW|->i1jM3e?#2Tqs4q>SIEPo6%1qyI- zDhfW%!a~_eF;pE#2DlWqwHZ108^Bh($8<(MueoS>mf$@Mjwz z#Rf7swEP$yDtv+9nT4~c8&5dQ8?TvR21uSdE{V)oWSq1ne_JMZFg0r;D!^#%DI9BT zGLC45LUp@QNS$V@>&Rvz z^VdfO>!#*G*<^{JYSxEc2Os&Wp>h(o@)Uz_7A~nJ7Sqm1+Ng1Io9}3Bt*Dm$k@roC z?IMEn@g?k2tJ}Yw)KDKAK8lZe<{`#?MB$U^nT+f?nyz@L@UzP@iJZYgIe&DG(5@S4 zF|ZJev{#=N1N9VK!8(!A9S=eSSp?Moo^KQiT4hnfuH*a)ZUF62(>0t?{>(cG9~!|$KS4h;43iA zTCiiEGp1tfYSGD&Uknl&5R+|A;y!1qTZDKk8EFgbPnIwRULe}f8wlMOs{;^LTbk>J z(x(kuV*0Ct7R-tuS4M{OH+HeIGm58qat;O$NHiYMC_La%nE!)N|2u*H7XrO61Uer` z^zSL)QGf-#`qvq)K%SDQXDs$^hl%uAY(O@Vu-z>}V~0uh>Fhv;SNJ$K3yf3s`jieZ zZJ88~6T~nV$RQ5U16+W67=O1A{w@K+9YVO<|60DGK!{s~mOFC`=iwU8#W9?_UT4yq z_vd6f6W5q)Eh5V;1$7RGeeXlVvR_~1vA)1m6LFq+#T)Hj2uzx5+N>xaD74tTBY@LJpduVuL`tI{2@tY>Sy59f6XzUyQ> z*Gaa!WTw7^_7Yq5)d)EJYkliUCVAq`=vKFxWf4c~x(GcwH21=w&VWQ%Tl_iLkg44% z$TF>_vL6_vWW!=O0_>{Oo}4;8t-qs8+`u{ekK;V z#(6vLX@y5k37)C6Y932OUu`u8h*%nAPd)}Jw3vg+0{PBL8*9f>w`wNGN%04~gaem) zeeS@bnmAP3j*qyuT4uC$lu5;C!4YW%hw1^neQ1JR_2u?=sQ3?HG}oN>y4C5i7Fo1W z^>(k|dA2rxrFdO^qpq>Tui98wLU!_c0Evvvr%UcE_*$2}uvg}E+9`gEc`~+Q8tYsu zhQfp`xD*D3!UqVH&im30*=D5cMc7Fr~qu#k9i4~~Vn9c{0BjlV>SjBiBnjQwH&AsVz?`c{+PkJCh$Vpk2 zu$zODiQlN>2P}2qGsg7Rn@beZKL3r{<+?h)d1@^ws4d!~n6-efl8=hYz{O5UlgOf# zYAXGXmeH4<*u(P3E|_A^*`Fx0tim+&;uQ^8ntqJ{8G-mqnhlp%&qBG4W-S%xSBYpe zK#E2})SLX;I}tv^XG&U*Btd*J54ZSuwpxgHc~v9Xq(|iXdtX#Q8{KC}#0eX|BXt*> z6}l6O9YIfcK4Q3V>swn5Ry|70!F+TnT`N7(*jiB;bL5O$)<68zRjFNfdNQ-uSR4RY z$*^6D+7_LYn=5umrATNy-9eLcp>XR1{7{tsuL~}Km`cZZKhzjcD7!?z_(E4WRhs2J zE@o#}oZ%CgCIvtV1jxzIP2tzL*V+=`UI&0gjQdWqQ_CNFBprW$GKV2F=$mqPQ2}@+ z1VL9#0V$&37y%W?=>4Ktk$xe2ei;@h(>ooQ_bDK`85`#{oC?Q72rb>Iy<6H|+LIHY z&Aa_2D|sm!>t2n5d>C;Yk@mUV@!>H4{=r*7()q(@Waw{{scu9O+C|ub5?TrDuj<@8 zk4YQ_qvod+F*$~s0nQ6RTVhgm*Y@Io;N?l2U(lkWGi(Et5Av=hUR2B_IqpdoB zjye8NwJ76&j_tJ#`uY_Y{k09-%xbo3)z>a9%>rYt}gofm-gU zn0Qn3#@$*Kp+d3N*iLQ;FYz|8_iCVBCN4s;tC|kAmT9R!t9qFslsnBA4WOF767L6njvu5HpPffCJdCqW-yNv z$kypW)4LR}$#!u+GUXcFbhRU(n;hir=}kUjUpr!#v)6E;DxL9owMeO2F-$tjVX<6( zkrz=tD5t?TFpvl<kgcDtktldVk_w^nq%MdD4V0A9&Ry((vG;>8@lRU8LXX( zN!7DB2FF!200&CQv4~#=XeCTgPHvgo)TEOsapUNzr>vVgs{4KZKzp9gPg5Gd5FmFj zMOg=Ntvs1=HXV2_4Zwd{J`Kp%Zi~PV-`Lze!h|v|E^R_n#}jPzDr3gIw{rvr`t^*4 z5KV+F1tFLTMg{%3xh6&58P;cahlLFsKzQ^+&j3}Wa6p%sp&zaY2#{081;P^Lx$Jq$93l(?taJv zerQDCLpWqJd=H(~NP*-&9PyvRf3Q|Cq$KPs@`C=+N)gGqp^MY;aw}{9QH(H-(zpYy zcSUQ@Bn zp)u}{si~f*#bT5Z6YHysc`_{5z3L{@-XoB(H94vY-g^!2z1joa^8Qi1DDa^OmXXZDC5fhYGt$UqFWZP` z9cwP1j54e0-iE@+N#K!YyRWoV1CA1SWq9MDes~n2SCRsg6)E|CsNpVIYK@!gIV(7a z6sjuq9Kk8~-RpH8Utc-Fq9w0Huc5Y3-fCH)GE);qfl>NeEl=P_7@~Vp73W%pwb-p- z2Y{U{E>Mc+2wNq(ZiR0xODFy=Rg4_Wie!+yF0~@%OPKsy=aT8Yq%>9<>X0y{_8M&S zw2>rZyr^q22v5sCO1ES#8}Zct zoNo1`#ty}xHh;mlnjgPs$t3LQUwQs~DLAa8tkF~pRhcQQb5UvotazpI{EUN37>?!w zNkXrdzHQ{^6gw->_F=L;o$CQKMpHt3Cc7tV#s6NzGAn&{jm&KmupDM(1QQB8m zkVQBU&G1DxDbhcK%`tuU9 z4lmv``RQ4rYY^axLMA`yJwzmkFU~FheAFu4&p7Q8+8~j1Em; zTLfE`2|yK?J2mbVX9V*?533Fv!zy5v0K39Pc)pt>&V?iM`YC2rOtsy`Xese~u31$S zm^gOilqAl0tH|!GWsR!Cd}F)r^A$gVtY5BqXs$r22#)K#B*2E_ymTkWhRCx}l;5oT zG25jgJMb=~^qqALK4LEq!xJfxLxPfFb2d(g#Pvb=e^GXhF`7hem~LCsw%ya1?rGb$ zZQHhO+veN0ZQHhuo$uRhvb)Lt*rY0TQqRvy&Z#l zdSY30`$7D}dF&*^%&Zq)AQKln{4MWy`FQR2i{bCB@cd4$O9^L@@<5^y%dGRt77r&^ z`Gsv!7g~oMxxV?9UgC(OE(Q@qINe3q!5L;sOh>PeEJ^~UVf|xCLEv@J>kiX~`&izL z0?w~ynwEg6gqp?#Gf?x`z-g!Wm#?lT$aW1o6{7eW4J{76v>Eg;oBA`^*nyif1~&+u zwLi(SX1}dz{MOsJy*N@Exf;%y;oSldy)kXzAT|{+04Bo=qh3(Oz-O#bf~oB(a-ONp z&kP)I0>9OtbA@hT?$%LPjLoDg)%P(I42IMbKg5GaXaYY&-f>N8iM-p@pe|TNE7k1y z$z@2+CulV)Ip}*OB=4jQseYS&>Q=p)$0gN~Xs^)k+*(Y1cdl<1-b=lyY) z6v6NSDfz>rS+^Zl)=~irI7JQg4%n+W*Y9xuzJuDD1q>9DHVh0D{zV(@gr?Ws>&V_O z@;N`<^cCV zRoL4NLKL|%X^;OB9rPV7p=BMk61gBpqaeh(H>QuQIYgs+DIcvwW70F_TDh4?cbm<8 z_vu5wO+#8xXkOLwq>)5czyiDI7u)N7!-YWi7+AVOykwrFq(WwV($X`MORHF;70Pd1 zY;!tnlTHqWVH&IKqC1bq_uzr<@!xjFf5x+|&_gFSu`DTxwi1x?&pMbJ#|A|C~n1_d4DOi7D2BCqB^~6NW_%l2o15vyln0t~~_+ zPLSqrK`oOWKF8kAJ#)%s?NrNH0uUgminc_C=fSH>OL@Yj?)^3D*9F{_>hhPbR5MBX z@38;s%#A)25Il%PBMj)FclCXZUoOBnDgu)Q-PB#UxZ;pN(^(a-NiH^rk(-2Mp59NEKpg{Sru`UYY{uBVQ_tiXwi)u8>(mf6(cLh&m)qYxJT>teP=MtCCD zq>s7*28s<4HylWOs`00}PA!eM6BPc#k%#&HwQAZ4vA?{ckEZ*t8faZ~W<_uApmFgmN4Jch_^m7En?!#LCN17(g$=m;eErx|{CwJeu-46xDS?o) z=@<=ZJNn*-@(SsSj&Z{o6F+aaTlkc;-Y|X}DSz!x)Cy1waz}M*80Fd(Dp>RH*>7O` zd!gkc2kCstORE?Y$?oatC~U@1F_wq($8XnQ@VRn*3heq~tjvMjB%k&}z*ec!Wb2g_ zCi$U=n){@(b|dyDL||Ayot|x6(tUt|%#yy$$^JYYe4d!%hyp!i@3SbDu=s=hirLRR zr00{F>~eZa_5Emx%~dV`gfFD?k!-yOuk)wF5nNM95k`26d?oK04frwOjicA~3735< z@EXORc6ieYK6f!wmT zio@Rz7V{5Q?W*_z-(q;E_PHzexeLa^^7=~lC$t##Jro<-&n=qM%TJ>Eoj3GUF)9R_ zcIwpCuS*E)+%_tOWBwTzS>LTmWAv@E4Qn+K8yuvWT>MHXC^uBwLqF(C2xPpZ#(Sdc z{q^MgdAD;g1ONG6zl_Jk{VDPC7W+QZLogLmo<^Ux`m{`reLOKktB-f6F(K5w?yhj+ zXb-b1bVR|^(T()0x3`e@TxzVC8m~{(-NY}~)6s9M*UO*@;#pZ`F}=O%Guf-ZR}C;~ zxubSXWOg(zqtj%tT;hK z+#fQqyy?-5#n}z4n#QuvF!DKxYrk( zFM|-#m<`;R%mvxu@HlhBjl=NqbJ=jX^cc3Qq}T)N`d81ZTt#Ql(gdHGo1c9>b5evN z1NLx4eO)+NRExrYtWu|>HoCQ&l`Z+-<|VG%rAOMLP8fDWl6hweg-vp{=2*&G4a+zq zxJGH6`egsQJ7irS%cfOyM|h_PGx8hh`mg3+h~0PT(7>){Qt! z+AO*QN%c|8*i@o8Fc8jaUNi$roNs(d(2vjrwNpQRU!%%v`dECEC>lW$x zHOBkb_qiBi?$1xai_dj>#lXT`&1USKQv4L3S627B@gh) zk25-!c^D?0W#R-9l(l)zDl!UuE(i{^Eeg-HhSDI3pshjgIUkmHSiP!Y#ykWK);s&lg7*T}O<&o(tEmbRP2@>pQFDA8_hV z4v!QdQOeP2(1UyUz=2=`i$vQ@bvdB4^FcS9I`+P#Q3e8c1JYB-DSkKtS8`%PK?+ic zCPxk8-j07QE|wH6I@$f0EK{vUzX`$GT7nk$z5SJW*v;R`E23)cN(NGi>fz@_ER@ zkb#jgyksJApN*Sn)a-vlgE;D{hvz9c`_idBicVn+sfX<)tA*VDnPb=++(;~{aO&$) zC0`VEe1U4Ra29pl+j<~Re`4#e`W4cm>gayeJ@4LhPVJj$?GgM_5=k(h<|8g= zcc`Q=4Uf}SZKX)>P_vlBvM`f)eY z2R7NLGeQ0$n-KFYoK&I+4wGMTgv7DU`p`LW@<9=#Ppsky*XcW8J%^4Xj`cn?&}*hh zJs0iJi*9^_Jnh`t#de`tm_EOmC-kNbT!NFEA@*0%yNIp=Ci?(3{2jLhoa42Zu7LH3tvar0I(Wyxl94U5Gag*({Eo`Y!KOP6J-@r1bFc) zYZ=^)qFdw9t8M2l9SZT3;`^Eh+o|dkQ_B1O7TmW&*eu9vy)5Cw-L^I+ZVrzg3B#`s zRKIF$Z~+_ghtZH2ux@^wHdU3a=Xs~5dXj7AXE&-LPXolH_x_LBE>3t)*7D>u215WR zogtrsp1dG&+Xj9(3zZelN+;~r?CdjGPef$<;SubHOY@0OJ1<{}bpqX3#%sqzF_PN# zp*Vu!1AC`$;9v&+8J#$1A4I_r1^c|@+f<8tpL|0p3u4#`PIK6*k+AC3a~8@ZoKr2`bVOq+H?eL9(42gHSx};X^uflXVj|PX&$rkjF1wP0lpJNGr z+ln#P`~!;Q+t$&8vv`KZLUkL~eS>v4`fEaQnMO}W8NVDm zUBQRims(KLGuO6N!cfQ;MqOh-6^pcsz4WwVY|L*YqQmBIeLmCs#R!^iwkd+x5r9N zqJ`6_`{o?USK~TGWlpNt9%vY@=}k^!u-b>eW!s`0I?HR>X;GB?M)_UWxctv&neMJ} z?qGloZVCXA4=rwem4}+A6+!{7O3TUF34F}vL(KIBxo(s_L2ItS$aFD?!$XA)OK`g! z3JG)45NlzSQyrIQN+Z*g2HvR{SIGQa1+>+x{64m_Vp~-Y!K?92v-4kxuTHr!GJby& zk(n20(-4H4-54XM0UK^zX1Aw_-`n0*;_frX?2i#NY@)QdXx;@APSynFI-%|3(9V}z z{*20tUDONGSq_@Xl4?dLV_l;^l&=s(eBl~&-E%A`=xxabp`4%6k-raG4D8;n+R;M# zFzXi`kWu*T2|pZ4dHZbTPEnI}J*NZdML?h4uC(k4<7uorDcd${knLw|OgHQ&y$)Q=~?KmE#FoMt* zrm$aG-zJIF+;1=Y!kD*l1;jX~l;)o~Ypc(KoX4`2pezb!XlYf}DVnc7`#JV=jawmL z>z>MsaV_o?z56Gep(lO6`>{cM zdVV2i6$)H-t`~pqz z(S-{fr^6a)bh8GU5go&Hm@o!E?3ePo56c_Pb+z6p-?9&E1-I|qvy=zKpYX8ZhA^!~ zkg?{yM_S+tM zRSnI2(EtzdJN?O1*V8N2+&)9}Q+p6xwt5X=xd2&J^c#S}R_}EN#VbpaD$5k_38^#- z`F4xQ*k!KhHlcJiv!4Gp8_#UIs<;hbWV@PjS0(0N`p!%R3GgR;}M9atK{6pMa^KvSZn zI|GIUTH}mlcA8-jJ~h2(2nA?WX{5?lZtOh^DhL6U)Lr6s%J%VXGUz9oY{(mOr8v*j zT5i8s;KO8Jd{SS60{@)*G1zZAs5PhTq}&AB5{qQqyHz;tmUyNbqq>~A)JBhdk#I?? zf7lRT$gJL>qpRsWf)0FBG9IG5G;WSCXPmtfNC69xkX=+DhwcuJxELep*SLxUPLD1T zFcoq>yldLD#1}fMG>(IzJ-b-`sSXp&wGf zx@L~McpiKEJ}dJ>G|XeryKwE)LE@PKJPzs5DRhq;1Ndegj{NmcQei+0CH7V+3E{NK z$-!j1^BP~&(k5^9;Z*k!_5_vN^gwsUCwr#5HR*nCq04rQnuW&hBAobT<=(Mbg^^=Qu z{5}XreeRHHT@aG==NYmmW7<=-Z4`s}(l-50ISz^17l^Aj{;R*bss}cdy)BP$; zpS@Swx4+_d*l(@_Y7<*mkjm>9sHC8?6AcdW7m;95E+EmLGq7|WG1XmyM>FXGdm%B0 zJX7WZVQRO+LtLP5k*0FF1Yag+%85(Gc)U1LU;N?Vj@Gj4WJ^Aas1z=&v zBFl)%RZ5W@Rju$C-ycEF)i`+Tljo!21g)?jC_1krTj8Rr8O1`3yHeVB8R9=qEy)K+W|?#mRb+6va6i9+jMQ$0%HzV zNeQ?8mgKwcZ>u6p^%a-g0Q|8W8JH}}&*z%z^<>XP9D|suLREOhBW>um<)pjf05uQE zRcR0^u&rNjQn;EuLq|*3q3A~{+xSC&9Q6D$y{5_e>nGZ=)#c#n$CG>ooPt_~eu0P!8UejA2eS7ZNcTIBr;`f|yF*`xV#7Y`)sjkMi+v$S2E9Jp!4Zt7 zWl|SbdFjngHups@H2)_`2)iIA)7O9nY^WPuXshGtZ zCl*v!?0EzsS3EVCW?wh$wTEZ`Y`tOQz-N9)Vz{c(O9^W-1{#R1caaEGRO_7*uk~ex zyEeY>SLsYoUi#K*S^S~R?UjP}`AxX%We30YIVwRuo!Hk`=45@XDcPPut0qOT1$wRU#XnemDaQZN1Yy8S}@KLwq3=I>x>3?bn*Y)99E zC=gqzop)h$ovGzz$)b+o5}KcZAzg9oQjQS*19;XLDEV9Uw{O z{rV^wm&sROGk@04kHF>hhV=@p5}6 z_1>JGhQaV58iq#`*S@2m*dlXAbTX%w3u z+6NO4$pb<<9i0Tx;N$%+wy8J(`~KWtOhP-GV${qcn^^>1e0uPP0L!CP2Nvd-#X>1- zrNohs4t7vXkz9~i%2QwetLy_XZ&;(&rZ^d^O^WInf$11A9jlGqF+sfDDZ-_Q{Y6*u z2?O=>{MvHRoK!POYm$)V5Ef4LoGD-&zeNsE*EyWBdJYd(HJ#W%e>c4ttmWIxtmdZ^(VKQ6$XwbNnf&sJ2Rynf>BUEeR zoC_{nC`DLX_W(>+$ZGL$l-R#LF2-A(VN^nX&+WR{$nF02+$x$Pk1rjXWw%0~~@CrAKGzNYmh*Yt%qyisOB?L`$Rd-elC<>Jy0(m00tvj*^p}M(74gQ_* zF-1*_kHt~TTG^Cg$ENw90xVTJcJa{|GMM^`7^iiRrPjMCmN)`of@MZ@)Tfh4&&vFl zUi@TAM7DHB=0+wlRox%(Zhvo~i29l*=TYrZkT1Ja!j53DJPGcB4H~18TpSt7lp|jp zjVe=hC$-8Jcp-t?8#qQKFhg60>>+`aV*{PcP_BexXd#Ri0W7Oe*3Af|MH|#PSgWOm zen#ym@d;F05H;Q>xd&OgXz7Mltc0Lrp*~&yF^zo5upv#Z&S&Nr*}l;6{=1FvdSne# zM^;nmR5?!ooa1Td9oWr;IgnY*Bc*dR12q>pPdo{TlwjNlVbQ;JwhYL>_a1n;prx&U zmJ+-~xWGrHkGDMqy_BY?{QWV*L07;;we5Abx6Cv${R;JuwC7GJO#|t-6oyaDM1%5Z ziJ9C(kZ<14SDpHnpPT6+2MDnD-P_3+MI9G7R!YwV4>uVxFuDZmga|)>{&#RoClTC3f&FZ^Y$do@l$D9o z){Rqua(?24GfOBi*yQoWRH8D3!*`#y8%;5GT*%X|EPc&Gk7ZW9g1DZJbD;MR=;uI< z>Z{$QR>)Z7R4A5|P77h`jNUJ}TKXlN#y&2hl1FHy>Zu^JN*Sjm6Nfmh;Y!T#w#fKE z)?;uTfsa0M8i}*5^nM16IfeXDXe0f$ps|YoaP_Lv>_W&uvQIyTLj+~NxPKsix`Dw6 za>-LO0RgIrqt?DaZ0;3Qaa6&0AcSf$TL+bRv${bMNrBEv zpzxQc^o(DckDoB265=W9ny2=YKs6h*wm=rCv53PzT3(VCHqllR)!@vcYcd997HeAh zGlutp|rn5zkcr+aF@yRxZ z!)#xA@uV=Y@>dx-rUJPNA;bY;JTb?J;iLnNNXzn!^u)GyN$a}Ll=Pw@c zmkJDxwyF-Y-=9w-I(M}g?|tmOmDY#9d*dC?>OrnUO7ht~o)I{am=kjsK_k9zSo362 z)j`4Z#dXZvBo5{)nP_wlPa*eU!7(~Gb^FYk*yR9jD+c_#RFY<8Lh1J6ztRgHf++)?*1D*SooQ}Aem4PP{Z5HE|uo0Smtyv8xBwsjV8=k9e-c{{USLgIuD{zuh&mZUf- zf~e}cIfBB7sBUCeX$)XpLX~JdK8~UtM*>kVMI*%F)F?T($Llzoc2cCo|+Ebm*Qb#1?>a8Q$+Z_ zG*N@Gk-uE#Tw)Wevn8=8@+-PU>;fB@ZW_c8Nr(AK(anr(QMX_B-HGUTkrdE@JZGqU z2b@yDR^j~%Hs*_Oj)fw$4T(~#pyEUzaqmid!&nb-lz3J6z;ZZL3 zyv7f>g6Aseu2NS^HP9H$f(=xi$fdn5kgw+sPOt9Fx8La)tt+%z?3FD5$k$D|YzO3PM_xYw)9CuR-H$-aBbHj{ZPrWC+ z550BQ0g^!)6)Qe2Bj2?-D?z{3ufpt0O9~KQ?}b_XXHqt-8&gXGWXT(dU|EENXDWfh z^?J>|3K&}rC^OHscEaxm@17`fq>Hy?`bT7cib8L;SAT5OcfBO@*Vd%=dg^~ko-&uC zylm)OghsNuqL9q#!;x`1l0K6-qPO!D`Pu^H@x&QN=XR?sFWIJK#ur&mXmjaThlo4b zEqpA@eHm8g(WWSlutsQ9IxgHM?^J4M*^0%u1Vp@qg<`+ZATZG^5lJEC^rcMg48l9( z4rwWg6WxG!R?$g0j0u@?xpYO^;G#Io=anCQulIf!k>J%B4#a9CfmAg>nPuV$N6g?;ycF!-wW+boGS zgzq0Mc23^C{@vteNB)PIQO1ApB#nivUKgt;2IEYhK8u`+&LKL5IhKJA4D4wOZ=keS{2@augV_k1qw&#c3OndfYccr+>A@7uI20GqhY;oMqc2_;@thm{l z_iuI!-EZem;n`o!@V)*b@?<~~Oa;as_lZ9Ix9|zYlhLW=WwjhAdC*rpC#O0pD3p8k zbXsW|%f9Qm1j4}<@VVm%#(ud&@O*>#@e=y=G4TDR|C4h!r2q3>=j*%L^W*)m=;dVS ziWM%2;Xp!z7Vw(i2uDlaQ?U459j#b`X|AQDU=nS zrwn}2WA?(1VYyXy2aoFe7#5Zl<1dAe(b$C4M=(@TSm*t)hm$hmd60XvpCPuZZ1;^GB+>oU>kD2&hV?RD5 zM3_wrkpNO91U{4!y|cc>Hv(E-yb}d)EUAq`alO)Zs<`Es(szSbu5x4fFX3}*7df>H zb~#*1ikocD-DD8)dS*T2e0od~vZr>c6-%WLGI~mEZQT7y?+^9oR3}p zeT0XLtHk31-r!lzoqBS0>KoUPv)fv)L3`b>tusNJjut2xu(s*4IkPCTCjCSxS{|VW zDX^n!<~2-Y1Dp9H?XBF53iAXe9}CJ*AKkO7yQv?w_wYF{5|)L_^j84PZm&6%vE71;pD?`M|4x)dqy_%L!8 zX$p|gF;g_eXe5wA)Dio5Xe=hZS(g{>)iRBM;Hc>hKdMML6@Mk2C`6#7U1&x?qO@t4 ziu>0iC0T2(WswOD91gWLg$hyriBh18mVi?Vy^!@~qEf)k0=6;sw_{6?d3<9z_4;dG zY&E9zygNWXJAsR{EAS|RgWAc;C_Cl8mKk!E!ugzHETe5v7!3lKR<*(n(o}?2yS$S7 zi&{ZFU*_0GS4Nl7l|IpD$+MiEIps_~sje{aXnMj{I#xad^htbFH&lMj54&i%lQ*$+ z=F$eu&MkgE7@Yx4w1LBW7*#oREwOKvA{D`*f=~69WpnmGV%Mh9f2%z+9u`ZlN2{50$FdZplyS*P(2QK74e7GLhHiJk>5n7^pA(>? zVzbKhXzJfC2q>OTVWqM(tF(@m7WpHZC$aVAA7zvwwKr}*f#f2%d=!u@r6WerE?ict z`8Ql8Oh91gvnTv~enH0vX%m&4Brqiz->R)`>e0WYD+eMdhQEAUj8&R_VS~wZ42|KC z%lhy>A1}F=GEF}uMlO1J79F}@B($A9YB%ssu#c%{Hq!&OY6l$t6##+=jhMk1>%_xR zpSg0r_Oi>+7NFF-f#or?whzMeh4t_$re1>% z+WqL0>h{V`o9k47!L`QQ^c?RNRq9}N8mKe+&1M;EBG9u?~_*?*TulGb#;fui1zA_ee zuZ8EwS{p5)OB2mgRjWSkj>pED5=k?8k>GPW@+eeNQ^6)Tcyg@zOKohVp_NL};mq5> z-m`(~5m*1vgeG$MlB>DS^kQm?F?WU!21I%FP>8H>h578=rbnTReja3(F2M`f`2_w* z!8=0tN~Mx4_0W`C9n)6->Lt2OnODbLjJ|=q*b^^*8WHgdUdTNEgfGJ-qCr2W;l9*!}$;-n$&7>y$;OdBDQ&z-~@J zCnXq%)u?#b-elOGWdv=TcFF^AIl!?3J4Zf(bMRP}nJjoqWG};7lhQ7X`!9}8$rKZV1{Vx6i&=J4r&shkx7I<7p$%9w2Rgx z5SK8d+>fE<@>q@HvONmV2n(QHhoe9Hc!}F=v0HOKT9~JKdFulx>{GHNFu9iC@T*K7 z#3Vj1G%qq~o;pw4=1pGQA71eKe1r4W;1!{|*x)#DIWxlfZ`l;1r9BEt68sSluDQc$ z>f2;)dZd3Gu7c4vU+x*=lo?c0!g z0nk2{s$8s(U(dCnSVuZwt&ZpmnMO|^TjKW@l%q1j zycA@05`&Zge-!jTBGn+aT>4HD_J0>kjt5gKO*h(9Nkp|}co{9~-B!xl5RMzMTcA$r zZn`TemT@3rq32q_+~;Hc`nBdRyq7-+5bHx+#(r!ZFRO84-D~r=PS2;sIAexvMqZZ^ZF2op z*HAtSRMU12ZfbBHc>!y%px@f&h*=7wITudWe(~A}k@2yvDjHH#FR-xN(~q?*dngjs=Cfb8=G3RC92tVDzA=rD~mDjU;u-Vji zp~#qBLtF|-xH7Zt(HTuCZag3_2YJpB4z&aSJU^2j;oeZueJHA2+ok5uTxq4lm*W)R z3Ldq%H*1;QpfCPK{VM2EPiHnf+c`ZVxP!oUO8IdKw9)e2;A5iFNYcjF($*j_w8yTk`JG_Uvsj%*I_jVH~cA5`Jq2HBC0C>LD0Q}qhWkkla7`6WvGR%_91kN{plvV?O9=3 zg=aCCVcuZAS!Y!hm7j?8?X+PYixK(LESd3pqAkH6a?L4D8glLNBT-sP<`IgLM70~%#=wz5A9CmR`GubW z7fdi#Z&oycO6m#jOjy4Z8CjUGifw|URZi}%)_&<^(IkU&Ll3cs>b^(c?>YDkUM=R7 z#J?Ut2{(@oj3?U`##LPYiy&rd@e0#wx7?G(n1qujE*EB4pLq)VR-gXldiY)7!>FnWBrhK!ScN4!zYGgfN@tvsfasoAd@Z5gqoX?4z*AZvRoRIT=88lDV|P z)>lJiutmk2pIS4bx_9c z?h1hfyw6}(r+Fsr(IWYB(X|Sj}@?rr8QwI0V6qE!aEXx95!9y9?XWa?)->Z8*?wlA^C$!$QtAT$ka|^gT1% zv`GxP*5TOpL9N+4O=am|8b=wfOiv+&ZglkYmrbj>zdBV^V#G=w=Q&5IWHX!lb}qqS zSZsGcR*x#h`)VPsx%tP|GPI*;B^h6jI1EO-%jDnAB$Pf1u(v=?4w7Oh5LR=i6Z@&_1+UO{e(gRHb_l4g_gF-{0+fc58lt|^DMQoL?(ZYQSB z=$N_Mfdd&4e$%r`JLDEePIg?D3Ogq8528AP_h~Loi%X-^dZ4UhJ~RHMRh`4S+X@l2 ztK}8btivo_IxWm-w>Y(bSnade4_Kp3ljPI8Y?R=gJeM|}PU*AkUaz{W#zuo6NFRVQ zmuzXD-SntY91Cvy6dnnFG{{-Q7O4-Q9YH@i3$>KUOu)j0qc{xdda5Ga=ldC!t0#<5 zYj0|jw}SrKu8jOiz7BOV+Z4P~3Qb58R$Qj?7YWuRY6W zD_qF@2ar21i z`=P5&B-`d#2!=OVty&?cmJ_85NFJly=LsH7Rk0t+MfIY+X@E;=zO2?ejj|DED3NAlq~=PDv|x*q_$D-Q>f_` zMsrUy-wPPOGe7#fz23;Wk0$Q5pXF@6ry`f>MiqrFan(W{_no(RTS&DI=c#i^^z}ly zrC}d$M)17!+6xy7`RA`rT`_Pj5he0kjb||*a^K-e1T%x^rTZ~lj2PZ%VErY^crA() z-kEIS)JBb&P#PO`FtC*U;)7T%y+CxzCX7uk)QWB#urE5IMUHEaxb-!==}|W;exC*2 z%aoM%(4G-6@ToITA6!<}_I%g!ewx0w1?%!ImgqMJ>!!2(^l^Qj%$>3QdI;9**q)c_ z_j+p^s4BDy#Tr`9nY!>2ffSl{`n)b(Q9Z;(`1=kBC)GLMg!WPz5kKq`M_h%Uq>!=B zvosdYo=R%Db$klpS#aTAEn#z^G`(hHrUzJJw~?;g)kZ5+$SZ~FEtWqPvL@R z@LDgRjDK}?x^sWK%#Vu(8B8FdAn--Rii@{&WmrQ!I_bWuN@V#7LVRmWj^->7FVNU% zgcuGO{?4yhrl*Y%_dNX>28w7OQXnvf5$5B!;e%lZs6Q9h92iLv2WkW0%fxqmrB|pq z5uzmH?N=j1!pg_WU|B|&r6DLuL!yWXShH(&lm?+IrPtPPzCFcCGf?lg!i7dNjF{s2nQrDQG_45;{z zKQhfSSD`&MejE?X5RdAVfyL5u6gmPUT9e}7n|x!Ij_Uh?7BJ0f(KFFJ$N_Vt%6`D! zQ78~#8W*@~cL?WgYT+oAe6YfXbIP@0G(fccx_!+HCVVU5N!)vvyJ#E+8y+qlq1IPt zh{(zz%^Yf8n8+H!k=K zzVF?#gtUGH?7&T4-}R-f_^h!=3E>c*7!Fr6jF22OB2c%DJiNZ|-l}_sDVdHuRi6`e z4T8H64GreZrILMuzM;ROpB9W)OaQJqEd?>P#R=+aFtMA#AhyF0vh*d17K8?y80O-W zt_{ko;4=mZ8{3T4RN(;Lz(zt4WM16X^7*R%FlcIr4zYWMgeGC*Z&kZsm$*WnXX=52>Z)Co8^LuR*MSE`3 z0<1Hks0lD}$51=W!#N?H>`G&JkPzg-^BR$xeQSlG{U5h3sboXY8@&l zb9Cl^;+Y=#3Ty$q6`Y~lMg&qj`M?Uznj@Pf7woqLKMbgLgE;tq!^RuCi{o%(%ZlZ} zvSKRP;cS`-4CqhH3fJBUBZ!)~#?$pLop=SZSBEs_dEW-vK&|uzv9PJBkr}98Z}*3# zdmmhj3W@@Y`r7%jk1%`sm>+1vsjYS`er`KXg`5vx~X8YIoJTH%@Tnbj$2R) zBKqrspkX~v5m)7O!pZG>v=3;}s->2@D;+s-Ol4uyai(7k&juH|joK!eG(SMOGi39oVQ*;C~Sj z(T40YbkA~bCI<%F`eKhv93&>~fdxf^BtB4Jw6c^v?0dqDQDC#{9&vN=>}%a}$$P*G zfGNu?FqwdD+S)JmfBDRtV(ySzT$QY>uZXM}J^`VY9$oE1EJ65^m!4Cdf_EE+yW;N^ z@YuKVjM-KGtiM7*>jrB$Bz;OSjDik@xD^RNr2nIDOm^`Y6}PZYT)PNUF1x&3KR=o9 z%rL4g@1ei6IC*36a0{oDnlj&uspX`7xI@$d!G5s z|AOJN82Bt!d|uzCuW6Y-y}tLePMlBYk=vgAjo+hbp?5Rf1cQ>F;KDf*1w}7IhMLfE zC4rUPzZ7JxafzNVM{&61>xCjj){5QC`SO5=#bOOeGn^jW!Q&0sc)N)>M=SeVWcRXB9CXZ8K&QKLRU1wN0DZP9 z-xP^~G~EZ9=O<%8xQSQ!RUY!B+K*bf9VWp^(4MJhEPJbQFsZZr0(Y{N@&>X+h5iB8 zv9+RxVyW%JG?$` z-pt&bd+xlM`B@E3uhrkTtG3s!+LaL13<%q9pbWai5V3T%P4uI)eeAt$aP4q~uBHnG zd+UAixjVgUFX5%%J2;ga``OVu+@tnC=jtui~Wdj)qxMSI3%3=)m`X?WV5 z=(EPwC_6sJE?ys*!mt)wnvkstc7cbGI24jb5_dCAC=!@EHf% zRc@KnpV63PBLR}punr6Cv;_6P^g-rB_I%H*A{68N zp4JG&+ZT5vmr}n^Fr9vVaOfvU2Gt#tj5ls#Xu({(x-_**SuIR6^fQJZy+5<}cf}O} z-e`mjzh4}Xmk}+MS?M9XdbGfUI>&X!Cf_pA@m#A3CqHDVRH;*vI(|+WNHYm9=#AH) z-jiD>>{@}kBzg9-fYYZ0mHK10={ONvRG(B(fl3O{7qdhC-3!YzPxFrBy_K2Fy#}Rt z-21o=)Q`BCXQ)v&9*OC+4AFzV<_Otf&qRc$L)4@QG=;Ji|43X5v0&z;2{{l=PA1adt4zRAI;K6vEuHf6UfxLZ zOs+-=`mq3p}42Mn140Z&BeSgIA1p;lYg=LXB~-?*+zO=9`lm}Wj@8EBM; zhgdF$D6^1quS!5;)cn|#3|ufoNFx8J<>EVV!ibM?fx>md8rnSu&I&UeM4-$qRzMgq z+IvXX9{bBBLLtAz0hl`NdH+TJ8r|hFdj3zw4^M&}AWS!@2UQIrPS!$j zfLLABIPW3!2UgKO3$4*L>K-{RYV!j+xSu7FKNKED%!RPgWO?y2dwe)nFB*zl1|+A6 z5qiHWh4p@3ke-3IdlB3v7gpnNbAHoD9@AuAhu%p}9Xaxg|WD}VQxw?bZ^-;05fVUcxR z5gk9PAnG*rV|N+5Vip$o2NlVYx+ zn(x83GZ1VM{>EO5i@^e`<8YK#^li6`H*XtDGw>r&iozda#0+H z2n!Nu8E_WNlIWKA@J2}qs9xCZ_u!ht2XM4m>)=khmBtKrgD(%q=ztGeL=ae+b|oig z4bUkcgBU$IuQ+*~)QOoG%)h=3;)4!sc7`fZ-d?pFfxiu!)oUEo=;|%8!KjfsYuB7k z5M)^VO8jZ>icwg?DmFw|Jz3>CdL4I=A<&Ix%0^HXbw}myiOq(Wt2%MQjy#O~YLSOf zi&)VzfE5Zio}9-=Kg&ux8x=^Drz#jgQ?^_uh=vc14|}m7KD?^QGhz-i{#kOi!+a1u zSh77llOEP$lT@oJ$ziKds(J-F<0d-h0DMG_MrxVOwO^8Q#N*!ky~=zQv;e$)SW680z; z?^{#T<4B#dpC@A{0pDQL-@NE+;uM8v)?cZF7?fIV?|gLFEI!acm#H@^+pnH`mua8E zb(vCZq-Pb^n=kBTJb7?2VnM+m#w@v!vih<7#LtTQiP_Bv%{brypFywJ_o{z*sHR>{->nCo5^i`8C@d< zplF#{HXmT!$h(p`YF)qWn%^GQddQe8f%j9Gr9VSpg<_dZ`6Mo6UyJ*9$T31>)mtlF|_4PtT`Tz_mLfYt%s=G(pI0gSA z|MGc~%%~DxsxKyemAhDcaE(_G_kPc8Ad_oC6F|&R@|sKUhOlP3s5L%eI?nzScnhm3 zdI%f1aT@@0qJOUHn}1#hX`QA@jM>pr4C6VyMn0&K#@3qi2ouPxRZ-KR{I(qPv@?2K zl;yPH|M3l^H=QUPc=kCHAjJJuXyvm50`?7JHlma;7sfgyWL=RFSALYb?cN#WIZHl% z@EK<{p2hpcQ#&S(F`-_+Nq#&E*3{lbLRGKtKE z;rk`phax<411oq5Yj6BC`p(4!?r58hvN4?)I=HR?Ihlg%D8;C=p7n%6hikc}&KsW1 z>jiAdM<+_h5M7or4F;`se`YO}JYD^geei~JqSn+@r?#aL^BAP(Vjij@k)Y$KOK*(g%y)Dk9x`Cr~)f6wi(ttF#H2Lb@B zegFV?|APcN);5NAx(>jc%)jLjtB7H=?qNU*xPJ+a!vd5Tob`BPl}d<+)N3fI{puvG z#M5?gGI_l3ASEmK;MkLP&f9f=#tkAg7htzosAroctz%n9qGxUvc``)RJu;%Z4fi#l zSUdw)F9RoS)t(LQ;4AbT!_`g`Z5kbXP_$nMI7zHb$bR3q= zarMqD?o|){P&M#r+&Qr=qc+4HG$;3&Gt!Sm@kg(hD|x7s%?1)Iwl;FZ!<4btfBEB~ zvvQp9_?GP=qF8v<+#=p`3zE~)>c*J`zn}*w&96wDU#*h4|1yv;Jx}l@Yd8F8{A8VY zxC+p!0Zwv?YjxJY*Mx(p=6~eJZu0`) z^sMfXi?3I~vw}acX<=E$SpE`S2zdhT!!KDsT0wItHdLZv;PnhI&Lbx7Nh+Q8g$yl1 zY7{Q0*Cht;5E>>n`WG`j>U4+KO=fn7Mw|D7d~79F#wa)r1j$Vz1kL84B0rZTY9P3@ z9wsn>j{-j)V-K`O>;(7?funrFoWtO%BP@-MLOSO+U)XDK=Ua|Zi z6G=ZvqXrVggN|>`3*MKg!a}FUBm;0K1`Q0W*}3s^dZkE<{9)lA6hJ>o<&4>Kli<-_ zz<_gnt@rb1Ts-w3xr`NT;y{=r3&@d%3Ps5lDhlo5kIl0yHrziu4b7nAZ)CWmK@g4= zZf7?f{1Bo9GaY^vWbBoW_xzhs5vcszP2 zJdyaHAN*N@_*mrhc#LRt5nRcHVPYjgQg@^;mw)70jOB1A-h@)ZGy4pXzfvH1X+|hlW9LI}aZzt2s z^#2snXF){6NoNGxC3<~vV=0q8$rUGIT=Uokmx^P~8QOA{>^&6pPl$1!eEIVA9f zBa{>wvLhRWA$KGJ0>QPa9^(rFr$)gJAJ*Q5KFwn6%viJv3nHYkUyK=dXtRai7w|I| zf!CMzO56QkV2hz%AUtMPW4dg3gL{1F^>cA@iC9- zfj_lB2p5mQF?jYOADp7HXn6zT4(sP(2hpUNa01@K$+OJmO!Zz6PD9yp5@lh; z(!tNk@o~1_6leF%;$1fL=WBWnNwQKmlg%Ze?0PZq5~8;A&W~X%AEM~sv(K};J1Jc| z-)CPQIop@$cit32@iR5L)_qng?-C}6-Y#F6xLc}}QALGx#B?S^Adc$%v6`$$#^rf= zp0zb_San&2$eDOgylBs7^Hz`)X!ZgGdXehDf7oDMsN5=k^Kj#SWn@agG+;QHcR=)? zn)n40jBaEmpwCBqDK*kjL{fB=M-#=QnH&bGI2~&iyIK6Lj7U!7D27KXrjp_}p z^(tfDpjDq|h=S|x96M3?F;>#*N&?Bs*@#gF5@P+DL;9eCI~v8xty^t^tXt{~U-6qA z;Y4`#i*H)x=={7KRo$-O3eMkW0p-}2lsdw#1OAU{I74mRs*fy%AGUNb>z$y~WAXB} z1(|3ZTJ@%w3E>Tva8UjDQx*UPVRUbfmsMe2S}$#750Jw`!!h!aTf!7ctd$~o=HXv( zOl9fj<^m<+m@f3*X!>2g2t4d;YeDF$&c#vPI1x2zkUQDdhQ(>6w|CiIAqdWdZL{|q z_kYJKI04tgENBhT#k^?so(FHwBHnndhwbgH%TxJ|C8+=5D=pB1?$Z zrsGWSr;C|Nu&;iCFm@7p72Av{oNVu)y72ZKf3U>EEA^>%f$qNR)w2s6f^4^``t)*f&r>^=Yomq>DT%77*#W)7JtWv)VlqeE!)KXc$w~&QJF)WAe=UXXTOxu~>ve4;XMz>GV)((q$0Gjui$web9nQ+! z1iz~o5DN_G&ujv@69)rEp# zYQ=F4sf*nF0;=LyaG45C&2Qs~nUU-X)_i=%o^I7*Ff%aSZE*piB_z^X=jHN?y#7BtSUXg{!~ zT_0txLsWttrij;r8_-GIUI?htHN(Kgg^WW^a5opriPADv&Ici0cfqTwR4I>8oGDW$ z<$xGcNXRdrV+Lv#Z6wXU(}V>XMsS)ybi>Lj$#EH8FuPC-6tdg<^8jPHKvA ziv04pO${2entZJD^9!pXTe~6)$^kiVK(>{b+SM;&qN{4hRl8BLr$i=+u`Nm##gh$L zZcb+j?=&DZ6kKovwR3kMqa^b~ST22f_domC{CBFQW0Vyx)GWN%hy&?X7HroVvE=gFB{UHQiCHZGbY`QV3IE5{`&2nI-(*Q z&RbgT=ybnB>!tHHPl{|VBZ@g~xjGGzeRo%~dFoNo(=OJ(ET=>;iySlWROpf$>xa+id&M5X zv75&ezS}DZ_PCR|>ra=7z}I%@l*wkI^ek?6D((2S^rf5UR}!-3v{NLjU#D!)gx#NX zGomilPts23Jnp3jazU{YhHOmIOY&zh2gy;&D#MlY)psvr-GvC5eHbJXhz>E=7=a67 zQdVHPH!9b`E?NfB_iy6+{&ix-bxg|KgR;oOM2gykHoA77lTeH7U_N&%376oTgLpBK zN3+aknx*QOX2uR z&b|P1OnF7+5Ru@7`6Bo;Obn1g?7HL>1kf?sAXq@bxbhHf#ST0+OQFH2toYe8%P<)} zM8uil6$w|*u5Bvfgz)MmbP^@3GgFSOpmFVKel1H4+zOVPU{ba;)OG{j z`zMnSx3+3W2RGDIGx;iq5#mVOaJW~&e-&=H_d(l3cgsDu=afylg0p3G)i0Rr3Z1aM zmQsCiE87YI)XmheLgcub)|{Nu=yY9u$C~ShWkNsrU^^H?5e$SO=KEmSrX(MGkR5b` z<9?}d=OD2<<}B243VxC^5obnd#;23=bb9@VX+SNE zSZJ9-v?H#V1p0`yuA}DJ7w7}ra?f4zkQY)^(@&{osq!8m_191H!q0n3DdOdpx`i%n zYg^^u^WU;kj1)Y-1ydWd(CKRtJo1q2AxfTaP<)9oSwHo_m!eGG$dq8dOGFzc%ec~Z zORn0|se<$JD{CBu#ER_;9->g^pybPCVX@T^xDIp*nrOYF?M6qJFs>a6}aO{Oh#@ICXp2p6pg*F2x|RA(!XIWa?Y->xF9+&$vj&X02u;)w9exovlwT@g770>cr4|Ufi zZdJQR(Mk{JZvXyyf|Yx}ROiu7=k86Qsl(!H!(H?Dw><@0p5~V)BezA|ohh=O)wbe7 z_4gm&<*E6;)7y<|h3{;VWm`h;zk~d~XQQPdBWHyK0NOAB0D=E<&-TxqH1KwaQLJUF zWwskFZ2=C%MA(2qUv3KsZkmB9Hq|9?Q?_hoIG-4kvKR~j{_6TD&JXZKp)0qX3(oq}mppoi8$yY@15lW9|VhlRrCV$m~l zQo|TTlcFdp)D(P%SfWmxRG7k>HIxBYFb`eRTw~J-Uz0!Lo5>R_XW>ZLAT%kA-q6e; z!z`}mutCtqrJgQM{92z&2F}Vquu3OK-~^TER0(#gk1uE z9uAw+w>HVT$b=+0gvZ0ca2lEG3rg6?@?@BbKV9g$`LNuYVfmv;$4$#9^jc6E}fT4tgwFbPiK^ zFIA%zS0XS>Xx9ow@XRtm8YhzbmAb*rR*X2A+m9yAjvXWe$hByyf+xpp5fNn{=%i4q z%E8b*A#UYK--P<^cBl0S1z8jwGBHZ{2oiWp>}co=0{ov{<^cE$Z*z#y?R29RQhA|x zKX$OTG9pNYh#g@IgMmkU^l-Ej5_CE`EcP$B0|kP_#PVj^xc&~3!|e%iM(ryKISQLB z;UBTNC>bJG7?D+FMtdgQrqByjb9b^e(1vZ(?x%Y1`U;YG)!c!^saW z_GJQ1!4w#w>Y|lvcm1iq^=)q$q-ReKUJed!ULrnelN}^Z22JMgB7O^|>5`h~sK$vY zrP359^oVZ9`y4RV?ISTWvHRBC!c?t}rnN{yF;wbZnAkH(A+Swy(64b37yYHPYiquZ ztJ_Ye2ntNvJF96TKgwC;R4N+j+Givbsx~K@lkNBivR+c-k4%C+eqV?zUdUfg+nq_{ znr-LRw(B1j0%O=0E-5Y;f}uKp=;?IHzOs_J3rO7O)-)GK?Rk~>H6z{m|Mu+~m@U;jSgd2MK zkm;vfM%l#Sy7BV`N!`NGK?gHijXUk^{lFY!I<`1U5f z3hq8>D%GG??9bOEQ~Zt^GGCRM5(;bb`s zL2x)f2<-y0UQS&*QC?=4iGD6wJJ3y7KaYUZHmJXPsCBzPUekO_2adJZjn@vLZ2N9d=gwA8agf3{s2m1nzdS%dG)Y1#r$#H|6;1@U+mvGvMyD9dH%)D`J^o zxe?py_4Izy7|-ZVZw)XWYlC6@RJs#Hh4`kYcae~7E?D^QZxt%A`vnB_-him4_I!{C zjq5izrxa=-m?X&PtCCwz?xKD^sjRlDbb>6Itk&>!f_IkH?{1eLcoETmID*3xMF?rU zZZ3@6ut____#S5u%6H)<-pF^is;-TP+ZW=S>)6lt4sSci-ZBF?IyaJw*e2gl{arAu z*xh1!6ReGv;wkO1j=)~{_w>D^Fol)|nM3caX=ke6Gcq(*D1Z8xF z2OaVf@#u16!CEU#EO}%cJ-agTv~zFA6773WM}uUk^9V;7Un3;9RLOd5(q&A}^GE^O zqR?Y$Ov$y^@3H< zCBiUR>nwwb&>MwLh2c=@xJhAntlI|bQMY2kw=Mg zm@hxc!Rug=K85Z?P}F3NvoZ4HCa9!wjKGmQrz|`-Tg1K$^#0o*WJvauYxsz1G|K-;Gez1^`iKc65ue~a!zY0W~2(d0x} zpnw(FYRC6k8R{{`GlW%&zEEcc=KiFkwd3~##Hj8>oPQwFEccifGz#qtlT9Bt)rpzj z^?eQMvG9bB;s5C-A?jk=^?eEVqQ~!JH!%ezSm~SO>GA1lE zFJF=uC;tBR=HTSpbKW~aCcjW$`3>X~_42OXA!%oSI;{6avyNcIx(NX9#aC*NA%4d@Ij@K*|<^H_XI%i%Qv*&>Ine%Af3OCH!F5YaezXt`fRdX#MlgdXJi_R65(tq(o2 z0BD z`+9bsFbD0^4%ddddz5!tJ*UmO;ji9&*1}x%=F^H?hmS^Vu$w16dVHoLbK1z){&mW zY0r*TEw_P;rFl6qy*{z%E7}G7=T-2oZ=ViZj!epx^4Oj)7C$VOWHbpB^_0QlfP#oY zdx3vIqtD2#{@L{+@E%0N?rzH#uw zT6{9Ku&4F-;YNk$=3cOnNX`?W!)XmKVJ@fccl8w;4ayL16=c&Bt3Xo{PLgWnVB4p- z-fvSl?{tz8l=ewwcKl1NS-&>Hbg2N;5RAs$QuW+LeP9tQH($c03s}bc-o@+Y;U-Dx zE1SQmQ1V=CePVtCsU?&>B+aYvu@+OEp@VKsuVW`CMH$e;vo0^Un9Nk>^P*SuGe4XbfTIis>5E0 zB=2Il5P(i7*nI=bCYVU-%$Mb(KQD{M5v|Ct!iTE2Ay~u*Y!gQLXp_YpWuGRo?57LN z&Yaq)bHwv`m-LX{f|+7Ra%nCe^uiID#pEaR!}FQ>hiS!+-0$#DB?-+#O`Rx7YYM!=UMYJ(dEj_3_^A=!564@Y{a8J`4i~p@=aSVC?CBM zZ&7S>LODnQ6~DIX;b3@61srXReU65L=-t5Cr^G$4z z9QN3_UAlDK+ch7tOdfa4_ZH>}R^5Bz&t=dmz-uZ&SND0^YMOaelGcCSMG%+|tF3i~_Z-3qSuJcv9o4ySuTVUl*nN z4j%BHia|dWif7HsqLX5tSQsv@^;n5h`4RtY9NE+A6CN(7&e(Wr`H#gOKPQb@>Yh zcXc1~RRmpC0)AZ=5hZ6u?v*Pe;A5q5K5)mosX$iwSnc(%7DX*AZMfBTn|ZU#gq2q6 zRm#Nn^b2qlSinCM(2EzQqiqL<(8<<%zMw4of!}#V*Fu4C+aRb*FqS9 zQ|c&TbrP?-GrKknc_+o@gadKh#)KmPeE)PlSY%@LzUx>24&WVigHdRFjeeSFnXFEOCWZAY(+XhQQl;k1qnpke@HCPE#W&LI zwx2(#f^k(?uh1iD3kzB$l4C1Dp=R?5nATD*b^+h*VSJip`kkOaQlpGFFH2i+Toossf%KY!12#&DY0Kn*MxqAN zfXoDCGPr|L*e5#%EQ*6=2h$`~;cEW1E?YG4g)8k@TswY_E^8+&oa_y`D{S>T2C669o+;;+IzE9(WDPfp8rXIV zs`dHJogM0yXWbfVh^d15L>*R;1f)ICq&~;t&IF}(-+0#HE>SozM9;`I5x1bC>Zb}qmTe|o4NDGF1R{|S z5_HXTvG8niAk2+=X5x+`;dUu@1wMqJ?~HK^ddo`D<5N;oC9Acm=2NYc3htKME>ko> zi(9^$%|`gHxGS(hIea#W4*$SO=oar@mpFG%^il%Ari6R^dci-P3zuc-VVGb&#wh?s z1D^9~4R2pqt#x3^teJu03kEJ^nrj0WoV!E4V@*`{mFuOfv=%eil%e42b)pSEi{hQE zD=5h*;sLdij%@`JbOO)QWZJ_=Yp#{sg_a9SQE5%f(+LCYR<0q^yUHUy&x2S2sCy>^U6*%emipq7n8rN2ip~gjsytND zsPJvmt7=&)Dpe}#_*@6-w#Xna^YFIbkl-aZ!v^3?i4LYZ^clH z2{Y{(&2;W)mB}^r(o1ODc-4bi9aSSk(w59iS{kXM`=)-wU}!ADVkL#8njrXo6{O~j zSsm3?1?r5n=9o5b?81R41P_`sN*2O)A`W7@xx;|PvO3zfd&?hcaYeLI)n!Qo4 zQrm()FGSL;ixyVDbtM&RoAJy5wQwnsE@Gcf}WXx{E0lqn{w72wsdq z?2fOn)m>D4B<5x7Q62J7a!9}{!F`@D3e3sOhwoai)QeYi4)}?~R>Gq_K)-GTX@7CI zkqYY(+K8t}F3tP8{g~V)mZo{3+IVXP-uOaSY@k_)bEh6&lpN9zB-fw zPh-w747N2bu!=}=RoGmm_2tNzD?~aog)rjWWrrWev8k_-!-Z|AnaJxC9OYY=_p~}E zUYBRkr-;oWiC>IVGt-Y@!!Z5hmkUOXSVcmM4CxhzuIP5uuEj8==I#x8*Dmo)j!O(z zsW`IRMJ7r`(ZSd>Ye}qmS(A9uvQ2nX56O40Q@4T;uE;to98{$~ee>;Xw}{WIA}ZS& z)(^{ikJmKgSggY85kk|M*k<&h^PivJ=tHXxTFGs9jD;v&6w2n=pJ_Wv>7Ts*xl>;W z)l@7e8B}xyTF>*40RUp)PTj;s&(739*W8|#fsT=miO#^(-htNC%E+2tT0~JmSU^#r zLePee?ewxl;&Epj74!CFB8yg)^9|{wti}6b8Cs_S@Vc^j@7oqKU@65ze3Jx$#8&x?Ja2@!h zr3G6@a7~?nYk50zIsH5)=2=)Xi8feZM*5!bX!zJdZdZs)UTyMeibjdk~5%9n|%K?dC9na_(RiOww0KNgq_Ap{nr&6`uKa&J>aL}t42zFyZ^zw9ouubr&~ zXXaKQ#=&|nHHy;fHrCv0b&W0*BTf#7S?XB#Mn^3awbbHuS1AM@Z5Pi|C zYMyQfRgqd0(a$KRTItfKQ&J9Je9X znx8TO0~IInI*nJ75lr`sUvKPYV;Es?IzfVspxdEOR2d6=CJAMvODkY%y|gvs5zu2m zcN*h{Tx$S;W-}mBuXQJ&UFp3B3UjY54>b3Gd4beIpR%EE&pb_~H@rglVefNwxfXVf zsB&J*428vzp_^c$3Cm8N=4ua(<%AI&d+R6Hhhc=9JM3DpjGw#KU-U_qSG&SLh7dsA z165-}66Og%Mqx0d+CdS&DL$<2ESf@#gh_IiM|U=a+nMboV2kWE1= zJRBxgjCpmFb@4K~v%NTadst*IhPz;)fHUYcxuc{qfF!sfU{q}nU8(#XVxekA@G6Lg z?0ZVOkgL?0=?GRW**LZHq1QkbWn-qJZnO>Is&wJY_N{R6V1jHn9v8U==Qa_3trW3( z!h-T1n<;#Z?@|pF*uY`}g{0{M8;-sX;sGO@a$& zyeU5p-w;O?^dIE(VtJKB#u_su2$7Yjvm|S!0rnpj;_}U7N;a6w&rX8fs&(FQZGOe2 z^EtV$tcMyJlzCt{yW4F5s^GP*FBd)*(Hv~=^#lxrY^L5DML6Z~-;3cy!?d1xo53oj zyWte|PD$?G^|2A1#7vJlwB1F*VcbiBG%ddiZ`^6nS%g0zfruuC3PKlO>D+GIW31Zd zNOzwSwr;nW;GDM4LZps{SGJhUY5Emj#(PURcVEOq=8%Xn4o%&JQ0HR0?uxPNbOyb! zHCQvQ*R!f{FVanBoKuEMC_#g%ON9+jh%S15D_(><+VcMXrQr_UZ>bRN(b$H!5KK2* zwcpP7WN#j+Ik9SwD(f2E#5P{^OF@Y@JWS`5kbKZreM{FiQ=>;l+Y^57@eRRTdU)RNj z?s?gN2?!=oL4V$KR$XC(9N_NP(vT~ZLaC2?+=@Q$c(9xo(U$RiOZxKgMJ=x(6r4b; zzy!QIJ_Y9>^)?!2VzC|yyVedQBMeusQ@(H7oI0kTL6qQAytEL4=}xISVku3{Wi%ii z`H)qo`X}s9NP{1b3_LT#x{T}U^jK|l=1Di^+Q?6c24`Hg$nV@ap4+Bh16U;V3MG%1 zVO_|N8e?Ud?Nt$qxFsy9fzzu|>4{*bco6=QBUuT(Z{$oLFKq-`rN<&Q)bZB^CxJ3v z?C6{Wc#`z*8tr^v6TlQV_X6C9J-`{o5F)}V%sVu0J`CEprU^aoJc;dc82{vvcOU0{ zK})|vdXIN|O@S*UNt`SCxMvxQ5dNB%P*=I-aS_ycFX@i@Q|I>3$|Nc{I!oKLV9<1a zhVsE01$aE?)xYMUvW|djWu0ZU#9AqtatafFGH2=bVP{W9Nrbo}01W0;sGx9885%v= zEgVsT@282Y*Fg{;qZHK7>edtX(<=04{KvymVdnVn5cQ>o(rxfY%1i98haB1+Az?;EViU7R(`8?Axgr})#jH5SEdl(^-IvL2K<<7;sddgo%1v?Ea!PCx8@Ofpo-`kaZ_52p-1q^e3z|9Vna`{DzynjLc1?Sp0{u_|5d`9>vMX{;vWt5So+X^|7FF8 zRsF)&e0VG9&SBbkj5{-uCf#}{e{K2~f)h$u5kTd15Gr}p-^IM}{F88pG8GLWqMY#f zxwf~Rgnyk=oNOe^XiO`~)X9cM?*x6+p zN@h3w>2779?RcCbB;yi!KHQEusu!FW)D2RI1%#PCR7g|U5cP`yZby@O+OS(eomHZY zTB4=Cry7HBh*SO#alogB4wtQ?%A?9NeBx@a5ALo^%`ZkOYlex*V%Fbk<+|gZCNnJZ zmSEY>&@6LzrncYms1T3>I#W-Jif8A<6Yt<3H11iXz3w1x%z|q$b?@WIES*8Q@DC}h zMlvzW2!3AZ1V>7>?!86E zE}F%C2U(a4)&~F2mta|<^q=2GFTOt9aRT z$nkpH^g->h(m2vYy2fScGNuahP2_mcsCmAp}RrHg-A&`SNS9-nZ9x$}?jR zl4wzKyeSw=_e^=qkN8T&E#YJcD+;MpF?Ba#tP%j!jRxy#6+$nGSHW|rpwd0WrLi9) zoZL_x#4TEJs!!cbR`Y2QFsB#+u!;~k@S7ZOVIYdxuvM}w`1VKJVy^L}EvwDO)7&Xf z7A^P7&ff?Qe#y7HrQNwimV*ZJcX>j%=OrAoJd<=;NBM`+r3(oa5E!Y-n`e%#{P=0y z1`Dm+Q1Vfll=Wu_iChVCt|#NUWZ^I#D3>ItMJ=M56$K3R>YARmbXV$)kpr`K$i4OzKp(&rU!-R zwmR4u2v>^jmZ=cj6Oa7^))7_9E1hBT4JVv0X^{=)K|D zd;eqC))Oj~m}#ADC2{TL z-d15-S&(jU3|Yrf)^FmJm#cy;SF_Za~{tSVdD#3gqxDTL@{Cv6Pr)+95@m++%Y3QnHulD*M z&1L0b76ydcReCNKh~SQ-XTsC3_iB*!FsM|rI^6zFh6hr02lb_-=BP+Ki=uO8ag{@|6}J)udQurW$K`<4fJLEGfZGpIdE}1^iBgESBF9gJB?}z^YYy`N#GEx2}U_9~vhH)~qGO)G-x|rA- znEw_=`DZbOQo&@UfUuK5SmxhgSAlB$bLoDE{kOWNC^bKg6R@q!0^<)q|3=_S_8$=F zTU!~K8aw_iF!V3f0W-M$|G0fOTJhZXjJ6#tJwj*#WwC(t#u{#PTj&m8@vD^NqD!0PAujpUW}KP378 zYXXCFY6H2zCZGYd`HKBUHO2WKQvC$CK})AphU9|5Nh6Q1FZ&E6NER0PxEe08sx2;U5Y5(EGMsMCKu z`99KS|2fb9)mgL+tsMVy`OuxBz*0g701P{T{Ao(4wf@iP|0eEV)asveYyMr#e4pCP z|CZ+e%e49Diu<2E^pC3!{{H0qL{9$uRR3(F|EhQXIhg;STv*fp9oN6xGyfct@=xZG zjsK4MpA!E?{r%b7_Mdb*2mc-2f7T=a>KyT(Wq^73cTN@mXG8e|@6XoFf8zao|5teb zudVaXV1Kqq{u4|K0P-)6Jb$xK{u%Vo_Q=13)`QglOVGbrC*>r;fkQU{KnDET0#5mr KkiZ27;Qs*#tJcB* diff --git a/preview/node-pools-bugbash/node-pools-bug-bash-hardware.md b/preview/node-pools-bugbash/node-pools-bug-bash-hardware.md deleted file mode 100644 index c851576f..00000000 --- a/preview/node-pools-bugbash/node-pools-bug-bash-hardware.md +++ /dev/null @@ -1,355 +0,0 @@ -## Step 0: Prerequisites - -First, you need to make sure that you have your environment set up. Follow the table below to ensure you've covered everything you need for a successful installation: - -Azure Stack HCI/AKS on Azure Stack HCI admin: - -| Prerequisite | Item | Details | Value | -| -- | ----- | ------- | ------- | -| 1 | Do you have an Azure subscription? | [Guide to get an Azure subscription](https://docs.microsoft.com/azure-stack/aks-hci/system-requirements#azure-account-and-subscription), if you don’t already have one. Need Azure subscription to create AKS-HCI clusters + AKS-HCI billing. | Make sure you have your subscription ID. | -| 2 | Do you have the right permissions on your Azure subscription? | Required to register AKS-HCI for billing. You have two options:
*Option 1*: [You are an Azure subscription "owner"](https://docs.microsoft.com/azure-stack/aks-hci/system-requirements#azure-subscription-role-and-access-level) AND [Ability to register applications](https://docs.microsoft.com/azure-stack/aks-hci/system-requirements#azure-ad-permissions-role-and-access-level).
*Option 2*: Have a service principal. Ask your Azure subscription "owner" to create this service principal for you, using this [guide](https://docs.microsoft.com/azure-stack/aks-hci/system-requirements#optional-create-a-new-service-principal). | If you used option 2: Make sure you have a service principal "AppID" and service principal "Password/Secret" | -| 3 | Is your subscription in the "allow list" for this private preview? | You will need to register your interest and have your subscription enabled for this private preview. Register at [aka.ms/lifecycle-management-preview](https://aka.ms/arcAksHciPriPreview). | We will email you back when your subscription has been added. | -| 4 | Do you have a recent version of Az CLI installed? | Required to run the Az commands. [Install Az CLI](https://docs.microsoft.com/cli/azure/install-azure-cli-windows?tabs=azure-cli). You can upgrade to the latest version by running `az upgrade`. | Verify that you have Az CLI by running `az -v`. | -| 5 | Have you registered your subscription for this preview feature? | `az account set -s `
`az feature register --namespace Microsoft.HybridContainerService --name hiddenPreviewAccess`
`az feature register --namespace Microsoft.ResourceConnector --name Appliances-ppauto`
`az feature register --namespace Microsoft.HybridConnectivity --name hiddenPreviewAccess`| Verify if you have registered the features by running the command:
`az account set -s `
`az feature show --namespace Microsoft.HybridContainerService --name hiddenPreviewAccess -o table`
`az feature show --namespace Microsoft.HybridContainerService --name hiddenPreviewAccess -o table` | -| 6 | Have you registered all the right providers on your subscription? | You need to register the providers to use this preview:
`az account set -s `
`az provider register --namespace Microsoft.Kubernetes`
`az provider register --namespace Microsoft.KubernetesConfiguration`
`az provider register --namespace Microsoft.ExtendedLocation`
`az provider register --namespace Microsoft.ResourceConnector`
`az provider register --namespace Microsoft.HybridContainerService`
`az provider register --namespace Microsoft.HybridConnectivity` | If the status shows *registering*, try again after some time.
`az account set -s `
`az provider show --namespace Microsoft.Kubernetes -o table`
`az provider show --namespace Microsoft.KubernetesConfiguration -o table`
`az provider show --namespace Microsoft.ExtendedLocation -o table`
`az provider show --namespace Microsoft.ResourceConnector -o table`
`az provider show --namespace Microsoft.HybridContainerService -o table` | -| 7 | Do you have a DHCP server with enough IP addresses in your environment? | For this month’s preview release, you need a DHCP server. [Follow this guide for recommended number of IP addresses in your DHCP server](https://docs.microsoft.com/en-us/azure-stack/aks-hci/concepts-node-networking#minimum-ip-address-reservation)
This DHCP server will be used to assign IP addresses to VMs that are the underlying compute for your Kubernetes cluster nodes. | Check with your admin if your Azure Stack HCI network environment has a DHCP server. | -| 8 | Do you have a continuous set of IP addresses in the same subnet as the DHCP server but excluded from the DHCP scope? | You need a set of IP addresses in the same subnet as the DHCP server but excluded from the DHCP scope.
You will build "VIPPools" from this IP address list later during deployment.
You will need atleast two non-overlapping VIPPools for this preview. Apart from IP addresses in the DHCP server, we also need to statically assign IP addresses to some important agents, so they are long lived. | List of IP addresses in the same subnet as the DHCP server but excluded from the DHCP scope. | -| 9 | Do you have an external virtual switch? | You need an external virtual switch for the VMs that are the underlying compute for your Kubernetes cluster nodes | Name of your virtual switch | -| 10 | Do you have a cloudserviceIP? | You need a [cloudserviceIP](https://docs.microsoft.com/azure-stack/aks-hci/concepts-node-networking#microsoft-on-premises-cloud-service) so that the Kubernetes bits can talk to your Azure Stack HCI physical nodes. | Enter your cloudserviceIP address | -| 11 | Did you install the AKS-HCI PowerShell module? | `Install-Module -Name AksHci -Repository PSGallery` | Confirm that the AksHci module version is `1.1.27` by running the following command: `Get-Module -Name akshci` | -| 12 | Did you install the ArcHCI PowerShell module? | `Install-Module -Name ArcHci -RequiredVersion 0.2.8 -Force -Confirm:$false -SkipPublisherCheck -AcceptLicense` | | -| 13 | Did you install the Az extensions? | `az extension add --name k8s-extension`
`az extension add --name customlocation`
`az extension add --name arcappliance` | You can check if you have the extensions installed and their versions by running the following command: `az -v`
Expected output:
`azure-cli 2.33.1`
`core 2.33.1`
`telemetry 1.0.6`
Extensions:
` arcappliance 0.2.16`
`customlocation 0.1.3`
`k8s-extension 1.0.4` | - -## Step 1: Install AKS on Azure Stack HCI - -Install AKS on Azure Stack HCI's management cluster using either PowerShell or Windows Admin Center. You can only install the management cluster using DHCP networking, without VLAN, in an environment that does not have a proxy. Since you will be running preview software beside your AKS on Azure Stack HCI setup, we do not recommend running AKS on Azure Stack HCI and this private preview in your production environment. - -For detail documentation, see [AKS on Azure Stack HCI](https://docs.microsoft.com/azure-stack/aks-hci). - -### Sample steps to install AKS on Azure Stack HCI using PowerShell - -> [!NOTE] -> The steps below assume that you are familiar with AKS on Azure Stack HCI and have deployed AKS on Azure Stack HCI in the past. If you're new, please follow the [AKS on Azure Stack HCI documentation](https://docs.microsoft.com/azure-stack/aks-hci). - -You must first close ALL open PowerShell windows on ALL HCI nodes and then open a fresh admin PowerShell session. - -Run the following command on all your Azure Stack HCI nodes: - -```powershell -Initialize-AksHciNode -``` - -The following command creates a network object for the AKS on Azure Stack HCI host (or management cluster) as well as the Resource Bridge. Make sure your VIP Pool contains at least 4 IP addresses - one for the AKS on Azure Stack HCI host, one for the Resource Bridge, and 2 IP addresses for updating the AKS on Azure Stack HCI host. - - -In the example below, the VIP Pool has 4 IP addresses - from 10.10.180.241 to 10.10.180.244. The values below are example values and must be customized according to your environment. Please talk to your network administrator and your HCI administrator for more information on these values. - -$vippoolstart = "10.10.180.241"
-$vippoolend = "10.10.180.244"
$vswitch = "myVMSwitch" - - -```powershell -$vnet = New-AksHciNetworkSetting -Name "vnet-mgmt" -vippoolstart $vippoolstart -vippoolend $vippoolend -vSwitchName $vswitch -``` - -Once you have created a network object, set other configurations for the management cluster. - -> [!NOTE] -> Make sure your `-workingDir` parameter value does not contain any spaces. - -> [!NOTE] -> The values below are example values and must be customized according to your environment. Please talk to your network administrator and your HCI administrator for more information on these values. -$workingDir = "C:\ClusterStorage\Volume01\WorkDir"
-$cloudConfig = "C:\ClusterStorage\Volume01\cloudConfig"
$susbcription="Azure subscription ID"
$resourcegroup = "Azure resource group name"
$tenant="Azure tenant ID"
-$cloudServiceIP = "10.10.127.298" - -> [!NOTE] -> For more information on cloudServiceIP, visit [cloudserviceCIDR/IP](https://docs.microsoft.com/azure-stack/aks-hci/concepts-node-networking#microsoft-on-premises-cloud-service). - -```powershell -Set-AksHciConfig -vnet $vnet -workingDir $workingDir -cloudConfigLocation $cloudConfigLocation -cloudServiceIP $cloudServiceIP - -Set-AksHciRegistration -SubscriptionId $subscription -ResourceGroupName $resourcegroup -TenantId $tenant -UseDeviceAuthentication - -Install-AksHci -``` - -If you face an issue installing AKS on Azure Stack HCI, review the AKS on Azure Stack HCI [troubleshooting section](https://docs.microsoft.com/azure-stack/aks-hci/known-issues). If the troubleshooting section does not help you, please file a [GitHub issue](https://github.com/Azure/aks-hci/issues). Make sure you attach logs (use `Get-AksHciLogs`), so that we can help you faster. - -To check if you have successfully installed AKS on Azure Stack HCI, run the following command: - -```powershell -Get-AksHciVersion -``` - -Make sure your AKS on Azure Stack HCI version is the following version. - -Expected Output: - -```powershell -1.0.8.10223 -``` -> Note! Do not proceed if you have any errors! If you face an issue installing AKS on Azure Stack HCI, review the AKS on Azure Stack HCI [troubleshooting section](https://docs.microsoft.com/azure-stack/aks-hci/known-issues). If the troubleshooting section does not help you, please file a [GitHub issue](https://github.com/Azure/aks-hci/issues). Make sure you attach logs (use `Get-AksHciLogs`), so that we can help you faster. - - -## Step 2: Install Arc Appliance - -Installing Arc Appliance requires you to create a YAML file. Fortunately, we have automated the process of creating this YAML file for you. Run the following command to create the YAML file. - -``` -$workingDir = "" -``` -The workingDir is the path to a shared cluster volume that stores the config files we create for you. I recommend you use the same workDir you used while installing AKS-HCI. Make sure your workDir full path does not contain any spaces. - -```powershell -New-ArcHciAksConfigFiles -subscriptionID "" -location "" -resourceGroup "" -resourceName "" -workDirectory "" -``` - -| Parameter | Parameter details | -| -----------| ------------ | -| subscriptionID | Your Appliance will be installed on this Azure subscription ID. Pass in the same subscription ID you put in the Step 0 Item #1. | -| resourceGroup | A resource group in the Azure subscription listed above (Step 0 Item #1). Make sure your resource group is in the eastus or westeurope location. | -| location | The Azure location where your Appliance will be deployed. Make sure this location is either eastus or westeurope. It's recommended you use the same location you used while creating the resource group. | -| resourceName | The name of your Arc Appliance | -| workDirectory | Path to a shared cluster volume that stores the config files we create for you. I recommend you use the same workDir you used while installing AKS-HCI. Make sure your workDir full path does not contain any spaces. | - -Sample output: - -```output -HCI login file successfully generated in 'C:\ClusterStorage\Volume01\WorkDir\kvatoken.tok' -Generating ARC HCI configuration files... -Config file successfully generated in 'C:\ClusterStorage\Volume01\WorkDir' -``` - -Navigate to the `Config file` location in the output above and note down the full path of the config file. **This path is extremely important for the next 3 commands**. In the example output above, the config file was generated at `C:\ClusterStorage\Volume01\WorkDir` and the full path of the config file is `C:\ClusterStorage\Volume01\WorkDir\hci-appliance.yaml`. - -You can now proceed with deploying Appliance. - -```azurecli -az login //login to Azure -az account set -s "" -az arcappliance validate hci --config-file '' -az arcappliance prepare hci --config-file '' -``` - -Sample input: -``` -az arcappliance validate hci --config-file 'C:\ClusterStorage\Volume01\WorkDir\hci-appliance.yaml' -az arcappliance prepare hci --config-file 'C:\ClusterStorage\Volume01\WorkDir\hci-appliance.yaml' -``` - -In the below command, the outfile is the location where you want to store Arc Appliance's kubeconfig. I recommend storing it in the WorkDir shared cluster volume location. For example, `C:\ClusterStorage\Volume01\WorkDir\appliancekubeconfig` - -```azurecli -az arcappliance deploy hci --config-file '' --outfile $workingDir\applianceconfig - -az arcappliance create hci --config-file '' --kubeconfig $workingDir\applianceconfig -``` - -Sample input: -``` -az arcappliance deploy hci --config-file 'C:\ClusterStorage\Volume01\WorkDir\hci-appliance.yaml' --outfile 'C:\ClusterStorage\Volume01\WorkDir\appliancekubeconfig' -az arcappliance create hci --config-file 'C:\ClusterStorage\Volume01\WorkDir\hci-appliance.yaml' --kubeconfig 'C:\ClusterStorage\Volume01\WorkDir\appliancekubeconfig' -``` - -And with the `az arcappliance create` command, you're done with deploying the Appliance! - -Before proceeding to the next step, run the following command to check if the Arc Appliance status says *Connected*. It might not say *Connected* at first. This takes time. Try again after a few minutes. - -```azurecli -az arcappliance show --resource-group --name --query "status" -o tsv -``` - -## Step 3: Installing the AKS on Azure Stack HCI extension on the Arc Appliance - -To install the extension, run the following command: - -```azurecli -az account set -s - -az k8s-extension create --resource-group --cluster-name --cluster-type appliances --name --extension-type Microsoft.HybridAKSOperator --version 0.0.21 --config Microsoft.CustomLocation.ServiceAccount="default" -``` - -| Parameter | Parameter details | -| ------------| ----------------- | -| resource-group | A resource group in the Azure subscription listed above (Step 0 Item #1). Make sure you use the same resource group you used when deploying Arc Appliance. | -| cluster-name | The name of your Arc Appliance. | -| name | Name of your AKS-HCI cluster extension on top of Arc Appliance | -| cluster-type | Must be *appliances*. Do not change this value. | -| extension-type | Must be *Microsoft.HybridAKSOperator*. Do not change this value. | -| version | Must be *0.0.21*. Do not change this value. | -| config | Must be *config Microsoft.CustomLocation.ServiceAccount="default"*. Do not change this value. | - -Once you have created the AKS on Azure Stack HCI extension on top of the Arc Appliance, run the following command to check if the extension status says *Running*. It might say *pending* at first. Be patient! This takes time. Try again after a few minutes. - -```azurecli -az k8s-extension show --resource-group --cluster-name --cluster-type appliances --name --query "status" -o tsv -``` - -## Step 4: Installing a custom location on top of the AKS-HCI extension on the Arc Appliance - -You need to first collect the ARM IDs of the Arc Appliance and the AKS on Azure Stack HCI extension in PowerShell variables. - -```azurecli -$ArcApplianceResourceId=az arcappliance show --resource-group --name --query id -o tsv - -$ClusterExtensionResourceId=az k8s-extension show --resource-group --cluster-name --cluster-type appliances --name --query id -o tsv -``` - -You can then create the custom location for your Azure Stack HCI cluster that has the AKS-HCI extension installed on it. - -```azurecli -az customlocation create --name --namespace "default" --host-resource-id $ArcApplianceResourceId --cluster-extension-ids $ClusterExtensionResourceId --resource-group -``` - -| Parameter | Parameter details | -| ------------| ----------------- | -| resource-group | A resource group in the Azure subscription listed above (Step 0 Item #1). Make sure you use the same resource group you used when deploying Arc Appliance. | -| namespace | Must be *default*. Do not change this value. | -| name | Name of your AKS on Azure Stack HCI custom location on top of Arc Appliance + AKS-HCI extension. | -| host-resource-id | ARM ID of the Appliance. You can get the ARM ID using `az arcappliance show --resource-group --name --query id -o tsv`. | -| cluster-extension-ids | ARM ID of the AKS-HCI extension on top of Appliance. You can get the ARM ID using `az k8s-extension show --resource-group --cluster-name --cluster-type appliances --name --query id -o tsv`. | - -Once you create the custom location on top of the Arc Appliance, run the following command to check if the custom location provisioning state says *Succeeded*. It might say something else at first. Be patient! This takes time. Try again after 10 minutes. - -```azurecli -az customlocation show --name --resource-group --query "provisioningState" -o tsv -``` - -## Step 5: Create a network for your AKS-HCI workload clusters - -We're so close! Create a network for your developers to use to create AKS on Azure Stack HCI clusters using the following command. - -```powershell -New-KvaVirtualNetwork -name "" -vippoolstart "" -vippoolend "" -vswitchname "" -kubeconfig $workingDir\applianceconfig -``` - -Make sure the IP addresses you give in the VIP pool (vippoolstart and vippoolend) do not overlap with the VIP pool you created by running `New-AksHciNetworkSetting`. - -IP address exhaustion can lead to AKS on Azure Stack HCI cluster deployment failures. Plan your IP addresses very carefully. For more information, you can [learn more about DHCP IP address planning](https://docs.microsoft.com/azure-stack/aks-hci/concepts-node-networking#minimum-ip-address-reservations-for-an-aks-on-azure-stack-hci-deployment). - - -## Step 6: Assign user role RBAC access to create AKS on Azure Stack HCI clusters - -Use the following steps to create AKS on Azure Stack HCI clusters and assign RBAC access: - -1. Go to Azure Portal, navigate to the subscription and then resource group that you used to create your Appliance and the custom location. -2. Go to IAM in the left-hand side of the portal. -3. Click **Role assignment** -> **Add assignment**. -4. Type in the name of the end user and assign them *contributor* access. - - -## Step 7: Download the Kubernetes VHD file - -Run the following command to download the Linux VHD file specific to the Kubernetes version. For this preview release, you can only download the VHD file for Kubernetes version 1.21.2 - -```powershell -Add-KvaGalleryImage -kubernetesVersion 1.21.2 -``` - -## Step 8: Give the dev user the details - -Provide the following details to the end user: - -| Parameter | Parameter details | -| --------- | ------------------| -| Custom-location | ARM ID of the custom location you created in step 4. You can get the ARM ID using `az customlocation show --name --resource-group --query "id" -o tsv` -| vnet-id | The name of the virtual network you created using New-KvaVirtualNetwork in step 5. | - -## Step 9: Create AKS-HCI clusters using Az CLI [User role] - -Before creating AKS on Azure Stack HCI clusters, make sure you have Az CLI and the hybrid AKS extension installed in your environment. - -[Download the hybridaks Az CLI extension](https://github.com/Azure/aks-hci/blob/main/preview/node-pools-bugbash/hybridaks-0.1.2-py3-none-any.whl) WHL file. - -```azurecli -az extension remove -n hybridaks -az extension add --yes --source -az hybridaks -h -``` -### Create an AKS-HCI cluster using Az CLI -```bash -az hybridaks create -n cluster-1 -g $resourceGroup --custom-location $CustomLocationResourceId --vnet-id $wkldClusterVnet --generate-ssh-keys -``` -You can skip adding --generate-ssh-keys if you already have an SSH key named `id_rsa` in the ~/.ssh folder. - -### Show the AKS-HCI cluster -```azurecli -az hybridaks show -g $resourceGroup -n cluster-1 -``` - -### Add a nodepool to your AKS-HCI cluster -``` -az hybridaks nodepool add --name "samplenodepool" --cluster-name cluster-1 --resource-group $resourceGroup -``` - -### List nodepools in your AKS-HCI cluster -``` -az hybridaks nodepool list -g $resourceGroup --cluster-name cluster-1 --query value -o table -``` - -### Get admin kubeconfig of AKS-HCI cluster created using Az CLI -RDP into to the Azure VM before proceeding. -```powershell -Get-TargetClusterAdminCredentials -clusterName "cluster-1" -outfile $workingDir\targetclusterconfig -kubeconfig $workingDir\applianceconfig -``` - -### Access your clusters using kubectl -``` -kubectl get pods -A --kubeconfig $workingDir\targetclusterconfig -``` - -### Delete a nodepool on your AKS-HCI cluster -``` -az hybridaks nodepool delete --name "samplenodepool" --cluster-name cluster-1 --resource-group $resourceGroup -``` - -## [Admin role] Collecting logs -If things go wrong, you can collect logs using the following commands: - -```powershell -Get-ArcHciLogs -``` - -```azurecli -az arcappliance logs hci --kubeconfig 'C:\ClusterStorage\Volume01\WorkDir\config' -``` - -## Clean up -```azurecli -az login -az account set -s -``` - -Step 1: Delete all preview AKS-HCI clusters created using Az CLI - -```azurecli -az hybridaks delete --resource-group --name -``` - -Step 2: Delete the custom location - -```azurecli -az customlocation delete --name --resource-group -``` - -Step 3: Delete the cluster extension - -```azurecli -az k8s-extension delete --resource-group --cluster-name --cluster-type appliances --name -``` - -Step 4: Delete the Arc Appliance - -```azurecli -az arcappliance delete hci --config-file $workingDir\config -``` - -Step 5: Delete the ArcHCI config files - -```powershell -Remove-ArcHciConfigFiles -workDir $workingDir -``` - -Step 6: Delete the Azure VM if you're finished! - diff --git a/preview/node-pools-bugbash/node-pools-bugbash-azure-vm.md b/preview/node-pools-bugbash/node-pools-bugbash-azure-vm.md deleted file mode 100644 index 7c260c99..00000000 --- a/preview/node-pools-bugbash/node-pools-bugbash-azure-vm.md +++ /dev/null @@ -1,408 +0,0 @@ -# Register for the preview! -You will need to register your interest to have your subscription enabled for this private preview, please register here at (https://aka.ms/arcAksHciPriPreview). - -## Register for features and providers -You can run the following commands on your laptop/devbox using Az PS. You can download Az PS [here](https://docs.microsoft.com/powershell/azure/install-az-ps?view=azps-7.3.0) - -```PowerShell -Connect-AzAccount -TenantId -Get-AzSubscription -$subscriptionID = "" -Set-AzContext -Subscription $subscriptionID -``` - -```PowerShell -# register for features -Register-AzProviderFeature -FeatureName Appliances-ppauto -ProviderNamespace Microsoft.ResourceConnector -Register-AzProviderFeature -FeatureName hiddenPreviewAccess -ProviderNamespace Microsoft.HybridContainerService -Register-AzProviderFeature -FeatureName hiddenPreviewAccess -ProviderNamespace Microsoft.HybridConnectivity - -# Check feature registrationState == Registered -Get-AzProviderFeature -ProviderNamespace Microsoft.ResourceConnector | Select-Object -Property ProviderNamespace, Locations, RegistrationState -Get-AzProviderFeature -ProviderNamespace Microsoft.HybridContainerService | Select-Object -Property ProviderNamespace, Locations, RegistrationState -Get-AzProviderFeature -ProviderNamespace Microsoft.HybridConnectivity | Select-Object -Property ProviderNamespace, Locations, RegistrationState - -# register for providers -Register-AzResourceProvider -ProviderNamespace Microsoft.Kubernetes -Register-AzResourceProvider -ProviderNamespace Microsoft.KubernetesConfiguration -Register-AzResourceProvider -ProviderNamespace Microsoft.ExtendedLocation -Register-AzResourceProvider -ProviderNamespace Microsoft.ResourceConnector -Register-AzResourceProvider -ProviderNamespace Microsoft.HybridContainerService -Register-AzResourceProvider -ProviderNamespace Microsoft.HybridConnectivity - -# Check provider registrationState == Registered -Get-AzResourceProvider -ProviderNamespace Microsoft.Kubernetes | Select-Object -Property ProviderNamespace, Locations, RegistrationState -Get-AzResourceProvider -ProviderNamespace Microsoft.ExtendedLocation | Select-Object -Property ProviderNamespace, Locations, RegistrationState -Get-AzResourceProvider -ProviderNamespace Microsoft.ResourceConnector | Select-Object -Property ProviderNamespace, Locations, RegistrationState -Get-AzResourceProvider -ProviderNamespace Microsoft.HybridContainerService | Select-Object -Property ProviderNamespace, Locations, RegistrationState -Get-AzResourceProvider -ProviderNamespace Microsoft.HybridConnectivity | Select-Object -Property ProviderNamespace, Locations, RegistrationState -``` - -## 1. Create an Azure VM and deploy AzStack-HCI on the Azure VM - -```PowerShell -# Adjust any parameters you wish to change -$rgName = "akshci-lifecyclemgmt-preview-azurevm" -$location = "eastus" # To check available locations, run Get-AzLocation -$timeStamp = (Get-Date).ToString("MM-dd-HHmmss") -$deploymentName = ("AksHciDeploy_" + "$timeStamp") -$vmName = "AKSHCIHost004" -$vmSize = "Standard_E16s_v4" -$vmGeneration = "Generation 2" -$domainName = "akshci.local" -$dataDiskType = "StandardSSD_LRS" -$dataDiskSize = "32" -$adminUsername = "azureuser" -$adminPassword = ConvertTo-SecureString 'P@ssw0rd123!' -AsPlainText -Force -$enableDHCP = "Enabled" # you have to enable DHCP for this preview -$customRdpPort = "3389" # Between 0 and 65535 # -$autoShutdownStatus = "Enabled" # Or Disabled # -$autoShutdownTime = "00:00" -$autoShutdownTimeZone = "Pacific Standard Time" -$existingWindowsServerLicense = "No" - -# Create Resource Group -New-AzresourceGroup -Name $rgName -Location $location -Verbose - -# Deploy ARM Template -# using: https://github.com/Azure/aks-hci/tree/main/eval -New-AzresourceGroupDeployment -resourceGroupName $rgName -Name $deploymentName ` - -TemplateUri "https://raw.githubusercontent.com/Azure/aks-hci/main/eval/json/akshcihost.json" ` - -virtualMachineName $vmName ` - -virtualMachineSize $vmSize ` - -virtualMachineGeneration $vmGeneration ` - -domainName $domainName ` - -dataDiskType $dataDiskType ` - -dataDiskSize $dataDiskSize ` - -adminUsername $adminUsername ` - -adminPassword $adminPassword ` - -enableDHCP $enableDHCP ` - -customRdpPort $customRdpPort ` - -autoShutdownStatus $autoShutdownStatus ` - -autoShutdownTime $autoShutdownTime ` - -autoShutdownTimeZone $autoShutdownTimeZone ` - -alreadyHaveAWindowsServerLicense $existingWindowsServerLicense ` - -Verbose - -# Get connection details of the newly created VM -$getIp = Get-AzPublicIpAddress -Name "AKSHCILabPubIp" -resourceGroupName $rgName -$getIp | Select-Object Name,IpAddress,@{label='FQDN';expression={$_.DnsSettings.Fqdn}} -``` - -### RDP into the Azure VM -RDP into the VM you just deployed in the previous step, then using PowerShell ISE (in Admin mode) or VScode run the following commands. You can find RDP instructions when you click on the virtual machine resource on the Azure portal. - -You passed the username and password to access the Azure VM when you created the VM using the above script. Refer to the script and the `adminUsername` and `adminPassword` values. - -### Install AZ CLI on the Azure VM -```PowerShell -$ProgressPreference = 'SilentlyContinue'; Invoke-WebRequest -Uri https://aka.ms/installazurecliwindows -OutFile .\AzureCLI.msi; Start-Process msiexec.exe -Wait -ArgumentList '/I AzureCLI.msi /quiet'; rm .\AzureCLI.msi -Exit -``` -Now verify the verison is 2.32 by running the below command: -``` -az -v -``` -If you get an error saying " The term 'az' is not recognized as the name of a cmdlet, function, script file, or operable program.", run the following command and then rerun az -v to check Az CLI version > 2.32 -``` -$env:PATH += ";C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\wbin;" -``` - -### Install Az CLI Extensions on the Azure VM -``` -az extension add -n k8s-extension -az extension add -n customlocation -az extension add -n arcappliance -``` - -## 2. Install AKS on Azure Stack HCI on the Azure VM - -### Install pre-requisites -Install PS client tools: -```PowerShell -Install-PackageProvider Nuget –Force -Install-Module –Name PowerShellGet –Force -Exit -``` - -In a new connection run: -```PowerShell -# install the AKSHCI modules -Install-Module -Name AksHci -Repository PSGallery -Force -AcceptLicense -Install-Module -Name ArcHci -RequiredVersion 0.2.8 -Force -Confirm:$false -SkipPublisherCheck -AcceptLicense -Exit -``` - -Now open a new window and run the following command: -```powershell -Initialize-AksHciNode -Exit -``` - -### Networking & IP assignments in the Azure VM PoC environment -The following command creates a network object for the AKS on Azure Stack HCI host (or management cluster) as well as the Resource Bridge. This will take IPs from the VIP VIP Pool for: -* 1x AKS host / Mgmt Cluster -* 1x The Resource Bridge / Arc Appliance -* 2x IP addresses for updating the AKS on Azure Stack HCI host - -```PowerShell -# For this you will use the DHCP server that comes with AzStack-HCI, these are the ranges you will use: -$mgmtVipPoolStart = "192.168.0.155" -$mgmtVipPoolEnd = "192.168.0.200" - -#virtual switch name -$vSwitch = "InternalNAT" - -# cloud service IP -$cloudServiceIP = "192.168.0.150" -``` - -For more details: -* [cloudserviceIP](https://docs.microsoft.com/azure-stack/aks-hci/concepts-node-networking#microsoft-on-premises-cloud-service) so that the Kubernetes bits can talk to your Azure Stack HCI physical nodes. -* *What are the IP's for?* You need a set of IP addresses in the same subnet as the DHCP server but excluded from the DHCP scope. - * You will build “VIPPools” from this IP address list later during deployment. - * You will need atleast two non-overlapping VIPPools for this preview. Apart from IP addresses in the DHCP server, we also need to statically assign IP addresses to some important agents, so they are long lived. - - -### Install AKS-HCI - -```powershell -$subscriptionId = -$tenantId = -``` -```powershell -# make sure your `–workingDir` parameter value does not contain any spaces. -$workingDir = "V:\AKS-HCI\WorkingDir" -$cloudConfigLocation = "V:\AKS-HCI\Config" -$location = "eastus" -$resourceGroup = "akshci-lifecyclemgmt-preview-azurevm" - -# create network object -$vnet = New-AksHciNetworkSetting -Name "vnet-mgmt-setting01" -vippoolstart $mgmtVipPoolStart -vippoolend $mgmtVipPoolEnd -vSwitchName $vSwitch - -Set-AksHciConfig -vnet $vnet -workingDir $workingDir -cloudConfigLocation $cloudConfigLocation -cloudServiceIP $cloudServiceIP - -# NOTE!!! when running this command you will be asked to authenticate -Set-AksHciRegistration -SubscriptionId $subscriptionId -resourceGroupName $resourceGroup -TenantId $tenantId -UseDeviceAuthentication - -# install AKS-HCI mgmt cluster -Install-AksHci -``` -This command will take ~10-15mins and you maybe asked to authenticate and see the below, this is ok. - ->> NOTE: If you are running Windows PowerShell remotely, note that some failover clustering cmdlets do not work remotely. When possible, run the commands locally and specify a remote computer as the target. To run the cmdlet remotely, try using the Credential Security Service Provider (CredSSP). All additional errors or warnings from this cmdlet might be caused by running it remotely. - -To check if you have successfully installed AKS on Azure Stack HCI, run the following command: - -```powershell -Get-AksHciVersion -``` -```output -1.0.8.10223 -``` - -> Note! Do not proceed if you have any errors! If you face an issue installing AKS on Azure Stack HCI, review the AKS on Azure Stack HCI [troubleshooting section](https://docs.microsoft.com/azure-stack/aks-hci/known-issues). If the troubleshooting section does not help you, please file a [GitHub issue](https://github.com/Azure/aks-hci/issues). Make sure you attach logs (use `Get-AksHciLogs`), so that we can help you faster. - -## 3. Install Arc Appliance - -### Generate pre-requisite YAML files needed to deploy Arc Appliance -```PowerShell -# set appliance name -$arcAppName="pocArcApp" -# import module -Import-Module ArcHci - -New-ArcHciAksConfigFiles -subscriptionID $subscriptionId -location $location -resourceGroup $resourceGroup -resourceName $arcAppName -workDirectory $workingDir -``` - -Sample output: - -```output -HCI login file successfully generated in 'V:\AKS-HCI\WorkingDir\kvatoken.tok' -Generating ARC HCI configuration files... -Config file successfully generated in 'V:\AKS-HCI\WorkingDir' -``` - -> Note! Here you will be switching to AZ CLI, please continue to run this from the PS ISE or VS Code inside the Azure VM. - -### Login to Azure using Az CLI -``` -$subscription= -$tenantid = -``` -``` -az login -t $tenantid --use-device-code -az account set -s $subscription -``` - -### Create Arc Appliance -``` -$configFilePath= $workingDir + "\hci-appliance.yaml" -$arcAppName="pocArcApp" -``` -``` -az arcappliance validate hci --config-file $configFilePath -az arcappliance prepare hci --config-file $configFilePath -az arcappliance deploy hci --config-file $configFilePath --outfile $workingDir\config -az arcappliance create hci --config-file $configFilePath --kubeconfig $workingDir\config -``` -The above command may take upto 10mins to finish, so be patient. To check the status of your deployment, run the following command - -``` -# check the status == Running -az arcappliance show --resource-group $resourceGroup --name $arcAppName --query "status" -o tsv -``` - -## 4. Installing the AKS on Azure Stack HCI extension on the Arc Appliance - -```PowerShell -$arcExtnName = "akshcicluExtn1" -az k8s-extension create ` - --resource-group $resourceGroup ` - --cluster-name $arcAppName ` - --cluster-type appliances ` - --name $arcExtnName ` - --extension-type Microsoft.HybridAKSOperator ` - --version 0.0.21 ` - --config Microsoft.CustomLocation.ServiceAccount="default" - ``` - -Check if the extension provisioningState is "Succeeded", this can take up to 10mins!!! -``` -az k8s-extension show --resource-group $resourceGroup --cluster-name $arcAppName --cluster-type appliances --name $arcExtnName --query "provisioningState" -o tsv -``` - -## 5. Installing a custom location on top of the AKS-HCI extension on the Arc Appliance -```PowerShell -$customLocationName="azstackhci-cl" - -$ArcApplianceResourceId=az arcappliance show --resource-group $resourceGroup --name $arcAppName --query id -o tsv - -$ClusterExtensionResourceId=az k8s-extension show --resource-group $resourceGroup --cluster-name $arcAppName --cluster-type appliances --name $arcExtnName --query id -o tsv - -az customlocation create --name $customLocationName --namespace "default" --host-resource-id $ArcApplianceResourceId --cluster-extension-ids $ClusterExtensionResourceId --resource-group $resourceGroup -``` - -Check if the custom location provisioningState is "Succeeded": -``` -az customlocation show --name $customLocationName --resource-group $resourceGroup --query "provisioningState" -o tsv -``` - -``` -$CustomLocationResourceId = az customlocation show --name $customLocationName --resource-group $resourceGroup --query id -o tsv -``` - -## 6. Create a network for your AKS-HCI workload clusters -This VIP Pool must not overlap with the previous mgmt VIP Pool range you created by running New-AksHciNetworkSetting, this is for workload clusters only! - -```PowerShell -$wkldClusterVnet = "wkldvnet" -$wkldCluVipPoolStart = "192.168.0.201" -$wkldCluVipPoolEnd = "192.168.0.250" -$vSwitch = "InternalNAT" -$workingDir = "V:\AKS-HCI\WorkingDir" - -New-KvaVirtualNetwork -name $wkldClusterVnet -vippoolstart $wkldCluVipPoolStart -vippoolend $wkldCluVipPoolEnd -vswitchname $vSwitch -kubeconfig $workingDir\config -``` - -## 7. Download the Kubernetes VHD file - -```PowerShell -Add-KvaGalleryImage -kubernetesVersion 1.21.2 -``` - -## 8. Create and manage AKS-HCI clusters using Az CLI - -[Download the hybridaks Az CLI extension](https://github.com/Azure/aks-hci/blob/main/preview/node-pools-bugbash/hybridaks-0.1.2-py3-none-any.whl) WHL file. - -Install the hybridaks Az CLI Extension using the downloaded WHL file. -```bash -az extension add --yes --source -az hybridaks -h -``` - -### Create an AKS-HCI cluster using Az CLI -```bash -az hybridaks create -n cluster-1 -g $resourceGroup --custom-location $CustomLocationResourceId --vnet-id $wkldClusterVnet --generate-ssh-keys -``` -You can skip adding --generate-ssh-keys if you already have an SSH key named `id_rsa` in the ~/.ssh folder. - -### Show the AKS-HCI cluster -```azurecli -az hybridaks show -g $resourceGroup -n cluster-1 -``` - -### Add a nodepool to your AKS-HCI cluster -``` -az hybridaks nodepool add --name "samplenodepool" --cluster-name cluster-1 --resource-group $resourceGroup -``` - -### List nodepools in your AKS-HCI cluster -``` -az hybridaks nodepool list -g $resourceGroup --cluster-name cluster-1 --query value -o table -``` - -### Get admin kubeconfig of AKS-HCI cluster created using Az CLI -RDP into to the Azure VM before proceeding. -```powershell -Get-TargetClusterAdminCredentials -clusterName "cluster-1" -outfile $workingDir\targetclusterconfig -kubeconfig $workingDir\config -``` - -### Access your clusters using kubectl -``` -kubectl get pods -A --kubeconfig $workingDir\targetclusterconfig -``` - -### Delete a nodepool on your AKS-HCI cluster -``` -az hybridaks nodepool delete --name "samplenodepool" --cluster-name cluster-1 --resource-group $resourceGroup -``` - -## [Admin role] Collecting logs -If things go wrong, you can collect logs using the following commands: - -```powershell -Get-ArcHciLogs -``` - -```azurecli -az arcappliance logs hci --kubeconfig $workingDir\config -``` - -## Clean up -```azurecli -az login -az account set -s -``` - -Step 1: Delete all preview AKS-HCI clusters created using Az CLI - -```azurecli -az hybridaks delete --resource-group --name -``` - -Step 2: Delete the custom location - -```azurecli -az customlocation delete --name --resource-group -``` - -Step 3: Delete the cluster extension - -```azurecli -az k8s-extension delete --resource-group --cluster-name --cluster-type appliances --name -``` - -Step 4: Delete the Arc Appliance - -```azurecli -az arcappliance delete hci --config-file $workingDir\config -``` - -Step 5: Delete the ArcHCI config files - -```powershell -Remove-ArcHciConfigFiles -workDir $workingDir -``` - -Step 6: Delete the Azure VM if you're finished!