From 35856b65a007d61cade7390761a0e43dcd6b9b78 Mon Sep 17 00:00:00 2001 From: Cray-HPE Github Bot Date: Tue, 27 Sep 2022 03:48:54 +0000 Subject: [PATCH] Generated HTML from docs-sat --- css/atom-one-dark-reasonable.css | 77 + css/auto-complete.css | 49 + css/featherlight.min.css | 8 + css/fontawesome-all.min.css | 1 + css/hugo-theme.css | 245 +++ css/hybrid.css | 102 + css/nucleus.css | 615 ++++++ css/perfect-scrollbar.min.css | 2 + css/tabs.css | 43 + css/tags.css | 49 + css/theme-blue.css | 133 ++ css/theme-green.css | 128 ++ css/theme-red.css | 128 ++ css/theme.css | 1148 ++++++++++ en-21/404.html | 59 + en-21/categories/index.html | 560 +++++ en-21/categories/index.xml | 11 + en-21/dashboards/index.html | 542 +++++ en-21/dashboards/index.xml | 26 + .../sat_grafana_dashboards/index.html | 641 ++++++ .../sat_kibana_dashboards/index.html | 830 +++++++ en-21/img/Fabric_PortState_Locations_UI.png | Bin 0 -> 10312 bytes en-21/img/Grafana_Fabric_Congestion.png | Bin 0 -> 13882 bytes en-21/img/Grafana_HSN_Errors.png | Bin 0 -> 9558 bytes en-21/img/Grafana_rfc3635.png | Bin 0 -> 11670 bytes en-21/img/SAT_Grafana_Fabric_Vars.png | Bin 0 -> 8031 bytes en-21/index.html | 537 +++++ en-21/index.json | 64 + en-21/index.xml | 47 + en-21/install/index.html | 1333 ++++++++++++ en-21/introduction/index.html | 773 +++++++ en-21/release_notes/index.html | 849 ++++++++ en-21/sitemap.xml | 280 +++ en-21/tags/index.html | 560 +++++ en-21/tags/index.xml | 11 + en-22/404.html | 59 + en-22/categories/index.html | 579 +++++ en-22/categories/index.xml | 11 + en-22/dashboards/index.html | 561 +++++ en-22/dashboards/index.xml | 26 + .../sat_grafana_dashboards/index.html | 666 ++++++ .../sat_kibana_dashboards/index.html | 855 ++++++++ en-22/img/Fabric_PortState_Locations_UI.png | Bin 0 -> 10312 bytes en-22/img/Grafana_Fabric_Congestion.png | Bin 0 -> 13882 bytes en-22/img/Grafana_HSN_Errors.png | Bin 0 -> 9558 bytes en-22/img/Grafana_rfc3635.png | Bin 0 -> 11670 bytes en-22/img/SAT_Grafana_Fabric_Vars.png | Bin 0 -> 8031 bytes en-22/index.html | 574 +++++ en-22/index.json | 71 + en-22/index.xml | 54 + en-22/install/index.html | 1505 +++++++++++++ en-22/introduction/index.html | 823 +++++++ en-22/release_notes/index.html | 1056 +++++++++ en-22/sitemap.xml | 308 +++ en-22/tags/index.html | 579 +++++ en-22/tags/index.xml | 11 + en-22/usage/index.html | 858 ++++++++ en-23/404.html | 59 + en-23/categories/index.html | 579 +++++ en-23/categories/index.xml | 11 + en-23/dashboards/index.html | 561 +++++ en-23/dashboards/index.xml | 26 + .../sat_grafana_dashboards/index.html | 666 ++++++ .../sat_kibana_dashboards/index.html | 855 ++++++++ en-23/img/Fabric_PortState_Locations_UI.png | Bin 0 -> 10312 bytes en-23/img/Grafana_Fabric_Congestion.png | Bin 0 -> 13882 bytes en-23/img/Grafana_HSN_Errors.png | Bin 0 -> 9558 bytes en-23/img/Grafana_rfc3635.png | Bin 0 -> 11670 bytes en-23/img/SAT_Grafana_Fabric_Vars.png | Bin 0 -> 8031 bytes en-23/index.html | 575 +++++ en-23/index.json | 71 + en-23/index.xml | 54 + en-23/install/index.html | 1505 +++++++++++++ en-23/introduction/index.html | 823 +++++++ en-23/release_notes/index.html | 1132 ++++++++++ en-23/sitemap.xml | 308 +++ en-23/tags/index.html | 579 +++++ en-23/tags/index.xml | 11 + en-23/usage/index.html | 858 ++++++++ en-24/404.html | 59 + en-24/categories/index.html | 703 ++++++ en-24/categories/index.xml | 11 + en-24/cne_install/index.html | 775 +++++++ en-24/dashboards/index.html | 685 ++++++ en-24/dashboards/index.xml | 26 + .../sat_grafana_dashboards/index.html | 790 +++++++ .../sat_kibana_dashboards/index.html | 982 +++++++++ en-24/img/Fabric_PortState_Locations_UI.png | Bin 0 -> 10312 bytes en-24/img/Grafana_Fabric_Congestion.png | Bin 0 -> 13882 bytes en-24/img/Grafana_HSN_Errors.png | Bin 0 -> 9558 bytes en-24/img/Grafana_rfc3635.png | Bin 0 -> 11670 bytes en-24/img/SAT_Grafana_Fabric_Vars.png | Bin 0 -> 8031 bytes en-24/index.html | 708 ++++++ en-24/index.json | 92 + en-24/index.xml | 68 + en-24/install/index.html | 1836 ++++++++++++++++ en-24/introduction/index.html | 991 +++++++++ en-24/release_notes/index.html | 1420 ++++++++++++ en-24/sitemap.xml | 347 +++ en-24/tags/index.html | 703 ++++++ en-24/tags/index.xml | 11 + en-24/usage/change_bos_version/index.html | 682 ++++++ en-24/usage/index.html | 688 ++++++ en-24/usage/index.xml | 26 + en-24/usage/sat_bootprep/index.html | 1319 +++++++++++ en-25/404.html | 59 + en-25/categories/index.html | 1142 ++++++++++ en-25/categories/index.xml | 11 + en-25/dashboards/index.html | 1127 ++++++++++ en-25/dashboards/index.xml | 26 + .../sat_grafana_dashboards/index.html | 1232 +++++++++++ .../sat_kibana_dashboards/index.html | 1424 ++++++++++++ en-25/external_system/index.html | 1311 +++++++++++ en-25/img/Fabric_PortState_Locations_UI.png | Bin 0 -> 10312 bytes en-25/img/Grafana_Fabric_Congestion.png | Bin 0 -> 13882 bytes en-25/img/Grafana_HSN_Errors.png | Bin 0 -> 9558 bytes en-25/img/Grafana_rfc3635.png | Bin 0 -> 11670 bytes en-25/img/SAT_Grafana_Fabric_Vars.png | Bin 0 -> 8031 bytes en-25/index.html | 1139 ++++++++++ en-25/index.json | 176 ++ en-25/index.xml | 145 ++ en-25/install/index.html | 1440 ++++++++++++ en-25/introduction/index.html | 1606 ++++++++++++++ en-25/release_notes/index.html | 1163 ++++++++++ en-25/release_notes/index.xml | 75 + .../sat_2.2_release_notes/index.html | 1269 +++++++++++ .../sat_2.3_release_notes/index.html | 1147 ++++++++++ .../sat_2.4_release_notes/index.html | 1237 +++++++++++ .../sat_2.5_release_notes/index.html | 1202 +++++++++++ .../shasta_1.3.2_release_notes/index.html | 1089 ++++++++++ .../shasta_1.3_release_notes/index.html | 1093 ++++++++++ .../shasta_1.4.1_release_notes/index.html | 1098 ++++++++++ .../shasta_1.4_release_notes/index.html | 1200 ++++++++++ .../shasta_1.5_release_notes/index.html | 1154 ++++++++++ en-25/sitemap.xml | 513 +++++ en-25/tags/index.html | 1142 ++++++++++ en-25/tags/index.xml | 11 + en-25/uninstall_and_downgrade/index.html | 1247 +++++++++++ en-25/upgrade/index.html | 1297 +++++++++++ en-25/usage/change_bos_version/index.html | 1118 ++++++++++ en-25/usage/index.html | 1125 ++++++++++ en-25/usage/index.xml | 33 + en-25/usage/sat_and_iuf/index.html | 1144 ++++++++++ en-25/usage/sat_bootprep/index.html | 1684 +++++++++++++++ en-26/404.html | 59 + .../command_authentication/index.html | 1381 ++++++++++++ en-26/about_sat/dependencies/index.html | 1453 +++++++++++++ en-26/about_sat/index.html | 1216 +++++++++++ en-26/about_sat/index.xml | 47 + en-26/about_sat/introduction/index.html | 1335 ++++++++++++ en-26/about_sat/sat_in_csm/index.html | 1255 +++++++++++ en-26/about_sat/view_sat_docs/index.html | 1245 +++++++++++ en-26/categories/index.html | 1308 +++++++++++ en-26/categories/index.xml | 11 + en-26/external_system/index.html | 1492 +++++++++++++ en-26/img/GitHub_Heading_Icon.png | Bin 0 -> 5945 bytes en-26/img/GitHub_Heading_Navigation.png | Bin 0 -> 22430 bytes en-26/img/HTML_Heading_Icon.png | Bin 0 -> 25210 bytes en-26/img/HTML_Heading_Navigation.png | Bin 0 -> 73112 bytes en-26/index.html | 1307 +++++++++++ en-26/index.json | 204 ++ en-26/index.xml | 173 ++ en-26/install/index.html | 1617 ++++++++++++++ en-26/release_notes/index.html | 1330 ++++++++++++ en-26/release_notes/index.xml | 82 + .../sat_2.2_release_notes/index.html | 1434 ++++++++++++ .../sat_2.3_release_notes/index.html | 1313 +++++++++++ .../sat_2.4_release_notes/index.html | 1404 ++++++++++++ .../sat_2.5_release_notes/index.html | 1368 ++++++++++++ .../sat_2.6_release_notes/index.html | 1364 ++++++++++++ .../shasta_1.3.2_release_notes/index.html | 1255 +++++++++++ .../shasta_1.3_release_notes/index.html | 1259 +++++++++++ .../shasta_1.4.1_release_notes/index.html | 1264 +++++++++++ .../shasta_1.4_release_notes/index.html | 1366 ++++++++++++ .../shasta_1.5_release_notes/index.html | 1320 +++++++++++ en-26/sitemap.xml | 425 ++++ en-26/tags/index.html | 1308 +++++++++++ en-26/tags/index.xml | 11 + en-26/uninstall_and_downgrade/index.html | 1423 ++++++++++++ en-26/upgrade/index.html | 1466 +++++++++++++ en-26/usage/change_bos_version/index.html | 1284 +++++++++++ en-26/usage/index.html | 1292 +++++++++++ en-26/usage/index.xml | 40 + en-26/usage/multi-tenancy/index.html | 1235 +++++++++++ en-26/usage/sat_and_iuf/index.html | 1312 +++++++++++ en-26/usage/sat_bootprep/index.html | 1922 +++++++++++++++++ fonts/Inconsolata.eot | Bin 0 -> 35620 bytes fonts/Inconsolata.svg | 1 + fonts/Inconsolata.ttf | Bin 0 -> 63184 bytes fonts/Inconsolata.woff | Bin 0 -> 38248 bytes fonts/Novecentosanswide-Normal-webfont.eot | Bin 0 -> 22446 bytes fonts/Novecentosanswide-Normal-webfont.svg | 1 + fonts/Novecentosanswide-Normal-webfont.ttf | Bin 0 -> 56884 bytes fonts/Novecentosanswide-Normal-webfont.woff | Bin 0 -> 24772 bytes fonts/Novecentosanswide-Normal-webfont.woff2 | Bin 0 -> 19760 bytes .../Novecentosanswide-UltraLight-webfont.eot | Bin 0 -> 21080 bytes .../Novecentosanswide-UltraLight-webfont.svg | 1 + .../Novecentosanswide-UltraLight-webfont.ttf | Bin 0 -> 55600 bytes .../Novecentosanswide-UltraLight-webfont.woff | Bin 0 -> 23476 bytes ...Novecentosanswide-UltraLight-webfont.woff2 | Bin 0 -> 18716 bytes fonts/Work_Sans_200.eot | Bin 0 -> 24290 bytes fonts/Work_Sans_200.svg | 1 + fonts/Work_Sans_200.ttf | Bin 0 -> 49752 bytes fonts/Work_Sans_200.woff | Bin 0 -> 25896 bytes fonts/Work_Sans_200.woff2 | Bin 0 -> 21128 bytes fonts/Work_Sans_300.eot | Bin 0 -> 24817 bytes fonts/Work_Sans_300.svg | 1 + fonts/Work_Sans_300.ttf | Bin 0 -> 50784 bytes fonts/Work_Sans_300.woff | Bin 0 -> 26392 bytes fonts/Work_Sans_300.woff2 | Bin 0 -> 21548 bytes fonts/Work_Sans_500.eot | Bin 0 -> 26481 bytes fonts/Work_Sans_500.svg | 1 + fonts/Work_Sans_500.ttf | Bin 0 -> 54232 bytes fonts/Work_Sans_500.woff | Bin 0 -> 27900 bytes fonts/Work_Sans_500.woff2 | Bin 0 -> 22884 bytes images/clippy.svg | 1 + images/favicon.png | Bin 0 -> 608 bytes images/gopher-404.jpg | Bin 0 -> 206249 bytes index.html | 10 + js/auto-complete.js | 3 + js/clipboard.min.js | 7 + js/featherlight.min.js | 9 + js/highlight.pack.js | 6 + js/hugo-learn.js | 94 + js/jquery-3.3.1.min.js | 2 + js/jquery.sticky.js | 288 +++ js/learn.js | 496 +++++ js/lunr.min.js | 6 + js/modernizr.custom-3.6.0.js | 3 + js/perfect-scrollbar.jquery.min.js | 2 + js/perfect-scrollbar.min.js | 2 + js/search.js | 96 + mermaid/mermaid.js | 32 + sitemap.xml | 46 + webfonts/fa-brands-400.eot | Bin 0 -> 134396 bytes webfonts/fa-brands-400.svg | 1 + webfonts/fa-brands-400.ttf | Bin 0 -> 134160 bytes webfonts/fa-brands-400.woff | Bin 0 -> 87048 bytes webfonts/fa-brands-400.woff2 | Bin 0 -> 74288 bytes webfonts/fa-regular-400.eot | Bin 0 -> 40308 bytes webfonts/fa-regular-400.svg | 1 + webfonts/fa-regular-400.ttf | Bin 0 -> 40080 bytes webfonts/fa-regular-400.woff | Bin 0 -> 18164 bytes webfonts/fa-regular-400.woff2 | Bin 0 -> 14872 bytes webfonts/fa-solid-900.eot | Bin 0 -> 209012 bytes webfonts/fa-solid-900.svg | 1 + webfonts/fa-solid-900.ttf | Bin 0 -> 208792 bytes webfonts/fa-solid-900.woff | Bin 0 -> 102224 bytes webfonts/fa-solid-900.woff2 | Bin 0 -> 79100 bytes 249 files changed, 113613 insertions(+) create mode 100644 css/atom-one-dark-reasonable.css create mode 100644 css/auto-complete.css create mode 100644 css/featherlight.min.css create mode 100644 css/fontawesome-all.min.css create mode 100644 css/hugo-theme.css create mode 100644 css/hybrid.css create mode 100644 css/nucleus.css create mode 100644 css/perfect-scrollbar.min.css create mode 100644 css/tabs.css create mode 100644 css/tags.css create mode 100644 css/theme-blue.css create mode 100644 css/theme-green.css create mode 100644 css/theme-red.css create mode 100644 css/theme.css create mode 100644 en-21/404.html create mode 100644 en-21/categories/index.html create mode 100644 en-21/categories/index.xml create mode 100644 en-21/dashboards/index.html create mode 100644 en-21/dashboards/index.xml create mode 100644 en-21/dashboards/sat_grafana_dashboards/index.html create mode 100644 en-21/dashboards/sat_kibana_dashboards/index.html create mode 100644 en-21/img/Fabric_PortState_Locations_UI.png create mode 100644 en-21/img/Grafana_Fabric_Congestion.png create mode 100644 en-21/img/Grafana_HSN_Errors.png create mode 100644 en-21/img/Grafana_rfc3635.png create mode 100644 en-21/img/SAT_Grafana_Fabric_Vars.png create mode 100644 en-21/index.html create mode 100644 en-21/index.json create mode 100644 en-21/index.xml create mode 100644 en-21/install/index.html create mode 100644 en-21/introduction/index.html create mode 100644 en-21/release_notes/index.html create mode 100644 en-21/sitemap.xml create mode 100644 en-21/tags/index.html create mode 100644 en-21/tags/index.xml create mode 100644 en-22/404.html create mode 100644 en-22/categories/index.html create mode 100644 en-22/categories/index.xml create mode 100644 en-22/dashboards/index.html create mode 100644 en-22/dashboards/index.xml create mode 100644 en-22/dashboards/sat_grafana_dashboards/index.html create mode 100644 en-22/dashboards/sat_kibana_dashboards/index.html create mode 100644 en-22/img/Fabric_PortState_Locations_UI.png create mode 100644 en-22/img/Grafana_Fabric_Congestion.png create mode 100644 en-22/img/Grafana_HSN_Errors.png create mode 100644 en-22/img/Grafana_rfc3635.png create mode 100644 en-22/img/SAT_Grafana_Fabric_Vars.png create mode 100644 en-22/index.html create mode 100644 en-22/index.json create mode 100644 en-22/index.xml create mode 100644 en-22/install/index.html create mode 100644 en-22/introduction/index.html create mode 100644 en-22/release_notes/index.html create mode 100644 en-22/sitemap.xml create mode 100644 en-22/tags/index.html create mode 100644 en-22/tags/index.xml create mode 100644 en-22/usage/index.html create mode 100644 en-23/404.html create mode 100644 en-23/categories/index.html create mode 100644 en-23/categories/index.xml create mode 100644 en-23/dashboards/index.html create mode 100644 en-23/dashboards/index.xml create mode 100644 en-23/dashboards/sat_grafana_dashboards/index.html create mode 100644 en-23/dashboards/sat_kibana_dashboards/index.html create mode 100644 en-23/img/Fabric_PortState_Locations_UI.png create mode 100644 en-23/img/Grafana_Fabric_Congestion.png create mode 100644 en-23/img/Grafana_HSN_Errors.png create mode 100644 en-23/img/Grafana_rfc3635.png create mode 100644 en-23/img/SAT_Grafana_Fabric_Vars.png create mode 100644 en-23/index.html create mode 100644 en-23/index.json create mode 100644 en-23/index.xml create mode 100644 en-23/install/index.html create mode 100644 en-23/introduction/index.html create mode 100644 en-23/release_notes/index.html create mode 100644 en-23/sitemap.xml create mode 100644 en-23/tags/index.html create mode 100644 en-23/tags/index.xml create mode 100644 en-23/usage/index.html create mode 100644 en-24/404.html create mode 100644 en-24/categories/index.html create mode 100644 en-24/categories/index.xml create mode 100644 en-24/cne_install/index.html create mode 100644 en-24/dashboards/index.html create mode 100644 en-24/dashboards/index.xml create mode 100644 en-24/dashboards/sat_grafana_dashboards/index.html create mode 100644 en-24/dashboards/sat_kibana_dashboards/index.html create mode 100644 en-24/img/Fabric_PortState_Locations_UI.png create mode 100644 en-24/img/Grafana_Fabric_Congestion.png create mode 100644 en-24/img/Grafana_HSN_Errors.png create mode 100644 en-24/img/Grafana_rfc3635.png create mode 100644 en-24/img/SAT_Grafana_Fabric_Vars.png create mode 100644 en-24/index.html create mode 100644 en-24/index.json create mode 100644 en-24/index.xml create mode 100644 en-24/install/index.html create mode 100644 en-24/introduction/index.html create mode 100644 en-24/release_notes/index.html create mode 100644 en-24/sitemap.xml create mode 100644 en-24/tags/index.html create mode 100644 en-24/tags/index.xml create mode 100644 en-24/usage/change_bos_version/index.html create mode 100644 en-24/usage/index.html create mode 100644 en-24/usage/index.xml create mode 100644 en-24/usage/sat_bootprep/index.html create mode 100644 en-25/404.html create mode 100644 en-25/categories/index.html create mode 100644 en-25/categories/index.xml create mode 100644 en-25/dashboards/index.html create mode 100644 en-25/dashboards/index.xml create mode 100644 en-25/dashboards/sat_grafana_dashboards/index.html create mode 100644 en-25/dashboards/sat_kibana_dashboards/index.html create mode 100644 en-25/external_system/index.html create mode 100644 en-25/img/Fabric_PortState_Locations_UI.png create mode 100644 en-25/img/Grafana_Fabric_Congestion.png create mode 100644 en-25/img/Grafana_HSN_Errors.png create mode 100644 en-25/img/Grafana_rfc3635.png create mode 100644 en-25/img/SAT_Grafana_Fabric_Vars.png create mode 100644 en-25/index.html create mode 100644 en-25/index.json create mode 100644 en-25/index.xml create mode 100644 en-25/install/index.html create mode 100644 en-25/introduction/index.html create mode 100644 en-25/release_notes/index.html create mode 100644 en-25/release_notes/index.xml create mode 100644 en-25/release_notes/sat_2.2_release_notes/index.html create mode 100644 en-25/release_notes/sat_2.3_release_notes/index.html create mode 100644 en-25/release_notes/sat_2.4_release_notes/index.html create mode 100644 en-25/release_notes/sat_2.5_release_notes/index.html create mode 100644 en-25/release_notes/shasta_1.3.2_release_notes/index.html create mode 100644 en-25/release_notes/shasta_1.3_release_notes/index.html create mode 100644 en-25/release_notes/shasta_1.4.1_release_notes/index.html create mode 100644 en-25/release_notes/shasta_1.4_release_notes/index.html create mode 100644 en-25/release_notes/shasta_1.5_release_notes/index.html create mode 100644 en-25/sitemap.xml create mode 100644 en-25/tags/index.html create mode 100644 en-25/tags/index.xml create mode 100644 en-25/uninstall_and_downgrade/index.html create mode 100644 en-25/upgrade/index.html create mode 100644 en-25/usage/change_bos_version/index.html create mode 100644 en-25/usage/index.html create mode 100644 en-25/usage/index.xml create mode 100644 en-25/usage/sat_and_iuf/index.html create mode 100644 en-25/usage/sat_bootprep/index.html create mode 100644 en-26/404.html create mode 100644 en-26/about_sat/command_authentication/index.html create mode 100644 en-26/about_sat/dependencies/index.html create mode 100644 en-26/about_sat/index.html create mode 100644 en-26/about_sat/index.xml create mode 100644 en-26/about_sat/introduction/index.html create mode 100644 en-26/about_sat/sat_in_csm/index.html create mode 100644 en-26/about_sat/view_sat_docs/index.html create mode 100644 en-26/categories/index.html create mode 100644 en-26/categories/index.xml create mode 100644 en-26/external_system/index.html create mode 100644 en-26/img/GitHub_Heading_Icon.png create mode 100644 en-26/img/GitHub_Heading_Navigation.png create mode 100644 en-26/img/HTML_Heading_Icon.png create mode 100644 en-26/img/HTML_Heading_Navigation.png create mode 100644 en-26/index.html create mode 100644 en-26/index.json create mode 100644 en-26/index.xml create mode 100644 en-26/install/index.html create mode 100644 en-26/release_notes/index.html create mode 100644 en-26/release_notes/index.xml create mode 100644 en-26/release_notes/sat_2.2_release_notes/index.html create mode 100644 en-26/release_notes/sat_2.3_release_notes/index.html create mode 100644 en-26/release_notes/sat_2.4_release_notes/index.html create mode 100644 en-26/release_notes/sat_2.5_release_notes/index.html create mode 100644 en-26/release_notes/sat_2.6_release_notes/index.html create mode 100644 en-26/release_notes/shasta_1.3.2_release_notes/index.html create mode 100644 en-26/release_notes/shasta_1.3_release_notes/index.html create mode 100644 en-26/release_notes/shasta_1.4.1_release_notes/index.html create mode 100644 en-26/release_notes/shasta_1.4_release_notes/index.html create mode 100644 en-26/release_notes/shasta_1.5_release_notes/index.html create mode 100644 en-26/sitemap.xml create mode 100644 en-26/tags/index.html create mode 100644 en-26/tags/index.xml create mode 100644 en-26/uninstall_and_downgrade/index.html create mode 100644 en-26/upgrade/index.html create mode 100644 en-26/usage/change_bos_version/index.html create mode 100644 en-26/usage/index.html create mode 100644 en-26/usage/index.xml create mode 100644 en-26/usage/multi-tenancy/index.html create mode 100644 en-26/usage/sat_and_iuf/index.html create mode 100644 en-26/usage/sat_bootprep/index.html create mode 100644 fonts/Inconsolata.eot create mode 100644 fonts/Inconsolata.svg create mode 100644 fonts/Inconsolata.ttf create mode 100644 fonts/Inconsolata.woff create mode 100644 fonts/Novecentosanswide-Normal-webfont.eot create mode 100644 fonts/Novecentosanswide-Normal-webfont.svg create mode 100644 fonts/Novecentosanswide-Normal-webfont.ttf create mode 100644 fonts/Novecentosanswide-Normal-webfont.woff create mode 100644 fonts/Novecentosanswide-Normal-webfont.woff2 create mode 100644 fonts/Novecentosanswide-UltraLight-webfont.eot create mode 100644 fonts/Novecentosanswide-UltraLight-webfont.svg create mode 100644 fonts/Novecentosanswide-UltraLight-webfont.ttf create mode 100644 fonts/Novecentosanswide-UltraLight-webfont.woff create mode 100644 fonts/Novecentosanswide-UltraLight-webfont.woff2 create mode 100644 fonts/Work_Sans_200.eot create mode 100644 fonts/Work_Sans_200.svg create mode 100644 fonts/Work_Sans_200.ttf create mode 100644 fonts/Work_Sans_200.woff create mode 100644 fonts/Work_Sans_200.woff2 create mode 100644 fonts/Work_Sans_300.eot create mode 100644 fonts/Work_Sans_300.svg create mode 100644 fonts/Work_Sans_300.ttf create mode 100644 fonts/Work_Sans_300.woff create mode 100644 fonts/Work_Sans_300.woff2 create mode 100644 fonts/Work_Sans_500.eot create mode 100644 fonts/Work_Sans_500.svg create mode 100644 fonts/Work_Sans_500.ttf create mode 100644 fonts/Work_Sans_500.woff create mode 100644 fonts/Work_Sans_500.woff2 create mode 100644 images/clippy.svg create mode 100644 images/favicon.png create mode 100644 images/gopher-404.jpg create mode 100644 index.html create mode 100644 js/auto-complete.js create mode 100644 js/clipboard.min.js create mode 100644 js/featherlight.min.js create mode 100644 js/highlight.pack.js create mode 100644 js/hugo-learn.js create mode 100644 js/jquery-3.3.1.min.js create mode 100755 js/jquery.sticky.js create mode 100644 js/learn.js create mode 100644 js/lunr.min.js create mode 100644 js/modernizr.custom-3.6.0.js create mode 100644 js/perfect-scrollbar.jquery.min.js create mode 100644 js/perfect-scrollbar.min.js create mode 100644 js/search.js create mode 100644 mermaid/mermaid.js create mode 100644 sitemap.xml create mode 100644 webfonts/fa-brands-400.eot create mode 100644 webfonts/fa-brands-400.svg create mode 100644 webfonts/fa-brands-400.ttf create mode 100644 webfonts/fa-brands-400.woff create mode 100644 webfonts/fa-brands-400.woff2 create mode 100644 webfonts/fa-regular-400.eot create mode 100644 webfonts/fa-regular-400.svg create mode 100644 webfonts/fa-regular-400.ttf create mode 100644 webfonts/fa-regular-400.woff create mode 100644 webfonts/fa-regular-400.woff2 create mode 100644 webfonts/fa-solid-900.eot create mode 100644 webfonts/fa-solid-900.svg create mode 100644 webfonts/fa-solid-900.ttf create mode 100644 webfonts/fa-solid-900.woff create mode 100644 webfonts/fa-solid-900.woff2 diff --git a/css/atom-one-dark-reasonable.css b/css/atom-one-dark-reasonable.css new file mode 100644 index 0000000000..fd41c996a3 --- /dev/null +++ b/css/atom-one-dark-reasonable.css @@ -0,0 +1,77 @@ +/* + +Atom One Dark With support for ReasonML by Gidi Morris, based off work by Daniel Gamage + +Original One Dark Syntax theme from https://github.com/atom/one-dark-syntax + +*/ +.hljs { + display: block; + overflow-x: auto; + padding: 0.5em; + line-height: 1.3em; + color: #abb2bf; + background: #282c34; + border-radius: 5px; +} +.hljs-keyword, .hljs-operator { + color: #F92672; +} +.hljs-pattern-match { + color: #F92672; +} +.hljs-pattern-match .hljs-constructor { + color: #61aeee; +} +.hljs-function { + color: #61aeee; +} +.hljs-function .hljs-params { + color: #A6E22E; +} +.hljs-function .hljs-params .hljs-typing { + color: #FD971F; +} +.hljs-module-access .hljs-module { + color: #7e57c2; +} +.hljs-constructor { + color: #e2b93d; +} +.hljs-constructor .hljs-string { + color: #9CCC65; +} +.hljs-comment, .hljs-quote { + color: #b18eb1; + font-style: italic; +} +.hljs-doctag, .hljs-formula { + color: #c678dd; +} +.hljs-section, .hljs-name, .hljs-selector-tag, .hljs-deletion, .hljs-subst { + color: #e06c75; +} +.hljs-literal { + color: #56b6c2; +} +.hljs-string, .hljs-regexp, .hljs-addition, .hljs-attribute, .hljs-meta-string { + color: #98c379; +} +.hljs-built_in, .hljs-class .hljs-title { + color: #e6c07b; +} +.hljs-attr, .hljs-variable, .hljs-template-variable, .hljs-type, .hljs-selector-class, .hljs-selector-attr, .hljs-selector-pseudo, .hljs-number { + color: #d19a66; +} +.hljs-symbol, .hljs-bullet, .hljs-link, .hljs-meta, .hljs-selector-id, .hljs-title { + color: #61aeee; +} +.hljs-emphasis { + font-style: italic; +} +.hljs-strong { + font-weight: bold; +} +.hljs-link { + text-decoration: underline; +} diff --git a/css/auto-complete.css b/css/auto-complete.css new file mode 100644 index 0000000000..1557ef6ae0 --- /dev/null +++ b/css/auto-complete.css @@ -0,0 +1,49 @@ +.autocomplete-suggestions { + text-align: left; + cursor: default; + border: 1px solid #ccc; + border-top: 0; + background: #fff; + box-shadow: -1px 1px 3px rgba(0,0,0,.8); + + /* core styles should not be changed */ + position: absolute; + display: none; + z-index: 9999; + max-height: 80%; + width: 33% !important; + min-width: 266px; + overflow: hidden; + overflow-y: auto; + box-sizing: border-box; + +} +.autocomplete-suggestion { + position: relative; + cursor: pointer; + padding: 7px; + line-height: 23px; + white-space: nowrap; + overflow: hidden; + text-overflow: ellipsis; + color: #333; +} + +.autocomplete-suggestion b { + font-weight: normal; + color: #1f8dd6; +} + +.autocomplete-suggestion.selected { + background: #333; + color: #fff; +} + +.autocomplete-suggestion:hover { + background: #444; + color: #fff; +} + +.autocomplete-suggestion > .context { + font-size: 12px; +} diff --git a/css/featherlight.min.css b/css/featherlight.min.css new file mode 100644 index 0000000000..058487f916 --- /dev/null +++ b/css/featherlight.min.css @@ -0,0 +1,8 @@ +/** + * Featherlight - ultra slim jQuery lightbox + * Version 1.7.13 - http://noelboss.github.io/featherlight/ + * + * Copyright 2018, Noël Raoul Bossart (http://www.noelboss.com) + * MIT Licensed. +**/ +html.with-featherlight{overflow:hidden}.featherlight{display:none;position:fixed;top:0;right:0;bottom:0;left:0;z-index:2147483647;text-align:center;white-space:nowrap;cursor:pointer;background:#333;background:rgba(0,0,0,0)}.featherlight:last-of-type{background:rgba(0,0,0,.8)}.featherlight:before{content:'';display:inline-block;height:100%;vertical-align:middle}.featherlight .featherlight-content{position:relative;text-align:left;vertical-align:middle;display:inline-block;overflow:auto;padding:25px 25px 0;border-bottom:25px solid transparent;margin-left:5%;margin-right:5%;max-height:95%;background:#fff;cursor:auto;white-space:normal}.featherlight .featherlight-inner{display:block}.featherlight link.featherlight-inner,.featherlight script.featherlight-inner,.featherlight style.featherlight-inner{display:none}.featherlight .featherlight-close-icon{position:absolute;z-index:9999;top:0;right:0;line-height:25px;width:25px;cursor:pointer;text-align:center;font-family:Arial,sans-serif;background:#fff;background:rgba(255,255,255,.3);color:#000;border:0;padding:0}.featherlight .featherlight-close-icon::-moz-focus-inner{border:0;padding:0}.featherlight .featherlight-image{width:100%}.featherlight-iframe .featherlight-content{border-bottom:0;padding:0;-webkit-overflow-scrolling:touch}.featherlight iframe{border:0}.featherlight *{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}@media only screen and (max-width:1024px){.featherlight .featherlight-content{margin-left:0;margin-right:0;max-height:98%;padding:10px 10px 0;border-bottom:10px solid transparent}}@media print{html.with-featherlight>*>:not(.featherlight){display:none}} \ No newline at end of file diff --git a/css/fontawesome-all.min.css b/css/fontawesome-all.min.css new file mode 100644 index 0000000000..de56473722 --- /dev/null +++ b/css/fontawesome-all.min.css @@ -0,0 +1 @@ +.fa,.fab,.fal,.far,.fas{-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;display:inline-block;font-style:normal;font-variant:normal;text-rendering:auto;line-height:1}.fa-lg{font-size:1.33333em;line-height:.75em;vertical-align:-.0667em}.fa-xs{font-size:.75em}.fa-sm{font-size:.875em}.fa-1x{font-size:1em}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-6x{font-size:6em}.fa-7x{font-size:7em}.fa-8x{font-size:8em}.fa-9x{font-size:9em}.fa-10x{font-size:10em}.fa-fw{text-align:center;width:1.25em}.fa-ul{list-style-type:none;margin-left:2.5em;padding-left:0}.fa-ul>li{position:relative}.fa-li{left:-2em;position:absolute;text-align:center;width:2em;line-height:inherit}.fa-border{border:.08em solid #eee;border-radius:.1em;padding:.2em .25em .15em}.fa-pull-left{float:left}.fa-pull-right{float:right}.fa.fa-pull-left,.fab.fa-pull-left,.fal.fa-pull-left,.far.fa-pull-left,.fas.fa-pull-left{margin-right:.3em}.fa.fa-pull-right,.fab.fa-pull-right,.fal.fa-pull-right,.far.fa-pull-right,.fas.fa-pull-right{margin-left:.3em}.fa-spin{animation:fa-spin 2s infinite linear}.fa-pulse{animation:fa-spin 1s infinite steps(8)}@keyframes fa-spin{0%{transform:rotate(0deg)}to{transform:rotate(1turn)}}.fa-rotate-90{-ms-filter:"progid:DXImageTransform.Microsoft.BasicImage(rotation=1)";transform:rotate(90deg)}.fa-rotate-180{-ms-filter:"progid:DXImageTransform.Microsoft.BasicImage(rotation=2)";transform:rotate(180deg)}.fa-rotate-270{-ms-filter:"progid:DXImageTransform.Microsoft.BasicImage(rotation=3)";transform:rotate(270deg)}.fa-flip-horizontal{-ms-filter:"progid:DXImageTransform.Microsoft.BasicImage(rotation=0, mirror=1)";transform:scaleX(-1)}.fa-flip-vertical{transform:scaleY(-1)}.fa-flip-horizontal.fa-flip-vertical,.fa-flip-vertical{-ms-filter:"progid:DXImageTransform.Microsoft.BasicImage(rotation=2, mirror=1)"}.fa-flip-horizontal.fa-flip-vertical{transform:scale(-1)}:root .fa-flip-horizontal,:root .fa-flip-vertical,:root .fa-rotate-90,:root .fa-rotate-180,:root .fa-rotate-270{filter:none}.fa-stack{display:inline-block;height:2em;line-height:2em;position:relative;vertical-align:middle;width:2.5em}.fa-stack-1x,.fa-stack-2x{left:0;position:absolute;text-align:center;width:100%}.fa-stack-1x{line-height:inherit}.fa-stack-2x{font-size:2em}.fa-inverse{color:#fff}.fa-500px:before{content:"\f26e"}.fa-accessible-icon:before{content:"\f368"}.fa-accusoft:before{content:"\f369"}.fa-acquisitions-incorporated:before{content:"\f6af"}.fa-ad:before{content:"\f641"}.fa-address-book:before{content:"\f2b9"}.fa-address-card:before{content:"\f2bb"}.fa-adjust:before{content:"\f042"}.fa-adn:before{content:"\f170"}.fa-adobe:before{content:"\f778"}.fa-adversal:before{content:"\f36a"}.fa-affiliatetheme:before{content:"\f36b"}.fa-air-freshener:before{content:"\f5d0"}.fa-algolia:before{content:"\f36c"}.fa-align-center:before{content:"\f037"}.fa-align-justify:before{content:"\f039"}.fa-align-left:before{content:"\f036"}.fa-align-right:before{content:"\f038"}.fa-alipay:before{content:"\f642"}.fa-allergies:before{content:"\f461"}.fa-amazon:before{content:"\f270"}.fa-amazon-pay:before{content:"\f42c"}.fa-ambulance:before{content:"\f0f9"}.fa-american-sign-language-interpreting:before{content:"\f2a3"}.fa-amilia:before{content:"\f36d"}.fa-anchor:before{content:"\f13d"}.fa-android:before{content:"\f17b"}.fa-angellist:before{content:"\f209"}.fa-angle-double-down:before{content:"\f103"}.fa-angle-double-left:before{content:"\f100"}.fa-angle-double-right:before{content:"\f101"}.fa-angle-double-up:before{content:"\f102"}.fa-angle-down:before{content:"\f107"}.fa-angle-left:before{content:"\f104"}.fa-angle-right:before{content:"\f105"}.fa-angle-up:before{content:"\f106"}.fa-angry:before{content:"\f556"}.fa-angrycreative:before{content:"\f36e"}.fa-angular:before{content:"\f420"}.fa-ankh:before{content:"\f644"}.fa-app-store:before{content:"\f36f"}.fa-app-store-ios:before{content:"\f370"}.fa-apper:before{content:"\f371"}.fa-apple:before{content:"\f179"}.fa-apple-alt:before{content:"\f5d1"}.fa-apple-pay:before{content:"\f415"}.fa-archive:before{content:"\f187"}.fa-archway:before{content:"\f557"}.fa-arrow-alt-circle-down:before{content:"\f358"}.fa-arrow-alt-circle-left:before{content:"\f359"}.fa-arrow-alt-circle-right:before{content:"\f35a"}.fa-arrow-alt-circle-up:before{content:"\f35b"}.fa-arrow-circle-down:before{content:"\f0ab"}.fa-arrow-circle-left:before{content:"\f0a8"}.fa-arrow-circle-right:before{content:"\f0a9"}.fa-arrow-circle-up:before{content:"\f0aa"}.fa-arrow-down:before{content:"\f063"}.fa-arrow-left:before{content:"\f060"}.fa-arrow-right:before{content:"\f061"}.fa-arrow-up:before{content:"\f062"}.fa-arrows-alt:before{content:"\f0b2"}.fa-arrows-alt-h:before{content:"\f337"}.fa-arrows-alt-v:before{content:"\f338"}.fa-artstation:before{content:"\f77a"}.fa-assistive-listening-systems:before{content:"\f2a2"}.fa-asterisk:before{content:"\f069"}.fa-asymmetrik:before{content:"\f372"}.fa-at:before{content:"\f1fa"}.fa-atlas:before{content:"\f558"}.fa-atlassian:before{content:"\f77b"}.fa-atom:before{content:"\f5d2"}.fa-audible:before{content:"\f373"}.fa-audio-description:before{content:"\f29e"}.fa-autoprefixer:before{content:"\f41c"}.fa-avianex:before{content:"\f374"}.fa-aviato:before{content:"\f421"}.fa-award:before{content:"\f559"}.fa-aws:before{content:"\f375"}.fa-baby:before{content:"\f77c"}.fa-baby-carriage:before{content:"\f77d"}.fa-backspace:before{content:"\f55a"}.fa-backward:before{content:"\f04a"}.fa-balance-scale:before{content:"\f24e"}.fa-ban:before{content:"\f05e"}.fa-band-aid:before{content:"\f462"}.fa-bandcamp:before{content:"\f2d5"}.fa-barcode:before{content:"\f02a"}.fa-bars:before{content:"\f0c9"}.fa-baseball-ball:before{content:"\f433"}.fa-basketball-ball:before{content:"\f434"}.fa-bath:before{content:"\f2cd"}.fa-battery-empty:before{content:"\f244"}.fa-battery-full:before{content:"\f240"}.fa-battery-half:before{content:"\f242"}.fa-battery-quarter:before{content:"\f243"}.fa-battery-three-quarters:before{content:"\f241"}.fa-bed:before{content:"\f236"}.fa-beer:before{content:"\f0fc"}.fa-behance:before{content:"\f1b4"}.fa-behance-square:before{content:"\f1b5"}.fa-bell:before{content:"\f0f3"}.fa-bell-slash:before{content:"\f1f6"}.fa-bezier-curve:before{content:"\f55b"}.fa-bible:before{content:"\f647"}.fa-bicycle:before{content:"\f206"}.fa-bimobject:before{content:"\f378"}.fa-binoculars:before{content:"\f1e5"}.fa-biohazard:before{content:"\f780"}.fa-birthday-cake:before{content:"\f1fd"}.fa-bitbucket:before{content:"\f171"}.fa-bitcoin:before{content:"\f379"}.fa-bity:before{content:"\f37a"}.fa-black-tie:before{content:"\f27e"}.fa-blackberry:before{content:"\f37b"}.fa-blender:before{content:"\f517"}.fa-blender-phone:before{content:"\f6b6"}.fa-blind:before{content:"\f29d"}.fa-blog:before{content:"\f781"}.fa-blogger:before{content:"\f37c"}.fa-blogger-b:before{content:"\f37d"}.fa-bluetooth:before{content:"\f293"}.fa-bluetooth-b:before{content:"\f294"}.fa-bold:before{content:"\f032"}.fa-bolt:before{content:"\f0e7"}.fa-bomb:before{content:"\f1e2"}.fa-bone:before{content:"\f5d7"}.fa-bong:before{content:"\f55c"}.fa-book:before{content:"\f02d"}.fa-book-dead:before{content:"\f6b7"}.fa-book-open:before{content:"\f518"}.fa-book-reader:before{content:"\f5da"}.fa-bookmark:before{content:"\f02e"}.fa-bowling-ball:before{content:"\f436"}.fa-box:before{content:"\f466"}.fa-box-open:before{content:"\f49e"}.fa-boxes:before{content:"\f468"}.fa-braille:before{content:"\f2a1"}.fa-brain:before{content:"\f5dc"}.fa-briefcase:before{content:"\f0b1"}.fa-briefcase-medical:before{content:"\f469"}.fa-broadcast-tower:before{content:"\f519"}.fa-broom:before{content:"\f51a"}.fa-brush:before{content:"\f55d"}.fa-btc:before{content:"\f15a"}.fa-bug:before{content:"\f188"}.fa-building:before{content:"\f1ad"}.fa-bullhorn:before{content:"\f0a1"}.fa-bullseye:before{content:"\f140"}.fa-burn:before{content:"\f46a"}.fa-buromobelexperte:before{content:"\f37f"}.fa-bus:before{content:"\f207"}.fa-bus-alt:before{content:"\f55e"}.fa-business-time:before{content:"\f64a"}.fa-buysellads:before{content:"\f20d"}.fa-calculator:before{content:"\f1ec"}.fa-calendar:before{content:"\f133"}.fa-calendar-alt:before{content:"\f073"}.fa-calendar-check:before{content:"\f274"}.fa-calendar-day:before{content:"\f783"}.fa-calendar-minus:before{content:"\f272"}.fa-calendar-plus:before{content:"\f271"}.fa-calendar-times:before{content:"\f273"}.fa-calendar-week:before{content:"\f784"}.fa-camera:before{content:"\f030"}.fa-camera-retro:before{content:"\f083"}.fa-campground:before{content:"\f6bb"}.fa-canadian-maple-leaf:before{content:"\f785"}.fa-candy-cane:before{content:"\f786"}.fa-cannabis:before{content:"\f55f"}.fa-capsules:before{content:"\f46b"}.fa-car:before{content:"\f1b9"}.fa-car-alt:before{content:"\f5de"}.fa-car-battery:before{content:"\f5df"}.fa-car-crash:before{content:"\f5e1"}.fa-car-side:before{content:"\f5e4"}.fa-caret-down:before{content:"\f0d7"}.fa-caret-left:before{content:"\f0d9"}.fa-caret-right:before{content:"\f0da"}.fa-caret-square-down:before{content:"\f150"}.fa-caret-square-left:before{content:"\f191"}.fa-caret-square-right:before{content:"\f152"}.fa-caret-square-up:before{content:"\f151"}.fa-caret-up:before{content:"\f0d8"}.fa-carrot:before{content:"\f787"}.fa-cart-arrow-down:before{content:"\f218"}.fa-cart-plus:before{content:"\f217"}.fa-cash-register:before{content:"\f788"}.fa-cat:before{content:"\f6be"}.fa-cc-amazon-pay:before{content:"\f42d"}.fa-cc-amex:before{content:"\f1f3"}.fa-cc-apple-pay:before{content:"\f416"}.fa-cc-diners-club:before{content:"\f24c"}.fa-cc-discover:before{content:"\f1f2"}.fa-cc-jcb:before{content:"\f24b"}.fa-cc-mastercard:before{content:"\f1f1"}.fa-cc-paypal:before{content:"\f1f4"}.fa-cc-stripe:before{content:"\f1f5"}.fa-cc-visa:before{content:"\f1f0"}.fa-centercode:before{content:"\f380"}.fa-centos:before{content:"\f789"}.fa-certificate:before{content:"\f0a3"}.fa-chair:before{content:"\f6c0"}.fa-chalkboard:before{content:"\f51b"}.fa-chalkboard-teacher:before{content:"\f51c"}.fa-charging-station:before{content:"\f5e7"}.fa-chart-area:before{content:"\f1fe"}.fa-chart-bar:before{content:"\f080"}.fa-chart-line:before{content:"\f201"}.fa-chart-pie:before{content:"\f200"}.fa-check:before{content:"\f00c"}.fa-check-circle:before{content:"\f058"}.fa-check-double:before{content:"\f560"}.fa-check-square:before{content:"\f14a"}.fa-chess:before{content:"\f439"}.fa-chess-bishop:before{content:"\f43a"}.fa-chess-board:before{content:"\f43c"}.fa-chess-king:before{content:"\f43f"}.fa-chess-knight:before{content:"\f441"}.fa-chess-pawn:before{content:"\f443"}.fa-chess-queen:before{content:"\f445"}.fa-chess-rook:before{content:"\f447"}.fa-chevron-circle-down:before{content:"\f13a"}.fa-chevron-circle-left:before{content:"\f137"}.fa-chevron-circle-right:before{content:"\f138"}.fa-chevron-circle-up:before{content:"\f139"}.fa-chevron-down:before{content:"\f078"}.fa-chevron-left:before{content:"\f053"}.fa-chevron-right:before{content:"\f054"}.fa-chevron-up:before{content:"\f077"}.fa-child:before{content:"\f1ae"}.fa-chrome:before{content:"\f268"}.fa-church:before{content:"\f51d"}.fa-circle:before{content:"\f111"}.fa-circle-notch:before{content:"\f1ce"}.fa-city:before{content:"\f64f"}.fa-clipboard:before{content:"\f328"}.fa-clipboard-check:before{content:"\f46c"}.fa-clipboard-list:before{content:"\f46d"}.fa-clock:before{content:"\f017"}.fa-clone:before{content:"\f24d"}.fa-closed-captioning:before{content:"\f20a"}.fa-cloud:before{content:"\f0c2"}.fa-cloud-download-alt:before{content:"\f381"}.fa-cloud-meatball:before{content:"\f73b"}.fa-cloud-moon:before{content:"\f6c3"}.fa-cloud-moon-rain:before{content:"\f73c"}.fa-cloud-rain:before{content:"\f73d"}.fa-cloud-showers-heavy:before{content:"\f740"}.fa-cloud-sun:before{content:"\f6c4"}.fa-cloud-sun-rain:before{content:"\f743"}.fa-cloud-upload-alt:before{content:"\f382"}.fa-cloudscale:before{content:"\f383"}.fa-cloudsmith:before{content:"\f384"}.fa-cloudversify:before{content:"\f385"}.fa-cocktail:before{content:"\f561"}.fa-code:before{content:"\f121"}.fa-code-branch:before{content:"\f126"}.fa-codepen:before{content:"\f1cb"}.fa-codiepie:before{content:"\f284"}.fa-coffee:before{content:"\f0f4"}.fa-cog:before{content:"\f013"}.fa-cogs:before{content:"\f085"}.fa-coins:before{content:"\f51e"}.fa-columns:before{content:"\f0db"}.fa-comment:before{content:"\f075"}.fa-comment-alt:before{content:"\f27a"}.fa-comment-dollar:before{content:"\f651"}.fa-comment-dots:before{content:"\f4ad"}.fa-comment-slash:before{content:"\f4b3"}.fa-comments:before{content:"\f086"}.fa-comments-dollar:before{content:"\f653"}.fa-compact-disc:before{content:"\f51f"}.fa-compass:before{content:"\f14e"}.fa-compress:before{content:"\f066"}.fa-compress-arrows-alt:before{content:"\f78c"}.fa-concierge-bell:before{content:"\f562"}.fa-confluence:before{content:"\f78d"}.fa-connectdevelop:before{content:"\f20e"}.fa-contao:before{content:"\f26d"}.fa-cookie:before{content:"\f563"}.fa-cookie-bite:before{content:"\f564"}.fa-copy:before{content:"\f0c5"}.fa-copyright:before{content:"\f1f9"}.fa-couch:before{content:"\f4b8"}.fa-cpanel:before{content:"\f388"}.fa-creative-commons:before{content:"\f25e"}.fa-creative-commons-by:before{content:"\f4e7"}.fa-creative-commons-nc:before{content:"\f4e8"}.fa-creative-commons-nc-eu:before{content:"\f4e9"}.fa-creative-commons-nc-jp:before{content:"\f4ea"}.fa-creative-commons-nd:before{content:"\f4eb"}.fa-creative-commons-pd:before{content:"\f4ec"}.fa-creative-commons-pd-alt:before{content:"\f4ed"}.fa-creative-commons-remix:before{content:"\f4ee"}.fa-creative-commons-sa:before{content:"\f4ef"}.fa-creative-commons-sampling:before{content:"\f4f0"}.fa-creative-commons-sampling-plus:before{content:"\f4f1"}.fa-creative-commons-share:before{content:"\f4f2"}.fa-creative-commons-zero:before{content:"\f4f3"}.fa-credit-card:before{content:"\f09d"}.fa-critical-role:before{content:"\f6c9"}.fa-crop:before{content:"\f125"}.fa-crop-alt:before{content:"\f565"}.fa-cross:before{content:"\f654"}.fa-crosshairs:before{content:"\f05b"}.fa-crow:before{content:"\f520"}.fa-crown:before{content:"\f521"}.fa-css3:before{content:"\f13c"}.fa-css3-alt:before{content:"\f38b"}.fa-cube:before{content:"\f1b2"}.fa-cubes:before{content:"\f1b3"}.fa-cut:before{content:"\f0c4"}.fa-cuttlefish:before{content:"\f38c"}.fa-d-and-d:before{content:"\f38d"}.fa-d-and-d-beyond:before{content:"\f6ca"}.fa-dashcube:before{content:"\f210"}.fa-database:before{content:"\f1c0"}.fa-deaf:before{content:"\f2a4"}.fa-delicious:before{content:"\f1a5"}.fa-democrat:before{content:"\f747"}.fa-deploydog:before{content:"\f38e"}.fa-deskpro:before{content:"\f38f"}.fa-desktop:before{content:"\f108"}.fa-dev:before{content:"\f6cc"}.fa-deviantart:before{content:"\f1bd"}.fa-dharmachakra:before{content:"\f655"}.fa-dhl:before{content:"\f790"}.fa-diagnoses:before{content:"\f470"}.fa-diaspora:before{content:"\f791"}.fa-dice:before{content:"\f522"}.fa-dice-d20:before{content:"\f6cf"}.fa-dice-d6:before{content:"\f6d1"}.fa-dice-five:before{content:"\f523"}.fa-dice-four:before{content:"\f524"}.fa-dice-one:before{content:"\f525"}.fa-dice-six:before{content:"\f526"}.fa-dice-three:before{content:"\f527"}.fa-dice-two:before{content:"\f528"}.fa-digg:before{content:"\f1a6"}.fa-digital-ocean:before{content:"\f391"}.fa-digital-tachograph:before{content:"\f566"}.fa-directions:before{content:"\f5eb"}.fa-discord:before{content:"\f392"}.fa-discourse:before{content:"\f393"}.fa-divide:before{content:"\f529"}.fa-dizzy:before{content:"\f567"}.fa-dna:before{content:"\f471"}.fa-dochub:before{content:"\f394"}.fa-docker:before{content:"\f395"}.fa-dog:before{content:"\f6d3"}.fa-dollar-sign:before{content:"\f155"}.fa-dolly:before{content:"\f472"}.fa-dolly-flatbed:before{content:"\f474"}.fa-donate:before{content:"\f4b9"}.fa-door-closed:before{content:"\f52a"}.fa-door-open:before{content:"\f52b"}.fa-dot-circle:before{content:"\f192"}.fa-dove:before{content:"\f4ba"}.fa-download:before{content:"\f019"}.fa-draft2digital:before{content:"\f396"}.fa-drafting-compass:before{content:"\f568"}.fa-dragon:before{content:"\f6d5"}.fa-draw-polygon:before{content:"\f5ee"}.fa-dribbble:before{content:"\f17d"}.fa-dribbble-square:before{content:"\f397"}.fa-dropbox:before{content:"\f16b"}.fa-drum:before{content:"\f569"}.fa-drum-steelpan:before{content:"\f56a"}.fa-drumstick-bite:before{content:"\f6d7"}.fa-drupal:before{content:"\f1a9"}.fa-dumbbell:before{content:"\f44b"}.fa-dumpster:before{content:"\f793"}.fa-dumpster-fire:before{content:"\f794"}.fa-dungeon:before{content:"\f6d9"}.fa-dyalog:before{content:"\f399"}.fa-earlybirds:before{content:"\f39a"}.fa-ebay:before{content:"\f4f4"}.fa-edge:before{content:"\f282"}.fa-edit:before{content:"\f044"}.fa-eject:before{content:"\f052"}.fa-elementor:before{content:"\f430"}.fa-ellipsis-h:before{content:"\f141"}.fa-ellipsis-v:before{content:"\f142"}.fa-ello:before{content:"\f5f1"}.fa-ember:before{content:"\f423"}.fa-empire:before{content:"\f1d1"}.fa-envelope:before{content:"\f0e0"}.fa-envelope-open:before{content:"\f2b6"}.fa-envelope-open-text:before{content:"\f658"}.fa-envelope-square:before{content:"\f199"}.fa-envira:before{content:"\f299"}.fa-equals:before{content:"\f52c"}.fa-eraser:before{content:"\f12d"}.fa-erlang:before{content:"\f39d"}.fa-ethereum:before{content:"\f42e"}.fa-ethernet:before{content:"\f796"}.fa-etsy:before{content:"\f2d7"}.fa-euro-sign:before{content:"\f153"}.fa-exchange-alt:before{content:"\f362"}.fa-exclamation:before{content:"\f12a"}.fa-exclamation-circle:before{content:"\f06a"}.fa-exclamation-triangle:before{content:"\f071"}.fa-expand:before{content:"\f065"}.fa-expand-arrows-alt:before{content:"\f31e"}.fa-expeditedssl:before{content:"\f23e"}.fa-external-link-alt:before{content:"\f35d"}.fa-external-link-square-alt:before{content:"\f360"}.fa-eye:before{content:"\f06e"}.fa-eye-dropper:before{content:"\f1fb"}.fa-eye-slash:before{content:"\f070"}.fa-facebook:before{content:"\f09a"}.fa-facebook-f:before{content:"\f39e"}.fa-facebook-messenger:before{content:"\f39f"}.fa-facebook-square:before{content:"\f082"}.fa-fantasy-flight-games:before{content:"\f6dc"}.fa-fast-backward:before{content:"\f049"}.fa-fast-forward:before{content:"\f050"}.fa-fax:before{content:"\f1ac"}.fa-feather:before{content:"\f52d"}.fa-feather-alt:before{content:"\f56b"}.fa-fedex:before{content:"\f797"}.fa-fedora:before{content:"\f798"}.fa-female:before{content:"\f182"}.fa-fighter-jet:before{content:"\f0fb"}.fa-figma:before{content:"\f799"}.fa-file:before{content:"\f15b"}.fa-file-alt:before{content:"\f15c"}.fa-file-archive:before{content:"\f1c6"}.fa-file-audio:before{content:"\f1c7"}.fa-file-code:before{content:"\f1c9"}.fa-file-contract:before{content:"\f56c"}.fa-file-csv:before{content:"\f6dd"}.fa-file-download:before{content:"\f56d"}.fa-file-excel:before{content:"\f1c3"}.fa-file-export:before{content:"\f56e"}.fa-file-image:before{content:"\f1c5"}.fa-file-import:before{content:"\f56f"}.fa-file-invoice:before{content:"\f570"}.fa-file-invoice-dollar:before{content:"\f571"}.fa-file-medical:before{content:"\f477"}.fa-file-medical-alt:before{content:"\f478"}.fa-file-pdf:before{content:"\f1c1"}.fa-file-powerpoint:before{content:"\f1c4"}.fa-file-prescription:before{content:"\f572"}.fa-file-signature:before{content:"\f573"}.fa-file-upload:before{content:"\f574"}.fa-file-video:before{content:"\f1c8"}.fa-file-word:before{content:"\f1c2"}.fa-fill:before{content:"\f575"}.fa-fill-drip:before{content:"\f576"}.fa-film:before{content:"\f008"}.fa-filter:before{content:"\f0b0"}.fa-fingerprint:before{content:"\f577"}.fa-fire:before{content:"\f06d"}.fa-fire-alt:before{content:"\f7e4"}.fa-fire-extinguisher:before{content:"\f134"}.fa-firefox:before{content:"\f269"}.fa-first-aid:before{content:"\f479"}.fa-first-order:before{content:"\f2b0"}.fa-first-order-alt:before{content:"\f50a"}.fa-firstdraft:before{content:"\f3a1"}.fa-fish:before{content:"\f578"}.fa-fist-raised:before{content:"\f6de"}.fa-flag:before{content:"\f024"}.fa-flag-checkered:before{content:"\f11e"}.fa-flag-usa:before{content:"\f74d"}.fa-flask:before{content:"\f0c3"}.fa-flickr:before{content:"\f16e"}.fa-flipboard:before{content:"\f44d"}.fa-flushed:before{content:"\f579"}.fa-fly:before{content:"\f417"}.fa-folder:before{content:"\f07b"}.fa-folder-minus:before{content:"\f65d"}.fa-folder-open:before{content:"\f07c"}.fa-folder-plus:before{content:"\f65e"}.fa-font:before{content:"\f031"}.fa-font-awesome:before{content:"\f2b4"}.fa-font-awesome-alt:before{content:"\f35c"}.fa-font-awesome-flag:before{content:"\f425"}.fa-font-awesome-logo-full:before{content:"\f4e6"}.fa-fonticons:before{content:"\f280"}.fa-fonticons-fi:before{content:"\f3a2"}.fa-football-ball:before{content:"\f44e"}.fa-fort-awesome:before{content:"\f286"}.fa-fort-awesome-alt:before{content:"\f3a3"}.fa-forumbee:before{content:"\f211"}.fa-forward:before{content:"\f04e"}.fa-foursquare:before{content:"\f180"}.fa-free-code-camp:before{content:"\f2c5"}.fa-freebsd:before{content:"\f3a4"}.fa-frog:before{content:"\f52e"}.fa-frown:before{content:"\f119"}.fa-frown-open:before{content:"\f57a"}.fa-fulcrum:before{content:"\f50b"}.fa-funnel-dollar:before{content:"\f662"}.fa-futbol:before{content:"\f1e3"}.fa-galactic-republic:before{content:"\f50c"}.fa-galactic-senate:before{content:"\f50d"}.fa-gamepad:before{content:"\f11b"}.fa-gas-pump:before{content:"\f52f"}.fa-gavel:before{content:"\f0e3"}.fa-gem:before{content:"\f3a5"}.fa-genderless:before{content:"\f22d"}.fa-get-pocket:before{content:"\f265"}.fa-gg:before{content:"\f260"}.fa-gg-circle:before{content:"\f261"}.fa-ghost:before{content:"\f6e2"}.fa-gift:before{content:"\f06b"}.fa-gifts:before{content:"\f79c"}.fa-git:before{content:"\f1d3"}.fa-git-square:before{content:"\f1d2"}.fa-github:before{content:"\f09b"}.fa-github-alt:before{content:"\f113"}.fa-github-square:before{content:"\f092"}.fa-gitkraken:before{content:"\f3a6"}.fa-gitlab:before{content:"\f296"}.fa-gitter:before{content:"\f426"}.fa-glass-cheers:before{content:"\f79f"}.fa-glass-martini:before{content:"\f000"}.fa-glass-martini-alt:before{content:"\f57b"}.fa-glass-whiskey:before{content:"\f7a0"}.fa-glasses:before{content:"\f530"}.fa-glide:before{content:"\f2a5"}.fa-glide-g:before{content:"\f2a6"}.fa-globe:before{content:"\f0ac"}.fa-globe-africa:before{content:"\f57c"}.fa-globe-americas:before{content:"\f57d"}.fa-globe-asia:before{content:"\f57e"}.fa-globe-europe:before{content:"\f7a2"}.fa-gofore:before{content:"\f3a7"}.fa-golf-ball:before{content:"\f450"}.fa-goodreads:before{content:"\f3a8"}.fa-goodreads-g:before{content:"\f3a9"}.fa-google:before{content:"\f1a0"}.fa-google-drive:before{content:"\f3aa"}.fa-google-play:before{content:"\f3ab"}.fa-google-plus:before{content:"\f2b3"}.fa-google-plus-g:before{content:"\f0d5"}.fa-google-plus-square:before{content:"\f0d4"}.fa-google-wallet:before{content:"\f1ee"}.fa-gopuram:before{content:"\f664"}.fa-graduation-cap:before{content:"\f19d"}.fa-gratipay:before{content:"\f184"}.fa-grav:before{content:"\f2d6"}.fa-greater-than:before{content:"\f531"}.fa-greater-than-equal:before{content:"\f532"}.fa-grimace:before{content:"\f57f"}.fa-grin:before{content:"\f580"}.fa-grin-alt:before{content:"\f581"}.fa-grin-beam:before{content:"\f582"}.fa-grin-beam-sweat:before{content:"\f583"}.fa-grin-hearts:before{content:"\f584"}.fa-grin-squint:before{content:"\f585"}.fa-grin-squint-tears:before{content:"\f586"}.fa-grin-stars:before{content:"\f587"}.fa-grin-tears:before{content:"\f588"}.fa-grin-tongue:before{content:"\f589"}.fa-grin-tongue-squint:before{content:"\f58a"}.fa-grin-tongue-wink:before{content:"\f58b"}.fa-grin-wink:before{content:"\f58c"}.fa-grip-horizontal:before{content:"\f58d"}.fa-grip-lines:before{content:"\f7a4"}.fa-grip-lines-vertical:before{content:"\f7a5"}.fa-grip-vertical:before{content:"\f58e"}.fa-gripfire:before{content:"\f3ac"}.fa-grunt:before{content:"\f3ad"}.fa-guitar:before{content:"\f7a6"}.fa-gulp:before{content:"\f3ae"}.fa-h-square:before{content:"\f0fd"}.fa-hacker-news:before{content:"\f1d4"}.fa-hacker-news-square:before{content:"\f3af"}.fa-hackerrank:before{content:"\f5f7"}.fa-hammer:before{content:"\f6e3"}.fa-hamsa:before{content:"\f665"}.fa-hand-holding:before{content:"\f4bd"}.fa-hand-holding-heart:before{content:"\f4be"}.fa-hand-holding-usd:before{content:"\f4c0"}.fa-hand-lizard:before{content:"\f258"}.fa-hand-paper:before{content:"\f256"}.fa-hand-peace:before{content:"\f25b"}.fa-hand-point-down:before{content:"\f0a7"}.fa-hand-point-left:before{content:"\f0a5"}.fa-hand-point-right:before{content:"\f0a4"}.fa-hand-point-up:before{content:"\f0a6"}.fa-hand-pointer:before{content:"\f25a"}.fa-hand-rock:before{content:"\f255"}.fa-hand-scissors:before{content:"\f257"}.fa-hand-spock:before{content:"\f259"}.fa-hands:before{content:"\f4c2"}.fa-hands-helping:before{content:"\f4c4"}.fa-handshake:before{content:"\f2b5"}.fa-hanukiah:before{content:"\f6e6"}.fa-hashtag:before{content:"\f292"}.fa-hat-wizard:before{content:"\f6e8"}.fa-haykal:before{content:"\f666"}.fa-hdd:before{content:"\f0a0"}.fa-heading:before{content:"\f1dc"}.fa-headphones:before{content:"\f025"}.fa-headphones-alt:before{content:"\f58f"}.fa-headset:before{content:"\f590"}.fa-heart:before{content:"\f004"}.fa-heart-broken:before{content:"\f7a9"}.fa-heartbeat:before{content:"\f21e"}.fa-helicopter:before{content:"\f533"}.fa-highlighter:before{content:"\f591"}.fa-hiking:before{content:"\f6ec"}.fa-hippo:before{content:"\f6ed"}.fa-hips:before{content:"\f452"}.fa-hire-a-helper:before{content:"\f3b0"}.fa-history:before{content:"\f1da"}.fa-hockey-puck:before{content:"\f453"}.fa-holly-berry:before{content:"\f7aa"}.fa-home:before{content:"\f015"}.fa-hooli:before{content:"\f427"}.fa-hornbill:before{content:"\f592"}.fa-horse:before{content:"\f6f0"}.fa-horse-head:before{content:"\f7ab"}.fa-hospital:before{content:"\f0f8"}.fa-hospital-alt:before{content:"\f47d"}.fa-hospital-symbol:before{content:"\f47e"}.fa-hot-tub:before{content:"\f593"}.fa-hotel:before{content:"\f594"}.fa-hotjar:before{content:"\f3b1"}.fa-hourglass:before{content:"\f254"}.fa-hourglass-end:before{content:"\f253"}.fa-hourglass-half:before{content:"\f252"}.fa-hourglass-start:before{content:"\f251"}.fa-house-damage:before{content:"\f6f1"}.fa-houzz:before{content:"\f27c"}.fa-hryvnia:before{content:"\f6f2"}.fa-html5:before{content:"\f13b"}.fa-hubspot:before{content:"\f3b2"}.fa-i-cursor:before{content:"\f246"}.fa-icicles:before{content:"\f7ad"}.fa-id-badge:before{content:"\f2c1"}.fa-id-card:before{content:"\f2c2"}.fa-id-card-alt:before{content:"\f47f"}.fa-igloo:before{content:"\f7ae"}.fa-image:before{content:"\f03e"}.fa-images:before{content:"\f302"}.fa-imdb:before{content:"\f2d8"}.fa-inbox:before{content:"\f01c"}.fa-indent:before{content:"\f03c"}.fa-industry:before{content:"\f275"}.fa-infinity:before{content:"\f534"}.fa-info:before{content:"\f129"}.fa-info-circle:before{content:"\f05a"}.fa-instagram:before{content:"\f16d"}.fa-intercom:before{content:"\f7af"}.fa-internet-explorer:before{content:"\f26b"}.fa-invision:before{content:"\f7b0"}.fa-ioxhost:before{content:"\f208"}.fa-italic:before{content:"\f033"}.fa-itunes:before{content:"\f3b4"}.fa-itunes-note:before{content:"\f3b5"}.fa-java:before{content:"\f4e4"}.fa-jedi:before{content:"\f669"}.fa-jedi-order:before{content:"\f50e"}.fa-jenkins:before{content:"\f3b6"}.fa-jira:before{content:"\f7b1"}.fa-joget:before{content:"\f3b7"}.fa-joint:before{content:"\f595"}.fa-joomla:before{content:"\f1aa"}.fa-journal-whills:before{content:"\f66a"}.fa-js:before{content:"\f3b8"}.fa-js-square:before{content:"\f3b9"}.fa-jsfiddle:before{content:"\f1cc"}.fa-kaaba:before{content:"\f66b"}.fa-kaggle:before{content:"\f5fa"}.fa-key:before{content:"\f084"}.fa-keybase:before{content:"\f4f5"}.fa-keyboard:before{content:"\f11c"}.fa-keycdn:before{content:"\f3ba"}.fa-khanda:before{content:"\f66d"}.fa-kickstarter:before{content:"\f3bb"}.fa-kickstarter-k:before{content:"\f3bc"}.fa-kiss:before{content:"\f596"}.fa-kiss-beam:before{content:"\f597"}.fa-kiss-wink-heart:before{content:"\f598"}.fa-kiwi-bird:before{content:"\f535"}.fa-korvue:before{content:"\f42f"}.fa-landmark:before{content:"\f66f"}.fa-language:before{content:"\f1ab"}.fa-laptop:before{content:"\f109"}.fa-laptop-code:before{content:"\f5fc"}.fa-laravel:before{content:"\f3bd"}.fa-lastfm:before{content:"\f202"}.fa-lastfm-square:before{content:"\f203"}.fa-laugh:before{content:"\f599"}.fa-laugh-beam:before{content:"\f59a"}.fa-laugh-squint:before{content:"\f59b"}.fa-laugh-wink:before{content:"\f59c"}.fa-layer-group:before{content:"\f5fd"}.fa-leaf:before{content:"\f06c"}.fa-leanpub:before{content:"\f212"}.fa-lemon:before{content:"\f094"}.fa-less:before{content:"\f41d"}.fa-less-than:before{content:"\f536"}.fa-less-than-equal:before{content:"\f537"}.fa-level-down-alt:before{content:"\f3be"}.fa-level-up-alt:before{content:"\f3bf"}.fa-life-ring:before{content:"\f1cd"}.fa-lightbulb:before{content:"\f0eb"}.fa-line:before{content:"\f3c0"}.fa-link:before{content:"\f0c1"}.fa-linkedin:before{content:"\f08c"}.fa-linkedin-in:before{content:"\f0e1"}.fa-linode:before{content:"\f2b8"}.fa-linux:before{content:"\f17c"}.fa-lira-sign:before{content:"\f195"}.fa-list:before{content:"\f03a"}.fa-list-alt:before{content:"\f022"}.fa-list-ol:before{content:"\f0cb"}.fa-list-ul:before{content:"\f0ca"}.fa-location-arrow:before{content:"\f124"}.fa-lock:before{content:"\f023"}.fa-lock-open:before{content:"\f3c1"}.fa-long-arrow-alt-down:before{content:"\f309"}.fa-long-arrow-alt-left:before{content:"\f30a"}.fa-long-arrow-alt-right:before{content:"\f30b"}.fa-long-arrow-alt-up:before{content:"\f30c"}.fa-low-vision:before{content:"\f2a8"}.fa-luggage-cart:before{content:"\f59d"}.fa-lyft:before{content:"\f3c3"}.fa-magento:before{content:"\f3c4"}.fa-magic:before{content:"\f0d0"}.fa-magnet:before{content:"\f076"}.fa-mail-bulk:before{content:"\f674"}.fa-mailchimp:before{content:"\f59e"}.fa-male:before{content:"\f183"}.fa-mandalorian:before{content:"\f50f"}.fa-map:before{content:"\f279"}.fa-map-marked:before{content:"\f59f"}.fa-map-marked-alt:before{content:"\f5a0"}.fa-map-marker:before{content:"\f041"}.fa-map-marker-alt:before{content:"\f3c5"}.fa-map-pin:before{content:"\f276"}.fa-map-signs:before{content:"\f277"}.fa-markdown:before{content:"\f60f"}.fa-marker:before{content:"\f5a1"}.fa-mars:before{content:"\f222"}.fa-mars-double:before{content:"\f227"}.fa-mars-stroke:before{content:"\f229"}.fa-mars-stroke-h:before{content:"\f22b"}.fa-mars-stroke-v:before{content:"\f22a"}.fa-mask:before{content:"\f6fa"}.fa-mastodon:before{content:"\f4f6"}.fa-maxcdn:before{content:"\f136"}.fa-medal:before{content:"\f5a2"}.fa-medapps:before{content:"\f3c6"}.fa-medium:before{content:"\f23a"}.fa-medium-m:before{content:"\f3c7"}.fa-medkit:before{content:"\f0fa"}.fa-medrt:before{content:"\f3c8"}.fa-meetup:before{content:"\f2e0"}.fa-megaport:before{content:"\f5a3"}.fa-meh:before{content:"\f11a"}.fa-meh-blank:before{content:"\f5a4"}.fa-meh-rolling-eyes:before{content:"\f5a5"}.fa-memory:before{content:"\f538"}.fa-mendeley:before{content:"\f7b3"}.fa-menorah:before{content:"\f676"}.fa-mercury:before{content:"\f223"}.fa-meteor:before{content:"\f753"}.fa-microchip:before{content:"\f2db"}.fa-microphone:before{content:"\f130"}.fa-microphone-alt:before{content:"\f3c9"}.fa-microphone-alt-slash:before{content:"\f539"}.fa-microphone-slash:before{content:"\f131"}.fa-microscope:before{content:"\f610"}.fa-microsoft:before{content:"\f3ca"}.fa-minus:before{content:"\f068"}.fa-minus-circle:before{content:"\f056"}.fa-minus-square:before{content:"\f146"}.fa-mitten:before{content:"\f7b5"}.fa-mix:before{content:"\f3cb"}.fa-mixcloud:before{content:"\f289"}.fa-mizuni:before{content:"\f3cc"}.fa-mobile:before{content:"\f10b"}.fa-mobile-alt:before{content:"\f3cd"}.fa-modx:before{content:"\f285"}.fa-monero:before{content:"\f3d0"}.fa-money-bill:before{content:"\f0d6"}.fa-money-bill-alt:before{content:"\f3d1"}.fa-money-bill-wave:before{content:"\f53a"}.fa-money-bill-wave-alt:before{content:"\f53b"}.fa-money-check:before{content:"\f53c"}.fa-money-check-alt:before{content:"\f53d"}.fa-monument:before{content:"\f5a6"}.fa-moon:before{content:"\f186"}.fa-mortar-pestle:before{content:"\f5a7"}.fa-mosque:before{content:"\f678"}.fa-motorcycle:before{content:"\f21c"}.fa-mountain:before{content:"\f6fc"}.fa-mouse-pointer:before{content:"\f245"}.fa-mug-hot:before{content:"\f7b6"}.fa-music:before{content:"\f001"}.fa-napster:before{content:"\f3d2"}.fa-neos:before{content:"\f612"}.fa-network-wired:before{content:"\f6ff"}.fa-neuter:before{content:"\f22c"}.fa-newspaper:before{content:"\f1ea"}.fa-nimblr:before{content:"\f5a8"}.fa-nintendo-switch:before{content:"\f418"}.fa-node:before{content:"\f419"}.fa-node-js:before{content:"\f3d3"}.fa-not-equal:before{content:"\f53e"}.fa-notes-medical:before{content:"\f481"}.fa-npm:before{content:"\f3d4"}.fa-ns8:before{content:"\f3d5"}.fa-nutritionix:before{content:"\f3d6"}.fa-object-group:before{content:"\f247"}.fa-object-ungroup:before{content:"\f248"}.fa-odnoklassniki:before{content:"\f263"}.fa-odnoklassniki-square:before{content:"\f264"}.fa-oil-can:before{content:"\f613"}.fa-old-republic:before{content:"\f510"}.fa-om:before{content:"\f679"}.fa-opencart:before{content:"\f23d"}.fa-openid:before{content:"\f19b"}.fa-opera:before{content:"\f26a"}.fa-optin-monster:before{content:"\f23c"}.fa-osi:before{content:"\f41a"}.fa-otter:before{content:"\f700"}.fa-outdent:before{content:"\f03b"}.fa-page4:before{content:"\f3d7"}.fa-pagelines:before{content:"\f18c"}.fa-paint-brush:before{content:"\f1fc"}.fa-paint-roller:before{content:"\f5aa"}.fa-palette:before{content:"\f53f"}.fa-palfed:before{content:"\f3d8"}.fa-pallet:before{content:"\f482"}.fa-paper-plane:before{content:"\f1d8"}.fa-paperclip:before{content:"\f0c6"}.fa-parachute-box:before{content:"\f4cd"}.fa-paragraph:before{content:"\f1dd"}.fa-parking:before{content:"\f540"}.fa-passport:before{content:"\f5ab"}.fa-pastafarianism:before{content:"\f67b"}.fa-paste:before{content:"\f0ea"}.fa-patreon:before{content:"\f3d9"}.fa-pause:before{content:"\f04c"}.fa-pause-circle:before{content:"\f28b"}.fa-paw:before{content:"\f1b0"}.fa-paypal:before{content:"\f1ed"}.fa-peace:before{content:"\f67c"}.fa-pen:before{content:"\f304"}.fa-pen-alt:before{content:"\f305"}.fa-pen-fancy:before{content:"\f5ac"}.fa-pen-nib:before{content:"\f5ad"}.fa-pen-square:before{content:"\f14b"}.fa-pencil-alt:before{content:"\f303"}.fa-pencil-ruler:before{content:"\f5ae"}.fa-penny-arcade:before{content:"\f704"}.fa-people-carry:before{content:"\f4ce"}.fa-percent:before{content:"\f295"}.fa-percentage:before{content:"\f541"}.fa-periscope:before{content:"\f3da"}.fa-person-booth:before{content:"\f756"}.fa-phabricator:before{content:"\f3db"}.fa-phoenix-framework:before{content:"\f3dc"}.fa-phoenix-squadron:before{content:"\f511"}.fa-phone:before{content:"\f095"}.fa-phone-slash:before{content:"\f3dd"}.fa-phone-square:before{content:"\f098"}.fa-phone-volume:before{content:"\f2a0"}.fa-php:before{content:"\f457"}.fa-pied-piper:before{content:"\f2ae"}.fa-pied-piper-alt:before{content:"\f1a8"}.fa-pied-piper-hat:before{content:"\f4e5"}.fa-pied-piper-pp:before{content:"\f1a7"}.fa-piggy-bank:before{content:"\f4d3"}.fa-pills:before{content:"\f484"}.fa-pinterest:before{content:"\f0d2"}.fa-pinterest-p:before{content:"\f231"}.fa-pinterest-square:before{content:"\f0d3"}.fa-place-of-worship:before{content:"\f67f"}.fa-plane:before{content:"\f072"}.fa-plane-arrival:before{content:"\f5af"}.fa-plane-departure:before{content:"\f5b0"}.fa-play:before{content:"\f04b"}.fa-play-circle:before{content:"\f144"}.fa-playstation:before{content:"\f3df"}.fa-plug:before{content:"\f1e6"}.fa-plus:before{content:"\f067"}.fa-plus-circle:before{content:"\f055"}.fa-plus-square:before{content:"\f0fe"}.fa-podcast:before{content:"\f2ce"}.fa-poll:before{content:"\f681"}.fa-poll-h:before{content:"\f682"}.fa-poo:before{content:"\f2fe"}.fa-poo-storm:before{content:"\f75a"}.fa-poop:before{content:"\f619"}.fa-portrait:before{content:"\f3e0"}.fa-pound-sign:before{content:"\f154"}.fa-power-off:before{content:"\f011"}.fa-pray:before{content:"\f683"}.fa-praying-hands:before{content:"\f684"}.fa-prescription:before{content:"\f5b1"}.fa-prescription-bottle:before{content:"\f485"}.fa-prescription-bottle-alt:before{content:"\f486"}.fa-print:before{content:"\f02f"}.fa-procedures:before{content:"\f487"}.fa-product-hunt:before{content:"\f288"}.fa-project-diagram:before{content:"\f542"}.fa-pushed:before{content:"\f3e1"}.fa-puzzle-piece:before{content:"\f12e"}.fa-python:before{content:"\f3e2"}.fa-qq:before{content:"\f1d6"}.fa-qrcode:before{content:"\f029"}.fa-question:before{content:"\f128"}.fa-question-circle:before{content:"\f059"}.fa-quidditch:before{content:"\f458"}.fa-quinscape:before{content:"\f459"}.fa-quora:before{content:"\f2c4"}.fa-quote-left:before{content:"\f10d"}.fa-quote-right:before{content:"\f10e"}.fa-quran:before{content:"\f687"}.fa-r-project:before{content:"\f4f7"}.fa-radiation:before{content:"\f7b9"}.fa-radiation-alt:before{content:"\f7ba"}.fa-rainbow:before{content:"\f75b"}.fa-random:before{content:"\f074"}.fa-raspberry-pi:before{content:"\f7bb"}.fa-ravelry:before{content:"\f2d9"}.fa-react:before{content:"\f41b"}.fa-reacteurope:before{content:"\f75d"}.fa-readme:before{content:"\f4d5"}.fa-rebel:before{content:"\f1d0"}.fa-receipt:before{content:"\f543"}.fa-recycle:before{content:"\f1b8"}.fa-red-river:before{content:"\f3e3"}.fa-reddit:before{content:"\f1a1"}.fa-reddit-alien:before{content:"\f281"}.fa-reddit-square:before{content:"\f1a2"}.fa-redhat:before{content:"\f7bc"}.fa-redo:before{content:"\f01e"}.fa-redo-alt:before{content:"\f2f9"}.fa-registered:before{content:"\f25d"}.fa-renren:before{content:"\f18b"}.fa-reply:before{content:"\f3e5"}.fa-reply-all:before{content:"\f122"}.fa-replyd:before{content:"\f3e6"}.fa-republican:before{content:"\f75e"}.fa-researchgate:before{content:"\f4f8"}.fa-resolving:before{content:"\f3e7"}.fa-restroom:before{content:"\f7bd"}.fa-retweet:before{content:"\f079"}.fa-rev:before{content:"\f5b2"}.fa-ribbon:before{content:"\f4d6"}.fa-ring:before{content:"\f70b"}.fa-road:before{content:"\f018"}.fa-robot:before{content:"\f544"}.fa-rocket:before{content:"\f135"}.fa-rocketchat:before{content:"\f3e8"}.fa-rockrms:before{content:"\f3e9"}.fa-route:before{content:"\f4d7"}.fa-rss:before{content:"\f09e"}.fa-rss-square:before{content:"\f143"}.fa-ruble-sign:before{content:"\f158"}.fa-ruler:before{content:"\f545"}.fa-ruler-combined:before{content:"\f546"}.fa-ruler-horizontal:before{content:"\f547"}.fa-ruler-vertical:before{content:"\f548"}.fa-running:before{content:"\f70c"}.fa-rupee-sign:before{content:"\f156"}.fa-sad-cry:before{content:"\f5b3"}.fa-sad-tear:before{content:"\f5b4"}.fa-safari:before{content:"\f267"}.fa-sass:before{content:"\f41e"}.fa-satellite:before{content:"\f7bf"}.fa-satellite-dish:before{content:"\f7c0"}.fa-save:before{content:"\f0c7"}.fa-schlix:before{content:"\f3ea"}.fa-school:before{content:"\f549"}.fa-screwdriver:before{content:"\f54a"}.fa-scribd:before{content:"\f28a"}.fa-scroll:before{content:"\f70e"}.fa-sd-card:before{content:"\f7c2"}.fa-search:before{content:"\f002"}.fa-search-dollar:before{content:"\f688"}.fa-search-location:before{content:"\f689"}.fa-search-minus:before{content:"\f010"}.fa-search-plus:before{content:"\f00e"}.fa-searchengin:before{content:"\f3eb"}.fa-seedling:before{content:"\f4d8"}.fa-sellcast:before{content:"\f2da"}.fa-sellsy:before{content:"\f213"}.fa-server:before{content:"\f233"}.fa-servicestack:before{content:"\f3ec"}.fa-shapes:before{content:"\f61f"}.fa-share:before{content:"\f064"}.fa-share-alt:before{content:"\f1e0"}.fa-share-alt-square:before{content:"\f1e1"}.fa-share-square:before{content:"\f14d"}.fa-shekel-sign:before{content:"\f20b"}.fa-shield-alt:before{content:"\f3ed"}.fa-ship:before{content:"\f21a"}.fa-shipping-fast:before{content:"\f48b"}.fa-shirtsinbulk:before{content:"\f214"}.fa-shoe-prints:before{content:"\f54b"}.fa-shopping-bag:before{content:"\f290"}.fa-shopping-basket:before{content:"\f291"}.fa-shopping-cart:before{content:"\f07a"}.fa-shopware:before{content:"\f5b5"}.fa-shower:before{content:"\f2cc"}.fa-shuttle-van:before{content:"\f5b6"}.fa-sign:before{content:"\f4d9"}.fa-sign-in-alt:before{content:"\f2f6"}.fa-sign-language:before{content:"\f2a7"}.fa-sign-out-alt:before{content:"\f2f5"}.fa-signal:before{content:"\f012"}.fa-signature:before{content:"\f5b7"}.fa-sim-card:before{content:"\f7c4"}.fa-simplybuilt:before{content:"\f215"}.fa-sistrix:before{content:"\f3ee"}.fa-sitemap:before{content:"\f0e8"}.fa-sith:before{content:"\f512"}.fa-skating:before{content:"\f7c5"}.fa-sketch:before{content:"\f7c6"}.fa-skiing:before{content:"\f7c9"}.fa-skiing-nordic:before{content:"\f7ca"}.fa-skull:before{content:"\f54c"}.fa-skull-crossbones:before{content:"\f714"}.fa-skyatlas:before{content:"\f216"}.fa-skype:before{content:"\f17e"}.fa-slack:before{content:"\f198"}.fa-slack-hash:before{content:"\f3ef"}.fa-slash:before{content:"\f715"}.fa-sleigh:before{content:"\f7cc"}.fa-sliders-h:before{content:"\f1de"}.fa-slideshare:before{content:"\f1e7"}.fa-smile:before{content:"\f118"}.fa-smile-beam:before{content:"\f5b8"}.fa-smile-wink:before{content:"\f4da"}.fa-smog:before{content:"\f75f"}.fa-smoking:before{content:"\f48d"}.fa-smoking-ban:before{content:"\f54d"}.fa-sms:before{content:"\f7cd"}.fa-snapchat:before{content:"\f2ab"}.fa-snapchat-ghost:before{content:"\f2ac"}.fa-snapchat-square:before{content:"\f2ad"}.fa-snowboarding:before{content:"\f7ce"}.fa-snowflake:before{content:"\f2dc"}.fa-snowman:before{content:"\f7d0"}.fa-snowplow:before{content:"\f7d2"}.fa-socks:before{content:"\f696"}.fa-solar-panel:before{content:"\f5ba"}.fa-sort:before{content:"\f0dc"}.fa-sort-alpha-down:before{content:"\f15d"}.fa-sort-alpha-up:before{content:"\f15e"}.fa-sort-amount-down:before{content:"\f160"}.fa-sort-amount-up:before{content:"\f161"}.fa-sort-down:before{content:"\f0dd"}.fa-sort-numeric-down:before{content:"\f162"}.fa-sort-numeric-up:before{content:"\f163"}.fa-sort-up:before{content:"\f0de"}.fa-soundcloud:before{content:"\f1be"}.fa-sourcetree:before{content:"\f7d3"}.fa-spa:before{content:"\f5bb"}.fa-space-shuttle:before{content:"\f197"}.fa-speakap:before{content:"\f3f3"}.fa-spider:before{content:"\f717"}.fa-spinner:before{content:"\f110"}.fa-splotch:before{content:"\f5bc"}.fa-spotify:before{content:"\f1bc"}.fa-spray-can:before{content:"\f5bd"}.fa-square:before{content:"\f0c8"}.fa-square-full:before{content:"\f45c"}.fa-square-root-alt:before{content:"\f698"}.fa-squarespace:before{content:"\f5be"}.fa-stack-exchange:before{content:"\f18d"}.fa-stack-overflow:before{content:"\f16c"}.fa-stamp:before{content:"\f5bf"}.fa-star:before{content:"\f005"}.fa-star-and-crescent:before{content:"\f699"}.fa-star-half:before{content:"\f089"}.fa-star-half-alt:before{content:"\f5c0"}.fa-star-of-david:before{content:"\f69a"}.fa-star-of-life:before{content:"\f621"}.fa-staylinked:before{content:"\f3f5"}.fa-steam:before{content:"\f1b6"}.fa-steam-square:before{content:"\f1b7"}.fa-steam-symbol:before{content:"\f3f6"}.fa-step-backward:before{content:"\f048"}.fa-step-forward:before{content:"\f051"}.fa-stethoscope:before{content:"\f0f1"}.fa-sticker-mule:before{content:"\f3f7"}.fa-sticky-note:before{content:"\f249"}.fa-stop:before{content:"\f04d"}.fa-stop-circle:before{content:"\f28d"}.fa-stopwatch:before{content:"\f2f2"}.fa-store:before{content:"\f54e"}.fa-store-alt:before{content:"\f54f"}.fa-strava:before{content:"\f428"}.fa-stream:before{content:"\f550"}.fa-street-view:before{content:"\f21d"}.fa-strikethrough:before{content:"\f0cc"}.fa-stripe:before{content:"\f429"}.fa-stripe-s:before{content:"\f42a"}.fa-stroopwafel:before{content:"\f551"}.fa-studiovinari:before{content:"\f3f8"}.fa-stumbleupon:before{content:"\f1a4"}.fa-stumbleupon-circle:before{content:"\f1a3"}.fa-subscript:before{content:"\f12c"}.fa-subway:before{content:"\f239"}.fa-suitcase:before{content:"\f0f2"}.fa-suitcase-rolling:before{content:"\f5c1"}.fa-sun:before{content:"\f185"}.fa-superpowers:before{content:"\f2dd"}.fa-superscript:before{content:"\f12b"}.fa-supple:before{content:"\f3f9"}.fa-surprise:before{content:"\f5c2"}.fa-suse:before{content:"\f7d6"}.fa-swatchbook:before{content:"\f5c3"}.fa-swimmer:before{content:"\f5c4"}.fa-swimming-pool:before{content:"\f5c5"}.fa-synagogue:before{content:"\f69b"}.fa-sync:before{content:"\f021"}.fa-sync-alt:before{content:"\f2f1"}.fa-syringe:before{content:"\f48e"}.fa-table:before{content:"\f0ce"}.fa-table-tennis:before{content:"\f45d"}.fa-tablet:before{content:"\f10a"}.fa-tablet-alt:before{content:"\f3fa"}.fa-tablets:before{content:"\f490"}.fa-tachometer-alt:before{content:"\f3fd"}.fa-tag:before{content:"\f02b"}.fa-tags:before{content:"\f02c"}.fa-tape:before{content:"\f4db"}.fa-tasks:before{content:"\f0ae"}.fa-taxi:before{content:"\f1ba"}.fa-teamspeak:before{content:"\f4f9"}.fa-teeth:before{content:"\f62e"}.fa-teeth-open:before{content:"\f62f"}.fa-telegram:before{content:"\f2c6"}.fa-telegram-plane:before{content:"\f3fe"}.fa-temperature-high:before{content:"\f769"}.fa-temperature-low:before{content:"\f76b"}.fa-tencent-weibo:before{content:"\f1d5"}.fa-tenge:before{content:"\f7d7"}.fa-terminal:before{content:"\f120"}.fa-text-height:before{content:"\f034"}.fa-text-width:before{content:"\f035"}.fa-th:before{content:"\f00a"}.fa-th-large:before{content:"\f009"}.fa-th-list:before{content:"\f00b"}.fa-the-red-yeti:before{content:"\f69d"}.fa-theater-masks:before{content:"\f630"}.fa-themeco:before{content:"\f5c6"}.fa-themeisle:before{content:"\f2b2"}.fa-thermometer:before{content:"\f491"}.fa-thermometer-empty:before{content:"\f2cb"}.fa-thermometer-full:before{content:"\f2c7"}.fa-thermometer-half:before{content:"\f2c9"}.fa-thermometer-quarter:before{content:"\f2ca"}.fa-thermometer-three-quarters:before{content:"\f2c8"}.fa-think-peaks:before{content:"\f731"}.fa-thumbs-down:before{content:"\f165"}.fa-thumbs-up:before{content:"\f164"}.fa-thumbtack:before{content:"\f08d"}.fa-ticket-alt:before{content:"\f3ff"}.fa-times:before{content:"\f00d"}.fa-times-circle:before{content:"\f057"}.fa-tint:before{content:"\f043"}.fa-tint-slash:before{content:"\f5c7"}.fa-tired:before{content:"\f5c8"}.fa-toggle-off:before{content:"\f204"}.fa-toggle-on:before{content:"\f205"}.fa-toilet:before{content:"\f7d8"}.fa-toilet-paper:before{content:"\f71e"}.fa-toolbox:before{content:"\f552"}.fa-tools:before{content:"\f7d9"}.fa-tooth:before{content:"\f5c9"}.fa-torah:before{content:"\f6a0"}.fa-torii-gate:before{content:"\f6a1"}.fa-tractor:before{content:"\f722"}.fa-trade-federation:before{content:"\f513"}.fa-trademark:before{content:"\f25c"}.fa-traffic-light:before{content:"\f637"}.fa-train:before{content:"\f238"}.fa-tram:before{content:"\f7da"}.fa-transgender:before{content:"\f224"}.fa-transgender-alt:before{content:"\f225"}.fa-trash:before{content:"\f1f8"}.fa-trash-alt:before{content:"\f2ed"}.fa-tree:before{content:"\f1bb"}.fa-trello:before{content:"\f181"}.fa-tripadvisor:before{content:"\f262"}.fa-trophy:before{content:"\f091"}.fa-truck:before{content:"\f0d1"}.fa-truck-loading:before{content:"\f4de"}.fa-truck-monster:before{content:"\f63b"}.fa-truck-moving:before{content:"\f4df"}.fa-truck-pickup:before{content:"\f63c"}.fa-tshirt:before{content:"\f553"}.fa-tty:before{content:"\f1e4"}.fa-tumblr:before{content:"\f173"}.fa-tumblr-square:before{content:"\f174"}.fa-tv:before{content:"\f26c"}.fa-twitch:before{content:"\f1e8"}.fa-twitter:before{content:"\f099"}.fa-twitter-square:before{content:"\f081"}.fa-typo3:before{content:"\f42b"}.fa-uber:before{content:"\f402"}.fa-ubuntu:before{content:"\f7df"}.fa-uikit:before{content:"\f403"}.fa-umbrella:before{content:"\f0e9"}.fa-umbrella-beach:before{content:"\f5ca"}.fa-underline:before{content:"\f0cd"}.fa-undo:before{content:"\f0e2"}.fa-undo-alt:before{content:"\f2ea"}.fa-uniregistry:before{content:"\f404"}.fa-universal-access:before{content:"\f29a"}.fa-university:before{content:"\f19c"}.fa-unlink:before{content:"\f127"}.fa-unlock:before{content:"\f09c"}.fa-unlock-alt:before{content:"\f13e"}.fa-untappd:before{content:"\f405"}.fa-upload:before{content:"\f093"}.fa-ups:before{content:"\f7e0"}.fa-usb:before{content:"\f287"}.fa-user:before{content:"\f007"}.fa-user-alt:before{content:"\f406"}.fa-user-alt-slash:before{content:"\f4fa"}.fa-user-astronaut:before{content:"\f4fb"}.fa-user-check:before{content:"\f4fc"}.fa-user-circle:before{content:"\f2bd"}.fa-user-clock:before{content:"\f4fd"}.fa-user-cog:before{content:"\f4fe"}.fa-user-edit:before{content:"\f4ff"}.fa-user-friends:before{content:"\f500"}.fa-user-graduate:before{content:"\f501"}.fa-user-injured:before{content:"\f728"}.fa-user-lock:before{content:"\f502"}.fa-user-md:before{content:"\f0f0"}.fa-user-minus:before{content:"\f503"}.fa-user-ninja:before{content:"\f504"}.fa-user-plus:before{content:"\f234"}.fa-user-secret:before{content:"\f21b"}.fa-user-shield:before{content:"\f505"}.fa-user-slash:before{content:"\f506"}.fa-user-tag:before{content:"\f507"}.fa-user-tie:before{content:"\f508"}.fa-user-times:before{content:"\f235"}.fa-users:before{content:"\f0c0"}.fa-users-cog:before{content:"\f509"}.fa-usps:before{content:"\f7e1"}.fa-ussunnah:before{content:"\f407"}.fa-utensil-spoon:before{content:"\f2e5"}.fa-utensils:before{content:"\f2e7"}.fa-vaadin:before{content:"\f408"}.fa-vector-square:before{content:"\f5cb"}.fa-venus:before{content:"\f221"}.fa-venus-double:before{content:"\f226"}.fa-venus-mars:before{content:"\f228"}.fa-viacoin:before{content:"\f237"}.fa-viadeo:before{content:"\f2a9"}.fa-viadeo-square:before{content:"\f2aa"}.fa-vial:before{content:"\f492"}.fa-vials:before{content:"\f493"}.fa-viber:before{content:"\f409"}.fa-video:before{content:"\f03d"}.fa-video-slash:before{content:"\f4e2"}.fa-vihara:before{content:"\f6a7"}.fa-vimeo:before{content:"\f40a"}.fa-vimeo-square:before{content:"\f194"}.fa-vimeo-v:before{content:"\f27d"}.fa-vine:before{content:"\f1ca"}.fa-vk:before{content:"\f189"}.fa-vnv:before{content:"\f40b"}.fa-volleyball-ball:before{content:"\f45f"}.fa-volume-down:before{content:"\f027"}.fa-volume-mute:before{content:"\f6a9"}.fa-volume-off:before{content:"\f026"}.fa-volume-up:before{content:"\f028"}.fa-vote-yea:before{content:"\f772"}.fa-vr-cardboard:before{content:"\f729"}.fa-vuejs:before{content:"\f41f"}.fa-walking:before{content:"\f554"}.fa-wallet:before{content:"\f555"}.fa-warehouse:before{content:"\f494"}.fa-water:before{content:"\f773"}.fa-weebly:before{content:"\f5cc"}.fa-weibo:before{content:"\f18a"}.fa-weight:before{content:"\f496"}.fa-weight-hanging:before{content:"\f5cd"}.fa-weixin:before{content:"\f1d7"}.fa-whatsapp:before{content:"\f232"}.fa-whatsapp-square:before{content:"\f40c"}.fa-wheelchair:before{content:"\f193"}.fa-whmcs:before{content:"\f40d"}.fa-wifi:before{content:"\f1eb"}.fa-wikipedia-w:before{content:"\f266"}.fa-wind:before{content:"\f72e"}.fa-window-close:before{content:"\f410"}.fa-window-maximize:before{content:"\f2d0"}.fa-window-minimize:before{content:"\f2d1"}.fa-window-restore:before{content:"\f2d2"}.fa-windows:before{content:"\f17a"}.fa-wine-bottle:before{content:"\f72f"}.fa-wine-glass:before{content:"\f4e3"}.fa-wine-glass-alt:before{content:"\f5ce"}.fa-wix:before{content:"\f5cf"}.fa-wizards-of-the-coast:before{content:"\f730"}.fa-wolf-pack-battalion:before{content:"\f514"}.fa-won-sign:before{content:"\f159"}.fa-wordpress:before{content:"\f19a"}.fa-wordpress-simple:before{content:"\f411"}.fa-wpbeginner:before{content:"\f297"}.fa-wpexplorer:before{content:"\f2de"}.fa-wpforms:before{content:"\f298"}.fa-wpressr:before{content:"\f3e4"}.fa-wrench:before{content:"\f0ad"}.fa-x-ray:before{content:"\f497"}.fa-xbox:before{content:"\f412"}.fa-xing:before{content:"\f168"}.fa-xing-square:before{content:"\f169"}.fa-y-combinator:before{content:"\f23b"}.fa-yahoo:before{content:"\f19e"}.fa-yandex:before{content:"\f413"}.fa-yandex-international:before{content:"\f414"}.fa-yarn:before{content:"\f7e3"}.fa-yelp:before{content:"\f1e9"}.fa-yen-sign:before{content:"\f157"}.fa-yin-yang:before{content:"\f6ad"}.fa-yoast:before{content:"\f2b1"}.fa-youtube:before{content:"\f167"}.fa-youtube-square:before{content:"\f431"}.fa-zhihu:before{content:"\f63f"}.sr-only{border:0;clip:rect(0,0,0,0);height:1px;margin:-1px;overflow:hidden;padding:0;position:absolute;width:1px}.sr-only-focusable:active,.sr-only-focusable:focus{clip:auto;height:auto;margin:0;overflow:visible;position:static;width:auto}@font-face{font-family:"Font Awesome 5 Brands";font-style:normal;font-weight:normal;src:url(../webfonts/fa-brands-400.eot);src:url(../webfonts/fa-brands-400.eot?#iefix) format("embedded-opentype"),url(../webfonts/fa-brands-400.woff2) format("woff2"),url(../webfonts/fa-brands-400.woff) format("woff"),url(../webfonts/fa-brands-400.ttf) format("truetype"),url(../webfonts/fa-brands-400.svg#fontawesome) format("svg")}.fab{font-family:"Font Awesome 5 Brands"}@font-face{font-family:"Font Awesome 5 Free";font-style:normal;font-weight:400;src:url(../webfonts/fa-regular-400.eot);src:url(../webfonts/fa-regular-400.eot?#iefix) format("embedded-opentype"),url(../webfonts/fa-regular-400.woff2) format("woff2"),url(../webfonts/fa-regular-400.woff) format("woff"),url(../webfonts/fa-regular-400.ttf) format("truetype"),url(../webfonts/fa-regular-400.svg#fontawesome) format("svg")}.far{font-weight:400}@font-face{font-family:"Font Awesome 5 Free";font-style:normal;font-weight:900;src:url(../webfonts/fa-solid-900.eot);src:url(../webfonts/fa-solid-900.eot?#iefix) format("embedded-opentype"),url(../webfonts/fa-solid-900.woff2) format("woff2"),url(../webfonts/fa-solid-900.woff) format("woff"),url(../webfonts/fa-solid-900.ttf) format("truetype"),url(../webfonts/fa-solid-900.svg#fontawesome) format("svg")}.fa,.far,.fas{font-family:"Font Awesome 5 Free"}.fa,.fas{font-weight:900} \ No newline at end of file diff --git a/css/hugo-theme.css b/css/hugo-theme.css new file mode 100644 index 0000000000..9bd8a1e4e7 --- /dev/null +++ b/css/hugo-theme.css @@ -0,0 +1,245 @@ +/* Insert here special css for hugo theme, on top of any other imported css */ + + +/* Table of contents */ + +.progress ul { + list-style: none; + margin: 0; + padding: 0 15px; +} + +#TableOfContents { + font-size: 13px !important; + max-height: 85vh; + overflow: auto; + padding: 15px 5px !important; +} + +#TableOfContents > ul > li > a { + font-weight: bold; +} + +body { + font-size: 16px !important; + color: #323232 !important; +} + +#body a.highlight, #body a.highlight:hover, #body a.highlight:focus { + text-decoration: none; + outline: none; + outline: 0; +} +#body a.highlight { + line-height: 1.1; + display: inline-block; +} +#body a.highlight:after { + display: block; + content: ""; + height: 1px; + width: 0%; + background-color: #0082a7; /*#CE3B2F*/ + -webkit-transition: width 0.5s ease; + -moz-transition: width 0.5s ease; + -ms-transition: width 0.5s ease; + transition: width 0.5s ease; +} +#body a.highlight:hover:after, #body a.highlight:focus:after { + width: 100%; +} +.progress { + position:absolute; + background-color: rgba(246, 246, 246, 0.97); + width: auto; + border: thin solid #ECECEC; + display:none; + z-index:200; +} + +#toc-menu { + border-right: thin solid #DAD8D8 !important; + padding-right: 1rem !important; + margin-right: 0.5rem !important; +} + +#sidebar-toggle-span { + border-right: thin solid #DAD8D8 !important; + padding-right: 0.5rem !important; + margin-right: 1rem !important; +} + +.btn { + display: inline-block !important; + padding: 6px 12px !important; + margin-bottom: 0 !important; + font-size: 14px !important; + font-weight: normal !important; + line-height: 1.42857143 !important; + text-align: center !important; + white-space: nowrap !important; + vertical-align: middle !important; + -ms-touch-action: manipulation !important; + touch-action: manipulation !important; + cursor: pointer !important; + -webkit-user-select: none !important; + -moz-user-select: none !important; + -ms-user-select: none !important; + user-select: none !important; + background-image: none !important; + border: 1px solid transparent !important; + border-radius: 4px !important; + -webkit-transition: all 0.15s !important; + -moz-transition: all 0.15s !important; + transition: all 0.15s !important; +} +.btn:focus { + /*outline: thin dotted; + outline: 5px auto -webkit-focus-ring-color; + outline-offset: -2px;*/ + outline: none !important; +} +.btn:hover, +.btn:focus { + color: #2b2b2b !important; + text-decoration: none !important; +} + +.btn-default { + color: #333 !important; + background-color: #fff !important; + border-color: #ccc !important; +} +.btn-default:hover, +.btn-default:focus, +.btn-default:active { + color: #fff !important; + background-color: #9e9e9e !important; + border-color: #9e9e9e !important; +} +.btn-default:active { + background-image: none !important; +} + +/* anchors */ +.anchor { + color: #00bdf3; + font-size: 0.5em; + cursor:pointer; + visibility:hidden; + margin-left: 0.5em; + position: absolute; + margin-top:0.1em; +} + +h2:hover .anchor, h3:hover .anchor, h4:hover .anchor, h5:hover .anchor, h6:hover .anchor { + visibility:visible; +} + +/* Redfines headers style */ + +h2, h3, h4, h5, h6 { + font-weight: 400; + line-height: 1.1; +} + +h1 a, h2 a, h3 a, h4 a, h5 a, h6 a { + font-weight: inherit; +} + +h2 { + font-size: 2.5rem; + line-height: 110% !important; + margin: 2.5rem 0 1.5rem 0; +} + +h3 { + font-size: 2rem; + line-height: 110% !important; + margin: 2rem 0 1rem 0; +} + +h4 { + font-size: 1.5rem; + line-height: 110% !important; + margin: 1.5rem 0 0.75rem 0; +} + +h5 { + font-size: 1rem; + line-height: 110% !important; + margin: 1rem 0 0.2rem 0; +} + +h6 { + font-size: 0.5rem; + line-height: 110% !important; + margin: 0.5rem 0 0.2rem 0; +} + +p { + margin: 1rem 0; +} + +figcaption h4 { + font-weight: 300 !important; + opacity: .85; + font-size: 1em; + text-align: center; + margin-top: -1.5em; +} + +.select-style { + border: 0; + width: 22%; + border-radius: 0.6em; + padding: 0px 6px; + overflow: hidden; + display: inline-flex; + background-color: rgba(0, 0, 0, 0.1); + color: white; +} + +.select-style svg { + fill: #ccc; + width: 14px; + height: 14px; + pointer-events: none; + margin: auto; +} + +.select-style svg:hover { + fill: #e6e6e6; +} + +.select-style select { + padding: 0; + width: 130%; + color: white; + border: none; + box-shadow: none; + background: transparent; + background-image: none; + -webkit-appearance: none; + margin: auto; + margin-left: 0.2em; + margin-right: -27px +} + +.select-style select:focus { + outline: none; +} + +.select-style :hover { + cursor: pointer; +} + +@media only all and (max-width: 47.938em) { + #breadcrumbs .links, #top-github-link-text { + display: none; + } +} + +.is-sticky #top-bar { + box-shadow: -1px 2px 5px 1px rgba(0, 0, 0, 0.1); +} \ No newline at end of file diff --git a/css/hybrid.css b/css/hybrid.css new file mode 100644 index 0000000000..29735a1890 --- /dev/null +++ b/css/hybrid.css @@ -0,0 +1,102 @@ +/* + +vim-hybrid theme by w0ng (https://github.com/w0ng/vim-hybrid) + +*/ + +/*background color*/ +.hljs { + display: block; + overflow-x: auto; + padding: 0.5em; + background: #1d1f21; +} + +/*selection color*/ +.hljs::selection, +.hljs span::selection { + background: #373b41; +} + +.hljs::-moz-selection, +.hljs span::-moz-selection { + background: #373b41; +} + +/*foreground color*/ +.hljs { + color: #c5c8c6; +} + +/*color: fg_yellow*/ +.hljs-title, +.hljs-name { + color: #f0c674; +} + +/*color: fg_comment*/ +.hljs-comment, +.hljs-meta, +.hljs-meta .hljs-keyword { + color: #707880; +} + +/*color: fg_red*/ +.hljs-number, +.hljs-symbol, +.hljs-literal, +.hljs-deletion, +.hljs-link { + color: #cc6666 +} + +/*color: fg_green*/ +.hljs-string, +.hljs-doctag, +.hljs-addition, +.hljs-regexp, +.hljs-selector-attr, +.hljs-selector-pseudo { + color: #b5bd68; +} + +/*color: fg_purple*/ +.hljs-attribute, +.hljs-code, +.hljs-selector-id { + color: #b294bb; +} + +/*color: fg_blue*/ +.hljs-keyword, +.hljs-selector-tag, +.hljs-bullet, +.hljs-tag { + color: #81a2be; +} + +/*color: fg_aqua*/ +.hljs-subst, +.hljs-variable, +.hljs-template-tag, +.hljs-template-variable { + color: #8abeb7; +} + +/*color: fg_orange*/ +.hljs-type, +.hljs-built_in, +.hljs-builtin-name, +.hljs-quote, +.hljs-section, +.hljs-selector-class { + color: #de935f; +} + +.hljs-emphasis { + font-style: italic; +} + +.hljs-strong { + font-weight: bold; +} diff --git a/css/nucleus.css b/css/nucleus.css new file mode 100644 index 0000000000..1897fc5d6d --- /dev/null +++ b/css/nucleus.css @@ -0,0 +1,615 @@ +*, *::before, *::after { + -webkit-box-sizing: border-box; + -moz-box-sizing: border-box; + box-sizing: border-box; } + +@-webkit-viewport { + width: device-width; } +@-moz-viewport { + width: device-width; } +@-ms-viewport { + width: device-width; } +@-o-viewport { + width: device-width; } +@viewport { + width: device-width; } +html { + font-size: 100%; + -ms-text-size-adjust: 100%; + -webkit-text-size-adjust: 100%; } + +body { + margin: 0; } + +article, +aside, +details, +figcaption, +figure, +footer, +header, +hgroup, +main, +nav, +section, +summary { + display: block; } + +audio, +canvas, +progress, +video { + display: inline-block; + vertical-align: baseline; } + +audio:not([controls]) { + display: none; + height: 0; } + +[hidden], +template { + display: none; } + +a { + background: transparent; + text-decoration: none; } + +a:active, +a:hover { + outline: 0; } + +abbr[title] { + border-bottom: 1px dotted; } + +b, +strong { + font-weight: bold; } + +dfn { + font-style: italic; } + +mark { + background: #FFFF27; + color: #333; } + +sub, +sup { + font-size: 0.8rem; + line-height: 0; + position: relative; + vertical-align: baseline; } + +sup { + top: -0.5em; } + +sub { + bottom: -0.25em; } + +img { + border: 0; + max-width: 100%; } + +svg:not(:root) { + overflow: hidden; } + +figure { + margin: 1em 40px; } + +hr { + height: 0; } + +pre { + overflow: auto; } + +button, +input, +optgroup, +select, +textarea { + color: inherit; + font: inherit; + margin: 0; } + +button { + overflow: visible; } + +button, +select { + text-transform: none; } + +button, +html input[type="button"], +input[type="reset"], +input[type="submit"] { + -webkit-appearance: button; + cursor: pointer; } + +button[disabled], +html input[disabled] { + cursor: default; } + +button::-moz-focus-inner, +input::-moz-focus-inner { + border: 0; + padding: 0; } + +input { + line-height: normal; } + +input[type="checkbox"], +input[type="radio"] { + padding: 0; } + +input[type="number"]::-webkit-inner-spin-button, +input[type="number"]::-webkit-outer-spin-button { + height: auto; } + +input[type="search"] { + -webkit-appearance: textfield; } + +input[type="search"]::-webkit-search-cancel-button, +input[type="search"]::-webkit-search-decoration { + -webkit-appearance: none; } + +legend { + border: 0; + padding: 0; } + +textarea { + overflow: auto; } + +optgroup { + font-weight: bold; } + +table { + border-collapse: collapse; + border-spacing: 0; + table-layout: fixed; + width: 100%; } + +tr, td, th { + vertical-align: middle; } + +th, td { + padding: 0.425rem 0; } + +th { + text-align: left; } + +.container { + width: 75em; + margin: 0 auto; + padding: 0; } + @media only all and (min-width: 60em) and (max-width: 74.938em) { + .container { + width: 60em; } } + @media only all and (min-width: 48em) and (max-width: 59.938em) { + .container { + width: 48em; } } + @media only all and (min-width: 30.063em) and (max-width: 47.938em) { + .container { + width: 30em; } } + @media only all and (max-width: 30em) { + .container { + width: 100%; } } + +.grid { + display: -webkit-box; + display: -moz-box; + display: box; + display: -webkit-flex; + display: -moz-flex; + display: -ms-flexbox; + display: flex; + -webkit-flex-flow: row; + -moz-flex-flow: row; + flex-flow: row; + list-style: none; + margin: 0; + padding: 0; } + @media only all and (max-width: 47.938em) { + .grid { + -webkit-flex-flow: row wrap; + -moz-flex-flow: row wrap; + flex-flow: row wrap; } } + +.block { + -webkit-box-flex: 1; + -moz-box-flex: 1; + box-flex: 1; + -webkit-flex: 1; + -moz-flex: 1; + -ms-flex: 1; + flex: 1; + min-width: 0; + min-height: 0; } + @media only all and (max-width: 47.938em) { + .block { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 100%; + -moz-flex: 0 100%; + -ms-flex: 0 100%; + flex: 0 100%; } } + +.content { + margin: 0.625rem; + padding: 0.938rem; } + +@media only all and (max-width: 47.938em) { + body [class*="size-"] { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 100%; + -moz-flex: 0 100%; + -ms-flex: 0 100%; + flex: 0 100%; } } + +.size-1-2 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 50%; + -moz-flex: 0 50%; + -ms-flex: 0 50%; + flex: 0 50%; } + +.size-1-3 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 33.33333%; + -moz-flex: 0 33.33333%; + -ms-flex: 0 33.33333%; + flex: 0 33.33333%; } + +.size-1-4 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 25%; + -moz-flex: 0 25%; + -ms-flex: 0 25%; + flex: 0 25%; } + +.size-1-5 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 20%; + -moz-flex: 0 20%; + -ms-flex: 0 20%; + flex: 0 20%; } + +.size-1-6 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 16.66667%; + -moz-flex: 0 16.66667%; + -ms-flex: 0 16.66667%; + flex: 0 16.66667%; } + +.size-1-7 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 14.28571%; + -moz-flex: 0 14.28571%; + -ms-flex: 0 14.28571%; + flex: 0 14.28571%; } + +.size-1-8 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 12.5%; + -moz-flex: 0 12.5%; + -ms-flex: 0 12.5%; + flex: 0 12.5%; } + +.size-1-9 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 11.11111%; + -moz-flex: 0 11.11111%; + -ms-flex: 0 11.11111%; + flex: 0 11.11111%; } + +.size-1-10 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 10%; + -moz-flex: 0 10%; + -ms-flex: 0 10%; + flex: 0 10%; } + +.size-1-11 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 9.09091%; + -moz-flex: 0 9.09091%; + -ms-flex: 0 9.09091%; + flex: 0 9.09091%; } + +.size-1-12 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 8.33333%; + -moz-flex: 0 8.33333%; + -ms-flex: 0 8.33333%; + flex: 0 8.33333%; } + +@media only all and (min-width: 48em) and (max-width: 59.938em) { + .size-tablet-1-2 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 50%; + -moz-flex: 0 50%; + -ms-flex: 0 50%; + flex: 0 50%; } + + .size-tablet-1-3 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 33.33333%; + -moz-flex: 0 33.33333%; + -ms-flex: 0 33.33333%; + flex: 0 33.33333%; } + + .size-tablet-1-4 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 25%; + -moz-flex: 0 25%; + -ms-flex: 0 25%; + flex: 0 25%; } + + .size-tablet-1-5 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 20%; + -moz-flex: 0 20%; + -ms-flex: 0 20%; + flex: 0 20%; } + + .size-tablet-1-6 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 16.66667%; + -moz-flex: 0 16.66667%; + -ms-flex: 0 16.66667%; + flex: 0 16.66667%; } + + .size-tablet-1-7 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 14.28571%; + -moz-flex: 0 14.28571%; + -ms-flex: 0 14.28571%; + flex: 0 14.28571%; } + + .size-tablet-1-8 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 12.5%; + -moz-flex: 0 12.5%; + -ms-flex: 0 12.5%; + flex: 0 12.5%; } + + .size-tablet-1-9 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 11.11111%; + -moz-flex: 0 11.11111%; + -ms-flex: 0 11.11111%; + flex: 0 11.11111%; } + + .size-tablet-1-10 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 10%; + -moz-flex: 0 10%; + -ms-flex: 0 10%; + flex: 0 10%; } + + .size-tablet-1-11 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 9.09091%; + -moz-flex: 0 9.09091%; + -ms-flex: 0 9.09091%; + flex: 0 9.09091%; } + + .size-tablet-1-12 { + -webkit-box-flex: 0; + -moz-box-flex: 0; + box-flex: 0; + -webkit-flex: 0 8.33333%; + -moz-flex: 0 8.33333%; + -ms-flex: 0 8.33333%; + flex: 0 8.33333%; } } +@media only all and (max-width: 47.938em) { + @supports not (flex-wrap: wrap) { + .grid { + display: block; + -webkit-box-lines: inherit; + -moz-box-lines: inherit; + box-lines: inherit; + -webkit-flex-wrap: inherit; + -moz-flex-wrap: inherit; + -ms-flex-wrap: inherit; + flex-wrap: inherit; } + + .block { + display: block; + -webkit-box-flex: inherit; + -moz-box-flex: inherit; + box-flex: inherit; + -webkit-flex: inherit; + -moz-flex: inherit; + -ms-flex: inherit; + flex: inherit; } } } +.first-block { + -webkit-box-ordinal-group: 0; + -webkit-order: -1; + -ms-flex-order: -1; + order: -1; } + +.last-block { + -webkit-box-ordinal-group: 2; + -webkit-order: 1; + -ms-flex-order: 1; + order: 1; } + +.fixed-blocks { + -webkit-flex-flow: row wrap; + -moz-flex-flow: row wrap; + flex-flow: row wrap; } + .fixed-blocks .block { + -webkit-box-flex: inherit; + -moz-box-flex: inherit; + box-flex: inherit; + -webkit-flex: inherit; + -moz-flex: inherit; + -ms-flex: inherit; + flex: inherit; + width: 25%; } + @media only all and (min-width: 60em) and (max-width: 74.938em) { + .fixed-blocks .block { + width: 33.33333%; } } + @media only all and (min-width: 48em) and (max-width: 59.938em) { + .fixed-blocks .block { + width: 50%; } } + @media only all and (max-width: 47.938em) { + .fixed-blocks .block { + width: 100%; } } + +body { + font-size: 1.05rem; + line-height: 1.7; } + +h1, h2, h3, h4, h5, h6 { + margin: 0.85rem 0 1.7rem 0; + text-rendering: optimizeLegibility; } + +h1 { + font-size: 3.25rem; } + +h2 { + font-size: 2.55rem; } + +h3 { + font-size: 2.15rem; } + +h4 { + font-size: 1.8rem; } + +h5 { + font-size: 1.4rem; } + +h6 { + font-size: 0.9rem; } + +p { + margin: 1.7rem 0; } + +ul, ol { + margin-top: 1.7rem; + margin-bottom: 1.7rem; } + ul ul, ul ol, ol ul, ol ol { + margin-top: 0; + margin-bottom: 0; } + +blockquote { + margin: 1.7rem 0; + padding-left: 0.85rem; } + +cite { + display: block; + font-size: 0.925rem; } + cite:before { + content: "\2014 \0020"; } + +pre { + margin: 1.7rem 0; + padding: 0.938rem; } + +code { + vertical-align: bottom; } + +small { + font-size: 0.925rem; } + +hr { + border-left: none; + border-right: none; + border-top: none; + margin: 1.7rem 0; } + +fieldset { + border: 0; + padding: 0.938rem; + margin: 0 0 1.7rem 0; } + +input, +label, +select { + display: block; } + +label { + margin-bottom: 0.425rem; } + label.required:after { + content: "*"; } + label abbr { + display: none; } + +textarea, input[type="email"], input[type="number"], input[type="password"], input[type="search"], input[type="tel"], input[type="text"], input[type="url"], input[type="color"], input[type="date"], input[type="datetime"], input[type="datetime-local"], input[type="month"], input[type="time"], input[type="week"], select[multiple=multiple] { + -webkit-transition: border-color; + -moz-transition: border-color; + transition: border-color; + border-radius: 0.1875rem; + margin-bottom: 0.85rem; + padding: 0.425rem 0.425rem; + width: 100%; } + textarea:focus, input[type="email"]:focus, input[type="number"]:focus, input[type="password"]:focus, input[type="search"]:focus, input[type="tel"]:focus, input[type="text"]:focus, input[type="url"]:focus, input[type="color"]:focus, input[type="date"]:focus, input[type="datetime"]:focus, input[type="datetime-local"]:focus, input[type="month"]:focus, input[type="time"]:focus, input[type="week"]:focus, select[multiple=multiple]:focus { + outline: none; } + +textarea { + resize: vertical; } + +input[type="checkbox"], input[type="radio"] { + display: inline; + margin-right: 0.425rem; } + +input[type="file"] { + width: 100%; } + +select { + width: auto; + max-width: 100%; + margin-bottom: 1.7rem; } + +button, +input[type="submit"] { + cursor: pointer; + user-select: none; + vertical-align: middle; + white-space: nowrap; + border: inherit; } diff --git a/css/perfect-scrollbar.min.css b/css/perfect-scrollbar.min.css new file mode 100644 index 0000000000..ebd2cb43bc --- /dev/null +++ b/css/perfect-scrollbar.min.css @@ -0,0 +1,2 @@ +/* perfect-scrollbar v0.6.13 */ +.ps-container{-ms-touch-action:auto;touch-action:auto;overflow:hidden !important;-ms-overflow-style:none}@supports (-ms-overflow-style: none){.ps-container{overflow:auto !important}}@media screen and (-ms-high-contrast: active), (-ms-high-contrast: none){.ps-container{overflow:auto !important}}.ps-container.ps-active-x>.ps-scrollbar-x-rail,.ps-container.ps-active-y>.ps-scrollbar-y-rail{display:block;background-color:transparent}.ps-container.ps-in-scrolling.ps-x>.ps-scrollbar-x-rail{background-color:#eee;opacity:.9}.ps-container.ps-in-scrolling.ps-x>.ps-scrollbar-x-rail>.ps-scrollbar-x{background-color:#999;height:11px}.ps-container.ps-in-scrolling.ps-y>.ps-scrollbar-y-rail{background-color:#eee;opacity:.9}.ps-container.ps-in-scrolling.ps-y>.ps-scrollbar-y-rail>.ps-scrollbar-y{background-color:#999;width:11px}.ps-container>.ps-scrollbar-x-rail{display:none;position:absolute;opacity:0;-webkit-transition:background-color .2s linear, opacity .2s linear;-o-transition:background-color .2s linear, opacity .2s linear;-moz-transition:background-color .2s linear, opacity .2s linear;transition:background-color .2s linear, opacity .2s linear;bottom:0px;height:15px}.ps-container>.ps-scrollbar-x-rail>.ps-scrollbar-x{position:absolute;background-color:#aaa;-webkit-border-radius:6px;-moz-border-radius:6px;border-radius:6px;-webkit-transition:background-color .2s linear, height .2s linear, width .2s ease-in-out, -webkit-border-radius .2s ease-in-out;transition:background-color .2s linear, height .2s linear, width .2s ease-in-out, -webkit-border-radius .2s ease-in-out;-o-transition:background-color .2s linear, height .2s linear, width .2s ease-in-out, border-radius .2s ease-in-out;-moz-transition:background-color .2s linear, height .2s linear, width .2s ease-in-out, border-radius .2s ease-in-out, -moz-border-radius .2s ease-in-out;transition:background-color .2s linear, height .2s linear, width .2s ease-in-out, border-radius .2s ease-in-out;transition:background-color .2s linear, height .2s linear, width .2s ease-in-out, border-radius .2s ease-in-out, -webkit-border-radius .2s ease-in-out, -moz-border-radius .2s ease-in-out;bottom:2px;height:6px}.ps-container>.ps-scrollbar-x-rail:hover>.ps-scrollbar-x,.ps-container>.ps-scrollbar-x-rail:active>.ps-scrollbar-x{height:11px}.ps-container>.ps-scrollbar-y-rail{display:none;position:absolute;opacity:0;-webkit-transition:background-color .2s linear, opacity .2s linear;-o-transition:background-color .2s linear, opacity .2s linear;-moz-transition:background-color .2s linear, opacity .2s linear;transition:background-color .2s linear, opacity .2s linear;right:0;width:15px}.ps-container>.ps-scrollbar-y-rail>.ps-scrollbar-y{position:absolute;background-color:#aaa;-webkit-border-radius:6px;-moz-border-radius:6px;border-radius:6px;-webkit-transition:background-color .2s linear, height .2s linear, width .2s ease-in-out, -webkit-border-radius .2s ease-in-out;transition:background-color .2s linear, height .2s linear, width .2s ease-in-out, -webkit-border-radius .2s ease-in-out;-o-transition:background-color .2s linear, height .2s linear, width .2s ease-in-out, border-radius .2s ease-in-out;-moz-transition:background-color .2s linear, height .2s linear, width .2s ease-in-out, border-radius .2s ease-in-out, -moz-border-radius .2s ease-in-out;transition:background-color .2s linear, height .2s linear, width .2s ease-in-out, border-radius .2s ease-in-out;transition:background-color .2s linear, height .2s linear, width .2s ease-in-out, border-radius .2s ease-in-out, -webkit-border-radius .2s ease-in-out, -moz-border-radius .2s ease-in-out;right:2px;width:6px}.ps-container>.ps-scrollbar-y-rail:hover>.ps-scrollbar-y,.ps-container>.ps-scrollbar-y-rail:active>.ps-scrollbar-y{width:11px}.ps-container:hover.ps-in-scrolling.ps-x>.ps-scrollbar-x-rail{background-color:#eee;opacity:.9}.ps-container:hover.ps-in-scrolling.ps-x>.ps-scrollbar-x-rail>.ps-scrollbar-x{background-color:#999;height:11px}.ps-container:hover.ps-in-scrolling.ps-y>.ps-scrollbar-y-rail{background-color:#eee;opacity:.9}.ps-container:hover.ps-in-scrolling.ps-y>.ps-scrollbar-y-rail>.ps-scrollbar-y{background-color:#999;width:11px}.ps-container:hover>.ps-scrollbar-x-rail,.ps-container:hover>.ps-scrollbar-y-rail{opacity:.6}.ps-container:hover>.ps-scrollbar-x-rail:hover{background-color:#eee;opacity:.9}.ps-container:hover>.ps-scrollbar-x-rail:hover>.ps-scrollbar-x{background-color:#999}.ps-container:hover>.ps-scrollbar-y-rail:hover{background-color:#eee;opacity:.9}.ps-container:hover>.ps-scrollbar-y-rail:hover>.ps-scrollbar-y{background-color:#999} diff --git a/css/tabs.css b/css/tabs.css new file mode 100644 index 0000000000..2ad2728772 --- /dev/null +++ b/css/tabs.css @@ -0,0 +1,43 @@ +#body .tab-nav-button { + border-width: 1px 1px 1px 1px !important; + border-color: #ccc !important; + border-radius: 4px 4px 0 0 !important; + background-color: #ddd !important; + float: left; + display: block; + position: relative; + margin-left: 4px; + bottom: -1px; +} +#body .tab-nav-button:first-child { + margin-left: 0px; +} +#body .tab-nav-button.active { + background-color: #fff !important; + border-bottom-color: #fff !important; +} + +#body .tab-panel { + margin-top: 32px; + margin-bottom: 32px; +} +#body .tab-content { + display: block; + clear: both; + padding: 8px; + border-width: 1px; + border-style: solid; + border-color: #ccc; +} +#body .tab-content .tab-item{ + display: none; +} + +#body .tab-content .tab-item.active{ + display: block; +} + +#body .tab-item pre{ + margin-bottom: 0; + margin-top: 0; +} diff --git a/css/tags.css b/css/tags.css new file mode 100644 index 0000000000..495d2f9f71 --- /dev/null +++ b/css/tags.css @@ -0,0 +1,49 @@ +/* Tags */ + +#head-tags{ + margin-left:1em; + margin-top:1em; +} + +#body .tags a.tag-link { + display: inline-block; + line-height: 2em; + font-size: 0.8em; + position: relative; + margin: 0 16px 8px 0; + padding: 0 10px 0 12px; + background: #8451a1; + + -webkit-border-bottom-right-radius: 3px; + border-bottom-right-radius: 3px; + -webkit-border-top-right-radius: 3px; + border-top-right-radius: 3px; + + -webkit-box-shadow: 0 1px 2px rgba(0,0,0,0.2); + box-shadow: 0 1px 2px rgba(0,0,0,0.2); + color: #fff; +} + +#body .tags a.tag-link:before { + content: ""; + position: absolute; + top:0; + left: -1em; + width: 0; + height: 0; + border-color: transparent #8451a1 transparent transparent; + border-style: solid; + border-width: 1em 1em 1em 0; +} + +#body .tags a.tag-link:after { + content: ""; + position: absolute; + top: 10px; + left: 1px; + width: 5px; + height: 5px; + -webkit-border-radius: 50%; + border-radius: 100%; + background: #fff; +} diff --git a/css/theme-blue.css b/css/theme-blue.css new file mode 100644 index 0000000000..91369947ca --- /dev/null +++ b/css/theme-blue.css @@ -0,0 +1,133 @@ + +:root{ + + --MAIN-TEXT-color:#323232; /* Color of text by default */ + --MAIN-TITLES-TEXT-color: #5e5e5e; /* Color of titles h2-h3-h4-h5 */ + --MAIN-LINK-color:#1C90F3; /* Color of links */ + --MAIN-LINK-HOVER-color:#167ad0; /* Color of hovered links */ + --MAIN-ANCHOR-color: #1C90F3; /* color of anchors on titles */ + + --MENU-HOME-LINK-color: #323232; /* Color of the home button text */ + --MENU-HOME-LINK-HOVER-color: #5e5e5e; /* Color of the hovered home button text */ + + --MENU-HEADER-BG-color:#1C90F3; /* Background color of menu header */ + --MENU-HEADER-BORDER-color:#33a1ff; /*Color of menu header border */ + + --MENU-SEARCH-BG-color:#167ad0; /* Search field background color (by default borders + icons) */ + --MENU-SEARCH-BOX-color: #33a1ff; /* Override search field border color */ + --MENU-SEARCH-BOX-ICONS-color: #a1d2fd; /* Override search field icons color */ + + --MENU-SECTIONS-ACTIVE-BG-color:#20272b; /* Background color of the active section and its childs */ + --MENU-SECTIONS-BG-color:#252c31; /* Background color of other sections */ + --MENU-SECTIONS-LINK-color: #ccc; /* Color of links in menu */ + --MENU-SECTIONS-LINK-HOVER-color: #e6e6e6; /* Color of links in menu, when hovered */ + --MENU-SECTION-ACTIVE-CATEGORY-color: #777; /* Color of active category text */ + --MENU-SECTION-ACTIVE-CATEGORY-BG-color: #fff; /* Color of background for the active category (only) */ + + --MENU-VISITED-color: #33a1ff; /* Color of 'page visited' icons in menu */ + --MENU-SECTION-HR-color: #20272b; /* Color of
separator in menu */ + +} + +body { + color: var(--MAIN-TEXT-color) !important; +} + +textarea:focus, input[type="email"]:focus, input[type="number"]:focus, input[type="password"]:focus, input[type="search"]:focus, input[type="tel"]:focus, input[type="text"]:focus, input[type="url"]:focus, input[type="color"]:focus, input[type="date"]:focus, input[type="datetime"]:focus, input[type="datetime-local"]:focus, input[type="month"]:focus, input[type="time"]:focus, input[type="week"]:focus, select[multiple=multiple]:focus { + border-color: none; + box-shadow: none; +} + +h2, h3, h4, h5 { + color: var(--MAIN-TITLES-TEXT-color) !important; +} + +a { + color: var(--MAIN-LINK-color); +} + +.anchor { + color: var(--MAIN-ANCHOR-color); +} + +a:hover { + color: var(--MAIN-LINK-HOVER-color); +} + +#sidebar ul li.visited > a .read-icon { + color: var(--MENU-VISITED-color); +} + +#body a.highlight:after { + display: block; + content: ""; + height: 1px; + width: 0%; + -webkit-transition: width 0.5s ease; + -moz-transition: width 0.5s ease; + -ms-transition: width 0.5s ease; + transition: width 0.5s ease; + background-color: var(--MAIN-LINK-HOVER-color); +} +#sidebar { + background-color: var(--MENU-SECTIONS-BG-color); +} +#sidebar #header-wrapper { + background: var(--MENU-HEADER-BG-color); + color: var(--MENU-SEARCH-BOX-color); + border-color: var(--MENU-HEADER-BORDER-color); +} +#sidebar .searchbox { + border-color: var(--MENU-SEARCH-BOX-color); + background: var(--MENU-SEARCH-BG-color); +} +#sidebar ul.topics > li.parent, #sidebar ul.topics > li.active { + background: var(--MENU-SECTIONS-ACTIVE-BG-color); +} +#sidebar ul.topics li li { + border-top: 1px solid rgba(255,255,255, 0.1); + border-left: 1px solid rgba(255,255,255, 0.1); + background: rgba(127,127,127, 0.1) +} +#sidebar .searchbox * { + color: var(--MENU-SEARCH-BOX-ICONS-color); +} + +#sidebar a { + color: var(--MENU-SECTIONS-LINK-color); +} + +#sidebar a:hover { + color: var(--MENU-SECTIONS-LINK-HOVER-color); +} + +#sidebar ul li.active > a { + background: var(--MENU-SECTION-ACTIVE-CATEGORY-BG-color); + color: var(--MENU-SECTION-ACTIVE-CATEGORY-color) !important; +} + +#sidebar hr { + border-color: var(--MENU-SECTION-HR-color); +} + +#body .tags a.tag-link { + background-color: var(--MENU-HEADER-BG-color); +} + +#body .tags a.tag-link:before { + border-right-color: var(--MENU-HEADER-BG-color); +} + +#homelinks { + background: var(--MENU-HEADER-BG-color); + background-color: var(--MENU-HEADER-BORDER-color); + border-bottom-color: var(--MENU-HEADER-BORDER-color); +} + +#homelinks a { + color: var(--MENU-HOME-LINK-color); +} + +#homelinks a:hover { + color: var(--MENU-HOME-LINK-HOVERED-color); +} \ No newline at end of file diff --git a/css/theme-green.css b/css/theme-green.css new file mode 100644 index 0000000000..c074679aaf --- /dev/null +++ b/css/theme-green.css @@ -0,0 +1,128 @@ + +:root{ + + --MAIN-TEXT-color:#323232; /* Color of text by default */ + --MAIN-TITLES-TEXT-color: #5e5e5e; /* Color of titles h2-h3-h4-h5 */ + --MAIN-LINK-color:#599a3e; /* Color of links */ + --MAIN-LINK-HOVER-color:#3f6d2c; /* Color of hovered links */ + --MAIN-ANCHOR-color: #599a3e; /* color of anchors on titles */ + + --MENU-HOME-LINK-color: #323232; /* Color of the home button text */ + --MENU-HOME-LINK-HOVER-color: #5e5e5e; /* Color of the hovered home button text */ + + --MENU-HEADER-BG-color:#74b559; /* Background color of menu header */ + --MENU-HEADER-BORDER-color:#9cd484; /*Color of menu header border */ + + --MENU-SEARCH-BG-color:#599a3e; /* Search field background color (by default borders + icons) */ + --MENU-SEARCH-BOX-color: #84c767; /* Override search field border color */ + --MENU-SEARCH-BOX-ICONS-color: #c7f7c4; /* Override search field icons color */ + + --MENU-SECTIONS-ACTIVE-BG-color:#1b211c; /* Background color of the active section and its childs */ + --MENU-SECTIONS-BG-color:#222723; /* Background color of other sections */ + --MENU-SECTIONS-LINK-color: #ccc; /* Color of links in menu */ + --MENU-SECTIONS-LINK-HOVER-color: #e6e6e6; /* Color of links in menu, when hovered */ + --MENU-SECTION-ACTIVE-CATEGORY-color: #777; /* Color of active category text */ + --MENU-SECTION-ACTIVE-CATEGORY-BG-color: #fff; /* Color of background for the active category (only) */ + + --MENU-VISITED-color: #599a3e; /* Color of 'page visited' icons in menu */ + --MENU-SECTION-HR-color: #18211c; /* Color of
separator in menu */ + +} + +body { + color: var(--MAIN-TEXT-color) !important; +} + +textarea:focus, input[type="email"]:focus, input[type="number"]:focus, input[type="password"]:focus, input[type="search"]:focus, input[type="tel"]:focus, input[type="text"]:focus, input[type="url"]:focus, input[type="color"]:focus, input[type="date"]:focus, input[type="datetime"]:focus, input[type="datetime-local"]:focus, input[type="month"]:focus, input[type="time"]:focus, input[type="week"]:focus, select[multiple=multiple]:focus { + border-color: none; + box-shadow: none; +} + +h2, h3, h4, h5 { + color: var(--MAIN-TITLES-TEXT-color) !important; +} + +a { + color: var(--MAIN-LINK-color); +} + +.anchor { + color: var(--MAIN-ANCHOR-color); +} + +a:hover { + color: var(--MAIN-LINK-HOVER-color); +} + +#sidebar ul li.visited > a .read-icon { + color: var(--MENU-VISITED-color); +} + +#body a.highlight:after { + display: block; + content: ""; + height: 1px; + width: 0%; + -webkit-transition: width 0.5s ease; + -moz-transition: width 0.5s ease; + -ms-transition: width 0.5s ease; + transition: width 0.5s ease; + background-color: var(--MAIN-LINK-HOVER-color); +} +#sidebar { + background-color: var(--MENU-SECTIONS-BG-color); +} +#sidebar #header-wrapper { + background: var(--MENU-HEADER-BG-color); + color: var(--MENU-SEARCH-BOX-color); + border-color: var(--MENU-HEADER-BORDER-color); +} +#sidebar .searchbox { + border-color: var(--MENU-SEARCH-BOX-color); + background: var(--MENU-SEARCH-BG-color); +} +#sidebar ul.topics > li.parent, #sidebar ul.topics > li.active { + background: var(--MENU-SECTIONS-ACTIVE-BG-color); +} +#sidebar .searchbox * { + color: var(--MENU-SEARCH-BOX-ICONS-color); +} + +#sidebar a { + color: var(--MENU-SECTIONS-LINK-color); +} + +#sidebar a:hover { + color: var(--MENU-SECTIONS-LINK-HOVER-color); +} + +#sidebar ul li.active > a { + background: var(--MENU-SECTION-ACTIVE-CATEGORY-BG-color); + color: var(--MENU-SECTION-ACTIVE-CATEGORY-color) !important; +} + +#sidebar hr { + border-color: var(--MENU-SECTION-HR-color); +} + +#body .tags a.tag-link { + background-color: var(--MENU-HEADER-BG-color); +} + +#body .tags a.tag-link:before { + border-right-color: var(--MENU-HEADER-BG-color); +} + +#homelinks { + background: var(--MENU-HEADER-BG-color); + background-color: var(--MENU-HEADER-BORDER-color); + border-bottom-color: var(--MENU-HEADER-BORDER-color); +} + +#homelinks a { + color: var(--MENU-HOME-LINK-color); +} + +#homelinks a:hover { + color: var(--MENU-HOME-LINK-HOVERED-color); +} \ No newline at end of file diff --git a/css/theme-red.css b/css/theme-red.css new file mode 100644 index 0000000000..c5f2674243 --- /dev/null +++ b/css/theme-red.css @@ -0,0 +1,128 @@ + +:root{ + + --MAIN-TEXT-color:#323232; /* Color of text by default */ + --MAIN-TITLES-TEXT-color: #5e5e5e; /* Color of titles h2-h3-h4-h5 */ + --MAIN-LINK-color:#f31c1c; /* Color of links */ + --MAIN-LINK-HOVER-color:#d01616; /* Color of hovered links */ + --MAIN-ANCHOR-color: #f31c1c; /* color of anchors on titles */ + + --MENU-HOME-LINK-color: #ccc; /* Color of the home button text */ + --MENU-HOME-LINK-HOVER-color: #e6e6e6; /* Color of the hovered home button text */ + + --MENU-HEADER-BG-color:#dc1010; /* Background color of menu header */ + --MENU-HEADER-BORDER-color:#e23131; /*Color of menu header border */ + + --MENU-SEARCH-BG-color:#b90000; /* Search field background color (by default borders + icons) */ + --MENU-SEARCH-BOX-color: #ef2020; /* Override search field border color */ + --MENU-SEARCH-BOX-ICONS-color: #fda1a1; /* Override search field icons color */ + + --MENU-SECTIONS-ACTIVE-BG-color:#2b2020; /* Background color of the active section and its childs */ + --MENU-SECTIONS-BG-color:#312525; /* Background color of other sections */ + --MENU-SECTIONS-LINK-color: #ccc; /* Color of links in menu */ + --MENU-SECTIONS-LINK-HOVER-color: #e6e6e6; /* Color of links in menu, when hovered */ + --MENU-SECTION-ACTIVE-CATEGORY-color: #777; /* Color of active category text */ + --MENU-SECTION-ACTIVE-CATEGORY-BG-color: #fff; /* Color of background for the active category (only) */ + + --MENU-VISITED-color: #ff3333; /* Color of 'page visited' icons in menu */ + --MENU-SECTION-HR-color: #2b2020; /* Color of
separator in menu */ + +} + +body { + color: var(--MAIN-TEXT-color) !important; +} + +textarea:focus, input[type="email"]:focus, input[type="number"]:focus, input[type="password"]:focus, input[type="search"]:focus, input[type="tel"]:focus, input[type="text"]:focus, input[type="url"]:focus, input[type="color"]:focus, input[type="date"]:focus, input[type="datetime"]:focus, input[type="datetime-local"]:focus, input[type="month"]:focus, input[type="time"]:focus, input[type="week"]:focus, select[multiple=multiple]:focus { + border-color: none; + box-shadow: none; +} + +h2, h3, h4, h5 { + color: var(--MAIN-TITLES-TEXT-color) !important; +} + +a { + color: var(--MAIN-LINK-color); +} + +.anchor { + color: var(--MAIN-ANCHOR-color); +} + +a:hover { + color: var(--MAIN-LINK-HOVER-color); +} + +#sidebar ul li.visited > a .read-icon { + color: var(--MENU-VISITED-color); +} + +#body a.highlight:after { + display: block; + content: ""; + height: 1px; + width: 0%; + -webkit-transition: width 0.5s ease; + -moz-transition: width 0.5s ease; + -ms-transition: width 0.5s ease; + transition: width 0.5s ease; + background-color: var(--MAIN-LINK-HOVER-color); +} +#sidebar { + background-color: var(--MENU-SECTIONS-BG-color); +} +#sidebar #header-wrapper { + background: var(--MENU-HEADER-BG-color); + color: var(--MENU-SEARCH-BOX-color); + border-color: var(--MENU-HEADER-BORDER-color); +} +#sidebar .searchbox { + border-color: var(--MENU-SEARCH-BOX-color); + background: var(--MENU-SEARCH-BG-color); +} +#sidebar ul.topics > li.parent, #sidebar ul.topics > li.active { + background: var(--MENU-SECTIONS-ACTIVE-BG-color); +} +#sidebar .searchbox * { + color: var(--MENU-SEARCH-BOX-ICONS-color); +} + +#sidebar a { + color: var(--MENU-SECTIONS-LINK-color); +} + +#sidebar a:hover { + color: var(--MENU-SECTIONS-LINK-HOVER-color); +} + +#sidebar ul li.active > a { + background: var(--MENU-SECTION-ACTIVE-CATEGORY-BG-color); + color: var(--MENU-SECTION-ACTIVE-CATEGORY-color) !important; +} + +#sidebar hr { + border-color: var(--MENU-SECTION-HR-color); +} + +#body .tags a.tag-link { + background-color: var(--MENU-HEADER-BG-color); +} + +#body .tags a.tag-link:before { + border-right-color: var(--MENU-HEADER-BG-color); +} + +#homelinks { + background: var(--MENU-HEADER-BG-color); + background-color: var(--MENU-HEADER-BORDER-color); + border-bottom-color: var(--MENU-HEADER-BORDER-color); +} + +#homelinks a { + color: var(--MENU-HOME-LINK-color); +} + +#homelinks a:hover { + color: var(--MENU-HOME-LINK-HOVERED-color); +} \ No newline at end of file diff --git a/css/theme.css b/css/theme.css new file mode 100644 index 0000000000..a6c291d795 --- /dev/null +++ b/css/theme.css @@ -0,0 +1,1148 @@ +@charset "UTF-8"; + +/* Tags */ +@import "tags.css"; + +#top-github-link, #body #breadcrumbs { + position: relative; + top: 50%; + -webkit-transform: translateY(-50%); + -moz-transform: translateY(-50%); + -o-transform: translateY(-50%); + -ms-transform: translateY(-50%); + transform: translateY(-50%); +} +.button, .button-secondary { + display: inline-block; + padding: 7px 12px; +} +.button:active, .button-secondary:active { + margin: 2px 0 -2px 0; +} +@font-face { + font-family: 'Novacento Sans Wide'; + src: url("../fonts/Novecentosanswide-UltraLight-webfont.eot"); + src: url("../fonts/Novecentosanswide-UltraLight-webfont.eot?#iefix") format("embedded-opentype"), url("../fonts/Novecentosanswide-UltraLight-webfont.woff2") format("woff2"), url("../fonts/Novecentosanswide-UltraLight-webfont.woff") format("woff"), url("../fonts/Novecentosanswide-UltraLight-webfont.ttf") format("truetype"), url("../fonts/Novecentosanswide-UltraLight-webfont.svg#novecento_sans_wideultralight") format("svg"); + font-style: normal; + font-weight: 200; +} +@font-face { + font-family: 'Work Sans'; + font-style: normal; + font-weight: 300; + src: url("../fonts/Work_Sans_300.eot?#iefix") format("embedded-opentype"), url("../fonts/Work_Sans_300.woff") format("woff"), url("../fonts/Work_Sans_300.woff2") format("woff2"), url("../fonts/Work_Sans_300.svg#WorkSans") format("svg"), url("../fonts/Work_Sans_300.ttf") format("truetype"); +} +@font-face { + font-family: 'Work Sans'; + font-style: normal; + font-weight: 500; + src: url("../fonts/Work_Sans_500.eot?#iefix") format("embedded-opentype"), url("../fonts/Work_Sans_500.woff") format("woff"), url("../fonts/Work_Sans_500.woff2") format("woff2"), url("../fonts/Work_Sans_500.svg#WorkSans") format("svg"), url("../fonts/Work_Sans_500.ttf") format("truetype"); +} +body { + background: #fff; + color: #777; +} +body #chapter h1 { + font-size: 3.5rem; +} +@media only all and (min-width: 48em) and (max-width: 59.938em) { + body #chapter h1 { + font-size: 3rem; + } +} +@media only all and (max-width: 47.938em) { + body #chapter h1 { + font-size: 2rem; + } +} +a { + color: #00bdf3; +} +a:hover { + color: #0082a7; +} +pre { + position: relative; + color: #ffffff; +} +.bg { + background: #fff; + border: 1px solid #eaeaea; +} +b, strong, label, th { + font-weight: 600; +} +.default-animation, #header #logo-svg, #header #logo-svg path, #sidebar, #sidebar ul, #body, #body .padding, #body .nav { + -webkit-transition: all 0.5s ease; + -moz-transition: all 0.5s ease; + transition: all 0.5s ease; +} +#grav-logo { + max-width: 60%; +} +#grav-logo path { + fill: #fff !important; +} +#sidebar { + font-weight: 300 !important; +} +fieldset { + border: 1px solid #ddd; +} +textarea, input[type="email"], input[type="number"], input[type="password"], input[type="search"], input[type="tel"], input[type="text"], input[type="url"], input[type="color"], input[type="date"], input[type="datetime"], input[type="datetime-local"], input[type="month"], input[type="time"], input[type="week"], select[multiple=multiple] { + background-color: white; + border: 1px solid #ddd; + box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.06); +} +textarea:hover, input[type="email"]:hover, input[type="number"]:hover, input[type="password"]:hover, input[type="search"]:hover, input[type="tel"]:hover, input[type="text"]:hover, input[type="url"]:hover, input[type="color"]:hover, input[type="date"]:hover, input[type="datetime"]:hover, input[type="datetime-local"]:hover, input[type="month"]:hover, input[type="time"]:hover, input[type="week"]:hover, select[multiple=multiple]:hover { + border-color: #c4c4c4; +} +textarea:focus, input[type="email"]:focus, input[type="number"]:focus, input[type="password"]:focus, input[type="search"]:focus, input[type="tel"]:focus, input[type="text"]:focus, input[type="url"]:focus, input[type="color"]:focus, input[type="date"]:focus, input[type="datetime"]:focus, input[type="datetime-local"]:focus, input[type="month"]:focus, input[type="time"]:focus, input[type="week"]:focus, select[multiple=multiple]:focus { + border-color: #00bdf3; + box-shadow: inset 0 1px 3px rgba(0,0,0,.06),0 0 5px rgba(0,169,218,.7) +} +#header-wrapper { + background: #8451a1; + color: #fff; + text-align: center; + border-bottom: 4px solid #9c6fb6; + padding: 1rem; +} +#header a { + display: inline-block; +} +#logo { + color: white !important; + font-size: 1.1em; + float: left; +} +#header #logo-svg { + width: 8rem; + height: 2rem; +} +#header #logo-svg path { + fill: #fff; +} +.searchbox { + margin-top: 1rem; + position: relative; + border: 1px solid #915eae; + background: #764890; + border-radius: 4px; +} +.searchbox label { + color: rgba(255, 255, 255, 0.8); + position: absolute; + left: 10px; + top: 3px; +} +.searchbox span { + color: rgba(255, 255, 255, 0.6); + position: absolute; + right: 10px; + top: 3px; + cursor: pointer; +} +.searchbox span:hover { + color: rgba(255, 255, 255, 0.9); +} +.searchbox input { + display: inline-block; + color: #fff; + width: 100%; + height: 30px; + background: transparent; + border: 0; + padding: 0 25px 0 30px; + margin: 0; + font-weight: 300; +} +.searchbox input::-webkit-input-placeholder { + color: rgba(255, 255, 255, 0.6); +} +.searchbox input::-moz-placeholder { + color: rgba(255, 255, 255, 0.6); +} +.searchbox input:-moz-placeholder { + color: rgba(255, 255, 255, 0.6); +} +.searchbox input:-ms-input-placeholder { + color: rgba(255, 255, 255, 0.6); +} +#sidebar-toggle-span { + display: none; +} +@media only all and (max-width: 47.938em) { + #sidebar-toggle-span { + display: inline; + } +} +#sidebar { + background-color: #322A38; + position: fixed; + top: 0; + width: 300px; + bottom: 0; + left: 0; + font-weight: 400; + font-size: 15px; +} +#sidebar a { + color: #ccc; +} +#sidebar a:hover { + color: #e6e6e6; +} +#sidebar a.subtitle { + color: rgba(204, 204, 204, 0.6); +} +#sidebar hr { + border-bottom: 1px solid #2a232f; +} +#sidebar a.padding { + padding: 0 1rem; +} +#sidebar h5 { + margin: 2rem 0 0; + position: relative; + line-height: 2; +} +#sidebar h5 a { + display: block; + margin-left: 0; + margin-right: 0; + padding-left: 1rem; + padding-right: 1rem; +} +#sidebar h5 i { + color: rgba(204, 204, 204, 0.6); + position: absolute; + right: 0.6rem; + top: 0.7rem; + font-size: 80%; +} +#sidebar h5.parent a { + background: #201b24; + color: #d9d9d9 !important; +} +#sidebar h5.active a { + background: #fff; + color: #777 !important; +} +#sidebar h5.active i { + color: #777 !important; +} +#sidebar h5 + ul.topics { + display: none; + margin-top: 0; +} +#sidebar h5.parent + ul.topics, #sidebar h5.active + ul.topics { + display: block; +} +#sidebar ul { + list-style: none; + padding: 0; + margin: 0; +} +#sidebar ul.searched a { + color: #999999; +} +#sidebar ul.searched .search-match a { + color: #e6e6e6; +} +#sidebar ul.searched .search-match a:hover { + color: white; +} +#sidebar ul.topics { + margin: 0 1rem; +} +#sidebar ul.topics.searched ul { + display: block; +} +#sidebar ul.topics ul { + display: none; + padding-bottom: 1rem; +} +#sidebar ul.topics ul ul { + padding-bottom: 0; +} +#sidebar ul.topics li.parent ul, #sidebar ul.topics > li.active ul { + display: block; +} +#sidebar ul.topics > li > a { + line-height: 2rem; + font-size: 1.1rem; +} +#sidebar ul.topics > li > a b { + opacity: 0.5; + font-weight: normal; +} +#sidebar ul.topics > li > a .fa { + margin-top: 9px; +} +#sidebar ul.topics > li.parent, #sidebar ul.topics > li.active { + background: #251f29; + margin-left: -1rem; + margin-right: -1rem; + padding-left: 1rem; + padding-right: 1rem; +} +#sidebar ul li.active > a { + background: #fff; + color: #777 !important; + margin-left: -1rem; + margin-right: -1rem; + padding-left: 1rem; + padding-right: 1rem; +} +#sidebar ul li { + padding: 0; +} +#sidebar ul li.visited + span { + margin-right: 16px; +} +#sidebar ul li a { + display: block; + padding: 2px 0; +} +#sidebar ul li a span { + text-overflow: ellipsis; + overflow: hidden; + white-space: nowrap; + display: block; +} +#sidebar ul li > a { + padding: 4px 0; +} +#sidebar ul li.visited > a .read-icon { + color: #9c6fb6; + display: inline; +} +#sidebar ul li li { + padding-left: 1rem; + text-indent: 0.2rem; +} +#main { + background: #f7f7f7; + margin: 0 0 1.563rem 0; +} +#body { + position: relative; + margin-left: 300px; + min-height: 100%; +} +#body img, #body .video-container { + margin: 3rem auto; + display: block; + text-align: center; +} +#body img.border, #body .video-container.border { + border: 2px solid #e6e6e6 !important; + padding: 2px; +} +#body img.shadow, #body .video-container.shadow { + box-shadow: 0 10px 30px rgba(0, 0, 0, 0.1); +} +#body img.inline { + display: inline !important; + margin: 0 !important; + vertical-align: bottom; +} +#body .bordered { + border: 1px solid #ccc; +} +#body .padding { + padding: 3rem 6rem; +} +@media only all and (max-width: 59.938em) { + #body .padding { + position: static; + padding: 15px 3rem; + } +} +@media only all and (max-width: 47.938em) { + #body .padding { + padding: 5px 1rem; + } +} +#body h1 + hr { + margin-top: -1.7rem; + margin-bottom: 3rem; +} +@media only all and (max-width: 59.938em) { + #body #navigation { + position: static; + margin-right: 0 !important; + width: 100%; + display: table; + } +} +#body .nav { + position: fixed; + top: 0; + bottom: 0; + width: 4rem; + font-size: 50px; + height: 100%; + cursor: pointer; + display: table; + text-align: center; +} +#body .nav > i { + display: table-cell; + vertical-align: middle; + text-align: center; +} +@media only all and (max-width: 59.938em) { + #body .nav { + display: table-cell; + position: static; + top: auto; + width: 50%; + text-align: center; + height: 100px; + line-height: 100px; + padding-top: 0; + } + #body .nav > i { + display: inline-block; + } +} +#body .nav:hover { + background: #F6F6F6; +} +#body .nav.nav-pref { + left: 0; +} +#body .nav.nav-next { + right: 0; +} +#body-inner { + margin-bottom: 5rem; +} +#chapter { + display: flex; + align-items: center; + justify-content: center; + height: 100%; + padding: 2rem 0; +} +#chapter #body-inner { + padding-bottom: 3rem; + max-width: 80%; +} +#chapter h3 { + font-family: "Work Sans", "Helvetica", "Tahoma", "Geneva", "Arial", sans-serif; + font-weight: 300; + text-align: center; +} +#chapter h1 { + font-size: 5rem; + border-bottom: 4px solid #F0F2F4; +} +#chapter p { + text-align: center; + font-size: 1.2rem; +} +#footer { + padding: 3rem 1rem; + color: #b3b3b3; + font-size: 13px; +} +#footer p { + margin: 0; +} +body { + font-family: "Work Sans", "Helvetica", "Tahoma", "Geneva", "Arial", sans-serif; + font-weight: 300; + line-height: 1.6; + font-size: 18px !important; +} +h2, h3, h4, h5, h6 { + font-family: "Work Sans", "Helvetica", "Tahoma", "Geneva", "Arial", sans-serif; + text-rendering: optimizeLegibility; + color: #5e5e5e; + font-weight: 400; + letter-spacing: -1px; +} +h1 { + font-family: "Novacento Sans Wide", "Helvetica", "Tahoma", "Geneva", "Arial", sans-serif; + text-align: center; + text-transform: uppercase; + color: #222; + font-weight: 200; +} +blockquote { + border-left: 10px solid #F0F2F4; +} +blockquote p { + font-size: 1.1rem; + color: #999; +} +blockquote cite { + display: block; + text-align: right; + color: #666; + font-size: 1.2rem; +} +div.notices { + margin: 2rem 0; + position: relative; +} +div.notices p { + padding: 15px; + display: block; + font-size: 1rem; + margin-top: 0rem; + margin-bottom: 0rem; + color: #666; +} +div.notices p:first-child:before { + position: absolute; + top: 2px; + color: #fff; + font-family: "Font Awesome 5 Free"; + font-weight: 900; + content: "\f06a"; + left: 10px; +} +div.notices p:first-child:after { + position: absolute; + top: 2px; + color: #fff; + left: 2rem; +} +div.notices.info p { + border-top: 30px solid #F0B37E; + background: #FFF2DB; +} +div.notices.info p:first-child:after { + content: 'Info'; +} +div.notices.warning p { + border-top: 30px solid rgba(217, 83, 79, 0.8); + background: #FAE2E2; +} +div.notices.warning p:first-child:after { + content: 'Warning'; +} +div.notices.note p { + border-top: 30px solid #6AB0DE; + background: #E7F2FA; +} +div.notices.note p:first-child:after { + content: 'Note'; +} +div.notices.tip p { + border-top: 30px solid rgba(92, 184, 92, 0.8); + background: #E6F9E6; +} +div.notices.tip p:first-child:after { + content: 'Tip'; +} + +/* attachments shortcode */ + +section.attachments { + margin: 2rem 0; + position: relative; +} + +section.attachments label { + font-weight: 400; + padding-left: 0.5em; + padding-top: 0.2em; + padding-bottom: 0.2em; + margin: 0; +} + +section.attachments .attachments-files { + padding: 15px; + display: block; + font-size: 1rem; + margin-top: 0rem; + margin-bottom: 0rem; + color: #666; +} + +section.attachments.orange label { + color: #fff; + background: #F0B37E; +} + +section.attachments.orange .attachments-files { + background: #FFF2DB; +} + +section.attachments.green label { + color: #fff; + background: rgba(92, 184, 92, 0.8); +} + +section.attachments.green .attachments-files { + background: #E6F9E6; +} + +section.attachments.blue label { + color: #fff; + background: #6AB0DE; +} + +section.attachments.blue .attachments-files { + background: #E7F2FA; +} + +section.attachments.grey label { + color: #fff; + background: #505d65; +} + +section.attachments.grey .attachments-files { + background: #f4f4f4; +} + +/* Children shortcode */ + +/* Children shortcode */ +.children p { + font-size: small; + margin-top: 0px; + padding-top: 0px; + margin-bottom: 0px; + padding-bottom: 0px; +} +.children-li p { + font-size: small; + font-style: italic; + +} +.children-h2 p, .children-h3 p { + font-size: small; + margin-top: 0px; + padding-top: 0px; + margin-bottom: 0px; + padding-bottom: 0px; +} +.children h3,.children h2 { + margin-bottom: 0px; + margin-top: 5px; +} + +code, kbd, pre, samp { + font-family: "Consolas", menlo, monospace; + font-size: 92%; +} +code { + border-radius: 2px; + white-space: nowrap; + color: #5e5e5e; + background: #FFF7DD; + border: 1px solid #fbf0cb; + padding: 0px 2px; +} +code + .copy-to-clipboard { + margin-left: -1px; + border-left: 0 !important; + font-size: inherit !important; + vertical-align: middle; + height: 21px; + top: 0; +} +pre { + padding: 1rem; + margin: 2rem 0; + background: #282c34; + border: 0; + border-radius: 2px; + line-height: 1.15; +} +pre code { + color: whitesmoke; + background: inherit; + white-space: inherit; + border: 0; + padding: 0; + margin: 0; + font-size: 15px; +} +hr { + border-bottom: 4px solid #F0F2F4; +} +.page-title { + margin-top: -25px; + padding: 25px; + float: left; + clear: both; + background: #9c6fb6; + color: #fff; +} +#body a.anchor-link { + color: #ccc; +} +#body a.anchor-link:hover { + color: #9c6fb6; +} +#body-inner .tabs-wrapper.ui-theme-badges { + background: #1d1f21; +} +#body-inner .tabs-wrapper.ui-theme-badges .tabs-nav li { + font-size: 0.9rem; + text-transform: uppercase; +} +#body-inner .tabs-wrapper.ui-theme-badges .tabs-nav li a { + background: #35393c; +} +#body-inner .tabs-wrapper.ui-theme-badges .tabs-nav li.current a { + background: #4d5257; +} +#body-inner pre { + white-space: pre-wrap; +} +.tabs-wrapper pre { + margin: 1rem 0; + border: 0; + padding: 0; + background: inherit; +} +table { + border: 1px solid #eaeaea; + table-layout: auto; +} +th { + background: #f7f7f7; + padding: 0.5rem; +} +td { + padding: 0.5rem; + border: 1px solid #eaeaea; +} +.button { + background: #9c6fb6; + color: #fff; + box-shadow: 0 3px 0 #00a5d4; +} +.button:hover { + background: #00a5d4; + box-shadow: 0 3px 0 #008db6; + color: #fff; +} +.button:active { + box-shadow: 0 1px 0 #008db6; +} +.button-secondary { + background: #F8B450; + color: #fff; + box-shadow: 0 3px 0 #f7a733; +} +.button-secondary:hover { + background: #f7a733; + box-shadow: 0 3px 0 #f69b15; + color: #fff; +} +.button-secondary:active { + box-shadow: 0 1px 0 #f69b15; +} +.bullets { + margin: 1.7rem 0; + margin-left: -0.85rem; + margin-right: -0.85rem; + overflow: auto; +} +.bullet { + float: left; + padding: 0 0.85rem; +} +.two-column-bullet { + width: 50%; +} +@media only all and (max-width: 47.938em) { + .two-column-bullet { + width: 100%; + } +} +.three-column-bullet { + width: 33.33333%; +} +@media only all and (max-width: 47.938em) { + .three-column-bullet { + width: 100%; + } +} +.four-column-bullet { + width: 25%; +} +@media only all and (max-width: 47.938em) { + .four-column-bullet { + width: 100%; + } +} +.bullet-icon { + float: left; + background: #9c6fb6; + padding: 0.875rem; + width: 3.5rem; + height: 3.5rem; + border-radius: 50%; + color: #fff; + font-size: 1.75rem; + text-align: center; +} +.bullet-icon-1 { + background: #9c6fb6; +} +.bullet-icon-2 { + background: #00f3d8; +} +.bullet-icon-3 { + background: #e6f300; +} +.bullet-content { + margin-left: 4.55rem; +} +.tooltipped { + position: relative; +} +.tooltipped:after { + position: absolute; + z-index: 1000000; + display: none; + padding: 5px 8px; + font: normal normal 11px/1.5 "Work Sans", "Helvetica", "Tahoma", "Geneva", "Arial", sans-serif; + color: #fff; + text-align: center; + text-decoration: none; + text-shadow: none; + text-transform: none; + letter-spacing: normal; + word-wrap: break-word; + white-space: pre; + pointer-events: none; + content: attr(aria-label); + background: rgba(0, 0, 0, 0.8); + border-radius: 3px; + -webkit-font-smoothing: subpixel-antialiased; +} +.tooltipped:before { + position: absolute; + z-index: 1000001; + display: none; + width: 0; + height: 0; + color: rgba(0, 0, 0, 0.8); + pointer-events: none; + content: ""; + border: 5px solid transparent; +} +.tooltipped:hover:before, .tooltipped:hover:after, .tooltipped:active:before, .tooltipped:active:after, .tooltipped:focus:before, .tooltipped:focus:after { + display: inline-block; + text-decoration: none; +} +.tooltipped-s:after, .tooltipped-se:after, .tooltipped-sw:after { + top: 100%; + right: 50%; + margin-top: 5px; +} +.tooltipped-s:before, .tooltipped-se:before, .tooltipped-sw:before { + top: auto; + right: 50%; + bottom: -5px; + margin-right: -5px; + border-bottom-color: rgba(0, 0, 0, 0.8); +} +.tooltipped-se:after { + right: auto; + left: 50%; + margin-left: -15px; +} +.tooltipped-sw:after { + margin-right: -15px; +} +.tooltipped-n:after, .tooltipped-ne:after, .tooltipped-nw:after { + right: 50%; + bottom: 100%; + margin-bottom: 5px; +} +.tooltipped-n:before, .tooltipped-ne:before, .tooltipped-nw:before { + top: -5px; + right: 50%; + bottom: auto; + margin-right: -5px; + border-top-color: rgba(0, 0, 0, 0.8); +} +.tooltipped-ne:after { + right: auto; + left: 50%; + margin-left: -15px; +} +.tooltipped-nw:after { + margin-right: -15px; +} +.tooltipped-s:after, .tooltipped-n:after { + transform: translateX(50%); +} +.tooltipped-w:after { + right: 100%; + bottom: 50%; + margin-right: 5px; + transform: translateY(50%); +} +.tooltipped-w:before { + top: 50%; + bottom: 50%; + left: -5px; + margin-top: -5px; + border-left-color: rgba(0, 0, 0, 0.8); +} +.tooltipped-e:after { + bottom: 50%; + left: 100%; + margin-left: 5px; + transform: translateY(50%); +} +.tooltipped-e:before { + top: 50%; + right: -5px; + bottom: 50%; + margin-top: -5px; + border-right-color: rgba(0, 0, 0, 0.8); +} +.highlightable { + padding: 1rem 0 1rem; + overflow: auto; + position: relative; +} +.hljs::selection, .hljs span::selection { + background: #b7b7b7; +} +.lightbox-active #body { + overflow: visible; +} +.lightbox-active #body .padding { + overflow: visible; +} +#github-contrib i { + vertical-align: middle; +} +.featherlight img { + margin: 0 !important; +} +.lifecycle #body-inner ul { + list-style: none; + margin: 0; + padding: 2rem 0 0; + position: relative; +} +.lifecycle #body-inner ol { + margin: 1rem 0 1rem 0; + padding: 2rem; + position: relative; +} +.lifecycle #body-inner ol li { + margin-left: 1rem; +} +.lifecycle #body-inner ol strong, .lifecycle #body-inner ol label, .lifecycle #body-inner ol th { + text-decoration: underline; +} +.lifecycle #body-inner ol ol { + margin-left: -1rem; +} +.lifecycle #body-inner h3[class*='level'] { + font-size: 20px; + position: absolute; + margin: 0; + padding: 4px 10px; + right: 0; + z-index: 1000; + color: #fff; + background: #1ABC9C; +} +.lifecycle #body-inner ol h3 { + margin-top: 1rem !important; + right: 2rem !important; +} +.lifecycle #body-inner .level-1 + ol { + background: #f6fefc; + border: 4px solid #1ABC9C; + color: #16A085; +} +.lifecycle #body-inner .level-1 + ol h3 { + background: #2ECC71; +} +.lifecycle #body-inner .level-2 + ol { + background: #f7fdf9; + border: 4px solid #2ECC71; + color: #27AE60; +} +.lifecycle #body-inner .level-2 + ol h3 { + background: #3498DB; +} +.lifecycle #body-inner .level-3 + ol { + background: #f3f9fd; + border: 4px solid #3498DB; + color: #2980B9; +} +.lifecycle #body-inner .level-3 + ol h3 { + background: #34495E; +} +.lifecycle #body-inner .level-4 + ol { + background: #e4eaf0; + border: 4px solid #34495E; + color: #2C3E50; +} +.lifecycle #body-inner .level-4 + ol h3 { + background: #34495E; +} +#top-bar { + background: #F6F6F6; + border-radius: 2px; + padding: 0 1rem; + height: 0; + min-height: 3rem; +} +#top-github-link { + position: relative; + z-index: 1; + float: right; + display: block; +} +#body #breadcrumbs { + height: auto; + margin-bottom: 0; + padding-left: 0; + line-height: 1.4; + overflow: hidden; + white-space: nowrap; + text-overflow: ellipsis; + width: 70%; + display: inline-block; + float: left; +} +#body #breadcrumbs span { + padding: 0 0.1rem; +} +@media only all and (max-width: 59.938em) { + #sidebar { + width: 230px; + } + #body { + margin-left: 230px; + } +} +@media only all and (max-width: 47.938em) { + #sidebar { + width: 230px; + left: -230px; + } + #body { + margin-left: 0; + width: 100%; + } + .sidebar-hidden { + overflow: hidden; + } + .sidebar-hidden #sidebar { + left: 0; + } + .sidebar-hidden #body { + margin-left: 230px; + overflow: hidden; + } + .sidebar-hidden #overlay { + position: absolute; + left: 0; + right: 0; + top: 0; + bottom: 0; + z-index: 10; + background: rgba(255, 255, 255, 0.5); + cursor: pointer; + } +} +.copy-to-clipboard { + background-image: url(../images/clippy.svg); + background-position: 50% 50%; + background-size: 16px 16px; + background-repeat: no-repeat; + width: 27px; + height: 1.45rem; + top: -1px; + display: inline-block; + vertical-align: middle; + position: relative; + color: #5e5e5e; + background-color: #FFF7DD; + margin-left: -.2rem; + cursor: pointer; + border-radius: 0 2px 2px 0; + margin-bottom: 1px; +} +.copy-to-clipboard:hover { + background-color: #E8E2CD; +} +pre .copy-to-clipboard { + position: absolute; + right: 4px; + top: 4px; + background-color: #C1C4C6; + color: #ccc; + border-radius: 2px; +} +pre .copy-to-clipboard:hover { + background-color: #00bdf3; + color: #fff; +} +.parent-element { + -webkit-transform-style: preserve-3d; + -moz-transform-style: preserve-3d; + transform-style: preserve-3d; +} + +#sidebar ul.topics > li > a .read-icon { + margin-top: 9px; +} + +#sidebar ul { + list-style: none; + padding: 0; + margin: 0; +} + +#sidebar #shortcuts li { + padding: 2px 0; + list-style: none; +} + +#sidebar ul li .read-icon { + display: none; + float: right; + font-size: 13px; + min-width: 16px; + margin: 4px 0 0 0; + text-align: right; +} +#sidebar ul li.visited > a .read-icon { + color: #00bdf3; + display: inline; +} + +#sidebar #shortcuts h3 { + font-family: "Novacento Sans Wide", "Helvetica", "Tahoma", "Geneva", "Arial", sans-serif; + color: white ; + margin-top:1rem; + padding-left: 1rem; +} + +#homelinks { + background-color: #9c6fb6; + color: #fff; + padding: 7px 0; + border-bottom: 4px solid #9c6fb6; +} + +#searchResults { + text-align: left; +} + +option { + color: initial; +} diff --git a/en-21/404.html b/en-21/404.html new file mode 100644 index 0000000000..a2c8dae11f --- /dev/null +++ b/en-21/404.html @@ -0,0 +1,59 @@ + + + + + + + + + 404 Page not found + + + + + + + + + + + + + + + + + + +
+
+
+
+

+

+

+

+

+

+

Page not found!

+
+
+ +
+ + + diff --git a/en-21/categories/index.html b/en-21/categories/index.html new file mode 100644 index 0000000000..83f95aa950 --- /dev/null +++ b/en-21/categories/index.html @@ -0,0 +1,560 @@ + + + + + + + + + + + + Categories :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ + category :: + +

+ + + + + + + + +
    + +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-21/categories/index.xml b/en-21/categories/index.xml new file mode 100644 index 0000000000..79a6350dc9 --- /dev/null +++ b/en-21/categories/index.xml @@ -0,0 +1,11 @@ + + + + Categories on System Admin Toolkit (SAT) + /docs-sat/en-21/categories/ + Recent content in Categories on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-21 + + + diff --git a/en-21/dashboards/index.html b/en-21/dashboards/index.html new file mode 100644 index 0000000000..7806c092ce --- /dev/null +++ b/en-21/dashboards/index.html @@ -0,0 +1,542 @@ + + + + + + + + + + + + SAT Dashboards :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + + +

SAT Dashboards

+ + + + + + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-21/dashboards/index.xml b/en-21/dashboards/index.xml new file mode 100644 index 0000000000..fdee3dd749 --- /dev/null +++ b/en-21/dashboards/index.xml @@ -0,0 +1,26 @@ + + + + SAT Dashboards on System Admin Toolkit (SAT) + /docs-sat/en-21/dashboards/ + Recent content in SAT Dashboards on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-21 + Wed, 11 Dec 2024 03:40:00 +0000 + + + SAT Grafana Dashboards + /docs-sat/en-21/dashboards/sat_grafana_dashboards/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-21/dashboards/sat_grafana_dashboards/ + SAT Grafana Dashboards The SAT Grafana Dashboards display messages that are generated by the HSN (High Speed Network) and reported through Redfish. The messages are displayed based on severity. Grafana can be accessed via web browser at the following URL: https://sma-grafana.<system_name>.<system_domain> For additional details about how to access the Grafana Dashboards refer to Access the Grafana Monitoring UI in the SMA product documentation. For more information about the interpretation of metrics for the SAT Grafana Dashboards refer to Fabric Telemetry Kafka Topics in the SMA product documentation. + + + SAT Kibana Dashboards + /docs-sat/en-21/dashboards/sat_kibana_dashboards/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-21/dashboards/sat_kibana_dashboards/ + SAT Kibana Dashboards Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored in Elasticsearch indices. Kibana runs as a web service and has a browser-based interface. It offers visual output of node data in the forms of charts, tables and maps that display real-time Elasticsearch queries. Viewing system data in this way breaks down the complexity of large data volumes into easily understood information. + + + diff --git a/en-21/dashboards/sat_grafana_dashboards/index.html b/en-21/dashboards/sat_grafana_dashboards/index.html new file mode 100644 index 0000000000..53692266dc --- /dev/null +++ b/en-21/dashboards/sat_grafana_dashboards/index.html @@ -0,0 +1,641 @@ + + + + + + + + + + + + SAT Grafana Dashboards :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+ +
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Grafana Dashboards

+

The SAT Grafana Dashboards display messages that are generated by the HSN (High Speed Network) and reported through +Redfish. The messages are displayed based on severity.

+

Grafana can be accessed via web browser at the following URL:

+
    +
  • https://sma-grafana.<system_name>.<system_domain>
    • +
+

For additional details about how to access the Grafana Dashboards refer to Access the Grafana Monitoring UI in the +SMA product documentation.

+

For more information about the interpretation of metrics for the SAT Grafana Dashboards refer to Fabric Telemetry +Kafka Topics in the SMA product documentation.

+ +

There are four Fabric Telemetry dashboards used in SAT that report on the HSN. Two contain chart panels and two display +telemetry in a tabular format.

+ + + + + + + + + + + + + + + + + + + + + + + + + +
Dashboard NameDisplay Type
Fabric CongestionChart Panels
Fabric RFC3635Chart Panels
Fabric ErrorsTabular Format
Fabric Port StateTabular Format
+

The tabular format presents a single point of telemetry for a given location and metric, either because the telemetry +is not numerical or that it changes infrequently. The value shown is the most recently reported value for that location +during the time range selected, if any. The interval setting is not used for tabular dashboards.

+

SAT Grafana Interval and Locations Options

+

Shows the Interval and Locations Options for the available telemetry.

+

+

The value of the Interval option sets the time resolution of the received telemetry. This works a bit like a +histogram, with the available telemetry in an interval of time going into a “bucket” and averaging out to a single +point on the chart or table. The special value auto will choose an interval based on the time range selected.

+

For additional information, refer to Grafana Templates and Variables.

+

The Locations option allows restriction of the telemetry shown by locations, either individual links or all links +in a switch. The selection presented updates dynamically according to time range, except for the errors dashboard, +which always has entries for all links and switches, although the errors shown are restricted to the selected time +range.

+

The chart panels for the RFC3635 and Congestion dashboards allow selection of a single location from the chart’s legend +or the trace on the chart.

+

Grafana Fabric Congestion Dashboard

+

+

SAT Grafana Dashboards provide system administrators a way to view fabric telemetry data across all Rosetta switches in +the system and assess the past and present health of the high-speed network. It also allows the ability to drill down +to view data for specific ports on specific switches.

+

This dashboard contains the variable, Port Type not found in the other dashboards. The possible values are edge, +local, and global and correspond to the link’s relationship to the network topology. The locations presented in the +panels are restricted to the values (any combination, defaults to “all”) selected.

+

The metric values for links of a given port type are similar in value to each other but very distinct from the values of +other types. If the values for different port types are all plotted together, the values for links with lower values are +indistinguishable from zero when plotted.

+

The port type of a link is reported as a port state “subtype” event when defined at port initialization.

+

Grafana Fabric Errors Dashboard

+

+

This dashboard reports error counters in a tabular format in three panels.

+

There is no Interval option because this parameter is not used to set a coarseness of the data. Only a single value +is presented that displays the most recent value in the time range.

+

Unlike other dashboards, the locations presented are all locations in the system rather than having telemetry within +the time range selected. However, the values are taken from telemetry within the time range.

+

Grafana Fabric Port State Dashboard

+

+

There is no Interval option because this parameter is not used to set a coarseness of the data. Only a single value +is presented that displays the most recent value in the time range.

+

The Fabric Port State telemetry is distinct because it typically is not numeric. It also updates infrequently, so a +long time range may be necessary to obtain any values. Port State is refreshed daily, so a time range of 24 hours +results in all states for all links in the system being shown.

+

The three columns named, group, switch, and port are not port state events, but extra information included with +all port state events.

+

Grafana Fabric RFC3635 Dashboard

+

+

For additional information on performance counters, refer to +Definitions of Managed Objects for the Ethernet-like Interface Types, +an Internet standards document.

+

Because these metrics are counters that only increase over time, the values plotted are the change in the counter’s +value over the interval setting.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-21/dashboards/sat_kibana_dashboards/index.html b/en-21/dashboards/sat_kibana_dashboards/index.html new file mode 100644 index 0000000000..c038d205d6 --- /dev/null +++ b/en-21/dashboards/sat_kibana_dashboards/index.html @@ -0,0 +1,830 @@ + + + + + + + + + + + + SAT Kibana Dashboards :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+ +
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Kibana Dashboards

+

Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored +in Elasticsearch indices. Kibana runs as a web service and has a browser-based interface. It offers visual output of +node data in the forms of charts, tables and maps that display real-time Elasticsearch queries. Viewing system data in +this way breaks down the complexity of large data volumes into easily understood information.

+

Kibana can be accessed via web browser at the following URL:

+
    +
  • https://sma-kibana.<system_name>.<system_domain>
    • +
+

For additional details about how to access the Kibana Dashboards refer to View Logs Via Kibana in the SMA product +documentation.

+

Additional details about the AER, ATOM, Heartbeat, Kernel, MCE, and Rasdaemon Kibana Dashboards are included in this +table.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
DashboardShort DescriptionLong DescriptionKibana Visualization and Search Name
sat-aerAER correctedCorrected Advanced Error Reporting messages from PCI Express devices on each node.Visualization: aer-corrected Search: sat-aer-corrected
sat-aerAER fatalFatal Advanced Error Reporting messages from PCI Express devices on each node.Visualization: aer-fatal Search: sat-aer-fatal
sat-atomATOM failuresApplication Task Orchestration and Management tests are run on a node when a job finishes. Test failures are logged.sat-atom-failed
sat-atomATOM admindownApplication Task Orchestration and Management test failures can result in nodes being marked admindown. An admindown node is not available for job launch.sat-atom-admindown
sat-heartbeatHeartbeat loss eventsHeartbeat loss event messages reported by the hbtd pods that monitor for heartbeats across nodes in the system.sat-heartbeat
sat-kernelKernel assertionsThe kernel software performs a failed assertion when some condition represents a serious fault. The node goes down.sat-kassertions
sat-kernelKernel panicsThe kernel panics when something is seriously wrong. The node goes down.sat-kernel-panic
sat-kernelLustre bugs (LBUGs)The Lustre software in the kernel stack performs a failed assertion when some condition related to file system logic represents a serious fault. The node goes down.sat-lbug
sat-kernelCPU stallsCPU stalls are serous conditions that can reduce node performance, and sometimes cause a node to go down. Technically these are Read-Copy-Update stalls where software in the kernel stack holds onto memory for too long. Read-Copy-Update is a vital aspect of kernel performance and rather esoteric.sat-cpu-stall
sat-kernelOut of memoryAn Out Of Memory (OOM) condition has occurred. The kernel must kill a process to continue. The kernel will select an expendable process when possible. If there is no expendable process the node usually goes down in some manner. Even if there are expendable processes the job is likely to be impacted. OOM conditions are best avoided.sat-oom
sat-mceMCEMachine Check Exceptions (MCE) are errors detected at the processor level.sat-mce
sat-rasdaemonrasdaemon errorsErrors from the rasdaemon service on nodes. The rasdaemon service is the Reliability, Availability, and Serviceability Daemon, and it is intended to collect all hardware error events reported by the linux kernel, including PCI and MCE errors. This may include certain HSN errors in the future.sat-rasdaemon-error
sat-rasdaemonrasdaemon messagesAll messages from the rasdaemon service on nodes.sat-rasdaemon
+

Disable Search Highlighting in Kibana Dashboard

+

By default, search highlighting is enabled. This procedure instructs how to disable search highlighting.

+

The Kibana Dashboard should be open on your system.

+
    +
  1. +

    Navigate to Management

    +
    2. +
  2. +

    Navigate to Advanced Settings in the Kibana section, below the Elastic search section

    +
    3. +
  3. +

    Scroll down to the Discover section

    +
    4. +
  4. +

    Change Highlight results from on to off

    +
    5. +
  5. +

    Click Save to save changes

    +
    6. +
+

AER Kibana Dashboard

+

The AER Dashboard displays errors that come from the PCI Express Advanced Error Reporting (AER) driver. These errors +are split up into separate visualizations depending on whether they are fatal or corrected errors.

+

View the AER Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-aer dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the Corrected and Fatal Advanced Error Reporting messages from PCI Express devices on each node. View the +matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on +the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass +next to each NID.

    +
    5. +
+

ATOM Kibana Dashboard

+

The ATOM (Application Task Orchestration and Management) Dashboard displays node failures that occur during health +checks and application test failures. Some test failures are of possible interest even though a node is not marked +admindown or otherwise fails. They are of clear interest if a node is marked admindown, and might provide +clues if a node otherwise fails. They might also show application problems.

+

View the ATOM Kibana Dashboard

+

HPE Cray EX is installed on the system along with the System Admin Toolkit, which contains the ATOM Kibana Dashboard.

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-atom dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View any nodes marked admindown and any ATOM test failures. These failures occur during health checks and +application test failures. Test failures marked admindown are important to note. View the matching log messages +in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, +results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.

    +
    5. +
+

Heartbeat Kibana Dashboard

+

The Heartbeat Dashboard displays heartbeat loss messages that are logged by the hbtd pods in the system. The hbtd pods +are responsible for monitoring nodes in the system for heartbeat loss.

+

View the Heartbeat Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-heartbeat dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the heartbeat loss messages that are logged by the hbtd pods in the system. The hbtd pods are responsible for +monitoring nodes in the system for heartbeat loss.View the matching log messages in the panel.

    +
    5. +
+

Kernel Kibana Dashboard

+

The Kernel Dashboard displays compute node failures such as kernel assertions, kernel panics, and Lustre LBUG messages. +The messages reveal if Lustre has experienced a fatal error on any compute nodes in the system. A CPU stall is a serious +problem that might result in a node failure. Out-of-memory conditions can be due to applications or system problems and +may require expert analysis. They provide useful clues for some node failures and may reveal if an application is using +too much memory.

+

View the Kernel Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-kernel dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the compute node failures such as kernel assertions, kernel panics, and Lustre LBUG messages. View the matching +log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. +If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to +each NID.

    +
    5. +
+

MCE Kibana Dashboard

+

The MCE Dashboard displays CPU detected processor-level hardware errors.

+

View the MCE Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-mce dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the Machine Check Exceptions (MCEs) listed including the counts per NID (node). For an MCE, the CPU number and +DIMM number can be found in the message, if applicable. View the matching log messages in the panel(s) on the right, +and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID +by clicking the icon showing a + inside a magnifying glass next to each NID.

    +
    5. +
+

Rasdaemon Kibana Dashboard

+

The Rasdaemon Dashboard displays errors that come from the Reliability, Availability, and Serviceability (RAS) daemon +service on nodes in the system. This service collects all hardware error events reported by the linux kernel, including +PCI and MCE errors. As a result there may be some duplication between the messages presented here and the messages +presented in the MCE and AER dashboards. This dashboard splits up the messages into two separate visualizations, one +for only messages of severity “emerg” or “err” and another for all messages from rasdaemon.

+

View the Rasdaemon Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-rasdaemon dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the errors that come from the Reliability, Availability, and Serviceability (RAS) daemon service on nodes in +the system. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID +in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside +a magnifying glass next to each NID.

    +
    5. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-21/img/Fabric_PortState_Locations_UI.png b/en-21/img/Fabric_PortState_Locations_UI.png new file mode 100644 index 0000000000000000000000000000000000000000..704511ebce3d09b05ef60e3c174c516850b1e875 GIT binary patch literal 10312 zcmeHtWl)@3v+j@}K@&VU!QE}p5G*(Wf;$Wj1A`8lkN_cQ&|pIX0fM`G(8&Zyg1a-g zyWU~%eb4^BTXm}L_v8FHReNgWeOLGD)$h}?x>rqvmWC2O4kZo%0Kiv%F0Ty$pz)xt z%^zT*zV(zj5>P*xe!2#p+Lk`_ZV<4ogENTU6Y2({2l+bK0sy{~E-?uFE_yuq-BJeT z@v}GV;m>7Nu#9igo{Gp%0_XSTC?8U1RdtLiyr)l_c~24c<+-wO)KVOSw!((stg3eJ zm+OAnAwKy1{lnJ@f*9*TSrdYN@9h$q?LDDPK2#TNoN2}gEA@$Sww!fRA)~I;n*Oqv zdn=COc}t>Wqi@JM$d71c^paGV&H(_Nrw%AZ4b;`dt-&rlmNsB35Rb2m8|n!F07)5N zH%n_LkSDzr$j-r4iea~@je*|5Mv6gSSe;MZO%7!5@Z1jq((%*Kwf1we2HG&lNaINQ zilYR$fIKbfeO;VgJ;Z&b82*qej=H`Z=4GJ&gT>QHiorl#i(U>40nrQb2=VZ7EBHEi z3ouCI&`UyWY{j+Z75@@}x|3qC_w;lV=jHYB@!|0i@qATOT)uYdqIii6t& z>gs9f%kApHcqigd8S)?xYlwrJrvuoP{!XT)71+yDih%(|r~ga1r-SX^(p^3N0s#dF z?;VAgpNEh4U)k?$_+QHW8~YvQZ}z*%;s)9v53sY>-SSclq5{19e@Oa+Wcc5c{-(Ti zbwFt=@b@eou&t+$B?KhJpk)vC1nXE^x`F!*$_#e3bf$Kj) z;6Gyi$GiT4>pw!^KVtsJyZ(2a52=rpFF=0C+kbp%%|nr^X`p2)#qUFL>+TgAjVpwB_2{yD!0&lf zm6ec*x?BJEk@)@IF)=YVSM^MaQIA#pE*yfyAk`z+ET+ldKFMDD=MRU_Ulj{)y1PtQ z=XP75YneD(boOuqoX5vcf~Z7YwmYnFLg-C?a=A@7*GR>e_uFm`-?-K_^_LA8w5+No zb3tPck+>3GCURlF1x$GKQ)0`;W;_}m7mqsP;0!!bo{=$^t$&<`Pa4d1Ds%SO+kaE` z@Rt&;#Z`R;jS43xXZp8At3owfD{Be!*N$_4iQyi@UA&J?)u^xE9|OZ8LnUlDqNYNZe>3 zZ}GBce_*Q2lYMYhNUE&r9D~cWF={KrB!*g*(P3+i7T#;BZ&f!nV>=;Zeklw%M9zHs zkvh~eHC8s)HR-i^el%1QRfKCoqh8g0AoQ5h-0zJ|hrX$RRB22+Q-r3pVdwr5D|^{j zd2*7zWq3mULYPz9@$h@xNW;1lPMm>ErJP@UmRANl_1F4+8z;s!el$w4U-+FyUph}T zXKGsm2c-|Om{KBFc5f1};mXsJr{R zaC^SX(Q48bVV4CZif+p@ycro80jPb98@9iUDk@vv#5ex>wRq7}k?i(judO6+!pyY! zdf+mnpA*pTTw87f_fSg{`mkBnh6xDogooi9i}}v;tt2JMD=4~cmUvL`TiNHEYc3!a zCUWaKVrYj(s*Qmf@g|b{mohI54I@lS>6zqXf7vfb^0xJ88TDMB&J5Y#1_vLp3#4Xz z`b1w?sOCJkkB@ml~nQwgJUHz$;Km6adh%V*~Wz;yF=Ro=FN z&d41`AT(gAEPtc`Ay&z2q*z86SF>BPO_Uqp<`8nDmJbESp z)SsXD5zvUsgFwt52nnyeCOrCV1W-}Ee^kX=9(>zj`k0#3pKcXEvUJniAnd@3sqN;yl$1La z_07Sn$>~VX4N3gm+%LJ%17&J~N3Ys$wuPNVs02%41KWq-{bpJRR^Q{Ay7N<|qK{(k z_l&kfXHAD7=I-50v!?rKSOnCoI}%_CmmX8juqyNZy=w}AaY36@;X@8g zyyxwX1rD|5Ha21v6@iVqpG4=3emPI|dm!Dew+y3bB*H+!(3p9P%+npcfB@>(uVoFm zY}Hr<#ZBW*>qBvOj|Mmu6chx6+#j)Og52iYKP$f8Y`txm^53sxVqC&=t&6xUbJHoxqIxZ0*}DyIVjmGQs)O$C?_nu}sPtyj;&pPONX58)laj zV`-I9sj}w)LO?6Iwe98gW!eQ5ENr~3dt97)#Z0_1S%H@i%fYv3-@bjTUpg_SNEtrK zFt*#wF6a!8z30}uUFR1*nGg)6xIJGJEY@>s>cy1-qtFnY+j6Mt6}CNkZaeUCV3m7n zYTI2sQ@mjaBTZ(PEb)7f$IH%e{QHufkHd%h(!t!UtfyQxHQv)ZVNS7>u@Pwl&}bTo z_X+s|Z2UrIVnw<&QX@Vao-6?Co+#()z@P1C%?Ag#+c4sGxDLf^7Dxbyg6-Z0QBRL&KJ_vlPMP9AU0>lm)tYb>(zE${lGDfE$|~Ei(G!~`AtJNM`>?;xpPw?i zd4IKu%fyXUU#+2e#9G3bT%9zM@{q6#X6epwXy?KaW`kCsTjb@}kqvLe^**c9c%zF_j>~;4y!myR>(&`-jJdq6 z3p_u~ow1{j$+4Hay+!Wg%<&1m`+M1!%~L+xlW!`TYeTK6Zq0N}?mgADkx#!AzHZRW zvIoS_N(~gJ>O*fA-NfKR_ENCrN}!;HzL#ggpYQKD^Vn^{7iL+Yre_S+6NYjt*iHJkt@>g(Q{ zcRuL*K9JeeBBL7LHR{p?cr4QFQ8%>-9?XJ&-zNY8q|Gmxd2fziihw76O@5{!BP5Jb z%;{K(7lSa3G|gC5xa|ZG0#F|3AWEY!vsYgNt$V>3z64RG77vJukMHSRC0>V7VICJ< z8mm_2cs)t+zgIpJwBU7rEoB~C4^{d&RbRKi?%bL_cWFXmf6``$o_#hK^!~wSm7N1U zfX`(=-0>?j*rSoIiE%Rd{aE8mmetVewv8Qf5z+wvKCn+9fip->M45fM6MPn)BY8Z0 zh({?9S6%I?#zHKf8504|Y+6eFDGDQG4Eq2Jdfy8>BTmUxqvz$F^XI%xGt~FFoVF35 zz}oHfDNo8VrIbRqH0gFsqI~5bFX6uisO(*vLn9)$962<%>OVq}6 zITOq$?I6U?PJDhG=ySLnj}&v8=L6-gFtHFYNJyka{SdSlx-kiYs$8n7?V*<`-JAwF zI&GsA$_$*qp!0$s)$`y*8wHcOPFA!3Xmw>VDv_Z`wG&H7QkXk4SiJBJGemCC7M5mB z!`zRB-s9(P&9EOY%=+{-fsGGpAA*$blTKzK?-3YGkt>{^<_h)jR;#<^`if z6^w8K8p~7IH9%fbvHWO)6&oM>i3DqSbb4((w5LjP5sXOoX0spBVIyI%zy8sep<$OZ zm~lIW09X6}qzgK=4?o@H#*|}kw4g~N5Za3;x{nG6Q=^61#HsDP`uewVj{>V;YMKJ6 zYGTv_1jm&|Rzk@+T5Lb-1kPvTm>Sr)IG)i_t7&Ns0ZUGXww{|lkB?kjv|?and?DOG zWn^ruiYhQ(y!fyv>-BK_d6mtTh zsVL!GI+Fa$kQZm{&&F3{AC^{dfbQ-U+dFecX*3164bL>P8fya8PjxQOO%um-&(`fv zPQ15;1>e1QhOQBlQoy~&1_1MoPE)hHc~o|%7W^2pk9gvMnHr*ta|zfX^Kz02_}Rfc z4?-Ri3V!~(1z~VQ(LChmiO@Tcs66^0WRUQ+>Lc_l#(OFB52TfNlJDqF^09YgI;S67 z*L+a-5`W(RUmnE>lsw8`OaF}wbROA90WsRsx+LfwWAAAHko)J@zxG0ZDv}7ZBkc~Z zBt!4;`8Q7OfQth92d#=nfAmd@AL#BxuDRdop2+RORaD%=-oWE+_|{dcZw39V=%=IZ zjE3rPn;W}*k-8|ZN%pT=9%+uVUY=(~Oz_Z(LdrVad)1~7&9ZNT%>ruFMX5O6D{iKf z-~cTl0=a|=*&BY~w^k3yftEEBy}LP1`l9{DdA<&fYagG1yqab$$mC#(O| z=HHMU?AvyA(N+w*vcR-C1^$DWE5KTSOcHGn`BZ-EZelzH8b-BuMR&#==*9qd{s zPvHettHE9&8Q;@rd7(Pq`MCO~70LNz0(LJsNNabbVxj!w%;ch_$}8QwgZJngX2vtO zWnzwpVbno&E1qETGF81|19-5ES%0eFM0BmFb1!+3x=%sxOTBGW{qK>NeM+@6Js7h; zpR5MBH;i+2MS_0mb(>@CH?%Wz>DFXgZ$jkXdU?~!qY;bvT5c&a#a`xq;wU|J@IAF@ z<1rnK?cUQez4@{ipOQKKgy&$N;t&spzdk6t)O};uiU92tT9c$Y1uw^Ysi#(CpqkWW z2nLmi>vcus&;iojYpnDNM`Zc&2l#yLlNW05u@VdDtY6@d0^0HoRff;*_d5 zH1CZBnpoMsGV5&add_fvMDoy-2Y~5;e=BL$wOnt38Se0lL+VyT9ny5Z{N?q11(t7D zNs>Y$$$bFf@W>y<2o8`@GYr3BrOW=>K#XH@>fH&fXgRW2;M>*6bo}EE`j+5W*zGE} z#A9hLLS;w=2;rS)<_^t|;pHux-=Dk2PEmC{sgrQMB^9(&+bzgGsUO`yZ?~v99H=+EBMf${MG7jphszk-4V=B4LS}hIfU;@0ClZIprBq~_z= z7Q64wB`|03l(Fy+XN4y$YJCRA=k74yj8u&E#U0(h^WVr!fSj1OmaV`hw zI$E0AvS;;Ez;h%9;&iMOxAPgsENt~_KM2=FJ*jdn-i0&*LDfVhFB6Qk;6Jsv85!?E z?VVVV(R#}eiUuChQ!?GkozV(v4*m~DTFQ>H%#emCwUme)Okz57nUJ!oXf7EyvYM>; zAp*fUP|E&7bWXEuNfTa}whA8R>R=m%a=h-|p*o=~#Y;=>_0!Xr$I2N5*bOF%K?R|7@B6PV8yB1h z__d7;J7=kL@~JTe74#&6KaQs;`D83){CeM}r|umQQ6`8m@Ht!~8|+?(R9RdrGv&YS zG4H>`I-D@o>iG77{|lM!L8xALc11-%l3A3=6T8`RHfcDY+oB2S#d7PHRef!{0u^Qa)m6DdEsO zj~ulF8(bIhUoBy3Dl}*5y&c)fF0Kqidm&rg=E5};CT~$Q2`{Q9q+078i6AU)fs%~j z$9`jO7*8^XZ%|3~Duvra9X38Go-e|xrNWn4IysQ=QqCJ+F(BO#^{$?ig@W!_LXu^Q*T)etw)=~{KQ|?AEyJWP;=BxN?x!HsO+I1J1?Q6P&vpdt)*9JOv3}6ALYrUhAcT2hg&p`sL}&`)%?8GA=CP4*0Am^> z_Tl%xjc2~>$#fdp8!JRv5|6OtNG%v$3xpaUJ9XE-3BjxP9 z?V?t#^>Nvr`ne! z5Ekl)CZ>NHV_>vxq3VjUBElLx=aanQ7=g^kx9vDPTg9$ROvz&9m8)TG`PS%pysb9f zyD8Kx>A`l`)0M5wG5*2uI~IOe?TkB@Fn&`@GTJq6-d zqVJBWFOqp?sBla#lWFY=AO_w);t)U-O{D2-I7X!6v#LHAX7k;gT)=xj>cz%eGCAZq zm@c)xG8PzHkgn+zF|@MUh-S&v##dGeG>ngL7t|-PRcofT z&W)aPIhlef~Xq(NCa0bEW@wHVb2E zsl|L~QO>VMeQbExO?(M2FgvHkMO;J#GgWOMk4NKoFUol%dT;7frAqu}{FYgV>{rZt zdDUvwHGeLdk2OKhEu=vrSg81kdro7W9iqiXvehR-v{SZ>5Cj>Nc+a*4y+vA3kQg`` znu-n=xw>uE|IkK!X7I>q&hJ`>?pjDUc_6Tl^($IjBf6?vpOEO+1tD$sOP!sCy@Lb` z=n|HWon7__W=yF>U0M0~-gRqAkJ?{mhi6$V^^`B<)Ynnv~L!4D>oEpiTjk&G_5>uO4Cw0&`(7-5NQD>A6D|&+?yL zi7Zm@HZkA2H~#F(Iz{sPTcB@hj+|OO8;_qlfKcQkx)Y2AwJzDuJ3-fCpyIr*(<;g} znVOm@k5IWalQEkoF~6&;$p3JSincH01^*ZFba!z{Q8n9#c-H;<&j7B9r=1khIy^u7!o9=I_pkkW^h%-y)^3YN{!%}o$z<@ zLzYU_&+x$fHn2S#>32`Y=1c})Em-xJJLgi#`o?}oA5h5>zbKa6ukC~^&DVY7sjee4 z>dDBg8KoGz%>`eYnb4#`)q}JMwd&r`VQ8 z^7i22DyLkSS6jUQ^DlFg{ z4J$9o9_F`Npwg9`93&?1fd?oDei$qkuClUTlbiH1frRvJmSQ(BC+XpD zo+El2f%;1DgOrC4a`GlSHkLx`O?ha~6z=_c?P%n$AgqE>7rXtYlV=|Zu4F6yiV6o< z1i$PSqG&$->b>Hn<~G&$as!%k5E*RF3$u=D=lRC{r}cWF+PP0ZYw-!GAx5sHI+s2@ z6;^@1xhUc6SC3feTNbFbeJo~R!>iw)95T|x?? zpDRoLg*V1U#Q6wyXmn?jd^T)k=UMKj?h8JH?Y9mu*^KJxnd+#ly$+8it;;7{dLKJc zPgm`Tp$Y+^bf?0>oa~;7?Ius2I@Ysy1r%(~+0^(+jz^uP47r8uM$!Uwj8~W2OSUHpz{RWtE>e0b5RlBw0#^Lr_Ih zHh-W|e-3LhSs$q1JY@ir8q<8gBeC|x)seI-=>>PbcYm$5$m)_o%fiMSm^%8@{T zMlz%~X**@?WXHTFIFpV;+?c4A`>kr~WAX?8Pji1BypCwFm+=8M-2JakSwTa-^qED- F{{e^I_u2pe literal 0 HcmV?d00001 diff --git a/en-21/img/Grafana_Fabric_Congestion.png b/en-21/img/Grafana_Fabric_Congestion.png new file mode 100644 index 0000000000000000000000000000000000000000..dbf481d94ce7036204bb81960b1e9ecf3b28182d GIT binary patch literal 13882 zcmeHuWmKF`((e$G5C{?o5P}9mfZz~Z6EqC&4#Azl-4X}{2ol^0?k_m z8RS0vclX^_?mhSHhx_54vm9U^p02LyuIjG-RaFzLASa21L5u+cfv}`LiYb9W4|srQ z{U?us-y0;&g1|?rhl+-il7Z_hI|qoVg|*2mCwDuOS0-*2rXY~poK3hcHY(+lfMs6s z2++xE@?KfXagwvk?rxXG>}7vUBX&%IGNZ>fZD{*^!VKo;-*G`8jQ1A6Ks97#_>3Sn%m&5~Llb5<8#`bIAdrBt zo1KA?m5I|ULlZL#TS2PB##X9V7RG{9>YTEyvUZ{-<`y44988ow!m--@j&|di58Hla(NqhOELXQHX=dD-LE3W>zL~ zHwzbbDj|$l0uIKed`e;xe`f*wB}irNcyM`>Ve*cd{`3CwE)N zzbgSy2g`j63mY>l%YP=nx8Z*b=D(2NxBQd*zB8YOl8Gb4+WB6*AQd+|3)^3u{%X?v zKR5leMb*{<7%lrhdnrRqom>qZOa!SE%ppz?Wg`PSlfPQ;h4YC*tRW7{fYE^Vzlr+m zwStA4iM589g^h`=<6k4;&|6$a7&Hlgt`nQmO zNyqEFKOUkBL4U4`nS6NB@O&b#Q$Dh|9`0q8G% zpfBtdz>i4tWQX@Pj|jpSJPBMH7Yh{Vo{2o64A^3f$!mOY|MYB$20i@#9UqyLT>$Vf zww)iLADNig8CTMp0gJEJ;H9AnaSX&UYV&I$<%#SmUGx+vb-i`Z+MX&x78KOn_Z1`2 zI{VG2Ur{-g{pfue%Szq`1Ind^`}{7Geno%i6#l&+9(yJ{(yIC;hDXUmn=U1XPJHv% z6Xc=s*KNx3f+J&DU-#!q3!=u^NwFn^por|Ij*n6niLim2cXZ6Qf|P^+i>8w9XH(k_ zBg^FNhQ}#7f@i<=dCe|IpVKqEdlxFwoCa1Vu(#hYlLmw7Ax-BHkBhD0lv(-eR=>4` zp>waZK6rL6d3J3rA?T|}pL^EG#;e>~I74fFO{e0+RnczZ_5@Oc|&gfWJ-6JCr+1Yxux^bN=zjNaC zUYGp@2@4Ak3q$Z9i}Jn-1{vUQ2UQ-q*iJf-xWS&R6Jp-rO7_GRMrDl$L_0Puk?^;iU$--qt=|)}| z7?3cGXC{L)99%iS?{&3-r=*Odq-Q`)$LhysG;G!%)5qlDbN1Dv1$iNP@-#eiVw=c* zSi!bsn-3pr*SqSH|6*^cH(TmO)d_qmhPdC|cKG=W8TOL)CGP8CvL4Qf+`57JDp!iu z+lIvI>Q3_-;y;MpP9~^K@AC49k+F-=`*kjNhg4Icd>U zzr1jXF|4#1KRyPR09Vf8geZ#kyCcM^xOjc)3c}|0>wV_y&MTAiGNOKlC+OI#o5^KH zzal>jwUo&V>575-eHaND78~C<90!DIoV4cXI2`jt(dw-0A&yoU)k<|bZ&59_oP;om zC)2ed^|)c18VSb6#wQ!`(sbi5vQ+4$zC{@I48fu!iAF|*?>fp_Z8HiBiT!3B^)jV( z7;)}y^rlO%V)fO^;DOr{M043b+uK2!&8C8AIJsF$1zSskKj!b){UakkA^1+=t)CYU z*5|D9j;7S_*32`=Q{{RC*4boIJ={sgr~;m?TIU>$Zkz?%PK;FwTAM-n-Oi59*oedE zV(CRhMOle3z3w{M!Qg>9c)-^g(25tmqHD zk=}GK?7GeFnSE@TSXKP(^L1l*!)~QFQttL5IOj*qPA`eb)~o%}N`-?)^igdFe)w6f6x_ z(BcCGt;ONPbj-I zi^Oq;f8ln{wm3q2u^!_P|GvFznM5Urk?gXl{B>}mh?6jNot=n)VCtiQ;qn?m3GcwVtEOBnt ztdA#URv}_k%~#FWSGY&V&Dwlt7t->Y7V#wb_;@hwhMG7mX?&bL&FA8g%fVddXH*MJ zqEV>kOXzR{uy@3HNU=AEJYyG{1h{M$`hlHU?g+ERI4@lakJtAIFCTqoX=&+hI86$C zESPANsBO0HfH}y$+Bg#%8yb?}Y3UK|pFXYSmVB>25)itv#+A$SFHmNN?-Z4SeuqJq zOqN@20Dm9Sy5xwat|Js2MDBwJcr|I3p${+(jjr-w zu+~!l9>s5IrNbqVOp+U$poddVZbNCehoT~GSGV)F!q+7q_zmGeX(CrFLs>%CXohIQ z-O1@gG_ ze;Lb?D7T*=R4dV&U~CT#`A*F{%h{E!LjUre3rBrATv2JYfy{FtZXcw>dCuM;BD&z5 z$Y;VH+M=_{47W4o!VXGhW@9_xp8|%Nz+wMDpYczipr;a%@$>-T4wCZ`9&WjZ&Ff;?+IVHU1mZBu-hES*p5 zIc|{Ws5+vwYRR9W%kB|-DX%AC+6$eO%tO6?;px%uoVH#8TFa};zB<*IOsdVJA_EVA zKK+XPJQRo6ne~V1d-kolw6wH3lF!vn01GT8L#Cs;S&&Y zm$^pIm!o_ki9$(U#C|Vj{}$vO6%{_OeG2WR5J-6ZUeO-iw-J)->AvRZM?8?|v0<_| z@9JkW?^@yAOYY%x*fUcBcf56fEhvYHSpQ84W7WL79rDa}5)$g_=~BpsMW?&QM1JVS zOUd1z<&n&DM?M9x4l~p6p3NI>&|BoiyW??m8yfDg4JYb$DRSZIwZ6*xg%5B3GPJp4 zv$d4PUs0jRcykQrO3#>}6JW&j`{N=sSbn?`L`nH!e~!5{wCF`qW@hHp$nMS{ses$J zpFdwUIPZo`Y`3i_)M%6)^YU^fm*^rPG7809R>`}nDk=|tj+sBPVy}lP8j3>H5eK^N zYc=tg_Ol~Ed)AeeRad6Rt^(X}DMVBHb4A_#oyE%8Jtm>kF-sJ=d|CO)gT=Sk zyQzqz!(Pc=tEYOeSXtYwkhmgG>`fJ1y=cn0Vf;SH(@>=0n4vWnKRk^;1$o#!(CoF? z5JuF$t36wL)f#$MN*=kD|BDO8e|xCg&;=?tlc$fS(c8Q2vaI=$nkucJ0IH~9W7;7h zAP5)9$ZpE~!tVe1+flh`I%J_bQCy$d;CI`t0M{uB2Qiac(bwW)YmW*+6-L(eo}B%`ivd4^4%Ve31M0ykz7Ka9eISwaKj$9(sFSG3{G*z$4o76`2RjeCc?l+$`HvScqYMJK8!}Y~9bGbINLc zvDryr1+%rgTeO8%?Zi8S&iHLL))5@Tp1diEVN)K(-0Qx}w`~k%E$t%=uD8q`rml--LOS%MmegvB&Gh^=JF>T^at{F>##f@0U2)KCg5JmV3%$LyuZ(#7u0tauEMtoQYL)c(2H z9sNCy z=AX01PJl~D9eFw7KjEf6dHnoSGFXm$fFNGJYh)z;?0YBa@E|oCW%y-aJ@X?h7MOL@ z#OAnk)L48>r9r3ZcZt_OaB&Bdkt)&N4b#eRlSe!)iop|7CGRL&A^@4I1a2lPq?!#3GMab} zEjl_ocw*v)PY7BSOzF%33kjSKW*r>5A7ew)2qf+ z?CsG}P*7;S8eOzgEP^$Zr?KNCWHX$~Je5P#`p8t6-y5H3LA+n!G^o*B9ScbCXLuN0!q|TK8Wu@T2*C zMnyukeB3&Xw`woQTpsLJ!#yqKJuv`bt$E#~DFZb6{hLGcS^^A@U-8k0;J((u`OcA+6w7=4-=lxJjj_wWNUXEb{?tbEkfVSP@!VKBy5oba0uqOU3s-M`iV} zs9ipfce^rs@y;vzM%-*|D1n)K%AjJdS%JYm*OEaGKuu-?ADAimE}hid8TMSz0{gX6 zu#XVCmnbXN7Km`3Xe04CeW!q~v)Nr4TV%L7&;?Ub>iu#8=7SX&kM_R`38u-UDkjn$xVaH7U zEUQg9u>4k~AvcVxR;o2&cm*8AgN}~+7RRoXppe2HsdtlU2bR@fLoK&TgEh5-CS=Bh zE>^@O*~^Vdb!|6e-N*4xPvPMoDr`!vD)<%N66E8Dgijv_2-ef520Za4)SH9H92PNY zYVvxWY*VFqZ?buLdEK@NrqAK-iUw+J+VpMC361GQGir1B7w&-EA-a&iUEaQrJ?nXG6R?Y*Im2cVhK$$=P!LZa~x{&NS|LJR$Au z$+2J#vT}wrUlkmK;l`2^NwA&c#hxRaq370lR^a4SJeMlB=R&LHJP(VKhYaRUYV=kn z2i|?)6tp)JmEqnY-W$O3&Lkovo5?sy>aocp4)t$TBe!!x z$(H-Nc|4v$o?@AtT1fvisNYxkXP$R+d~3A#>FM;#6{cQZ6_`yv~#6x z#ZE!X^fwUXnL2t`ITx#uY!LJa7cVWTsafR|_IIp=G$^-}Z42+g=iVSefGQtuafqdK zC4aqpViM>80Q?v*fiRQ4b3@UZ^EQELVIgA-Y*udD$ET0UY>wOW%GehdM5#s4!bhN$ zvlDXwBMFa~;!So)xERs{3@Pt8#J6c3Y*94ioFZg5*|oj=mr^C8$RV`v{i*TYl;ln@A0C+zN2!RiAXxVl{HUqr zb;K(Q&MVdPfXjTgNzIoeFFLx&4OFJ)6I*YdWEuJ=j5B<3b|<)wv1wB;S^tww_gMUq z+gh*rO510SrE9ndW1I&*#+%MS?A4Xl<)>}?u1h0B+`1!O($Odh=aZ*ml9G7%_+7a} z+9+;Ehw?}9+7RP~I<}^Z9{#=M!~WG8Eei5vcM5N0?cjp&&7Smh@l8#)gRrpg(iN;I ze@f4yQaQ6i7ayaJ@@*1sMQPEiuR4Q1xqRs*gG{7(hY6+529 zM&6+M7fyLr-@-rY!=yS7oK7~{@oEVYpCD8nmq&RruWR-g3s)Nlm7<=DT)xdq(GaGv zrNCbknzd$TJ@GbuxzeIly8m2?g#{tPsNaH7G96T)OjEV)D_x;gV$QKI-ETUSB%PtR zYx60k%Auv77*(;5acN!+HE9RfGa6T% zwfCA>((K@RGdogUe{VP8oXAflA=@{ZQg2IFlfNq+kWY4#6%ABjX2&)#KhR(NF*4}5 zDup?HY$Ne@_cRO`n*FXHQHOWL)Y|-arRj~A^{<$}SxEf=JOQcPC7C=_+@*j{bg=ktZ%vP*QY)*k%T^K5)SF1odV;o! zIEQ|{W zrdJMZ;r;AZFEJd#eGT|G6L8rRKQ5zHW8PFbJ>OH^i~V_=_X-NEBf<#kl@$XORn>Q9 z2Mk1*k3kO}Bq5xdZ#Vg~v+HU@!$UIbvI8W|gnmV~qkfc@hKE534Y`t0>O6KfbiB`F znJx~89Dk~}{E(e}Od4(^NC3f4esZE1J;s{5SI*08oS!jl3BNEwtI)EhQw5)Zi+By$ zPfrrauak7cvsTV8*fMVMNvxz;icAb6SmR9MqoN?j@9QY^$;VH-(?nD(3FLzO1>Gf< z8j90lz7;69R~MdL&cQ2Vi8zr-9)5_s!{_Ym>{8&J4f|yN!-V!W6mR!K{|NWpF!d+s z=$p~Flx#MBS87S)8#U4NJdpq=- z??d+b%eQ4U4yuPA542<36-BYYIbTSFqWMq5yj*V-T=0`W_HhGq6Dv@OTw$%q>*@k* zS5fU!jji#~J36TPE-O?>)YduWVwEB~!?BrfY zj5Uc?kS9gzz$pMMfHfGe=~s;KQ-|{M?R%T=j9$F zE4q1oU7@AZtm{tToWRJnw5Z$`BKn3d2BR{xNF!RYe|0yo4skO!?B%)`p$0qMst*=u zx?r8{Rt0A204|)#;y!M*@Tbm|M~M~rthG-}2%ROnMkv@9_11jU4?}98KFe3F{WkwR zLyb(O#|8&+(T9eEK@>46D@AG!Qc%_iwiT@O8w3MTQ8+;a-Aa7? z_@s>4Ei^r@Y;{^Y_dec^iC4dO$JzR=LX2+vHibpH^Cl+nsHnI(RC9AV#l$=8fu)ZOFk-%x%Qm=W-Jmq)>gaf<-sQAEme*qzLQDC`$# z(3y~ah)WIL@Wot9i5deRQ|gJqarK8L&H@$?#evoAn=P!vYbz8-Q{m4obq^amgGDlo zN0z*8Y=Lb5sHLuYDPJlMI46pXA2D8J=E~gSCLrkPv=+{9`l)JGYSH&+_XUsz6S$r6 zKiio_wd34-9w9hms^m;_x#CA23+@I?bCmwJ)a9<#TYOT3H0I^*7B1PZagxBO6nrV! zu&+8rb3ik|(~cy@d#UeRiMdS+gSPk>hv zc0X})3q1g*xNH*hfYsNF<4U%5q&$EA>jq8(Vy)4~hhl|T)Ru``yqPI>DJ6Z@IlkSw^^#1? zJ*R&5*{I{1=jjbrCul}d1HEl5L0J5y;b_v&KpgSP6ZljaV1D?W?Ah= z8P74~+phw(LeaY|%Mm$C67T&8OSHC+>!v^MX04PA{5f7tAh+o$p*6z$qF5M1I+|S0 zpGx%I^!ldeKu-{`CapTw>f(T|;QN8f{`v3dkeLcc9Qz8k%RhgV^!4S-(iUf%`5*c1 z&%6GZY^3e$dx1+r(zy}M;sSv>@48G{5hH(I zB;zB>oA>|*TZZ0vo|10W#M}J2%>RZyx>{x*7Og%FB{iB?-UFW#<`Gu%)QmP?=l4yS zY-CNaW@rBt=S=mIPr>x#jn}BUZiS?I~dXxIrP`NNQEHjTl*a>drsqS&fZD; z>IAD5z2T#OkT-FRB&o>+vKKAho{e{ljqz5QdQwuFMZ4TwM|U^ycQmpocB@#PNogUf zYF6DVc6bz}o$6T~>RBT2BFfg{K#D3Iv=w`-PP})L)U1vHyYGMJDb_YJag#ZxmNSFx zobTlJ3EF%4Pc?ri4_{%?M*m?lG7gt zZeX20kMnB82N~s{`?tTBvUsWZ19zXk=s4hLihJ1sz7I{g4F1hg5FjD^>^}WDEo#}3$Kr#nxDI+yx=4iE#2NvTK5qjVZGI~UM)JqL-4`5FvAKt zz{Om!!@UIZ73*J&MmdJ6}*~isF#MWvg00?4(X%Z1FyYRocmZ{L6fv+K)vvUxvJQu#WxVJo9Z{FYJ;N;Z|lN943;kCpH;j-97r?#9RowqR(`&k@W8P1O}Ot-`bbht0TobKdM$xzRnY<+ z{_MMz5L9abfg_&KzMULt77)v`sW|w0ObHwtErKfFC$^0(AuyK7FJ$g9M7wnm74_kW zr=~qn8$`Yn0ERf1@5=v5f1HuzqS*E7A{vF&>0&0Q(q?Q@wMuYazSKPM&C6?~(RJNT z+Oj9n*ViZaI4UD6_(Q?`aTjb^#Mn!duEppQWBKT&LuX%S)b6XUmX(RCJ!h67D*t5M z2cc5$*vW=|25UO#vDl83NMtyS=E5YeC4>SyzLF*@1_&=)Jy!e_)YT=m{unfLb$zO7 zXz{PB)94>y(5Udb-)zc_1K&e;JF+4K?8cpuudAnMbp5@E1GNVMGyhQ3lP>L(sV)ml z$0mFZSo(Z@si~&XPsV%qIdSsIL_>JBWYHj??_Wg@x}@EItd8*of%AL7Gr&<3!K${Q zc4XzkduYSo@$(y~;W4ynpkmy5tzb;Ipn~s`a)J{$5?Ed`HXG0xt%_$;^`9!`6YMpvDdd zg1K&a3Hl3nXBAbtO%^**W>n2PcFIphP2Yx2gd9&*3n@+0(tsL=oW*^`MMb$>#9=dg zO_$otp!3@B^Wy66Udd3Ug3O=4>8`FGd0ijFXRKXzEOlL!sR`Ui7YQU zR1a^Jm8{yK8PN5befPn+$giCTKh4BIqM4|Q1uDgT?B!cO)6jgR;QJ-K8hhbf^W%~w zT?VcIdK|T0Hd@nF&nI!{zoM)8rb(g`Y~;`xAS7>EGO$_^YaxcTB3kP%(($X=2AG=dLY~xgk!q4X)|k%{UpBn{*hc*K!g?opmC z+;Ro^)2ipZGZW>4_da?~um`3Kv0`d!V2T*Q!ROZYRj&vJnop%Hag{yAGpF+x94Sk; zULNQj&I$d{nO&PfHD#C{FKuj)a6z|yN7J;DvLeb8plNO|d}LtD(s68VsA#cHgh4kbJacVN#+ta1PV$ZWpx>c!v~s*#m#b8jI5Z z-CtQ&e*w0%v~oWwsP{TMeqmnITl&xwaUgXMUt5p4ieSZX0KQI?K_D#})d}t_jBPsl zBPnJS5X9mWvk*L^RL=x^drQjXr?O4#rL@E)N#}_sdo20X0%E<_6{T#G^MTIowpCT; z5K2x?!d&d{l>PeirrLV5cF_CqMVEPWuricTv2=heCy zE8?eBBZnd2lGSu=2hCVL5smWjR!o5k`;+A=k8=;;tXl}S$&!kfYcnh`TNZ-p6y=`t zx0L$Qv~Cb5)wD`voXybKf8Yyr#mcEHOdCOvKKh-=CJ1D=K0@=~V@kYB-=lv&!CKv1 zRvc$A_W5#)1E0t;X{bz@?vs}x-HWp)d8O0+tCJ!r*l50FQ?Uu4lHO&nRIP4V(Z)|T zGw$}@G=D<00;vP;vjt4`1jP^{a!U?ow(manAJ$`4-$51)QsnB~HC}+It~v5K=~d_n zygP5|vKtvHFfd0OA{6ZyFG>%de-cEcSptEDCVD(RwQ4i2V1qTQBx2 z4k-CJaZ;DD9v$gg;%V1{VDLz!z{ZF7oSN-bN2@N`j zAHdS}!yAjQGyp=h-KUrUoL?sybmXVJl6;HC85WMjwt+PYK{phywEhD|@g(C~w;nzo9JrWbm z^9A0eiJ8OJ_FPzlQ5c89#RVPKK;l3w&xNduR1Q{>MLY3IqN-#zpydMmO{jwH6L8C{ zPet6$PGR?)Rn3D`o{Ko_;iE?x)JA%-LYa{|G2t<Zr5Hj65X z&Vm&vOhFF?YD`k6>a}8Zkjht)x`gS36lf z?_6{NnQ(HhSFObX5e2+9^xRO7mC9D%{gLP01uD*bn5ZLVqX(E39$565aewde?-W^CfziOP;3Q z0_Us93R^wOTngh0yz!=ajV#5iv6LjUi9`mo$=rD0t{BgmbPn5oEm{X;)= zu(ZRvW_#ZAUHm;4{?`p(-DQ3Xbcg0890k@6tCzeHOw^nm^fW;6N5gtwG*#(2A_QD? zn_vXSC6MkhpNRZK0Ni){3b?BViXNJ-?Qw?wh+ABg1+Jf0N2}{XKOUM7U+1}U?@U#p zRi$|aa9T|(>*@|P`!@RH!Z8I)od3E86Tl;@N3q;EwE=|xNPjDb6F`LMosZdYV-4Tb zd>3%1;|b;azgG%G{!v-^M}Gf5)l;?~0#yt89FC1yFi@!ATKcvveCQY}?&%&9PbfWi z${}O_XLcVOGgs@{OYR`t*8(9-YvDUK>&B3)N-t$U{Me>jI#it#L?r91u^%qHBYVC| zogV|f_TsqoSm_%EDjPz7RW@8?wD*>LUsmxrRuiz4(EL?pdgg07&cgJ+uK`{8wln@n V3c#c@x&KcpDRDWmQjt$z{ug;*Mo0hv literal 0 HcmV?d00001 diff --git a/en-21/img/Grafana_HSN_Errors.png b/en-21/img/Grafana_HSN_Errors.png new file mode 100644 index 0000000000000000000000000000000000000000..f43b7d02a6f59e15f0d4289ae9f98d81f47d1801 GIT binary patch literal 9558 zcmeHtcT`i`_HGnVigX2O(m_B%Z=p9afb`yLAe00{=v5F95fG#ps!9{-y@Q1wib(Ih zcLeF=7tXoko_og|?~Ql5SomF}x&gw(P2Vsb;kAy5~4CZvy>J(ImR6aoNvPq@aQiCdZO zDD4)ru#cUDaz#9mSG{d|l_DpqG$Ap!uSiQupIPyBMEMm{%JeIm@a!jGk=KiFSag&( zgl5!qIr25R(F9b^l41zOv|ZR~;Gu5Q>7 z002_5-fq^m&h|(q8+!*ROqyl4p@oGBYA4NNDDss5shgs`BlL+c!d}-`L(kUN*;c}i zMOKDT${U0=;A)SwX7YA*fw_acrCI*43&I{>U*=G8izV9%sk9Fa&j5FekHmlx1W2na_w@CisrNbvCs@(Bv^ zVl{Z(ePBpyZ(f)?>$QnLZ7A8h+ajQDNGKe}bZyhx2JV5BW?{j~nf_%Q35EP+9p?To z5U_CYT}$``fc$*_seYZqe+Tnl>erIL)UR&_8R^)&!(BYC-Al8G3Gxa2Vd)Q%@&8`* zmqZ^1#YQXm*Il}B2-3?MVK2?1M>?>Yy3|4ITjr+oiT>NT?e?_d8o`CAzO1J^%r z{VfFkmhwNd>mRuO76N}u`JdVK{})_@f6+pF7?ulqVM(8k49N>DVI**SV(bn85K&ye zZ~UANyZ``bDZxtedfsW<(_Y>Q`psYVcZbwDTz}qJ3^tvGR`xG2afQpR% zUp=8261zVAT@t%|tJ3gD^?0@#bq+-`+^?3Md`LW8c`}eHE>NEAA_m_qgz1D~xsJd% z4>8t)0p!>(%bq2VN~ZMx6qi4k>OCZ_Nr-QQ^)T_BymzL4Q?4 zLdoTz#uBrxGbCTUQfq2b;O>et@?s;!L~WoKuP9-Z}$y>WS7b~w%{X(7kzTD4hix{Bx>7HX&@l|QMfbG$i<8t>>N z|NaIYP(q`mqMTk+{~{tHYuJfK%G)X#?NneM89-6rc&)7Mxnh^oG>OdJ>UiLXpQt*_ zyIdz}9PvVCzwvm-Ieo%Gt-iuMWY5`apr>|1EuO9U#D*6N<@{9mnM0WE9hWYL`*&i) z^BzalC^h327%N_wvZF99$7@D3Lk)(?Sh0E7dBlAwSr5|R9A9MWsRb)ss>{)2sWU6| z$H3K}Xe_MMiFumON+~K5j-$L+y;S>J!tTX2^Xw(R3N}s)0p%4vh zAWlZNnZlc=Y(R28K6t5Oa8CB+`y&&e1>fU^5mUHb=NtJMgsGFQzdt<+m3OibRh5vC z#GH%e%lZ3H<(DYB9WW|>TkLOz+OG_*}*{869fmE3Nemz4&)?^-h(ot(++S9XC zxIluT8z#U@tP2y{-=f6vmXd-(;c0XvgQSQ+!l-${gK9=36FQh%J<*O(#6ufi+^d;X zc5}l&Iy$nmgOnl15f(!SL_9;>;b z7p5~9lcghCWZGm{LH0(LfZL5bRdtLN*?{>cVnlbohyaMvG z#L}{G1eED7FreMqalE4!HWRptlUbR%+Bbi;2@&$#x^K{UC}nN^A0)9dDjucD)^*WNr&6Gwf0juVlBTYSD#hxU^b<78ze!X}2VDWf?u zV|&O+govtV@$y*qE2N@oyqGcQqKmWFM)VxFxZ^><{jhIdla zF{bfs)vmL6UrOf{B`asiS*1=ZG?wSw#2eQ!Cdb5R%fNJAQ!md?jm58GVid9l<`CeE z1GQIT(>7&VMtV2D>{*AJ@-B|AS}b(2_iJm-p#;{C1bP|~w16-)rjmCOth0y}Y958RL~+Q2XiKOSg0} z%zS3--r*o0zuO)_M>p115QR@nY;SW=OR_CirWtY^eLt4(N+?+)Mb5%P#yGD$u4~Cm zx?x+zbH?A9{QyF;k*^E1SGZmBrQ1&Mx)>%h26jvC2K3~-<#<1QtK4h$#uSX&us;KA zXQxzPuU>B_<@bAMm5;Bv{p49zT-P!^XvvtP_H2V^(mc7d6F`k-kt~h3#q!7mycE zN~p>q!(z%YGsBWldz`zfvZ&bV$<;>xgvuKY#_fe zNc`ZJdv3r67tkOO^E6`P=Sek@yf~wsMqWjiX9Dn)^%gUoN@YdJ= zN4Ki|6|WZfjEO?#WdBQ(YbKBzKct0R=nwAby`*v-JLC@vY409+Z`dF${$125Wtdrv zsFw1Z$HU9zN*E&Q(2@2^&AHE?su$eq-*mM$nXjt8ByRYj?-<8c$3HT};vOnm`s=IO zA*Lj%B?g+QtDHB;d#i|1=i!o4IJ9hn-ke+Iu*I#+(N+Dt_*taDX3bqfiFovImBO|0 zxTN+F2e+1@%^lb-)TS!r&AIf4Z9 zt-po-2pr_UFXUh4D-B@uKjG@XtTM>G zE9BrosBiB7;Fo`?8W3id`t2Z71Ba<@dMw>lHsiq$#gpl#9`Sj|*c~6<%1l z#jzgUv42WCn4a=Xe+a~%x^1U_bnzwqd|3OzR0@II8xwiC;E>Yb;+Fax&da^;u~?R2 z28@*U3#$JyyzWV(FWLiJE&K z9{s|C86a*Bn~~Oe02PfAHyHJ)WR6zU2@{42bbjIt22K4S*BvjVzG zGWeEo!hcKIX@FZ=^QIb1%rcGN?R~3~-TU~6j&^d&>=n02)KOkHD&zfP!<4Eo6vs$d zb(cZuoUq{ZOb;*axf6_rqF2t`s-`*!J(7NhQ4|-9DD&7P$u$o&j;JmvEL@0`y`V`} zJ2>5mnG8Y~7C?}O`VHo40XMBmCwz7t$@N7e>q4_?rQ~l15AQ5oW`!-GHc&%638}Y~ zb?wUbm%%sy$zR;-)Va)NSrEBes=6K_JfRVZlhsJUpFGYq6y%+|@eA7B_Wp@5ro8%? z59IRxnU-y>7R*zkY`3a(Vy4#@Ch1u*z)#l5*GYAu9|_>g3=nU#dy*rim04V8lMDf~O?~y`X@S6sN6H!2b4PnUj2A8;3F~N>OQVBhTHZ|0XS+ zE9N>8Zo=>-jjkB7-6D$JQ?>FzqR)-W?P%I^a%9%Q;4GhuvIt2%gPPmLnm<*IG7T0k zG4{$FSAw==;4^RWxW}cz~Hgrqa{Hl%+rq)y36!AL2aI}oCV=X`8t9s;c-&@M_JuDi8(FQlGoXXMa z{;9@a&r(&yCaLn!z2AsA-=tBb$cZpA^sGjNa8pHZDXYqhSUT%V35&)=cc@`w>!G7U zQ`6jvxi|7&ZAVcxP$aR6BwPh=zSIwrcdGC4Zc8Hx*5&%!NPH03+yoW##Lt+wAPDZD+rDbw&1ddf?s&PKGYCp^`G(H#c`+d=QxSs6w>9xv(y3AyQ zi+dI0TTeHOMl05KBtd4GFv~Q|iZ>TwScpgq!}ks`Z_q;45JjOU^}S(_!&qYL@2<8e z8FAWzVGWC_=-N2|gd`F&-J4bG>HP@U)mD7rG%~d|Zoyc*oCw89-Qp~ncpNvN>Qb9T z{43r_nE6Hxx_9GH5T3zvOS#P2g2I~l#=D-QCor*1x{+lAGl4gT5E5o)?w5=0JCdBU zjXsj9IU(6)Sv0b+N7$p@R7sht3}G%*!~>%j>MQFXmzJJMUCcE-yi2_c)o~6e=glKb zM)!t1+jpsTeG~^Gjvy+?FO#65qWgA9d0x7btKGVGQ$TN2(1P*XZagL6ozSE329@>H zEoc4u8+nQgXXL)3J!&>`E)Nq$syXs(`ppGimcZ3+&S^a(1}N)SJxm~!Ns&(Q<2;mS zq>%G*{pAdi81{IgK@d=zq%U^IVdKj~JwgfAtkAeFdwQ;lQjrouK=RUpQC*mBJ4o+_ zDl(S=<}Mi-Y5B_mC1_+-1Ft()+X z=hev5{It%j)8U1 zmEd<+Kxh5Ok>}`T4jCQA_p0*mRiATcDa(f?MvrGO?o@^khH`SS?X}|ee^DQ~{Y%?P zU{a_L_}g%Nt7yj=9_PShkwHfCCGEMkzi(}DZ(X7~>^>XiQAQAJm6H=TUGb@sDy;_- zGiDiM@i96@a|g}jGrCE|h=%E{aW6oQPMhhjKOoqw*sgyj)5vYLktA6Rsv{^^muB0c zS-w|%x=m_Ay+$%La;7v|3iL6@JOs!zKx(}jTD6EXbCUMvzxu;XnktSSXD1m0YJIdS z^QLZ)HyT40(04+`G!fq^!W7s$21@y5a)Q`o(>~AjdF10d4NpmbrXJw!QNN|)I1uLa zu;{b>j-g8A5Y!u@V+pYNc9W|l-_|{b+#{GU?|auo55mR6^KpAkAXByHqqMlYe$_ii zB#{Bi902U9EjB%h5}VC6vyF{`?xk_uEHtmV5xhZ5`8bPQ(FYIPYBO+es_&g4jzBx+ zmG3X*3pg3eN%Z|l9#vd!eJq*=G8=Z^r}}{RzI0y9#-}K>s7_yRBJJX+V{m9hwUIx7 zjHrY2glcN4`KHvl;E-=O5A31gX#2MSg-_vz4#f5|@5J>~@g#-Nr`ZGfu7>na!ELaT zyr32(dJ;~Oh_~2hWHuG!Pr%YM`GR~X@eDueX&>$W%09;;O$tREz{7HH$URhIl?%Fn zEvKi)i?bVl8o}N zzOsWaP>oUH7Ap%|_k*Eqr6dc1mjVQ!*TbS$rPJ;o996N|L_ZCz3wze25E*-CVGr8B z>QMH1>AJT<^GC`gYjW}F{4x`mhIJ0hI6F)Uh-G_%fM)rzd^YR+rlJlV67kzF#N zApc~e@|~Ar@cf0Y$>c#|DtkkD+3>iJ3&Jv&ZEb91O$=%1I#C&leJ+x8vA)l-PI?Iw zNELOp?O7wAt}Yo#D3)Es`e2_gZgZe}YInF1{m`z3>;ba*lnuMrx z*p4q>Hcet&_}}X8puoc*wvV(kLV=}YtwZh*veDnMY)xaWn63WB`Wpi-;yw^6%D$1Q z6?pQqdb10t>8%X_yQalN^4oS3RqmpM;fYhhrq|fwx8?mZqP%Wrl(;j#TJvt5z~yDJG?o`;1o{em_`p1KC^l=+l@V~ecC+~O zdhp0iR@v|k&`9<@KiTtFPakE90uoKSc69I2^As}cyxxT{6)$;tD3)#sQ;F%P7b(8y3yl6cjbj01pnhg%kCC0VzpyH- z-apPH($1Hvs2+M{5^tl3-R&O=o1C&8ZQW7e2<16@;ckq1vf;!~2ADa>1qQF#~-_6mldJX;|P-ciPyP{tv+432D1r1=iPerX77#2qDX+Q7z zodMi*td?=7bN+icvxKk!TTx#0^qgYr>!Q~AeH|+faE8(n~S6}dtg&L># z?!X#Z74?rFZRn5F<8m)MCN$@XvnTob;@uVozny{=dPe>L%o3#+CE{s0l~Gb=Kc0D> zX_(k6|3>w>$-vcEfB;50L5Q&1=_LW_#^LYjVGQq4Lis*%qNK$`h8v&78RiYRH1v%qBVHr_e%NCHW*oP p-R{rZa8Rw{{kyyWvsb^66}p>B&dU80bNw$Pu(F0yv4T~|{{Y&dKWhL0 literal 0 HcmV?d00001 diff --git a/en-21/img/Grafana_rfc3635.png b/en-21/img/Grafana_rfc3635.png new file mode 100644 index 0000000000000000000000000000000000000000..dff176c82d085701f29a34152934d91f08de1242 GIT binary patch literal 11670 zcmeHtXE>bQ*6@TNh!znoYJ#YvlVOMwC3-K>d!4}yGkT(n;1Qi5A|g6rh#G>3-ih7` zqmEwZn>^?F&U4-$-}heU$NS^Gt~1x%GxzMZ_S)-SYwgu$M{8>;laVlx0000oRTV{D z0N_Rm?%whiA?~xf?w}m^mF1^z4A-?ruzGkw9h}|lS>e7O_N?|uX9oZPIprQVOV-AE zJ8V9k{lU*uA`$Y!kWn&Fkh(e}`w{crnF7cXB(s}c!**ANucNvsB!+ilW`-{8CV+7v z?b>4L9`y;A)|)mvnBobMy5=vt(?Ev-)>6Y4sqcPy#e8+&!wS6n*i_-e#?gVtW29ZZ zC*qoE$-CY&cAOEHZFYXkG)eO!L^d>`of-@PkUVk5F>0)#4zh*13s~DhZR`b*?jE=& z005+Aksj8zuJ&+N8+%7*2$+4h;VV0Al&`$VIVu}pD1uwFuSpaHmd^E%brzKKvY1G z|0&YhN0?oPgjL$h&H<#WsPq>J+%GV@6CCaV0s;{TgaATB0P5uk6ngylF;Gw#C@jp6 z!{CScLg3a&ehBQrZxa8Yp=b}Y^>X%rJ3}F?ziC?AK)vB$c6J<`^)KRZXNSM3LtuXi z0VfXNZwOFGKoIz^=)ZONPiFoL`fteJ=)Wg}jCJi{P&e=2%Y)e^gn>eTQu-5Q^8W_? z4KaW?|5)nJVQpum zy_>P3v%5V6_9rKz!jgYa`V(sMFVM$g?7-hT0RE)}oKAuNRO)ZZ{?EVuv&g?C`GHR2Aj)k#DzW5lDT5^OpVHQFTshVKy+^4LsspRVqrIKi=EO>5PYz z*_$I~QC6*UIurHds262djzpwSZ{B?RiU7_=eB+KTD>zYIxXbQM*XTS8HKDxU?Qbm? zzS+LFB-XS2cfedHP3tqT-A6N!TBBTT)-X!>`+Z5u^#J)>Y>GxIEqCN^QBgj$B4!J_ zb!$_Bc4h6}-m;dgo(04uSyEg)gSs=$`gBk9^JkxfX>1KD6EfUIO)rgHSmZ`g%1140 z7Bi1`Lk(-`!vNhq8UamSVgSqXEy>w#==hSV-`im4&t~I$_%p2aUlVOFxIqyLlxf;)gL_F6fen58+?=Ha60w zu}iMEpE3VXpqLxGx=oHb37&a1vf)&zUTR21&D6J=YTh12)pps_0K2_)%sCfyf-fwB z7#vo0e8X2uyrcknU^4FSasl)Y)x3^}J`##&x zSCm&oMMMzZ;}6K~JTr%FYap9SL$j6gR{JC@To9JwluO#m8ZA@79blVN?WFE;nB05z z2iS_wVUdw}6KGWprWse?o%!X*c1W8FL`@8EFYv0k>?_tDTc;>Q%%<++(EWs(? zmTV6Fz=@hN#8q_}Z^6Eorz60vX`>(1@v=8hBOG%A&Yw0~PuJX!Cs`80Y-9mN&@%oPDuyA@m^dJda z9QCFGkwd+(_VTt;{Z9RA3VO&%wCRndQIGGZ_76dg$D1(ll!HI{95BAKZF)DL<)en| z{>}x9Nb_SWRPwR5#X?`L?7NCDY1gXJ(t9mg*VW{aq0?*g%Bs%vjN;cnR=N^T&ojl4 zP0X5-);ABJ4OB0RU!t!)dA+^8S5|2RCG9Bz^z)-l zU+)2?=;@n!j&cI83(PoXr@MH&^L#wMIV3d z!usp5R_IrE{DqH<*g5tJXOwBb?5>;4wH@*E+UxkPM6QINz?Ys}af^*O))JI4Ef0Mh zcXLZ-Rwx8n0`|B8wF6%h*c5c9W_%EsVqqhEN_zUC)j(?bsN+xm@bu|1Z@&zL6uNGf z8S?eu2H!o>XZf%8JRUeyrI)9awdk94cn3GsKRrK@J-rz&ubLwh_^GticDw%QE={t> zF8JWaj{)9yC5>+pb60@9S$wYs@aUK+H!rY&HMsmM-}9QwZr7MOJXUu0kj+hoplf^H z=@G=>GbE3+Z$cy+cDY#xq-3@bv#oUa5HRifuO36LC>B;XlQ8E)W!Fp@5Hmg{5E6C_Z2;^ zvx8liAi&xhbIJtie82&JcsR%5Zca;5SHZgp1n>tbnd#m z!#q|`54U^tv;>~y4QcCGFU?)Ba7Z~)5creQOR{$5^jit;EnFe)(5yBnC#Ba_J(W2+ zI^qksVglTg4glhxb1iyEA}^yICyk8TF*L$e|oOYI?N)TP{o2}5@+bWKd^%H22);jTdZ5Bm~DFIk6=&p{*@r zM&@&+wpLY>fO_z46YHX-17ONIwtNCzxA)D2=&Jb}_TaEkPjY=GeRN{tU~~ld8RtZy z6G5Hnj=jIUf&e-?fkPYc5Bd4RXQPRQMZ#499WI;b(nd@-zd!|D zeJA%f&eNo8?GKAL+*y&UaAR--E@|#y5oAwwMsVTe z;&orxzJB%eXYNV0Qap24zxkwonyJiQ$v8ZK7do+XAD|S=Fl2MKAlD^*vbCJGLw))& zmp7RN3)65xy`s(b$4h=T#^bKs$to#H2gocv3YS+VJk(m+4+bl$s&Z$FUn$~@vbO(g z{Dg(?y)4bhNi)(GT(J4FS=0lFdi|@X1U6vTwXQZ7O z#LHj2ufh6;2B`WLT#${c2I(R0mH>uDd;|}A>6r+Nug(r1T505n=g-o6;S5w7^DFU- z8Dz=UmOf4Tk1t=GQur;$77x@eaJEkRL{EYxZVoGm8v1!q_!Ic`P?RB-uzaFNLt;L< z&tVy-Tw&+oc0*?=5Fzn?bGEC7hDPRBs9SXvY+c|sAwG9sA`3vDhl6 zbmIc?G0naGo|Jh>_ipZAN6oC%5Yd_+yDQPu#+WnRqN3vGe7k&KkLhBq6%`e3`C zxb4%dRT`Xc$ebgIU7O7(Y$o5W*f9qz^pj6e%is4;BHGzQINm`bhP{tQ&Oj_d)pV&n zeW&}jzDv=Orx){OcH?y-8`KP5KkD7r4Geb}k1^nxsY!8)O92^~doSFlg`a=$1ZCO% zcBLgHJs0`fEtVPng1fqLa=bfw|5FXASdTWpwIKYbMp)=L#sg{AE`8`H>7AXPO zG{D9~p5)|Y{^9LltH)AOM0;=kpd>mKP$Abe8k6??Hc^H43tF&Wd@td9k%e_N`2JnV za#!%-!!K=t1VCC#(afPdrSo`oGdI42HS>uLKTJY=KwOj7lcv&H7Ze^p3wwWGPeJ{6 zyca#Qm{^kez}i-9)%3PQU+p};Al#T?wi4_60bF+`nWc%v;5K@9qL%DH(HMH_IZ9)> zGoFJ-_)f!YKZa%=?rNT|+lBMAH(S1iLl^>t zZan?+Mf1ccPY1S47VLQVDWSdNyVuEVtxZy7T)3nF!6?kww)3@(^0+{=2`Z(r5l@;K zSm%3oePNu>k$*@gEBN6E4W0h7+pJ9g78LdRHQ(murXbyIb-MW``qx*9cj#pT9+{Xl zeAzxGlJs4YJl^5A(}FOQgukg80Od_zcx_vjFBCdj*iB*#dZl56t*!O_MlL>Q_Ow+; z6Wc4Rv>wyjCqiEBg19_$g?6h0eKaV`ouH?+PbStcgLT6tsFl{s@hj`w92^|!?i*4S z#(YjFxwpg84+}>&(!6)nahswGp91_nNsr6AtdI>HNCbcZ(??1#0c&PRf!*d4Dy;7r znNl1b2?+r`ee>l<^~VGnTqoowBTl2e4I7}0jQhWiTFqrN<)dtSbVk}hg7&6Ekc^Fy z0zvdlIu2yFzGbZi5m1dLK6Gs^*PFTgJbg9NJ|JxiTK)J;-0kP<4jVQe;Wx^(Gya3( zfgAeWDby^-w5toMj0e!Bmx)}OEe=)t+f%!fiJ6f@PAfwMCzSp_TqCC@+wNi2)YR-3 zUR)!kA@_jSpL;q1tdho^F$1#wgVk)trAKbp`;Hh);DB6~`0CxA21K*0yGys#+AN&O zuPJ+JShpE#O?@vWJZOJk8nZXckGJ}k)X{Ts3+CC-6i^%VU}HmS5PdY`e-eP@>)u(B zII7mGTUjF2d34v#&LJV85dY*cp*3WaKks`@KSKD`UUF^ z9IuK`{&>L=M#;|lS9O(yx%C_PgcbZJYVH|n^oJZA!qP9!e~kP!`CZb`6CACVPyGH{ z%Af4t;F$O)$^YN#qs<6no;dhpT;Uf*u1fK*{C!%Tj=|38*`vmH6gy|CXk_6@wq(ZitI@B&qMx{rlt$b%7bq8<0=(Ddj=nWwTO}22 zB%{0gQgzevzAMOOq;%I>HIqz|C;3io=fQ<=f**ykE_TUy#3D0AmG)l+&JV1Yj8HLW zp8s&&QMvYqIRAf<<^NR#f|yz1gFrm=Hw~CmW(xDas!8%Ao}poKEXJ=hK_Eghj^^%` z?NNqzY0B5@?^3uh*JUV6dPCd6-KMr~QH3^7Ls>7=@LY+Q;u>DoIM-_5gV^(NFez|m zf>1zqSw!lCPBPq>&ng!vCJmJ_7!u@OZl|-0%Xw&RfRnk;`beGm8lk}R=FkBckAKrj zq?d1_?smE;VwfbpCDMA==bt?8>Ki{L9JnM)@j|Kk;uu?4hB#}ev#1lt8Q9%1*( zynfFQP_r#hz0@X8CDMXb-pfxFzNmt`1g&4(!QP6jF{qu0X&XCpt=gGR8(=C%u1xZZBbfzgTvYP8p7++U-ozxT&av2tfg2f`SVPc34asksfH(op|WYsTV)5TtV zm0$KK5;oE^wTRO#TtX+i#=$-P%za{+ipS)<^UxKL_35Uu-ZM9;-JLyiN=6h8zFK8EN1zzygl& zgF#M9Xs4a~%66~tHAt8|X0`*n&F7d}_flsl_wp(XnM8twxUxmCiaj0Yd@bkF8>{*8 zAzga<46SQoWJq7U*E{B0#nySk_PNP+zAi%#;n z+QJTpDv+jCKR{XCvC?(G83!&ffdD5n7q^6jbZ~XFxcfEn3*XwA4$HFo*M)jq2U`c_ z6}Fw4fa)pMowQ(lXJ-Xd_k*SrS%+DKY_)0GMC4v~aJEwEPBM=a-|<9@{EgI)-vtHA zC>GHCP4%T|Z#R`VPe^SwpWQV@eeM7eO{^AAzw#8V+e0?;{WNO{(IXt5|MZ~fte9}d z0?4u}y02!!MAhm7q04##k4mxZDG5k_-gT(>z>-#vFR?!cy_5$@QGRHv_4QaL|xbJ+0kto#T!C)z#9JczPIK?W~sqlm<0{ zGU5VoW`<7Gq-xtDM7YG>jNFL@{JhV64+3<6np0CR-!@CT^HjAdOUox6U|d_9@zNUf z&D)eP9Ie9>KpVWK#Kp2xVukR=S2!nxEvE&2N+yw+b!VR+RxzEYZ00SomN#P&V7e1) zSlYgbsbHV)rFe>ZOIhlOlffcWK%{Z(Y?tF?@>Yq9m0$1!M~W>q+YcQYlS_b~1qIbR z4ccs@C4cdXHvcGGxsWFgwVU^Y&;!n_W!s(g{h&K7}^6;i7)@5Z(8N-9Qz?aY$MH zk}e@9h27$}S|lzE?@jRz|O_$s~(&=uFd;h=`fYdb@MIvghoWs zCXMd@e0}$O`{5$A*hkOaS+P(TBWDk`T+_#FY*B5GuL{8OzJj;KFRm9xNcr_8BhnC>L)O*&_?DXb+QIcH)5g<#!!dl1l1aRzz1>8{_J@4iOcER&hJY7? zgoTsa)t|Y`Um<{Wlf_LnxRi4V*I7#w3M7e14e0nDD=Qp$?mXLVJJ*OtE)~*Nn3i7K z?^jlu!H#nLOW#H+_{>eP`~-NJVjpR?z?OB;iC1Pxa+ z3#&yxKc3&>jqG}s-q&hQ{pO4BEc2^A@sJ}^49})J}moE~%u&9}v8t@pZUoDTw#trw16D4NB9h;`IcXnMn(0 z+o#5HN~&)K;Kp|{17lQL9=Ztk zXBz9uxMaW;G)8gTouAc|sjWx%T`R*)8)9;W0>41y@5BJ_t5yrqCFZ}Rw!QFJK2-!b zP{ginCRFm*91TIJ1qw0`B04|2?a&c+(0wXH)zW$SBTY#x%|V1OO7l^Gq*2j#y2Yov zCeCJ30?|KZ1GV_(hoh!fImOKel-DV2yBAbMc{m=tm)Chj<5v91@o0_#APu3A z;z4(bNxUc4wH;;p^69Na4a)=SfTQEh^upIsB=+V(WG=C&k~-4!uU9#|eJq(lWFmxz1Xd8!yIScb0jL6!#QcOuwt^tks}0q~67ElH?>RQE zi#>|-j%xhcUX>eFx}CXHoAL_{B_Nx?7yWFReM+XLudrC|P@)@F!Um}Hpy0vt-OOFs zcrU#iqnF%vw1rpAd1GpYGDNSzI z&*(2n-N;IzBX8MiO=vuDrJBF1FH(56BFHv=0u8fJD@764PWRBX*&-o&Hx7)pl}Zgf zr(QH)=N8UYeD)0p?xO7hRE&;Wi)RWM7*a9OOqMntV_ybiCTY$5`;yJEZ8Gvl^Ez2{ zp#er0Rc``27n)!ZXA@}X;J$?tJ=Bf+5a{aV-AGN}xBiE0zTz2%X*4yJXY=&o^oo{9 zv+pC*e4Qn?>^;H9k3-1n49xbQ61MvB8^ynVP?VLe;$jI_3XQ{L5UvH(XWhz+yWk=R zu!8u~x~G(yyCm|+h8Mi*jo;`+Hx0E$1u;z|)(u7Hb#*NmlC8;L^Zv5?b&MP^~iKkYY)8^-MR;clVvEk(3TLsGJ_p+0@i3N4u zqG5?^m)I&ye9U!0$*rv1PqR+U+Rh9Ueiy9UfWC>_>bQSh?jM190iojvvywP`iDf2o ziD#&g+`uEiT?xw@M&gnt=GvhhJDWP@3?Tv2!eXZwUiW?kHo6iVO~^FRuWq~Z>87X) z4bBhx7L!()HN3B^OqiYYkBX1&*nls>>s3^u6mqpO8Wd1{u7~Zg3wH^oF>vt}s3`H8 zaQ+X3YSZp}(SrJyV*bUdxX6FhPa^NlWAWILF4UIHd@98PEoGl<9C$_}j%B1BKEMAt zr)PO}X605k=t1%Zw~l1S4Bxpu%Z1By_AMP(gy(MiwX`UIxK6ZE?>#9*0Qw>`Yi1y- zb2%RuE-F0<&!2|vp=B&9(kBBdXR|%B2*c&&VrNf&#ZIH`z2(U2n0o6+#pcnm!i2Sw zj+$DxWd)`WSuidii_SS~QcNB@THS1Tws~4w9rw~&uB5m8`yxh=ORT8xD55>$bMYC8 z?KrDt%hdc)ZQaZzdc6rC>TNycgdiYr#x-v4(xz(b>-SEf(4KWOqT;6vMmF-&j1pJ9 zs$8+QS`Zl;PHG{c<|{$E03%g@FH$;j(d1~ZtRLSsWUKu8K!jurKX7@%Yo$C~8lhdD zau#3T(l0cP1Rk_#jM87l-jq0T$ez_zNuG`F+-4J-YWb8V^GTm)d^J7#wqX@qi$**% zRH#ZBZk#IT!f~v`#f$0fWw^UIKb{n%H1`u12SZ%W30;jFY8hVOoI;XBwJbF{d-tG1 z0`$dx7{JNJU;-PYIomy&Jz?DU1J5Alx3BAo=D~xpnZb)i#R6!QyZ1_b5!QfU%+7#` z&JP6S2$856bjVVVBC`*K(8Rk5EHt(z1SIK1$md$MI(JF=QSmu5Gu1n(+$Fdt zRW6)v3;^i|T68AG&r{ z+T8O;N2k)$C?h^+m9ICm_f16MtnVE}6F%}Y=+h|A+(l{Hd(-(b1Mjw%k>NB=hvxI9 zr73Cx%`dVVd|=p6tPL8v;UsGM>Q$hTU~v5}X*V*mnZRAVxuA80>M8t0E?r$hYf%Q@ zowHPv1_;>5{BdfoGk3u0kPUO-7X6lnhV)@e)@-&rtXj~7;i|1ZMnrAW%(OF6k0^Jj z$Ry`^N8FMr`)g2k#*!4bIhd2Vwx>^dTCH;OelIhX8a%3|tzH^hv5RLv1SHCC(tX$R zNe|YhdWCEL1SFU!Wuc-I2^Br8T^_ztn3`*KUu;#q!ezmYhsze@cA38zKQ03wn9i|m z6rx-w5`O}7J6Ob9OdR`L7M<81v?0nd3m7KT@h6xA3s}tg#G|C`an%sH&Y#zdqo$ds zR?mq6Ct8{g>gp_niYKjZl?OY}4yOz#hn>EdAm>L4IS^Tg!}FMn5fTD*HIntDm0Jvq zZ~6N9I?(%j@rmcuj79DzK+6I{&$D01x8xF7(;PKl4SZalq#lKCi}!amo|nE~J3soN z`L>3jwz0uL-u!MWI$Sn>pCDPKi4dg}{w$xJUw(idKd|jxpgigtcK5!MKP`E*Vy=D# z=X86@XFmvIYSgp56?7JjU8)H^-E5><3iPO^%aO#9q6!}n%f9r_FnY<`Zby1mRu{Wyp zzN)g?Rjm=1Kz!<^QbBOhMUZ$TQS2*mH16arW$wf~mu1CY$9_T*)&1onoSAK3cB?f}ew( z6_}E>E`zqmqD>2(M81SMP0M!q+O+Q>U;Wo8SLeEpFlT!f$dQiWCl-X?T}d5&v~bqf6V4Zmt~W94528SmF; zAQU{SyN$nOo!vX{@G%D_>Th|SPHV32+9mh-NWCflvST< KDwfGxh5R3D=9yUl literal 0 HcmV?d00001 diff --git a/en-21/img/SAT_Grafana_Fabric_Vars.png b/en-21/img/SAT_Grafana_Fabric_Vars.png new file mode 100644 index 0000000000000000000000000000000000000000..194d75b124e8e6289c15cde200bda4ac11006cbe GIT binary patch literal 8031 zcmeHMcR1T`*H0I!sFv1Vsnr@GR0*N>-fFLi*aQi&DMb}kLA7Q}t%|BuRhwExRS`8) zyY}Aei9Wyg`91IZUe6!DKi)sy>-y!olH56;bD#U%pL37%J&DrMQl=zlBnJQhl&UHU zdH}#V9I?$uMne4LB(L!yex>^v7^C%I7(wbmh1^6aaChGB$El~!&Z9&0Oa=_iH;g;YCzyfS3#I9(gq>ukvyQrY3ppbx~ zkE1sjC{4~T}NJ%Hb^ft6bK~Z?0*SrgM@!u`VE=Jx)T#Q!eU8f!g$$T#RLTaT)BSsKKFer=m-Fy zWmZ*?HSkGWPWKHk7#M1+-yI(+)7*jH7rTG|@uc2i)_K=e%$_JgGNIjb`L zzxvt*^+0=kze?;{cFb)?a;eI(QHNd{?9|L8z~<{j zVdLZbcfZL-cdN4VdKSlr06XcooF>r=+3(bUNpDaeT+tFE*_;nL*J*>Ay!uFd=$_5A zJ$JeTjg6cTebex~9C?_m%$C-oL2n>0g}v3agDVkDD%>74@g);s4SMO}Jy7 zWR_O$y{}cy5UT%TcsLMeS@wajK9><3PLSSmsIR|tKICR(vRdJyLaH!(b4T7xJO9K( znaJFV&bGU&E7LP90+CXKbQISp*fNKli5_ z*Dp~W|G*vM2iq*#%esG}3WGRuc4I}EPmSCv^R$Nkji;n zQnJc($QwXw0<_HI?snfQ{wDt17`H51`2pBTzFK68%Ic1ic)-HSOvSdm(je?QC*!r; z<%{AgUWuW29LspAR!jC4Ut9T@vHSaC>5s3UOCa5HT0CkXxe#)xexK##%Xv<2?o!y)9H6Uy z%F^xA1fyV$JEOMLzNjQ-<^28ZUe6wjN)flwA3?5y2XoH2<6j9uZIlt>87Cubx&=1C zAz@g(Aoe0kUF2m-IzXW`$Nqz;-q?zrspWN)+V|f4X=wyi|Hey!*u9!_a<7H1y5eSD zBcH+&b(Q^g3rRvJgo>BJ>xk%dgW4w}dDGZyc@u>-)$~APecEn;a^N?H{U5OHFUT!8I@HVA+2Co!Ffbix|z`&9YJ{gVN7TN!(5@Zml_=*L4F) z?d^GlFfJsFNyKGrgNRMiW`syUn;X)wXe_C3q;X_hPwE3ZZxiz_dc<@!T#vU>+{Dmz zwk>ZCd`GntHIkzGowtiAv*UvpDbg@?zxPcVtCdB?pjwUuIRA8NmShDY5*NzJf_#u_ zGH4Cgz&>T-wvG2|;1eBxE4JxT8;hLf2Iq;g!~$u^o0*b|0`Sx9eXn3A3{{--z~hF3 z**@Xeh2pgp0EWM`>pULv>Gp=vR?l5){{`}@8e$5*U6&wJ0}q;RVh z`RoU}^O*Or;&3BSCT$;XxoJH|WW0=%p`FDiRg>+7wU;W?Rz(+^u^ess=dH`e z-YDztZe?`-OqCFJGcV4+NAM?|Gp5hME9;)aj}be2L`C=vK_;-F=Q>$DV^L>v7Oa3MeR?zYSv%Y7$R)!;XJKnlf>bt+<} zgo)ObD{EcPmBx#OI6AK1b)~`^rkeN-OlN$sI(hrLZ6{X{gvor+0FoKj)J(l#5?^pv z;>UNVIRc719V^XJrb+iCYi$xiOC; z91mX)evfGC3-(VVW&43*Na1Y+M-kpS{Y+8F^tfu`-L7T)jA@D>_*b z9SrloqGd%E-K`0;J5O{KrsN3G%8P@f^1OYn9b9-Z-7*%}UNden7_{KRnu5~;Cs5*E z7`1lmZ(fdUsxcYDqrProMGd?7ZrzrR9-H8zrz)%QA6qV&Z#kMDfp=&}XOA*gOYFLi zbgu8$n2S1dlY~9YY7)j-ZmwS&Oh`>_4!p9$$-#k5pS4AlSU0BA$2RYV`-eG}=H`a! z@OEw6PnX!N(CWoP>YU1Z=PwIMi#%k@v}pLw#~lyrhnH4~i|{?nOi#Mnu(ZxFDt^0A z+f4nA=EWmf!SrV>Pka%y2=4FW^YbDzJ0tU4HPA|mknZkufT-6;9RqTZx#&}~yqnLG zUbQSS`e@=>XSwOgut_e~9f&-SAP+_-MLQcmDJ*|UPEquL7YpD~D2I1S^$)mLHvX;9 zf*)zpW=}g@&rPAyzE1zk=Pe&R9{oy>kH6keP1|Z;>A`BsTC<41E1};dFQ-#oGc~NH zU)-=Oy{YRvx`tJz$f8dFdmeme&8*0fgU?bv4Fc{Nou}N9v{yHy1E^y}%h1ZGo^|eO z9=%Ad?ylb3fG(!wuW)Wswfi+W6>&rWMCm)w#2%!G4uUTb)j2+)PBS3MpDP2n;BT z?(>-`BpEMuovT^-IpMTO8LUG_&05%^Rvf{e2hgY zAu%Pad_FP$5t}kF3W8Y;4K!6_Gs%prwVo(oN$#Na40u0 z+Ff~H@b-y|90T+%yAwmLWe;ff)b@wHAs{NHeRpzgTd?&oK-M$1+C zg<&d}jD~0B8vRPc;40wuUCdy0Jv>G!DC;SYT`YWj+Pwcxc*TI7B_zh;U1ZqEa&D>9 zJqZ(&z2kGlRI;jSNCn$ z%v@7h80(YX)JK=8;~v zw-DTFu7QaI0zDUmTH$3)vuv6UxMi3c>3>2~WtTU@a5=oGKebx?mSj9}>(mX?T^1|* zL^{%|f-i{YjH1$>#;00~cM<2fLs7b@H&}~Lb?e`q7qOq_$;3(rnzMG>&To`fwKTTC z^$HwHH@(Wzg;h-r2g;|eJbIy@B5hq&VzO?4juR5R{p2F;@aGoo^IH21W0@?tzcW4u_Z2#)fk*Cz4mjiW3`8T0=xQTOi(Z$P^X7`N6`%9280g4isg2GTQD*4H*o$bp zyltCYry-Bv?N+h%v^)PK>%Dhzl4$J{jJKIPBrvf%Lp=YvX;Mtvvi*!DUovgZPPtc5 zM*Q48;$`P5dE4(U8@}R#P&WHZL!+&9<15nR(QV69PdAlB1PJXZ7nG)zJC)grd6=m@ z2!WVghpX{-zil(sPe(Ali!w0_^QhT6ef1&TQ+>6+FNdo@sy^!6T?t9P3@?BFBR9A} z^3A*wTmLIq&h>AX!l5(uViNhn%3z*k85PrA?nj#4-d|;S;d_>_J4xN%tot=j)t`Jf z(Jhe))3)<+Jq+0)k>d!e%_WaDY^f#CYlaUfs#hn7CC3f&jkL!OdX7Envh*KblBz0s z8d~n-mXfIHTNoB1gWb2%OZ-y0GW43SEmz-pb4{aixo_jZ{+^QNbQyn<80z?uhNm8d zs7bn1bww1EMewaDv$-S}&jRMys!EmrBER?5^g2K_zr~VpwYWdt_+|ilVSnox7?&Y; z!JMPCf7fDU%JcgA;d!YYUzWZr*q4^rh`}lQ_2+gF2sAA<^%3*T_UK@2w79ON6Z6}Z zgrFcL)+cJP-oaQ=w33q1^1JcW@ErQuMYHT)_w5JCWrbPTLpGmB-Bw8XBK)^+^bCyw zr(e`PKA9gK+`GEI!57`@;CD|uF_9J~%DBIo5IomhvG{S~z&D1?sA-Z*egC*QZff1n zcdb6y>vOeh#1-z;YI{@6{8KwIu@T>`CSX6~jl~_~A45M>-|Du(=aeBiOr4%&B%%C6 z!!dpH@SV^6;7QRiCtpVo+mO<=&T;=@PRDaxB)nw3UoUB{bIv$ANlQ04QsU0dE&k`s&`Wut4(}A zHkrjQa;`{AGkajjKF}0v?I#N+@N2XzZxAmvkqMp0nQ0EhYjKk1SHDCP#l;!GvrIcf+LmTc< zKvDnX&Wn5(jlPWnBEzVZ_CWMOTux6l?nrtkFH-L}x#Fknmc zMCXUpL+LAN%4$Kg6FE5(?)24TvU=Ye^lyrp+4s{9+Lgt>c=4EDS+0h_*08uu&Bk`< zx<~1nZp+z5Srvdo%NQ?SaGc-3vJ@|4q*9){1ydu1m>LOd~t$4)YeRt`N5MAr@oKJ`7(qYAQel4PW5y`^2`1)2*YB$JEVD$04bAYF%c2EtF^OkY z-lb(@?2>NmrO~8G;-{oHpA_wt9BK@W2U407UW>o)@^G0X;~^X{87@n$bVMjiXr=t zf>*%}5ZSBWXerXIg&qOfW`4;3lD7F>p32%s*WYqV(lGW}eat~m0jsDMVxF8Rj+Fbi z`c+Vz-T7bdtJg{4r}s@{mvn6z!VF`jNwiO>KgCHsItfjPZ4B^h2;n-bx;47XyL|fH hczpkVy7lw)-0`;Ui@PhQbZ37zt14 + + + + + + + + + + + HPE Cray EX System Admin Toolkit (SAT) Guide :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+ +
+ +
+ + + + + + navigation + + + +

HPE Cray EX System Admin Toolkit (SAT) Guide

+

Introduction to SAT

+ +

SAT Installation

+

Install SAT

+ +

SAT Setup

+ +

SAT Post-Upgrade

+ +

SAT Dashboards

+ + + + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-21/index.json b/en-21/index.json new file mode 100644 index 0000000000..ba760ac7e0 --- /dev/null +++ b/en-21/index.json @@ -0,0 +1,64 @@ +[ +{ + "uri": "/docs-sat/en-21/", + "title": "HPE Cray EX System Admin Toolkit (SAT) Guide", + "tags": [], + "description": "", + "content": "HPE Cray EX System Admin Toolkit (SAT) Guide Introduction to SAT About System Admin Toolkit (SAT) System Admin Toolkit Command Overview Command Prompt Conventions in SAT SAT Dependencies SAT Installation Install SAT Install the System Admin Toolkit Product Stream Perform NCN Personalization SAT Setup SAT Authentication Generate SAT S3 Credentials Run sat setrev to Set System Information SAT Post-Upgrade Optional: Remove old versions after an upgrade Remove obsolete configuration file sections SAT Dashboards SAT Kibana Dashboards SAT Grafana Dashboards " +}, +{ + "uri": "/docs-sat/en-21/dashboards/", + "title": "SAT Dashboards", + "tags": [], + "description": "", + "content": "SAT Dashboards SAT Kibana Dashboards SAT Grafana Dashboards " +}, +{ + "uri": "/docs-sat/en-21/install/", + "title": "SAT Installation", + "tags": [], + "description": "", + "content": "SAT Installation Install the System Admin Toolkit Product Stream Describes how to install the System Admin Toolkit (SAT) product stream.\nPrerequisites CSM is installed and verified. cray-product-catalog is running. There must be at least 2 gigabytes of free space on the manager NCN on which the procedure is run. Notes on the Procedures Ellipses (...) in shell output indicate omitted lines. In the examples below, replace 2.1.x with the version of the SAT product stream being installed. \u0026lsquo;manager\u0026rsquo; and \u0026lsquo;master\u0026rsquo; are used interchangeably in the steps below. To upgrade SAT, execute the pre-installation, installation, and post-installation procedures for a newer distribution. The newly installed version will become the default. Pre-Installation Procedure Start a typescript.\nThe typescript will record the commands and the output from this installation.\nncn-m001# script -af product-sat.$(date +%Y-%m-%d).txt ncn-m001# export PS1=\u0026#39;\\u@\\H \\D{%Y-%m-%d} \\t \\w # \u0026#39; Installation Procedure Copy the release distribution gzipped tar file to ncn-m001.\nUnzip and extract the release distribution, 2.1.x.\nncn-m001# tar -xvzf sat-2.1.x.tar.gz Change directory to the extracted release distribution directory.\nncn-m001# cd sat-2.1.x Run the installer: install.sh.\nThe script produces a lot of output. The last several lines are included below for reference.\nncn-m001# ./install.sh ... ConfigMap data updates exist; Exiting. + clean-install-deps + for image in \u0026#34;${vendor_images[@]}\u0026#34; + podman rmi -f docker.io/library/cray-nexus-setup:sat-2.1.x-20210804163905-8dbb87d Untagged: docker.io/library/cray-nexus-setup:sat-2.1.x-20210804163905-8dbb87d Deleted: 2c196c0c6364d9a1699d83dc98550880dc491cc3433a015d35f6cab1987dd6da + for image in \u0026#34;${vendor_images[@]}\u0026#34; + podman rmi -f docker.io/library/skopeo:sat-2.1.x-20210804163905-8dbb87d Untagged: docker.io/library/skopeo:sat-2.1.x-20210804163905-8dbb87d Deleted: 1b38b7600f146503e246e753cd9df801e18409a176b3dbb07b0564e6bc27144c Check the return code of the installer. Zero indicates a successful installation.\nncn-m001# echo $? 0 Check the progress of the SAT configuration import Kubernetes job, which is initiated by install.sh.\nIf the \u0026ldquo;Pods Statuses\u0026rdquo; appear as \u0026ldquo;Succeeded\u0026rdquo;, the job has completed successfully. The job usually takes between 30 seconds and 2 minutes.\nncn-m001# kubectl describe job sat-config-import-2.1.x -n services ... Pods Statuses: 0 Running / 1 Succeeded / 0 Failed ... The job\u0026rsquo;s progress may be monitored using kubectl logs. The example below includes the final log lines from a successful configuration import Kubernetes job.\nncn-m001# kubectl logs -f -n services --selector \\ job-name=sat-config-import-2.1.x --all-containers ... ConfigMap update attempt=1 Resting 1s before reading ConfigMap ConfigMap data updates exist; Exiting. 2021-08-04T21:50:10.275886Z info Agent has successfully terminated 2021-08-04T21:50:10.276118Z warning envoy main caught SIGTERM # Completed on Wed Aug 4 21:49:44 2021 The following error may appear in this log, but it can be ignored.\nerror accept tcp [::]:15020: use of closed network connection Post-Installation Procedure Optional: Remove the SAT release distribution tar file and extracted directory.\nncn-m001# rm sat-2.2.x.tar.gz ncn-m001# rm -rf sat-2.2.x/ Upgrade only: Ensure that the environment variable SAT_TAG is not set in the ~/.bashrc file on any of the management NCNs.\nNOTE: This step should only be required when updating from Shasta 1.4.1 or Shasta 1.4.2.\nThe following example assumes three manager NCNs: ncn-m001, ncn-m002, and ncn-m003, and shows output from a system in which no further action is needed.\nncn-m001# pdsh -w ncn-m00[1-3] cat ~/.bashrc ncn-m001: source \u0026lt;(kubectl completion bash) ncn-m003: source \u0026lt;(kubectl completion bash) ncn-m002: source \u0026lt;(kubectl completion bash) The following example shows that SAT_TAG is set in ~/.bashrc on ncn-m002. Remove that line from the ~/.bashrc file on ncn-m002.\nncn-m001# pdsh -w ncn-m00[1-3] cat ~/.bashrc ncn-m001: source \u0026lt;(kubectl completion bash) ncn-m002: source \u0026lt;(kubectl completion bash) ncn-m002: export SAT_TAG=3.5.0 ncn-m003: source \u0026lt;(kubectl completion bash) Stop the typescript.\nNOTE: This step can be skipped if you wish to use the same typescript for the remainder of the SAT install. See Next Steps.\nncn-m001# exit SAT version 2.1.x is now installed/upgraded, meaning the SAT 2.1.x release has been loaded into the system software repository.\nSAT configuration content for this release has been uploaded to VCS. SAT content for this release has been uploaded to the CSM product catalog. SAT content for this release has been uploaded to Nexus repositories. The sat command won\u0026rsquo;t be available until the NCN Personalization procedure has been executed. Next Steps If other HPE Cray EX software products are being installed or upgraded in conjunction with SAT, refer to the HPE Cray EX System Software Getting Started Guide to determine which step to execute next.\nIf no other HPE Cray EX software products are being installed or upgraded at this time, proceed to the sections listed below.\nNOTE: The NCN Personalization procedure is required when upgrading SAT. The setup procedures in SAT Setup, however, are not required when upgrading SAT. They should have been executed during the first installation of SAT.\nExecute the NCN Personalization procedure:\nPerform NCN Personalization If performing a fresh install, execute the SAT Setup procedures:\nSAT Authentication Generate SAT S3 Credentials Run Sat Setrev to Set System Information If performing an upgrade, execute the upgrade procedures:\nOptional: Remove old versions after an upgrade Remove obsolete configuration file sections Perform NCN Personalization Describes how to perform NCN personalization using CFS. This personalization process will configure the System Admin Toolkit (SAT) product stream.\nPrerequisites The Install the System Admin Toolkit Product Stream procedure has been successfully completed. Notes on the Procedure Ellipses (...) in shell output indicate omitted lines. In the examples below, replace 2.1.x with the version of the SAT product stream being installed. \u0026lsquo;manager\u0026rsquo; and \u0026lsquo;master\u0026rsquo; are used interchangeably in the steps below. If upgrading SAT, the existing configuration will likely include other Cray EX product entries. Update the SAT entry as described in this procedure. The HPE Cray EX System Software Getting Started Guide provides guidance on how and when to update the entries for the other products. Procedure Start a typescript if not already using one.\nThe typescript will capture the commands and the output from this installation procedure.\nncn-m001# script -af product-sat.$(date +%Y-%m-%d).txt ncn-m001# export PS1=\u0026#39;\\u@\\H \\D{%Y-%m-%d} \\t \\w # \u0026#39; Get the git commit ID for the branch with a version number matching the version of SAT.\nThis represents a revision of Ansible configuration content stored in VCS.\nGet and store the VCS password (required to access the remote VCS repo).\nncn-m001# VCS_PASS=$(kubectl get secret -n services vcs-user-credentials \\ --template={{.data.vcs_password}} | base64 --decode) In this example, the git commit ID is 82537e59c24dd5607d5f5d6f92cdff971bd9c615, and the version number is 2.1.x.\nncn-m001# git ls-remote \\ https://crayvcs:$VCS_PASS@api-gw-service-nmn.local/vcs/cray/sat-config-management.git \\ refs/heads/cray/sat/* ... 82537e59c24dd5607d5f5d6f92cdff971bd9c615 refs/heads/cray/sat/2.1.x Add a sat layer to the CFS configuration(s) associated with the manager NCNs.\nGet the name(s) of the CFS configuration(s).\nNOTE: Each manager NCN uses a single CFS configuration. An individual CFS configuration may be used by any number of manage NCNs, i.e., three manager NCNs might use one, two, or three CFS configurations.\nIn the following example, all three manager NCNs use the same CFS configuration – ncn-personalization.\nncn-m001:~ # for component in $(cray hsm state components list \\ --role Management --subrole Master --format json | jq -r \\ \u0026#39;.Components | .[].ID\u0026#39;); do cray cfs components describe $component \\ --format json | jq -r \u0026#39;.desiredConfig\u0026#39;; done ncn-personalization ncn-personalization ncn-personalization In the following example, the three manager NCNs all use different configurations, each with a unique name.\nncn-personalization-m001 ncn-personalization-m002 ncn-personalization-m003 Execute the following sub-steps (3.2 through 3.5) once for each unique CFS configuration name.\nNOTE: Examples in the following sub-steps assume that all manager NCNs use the CFS configuration ncn-personalization.\nGet the current configuration layers for each CFS configuration, and save the data to a local JSON file.\nThe JSON file created in this sub-step will serve as a template for updating an existing CFS configuration, or creating a new one.\nncn-m001# cray cfs configurations describe ncn-personalization --format \\ json | jq \u0026#39;{ layers }\u0026#39; \u0026gt; ncn-personalization.json If the configuration does not exist yet, you may see the following error. In this case, create a new JSON file for that CFS configuration, e.g., ncn-personalization.json.\nError: Configuration could not found.: Configuration ncn-personalization could not be found NOTE: For more on CFS configuration management, refer to \u0026ldquo;Manage a Configuration with CFS\u0026rdquo; in the CSM product documentation.\nAppend a sat layer to the end of the JSON file\u0026rsquo;s list of layers.\nIf the file already contains a sat layer entry, update it.\nIf the configuration data could not be found in the previous sub-step, the JSON file will be empty. In this case, copy the ncn-personalization.json example below, paste it into the JSON file, delete the ellipsis, and make appropriate changes to the sat layer entry.\nUse the git commit ID from step 8, e.g. 82537e59c24dd5607d5f5d6f92cdff971bd9c615.\nNOTE: The name value in the example below may be changed, but the installation procedure uses the example value, sat-ncn. If an alternate value is used, some of the following examples must be updated accordingly before they are executed.\nncn-m001# vim ncn-personalization.json ... ncn-m001# cat ncn-personalization.json { \u0026#34;layers\u0026#34;: [ ... { \u0026#34;cloneUrl\u0026#34;: \u0026#34;https://api-gw-service-nmn.local/vcs/cray/sat-config-management.git\u0026#34;, \u0026#34;commit\u0026#34;: \u0026#34;82537e59c24dd5607d5f5d6f92cdff971bd9c615\u0026#34;, \u0026#34;name\u0026#34;: \u0026#34;sat-ncn\u0026#34;, \u0026#34;playbook\u0026#34;: \u0026#34;sat-ncn.yml\u0026#34; } ] } Update the existing CFS configuration, or create a new one.\nThe command should output a JSON-formatted representation of the CFS configuration, which will look like the JSON file, but with lastUpdated and name fields.\nncn-m001# cray cfs configurations update ncn-personalization --file \\ ncn-personalization.json --format json { \u0026#34;lastUpdated\u0026#34;: \u0026#34;2021-08-05T16:38:53Z\u0026#34;, \u0026#34;layers\u0026#34;: { ... }, \u0026#34;name\u0026#34;: \u0026#34;ncn-personalization\u0026#34; } Optional: Delete the JSON file.\nNOTE: There is no reason to keep the file. If you keep it, verify that it is up-to-date with the actual CFS configuration before using it again.\nncn-m001# rm ncn-personalization.json Invoke the CFS configurations that you created or updated in the previous step.\nThis step will create a CFS session based on the given configuration and install SAT on the associated manager NCNs.\nThe --configuration-limit option causes only the sat-ncn layer of the configuration, ncn-personalization, to run.\nCAUTION: In this example, the session --name is sat-session. That value is only an example. Declare a unique name for each configuration session.\nYou should see a representation of the CFS session in the output.\nncn-m001# cray cfs sessions create --name sat-session --configuration-name \\ ncn-personalization --configuration-limit sat-ncn name=\u0026#34;sat-session\u0026#34; [ansible] ... Execute this step once for each unique CFS configuration that you created or updated in the previous step.\nMonitor the progress of each CFS session.\nFirst, list all containers associated with the CFS session:\nncn-m001# kubectl get pod -n services --selector=cfsession=sat-session \\ -o json | jq \u0026#39;.items[0].spec.containers[] | .name\u0026#39; \u0026#34;inventory\u0026#34; \u0026#34;ansible-1\u0026#34; \u0026#34;istio-proxy\u0026#34; Next, get the logs for the ansible-1 container.\nNOTE: the trailing digit might differ from \u0026ldquo;1\u0026rdquo;. It is the zero-based index of the sat-ncn layer within the configuration\u0026rsquo;s layers.\nncn-m001# kubectl logs -c ansible-1 --tail 100 -f -n services \\ --selector=cfsession=sat-session Ansible plays, which are run by the CFS session, will install SAT on all the manager NCNs on the system. Successful results for all of the manager NCN xnames can be found at the end of the container log. For example:\n... PLAY RECAP ********************************************************************* x3000c0s1b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 x3000c0s3b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 x3000c0s5b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Execute this step for each unique CFS configuration.\nNOTE: Ensure that the PLAY RECAPs for each session show successes for all manager NCNs before proceeding.\nVerify that SAT was successfully configured.\nIf sat is configured, the --version command will indicate which version is installed. If sat is not properly configured, the command will fail.\nNOTE: This version number will differ from the version number of the SAT release distribution. This is the semantic version of the sat Python package, which is different from the version number of the overall SAT release distribution.\nncn-m001# sat --version sat 3.7.0 NOTE: Upon first running sat, you may see additional output while the sat container image is downloaded. This will occur the first time sat is run on each manager NCN. For example, if you run sat for the first time on ncn-m001 and then for the first time on ncn-m002, you will see this additional output both times.\nTrying to pull registry.local/cray/cray-sat:3.7.0-20210514024359_9fed037... Getting image source signatures Copying blob da64e8df3afc done Copying blob 0f36fd81d583 done Copying blob 12527cf455ba done ... sat 3.7.0 Stop the typescript.\nncn-m001# exit SAT version 2.1.x is now configured:\nThe SAT RPM package is installed on the associated NCNs. Next Steps If other HPE Cray EX software products are being installed or upgraded in conjunction with SAT, refer to the HPE Cray EX System Software Getting Started Guide to determine which step to execute next.\nIf no other HPE Cray EX software products are being installed or upgraded at this time, proceed to the remaining SAT Setup or SAT Post-Upgrade procedures.\nIf performing a fresh install, execute the SAT Setup procedures:\nSAT Authentication Generate SAT S3 Credentials Run Sat Setrev to Set System Information If performing an upgrade, execute the SAT Post-Upgrade procedures:\nOptional: Remove old versions after an upgrade Remove obsolete configuration file sections SAT Authentication Initially, as part of the installation and configuration, SAT authentication is set up so sat commands can be used in later steps of the install process. The admin account used to authenticate with sat auth must be enabled in Keycloak and must have its assigned role set to admin. For instructions on editing Role Mappings see Create Internal User Accounts in the Keycloak Shasta Realm in the CSM product documentation. For additional information on SAT authentication, see System Security and Authentication in the CSM documentation.\nNOTE: This procedure is only required after initially installing SAT. It is not required after upgrading SAT.\nDescription of SAT Command Authentication Types Some SAT subcommands make requests to the Shasta services through the API gateway and thus require authentication to the API gateway in order to function. Other SAT subcommands use the Kubernetes API. Some sat commands require S3 to be configured (see: Generate SAT S3 Credentials). In order to use the SAT S3 bucket, the System Administrator must generate the S3 access key and secret keys and write them to a local file. This must be done on every Kubernetes manager node where SAT commands are run.\nBelow is a table describing SAT commands and the types of authentication they require.\nSAT Subcommand Authentication/Credentials Required Man Page Description sat auth Responsible for authenticating to the API gateway and storing a token. sat-auth Authenticate to the API gateway and save the token. sat bootsys Requires authentication to the API gateway. Requires kubernetes configuration and authentication, which is configured on ncn-m001 during the install. Some stages require passwordless SSH to be configured to all other NCNs. Requires S3 to be configured for some stages. sat-bootsys Boot or shutdown the system, including compute nodes, application nodes, and non-compute nodes (NCNs) running the management software. sat diag Requires authentication to the API gateway. sat-diag Launch diagnostics on the HSN switches and generate a report. sat firmware Requires authentication to the API gateway. sat-firmware Report firmware version. sat hwinv Requires authentication to the API gateway. sat-hwinv Give a listing of the hardware of the HPE Cray EX system. sat hwmatch Requires authentication to the API gateway. sat-hwmatch Report hardware mismatches. sat init None sat-init Create a default SAT configuration file. sat k8s Requires kubernetes configuration and authentication, which is automatically configured on ncn-w001 during the install. sat-k8s Report on kubernetes replicasets that have co-located replicas (i.e. replicas on the same node). sat linkhealth This command has been deprecated. sat nid2xname Requires authentication to the API gateway. sat-nid2xname Translate node IDs to node xnames. sat sensors Requires authentication to the API gateway. sat-sensors Report current sensor data. sat setrev Requires S3 to be configured for site information such as system name, serial number, install date, and site name. sat-setrev Set HPE Cray EX system revision information. sat showrev Requires API gateway authentication in order to query the Interconnect from HSM. Requires S3 to be configured for site information such as system name, serial number, install date, and site name. sat-showrev Print revision information for the HPE Cray EX system. sat status Requires authentication to the API gateway. sat-status Report node status across the HPE Cray EX system. sat swap Requires authentication to the API gateway. sat-swap Prepare HSN switch or cable for replacement and bring HSN switch or cable into service. sat xname2nid Requires authentication to the API gateway. sat-xname2nid Translate node and node BMC xnames to node IDs. sat switch This command has been deprecated. It has been replaced by sat swap. In order to authenticate to the API gateway, you must run the sat auth command. This command will prompt for a password on the command line. The username value is obtained from the following locations, in order of higher precedence to lower precedence:\nThe --username global command-line option. The username option in the api_gateway section of the config file at ~/.config/sat/sat.toml. The name of currently logged in user running the sat command. If credentials are entered correctly when prompted by sat auth, a token file will be obtained and saved to ~/.config/sat/tokens. Subsequent sat commands will determine the username the same way as sat auth described above, and will use the token for that username if it has been obtained and saved by sat auth.\nPrerequisites The sat CLI has been installed following Install The System Admin Toolkit Product Stream. Procedure The following is the procedure to globally configure the username used by SAT and authenticate to the API gateway:\nGenerate a default SAT configuration file, if one does not exist.\nncn-m001# sat init Configuration file \u0026#34;/root/.config/sat/sat.toml\u0026#34; generated. Note: If the config file already exists, it will print out an error:\nERROR: Configuration file \u0026#34;/root/.config/sat/sat.toml\u0026#34; already exists. Not generating configuration file. Edit ~/.config/sat/sat.toml and set the username option in the api_gateway section of the config file. E.g.:\nusername = \u0026#34;crayadmin\u0026#34; Run sat auth. Enter your password when prompted. E.g.:\nncn-m001# sat auth Password for crayadmin: Succeeded! Other sat commands are now authenticated to make requests to the API gateway. E.g.:\nncn-m001# sat status Generate SAT S3 Credentials Generate S3 credentials and write them to a local file so the SAT user can access S3 storage. In order to use the SAT S3 bucket, the System Administrator must generate the S3 access key and secret keys and write them to a local file. This must be done on every Kubernetes master node where SAT commands are run.\nSAT uses S3 storage for several purposes, most importantly to store the site-specific information set with sat setrev (see: Run Sat Setrev to Set System Information).\nNOTE: This procedure is only required after initially installing SAT. It is not required after upgrading SAT.\nPrerequisites The sat CLI has been installed following Install The System Admin Toolkit Product Stream. The sat configuration file has been created (See SAT Authentication). CSM has been installed and verified. Procedure Ensure the files are readable only by root.\nncn-m001# touch /root/.config/sat/s3_access_key \\ /root/.config/sat/s3_secret_key ncn-m001# chmod 600 /root/.config/sat/s3_access_key \\ /root/.config/sat/s3_secret_key Write the credentials to local files using kubectl.\nncn-m001# kubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.access_key}\u0026#39; | base64 -d \u0026gt; \\ /root/.config/sat/s3_access_key ncn-m001# kubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.secret_key}\u0026#39; | base64 -d \u0026gt; \\ /root/.config/sat/s3_secret_key Verify the S3 endpoint specified in the SAT configuration file is correct.\nGet the SAT configuration file\u0026rsquo;s endpoint valie.\nNOTE: If the command\u0026rsquo;s output is commented out, indicated by an initial # character, the SAT configuration will take the default value – \u0026quot;https://rgw-vip.nmn\u0026quot;.\nncn-m001# grep endpoint ~/.config/sat/sat.toml # endpoint = \u0026#34;https://rgw-vip.nmn\u0026#34; Get the sat-s3-credentials secret\u0026rsquo;s endpoint value.\nncn-m001# kubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.s3_endpoint}\u0026#39; | base64 -d | xargs https://rgw-vip.nmn Compare the two endpoint values.\nIf the values differ, modify the SAT configuration file\u0026rsquo;s endpoint value to match the secret\u0026rsquo;s.\nCopy SAT configurations to every manager node on the system.\nncn-m001# for i in ncn-m002 ncn-m003; do echo $i; ssh ${i} \\ mkdir -p /root/.config/sat; \\ scp -pr /root/.config/sat ${i}:/root/.config; done NOTE: Depending on how many manager nodes are on the system, the list of manager nodes may be different. This example assumes three manager nodes, where the configuration files must be copied from ncn-m001 to ncn-m002 and ncn-m003. Therefore, the list of hosts above is ncn-m002 and ncn-m003.\nRun sat setrev to Set System Information NOTE: This procedure is only required after initially installing SAT. It is not required after upgrading SAT.\nPrerequisites S3 credentials have been generated. See Generate SAT S3 Credentials. SAT authentication has been set up. See SAT Authentication. Procedure Run sat setrev to set System Revision Information. Follow the on-screen prompts.\nncn-m001# sat setrev -------------------------------------------------------------------------------- Setting: Serial number Purpose: System identification. This will affect how snapshots are identified in the HPE backend services. Description: This is the top-level serial number which uniquely identifies the system. It can be requested from an HPE representative. Valid values: Alpha-numeric string, 4 - 20 characters. Type: \u0026lt;class \u0026#39;str\u0026#39;\u0026gt; Default: None Current value: None -------------------------------------------------------------------------------- Please do one of the following to set the value of the above setting: - Input a new value - Press CTRL-C to exit ... Run sat showrev to verify System Revision Information. The following tables contain example information.\nncn-m001# sat showrev ################################################################################ System Revision Information ################################################################################ +---------------------+---------------+ | component | data | +---------------------+---------------+ | Company name | HPE | | Country code | US | | Interconnect | Sling | | Product number | R4K98A | | Serial number | 12345 | | Site name | HPE | | Slurm version | slurm 20.02.5 | | System description | Test System | | System install date | 2021-01-29 | | System name | eniac | | System type | Shasta | +---------------------+---------------+ ################################################################################ Product Revision Information ################################################################################ +--------------+-----------------+------------------------------+------------------------------+ | product_name | product_version | images | image_recipes | +--------------+-----------------+------------------------------+------------------------------+ | csm | 0.8.14 | cray-shasta-csm-sles15sp1... | cray-shasta-csm-sles15sp1... | | sat | 2.0.1 | - | - | | sdu | 1.0.8 | - | - | | slingshot | 0.8.0 | - | - | | sma | 1.4.12 | - | - | +--------------+-----------------+------------------------------+------------------------------+ ################################################################################ Local Host Operating System ################################################################################ +-----------+----------------------+ | component | version | +-----------+----------------------+ | Kernel | 5.3.18-24.15-default | | SLES | SLES 15-SP2 | +-----------+----------------------+ Optional: Remove old versions after an upgrade Prerequisites The Install the System Admin Toolkit Product Stream procedure has been successfully completed. The Perform NCN Personalization procedure has been successfully completed. Procedure After upgrading from a previous version of SAT, the old version of the cray/cray-sat container image will remain in the registry on the system. It is not removed automatically, but it will not be the default version.\nThe admin can remove the older version of the cray/cray-sat container image.\nThe cray-product-catalog Kubernetes configuration map will also show all versions of SAT that are installed. The command sat showrev --products will display these versions. See the example:\nncn-m001# sat showrev --products ############################################################################### Product Revision Information ############################################################################### +--------------+-----------------+--------------------+-----------------------+ | product_name | product_version | images | image_recipes | +--------------+-----------------+--------------------+-----------------------+ ... | sat | 2.1.3 | - | - | | sat | 2.0.4 | - | - | ... +--------------+-----------------+--------------------+-----------------------+ Remove obsolete configuration file sections Prerequisites The Install the System Admin Toolkit Product Stream procedure has been successfully completed. The Perform NCN Personalization procedure has been successfully completed. Procedure After upgrading SAT, if using the configuration file from a previous version, there may be configuration file sections no longer used in the new version. For example, when upgrading from Shasta 1.4 to Shasta 1.5, the [redfish] configuration file section is no longer used. In that case, the following warning may appear upon running sat commands.\nWARNING: Ignoring unknown section \u0026#39;redfish\u0026#39; in config file. Remove the [redfish] section from /root/.config/sat/sat.toml to resolve the warning.\n[redfish] username = \u0026#34;admin\u0026#34; password = \u0026#34;adminpass\u0026#34; Repeat this process for any configuration file sections for which there are \u0026ldquo;unknown section\u0026rdquo; warnings.\n" +}, +{ + "uri": "/docs-sat/en-21/introduction/", + "title": "Introduction to SAT", + "tags": [], + "description": "", + "content": "Introduction to SAT About System Admin Toolkit (SAT) The System Admin Toolkit (SAT) is designed to assist administrators with common tasks, such as troubleshooting and querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components.\nSAT offers a command line utility which uses subcommands. There are similarities between SAT commands and xt commands used on the Cray XC platform. For more information on SAT commands, see System Admin Toolkit Command Overview.\nSix Kibana Dashboards are included with SAT. They provide organized output for system health information.\nAER Kibana Dashboard ATOM Kibana Dashboard Heartbeat Kibana Dashboard Kernel Kibana Dashboard MCE Kibana Dashboard Rasdaemon Kibana Dashboard Four Grafana Dashboards are included with SAT. They display messages that are generated by the HSN (High Speed Network) and are reported through Redfish.\nGrafana Fabric Congestion Dashboard Grafana Fabric Errors Dashboard Grafana Fabric Port State Dashboard Grafana Fabric RFC3635 Dashboard SAT is installed as a separate product as part of the HPE Cray EX System base installation.\nSystem Admin Toolkit Command Overview Describes the SAT Command Line Utility, lists the key commands found in the System Admin Toolkit man pages, and provides instruction on the SAT Container Environment.\nSAT Command Line Utility The primary component of the System Admin Toolkit (SAT) is a command-line utility run from Kubernetes manager nodes (ncn-m nodes).\nIt is designed to assist administrators with common tasks, such as troubleshooting and querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components. There are similarities between SAT commands and xt commands used on the Cray XC platform.\nSAT Commands The top-level SAT man page describes the toolkit, documents the global options affecting all subcommands, documents configuration file options, and references the man page for each subcommand. SAT consists of many subcommands that each have their own set of options.\nSAT Container Environment The sat command-line utility runs in a container using podman, a daemonless container runtime. SAT runs on Kubernetes manager nodes. A few important points about the SAT container environment include the following:\nUsing either sat or sat bash always launches a container. The SAT container does not have access to the NCN file system. There are two ways to run sat.\nInteractive: Launching a container using sat bash, followed by a sat command. Non-interactive: Running a sat command directly on a Kubernetes manager node. In both of these cases, a container is launched in the background to execute the command. The first option, running sat bash first, gives an interactive shell, at which point sat commands can be run. In the second option, the container is launched, executes the command, and upon the command\u0026rsquo;s completion the container exits. The following two examples show the same action, checking the system status, using interactive and non-interactive modes.\nInteractive ncn-m001# sat bash (CONTAINER-ID)sat-container# sat status Non-interactive ncn-m001# sat status Interactive Advantages Running sat using the interactive command prompt gives the ability to read and write local files on ephemeral container storage. If multiple sat commands are being run in succession, then use sat bash to launch the container beforehand. This will save time because the container does not need to be launched for each sat command.\nNon-interactive Advantages The non-interactive mode is useful if calling sat with a script, or when running a single sat command as a part of several steps that need to be executed from a management NCN.\nMan Pages - Interactive and Non-interactive Modes To view a sat man page from a Kubernetes manager node, use sat-man on the manager node as shown in the following example.\nncn-m001# sat-man status A man page describing the SAT container environment is available on the Kubernetes manager nodes, which can be viewed either with man sat or man sat-podman from the manager node.\nncn-m001# man sat ncn-m001# man sat-podman Command Prompt Conventions in SAT The host name in a command prompt indicates where the command must be run. The account that must run the command is also indicated in the prompt.\nThe root or super-user account always has the # character at the end of the prompt and has the host name of the host in the prompt. Any non-root account is indicated with account@hostname\u0026gt;. A user account that is neither root nor crayadm is referred to as user. The command prompt inside the SAT container environment is indicated with the string as follows. It also has the \u0026ldquo;#\u0026rdquo; character at the end of the prompt. Command Prompt Meaning ncn-m001# Run on one of the Kubernetes Manager servers. (Non-interactive) (CONTAINER_ID) sat-container# Run the command inside the SAT container environment by first running sat bash. (Interactive) Examples of the sat status command used by an administrator:\nncn-m001# sat status ncn-m001# sat bash (CONTAINER_ID) sat-container# sat status SAT Dependencies Most sat subcommands depend on services or components from other products in the HPE Cray EX (Shasta) software stack. The following list shows these dependencies for each subcommand. Each service or component is listed under the product it belongs to.\nsat auth CSM Keycloak sat bootsys CSM Boot Orchestration Service (BOS) Cray Advanced Platform Monitoring and Control (CAPMC) Ceph Compute Rolling Upgrade Service (CRUS) Etcd Firmware Action Service (FAS) Hardware State Manager (HSM) Kubernetes S3 COS Node Memory Dump (NMD) sat diag CSM Hardware State Manager (HSM) CSM-Diag Fox sat firmware CSM Firmware Action Service (FAS) sat hwinv CSM Hardware State Manager (HSM) sat hwmatch CSM Hardware State Manager (HSM) sat init None\nsat k8s CSM Kubernetes sat nid2xname CSM Hardware State Manager (HSM) sat sensors CSM Hardware State Manager (HSM) HM Collector SMA Telemetry API sat setrev CSM S3 sat showrev CSM Hardware State Manager (HSM) Kubernetes S3 sat status CSM Hardware State Manager (HSM) sat swap Slingshot Fabric Manager sat switch Deprecated: See sat swap\nsat xname2nid CSM Hardware State Manager (HSM) " +}, +{ + "uri": "/docs-sat/en-21/dashboards/sat_grafana_dashboards/", + "title": "SAT Grafana Dashboards", + "tags": [], + "description": "", + "content": "SAT Grafana Dashboards The SAT Grafana Dashboards display messages that are generated by the HSN (High Speed Network) and reported through Redfish. The messages are displayed based on severity.\nGrafana can be accessed via web browser at the following URL:\nhttps://sma-grafana.\u0026lt;system_name\u0026gt;.\u0026lt;system_domain\u0026gt; For additional details about how to access the Grafana Dashboards refer to Access the Grafana Monitoring UI in the SMA product documentation.\nFor more information about the interpretation of metrics for the SAT Grafana Dashboards refer to Fabric Telemetry Kafka Topics in the SMA product documentation.\nNavigate SAT Grafana Dashboards There are four Fabric Telemetry dashboards used in SAT that report on the HSN. Two contain chart panels and two display telemetry in a tabular format.\nDashboard Name Display Type Fabric Congestion Chart Panels Fabric RFC3635 Chart Panels Fabric Errors Tabular Format Fabric Port State Tabular Format The tabular format presents a single point of telemetry for a given location and metric, either because the telemetry is not numerical or that it changes infrequently. The value shown is the most recently reported value for that location during the time range selected, if any. The interval setting is not used for tabular dashboards.\nSAT Grafana Interval and Locations Options Shows the Interval and Locations Options for the available telemetry.\nThe value of the Interval option sets the time resolution of the received telemetry. This works a bit like a histogram, with the available telemetry in an interval of time going into a \u0026ldquo;bucket\u0026rdquo; and averaging out to a single point on the chart or table. The special value auto will choose an interval based on the time range selected.\nFor additional information, refer to Grafana Templates and Variables.\nThe Locations option allows restriction of the telemetry shown by locations, either individual links or all links in a switch. The selection presented updates dynamically according to time range, except for the errors dashboard, which always has entries for all links and switches, although the errors shown are restricted to the selected time range.\nThe chart panels for the RFC3635 and Congestion dashboards allow selection of a single location from the chart\u0026rsquo;s legend or the trace on the chart.\nGrafana Fabric Congestion Dashboard SAT Grafana Dashboards provide system administrators a way to view fabric telemetry data across all Rosetta switches in the system and assess the past and present health of the high-speed network. It also allows the ability to drill down to view data for specific ports on specific switches.\nThis dashboard contains the variable, Port Type not found in the other dashboards. The possible values are edge, local, and global and correspond to the link\u0026rsquo;s relationship to the network topology. The locations presented in the panels are restricted to the values (any combination, defaults to \u0026ldquo;all\u0026rdquo;) selected.\nThe metric values for links of a given port type are similar in value to each other but very distinct from the values of other types. If the values for different port types are all plotted together, the values for links with lower values are indistinguishable from zero when plotted.\nThe port type of a link is reported as a port state \u0026ldquo;subtype\u0026rdquo; event when defined at port initialization.\nGrafana Fabric Errors Dashboard This dashboard reports error counters in a tabular format in three panels.\nThere is no Interval option because this parameter is not used to set a coarseness of the data. Only a single value is presented that displays the most recent value in the time range.\nUnlike other dashboards, the locations presented are all locations in the system rather than having telemetry within the time range selected. However, the values are taken from telemetry within the time range.\nGrafana Fabric Port State Dashboard There is no Interval option because this parameter is not used to set a coarseness of the data. Only a single value is presented that displays the most recent value in the time range.\nThe Fabric Port State telemetry is distinct because it typically is not numeric. It also updates infrequently, so a long time range may be necessary to obtain any values. Port State is refreshed daily, so a time range of 24 hours results in all states for all links in the system being shown.\nThe three columns named, group, switch, and port are not port state events, but extra information included with all port state events.\nGrafana Fabric RFC3635 Dashboard For additional information on performance counters, refer to Definitions of Managed Objects for the Ethernet-like Interface Types, an Internet standards document.\nBecause these metrics are counters that only increase over time, the values plotted are the change in the counter\u0026rsquo;s value over the interval setting.\n" +}, +{ + "uri": "/docs-sat/en-21/dashboards/sat_kibana_dashboards/", + "title": "SAT Kibana Dashboards", + "tags": [], + "description": "", + "content": "SAT Kibana Dashboards Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored in Elasticsearch indices. Kibana runs as a web service and has a browser-based interface. It offers visual output of node data in the forms of charts, tables and maps that display real-time Elasticsearch queries. Viewing system data in this way breaks down the complexity of large data volumes into easily understood information.\nKibana can be accessed via web browser at the following URL:\nhttps://sma-kibana.\u0026lt;system_name\u0026gt;.\u0026lt;system_domain\u0026gt; For additional details about how to access the Kibana Dashboards refer to View Logs Via Kibana in the SMA product documentation.\nAdditional details about the AER, ATOM, Heartbeat, Kernel, MCE, and Rasdaemon Kibana Dashboards are included in this table.\nDashboard Short Description Long Description Kibana Visualization and Search Name sat-aer AER corrected Corrected Advanced Error Reporting messages from PCI Express devices on each node. Visualization: aer-corrected Search: sat-aer-corrected sat-aer AER fatal Fatal Advanced Error Reporting messages from PCI Express devices on each node. Visualization: aer-fatal Search: sat-aer-fatal sat-atom ATOM failures Application Task Orchestration and Management tests are run on a node when a job finishes. Test failures are logged. sat-atom-failed sat-atom ATOM admindown Application Task Orchestration and Management test failures can result in nodes being marked admindown. An admindown node is not available for job launch. sat-atom-admindown sat-heartbeat Heartbeat loss events Heartbeat loss event messages reported by the hbtd pods that monitor for heartbeats across nodes in the system. sat-heartbeat sat-kernel Kernel assertions The kernel software performs a failed assertion when some condition represents a serious fault. The node goes down. sat-kassertions sat-kernel Kernel panics The kernel panics when something is seriously wrong. The node goes down. sat-kernel-panic sat-kernel Lustre bugs (LBUGs) The Lustre software in the kernel stack performs a failed assertion when some condition related to file system logic represents a serious fault. The node goes down. sat-lbug sat-kernel CPU stalls CPU stalls are serous conditions that can reduce node performance, and sometimes cause a node to go down. Technically these are Read-Copy-Update stalls where software in the kernel stack holds onto memory for too long. Read-Copy-Update is a vital aspect of kernel performance and rather esoteric. sat-cpu-stall sat-kernel Out of memory An Out Of Memory (OOM) condition has occurred. The kernel must kill a process to continue. The kernel will select an expendable process when possible. If there is no expendable process the node usually goes down in some manner. Even if there are expendable processes the job is likely to be impacted. OOM conditions are best avoided. sat-oom sat-mce MCE Machine Check Exceptions (MCE) are errors detected at the processor level. sat-mce sat-rasdaemon rasdaemon errors Errors from the rasdaemon service on nodes. The rasdaemon service is the Reliability, Availability, and Serviceability Daemon, and it is intended to collect all hardware error events reported by the linux kernel, including PCI and MCE errors. This may include certain HSN errors in the future. sat-rasdaemon-error sat-rasdaemon rasdaemon messages All messages from the rasdaemon service on nodes. sat-rasdaemon Disable Search Highlighting in Kibana Dashboard By default, search highlighting is enabled. This procedure instructs how to disable search highlighting.\nThe Kibana Dashboard should be open on your system.\nNavigate to Management\nNavigate to Advanced Settings in the Kibana section, below the Elastic search section\nScroll down to the Discover section\nChange Highlight results from on to off\nClick Save to save changes\nAER Kibana Dashboard The AER Dashboard displays errors that come from the PCI Express Advanced Error Reporting (AER) driver. These errors are split up into separate visualizations depending on whether they are fatal or corrected errors.\nView the AER Kibana Dashboard Go to the dashboard section.\nSelect sat-aer dashboard.\nChoose the time range of interest.\nView the Corrected and Fatal Advanced Error Reporting messages from PCI Express devices on each node. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\nATOM Kibana Dashboard The ATOM (Application Task Orchestration and Management) Dashboard displays node failures that occur during health checks and application test failures. Some test failures are of possible interest even though a node is not marked admindown or otherwise fails. They are of clear interest if a node is marked admindown, and might provide clues if a node otherwise fails. They might also show application problems.\nView the ATOM Kibana Dashboard HPE Cray EX is installed on the system along with the System Admin Toolkit, which contains the ATOM Kibana Dashboard.\nGo to the dashboard section.\nSelect sat-atom dashboard.\nChoose the time range of interest.\nView any nodes marked admindown and any ATOM test failures. These failures occur during health checks and application test failures. Test failures marked admindown are important to note. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\nHeartbeat Kibana Dashboard The Heartbeat Dashboard displays heartbeat loss messages that are logged by the hbtd pods in the system. The hbtd pods are responsible for monitoring nodes in the system for heartbeat loss.\nView the Heartbeat Kibana Dashboard Go to the dashboard section.\nSelect sat-heartbeat dashboard.\nChoose the time range of interest.\nView the heartbeat loss messages that are logged by the hbtd pods in the system. The hbtd pods are responsible for monitoring nodes in the system for heartbeat loss.View the matching log messages in the panel.\nKernel Kibana Dashboard The Kernel Dashboard displays compute node failures such as kernel assertions, kernel panics, and Lustre LBUG messages. The messages reveal if Lustre has experienced a fatal error on any compute nodes in the system. A CPU stall is a serious problem that might result in a node failure. Out-of-memory conditions can be due to applications or system problems and may require expert analysis. They provide useful clues for some node failures and may reveal if an application is using too much memory.\nView the Kernel Kibana Dashboard Go to the dashboard section.\nSelect sat-kernel dashboard.\nChoose the time range of interest.\nView the compute node failures such as kernel assertions, kernel panics, and Lustre LBUG messages. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\nMCE Kibana Dashboard The MCE Dashboard displays CPU detected processor-level hardware errors.\nView the MCE Kibana Dashboard Go to the dashboard section.\nSelect sat-mce dashboard.\nChoose the time range of interest.\nView the Machine Check Exceptions (MCEs) listed including the counts per NID (node). For an MCE, the CPU number and DIMM number can be found in the message, if applicable. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\nRasdaemon Kibana Dashboard The Rasdaemon Dashboard displays errors that come from the Reliability, Availability, and Serviceability (RAS) daemon service on nodes in the system. This service collects all hardware error events reported by the linux kernel, including PCI and MCE errors. As a result there may be some duplication between the messages presented here and the messages presented in the MCE and AER dashboards. This dashboard splits up the messages into two separate visualizations, one for only messages of severity \u0026ldquo;emerg\u0026rdquo; or \u0026ldquo;err\u0026rdquo; and another for all messages from rasdaemon.\nView the Rasdaemon Kibana Dashboard Go to the dashboard section.\nSelect sat-rasdaemon dashboard.\nChoose the time range of interest.\nView the errors that come from the Reliability, Availability, and Serviceability (RAS) daemon service on nodes in the system. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\n" +}, +{ + "uri": "/docs-sat/en-21/release_notes/", + "title": "SAT Release Notes", + "tags": [], + "description": "", + "content": "SAT Release Notes Summary of SAT changes in Shasta v1.5 We released version 2.1.16 of the SAT product in Shasta v1.5.\nThis version of the SAT product included:\nVersion 3.7.4 of the sat python package and CLI Version 1.4.10 of the sat-podman wrapper script It also added the following new component:\nVersion 1.0.3 of the sat-cfs-install docker image and helm chart The following sections detail the changes in this release.\nInstall Changes to Separate Product from CSM This release further decouples the installation of the SAT product from the CSM product. The cray-sat-podman RPM is no longer installed in the management non-compute node (NCN) image. Instead, the cray-sat-podman RPM is installed on all master management NCNs via an Ansible playbook which is referenced by a layer of the CFS configuration that applies to management NCNs. This CFS configuration is typically named \u0026ldquo;ncn-personalization\u0026rdquo;.\nThe SAT product now includes a Docker image and a Helm chart named sat-cfs-install. The SAT install script, install.sh, deploys the Helm chart with Loftsman. This helm chart deploys a Kubernetes job that imports the SAT Ansible content to a git repository in VCS (Gitea) named sat-config-management. This repository is referenced by the layer added to the NCN personalization CFS configuration.\nRemoval of Direct Redfish Access All commands which used to access Redfish directly have either been removed or modified to use higher-level service APIs. This includes the following commands:\nsat sensors sat diag sat linkhealth The sat sensors command has been rewritten to use the SMA telemetry API to obtain the latest sensor values. The command\u0026rsquo;s usage has changed slightly, but legacy options work as before, so it is backwards compatible. Additionally, new commands have been added.\nThe sat diag command has been rewritten to use a new service called Fox, which is delivered with the CSM-diags product. The sat diag command now launches diagnostics using the Fox service, which launches the corresponding diagnostic executables on controllers using the Hardware Management Job and Task Daemon (HMJTD) over Redfish. Essentially, Fox serves as a proxy for us to start diagnostics over Redfish.\nThe sat linkhealth command has been removed. Its functionality has been replaced by functionality from the Slingshot Topology Tool (STT) in the fabric manager pod.\nThe Redfish username and password command line options and config file options have been removed. For further instructions, see Remove Obsolete Configuration File Sections.\nAdditional Fields in sat setrev and sat showrev sat setrev now collects the following information from the admin, which is then displayed by sat showrev:\nSystem description Product number Company name Country code Additional guidance and validation has been added to each field collected by sat setrev. This sets the stage for sdu setup to stop collecting this information and instead collect it from sat showrev or its S3 bucket.\nImprovements to sat bootsys The platform-services stage of the sat bootsys boot command has been improved to start inactive Ceph services, unfreeze Ceph, and wait for Ceph health in the correct order. The ceph-check stage has been removed as it is no longer needed.\nThe platform-services stage of sat bootsys boot now prompts for confirmation of the storage NCN hostnames in addition to the Kubernetes masters and workers.\nBug Fixes and Security Fixes Improved error handling in sat firmware. Incremented version of Alpine Linux to 3.13.2 to address a security vulnerability. Other Notable Changes Ansible has been removed from the cray-sat container image. Support for the Firmware Update Service (FUS) has been removed from the sat firmware command. Summary of SAT Changes in Shasta v1.4.1 We released version 2.0.4 of the SAT product in Shasta v1.4.1.\nThis version of the SAT product included:\nVersion 3.5.0 of the sat python package and CLI. Version 1.4.3 of the sat-podman wrapper script. The following sections detail the changes in this release.\nNew Commands to Translate Between NIDs and XNames Two new commands were added to translate between NIDs and XNames:\nsat nid2xname sat xname2nid These commands perform this translation by making requests to the Hardware State Manager (HSM) API.\nBug Fixes Fixed a problem in sat swap where creating the offline port policy failed. Changed sat bootsys shutdown --stage bos-operations to no longer forcefully power off all compute nodes and application nodes using CAPMC when BOS sessions complete or time out. Fixed an issue with the command sat bootsys boot --stage cabinet-power. Summary of SAT Changes in Shasta v1.4 In Shasta v1.4, SAT became an independent product, which meant we began to designate a version number for the entire SAT product. We released version 2.0.3 of the SAT product in Shasta v1.4.\nThis version of the SAT product included the following components:\nVersion 3.4.0 of the sat python package and CLI It also added the following new component:\nVersion 1.4.2 of the sat-podman wrapper script The following sections detail the changes in this release.\nSAT as an Independent Product SAT is now packaged and released as an independent product. The product deliverable is called a \u0026ldquo;release distribution\u0026rdquo;. The release distribution is a gzipped tar file containing an install script. This install script loads the cray/cray-sat container image into the Docker registry in Nexus and loads the cray-sat-podman RPM into a package repository in Nexus.\nIn this release, the cray-sat-podman package is still installed in the master and worker NCN images provided by CSM. This is changed in SAT 2.1.16 released in Shasta v1.5.\nSAT Running in a Container Under Podman The sat command now runs in a container under Podman. The sat executable is now installed on all nodes in the Kubernetes management cluster (i.e., workers and masters). This executable is a wrapper script that starts a SAT container in Podman and invokes the sat Python CLI within that container. The admin can run individual sat commands directly on the master or worker NCNs as before, or they can run sat commands inside the SAT container after using sat bash to enter an interactive shell inside the SAT container.\nTo view man pages for sat commands, the user can run sat-man SAT_COMMAND, replacing SAT_COMMAND with the name of the sat command. Alternatively, the user can enter the sat container with sat bash and use the man command.\nNew sat init Command and Config File Location Change The default location of the SAT config file has been changed from /etc/sat.toml to ~/.config/sat/sat.toml. A new command, sat init, has been added that initializes a configuration file in the new default directory. This better supports individual users on the system who want their own config files.\n~/.config/sat is mounted into the container that runs under Podman, so changes are persistent across invocations of the sat container. If desired, an alternate configuration directory can be specified with the SAT_CONFIG_DIR environment variable.\nAdditionally, if a config file does not yet exist when a user runs a sat command, one is generated automatically.\nAdditional Types Added to sat hwinv Additional functionality has been added to sat hwinv including:\nList node enclosure power supplies with the --list-node-enclosure-power-supplies option. List node accelerators (e.g., GPUs) with the --list-node-accels option. The count of node accelerators is also included for each node. List node accelerator risers (e.g., Redstone modules) with the --list-node-accel-risers option. The count of node accelerator risers is also included for each node. List High-Speed Node Network Interface Cards (HSN NICs) with the --list-node-hsn-nics option. The count of HSN NICs is also included for each node. Documentation for these new options has been added to the man page for sat hwinv.\nSite Information Stored by sat setrev in S3 The sat setrev and sat showrev commands now use S3 to store and obtain site information, including system name, site name, serial number, install date, and system type. Since the information is stored in S3, it will now be consistent regardless of the node on which sat is executed.\nAs a result of this change, S3 credentials must be configured for SAT. For detailed instructions, see Generate SAT S3 Credentials.\nProduct Version Information Shown by sat showrev sat showrev now shows product information from the cray-product-catalog ConfigMap in Kubernetes.\nAdditional Changes to sat showrev The output from sat showrev has also been changed in the following ways:\nThe --docker and --packages options were considered misleading and have been removed. Information pertaining to only to the local host, where the command is run, has been moved to the output of the --local option. Removal of sat cablecheck The sat cablecheck command has been removed. To verify that the system\u0026rsquo;s Slingshot network is cabled correctly, admins should now use the show cables command in the Slingshot Topology Tool (STT).\nsat swap Command Compatibility with Next-gen Fabric Controller The sat swap command was added in Shasta v1.3.2. This command used the Fabric Controller API. Shasta v1.4 introduced a new Fabric Manager API and removed the Fabric Controller API, so this command has been rewritten to use the new backwards-incompatible API. Usage of the command did not change.\nsat bootsys Functionality Much of the functionality added to sat bootsys in Shasta v1.3.2 was broken by changes introduced in Shasta v1.4, which removed the Ansible inventory and playbooks.\nThe functionality in the platform-services stage of sat bootsys has been re-implemented to use python directly instead of Ansible. This resulted in a more robust procedure with better logging to the sat log file. Failures to stop containers on Kubernetes nodes are handled more gracefully, and more information about the containers that failed to stop, including how to debug the problem, is included.\nImprovements were made to console logging setup for non-compute nodes (NCNs) when they are shut down and booted.\nThe following improvements were made to the bos-operations stage of sat bootsys:\nMore information about the BOS sessions, BOA jobs, and BOA pods is printed. A command-line option, --bos-templates, and a corresponding config-file option, bos_templates, were added, and the --cle-bos-template and --uan-bos-template options and their corresponding config file options were deprecated. The following functionality has been removed from sat bootsys:\nThe hsn-bringup stage of sat bootsys boot has been removed due to removal of the underlying Ansible playbook. The bgp-check stage of sat bootys {boot,shutdown} has been removed. It is now a manual procedure. Log File Location Change The location of the sat log file has changed from /var/log/cray/sat.log to /var/log/cray/sat/sat.log. This change simplifies mounting this file into the sat container running under Podman.\nSummary of SAT Changes in Shasta v1.3.2 Shasta v1.3.2 included version 2.4.0 of the sat python package and CLI.\nThe following sections detail the changes in this release.\nsat swap Command for Switch and Cable Replacement The sat switch command which supported operations for replacing a switch has been deprecated and replaced with the sat swap command, which now supports replacing a switch OR cable.\nThe sat swap switch command is equivalent to sat switch. The sat switch command will be removed in a future release.\nAddition of Stages to sat bootsys Command The sat bootsys command now has multiple stages for both the boot and shutdown actions. Please refer to the \u0026ldquo;System Power On Procedures\u0026rdquo; and \u0026ldquo;System Power Off Procedures\u0026rdquo; sections of the Cray Shasta Administration Guide (S-8001) for more details on using this command in the context of a full system power off and power on.\nSummary of SAT Changes in Shasta v1.3 Shasta v1.3 included version 2.2.3 of the sat python package and CLI.\nThis version of the sat CLI contained the following commands:\nauth bootsys cablecheck diag firmware hwinv hwmatch k8s linkhealth sensors setrev showrev status swap switch See the System Admin Toolkit Command Overview and the table of commands in the SAT Authentication section of this document for more details on each of these commands.\n" +}, +{ + "uri": "/docs-sat/en-21/categories/", + "title": "Categories", + "tags": [], + "description": "", + "content": "" +}, +{ + "uri": "/docs-sat/en-21/tags/", + "title": "Tags", + "tags": [], + "description": "", + "content": "" +}] \ No newline at end of file diff --git a/en-21/index.xml b/en-21/index.xml new file mode 100644 index 0000000000..e20c89353b --- /dev/null +++ b/en-21/index.xml @@ -0,0 +1,47 @@ + + + + HPE Cray EX System Admin Toolkit (SAT) Guide on System Admin Toolkit (SAT) + /docs-sat/en-21/ + Recent content in HPE Cray EX System Admin Toolkit (SAT) Guide on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-21 + Wed, 11 Dec 2024 03:40:00 +0000 + + + SAT Installation + /docs-sat/en-21/install/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-21/install/ + SAT Installation Install the System Admin Toolkit Product Stream Describes how to install the System Admin Toolkit (SAT) product stream. Prerequisites CSM is installed and verified. cray-product-catalog is running. There must be at least 2 gigabytes of free space on the manager NCN on which the procedure is run. Notes on the Procedures Ellipses (...) in shell output indicate omitted lines. In the examples below, replace 2.1.x with the version of the SAT product stream being installed. + + + Introduction to SAT + /docs-sat/en-21/introduction/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-21/introduction/ + Introduction to SAT About System Admin Toolkit (SAT) The System Admin Toolkit (SAT) is designed to assist administrators with common tasks, such as troubleshooting and querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components. SAT offers a command line utility which uses subcommands. There are similarities between SAT commands and xt commands used on the Cray XC platform. For more information on SAT commands, see System Admin Toolkit Command Overview. + + + SAT Grafana Dashboards + /docs-sat/en-21/dashboards/sat_grafana_dashboards/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-21/dashboards/sat_grafana_dashboards/ + SAT Grafana Dashboards The SAT Grafana Dashboards display messages that are generated by the HSN (High Speed Network) and reported through Redfish. The messages are displayed based on severity. Grafana can be accessed via web browser at the following URL: https://sma-grafana.&lt;system_name&gt;.&lt;system_domain&gt; For additional details about how to access the Grafana Dashboards refer to Access the Grafana Monitoring UI in the SMA product documentation. For more information about the interpretation of metrics for the SAT Grafana Dashboards refer to Fabric Telemetry Kafka Topics in the SMA product documentation. + + + SAT Kibana Dashboards + /docs-sat/en-21/dashboards/sat_kibana_dashboards/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-21/dashboards/sat_kibana_dashboards/ + SAT Kibana Dashboards Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored in Elasticsearch indices. Kibana runs as a web service and has a browser-based interface. It offers visual output of node data in the forms of charts, tables and maps that display real-time Elasticsearch queries. Viewing system data in this way breaks down the complexity of large data volumes into easily understood information. + + + SAT Release Notes + /docs-sat/en-21/release_notes/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-21/release_notes/ + SAT Release Notes Summary of SAT changes in Shasta v1.5 We released version 2.1.16 of the SAT product in Shasta v1.5. This version of the SAT product included: Version 3.7.4 of the sat python package and CLI Version 1.4.10 of the sat-podman wrapper script It also added the following new component: Version 1.0.3 of the sat-cfs-install docker image and helm chart The following sections detail the changes in this release. + + + diff --git a/en-21/install/index.html b/en-21/install/index.html new file mode 100644 index 0000000000..def52dbf4f --- /dev/null +++ b/en-21/install/index.html @@ -0,0 +1,1333 @@ + + + + + + + + + + + + SAT Installation :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+ +
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Installation

+

Install the System Admin Toolkit Product Stream

+

Describes how to install the System Admin Toolkit (SAT) product stream.

+

Prerequisites

+
    +
  • CSM is installed and verified.
    • +
  • cray-product-catalog is running.
    • +
  • There must be at least 2 gigabytes of free space on the manager NCN on which the +procedure is run.
    • +
+

Notes on the Procedures

+
    +
  • Ellipses (...) in shell output indicate omitted lines.
    • +
  • In the examples below, replace 2.1.x with the version of the SAT product stream +being installed.
    • +
  • ‘manager’ and ‘master’ are used interchangeably in the steps below.
    • +
  • To upgrade SAT, execute the pre-installation, installation, and post-installation +procedures for a newer distribution. The newly installed version will become +the default.
    • +
+

Pre-Installation Procedure

+
    +
  1. +

    Start a typescript.

    +

    The typescript will record the commands and the output from this installation.

    +
    ncn-m001# script -af product-sat.$(date +%Y-%m-%d).txt
+ncn-m001# export PS1='\u@\H \D{%Y-%m-%d} \t \w # '
+
    2. +
+

Installation Procedure

+
    +
  1. +

    Copy the release distribution gzipped tar file to ncn-m001.

    +
    2. +
  2. +

    Unzip and extract the release distribution, 2.1.x.

    +
    ncn-m001# tar -xvzf sat-2.1.x.tar.gz
+
    3. +
  3. +

    Change directory to the extracted release distribution directory.

    +
    ncn-m001# cd sat-2.1.x
+
    4. +
  4. +

    Run the installer: install.sh.

    +

    The script produces a lot of output. The last several lines are included +below for reference.

    +
    ncn-m001# ./install.sh
+...
+ConfigMap data updates exist; Exiting.
++ clean-install-deps
++ for image in "${vendor_images[@]}"
++ podman rmi -f docker.io/library/cray-nexus-setup:sat-2.1.x-20210804163905-8dbb87d
+Untagged: docker.io/library/cray-nexus-setup:sat-2.1.x-20210804163905-8dbb87d
+Deleted: 2c196c0c6364d9a1699d83dc98550880dc491cc3433a015d35f6cab1987dd6da
++ for image in "${vendor_images[@]}"
++ podman rmi -f docker.io/library/skopeo:sat-2.1.x-20210804163905-8dbb87d
+Untagged: docker.io/library/skopeo:sat-2.1.x-20210804163905-8dbb87d
+Deleted: 1b38b7600f146503e246e753cd9df801e18409a176b3dbb07b0564e6bc27144c
+
    5. +
  5. +

    Check the return code of the installer. Zero indicates a successful installation.

    +
    ncn-m001# echo $?
+0
+
    6. +
  6. +

    Check the progress of the SAT configuration import Kubernetes job, which is +initiated by install.sh.

    +

    If the “Pods Statuses” appear as “Succeeded”, the job has completed +successfully. The job usually takes between 30 seconds and 2 minutes.

    +
    ncn-m001# kubectl describe job sat-config-import-2.1.x -n services
+...
+Pods Statuses:  0 Running / 1 Succeeded / 0 Failed
+...
+

    The job’s progress may be monitored using kubectl logs. The example below includes +the final log lines from a successful configuration import Kubernetes job.

    +
    ncn-m001# kubectl logs -f -n services --selector \
+    job-name=sat-config-import-2.1.x --all-containers
+...
+ConfigMap update attempt=1
+Resting 1s before reading ConfigMap
+ConfigMap data updates exist; Exiting.
+2021-08-04T21:50:10.275886Z  info    Agent has successfully terminated
+2021-08-04T21:50:10.276118Z  warning envoy main  caught SIGTERM
+# Completed on Wed Aug  4 21:49:44 2021
+

    The following error may appear in this log, but it can be ignored.

    +
    error accept tcp [::]:15020: use of closed network connection
+
    7. +
+

Post-Installation Procedure

+
    +
  1. +

    Optional: Remove the SAT release distribution tar file and extracted directory.

    +
    ncn-m001# rm sat-2.2.x.tar.gz
+ncn-m001# rm -rf sat-2.2.x/
+
    2. +
  2. +

    Upgrade only: Ensure that the environment variable SAT_TAG is not set +in the ~/.bashrc file on any of the management NCNs.

    +

    NOTE: This step should only be required when updating from +Shasta 1.4.1 or Shasta 1.4.2.

    +

    The following example assumes three manager NCNs: ncn-m001, ncn-m002, and ncn-m003, +and shows output from a system in which no further action is needed.

    +
    ncn-m001# pdsh -w ncn-m00[1-3] cat ~/.bashrc
+ncn-m001: source <(kubectl completion bash)
+ncn-m003: source <(kubectl completion bash)
+ncn-m002: source <(kubectl completion bash)
+

    The following example shows that SAT_TAG is set in ~/.bashrc on ncn-m002. +Remove that line from the ~/.bashrc file on ncn-m002.

    +
    ncn-m001# pdsh -w ncn-m00[1-3] cat ~/.bashrc
+ncn-m001: source <(kubectl completion bash)
+ncn-m002: source <(kubectl completion bash)
+ncn-m002: export SAT_TAG=3.5.0
+ncn-m003: source <(kubectl completion bash)
+
    3. +
  3. +

    Stop the typescript.

    +

    NOTE: This step can be skipped if you wish to use the same typescript +for the remainder of the SAT install. See Next Steps.

    +
    ncn-m001# exit
+
    4. +
+

SAT version 2.1.x is now installed/upgraded, meaning the SAT 2.1.x release +has been loaded into the system software repository.

+
    +
  • SAT configuration content for this release has been uploaded to VCS.
    • +
  • SAT content for this release has been uploaded to the CSM product catalog.
    • +
  • SAT content for this release has been uploaded to Nexus repositories.
    • +
  • The sat command won’t be available until the NCN Personalization +procedure has been executed.
    • +
+

Next Steps

+

If other HPE Cray EX software products are being installed or upgraded in conjunction +with SAT, refer to the HPE Cray EX System Software Getting Started Guide +to determine which step to execute next.

+

If no other HPE Cray EX software products are being installed or upgraded at this time, +proceed to the sections listed below.

+

NOTE: The NCN Personalization procedure is required when +upgrading SAT. The setup procedures in SAT Setup, however, are +not required when upgrading SAT. They should have been executed +during the first installation of SAT.

+

Execute the NCN Personalization procedure:

+ +

If performing a fresh install, execute the SAT Setup procedures:

+ +

If performing an upgrade, execute the upgrade procedures:

+ +

Perform NCN Personalization

+

Describes how to perform NCN personalization using CFS. This personalization process +will configure the System Admin Toolkit (SAT) product stream.

+

Prerequisites

+ +

Notes on the Procedure

+
    +
  • Ellipses (...) in shell output indicate omitted lines.
    • +
  • In the examples below, replace 2.1.x with the version of the SAT product stream +being installed.
    • +
  • ‘manager’ and ‘master’ are used interchangeably in the steps below.
    • +
  • If upgrading SAT, the existing configuration will likely include other Cray EX product +entries. Update the SAT entry as described in this procedure. The HPE Cray EX System +Software Getting Started Guide provides guidance on how and when to update the +entries for the other products.
    • +
+

Procedure

+
    +
  1. +

    Start a typescript if not already using one.

    +

    The typescript will capture the commands and the output from this installation procedure.

    +
    ncn-m001# script -af product-sat.$(date +%Y-%m-%d).txt
+ncn-m001# export PS1='\u@\H \D{%Y-%m-%d} \t \w # '
+
    2. +
  2. +

    Get the git commit ID for the branch with a version number matching the version of SAT.

    +

    This represents a revision of Ansible configuration content stored in VCS.

    +

    Get and store the VCS password (required to access the remote VCS repo).

    +
    ncn-m001# VCS_PASS=$(kubectl get secret -n services vcs-user-credentials \
+    --template={{.data.vcs_password}} | base64 --decode)
+

    In this example, the git commit ID is 82537e59c24dd5607d5f5d6f92cdff971bd9c615, +and the version number is 2.1.x.

    +
    ncn-m001# git ls-remote \
+    https://crayvcs:$VCS_PASS@api-gw-service-nmn.local/vcs/cray/sat-config-management.git \
+    refs/heads/cray/sat/*
+...
+82537e59c24dd5607d5f5d6f92cdff971bd9c615 refs/heads/cray/sat/2.1.x
+
    3. +
  3. +

    Add a sat layer to the CFS configuration(s) associated with the manager NCNs.

    +
      +
    1. +

      Get the name(s) of the CFS configuration(s).

      +

      NOTE: Each manager NCN uses a single CFS configuration. An individual CFS configuration +may be used by any number of manage NCNs, i.e., three manager NCNs might use one, +two, or three CFS configurations.

      +

      In the following example, all three manager NCNs use the same CFS configuration – ncn-personalization.

      +
      ncn-m001:~ # for component in $(cray hsm state components list \
+    --role Management --subrole Master --format json | jq -r \
+    '.Components | .[].ID'); do cray cfs components describe $component \
+    --format json | jq -r '.desiredConfig'; done
+ncn-personalization
+ncn-personalization
+ncn-personalization
+

      In the following example, the three manager NCNs all use different configurations, +each with a unique name.

      +
      ncn-personalization-m001
+ncn-personalization-m002
+ncn-personalization-m003
+

      Execute the following sub-steps (3.2 through 3.5) once for each unique CFS +configuration name.

      +

      NOTE: Examples in the following sub-steps assume that all manager NCNs use the +CFS configuration ncn-personalization.

      +
      2. +
    2. +

      Get the current configuration layers for each CFS configuration, and save the +data to a local JSON file.

      +

      The JSON file created in this sub-step will serve as a template for updating +an existing CFS configuration, or creating a new one.

      +
      ncn-m001# cray cfs configurations describe ncn-personalization --format \
+    json | jq '{ layers }' > ncn-personalization.json
+

      If the configuration does not exist yet, you may see the following error. +In this case, create a new JSON file for that CFS configuration, e.g., ncn-personalization.json.

      +
      Error: Configuration could not found.: Configuration ncn-personalization could not be found
+

      NOTE: For more on CFS configuration management, refer to “Manage a Configuration +with CFS” in the CSM product documentation.

      +
      3. +
    3. +

      Append a sat layer to the end of the JSON file’s list of layers.

      +

      If the file already contains a sat layer entry, update it.

      +

      If the configuration data could not be found in the previous sub-step, the JSON file +will be empty. In this case, copy the ncn-personalization.json example below, +paste it into the JSON file, delete the ellipsis, and make appropriate changes to +the sat layer entry.

      +

      Use the git commit ID from step 8, e.g. 82537e59c24dd5607d5f5d6f92cdff971bd9c615.

      +

      NOTE: The name value in the example below may be changed, but the installation +procedure uses the example value, sat-ncn. If an alternate value is used, some +of the following examples must be updated accordingly before they are executed.

      +
      ncn-m001# vim ncn-personalization.json
+...
+ncn-m001# cat ncn-personalization.json
+{
+    "layers": [
+        ...
+        {
+            "cloneUrl": "https://api-gw-service-nmn.local/vcs/cray/sat-config-management.git",
+            "commit": "82537e59c24dd5607d5f5d6f92cdff971bd9c615",
+            "name": "sat-ncn",
+            "playbook": "sat-ncn.yml"
+        }
+    ]
+}
+
      4. +
    4. +

      Update the existing CFS configuration, or create a new one.

      +

      The command should output a JSON-formatted representation of the CFS configuration, +which will look like the JSON file, but with lastUpdated and name fields.

      +
      ncn-m001# cray cfs configurations update ncn-personalization --file \
+    ncn-personalization.json --format json
+{
+    "lastUpdated": "2021-08-05T16:38:53Z",
+    "layers": {
+        ...
+    },
+    "name": "ncn-personalization"
+}
+
      5. +
    5. +

      Optional: Delete the JSON file.

      +

      NOTE: There is no reason to keep the file. If you keep it, verify that +it is up-to-date with the actual CFS configuration before using it again.

      +
      ncn-m001# rm ncn-personalization.json
+
      6. +
    +
    4. +
  4. +

    Invoke the CFS configurations that you created or updated in the previous step.

    +

    This step will create a CFS session based on the given configuration and install +SAT on the associated manager NCNs.

    +

    The --configuration-limit option causes only the sat-ncn layer of the configuration, +ncn-personalization, to run.

    +

    CAUTION: In this example, the session --name is sat-session. That value +is only an example. Declare a unique name for each configuration session.

    +

    You should see a representation of the CFS session in the output.

    +
    ncn-m001# cray cfs sessions create --name sat-session --configuration-name \
+    ncn-personalization --configuration-limit sat-ncn
+name="sat-session"
+
+[ansible]
+...
+

    Execute this step once for each unique CFS configuration that you created or +updated in the previous step.

    +
    5. +
  5. +

    Monitor the progress of each CFS session.

    +

    First, list all containers associated with the CFS session:

    +
    ncn-m001# kubectl get pod -n services --selector=cfsession=sat-session \
+    -o json | jq '.items[0].spec.containers[] | .name'
+"inventory"
+"ansible-1"
+"istio-proxy"
+

    Next, get the logs for the ansible-1 container.

    +

    NOTE: the trailing digit might differ from “1”. It is the zero-based +index of the sat-ncn layer within the configuration’s layers.

    +
    ncn-m001# kubectl logs -c ansible-1 --tail 100 -f -n services \
+    --selector=cfsession=sat-session
+

    Ansible plays, which are run by the CFS session, will install SAT on all the +manager NCNs on the system. Successful results for all of the manager NCN xnames +can be found at the end of the container log. For example:

    +
    ...
+PLAY RECAP *********************************************************************
+x3000c0s1b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+x3000c0s3b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+x3000c0s5b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+

    Execute this step for each unique CFS configuration.

    +

    NOTE: Ensure that the PLAY RECAPs for each session show successes for all +manager NCNs before proceeding.

    +
    6. +
  6. +

    Verify that SAT was successfully configured.

    +

    If sat is configured, the --version command will indicate which version +is installed. If sat is not properly configured, the command will fail.

    +

    NOTE: This version number will differ from the version number of the SAT +release distribution. This is the semantic version of the sat Python package, +which is different from the version number of the overall SAT release distribution.

    +
    ncn-m001# sat --version
+sat 3.7.0
+

    NOTE: Upon first running sat, you may see additional output while the sat +container image is downloaded. This will occur the first time sat is run on +each manager NCN. For example, if you run sat for the first time on ncn-m001 +and then for the first time on ncn-m002, you will see this additional output +both times.

    +
    Trying to pull registry.local/cray/cray-sat:3.7.0-20210514024359_9fed037...
+Getting image source signatures
+Copying blob da64e8df3afc done
+Copying blob 0f36fd81d583 done
+Copying blob 12527cf455ba done
+...
+sat 3.7.0
+
    7. +
  7. +

    Stop the typescript.

    +
    ncn-m001# exit
+
    8. +
+

SAT version 2.1.x is now configured:

+
    +
  • The SAT RPM package is installed on the associated NCNs.
    • +
+

Next Steps

+

If other HPE Cray EX software products are being installed or upgraded in conjunction +with SAT, refer to the HPE Cray EX System Software Getting Started Guide +to determine which step to execute next.

+

If no other HPE Cray EX software products are being installed or upgraded at this time, +proceed to the remaining SAT Setup or SAT Post-Upgrade procedures.

+

If performing a fresh install, execute the SAT Setup procedures:

+ +

If performing an upgrade, execute the SAT Post-Upgrade procedures:

+ +

SAT Authentication

+

Initially, as part of the installation and configuration, SAT authentication is set up so sat commands can be used in +later steps of the install process. The admin account used to authenticate with sat auth must be enabled in +Keycloak and must have its assigned role set to admin. For instructions on editing Role Mappings see +Create Internal User Accounts in the Keycloak Shasta Realm in the CSM product documentation. +For additional information on SAT authentication, see System Security and Authentication in the CSM +documentation.

+

NOTE: This procedure is only required after initially installing SAT. It is not +required after upgrading SAT.

+

Description of SAT Command Authentication Types

+

Some SAT subcommands make requests to the Shasta services through the API gateway and thus require authentication to +the API gateway in order to function. Other SAT subcommands use the Kubernetes API. Some sat commands require S3 to +be configured (see: Generate SAT S3 Credentials). In order to use the SAT S3 bucket, +the System Administrator must generate the S3 access key and secret keys and write them to a local file. This must be +done on every Kubernetes manager node where SAT commands are run.

+

Below is a table describing SAT commands and the types of authentication they require.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
SAT SubcommandAuthentication/Credentials RequiredMan PageDescription
sat authResponsible for authenticating to the API gateway and storing a token.sat-authAuthenticate to the API gateway and save the token.
sat bootsysRequires authentication to the API gateway. Requires kubernetes configuration and authentication, which is configured on ncn-m001 during the install. Some stages require passwordless SSH to be configured to all other NCNs. Requires S3 to be configured for some stages.sat-bootsysBoot or shutdown the system, including compute nodes, application nodes, and non-compute nodes (NCNs) running the management software.
sat diagRequires authentication to the API gateway.sat-diagLaunch diagnostics on the HSN switches and generate a report.
sat firmwareRequires authentication to the API gateway.sat-firmwareReport firmware version.
sat hwinvRequires authentication to the API gateway.sat-hwinvGive a listing of the hardware of the HPE Cray EX system.
sat hwmatchRequires authentication to the API gateway.sat-hwmatchReport hardware mismatches.
sat initNonesat-initCreate a default SAT configuration file.
sat k8sRequires kubernetes configuration and authentication, which is automatically configured on ncn-w001 during the install.sat-k8sReport on kubernetes replicasets that have co-located replicas (i.e. replicas on the same node).
sat linkhealthThis command has been deprecated.
sat nid2xnameRequires authentication to the API gateway.sat-nid2xnameTranslate node IDs to node xnames.
sat sensorsRequires authentication to the API gateway.sat-sensorsReport current sensor data.
sat setrevRequires S3 to be configured for site information such as system name, serial number, install date, and site name.sat-setrevSet HPE Cray EX system revision information.
sat showrevRequires API gateway authentication in order to query the Interconnect from HSM. Requires S3 to be configured for site information such as system name, serial number, install date, and site name.sat-showrevPrint revision information for the HPE Cray EX system.
sat statusRequires authentication to the API gateway.sat-statusReport node status across the HPE Cray EX system.
sat swapRequires authentication to the API gateway.sat-swapPrepare HSN switch or cable for replacement and bring HSN switch or cable into service.
sat xname2nidRequires authentication to the API gateway.sat-xname2nidTranslate node and node BMC xnames to node IDs.
sat switchThis command has been deprecated. It has been replaced by sat swap.
+

In order to authenticate to the API gateway, you must run the sat auth command. This command will prompt for a password +on the command line. The username value is obtained from the following locations, in order of higher precedence to lower +precedence:

+
    +
  • The --username global command-line option.
    • +
  • The username option in the api_gateway section of the config file at ~/.config/sat/sat.toml.
    • +
  • The name of currently logged in user running the sat command.
    • +
+

If credentials are entered correctly when prompted by sat auth, a token file will be obtained and saved to +~/.config/sat/tokens. Subsequent sat commands will determine the username the same way as sat auth described above, +and will use the token for that username if it has been obtained and saved by sat auth.

+

Prerequisites

+ +

Procedure

+

The following is the procedure to globally configure the username used by SAT and authenticate to the API gateway:

+
    +
  1. +

    Generate a default SAT configuration file, if one does not exist.

    +
    ncn-m001# sat init
+Configuration file "/root/.config/sat/sat.toml" generated.
+

    Note: If the config file already exists, it will print out an error:

    +
    ERROR: Configuration file "/root/.config/sat/sat.toml" already exists.
+Not generating configuration file.
+
    2. +
  2. +

    Edit ~/.config/sat/sat.toml and set the username option in the api_gateway section of the config file. E.g.:

    +
    username = "crayadmin"
+
    3. +
  3. +

    Run sat auth. Enter your password when prompted. E.g.:

    +
    ncn-m001# sat auth
+Password for crayadmin:
+Succeeded!
+
    4. +
  4. +

    Other sat commands are now authenticated to make requests to the API gateway. E.g.:

    +
    ncn-m001# sat status
+
    5. +
+

Generate SAT S3 Credentials

+

Generate S3 credentials and write them to a local file so the SAT user can access S3 storage. In order to use the SAT +S3 bucket, the System Administrator must generate the S3 access key and secret keys and write them to a local file. +This must be done on every Kubernetes master node where SAT commands are run.

+

SAT uses S3 storage for several purposes, most importantly to store the site-specific information set with sat setrev +(see: Run Sat Setrev to Set System Information).

+

NOTE: This procedure is only required after initially installing SAT. It is not +required after upgrading SAT.

+

Prerequisites

+ +

Procedure

+
    +
  1. +

    Ensure the files are readable only by root.

    +
    ncn-m001# touch /root/.config/sat/s3_access_key \
+    /root/.config/sat/s3_secret_key
+
    ncn-m001# chmod 600 /root/.config/sat/s3_access_key \
+    /root/.config/sat/s3_secret_key
+
    2. +
  2. +

    Write the credentials to local files using kubectl.

    +
    ncn-m001# kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.access_key}' | base64 -d > \
+    /root/.config/sat/s3_access_key
+
    ncn-m001# kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.secret_key}' | base64 -d > \
+    /root/.config/sat/s3_secret_key
+
    3. +
  3. +

    Verify the S3 endpoint specified in the SAT configuration file is correct.

    +
      +
    1. +

      Get the SAT configuration file’s endpoint valie.

      +

      NOTE: If the command’s output is commented out, indicated by an initial # +character, the SAT configuration will take the default value – "https://rgw-vip.nmn".

      +
      ncn-m001# grep endpoint ~/.config/sat/sat.toml
+# endpoint = "https://rgw-vip.nmn"
+
      2. +
    2. +

      Get the sat-s3-credentials secret’s endpoint value.

      +
      ncn-m001# kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.s3_endpoint}' | base64 -d | xargs
+https://rgw-vip.nmn
+
      3. +
    3. +

      Compare the two endpoint values.

      +

      If the values differ, modify the SAT configuration file’s endpoint value to match the secret’s.

      +
      4. +
    +
    4. +
  4. +

    Copy SAT configurations to every manager node on the system.

    +
    ncn-m001# for i in ncn-m002 ncn-m003; do echo $i; ssh ${i} \
+    mkdir -p /root/.config/sat; \
+    scp -pr /root/.config/sat ${i}:/root/.config; done
+

    NOTE: Depending on how many manager nodes are on the system, the list of manager nodes may +be different. This example assumes three manager nodes, where the configuration files must be +copied from ncn-m001 to ncn-m002 and ncn-m003. Therefore, the list of hosts above is ncn-m002 +and ncn-m003.

    +
    5. +
+

Run sat setrev to Set System Information

+

NOTE: This procedure is only required after initially installing SAT. It is not +required after upgrading SAT.

+

Prerequisites

+ +

Procedure

+
    +
  1. +

    Run sat setrev to set System Revision Information. Follow the on-screen prompts.

    +
    ncn-m001# sat setrev
+--------------------------------------------------------------------------------
+Setting:        Serial number
+Purpose:        System identification. This will affect how snapshots are
+                identified in the HPE backend services.
+Description:    This is the top-level serial number which uniquely identifies
+                the system. It can be requested from an HPE representative.
+Valid values:   Alpha-numeric string, 4 - 20 characters.
+Type:           <class 'str'>
+Default:        None
+Current value:  None
+--------------------------------------------------------------------------------
+Please do one of the following to set the value of the above setting:
+    - Input a new value
+    - Press CTRL-C to exit
+...
+
    2. +
  2. +

    Run sat showrev to verify System Revision Information. The following tables contain example information.

    +
    ncn-m001# sat showrev
+################################################################################
+System Revision Information
+################################################################################
++---------------------+---------------+
+| component           | data          |
++---------------------+---------------+
+| Company name        | HPE           |
+| Country code        | US            |
+| Interconnect        | Sling         |
+| Product number      | R4K98A        |
+| Serial number       | 12345         |
+| Site name           | HPE           |
+| Slurm version       | slurm 20.02.5 |
+| System description  | Test System   |
+| System install date | 2021-01-29    |
+| System name         | eniac         |
+| System type         | Shasta        |
++---------------------+---------------+
+################################################################################
+Product Revision Information
+################################################################################
++--------------+-----------------+------------------------------+------------------------------+
+| product_name | product_version | images                       | image_recipes                |
++--------------+-----------------+------------------------------+------------------------------+
+| csm          | 0.8.14          | cray-shasta-csm-sles15sp1... | cray-shasta-csm-sles15sp1... |
+| sat          | 2.0.1           | -                            | -                            |
+| sdu          | 1.0.8           | -                            | -                            |
+| slingshot    | 0.8.0           | -                            | -                            |
+| sma          | 1.4.12          | -                            | -                            |
++--------------+-----------------+------------------------------+------------------------------+
+################################################################################
+Local Host Operating System
+################################################################################
++-----------+----------------------+
+| component | version              |
++-----------+----------------------+
+| Kernel    | 5.3.18-24.15-default |
+| SLES      | SLES 15-SP2          |
++-----------+----------------------+
+
    3. +
+

Optional: Remove old versions after an upgrade

+

Prerequisites

+ +

Procedure

+

After upgrading from a previous version of SAT, the old version of the cray/cray-sat +container image will remain in the registry on the system. It is not removed +automatically, but it will not be the default version.

+

The admin can remove the older version of the cray/cray-sat container image.

+

The cray-product-catalog Kubernetes configuration map will also show all versions +of SAT that are installed. The command sat showrev --products will display these +versions. See the example:

+
ncn-m001# sat showrev --products
+###############################################################################
+Product Revision Information
+###############################################################################
++--------------+-----------------+--------------------+-----------------------+
+| product_name | product_version | images             | image_recipes         |
++--------------+-----------------+--------------------+-----------------------+
+...
+| sat          | 2.1.3           | -                  | -                     |
+| sat          | 2.0.4           | -                  | -                     |
+...
++--------------+-----------------+--------------------+-----------------------+
+

Remove obsolete configuration file sections

+

Prerequisites

+ +

Procedure

+

After upgrading SAT, if using the configuration file from a previous version, there may be +configuration file sections no longer used in the new version. For example, when upgrading +from Shasta 1.4 to Shasta 1.5, the [redfish] configuration file section is no longer used. +In that case, the following warning may appear upon running sat commands.

+
WARNING: Ignoring unknown section 'redfish' in config file.
+

Remove the [redfish] section from /root/.config/sat/sat.toml to resolve the warning.

+
[redfish]
+username = "admin"
+password = "adminpass"
+

Repeat this process for any configuration file sections for which there are “unknown section” warnings.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-21/introduction/index.html b/en-21/introduction/index.html new file mode 100644 index 0000000000..30b4a7e651 --- /dev/null +++ b/en-21/introduction/index.html @@ -0,0 +1,773 @@ + + + + + + + + + + + + Introduction to SAT :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

Introduction to SAT

+

About System Admin Toolkit (SAT)

+

The System Admin Toolkit (SAT) is designed to assist administrators with common tasks, such as troubleshooting and +querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware +components.

+

SAT offers a command line utility which uses subcommands. There are similarities between SAT commands and xt commands +used on the Cray XC platform. For more information on SAT commands, see System Admin Toolkit Command Overview.

+

Six Kibana Dashboards are included with SAT. They provide organized output for system health information.

+ +

Four Grafana Dashboards are included with SAT. They display messages that are generated by the HSN (High Speed Network) and +are reported through Redfish.

+ +

SAT is installed as a separate product as part of the HPE Cray EX System base installation.

+

System Admin Toolkit Command Overview

+

Describes the SAT Command Line Utility, lists the key commands found in the System Admin Toolkit man pages, and provides +instruction on the SAT Container Environment.

+

SAT Command Line Utility

+

The primary component of the System Admin Toolkit (SAT) is a command-line utility run from Kubernetes manager nodes +(ncn-m nodes).

+

It is designed to assist administrators with common tasks, such as troubleshooting and querying information about the +HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components. There are +similarities between SAT commands and xt commands used on the Cray XC platform.

+

SAT Commands

+

The top-level SAT man page describes the toolkit, documents the global options affecting all subcommands, documents +configuration file options, and references the man page for each subcommand. SAT consists of many subcommands that each +have their own set of options.

+

SAT Container Environment

+

The sat command-line utility runs in a container using podman, a daemonless container runtime. SAT runs on Kubernetes +manager nodes. A few important points about the SAT container environment include the following:

+
    +
  • Using either sat or sat bash always launches a container.
    • +
  • The SAT container does not have access to the NCN file system.
    • +
+

There are two ways to run sat.

+
    +
  • Interactive: Launching a container using sat bash, followed by a sat command.
    • +
  • Non-interactive: Running a sat command directly on a Kubernetes manager node.
    • +
+

In both of these cases, a container is launched in the background to execute the command. The first option, running +sat bash first, gives an interactive shell, at which point sat commands can be run. In the second option, the +container is launched, executes the command, and upon the command’s completion the container exits. The following two +examples show the same action, checking the system status, using interactive and non-interactive modes.

+

Interactive

+
ncn-m001# sat bash
+(CONTAINER-ID)sat-container# sat status
+

Non-interactive

+
ncn-m001# sat status
+

Interactive Advantages

+

Running sat using the interactive command prompt gives the ability to read and write local files on ephemeral +container storage. If multiple sat commands are being run in succession, then use sat bash to launch the +container beforehand. This will save time because the container does not need to be launched for each sat command.

+

Non-interactive Advantages

+

The non-interactive mode is useful if calling sat with a script, or when running a single sat command as a part of +several steps that need to be executed from a management NCN.

+

Man Pages - Interactive and Non-interactive Modes

+

To view a sat man page from a Kubernetes manager node, use sat-man on the manager node as shown in the following +example.

+
ncn-m001# sat-man status
+

A man page describing the SAT container environment is available on the Kubernetes manager nodes, which can be viewed +either with man sat or man sat-podman from the manager node.

+
ncn-m001# man sat
+
ncn-m001# man sat-podman
+

Command Prompt Conventions in SAT

+

The host name in a command prompt indicates where the command must be run. The account that must run the command is +also indicated in the prompt.

+
    +
  • The root or super-user account always has the # character at the end of the prompt and has the host name of the +host in the prompt.
    • +
  • Any non-root account is indicated with account@hostname>. A user account that is neither root nor crayadm is +referred to as user.
    • +
  • The command prompt inside the SAT container environment is indicated with the string as follows. It also has the “#” +character at the end of the prompt.
    • +
+ + + + + + + + + + + + + + + + + +
Command PromptMeaning
ncn-m001#Run on one of the Kubernetes Manager servers. (Non-interactive)
(CONTAINER_ID) sat-container#Run the command inside the SAT container environment by first running sat bash. (Interactive)
+

Examples of the sat status command used by an administrator:

+
ncn-m001# sat status
+
ncn-m001# sat bash
+(CONTAINER_ID) sat-container# sat status
+

SAT Dependencies

+

Most sat subcommands depend on services or components from other products in the +HPE Cray EX (Shasta) software stack. The following list shows these dependencies +for each subcommand. Each service or component is listed under the product it belongs to.

+

sat auth

+

CSM

+
    +
  • Keycloak
    • +
+

sat bootsys

+

CSM

+
    +
  • Boot Orchestration Service (BOS)
    • +
  • Cray Advanced Platform Monitoring and Control (CAPMC)
    • +
  • Ceph
    • +
  • Compute Rolling Upgrade Service (CRUS)
    • +
  • Etcd
    • +
  • Firmware Action Service (FAS)
    • +
  • Hardware State Manager (HSM)
    • +
  • Kubernetes
    • +
  • S3
    • +
+

COS

+
    +
  • Node Memory Dump (NMD)
    • +
+

sat diag

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

CSM-Diag

+
    +
  • Fox
    • +
+

sat firmware

+

CSM

+
    +
  • Firmware Action Service (FAS)
    • +
+

sat hwinv

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat hwmatch

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat init

+

None

+

sat k8s

+

CSM

+
    +
  • Kubernetes
    • +
+

sat nid2xname

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat sensors

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
  • HM Collector
    • +
+

SMA

+
    +
  • Telemetry API
    • +
+

sat setrev

+

CSM

+
    +
  • S3
    • +
+

sat showrev

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
  • Kubernetes
    • +
  • S3
    • +
+

sat status

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat swap

+

Slingshot

+
    +
  • Fabric Manager
    • +
+

sat switch

+

Deprecated: See sat swap

+

sat xname2nid

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-21/release_notes/index.html b/en-21/release_notes/index.html new file mode 100644 index 0000000000..558774dd07 --- /dev/null +++ b/en-21/release_notes/index.html @@ -0,0 +1,849 @@ + + + + + + + + + + + + SAT Release Notes :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+ +
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Release Notes

+

Summary of SAT changes in Shasta v1.5

+

We released version 2.1.16 of the SAT product in Shasta v1.5.

+

This version of the SAT product included:

+
    +
  • Version 3.7.4 of the sat python package and CLI
    • +
  • Version 1.4.10 of the sat-podman wrapper script
    • +
+

It also added the following new component:

+
    +
  • Version 1.0.3 of the sat-cfs-install docker image and helm chart
    • +
+

The following sections detail the changes in this release.

+

Install Changes to Separate Product from CSM

+

This release further decouples the installation of the SAT product from the CSM +product. The cray-sat-podman RPM is no longer installed in the management +non-compute node (NCN) image. Instead, the cray-sat-podman RPM is installed on +all master management NCNs via an Ansible playbook which is referenced by a +layer of the CFS configuration that applies to management NCNs. This CFS +configuration is typically named “ncn-personalization”.

+

The SAT product now includes a Docker image and a Helm chart named +sat-cfs-install. The SAT install script, install.sh, deploys the Helm chart +with Loftsman. This helm chart deploys a Kubernetes job that imports the +SAT Ansible content to a git repository in VCS (Gitea) named sat-config-management. +This repository is referenced by the layer added to the NCN personalization +CFS configuration.

+

Removal of Direct Redfish Access

+

All commands which used to access Redfish directly have either been removed or +modified to use higher-level service APIs. This includes the following commands:

+
    +
  • sat sensors
    • +
  • sat diag
    • +
  • sat linkhealth
    • +
+

The sat sensors command has been rewritten to use the SMA telemetry API to +obtain the latest sensor values. The command’s usage has changed slightly, but +legacy options work as before, so it is backwards compatible. Additionally, new +commands have been added.

+

The sat diag command has been rewritten to use a new service called Fox, which +is delivered with the CSM-diags product. The sat diag command now launches +diagnostics using the Fox service, which launches the corresponding diagnostic +executables on controllers using the Hardware Management Job and Task Daemon +(HMJTD) over Redfish. Essentially, Fox serves as a proxy for us to start +diagnostics over Redfish.

+

The sat linkhealth command has been removed. Its functionality has been +replaced by functionality from the Slingshot Topology Tool (STT) in the +fabric manager pod.

+

The Redfish username and password command line options and config file options +have been removed. For further instructions, see Remove Obsolete Configuration +File Sections.

+

Additional Fields in sat setrev and sat showrev

+

sat setrev now collects the following information from the admin, which is then displayed by sat showrev:

+
    +
  • System description
    • +
  • Product number
    • +
  • Company name
    • +
  • Country code
    • +
+

Additional guidance and validation has been added to each field collected by +sat setrev. This sets the stage for sdu setup to stop collecting this +information and instead collect it from sat showrev or its S3 bucket.

+

Improvements to sat bootsys

+

The platform-services stage of the sat bootsys boot command has been +improved to start inactive Ceph services, unfreeze Ceph, and wait for Ceph +health in the correct order. The ceph-check stage has been removed as it is no +longer needed.

+

The platform-services stage of sat bootsys boot now prompts for confirmation +of the storage NCN hostnames in addition to the Kubernetes masters and workers.

+

Bug Fixes and Security Fixes

+
    +
  • Improved error handling in sat firmware.
    • +
  • Incremented version of Alpine Linux to 3.13.2 to address a security +vulnerability.
    • +
+

Other Notable Changes

+
    +
  • Ansible has been removed from the cray-sat container image.
    • +
  • Support for the Firmware Update Service (FUS) has been removed from the sat firmware command.
    • +
+

Summary of SAT Changes in Shasta v1.4.1

+

We released version 2.0.4 of the SAT product in Shasta v1.4.1.

+

This version of the SAT product included:

+
    +
  • Version 3.5.0 of the sat python package and CLI.
    • +
  • Version 1.4.3 of the sat-podman wrapper script.
    • +
+

The following sections detail the changes in this release.

+

New Commands to Translate Between NIDs and XNames

+

Two new commands were added to translate between NIDs and XNames:

+
    +
  • sat nid2xname
    • +
  • sat xname2nid
    • +
+

These commands perform this translation by making requests to the Hardware +State Manager (HSM) API.

+

Bug Fixes

+
    +
  • Fixed a problem in sat swap where creating the offline port policy failed.
    • +
  • Changed sat bootsys shutdown --stage bos-operations to no longer forcefully +power off all compute nodes and application nodes using CAPMC when BOS +sessions complete or time out.
    • +
  • Fixed an issue with the command sat bootsys boot --stage cabinet-power.
    • +
+

Summary of SAT Changes in Shasta v1.4

+

In Shasta v1.4, SAT became an independent product, which meant we began to +designate a version number for the entire SAT product. We released version +2.0.3 of the SAT product in Shasta v1.4.

+

This version of the SAT product included the following components:

+
    +
  • Version 3.4.0 of the sat python package and CLI
    • +
+

It also added the following new component:

+
    +
  • Version 1.4.2 of the sat-podman wrapper script
    • +
+

The following sections detail the changes in this release.

+

SAT as an Independent Product

+

SAT is now packaged and released as an independent product. The product +deliverable is called a “release distribution”. The release distribution is a +gzipped tar file containing an install script. This install script loads the +cray/cray-sat container image into the Docker registry in Nexus and loads the +cray-sat-podman RPM into a package repository in Nexus.

+

In this release, the cray-sat-podman package is still installed in the master +and worker NCN images provided by CSM. This is changed in SAT 2.1.16 released in +Shasta v1.5.

+

SAT Running in a Container Under Podman

+

The sat command now runs in a container under Podman. The sat executable is +now installed on all nodes in the Kubernetes management cluster (i.e., workers +and masters). This executable is a wrapper script that starts a SAT container in +Podman and invokes the sat Python CLI within that container. The admin can run +individual sat commands directly on the master or worker NCNs as before, or +they can run sat commands inside the SAT container after using sat bash to +enter an interactive shell inside the SAT container.

+

To view man pages for sat commands, the user can run sat-man SAT_COMMAND, +replacing SAT_COMMAND with the name of the sat command. Alternatively, +the user can enter the sat container with sat bash and use the man command.

+

New sat init Command and Config File Location Change

+

The default location of the SAT config file has been changed from /etc/sat.toml +to ~/.config/sat/sat.toml. A new command, sat init, has been added that +initializes a configuration file in the new default directory. This better supports +individual users on the system who want their own config files.

+

~/.config/sat is mounted into the container that runs under Podman, so changes +are persistent across invocations of the sat container. If desired, an alternate +configuration directory can be specified with the SAT_CONFIG_DIR environment variable.

+

Additionally, if a config file does not yet exist when a user runs a sat +command, one is generated automatically.

+

Additional Types Added to sat hwinv

+

Additional functionality has been added to sat hwinv including:

+
    +
  • List node enclosure power supplies with the --list-node-enclosure-power-supplies option.
    • +
  • List node accelerators (e.g., GPUs) with the --list-node-accels option. The count of +node accelerators is also included for each node.
    • +
  • List node accelerator risers (e.g., Redstone modules) with the --list-node-accel-risers +option. The count of node accelerator risers is also included for each node.
    • +
  • List High-Speed Node Network Interface Cards (HSN NICs) with the --list-node-hsn-nics +option. The count of HSN NICs is also included for each node.
    • +
+

Documentation for these new options has been added to the man page for sat hwinv.

+

Site Information Stored by sat setrev in S3

+

The sat setrev and sat showrev commands now use S3 to store and obtain site +information, including system name, site name, serial number, install date, and +system type. Since the information is stored in S3, it will now be consistent +regardless of the node on which sat is executed.

+

As a result of this change, S3 credentials must be configured for SAT. For detailed +instructions, see Generate SAT S3 Credentials.

+

Product Version Information Shown by sat showrev

+

sat showrev now shows product information from the cray-product-catalog +ConfigMap in Kubernetes.

+

Additional Changes to sat showrev

+

The output from sat showrev has also been changed in the following ways:

+
    +
  • The --docker and --packages options were considered misleading and have +been removed.
    • +
  • Information pertaining to only to the local host, where the command is run, +has been moved to the output of the --local option.
    • +
+

Removal of sat cablecheck

+

The sat cablecheck command has been removed. To verify that the system’s Slingshot +network is cabled correctly, admins should now use the show cables command in the +Slingshot Topology Tool (STT).

+

sat swap Command Compatibility with Next-gen Fabric Controller

+

The sat swap command was added in Shasta v1.3.2. This command used the Fabric +Controller API. Shasta v1.4 introduced a new Fabric Manager API and removed the +Fabric Controller API, so this command has been rewritten to use the new +backwards-incompatible API. Usage of the command did not change.

+

sat bootsys Functionality

+

Much of the functionality added to sat bootsys in Shasta v1.3.2 was broken +by changes introduced in Shasta v1.4, which removed the Ansible inventory +and playbooks.

+

The functionality in the platform-services stage of sat bootsys has been +re-implemented to use python directly instead of Ansible. This resulted in +a more robust procedure with better logging to the sat log file. Failures +to stop containers on Kubernetes nodes are handled more gracefully, and +more information about the containers that failed to stop, including how to +debug the problem, is included.

+

Improvements were made to console logging setup for non-compute nodes +(NCNs) when they are shut down and booted.

+

The following improvements were made to the bos-operations stage +of sat bootsys:

+
    +
  • More information about the BOS sessions, BOA jobs, and BOA pods is printed.
    • +
  • A command-line option, --bos-templates, and a corresponding config-file +option, bos_templates, were added, and the --cle-bos-template and +--uan-bos-template options and their corresponding config file options were +deprecated.
    • +
+

The following functionality has been removed from sat bootsys:

+
    +
  • The hsn-bringup stage of sat bootsys boot has been removed due to removal +of the underlying Ansible playbook.
    • +
  • The bgp-check stage of sat bootys {boot,shutdown} has been removed. It is +now a manual procedure.
    • +
+

Log File Location Change

+

The location of the sat log file has changed from /var/log/cray/sat.log to +/var/log/cray/sat/sat.log. This change simplifies mounting this file into the +sat container running under Podman.

+

Summary of SAT Changes in Shasta v1.3.2

+

Shasta v1.3.2 included version 2.4.0 of the sat python package and CLI.

+

The following sections detail the changes in this release.

+

sat swap Command for Switch and Cable Replacement

+

The sat switch command which supported operations for replacing a switch has +been deprecated and replaced with the sat swap command, which now supports +replacing a switch OR cable.

+

The sat swap switch command is equivalent to sat switch. The sat switch +command will be removed in a future release.

+

Addition of Stages to sat bootsys Command

+

The sat bootsys command now has multiple stages for both the boot and +shutdown actions. Please refer to the “System Power On Procedures” and “System +Power Off Procedures” sections of the Cray Shasta Administration Guide (S-8001) +for more details on using this command in the context of a full system power off +and power on.

+

Summary of SAT Changes in Shasta v1.3

+

Shasta v1.3 included version 2.2.3 of the sat python package and CLI.

+

This version of the sat CLI contained the following commands:

+
    +
  • auth
    • +
  • bootsys
    • +
  • cablecheck
    • +
  • diag
    • +
  • firmware
    • +
  • hwinv
    • +
  • hwmatch
    • +
  • k8s
    • +
  • linkhealth
    • +
  • sensors
    • +
  • setrev
    • +
  • showrev
    • +
  • status
    • +
  • swap
    • +
  • switch
    • +
+

See the System Admin Toolkit Command Overview +and the table of commands in the SAT Authentication section +of this document for more details on each of these commands.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-21/sitemap.xml b/en-21/sitemap.xml new file mode 100644 index 0000000000..46819937ce --- /dev/null +++ b/en-21/sitemap.xml @@ -0,0 +1,280 @@ + + + + /docs-sat/en-21/ + 2024-12-11T03:40:00+00:00 + + + + + + + + /docs-sat/en-21/dashboards/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-21/install/ + 2024-12-11T03:40:00+00:00 + + + + + + + + /docs-sat/en-21/introduction/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-21/dashboards/sat_grafana_dashboards/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-21/dashboards/sat_kibana_dashboards/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-21/release_notes/ + 2024-12-11T03:40:00+00:00 + + + + + + + + /docs-sat/en-21/categories/ + + + + + + + + /docs-sat/en-21/tags/ + + + + + + + + diff --git a/en-21/tags/index.html b/en-21/tags/index.html new file mode 100644 index 0000000000..4a33de38d1 --- /dev/null +++ b/en-21/tags/index.html @@ -0,0 +1,560 @@ + + + + + + + + + + + + Tags :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ + tag :: + +

+ + + + + + + + +
    + +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-21/tags/index.xml b/en-21/tags/index.xml new file mode 100644 index 0000000000..06178855b0 --- /dev/null +++ b/en-21/tags/index.xml @@ -0,0 +1,11 @@ + + + + Tags on System Admin Toolkit (SAT) + /docs-sat/en-21/tags/ + Recent content in Tags on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-21 + + + diff --git a/en-22/404.html b/en-22/404.html new file mode 100644 index 0000000000..a2e7c01d2e --- /dev/null +++ b/en-22/404.html @@ -0,0 +1,59 @@ + + + + + + + + + 404 Page not found + + + + + + + + + + + + + + + + + + +
+
+
+
+

+

+

+

+

+

+

Page not found!

+
+
+ +
+ + + diff --git a/en-22/categories/index.html b/en-22/categories/index.html new file mode 100644 index 0000000000..5ee4b4144d --- /dev/null +++ b/en-22/categories/index.html @@ -0,0 +1,579 @@ + + + + + + + + + + + + Categories :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ + category :: + +

+ + + + + + + + +
    + +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-22/categories/index.xml b/en-22/categories/index.xml new file mode 100644 index 0000000000..70c743e115 --- /dev/null +++ b/en-22/categories/index.xml @@ -0,0 +1,11 @@ + + + + Categories on System Admin Toolkit (SAT) + /docs-sat/en-22/categories/ + Recent content in Categories on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-22 + + + diff --git a/en-22/dashboards/index.html b/en-22/dashboards/index.html new file mode 100644 index 0000000000..1008aa8c10 --- /dev/null +++ b/en-22/dashboards/index.html @@ -0,0 +1,561 @@ + + + + + + + + + + + + SAT Dashboards :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + + +

SAT Dashboards

+ + + + + + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-22/dashboards/index.xml b/en-22/dashboards/index.xml new file mode 100644 index 0000000000..3990163936 --- /dev/null +++ b/en-22/dashboards/index.xml @@ -0,0 +1,26 @@ + + + + SAT Dashboards on System Admin Toolkit (SAT) + /docs-sat/en-22/dashboards/ + Recent content in SAT Dashboards on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-22 + Wed, 11 Dec 2024 03:40:00 +0000 + + + SAT Grafana Dashboards + /docs-sat/en-22/dashboards/sat_grafana_dashboards/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-22/dashboards/sat_grafana_dashboards/ + SAT Grafana Dashboards The SAT Grafana Dashboards display messages that are generated by the HSN (High Speed Network) and reported through Redfish. The messages are displayed based on severity. Grafana can be accessed via web browser at the following URL: https://sma-grafana.&lt;site-domain&gt; The value of site-domain can be obtained as follows: ncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath=&#39;{.data.customizations\.yaml}&#39; | \ base64 -d | grep &#34;external:&#34; That command will produce the following output, for example: + + + SAT Kibana Dashboards + /docs-sat/en-22/dashboards/sat_kibana_dashboards/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-22/dashboards/sat_kibana_dashboards/ + SAT Kibana Dashboards Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored in Elasticsearch indices. Kibana runs as a web service and has a browser-based interface. It offers visual output of node data in the forms of charts, tables and maps that display real-time Elasticsearch queries. Viewing system data in this way breaks down the complexity of large data volumes into easily understood information. + + + diff --git a/en-22/dashboards/sat_grafana_dashboards/index.html b/en-22/dashboards/sat_grafana_dashboards/index.html new file mode 100644 index 0000000000..f38b5b7d4c --- /dev/null +++ b/en-22/dashboards/sat_grafana_dashboards/index.html @@ -0,0 +1,666 @@ + + + + + + + + + + + + SAT Grafana Dashboards :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Grafana Dashboards

+

The SAT Grafana Dashboards display messages that are generated by the HSN (High Speed Network) and reported through +Redfish. The messages are displayed based on severity.

+

Grafana can be accessed via web browser at the following URL:

+
    +
  • https://sma-grafana.<site-domain>
    • +
+

The value of site-domain can be obtained as follows:

+
ncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath='{.data.customizations\.yaml}' | \
+    base64 -d | grep "external:"
+

That command will produce the following output, for example:

+
    external: EXAMPLE_DOMAIN.com
+

This would result in the address for Grafana being https://sma-grafana.EXAMPLE_DOMAIN.com

+

For additional details about how to access the Grafana Dashboards refer to Access the Grafana Monitoring UI in the +SMA product documentation.

+

For more information about the interpretation of metrics for the SAT Grafana Dashboards refer to Fabric Telemetry +Kafka Topics in the SMA product documentation.

+ +

There are four Fabric Telemetry dashboards used in SAT that report on the HSN. Two contain chart panels and two display +telemetry in a tabular format.

+ + + + + + + + + + + + + + + + + + + + + + + + + +
Dashboard NameDisplay Type
Fabric CongestionChart Panels
Fabric RFC3635Chart Panels
Fabric ErrorsTabular Format
Fabric Port StateTabular Format
+

The tabular format presents a single point of telemetry for a given location and metric, either because the telemetry +is not numerical or that it changes infrequently. The value shown is the most recently reported value for that location +during the time range selected, if any. The interval setting is not used for tabular dashboards.

+

SAT Grafana Interval and Locations Options

+

Shows the Interval and Locations Options for the available telemetry.

+

+

The value of the Interval option sets the time resolution of the received telemetry. This works a bit like a +histogram, with the available telemetry in an interval of time going into a “bucket” and averaging out to a single +point on the chart or table. The special value auto will choose an interval based on the time range selected.

+

For additional information, refer to Grafana Templates and Variables.

+

The Locations option allows restriction of the telemetry shown by locations, either individual links or all links +in a switch. The selection presented updates dynamically according to time range, except for the errors dashboard, +which always has entries for all links and switches, although the errors shown are restricted to the selected time +range.

+

The chart panels for the RFC3635 and Congestion dashboards allow selection of a single location from the chart’s legend +or the trace on the chart.

+

Grafana Fabric Congestion Dashboard

+

+

SAT Grafana Dashboards provide system administrators a way to view fabric telemetry data across all Rosetta switches in +the system and assess the past and present health of the high-speed network. It also allows the ability to drill down +to view data for specific ports on specific switches.

+

This dashboard contains the variable, Port Type not found in the other dashboards. The possible values are edge, +local, and global and correspond to the link’s relationship to the network topology. The locations presented in the +panels are restricted to the values (any combination, defaults to “all”) selected.

+

The metric values for links of a given port type are similar in value to each other but very distinct from the values of +other types. If the values for different port types are all plotted together, the values for links with lower values are +indistinguishable from zero when plotted.

+

The port type of a link is reported as a port state “subtype” event when defined at port initialization.

+

Grafana Fabric Errors Dashboard

+

+

This dashboard reports error counters in a tabular format in three panels.

+

There is no Interval option because this parameter is not used to set a coarseness of the data. Only a single value +is presented that displays the most recent value in the time range.

+

Unlike other dashboards, the locations presented are all locations in the system rather than having telemetry within +the time range selected. However, the values are taken from telemetry within the time range.

+

Grafana Fabric Port State Dashboard

+

+

There is no Interval option because this parameter is not used to set a coarseness of the data. Only a single value +is presented that displays the most recent value in the time range.

+

The Fabric Port State telemetry is distinct because it typically is not numeric. It also updates infrequently, so a +long time range may be necessary to obtain any values. Port State is refreshed daily, so a time range of 24 hours +results in all states for all links in the system being shown.

+

The three columns named, group, switch, and port are not port state events, but extra information included with +all port state events.

+

Grafana Fabric RFC3635 Dashboard

+

+

For additional information on performance counters, refer to +Definitions of Managed Objects for the Ethernet-like Interface Types, +an Internet standards document.

+

Because these metrics are counters that only increase over time, the values plotted are the change in the counter’s +value over the interval setting.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-22/dashboards/sat_kibana_dashboards/index.html b/en-22/dashboards/sat_kibana_dashboards/index.html new file mode 100644 index 0000000000..9523a6f4fa --- /dev/null +++ b/en-22/dashboards/sat_kibana_dashboards/index.html @@ -0,0 +1,855 @@ + + + + + + + + + + + + SAT Kibana Dashboards :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Kibana Dashboards

+

Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored +in Elasticsearch indices. Kibana runs as a web service and has a browser-based interface. It offers visual output of +node data in the forms of charts, tables and maps that display real-time Elasticsearch queries. Viewing system data in +this way breaks down the complexity of large data volumes into easily understood information.

+

Kibana can be accessed via web browser at the following URL:

+
    +
  • https://sma-kibana.<site-domain>
    • +
+

The value of site-domain can be obtained as follows:

+
ncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath='{.data.customizations\.yaml}' | \
+    base64 -d | grep "external:"
+

That command will produce the following output, for example:

+
    external: EXAMPLE_DOMAIN.com
+

This would result in the address for Kibana being https://sma-kibana.EXAMPLE_DOMAIN.com

+

For additional details about how to access the Kibana Dashboards refer to View Logs Via Kibana in the SMA product +documentation.

+

Additional details about the AER, ATOM, Heartbeat, Kernel, MCE, and Rasdaemon Kibana Dashboards are included in this +table.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
DashboardShort DescriptionLong DescriptionKibana Visualization and Search Name
sat-aerAER correctedCorrected Advanced Error Reporting messages from PCI Express devices on each node.Visualization: aer-corrected Search: sat-aer-corrected
sat-aerAER fatalFatal Advanced Error Reporting messages from PCI Express devices on each node.Visualization: aer-fatal Search: sat-aer-fatal
sat-atomATOM failuresApplication Task Orchestration and Management tests are run on a node when a job finishes. Test failures are logged.sat-atom-failed
sat-atomATOM admindownApplication Task Orchestration and Management test failures can result in nodes being marked admindown. An admindown node is not available for job launch.sat-atom-admindown
sat-heartbeatHeartbeat loss eventsHeartbeat loss event messages reported by the hbtd pods that monitor for heartbeats across nodes in the system.sat-heartbeat
sat-kernelKernel assertionsThe kernel software performs a failed assertion when some condition represents a serious fault. The node goes down.sat-kassertions
sat-kernelKernel panicsThe kernel panics when something is seriously wrong. The node goes down.sat-kernel-panic
sat-kernelLustre bugs (LBUGs)The Lustre software in the kernel stack performs a failed assertion when some condition related to file system logic represents a serious fault. The node goes down.sat-lbug
sat-kernelCPU stallsCPU stalls are serous conditions that can reduce node performance, and sometimes cause a node to go down. Technically these are Read-Copy-Update stalls where software in the kernel stack holds onto memory for too long. Read-Copy-Update is a vital aspect of kernel performance and rather esoteric.sat-cpu-stall
sat-kernelOut of memoryAn Out Of Memory (OOM) condition has occurred. The kernel must kill a process to continue. The kernel will select an expendable process when possible. If there is no expendable process the node usually goes down in some manner. Even if there are expendable processes the job is likely to be impacted. OOM conditions are best avoided.sat-oom
sat-mceMCEMachine Check Exceptions (MCE) are errors detected at the processor level.sat-mce
sat-rasdaemonrasdaemon errorsErrors from the rasdaemon service on nodes. The rasdaemon service is the Reliability, Availability, and Serviceability Daemon, and it is intended to collect all hardware error events reported by the linux kernel, including PCI and MCE errors. This may include certain HSN errors in the future.sat-rasdaemon-error
sat-rasdaemonrasdaemon messagesAll messages from the rasdaemon service on nodes.sat-rasdaemon
+

Disable Search Highlighting in Kibana Dashboard

+

By default, search highlighting is enabled. This procedure instructs how to disable search highlighting.

+

The Kibana Dashboard should be open on your system.

+
    +
  1. +

    Navigate to Management

    +
    2. +
  2. +

    Navigate to Advanced Settings in the Kibana section, below the Elastic search section

    +
    3. +
  3. +

    Scroll down to the Discover section

    +
    4. +
  4. +

    Change Highlight results from on to off

    +
    5. +
  5. +

    Click Save to save changes

    +
    6. +
+

AER Kibana Dashboard

+

The AER Dashboard displays errors that come from the PCI Express Advanced Error Reporting (AER) driver. These errors +are split up into separate visualizations depending on whether they are fatal or corrected errors.

+

View the AER Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-aer dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the Corrected and Fatal Advanced Error Reporting messages from PCI Express devices on each node. View the +matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on +the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass +next to each NID.

    +
    5. +
+

ATOM Kibana Dashboard

+

The ATOM (Application Task Orchestration and Management) Dashboard displays node failures that occur during health +checks and application test failures. Some test failures are of possible interest even though a node is not marked +admindown or otherwise fails. They are of clear interest if a node is marked admindown, and might provide +clues if a node otherwise fails. They might also show application problems.

+

View the ATOM Kibana Dashboard

+

HPE Cray EX is installed on the system along with the System Admin Toolkit, which contains the ATOM Kibana Dashboard.

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-atom dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View any nodes marked admindown and any ATOM test failures. These failures occur during health checks and +application test failures. Test failures marked admindown are important to note. View the matching log messages +in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, +results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.

    +
    5. +
+

Heartbeat Kibana Dashboard

+

The Heartbeat Dashboard displays heartbeat loss messages that are logged by the hbtd pods in the system. The hbtd pods +are responsible for monitoring nodes in the system for heartbeat loss.

+

View the Heartbeat Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-heartbeat dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the heartbeat loss messages that are logged by the hbtd pods in the system. The hbtd pods are responsible for +monitoring nodes in the system for heartbeat loss.View the matching log messages in the panel.

    +
    5. +
+

Kernel Kibana Dashboard

+

The Kernel Dashboard displays compute node failures such as kernel assertions, kernel panics, and Lustre LBUG messages. +The messages reveal if Lustre has experienced a fatal error on any compute nodes in the system. A CPU stall is a serious +problem that might result in a node failure. Out-of-memory conditions can be due to applications or system problems and +may require expert analysis. They provide useful clues for some node failures and may reveal if an application is using +too much memory.

+

View the Kernel Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-kernel dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the compute node failures such as kernel assertions, kernel panics, and Lustre LBUG messages. View the matching +log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. +If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to +each NID.

    +
    5. +
+

MCE Kibana Dashboard

+

The MCE Dashboard displays CPU detected processor-level hardware errors.

+

View the MCE Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-mce dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the Machine Check Exceptions (MCEs) listed including the counts per NID (node). For an MCE, the CPU number and +DIMM number can be found in the message, if applicable. View the matching log messages in the panel(s) on the right, +and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID +by clicking the icon showing a + inside a magnifying glass next to each NID.

    +
    5. +
+

Rasdaemon Kibana Dashboard

+

The Rasdaemon Dashboard displays errors that come from the Reliability, Availability, and Serviceability (RAS) daemon +service on nodes in the system. This service collects all hardware error events reported by the linux kernel, including +PCI and MCE errors. As a result there may be some duplication between the messages presented here and the messages +presented in the MCE and AER dashboards. This dashboard splits up the messages into two separate visualizations, one +for only messages of severity “emerg” or “err” and another for all messages from rasdaemon.

+

View the Rasdaemon Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-rasdaemon dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the errors that come from the Reliability, Availability, and Serviceability (RAS) daemon service on nodes in +the system. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID +in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside +a magnifying glass next to each NID.

    +
    5. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-22/img/Fabric_PortState_Locations_UI.png b/en-22/img/Fabric_PortState_Locations_UI.png new file mode 100644 index 0000000000000000000000000000000000000000..704511ebce3d09b05ef60e3c174c516850b1e875 GIT binary patch literal 10312 zcmeHtWl)@3v+j@}K@&VU!QE}p5G*(Wf;$Wj1A`8lkN_cQ&|pIX0fM`G(8&Zyg1a-g zyWU~%eb4^BTXm}L_v8FHReNgWeOLGD)$h}?x>rqvmWC2O4kZo%0Kiv%F0Ty$pz)xt z%^zT*zV(zj5>P*xe!2#p+Lk`_ZV<4ogENTU6Y2({2l+bK0sy{~E-?uFE_yuq-BJeT z@v}GV;m>7Nu#9igo{Gp%0_XSTC?8U1RdtLiyr)l_c~24c<+-wO)KVOSw!((stg3eJ zm+OAnAwKy1{lnJ@f*9*TSrdYN@9h$q?LDDPK2#TNoN2}gEA@$Sww!fRA)~I;n*Oqv zdn=COc}t>Wqi@JM$d71c^paGV&H(_Nrw%AZ4b;`dt-&rlmNsB35Rb2m8|n!F07)5N zH%n_LkSDzr$j-r4iea~@je*|5Mv6gSSe;MZO%7!5@Z1jq((%*Kwf1we2HG&lNaINQ zilYR$fIKbfeO;VgJ;Z&b82*qej=H`Z=4GJ&gT>QHiorl#i(U>40nrQb2=VZ7EBHEi z3ouCI&`UyWY{j+Z75@@}x|3qC_w;lV=jHYB@!|0i@qATOT)uYdqIii6t& z>gs9f%kApHcqigd8S)?xYlwrJrvuoP{!XT)71+yDih%(|r~ga1r-SX^(p^3N0s#dF z?;VAgpNEh4U)k?$_+QHW8~YvQZ}z*%;s)9v53sY>-SSclq5{19e@Oa+Wcc5c{-(Ti zbwFt=@b@eou&t+$B?KhJpk)vC1nXE^x`F!*$_#e3bf$Kj) z;6Gyi$GiT4>pw!^KVtsJyZ(2a52=rpFF=0C+kbp%%|nr^X`p2)#qUFL>+TgAjVpwB_2{yD!0&lf zm6ec*x?BJEk@)@IF)=YVSM^MaQIA#pE*yfyAk`z+ET+ldKFMDD=MRU_Ulj{)y1PtQ z=XP75YneD(boOuqoX5vcf~Z7YwmYnFLg-C?a=A@7*GR>e_uFm`-?-K_^_LA8w5+No zb3tPck+>3GCURlF1x$GKQ)0`;W;_}m7mqsP;0!!bo{=$^t$&<`Pa4d1Ds%SO+kaE` z@Rt&;#Z`R;jS43xXZp8At3owfD{Be!*N$_4iQyi@UA&J?)u^xE9|OZ8LnUlDqNYNZe>3 zZ}GBce_*Q2lYMYhNUE&r9D~cWF={KrB!*g*(P3+i7T#;BZ&f!nV>=;Zeklw%M9zHs zkvh~eHC8s)HR-i^el%1QRfKCoqh8g0AoQ5h-0zJ|hrX$RRB22+Q-r3pVdwr5D|^{j zd2*7zWq3mULYPz9@$h@xNW;1lPMm>ErJP@UmRANl_1F4+8z;s!el$w4U-+FyUph}T zXKGsm2c-|Om{KBFc5f1};mXsJr{R zaC^SX(Q48bVV4CZif+p@ycro80jPb98@9iUDk@vv#5ex>wRq7}k?i(judO6+!pyY! zdf+mnpA*pTTw87f_fSg{`mkBnh6xDogooi9i}}v;tt2JMD=4~cmUvL`TiNHEYc3!a zCUWaKVrYj(s*Qmf@g|b{mohI54I@lS>6zqXf7vfb^0xJ88TDMB&J5Y#1_vLp3#4Xz z`b1w?sOCJkkB@ml~nQwgJUHz$;Km6adh%V*~Wz;yF=Ro=FN z&d41`AT(gAEPtc`Ay&z2q*z86SF>BPO_Uqp<`8nDmJbESp z)SsXD5zvUsgFwt52nnyeCOrCV1W-}Ee^kX=9(>zj`k0#3pKcXEvUJniAnd@3sqN;yl$1La z_07Sn$>~VX4N3gm+%LJ%17&J~N3Ys$wuPNVs02%41KWq-{bpJRR^Q{Ay7N<|qK{(k z_l&kfXHAD7=I-50v!?rKSOnCoI}%_CmmX8juqyNZy=w}AaY36@;X@8g zyyxwX1rD|5Ha21v6@iVqpG4=3emPI|dm!Dew+y3bB*H+!(3p9P%+npcfB@>(uVoFm zY}Hr<#ZBW*>qBvOj|Mmu6chx6+#j)Og52iYKP$f8Y`txm^53sxVqC&=t&6xUbJHoxqIxZ0*}DyIVjmGQs)O$C?_nu}sPtyj;&pPONX58)laj zV`-I9sj}w)LO?6Iwe98gW!eQ5ENr~3dt97)#Z0_1S%H@i%fYv3-@bjTUpg_SNEtrK zFt*#wF6a!8z30}uUFR1*nGg)6xIJGJEY@>s>cy1-qtFnY+j6Mt6}CNkZaeUCV3m7n zYTI2sQ@mjaBTZ(PEb)7f$IH%e{QHufkHd%h(!t!UtfyQxHQv)ZVNS7>u@Pwl&}bTo z_X+s|Z2UrIVnw<&QX@Vao-6?Co+#()z@P1C%?Ag#+c4sGxDLf^7Dxbyg6-Z0QBRL&KJ_vlPMP9AU0>lm)tYb>(zE${lGDfE$|~Ei(G!~`AtJNM`>?;xpPw?i zd4IKu%fyXUU#+2e#9G3bT%9zM@{q6#X6epwXy?KaW`kCsTjb@}kqvLe^**c9c%zF_j>~;4y!myR>(&`-jJdq6 z3p_u~ow1{j$+4Hay+!Wg%<&1m`+M1!%~L+xlW!`TYeTK6Zq0N}?mgADkx#!AzHZRW zvIoS_N(~gJ>O*fA-NfKR_ENCrN}!;HzL#ggpYQKD^Vn^{7iL+Yre_S+6NYjt*iHJkt@>g(Q{ zcRuL*K9JeeBBL7LHR{p?cr4QFQ8%>-9?XJ&-zNY8q|Gmxd2fziihw76O@5{!BP5Jb z%;{K(7lSa3G|gC5xa|ZG0#F|3AWEY!vsYgNt$V>3z64RG77vJukMHSRC0>V7VICJ< z8mm_2cs)t+zgIpJwBU7rEoB~C4^{d&RbRKi?%bL_cWFXmf6``$o_#hK^!~wSm7N1U zfX`(=-0>?j*rSoIiE%Rd{aE8mmetVewv8Qf5z+wvKCn+9fip->M45fM6MPn)BY8Z0 zh({?9S6%I?#zHKf8504|Y+6eFDGDQG4Eq2Jdfy8>BTmUxqvz$F^XI%xGt~FFoVF35 zz}oHfDNo8VrIbRqH0gFsqI~5bFX6uisO(*vLn9)$962<%>OVq}6 zITOq$?I6U?PJDhG=ySLnj}&v8=L6-gFtHFYNJyka{SdSlx-kiYs$8n7?V*<`-JAwF zI&GsA$_$*qp!0$s)$`y*8wHcOPFA!3Xmw>VDv_Z`wG&H7QkXk4SiJBJGemCC7M5mB z!`zRB-s9(P&9EOY%=+{-fsGGpAA*$blTKzK?-3YGkt>{^<_h)jR;#<^`if z6^w8K8p~7IH9%fbvHWO)6&oM>i3DqSbb4((w5LjP5sXOoX0spBVIyI%zy8sep<$OZ zm~lIW09X6}qzgK=4?o@H#*|}kw4g~N5Za3;x{nG6Q=^61#HsDP`uewVj{>V;YMKJ6 zYGTv_1jm&|Rzk@+T5Lb-1kPvTm>Sr)IG)i_t7&Ns0ZUGXww{|lkB?kjv|?and?DOG zWn^ruiYhQ(y!fyv>-BK_d6mtTh zsVL!GI+Fa$kQZm{&&F3{AC^{dfbQ-U+dFecX*3164bL>P8fya8PjxQOO%um-&(`fv zPQ15;1>e1QhOQBlQoy~&1_1MoPE)hHc~o|%7W^2pk9gvMnHr*ta|zfX^Kz02_}Rfc z4?-Ri3V!~(1z~VQ(LChmiO@Tcs66^0WRUQ+>Lc_l#(OFB52TfNlJDqF^09YgI;S67 z*L+a-5`W(RUmnE>lsw8`OaF}wbROA90WsRsx+LfwWAAAHko)J@zxG0ZDv}7ZBkc~Z zBt!4;`8Q7OfQth92d#=nfAmd@AL#BxuDRdop2+RORaD%=-oWE+_|{dcZw39V=%=IZ zjE3rPn;W}*k-8|ZN%pT=9%+uVUY=(~Oz_Z(LdrVad)1~7&9ZNT%>ruFMX5O6D{iKf z-~cTl0=a|=*&BY~w^k3yftEEBy}LP1`l9{DdA<&fYagG1yqab$$mC#(O| z=HHMU?AvyA(N+w*vcR-C1^$DWE5KTSOcHGn`BZ-EZelzH8b-BuMR&#==*9qd{s zPvHettHE9&8Q;@rd7(Pq`MCO~70LNz0(LJsNNabbVxj!w%;ch_$}8QwgZJngX2vtO zWnzwpVbno&E1qETGF81|19-5ES%0eFM0BmFb1!+3x=%sxOTBGW{qK>NeM+@6Js7h; zpR5MBH;i+2MS_0mb(>@CH?%Wz>DFXgZ$jkXdU?~!qY;bvT5c&a#a`xq;wU|J@IAF@ z<1rnK?cUQez4@{ipOQKKgy&$N;t&spzdk6t)O};uiU92tT9c$Y1uw^Ysi#(CpqkWW z2nLmi>vcus&;iojYpnDNM`Zc&2l#yLlNW05u@VdDtY6@d0^0HoRff;*_d5 zH1CZBnpoMsGV5&add_fvMDoy-2Y~5;e=BL$wOnt38Se0lL+VyT9ny5Z{N?q11(t7D zNs>Y$$$bFf@W>y<2o8`@GYr3BrOW=>K#XH@>fH&fXgRW2;M>*6bo}EE`j+5W*zGE} z#A9hLLS;w=2;rS)<_^t|;pHux-=Dk2PEmC{sgrQMB^9(&+bzgGsUO`yZ?~v99H=+EBMf${MG7jphszk-4V=B4LS}hIfU;@0ClZIprBq~_z= z7Q64wB`|03l(Fy+XN4y$YJCRA=k74yj8u&E#U0(h^WVr!fSj1OmaV`hw zI$E0AvS;;Ez;h%9;&iMOxAPgsENt~_KM2=FJ*jdn-i0&*LDfVhFB6Qk;6Jsv85!?E z?VVVV(R#}eiUuChQ!?GkozV(v4*m~DTFQ>H%#emCwUme)Okz57nUJ!oXf7EyvYM>; zAp*fUP|E&7bWXEuNfTa}whA8R>R=m%a=h-|p*o=~#Y;=>_0!Xr$I2N5*bOF%K?R|7@B6PV8yB1h z__d7;J7=kL@~JTe74#&6KaQs;`D83){CeM}r|umQQ6`8m@Ht!~8|+?(R9RdrGv&YS zG4H>`I-D@o>iG77{|lM!L8xALc11-%l3A3=6T8`RHfcDY+oB2S#d7PHRef!{0u^Qa)m6DdEsO zj~ulF8(bIhUoBy3Dl}*5y&c)fF0Kqidm&rg=E5};CT~$Q2`{Q9q+078i6AU)fs%~j z$9`jO7*8^XZ%|3~Duvra9X38Go-e|xrNWn4IysQ=QqCJ+F(BO#^{$?ig@W!_LXu^Q*T)etw)=~{KQ|?AEyJWP;=BxN?x!HsO+I1J1?Q6P&vpdt)*9JOv3}6ALYrUhAcT2hg&p`sL}&`)%?8GA=CP4*0Am^> z_Tl%xjc2~>$#fdp8!JRv5|6OtNG%v$3xpaUJ9XE-3BjxP9 z?V?t#^>Nvr`ne! z5Ekl)CZ>NHV_>vxq3VjUBElLx=aanQ7=g^kx9vDPTg9$ROvz&9m8)TG`PS%pysb9f zyD8Kx>A`l`)0M5wG5*2uI~IOe?TkB@Fn&`@GTJq6-d zqVJBWFOqp?sBla#lWFY=AO_w);t)U-O{D2-I7X!6v#LHAX7k;gT)=xj>cz%eGCAZq zm@c)xG8PzHkgn+zF|@MUh-S&v##dGeG>ngL7t|-PRcofT z&W)aPIhlef~Xq(NCa0bEW@wHVb2E zsl|L~QO>VMeQbExO?(M2FgvHkMO;J#GgWOMk4NKoFUol%dT;7frAqu}{FYgV>{rZt zdDUvwHGeLdk2OKhEu=vrSg81kdro7W9iqiXvehR-v{SZ>5Cj>Nc+a*4y+vA3kQg`` znu-n=xw>uE|IkK!X7I>q&hJ`>?pjDUc_6Tl^($IjBf6?vpOEO+1tD$sOP!sCy@Lb` z=n|HWon7__W=yF>U0M0~-gRqAkJ?{mhi6$V^^`B<)Ynnv~L!4D>oEpiTjk&G_5>uO4Cw0&`(7-5NQD>A6D|&+?yL zi7Zm@HZkA2H~#F(Iz{sPTcB@hj+|OO8;_qlfKcQkx)Y2AwJzDuJ3-fCpyIr*(<;g} znVOm@k5IWalQEkoF~6&;$p3JSincH01^*ZFba!z{Q8n9#c-H;<&j7B9r=1khIy^u7!o9=I_pkkW^h%-y)^3YN{!%}o$z<@ zLzYU_&+x$fHn2S#>32`Y=1c})Em-xJJLgi#`o?}oA5h5>zbKa6ukC~^&DVY7sjee4 z>dDBg8KoGz%>`eYnb4#`)q}JMwd&r`VQ8 z^7i22DyLkSS6jUQ^DlFg{ z4J$9o9_F`Npwg9`93&?1fd?oDei$qkuClUTlbiH1frRvJmSQ(BC+XpD zo+El2f%;1DgOrC4a`GlSHkLx`O?ha~6z=_c?P%n$AgqE>7rXtYlV=|Zu4F6yiV6o< z1i$PSqG&$->b>Hn<~G&$as!%k5E*RF3$u=D=lRC{r}cWF+PP0ZYw-!GAx5sHI+s2@ z6;^@1xhUc6SC3feTNbFbeJo~R!>iw)95T|x?? zpDRoLg*V1U#Q6wyXmn?jd^T)k=UMKj?h8JH?Y9mu*^KJxnd+#ly$+8it;;7{dLKJc zPgm`Tp$Y+^bf?0>oa~;7?Ius2I@Ysy1r%(~+0^(+jz^uP47r8uM$!Uwj8~W2OSUHpz{RWtE>e0b5RlBw0#^Lr_Ih zHh-W|e-3LhSs$q1JY@ir8q<8gBeC|x)seI-=>>PbcYm$5$m)_o%fiMSm^%8@{T zMlz%~X**@?WXHTFIFpV;+?c4A`>kr~WAX?8Pji1BypCwFm+=8M-2JakSwTa-^qED- F{{e^I_u2pe literal 0 HcmV?d00001 diff --git a/en-22/img/Grafana_Fabric_Congestion.png b/en-22/img/Grafana_Fabric_Congestion.png new file mode 100644 index 0000000000000000000000000000000000000000..dbf481d94ce7036204bb81960b1e9ecf3b28182d GIT binary patch literal 13882 zcmeHuWmKF`((e$G5C{?o5P}9mfZz~Z6EqC&4#Azl-4X}{2ol^0?k_m z8RS0vclX^_?mhSHhx_54vm9U^p02LyuIjG-RaFzLASa21L5u+cfv}`LiYb9W4|srQ z{U?us-y0;&g1|?rhl+-il7Z_hI|qoVg|*2mCwDuOS0-*2rXY~poK3hcHY(+lfMs6s z2++xE@?KfXagwvk?rxXG>}7vUBX&%IGNZ>fZD{*^!VKo;-*G`8jQ1A6Ks97#_>3Sn%m&5~Llb5<8#`bIAdrBt zo1KA?m5I|ULlZL#TS2PB##X9V7RG{9>YTEyvUZ{-<`y44988ow!m--@j&|di58Hla(NqhOELXQHX=dD-LE3W>zL~ zHwzbbDj|$l0uIKed`e;xe`f*wB}irNcyM`>Ve*cd{`3CwE)N zzbgSy2g`j63mY>l%YP=nx8Z*b=D(2NxBQd*zB8YOl8Gb4+WB6*AQd+|3)^3u{%X?v zKR5leMb*{<7%lrhdnrRqom>qZOa!SE%ppz?Wg`PSlfPQ;h4YC*tRW7{fYE^Vzlr+m zwStA4iM589g^h`=<6k4;&|6$a7&Hlgt`nQmO zNyqEFKOUkBL4U4`nS6NB@O&b#Q$Dh|9`0q8G% zpfBtdz>i4tWQX@Pj|jpSJPBMH7Yh{Vo{2o64A^3f$!mOY|MYB$20i@#9UqyLT>$Vf zww)iLADNig8CTMp0gJEJ;H9AnaSX&UYV&I$<%#SmUGx+vb-i`Z+MX&x78KOn_Z1`2 zI{VG2Ur{-g{pfue%Szq`1Ind^`}{7Geno%i6#l&+9(yJ{(yIC;hDXUmn=U1XPJHv% z6Xc=s*KNx3f+J&DU-#!q3!=u^NwFn^por|Ij*n6niLim2cXZ6Qf|P^+i>8w9XH(k_ zBg^FNhQ}#7f@i<=dCe|IpVKqEdlxFwoCa1Vu(#hYlLmw7Ax-BHkBhD0lv(-eR=>4` zp>waZK6rL6d3J3rA?T|}pL^EG#;e>~I74fFO{e0+RnczZ_5@Oc|&gfWJ-6JCr+1Yxux^bN=zjNaC zUYGp@2@4Ak3q$Z9i}Jn-1{vUQ2UQ-q*iJf-xWS&R6Jp-rO7_GRMrDl$L_0Puk?^;iU$--qt=|)}| z7?3cGXC{L)99%iS?{&3-r=*Odq-Q`)$LhysG;G!%)5qlDbN1Dv1$iNP@-#eiVw=c* zSi!bsn-3pr*SqSH|6*^cH(TmO)d_qmhPdC|cKG=W8TOL)CGP8CvL4Qf+`57JDp!iu z+lIvI>Q3_-;y;MpP9~^K@AC49k+F-=`*kjNhg4Icd>U zzr1jXF|4#1KRyPR09Vf8geZ#kyCcM^xOjc)3c}|0>wV_y&MTAiGNOKlC+OI#o5^KH zzal>jwUo&V>575-eHaND78~C<90!DIoV4cXI2`jt(dw-0A&yoU)k<|bZ&59_oP;om zC)2ed^|)c18VSb6#wQ!`(sbi5vQ+4$zC{@I48fu!iAF|*?>fp_Z8HiBiT!3B^)jV( z7;)}y^rlO%V)fO^;DOr{M043b+uK2!&8C8AIJsF$1zSskKj!b){UakkA^1+=t)CYU z*5|D9j;7S_*32`=Q{{RC*4boIJ={sgr~;m?TIU>$Zkz?%PK;FwTAM-n-Oi59*oedE zV(CRhMOle3z3w{M!Qg>9c)-^g(25tmqHD zk=}GK?7GeFnSE@TSXKP(^L1l*!)~QFQttL5IOj*qPA`eb)~o%}N`-?)^igdFe)w6f6x_ z(BcCGt;ONPbj-I zi^Oq;f8ln{wm3q2u^!_P|GvFznM5Urk?gXl{B>}mh?6jNot=n)VCtiQ;qn?m3GcwVtEOBnt ztdA#URv}_k%~#FWSGY&V&Dwlt7t->Y7V#wb_;@hwhMG7mX?&bL&FA8g%fVddXH*MJ zqEV>kOXzR{uy@3HNU=AEJYyG{1h{M$`hlHU?g+ERI4@lakJtAIFCTqoX=&+hI86$C zESPANsBO0HfH}y$+Bg#%8yb?}Y3UK|pFXYSmVB>25)itv#+A$SFHmNN?-Z4SeuqJq zOqN@20Dm9Sy5xwat|Js2MDBwJcr|I3p${+(jjr-w zu+~!l9>s5IrNbqVOp+U$poddVZbNCehoT~GSGV)F!q+7q_zmGeX(CrFLs>%CXohIQ z-O1@gG_ ze;Lb?D7T*=R4dV&U~CT#`A*F{%h{E!LjUre3rBrATv2JYfy{FtZXcw>dCuM;BD&z5 z$Y;VH+M=_{47W4o!VXGhW@9_xp8|%Nz+wMDpYczipr;a%@$>-T4wCZ`9&WjZ&Ff;?+IVHU1mZBu-hES*p5 zIc|{Ws5+vwYRR9W%kB|-DX%AC+6$eO%tO6?;px%uoVH#8TFa};zB<*IOsdVJA_EVA zKK+XPJQRo6ne~V1d-kolw6wH3lF!vn01GT8L#Cs;S&&Y zm$^pIm!o_ki9$(U#C|Vj{}$vO6%{_OeG2WR5J-6ZUeO-iw-J)->AvRZM?8?|v0<_| z@9JkW?^@yAOYY%x*fUcBcf56fEhvYHSpQ84W7WL79rDa}5)$g_=~BpsMW?&QM1JVS zOUd1z<&n&DM?M9x4l~p6p3NI>&|BoiyW??m8yfDg4JYb$DRSZIwZ6*xg%5B3GPJp4 zv$d4PUs0jRcykQrO3#>}6JW&j`{N=sSbn?`L`nH!e~!5{wCF`qW@hHp$nMS{ses$J zpFdwUIPZo`Y`3i_)M%6)^YU^fm*^rPG7809R>`}nDk=|tj+sBPVy}lP8j3>H5eK^N zYc=tg_Ol~Ed)AeeRad6Rt^(X}DMVBHb4A_#oyE%8Jtm>kF-sJ=d|CO)gT=Sk zyQzqz!(Pc=tEYOeSXtYwkhmgG>`fJ1y=cn0Vf;SH(@>=0n4vWnKRk^;1$o#!(CoF? z5JuF$t36wL)f#$MN*=kD|BDO8e|xCg&;=?tlc$fS(c8Q2vaI=$nkucJ0IH~9W7;7h zAP5)9$ZpE~!tVe1+flh`I%J_bQCy$d;CI`t0M{uB2Qiac(bwW)YmW*+6-L(eo}B%`ivd4^4%Ve31M0ykz7Ka9eISwaKj$9(sFSG3{G*z$4o76`2RjeCc?l+$`HvScqYMJK8!}Y~9bGbINLc zvDryr1+%rgTeO8%?Zi8S&iHLL))5@Tp1diEVN)K(-0Qx}w`~k%E$t%=uD8q`rml--LOS%MmegvB&Gh^=JF>T^at{F>##f@0U2)KCg5JmV3%$LyuZ(#7u0tauEMtoQYL)c(2H z9sNCy z=AX01PJl~D9eFw7KjEf6dHnoSGFXm$fFNGJYh)z;?0YBa@E|oCW%y-aJ@X?h7MOL@ z#OAnk)L48>r9r3ZcZt_OaB&Bdkt)&N4b#eRlSe!)iop|7CGRL&A^@4I1a2lPq?!#3GMab} zEjl_ocw*v)PY7BSOzF%33kjSKW*r>5A7ew)2qf+ z?CsG}P*7;S8eOzgEP^$Zr?KNCWHX$~Je5P#`p8t6-y5H3LA+n!G^o*B9ScbCXLuN0!q|TK8Wu@T2*C zMnyukeB3&Xw`woQTpsLJ!#yqKJuv`bt$E#~DFZb6{hLGcS^^A@U-8k0;J((u`OcA+6w7=4-=lxJjj_wWNUXEb{?tbEkfVSP@!VKBy5oba0uqOU3s-M`iV} zs9ipfce^rs@y;vzM%-*|D1n)K%AjJdS%JYm*OEaGKuu-?ADAimE}hid8TMSz0{gX6 zu#XVCmnbXN7Km`3Xe04CeW!q~v)Nr4TV%L7&;?Ub>iu#8=7SX&kM_R`38u-UDkjn$xVaH7U zEUQg9u>4k~AvcVxR;o2&cm*8AgN}~+7RRoXppe2HsdtlU2bR@fLoK&TgEh5-CS=Bh zE>^@O*~^Vdb!|6e-N*4xPvPMoDr`!vD)<%N66E8Dgijv_2-ef520Za4)SH9H92PNY zYVvxWY*VFqZ?buLdEK@NrqAK-iUw+J+VpMC361GQGir1B7w&-EA-a&iUEaQrJ?nXG6R?Y*Im2cVhK$$=P!LZa~x{&NS|LJR$Au z$+2J#vT}wrUlkmK;l`2^NwA&c#hxRaq370lR^a4SJeMlB=R&LHJP(VKhYaRUYV=kn z2i|?)6tp)JmEqnY-W$O3&Lkovo5?sy>aocp4)t$TBe!!x z$(H-Nc|4v$o?@AtT1fvisNYxkXP$R+d~3A#>FM;#6{cQZ6_`yv~#6x z#ZE!X^fwUXnL2t`ITx#uY!LJa7cVWTsafR|_IIp=G$^-}Z42+g=iVSefGQtuafqdK zC4aqpViM>80Q?v*fiRQ4b3@UZ^EQELVIgA-Y*udD$ET0UY>wOW%GehdM5#s4!bhN$ zvlDXwBMFa~;!So)xERs{3@Pt8#J6c3Y*94ioFZg5*|oj=mr^C8$RV`v{i*TYl;ln@A0C+zN2!RiAXxVl{HUqr zb;K(Q&MVdPfXjTgNzIoeFFLx&4OFJ)6I*YdWEuJ=j5B<3b|<)wv1wB;S^tww_gMUq z+gh*rO510SrE9ndW1I&*#+%MS?A4Xl<)>}?u1h0B+`1!O($Odh=aZ*ml9G7%_+7a} z+9+;Ehw?}9+7RP~I<}^Z9{#=M!~WG8Eei5vcM5N0?cjp&&7Smh@l8#)gRrpg(iN;I ze@f4yQaQ6i7ayaJ@@*1sMQPEiuR4Q1xqRs*gG{7(hY6+529 zM&6+M7fyLr-@-rY!=yS7oK7~{@oEVYpCD8nmq&RruWR-g3s)Nlm7<=DT)xdq(GaGv zrNCbknzd$TJ@GbuxzeIly8m2?g#{tPsNaH7G96T)OjEV)D_x;gV$QKI-ETUSB%PtR zYx60k%Auv77*(;5acN!+HE9RfGa6T% zwfCA>((K@RGdogUe{VP8oXAflA=@{ZQg2IFlfNq+kWY4#6%ABjX2&)#KhR(NF*4}5 zDup?HY$Ne@_cRO`n*FXHQHOWL)Y|-arRj~A^{<$}SxEf=JOQcPC7C=_+@*j{bg=ktZ%vP*QY)*k%T^K5)SF1odV;o! zIEQ|{W zrdJMZ;r;AZFEJd#eGT|G6L8rRKQ5zHW8PFbJ>OH^i~V_=_X-NEBf<#kl@$XORn>Q9 z2Mk1*k3kO}Bq5xdZ#Vg~v+HU@!$UIbvI8W|gnmV~qkfc@hKE534Y`t0>O6KfbiB`F znJx~89Dk~}{E(e}Od4(^NC3f4esZE1J;s{5SI*08oS!jl3BNEwtI)EhQw5)Zi+By$ zPfrrauak7cvsTV8*fMVMNvxz;icAb6SmR9MqoN?j@9QY^$;VH-(?nD(3FLzO1>Gf< z8j90lz7;69R~MdL&cQ2Vi8zr-9)5_s!{_Ym>{8&J4f|yN!-V!W6mR!K{|NWpF!d+s z=$p~Flx#MBS87S)8#U4NJdpq=- z??d+b%eQ4U4yuPA542<36-BYYIbTSFqWMq5yj*V-T=0`W_HhGq6Dv@OTw$%q>*@k* zS5fU!jji#~J36TPE-O?>)YduWVwEB~!?BrfY zj5Uc?kS9gzz$pMMfHfGe=~s;KQ-|{M?R%T=j9$F zE4q1oU7@AZtm{tToWRJnw5Z$`BKn3d2BR{xNF!RYe|0yo4skO!?B%)`p$0qMst*=u zx?r8{Rt0A204|)#;y!M*@Tbm|M~M~rthG-}2%ROnMkv@9_11jU4?}98KFe3F{WkwR zLyb(O#|8&+(T9eEK@>46D@AG!Qc%_iwiT@O8w3MTQ8+;a-Aa7? z_@s>4Ei^r@Y;{^Y_dec^iC4dO$JzR=LX2+vHibpH^Cl+nsHnI(RC9AV#l$=8fu)ZOFk-%x%Qm=W-Jmq)>gaf<-sQAEme*qzLQDC`$# z(3y~ah)WIL@Wot9i5deRQ|gJqarK8L&H@$?#evoAn=P!vYbz8-Q{m4obq^amgGDlo zN0z*8Y=Lb5sHLuYDPJlMI46pXA2D8J=E~gSCLrkPv=+{9`l)JGYSH&+_XUsz6S$r6 zKiio_wd34-9w9hms^m;_x#CA23+@I?bCmwJ)a9<#TYOT3H0I^*7B1PZagxBO6nrV! zu&+8rb3ik|(~cy@d#UeRiMdS+gSPk>hv zc0X})3q1g*xNH*hfYsNF<4U%5q&$EA>jq8(Vy)4~hhl|T)Ru``yqPI>DJ6Z@IlkSw^^#1? zJ*R&5*{I{1=jjbrCul}d1HEl5L0J5y;b_v&KpgSP6ZljaV1D?W?Ah= z8P74~+phw(LeaY|%Mm$C67T&8OSHC+>!v^MX04PA{5f7tAh+o$p*6z$qF5M1I+|S0 zpGx%I^!ldeKu-{`CapTw>f(T|;QN8f{`v3dkeLcc9Qz8k%RhgV^!4S-(iUf%`5*c1 z&%6GZY^3e$dx1+r(zy}M;sSv>@48G{5hH(I zB;zB>oA>|*TZZ0vo|10W#M}J2%>RZyx>{x*7Og%FB{iB?-UFW#<`Gu%)QmP?=l4yS zY-CNaW@rBt=S=mIPr>x#jn}BUZiS?I~dXxIrP`NNQEHjTl*a>drsqS&fZD; z>IAD5z2T#OkT-FRB&o>+vKKAho{e{ljqz5QdQwuFMZ4TwM|U^ycQmpocB@#PNogUf zYF6DVc6bz}o$6T~>RBT2BFfg{K#D3Iv=w`-PP})L)U1vHyYGMJDb_YJag#ZxmNSFx zobTlJ3EF%4Pc?ri4_{%?M*m?lG7gt zZeX20kMnB82N~s{`?tTBvUsWZ19zXk=s4hLihJ1sz7I{g4F1hg5FjD^>^}WDEo#}3$Kr#nxDI+yx=4iE#2NvTK5qjVZGI~UM)JqL-4`5FvAKt zz{Om!!@UIZ73*J&MmdJ6}*~isF#MWvg00?4(X%Z1FyYRocmZ{L6fv+K)vvUxvJQu#WxVJo9Z{FYJ;N;Z|lN943;kCpH;j-97r?#9RowqR(`&k@W8P1O}Ot-`bbht0TobKdM$xzRnY<+ z{_MMz5L9abfg_&KzMULt77)v`sW|w0ObHwtErKfFC$^0(AuyK7FJ$g9M7wnm74_kW zr=~qn8$`Yn0ERf1@5=v5f1HuzqS*E7A{vF&>0&0Q(q?Q@wMuYazSKPM&C6?~(RJNT z+Oj9n*ViZaI4UD6_(Q?`aTjb^#Mn!duEppQWBKT&LuX%S)b6XUmX(RCJ!h67D*t5M z2cc5$*vW=|25UO#vDl83NMtyS=E5YeC4>SyzLF*@1_&=)Jy!e_)YT=m{unfLb$zO7 zXz{PB)94>y(5Udb-)zc_1K&e;JF+4K?8cpuudAnMbp5@E1GNVMGyhQ3lP>L(sV)ml z$0mFZSo(Z@si~&XPsV%qIdSsIL_>JBWYHj??_Wg@x}@EItd8*of%AL7Gr&<3!K${Q zc4XzkduYSo@$(y~;W4ynpkmy5tzb;Ipn~s`a)J{$5?Ed`HXG0xt%_$;^`9!`6YMpvDdd zg1K&a3Hl3nXBAbtO%^**W>n2PcFIphP2Yx2gd9&*3n@+0(tsL=oW*^`MMb$>#9=dg zO_$otp!3@B^Wy66Udd3Ug3O=4>8`FGd0ijFXRKXzEOlL!sR`Ui7YQU zR1a^Jm8{yK8PN5befPn+$giCTKh4BIqM4|Q1uDgT?B!cO)6jgR;QJ-K8hhbf^W%~w zT?VcIdK|T0Hd@nF&nI!{zoM)8rb(g`Y~;`xAS7>EGO$_^YaxcTB3kP%(($X=2AG=dLY~xgk!q4X)|k%{UpBn{*hc*K!g?opmC z+;Ro^)2ipZGZW>4_da?~um`3Kv0`d!V2T*Q!ROZYRj&vJnop%Hag{yAGpF+x94Sk; zULNQj&I$d{nO&PfHD#C{FKuj)a6z|yN7J;DvLeb8plNO|d}LtD(s68VsA#cHgh4kbJacVN#+ta1PV$ZWpx>c!v~s*#m#b8jI5Z z-CtQ&e*w0%v~oWwsP{TMeqmnITl&xwaUgXMUt5p4ieSZX0KQI?K_D#})d}t_jBPsl zBPnJS5X9mWvk*L^RL=x^drQjXr?O4#rL@E)N#}_sdo20X0%E<_6{T#G^MTIowpCT; z5K2x?!d&d{l>PeirrLV5cF_CqMVEPWuricTv2=heCy zE8?eBBZnd2lGSu=2hCVL5smWjR!o5k`;+A=k8=;;tXl}S$&!kfYcnh`TNZ-p6y=`t zx0L$Qv~Cb5)wD`voXybKf8Yyr#mcEHOdCOvKKh-=CJ1D=K0@=~V@kYB-=lv&!CKv1 zRvc$A_W5#)1E0t;X{bz@?vs}x-HWp)d8O0+tCJ!r*l50FQ?Uu4lHO&nRIP4V(Z)|T zGw$}@G=D<00;vP;vjt4`1jP^{a!U?ow(manAJ$`4-$51)QsnB~HC}+It~v5K=~d_n zygP5|vKtvHFfd0OA{6ZyFG>%de-cEcSptEDCVD(RwQ4i2V1qTQBx2 z4k-CJaZ;DD9v$gg;%V1{VDLz!z{ZF7oSN-bN2@N`j zAHdS}!yAjQGyp=h-KUrUoL?sybmXVJl6;HC85WMjwt+PYK{phywEhD|@g(C~w;nzo9JrWbm z^9A0eiJ8OJ_FPzlQ5c89#RVPKK;l3w&xNduR1Q{>MLY3IqN-#zpydMmO{jwH6L8C{ zPet6$PGR?)Rn3D`o{Ko_;iE?x)JA%-LYa{|G2t<Zr5Hj65X z&Vm&vOhFF?YD`k6>a}8Zkjht)x`gS36lf z?_6{NnQ(HhSFObX5e2+9^xRO7mC9D%{gLP01uD*bn5ZLVqX(E39$565aewde?-W^CfziOP;3Q z0_Us93R^wOTngh0yz!=ajV#5iv6LjUi9`mo$=rD0t{BgmbPn5oEm{X;)= zu(ZRvW_#ZAUHm;4{?`p(-DQ3Xbcg0890k@6tCzeHOw^nm^fW;6N5gtwG*#(2A_QD? zn_vXSC6MkhpNRZK0Ni){3b?BViXNJ-?Qw?wh+ABg1+Jf0N2}{XKOUM7U+1}U?@U#p zRi$|aa9T|(>*@|P`!@RH!Z8I)od3E86Tl;@N3q;EwE=|xNPjDb6F`LMosZdYV-4Tb zd>3%1;|b;azgG%G{!v-^M}Gf5)l;?~0#yt89FC1yFi@!ATKcvveCQY}?&%&9PbfWi z${}O_XLcVOGgs@{OYR`t*8(9-YvDUK>&B3)N-t$U{Me>jI#it#L?r91u^%qHBYVC| zogV|f_TsqoSm_%EDjPz7RW@8?wD*>LUsmxrRuiz4(EL?pdgg07&cgJ+uK`{8wln@n V3c#c@x&KcpDRDWmQjt$z{ug;*Mo0hv literal 0 HcmV?d00001 diff --git a/en-22/img/Grafana_HSN_Errors.png b/en-22/img/Grafana_HSN_Errors.png new file mode 100644 index 0000000000000000000000000000000000000000..f43b7d02a6f59e15f0d4289ae9f98d81f47d1801 GIT binary patch literal 9558 zcmeHtcT`i`_HGnVigX2O(m_B%Z=p9afb`yLAe00{=v5F95fG#ps!9{-y@Q1wib(Ih zcLeF=7tXoko_og|?~Ql5SomF}x&gw(P2Vsb;kAy5~4CZvy>J(ImR6aoNvPq@aQiCdZO zDD4)ru#cUDaz#9mSG{d|l_DpqG$Ap!uSiQupIPyBMEMm{%JeIm@a!jGk=KiFSag&( zgl5!qIr25R(F9b^l41zOv|ZR~;Gu5Q>7 z002_5-fq^m&h|(q8+!*ROqyl4p@oGBYA4NNDDss5shgs`BlL+c!d}-`L(kUN*;c}i zMOKDT${U0=;A)SwX7YA*fw_acrCI*43&I{>U*=G8izV9%sk9Fa&j5FekHmlx1W2na_w@CisrNbvCs@(Bv^ zVl{Z(ePBpyZ(f)?>$QnLZ7A8h+ajQDNGKe}bZyhx2JV5BW?{j~nf_%Q35EP+9p?To z5U_CYT}$``fc$*_seYZqe+Tnl>erIL)UR&_8R^)&!(BYC-Al8G3Gxa2Vd)Q%@&8`* zmqZ^1#YQXm*Il}B2-3?MVK2?1M>?>Yy3|4ITjr+oiT>NT?e?_d8o`CAzO1J^%r z{VfFkmhwNd>mRuO76N}u`JdVK{})_@f6+pF7?ulqVM(8k49N>DVI**SV(bn85K&ye zZ~UANyZ``bDZxtedfsW<(_Y>Q`psYVcZbwDTz}qJ3^tvGR`xG2afQpR% zUp=8261zVAT@t%|tJ3gD^?0@#bq+-`+^?3Md`LW8c`}eHE>NEAA_m_qgz1D~xsJd% z4>8t)0p!>(%bq2VN~ZMx6qi4k>OCZ_Nr-QQ^)T_BymzL4Q?4 zLdoTz#uBrxGbCTUQfq2b;O>et@?s;!L~WoKuP9-Z}$y>WS7b~w%{X(7kzTD4hix{Bx>7HX&@l|QMfbG$i<8t>>N z|NaIYP(q`mqMTk+{~{tHYuJfK%G)X#?NneM89-6rc&)7Mxnh^oG>OdJ>UiLXpQt*_ zyIdz}9PvVCzwvm-Ieo%Gt-iuMWY5`apr>|1EuO9U#D*6N<@{9mnM0WE9hWYL`*&i) z^BzalC^h327%N_wvZF99$7@D3Lk)(?Sh0E7dBlAwSr5|R9A9MWsRb)ss>{)2sWU6| z$H3K}Xe_MMiFumON+~K5j-$L+y;S>J!tTX2^Xw(R3N}s)0p%4vh zAWlZNnZlc=Y(R28K6t5Oa8CB+`y&&e1>fU^5mUHb=NtJMgsGFQzdt<+m3OibRh5vC z#GH%e%lZ3H<(DYB9WW|>TkLOz+OG_*}*{869fmE3Nemz4&)?^-h(ot(++S9XC zxIluT8z#U@tP2y{-=f6vmXd-(;c0XvgQSQ+!l-${gK9=36FQh%J<*O(#6ufi+^d;X zc5}l&Iy$nmgOnl15f(!SL_9;>;b z7p5~9lcghCWZGm{LH0(LfZL5bRdtLN*?{>cVnlbohyaMvG z#L}{G1eED7FreMqalE4!HWRptlUbR%+Bbi;2@&$#x^K{UC}nN^A0)9dDjucD)^*WNr&6Gwf0juVlBTYSD#hxU^b<78ze!X}2VDWf?u zV|&O+govtV@$y*qE2N@oyqGcQqKmWFM)VxFxZ^><{jhIdla zF{bfs)vmL6UrOf{B`asiS*1=ZG?wSw#2eQ!Cdb5R%fNJAQ!md?jm58GVid9l<`CeE z1GQIT(>7&VMtV2D>{*AJ@-B|AS}b(2_iJm-p#;{C1bP|~w16-)rjmCOth0y}Y958RL~+Q2XiKOSg0} z%zS3--r*o0zuO)_M>p115QR@nY;SW=OR_CirWtY^eLt4(N+?+)Mb5%P#yGD$u4~Cm zx?x+zbH?A9{QyF;k*^E1SGZmBrQ1&Mx)>%h26jvC2K3~-<#<1QtK4h$#uSX&us;KA zXQxzPuU>B_<@bAMm5;Bv{p49zT-P!^XvvtP_H2V^(mc7d6F`k-kt~h3#q!7mycE zN~p>q!(z%YGsBWldz`zfvZ&bV$<;>xgvuKY#_fe zNc`ZJdv3r67tkOO^E6`P=Sek@yf~wsMqWjiX9Dn)^%gUoN@YdJ= zN4Ki|6|WZfjEO?#WdBQ(YbKBzKct0R=nwAby`*v-JLC@vY409+Z`dF${$125Wtdrv zsFw1Z$HU9zN*E&Q(2@2^&AHE?su$eq-*mM$nXjt8ByRYj?-<8c$3HT};vOnm`s=IO zA*Lj%B?g+QtDHB;d#i|1=i!o4IJ9hn-ke+Iu*I#+(N+Dt_*taDX3bqfiFovImBO|0 zxTN+F2e+1@%^lb-)TS!r&AIf4Z9 zt-po-2pr_UFXUh4D-B@uKjG@XtTM>G zE9BrosBiB7;Fo`?8W3id`t2Z71Ba<@dMw>lHsiq$#gpl#9`Sj|*c~6<%1l z#jzgUv42WCn4a=Xe+a~%x^1U_bnzwqd|3OzR0@II8xwiC;E>Yb;+Fax&da^;u~?R2 z28@*U3#$JyyzWV(FWLiJE&K z9{s|C86a*Bn~~Oe02PfAHyHJ)WR6zU2@{42bbjIt22K4S*BvjVzG zGWeEo!hcKIX@FZ=^QIb1%rcGN?R~3~-TU~6j&^d&>=n02)KOkHD&zfP!<4Eo6vs$d zb(cZuoUq{ZOb;*axf6_rqF2t`s-`*!J(7NhQ4|-9DD&7P$u$o&j;JmvEL@0`y`V`} zJ2>5mnG8Y~7C?}O`VHo40XMBmCwz7t$@N7e>q4_?rQ~l15AQ5oW`!-GHc&%638}Y~ zb?wUbm%%sy$zR;-)Va)NSrEBes=6K_JfRVZlhsJUpFGYq6y%+|@eA7B_Wp@5ro8%? z59IRxnU-y>7R*zkY`3a(Vy4#@Ch1u*z)#l5*GYAu9|_>g3=nU#dy*rim04V8lMDf~O?~y`X@S6sN6H!2b4PnUj2A8;3F~N>OQVBhTHZ|0XS+ zE9N>8Zo=>-jjkB7-6D$JQ?>FzqR)-W?P%I^a%9%Q;4GhuvIt2%gPPmLnm<*IG7T0k zG4{$FSAw==;4^RWxW}cz~Hgrqa{Hl%+rq)y36!AL2aI}oCV=X`8t9s;c-&@M_JuDi8(FQlGoXXMa z{;9@a&r(&yCaLn!z2AsA-=tBb$cZpA^sGjNa8pHZDXYqhSUT%V35&)=cc@`w>!G7U zQ`6jvxi|7&ZAVcxP$aR6BwPh=zSIwrcdGC4Zc8Hx*5&%!NPH03+yoW##Lt+wAPDZD+rDbw&1ddf?s&PKGYCp^`G(H#c`+d=QxSs6w>9xv(y3AyQ zi+dI0TTeHOMl05KBtd4GFv~Q|iZ>TwScpgq!}ks`Z_q;45JjOU^}S(_!&qYL@2<8e z8FAWzVGWC_=-N2|gd`F&-J4bG>HP@U)mD7rG%~d|Zoyc*oCw89-Qp~ncpNvN>Qb9T z{43r_nE6Hxx_9GH5T3zvOS#P2g2I~l#=D-QCor*1x{+lAGl4gT5E5o)?w5=0JCdBU zjXsj9IU(6)Sv0b+N7$p@R7sht3}G%*!~>%j>MQFXmzJJMUCcE-yi2_c)o~6e=glKb zM)!t1+jpsTeG~^Gjvy+?FO#65qWgA9d0x7btKGVGQ$TN2(1P*XZagL6ozSE329@>H zEoc4u8+nQgXXL)3J!&>`E)Nq$syXs(`ppGimcZ3+&S^a(1}N)SJxm~!Ns&(Q<2;mS zq>%G*{pAdi81{IgK@d=zq%U^IVdKj~JwgfAtkAeFdwQ;lQjrouK=RUpQC*mBJ4o+_ zDl(S=<}Mi-Y5B_mC1_+-1Ft()+X z=hev5{It%j)8U1 zmEd<+Kxh5Ok>}`T4jCQA_p0*mRiATcDa(f?MvrGO?o@^khH`SS?X}|ee^DQ~{Y%?P zU{a_L_}g%Nt7yj=9_PShkwHfCCGEMkzi(}DZ(X7~>^>XiQAQAJm6H=TUGb@sDy;_- zGiDiM@i96@a|g}jGrCE|h=%E{aW6oQPMhhjKOoqw*sgyj)5vYLktA6Rsv{^^muB0c zS-w|%x=m_Ay+$%La;7v|3iL6@JOs!zKx(}jTD6EXbCUMvzxu;XnktSSXD1m0YJIdS z^QLZ)HyT40(04+`G!fq^!W7s$21@y5a)Q`o(>~AjdF10d4NpmbrXJw!QNN|)I1uLa zu;{b>j-g8A5Y!u@V+pYNc9W|l-_|{b+#{GU?|auo55mR6^KpAkAXByHqqMlYe$_ii zB#{Bi902U9EjB%h5}VC6vyF{`?xk_uEHtmV5xhZ5`8bPQ(FYIPYBO+es_&g4jzBx+ zmG3X*3pg3eN%Z|l9#vd!eJq*=G8=Z^r}}{RzI0y9#-}K>s7_yRBJJX+V{m9hwUIx7 zjHrY2glcN4`KHvl;E-=O5A31gX#2MSg-_vz4#f5|@5J>~@g#-Nr`ZGfu7>na!ELaT zyr32(dJ;~Oh_~2hWHuG!Pr%YM`GR~X@eDueX&>$W%09;;O$tREz{7HH$URhIl?%Fn zEvKi)i?bVl8o}N zzOsWaP>oUH7Ap%|_k*Eqr6dc1mjVQ!*TbS$rPJ;o996N|L_ZCz3wze25E*-CVGr8B z>QMH1>AJT<^GC`gYjW}F{4x`mhIJ0hI6F)Uh-G_%fM)rzd^YR+rlJlV67kzF#N zApc~e@|~Ar@cf0Y$>c#|DtkkD+3>iJ3&Jv&ZEb91O$=%1I#C&leJ+x8vA)l-PI?Iw zNELOp?O7wAt}Yo#D3)Es`e2_gZgZe}YInF1{m`z3>;ba*lnuMrx z*p4q>Hcet&_}}X8puoc*wvV(kLV=}YtwZh*veDnMY)xaWn63WB`Wpi-;yw^6%D$1Q z6?pQqdb10t>8%X_yQalN^4oS3RqmpM;fYhhrq|fwx8?mZqP%Wrl(;j#TJvt5z~yDJG?o`;1o{em_`p1KC^l=+l@V~ecC+~O zdhp0iR@v|k&`9<@KiTtFPakE90uoKSc69I2^As}cyxxT{6)$;tD3)#sQ;F%P7b(8y3yl6cjbj01pnhg%kCC0VzpyH- z-apPH($1Hvs2+M{5^tl3-R&O=o1C&8ZQW7e2<16@;ckq1vf;!~2ADa>1qQF#~-_6mldJX;|P-ciPyP{tv+432D1r1=iPerX77#2qDX+Q7z zodMi*td?=7bN+icvxKk!TTx#0^qgYr>!Q~AeH|+faE8(n~S6}dtg&L># z?!X#Z74?rFZRn5F<8m)MCN$@XvnTob;@uVozny{=dPe>L%o3#+CE{s0l~Gb=Kc0D> zX_(k6|3>w>$-vcEfB;50L5Q&1=_LW_#^LYjVGQq4Lis*%qNK$`h8v&78RiYRH1v%qBVHr_e%NCHW*oP p-R{rZa8Rw{{kyyWvsb^66}p>B&dU80bNw$Pu(F0yv4T~|{{Y&dKWhL0 literal 0 HcmV?d00001 diff --git a/en-22/img/Grafana_rfc3635.png b/en-22/img/Grafana_rfc3635.png new file mode 100644 index 0000000000000000000000000000000000000000..dff176c82d085701f29a34152934d91f08de1242 GIT binary patch literal 11670 zcmeHtXE>bQ*6@TNh!znoYJ#YvlVOMwC3-K>d!4}yGkT(n;1Qi5A|g6rh#G>3-ih7` zqmEwZn>^?F&U4-$-}heU$NS^Gt~1x%GxzMZ_S)-SYwgu$M{8>;laVlx0000oRTV{D z0N_Rm?%whiA?~xf?w}m^mF1^z4A-?ruzGkw9h}|lS>e7O_N?|uX9oZPIprQVOV-AE zJ8V9k{lU*uA`$Y!kWn&Fkh(e}`w{crnF7cXB(s}c!**ANucNvsB!+ilW`-{8CV+7v z?b>4L9`y;A)|)mvnBobMy5=vt(?Ev-)>6Y4sqcPy#e8+&!wS6n*i_-e#?gVtW29ZZ zC*qoE$-CY&cAOEHZFYXkG)eO!L^d>`of-@PkUVk5F>0)#4zh*13s~DhZR`b*?jE=& z005+Aksj8zuJ&+N8+%7*2$+4h;VV0Al&`$VIVu}pD1uwFuSpaHmd^E%brzKKvY1G z|0&YhN0?oPgjL$h&H<#WsPq>J+%GV@6CCaV0s;{TgaATB0P5uk6ngylF;Gw#C@jp6 z!{CScLg3a&ehBQrZxa8Yp=b}Y^>X%rJ3}F?ziC?AK)vB$c6J<`^)KRZXNSM3LtuXi z0VfXNZwOFGKoIz^=)ZONPiFoL`fteJ=)Wg}jCJi{P&e=2%Y)e^gn>eTQu-5Q^8W_? z4KaW?|5)nJVQpum zy_>P3v%5V6_9rKz!jgYa`V(sMFVM$g?7-hT0RE)}oKAuNRO)ZZ{?EVuv&g?C`GHR2Aj)k#DzW5lDT5^OpVHQFTshVKy+^4LsspRVqrIKi=EO>5PYz z*_$I~QC6*UIurHds262djzpwSZ{B?RiU7_=eB+KTD>zYIxXbQM*XTS8HKDxU?Qbm? zzS+LFB-XS2cfedHP3tqT-A6N!TBBTT)-X!>`+Z5u^#J)>Y>GxIEqCN^QBgj$B4!J_ zb!$_Bc4h6}-m;dgo(04uSyEg)gSs=$`gBk9^JkxfX>1KD6EfUIO)rgHSmZ`g%1140 z7Bi1`Lk(-`!vNhq8UamSVgSqXEy>w#==hSV-`im4&t~I$_%p2aUlVOFxIqyLlxf;)gL_F6fen58+?=Ha60w zu}iMEpE3VXpqLxGx=oHb37&a1vf)&zUTR21&D6J=YTh12)pps_0K2_)%sCfyf-fwB z7#vo0e8X2uyrcknU^4FSasl)Y)x3^}J`##&x zSCm&oMMMzZ;}6K~JTr%FYap9SL$j6gR{JC@To9JwluO#m8ZA@79blVN?WFE;nB05z z2iS_wVUdw}6KGWprWse?o%!X*c1W8FL`@8EFYv0k>?_tDTc;>Q%%<++(EWs(? zmTV6Fz=@hN#8q_}Z^6Eorz60vX`>(1@v=8hBOG%A&Yw0~PuJX!Cs`80Y-9mN&@%oPDuyA@m^dJda z9QCFGkwd+(_VTt;{Z9RA3VO&%wCRndQIGGZ_76dg$D1(ll!HI{95BAKZF)DL<)en| z{>}x9Nb_SWRPwR5#X?`L?7NCDY1gXJ(t9mg*VW{aq0?*g%Bs%vjN;cnR=N^T&ojl4 zP0X5-);ABJ4OB0RU!t!)dA+^8S5|2RCG9Bz^z)-l zU+)2?=;@n!j&cI83(PoXr@MH&^L#wMIV3d z!usp5R_IrE{DqH<*g5tJXOwBb?5>;4wH@*E+UxkPM6QINz?Ys}af^*O))JI4Ef0Mh zcXLZ-Rwx8n0`|B8wF6%h*c5c9W_%EsVqqhEN_zUC)j(?bsN+xm@bu|1Z@&zL6uNGf z8S?eu2H!o>XZf%8JRUeyrI)9awdk94cn3GsKRrK@J-rz&ubLwh_^GticDw%QE={t> zF8JWaj{)9yC5>+pb60@9S$wYs@aUK+H!rY&HMsmM-}9QwZr7MOJXUu0kj+hoplf^H z=@G=>GbE3+Z$cy+cDY#xq-3@bv#oUa5HRifuO36LC>B;XlQ8E)W!Fp@5Hmg{5E6C_Z2;^ zvx8liAi&xhbIJtie82&JcsR%5Zca;5SHZgp1n>tbnd#m z!#q|`54U^tv;>~y4QcCGFU?)Ba7Z~)5creQOR{$5^jit;EnFe)(5yBnC#Ba_J(W2+ zI^qksVglTg4glhxb1iyEA}^yICyk8TF*L$e|oOYI?N)TP{o2}5@+bWKd^%H22);jTdZ5Bm~DFIk6=&p{*@r zM&@&+wpLY>fO_z46YHX-17ONIwtNCzxA)D2=&Jb}_TaEkPjY=GeRN{tU~~ld8RtZy z6G5Hnj=jIUf&e-?fkPYc5Bd4RXQPRQMZ#499WI;b(nd@-zd!|D zeJA%f&eNo8?GKAL+*y&UaAR--E@|#y5oAwwMsVTe z;&orxzJB%eXYNV0Qap24zxkwonyJiQ$v8ZK7do+XAD|S=Fl2MKAlD^*vbCJGLw))& zmp7RN3)65xy`s(b$4h=T#^bKs$to#H2gocv3YS+VJk(m+4+bl$s&Z$FUn$~@vbO(g z{Dg(?y)4bhNi)(GT(J4FS=0lFdi|@X1U6vTwXQZ7O z#LHj2ufh6;2B`WLT#${c2I(R0mH>uDd;|}A>6r+Nug(r1T505n=g-o6;S5w7^DFU- z8Dz=UmOf4Tk1t=GQur;$77x@eaJEkRL{EYxZVoGm8v1!q_!Ic`P?RB-uzaFNLt;L< z&tVy-Tw&+oc0*?=5Fzn?bGEC7hDPRBs9SXvY+c|sAwG9sA`3vDhl6 zbmIc?G0naGo|Jh>_ipZAN6oC%5Yd_+yDQPu#+WnRqN3vGe7k&KkLhBq6%`e3`C zxb4%dRT`Xc$ebgIU7O7(Y$o5W*f9qz^pj6e%is4;BHGzQINm`bhP{tQ&Oj_d)pV&n zeW&}jzDv=Orx){OcH?y-8`KP5KkD7r4Geb}k1^nxsY!8)O92^~doSFlg`a=$1ZCO% zcBLgHJs0`fEtVPng1fqLa=bfw|5FXASdTWpwIKYbMp)=L#sg{AE`8`H>7AXPO zG{D9~p5)|Y{^9LltH)AOM0;=kpd>mKP$Abe8k6??Hc^H43tF&Wd@td9k%e_N`2JnV za#!%-!!K=t1VCC#(afPdrSo`oGdI42HS>uLKTJY=KwOj7lcv&H7Ze^p3wwWGPeJ{6 zyca#Qm{^kez}i-9)%3PQU+p};Al#T?wi4_60bF+`nWc%v;5K@9qL%DH(HMH_IZ9)> zGoFJ-_)f!YKZa%=?rNT|+lBMAH(S1iLl^>t zZan?+Mf1ccPY1S47VLQVDWSdNyVuEVtxZy7T)3nF!6?kww)3@(^0+{=2`Z(r5l@;K zSm%3oePNu>k$*@gEBN6E4W0h7+pJ9g78LdRHQ(murXbyIb-MW``qx*9cj#pT9+{Xl zeAzxGlJs4YJl^5A(}FOQgukg80Od_zcx_vjFBCdj*iB*#dZl56t*!O_MlL>Q_Ow+; z6Wc4Rv>wyjCqiEBg19_$g?6h0eKaV`ouH?+PbStcgLT6tsFl{s@hj`w92^|!?i*4S z#(YjFxwpg84+}>&(!6)nahswGp91_nNsr6AtdI>HNCbcZ(??1#0c&PRf!*d4Dy;7r znNl1b2?+r`ee>l<^~VGnTqoowBTl2e4I7}0jQhWiTFqrN<)dtSbVk}hg7&6Ekc^Fy z0zvdlIu2yFzGbZi5m1dLK6Gs^*PFTgJbg9NJ|JxiTK)J;-0kP<4jVQe;Wx^(Gya3( zfgAeWDby^-w5toMj0e!Bmx)}OEe=)t+f%!fiJ6f@PAfwMCzSp_TqCC@+wNi2)YR-3 zUR)!kA@_jSpL;q1tdho^F$1#wgVk)trAKbp`;Hh);DB6~`0CxA21K*0yGys#+AN&O zuPJ+JShpE#O?@vWJZOJk8nZXckGJ}k)X{Ts3+CC-6i^%VU}HmS5PdY`e-eP@>)u(B zII7mGTUjF2d34v#&LJV85dY*cp*3WaKks`@KSKD`UUF^ z9IuK`{&>L=M#;|lS9O(yx%C_PgcbZJYVH|n^oJZA!qP9!e~kP!`CZb`6CACVPyGH{ z%Af4t;F$O)$^YN#qs<6no;dhpT;Uf*u1fK*{C!%Tj=|38*`vmH6gy|CXk_6@wq(ZitI@B&qMx{rlt$b%7bq8<0=(Ddj=nWwTO}22 zB%{0gQgzevzAMOOq;%I>HIqz|C;3io=fQ<=f**ykE_TUy#3D0AmG)l+&JV1Yj8HLW zp8s&&QMvYqIRAf<<^NR#f|yz1gFrm=Hw~CmW(xDas!8%Ao}poKEXJ=hK_Eghj^^%` z?NNqzY0B5@?^3uh*JUV6dPCd6-KMr~QH3^7Ls>7=@LY+Q;u>DoIM-_5gV^(NFez|m zf>1zqSw!lCPBPq>&ng!vCJmJ_7!u@OZl|-0%Xw&RfRnk;`beGm8lk}R=FkBckAKrj zq?d1_?smE;VwfbpCDMA==bt?8>Ki{L9JnM)@j|Kk;uu?4hB#}ev#1lt8Q9%1*( zynfFQP_r#hz0@X8CDMXb-pfxFzNmt`1g&4(!QP6jF{qu0X&XCpt=gGR8(=C%u1xZZBbfzgTvYP8p7++U-ozxT&av2tfg2f`SVPc34asksfH(op|WYsTV)5TtV zm0$KK5;oE^wTRO#TtX+i#=$-P%za{+ipS)<^UxKL_35Uu-ZM9;-JLyiN=6h8zFK8EN1zzygl& zgF#M9Xs4a~%66~tHAt8|X0`*n&F7d}_flsl_wp(XnM8twxUxmCiaj0Yd@bkF8>{*8 zAzga<46SQoWJq7U*E{B0#nySk_PNP+zAi%#;n z+QJTpDv+jCKR{XCvC?(G83!&ffdD5n7q^6jbZ~XFxcfEn3*XwA4$HFo*M)jq2U`c_ z6}Fw4fa)pMowQ(lXJ-Xd_k*SrS%+DKY_)0GMC4v~aJEwEPBM=a-|<9@{EgI)-vtHA zC>GHCP4%T|Z#R`VPe^SwpWQV@eeM7eO{^AAzw#8V+e0?;{WNO{(IXt5|MZ~fte9}d z0?4u}y02!!MAhm7q04##k4mxZDG5k_-gT(>z>-#vFR?!cy_5$@QGRHv_4QaL|xbJ+0kto#T!C)z#9JczPIK?W~sqlm<0{ zGU5VoW`<7Gq-xtDM7YG>jNFL@{JhV64+3<6np0CR-!@CT^HjAdOUox6U|d_9@zNUf z&D)eP9Ie9>KpVWK#Kp2xVukR=S2!nxEvE&2N+yw+b!VR+RxzEYZ00SomN#P&V7e1) zSlYgbsbHV)rFe>ZOIhlOlffcWK%{Z(Y?tF?@>Yq9m0$1!M~W>q+YcQYlS_b~1qIbR z4ccs@C4cdXHvcGGxsWFgwVU^Y&;!n_W!s(g{h&K7}^6;i7)@5Z(8N-9Qz?aY$MH zk}e@9h27$}S|lzE?@jRz|O_$s~(&=uFd;h=`fYdb@MIvghoWs zCXMd@e0}$O`{5$A*hkOaS+P(TBWDk`T+_#FY*B5GuL{8OzJj;KFRm9xNcr_8BhnC>L)O*&_?DXb+QIcH)5g<#!!dl1l1aRzz1>8{_J@4iOcER&hJY7? zgoTsa)t|Y`Um<{Wlf_LnxRi4V*I7#w3M7e14e0nDD=Qp$?mXLVJJ*OtE)~*Nn3i7K z?^jlu!H#nLOW#H+_{>eP`~-NJVjpR?z?OB;iC1Pxa+ z3#&yxKc3&>jqG}s-q&hQ{pO4BEc2^A@sJ}^49})J}moE~%u&9}v8t@pZUoDTw#trw16D4NB9h;`IcXnMn(0 z+o#5HN~&)K;Kp|{17lQL9=Ztk zXBz9uxMaW;G)8gTouAc|sjWx%T`R*)8)9;W0>41y@5BJ_t5yrqCFZ}Rw!QFJK2-!b zP{ginCRFm*91TIJ1qw0`B04|2?a&c+(0wXH)zW$SBTY#x%|V1OO7l^Gq*2j#y2Yov zCeCJ30?|KZ1GV_(hoh!fImOKel-DV2yBAbMc{m=tm)Chj<5v91@o0_#APu3A z;z4(bNxUc4wH;;p^69Na4a)=SfTQEh^upIsB=+V(WG=C&k~-4!uU9#|eJq(lWFmxz1Xd8!yIScb0jL6!#QcOuwt^tks}0q~67ElH?>RQE zi#>|-j%xhcUX>eFx}CXHoAL_{B_Nx?7yWFReM+XLudrC|P@)@F!Um}Hpy0vt-OOFs zcrU#iqnF%vw1rpAd1GpYGDNSzI z&*(2n-N;IzBX8MiO=vuDrJBF1FH(56BFHv=0u8fJD@764PWRBX*&-o&Hx7)pl}Zgf zr(QH)=N8UYeD)0p?xO7hRE&;Wi)RWM7*a9OOqMntV_ybiCTY$5`;yJEZ8Gvl^Ez2{ zp#er0Rc``27n)!ZXA@}X;J$?tJ=Bf+5a{aV-AGN}xBiE0zTz2%X*4yJXY=&o^oo{9 zv+pC*e4Qn?>^;H9k3-1n49xbQ61MvB8^ynVP?VLe;$jI_3XQ{L5UvH(XWhz+yWk=R zu!8u~x~G(yyCm|+h8Mi*jo;`+Hx0E$1u;z|)(u7Hb#*NmlC8;L^Zv5?b&MP^~iKkYY)8^-MR;clVvEk(3TLsGJ_p+0@i3N4u zqG5?^m)I&ye9U!0$*rv1PqR+U+Rh9Ueiy9UfWC>_>bQSh?jM190iojvvywP`iDf2o ziD#&g+`uEiT?xw@M&gnt=GvhhJDWP@3?Tv2!eXZwUiW?kHo6iVO~^FRuWq~Z>87X) z4bBhx7L!()HN3B^OqiYYkBX1&*nls>>s3^u6mqpO8Wd1{u7~Zg3wH^oF>vt}s3`H8 zaQ+X3YSZp}(SrJyV*bUdxX6FhPa^NlWAWILF4UIHd@98PEoGl<9C$_}j%B1BKEMAt zr)PO}X605k=t1%Zw~l1S4Bxpu%Z1By_AMP(gy(MiwX`UIxK6ZE?>#9*0Qw>`Yi1y- zb2%RuE-F0<&!2|vp=B&9(kBBdXR|%B2*c&&VrNf&#ZIH`z2(U2n0o6+#pcnm!i2Sw zj+$DxWd)`WSuidii_SS~QcNB@THS1Tws~4w9rw~&uB5m8`yxh=ORT8xD55>$bMYC8 z?KrDt%hdc)ZQaZzdc6rC>TNycgdiYr#x-v4(xz(b>-SEf(4KWOqT;6vMmF-&j1pJ9 zs$8+QS`Zl;PHG{c<|{$E03%g@FH$;j(d1~ZtRLSsWUKu8K!jurKX7@%Yo$C~8lhdD zau#3T(l0cP1Rk_#jM87l-jq0T$ez_zNuG`F+-4J-YWb8V^GTm)d^J7#wqX@qi$**% zRH#ZBZk#IT!f~v`#f$0fWw^UIKb{n%H1`u12SZ%W30;jFY8hVOoI;XBwJbF{d-tG1 z0`$dx7{JNJU;-PYIomy&Jz?DU1J5Alx3BAo=D~xpnZb)i#R6!QyZ1_b5!QfU%+7#` z&JP6S2$856bjVVVBC`*K(8Rk5EHt(z1SIK1$md$MI(JF=QSmu5Gu1n(+$Fdt zRW6)v3;^i|T68AG&r{ z+T8O;N2k)$C?h^+m9ICm_f16MtnVE}6F%}Y=+h|A+(l{Hd(-(b1Mjw%k>NB=hvxI9 zr73Cx%`dVVd|=p6tPL8v;UsGM>Q$hTU~v5}X*V*mnZRAVxuA80>M8t0E?r$hYf%Q@ zowHPv1_;>5{BdfoGk3u0kPUO-7X6lnhV)@e)@-&rtXj~7;i|1ZMnrAW%(OF6k0^Jj z$Ry`^N8FMr`)g2k#*!4bIhd2Vwx>^dTCH;OelIhX8a%3|tzH^hv5RLv1SHCC(tX$R zNe|YhdWCEL1SFU!Wuc-I2^Br8T^_ztn3`*KUu;#q!ezmYhsze@cA38zKQ03wn9i|m z6rx-w5`O}7J6Ob9OdR`L7M<81v?0nd3m7KT@h6xA3s}tg#G|C`an%sH&Y#zdqo$ds zR?mq6Ct8{g>gp_niYKjZl?OY}4yOz#hn>EdAm>L4IS^Tg!}FMn5fTD*HIntDm0Jvq zZ~6N9I?(%j@rmcuj79DzK+6I{&$D01x8xF7(;PKl4SZalq#lKCi}!amo|nE~J3soN z`L>3jwz0uL-u!MWI$Sn>pCDPKi4dg}{w$xJUw(idKd|jxpgigtcK5!MKP`E*Vy=D# z=X86@XFmvIYSgp56?7JjU8)H^-E5><3iPO^%aO#9q6!}n%f9r_FnY<`Zby1mRu{Wyp zzN)g?Rjm=1Kz!<^QbBOhMUZ$TQS2*mH16arW$wf~mu1CY$9_T*)&1onoSAK3cB?f}ew( z6_}E>E`zqmqD>2(M81SMP0M!q+O+Q>U;Wo8SLeEpFlT!f$dQiWCl-X?T}d5&v~bqf6V4Zmt~W94528SmF; zAQU{SyN$nOo!vX{@G%D_>Th|SPHV32+9mh-NWCflvST< KDwfGxh5R3D=9yUl literal 0 HcmV?d00001 diff --git a/en-22/img/SAT_Grafana_Fabric_Vars.png b/en-22/img/SAT_Grafana_Fabric_Vars.png new file mode 100644 index 0000000000000000000000000000000000000000..194d75b124e8e6289c15cde200bda4ac11006cbe GIT binary patch literal 8031 zcmeHMcR1T`*H0I!sFv1Vsnr@GR0*N>-fFLi*aQi&DMb}kLA7Q}t%|BuRhwExRS`8) zyY}Aei9Wyg`91IZUe6!DKi)sy>-y!olH56;bD#U%pL37%J&DrMQl=zlBnJQhl&UHU zdH}#V9I?$uMne4LB(L!yex>^v7^C%I7(wbmh1^6aaChGB$El~!&Z9&0Oa=_iH;g;YCzyfS3#I9(gq>ukvyQrY3ppbx~ zkE1sjC{4~T}NJ%Hb^ft6bK~Z?0*SrgM@!u`VE=Jx)T#Q!eU8f!g$$T#RLTaT)BSsKKFer=m-Fy zWmZ*?HSkGWPWKHk7#M1+-yI(+)7*jH7rTG|@uc2i)_K=e%$_JgGNIjb`L zzxvt*^+0=kze?;{cFb)?a;eI(QHNd{?9|L8z~<{j zVdLZbcfZL-cdN4VdKSlr06XcooF>r=+3(bUNpDaeT+tFE*_;nL*J*>Ay!uFd=$_5A zJ$JeTjg6cTebex~9C?_m%$C-oL2n>0g}v3agDVkDD%>74@g);s4SMO}Jy7 zWR_O$y{}cy5UT%TcsLMeS@wajK9><3PLSSmsIR|tKICR(vRdJyLaH!(b4T7xJO9K( znaJFV&bGU&E7LP90+CXKbQISp*fNKli5_ z*Dp~W|G*vM2iq*#%esG}3WGRuc4I}EPmSCv^R$Nkji;n zQnJc($QwXw0<_HI?snfQ{wDt17`H51`2pBTzFK68%Ic1ic)-HSOvSdm(je?QC*!r; z<%{AgUWuW29LspAR!jC4Ut9T@vHSaC>5s3UOCa5HT0CkXxe#)xexK##%Xv<2?o!y)9H6Uy z%F^xA1fyV$JEOMLzNjQ-<^28ZUe6wjN)flwA3?5y2XoH2<6j9uZIlt>87Cubx&=1C zAz@g(Aoe0kUF2m-IzXW`$Nqz;-q?zrspWN)+V|f4X=wyi|Hey!*u9!_a<7H1y5eSD zBcH+&b(Q^g3rRvJgo>BJ>xk%dgW4w}dDGZyc@u>-)$~APecEn;a^N?H{U5OHFUT!8I@HVA+2Co!Ffbix|z`&9YJ{gVN7TN!(5@Zml_=*L4F) z?d^GlFfJsFNyKGrgNRMiW`syUn;X)wXe_C3q;X_hPwE3ZZxiz_dc<@!T#vU>+{Dmz zwk>ZCd`GntHIkzGowtiAv*UvpDbg@?zxPcVtCdB?pjwUuIRA8NmShDY5*NzJf_#u_ zGH4Cgz&>T-wvG2|;1eBxE4JxT8;hLf2Iq;g!~$u^o0*b|0`Sx9eXn3A3{{--z~hF3 z**@Xeh2pgp0EWM`>pULv>Gp=vR?l5){{`}@8e$5*U6&wJ0}q;RVh z`RoU}^O*Or;&3BSCT$;XxoJH|WW0=%p`FDiRg>+7wU;W?Rz(+^u^ess=dH`e z-YDztZe?`-OqCFJGcV4+NAM?|Gp5hME9;)aj}be2L`C=vK_;-F=Q>$DV^L>v7Oa3MeR?zYSv%Y7$R)!;XJKnlf>bt+<} zgo)ObD{EcPmBx#OI6AK1b)~`^rkeN-OlN$sI(hrLZ6{X{gvor+0FoKj)J(l#5?^pv z;>UNVIRc719V^XJrb+iCYi$xiOC; z91mX)evfGC3-(VVW&43*Na1Y+M-kpS{Y+8F^tfu`-L7T)jA@D>_*b z9SrloqGd%E-K`0;J5O{KrsN3G%8P@f^1OYn9b9-Z-7*%}UNden7_{KRnu5~;Cs5*E z7`1lmZ(fdUsxcYDqrProMGd?7ZrzrR9-H8zrz)%QA6qV&Z#kMDfp=&}XOA*gOYFLi zbgu8$n2S1dlY~9YY7)j-ZmwS&Oh`>_4!p9$$-#k5pS4AlSU0BA$2RYV`-eG}=H`a! z@OEw6PnX!N(CWoP>YU1Z=PwIMi#%k@v}pLw#~lyrhnH4~i|{?nOi#Mnu(ZxFDt^0A z+f4nA=EWmf!SrV>Pka%y2=4FW^YbDzJ0tU4HPA|mknZkufT-6;9RqTZx#&}~yqnLG zUbQSS`e@=>XSwOgut_e~9f&-SAP+_-MLQcmDJ*|UPEquL7YpD~D2I1S^$)mLHvX;9 zf*)zpW=}g@&rPAyzE1zk=Pe&R9{oy>kH6keP1|Z;>A`BsTC<41E1};dFQ-#oGc~NH zU)-=Oy{YRvx`tJz$f8dFdmeme&8*0fgU?bv4Fc{Nou}N9v{yHy1E^y}%h1ZGo^|eO z9=%Ad?ylb3fG(!wuW)Wswfi+W6>&rWMCm)w#2%!G4uUTb)j2+)PBS3MpDP2n;BT z?(>-`BpEMuovT^-IpMTO8LUG_&05%^Rvf{e2hgY zAu%Pad_FP$5t}kF3W8Y;4K!6_Gs%prwVo(oN$#Na40u0 z+Ff~H@b-y|90T+%yAwmLWe;ff)b@wHAs{NHeRpzgTd?&oK-M$1+C zg<&d}jD~0B8vRPc;40wuUCdy0Jv>G!DC;SYT`YWj+Pwcxc*TI7B_zh;U1ZqEa&D>9 zJqZ(&z2kGlRI;jSNCn$ z%v@7h80(YX)JK=8;~v zw-DTFu7QaI0zDUmTH$3)vuv6UxMi3c>3>2~WtTU@a5=oGKebx?mSj9}>(mX?T^1|* zL^{%|f-i{YjH1$>#;00~cM<2fLs7b@H&}~Lb?e`q7qOq_$;3(rnzMG>&To`fwKTTC z^$HwHH@(Wzg;h-r2g;|eJbIy@B5hq&VzO?4juR5R{p2F;@aGoo^IH21W0@?tzcW4u_Z2#)fk*Cz4mjiW3`8T0=xQTOi(Z$P^X7`N6`%9280g4isg2GTQD*4H*o$bp zyltCYry-Bv?N+h%v^)PK>%Dhzl4$J{jJKIPBrvf%Lp=YvX;Mtvvi*!DUovgZPPtc5 zM*Q48;$`P5dE4(U8@}R#P&WHZL!+&9<15nR(QV69PdAlB1PJXZ7nG)zJC)grd6=m@ z2!WVghpX{-zil(sPe(Ali!w0_^QhT6ef1&TQ+>6+FNdo@sy^!6T?t9P3@?BFBR9A} z^3A*wTmLIq&h>AX!l5(uViNhn%3z*k85PrA?nj#4-d|;S;d_>_J4xN%tot=j)t`Jf z(Jhe))3)<+Jq+0)k>d!e%_WaDY^f#CYlaUfs#hn7CC3f&jkL!OdX7Envh*KblBz0s z8d~n-mXfIHTNoB1gWb2%OZ-y0GW43SEmz-pb4{aixo_jZ{+^QNbQyn<80z?uhNm8d zs7bn1bww1EMewaDv$-S}&jRMys!EmrBER?5^g2K_zr~VpwYWdt_+|ilVSnox7?&Y; z!JMPCf7fDU%JcgA;d!YYUzWZr*q4^rh`}lQ_2+gF2sAA<^%3*T_UK@2w79ON6Z6}Z zgrFcL)+cJP-oaQ=w33q1^1JcW@ErQuMYHT)_w5JCWrbPTLpGmB-Bw8XBK)^+^bCyw zr(e`PKA9gK+`GEI!57`@;CD|uF_9J~%DBIo5IomhvG{S~z&D1?sA-Z*egC*QZff1n zcdb6y>vOeh#1-z;YI{@6{8KwIu@T>`CSX6~jl~_~A45M>-|Du(=aeBiOr4%&B%%C6 z!!dpH@SV^6;7QRiCtpVo+mO<=&T;=@PRDaxB)nw3UoUB{bIv$ANlQ04QsU0dE&k`s&`Wut4(}A zHkrjQa;`{AGkajjKF}0v?I#N+@N2XzZxAmvkqMp0nQ0EhYjKk1SHDCP#l;!GvrIcf+LmTc< zKvDnX&Wn5(jlPWnBEzVZ_CWMOTux6l?nrtkFH-L}x#Fknmc zMCXUpL+LAN%4$Kg6FE5(?)24TvU=Ye^lyrp+4s{9+Lgt>c=4EDS+0h_*08uu&Bk`< zx<~1nZp+z5Srvdo%NQ?SaGc-3vJ@|4q*9){1ydu1m>LOd~t$4)YeRt`N5MAr@oKJ`7(qYAQel4PW5y`^2`1)2*YB$JEVD$04bAYF%c2EtF^OkY z-lb(@?2>NmrO~8G;-{oHpA_wt9BK@W2U407UW>o)@^G0X;~^X{87@n$bVMjiXr=t zf>*%}5ZSBWXerXIg&qOfW`4;3lD7F>p32%s*WYqV(lGW}eat~m0jsDMVxF8Rj+Fbi z`c+Vz-T7bdtJg{4r}s@{mvn6z!VF`jNwiO>KgCHsItfjPZ4B^h2;n-bx;47XyL|fH hczpkVy7lw)-0`;Ui@PhQbZ37zt14 + + + + + + + + + + + HPE Cray EX System Admin Toolkit (SAT) Guide :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+ +
+ +
+ + + + + + navigation + + + +

HPE Cray EX System Admin Toolkit (SAT) Guide

+

Introduction to SAT

+ +

SAT Installation

+

Install SAT

+ +

SAT Setup

+ +

SAT Post-Upgrade

+ +

SAT Uninstall and Downgrade

+ +

SAT Dashboards

+ +

SAT Usage

+ +

SAT Release Notes

+ + + + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-22/index.json b/en-22/index.json new file mode 100644 index 0000000000..9776932efe --- /dev/null +++ b/en-22/index.json @@ -0,0 +1,71 @@ +[ +{ + "uri": "/docs-sat/en-22/", + "title": "HPE Cray EX System Admin Toolkit (SAT) Guide", + "tags": [], + "description": "", + "content": "HPE Cray EX System Admin Toolkit (SAT) Guide Introduction to SAT About System Admin Toolkit (SAT) System Admin Toolkit Command Overview Command Prompt Conventions in SAT SAT Dependencies SAT Installation Install SAT Install the System Admin Toolkit Product Stream Perform NCN Personalization SAT Setup SAT Authentication Generate SAT S3 Credentials Run sat setrev to Set System Information SAT Post-Upgrade Remove obsolete configuration file sections SAT Logging SAT Uninstall and Downgrade Uninstall: Removing a Version of SAT Activate: Switching Between Versions SAT Dashboards SAT Kibana Dashboards SAT Grafana Dashboards SAT Usage SAT Bootprep SAT Release Notes Summary of changes in SAT 2.2 Summary of SAT changes in Shasta v1.5 Summary of SAT Changes in Shasta v1.4.1 Summary of SAT Changes in Shasta v1.4 Summary of SAT Changes in Shasta v1.3.2 Summary of SAT Changes in Shasta v1.3 " +}, +{ + "uri": "/docs-sat/en-22/dashboards/", + "title": "SAT Dashboards", + "tags": [], + "description": "", + "content": "SAT Dashboards SAT Kibana Dashboards SAT Grafana Dashboards " +}, +{ + "uri": "/docs-sat/en-22/install/", + "title": "SAT Installation", + "tags": [], + "description": "", + "content": "SAT Installation Install the System Admin Toolkit Product Stream Describes how to install the System Admin Toolkit (SAT) product stream.\nPrerequisites CSM is installed and verified. cray-product-catalog is running. There must be at least 2 gigabytes of free space on the manager NCN on which the procedure is run. Notes on the Procedures Ellipses (...) in shell output indicate omitted lines. In the examples below, replace 2.2.x with the version of the SAT product stream being installed. \u0026lsquo;manager\u0026rsquo; and \u0026lsquo;master\u0026rsquo; are used interchangeably in the steps below. To upgrade SAT, execute the pre-installation, installation, and post-installation procedures for a newer distribution. The newly installed version will become the default. Pre-Installation Procedure Start a typescript.\nThe typescript will record the commands and the output from this installation.\nncn-m001# script -af product-sat.$(date +%Y-%m-%d).txt ncn-m001# export PS1=\u0026#39;\\u@\\H \\D{%Y-%m-%d} \\t \\w # \u0026#39; Installation Procedure Copy the release distribution gzipped tar file to ncn-m001.\nUnzip and extract the release distribution, 2.2.x.\nncn-m001# tar -xvzf sat-2.2.x.tar.gz Change directory to the extracted release distribution directory.\nncn-m001# cd sat-2.2.x Run the installer: install.sh.\nThe script produces a lot of output. A successful install ends with \u0026ldquo;SAT version 2.2.x has been installed\u0026rdquo;.\nncn-m001# ./install.sh ... ====\u0026gt; Updating active CFS configurations ... ====\u0026gt; SAT version 2.2.x has been installed. Upgrade only: Record the names of the CFS configuration or configurations modified by install.sh.\nThe install.sh script attempts to modify any CFS configurations that apply to the master management NCNs. During an upgrade, install.sh will log messages indicating the CFS configuration or configurations that were modified. For example, if there are three master nodes all using the same CFS configuration named \u0026ldquo;ncn-personalization\u0026rdquo;, the output would look like this:\n====\u0026gt; Updating active CFS configurations INFO: Querying CFS configurations for the following NCNs: x3000c0s1b0n0, x3000c0s3b0n0, x3000c0s5b0n0 INFO: Found configuration \u0026#34;ncn-personalization\u0026#34; for component x3000c0s1b0n0 INFO: Found configuration \u0026#34;ncn-personalization\u0026#34; for component x3000c0s3b0n0 INFO: Found configuration \u0026#34;ncn-personalization\u0026#34; for component x3000c0s5b0n0 INFO: Updating CFS configuration \u0026#34;ncn-personalization\u0026#34; INFO: Updating existing layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml in configuration \u0026#34;ncn-personalization\u0026#34;. INFO: Key \u0026#34;name\u0026#34; in layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml updated from sat-ncn to sat-2.2.16 INFO: Successfully updated layers in configuration \u0026#34;ncn-personalization\u0026#34; Save the name of each CFS configuration updated by the installer. In the previous example, a single configuration named \u0026ldquo;ncn-personalization\u0026rdquo; was updated, so that name is saved to a temporary file.\nncn-m001# echo ncn-personalization \u0026gt;\u0026gt; /tmp/sat-ncn-cfs-configurations.txt Repeat the previous command for each CFS configuration that was updated.\nUpgrade only: Save the new name of the SAT CFS configuration layer.\nIn the example install.sh output above, the new layer name is sat-2.2.16. Save this value to a file to be used later.\nncn-m001# echo sat-2.2.16 \u0026gt; /tmp/sat-layer-name.txt Fresh install only: Save the CFS configuration layer for SAT to a file for later use.\nThe install.sh script attempts to modify any CFS configurations that apply to the master management NCNs. During a fresh install, no such CFS configurations will be found, and it will instead log the SAT configuration layer that must be added to the CFS configuration that will be created. Here is an example of the output in that case:\n====\u0026gt; Updating active CFS configurations INFO: Querying CFS configurations for the following NCNs: x3000c0s1b0n0, x3000c0s3b0n0, x3000c0s5b0n0 WARNING: No CFS configurations found that apply to components with role Management and subrole Master. INFO: The following sat layer should be used in the CFS configuration that will be applied to NCNs with role Management and subrole Master. { \u0026#34;name\u0026#34;: \u0026#34;sat-2.2.15\u0026#34;, \u0026#34;commit\u0026#34;: \u0026#34;9a74b8f5ba499af6fbcecfd2518a40e081312933\u0026#34;, \u0026#34;cloneUrl\u0026#34;: \u0026#34;https://api-gw-service-nmn.local/vcs/cray/sat-config-management.git\u0026#34;, \u0026#34;playbook\u0026#34;: \u0026#34;sat-ncn.yml\u0026#34; } Save the JSON output to a file for later use. For example:\nncn-m001# cat \u0026gt; /tmp/sat-layer.json \u0026lt;\u0026lt;EOF \u0026gt; { \u0026gt; \u0026#34;name\u0026#34;: \u0026#34;sat-2.2.15\u0026#34;, \u0026gt; \u0026#34;commit\u0026#34;: \u0026#34;9a74b8f5ba499af6fbcecfd2518a40e081312933\u0026#34;, \u0026gt; \u0026#34;cloneUrl\u0026#34;: \u0026#34;https://api-gw-service-nmn.local/vcs/cray/sat-config-management.git\u0026#34;, \u0026gt; \u0026#34;playbook\u0026#34;: \u0026#34;sat-ncn.yml\u0026#34; \u0026gt; } \u0026gt; EOF Do not copy the previous command verbatim. Use the JSON output from the install.sh script.\nPost-Installation Procedure Optional: Remove the SAT release distribution tar file and extracted directory.\nncn-m001# rm sat-2.2.x.tar.gz ncn-m001# rm -rf sat-2.2.x/ Upgrade only: Ensure that the environment variable SAT_TAG is not set in the ~/.bashrc file on any of the management NCNs.\nNOTE: This step should only be required when updating from Shasta 1.4.1 or Shasta 1.4.2.\nThe following example assumes three manager NCNs: ncn-m001, ncn-m002, and ncn-m003, and shows output from a system in which no further action is needed.\nncn-m001# pdsh -w ncn-m00[1-3] cat ~/.bashrc ncn-m001: source \u0026lt;(kubectl completion bash) ncn-m003: source \u0026lt;(kubectl completion bash) ncn-m002: source \u0026lt;(kubectl completion bash) The following example shows that SAT_TAG is set in ~/.bashrc on ncn-m002. Remove that line from the ~/.bashrc file on ncn-m002.\nncn-m001# pdsh -w ncn-m00[1-3] cat ~/.bashrc ncn-m001: source \u0026lt;(kubectl completion bash) ncn-m002: source \u0026lt;(kubectl completion bash) ncn-m002: export SAT_TAG=3.5.0 ncn-m003: source \u0026lt;(kubectl completion bash) Stop the typescript.\nNOTE: This step can be skipped if you wish to use the same typescript for the remainder of the SAT install. See Next Steps.\nncn-m001# exit SAT version 2.2.x is now installed/upgraded, meaning the SAT 2.2.x release has been loaded into the system software repository.\nSAT configuration content for this release has been uploaded to VCS. SAT content for this release has been uploaded to the CSM product catalog. SAT content for this release has been uploaded to Nexus repositories. The sat command won\u0026rsquo;t be available until the NCN Personalization procedure has been executed. Next Steps If other HPE Cray EX software products are being installed or upgraded in conjunction with SAT, refer to the HPE Cray EX System Software Getting Started Guide to determine which step to execute next.\nIf no other HPE Cray EX software products are being installed or upgraded at this time, proceed to the sections listed below.\nNOTE: The NCN Personalization procedure is required when upgrading SAT. The setup procedures in SAT Setup, however, are not required when upgrading SAT. They should have been executed during the first installation of SAT.\nExecute the NCN Personalization procedure:\nPerform NCN Personalization If performing a fresh install, execute the SAT Setup procedures:\nSAT Authentication Generate SAT S3 Credentials Run Sat Setrev to Set System Information If performing an upgrade, execute the upgrade procedures:\nRemove obsolete configuration file sections SAT Logging Perform NCN Personalization Describes how to perform NCN personalization using CFS. This personalization process will configure the System Admin Toolkit (SAT) product stream.\nPrerequisites The Install the System Admin Toolkit Product Stream procedure has been successfully completed. If upgrading, the names of the CFS configurations updated during installation were saved to the file /tmp/sat-ncn-cfs-configurations.txt. If upgrading, the name of the new SAT CFS configuration layer was saved to the file /tmp/sat-layer-name.txt. If performing a fresh install, the SAT CFS configuration layer was saved to the file /tmp/sat-layer.json. Notes on the Procedure Ellipses (...) in shell output indicate omitted lines. In the examples below, replace 2.2.x with the version of the SAT product stream being installed. \u0026lsquo;manager\u0026rsquo; and \u0026lsquo;master\u0026rsquo; are used interchangeably in the steps below. If upgrading SAT, the existing configuration will likely include other Cray EX product entries. Update the SAT entry as described in this procedure. The HPE Cray EX System Software Getting Started Guide provides guidance on how and when to update the entries for the other products. Procedure Start a typescript if not already using one.\nThe typescript will capture the commands and the output from this installation procedure.\nncn-m001# script -af product-sat.$(date +%Y-%m-%d).txt ncn-m001# export PS1=\u0026#39;\\u@\\H \\D{%Y-%m-%d} \\t \\w # \u0026#39; Fresh install only: Add the SAT layer to the NCN personalization JSON file.\nIf the SAT install script, install.sh, did not identify and modify the CFS configurations that apply to each master management NCN, it will have printed the SAT CFS configuration layer in JSON format. This layer must be added to the JSON file being used to construct the CFS configuration. For example, if the file being used is named ncn-personalization.json, and the SAT layer was saved to the file /tmp/sat-layer.json as described in the install instructions, the following jq command will append the SAT layer and save the result in a new file named ncn-personalization.json.\nncn-m001# jq -s \u0026#39;{layers: (.[0].layers + [.[1]])}\u0026#39; ncn-personalization.json \\ /tmp/sat-layer.json \u0026gt; ncn-personalization.new.json For instructions on how to create a CFS configuration from the previous file and how to apply it to the management NCNs, refer to \u0026ldquo;Perform NCN Personalization\u0026rdquo; in the HPE Cray System Management Documentation. After the CFS configuration has been created and applied, return to this procedure.\nUpgrade only: Invoke each CFS configuration that was updated during the upgrade.\nIf the SAT install script, install.sh, identified CFS configurations that apply to the master management NCNs and modified them in place, invoke each CFS configuration that was created or updated during installation.\nThis step will create a CFS session for each given configuration and install SAT on the associated manager NCNs.\nThe --configuration-limit option limits the configuration session to run only the SAT layer of the configuration.\nYou should see a representation of the CFS session in the output.\nncn-m001# for cfs_configuration in $(cat /tmp/sat-ncn-cfs-configurations.txt); do cray cfs sessions create --name \u0026#34;sat-session-${cfs_configuration}\u0026#34; --configuration-name \\ \u0026#34;${cfs_configuration}\u0026#34; --configuration-limit $(cat /tmp/sat-layer-name.txt); done name=\u0026#34;sat-session-ncn-personalization\u0026#34; [ansible] ... Upgrade only: Monitor the progress of each CFS session.\nThis step assumes a single session named sat-session-ncn-personalization was created in the previous step.\nFirst, list all containers associated with the CFS session:\nncn-m001# kubectl get pod -n services --selector=cfsession=sat-session-ncn-personalization \\ -o json | jq \u0026#39;.items[0].spec.containers[] | .name\u0026#39; \u0026#34;inventory\u0026#34; \u0026#34;ansible-1\u0026#34; \u0026#34;istio-proxy\u0026#34; Next, get the logs for the ansible-1 container.\nNOTE: the trailing digit might differ from \u0026ldquo;1\u0026rdquo;. It is the zero-based index of the sat-ncn layer within the configuration\u0026rsquo;s layers.\nncn-m001# kubectl logs -c ansible-1 --tail 100 -f -n services \\ --selector=cfsession=sat-session-ncn-personalization Ansible plays, which are run by the CFS session, will install SAT on all the manager NCNs on the system. Successful results for all of the manager NCN xnames can be found at the end of the container log. For example:\n... PLAY RECAP ********************************************************************* x3000c0s1b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 x3000c0s3b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 x3000c0s5b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Execute this step for each unique CFS configuration.\nNOTE: Ensure that the PLAY RECAPs for each session show successes for all manager NCNs before proceeding.\nVerify that SAT was successfully configured.\nIf sat is configured, the --version command will indicate which version is installed. If sat is not properly configured, the command will fail.\nNOTE: This version number will differ from the version number of the SAT release distribution. This is the semantic version of the sat Python package, which is different from the version number of the overall SAT release distribution.\nncn-m001# sat --version sat 3.7.0 NOTE: Upon first running sat, you may see additional output while the sat container image is downloaded. This will occur the first time sat is run on each manager NCN. For example, if you run sat for the first time on ncn-m001 and then for the first time on ncn-m002, you will see this additional output both times.\nTrying to pull registry.local/cray/cray-sat:3.7.0-20210514024359_9fed037... Getting image source signatures Copying blob da64e8df3afc done Copying blob 0f36fd81d583 done Copying blob 12527cf455ba done ... sat 3.7.0 Stop the typescript.\nncn-m001# exit SAT version 2.2.x is now configured:\nThe SAT RPM package is installed on the associated NCNs. Next Steps If other HPE Cray EX software products are being installed or upgraded in conjunction with SAT, refer to the HPE Cray EX System Software Getting Started Guide to determine which step to execute next.\nIf no other HPE Cray EX software products are being installed or upgraded at this time, proceed to the remaining SAT Setup or SAT Post-Upgrade procedures.\nIf performing a fresh install, execute the SAT Setup procedures:\nSAT Authentication Generate SAT S3 Credentials Run Sat Setrev to Set System Information If performing an upgrade, execute the SAT Post-Upgrade procedures:\nRemove obsolete configuration file sections SAT Logging SAT Authentication Initially, as part of the installation and configuration, SAT authentication is set up so sat commands can be used in later steps of the install process. The admin account used to authenticate with sat auth must be enabled in Keycloak and must have its assigned role set to admin. For instructions on editing Role Mappings see Create Internal User Accounts in the Keycloak Shasta Realm in the CSM product documentation. For additional information on SAT authentication, see System Security and Authentication in the CSM documentation.\nNOTE: This procedure is only required after initially installing SAT. It is not required after upgrading SAT.\nDescription of SAT Command Authentication Types Some SAT subcommands make requests to the Shasta services through the API gateway and thus require authentication to the API gateway in order to function. Other SAT subcommands use the Kubernetes API. Some sat commands require S3 to be configured (see: Generate SAT S3 Credentials). In order to use the SAT S3 bucket, the System Administrator must generate the S3 access key and secret keys and write them to a local file. This must be done on every Kubernetes manager node where SAT commands are run.\nBelow is a table describing SAT commands and the types of authentication they require.\nSAT Subcommand Authentication/Credentials Required Man Page Description sat auth Responsible for authenticating to the API gateway and storing a token. sat-auth Authenticate to the API gateway and save the token. sat bmccreds Requires authentication to the API gateway. sat-bmccreds Set BMC passwords. sat bootprep Requires authentication to the API gateway. Requires kubernetes configuration and authentication, which is done on ncn-m001 during the install. sat-bootprep Prepare to boot nodes with images and configurations. sat bootsys Requires authentication to the API gateway. Requires kubernetes configuration and authentication, which is configured on ncn-m001 during the install. Some stages require passwordless SSH to be configured to all other NCNs. Requires S3 to be configured for some stages. sat-bootsys Boot or shutdown the system, including compute nodes, application nodes, and non-compute nodes (NCNs) running the management software. sat diag Requires authentication to the API gateway. sat-diag Launch diagnostics on the HSN switches and generate a report. sat firmware Requires authentication to the API gateway. sat-firmware Report firmware version. sat hwhist Requires authentication to the API gateway. sat-hwhist Report hardware component history. sat hwinv Requires authentication to the API gateway. sat-hwinv Give a listing of the hardware of the HPE Cray EX system. sat hwmatch Requires authentication to the API gateway. sat-hwmatch Report hardware mismatches. sat init None sat-init Create a default SAT configuration file. sat k8s Requires kubernetes configuration and authentication, which is automatically configured on ncn-w001 during the install. sat-k8s Report on kubernetes replicasets that have co-located replicas (i.e. replicas on the same node). sat linkhealth This command has been deprecated. sat nid2xname Requires authentication to the API gateway. sat-nid2xname Translate node IDs to node xnames. sat sensors Requires authentication to the API gateway. sat-sensors Report current sensor data. sat setrev Requires S3 to be configured for site information such as system name, serial number, install date, and site name. sat-setrev Set HPE Cray EX system revision information. sat showrev Requires API gateway authentication in order to query the Interconnect from HSM. Requires S3 to be configured for site information such as system name, serial number, install date, and site name. sat-showrev Print revision information for the HPE Cray EX system. sat slscheck Requires authentication to the API gateway. sat-slscheck Perform a cross-check between SLS and HSM. sat status Requires authentication to the API gateway. sat-status Report node status across the HPE Cray EX system. sat swap Requires authentication to the API gateway. sat-swap Prepare HSN switch or cable for replacement and bring HSN switch or cable into service. sat xname2nid Requires authentication to the API gateway. sat-xname2nid Translate node and node BMC xnames to node IDs. sat switch This command has been deprecated. It has been replaced by sat swap. In order to authenticate to the API gateway, you must run the sat auth command. This command will prompt for a password on the command line. The username value is obtained from the following locations, in order of higher precedence to lower precedence:\nThe --username global command-line option. The username option in the api_gateway section of the config file at ~/.config/sat/sat.toml. The name of currently logged in user running the sat command. If credentials are entered correctly when prompted by sat auth, a token file will be obtained and saved to ~/.config/sat/tokens. Subsequent sat commands will determine the username the same way as sat auth described above, and will use the token for that username if it has been obtained and saved by sat auth.\nPrerequisites The sat CLI has been installed following Install The System Admin Toolkit Product Stream. Procedure The following is the procedure to globally configure the username used by SAT and authenticate to the API gateway:\nGenerate a default SAT configuration file, if one does not exist.\nncn-m001# sat init Configuration file \u0026#34;/root/.config/sat/sat.toml\u0026#34; generated. Note: If the config file already exists, it will print out an error:\nERROR: Configuration file \u0026#34;/root/.config/sat/sat.toml\u0026#34; already exists. Not generating configuration file. Edit ~/.config/sat/sat.toml and set the username option in the api_gateway section of the config file. E.g.:\nusername = \u0026#34;crayadmin\u0026#34; Run sat auth. Enter your password when prompted. E.g.:\nncn-m001# sat auth Password for crayadmin: Succeeded! Other sat commands are now authenticated to make requests to the API gateway. E.g.:\nncn-m001# sat status Generate SAT S3 Credentials Generate S3 credentials and write them to a local file so the SAT user can access S3 storage. In order to use the SAT S3 bucket, the System Administrator must generate the S3 access key and secret keys and write them to a local file. This must be done on every Kubernetes master node where SAT commands are run.\nSAT uses S3 storage for several purposes, most importantly to store the site-specific information set with sat setrev (see: Run Sat Setrev to Set System Information).\nNOTE: This procedure is only required after initially installing SAT. It is not required after upgrading SAT.\nPrerequisites The SAT CLI has been installed following Install The System Admin Toolkit Product Stream The SAT configuration file has been created (See SAT Authentication). CSM has been installed and verified. Procedure Ensure the files are readable only by root.\nncn-m001# touch /root/.config/sat/s3_access_key \\ /root/.config/sat/s3_secret_key ncn-m001# chmod 600 /root/.config/sat/s3_access_key \\ /root/.config/sat/s3_secret_key Write the credentials to local files using kubectl.\nncn-m001# kubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.access_key}\u0026#39; | base64 -d \u0026gt; \\ /root/.config/sat/s3_access_key ncn-m001# kubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.secret_key}\u0026#39; | base64 -d \u0026gt; \\ /root/.config/sat/s3_secret_key Verify the S3 endpoint specified in the SAT configuration file is correct.\nGet the SAT configuration file\u0026rsquo;s endpoint value.\nNOTE: If the command\u0026rsquo;s output is commented out, indicated by an initial # character, the SAT configuration will take the default value – \u0026quot;https://rgw-vip.nmn\u0026quot;.\nncn-m001# grep endpoint ~/.config/sat/sat.toml # endpoint = \u0026#34;https://rgw-vip.nmn\u0026#34; Get the sat-s3-credentials secret\u0026rsquo;s endpoint value.\nncn-m001# kubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.s3_endpoint}\u0026#39; | base64 -d | xargs https://rgw-vip.nmn Compare the two endpoint values.\nIf the values differ, change the SAT configuration file\u0026rsquo;s endpoint value to match the secret\u0026rsquo;s.\nCopy SAT configurations to each manager node on the system.\nncn-m001# for i in ncn-m002 ncn-m003; do echo $i; ssh ${i} \\ mkdir -p /root/.config/sat; \\ scp -pr /root/.config/sat ${i}:/root/.config; done NOTE: Depending on how many manager nodes are on the system, the list of manager nodes may be different. This example assumes three manager nodes, where the configuration files must be copied from ncn-m001 to ncn-m002 and ncn-m003. Therefore, the list of hosts above is ncn-m002 and ncn-m003.\nRun sat setrev to Set System Information NOTE: This procedure is only required after initially installing SAT. It is not required after upgrading SAT.\nPrerequisites S3 credentials have been generated. See Generate SAT S3 Credentials. SAT authentication has been set up. See SAT Authentication. Procedure Run sat setrev to set System Revision Information. Follow the on-screen prompts to set the following site-specific values:\nSerial number System name System type System description Product number Company name Site name Country code System install date TIP: For \u0026ldquo;System type\u0026rdquo;, a system with any liquid-cooled components should be considered a liquid-cooled system. I.e., \u0026ldquo;System type\u0026rdquo; is EX-1C.\nncn-m001# sat setrev -------------------------------------------------------------------------------- Setting: Serial number Purpose: System identification. This will affect how snapshots are identified in the HPE backend services. Description: This is the top-level serial number which uniquely identifies the system. It can be requested from an HPE representative. Valid values: Alpha-numeric string, 4 - 20 characters. Type: \u0026lt;class \u0026#39;str\u0026#39;\u0026gt; Default: None Current value: None -------------------------------------------------------------------------------- Please do one of the following to set the value of the above setting: - Input a new value - Press CTRL-C to exit ... Run sat showrev to verify System Revision Information. The following tables contain example information.\nncn-m001# sat showrev ################################################################################ System Revision Information ################################################################################ +---------------------+---------------+ | component | data | +---------------------+---------------+ | Company name | HPE | | Country code | US | | Interconnect | Sling | | Product number | R4K98A | | Serial number | 12345 | | Site name | HPE | | Slurm version | slurm 20.02.5 | | System description | Test System | | System install date | 2021-01-29 | | System name | eniac | | System type | EX-1C | +---------------------+---------------+ ################################################################################ Product Revision Information ################################################################################ +--------------+-----------------+------------------------------+------------------------------+ | product_name | product_version | images | image_recipes | +--------------+-----------------+------------------------------+------------------------------+ | csm | 0.8.14 | cray-shasta-csm-sles15sp1... | cray-shasta-csm-sles15sp1... | | sat | 2.0.1 | - | - | | sdu | 1.0.8 | - | - | | slingshot | 0.8.0 | - | - | | sma | 1.4.12 | - | - | +--------------+-----------------+------------------------------+------------------------------+ ################################################################################ Local Host Operating System ################################################################################ +-----------+----------------------+ | component | version | +-----------+----------------------+ | Kernel | 5.3.18-24.15-default | | SLES | SLES 15-SP2 | +-----------+----------------------+ Remove obsolete configuration file sections Prerequisites The Install the System Admin Toolkit Product Stream procedure has been successfully completed. The Perform NCN Personalization procedure has been successfully completed. Procedure After upgrading SAT, if using the configuration file from a previous version, there may be configuration file sections no longer used in the new version. For example, when upgrading from Shasta 1.4 to Shasta 1.5, the [redfish] configuration file section is no longer used. In that case, the following warning may appear upon running sat commands.\nWARNING: Ignoring unknown section \u0026#39;redfish\u0026#39; in config file. Remove the [redfish] section from /root/.config/sat/sat.toml to resolve the warning.\n[redfish] username = \u0026#34;admin\u0026#34; password = \u0026#34;adminpass\u0026#34; Repeat this process for any configuration file sections for which there are \u0026ldquo;unknown section\u0026rdquo; warnings.\nSAT Logging As of SAT version 2.2, some command output that was previously printed to stdout is now logged to stderr. These messages are logged at the INFO level. The default logging threshold was changed from WARNING to INFO to accomodate this logging change. Additionally, some messages previously logged at the INFO are now logged at the DEBUG level.\nThese changes take effect automatically. However, if the default output threshold has been manually set in ~/.config/sat/sat.toml, it should be changed to ensure that important output is shown in the terminal.\nUpdate Configuration In the following example, the stderr log level, logging.stderr_level, is set to WARNING, which will exclude INFO-level logging from terminal output.\nncn-m001:~ # grep -A 3 logging ~/.config/sat/sat.toml [logging] ... stderr_level = \u0026#34;WARNING\u0026#34; To enable the new default behavior, comment this line out, delete it, or set the value to \u0026ldquo;INFO\u0026rdquo;.\nIf logging.stderr_level is commented out, its value will not affect logging behavior. However, it may be helpful set its value to INFO as a reminder of the new default behavior.\nAffected Commands The following commands trigger messages that have been changed from stdout print calls to INFO-level (or WARNING- or ERROR-level) log messages:\nsat bootsys --stage shutdown --stage session-checks sat sensors The following commands trigger messages that have been changed from INFO-level log messages to DEBUG-level log messages:\nsat nid2xname sat xname2nid sat swap Uninstall: Removing a Version of SAT Prerequisites Only versions 2.2 or newer of SAT can be uninstalled with prodmgr. Older versions must be uninstalled manually. CSM version 1.2 or newer must be installed, so that the prodmgr command is available. Procedure Use sat showrev to list versions of SAT.\nNOTE: It is not recommended to uninstall a version designated as \u0026ldquo;active\u0026rdquo;. If the active version is uninstalled, then the activate procedure must be executed on a remaining version.\nncn-m001# sat showrev --products --filter product_name=sat ############################################################################### Product Revision Information ############################################################################### +--------------+-----------------+--------+-------------------+-----------------------+ | product_name | product_version | active | images | image_recipes | +--------------+-----------------+--------+-------------------+-----------------------+ | sat | 2.3.3 | True | - | - | | sat | 2.2.10 | False | - | - | +--------------+-----------------+--------+-------------------+-----------------------+ Use prodmgr to uninstall a version of SAT.\nThis command will do three things:\nRemove all hosted-type package repositories associated with the given version of SAT. Group-type repositories are not removed. Remove all container images associated with the given version of SAT. Remove SAT from the cray-product-catalog Kubernetes ConfigMap, so that it will no longer show up in the output of sat showrev. ncn-m001# prodmgr uninstall sat 2.2.10 Repository sat-2.2.10-sle-15sp2 has been removed. Removed Docker image cray/cray-sat:3.9.0 Removed Docker image cray/sat-cfs-install:1.0.2 Removed Docker image cray/sat-install-utility:1.4.0 Deleted sat-2.2.10 from product catalog. Activate: Switching Between Versions This procedure can be used to downgrade the active version of SAT.\nPrerequisites Only versions 2.2 or newer of SAT can be activated. Older versions must be activated manually. CSM version 1.2 or newer must be installed, so that the prodmgr command is available. Procedure Use sat showrev to list versions of SAT.\nncn-m001# sat showrev --products --filter product_name=sat ############################################################################### Product Revision Information ############################################################################### +--------------+-----------------+--------+--------------------+-----------------------+ | product_name | product_version | active | images | image_recipes | +--------------+-----------------+--------+--------------------+-----------------------+ | sat | 2.3.3 | True | - | - | | sat | 2.2.10 | False | - | - | +--------------+-----------------+--------+--------------------+-----------------------+ Use prodmgr to activate a different version of SAT.\nThis command will do three things:\nFor all hosted-type package repositories associated with this version of SAT, set them as the sole member of their corresponding group-type repository. For example, activating SAT version 2.2.10 sets the repository sat-2.2.10-sle-15sp2 as the only member of the sat-sle-15sp2 group. Set the version 2.2.10 as active within the product catalog, so that it appears active in the output of sat showrev. Ensure that the SAT CFS configuration content exists as a layer in all CFS configurations that are associated with NCNs with the role \u0026ldquo;Management\u0026rdquo; and subrole \u0026ldquo;Master\u0026rdquo; (for example, the CFS configuration ncn-personalization). Specifically, it will ensure that the layer refers to the version of SAT CFS configuration content associated with the version of SAT being activated. ncn-m001# prodmgr activate sat 2.2.10 Repository sat-2.2.10-sle-15sp2 is now the default in sat-sle-15sp2. Set sat-2.2.10 as active in product catalog. Updated CFS configurations: [ncn-personalization] Verify that the chosen version is marked as active.\nncn-m001# sat showrev --products --filter product_name=sat ############################################################################### Product Revision Information ############################################################################### +--------------+-----------------+--------+--------------------+-----------------------+ | product_name | product_version | active | images | image_recipes | +--------------+-----------------+--------+--------------------+-----------------------+ | sat | 2.3.3 | False | - | - | | sat | 2.2.10 | True | - | - | +--------------+-----------------+--------+--------------------+-----------------------+ Run NCN Personalization.\nAt this point, the command has modified Nexus package repositories to set a particular package repository as active, but no packages on the NCNs have been changed. In order to complete the activation process, NCN Personalization must be executed to change the cray-sat-podman package version on the manager NCNs.\nNOTE: Refer to the command output from step 2 for the names of all CFS configurations that were updated, which may not necessarily be just ncn-personalization. If multiple configurations were updated in step 2, then a cray cfs sessions create command should be run for each of them. This example assumes a single configuration named ncn-personalization was updated. If multiple were updated, set cfs_configurations to a space-separated list below.\nncn-m001# cfs_configurations=\u0026#34;ncn-personalization\u0026#34; ncn-m001# for cfs_configuration in ${cfs_configurations} do cray cfs sessions create --name \u0026#34;sat-session-${cfs_configuration}\u0026#34; --configuration-name \\ \u0026#34;${cfs_configuration}\u0026#34; --configuration-limit sat-ncn; done Monitor the progress of each CFS session.\nThis step assumes a single session named sat-session-ncn-personalization was created in the previous step.\nFirst, list all containers associated with the CFS session:\nncn-m001# kubectl get pod -n services --selector=cfsession=sat-session-ncn-personalization \\ -o json | jq \u0026#39;.items[0].spec.containers[] | .name\u0026#39; \u0026#34;inventory\u0026#34; \u0026#34;ansible-1\u0026#34; \u0026#34;istio-proxy\u0026#34; Next, get the logs for the ansible-1 container.\nNOTE: the trailing digit might differ from \u0026ldquo;1\u0026rdquo;. It is the zero-based index of the sat-ncn layer within the configuration\u0026rsquo;s layers.\nncn-m001# kubectl logs -c ansible-1 --tail 100 -f -n services \\ --selector=cfsession=sat-session-ncn-personalization Ansible plays, which are run by the CFS session, will install SAT on all the manager NCNs on the system. Successful results for all of the manager NCN xnames can be found at the end of the container log. For example:\n... PLAY RECAP ********************************************************************* x3000c0s1b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 x3000c0s3b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 x3000c0s5b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Execute this step for each unique CFS configuration.\nNOTE: Ensure that the PLAY RECAPs for each session show successes for all manager NCNs before proceeding.\nVerify the new version of the SAT CLI.\nNOTE: This version number will differ from the version number of the SAT release distribution. This is the semantic version of the SAT Python package, which is different from the version number of the overall SAT release distribution.\nncn-m001# sat --version 3.9.0 " +}, +{ + "uri": "/docs-sat/en-22/introduction/", + "title": "Introduction to SAT", + "tags": [], + "description": "", + "content": "Introduction to SAT About System Admin Toolkit (SAT) The System Admin Toolkit (SAT) is designed to assist administrators with common tasks, such as troubleshooting and querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components.\nSAT offers a command line utility which uses subcommands. There are similarities between SAT commands and xt commands used on the Cray XC platform. For more information on SAT commands, see System Admin Toolkit Command Overview.\nSix Kibana Dashboards are included with SAT. They provide organized output for system health information.\nAER Kibana Dashboard ATOM Kibana Dashboard Heartbeat Kibana Dashboard Kernel Kibana Dashboard MCE Kibana Dashboard Rasdaemon Kibana Dashboard Four Grafana Dashboards are included with SAT. They display messages that are generated by the HSN (High Speed Network) and are reported through Redfish.\nGrafana Fabric Congestion Dashboard Grafana Fabric Errors Dashboard Grafana Fabric Port State Dashboard Grafana Fabric RFC3635 Dashboard SAT is installed as a separate product as part of the HPE Cray EX System base installation.\nSystem Admin Toolkit Command Overview Describes the SAT Command Line Utility, lists the key commands found in the System Admin Toolkit man pages, and provides instruction on the SAT Container Environment.\nSAT Command Line Utility The primary component of the System Admin Toolkit (SAT) is a command-line utility run from Kubernetes manager nodes (ncn-m nodes).\nIt is designed to assist administrators with common tasks, such as troubleshooting and querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components. There are similarities between SAT commands and xt commands used on the Cray XC platform.\nSAT Commands The top-level SAT man page describes the toolkit, documents the global options affecting all subcommands, documents configuration file options, and references the man page for each subcommand. SAT consists of many subcommands that each have their own set of options.\nSAT Container Environment The sat command-line utility runs in a container using podman, a daemonless container runtime. SAT runs on Kubernetes manager nodes. A few important points about the SAT container environment include the following:\nUsing either sat or sat bash always launches a container. The SAT container does not have access to the NCN file system. There are two ways to run sat.\nInteractive: Launching a container using sat bash, followed by a sat command. Non-interactive: Running a sat command directly on a Kubernetes manager node. In both of these cases, a container is launched in the background to execute the command. The first option, running sat bash first, gives an interactive shell, at which point sat commands can be run. In the second option, the container is launched, executes the command, and upon the command\u0026rsquo;s completion the container exits. The following two examples show the same action, checking the system status, using interactive and non-interactive modes.\nInteractive ncn-m001# sat bash (CONTAINER-ID)sat-container# sat status Non-interactive ncn-m001# sat status Interactive Advantages Running sat using the interactive command prompt gives the ability to read and write local files on ephemeral container storage. If multiple sat commands are being run in succession, then use sat bash to launch the container beforehand. This will save time because the container does not need to be launched for each sat command.\nNon-interactive Advantages The non-interactive mode is useful if calling sat with a script, or when running a single sat command as a part of several steps that need to be executed from a management NCN.\nMan Pages - Interactive and Non-interactive Modes To view a sat man page from a Kubernetes manager node, use sat-man on the manager node as shown in the following example.\nncn-m001# sat-man status A man page describing the SAT container environment is available on the Kubernetes manager nodes, which can be viewed either with man sat or man sat-podman from the manager node.\nncn-m001# man sat ncn-m001# man sat-podman Command Prompt Conventions in SAT The host name in a command prompt indicates where the command must be run. The account that must run the command is also indicated in the prompt.\nThe root or super-user account always has the # character at the end of the prompt and has the host name of the host in the prompt. Any non-root account is indicated with account@hostname\u0026gt;. A user account that is neither root nor crayadm is referred to as user. The command prompt inside the SAT container environment is indicated with the string as follows. It also has the \u0026ldquo;#\u0026rdquo; character at the end of the prompt. Command Prompt Meaning ncn-m001# Run on one of the Kubernetes Manager servers. (Non-interactive) (CONTAINER_ID) sat-container# Run the command inside the SAT container environment by first running sat bash. (Interactive) Examples of the sat status command used by an administrator:\nncn-m001# sat status ncn-m001# sat bash (CONTAINER_ID) sat-container# sat status SAT Dependencies Most sat subcommands depend on services or components from other products in the HPE Cray EX (Shasta) software stack. The following list shows these dependencies for each subcommand. Each service or component is listed under the product it belongs to.\nsat auth CSM Keycloak sat bmccreds CSM System Configuration Service (SCSD) sat bootprep CSM Boot Orchestration Service (BOS) Configuration Framework Service (CFS) Image Management Service (IMS) Version Control Service (VCS) Kubernetes S3 sat bootsys CSM Boot Orchestration Service (BOS) Cray Advanced Platform Monitoring and Control (CAPMC) Ceph Compute Rolling Upgrade Service (CRUS) Etcd Firmware Action Service (FAS) Hardware State Manager (HSM) Kubernetes S3 COS Node Memory Dump (NMD) sat diag CSM Hardware State Manager (HSM) CSM-Diag Fox sat firmware CSM Firmware Action Service (FAS) sat hwhist CSM Hardware State Manager (HSM) sat hwinv CSM Hardware State Manager (HSM) sat hwmatch CSM Hardware State Manager (HSM) sat init None\nsat k8s CSM Kubernetes sat nid2xname CSM Hardware State Manager (HSM) sat sensors CSM Hardware State Manager (HSM) HM Collector SMA Telemetry API sat setrev CSM S3 sat showrev CSM Hardware State Manager (HSM) Kubernetes S3 sat slscheck CSM Hardware State Manager (HSM) Kubernetes S3 sat status CSM Hardware State Manager (HSM) sat swap Slingshot Fabric Manager sat switch Deprecated: See sat swap\nsat xname2nid CSM Hardware State Manager (HSM) " +}, +{ + "uri": "/docs-sat/en-22/dashboards/sat_grafana_dashboards/", + "title": "SAT Grafana Dashboards", + "tags": [], + "description": "", + "content": "SAT Grafana Dashboards The SAT Grafana Dashboards display messages that are generated by the HSN (High Speed Network) and reported through Redfish. The messages are displayed based on severity.\nGrafana can be accessed via web browser at the following URL:\nhttps://sma-grafana.\u0026lt;site-domain\u0026gt; The value of site-domain can be obtained as follows:\nncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath=\u0026#39;{.data.customizations\\.yaml}\u0026#39; | \\ base64 -d | grep \u0026#34;external:\u0026#34; That command will produce the following output, for example:\nexternal: EXAMPLE_DOMAIN.com This would result in the address for Grafana being https://sma-grafana.EXAMPLE_DOMAIN.com\nFor additional details about how to access the Grafana Dashboards refer to Access the Grafana Monitoring UI in the SMA product documentation.\nFor more information about the interpretation of metrics for the SAT Grafana Dashboards refer to Fabric Telemetry Kafka Topics in the SMA product documentation.\nNavigate SAT Grafana Dashboards There are four Fabric Telemetry dashboards used in SAT that report on the HSN. Two contain chart panels and two display telemetry in a tabular format.\nDashboard Name Display Type Fabric Congestion Chart Panels Fabric RFC3635 Chart Panels Fabric Errors Tabular Format Fabric Port State Tabular Format The tabular format presents a single point of telemetry for a given location and metric, either because the telemetry is not numerical or that it changes infrequently. The value shown is the most recently reported value for that location during the time range selected, if any. The interval setting is not used for tabular dashboards.\nSAT Grafana Interval and Locations Options Shows the Interval and Locations Options for the available telemetry.\nThe value of the Interval option sets the time resolution of the received telemetry. This works a bit like a histogram, with the available telemetry in an interval of time going into a \u0026ldquo;bucket\u0026rdquo; and averaging out to a single point on the chart or table. The special value auto will choose an interval based on the time range selected.\nFor additional information, refer to Grafana Templates and Variables.\nThe Locations option allows restriction of the telemetry shown by locations, either individual links or all links in a switch. The selection presented updates dynamically according to time range, except for the errors dashboard, which always has entries for all links and switches, although the errors shown are restricted to the selected time range.\nThe chart panels for the RFC3635 and Congestion dashboards allow selection of a single location from the chart\u0026rsquo;s legend or the trace on the chart.\nGrafana Fabric Congestion Dashboard SAT Grafana Dashboards provide system administrators a way to view fabric telemetry data across all Rosetta switches in the system and assess the past and present health of the high-speed network. It also allows the ability to drill down to view data for specific ports on specific switches.\nThis dashboard contains the variable, Port Type not found in the other dashboards. The possible values are edge, local, and global and correspond to the link\u0026rsquo;s relationship to the network topology. The locations presented in the panels are restricted to the values (any combination, defaults to \u0026ldquo;all\u0026rdquo;) selected.\nThe metric values for links of a given port type are similar in value to each other but very distinct from the values of other types. If the values for different port types are all plotted together, the values for links with lower values are indistinguishable from zero when plotted.\nThe port type of a link is reported as a port state \u0026ldquo;subtype\u0026rdquo; event when defined at port initialization.\nGrafana Fabric Errors Dashboard This dashboard reports error counters in a tabular format in three panels.\nThere is no Interval option because this parameter is not used to set a coarseness of the data. Only a single value is presented that displays the most recent value in the time range.\nUnlike other dashboards, the locations presented are all locations in the system rather than having telemetry within the time range selected. However, the values are taken from telemetry within the time range.\nGrafana Fabric Port State Dashboard There is no Interval option because this parameter is not used to set a coarseness of the data. Only a single value is presented that displays the most recent value in the time range.\nThe Fabric Port State telemetry is distinct because it typically is not numeric. It also updates infrequently, so a long time range may be necessary to obtain any values. Port State is refreshed daily, so a time range of 24 hours results in all states for all links in the system being shown.\nThe three columns named, group, switch, and port are not port state events, but extra information included with all port state events.\nGrafana Fabric RFC3635 Dashboard For additional information on performance counters, refer to Definitions of Managed Objects for the Ethernet-like Interface Types, an Internet standards document.\nBecause these metrics are counters that only increase over time, the values plotted are the change in the counter\u0026rsquo;s value over the interval setting.\n" +}, +{ + "uri": "/docs-sat/en-22/dashboards/sat_kibana_dashboards/", + "title": "SAT Kibana Dashboards", + "tags": [], + "description": "", + "content": "SAT Kibana Dashboards Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored in Elasticsearch indices. Kibana runs as a web service and has a browser-based interface. It offers visual output of node data in the forms of charts, tables and maps that display real-time Elasticsearch queries. Viewing system data in this way breaks down the complexity of large data volumes into easily understood information.\nKibana can be accessed via web browser at the following URL:\nhttps://sma-kibana.\u0026lt;site-domain\u0026gt; The value of site-domain can be obtained as follows:\nncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath=\u0026#39;{.data.customizations\\.yaml}\u0026#39; | \\ base64 -d | grep \u0026#34;external:\u0026#34; That command will produce the following output, for example:\nexternal: EXAMPLE_DOMAIN.com This would result in the address for Kibana being https://sma-kibana.EXAMPLE_DOMAIN.com\nFor additional details about how to access the Kibana Dashboards refer to View Logs Via Kibana in the SMA product documentation.\nAdditional details about the AER, ATOM, Heartbeat, Kernel, MCE, and Rasdaemon Kibana Dashboards are included in this table.\nDashboard Short Description Long Description Kibana Visualization and Search Name sat-aer AER corrected Corrected Advanced Error Reporting messages from PCI Express devices on each node. Visualization: aer-corrected Search: sat-aer-corrected sat-aer AER fatal Fatal Advanced Error Reporting messages from PCI Express devices on each node. Visualization: aer-fatal Search: sat-aer-fatal sat-atom ATOM failures Application Task Orchestration and Management tests are run on a node when a job finishes. Test failures are logged. sat-atom-failed sat-atom ATOM admindown Application Task Orchestration and Management test failures can result in nodes being marked admindown. An admindown node is not available for job launch. sat-atom-admindown sat-heartbeat Heartbeat loss events Heartbeat loss event messages reported by the hbtd pods that monitor for heartbeats across nodes in the system. sat-heartbeat sat-kernel Kernel assertions The kernel software performs a failed assertion when some condition represents a serious fault. The node goes down. sat-kassertions sat-kernel Kernel panics The kernel panics when something is seriously wrong. The node goes down. sat-kernel-panic sat-kernel Lustre bugs (LBUGs) The Lustre software in the kernel stack performs a failed assertion when some condition related to file system logic represents a serious fault. The node goes down. sat-lbug sat-kernel CPU stalls CPU stalls are serous conditions that can reduce node performance, and sometimes cause a node to go down. Technically these are Read-Copy-Update stalls where software in the kernel stack holds onto memory for too long. Read-Copy-Update is a vital aspect of kernel performance and rather esoteric. sat-cpu-stall sat-kernel Out of memory An Out Of Memory (OOM) condition has occurred. The kernel must kill a process to continue. The kernel will select an expendable process when possible. If there is no expendable process the node usually goes down in some manner. Even if there are expendable processes the job is likely to be impacted. OOM conditions are best avoided. sat-oom sat-mce MCE Machine Check Exceptions (MCE) are errors detected at the processor level. sat-mce sat-rasdaemon rasdaemon errors Errors from the rasdaemon service on nodes. The rasdaemon service is the Reliability, Availability, and Serviceability Daemon, and it is intended to collect all hardware error events reported by the linux kernel, including PCI and MCE errors. This may include certain HSN errors in the future. sat-rasdaemon-error sat-rasdaemon rasdaemon messages All messages from the rasdaemon service on nodes. sat-rasdaemon Disable Search Highlighting in Kibana Dashboard By default, search highlighting is enabled. This procedure instructs how to disable search highlighting.\nThe Kibana Dashboard should be open on your system.\nNavigate to Management\nNavigate to Advanced Settings in the Kibana section, below the Elastic search section\nScroll down to the Discover section\nChange Highlight results from on to off\nClick Save to save changes\nAER Kibana Dashboard The AER Dashboard displays errors that come from the PCI Express Advanced Error Reporting (AER) driver. These errors are split up into separate visualizations depending on whether they are fatal or corrected errors.\nView the AER Kibana Dashboard Go to the dashboard section.\nSelect sat-aer dashboard.\nChoose the time range of interest.\nView the Corrected and Fatal Advanced Error Reporting messages from PCI Express devices on each node. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\nATOM Kibana Dashboard The ATOM (Application Task Orchestration and Management) Dashboard displays node failures that occur during health checks and application test failures. Some test failures are of possible interest even though a node is not marked admindown or otherwise fails. They are of clear interest if a node is marked admindown, and might provide clues if a node otherwise fails. They might also show application problems.\nView the ATOM Kibana Dashboard HPE Cray EX is installed on the system along with the System Admin Toolkit, which contains the ATOM Kibana Dashboard.\nGo to the dashboard section.\nSelect sat-atom dashboard.\nChoose the time range of interest.\nView any nodes marked admindown and any ATOM test failures. These failures occur during health checks and application test failures. Test failures marked admindown are important to note. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\nHeartbeat Kibana Dashboard The Heartbeat Dashboard displays heartbeat loss messages that are logged by the hbtd pods in the system. The hbtd pods are responsible for monitoring nodes in the system for heartbeat loss.\nView the Heartbeat Kibana Dashboard Go to the dashboard section.\nSelect sat-heartbeat dashboard.\nChoose the time range of interest.\nView the heartbeat loss messages that are logged by the hbtd pods in the system. The hbtd pods are responsible for monitoring nodes in the system for heartbeat loss.View the matching log messages in the panel.\nKernel Kibana Dashboard The Kernel Dashboard displays compute node failures such as kernel assertions, kernel panics, and Lustre LBUG messages. The messages reveal if Lustre has experienced a fatal error on any compute nodes in the system. A CPU stall is a serious problem that might result in a node failure. Out-of-memory conditions can be due to applications or system problems and may require expert analysis. They provide useful clues for some node failures and may reveal if an application is using too much memory.\nView the Kernel Kibana Dashboard Go to the dashboard section.\nSelect sat-kernel dashboard.\nChoose the time range of interest.\nView the compute node failures such as kernel assertions, kernel panics, and Lustre LBUG messages. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\nMCE Kibana Dashboard The MCE Dashboard displays CPU detected processor-level hardware errors.\nView the MCE Kibana Dashboard Go to the dashboard section.\nSelect sat-mce dashboard.\nChoose the time range of interest.\nView the Machine Check Exceptions (MCEs) listed including the counts per NID (node). For an MCE, the CPU number and DIMM number can be found in the message, if applicable. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\nRasdaemon Kibana Dashboard The Rasdaemon Dashboard displays errors that come from the Reliability, Availability, and Serviceability (RAS) daemon service on nodes in the system. This service collects all hardware error events reported by the linux kernel, including PCI and MCE errors. As a result there may be some duplication between the messages presented here and the messages presented in the MCE and AER dashboards. This dashboard splits up the messages into two separate visualizations, one for only messages of severity \u0026ldquo;emerg\u0026rdquo; or \u0026ldquo;err\u0026rdquo; and another for all messages from rasdaemon.\nView the Rasdaemon Kibana Dashboard Go to the dashboard section.\nSelect sat-rasdaemon dashboard.\nChoose the time range of interest.\nView the errors that come from the Reliability, Availability, and Serviceability (RAS) daemon service on nodes in the system. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\n" +}, +{ + "uri": "/docs-sat/en-22/release_notes/", + "title": "SAT Release Notes", + "tags": [], + "description": "", + "content": "SAT Release Notes Summary of changes in SAT 2.2 SAT 2.2.16 was released on February 25th, 2022.\nThis version of the SAT product included:\nVersion 3.14.0 of the sat python package and CLI Version 1.6.4 of the sat-podman wrapper script Version 1.0.4 of the sat-cfs-install container image and Helm chart It also added the following new components:\nVersion 1.4.3 of the sat-install-utility container image Version 2.0.2 of the cfs-config-util container image The following sections detail the changes in this release.\nKnown issues in SAT 2.2 sat command unavailable in sat bash shell After launching a shell within the SAT container with sat bash, the sat command will not be found. For example:\n(CONTAINER-ID) sat-container:~ # sat status bash: sat: command not found This can be resolved temporarily in one of two ways. /sat/venv/bin/ may be prepended to the $PATH environment variable:\n(CONTAINER-ID) sat-container:~ # export PATH=/sat/venv/bin:$PATH (CONTAINER-ID) sat-container:~ # sat status Or, the file /sat/venv/bin/activate may be sourced:\n(CONTAINER-ID) sat-container:~ # source /sat/venv/bin/activate (CONTAINER-ID) sat-container:~ # sat status Tab completion unavailable in sat bash shell After launching a shell within the SAT container with sat bash, tab completion for sat commands does not work.\nThis can be resolved temporarily by sourcing the file /etc/bash_completion.d/sat-completion.bash:\nsource /etc/bash_completion.d/sat-completion.bash OCI runtime permission error when running sat in root directory sat commands will not work if the current directory is /. For example:\nncn-m001:/ # sat --help Error: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: open /dev/console: operation not permitted: OCI runtime permission denied error To resolve, run sat in another directory.\nDuplicate mount error when running sat in config directory sat commands will not work if the current directory is ~/.config/sat. For example:\nncn-m001:~/.config/sat # sat --help Error: /root/.config/sat: duplicate mount destination To resolve, run sat in another directory.\nNew sat commands sat bootprep automates the creation of CFS configurations, the build and customization of IMS images, and the creation of BOS session templates. See SAT Bootprep for details. sat slscheck performs a check for consistency between the System Layout Service (SLS) and the Hardware State Manager (HSM). sat bmccreds provides a simple interface for interacting with the System Configuration Service (SCSD) to set BMC Redfish credentials. sat hwhist displays hardware component history by xname (location) or by its Field-Replaceable Unit ID (FRUID). This command queries the Hardware State Manager (HSM) API to obtain this information. Since the sat hwhist command supports querying for the history of a component by its FRUID, the FRUID of components has been added to the output of sat hwinv. Additional Install Automation The following automation has been added to the install script, install.sh:\nWait for the completion of the sat-config-import Kubernetes job, which is started when the sat-cfs-install Helm chart is deployed. Automate the modification of the CFS configuration, which applies to master management NCNs (e.g. \u0026ldquo;ncn-personalization\u0026rdquo;). Changes to Product Catalog Data Schema The SAT product uploads additional information to the cray-product-catalog Kubernetes ConfigMap detailing the components it provides, including container (Docker) images, Helm charts, RPMs, and package repositories.\nThis information is used to support uninstall and activation of SAT product versions moving forward.\nSupport for Uninstall and Activation of SAT Versions Beginning with the 2.2 release, SAT now provides partial support for the uninstall and activation of the SAT product stream.\nSee Uninstall: Removing a Version of SAT and Activate: Switching Between Versions for details.\nImprovements to sat status A Subrole column has been added to the output of sat status. This allows you to easily differentiate between master, worker, and storage nodes in the management role, for example.\nHostname information from SLS has been added to sat status output.\nAdded Support for JSON Output Support for JSON-formatted output has been added to commands which currently support the --format option, such as hwinv, status, and showrev.\nUsability Improvements Many usability improvements have been made to multiple sat commands, mostly related to filtering command output. The following are some highlights:\nAdded --fields option to display only specific fields for subcommands which display tabular reports. Added ability to filter on exact matches of a field name. Improved handling of multiple matches of a field name in --filter queries so that the first match is used, similar to --sort-by. Added support for --filter, --fields, and --reverse for summaries displayed by sat hwinv. Added borders to summary tables generated by sat hwinv. Improved documentation in the man pages. Default Log Level Changed The default log level for stderr has been changed from \u0026ldquo;WARNING\u0026rdquo; to \u0026ldquo;INFO\u0026rdquo;. For details, see SAT Logging.\nMore Granular Log Level Configuration Options With the command-line options --loglevel-stderr and --loglevel-file, the log level can now be configured separately for stderr and the log file.\nThe existing --loglevel option is now an alias for the --loglevel-stderr option.\nPodman Wrapper Script Improvements The Podman wrapper script is the script installed at /usr/bin/sat on the master management NCNs by the cray-sat-podman RPM that runs the cray-sat container in podman. The following subsections detail improvements that were made to the wrapper script in this release.\nMounting of $HOME and Current Directories in cray-sat Container The Podman wrapper script that launches the cray-sat container with podman has been modified to mount the user\u0026rsquo;s current directory and home directory into the cray-sat container to provide access to local files in the container.\nPodman Wrapper Script Documentation Improvements The man page for the Podman wrapper script, which is accessed by typing man sat on a master management NCN, has been improved to document the following:\nEnvironment variables that affect execution of the wrapper script Host files and directories mounted in the container Fixes to Podman Wrapper Script Output Redirection Fixed issues with redirecting stdout and stderr, and piping output to commands, such as awk, less, and more.\nConfigurable HTTP Timeout A new sat option has been added to configure the HTTP timeout length for requests to the API gateway. See sat-man sat for details.\nsat bootsys Improvements Many improvements and fixes have been made to sat bootsys. The following are some highlights:\nAdded the --excluded-ncns option, which can be used to omit NCNs from the platform-services and ncn-power stages in case they are inaccessible. Disruptive shutdown stages in sat bootsys shutdown now prompt the user to continue before proceeding. A new option, --disruptive, will bypass this. Improvements to Ceph service health checks and restart during the platform-services stage of sat bootsys boot. sat xname2nid Improvements sat xname2nid can now recursively expand slot, chassis, and cabinet xnames to a list of nids in those locations.\nA new --format option has been added to sat xname2nid. It sets the output format to either \u0026ldquo;range\u0026rdquo; (the default) or \u0026ldquo;nid\u0026rdquo;. The \u0026ldquo;range\u0026rdquo; format displays nids in a compressed range format suitable for use with a workload manager like Slurm.\nUsage of v2 HSM API The commands which interact with HSM (e.g., sat status and sat hwinv) now use the v2 HSM API.\nsat diag Limited to HSN Switches sat diag will now only operate against HSN switches by default. These are the only controllers that support running diagnostics with HMJTD.\nsat showrev Enhancements A column has been added to the output of sat showrev that indicates whether a product version is \u0026ldquo;active\u0026rdquo;. The definition of \u0026ldquo;active\u0026rdquo; varies across products, and not all products may set an \u0026ldquo;active\u0026rdquo; version.\nFor SAT, the active version is the one with its hosted-type package repository in Nexus set as the member of the group-type package repository in Nexus, meaning that it will be used when installing the cray-sat-podman RPM.\ncray-sat Container Image Size Reduction The size of the cray-sat container image has been approximately cut in half by leveraging multi-stage builds. This also improved the repeatability of the unit tests by running them in the container.\nBug Fixes Minor bug fixes were made in cray-sat and in cray-sat-podman. For full change lists, see each repository\u0026rsquo;s CHANGELOG.md file.\nSummary of SAT changes in Shasta v1.5 We released version 2.1.16 of the SAT product in Shasta v1.5.\nThis version of the SAT product included:\nVersion 3.7.4 of the sat python package and CLI Version 1.4.10 of the sat-podman wrapper script It also added the following new component:\nVersion 1.0.3 of the sat-cfs-install docker image and helm chart The following sections detail the changes in this release.\nInstall Changes to Separate Product from CSM This release further decouples the installation of the SAT product from the CSM product. The cray-sat-podman RPM is no longer installed in the management non-compute node (NCN) image. Instead, the cray-sat-podman RPM is installed on all master management NCNs via an Ansible playbook which is referenced by a layer of the CFS configuration that applies to management NCNs. This CFS configuration is typically named \u0026ldquo;ncn-personalization\u0026rdquo;.\nThe SAT product now includes a Docker image and a Helm chart named sat-cfs-install. The SAT install script, install.sh, deploys the Helm chart with Loftsman. This helm chart deploys a Kubernetes job that imports the SAT Ansible content to a git repository in VCS (Gitea) named sat-config-management. This repository is referenced by the layer added to the NCN personalization CFS configuration.\nRemoval of Direct Redfish Access All commands which used to access Redfish directly have either been removed or modified to use higher-level service APIs. This includes the following commands:\nsat sensors sat diag sat linkhealth The sat sensors command has been rewritten to use the SMA telemetry API to obtain the latest sensor values. The command\u0026rsquo;s usage has changed slightly, but legacy options work as before, so it is backwards compatible. Additionally, new commands have been added.\nThe sat diag command has been rewritten to use a new service called Fox, which is delivered with the CSM-diags product. The sat diag command now launches diagnostics using the Fox service, which launches the corresponding diagnostic executables on controllers using the Hardware Management Job and Task Daemon (HMJTD) over Redfish. Essentially, Fox serves as a proxy for us to start diagnostics over Redfish.\nThe sat linkhealth command has been removed. Its functionality has been replaced by functionality from the Slingshot Topology Tool (STT) in the fabric manager pod.\nThe Redfish username and password command line options and config file options have been removed. For further instructions, see Remove Obsolete Configuration File Sections.\nAdditional Fields in sat setrev and sat showrev sat setrev now collects the following information from the admin, which is then displayed by sat showrev:\nSystem description Product number Company name Country code Additional guidance and validation has been added to each field collected by sat setrev. This sets the stage for sdu setup to stop collecting this information and instead collect it from sat showrev or its S3 bucket.\nImprovements to sat bootsys The platform-services stage of the sat bootsys boot command has been improved to start inactive Ceph services, unfreeze Ceph, and wait for Ceph health in the correct order. The ceph-check stage has been removed as it is no longer needed.\nThe platform-services stage of sat bootsys boot now prompts for confirmation of the storage NCN hostnames in addition to the Kubernetes masters and workers.\nBug Fixes and Security Fixes Improved error handling in sat firmware. Incremented version of Alpine Linux to 3.13.2 to address a security vulnerability. Other Notable Changes Ansible has been removed from the cray-sat container image. Support for the Firmware Update Service (FUS) has been removed from the sat firmware command. Summary of SAT Changes in Shasta v1.4.1 We released version 2.0.4 of the SAT product in Shasta v1.4.1.\nThis version of the SAT product included:\nVersion 3.5.0 of the sat python package and CLI. Version 1.4.3 of the sat-podman wrapper script. The following sections detail the changes in this release.\nNew Commands to Translate Between NIDs and XNames Two new commands were added to translate between NIDs and XNames:\nsat nid2xname sat xname2nid These commands perform this translation by making requests to the Hardware State Manager (HSM) API.\nBug Fixes Fixed a problem in sat swap where creating the offline port policy failed. Changed sat bootsys shutdown --stage bos-operations to no longer forcefully power off all compute nodes and application nodes using CAPMC when BOS sessions complete or time out. Fixed an issue with the command sat bootsys boot --stage cabinet-power. Summary of SAT Changes in Shasta v1.4 In Shasta v1.4, SAT became an independent product, which meant we began to designate a version number for the entire SAT product. We released version 2.0.3 of the SAT product in Shasta v1.4.\nThis version of the SAT product included the following components:\nVersion 3.4.0 of the sat python package and CLI It also added the following new component:\nVersion 1.4.2 of the sat-podman wrapper script The following sections detail the changes in this release.\nSAT as an Independent Product SAT is now packaged and released as an independent product. The product deliverable is called a \u0026ldquo;release distribution\u0026rdquo;. The release distribution is a gzipped tar file containing an install script. This install script loads the cray/cray-sat container image into the Docker registry in Nexus and loads the cray-sat-podman RPM into a package repository in Nexus.\nIn this release, the cray-sat-podman package is still installed in the master and worker NCN images provided by CSM. This is changed in SAT 2.1.16 released in Shasta v1.5.\nSAT Running in a Container Under Podman The sat command now runs in a container under Podman. The sat executable is now installed on all nodes in the Kubernetes management cluster (i.e., workers and masters). This executable is a wrapper script that starts a SAT container in Podman and invokes the sat Python CLI within that container. The admin can run individual sat commands directly on the master or worker NCNs as before, or they can run sat commands inside the SAT container after using sat bash to enter an interactive shell inside the SAT container.\nTo view man pages for sat commands, the user can run sat-man SAT_COMMAND, replacing SAT_COMMAND with the name of the sat command. Alternatively, the user can enter the sat container with sat bash and use the man command.\nNew sat init Command and Config File Location Change The default location of the SAT config file has been changed from /etc/sat.toml to ~/.config/sat/sat.toml. A new command, sat init, has been added that initializes a configuration file in the new default directory. This better supports individual users on the system who want their own config files.\n~/.config/sat is mounted into the container that runs under Podman, so changes are persistent across invocations of the sat container. If desired, an alternate configuration directory can be specified with the SAT_CONFIG_DIR environment variable.\nAdditionally, if a config file does not yet exist when a user runs a sat command, one is generated automatically.\nAdditional Types Added to sat hwinv Additional functionality has been added to sat hwinv including:\nList node enclosure power supplies with the --list-node-enclosure-power-supplies option. List node accelerators (e.g., GPUs) with the --list-node-accels option. The count of node accelerators is also included for each node. List node accelerator risers (e.g., Redstone modules) with the --list-node-accel-risers option. The count of node accelerator risers is also included for each node. List High-Speed Node Network Interface Cards (HSN NICs) with the --list-node-hsn-nics option. The count of HSN NICs is also included for each node. Documentation for these new options has been added to the man page for sat hwinv.\nSite Information Stored by sat setrev in S3 The sat setrev and sat showrev commands now use S3 to store and obtain site information, including system name, site name, serial number, install date, and system type. Since the information is stored in S3, it will now be consistent regardless of the node on which sat is executed.\nAs a result of this change, S3 credentials must be configured for SAT. For detailed instructions, see Generate SAT S3 Credentials.\nProduct Version Information Shown by sat showrev sat showrev now shows product information from the cray-product-catalog ConfigMap in Kubernetes.\nAdditional Changes to sat showrev The output from sat showrev has also been changed in the following ways:\nThe --docker and --packages options were considered misleading and have been removed. Information pertaining to only to the local host, where the command is run, has been moved to the output of the --local option. Removal of sat cablecheck The sat cablecheck command has been removed. To verify that the system\u0026rsquo;s Slingshot network is cabled correctly, admins should now use the show cables command in the Slingshot Topology Tool (STT).\nsat swap Command Compatibility with Next-gen Fabric Controller The sat swap command was added in Shasta v1.3.2. This command used the Fabric Controller API. Shasta v1.4 introduced a new Fabric Manager API and removed the Fabric Controller API, so this command has been rewritten to use the new backwards-incompatible API. Usage of the command did not change.\nsat bootsys Functionality Much of the functionality added to sat bootsys in Shasta v1.3.2 was broken by changes introduced in Shasta v1.4, which removed the Ansible inventory and playbooks.\nThe functionality in the platform-services stage of sat bootsys has been re-implemented to use python directly instead of Ansible. This resulted in a more robust procedure with better logging to the sat log file. Failures to stop containers on Kubernetes nodes are handled more gracefully, and more information about the containers that failed to stop, including how to debug the problem, is included.\nImprovements were made to console logging setup for non-compute nodes (NCNs) when they are shut down and booted.\nThe following improvements were made to the bos-operations stage of sat bootsys:\nMore information about the BOS sessions, BOA jobs, and BOA pods is printed. A command-line option, --bos-templates, and a corresponding config-file option, bos_templates, were added, and the --cle-bos-template and --uan-bos-template options and their corresponding config file options were deprecated. The following functionality has been removed from sat bootsys:\nThe hsn-bringup stage of sat bootsys boot has been removed due to removal of the underlying Ansible playbook. The bgp-check stage of sat bootys {boot,shutdown} has been removed. It is now a manual procedure. Log File Location Change The location of the sat log file has changed from /var/log/cray/sat.log to /var/log/cray/sat/sat.log. This change simplifies mounting this file into the sat container running under Podman.\nSummary of SAT Changes in Shasta v1.3.2 Shasta v1.3.2 included version 2.4.0 of the sat python package and CLI.\nThe following sections detail the changes in this release.\nsat swap Command for Switch and Cable Replacement The sat switch command which supported operations for replacing a switch has been deprecated and replaced with the sat swap command, which now supports replacing a switch OR cable.\nThe sat swap switch command is equivalent to sat switch. The sat switch command will be removed in a future release.\nAddition of Stages to sat bootsys Command The sat bootsys command now has multiple stages for both the boot and shutdown actions. Please refer to the \u0026ldquo;System Power On Procedures\u0026rdquo; and \u0026ldquo;System Power Off Procedures\u0026rdquo; sections of the Cray Shasta Administration Guide (S-8001) for more details on using this command in the context of a full system power off and power on.\nSummary of SAT Changes in Shasta v1.3 Shasta v1.3 included version 2.2.3 of the sat python package and CLI.\nThis version of the sat CLI contained the following commands:\nauth bootsys cablecheck diag firmware hwinv hwmatch k8s linkhealth sensors setrev showrev status swap switch See the System Admin Toolkit Command Overview and the table of commands in the SAT Authentication section of this document for more details on each of these commands.\n" +}, +{ + "uri": "/docs-sat/en-22/usage/", + "title": "SAT Usage", + "tags": [], + "description": "", + "content": "SAT Usage SAT Bootprep SAT provides an automated solution for creating CFS configurations, building and configuring images in IMS, and creating BOS session templates based on a given input file which defines how those configurations, images, and session templates should be created.\nThis automated process centers around the sat bootprep command. Man page documentation for sat bootprep can be viewed similarly to other SAT commands.\nncn-m001# sat-man sat-bootprep SAT Bootprep vs SAT Bootsys sat bootprep is used to create CFS configurations, build and rename IMS images, and create BOS session templates which tie the configurations and images together during a BOS session.\nsat bootsys automates several portions of the boot and shutdown processes, including (but not limited to) performing BOS operations (such as creating BOS sessions), powering on and off cabinets, and checking the state of the system prior to shutdown.\nEditing a bootprep input file The input file provided to sat bootprep is a YAML-formatted file containing information which CFS, IMS, and BOS use to create configurations, images, and BOS session templates respectively. Writing and modifying these input files is the main task associated with using sat bootprep. An input file is composed of three main sections, one each for configurations, images, and session templates. These sections may be specified in any order, and any of the sections may be omitted if desired.\nCreating CFS configurations The configurations section begins with a configurations: key.\n--- configurations: Under this key, the user can list one or more configurations to create. For each configuration, a name should be given, in addition to the list of layers which comprise the configuration. Each layer can be defined by a product name and optionally a version number, or commit hash or branch in the product\u0026rsquo;s configuration repository. Alternatively, a layer can be defined by a Git repository URL directly, along with an associated branch or commit hash.\nWhen a configuration layer is specified in terms of a product name, the layer is created in CFS by looking up relevant configuration information (including the configuration repository and commit information) from the cray-product-catalog Kubernetes ConfigMap as necessary. A version may be supplied, but if it is absent, the version is assumed to be the latest version found in the cray-product-catalog.\n--- configurations: - name: example-configuration layers: - name: example product playbook: example.yml product: name: example version: 1.2.3 Alternatively, a configuration layer may be specified by explicitly referencing the desired configuration repository, along with the branch containing the intended version of the Ansible playbooks. A commit hash may be specified by replacing branch with commit.\n... - name: another example product playbook: another-example.yml git: url: \u0026#34;https://vcs.local/vcs/another-example-config-management.git\u0026#34; branch: main ... When sat bootprep is run against an input file, a CFS configuration will be created corresponding to each configuration in the configurations section. For example, the configuration created from an input file with the layers listed above might look something like the following:\n{ \u0026#34;lastUpdated\u0026#34;: \u0026#34;2022-02-07T21:47:49Z\u0026#34;, \u0026#34;layers\u0026#34;: [ { \u0026#34;cloneUrl\u0026#34;: \u0026#34;https://vcs.local/vcs/example-config-management.git\u0026#34;, \u0026#34;commit\u0026#34;: \u0026#34;\u0026lt;commit hash\u0026gt;\u0026#34;, \u0026#34;name\u0026#34;: \u0026#34;example product\u0026#34;, \u0026#34;playbook\u0026#34;: \u0026#34;example.yml\u0026#34; }, { \u0026#34;cloneUrl\u0026#34;: \u0026#34;https://vcs.local/vcs/another-example-config-management.git\u0026#34;, \u0026#34;commit\u0026#34;: \u0026#34;\u0026lt;commit hash\u0026gt;\u0026#34;, \u0026#34;name\u0026#34;: \u0026#34;another example product\u0026#34;, \u0026#34;playbook\u0026#34;: \u0026#34;another-example.yml\u0026#34; } ], \u0026#34;name\u0026#34;: \u0026#34;example-configuration\u0026#34; } Creating IMS images After specifying configurations, the user may add images to the input file which are to be built by IMS. To add an images section, the user should add an images key.\n--- configurations: ... (omitted for brevity) images: Under the images key, the user may define one or more images to be created in a list. Each element of the list defines a separate IMS image to be built and/or configured. Images must contain a name, as well as an ims section containing a definition of the image to be built and/or configured. Images may be defined by an image recipe, or by a pre-built image. Recipes and pre-built images are referred to by their names or IDs in IMS. The ims section should also contain an is_recipe property, which indicates whether the name or ID refers to an image recipe or a pre-built image. Images may also optionally provide a text description of the image. This description is not stored or used by sat bootprep or any CSM services, but is useful for documenting images in the input file.\n--- configurations: ... (omitted for brevity) images: - name: example-compute-image description: \u0026gt; An example compute node image for illustrative purposes. ims: name: example-compute-image-recipe is_recipe: true - name: another-example-compute-image description: \u0026gt; Another example compute node image. ims: id: \u0026lt;IMS image UUID\u0026gt; is_recipe: false Images may also contain a configuration property in their definition, which specifies a configuration with which to customize the built image prior to booting. If a configuration is specified, then configuration groups must also be specified using the configuration_group_names property.\n--- configurations: ... (omitted for brevity) images: - name: example-compute-image description: \u0026gt; An example compute node image for illustrative purposes. ims: name: example-compute-image-recipe is_recipe: true configuration: example configuration configuration_group_names: - Compute Creating BOS session templates BOS session templates are the final section of the input file, and are defined under the session_templates key.\n--- configurations: ... (omitted for brevity) images: ... (omitted for brevity) session_templates: Each session template is defined in terms of its name, an image, a configuration, and a set of parameters which can be used to configure the session. The name, image, and configuration are specified with their respective name, image, and configuration keys. bos_parameters may also be specified; currently, the only setting under bos_parameters that is supported is boot_sets, which can be used to define boot sets in the BOS session template. Each boot set is defined under its own property under boot_sets, and the value of each boot set can contain the following properties, all of which are optional:\nkernel_parameters: the parameters passed to the kernel on the command line network: the network over which the nodes will boot node_list: nodes to add to the boot set node_roles_groups: HSM roles to add to the boot set node_groups: HSM groups to add to the boot set rootfs_provider: the root file system provider rootfs_provider_passthrough: parameters to add to the rootfs= kernel parameter The properties listed previously are the same as the parameters that can be specified directly through BOS boot sets. More information can be found in the CSM documentation on session templates. Additional properties not listed are passed through to the BOS session template as written.\nAn example session template might look like the following:\nconfigurations: ... (omitted for brevity) images: ... (omitted for brevity) session_templates: - name: example-session-template image: example-image configuration: example-configuration bos_parameters: boot_sets: example_boot_set: kernel_parameters: ip=dhcp quiet node_list: [] rootfs_provider: cpss3 rootfs_provider_passthrough: dvs:api-gw-service-nmn.local:300:nmn0 Example bootprep input files Putting together all of the previous input file sections, an example bootprep input file might look something like the following.\n--- configurations: - name: cos-config layers: - name: cos-integration-2.2.87 playbook: site.yml product: name: cos version: 2.2.87 branch: integration - name: cpe-integration-21.12.3 playbook: pe_deploy.yml product: name: cpe version: 21.12.3 branch: integration - name: slurm-master-1.1.1 playbook: site.yml product: name: slurm version: 1.1.1 branch: master images: - name: cray-shasta-compute-sles15sp3.x86_64-2.2.35 ims: is_recipe: true name: cray-shasta-compute-sles15sp3.x86_64-2.2.35 configuration: cos-config configuration_group_names: - Compute session_templates: - name: cray-shasta-compute-sles15sp3.x86_64-2.2.35 image: cray-shasta-compute-sles15sp3.x86_64-2.2.35 configuration: cos-config bos_parameters: boot_sets: compute: kernel_parameters: ip=dhcp quiet spire_join_token=${SPIRE_JOIN_TOKEN} node_roles_groups: - Compute Creating a pre-populated example bootprep input file It is possible to create an example bootprep input file using values from the system\u0026rsquo;s product catalog using the sat bootprep generate-example command.\nncn-m001# sat bootprep generate-example INFO: Using latest version (2.3.24-20220113160653) of product cos INFO: Using latest version (21.11.4) of product cpe INFO: Using latest version (1.0.7) of product slurm INFO: Using latest version (1.1.24) of product analytics INFO: Using latest version (2.1.5) of product uan INFO: Using latest version (21.11.4) of product cpe INFO: Using latest version (1.0.7) of product slurm INFO: Using latest version (1.1.24) of product analytics INFO: Using latest version (2.3.24-20220113160653) of product cos INFO: Using latest version (2.1.5) of product uan INFO: Wrote example bootprep input file to ./example-bootprep-input.yaml. This file should be reviewed and edited to match the desired parameters of the configurations, images, and session templates.\nViewing built-in generated documentation The contents of the YAML input files described above must conform to a schema which defines the structure of the data. The schema definition is written using the JSON Schema format. (Although the format is named \u0026ldquo;JSON Schema\u0026rdquo;, the schema itself is written in YAML as well.) More information, including introductory materials and a formal specification of the JSON Schema metaschema, can be found on the JSON Schema website.\nViewing the exact schema specification To view the exact schema specification, run sat bootprep view-schema.\nncn-m001# sat bootprep view-schema --- $schema: \u0026#34;https://json-schema.org/draft-07/schema\u0026#34; title: Bootprep Input File description: \u0026gt; A description of the set of CFS configurations to create, the set of IMS images to create and optionally customize with the defined CFS configurations, and the set of BOS session templates to create that reference the defined images and configurations. type: object additionalProperties: false properties: ... Generating user-friendly documentation The raw schema definition can be difficult to understand without experience working with JSON Schema specifications. For this reason, a feature was included which can generate user-friendly HTML documentation for the input file schema which can be browsed with the user\u0026rsquo;s preferred web browser.\nCreate a documentation tarball using sat bootprep.\nncn-m001# sat bootprep generate-docs INFO: Wrote input schema documentation to /root/bootprep-schema-docs.tar.gz An alternate output directory can be specified with the --output-dir option. The generated tarball is always named bootprep-schema-docs.tar.gz.\nncn-m001# sat bootprep generate-docs --output-dir /tmp INFO: Wrote input schema documentation to /tmp/bootprep-schema-docs.tar.gz From another machine, copy the tarball to a local directory.\nanother-machine$ scp root@ncn-m001:bootprep-schema-docs.tar.gz . Extract the contents of the tarball and open the contained index.html.\nanother-machine$ tar xzvf bootprep-schema-docs.tar.gz x bootprep-schema-docs/ x bootprep-schema-docs/index.html x bootprep-schema-docs/schema_doc.css x bootprep-schema-docs/schema_doc.min.js another-machine$ open bootprep-schema-docs/index.html " +}, +{ + "uri": "/docs-sat/en-22/categories/", + "title": "Categories", + "tags": [], + "description": "", + "content": "" +}, +{ + "uri": "/docs-sat/en-22/tags/", + "title": "Tags", + "tags": [], + "description": "", + "content": "" +}] \ No newline at end of file diff --git a/en-22/index.xml b/en-22/index.xml new file mode 100644 index 0000000000..652e1f455b --- /dev/null +++ b/en-22/index.xml @@ -0,0 +1,54 @@ + + + + HPE Cray EX System Admin Toolkit (SAT) Guide on System Admin Toolkit (SAT) + /docs-sat/en-22/ + Recent content in HPE Cray EX System Admin Toolkit (SAT) Guide on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-22 + Wed, 11 Dec 2024 03:40:00 +0000 + + + SAT Installation + /docs-sat/en-22/install/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-22/install/ + SAT Installation Install the System Admin Toolkit Product Stream Describes how to install the System Admin Toolkit (SAT) product stream. Prerequisites CSM is installed and verified. cray-product-catalog is running. There must be at least 2 gigabytes of free space on the manager NCN on which the procedure is run. Notes on the Procedures Ellipses (...) in shell output indicate omitted lines. In the examples below, replace 2.2.x with the version of the SAT product stream being installed. + + + Introduction to SAT + /docs-sat/en-22/introduction/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-22/introduction/ + Introduction to SAT About System Admin Toolkit (SAT) The System Admin Toolkit (SAT) is designed to assist administrators with common tasks, such as troubleshooting and querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components. SAT offers a command line utility which uses subcommands. There are similarities between SAT commands and xt commands used on the Cray XC platform. For more information on SAT commands, see System Admin Toolkit Command Overview. + + + SAT Grafana Dashboards + /docs-sat/en-22/dashboards/sat_grafana_dashboards/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-22/dashboards/sat_grafana_dashboards/ + SAT Grafana Dashboards The SAT Grafana Dashboards display messages that are generated by the HSN (High Speed Network) and reported through Redfish. The messages are displayed based on severity. Grafana can be accessed via web browser at the following URL: https://sma-grafana.&lt;site-domain&gt; The value of site-domain can be obtained as follows: ncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath=&#39;{.data.customizations\.yaml}&#39; | \ base64 -d | grep &#34;external:&#34; That command will produce the following output, for example: + + + SAT Kibana Dashboards + /docs-sat/en-22/dashboards/sat_kibana_dashboards/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-22/dashboards/sat_kibana_dashboards/ + SAT Kibana Dashboards Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored in Elasticsearch indices. Kibana runs as a web service and has a browser-based interface. It offers visual output of node data in the forms of charts, tables and maps that display real-time Elasticsearch queries. Viewing system data in this way breaks down the complexity of large data volumes into easily understood information. + + + SAT Release Notes + /docs-sat/en-22/release_notes/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-22/release_notes/ + SAT Release Notes Summary of changes in SAT 2.2 SAT 2.2.16 was released on February 25th, 2022. This version of the SAT product included: Version 3.14.0 of the sat python package and CLI Version 1.6.4 of the sat-podman wrapper script Version 1.0.4 of the sat-cfs-install container image and Helm chart It also added the following new components: Version 1.4.3 of the sat-install-utility container image Version 2.0.2 of the cfs-config-util container image The following sections detail the changes in this release. + + + SAT Usage + /docs-sat/en-22/usage/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-22/usage/ + SAT Usage SAT Bootprep SAT provides an automated solution for creating CFS configurations, building and configuring images in IMS, and creating BOS session templates based on a given input file which defines how those configurations, images, and session templates should be created. This automated process centers around the sat bootprep command. Man page documentation for sat bootprep can be viewed similarly to other SAT commands. ncn-m001# sat-man sat-bootprep SAT Bootprep vs SAT Bootsys sat bootprep is used to create CFS configurations, build and rename IMS images, and create BOS session templates which tie the configurations and images together during a BOS session. + + + diff --git a/en-22/install/index.html b/en-22/install/index.html new file mode 100644 index 0000000000..3ebd1f5820 --- /dev/null +++ b/en-22/install/index.html @@ -0,0 +1,1505 @@ + + + + + + + + + + + + SAT Installation :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+ +
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Installation

+

Install the System Admin Toolkit Product Stream

+

Describes how to install the System Admin Toolkit (SAT) product stream.

+

Prerequisites

+
    +
  • CSM is installed and verified.
    • +
  • cray-product-catalog is running.
    • +
  • There must be at least 2 gigabytes of free space on the manager NCN on which the +procedure is run.
    • +
+

Notes on the Procedures

+
    +
  • Ellipses (...) in shell output indicate omitted lines.
    • +
  • In the examples below, replace 2.2.x with the version of the SAT product stream +being installed.
    • +
  • ‘manager’ and ‘master’ are used interchangeably in the steps below.
    • +
  • To upgrade SAT, execute the pre-installation, installation, and post-installation +procedures for a newer distribution. The newly installed version will become +the default.
    • +
+

Pre-Installation Procedure

+
    +
  1. +

    Start a typescript.

    +

    The typescript will record the commands and the output from this installation.

    +
    ncn-m001# script -af product-sat.$(date +%Y-%m-%d).txt
+ncn-m001# export PS1='\u@\H \D{%Y-%m-%d} \t \w # '
+
    2. +
+

Installation Procedure

+
    +
  1. +

    Copy the release distribution gzipped tar file to ncn-m001.

    +
    2. +
  2. +

    Unzip and extract the release distribution, 2.2.x.

    +
    ncn-m001# tar -xvzf sat-2.2.x.tar.gz
+
    3. +
  3. +

    Change directory to the extracted release distribution directory.

    +
    ncn-m001# cd sat-2.2.x
+
    4. +
  4. +

    Run the installer: install.sh.

    +

    The script produces a lot of output. A successful install ends with “SAT +version 2.2.x has been installed”.

    +
    ncn-m001# ./install.sh
+...
+====> Updating active CFS configurations
+...
+====> SAT version 2.2.x has been installed.
+
    5. +
  5. +

    Upgrade only: Record the names of the CFS configuration or +configurations modified by install.sh.

    +

    The install.sh script attempts to modify any CFS configurations that apply +to the master management NCNs. During an upgrade, install.sh will log +messages indicating the CFS configuration or configurations that were +modified. For example, if there are three master nodes all using the same +CFS configuration named “ncn-personalization”, the output would look like +this:

    +
    ====> Updating active CFS configurations
+INFO: Querying CFS configurations for the following NCNs: x3000c0s1b0n0, x3000c0s3b0n0, x3000c0s5b0n0
+INFO: Found configuration "ncn-personalization" for component x3000c0s1b0n0
+INFO: Found configuration "ncn-personalization" for component x3000c0s3b0n0
+INFO: Found configuration "ncn-personalization" for component x3000c0s5b0n0
+INFO: Updating CFS configuration "ncn-personalization"
+INFO: Updating existing layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml in configuration "ncn-personalization".
+INFO: Key "name" in layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml updated from sat-ncn to sat-2.2.16
+INFO: Successfully updated layers in configuration "ncn-personalization"
+

    Save the name of each CFS configuration updated by the installer. In the +previous example, a single configuration named “ncn-personalization” was +updated, so that name is saved to a temporary file.

    +
    ncn-m001# echo ncn-personalization >> /tmp/sat-ncn-cfs-configurations.txt
+

    Repeat the previous command for each CFS configuration that was updated.

    +
    6. +
  6. +

    Upgrade only: Save the new name of the SAT CFS configuration layer.

    +

    In the example install.sh output above, the new layer name is +sat-2.2.16. Save this value to a file to be used later.

    +
    ncn-m001# echo sat-2.2.16 > /tmp/sat-layer-name.txt
+
    7. +
  7. +

    Fresh install only: Save the CFS configuration layer for SAT to a file +for later use.

    +

    The install.sh script attempts to modify any CFS configurations that apply +to the master management NCNs. During a fresh install, no such CFS +configurations will be found, and it will instead log the SAT configuration +layer that must be added to the CFS configuration that will be created. Here +is an example of the output in that case:

    +
    ====> Updating active CFS configurations
+INFO: Querying CFS configurations for the following NCNs: x3000c0s1b0n0, x3000c0s3b0n0, x3000c0s5b0n0
+WARNING: No CFS configurations found that apply to components with role Management and subrole Master.
+INFO: The following sat layer should be used in the CFS configuration that will be applied to NCNs with role Management and subrole Master.
+{
+    "name": "sat-2.2.15",
+    "commit": "9a74b8f5ba499af6fbcecfd2518a40e081312933",
+    "cloneUrl": "https://api-gw-service-nmn.local/vcs/cray/sat-config-management.git",
+    "playbook": "sat-ncn.yml"
+}
+

    Save the JSON output to a file for later use. For example:

    +
    ncn-m001# cat > /tmp/sat-layer.json <<EOF
+> {
+>     "name": "sat-2.2.15",
+>     "commit": "9a74b8f5ba499af6fbcecfd2518a40e081312933",
+>     "cloneUrl": "https://api-gw-service-nmn.local/vcs/cray/sat-config-management.git",
+>     "playbook": "sat-ncn.yml"
+> }
+> EOF
+

    Do not copy the previous command verbatim. Use the JSON output from the +install.sh script.

    +
    8. +
+

Post-Installation Procedure

+
    +
  1. +

    Optional: Remove the SAT release distribution tar file and extracted directory.

    +
    ncn-m001# rm sat-2.2.x.tar.gz
+ncn-m001# rm -rf sat-2.2.x/
+
    2. +
  2. +

    Upgrade only: Ensure that the environment variable SAT_TAG is not set +in the ~/.bashrc file on any of the management NCNs.

    +

    NOTE: This step should only be required when updating from +Shasta 1.4.1 or Shasta 1.4.2.

    +

    The following example assumes three manager NCNs: ncn-m001, ncn-m002, and ncn-m003, +and shows output from a system in which no further action is needed.

    +
    ncn-m001# pdsh -w ncn-m00[1-3] cat ~/.bashrc
+ncn-m001: source <(kubectl completion bash)
+ncn-m003: source <(kubectl completion bash)
+ncn-m002: source <(kubectl completion bash)
+

    The following example shows that SAT_TAG is set in ~/.bashrc on ncn-m002. +Remove that line from the ~/.bashrc file on ncn-m002.

    +
    ncn-m001# pdsh -w ncn-m00[1-3] cat ~/.bashrc
+ncn-m001: source <(kubectl completion bash)
+ncn-m002: source <(kubectl completion bash)
+ncn-m002: export SAT_TAG=3.5.0
+ncn-m003: source <(kubectl completion bash)
+
    3. +
  3. +

    Stop the typescript.

    +

    NOTE: This step can be skipped if you wish to use the same typescript +for the remainder of the SAT install. See Next Steps.

    +
    ncn-m001# exit
+
    4. +
+

SAT version 2.2.x is now installed/upgraded, meaning the SAT 2.2.x release +has been loaded into the system software repository.

+
    +
  • SAT configuration content for this release has been uploaded to VCS.
    • +
  • SAT content for this release has been uploaded to the CSM product catalog.
    • +
  • SAT content for this release has been uploaded to Nexus repositories.
    • +
  • The sat command won’t be available until the NCN Personalization +procedure has been executed.
    • +
+

Next Steps

+

If other HPE Cray EX software products are being installed or upgraded in conjunction +with SAT, refer to the HPE Cray EX System Software Getting Started Guide +to determine which step to execute next.

+

If no other HPE Cray EX software products are being installed or upgraded at this time, +proceed to the sections listed below.

+

NOTE: The NCN Personalization procedure is required when +upgrading SAT. The setup procedures in SAT Setup, however, are +not required when upgrading SAT. They should have been executed +during the first installation of SAT.

+

Execute the NCN Personalization procedure:

+ +

If performing a fresh install, execute the SAT Setup procedures:

+ +

If performing an upgrade, execute the upgrade procedures:

+ +

Perform NCN Personalization

+

Describes how to perform NCN personalization using CFS. This personalization process +will configure the System Admin Toolkit (SAT) product stream.

+

Prerequisites

+
    +
  • The Install the System Admin Toolkit Product Stream +procedure has been successfully completed.
    • +
  • If upgrading, the names of the CFS configurations updated during installation +were saved to the file /tmp/sat-ncn-cfs-configurations.txt.
    • +
  • If upgrading, the name of the new SAT CFS configuration layer was saved to +the file /tmp/sat-layer-name.txt.
    • +
  • If performing a fresh install, the SAT CFS configuration layer was saved to +the file /tmp/sat-layer.json.
    • +
+

Notes on the Procedure

+
    +
  • Ellipses (...) in shell output indicate omitted lines.
    • +
  • In the examples below, replace 2.2.x with the version of the SAT product stream +being installed.
    • +
  • ‘manager’ and ‘master’ are used interchangeably in the steps below.
    • +
  • If upgrading SAT, the existing configuration will likely include other Cray EX product +entries. Update the SAT entry as described in this procedure. The HPE Cray EX System +Software Getting Started Guide provides guidance on how and when to update the +entries for the other products.
    • +
+

Procedure

+
    +
  1. +

    Start a typescript if not already using one.

    +

    The typescript will capture the commands and the output from this installation procedure.

    +
    ncn-m001# script -af product-sat.$(date +%Y-%m-%d).txt
+ncn-m001# export PS1='\u@\H \D{%Y-%m-%d} \t \w # '
+
    2. +
  2. +

    Fresh install only: Add the SAT layer to the NCN personalization JSON file.

    +

    If the SAT install script, install.sh, did not identify and modify the CFS +configurations that apply to each master management NCN, it will have printed +the SAT CFS configuration layer in JSON format. This layer must be added to +the JSON file being used to construct the CFS configuration. For example, +if the file being used is named ncn-personalization.json, and the SAT +layer was saved to the file /tmp/sat-layer.json as described in the +install instructions, the following jq command will append the SAT layer +and save the result in a new file named ncn-personalization.json.

    +
    ncn-m001# jq -s '{layers: (.[0].layers + [.[1]])}' ncn-personalization.json \
+    /tmp/sat-layer.json > ncn-personalization.new.json
+

    For instructions on how to create a CFS configuration from the previous +file and how to apply it to the management NCNs, refer to “Perform NCN +Personalization” in the HPE Cray System Management Documentation. After +the CFS configuration has been created and applied, return to this +procedure.

    +
    3. +
  3. +

    Upgrade only: Invoke each CFS configuration that was updated during the +upgrade.

    +

    If the SAT install script, install.sh, identified CFS configurations that +apply to the master management NCNs and modified them in place, invoke each +CFS configuration that was created or updated during installation.

    +

    This step will create a CFS session for each given configuration and install +SAT on the associated manager NCNs.

    +

    The --configuration-limit option limits the configuration session to run +only the SAT layer of the configuration.

    +

    You should see a representation of the CFS session in the output.

    +
    ncn-m001# for cfs_configuration in $(cat /tmp/sat-ncn-cfs-configurations.txt);
+do cray cfs sessions create --name "sat-session-${cfs_configuration}" --configuration-name \
+    "${cfs_configuration}" --configuration-limit $(cat /tmp/sat-layer-name.txt);
+done
+
+name="sat-session-ncn-personalization"
+
+[ansible]
+...
+
    4. +
  4. +

    Upgrade only: Monitor the progress of each CFS session.

    +

    This step assumes a single session named sat-session-ncn-personalization was created in the previous step.

    +

    First, list all containers associated with the CFS session:

    +
    ncn-m001# kubectl get pod -n services --selector=cfsession=sat-session-ncn-personalization \
+    -o json | jq '.items[0].spec.containers[] | .name'
+"inventory"
+"ansible-1"
+"istio-proxy"
+

    Next, get the logs for the ansible-1 container.

    +

    NOTE: the trailing digit might differ from “1”. It is the zero-based +index of the sat-ncn layer within the configuration’s layers.

    +
    ncn-m001# kubectl logs -c ansible-1 --tail 100 -f -n services \
+    --selector=cfsession=sat-session-ncn-personalization
+

    Ansible plays, which are run by the CFS session, will install SAT on all the +manager NCNs on the system. Successful results for all of the manager NCN xnames +can be found at the end of the container log. For example:

    +
    ...
+PLAY RECAP *********************************************************************
+x3000c0s1b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+x3000c0s3b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+x3000c0s5b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+

    Execute this step for each unique CFS configuration.

    +

    NOTE: Ensure that the PLAY RECAPs for each session show successes for all +manager NCNs before proceeding.

    +
    5. +
  5. +

    Verify that SAT was successfully configured.

    +

    If sat is configured, the --version command will indicate which version +is installed. If sat is not properly configured, the command will fail.

    +

    NOTE: This version number will differ from the version number of the SAT +release distribution. This is the semantic version of the sat Python package, +which is different from the version number of the overall SAT release distribution.

    +
    ncn-m001# sat --version
+sat 3.7.0
+

    NOTE: Upon first running sat, you may see additional output while the sat +container image is downloaded. This will occur the first time sat is run on +each manager NCN. For example, if you run sat for the first time on ncn-m001 +and then for the first time on ncn-m002, you will see this additional output +both times.

    +
    Trying to pull registry.local/cray/cray-sat:3.7.0-20210514024359_9fed037...
+Getting image source signatures
+Copying blob da64e8df3afc done
+Copying blob 0f36fd81d583 done
+Copying blob 12527cf455ba done
+...
+sat 3.7.0
+
    6. +
  6. +

    Stop the typescript.

    +
    ncn-m001# exit
+
    7. +
+

SAT version 2.2.x is now configured:

+
    +
  • The SAT RPM package is installed on the associated NCNs.
    • +
+

Next Steps

+

If other HPE Cray EX software products are being installed or upgraded in conjunction +with SAT, refer to the HPE Cray EX System Software Getting Started Guide +to determine which step to execute next.

+

If no other HPE Cray EX software products are being installed or upgraded at this time, +proceed to the remaining SAT Setup or SAT Post-Upgrade procedures.

+

If performing a fresh install, execute the SAT Setup procedures:

+ +

If performing an upgrade, execute the SAT Post-Upgrade procedures:

+ +

SAT Authentication

+

Initially, as part of the installation and configuration, SAT authentication is set up so sat commands can be used in +later steps of the install process. The admin account used to authenticate with sat auth must be enabled in +Keycloak and must have its assigned role set to admin. For instructions on editing Role Mappings see +Create Internal User Accounts in the Keycloak Shasta Realm in the CSM product documentation. +For additional information on SAT authentication, see System Security and Authentication in the CSM +documentation.

+

NOTE: This procedure is only required after initially installing SAT. It is not +required after upgrading SAT.

+

Description of SAT Command Authentication Types

+

Some SAT subcommands make requests to the Shasta services through the API gateway and thus require authentication to +the API gateway in order to function. Other SAT subcommands use the Kubernetes API. Some sat commands require S3 to +be configured (see: Generate SAT S3 Credentials). In order to use the SAT S3 bucket, +the System Administrator must generate the S3 access key and secret keys and write them to a local file. This must be +done on every Kubernetes manager node where SAT commands are run.

+

Below is a table describing SAT commands and the types of authentication they require.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
SAT SubcommandAuthentication/Credentials RequiredMan PageDescription
sat authResponsible for authenticating to the API gateway and storing a token.sat-authAuthenticate to the API gateway and save the token.
sat bmccredsRequires authentication to the API gateway.sat-bmccredsSet BMC passwords.
sat bootprepRequires authentication to the API gateway. Requires kubernetes configuration and authentication, which is done on ncn-m001 during the install.sat-bootprepPrepare to boot nodes with images and configurations.
sat bootsysRequires authentication to the API gateway. Requires kubernetes configuration and authentication, which is configured on ncn-m001 during the install. Some stages require passwordless SSH to be configured to all other NCNs. Requires S3 to be configured for some stages.sat-bootsysBoot or shutdown the system, including compute nodes, application nodes, and non-compute nodes (NCNs) running the management software.
sat diagRequires authentication to the API gateway.sat-diagLaunch diagnostics on the HSN switches and generate a report.
sat firmwareRequires authentication to the API gateway.sat-firmwareReport firmware version.
sat hwhistRequires authentication to the API gateway.sat-hwhistReport hardware component history.
sat hwinvRequires authentication to the API gateway.sat-hwinvGive a listing of the hardware of the HPE Cray EX system.
sat hwmatchRequires authentication to the API gateway.sat-hwmatchReport hardware mismatches.
sat initNonesat-initCreate a default SAT configuration file.
sat k8sRequires kubernetes configuration and authentication, which is automatically configured on ncn-w001 during the install.sat-k8sReport on kubernetes replicasets that have co-located replicas (i.e. replicas on the same node).
sat linkhealthThis command has been deprecated.
sat nid2xnameRequires authentication to the API gateway.sat-nid2xnameTranslate node IDs to node xnames.
sat sensorsRequires authentication to the API gateway.sat-sensorsReport current sensor data.
sat setrevRequires S3 to be configured for site information such as system name, serial number, install date, and site name.sat-setrevSet HPE Cray EX system revision information.
sat showrevRequires API gateway authentication in order to query the Interconnect from HSM. Requires S3 to be configured for site information such as system name, serial number, install date, and site name.sat-showrevPrint revision information for the HPE Cray EX system.
sat slscheckRequires authentication to the API gateway.sat-slscheckPerform a cross-check between SLS and HSM.
sat statusRequires authentication to the API gateway.sat-statusReport node status across the HPE Cray EX system.
sat swapRequires authentication to the API gateway.sat-swapPrepare HSN switch or cable for replacement and bring HSN switch or cable into service.
sat xname2nidRequires authentication to the API gateway.sat-xname2nidTranslate node and node BMC xnames to node IDs.
sat switchThis command has been deprecated. It has been replaced by sat swap.
+

In order to authenticate to the API gateway, you must run the sat auth command. This command will prompt for a password +on the command line. The username value is obtained from the following locations, in order of higher precedence to lower +precedence:

+
    +
  • The --username global command-line option.
    • +
  • The username option in the api_gateway section of the config file at ~/.config/sat/sat.toml.
    • +
  • The name of currently logged in user running the sat command.
    • +
+

If credentials are entered correctly when prompted by sat auth, a token file will be obtained and saved to +~/.config/sat/tokens. Subsequent sat commands will determine the username the same way as sat auth described above, +and will use the token for that username if it has been obtained and saved by sat auth.

+

Prerequisites

+ +

Procedure

+

The following is the procedure to globally configure the username used by SAT and authenticate to the API gateway:

+
    +
  1. +

    Generate a default SAT configuration file, if one does not exist.

    +
    ncn-m001# sat init
+Configuration file "/root/.config/sat/sat.toml" generated.
+

    Note: If the config file already exists, it will print out an error:

    +
    ERROR: Configuration file "/root/.config/sat/sat.toml" already exists.
+Not generating configuration file.
+
    2. +
  2. +

    Edit ~/.config/sat/sat.toml and set the username option in the api_gateway section of the config file. E.g.:

    +
    username = "crayadmin"
+
    3. +
  3. +

    Run sat auth. Enter your password when prompted. E.g.:

    +
    ncn-m001# sat auth
+Password for crayadmin:
+Succeeded!
+
    4. +
  4. +

    Other sat commands are now authenticated to make requests to the API gateway. E.g.:

    +
    ncn-m001# sat status
+
    5. +
+

Generate SAT S3 Credentials

+

Generate S3 credentials and write them to a local file so the SAT user can access S3 storage. In order to use the SAT +S3 bucket, the System Administrator must generate the S3 access key and secret keys and write them to a local file. +This must be done on every Kubernetes master node where SAT commands are run.

+

SAT uses S3 storage for several purposes, most importantly to store the site-specific information set with sat setrev +(see: Run Sat Setrev to Set System Information).

+

NOTE: This procedure is only required after initially installing SAT. It is not +required after upgrading SAT.

+

Prerequisites

+ +

Procedure

+
    +
  1. +

    Ensure the files are readable only by root.

    +
    ncn-m001# touch /root/.config/sat/s3_access_key \
+    /root/.config/sat/s3_secret_key
+
    ncn-m001# chmod 600 /root/.config/sat/s3_access_key \
+    /root/.config/sat/s3_secret_key
+
    2. +
  2. +

    Write the credentials to local files using kubectl.

    +
    ncn-m001# kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.access_key}' | base64 -d > \
+    /root/.config/sat/s3_access_key
+
    ncn-m001# kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.secret_key}' | base64 -d > \
+    /root/.config/sat/s3_secret_key
+
    3. +
  3. +

    Verify the S3 endpoint specified in the SAT configuration file is correct.

    +
      +
    1. +

      Get the SAT configuration file’s endpoint value.

      +

      NOTE: If the command’s output is commented out, indicated by an initial # +character, the SAT configuration will take the default value – "https://rgw-vip.nmn".

      +
      ncn-m001# grep endpoint ~/.config/sat/sat.toml
+# endpoint = "https://rgw-vip.nmn"
+
      2. +
    2. +

      Get the sat-s3-credentials secret’s endpoint value.

      +
      ncn-m001# kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.s3_endpoint}' | base64 -d | xargs
+https://rgw-vip.nmn
+
      3. +
    3. +

      Compare the two endpoint values.

      +

      If the values differ, change the SAT configuration file’s endpoint value to match the secret’s.

      +
      4. +
    +
    4. +
  4. +

    Copy SAT configurations to each manager node on the system.

    +
    ncn-m001# for i in ncn-m002 ncn-m003; do echo $i; ssh ${i} \
+    mkdir -p /root/.config/sat; \
+    scp -pr /root/.config/sat ${i}:/root/.config; done
+

    NOTE: Depending on how many manager nodes are on the system, the list of manager nodes may +be different. This example assumes three manager nodes, where the configuration files must be +copied from ncn-m001 to ncn-m002 and ncn-m003. Therefore, the list of hosts above is ncn-m002 +and ncn-m003.

    +
    5. +
+

Run sat setrev to Set System Information

+

NOTE: This procedure is only required after initially installing SAT. It is not +required after upgrading SAT.

+

Prerequisites

+ +

Procedure

+
    +
  1. +

    Run sat setrev to set System Revision Information. Follow the on-screen prompts to set +the following site-specific values:

    +
      +
    • Serial number
      • +
    • System name
      • +
    • System type
      • +
    • System description
      • +
    • Product number
      • +
    • Company name
      • +
    • Site name
      • +
    • Country code
      • +
    • System install date
      • +
    +

    TIP: For “System type”, a system with any liquid-cooled components should be +considered a liquid-cooled system. I.e., “System type” is EX-1C.

    +
    ncn-m001# sat setrev
+--------------------------------------------------------------------------------
+Setting:        Serial number
+Purpose:        System identification. This will affect how snapshots are
+                identified in the HPE backend services.
+Description:    This is the top-level serial number which uniquely identifies
+                the system. It can be requested from an HPE representative.
+Valid values:   Alpha-numeric string, 4 - 20 characters.
+Type:           <class 'str'>
+Default:        None
+Current value:  None
+--------------------------------------------------------------------------------
+Please do one of the following to set the value of the above setting:
+    - Input a new value
+    - Press CTRL-C to exit
+...
+
    2. +
  2. +

    Run sat showrev to verify System Revision Information. The following tables contain example information.

    +
    ncn-m001# sat showrev
+################################################################################
+System Revision Information
+################################################################################
++---------------------+---------------+
+| component           | data          |
++---------------------+---------------+
+| Company name        | HPE           |
+| Country code        | US            |
+| Interconnect        | Sling         |
+| Product number      | R4K98A        |
+| Serial number       | 12345         |
+| Site name           | HPE           |
+| Slurm version       | slurm 20.02.5 |
+| System description  | Test System   |
+| System install date | 2021-01-29    |
+| System name         | eniac         |
+| System type         | EX-1C         |
++---------------------+---------------+
+################################################################################
+Product Revision Information
+################################################################################
++--------------+-----------------+------------------------------+------------------------------+
+| product_name | product_version | images                       | image_recipes                |
++--------------+-----------------+------------------------------+------------------------------+
+| csm          | 0.8.14          | cray-shasta-csm-sles15sp1... | cray-shasta-csm-sles15sp1... |
+| sat          | 2.0.1           | -                            | -                            |
+| sdu          | 1.0.8           | -                            | -                            |
+| slingshot    | 0.8.0           | -                            | -                            |
+| sma          | 1.4.12          | -                            | -                            |
++--------------+-----------------+------------------------------+------------------------------+
+################################################################################
+Local Host Operating System
+################################################################################
++-----------+----------------------+
+| component | version              |
++-----------+----------------------+
+| Kernel    | 5.3.18-24.15-default |
+| SLES      | SLES 15-SP2          |
++-----------+----------------------+
+
    3. +
+

Remove obsolete configuration file sections

+

Prerequisites

+ +

Procedure

+

After upgrading SAT, if using the configuration file from a previous version, there may be +configuration file sections no longer used in the new version. For example, when upgrading +from Shasta 1.4 to Shasta 1.5, the [redfish] configuration file section is no longer used. +In that case, the following warning may appear upon running sat commands.

+
WARNING: Ignoring unknown section 'redfish' in config file.
+

Remove the [redfish] section from /root/.config/sat/sat.toml to resolve the warning.

+
[redfish]
+username = "admin"
+password = "adminpass"
+

Repeat this process for any configuration file sections for which there are “unknown section” warnings.

+

SAT Logging

+

As of SAT version 2.2, some command output that was previously printed to stdout +is now logged to stderr. These messages are logged at the INFO level. The +default logging threshold was changed from WARNING to INFO to accomodate +this logging change. Additionally, some messages previously logged at the INFO +are now logged at the DEBUG level.

+

These changes take effect automatically. However, if the default output threshold +has been manually set in ~/.config/sat/sat.toml, it should be changed to ensure +that important output is shown in the terminal.

+

Update Configuration

+

In the following example, the stderr log level, logging.stderr_level, is set to +WARNING, which will exclude INFO-level logging from terminal output.

+
ncn-m001:~ # grep -A 3 logging ~/.config/sat/sat.toml
+[logging]
+...
+stderr_level = "WARNING"
+

To enable the new default behavior, comment this line out, delete it, or set +the value to “INFO”.

+

If logging.stderr_level is commented out, its value will not affect logging +behavior. However, it may be helpful set its value to INFO as a reminder of +the new default behavior.

+

Affected Commands

+

The following commands trigger messages that have been changed from stdout +print calls to INFO-level (or WARNING- or ERROR-level) log messages:

+
sat bootsys --stage shutdown --stage session-checks
+sat sensors
+

The following commands trigger messages that have been changed from INFO-level +log messages to DEBUG-level log messages:

+
sat nid2xname
+sat xname2nid
+sat swap
+

Uninstall: Removing a Version of SAT

+

Prerequisites

+
    +
  • Only versions 2.2 or newer of SAT can be uninstalled with prodmgr. Older versions must be uninstalled manually.
    • +
  • CSM version 1.2 or newer must be installed, so that the prodmgr command is available.
    • +
+

Procedure

+
    +
  1. +

    Use sat showrev to list versions of SAT.

    +

    NOTE: It is not recommended to uninstall a version designated as “active”. +If the active version is uninstalled, then the activate procedure must be executed +on a remaining version.

    +
    ncn-m001# sat showrev --products --filter product_name=sat
+###############################################################################
+Product Revision Information
+###############################################################################
++--------------+-----------------+--------+-------------------+-----------------------+
+| product_name | product_version | active | images            | image_recipes         |
++--------------+-----------------+--------+-------------------+-----------------------+
+| sat          | 2.3.3           | True   | -                 | -                     |
+| sat          | 2.2.10          | False  | -                 | -                     |
++--------------+-----------------+--------+-------------------+-----------------------+
+
    2. +
  2. +

    Use prodmgr to uninstall a version of SAT.

    +

    This command will do three things:

    +
      +
    • Remove all hosted-type package repositories associated with the given version of SAT. Group-type +repositories are not removed.
      • +
    • Remove all container images associated with the given version of SAT.
      • +
    • Remove SAT from the cray-product-catalog Kubernetes ConfigMap, so that it will no longer show up +in the output of sat showrev.
      • +
    +
    ncn-m001# prodmgr uninstall sat 2.2.10
+Repository sat-2.2.10-sle-15sp2 has been removed.
+Removed Docker image cray/cray-sat:3.9.0
+Removed Docker image cray/sat-cfs-install:1.0.2
+Removed Docker image cray/sat-install-utility:1.4.0
+Deleted sat-2.2.10 from product catalog.
+
    3. +
+

Activate: Switching Between Versions

+

This procedure can be used to downgrade the active version of SAT.

+

Prerequisites

+
    +
  • Only versions 2.2 or newer of SAT can be activated. Older versions must be activated manually.
    • +
  • CSM version 1.2 or newer must be installed, so that the prodmgr command is available.
    • +
+

Procedure

+
    +
  1. +

    Use sat showrev to list versions of SAT.

    +
    ncn-m001# sat showrev --products --filter product_name=sat
+###############################################################################
+Product Revision Information
+###############################################################################
++--------------+-----------------+--------+--------------------+-----------------------+
+| product_name | product_version | active | images             | image_recipes         |
++--------------+-----------------+--------+--------------------+-----------------------+
+| sat          | 2.3.3           | True   | -                  | -                     |
+| sat          | 2.2.10          | False  | -                  | -                     |
++--------------+-----------------+--------+--------------------+-----------------------+
+
    2. +
  2. +

    Use prodmgr to activate a different version of SAT.

    +

    This command will do three things:

    +
      +
    • For all hosted-type package repositories associated with this version of SAT, set them as the sole member +of their corresponding group-type repository. For example, activating SAT version 2.2.10 +sets the repository sat-2.2.10-sle-15sp2 as the only member of the sat-sle-15sp2 group.
      • +
    • Set the version 2.2.10 as active within the product catalog, so that it appears active in the output of +sat showrev.
      • +
    • Ensure that the SAT CFS configuration content exists as a layer in all CFS configurations that are +associated with NCNs with the role “Management” and subrole “Master” (for example, the CFS configuration +ncn-personalization). Specifically, it will ensure that the layer refers to the version of SAT CFS +configuration content associated with the version of SAT being activated.
      • +
    +
    ncn-m001# prodmgr activate sat 2.2.10
+Repository sat-2.2.10-sle-15sp2 is now the default in sat-sle-15sp2.
+Set sat-2.2.10 as active in product catalog.
+Updated CFS configurations: [ncn-personalization]
+
    3. +
  3. +

    Verify that the chosen version is marked as active.

    +
    ncn-m001# sat showrev --products --filter product_name=sat
+###############################################################################
+Product Revision Information
+###############################################################################
++--------------+-----------------+--------+--------------------+-----------------------+
+| product_name | product_version | active | images             | image_recipes         |
++--------------+-----------------+--------+--------------------+-----------------------+
+| sat          | 2.3.3           | False  | -                  | -                     |
+| sat          | 2.2.10          | True   | -                  | -                     |
++--------------+-----------------+--------+--------------------+-----------------------+
+
    4. +
  4. +

    Run NCN Personalization.

    +

    At this point, the command has modified Nexus package repositories to set a particular package repository +as active, but no packages on the NCNs have been changed. In order to complete the activation process, +NCN Personalization must be executed to change the cray-sat-podman package version on the manager NCNs.

    +

    NOTE: Refer to the command output from step 2 for the names of all CFS configurations that were updated, +which may not necessarily be just ncn-personalization. If multiple configurations were updated in step 2, then +a cray cfs sessions create command should be run for each of them. This example assumes a single configuration +named ncn-personalization was updated. If multiple were updated, set cfs_configurations to a space-separated +list below.

    +
    ncn-m001# cfs_configurations="ncn-personalization"
+ncn-m001# for cfs_configuration in ${cfs_configurations}
+do cray cfs sessions create --name "sat-session-${cfs_configuration}" --configuration-name \
+    "${cfs_configuration}" --configuration-limit sat-ncn;
+done
+
    5. +
  5. +

    Monitor the progress of each CFS session.

    +

    This step assumes a single session named sat-session-ncn-personalization was created in the previous step.

    +

    First, list all containers associated with the CFS session:

    +
    ncn-m001# kubectl get pod -n services --selector=cfsession=sat-session-ncn-personalization \
+    -o json | jq '.items[0].spec.containers[] | .name'
+"inventory"
+"ansible-1"
+"istio-proxy"
+

    Next, get the logs for the ansible-1 container.

    +

    NOTE: the trailing digit might differ from “1”. It is the zero-based +index of the sat-ncn layer within the configuration’s layers.

    +
    ncn-m001# kubectl logs -c ansible-1 --tail 100 -f -n services \
+    --selector=cfsession=sat-session-ncn-personalization
+

    Ansible plays, which are run by the CFS session, will install SAT on all the +manager NCNs on the system. Successful results for all of the manager NCN xnames +can be found at the end of the container log. For example:

    +
    ...
+PLAY RECAP *********************************************************************
+x3000c0s1b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+x3000c0s3b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+x3000c0s5b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+

    Execute this step for each unique CFS configuration.

    +

    NOTE: Ensure that the PLAY RECAPs for each session show successes for all +manager NCNs before proceeding.

    +
    6. +
  6. +

    Verify the new version of the SAT CLI.

    +

    NOTE: This version number will differ from the version number of the SAT +release distribution. This is the semantic version of the SAT Python package, +which is different from the version number of the overall SAT release distribution.

    +
    ncn-m001# sat --version
+3.9.0
+
    7. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-22/introduction/index.html b/en-22/introduction/index.html new file mode 100644 index 0000000000..48b0df9f74 --- /dev/null +++ b/en-22/introduction/index.html @@ -0,0 +1,823 @@ + + + + + + + + + + + + Introduction to SAT :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

Introduction to SAT

+

About System Admin Toolkit (SAT)

+

The System Admin Toolkit (SAT) is designed to assist administrators with common tasks, such as troubleshooting and +querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware +components.

+

SAT offers a command line utility which uses subcommands. There are similarities between SAT commands and xt commands +used on the Cray XC platform. For more information on SAT commands, see System Admin Toolkit Command Overview.

+

Six Kibana Dashboards are included with SAT. They provide organized output for system health information.

+ +

Four Grafana Dashboards are included with SAT. They display messages that are generated by the HSN (High Speed Network) and +are reported through Redfish.

+ +

SAT is installed as a separate product as part of the HPE Cray EX System base installation.

+

System Admin Toolkit Command Overview

+

Describes the SAT Command Line Utility, lists the key commands found in the System Admin Toolkit man pages, and provides +instruction on the SAT Container Environment.

+

SAT Command Line Utility

+

The primary component of the System Admin Toolkit (SAT) is a command-line utility run from Kubernetes manager nodes +(ncn-m nodes).

+

It is designed to assist administrators with common tasks, such as troubleshooting and querying information about the +HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components. There are +similarities between SAT commands and xt commands used on the Cray XC platform.

+

SAT Commands

+

The top-level SAT man page describes the toolkit, documents the global options affecting all subcommands, documents +configuration file options, and references the man page for each subcommand. SAT consists of many subcommands that each +have their own set of options.

+

SAT Container Environment

+

The sat command-line utility runs in a container using podman, a daemonless container runtime. SAT runs on Kubernetes +manager nodes. A few important points about the SAT container environment include the following:

+
    +
  • Using either sat or sat bash always launches a container.
    • +
  • The SAT container does not have access to the NCN file system.
    • +
+

There are two ways to run sat.

+
    +
  • Interactive: Launching a container using sat bash, followed by a sat command.
    • +
  • Non-interactive: Running a sat command directly on a Kubernetes manager node.
    • +
+

In both of these cases, a container is launched in the background to execute the command. The first option, running +sat bash first, gives an interactive shell, at which point sat commands can be run. In the second option, the +container is launched, executes the command, and upon the command’s completion the container exits. The following two +examples show the same action, checking the system status, using interactive and non-interactive modes.

+

Interactive

+
ncn-m001# sat bash
+(CONTAINER-ID)sat-container# sat status
+

Non-interactive

+
ncn-m001# sat status
+

Interactive Advantages

+

Running sat using the interactive command prompt gives the ability to read and write local files on ephemeral +container storage. If multiple sat commands are being run in succession, then use sat bash to launch the +container beforehand. This will save time because the container does not need to be launched for each sat command.

+

Non-interactive Advantages

+

The non-interactive mode is useful if calling sat with a script, or when running a single sat command as a part of +several steps that need to be executed from a management NCN.

+

Man Pages - Interactive and Non-interactive Modes

+

To view a sat man page from a Kubernetes manager node, use sat-man on the manager node as shown in the following +example.

+
ncn-m001# sat-man status
+

A man page describing the SAT container environment is available on the Kubernetes manager nodes, which can be viewed +either with man sat or man sat-podman from the manager node.

+
ncn-m001# man sat
+
ncn-m001# man sat-podman
+

Command Prompt Conventions in SAT

+

The host name in a command prompt indicates where the command must be run. The account that must run the command is +also indicated in the prompt.

+
    +
  • The root or super-user account always has the # character at the end of the prompt and has the host name of the +host in the prompt.
    • +
  • Any non-root account is indicated with account@hostname>. A user account that is neither root nor crayadm is +referred to as user.
    • +
  • The command prompt inside the SAT container environment is indicated with the string as follows. It also has the “#” +character at the end of the prompt.
    • +
+ + + + + + + + + + + + + + + + + +
Command PromptMeaning
ncn-m001#Run on one of the Kubernetes Manager servers. (Non-interactive)
(CONTAINER_ID) sat-container#Run the command inside the SAT container environment by first running sat bash. (Interactive)
+

Examples of the sat status command used by an administrator:

+
ncn-m001# sat status
+
ncn-m001# sat bash
+(CONTAINER_ID) sat-container# sat status
+

SAT Dependencies

+

Most sat subcommands depend on services or components from other products in the +HPE Cray EX (Shasta) software stack. The following list shows these dependencies +for each subcommand. Each service or component is listed under the product it belongs to.

+

sat auth

+

CSM

+
    +
  • Keycloak
    • +
+

sat bmccreds

+

CSM

+
    +
  • System Configuration Service (SCSD)
    • +
+

sat bootprep

+

CSM

+
    +
  • Boot Orchestration Service (BOS)
    • +
  • Configuration Framework Service (CFS)
    • +
  • Image Management Service (IMS)
    • +
  • Version Control Service (VCS)
    • +
  • Kubernetes
    • +
  • S3
    • +
+

sat bootsys

+

CSM

+
    +
  • Boot Orchestration Service (BOS)
    • +
  • Cray Advanced Platform Monitoring and Control (CAPMC)
    • +
  • Ceph
    • +
  • Compute Rolling Upgrade Service (CRUS)
    • +
  • Etcd
    • +
  • Firmware Action Service (FAS)
    • +
  • Hardware State Manager (HSM)
    • +
  • Kubernetes
    • +
  • S3
    • +
+

COS

+
    +
  • Node Memory Dump (NMD)
    • +
+

sat diag

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

CSM-Diag

+
    +
  • Fox
    • +
+

sat firmware

+

CSM

+
    +
  • Firmware Action Service (FAS)
    • +
+

sat hwhist

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat hwinv

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat hwmatch

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat init

+

None

+

sat k8s

+

CSM

+
    +
  • Kubernetes
    • +
+

sat nid2xname

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat sensors

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
  • HM Collector
    • +
+

SMA

+
    +
  • Telemetry API
    • +
+

sat setrev

+

CSM

+
    +
  • S3
    • +
+

sat showrev

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
  • Kubernetes
    • +
  • S3
    • +
+

sat slscheck

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
  • Kubernetes
    • +
  • S3
    • +
+

sat status

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat swap

+

Slingshot

+
    +
  • Fabric Manager
    • +
+

sat switch

+

Deprecated: See sat swap

+

sat xname2nid

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-22/release_notes/index.html b/en-22/release_notes/index.html new file mode 100644 index 0000000000..4655a88537 --- /dev/null +++ b/en-22/release_notes/index.html @@ -0,0 +1,1056 @@ + + + + + + + + + + + + SAT Release Notes :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Release Notes

+

Summary of changes in SAT 2.2

+

SAT 2.2.16 was released on February 25th, 2022.

+

This version of the SAT product included:

+
    +
  • Version 3.14.0 of the sat python package and CLI
    • +
  • Version 1.6.4 of the sat-podman wrapper script
    • +
  • Version 1.0.4 of the sat-cfs-install container image and Helm chart
    • +
+

It also added the following new components:

+
    +
  • Version 1.4.3 of the sat-install-utility container image
    • +
  • Version 2.0.2 of the cfs-config-util container image
    • +
+

The following sections detail the changes in this release.

+

Known issues in SAT 2.2

+

sat command unavailable in sat bash shell

+

After launching a shell within the SAT container with sat bash, the sat command will not +be found. For example:

+
(CONTAINER-ID) sat-container:~ # sat status
+bash: sat: command not found
+

This can be resolved temporarily in one of two ways. /sat/venv/bin/ may be prepended to the +$PATH environment variable:

+
(CONTAINER-ID) sat-container:~ # export PATH=/sat/venv/bin:$PATH
+(CONTAINER-ID) sat-container:~ # sat status
+

Or, the file /sat/venv/bin/activate may be sourced:

+
(CONTAINER-ID) sat-container:~ # source /sat/venv/bin/activate
+(CONTAINER-ID) sat-container:~ # sat status
+

Tab completion unavailable in sat bash shell

+

After launching a shell within the SAT container with sat bash, tab completion for sat +commands does not work.

+

This can be resolved temporarily by sourcing the file /etc/bash_completion.d/sat-completion.bash:

+
source /etc/bash_completion.d/sat-completion.bash
+

OCI runtime permission error when running sat in root directory

+

sat commands will not work if the current directory is /. For example:

+
ncn-m001:/ # sat --help
+Error: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: open /dev/console: operation not permitted: OCI runtime permission denied error
+

To resolve, run sat in another directory.

+

Duplicate mount error when running sat in config directory

+

sat commands will not work if the current directory is ~/.config/sat. For example:

+
ncn-m001:~/.config/sat # sat --help
+Error: /root/.config/sat: duplicate mount destination
+

To resolve, run sat in another directory.

+

New sat commands

+
    +
  • sat bootprep automates the creation of CFS configurations, the build and +customization of IMS images, and the creation of BOS session templates. See +SAT Bootprep for details.
    • +
  • sat slscheck performs a check for consistency between the System Layout +Service (SLS) and the Hardware State Manager (HSM).
    • +
  • sat bmccreds provides a simple interface for interacting with the System +Configuration Service (SCSD) to set BMC Redfish credentials.
    • +
  • sat hwhist displays hardware component history by xname (location) or by +its Field-Replaceable Unit ID (FRUID). This command queries the Hardware +State Manager (HSM) API to obtain this information. Since the sat hwhist +command supports querying for the history of a component by its FRUID, the +FRUID of components has been added to the output of sat hwinv.
    • +
+

Additional Install Automation

+

The following automation has been added to the install script, install.sh:

+
    +
  • Wait for the completion of the sat-config-import Kubernetes job, which is +started when the sat-cfs-install Helm chart is deployed.
    • +
  • Automate the modification of the CFS configuration, which applies to master +management NCNs (e.g. “ncn-personalization”).
    • +
+

Changes to Product Catalog Data Schema

+

The SAT product uploads additional information to the cray-product-catalog +Kubernetes ConfigMap detailing the components it provides, including container +(Docker) images, Helm charts, RPMs, and package repositories.

+

This information is used to support uninstall and activation of SAT product +versions moving forward.

+

Support for Uninstall and Activation of SAT Versions

+

Beginning with the 2.2 release, SAT now provides partial support for the +uninstall and activation of the SAT product stream.

+

See Uninstall: Removing a Version of SAT +and Activate: Switching Between Versions +for details.

+

Improvements to sat status

+

A Subrole column has been added to the output of sat status. This allows you +to easily differentiate between master, worker, and storage nodes in the +management role, for example.

+

Hostname information from SLS has been added to sat status output.

+

Added Support for JSON Output

+

Support for JSON-formatted output has been added to commands which currently +support the --format option, such as hwinv, status, and showrev.

+

Usability Improvements

+

Many usability improvements have been made to multiple sat commands, +mostly related to filtering command output. The following are some highlights:

+
    +
  • Added --fields option to display only specific fields for subcommands which +display tabular reports.
    • +
  • Added ability to filter on exact matches of a field name.
    • +
  • Improved handling of multiple matches of a field name in --filter queries +so that the first match is used, similar to --sort-by.
    • +
  • Added support for --filter, --fields, and --reverse for summaries +displayed by sat hwinv.
    • +
  • Added borders to summary tables generated by sat hwinv.
    • +
  • Improved documentation in the man pages.
    • +
+

Default Log Level Changed

+

The default log level for stderr has been changed from “WARNING” to “INFO”. For +details, see SAT Logging.

+

More Granular Log Level Configuration Options

+

With the command-line options --loglevel-stderr and --loglevel-file, the log level +can now be configured separately for stderr and the log file.

+

The existing --loglevel option is now an alias for the --loglevel-stderr option.

+

Podman Wrapper Script Improvements

+

The Podman wrapper script is the script installed at /usr/bin/sat on the +master management NCNs by the cray-sat-podman RPM that runs the cray-sat +container in podman. The following subsections detail improvements that were +made to the wrapper script in this release.

+

Mounting of $HOME and Current Directories in cray-sat Container

+

The Podman wrapper script that launches the cray-sat container with podman +has been modified to mount the user’s current directory and home directory into +the cray-sat container to provide access to local files in the container.

+

Podman Wrapper Script Documentation Improvements

+

The man page for the Podman wrapper script, which is accessed by typing man sat on a master management NCN, has been improved to document the following:

+
    +
  • Environment variables that affect execution of the wrapper script
    • +
  • Host files and directories mounted in the container
    • +
+

Fixes to Podman Wrapper Script Output Redirection

+

Fixed issues with redirecting stdout and stderr, and piping output to commands, +such as awk, less, and more.

+

Configurable HTTP Timeout

+

A new sat option has been added to configure the HTTP timeout length for +requests to the API gateway. See sat-man sat for details.

+

sat bootsys Improvements

+

Many improvements and fixes have been made to sat bootsys. The following are some +highlights:

+
    +
  • Added the --excluded-ncns option, which can be used to omit NCNs +from the platform-services and ncn-power stages in case they are +inaccessible.
    • +
  • Disruptive shutdown stages in sat bootsys shutdown now prompt the user to +continue before proceeding. A new option, --disruptive, will bypass this.
    • +
  • Improvements to Ceph service health checks and restart during the platform-services +stage of sat bootsys boot.
    • +
+

sat xname2nid Improvements

+

sat xname2nid can now recursively expand slot, chassis, and cabinet xnames to +a list of nids in those locations.

+

A new --format option has been added to sat xname2nid. It sets the output format to +either “range” (the default) or “nid”. The “range” format displays nids in a +compressed range format suitable for use with a workload manager like Slurm.

+

Usage of v2 HSM API

+

The commands which interact with HSM (e.g., sat status and sat hwinv) now +use the v2 HSM API.

+

sat diag Limited to HSN Switches

+

sat diag will now only operate against HSN switches by default. These are the +only controllers that support running diagnostics with HMJTD.

+

sat showrev Enhancements

+

A column has been added to the output of sat showrev that indicates whether a +product version is “active”. The definition of “active” varies across products, +and not all products may set an “active” version.

+

For SAT, the active version is the one with its hosted-type package repository in +Nexus set as the member of the group-type package repository in Nexus, +meaning that it will be used when installing the cray-sat-podman RPM.

+

cray-sat Container Image Size Reduction

+

The size of the cray-sat container image has been approximately cut in half by +leveraging multi-stage builds. This also improved the repeatability of the unit +tests by running them in the container.

+

Bug Fixes

+

Minor bug fixes were made in cray-sat and in cray-sat-podman. For full change lists, +see each repository’s CHANGELOG.md file.

+

Summary of SAT changes in Shasta v1.5

+

We released version 2.1.16 of the SAT product in Shasta v1.5.

+

This version of the SAT product included:

+
    +
  • Version 3.7.4 of the sat python package and CLI
    • +
  • Version 1.4.10 of the sat-podman wrapper script
    • +
+

It also added the following new component:

+
    +
  • Version 1.0.3 of the sat-cfs-install docker image and helm chart
    • +
+

The following sections detail the changes in this release.

+

Install Changes to Separate Product from CSM

+

This release further decouples the installation of the SAT product from the CSM +product. The cray-sat-podman RPM is no longer installed in the management +non-compute node (NCN) image. Instead, the cray-sat-podman RPM is installed on +all master management NCNs via an Ansible playbook which is referenced by a +layer of the CFS configuration that applies to management NCNs. This CFS +configuration is typically named “ncn-personalization”.

+

The SAT product now includes a Docker image and a Helm chart named +sat-cfs-install. The SAT install script, install.sh, deploys the Helm chart +with Loftsman. This helm chart deploys a Kubernetes job that imports the +SAT Ansible content to a git repository in VCS (Gitea) named sat-config-management. +This repository is referenced by the layer added to the NCN personalization +CFS configuration.

+

Removal of Direct Redfish Access

+

All commands which used to access Redfish directly have either been removed or +modified to use higher-level service APIs. This includes the following commands:

+
    +
  • sat sensors
    • +
  • sat diag
    • +
  • sat linkhealth
    • +
+

The sat sensors command has been rewritten to use the SMA telemetry API to +obtain the latest sensor values. The command’s usage has changed slightly, but +legacy options work as before, so it is backwards compatible. Additionally, new +commands have been added.

+

The sat diag command has been rewritten to use a new service called Fox, which +is delivered with the CSM-diags product. The sat diag command now launches +diagnostics using the Fox service, which launches the corresponding diagnostic +executables on controllers using the Hardware Management Job and Task Daemon +(HMJTD) over Redfish. Essentially, Fox serves as a proxy for us to start +diagnostics over Redfish.

+

The sat linkhealth command has been removed. Its functionality has been +replaced by functionality from the Slingshot Topology Tool (STT) in the +fabric manager pod.

+

The Redfish username and password command line options and config file options +have been removed. For further instructions, see Remove Obsolete Configuration +File Sections.

+

Additional Fields in sat setrev and sat showrev

+

sat setrev now collects the following information from the admin, which is then displayed by sat showrev:

+
    +
  • System description
    • +
  • Product number
    • +
  • Company name
    • +
  • Country code
    • +
+

Additional guidance and validation has been added to each field collected by +sat setrev. This sets the stage for sdu setup to stop collecting this +information and instead collect it from sat showrev or its S3 bucket.

+

Improvements to sat bootsys

+

The platform-services stage of the sat bootsys boot command has been +improved to start inactive Ceph services, unfreeze Ceph, and wait for Ceph +health in the correct order. The ceph-check stage has been removed as it is no +longer needed.

+

The platform-services stage of sat bootsys boot now prompts for confirmation +of the storage NCN hostnames in addition to the Kubernetes masters and workers.

+

Bug Fixes and Security Fixes

+
    +
  • Improved error handling in sat firmware.
    • +
  • Incremented version of Alpine Linux to 3.13.2 to address a security +vulnerability.
    • +
+

Other Notable Changes

+
    +
  • Ansible has been removed from the cray-sat container image.
    • +
  • Support for the Firmware Update Service (FUS) has been removed from the sat firmware command.
    • +
+

Summary of SAT Changes in Shasta v1.4.1

+

We released version 2.0.4 of the SAT product in Shasta v1.4.1.

+

This version of the SAT product included:

+
    +
  • Version 3.5.0 of the sat python package and CLI.
    • +
  • Version 1.4.3 of the sat-podman wrapper script.
    • +
+

The following sections detail the changes in this release.

+

New Commands to Translate Between NIDs and XNames

+

Two new commands were added to translate between NIDs and XNames:

+
    +
  • sat nid2xname
    • +
  • sat xname2nid
    • +
+

These commands perform this translation by making requests to the Hardware +State Manager (HSM) API.

+

Bug Fixes

+
    +
  • Fixed a problem in sat swap where creating the offline port policy failed.
    • +
  • Changed sat bootsys shutdown --stage bos-operations to no longer forcefully +power off all compute nodes and application nodes using CAPMC when BOS +sessions complete or time out.
    • +
  • Fixed an issue with the command sat bootsys boot --stage cabinet-power.
    • +
+

Summary of SAT Changes in Shasta v1.4

+

In Shasta v1.4, SAT became an independent product, which meant we began to +designate a version number for the entire SAT product. We released version +2.0.3 of the SAT product in Shasta v1.4.

+

This version of the SAT product included the following components:

+
    +
  • Version 3.4.0 of the sat python package and CLI
    • +
+

It also added the following new component:

+
    +
  • Version 1.4.2 of the sat-podman wrapper script
    • +
+

The following sections detail the changes in this release.

+

SAT as an Independent Product

+

SAT is now packaged and released as an independent product. The product +deliverable is called a “release distribution”. The release distribution is a +gzipped tar file containing an install script. This install script loads the +cray/cray-sat container image into the Docker registry in Nexus and loads the +cray-sat-podman RPM into a package repository in Nexus.

+

In this release, the cray-sat-podman package is still installed in the master +and worker NCN images provided by CSM. This is changed in SAT 2.1.16 released in +Shasta v1.5.

+

SAT Running in a Container Under Podman

+

The sat command now runs in a container under Podman. The sat executable is +now installed on all nodes in the Kubernetes management cluster (i.e., workers +and masters). This executable is a wrapper script that starts a SAT container in +Podman and invokes the sat Python CLI within that container. The admin can run +individual sat commands directly on the master or worker NCNs as before, or +they can run sat commands inside the SAT container after using sat bash to +enter an interactive shell inside the SAT container.

+

To view man pages for sat commands, the user can run sat-man SAT_COMMAND, +replacing SAT_COMMAND with the name of the sat command. Alternatively, +the user can enter the sat container with sat bash and use the man command.

+

New sat init Command and Config File Location Change

+

The default location of the SAT config file has been changed from /etc/sat.toml +to ~/.config/sat/sat.toml. A new command, sat init, has been added that +initializes a configuration file in the new default directory. This better supports +individual users on the system who want their own config files.

+

~/.config/sat is mounted into the container that runs under Podman, so changes +are persistent across invocations of the sat container. If desired, an alternate +configuration directory can be specified with the SAT_CONFIG_DIR environment variable.

+

Additionally, if a config file does not yet exist when a user runs a sat +command, one is generated automatically.

+

Additional Types Added to sat hwinv

+

Additional functionality has been added to sat hwinv including:

+
    +
  • List node enclosure power supplies with the --list-node-enclosure-power-supplies option.
    • +
  • List node accelerators (e.g., GPUs) with the --list-node-accels option. The count of +node accelerators is also included for each node.
    • +
  • List node accelerator risers (e.g., Redstone modules) with the --list-node-accel-risers +option. The count of node accelerator risers is also included for each node.
    • +
  • List High-Speed Node Network Interface Cards (HSN NICs) with the --list-node-hsn-nics +option. The count of HSN NICs is also included for each node.
    • +
+

Documentation for these new options has been added to the man page for sat hwinv.

+

Site Information Stored by sat setrev in S3

+

The sat setrev and sat showrev commands now use S3 to store and obtain site +information, including system name, site name, serial number, install date, and +system type. Since the information is stored in S3, it will now be consistent +regardless of the node on which sat is executed.

+

As a result of this change, S3 credentials must be configured for SAT. For detailed +instructions, see Generate SAT S3 Credentials.

+

Product Version Information Shown by sat showrev

+

sat showrev now shows product information from the cray-product-catalog +ConfigMap in Kubernetes.

+

Additional Changes to sat showrev

+

The output from sat showrev has also been changed in the following ways:

+
    +
  • The --docker and --packages options were considered misleading and have +been removed.
    • +
  • Information pertaining to only to the local host, where the command is run, +has been moved to the output of the --local option.
    • +
+

Removal of sat cablecheck

+

The sat cablecheck command has been removed. To verify that the system’s Slingshot +network is cabled correctly, admins should now use the show cables command in the +Slingshot Topology Tool (STT).

+

sat swap Command Compatibility with Next-gen Fabric Controller

+

The sat swap command was added in Shasta v1.3.2. This command used the Fabric +Controller API. Shasta v1.4 introduced a new Fabric Manager API and removed the +Fabric Controller API, so this command has been rewritten to use the new +backwards-incompatible API. Usage of the command did not change.

+

sat bootsys Functionality

+

Much of the functionality added to sat bootsys in Shasta v1.3.2 was broken +by changes introduced in Shasta v1.4, which removed the Ansible inventory +and playbooks.

+

The functionality in the platform-services stage of sat bootsys has been +re-implemented to use python directly instead of Ansible. This resulted in +a more robust procedure with better logging to the sat log file. Failures +to stop containers on Kubernetes nodes are handled more gracefully, and +more information about the containers that failed to stop, including how to +debug the problem, is included.

+

Improvements were made to console logging setup for non-compute nodes +(NCNs) when they are shut down and booted.

+

The following improvements were made to the bos-operations stage +of sat bootsys:

+
    +
  • More information about the BOS sessions, BOA jobs, and BOA pods is printed.
    • +
  • A command-line option, --bos-templates, and a corresponding config-file +option, bos_templates, were added, and the --cle-bos-template and +--uan-bos-template options and their corresponding config file options were +deprecated.
    • +
+

The following functionality has been removed from sat bootsys:

+
    +
  • The hsn-bringup stage of sat bootsys boot has been removed due to removal +of the underlying Ansible playbook.
    • +
  • The bgp-check stage of sat bootys {boot,shutdown} has been removed. It is +now a manual procedure.
    • +
+

Log File Location Change

+

The location of the sat log file has changed from /var/log/cray/sat.log to +/var/log/cray/sat/sat.log. This change simplifies mounting this file into the +sat container running under Podman.

+

Summary of SAT Changes in Shasta v1.3.2

+

Shasta v1.3.2 included version 2.4.0 of the sat python package and CLI.

+

The following sections detail the changes in this release.

+

sat swap Command for Switch and Cable Replacement

+

The sat switch command which supported operations for replacing a switch has +been deprecated and replaced with the sat swap command, which now supports +replacing a switch OR cable.

+

The sat swap switch command is equivalent to sat switch. The sat switch +command will be removed in a future release.

+

Addition of Stages to sat bootsys Command

+

The sat bootsys command now has multiple stages for both the boot and +shutdown actions. Please refer to the “System Power On Procedures” and “System +Power Off Procedures” sections of the Cray Shasta Administration Guide (S-8001) +for more details on using this command in the context of a full system power off +and power on.

+

Summary of SAT Changes in Shasta v1.3

+

Shasta v1.3 included version 2.2.3 of the sat python package and CLI.

+

This version of the sat CLI contained the following commands:

+
    +
  • auth
    • +
  • bootsys
    • +
  • cablecheck
    • +
  • diag
    • +
  • firmware
    • +
  • hwinv
    • +
  • hwmatch
    • +
  • k8s
    • +
  • linkhealth
    • +
  • sensors
    • +
  • setrev
    • +
  • showrev
    • +
  • status
    • +
  • swap
    • +
  • switch
    • +
+

See the System Admin Toolkit Command Overview +and the table of commands in the SAT Authentication section +of this document for more details on each of these commands.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-22/sitemap.xml b/en-22/sitemap.xml new file mode 100644 index 0000000000..67f6c0fd28 --- /dev/null +++ b/en-22/sitemap.xml @@ -0,0 +1,308 @@ + + + + /docs-sat/en-22/ + 2024-12-11T03:40:00+00:00 + + + + + + + + /docs-sat/en-22/dashboards/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-22/install/ + 2024-12-11T03:40:00+00:00 + + + + + + + + /docs-sat/en-22/introduction/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-22/dashboards/sat_grafana_dashboards/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-22/dashboards/sat_kibana_dashboards/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-22/release_notes/ + 2024-12-11T03:40:00+00:00 + + + + + + + + /docs-sat/en-22/usage/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-22/categories/ + + + + + + + + /docs-sat/en-22/tags/ + + + + + + + + diff --git a/en-22/tags/index.html b/en-22/tags/index.html new file mode 100644 index 0000000000..e2cbadb624 --- /dev/null +++ b/en-22/tags/index.html @@ -0,0 +1,579 @@ + + + + + + + + + + + + Tags :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ + tag :: + +

+ + + + + + + + +
    + +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-22/tags/index.xml b/en-22/tags/index.xml new file mode 100644 index 0000000000..2e359dd74f --- /dev/null +++ b/en-22/tags/index.xml @@ -0,0 +1,11 @@ + + + + Tags on System Admin Toolkit (SAT) + /docs-sat/en-22/tags/ + Recent content in Tags on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-22 + + + diff --git a/en-22/usage/index.html b/en-22/usage/index.html new file mode 100644 index 0000000000..32ab30a76b --- /dev/null +++ b/en-22/usage/index.html @@ -0,0 +1,858 @@ + + + + + + + + + + + + SAT Usage :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Usage

+

SAT Bootprep

+

SAT provides an automated solution for creating CFS configurations, building +and configuring images in IMS, and creating BOS session templates based on a +given input file which defines how those configurations, images, and session +templates should be created.

+

This automated process centers around the sat bootprep command. Man page +documentation for sat bootprep can be viewed similarly to other SAT commands.

+
ncn-m001# sat-man sat-bootprep
+

SAT Bootprep vs SAT Bootsys

+

sat bootprep is used to create CFS configurations, build and +rename IMS images, and create BOS session templates which tie the +configurations and images together during a BOS session.

+

sat bootsys automates several portions of the boot and shutdown processes, +including (but not limited to) performing BOS operations (such as creating BOS +sessions), powering on and off cabinets, and checking the state of the system +prior to shutdown.

+

Editing a bootprep input file

+

The input file provided to sat bootprep is a YAML-formatted file containing +information which CFS, IMS, and BOS use to create configurations, images, and +BOS session templates respectively. Writing and modifying these input files is +the main task associated with using sat bootprep. An input file is composed of +three main sections, one each for configurations, images, and session templates. +These sections may be specified in any order, and any of the sections may be +omitted if desired.

+

Creating CFS configurations

+

The configurations section begins with a configurations: key.

+
---
+configurations:
+

Under this key, the user can list one or more configurations to create. For +each configuration, a name should be given, in addition to the list of layers +which comprise the configuration. Each layer can be defined by a product name +and optionally a version number, or commit hash or branch in the product’s +configuration repository. Alternatively, a layer can be defined by a Git +repository URL directly, along with an associated branch or commit hash.

+

When a configuration layer is specified in terms of a product name, the layer +is created in CFS by looking up relevant configuration information (including +the configuration repository and commit information) from the +cray-product-catalog Kubernetes ConfigMap as necessary. A version may be +supplied, but if it is absent, the version is assumed to be the latest version +found in the cray-product-catalog.

+
---
+configurations:
+- name: example-configuration
+  layers:
+  - name: example product
+    playbook: example.yml
+    product:
+      name: example
+      version: 1.2.3
+

Alternatively, a configuration layer may be specified by explicitly referencing +the desired configuration repository, along with the branch containing the +intended version of the Ansible playbooks. A commit hash may be specified by replacing +branch with commit.

+
  ...
+  - name: another example product
+    playbook: another-example.yml
+    git:
+      url: "https://vcs.local/vcs/another-example-config-management.git"
+      branch: main
+  ...
+

When sat bootprep is run against an input file, a CFS configuration will be +created corresponding to each configuration in the configurations section. For +example, the configuration created from an input file with the layers listed +above might look something like the following:

+
{
+    "lastUpdated": "2022-02-07T21:47:49Z",
+    "layers": [
+        {
+            "cloneUrl": "https://vcs.local/vcs/example-config-management.git",
+            "commit": "<commit hash>",
+            "name": "example product",
+            "playbook": "example.yml"
+        },
+        {
+            "cloneUrl": "https://vcs.local/vcs/another-example-config-management.git",
+            "commit": "<commit hash>",
+            "name": "another example product",
+            "playbook": "another-example.yml"
+        }
+    ],
+    "name": "example-configuration"
+}
+

Creating IMS images

+

After specifying configurations, the user may add images to the input file +which are to be built by IMS. To add an images section, the user should add +an images key.

+
---
+configurations:
+  ... (omitted for brevity)
+images:
+

Under the images key, the user may define one or more images to be created in +a list. Each element of the list defines a separate IMS image to be built and/or +configured. Images must contain a name, as well as an ims section containing a +definition of the image to be built and/or configured. Images may be defined by +an image recipe, or by a pre-built image. Recipes and pre-built images are +referred to by their names or IDs in IMS. The ims section should also contain +an is_recipe property, which indicates whether the name or ID refers to an +image recipe or a pre-built image. Images may also optionally provide a text +description of the image. This description is not stored or used by sat bootprep or any CSM services, but is useful for documenting images in the input +file.

+
---
+configurations:
+  ... (omitted for brevity)
+images:
+- name: example-compute-image
+  description: >
+    An example compute node image for illustrative purposes.
+  ims:
+    name: example-compute-image-recipe
+    is_recipe: true
+- name: another-example-compute-image
+  description: >
+    Another example compute node image.
+  ims:
+    id: <IMS image UUID>
+    is_recipe: false
+

Images may also contain a configuration property in their definition, which +specifies a configuration with which to customize the built image prior to +booting. If a configuration is specified, then configuration groups must also +be specified using the configuration_group_names property.

+
---
+configurations:
+  ... (omitted for brevity)
+images:
+- name: example-compute-image
+  description: >
+    An example compute node image for illustrative purposes.
+  ims:
+    name: example-compute-image-recipe
+    is_recipe: true
+  configuration: example configuration
+  configuration_group_names:
+  - Compute
+

Creating BOS session templates

+

BOS session templates are the final section of the input file, and are defined +under the session_templates key.

+
---
+configurations:
+  ... (omitted for brevity)
+images:
+  ... (omitted for brevity)
+session_templates:
+

Each session template is defined in terms of its name, an image, a +configuration, and a set of parameters which can be used to configure the +session. The name, image, and configuration are specified with their respective +name, image, and configuration keys. bos_parameters may also be +specified; currently, the only setting under bos_parameters that is supported +is boot_sets, which can be used to define boot sets in the BOS session +template. Each boot set is defined under its own property under boot_sets, and +the value of each boot set can contain the following properties, all of +which are optional:

+
    +
  • kernel_parameters: the parameters passed to the kernel on the command line
    • +
  • network: the network over which the nodes will boot
    • +
  • node_list: nodes to add to the boot set
    • +
  • node_roles_groups: HSM roles to add to the boot set
    • +
  • node_groups: HSM groups to add to the boot set
    • +
  • rootfs_provider: the root file system provider
    • +
  • rootfs_provider_passthrough: parameters to add to the rootfs= kernel +parameter
    • +
+

The properties listed previously are the same as the parameters that can be +specified directly through BOS boot sets. More information can be found in the +CSM documentation on session +templates. +Additional properties not listed are passed through to the BOS session template +as written.

+

An example session template might look like the following:

+
configurations:
+  ... (omitted for brevity)
+images:
+  ... (omitted for brevity)
+session_templates:
+- name: example-session-template
+  image: example-image
+  configuration: example-configuration
+  bos_parameters:
+    boot_sets:
+      example_boot_set:
+        kernel_parameters: ip=dhcp quiet
+        node_list: []
+        rootfs_provider: cpss3
+        rootfs_provider_passthrough: dvs:api-gw-service-nmn.local:300:nmn0
+

Example bootprep input files

+

Putting together all of the previous input file sections, an example bootprep input +file might look something like the following.

+
---
+configurations:
+- name: cos-config
+  layers:
+  - name: cos-integration-2.2.87
+    playbook: site.yml
+    product:
+      name: cos
+      version: 2.2.87
+      branch: integration
+  - name: cpe-integration-21.12.3
+    playbook: pe_deploy.yml
+    product:
+      name: cpe
+      version: 21.12.3
+      branch: integration
+  - name: slurm-master-1.1.1
+    playbook: site.yml
+    product:
+      name: slurm
+      version: 1.1.1
+      branch: master
+images:
+- name: cray-shasta-compute-sles15sp3.x86_64-2.2.35
+  ims:
+    is_recipe: true
+    name: cray-shasta-compute-sles15sp3.x86_64-2.2.35
+  configuration: cos-config
+  configuration_group_names:
+  - Compute
+session_templates:
+- name: cray-shasta-compute-sles15sp3.x86_64-2.2.35
+  image: cray-shasta-compute-sles15sp3.x86_64-2.2.35
+  configuration: cos-config
+  bos_parameters:
+    boot_sets:
+      compute:
+        kernel_parameters: ip=dhcp quiet spire_join_token=${SPIRE_JOIN_TOKEN}
+        node_roles_groups:
+        - Compute
+

Creating a pre-populated example bootprep input file

+

It is possible to create an example bootprep input file using values from the +system’s product catalog using the sat bootprep generate-example command.

+
ncn-m001# sat bootprep generate-example
+INFO: Using latest version (2.3.24-20220113160653) of product cos
+INFO: Using latest version (21.11.4) of product cpe
+INFO: Using latest version (1.0.7) of product slurm
+INFO: Using latest version (1.1.24) of product analytics
+INFO: Using latest version (2.1.5) of product uan
+INFO: Using latest version (21.11.4) of product cpe
+INFO: Using latest version (1.0.7) of product slurm
+INFO: Using latest version (1.1.24) of product analytics
+INFO: Using latest version (2.3.24-20220113160653) of product cos
+INFO: Using latest version (2.1.5) of product uan
+INFO: Wrote example bootprep input file to ./example-bootprep-input.yaml.
+

This file should be reviewed and edited to match the desired parameters of the +configurations, images, and session templates.

+

Viewing built-in generated documentation

+

The contents of the YAML input files described above must conform to a schema +which defines the structure of the data. The schema definition is written using +the JSON Schema format. (Although the format is named “JSON Schema”, the schema +itself is written in YAML as well.) More information, including introductory +materials and a formal specification of the JSON Schema metaschema, can be found +on the JSON Schema website.

+

Viewing the exact schema specification

+

To view the exact schema specification, run sat bootprep view-schema.

+
ncn-m001# sat bootprep view-schema
+---
+$schema: "https://json-schema.org/draft-07/schema"
+title: Bootprep Input File
+description: >
+  A description of the set of CFS configurations to create, the set of IMS
+  images to create and optionally customize with the defined CFS configurations,
+  and the set of BOS session templates to create that reference the defined
+  images and configurations.
+type: object
+additionalProperties: false
+properties:
+  ...
+

Generating user-friendly documentation

+

The raw schema definition can be difficult to understand without experience +working with JSON Schema specifications. For this reason, a feature was included +which can generate user-friendly HTML documentation for the input file schema +which can be browsed with the user’s preferred web browser.

+
    +
  1. +

    Create a documentation tarball using sat bootprep.

    +
    ncn-m001# sat bootprep generate-docs
+INFO: Wrote input schema documentation to /root/bootprep-schema-docs.tar.gz
+

    An alternate output directory can be specified with the --output-dir +option. The generated tarball is always named bootprep-schema-docs.tar.gz.

    +
    ncn-m001# sat bootprep generate-docs --output-dir /tmp
+INFO: Wrote input schema documentation to /tmp/bootprep-schema-docs.tar.gz
+
    2. +
  2. +

    From another machine, copy the tarball to a local directory.

    +
    another-machine$ scp root@ncn-m001:bootprep-schema-docs.tar.gz .
+
    3. +
  3. +

    Extract the contents of the tarball and open the contained index.html.

    +
    another-machine$ tar xzvf bootprep-schema-docs.tar.gz
+x bootprep-schema-docs/
+x bootprep-schema-docs/index.html
+x bootprep-schema-docs/schema_doc.css
+x bootprep-schema-docs/schema_doc.min.js
+another-machine$ open bootprep-schema-docs/index.html
+
    4. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-23/404.html b/en-23/404.html new file mode 100644 index 0000000000..9e96fa3080 --- /dev/null +++ b/en-23/404.html @@ -0,0 +1,59 @@ + + + + + + + + + 404 Page not found + + + + + + + + + + + + + + + + + + +
+
+
+
+

+

+

+

+

+

+

Page not found!

+
+
+ +
+ + + diff --git a/en-23/categories/index.html b/en-23/categories/index.html new file mode 100644 index 0000000000..0d9b6915c7 --- /dev/null +++ b/en-23/categories/index.html @@ -0,0 +1,579 @@ + + + + + + + + + + + + Categories :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ + category :: + +

+ + + + + + + + +
    + +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-23/categories/index.xml b/en-23/categories/index.xml new file mode 100644 index 0000000000..ee0b244dca --- /dev/null +++ b/en-23/categories/index.xml @@ -0,0 +1,11 @@ + + + + Categories on System Admin Toolkit (SAT) + /docs-sat/en-23/categories/ + Recent content in Categories on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-23 + + + diff --git a/en-23/dashboards/index.html b/en-23/dashboards/index.html new file mode 100644 index 0000000000..3d8a9308c2 --- /dev/null +++ b/en-23/dashboards/index.html @@ -0,0 +1,561 @@ + + + + + + + + + + + + SAT Dashboards :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + + +

SAT Dashboards

+ + + + + + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-23/dashboards/index.xml b/en-23/dashboards/index.xml new file mode 100644 index 0000000000..56d7a3ca5d --- /dev/null +++ b/en-23/dashboards/index.xml @@ -0,0 +1,26 @@ + + + + SAT Dashboards on System Admin Toolkit (SAT) + /docs-sat/en-23/dashboards/ + Recent content in SAT Dashboards on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-23 + Wed, 11 Dec 2024 03:40:00 +0000 + + + SAT Grafana Dashboards + /docs-sat/en-23/dashboards/sat_grafana_dashboards/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-23/dashboards/sat_grafana_dashboards/ + SAT Grafana Dashboards The SAT Grafana Dashboards display messages that are generated by the HSN (High Speed Network) and reported through Redfish. The messages are displayed based on severity. Grafana can be accessed via web browser at the following URL: https://sma-grafana.cmn.&lt;site-domain&gt; The value of site-domain can be obtained as follows: ncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath=&#39;{.data.customizations\.yaml}&#39; | \ base64 -d | grep &#34;external:&#34; That command will produce the following output, for example: + + + SAT Kibana Dashboards + /docs-sat/en-23/dashboards/sat_kibana_dashboards/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-23/dashboards/sat_kibana_dashboards/ + SAT Kibana Dashboards Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored in Elasticsearch indices. Kibana runs as a web service and has a browser-based interface. It offers visual output of node data in the forms of charts, tables and maps that display real-time Elasticsearch queries. Viewing system data in this way breaks down the complexity of large data volumes into easily understood information. + + + diff --git a/en-23/dashboards/sat_grafana_dashboards/index.html b/en-23/dashboards/sat_grafana_dashboards/index.html new file mode 100644 index 0000000000..bbc472b260 --- /dev/null +++ b/en-23/dashboards/sat_grafana_dashboards/index.html @@ -0,0 +1,666 @@ + + + + + + + + + + + + SAT Grafana Dashboards :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Grafana Dashboards

+

The SAT Grafana Dashboards display messages that are generated by the HSN (High Speed Network) and reported through +Redfish. The messages are displayed based on severity.

+

Grafana can be accessed via web browser at the following URL:

+
    +
  • https://sma-grafana.cmn.<site-domain>
    • +
+

The value of site-domain can be obtained as follows:

+
ncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath='{.data.customizations\.yaml}' | \
+    base64 -d | grep "external:"
+

That command will produce the following output, for example:

+
    external: EXAMPLE_DOMAIN.com
+

This would result in the address for Grafana being https://sma-grafana.cmn.EXAMPLE_DOMAIN.com

+

For additional details about how to access the Grafana Dashboards refer to Access the Grafana Monitoring UI in the +SMA product documentation.

+

For more information about the interpretation of metrics for the SAT Grafana Dashboards refer to Fabric Telemetry +Kafka Topics in the SMA product documentation.

+ +

There are four Fabric Telemetry dashboards used in SAT that report on the HSN. Two contain chart panels and two display +telemetry in a tabular format.

+ + + + + + + + + + + + + + + + + + + + + + + + + +
Dashboard NameDisplay Type
Fabric CongestionChart Panels
Fabric RFC3635Chart Panels
Fabric ErrorsTabular Format
Fabric Port StateTabular Format
+

The tabular format presents a single point of telemetry for a given location and metric, either because the telemetry +is not numerical or that it changes infrequently. The value shown is the most recently reported value for that location +during the time range selected, if any. The interval setting is not used for tabular dashboards.

+

SAT Grafana Interval and Locations Options

+

Shows the Interval and Locations Options for the available telemetry.

+

+

The value of the Interval option sets the time resolution of the received telemetry. This works a bit like a +histogram, with the available telemetry in an interval of time going into a “bucket” and averaging out to a single +point on the chart or table. The special value auto will choose an interval based on the time range selected.

+

For additional information, refer to Grafana Templates and Variables.

+

The Locations option allows restriction of the telemetry shown by locations, either individual links or all links +in a switch. The selection presented updates dynamically according to time range, except for the errors dashboard, +which always has entries for all links and switches, although the errors shown are restricted to the selected time +range.

+

The chart panels for the RFC3635 and Congestion dashboards allow selection of a single location from the chart’s legend +or the trace on the chart.

+

Grafana Fabric Congestion Dashboard

+

+

SAT Grafana Dashboards provide system administrators a way to view fabric telemetry data across all Rosetta switches in +the system and assess the past and present health of the high-speed network. It also allows the ability to drill down +to view data for specific ports on specific switches.

+

This dashboard contains the variable, Port Type not found in the other dashboards. The possible values are edge, +local, and global and correspond to the link’s relationship to the network topology. The locations presented in the +panels are restricted to the values (any combination, defaults to “all”) selected.

+

The metric values for links of a given port type are similar in value to each other but very distinct from the values of +other types. If the values for different port types are all plotted together, the values for links with lower values are +indistinguishable from zero when plotted.

+

The port type of a link is reported as a port state “subtype” event when defined at port initialization.

+

Grafana Fabric Errors Dashboard

+

+

This dashboard reports error counters in a tabular format in three panels.

+

There is no Interval option because this parameter is not used to set a coarseness of the data. Only a single value +is presented that displays the most recent value in the time range.

+

Unlike other dashboards, the locations presented are all locations in the system rather than having telemetry within +the time range selected. However, the values are taken from telemetry within the time range.

+

Grafana Fabric Port State Dashboard

+

+

There is no Interval option because this parameter is not used to set a coarseness of the data. Only a single value +is presented that displays the most recent value in the time range.

+

The Fabric Port State telemetry is distinct because it typically is not numeric. It also updates infrequently, so a +long time range may be necessary to obtain any values. Port State is refreshed daily, so a time range of 24 hours +results in all states for all links in the system being shown.

+

The three columns named, group, switch, and port are not port state events, but extra information included with +all port state events.

+

Grafana Fabric RFC3635 Dashboard

+

+

For additional information on performance counters, refer to +Definitions of Managed Objects for the Ethernet-like Interface Types, +an Internet standards document.

+

Because these metrics are counters that only increase over time, the values plotted are the change in the counter’s +value over the interval setting.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-23/dashboards/sat_kibana_dashboards/index.html b/en-23/dashboards/sat_kibana_dashboards/index.html new file mode 100644 index 0000000000..4267be40c1 --- /dev/null +++ b/en-23/dashboards/sat_kibana_dashboards/index.html @@ -0,0 +1,855 @@ + + + + + + + + + + + + SAT Kibana Dashboards :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Kibana Dashboards

+

Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored +in Elasticsearch indices. Kibana runs as a web service and has a browser-based interface. It offers visual output of +node data in the forms of charts, tables and maps that display real-time Elasticsearch queries. Viewing system data in +this way breaks down the complexity of large data volumes into easily understood information.

+

Kibana can be accessed via web browser at the following URL:

+
    +
  • https://sma-kibana.cmn.<site-domain>
    • +
+

The value of site-domain can be obtained as follows:

+
ncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath='{.data.customizations\.yaml}' | \
+    base64 -d | grep "external:"
+

That command will produce the following output, for example:

+
    external: EXAMPLE_DOMAIN.com
+

This would result in the address for Kibana being https://sma-kibana.cmn.EXAMPLE_DOMAIN.com

+

For additional details about how to access the Kibana Dashboards refer to View Logs Via Kibana in the SMA product +documentation.

+

Additional details about the AER, ATOM, Heartbeat, Kernel, MCE, and Rasdaemon Kibana Dashboards are included in this +table.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
DashboardShort DescriptionLong DescriptionKibana Visualization and Search Name
sat-aerAER correctedCorrected Advanced Error Reporting messages from PCI Express devices on each node.Visualization: aer-corrected Search: sat-aer-corrected
sat-aerAER fatalFatal Advanced Error Reporting messages from PCI Express devices on each node.Visualization: aer-fatal Search: sat-aer-fatal
sat-atomATOM failuresApplication Task Orchestration and Management tests are run on a node when a job finishes. Test failures are logged.sat-atom-failed
sat-atomATOM admindownApplication Task Orchestration and Management test failures can result in nodes being marked admindown. An admindown node is not available for job launch.sat-atom-admindown
sat-heartbeatHeartbeat loss eventsHeartbeat loss event messages reported by the hbtd pods that monitor for heartbeats across nodes in the system.sat-heartbeat
sat-kernelKernel assertionsThe kernel software performs a failed assertion when some condition represents a serious fault. The node goes down.sat-kassertions
sat-kernelKernel panicsThe kernel panics when something is seriously wrong. The node goes down.sat-kernel-panic
sat-kernelLustre bugs (LBUGs)The Lustre software in the kernel stack performs a failed assertion when some condition related to file system logic represents a serious fault. The node goes down.sat-lbug
sat-kernelCPU stallsCPU stalls are serous conditions that can reduce node performance, and sometimes cause a node to go down. Technically these are Read-Copy-Update stalls where software in the kernel stack holds onto memory for too long. Read-Copy-Update is a vital aspect of kernel performance and rather esoteric.sat-cpu-stall
sat-kernelOut of memoryAn Out Of Memory (OOM) condition has occurred. The kernel must kill a process to continue. The kernel will select an expendable process when possible. If there is no expendable process the node usually goes down in some manner. Even if there are expendable processes the job is likely to be impacted. OOM conditions are best avoided.sat-oom
sat-mceMCEMachine Check Exceptions (MCE) are errors detected at the processor level.sat-mce
sat-rasdaemonrasdaemon errorsErrors from the rasdaemon service on nodes. The rasdaemon service is the Reliability, Availability, and Serviceability Daemon, and it is intended to collect all hardware error events reported by the linux kernel, including PCI and MCE errors. This may include certain HSN errors in the future.sat-rasdaemon-error
sat-rasdaemonrasdaemon messagesAll messages from the rasdaemon service on nodes.sat-rasdaemon
+

Disable Search Highlighting in Kibana Dashboard

+

By default, search highlighting is enabled. This procedure instructs how to disable search highlighting.

+

The Kibana Dashboard should be open on your system.

+
    +
  1. +

    Navigate to Management

    +
    2. +
  2. +

    Navigate to Advanced Settings in the Kibana section, below the Elastic search section

    +
    3. +
  3. +

    Scroll down to the Discover section

    +
    4. +
  4. +

    Change Highlight results from on to off

    +
    5. +
  5. +

    Click Save to save changes

    +
    6. +
+

AER Kibana Dashboard

+

The AER Dashboard displays errors that come from the PCI Express Advanced Error Reporting (AER) driver. These errors +are split up into separate visualizations depending on whether they are fatal or corrected errors.

+

View the AER Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-aer dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the Corrected and Fatal Advanced Error Reporting messages from PCI Express devices on each node. View the +matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on +the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass +next to each NID.

    +
    5. +
+

ATOM Kibana Dashboard

+

The ATOM (Application Task Orchestration and Management) Dashboard displays node failures that occur during health +checks and application test failures. Some test failures are of possible interest even though a node is not marked +admindown or otherwise fails. They are of clear interest if a node is marked admindown, and might provide +clues if a node otherwise fails. They might also show application problems.

+

View the ATOM Kibana Dashboard

+

HPE Cray EX is installed on the system along with the System Admin Toolkit, which contains the ATOM Kibana Dashboard.

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-atom dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View any nodes marked admindown and any ATOM test failures. These failures occur during health checks and +application test failures. Test failures marked admindown are important to note. View the matching log messages +in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, +results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.

    +
    5. +
+

Heartbeat Kibana Dashboard

+

The Heartbeat Dashboard displays heartbeat loss messages that are logged by the hbtd pods in the system. The hbtd pods +are responsible for monitoring nodes in the system for heartbeat loss.

+

View the Heartbeat Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-heartbeat dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the heartbeat loss messages that are logged by the hbtd pods in the system. The hbtd pods are responsible for +monitoring nodes in the system for heartbeat loss.View the matching log messages in the panel.

    +
    5. +
+

Kernel Kibana Dashboard

+

The Kernel Dashboard displays compute node failures such as kernel assertions, kernel panics, and Lustre LBUG messages. +The messages reveal if Lustre has experienced a fatal error on any compute nodes in the system. A CPU stall is a serious +problem that might result in a node failure. Out-of-memory conditions can be due to applications or system problems and +may require expert analysis. They provide useful clues for some node failures and may reveal if an application is using +too much memory.

+

View the Kernel Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-kernel dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the compute node failures such as kernel assertions, kernel panics, and Lustre LBUG messages. View the matching +log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. +If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to +each NID.

    +
    5. +
+

MCE Kibana Dashboard

+

The MCE Dashboard displays CPU detected processor-level hardware errors.

+

View the MCE Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-mce dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the Machine Check Exceptions (MCEs) listed including the counts per NID (node). For an MCE, the CPU number and +DIMM number can be found in the message, if applicable. View the matching log messages in the panel(s) on the right, +and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID +by clicking the icon showing a + inside a magnifying glass next to each NID.

    +
    5. +
+

Rasdaemon Kibana Dashboard

+

The Rasdaemon Dashboard displays errors that come from the Reliability, Availability, and Serviceability (RAS) daemon +service on nodes in the system. This service collects all hardware error events reported by the linux kernel, including +PCI and MCE errors. As a result there may be some duplication between the messages presented here and the messages +presented in the MCE and AER dashboards. This dashboard splits up the messages into two separate visualizations, one +for only messages of severity “emerg” or “err” and another for all messages from rasdaemon.

+

View the Rasdaemon Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-rasdaemon dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the errors that come from the Reliability, Availability, and Serviceability (RAS) daemon service on nodes in +the system. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID +in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside +a magnifying glass next to each NID.

    +
    5. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-23/img/Fabric_PortState_Locations_UI.png b/en-23/img/Fabric_PortState_Locations_UI.png new file mode 100644 index 0000000000000000000000000000000000000000..704511ebce3d09b05ef60e3c174c516850b1e875 GIT binary patch literal 10312 zcmeHtWl)@3v+j@}K@&VU!QE}p5G*(Wf;$Wj1A`8lkN_cQ&|pIX0fM`G(8&Zyg1a-g zyWU~%eb4^BTXm}L_v8FHReNgWeOLGD)$h}?x>rqvmWC2O4kZo%0Kiv%F0Ty$pz)xt z%^zT*zV(zj5>P*xe!2#p+Lk`_ZV<4ogENTU6Y2({2l+bK0sy{~E-?uFE_yuq-BJeT z@v}GV;m>7Nu#9igo{Gp%0_XSTC?8U1RdtLiyr)l_c~24c<+-wO)KVOSw!((stg3eJ zm+OAnAwKy1{lnJ@f*9*TSrdYN@9h$q?LDDPK2#TNoN2}gEA@$Sww!fRA)~I;n*Oqv zdn=COc}t>Wqi@JM$d71c^paGV&H(_Nrw%AZ4b;`dt-&rlmNsB35Rb2m8|n!F07)5N zH%n_LkSDzr$j-r4iea~@je*|5Mv6gSSe;MZO%7!5@Z1jq((%*Kwf1we2HG&lNaINQ zilYR$fIKbfeO;VgJ;Z&b82*qej=H`Z=4GJ&gT>QHiorl#i(U>40nrQb2=VZ7EBHEi z3ouCI&`UyWY{j+Z75@@}x|3qC_w;lV=jHYB@!|0i@qATOT)uYdqIii6t& z>gs9f%kApHcqigd8S)?xYlwrJrvuoP{!XT)71+yDih%(|r~ga1r-SX^(p^3N0s#dF z?;VAgpNEh4U)k?$_+QHW8~YvQZ}z*%;s)9v53sY>-SSclq5{19e@Oa+Wcc5c{-(Ti zbwFt=@b@eou&t+$B?KhJpk)vC1nXE^x`F!*$_#e3bf$Kj) z;6Gyi$GiT4>pw!^KVtsJyZ(2a52=rpFF=0C+kbp%%|nr^X`p2)#qUFL>+TgAjVpwB_2{yD!0&lf zm6ec*x?BJEk@)@IF)=YVSM^MaQIA#pE*yfyAk`z+ET+ldKFMDD=MRU_Ulj{)y1PtQ z=XP75YneD(boOuqoX5vcf~Z7YwmYnFLg-C?a=A@7*GR>e_uFm`-?-K_^_LA8w5+No zb3tPck+>3GCURlF1x$GKQ)0`;W;_}m7mqsP;0!!bo{=$^t$&<`Pa4d1Ds%SO+kaE` z@Rt&;#Z`R;jS43xXZp8At3owfD{Be!*N$_4iQyi@UA&J?)u^xE9|OZ8LnUlDqNYNZe>3 zZ}GBce_*Q2lYMYhNUE&r9D~cWF={KrB!*g*(P3+i7T#;BZ&f!nV>=;Zeklw%M9zHs zkvh~eHC8s)HR-i^el%1QRfKCoqh8g0AoQ5h-0zJ|hrX$RRB22+Q-r3pVdwr5D|^{j zd2*7zWq3mULYPz9@$h@xNW;1lPMm>ErJP@UmRANl_1F4+8z;s!el$w4U-+FyUph}T zXKGsm2c-|Om{KBFc5f1};mXsJr{R zaC^SX(Q48bVV4CZif+p@ycro80jPb98@9iUDk@vv#5ex>wRq7}k?i(judO6+!pyY! zdf+mnpA*pTTw87f_fSg{`mkBnh6xDogooi9i}}v;tt2JMD=4~cmUvL`TiNHEYc3!a zCUWaKVrYj(s*Qmf@g|b{mohI54I@lS>6zqXf7vfb^0xJ88TDMB&J5Y#1_vLp3#4Xz z`b1w?sOCJkkB@ml~nQwgJUHz$;Km6adh%V*~Wz;yF=Ro=FN z&d41`AT(gAEPtc`Ay&z2q*z86SF>BPO_Uqp<`8nDmJbESp z)SsXD5zvUsgFwt52nnyeCOrCV1W-}Ee^kX=9(>zj`k0#3pKcXEvUJniAnd@3sqN;yl$1La z_07Sn$>~VX4N3gm+%LJ%17&J~N3Ys$wuPNVs02%41KWq-{bpJRR^Q{Ay7N<|qK{(k z_l&kfXHAD7=I-50v!?rKSOnCoI}%_CmmX8juqyNZy=w}AaY36@;X@8g zyyxwX1rD|5Ha21v6@iVqpG4=3emPI|dm!Dew+y3bB*H+!(3p9P%+npcfB@>(uVoFm zY}Hr<#ZBW*>qBvOj|Mmu6chx6+#j)Og52iYKP$f8Y`txm^53sxVqC&=t&6xUbJHoxqIxZ0*}DyIVjmGQs)O$C?_nu}sPtyj;&pPONX58)laj zV`-I9sj}w)LO?6Iwe98gW!eQ5ENr~3dt97)#Z0_1S%H@i%fYv3-@bjTUpg_SNEtrK zFt*#wF6a!8z30}uUFR1*nGg)6xIJGJEY@>s>cy1-qtFnY+j6Mt6}CNkZaeUCV3m7n zYTI2sQ@mjaBTZ(PEb)7f$IH%e{QHufkHd%h(!t!UtfyQxHQv)ZVNS7>u@Pwl&}bTo z_X+s|Z2UrIVnw<&QX@Vao-6?Co+#()z@P1C%?Ag#+c4sGxDLf^7Dxbyg6-Z0QBRL&KJ_vlPMP9AU0>lm)tYb>(zE${lGDfE$|~Ei(G!~`AtJNM`>?;xpPw?i zd4IKu%fyXUU#+2e#9G3bT%9zM@{q6#X6epwXy?KaW`kCsTjb@}kqvLe^**c9c%zF_j>~;4y!myR>(&`-jJdq6 z3p_u~ow1{j$+4Hay+!Wg%<&1m`+M1!%~L+xlW!`TYeTK6Zq0N}?mgADkx#!AzHZRW zvIoS_N(~gJ>O*fA-NfKR_ENCrN}!;HzL#ggpYQKD^Vn^{7iL+Yre_S+6NYjt*iHJkt@>g(Q{ zcRuL*K9JeeBBL7LHR{p?cr4QFQ8%>-9?XJ&-zNY8q|Gmxd2fziihw76O@5{!BP5Jb z%;{K(7lSa3G|gC5xa|ZG0#F|3AWEY!vsYgNt$V>3z64RG77vJukMHSRC0>V7VICJ< z8mm_2cs)t+zgIpJwBU7rEoB~C4^{d&RbRKi?%bL_cWFXmf6``$o_#hK^!~wSm7N1U zfX`(=-0>?j*rSoIiE%Rd{aE8mmetVewv8Qf5z+wvKCn+9fip->M45fM6MPn)BY8Z0 zh({?9S6%I?#zHKf8504|Y+6eFDGDQG4Eq2Jdfy8>BTmUxqvz$F^XI%xGt~FFoVF35 zz}oHfDNo8VrIbRqH0gFsqI~5bFX6uisO(*vLn9)$962<%>OVq}6 zITOq$?I6U?PJDhG=ySLnj}&v8=L6-gFtHFYNJyka{SdSlx-kiYs$8n7?V*<`-JAwF zI&GsA$_$*qp!0$s)$`y*8wHcOPFA!3Xmw>VDv_Z`wG&H7QkXk4SiJBJGemCC7M5mB z!`zRB-s9(P&9EOY%=+{-fsGGpAA*$blTKzK?-3YGkt>{^<_h)jR;#<^`if z6^w8K8p~7IH9%fbvHWO)6&oM>i3DqSbb4((w5LjP5sXOoX0spBVIyI%zy8sep<$OZ zm~lIW09X6}qzgK=4?o@H#*|}kw4g~N5Za3;x{nG6Q=^61#HsDP`uewVj{>V;YMKJ6 zYGTv_1jm&|Rzk@+T5Lb-1kPvTm>Sr)IG)i_t7&Ns0ZUGXww{|lkB?kjv|?and?DOG zWn^ruiYhQ(y!fyv>-BK_d6mtTh zsVL!GI+Fa$kQZm{&&F3{AC^{dfbQ-U+dFecX*3164bL>P8fya8PjxQOO%um-&(`fv zPQ15;1>e1QhOQBlQoy~&1_1MoPE)hHc~o|%7W^2pk9gvMnHr*ta|zfX^Kz02_}Rfc z4?-Ri3V!~(1z~VQ(LChmiO@Tcs66^0WRUQ+>Lc_l#(OFB52TfNlJDqF^09YgI;S67 z*L+a-5`W(RUmnE>lsw8`OaF}wbROA90WsRsx+LfwWAAAHko)J@zxG0ZDv}7ZBkc~Z zBt!4;`8Q7OfQth92d#=nfAmd@AL#BxuDRdop2+RORaD%=-oWE+_|{dcZw39V=%=IZ zjE3rPn;W}*k-8|ZN%pT=9%+uVUY=(~Oz_Z(LdrVad)1~7&9ZNT%>ruFMX5O6D{iKf z-~cTl0=a|=*&BY~w^k3yftEEBy}LP1`l9{DdA<&fYagG1yqab$$mC#(O| z=HHMU?AvyA(N+w*vcR-C1^$DWE5KTSOcHGn`BZ-EZelzH8b-BuMR&#==*9qd{s zPvHettHE9&8Q;@rd7(Pq`MCO~70LNz0(LJsNNabbVxj!w%;ch_$}8QwgZJngX2vtO zWnzwpVbno&E1qETGF81|19-5ES%0eFM0BmFb1!+3x=%sxOTBGW{qK>NeM+@6Js7h; zpR5MBH;i+2MS_0mb(>@CH?%Wz>DFXgZ$jkXdU?~!qY;bvT5c&a#a`xq;wU|J@IAF@ z<1rnK?cUQez4@{ipOQKKgy&$N;t&spzdk6t)O};uiU92tT9c$Y1uw^Ysi#(CpqkWW z2nLmi>vcus&;iojYpnDNM`Zc&2l#yLlNW05u@VdDtY6@d0^0HoRff;*_d5 zH1CZBnpoMsGV5&add_fvMDoy-2Y~5;e=BL$wOnt38Se0lL+VyT9ny5Z{N?q11(t7D zNs>Y$$$bFf@W>y<2o8`@GYr3BrOW=>K#XH@>fH&fXgRW2;M>*6bo}EE`j+5W*zGE} z#A9hLLS;w=2;rS)<_^t|;pHux-=Dk2PEmC{sgrQMB^9(&+bzgGsUO`yZ?~v99H=+EBMf${MG7jphszk-4V=B4LS}hIfU;@0ClZIprBq~_z= z7Q64wB`|03l(Fy+XN4y$YJCRA=k74yj8u&E#U0(h^WVr!fSj1OmaV`hw zI$E0AvS;;Ez;h%9;&iMOxAPgsENt~_KM2=FJ*jdn-i0&*LDfVhFB6Qk;6Jsv85!?E z?VVVV(R#}eiUuChQ!?GkozV(v4*m~DTFQ>H%#emCwUme)Okz57nUJ!oXf7EyvYM>; zAp*fUP|E&7bWXEuNfTa}whA8R>R=m%a=h-|p*o=~#Y;=>_0!Xr$I2N5*bOF%K?R|7@B6PV8yB1h z__d7;J7=kL@~JTe74#&6KaQs;`D83){CeM}r|umQQ6`8m@Ht!~8|+?(R9RdrGv&YS zG4H>`I-D@o>iG77{|lM!L8xALc11-%l3A3=6T8`RHfcDY+oB2S#d7PHRef!{0u^Qa)m6DdEsO zj~ulF8(bIhUoBy3Dl}*5y&c)fF0Kqidm&rg=E5};CT~$Q2`{Q9q+078i6AU)fs%~j z$9`jO7*8^XZ%|3~Duvra9X38Go-e|xrNWn4IysQ=QqCJ+F(BO#^{$?ig@W!_LXu^Q*T)etw)=~{KQ|?AEyJWP;=BxN?x!HsO+I1J1?Q6P&vpdt)*9JOv3}6ALYrUhAcT2hg&p`sL}&`)%?8GA=CP4*0Am^> z_Tl%xjc2~>$#fdp8!JRv5|6OtNG%v$3xpaUJ9XE-3BjxP9 z?V?t#^>Nvr`ne! z5Ekl)CZ>NHV_>vxq3VjUBElLx=aanQ7=g^kx9vDPTg9$ROvz&9m8)TG`PS%pysb9f zyD8Kx>A`l`)0M5wG5*2uI~IOe?TkB@Fn&`@GTJq6-d zqVJBWFOqp?sBla#lWFY=AO_w);t)U-O{D2-I7X!6v#LHAX7k;gT)=xj>cz%eGCAZq zm@c)xG8PzHkgn+zF|@MUh-S&v##dGeG>ngL7t|-PRcofT z&W)aPIhlef~Xq(NCa0bEW@wHVb2E zsl|L~QO>VMeQbExO?(M2FgvHkMO;J#GgWOMk4NKoFUol%dT;7frAqu}{FYgV>{rZt zdDUvwHGeLdk2OKhEu=vrSg81kdro7W9iqiXvehR-v{SZ>5Cj>Nc+a*4y+vA3kQg`` znu-n=xw>uE|IkK!X7I>q&hJ`>?pjDUc_6Tl^($IjBf6?vpOEO+1tD$sOP!sCy@Lb` z=n|HWon7__W=yF>U0M0~-gRqAkJ?{mhi6$V^^`B<)Ynnv~L!4D>oEpiTjk&G_5>uO4Cw0&`(7-5NQD>A6D|&+?yL zi7Zm@HZkA2H~#F(Iz{sPTcB@hj+|OO8;_qlfKcQkx)Y2AwJzDuJ3-fCpyIr*(<;g} znVOm@k5IWalQEkoF~6&;$p3JSincH01^*ZFba!z{Q8n9#c-H;<&j7B9r=1khIy^u7!o9=I_pkkW^h%-y)^3YN{!%}o$z<@ zLzYU_&+x$fHn2S#>32`Y=1c})Em-xJJLgi#`o?}oA5h5>zbKa6ukC~^&DVY7sjee4 z>dDBg8KoGz%>`eYnb4#`)q}JMwd&r`VQ8 z^7i22DyLkSS6jUQ^DlFg{ z4J$9o9_F`Npwg9`93&?1fd?oDei$qkuClUTlbiH1frRvJmSQ(BC+XpD zo+El2f%;1DgOrC4a`GlSHkLx`O?ha~6z=_c?P%n$AgqE>7rXtYlV=|Zu4F6yiV6o< z1i$PSqG&$->b>Hn<~G&$as!%k5E*RF3$u=D=lRC{r}cWF+PP0ZYw-!GAx5sHI+s2@ z6;^@1xhUc6SC3feTNbFbeJo~R!>iw)95T|x?? zpDRoLg*V1U#Q6wyXmn?jd^T)k=UMKj?h8JH?Y9mu*^KJxnd+#ly$+8it;;7{dLKJc zPgm`Tp$Y+^bf?0>oa~;7?Ius2I@Ysy1r%(~+0^(+jz^uP47r8uM$!Uwj8~W2OSUHpz{RWtE>e0b5RlBw0#^Lr_Ih zHh-W|e-3LhSs$q1JY@ir8q<8gBeC|x)seI-=>>PbcYm$5$m)_o%fiMSm^%8@{T zMlz%~X**@?WXHTFIFpV;+?c4A`>kr~WAX?8Pji1BypCwFm+=8M-2JakSwTa-^qED- F{{e^I_u2pe literal 0 HcmV?d00001 diff --git a/en-23/img/Grafana_Fabric_Congestion.png b/en-23/img/Grafana_Fabric_Congestion.png new file mode 100644 index 0000000000000000000000000000000000000000..dbf481d94ce7036204bb81960b1e9ecf3b28182d GIT binary patch literal 13882 zcmeHuWmKF`((e$G5C{?o5P}9mfZz~Z6EqC&4#Azl-4X}{2ol^0?k_m z8RS0vclX^_?mhSHhx_54vm9U^p02LyuIjG-RaFzLASa21L5u+cfv}`LiYb9W4|srQ z{U?us-y0;&g1|?rhl+-il7Z_hI|qoVg|*2mCwDuOS0-*2rXY~poK3hcHY(+lfMs6s z2++xE@?KfXagwvk?rxXG>}7vUBX&%IGNZ>fZD{*^!VKo;-*G`8jQ1A6Ks97#_>3Sn%m&5~Llb5<8#`bIAdrBt zo1KA?m5I|ULlZL#TS2PB##X9V7RG{9>YTEyvUZ{-<`y44988ow!m--@j&|di58Hla(NqhOELXQHX=dD-LE3W>zL~ zHwzbbDj|$l0uIKed`e;xe`f*wB}irNcyM`>Ve*cd{`3CwE)N zzbgSy2g`j63mY>l%YP=nx8Z*b=D(2NxBQd*zB8YOl8Gb4+WB6*AQd+|3)^3u{%X?v zKR5leMb*{<7%lrhdnrRqom>qZOa!SE%ppz?Wg`PSlfPQ;h4YC*tRW7{fYE^Vzlr+m zwStA4iM589g^h`=<6k4;&|6$a7&Hlgt`nQmO zNyqEFKOUkBL4U4`nS6NB@O&b#Q$Dh|9`0q8G% zpfBtdz>i4tWQX@Pj|jpSJPBMH7Yh{Vo{2o64A^3f$!mOY|MYB$20i@#9UqyLT>$Vf zww)iLADNig8CTMp0gJEJ;H9AnaSX&UYV&I$<%#SmUGx+vb-i`Z+MX&x78KOn_Z1`2 zI{VG2Ur{-g{pfue%Szq`1Ind^`}{7Geno%i6#l&+9(yJ{(yIC;hDXUmn=U1XPJHv% z6Xc=s*KNx3f+J&DU-#!q3!=u^NwFn^por|Ij*n6niLim2cXZ6Qf|P^+i>8w9XH(k_ zBg^FNhQ}#7f@i<=dCe|IpVKqEdlxFwoCa1Vu(#hYlLmw7Ax-BHkBhD0lv(-eR=>4` zp>waZK6rL6d3J3rA?T|}pL^EG#;e>~I74fFO{e0+RnczZ_5@Oc|&gfWJ-6JCr+1Yxux^bN=zjNaC zUYGp@2@4Ak3q$Z9i}Jn-1{vUQ2UQ-q*iJf-xWS&R6Jp-rO7_GRMrDl$L_0Puk?^;iU$--qt=|)}| z7?3cGXC{L)99%iS?{&3-r=*Odq-Q`)$LhysG;G!%)5qlDbN1Dv1$iNP@-#eiVw=c* zSi!bsn-3pr*SqSH|6*^cH(TmO)d_qmhPdC|cKG=W8TOL)CGP8CvL4Qf+`57JDp!iu z+lIvI>Q3_-;y;MpP9~^K@AC49k+F-=`*kjNhg4Icd>U zzr1jXF|4#1KRyPR09Vf8geZ#kyCcM^xOjc)3c}|0>wV_y&MTAiGNOKlC+OI#o5^KH zzal>jwUo&V>575-eHaND78~C<90!DIoV4cXI2`jt(dw-0A&yoU)k<|bZ&59_oP;om zC)2ed^|)c18VSb6#wQ!`(sbi5vQ+4$zC{@I48fu!iAF|*?>fp_Z8HiBiT!3B^)jV( z7;)}y^rlO%V)fO^;DOr{M043b+uK2!&8C8AIJsF$1zSskKj!b){UakkA^1+=t)CYU z*5|D9j;7S_*32`=Q{{RC*4boIJ={sgr~;m?TIU>$Zkz?%PK;FwTAM-n-Oi59*oedE zV(CRhMOle3z3w{M!Qg>9c)-^g(25tmqHD zk=}GK?7GeFnSE@TSXKP(^L1l*!)~QFQttL5IOj*qPA`eb)~o%}N`-?)^igdFe)w6f6x_ z(BcCGt;ONPbj-I zi^Oq;f8ln{wm3q2u^!_P|GvFznM5Urk?gXl{B>}mh?6jNot=n)VCtiQ;qn?m3GcwVtEOBnt ztdA#URv}_k%~#FWSGY&V&Dwlt7t->Y7V#wb_;@hwhMG7mX?&bL&FA8g%fVddXH*MJ zqEV>kOXzR{uy@3HNU=AEJYyG{1h{M$`hlHU?g+ERI4@lakJtAIFCTqoX=&+hI86$C zESPANsBO0HfH}y$+Bg#%8yb?}Y3UK|pFXYSmVB>25)itv#+A$SFHmNN?-Z4SeuqJq zOqN@20Dm9Sy5xwat|Js2MDBwJcr|I3p${+(jjr-w zu+~!l9>s5IrNbqVOp+U$poddVZbNCehoT~GSGV)F!q+7q_zmGeX(CrFLs>%CXohIQ z-O1@gG_ ze;Lb?D7T*=R4dV&U~CT#`A*F{%h{E!LjUre3rBrATv2JYfy{FtZXcw>dCuM;BD&z5 z$Y;VH+M=_{47W4o!VXGhW@9_xp8|%Nz+wMDpYczipr;a%@$>-T4wCZ`9&WjZ&Ff;?+IVHU1mZBu-hES*p5 zIc|{Ws5+vwYRR9W%kB|-DX%AC+6$eO%tO6?;px%uoVH#8TFa};zB<*IOsdVJA_EVA zKK+XPJQRo6ne~V1d-kolw6wH3lF!vn01GT8L#Cs;S&&Y zm$^pIm!o_ki9$(U#C|Vj{}$vO6%{_OeG2WR5J-6ZUeO-iw-J)->AvRZM?8?|v0<_| z@9JkW?^@yAOYY%x*fUcBcf56fEhvYHSpQ84W7WL79rDa}5)$g_=~BpsMW?&QM1JVS zOUd1z<&n&DM?M9x4l~p6p3NI>&|BoiyW??m8yfDg4JYb$DRSZIwZ6*xg%5B3GPJp4 zv$d4PUs0jRcykQrO3#>}6JW&j`{N=sSbn?`L`nH!e~!5{wCF`qW@hHp$nMS{ses$J zpFdwUIPZo`Y`3i_)M%6)^YU^fm*^rPG7809R>`}nDk=|tj+sBPVy}lP8j3>H5eK^N zYc=tg_Ol~Ed)AeeRad6Rt^(X}DMVBHb4A_#oyE%8Jtm>kF-sJ=d|CO)gT=Sk zyQzqz!(Pc=tEYOeSXtYwkhmgG>`fJ1y=cn0Vf;SH(@>=0n4vWnKRk^;1$o#!(CoF? z5JuF$t36wL)f#$MN*=kD|BDO8e|xCg&;=?tlc$fS(c8Q2vaI=$nkucJ0IH~9W7;7h zAP5)9$ZpE~!tVe1+flh`I%J_bQCy$d;CI`t0M{uB2Qiac(bwW)YmW*+6-L(eo}B%`ivd4^4%Ve31M0ykz7Ka9eISwaKj$9(sFSG3{G*z$4o76`2RjeCc?l+$`HvScqYMJK8!}Y~9bGbINLc zvDryr1+%rgTeO8%?Zi8S&iHLL))5@Tp1diEVN)K(-0Qx}w`~k%E$t%=uD8q`rml--LOS%MmegvB&Gh^=JF>T^at{F>##f@0U2)KCg5JmV3%$LyuZ(#7u0tauEMtoQYL)c(2H z9sNCy z=AX01PJl~D9eFw7KjEf6dHnoSGFXm$fFNGJYh)z;?0YBa@E|oCW%y-aJ@X?h7MOL@ z#OAnk)L48>r9r3ZcZt_OaB&Bdkt)&N4b#eRlSe!)iop|7CGRL&A^@4I1a2lPq?!#3GMab} zEjl_ocw*v)PY7BSOzF%33kjSKW*r>5A7ew)2qf+ z?CsG}P*7;S8eOzgEP^$Zr?KNCWHX$~Je5P#`p8t6-y5H3LA+n!G^o*B9ScbCXLuN0!q|TK8Wu@T2*C zMnyukeB3&Xw`woQTpsLJ!#yqKJuv`bt$E#~DFZb6{hLGcS^^A@U-8k0;J((u`OcA+6w7=4-=lxJjj_wWNUXEb{?tbEkfVSP@!VKBy5oba0uqOU3s-M`iV} zs9ipfce^rs@y;vzM%-*|D1n)K%AjJdS%JYm*OEaGKuu-?ADAimE}hid8TMSz0{gX6 zu#XVCmnbXN7Km`3Xe04CeW!q~v)Nr4TV%L7&;?Ub>iu#8=7SX&kM_R`38u-UDkjn$xVaH7U zEUQg9u>4k~AvcVxR;o2&cm*8AgN}~+7RRoXppe2HsdtlU2bR@fLoK&TgEh5-CS=Bh zE>^@O*~^Vdb!|6e-N*4xPvPMoDr`!vD)<%N66E8Dgijv_2-ef520Za4)SH9H92PNY zYVvxWY*VFqZ?buLdEK@NrqAK-iUw+J+VpMC361GQGir1B7w&-EA-a&iUEaQrJ?nXG6R?Y*Im2cVhK$$=P!LZa~x{&NS|LJR$Au z$+2J#vT}wrUlkmK;l`2^NwA&c#hxRaq370lR^a4SJeMlB=R&LHJP(VKhYaRUYV=kn z2i|?)6tp)JmEqnY-W$O3&Lkovo5?sy>aocp4)t$TBe!!x z$(H-Nc|4v$o?@AtT1fvisNYxkXP$R+d~3A#>FM;#6{cQZ6_`yv~#6x z#ZE!X^fwUXnL2t`ITx#uY!LJa7cVWTsafR|_IIp=G$^-}Z42+g=iVSefGQtuafqdK zC4aqpViM>80Q?v*fiRQ4b3@UZ^EQELVIgA-Y*udD$ET0UY>wOW%GehdM5#s4!bhN$ zvlDXwBMFa~;!So)xERs{3@Pt8#J6c3Y*94ioFZg5*|oj=mr^C8$RV`v{i*TYl;ln@A0C+zN2!RiAXxVl{HUqr zb;K(Q&MVdPfXjTgNzIoeFFLx&4OFJ)6I*YdWEuJ=j5B<3b|<)wv1wB;S^tww_gMUq z+gh*rO510SrE9ndW1I&*#+%MS?A4Xl<)>}?u1h0B+`1!O($Odh=aZ*ml9G7%_+7a} z+9+;Ehw?}9+7RP~I<}^Z9{#=M!~WG8Eei5vcM5N0?cjp&&7Smh@l8#)gRrpg(iN;I ze@f4yQaQ6i7ayaJ@@*1sMQPEiuR4Q1xqRs*gG{7(hY6+529 zM&6+M7fyLr-@-rY!=yS7oK7~{@oEVYpCD8nmq&RruWR-g3s)Nlm7<=DT)xdq(GaGv zrNCbknzd$TJ@GbuxzeIly8m2?g#{tPsNaH7G96T)OjEV)D_x;gV$QKI-ETUSB%PtR zYx60k%Auv77*(;5acN!+HE9RfGa6T% zwfCA>((K@RGdogUe{VP8oXAflA=@{ZQg2IFlfNq+kWY4#6%ABjX2&)#KhR(NF*4}5 zDup?HY$Ne@_cRO`n*FXHQHOWL)Y|-arRj~A^{<$}SxEf=JOQcPC7C=_+@*j{bg=ktZ%vP*QY)*k%T^K5)SF1odV;o! zIEQ|{W zrdJMZ;r;AZFEJd#eGT|G6L8rRKQ5zHW8PFbJ>OH^i~V_=_X-NEBf<#kl@$XORn>Q9 z2Mk1*k3kO}Bq5xdZ#Vg~v+HU@!$UIbvI8W|gnmV~qkfc@hKE534Y`t0>O6KfbiB`F znJx~89Dk~}{E(e}Od4(^NC3f4esZE1J;s{5SI*08oS!jl3BNEwtI)EhQw5)Zi+By$ zPfrrauak7cvsTV8*fMVMNvxz;icAb6SmR9MqoN?j@9QY^$;VH-(?nD(3FLzO1>Gf< z8j90lz7;69R~MdL&cQ2Vi8zr-9)5_s!{_Ym>{8&J4f|yN!-V!W6mR!K{|NWpF!d+s z=$p~Flx#MBS87S)8#U4NJdpq=- z??d+b%eQ4U4yuPA542<36-BYYIbTSFqWMq5yj*V-T=0`W_HhGq6Dv@OTw$%q>*@k* zS5fU!jji#~J36TPE-O?>)YduWVwEB~!?BrfY zj5Uc?kS9gzz$pMMfHfGe=~s;KQ-|{M?R%T=j9$F zE4q1oU7@AZtm{tToWRJnw5Z$`BKn3d2BR{xNF!RYe|0yo4skO!?B%)`p$0qMst*=u zx?r8{Rt0A204|)#;y!M*@Tbm|M~M~rthG-}2%ROnMkv@9_11jU4?}98KFe3F{WkwR zLyb(O#|8&+(T9eEK@>46D@AG!Qc%_iwiT@O8w3MTQ8+;a-Aa7? z_@s>4Ei^r@Y;{^Y_dec^iC4dO$JzR=LX2+vHibpH^Cl+nsHnI(RC9AV#l$=8fu)ZOFk-%x%Qm=W-Jmq)>gaf<-sQAEme*qzLQDC`$# z(3y~ah)WIL@Wot9i5deRQ|gJqarK8L&H@$?#evoAn=P!vYbz8-Q{m4obq^amgGDlo zN0z*8Y=Lb5sHLuYDPJlMI46pXA2D8J=E~gSCLrkPv=+{9`l)JGYSH&+_XUsz6S$r6 zKiio_wd34-9w9hms^m;_x#CA23+@I?bCmwJ)a9<#TYOT3H0I^*7B1PZagxBO6nrV! zu&+8rb3ik|(~cy@d#UeRiMdS+gSPk>hv zc0X})3q1g*xNH*hfYsNF<4U%5q&$EA>jq8(Vy)4~hhl|T)Ru``yqPI>DJ6Z@IlkSw^^#1? zJ*R&5*{I{1=jjbrCul}d1HEl5L0J5y;b_v&KpgSP6ZljaV1D?W?Ah= z8P74~+phw(LeaY|%Mm$C67T&8OSHC+>!v^MX04PA{5f7tAh+o$p*6z$qF5M1I+|S0 zpGx%I^!ldeKu-{`CapTw>f(T|;QN8f{`v3dkeLcc9Qz8k%RhgV^!4S-(iUf%`5*c1 z&%6GZY^3e$dx1+r(zy}M;sSv>@48G{5hH(I zB;zB>oA>|*TZZ0vo|10W#M}J2%>RZyx>{x*7Og%FB{iB?-UFW#<`Gu%)QmP?=l4yS zY-CNaW@rBt=S=mIPr>x#jn}BUZiS?I~dXxIrP`NNQEHjTl*a>drsqS&fZD; z>IAD5z2T#OkT-FRB&o>+vKKAho{e{ljqz5QdQwuFMZ4TwM|U^ycQmpocB@#PNogUf zYF6DVc6bz}o$6T~>RBT2BFfg{K#D3Iv=w`-PP})L)U1vHyYGMJDb_YJag#ZxmNSFx zobTlJ3EF%4Pc?ri4_{%?M*m?lG7gt zZeX20kMnB82N~s{`?tTBvUsWZ19zXk=s4hLihJ1sz7I{g4F1hg5FjD^>^}WDEo#}3$Kr#nxDI+yx=4iE#2NvTK5qjVZGI~UM)JqL-4`5FvAKt zz{Om!!@UIZ73*J&MmdJ6}*~isF#MWvg00?4(X%Z1FyYRocmZ{L6fv+K)vvUxvJQu#WxVJo9Z{FYJ;N;Z|lN943;kCpH;j-97r?#9RowqR(`&k@W8P1O}Ot-`bbht0TobKdM$xzRnY<+ z{_MMz5L9abfg_&KzMULt77)v`sW|w0ObHwtErKfFC$^0(AuyK7FJ$g9M7wnm74_kW zr=~qn8$`Yn0ERf1@5=v5f1HuzqS*E7A{vF&>0&0Q(q?Q@wMuYazSKPM&C6?~(RJNT z+Oj9n*ViZaI4UD6_(Q?`aTjb^#Mn!duEppQWBKT&LuX%S)b6XUmX(RCJ!h67D*t5M z2cc5$*vW=|25UO#vDl83NMtyS=E5YeC4>SyzLF*@1_&=)Jy!e_)YT=m{unfLb$zO7 zXz{PB)94>y(5Udb-)zc_1K&e;JF+4K?8cpuudAnMbp5@E1GNVMGyhQ3lP>L(sV)ml z$0mFZSo(Z@si~&XPsV%qIdSsIL_>JBWYHj??_Wg@x}@EItd8*of%AL7Gr&<3!K${Q zc4XzkduYSo@$(y~;W4ynpkmy5tzb;Ipn~s`a)J{$5?Ed`HXG0xt%_$;^`9!`6YMpvDdd zg1K&a3Hl3nXBAbtO%^**W>n2PcFIphP2Yx2gd9&*3n@+0(tsL=oW*^`MMb$>#9=dg zO_$otp!3@B^Wy66Udd3Ug3O=4>8`FGd0ijFXRKXzEOlL!sR`Ui7YQU zR1a^Jm8{yK8PN5befPn+$giCTKh4BIqM4|Q1uDgT?B!cO)6jgR;QJ-K8hhbf^W%~w zT?VcIdK|T0Hd@nF&nI!{zoM)8rb(g`Y~;`xAS7>EGO$_^YaxcTB3kP%(($X=2AG=dLY~xgk!q4X)|k%{UpBn{*hc*K!g?opmC z+;Ro^)2ipZGZW>4_da?~um`3Kv0`d!V2T*Q!ROZYRj&vJnop%Hag{yAGpF+x94Sk; zULNQj&I$d{nO&PfHD#C{FKuj)a6z|yN7J;DvLeb8plNO|d}LtD(s68VsA#cHgh4kbJacVN#+ta1PV$ZWpx>c!v~s*#m#b8jI5Z z-CtQ&e*w0%v~oWwsP{TMeqmnITl&xwaUgXMUt5p4ieSZX0KQI?K_D#})d}t_jBPsl zBPnJS5X9mWvk*L^RL=x^drQjXr?O4#rL@E)N#}_sdo20X0%E<_6{T#G^MTIowpCT; z5K2x?!d&d{l>PeirrLV5cF_CqMVEPWuricTv2=heCy zE8?eBBZnd2lGSu=2hCVL5smWjR!o5k`;+A=k8=;;tXl}S$&!kfYcnh`TNZ-p6y=`t zx0L$Qv~Cb5)wD`voXybKf8Yyr#mcEHOdCOvKKh-=CJ1D=K0@=~V@kYB-=lv&!CKv1 zRvc$A_W5#)1E0t;X{bz@?vs}x-HWp)d8O0+tCJ!r*l50FQ?Uu4lHO&nRIP4V(Z)|T zGw$}@G=D<00;vP;vjt4`1jP^{a!U?ow(manAJ$`4-$51)QsnB~HC}+It~v5K=~d_n zygP5|vKtvHFfd0OA{6ZyFG>%de-cEcSptEDCVD(RwQ4i2V1qTQBx2 z4k-CJaZ;DD9v$gg;%V1{VDLz!z{ZF7oSN-bN2@N`j zAHdS}!yAjQGyp=h-KUrUoL?sybmXVJl6;HC85WMjwt+PYK{phywEhD|@g(C~w;nzo9JrWbm z^9A0eiJ8OJ_FPzlQ5c89#RVPKK;l3w&xNduR1Q{>MLY3IqN-#zpydMmO{jwH6L8C{ zPet6$PGR?)Rn3D`o{Ko_;iE?x)JA%-LYa{|G2t<Zr5Hj65X z&Vm&vOhFF?YD`k6>a}8Zkjht)x`gS36lf z?_6{NnQ(HhSFObX5e2+9^xRO7mC9D%{gLP01uD*bn5ZLVqX(E39$565aewde?-W^CfziOP;3Q z0_Us93R^wOTngh0yz!=ajV#5iv6LjUi9`mo$=rD0t{BgmbPn5oEm{X;)= zu(ZRvW_#ZAUHm;4{?`p(-DQ3Xbcg0890k@6tCzeHOw^nm^fW;6N5gtwG*#(2A_QD? zn_vXSC6MkhpNRZK0Ni){3b?BViXNJ-?Qw?wh+ABg1+Jf0N2}{XKOUM7U+1}U?@U#p zRi$|aa9T|(>*@|P`!@RH!Z8I)od3E86Tl;@N3q;EwE=|xNPjDb6F`LMosZdYV-4Tb zd>3%1;|b;azgG%G{!v-^M}Gf5)l;?~0#yt89FC1yFi@!ATKcvveCQY}?&%&9PbfWi z${}O_XLcVOGgs@{OYR`t*8(9-YvDUK>&B3)N-t$U{Me>jI#it#L?r91u^%qHBYVC| zogV|f_TsqoSm_%EDjPz7RW@8?wD*>LUsmxrRuiz4(EL?pdgg07&cgJ+uK`{8wln@n V3c#c@x&KcpDRDWmQjt$z{ug;*Mo0hv literal 0 HcmV?d00001 diff --git a/en-23/img/Grafana_HSN_Errors.png b/en-23/img/Grafana_HSN_Errors.png new file mode 100644 index 0000000000000000000000000000000000000000..f43b7d02a6f59e15f0d4289ae9f98d81f47d1801 GIT binary patch literal 9558 zcmeHtcT`i`_HGnVigX2O(m_B%Z=p9afb`yLAe00{=v5F95fG#ps!9{-y@Q1wib(Ih zcLeF=7tXoko_og|?~Ql5SomF}x&gw(P2Vsb;kAy5~4CZvy>J(ImR6aoNvPq@aQiCdZO zDD4)ru#cUDaz#9mSG{d|l_DpqG$Ap!uSiQupIPyBMEMm{%JeIm@a!jGk=KiFSag&( zgl5!qIr25R(F9b^l41zOv|ZR~;Gu5Q>7 z002_5-fq^m&h|(q8+!*ROqyl4p@oGBYA4NNDDss5shgs`BlL+c!d}-`L(kUN*;c}i zMOKDT${U0=;A)SwX7YA*fw_acrCI*43&I{>U*=G8izV9%sk9Fa&j5FekHmlx1W2na_w@CisrNbvCs@(Bv^ zVl{Z(ePBpyZ(f)?>$QnLZ7A8h+ajQDNGKe}bZyhx2JV5BW?{j~nf_%Q35EP+9p?To z5U_CYT}$``fc$*_seYZqe+Tnl>erIL)UR&_8R^)&!(BYC-Al8G3Gxa2Vd)Q%@&8`* zmqZ^1#YQXm*Il}B2-3?MVK2?1M>?>Yy3|4ITjr+oiT>NT?e?_d8o`CAzO1J^%r z{VfFkmhwNd>mRuO76N}u`JdVK{})_@f6+pF7?ulqVM(8k49N>DVI**SV(bn85K&ye zZ~UANyZ``bDZxtedfsW<(_Y>Q`psYVcZbwDTz}qJ3^tvGR`xG2afQpR% zUp=8261zVAT@t%|tJ3gD^?0@#bq+-`+^?3Md`LW8c`}eHE>NEAA_m_qgz1D~xsJd% z4>8t)0p!>(%bq2VN~ZMx6qi4k>OCZ_Nr-QQ^)T_BymzL4Q?4 zLdoTz#uBrxGbCTUQfq2b;O>et@?s;!L~WoKuP9-Z}$y>WS7b~w%{X(7kzTD4hix{Bx>7HX&@l|QMfbG$i<8t>>N z|NaIYP(q`mqMTk+{~{tHYuJfK%G)X#?NneM89-6rc&)7Mxnh^oG>OdJ>UiLXpQt*_ zyIdz}9PvVCzwvm-Ieo%Gt-iuMWY5`apr>|1EuO9U#D*6N<@{9mnM0WE9hWYL`*&i) z^BzalC^h327%N_wvZF99$7@D3Lk)(?Sh0E7dBlAwSr5|R9A9MWsRb)ss>{)2sWU6| z$H3K}Xe_MMiFumON+~K5j-$L+y;S>J!tTX2^Xw(R3N}s)0p%4vh zAWlZNnZlc=Y(R28K6t5Oa8CB+`y&&e1>fU^5mUHb=NtJMgsGFQzdt<+m3OibRh5vC z#GH%e%lZ3H<(DYB9WW|>TkLOz+OG_*}*{869fmE3Nemz4&)?^-h(ot(++S9XC zxIluT8z#U@tP2y{-=f6vmXd-(;c0XvgQSQ+!l-${gK9=36FQh%J<*O(#6ufi+^d;X zc5}l&Iy$nmgOnl15f(!SL_9;>;b z7p5~9lcghCWZGm{LH0(LfZL5bRdtLN*?{>cVnlbohyaMvG z#L}{G1eED7FreMqalE4!HWRptlUbR%+Bbi;2@&$#x^K{UC}nN^A0)9dDjucD)^*WNr&6Gwf0juVlBTYSD#hxU^b<78ze!X}2VDWf?u zV|&O+govtV@$y*qE2N@oyqGcQqKmWFM)VxFxZ^><{jhIdla zF{bfs)vmL6UrOf{B`asiS*1=ZG?wSw#2eQ!Cdb5R%fNJAQ!md?jm58GVid9l<`CeE z1GQIT(>7&VMtV2D>{*AJ@-B|AS}b(2_iJm-p#;{C1bP|~w16-)rjmCOth0y}Y958RL~+Q2XiKOSg0} z%zS3--r*o0zuO)_M>p115QR@nY;SW=OR_CirWtY^eLt4(N+?+)Mb5%P#yGD$u4~Cm zx?x+zbH?A9{QyF;k*^E1SGZmBrQ1&Mx)>%h26jvC2K3~-<#<1QtK4h$#uSX&us;KA zXQxzPuU>B_<@bAMm5;Bv{p49zT-P!^XvvtP_H2V^(mc7d6F`k-kt~h3#q!7mycE zN~p>q!(z%YGsBWldz`zfvZ&bV$<;>xgvuKY#_fe zNc`ZJdv3r67tkOO^E6`P=Sek@yf~wsMqWjiX9Dn)^%gUoN@YdJ= zN4Ki|6|WZfjEO?#WdBQ(YbKBzKct0R=nwAby`*v-JLC@vY409+Z`dF${$125Wtdrv zsFw1Z$HU9zN*E&Q(2@2^&AHE?su$eq-*mM$nXjt8ByRYj?-<8c$3HT};vOnm`s=IO zA*Lj%B?g+QtDHB;d#i|1=i!o4IJ9hn-ke+Iu*I#+(N+Dt_*taDX3bqfiFovImBO|0 zxTN+F2e+1@%^lb-)TS!r&AIf4Z9 zt-po-2pr_UFXUh4D-B@uKjG@XtTM>G zE9BrosBiB7;Fo`?8W3id`t2Z71Ba<@dMw>lHsiq$#gpl#9`Sj|*c~6<%1l z#jzgUv42WCn4a=Xe+a~%x^1U_bnzwqd|3OzR0@II8xwiC;E>Yb;+Fax&da^;u~?R2 z28@*U3#$JyyzWV(FWLiJE&K z9{s|C86a*Bn~~Oe02PfAHyHJ)WR6zU2@{42bbjIt22K4S*BvjVzG zGWeEo!hcKIX@FZ=^QIb1%rcGN?R~3~-TU~6j&^d&>=n02)KOkHD&zfP!<4Eo6vs$d zb(cZuoUq{ZOb;*axf6_rqF2t`s-`*!J(7NhQ4|-9DD&7P$u$o&j;JmvEL@0`y`V`} zJ2>5mnG8Y~7C?}O`VHo40XMBmCwz7t$@N7e>q4_?rQ~l15AQ5oW`!-GHc&%638}Y~ zb?wUbm%%sy$zR;-)Va)NSrEBes=6K_JfRVZlhsJUpFGYq6y%+|@eA7B_Wp@5ro8%? z59IRxnU-y>7R*zkY`3a(Vy4#@Ch1u*z)#l5*GYAu9|_>g3=nU#dy*rim04V8lMDf~O?~y`X@S6sN6H!2b4PnUj2A8;3F~N>OQVBhTHZ|0XS+ zE9N>8Zo=>-jjkB7-6D$JQ?>FzqR)-W?P%I^a%9%Q;4GhuvIt2%gPPmLnm<*IG7T0k zG4{$FSAw==;4^RWxW}cz~Hgrqa{Hl%+rq)y36!AL2aI}oCV=X`8t9s;c-&@M_JuDi8(FQlGoXXMa z{;9@a&r(&yCaLn!z2AsA-=tBb$cZpA^sGjNa8pHZDXYqhSUT%V35&)=cc@`w>!G7U zQ`6jvxi|7&ZAVcxP$aR6BwPh=zSIwrcdGC4Zc8Hx*5&%!NPH03+yoW##Lt+wAPDZD+rDbw&1ddf?s&PKGYCp^`G(H#c`+d=QxSs6w>9xv(y3AyQ zi+dI0TTeHOMl05KBtd4GFv~Q|iZ>TwScpgq!}ks`Z_q;45JjOU^}S(_!&qYL@2<8e z8FAWzVGWC_=-N2|gd`F&-J4bG>HP@U)mD7rG%~d|Zoyc*oCw89-Qp~ncpNvN>Qb9T z{43r_nE6Hxx_9GH5T3zvOS#P2g2I~l#=D-QCor*1x{+lAGl4gT5E5o)?w5=0JCdBU zjXsj9IU(6)Sv0b+N7$p@R7sht3}G%*!~>%j>MQFXmzJJMUCcE-yi2_c)o~6e=glKb zM)!t1+jpsTeG~^Gjvy+?FO#65qWgA9d0x7btKGVGQ$TN2(1P*XZagL6ozSE329@>H zEoc4u8+nQgXXL)3J!&>`E)Nq$syXs(`ppGimcZ3+&S^a(1}N)SJxm~!Ns&(Q<2;mS zq>%G*{pAdi81{IgK@d=zq%U^IVdKj~JwgfAtkAeFdwQ;lQjrouK=RUpQC*mBJ4o+_ zDl(S=<}Mi-Y5B_mC1_+-1Ft()+X z=hev5{It%j)8U1 zmEd<+Kxh5Ok>}`T4jCQA_p0*mRiATcDa(f?MvrGO?o@^khH`SS?X}|ee^DQ~{Y%?P zU{a_L_}g%Nt7yj=9_PShkwHfCCGEMkzi(}DZ(X7~>^>XiQAQAJm6H=TUGb@sDy;_- zGiDiM@i96@a|g}jGrCE|h=%E{aW6oQPMhhjKOoqw*sgyj)5vYLktA6Rsv{^^muB0c zS-w|%x=m_Ay+$%La;7v|3iL6@JOs!zKx(}jTD6EXbCUMvzxu;XnktSSXD1m0YJIdS z^QLZ)HyT40(04+`G!fq^!W7s$21@y5a)Q`o(>~AjdF10d4NpmbrXJw!QNN|)I1uLa zu;{b>j-g8A5Y!u@V+pYNc9W|l-_|{b+#{GU?|auo55mR6^KpAkAXByHqqMlYe$_ii zB#{Bi902U9EjB%h5}VC6vyF{`?xk_uEHtmV5xhZ5`8bPQ(FYIPYBO+es_&g4jzBx+ zmG3X*3pg3eN%Z|l9#vd!eJq*=G8=Z^r}}{RzI0y9#-}K>s7_yRBJJX+V{m9hwUIx7 zjHrY2glcN4`KHvl;E-=O5A31gX#2MSg-_vz4#f5|@5J>~@g#-Nr`ZGfu7>na!ELaT zyr32(dJ;~Oh_~2hWHuG!Pr%YM`GR~X@eDueX&>$W%09;;O$tREz{7HH$URhIl?%Fn zEvKi)i?bVl8o}N zzOsWaP>oUH7Ap%|_k*Eqr6dc1mjVQ!*TbS$rPJ;o996N|L_ZCz3wze25E*-CVGr8B z>QMH1>AJT<^GC`gYjW}F{4x`mhIJ0hI6F)Uh-G_%fM)rzd^YR+rlJlV67kzF#N zApc~e@|~Ar@cf0Y$>c#|DtkkD+3>iJ3&Jv&ZEb91O$=%1I#C&leJ+x8vA)l-PI?Iw zNELOp?O7wAt}Yo#D3)Es`e2_gZgZe}YInF1{m`z3>;ba*lnuMrx z*p4q>Hcet&_}}X8puoc*wvV(kLV=}YtwZh*veDnMY)xaWn63WB`Wpi-;yw^6%D$1Q z6?pQqdb10t>8%X_yQalN^4oS3RqmpM;fYhhrq|fwx8?mZqP%Wrl(;j#TJvt5z~yDJG?o`;1o{em_`p1KC^l=+l@V~ecC+~O zdhp0iR@v|k&`9<@KiTtFPakE90uoKSc69I2^As}cyxxT{6)$;tD3)#sQ;F%P7b(8y3yl6cjbj01pnhg%kCC0VzpyH- z-apPH($1Hvs2+M{5^tl3-R&O=o1C&8ZQW7e2<16@;ckq1vf;!~2ADa>1qQF#~-_6mldJX;|P-ciPyP{tv+432D1r1=iPerX77#2qDX+Q7z zodMi*td?=7bN+icvxKk!TTx#0^qgYr>!Q~AeH|+faE8(n~S6}dtg&L># z?!X#Z74?rFZRn5F<8m)MCN$@XvnTob;@uVozny{=dPe>L%o3#+CE{s0l~Gb=Kc0D> zX_(k6|3>w>$-vcEfB;50L5Q&1=_LW_#^LYjVGQq4Lis*%qNK$`h8v&78RiYRH1v%qBVHr_e%NCHW*oP p-R{rZa8Rw{{kyyWvsb^66}p>B&dU80bNw$Pu(F0yv4T~|{{Y&dKWhL0 literal 0 HcmV?d00001 diff --git a/en-23/img/Grafana_rfc3635.png b/en-23/img/Grafana_rfc3635.png new file mode 100644 index 0000000000000000000000000000000000000000..dff176c82d085701f29a34152934d91f08de1242 GIT binary patch literal 11670 zcmeHtXE>bQ*6@TNh!znoYJ#YvlVOMwC3-K>d!4}yGkT(n;1Qi5A|g6rh#G>3-ih7` zqmEwZn>^?F&U4-$-}heU$NS^Gt~1x%GxzMZ_S)-SYwgu$M{8>;laVlx0000oRTV{D z0N_Rm?%whiA?~xf?w}m^mF1^z4A-?ruzGkw9h}|lS>e7O_N?|uX9oZPIprQVOV-AE zJ8V9k{lU*uA`$Y!kWn&Fkh(e}`w{crnF7cXB(s}c!**ANucNvsB!+ilW`-{8CV+7v z?b>4L9`y;A)|)mvnBobMy5=vt(?Ev-)>6Y4sqcPy#e8+&!wS6n*i_-e#?gVtW29ZZ zC*qoE$-CY&cAOEHZFYXkG)eO!L^d>`of-@PkUVk5F>0)#4zh*13s~DhZR`b*?jE=& z005+Aksj8zuJ&+N8+%7*2$+4h;VV0Al&`$VIVu}pD1uwFuSpaHmd^E%brzKKvY1G z|0&YhN0?oPgjL$h&H<#WsPq>J+%GV@6CCaV0s;{TgaATB0P5uk6ngylF;Gw#C@jp6 z!{CScLg3a&ehBQrZxa8Yp=b}Y^>X%rJ3}F?ziC?AK)vB$c6J<`^)KRZXNSM3LtuXi z0VfXNZwOFGKoIz^=)ZONPiFoL`fteJ=)Wg}jCJi{P&e=2%Y)e^gn>eTQu-5Q^8W_? z4KaW?|5)nJVQpum zy_>P3v%5V6_9rKz!jgYa`V(sMFVM$g?7-hT0RE)}oKAuNRO)ZZ{?EVuv&g?C`GHR2Aj)k#DzW5lDT5^OpVHQFTshVKy+^4LsspRVqrIKi=EO>5PYz z*_$I~QC6*UIurHds262djzpwSZ{B?RiU7_=eB+KTD>zYIxXbQM*XTS8HKDxU?Qbm? zzS+LFB-XS2cfedHP3tqT-A6N!TBBTT)-X!>`+Z5u^#J)>Y>GxIEqCN^QBgj$B4!J_ zb!$_Bc4h6}-m;dgo(04uSyEg)gSs=$`gBk9^JkxfX>1KD6EfUIO)rgHSmZ`g%1140 z7Bi1`Lk(-`!vNhq8UamSVgSqXEy>w#==hSV-`im4&t~I$_%p2aUlVOFxIqyLlxf;)gL_F6fen58+?=Ha60w zu}iMEpE3VXpqLxGx=oHb37&a1vf)&zUTR21&D6J=YTh12)pps_0K2_)%sCfyf-fwB z7#vo0e8X2uyrcknU^4FSasl)Y)x3^}J`##&x zSCm&oMMMzZ;}6K~JTr%FYap9SL$j6gR{JC@To9JwluO#m8ZA@79blVN?WFE;nB05z z2iS_wVUdw}6KGWprWse?o%!X*c1W8FL`@8EFYv0k>?_tDTc;>Q%%<++(EWs(? zmTV6Fz=@hN#8q_}Z^6Eorz60vX`>(1@v=8hBOG%A&Yw0~PuJX!Cs`80Y-9mN&@%oPDuyA@m^dJda z9QCFGkwd+(_VTt;{Z9RA3VO&%wCRndQIGGZ_76dg$D1(ll!HI{95BAKZF)DL<)en| z{>}x9Nb_SWRPwR5#X?`L?7NCDY1gXJ(t9mg*VW{aq0?*g%Bs%vjN;cnR=N^T&ojl4 zP0X5-);ABJ4OB0RU!t!)dA+^8S5|2RCG9Bz^z)-l zU+)2?=;@n!j&cI83(PoXr@MH&^L#wMIV3d z!usp5R_IrE{DqH<*g5tJXOwBb?5>;4wH@*E+UxkPM6QINz?Ys}af^*O))JI4Ef0Mh zcXLZ-Rwx8n0`|B8wF6%h*c5c9W_%EsVqqhEN_zUC)j(?bsN+xm@bu|1Z@&zL6uNGf z8S?eu2H!o>XZf%8JRUeyrI)9awdk94cn3GsKRrK@J-rz&ubLwh_^GticDw%QE={t> zF8JWaj{)9yC5>+pb60@9S$wYs@aUK+H!rY&HMsmM-}9QwZr7MOJXUu0kj+hoplf^H z=@G=>GbE3+Z$cy+cDY#xq-3@bv#oUa5HRifuO36LC>B;XlQ8E)W!Fp@5Hmg{5E6C_Z2;^ zvx8liAi&xhbIJtie82&JcsR%5Zca;5SHZgp1n>tbnd#m z!#q|`54U^tv;>~y4QcCGFU?)Ba7Z~)5creQOR{$5^jit;EnFe)(5yBnC#Ba_J(W2+ zI^qksVglTg4glhxb1iyEA}^yICyk8TF*L$e|oOYI?N)TP{o2}5@+bWKd^%H22);jTdZ5Bm~DFIk6=&p{*@r zM&@&+wpLY>fO_z46YHX-17ONIwtNCzxA)D2=&Jb}_TaEkPjY=GeRN{tU~~ld8RtZy z6G5Hnj=jIUf&e-?fkPYc5Bd4RXQPRQMZ#499WI;b(nd@-zd!|D zeJA%f&eNo8?GKAL+*y&UaAR--E@|#y5oAwwMsVTe z;&orxzJB%eXYNV0Qap24zxkwonyJiQ$v8ZK7do+XAD|S=Fl2MKAlD^*vbCJGLw))& zmp7RN3)65xy`s(b$4h=T#^bKs$to#H2gocv3YS+VJk(m+4+bl$s&Z$FUn$~@vbO(g z{Dg(?y)4bhNi)(GT(J4FS=0lFdi|@X1U6vTwXQZ7O z#LHj2ufh6;2B`WLT#${c2I(R0mH>uDd;|}A>6r+Nug(r1T505n=g-o6;S5w7^DFU- z8Dz=UmOf4Tk1t=GQur;$77x@eaJEkRL{EYxZVoGm8v1!q_!Ic`P?RB-uzaFNLt;L< z&tVy-Tw&+oc0*?=5Fzn?bGEC7hDPRBs9SXvY+c|sAwG9sA`3vDhl6 zbmIc?G0naGo|Jh>_ipZAN6oC%5Yd_+yDQPu#+WnRqN3vGe7k&KkLhBq6%`e3`C zxb4%dRT`Xc$ebgIU7O7(Y$o5W*f9qz^pj6e%is4;BHGzQINm`bhP{tQ&Oj_d)pV&n zeW&}jzDv=Orx){OcH?y-8`KP5KkD7r4Geb}k1^nxsY!8)O92^~doSFlg`a=$1ZCO% zcBLgHJs0`fEtVPng1fqLa=bfw|5FXASdTWpwIKYbMp)=L#sg{AE`8`H>7AXPO zG{D9~p5)|Y{^9LltH)AOM0;=kpd>mKP$Abe8k6??Hc^H43tF&Wd@td9k%e_N`2JnV za#!%-!!K=t1VCC#(afPdrSo`oGdI42HS>uLKTJY=KwOj7lcv&H7Ze^p3wwWGPeJ{6 zyca#Qm{^kez}i-9)%3PQU+p};Al#T?wi4_60bF+`nWc%v;5K@9qL%DH(HMH_IZ9)> zGoFJ-_)f!YKZa%=?rNT|+lBMAH(S1iLl^>t zZan?+Mf1ccPY1S47VLQVDWSdNyVuEVtxZy7T)3nF!6?kww)3@(^0+{=2`Z(r5l@;K zSm%3oePNu>k$*@gEBN6E4W0h7+pJ9g78LdRHQ(murXbyIb-MW``qx*9cj#pT9+{Xl zeAzxGlJs4YJl^5A(}FOQgukg80Od_zcx_vjFBCdj*iB*#dZl56t*!O_MlL>Q_Ow+; z6Wc4Rv>wyjCqiEBg19_$g?6h0eKaV`ouH?+PbStcgLT6tsFl{s@hj`w92^|!?i*4S z#(YjFxwpg84+}>&(!6)nahswGp91_nNsr6AtdI>HNCbcZ(??1#0c&PRf!*d4Dy;7r znNl1b2?+r`ee>l<^~VGnTqoowBTl2e4I7}0jQhWiTFqrN<)dtSbVk}hg7&6Ekc^Fy z0zvdlIu2yFzGbZi5m1dLK6Gs^*PFTgJbg9NJ|JxiTK)J;-0kP<4jVQe;Wx^(Gya3( zfgAeWDby^-w5toMj0e!Bmx)}OEe=)t+f%!fiJ6f@PAfwMCzSp_TqCC@+wNi2)YR-3 zUR)!kA@_jSpL;q1tdho^F$1#wgVk)trAKbp`;Hh);DB6~`0CxA21K*0yGys#+AN&O zuPJ+JShpE#O?@vWJZOJk8nZXckGJ}k)X{Ts3+CC-6i^%VU}HmS5PdY`e-eP@>)u(B zII7mGTUjF2d34v#&LJV85dY*cp*3WaKks`@KSKD`UUF^ z9IuK`{&>L=M#;|lS9O(yx%C_PgcbZJYVH|n^oJZA!qP9!e~kP!`CZb`6CACVPyGH{ z%Af4t;F$O)$^YN#qs<6no;dhpT;Uf*u1fK*{C!%Tj=|38*`vmH6gy|CXk_6@wq(ZitI@B&qMx{rlt$b%7bq8<0=(Ddj=nWwTO}22 zB%{0gQgzevzAMOOq;%I>HIqz|C;3io=fQ<=f**ykE_TUy#3D0AmG)l+&JV1Yj8HLW zp8s&&QMvYqIRAf<<^NR#f|yz1gFrm=Hw~CmW(xDas!8%Ao}poKEXJ=hK_Eghj^^%` z?NNqzY0B5@?^3uh*JUV6dPCd6-KMr~QH3^7Ls>7=@LY+Q;u>DoIM-_5gV^(NFez|m zf>1zqSw!lCPBPq>&ng!vCJmJ_7!u@OZl|-0%Xw&RfRnk;`beGm8lk}R=FkBckAKrj zq?d1_?smE;VwfbpCDMA==bt?8>Ki{L9JnM)@j|Kk;uu?4hB#}ev#1lt8Q9%1*( zynfFQP_r#hz0@X8CDMXb-pfxFzNmt`1g&4(!QP6jF{qu0X&XCpt=gGR8(=C%u1xZZBbfzgTvYP8p7++U-ozxT&av2tfg2f`SVPc34asksfH(op|WYsTV)5TtV zm0$KK5;oE^wTRO#TtX+i#=$-P%za{+ipS)<^UxKL_35Uu-ZM9;-JLyiN=6h8zFK8EN1zzygl& zgF#M9Xs4a~%66~tHAt8|X0`*n&F7d}_flsl_wp(XnM8twxUxmCiaj0Yd@bkF8>{*8 zAzga<46SQoWJq7U*E{B0#nySk_PNP+zAi%#;n z+QJTpDv+jCKR{XCvC?(G83!&ffdD5n7q^6jbZ~XFxcfEn3*XwA4$HFo*M)jq2U`c_ z6}Fw4fa)pMowQ(lXJ-Xd_k*SrS%+DKY_)0GMC4v~aJEwEPBM=a-|<9@{EgI)-vtHA zC>GHCP4%T|Z#R`VPe^SwpWQV@eeM7eO{^AAzw#8V+e0?;{WNO{(IXt5|MZ~fte9}d z0?4u}y02!!MAhm7q04##k4mxZDG5k_-gT(>z>-#vFR?!cy_5$@QGRHv_4QaL|xbJ+0kto#T!C)z#9JczPIK?W~sqlm<0{ zGU5VoW`<7Gq-xtDM7YG>jNFL@{JhV64+3<6np0CR-!@CT^HjAdOUox6U|d_9@zNUf z&D)eP9Ie9>KpVWK#Kp2xVukR=S2!nxEvE&2N+yw+b!VR+RxzEYZ00SomN#P&V7e1) zSlYgbsbHV)rFe>ZOIhlOlffcWK%{Z(Y?tF?@>Yq9m0$1!M~W>q+YcQYlS_b~1qIbR z4ccs@C4cdXHvcGGxsWFgwVU^Y&;!n_W!s(g{h&K7}^6;i7)@5Z(8N-9Qz?aY$MH zk}e@9h27$}S|lzE?@jRz|O_$s~(&=uFd;h=`fYdb@MIvghoWs zCXMd@e0}$O`{5$A*hkOaS+P(TBWDk`T+_#FY*B5GuL{8OzJj;KFRm9xNcr_8BhnC>L)O*&_?DXb+QIcH)5g<#!!dl1l1aRzz1>8{_J@4iOcER&hJY7? zgoTsa)t|Y`Um<{Wlf_LnxRi4V*I7#w3M7e14e0nDD=Qp$?mXLVJJ*OtE)~*Nn3i7K z?^jlu!H#nLOW#H+_{>eP`~-NJVjpR?z?OB;iC1Pxa+ z3#&yxKc3&>jqG}s-q&hQ{pO4BEc2^A@sJ}^49})J}moE~%u&9}v8t@pZUoDTw#trw16D4NB9h;`IcXnMn(0 z+o#5HN~&)K;Kp|{17lQL9=Ztk zXBz9uxMaW;G)8gTouAc|sjWx%T`R*)8)9;W0>41y@5BJ_t5yrqCFZ}Rw!QFJK2-!b zP{ginCRFm*91TIJ1qw0`B04|2?a&c+(0wXH)zW$SBTY#x%|V1OO7l^Gq*2j#y2Yov zCeCJ30?|KZ1GV_(hoh!fImOKel-DV2yBAbMc{m=tm)Chj<5v91@o0_#APu3A z;z4(bNxUc4wH;;p^69Na4a)=SfTQEh^upIsB=+V(WG=C&k~-4!uU9#|eJq(lWFmxz1Xd8!yIScb0jL6!#QcOuwt^tks}0q~67ElH?>RQE zi#>|-j%xhcUX>eFx}CXHoAL_{B_Nx?7yWFReM+XLudrC|P@)@F!Um}Hpy0vt-OOFs zcrU#iqnF%vw1rpAd1GpYGDNSzI z&*(2n-N;IzBX8MiO=vuDrJBF1FH(56BFHv=0u8fJD@764PWRBX*&-o&Hx7)pl}Zgf zr(QH)=N8UYeD)0p?xO7hRE&;Wi)RWM7*a9OOqMntV_ybiCTY$5`;yJEZ8Gvl^Ez2{ zp#er0Rc``27n)!ZXA@}X;J$?tJ=Bf+5a{aV-AGN}xBiE0zTz2%X*4yJXY=&o^oo{9 zv+pC*e4Qn?>^;H9k3-1n49xbQ61MvB8^ynVP?VLe;$jI_3XQ{L5UvH(XWhz+yWk=R zu!8u~x~G(yyCm|+h8Mi*jo;`+Hx0E$1u;z|)(u7Hb#*NmlC8;L^Zv5?b&MP^~iKkYY)8^-MR;clVvEk(3TLsGJ_p+0@i3N4u zqG5?^m)I&ye9U!0$*rv1PqR+U+Rh9Ueiy9UfWC>_>bQSh?jM190iojvvywP`iDf2o ziD#&g+`uEiT?xw@M&gnt=GvhhJDWP@3?Tv2!eXZwUiW?kHo6iVO~^FRuWq~Z>87X) z4bBhx7L!()HN3B^OqiYYkBX1&*nls>>s3^u6mqpO8Wd1{u7~Zg3wH^oF>vt}s3`H8 zaQ+X3YSZp}(SrJyV*bUdxX6FhPa^NlWAWILF4UIHd@98PEoGl<9C$_}j%B1BKEMAt zr)PO}X605k=t1%Zw~l1S4Bxpu%Z1By_AMP(gy(MiwX`UIxK6ZE?>#9*0Qw>`Yi1y- zb2%RuE-F0<&!2|vp=B&9(kBBdXR|%B2*c&&VrNf&#ZIH`z2(U2n0o6+#pcnm!i2Sw zj+$DxWd)`WSuidii_SS~QcNB@THS1Tws~4w9rw~&uB5m8`yxh=ORT8xD55>$bMYC8 z?KrDt%hdc)ZQaZzdc6rC>TNycgdiYr#x-v4(xz(b>-SEf(4KWOqT;6vMmF-&j1pJ9 zs$8+QS`Zl;PHG{c<|{$E03%g@FH$;j(d1~ZtRLSsWUKu8K!jurKX7@%Yo$C~8lhdD zau#3T(l0cP1Rk_#jM87l-jq0T$ez_zNuG`F+-4J-YWb8V^GTm)d^J7#wqX@qi$**% zRH#ZBZk#IT!f~v`#f$0fWw^UIKb{n%H1`u12SZ%W30;jFY8hVOoI;XBwJbF{d-tG1 z0`$dx7{JNJU;-PYIomy&Jz?DU1J5Alx3BAo=D~xpnZb)i#R6!QyZ1_b5!QfU%+7#` z&JP6S2$856bjVVVBC`*K(8Rk5EHt(z1SIK1$md$MI(JF=QSmu5Gu1n(+$Fdt zRW6)v3;^i|T68AG&r{ z+T8O;N2k)$C?h^+m9ICm_f16MtnVE}6F%}Y=+h|A+(l{Hd(-(b1Mjw%k>NB=hvxI9 zr73Cx%`dVVd|=p6tPL8v;UsGM>Q$hTU~v5}X*V*mnZRAVxuA80>M8t0E?r$hYf%Q@ zowHPv1_;>5{BdfoGk3u0kPUO-7X6lnhV)@e)@-&rtXj~7;i|1ZMnrAW%(OF6k0^Jj z$Ry`^N8FMr`)g2k#*!4bIhd2Vwx>^dTCH;OelIhX8a%3|tzH^hv5RLv1SHCC(tX$R zNe|YhdWCEL1SFU!Wuc-I2^Br8T^_ztn3`*KUu;#q!ezmYhsze@cA38zKQ03wn9i|m z6rx-w5`O}7J6Ob9OdR`L7M<81v?0nd3m7KT@h6xA3s}tg#G|C`an%sH&Y#zdqo$ds zR?mq6Ct8{g>gp_niYKjZl?OY}4yOz#hn>EdAm>L4IS^Tg!}FMn5fTD*HIntDm0Jvq zZ~6N9I?(%j@rmcuj79DzK+6I{&$D01x8xF7(;PKl4SZalq#lKCi}!amo|nE~J3soN z`L>3jwz0uL-u!MWI$Sn>pCDPKi4dg}{w$xJUw(idKd|jxpgigtcK5!MKP`E*Vy=D# z=X86@XFmvIYSgp56?7JjU8)H^-E5><3iPO^%aO#9q6!}n%f9r_FnY<`Zby1mRu{Wyp zzN)g?Rjm=1Kz!<^QbBOhMUZ$TQS2*mH16arW$wf~mu1CY$9_T*)&1onoSAK3cB?f}ew( z6_}E>E`zqmqD>2(M81SMP0M!q+O+Q>U;Wo8SLeEpFlT!f$dQiWCl-X?T}d5&v~bqf6V4Zmt~W94528SmF; zAQU{SyN$nOo!vX{@G%D_>Th|SPHV32+9mh-NWCflvST< KDwfGxh5R3D=9yUl literal 0 HcmV?d00001 diff --git a/en-23/img/SAT_Grafana_Fabric_Vars.png b/en-23/img/SAT_Grafana_Fabric_Vars.png new file mode 100644 index 0000000000000000000000000000000000000000..194d75b124e8e6289c15cde200bda4ac11006cbe GIT binary patch literal 8031 zcmeHMcR1T`*H0I!sFv1Vsnr@GR0*N>-fFLi*aQi&DMb}kLA7Q}t%|BuRhwExRS`8) zyY}Aei9Wyg`91IZUe6!DKi)sy>-y!olH56;bD#U%pL37%J&DrMQl=zlBnJQhl&UHU zdH}#V9I?$uMne4LB(L!yex>^v7^C%I7(wbmh1^6aaChGB$El~!&Z9&0Oa=_iH;g;YCzyfS3#I9(gq>ukvyQrY3ppbx~ zkE1sjC{4~T}NJ%Hb^ft6bK~Z?0*SrgM@!u`VE=Jx)T#Q!eU8f!g$$T#RLTaT)BSsKKFer=m-Fy zWmZ*?HSkGWPWKHk7#M1+-yI(+)7*jH7rTG|@uc2i)_K=e%$_JgGNIjb`L zzxvt*^+0=kze?;{cFb)?a;eI(QHNd{?9|L8z~<{j zVdLZbcfZL-cdN4VdKSlr06XcooF>r=+3(bUNpDaeT+tFE*_;nL*J*>Ay!uFd=$_5A zJ$JeTjg6cTebex~9C?_m%$C-oL2n>0g}v3agDVkDD%>74@g);s4SMO}Jy7 zWR_O$y{}cy5UT%TcsLMeS@wajK9><3PLSSmsIR|tKICR(vRdJyLaH!(b4T7xJO9K( znaJFV&bGU&E7LP90+CXKbQISp*fNKli5_ z*Dp~W|G*vM2iq*#%esG}3WGRuc4I}EPmSCv^R$Nkji;n zQnJc($QwXw0<_HI?snfQ{wDt17`H51`2pBTzFK68%Ic1ic)-HSOvSdm(je?QC*!r; z<%{AgUWuW29LspAR!jC4Ut9T@vHSaC>5s3UOCa5HT0CkXxe#)xexK##%Xv<2?o!y)9H6Uy z%F^xA1fyV$JEOMLzNjQ-<^28ZUe6wjN)flwA3?5y2XoH2<6j9uZIlt>87Cubx&=1C zAz@g(Aoe0kUF2m-IzXW`$Nqz;-q?zrspWN)+V|f4X=wyi|Hey!*u9!_a<7H1y5eSD zBcH+&b(Q^g3rRvJgo>BJ>xk%dgW4w}dDGZyc@u>-)$~APecEn;a^N?H{U5OHFUT!8I@HVA+2Co!Ffbix|z`&9YJ{gVN7TN!(5@Zml_=*L4F) z?d^GlFfJsFNyKGrgNRMiW`syUn;X)wXe_C3q;X_hPwE3ZZxiz_dc<@!T#vU>+{Dmz zwk>ZCd`GntHIkzGowtiAv*UvpDbg@?zxPcVtCdB?pjwUuIRA8NmShDY5*NzJf_#u_ zGH4Cgz&>T-wvG2|;1eBxE4JxT8;hLf2Iq;g!~$u^o0*b|0`Sx9eXn3A3{{--z~hF3 z**@Xeh2pgp0EWM`>pULv>Gp=vR?l5){{`}@8e$5*U6&wJ0}q;RVh z`RoU}^O*Or;&3BSCT$;XxoJH|WW0=%p`FDiRg>+7wU;W?Rz(+^u^ess=dH`e z-YDztZe?`-OqCFJGcV4+NAM?|Gp5hME9;)aj}be2L`C=vK_;-F=Q>$DV^L>v7Oa3MeR?zYSv%Y7$R)!;XJKnlf>bt+<} zgo)ObD{EcPmBx#OI6AK1b)~`^rkeN-OlN$sI(hrLZ6{X{gvor+0FoKj)J(l#5?^pv z;>UNVIRc719V^XJrb+iCYi$xiOC; z91mX)evfGC3-(VVW&43*Na1Y+M-kpS{Y+8F^tfu`-L7T)jA@D>_*b z9SrloqGd%E-K`0;J5O{KrsN3G%8P@f^1OYn9b9-Z-7*%}UNden7_{KRnu5~;Cs5*E z7`1lmZ(fdUsxcYDqrProMGd?7ZrzrR9-H8zrz)%QA6qV&Z#kMDfp=&}XOA*gOYFLi zbgu8$n2S1dlY~9YY7)j-ZmwS&Oh`>_4!p9$$-#k5pS4AlSU0BA$2RYV`-eG}=H`a! z@OEw6PnX!N(CWoP>YU1Z=PwIMi#%k@v}pLw#~lyrhnH4~i|{?nOi#Mnu(ZxFDt^0A z+f4nA=EWmf!SrV>Pka%y2=4FW^YbDzJ0tU4HPA|mknZkufT-6;9RqTZx#&}~yqnLG zUbQSS`e@=>XSwOgut_e~9f&-SAP+_-MLQcmDJ*|UPEquL7YpD~D2I1S^$)mLHvX;9 zf*)zpW=}g@&rPAyzE1zk=Pe&R9{oy>kH6keP1|Z;>A`BsTC<41E1};dFQ-#oGc~NH zU)-=Oy{YRvx`tJz$f8dFdmeme&8*0fgU?bv4Fc{Nou}N9v{yHy1E^y}%h1ZGo^|eO z9=%Ad?ylb3fG(!wuW)Wswfi+W6>&rWMCm)w#2%!G4uUTb)j2+)PBS3MpDP2n;BT z?(>-`BpEMuovT^-IpMTO8LUG_&05%^Rvf{e2hgY zAu%Pad_FP$5t}kF3W8Y;4K!6_Gs%prwVo(oN$#Na40u0 z+Ff~H@b-y|90T+%yAwmLWe;ff)b@wHAs{NHeRpzgTd?&oK-M$1+C zg<&d}jD~0B8vRPc;40wuUCdy0Jv>G!DC;SYT`YWj+Pwcxc*TI7B_zh;U1ZqEa&D>9 zJqZ(&z2kGlRI;jSNCn$ z%v@7h80(YX)JK=8;~v zw-DTFu7QaI0zDUmTH$3)vuv6UxMi3c>3>2~WtTU@a5=oGKebx?mSj9}>(mX?T^1|* zL^{%|f-i{YjH1$>#;00~cM<2fLs7b@H&}~Lb?e`q7qOq_$;3(rnzMG>&To`fwKTTC z^$HwHH@(Wzg;h-r2g;|eJbIy@B5hq&VzO?4juR5R{p2F;@aGoo^IH21W0@?tzcW4u_Z2#)fk*Cz4mjiW3`8T0=xQTOi(Z$P^X7`N6`%9280g4isg2GTQD*4H*o$bp zyltCYry-Bv?N+h%v^)PK>%Dhzl4$J{jJKIPBrvf%Lp=YvX;Mtvvi*!DUovgZPPtc5 zM*Q48;$`P5dE4(U8@}R#P&WHZL!+&9<15nR(QV69PdAlB1PJXZ7nG)zJC)grd6=m@ z2!WVghpX{-zil(sPe(Ali!w0_^QhT6ef1&TQ+>6+FNdo@sy^!6T?t9P3@?BFBR9A} z^3A*wTmLIq&h>AX!l5(uViNhn%3z*k85PrA?nj#4-d|;S;d_>_J4xN%tot=j)t`Jf z(Jhe))3)<+Jq+0)k>d!e%_WaDY^f#CYlaUfs#hn7CC3f&jkL!OdX7Envh*KblBz0s z8d~n-mXfIHTNoB1gWb2%OZ-y0GW43SEmz-pb4{aixo_jZ{+^QNbQyn<80z?uhNm8d zs7bn1bww1EMewaDv$-S}&jRMys!EmrBER?5^g2K_zr~VpwYWdt_+|ilVSnox7?&Y; z!JMPCf7fDU%JcgA;d!YYUzWZr*q4^rh`}lQ_2+gF2sAA<^%3*T_UK@2w79ON6Z6}Z zgrFcL)+cJP-oaQ=w33q1^1JcW@ErQuMYHT)_w5JCWrbPTLpGmB-Bw8XBK)^+^bCyw zr(e`PKA9gK+`GEI!57`@;CD|uF_9J~%DBIo5IomhvG{S~z&D1?sA-Z*egC*QZff1n zcdb6y>vOeh#1-z;YI{@6{8KwIu@T>`CSX6~jl~_~A45M>-|Du(=aeBiOr4%&B%%C6 z!!dpH@SV^6;7QRiCtpVo+mO<=&T;=@PRDaxB)nw3UoUB{bIv$ANlQ04QsU0dE&k`s&`Wut4(}A zHkrjQa;`{AGkajjKF}0v?I#N+@N2XzZxAmvkqMp0nQ0EhYjKk1SHDCP#l;!GvrIcf+LmTc< zKvDnX&Wn5(jlPWnBEzVZ_CWMOTux6l?nrtkFH-L}x#Fknmc zMCXUpL+LAN%4$Kg6FE5(?)24TvU=Ye^lyrp+4s{9+Lgt>c=4EDS+0h_*08uu&Bk`< zx<~1nZp+z5Srvdo%NQ?SaGc-3vJ@|4q*9){1ydu1m>LOd~t$4)YeRt`N5MAr@oKJ`7(qYAQel4PW5y`^2`1)2*YB$JEVD$04bAYF%c2EtF^OkY z-lb(@?2>NmrO~8G;-{oHpA_wt9BK@W2U407UW>o)@^G0X;~^X{87@n$bVMjiXr=t zf>*%}5ZSBWXerXIg&qOfW`4;3lD7F>p32%s*WYqV(lGW}eat~m0jsDMVxF8Rj+Fbi z`c+Vz-T7bdtJg{4r}s@{mvn6z!VF`jNwiO>KgCHsItfjPZ4B^h2;n-bx;47XyL|fH hczpkVy7lw)-0`;Ui@PhQbZ37zt14 + + + + + + + + + + + HPE Cray EX System Admin Toolkit (SAT) Guide :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+ +
+ +
+ + + + + + navigation + + + +

HPE Cray EX System Admin Toolkit (SAT) Guide

+

Introduction to SAT

+ +

SAT Installation

+

Install SAT

+ +

SAT Setup

+ +

SAT Post-Upgrade

+ +

SAT Uninstall and Downgrade

+ +

SAT Dashboards

+ +

SAT Usage

+ +

SAT Release Notes

+ + + + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-23/index.json b/en-23/index.json new file mode 100644 index 0000000000..70b4e168d5 --- /dev/null +++ b/en-23/index.json @@ -0,0 +1,71 @@ +[ +{ + "uri": "/docs-sat/en-23/", + "title": "HPE Cray EX System Admin Toolkit (SAT) Guide", + "tags": [], + "description": "", + "content": "HPE Cray EX System Admin Toolkit (SAT) Guide Introduction to SAT About System Admin Toolkit (SAT) System Admin Toolkit Command Overview Command Prompt Conventions in SAT SAT Dependencies SAT Installation Install SAT Install the System Admin Toolkit Product Stream Perform NCN Personalization SAT Setup SAT Authentication Generate SAT S3 Credentials Run sat setrev to Set System Information SAT Post-Upgrade Remove obsolete configuration file sections SAT Logging SAT Uninstall and Downgrade Uninstall: Removing a Version of SAT Activate: Switching Between Versions SAT Dashboards SAT Kibana Dashboards SAT Grafana Dashboards SAT Usage SAT Bootprep SAT Release Notes Summary of changes in SAT 2.3 Summary of changes in SAT 2.2 Summary of SAT changes in Shasta v1.5 Summary of SAT Changes in Shasta v1.4.1 Summary of SAT Changes in Shasta v1.4 Summary of SAT Changes in Shasta v1.3.2 Summary of SAT Changes in Shasta v1.3 " +}, +{ + "uri": "/docs-sat/en-23/dashboards/", + "title": "SAT Dashboards", + "tags": [], + "description": "", + "content": "SAT Dashboards SAT Kibana Dashboards SAT Grafana Dashboards " +}, +{ + "uri": "/docs-sat/en-23/install/", + "title": "SAT Installation", + "tags": [], + "description": "", + "content": "SAT Installation Install the System Admin Toolkit Product Stream Describes how to install the System Admin Toolkit (SAT) product stream.\nPrerequisites CSM is installed and verified. cray-product-catalog is running. There must be at least 2 gigabytes of free space on the manager NCN on which the procedure is run. Notes on the Procedures Ellipses (...) in shell output indicate omitted lines. In the examples below, replace 2.2.x with the version of the SAT product stream being installed. \u0026lsquo;manager\u0026rsquo; and \u0026lsquo;master\u0026rsquo; are used interchangeably in the steps below. To upgrade SAT, execute the pre-installation, installation, and post-installation procedures for a newer distribution. The newly installed version will become the default. Pre-Installation Procedure Start a typescript.\nThe typescript will record the commands and the output from this installation.\nncn-m001# script -af product-sat.$(date +%Y-%m-%d).txt ncn-m001# export PS1=\u0026#39;\\u@\\H \\D{%Y-%m-%d} \\t \\w # \u0026#39; Installation Procedure Copy the release distribution gzipped tar file to ncn-m001.\nUnzip and extract the release distribution, 2.2.x.\nncn-m001# tar -xvzf sat-2.2.x.tar.gz Change directory to the extracted release distribution directory.\nncn-m001# cd sat-2.2.x Run the installer: install.sh.\nThe script produces a lot of output. A successful install ends with \u0026ldquo;SAT version 2.2.x has been installed\u0026rdquo;.\nncn-m001# ./install.sh ... ====\u0026gt; Updating active CFS configurations ... ====\u0026gt; SAT version 2.2.x has been installed. Upgrade only: Record the names of the CFS configuration or configurations modified by install.sh.\nThe install.sh script attempts to modify any CFS configurations that apply to the master management NCNs. During an upgrade, install.sh will log messages indicating the CFS configuration or configurations that were modified. For example, if there are three master nodes all using the same CFS configuration named \u0026ldquo;ncn-personalization\u0026rdquo;, the output would look like this:\n====\u0026gt; Updating active CFS configurations INFO: Querying CFS configurations for the following NCNs: x3000c0s1b0n0, x3000c0s3b0n0, x3000c0s5b0n0 INFO: Found configuration \u0026#34;ncn-personalization\u0026#34; for component x3000c0s1b0n0 INFO: Found configuration \u0026#34;ncn-personalization\u0026#34; for component x3000c0s3b0n0 INFO: Found configuration \u0026#34;ncn-personalization\u0026#34; for component x3000c0s5b0n0 INFO: Updating CFS configuration \u0026#34;ncn-personalization\u0026#34; INFO: Updating existing layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml in configuration \u0026#34;ncn-personalization\u0026#34;. INFO: Key \u0026#34;name\u0026#34; in layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml updated from sat-ncn to sat-2.2.16 INFO: Successfully updated layers in configuration \u0026#34;ncn-personalization\u0026#34; Save the name of each CFS configuration updated by the installer. In the previous example, a single configuration named \u0026ldquo;ncn-personalization\u0026rdquo; was updated, so that name is saved to a temporary file.\nncn-m001# echo ncn-personalization \u0026gt;\u0026gt; /tmp/sat-ncn-cfs-configurations.txt Repeat the previous command for each CFS configuration that was updated.\nUpgrade only: Save the new name of the SAT CFS configuration layer.\nIn the example install.sh output above, the new layer name is sat-2.2.16. Save this value to a file to be used later.\nncn-m001# echo sat-2.2.16 \u0026gt; /tmp/sat-layer-name.txt Fresh install only: Save the CFS configuration layer for SAT to a file for later use.\nThe install.sh script attempts to modify any CFS configurations that apply to the master management NCNs. During a fresh install, no such CFS configurations will be found, and it will instead log the SAT configuration layer that must be added to the CFS configuration that will be created. Here is an example of the output in that case:\n====\u0026gt; Updating active CFS configurations INFO: Querying CFS configurations for the following NCNs: x3000c0s1b0n0, x3000c0s3b0n0, x3000c0s5b0n0 WARNING: No CFS configurations found that apply to components with role Management and subrole Master. INFO: The following sat layer should be used in the CFS configuration that will be applied to NCNs with role Management and subrole Master. { \u0026#34;name\u0026#34;: \u0026#34;sat-2.2.15\u0026#34;, \u0026#34;commit\u0026#34;: \u0026#34;9a74b8f5ba499af6fbcecfd2518a40e081312933\u0026#34;, \u0026#34;cloneUrl\u0026#34;: \u0026#34;https://api-gw-service-nmn.local/vcs/cray/sat-config-management.git\u0026#34;, \u0026#34;playbook\u0026#34;: \u0026#34;sat-ncn.yml\u0026#34; } Save the JSON output to a file for later use. For example:\nncn-m001# cat \u0026gt; /tmp/sat-layer.json \u0026lt;\u0026lt;EOF \u0026gt; { \u0026gt; \u0026#34;name\u0026#34;: \u0026#34;sat-2.2.15\u0026#34;, \u0026gt; \u0026#34;commit\u0026#34;: \u0026#34;9a74b8f5ba499af6fbcecfd2518a40e081312933\u0026#34;, \u0026gt; \u0026#34;cloneUrl\u0026#34;: \u0026#34;https://api-gw-service-nmn.local/vcs/cray/sat-config-management.git\u0026#34;, \u0026gt; \u0026#34;playbook\u0026#34;: \u0026#34;sat-ncn.yml\u0026#34; \u0026gt; } \u0026gt; EOF Do not copy the previous command verbatim. Use the JSON output from the install.sh script.\nPost-Installation Procedure Optional: Remove the SAT release distribution tar file and extracted directory.\nncn-m001# rm sat-2.2.x.tar.gz ncn-m001# rm -rf sat-2.2.x/ Upgrade only: Ensure that the environment variable SAT_TAG is not set in the ~/.bashrc file on any of the management NCNs.\nNOTE: This step should only be required when updating from Shasta 1.4.1 or Shasta 1.4.2.\nThe following example assumes three manager NCNs: ncn-m001, ncn-m002, and ncn-m003, and shows output from a system in which no further action is needed.\nncn-m001# pdsh -w ncn-m00[1-3] cat ~/.bashrc ncn-m001: source \u0026lt;(kubectl completion bash) ncn-m003: source \u0026lt;(kubectl completion bash) ncn-m002: source \u0026lt;(kubectl completion bash) The following example shows that SAT_TAG is set in ~/.bashrc on ncn-m002. Remove that line from the ~/.bashrc file on ncn-m002.\nncn-m001# pdsh -w ncn-m00[1-3] cat ~/.bashrc ncn-m001: source \u0026lt;(kubectl completion bash) ncn-m002: source \u0026lt;(kubectl completion bash) ncn-m002: export SAT_TAG=3.5.0 ncn-m003: source \u0026lt;(kubectl completion bash) Stop the typescript.\nNOTE: This step can be skipped if you wish to use the same typescript for the remainder of the SAT install. See Next Steps.\nncn-m001# exit SAT version 2.2.x is now installed/upgraded, meaning the SAT 2.2.x release has been loaded into the system software repository.\nSAT configuration content for this release has been uploaded to VCS. SAT content for this release has been uploaded to the CSM product catalog. SAT content for this release has been uploaded to Nexus repositories. The sat command won\u0026rsquo;t be available until the NCN Personalization procedure has been executed. Next Steps If other HPE Cray EX software products are being installed or upgraded in conjunction with SAT, refer to the HPE Cray EX System Software Getting Started Guide to determine which step to execute next.\nIf no other HPE Cray EX software products are being installed or upgraded at this time, proceed to the sections listed below.\nNOTE: The NCN Personalization procedure is required when upgrading SAT. The setup procedures in SAT Setup, however, are not required when upgrading SAT. They should have been executed during the first installation of SAT.\nExecute the NCN Personalization procedure:\nPerform NCN Personalization If performing a fresh install, execute the SAT Setup procedures:\nSAT Authentication Generate SAT S3 Credentials Run Sat Setrev to Set System Information If performing an upgrade, execute the upgrade procedures:\nRemove obsolete configuration file sections SAT Logging Perform NCN Personalization Describes how to perform NCN personalization using CFS. This personalization process will configure the System Admin Toolkit (SAT) product stream.\nPrerequisites The Install the System Admin Toolkit Product Stream procedure has been successfully completed. If upgrading, the names of the CFS configurations updated during installation were saved to the file /tmp/sat-ncn-cfs-configurations.txt. If upgrading, the name of the new SAT CFS configuration layer was saved to the file /tmp/sat-layer-name.txt. If performing a fresh install, the SAT CFS configuration layer was saved to the file /tmp/sat-layer.json. Notes on the Procedure Ellipses (...) in shell output indicate omitted lines. In the examples below, replace 2.2.x with the version of the SAT product stream being installed. \u0026lsquo;manager\u0026rsquo; and \u0026lsquo;master\u0026rsquo; are used interchangeably in the steps below. If upgrading SAT, the existing configuration will likely include other Cray EX product entries. Update the SAT entry as described in this procedure. The HPE Cray EX System Software Getting Started Guide provides guidance on how and when to update the entries for the other products. Procedure Start a typescript if not already using one.\nThe typescript will capture the commands and the output from this installation procedure.\nncn-m001# script -af product-sat.$(date +%Y-%m-%d).txt ncn-m001# export PS1=\u0026#39;\\u@\\H \\D{%Y-%m-%d} \\t \\w # \u0026#39; Fresh install only: Add the SAT layer to the NCN personalization JSON file.\nIf the SAT install script, install.sh, did not identify and modify the CFS configurations that apply to each master management NCN, it will have printed the SAT CFS configuration layer in JSON format. This layer must be added to the JSON file being used to construct the CFS configuration. For example, if the file being used is named ncn-personalization.json, and the SAT layer was saved to the file /tmp/sat-layer.json as described in the install instructions, the following jq command will append the SAT layer and save the result in a new file named ncn-personalization.json.\nncn-m001# jq -s \u0026#39;{layers: (.[0].layers + [.[1]])}\u0026#39; ncn-personalization.json \\ /tmp/sat-layer.json \u0026gt; ncn-personalization.new.json For instructions on how to create a CFS configuration from the previous file and how to apply it to the management NCNs, refer to \u0026ldquo;Perform NCN Personalization\u0026rdquo; in the HPE Cray System Management Documentation. After the CFS configuration has been created and applied, return to this procedure.\nUpgrade only: Invoke each CFS configuration that was updated during the upgrade.\nIf the SAT install script, install.sh, identified CFS configurations that apply to the master management NCNs and modified them in place, invoke each CFS configuration that was created or updated during installation.\nThis step will create a CFS session for each given configuration and install SAT on the associated manager NCNs.\nThe --configuration-limit option limits the configuration session to run only the SAT layer of the configuration.\nYou should see a representation of the CFS session in the output.\nncn-m001# for cfs_configuration in $(cat /tmp/sat-ncn-cfs-configurations.txt); do cray cfs sessions create --name \u0026#34;sat-session-${cfs_configuration}\u0026#34; --configuration-name \\ \u0026#34;${cfs_configuration}\u0026#34; --configuration-limit $(cat /tmp/sat-layer-name.txt); done name=\u0026#34;sat-session-ncn-personalization\u0026#34; [ansible] ... Upgrade only: Monitor the progress of each CFS session.\nThis step assumes a single session named sat-session-ncn-personalization was created in the previous step.\nFirst, list all containers associated with the CFS session:\nncn-m001# kubectl get pod -n services --selector=cfsession=sat-session-ncn-personalization \\ -o json | jq \u0026#39;.items[0].spec.containers[] | .name\u0026#39; \u0026#34;inventory\u0026#34; \u0026#34;ansible-1\u0026#34; \u0026#34;istio-proxy\u0026#34; Next, get the logs for the ansible-1 container.\nNOTE: the trailing digit might differ from \u0026ldquo;1\u0026rdquo;. It is the zero-based index of the sat-ncn layer within the configuration\u0026rsquo;s layers.\nncn-m001# kubectl logs -c ansible-1 --tail 100 -f -n services \\ --selector=cfsession=sat-session-ncn-personalization Ansible plays, which are run by the CFS session, will install SAT on all the manager NCNs on the system. Successful results for all of the manager NCN xnames can be found at the end of the container log. For example:\n... PLAY RECAP ********************************************************************* x3000c0s1b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 x3000c0s3b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 x3000c0s5b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Execute this step for each unique CFS configuration.\nNOTE: Ensure that the PLAY RECAPs for each session show successes for all manager NCNs before proceeding.\nVerify that SAT was successfully configured.\nIf sat is configured, the --version command will indicate which version is installed. If sat is not properly configured, the command will fail.\nNOTE: This version number will differ from the version number of the SAT release distribution. This is the semantic version of the sat Python package, which is different from the version number of the overall SAT release distribution.\nncn-m001# sat --version sat 3.7.0 NOTE: Upon first running sat, you may see additional output while the sat container image is downloaded. This will occur the first time sat is run on each manager NCN. For example, if you run sat for the first time on ncn-m001 and then for the first time on ncn-m002, you will see this additional output both times.\nTrying to pull registry.local/cray/cray-sat:3.7.0-20210514024359_9fed037... Getting image source signatures Copying blob da64e8df3afc done Copying blob 0f36fd81d583 done Copying blob 12527cf455ba done ... sat 3.7.0 Stop the typescript.\nncn-m001# exit SAT version 2.2.x is now configured:\nThe SAT RPM package is installed on the associated NCNs. Next Steps If other HPE Cray EX software products are being installed or upgraded in conjunction with SAT, refer to the HPE Cray EX System Software Getting Started Guide to determine which step to execute next.\nIf no other HPE Cray EX software products are being installed or upgraded at this time, proceed to the remaining SAT Setup or SAT Post-Upgrade procedures.\nIf performing a fresh install, execute the SAT Setup procedures:\nSAT Authentication Generate SAT S3 Credentials Run Sat Setrev to Set System Information If performing an upgrade, execute the SAT Post-Upgrade procedures:\nRemove obsolete configuration file sections SAT Logging SAT Authentication Initially, as part of the installation and configuration, SAT authentication is set up so sat commands can be used in later steps of the install process. The admin account used to authenticate with sat auth must be enabled in Keycloak and must have its assigned role set to admin. For instructions on editing Role Mappings see Create Internal User Accounts in the Keycloak Shasta Realm in the CSM product documentation. For additional information on SAT authentication, see System Security and Authentication in the CSM documentation.\nNOTE: This procedure is only required after initially installing SAT. It is not required after upgrading SAT.\nDescription of SAT Command Authentication Types Some SAT subcommands make requests to the Shasta services through the API gateway and thus require authentication to the API gateway in order to function. Other SAT subcommands use the Kubernetes API. Some sat commands require S3 to be configured (see: Generate SAT S3 Credentials). In order to use the SAT S3 bucket, the System Administrator must generate the S3 access key and secret keys and write them to a local file. This must be done on every Kubernetes manager node where SAT commands are run.\nBelow is a table describing SAT commands and the types of authentication they require.\nSAT Subcommand Authentication/Credentials Required Man Page Description sat auth Responsible for authenticating to the API gateway and storing a token. sat-auth Authenticate to the API gateway and save the token. sat bmccreds Requires authentication to the API gateway. sat-bmccreds Set BMC passwords. sat bootprep Requires authentication to the API gateway. Requires kubernetes configuration and authentication, which is done on ncn-m001 during the install. sat-bootprep Prepare to boot nodes with images and configurations. sat bootsys Requires authentication to the API gateway. Requires kubernetes configuration and authentication, which is configured on ncn-m001 during the install. Some stages require passwordless SSH to be configured to all other NCNs. Requires S3 to be configured for some stages. sat-bootsys Boot or shutdown the system, including compute nodes, application nodes, and non-compute nodes (NCNs) running the management software. sat diag Requires authentication to the API gateway. sat-diag Launch diagnostics on the HSN switches and generate a report. sat firmware Requires authentication to the API gateway. sat-firmware Report firmware version. sat hwhist Requires authentication to the API gateway. sat-hwhist Report hardware component history. sat hwinv Requires authentication to the API gateway. sat-hwinv Give a listing of the hardware of the HPE Cray EX system. sat hwmatch Requires authentication to the API gateway. sat-hwmatch Report hardware mismatches. sat init None sat-init Create a default SAT configuration file. sat k8s Requires kubernetes configuration and authentication, which is automatically configured on ncn-w001 during the install. sat-k8s Report on kubernetes replicasets that have co-located replicas (i.e. replicas on the same node). sat linkhealth This command has been deprecated. sat nid2xname Requires authentication to the API gateway. sat-nid2xname Translate node IDs to node xnames. sat sensors Requires authentication to the API gateway. sat-sensors Report current sensor data. sat setrev Requires S3 to be configured for site information such as system name, serial number, install date, and site name. sat-setrev Set HPE Cray EX system revision information. sat showrev Requires API gateway authentication in order to query the Interconnect from HSM. Requires S3 to be configured for site information such as system name, serial number, install date, and site name. sat-showrev Print revision information for the HPE Cray EX system. sat slscheck Requires authentication to the API gateway. sat-slscheck Perform a cross-check between SLS and HSM. sat status Requires authentication to the API gateway. sat-status Report node status across the HPE Cray EX system. sat swap Requires authentication to the API gateway. sat-swap Prepare HSN switch or cable for replacement and bring HSN switch or cable into service. sat xname2nid Requires authentication to the API gateway. sat-xname2nid Translate node and node BMC xnames to node IDs. sat switch This command has been deprecated. It has been replaced by sat swap. In order to authenticate to the API gateway, you must run the sat auth command. This command will prompt for a password on the command line. The username value is obtained from the following locations, in order of higher precedence to lower precedence:\nThe --username global command-line option. The username option in the api_gateway section of the config file at ~/.config/sat/sat.toml. The name of currently logged in user running the sat command. If credentials are entered correctly when prompted by sat auth, a token file will be obtained and saved to ~/.config/sat/tokens. Subsequent sat commands will determine the username the same way as sat auth described above, and will use the token for that username if it has been obtained and saved by sat auth.\nPrerequisites The sat CLI has been installed following Install The System Admin Toolkit Product Stream. Procedure The following is the procedure to globally configure the username used by SAT and authenticate to the API gateway:\nGenerate a default SAT configuration file, if one does not exist.\nncn-m001# sat init Configuration file \u0026#34;/root/.config/sat/sat.toml\u0026#34; generated. Note: If the config file already exists, it will print out an error:\nERROR: Configuration file \u0026#34;/root/.config/sat/sat.toml\u0026#34; already exists. Not generating configuration file. Edit ~/.config/sat/sat.toml and set the username option in the api_gateway section of the config file. E.g.:\nusername = \u0026#34;crayadmin\u0026#34; Run sat auth. Enter your password when prompted. E.g.:\nncn-m001# sat auth Password for crayadmin: Succeeded! Other sat commands are now authenticated to make requests to the API gateway. E.g.:\nncn-m001# sat status Generate SAT S3 Credentials Generate S3 credentials and write them to a local file so the SAT user can access S3 storage. In order to use the SAT S3 bucket, the System Administrator must generate the S3 access key and secret keys and write them to a local file. This must be done on every Kubernetes master node where SAT commands are run.\nSAT uses S3 storage for several purposes, most importantly to store the site-specific information set with sat setrev (see: Run Sat Setrev to Set System Information).\nNOTE: This procedure is only required after initially installing SAT. It is not required after upgrading SAT.\nPrerequisites The SAT CLI has been installed following Install The System Admin Toolkit Product Stream The SAT configuration file has been created (See SAT Authentication). CSM has been installed and verified. Procedure Ensure the files are readable only by root.\nncn-m001# touch /root/.config/sat/s3_access_key \\ /root/.config/sat/s3_secret_key ncn-m001# chmod 600 /root/.config/sat/s3_access_key \\ /root/.config/sat/s3_secret_key Write the credentials to local files using kubectl.\nncn-m001# kubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.access_key}\u0026#39; | base64 -d \u0026gt; \\ /root/.config/sat/s3_access_key ncn-m001# kubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.secret_key}\u0026#39; | base64 -d \u0026gt; \\ /root/.config/sat/s3_secret_key Verify the S3 endpoint specified in the SAT configuration file is correct.\nGet the SAT configuration file\u0026rsquo;s endpoint value.\nNOTE: If the command\u0026rsquo;s output is commented out, indicated by an initial # character, the SAT configuration will take the default value – \u0026quot;https://rgw-vip.nmn\u0026quot;.\nncn-m001# grep endpoint ~/.config/sat/sat.toml # endpoint = \u0026#34;https://rgw-vip.nmn\u0026#34; Get the sat-s3-credentials secret\u0026rsquo;s endpoint value.\nncn-m001# kubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.s3_endpoint}\u0026#39; | base64 -d | xargs https://rgw-vip.nmn Compare the two endpoint values.\nIf the values differ, change the SAT configuration file\u0026rsquo;s endpoint value to match the secret\u0026rsquo;s.\nCopy SAT configurations to each manager node on the system.\nncn-m001# for i in ncn-m002 ncn-m003; do echo $i; ssh ${i} \\ mkdir -p /root/.config/sat; \\ scp -pr /root/.config/sat ${i}:/root/.config; done NOTE: Depending on how many manager nodes are on the system, the list of manager nodes may be different. This example assumes three manager nodes, where the configuration files must be copied from ncn-m001 to ncn-m002 and ncn-m003. Therefore, the list of hosts above is ncn-m002 and ncn-m003.\nRun sat setrev to Set System Information NOTE: This procedure is only required after initially installing SAT. It is not required after upgrading SAT.\nPrerequisites S3 credentials have been generated. See Generate SAT S3 Credentials. SAT authentication has been set up. See SAT Authentication. Procedure Run sat setrev to set System Revision Information. Follow the on-screen prompts to set the following site-specific values:\nSerial number System name System type System description Product number Company name Site name Country code System install date TIP: For \u0026ldquo;System type\u0026rdquo;, a system with any liquid-cooled components should be considered a liquid-cooled system. I.e., \u0026ldquo;System type\u0026rdquo; is EX-1C.\nncn-m001# sat setrev -------------------------------------------------------------------------------- Setting: Serial number Purpose: System identification. This will affect how snapshots are identified in the HPE backend services. Description: This is the top-level serial number which uniquely identifies the system. It can be requested from an HPE representative. Valid values: Alpha-numeric string, 4 - 20 characters. Type: \u0026lt;class \u0026#39;str\u0026#39;\u0026gt; Default: None Current value: None -------------------------------------------------------------------------------- Please do one of the following to set the value of the above setting: - Input a new value - Press CTRL-C to exit ... Run sat showrev to verify System Revision Information. The following tables contain example information.\nncn-m001# sat showrev ################################################################################ System Revision Information ################################################################################ +---------------------+---------------+ | component | data | +---------------------+---------------+ | Company name | HPE | | Country code | US | | Interconnect | Sling | | Product number | R4K98A | | Serial number | 12345 | | Site name | HPE | | Slurm version | slurm 20.02.5 | | System description | Test System | | System install date | 2021-01-29 | | System name | eniac | | System type | EX-1C | +---------------------+---------------+ ################################################################################ Product Revision Information ################################################################################ +--------------+-----------------+------------------------------+------------------------------+ | product_name | product_version | images | image_recipes | +--------------+-----------------+------------------------------+------------------------------+ | csm | 0.8.14 | cray-shasta-csm-sles15sp1... | cray-shasta-csm-sles15sp1... | | sat | 2.0.1 | - | - | | sdu | 1.0.8 | - | - | | slingshot | 0.8.0 | - | - | | sma | 1.4.12 | - | - | +--------------+-----------------+------------------------------+------------------------------+ ################################################################################ Local Host Operating System ################################################################################ +-----------+----------------------+ | component | version | +-----------+----------------------+ | Kernel | 5.3.18-24.15-default | | SLES | SLES 15-SP2 | +-----------+----------------------+ Remove obsolete configuration file sections Prerequisites The Install the System Admin Toolkit Product Stream procedure has been successfully completed. The Perform NCN Personalization procedure has been successfully completed. Procedure After upgrading SAT, if using the configuration file from a previous version, there may be configuration file sections no longer used in the new version. For example, when upgrading from Shasta 1.4 to Shasta 1.5, the [redfish] configuration file section is no longer used. In that case, the following warning may appear upon running sat commands.\nWARNING: Ignoring unknown section \u0026#39;redfish\u0026#39; in config file. Remove the [redfish] section from /root/.config/sat/sat.toml to resolve the warning.\n[redfish] username = \u0026#34;admin\u0026#34; password = \u0026#34;adminpass\u0026#34; Repeat this process for any configuration file sections for which there are \u0026ldquo;unknown section\u0026rdquo; warnings.\nSAT Logging As of SAT version 2.2, some command output that was previously printed to stdout is now logged to stderr. These messages are logged at the INFO level. The default logging threshold was changed from WARNING to INFO to accomodate this logging change. Additionally, some messages previously logged at the INFO are now logged at the DEBUG level.\nThese changes take effect automatically. However, if the default output threshold has been manually set in ~/.config/sat/sat.toml, it should be changed to ensure that important output is shown in the terminal.\nUpdate Configuration In the following example, the stderr log level, logging.stderr_level, is set to WARNING, which will exclude INFO-level logging from terminal output.\nncn-m001:~ # grep -A 3 logging ~/.config/sat/sat.toml [logging] ... stderr_level = \u0026#34;WARNING\u0026#34; To enable the new default behavior, comment this line out, delete it, or set the value to \u0026ldquo;INFO\u0026rdquo;.\nIf logging.stderr_level is commented out, its value will not affect logging behavior. However, it may be helpful set its value to INFO as a reminder of the new default behavior.\nAffected Commands The following commands trigger messages that have been changed from stdout print calls to INFO-level (or WARNING- or ERROR-level) log messages:\nsat bootsys --stage shutdown --stage session-checks sat sensors The following commands trigger messages that have been changed from INFO-level log messages to DEBUG-level log messages:\nsat nid2xname sat xname2nid sat swap Uninstall: Removing a Version of SAT Prerequisites Only versions 2.2 or newer of SAT can be uninstalled with prodmgr. CSM version 1.2 or newer must be installed, so that the prodmgr command is available. Procedure Use sat showrev to list versions of SAT.\nNOTE: It is not recommended to uninstall a version designated as \u0026ldquo;active\u0026rdquo;. If the active version is uninstalled, then the activate procedure must be executed on a remaining version.\nncn-m001# sat showrev --products --filter product_name=sat ############################################################################### Product Revision Information ############################################################################### +--------------+-----------------+--------+-------------------+-----------------------+ | product_name | product_version | active | images | image_recipes | +--------------+-----------------+--------+-------------------+-----------------------+ | sat | 2.3.3 | True | - | - | | sat | 2.2.10 | False | - | - | +--------------+-----------------+--------+-------------------+-----------------------+ Use prodmgr to uninstall a version of SAT.\nThis command will do three things:\nRemove all hosted-type package repositories associated with the given version of SAT. Group-type repositories are not removed. Remove all container images associated with the given version of SAT. Remove SAT from the cray-product-catalog Kubernetes ConfigMap, so that it will no longer show up in the output of sat showrev. ncn-m001# prodmgr uninstall sat 2.2.10 Repository sat-2.2.10-sle-15sp2 has been removed. Removed Docker image cray/cray-sat:3.9.0 Removed Docker image cray/sat-cfs-install:1.0.2 Removed Docker image cray/sat-install-utility:1.4.0 Deleted sat-2.2.10 from product catalog. Activate: Switching Between Versions This procedure can be used to downgrade the active version of SAT.\nPrerequisites Only versions 2.2 or newer of SAT can be activated. Older versions must be activated manually. CSM version 1.2 or newer must be installed, so that the prodmgr command is available. Procedure Use sat showrev to list versions of SAT.\nncn-m001# sat showrev --products --filter product_name=sat ############################################################################### Product Revision Information ############################################################################### +--------------+-----------------+--------+--------------------+-----------------------+ | product_name | product_version | active | images | image_recipes | +--------------+-----------------+--------+--------------------+-----------------------+ | sat | 2.3.3 | True | - | - | | sat | 2.2.10 | False | - | - | +--------------+-----------------+--------+--------------------+-----------------------+ Use prodmgr to activate a different version of SAT.\nThis command will do three things:\nFor all hosted-type package repositories associated with this version of SAT, set them as the sole member of their corresponding group-type repository. For example, activating SAT version 2.2.10 sets the repository sat-2.2.10-sle-15sp2 as the only member of the sat-sle-15sp2 group. Set the version 2.2.10 as active within the product catalog, so that it appears active in the output of sat showrev. Ensure that the SAT CFS configuration content exists as a layer in all CFS configurations that are associated with NCNs with the role \u0026ldquo;Management\u0026rdquo; and subrole \u0026ldquo;Master\u0026rdquo; (for example, the CFS configuration ncn-personalization). Specifically, it will ensure that the layer refers to the version of SAT CFS configuration content associated with the version of SAT being activated. ncn-m001# prodmgr activate sat 2.2.10 Repository sat-2.2.10-sle-15sp2 is now the default in sat-sle-15sp2. Set sat-2.2.10 as active in product catalog. Updated CFS configurations: [ncn-personalization] Verify that the chosen version is marked as active.\nncn-m001# sat showrev --products --filter product_name=sat ############################################################################### Product Revision Information ############################################################################### +--------------+-----------------+--------+--------------------+-----------------------+ | product_name | product_version | active | images | image_recipes | +--------------+-----------------+--------+--------------------+-----------------------+ | sat | 2.3.3 | False | - | - | | sat | 2.2.10 | True | - | - | +--------------+-----------------+--------+--------------------+-----------------------+ Run NCN Personalization.\nAt this point, the command has modified Nexus package repositories to set a particular package repository as active, but no packages on the NCNs have been changed. In order to complete the activation process, NCN Personalization must be executed to change the cray-sat-podman package version on the manager NCNs.\nNOTE: Refer to the command output from step 2 for the names of all CFS configurations that were updated, which may not necessarily be just ncn-personalization. If multiple configurations were updated in step 2, then a cray cfs sessions create command should be run for each of them. This example assumes a single configuration named ncn-personalization was updated. If multiple were updated, set cfs_configurations to a space-separated list below.\nncn-m001# cfs_configurations=\u0026#34;ncn-personalization\u0026#34; ncn-m001# for cfs_configuration in ${cfs_configurations} do cray cfs sessions create --name \u0026#34;sat-session-${cfs_configuration}\u0026#34; --configuration-name \\ \u0026#34;${cfs_configuration}\u0026#34; --configuration-limit sat-ncn; done Monitor the progress of each CFS session.\nThis step assumes a single session named sat-session-ncn-personalization was created in the previous step.\nFirst, list all containers associated with the CFS session:\nncn-m001# kubectl get pod -n services --selector=cfsession=sat-session-ncn-personalization \\ -o json | jq \u0026#39;.items[0].spec.containers[] | .name\u0026#39; \u0026#34;inventory\u0026#34; \u0026#34;ansible-1\u0026#34; \u0026#34;istio-proxy\u0026#34; Next, get the logs for the ansible-1 container.\nNOTE: the trailing digit might differ from \u0026ldquo;1\u0026rdquo;. It is the zero-based index of the sat-ncn layer within the configuration\u0026rsquo;s layers.\nncn-m001# kubectl logs -c ansible-1 --tail 100 -f -n services \\ --selector=cfsession=sat-session-ncn-personalization Ansible plays, which are run by the CFS session, will install SAT on all the manager NCNs on the system. Successful results for all of the manager NCN xnames can be found at the end of the container log. For example:\n... PLAY RECAP ********************************************************************* x3000c0s1b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 x3000c0s3b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 x3000c0s5b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Execute this step for each unique CFS configuration.\nNOTE: Ensure that the PLAY RECAPs for each session show successes for all manager NCNs before proceeding.\nVerify the new version of the SAT CLI.\nNOTE: This version number will differ from the version number of the SAT release distribution. This is the semantic version of the SAT Python package, which is different from the version number of the overall SAT release distribution.\nncn-m001# sat --version 3.9.0 " +}, +{ + "uri": "/docs-sat/en-23/introduction/", + "title": "Introduction to SAT", + "tags": [], + "description": "", + "content": "Introduction to SAT About System Admin Toolkit (SAT) The System Admin Toolkit (SAT) is designed to assist administrators with common tasks, such as troubleshooting and querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components.\nSAT offers a command line utility which uses subcommands. There are similarities between SAT commands and xt commands used on the Cray XC platform. For more information on SAT commands, see System Admin Toolkit Command Overview.\nSix Kibana Dashboards are included with SAT. They provide organized output for system health information.\nAER Kibana Dashboard ATOM Kibana Dashboard Heartbeat Kibana Dashboard Kernel Kibana Dashboard MCE Kibana Dashboard Rasdaemon Kibana Dashboard Four Grafana Dashboards are included with SAT. They display messages that are generated by the HSN (High Speed Network) and are reported through Redfish.\nGrafana Fabric Congestion Dashboard Grafana Fabric Errors Dashboard Grafana Fabric Port State Dashboard Grafana Fabric RFC3635 Dashboard SAT is installed as a separate product as part of the HPE Cray EX System base installation.\nSystem Admin Toolkit Command Overview Describes the SAT Command Line Utility, lists the key commands found in the System Admin Toolkit man pages, and provides instruction on the SAT Container Environment.\nSAT Command Line Utility The primary component of the System Admin Toolkit (SAT) is a command-line utility run from Kubernetes manager nodes (ncn-m nodes).\nIt is designed to assist administrators with common tasks, such as troubleshooting and querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components. There are similarities between SAT commands and xt commands used on the Cray XC platform.\nSAT Commands The top-level SAT man page describes the toolkit, documents the global options affecting all subcommands, documents configuration file options, and references the man page for each subcommand. SAT consists of many subcommands that each have their own set of options.\nSAT Container Environment The sat command-line utility runs in a container using podman, a daemonless container runtime. SAT runs on Kubernetes manager nodes. A few important points about the SAT container environment include the following:\nUsing either sat or sat bash always launches a container. The SAT container does not have access to the NCN file system. There are two ways to run sat.\nInteractive: Launching a container using sat bash, followed by a sat command. Non-interactive: Running a sat command directly on a Kubernetes manager node. In both of these cases, a container is launched in the background to execute the command. The first option, running sat bash first, gives an interactive shell, at which point sat commands can be run. In the second option, the container is launched, executes the command, and upon the command\u0026rsquo;s completion the container exits. The following two examples show the same action, checking the system status, using interactive and non-interactive modes.\nInteractive ncn-m001# sat bash (CONTAINER-ID)sat-container# sat status Non-interactive ncn-m001# sat status Interactive Advantages Running sat using the interactive command prompt gives the ability to read and write local files on ephemeral container storage. If multiple sat commands are being run in succession, then use sat bash to launch the container beforehand. This will save time because the container does not need to be launched for each sat command.\nNon-interactive Advantages The non-interactive mode is useful if calling sat with a script, or when running a single sat command as a part of several steps that need to be executed from a management NCN.\nMan Pages - Interactive and Non-interactive Modes To view a sat man page from a Kubernetes manager node, use sat-man on the manager node as shown in the following example.\nncn-m001# sat-man status A man page describing the SAT container environment is available on the Kubernetes manager nodes, which can be viewed either with man sat or man sat-podman from the manager node.\nncn-m001# man sat ncn-m001# man sat-podman Command Prompt Conventions in SAT The host name in a command prompt indicates where the command must be run. The account that must run the command is also indicated in the prompt.\nThe root or super-user account always has the # character at the end of the prompt and has the host name of the host in the prompt. Any non-root account is indicated with account@hostname\u0026gt;. A user account that is neither root nor crayadm is referred to as user. The command prompt inside the SAT container environment is indicated with the string as follows. It also has the \u0026ldquo;#\u0026rdquo; character at the end of the prompt. Command Prompt Meaning ncn-m001# Run on one of the Kubernetes Manager servers. (Non-interactive) (CONTAINER_ID) sat-container# Run the command inside the SAT container environment by first running sat bash. (Interactive) Examples of the sat status command used by an administrator:\nncn-m001# sat status ncn-m001# sat bash (CONTAINER_ID) sat-container# sat status SAT Dependencies Most sat subcommands depend on services or components from other products in the HPE Cray EX (Shasta) software stack. The following list shows these dependencies for each subcommand. Each service or component is listed under the product it belongs to.\nsat auth CSM Keycloak sat bmccreds CSM System Configuration Service (SCSD) sat bootprep CSM Boot Orchestration Service (BOS) Configuration Framework Service (CFS) Image Management Service (IMS) Version Control Service (VCS) Kubernetes S3 sat bootsys CSM Boot Orchestration Service (BOS) Cray Advanced Platform Monitoring and Control (CAPMC) Ceph Compute Rolling Upgrade Service (CRUS) Etcd Firmware Action Service (FAS) Hardware State Manager (HSM) Kubernetes S3 COS Node Memory Dump (NMD) sat diag CSM Hardware State Manager (HSM) CSM-Diag Fox sat firmware CSM Firmware Action Service (FAS) sat hwhist CSM Hardware State Manager (HSM) sat hwinv CSM Hardware State Manager (HSM) sat hwmatch CSM Hardware State Manager (HSM) sat init None\nsat k8s CSM Kubernetes sat nid2xname CSM Hardware State Manager (HSM) sat sensors CSM Hardware State Manager (HSM) HM Collector SMA Telemetry API sat setrev CSM S3 sat showrev CSM Hardware State Manager (HSM) Kubernetes S3 sat slscheck CSM Hardware State Manager (HSM) Kubernetes S3 sat status CSM Hardware State Manager (HSM) sat swap Slingshot Fabric Manager sat switch Deprecated: See sat swap\nsat xname2nid CSM Hardware State Manager (HSM) " +}, +{ + "uri": "/docs-sat/en-23/dashboards/sat_grafana_dashboards/", + "title": "SAT Grafana Dashboards", + "tags": [], + "description": "", + "content": "SAT Grafana Dashboards The SAT Grafana Dashboards display messages that are generated by the HSN (High Speed Network) and reported through Redfish. The messages are displayed based on severity.\nGrafana can be accessed via web browser at the following URL:\nhttps://sma-grafana.cmn.\u0026lt;site-domain\u0026gt; The value of site-domain can be obtained as follows:\nncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath=\u0026#39;{.data.customizations\\.yaml}\u0026#39; | \\ base64 -d | grep \u0026#34;external:\u0026#34; That command will produce the following output, for example:\nexternal: EXAMPLE_DOMAIN.com This would result in the address for Grafana being https://sma-grafana.cmn.EXAMPLE_DOMAIN.com\nFor additional details about how to access the Grafana Dashboards refer to Access the Grafana Monitoring UI in the SMA product documentation.\nFor more information about the interpretation of metrics for the SAT Grafana Dashboards refer to Fabric Telemetry Kafka Topics in the SMA product documentation.\nNavigate SAT Grafana Dashboards There are four Fabric Telemetry dashboards used in SAT that report on the HSN. Two contain chart panels and two display telemetry in a tabular format.\nDashboard Name Display Type Fabric Congestion Chart Panels Fabric RFC3635 Chart Panels Fabric Errors Tabular Format Fabric Port State Tabular Format The tabular format presents a single point of telemetry for a given location and metric, either because the telemetry is not numerical or that it changes infrequently. The value shown is the most recently reported value for that location during the time range selected, if any. The interval setting is not used for tabular dashboards.\nSAT Grafana Interval and Locations Options Shows the Interval and Locations Options for the available telemetry.\nThe value of the Interval option sets the time resolution of the received telemetry. This works a bit like a histogram, with the available telemetry in an interval of time going into a \u0026ldquo;bucket\u0026rdquo; and averaging out to a single point on the chart or table. The special value auto will choose an interval based on the time range selected.\nFor additional information, refer to Grafana Templates and Variables.\nThe Locations option allows restriction of the telemetry shown by locations, either individual links or all links in a switch. The selection presented updates dynamically according to time range, except for the errors dashboard, which always has entries for all links and switches, although the errors shown are restricted to the selected time range.\nThe chart panels for the RFC3635 and Congestion dashboards allow selection of a single location from the chart\u0026rsquo;s legend or the trace on the chart.\nGrafana Fabric Congestion Dashboard SAT Grafana Dashboards provide system administrators a way to view fabric telemetry data across all Rosetta switches in the system and assess the past and present health of the high-speed network. It also allows the ability to drill down to view data for specific ports on specific switches.\nThis dashboard contains the variable, Port Type not found in the other dashboards. The possible values are edge, local, and global and correspond to the link\u0026rsquo;s relationship to the network topology. The locations presented in the panels are restricted to the values (any combination, defaults to \u0026ldquo;all\u0026rdquo;) selected.\nThe metric values for links of a given port type are similar in value to each other but very distinct from the values of other types. If the values for different port types are all plotted together, the values for links with lower values are indistinguishable from zero when plotted.\nThe port type of a link is reported as a port state \u0026ldquo;subtype\u0026rdquo; event when defined at port initialization.\nGrafana Fabric Errors Dashboard This dashboard reports error counters in a tabular format in three panels.\nThere is no Interval option because this parameter is not used to set a coarseness of the data. Only a single value is presented that displays the most recent value in the time range.\nUnlike other dashboards, the locations presented are all locations in the system rather than having telemetry within the time range selected. However, the values are taken from telemetry within the time range.\nGrafana Fabric Port State Dashboard There is no Interval option because this parameter is not used to set a coarseness of the data. Only a single value is presented that displays the most recent value in the time range.\nThe Fabric Port State telemetry is distinct because it typically is not numeric. It also updates infrequently, so a long time range may be necessary to obtain any values. Port State is refreshed daily, so a time range of 24 hours results in all states for all links in the system being shown.\nThe three columns named, group, switch, and port are not port state events, but extra information included with all port state events.\nGrafana Fabric RFC3635 Dashboard For additional information on performance counters, refer to Definitions of Managed Objects for the Ethernet-like Interface Types, an Internet standards document.\nBecause these metrics are counters that only increase over time, the values plotted are the change in the counter\u0026rsquo;s value over the interval setting.\n" +}, +{ + "uri": "/docs-sat/en-23/dashboards/sat_kibana_dashboards/", + "title": "SAT Kibana Dashboards", + "tags": [], + "description": "", + "content": "SAT Kibana Dashboards Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored in Elasticsearch indices. Kibana runs as a web service and has a browser-based interface. It offers visual output of node data in the forms of charts, tables and maps that display real-time Elasticsearch queries. Viewing system data in this way breaks down the complexity of large data volumes into easily understood information.\nKibana can be accessed via web browser at the following URL:\nhttps://sma-kibana.cmn.\u0026lt;site-domain\u0026gt; The value of site-domain can be obtained as follows:\nncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath=\u0026#39;{.data.customizations\\.yaml}\u0026#39; | \\ base64 -d | grep \u0026#34;external:\u0026#34; That command will produce the following output, for example:\nexternal: EXAMPLE_DOMAIN.com This would result in the address for Kibana being https://sma-kibana.cmn.EXAMPLE_DOMAIN.com\nFor additional details about how to access the Kibana Dashboards refer to View Logs Via Kibana in the SMA product documentation.\nAdditional details about the AER, ATOM, Heartbeat, Kernel, MCE, and Rasdaemon Kibana Dashboards are included in this table.\nDashboard Short Description Long Description Kibana Visualization and Search Name sat-aer AER corrected Corrected Advanced Error Reporting messages from PCI Express devices on each node. Visualization: aer-corrected Search: sat-aer-corrected sat-aer AER fatal Fatal Advanced Error Reporting messages from PCI Express devices on each node. Visualization: aer-fatal Search: sat-aer-fatal sat-atom ATOM failures Application Task Orchestration and Management tests are run on a node when a job finishes. Test failures are logged. sat-atom-failed sat-atom ATOM admindown Application Task Orchestration and Management test failures can result in nodes being marked admindown. An admindown node is not available for job launch. sat-atom-admindown sat-heartbeat Heartbeat loss events Heartbeat loss event messages reported by the hbtd pods that monitor for heartbeats across nodes in the system. sat-heartbeat sat-kernel Kernel assertions The kernel software performs a failed assertion when some condition represents a serious fault. The node goes down. sat-kassertions sat-kernel Kernel panics The kernel panics when something is seriously wrong. The node goes down. sat-kernel-panic sat-kernel Lustre bugs (LBUGs) The Lustre software in the kernel stack performs a failed assertion when some condition related to file system logic represents a serious fault. The node goes down. sat-lbug sat-kernel CPU stalls CPU stalls are serous conditions that can reduce node performance, and sometimes cause a node to go down. Technically these are Read-Copy-Update stalls where software in the kernel stack holds onto memory for too long. Read-Copy-Update is a vital aspect of kernel performance and rather esoteric. sat-cpu-stall sat-kernel Out of memory An Out Of Memory (OOM) condition has occurred. The kernel must kill a process to continue. The kernel will select an expendable process when possible. If there is no expendable process the node usually goes down in some manner. Even if there are expendable processes the job is likely to be impacted. OOM conditions are best avoided. sat-oom sat-mce MCE Machine Check Exceptions (MCE) are errors detected at the processor level. sat-mce sat-rasdaemon rasdaemon errors Errors from the rasdaemon service on nodes. The rasdaemon service is the Reliability, Availability, and Serviceability Daemon, and it is intended to collect all hardware error events reported by the linux kernel, including PCI and MCE errors. This may include certain HSN errors in the future. sat-rasdaemon-error sat-rasdaemon rasdaemon messages All messages from the rasdaemon service on nodes. sat-rasdaemon Disable Search Highlighting in Kibana Dashboard By default, search highlighting is enabled. This procedure instructs how to disable search highlighting.\nThe Kibana Dashboard should be open on your system.\nNavigate to Management\nNavigate to Advanced Settings in the Kibana section, below the Elastic search section\nScroll down to the Discover section\nChange Highlight results from on to off\nClick Save to save changes\nAER Kibana Dashboard The AER Dashboard displays errors that come from the PCI Express Advanced Error Reporting (AER) driver. These errors are split up into separate visualizations depending on whether they are fatal or corrected errors.\nView the AER Kibana Dashboard Go to the dashboard section.\nSelect sat-aer dashboard.\nChoose the time range of interest.\nView the Corrected and Fatal Advanced Error Reporting messages from PCI Express devices on each node. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\nATOM Kibana Dashboard The ATOM (Application Task Orchestration and Management) Dashboard displays node failures that occur during health checks and application test failures. Some test failures are of possible interest even though a node is not marked admindown or otherwise fails. They are of clear interest if a node is marked admindown, and might provide clues if a node otherwise fails. They might also show application problems.\nView the ATOM Kibana Dashboard HPE Cray EX is installed on the system along with the System Admin Toolkit, which contains the ATOM Kibana Dashboard.\nGo to the dashboard section.\nSelect sat-atom dashboard.\nChoose the time range of interest.\nView any nodes marked admindown and any ATOM test failures. These failures occur during health checks and application test failures. Test failures marked admindown are important to note. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\nHeartbeat Kibana Dashboard The Heartbeat Dashboard displays heartbeat loss messages that are logged by the hbtd pods in the system. The hbtd pods are responsible for monitoring nodes in the system for heartbeat loss.\nView the Heartbeat Kibana Dashboard Go to the dashboard section.\nSelect sat-heartbeat dashboard.\nChoose the time range of interest.\nView the heartbeat loss messages that are logged by the hbtd pods in the system. The hbtd pods are responsible for monitoring nodes in the system for heartbeat loss.View the matching log messages in the panel.\nKernel Kibana Dashboard The Kernel Dashboard displays compute node failures such as kernel assertions, kernel panics, and Lustre LBUG messages. The messages reveal if Lustre has experienced a fatal error on any compute nodes in the system. A CPU stall is a serious problem that might result in a node failure. Out-of-memory conditions can be due to applications or system problems and may require expert analysis. They provide useful clues for some node failures and may reveal if an application is using too much memory.\nView the Kernel Kibana Dashboard Go to the dashboard section.\nSelect sat-kernel dashboard.\nChoose the time range of interest.\nView the compute node failures such as kernel assertions, kernel panics, and Lustre LBUG messages. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\nMCE Kibana Dashboard The MCE Dashboard displays CPU detected processor-level hardware errors.\nView the MCE Kibana Dashboard Go to the dashboard section.\nSelect sat-mce dashboard.\nChoose the time range of interest.\nView the Machine Check Exceptions (MCEs) listed including the counts per NID (node). For an MCE, the CPU number and DIMM number can be found in the message, if applicable. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\nRasdaemon Kibana Dashboard The Rasdaemon Dashboard displays errors that come from the Reliability, Availability, and Serviceability (RAS) daemon service on nodes in the system. This service collects all hardware error events reported by the linux kernel, including PCI and MCE errors. As a result there may be some duplication between the messages presented here and the messages presented in the MCE and AER dashboards. This dashboard splits up the messages into two separate visualizations, one for only messages of severity \u0026ldquo;emerg\u0026rdquo; or \u0026ldquo;err\u0026rdquo; and another for all messages from rasdaemon.\nView the Rasdaemon Kibana Dashboard Go to the dashboard section.\nSelect sat-rasdaemon dashboard.\nChoose the time range of interest.\nView the errors that come from the Reliability, Availability, and Serviceability (RAS) daemon service on nodes in the system. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\n" +}, +{ + "uri": "/docs-sat/en-23/release_notes/", + "title": "SAT Release Notes", + "tags": [], + "description": "", + "content": "SAT Release Notes Summary of Changes in SAT 2.3 The 2.3.4 version of the SAT product includes:\nVersion 3.15.4 of the sat python package and CLI Version 1.6.11 of the sat-podman wrapper script Version 1.2.0 of the sat-cfs-install container image Version 2.0.0 of the sat-cfs-install Helm chart Version 1.5.0 of the sat-install-utility container image Version 2.0.3 of the cfs-config-util container image New sat Commands None.\nCurrent Working Directory in SAT Container When running sat commands, the current working directory is now mounted in the container as /sat/share, and the current working directory within the container is also /sat/share.\nFiles in the current working directory must be specified using relative paths to that directory, because the current working directory is always mounted on /sat/share. Absolute paths should be avoided, and paths that are outside of $HOME or $PWD are never accessible to the container environment.\nThe home directory is still mounted on the same path inside the container as it is on the host.\nChanges to sat bootsys The following options were added to sat bootsys.\n--bos-limit --recursive The --bos-limit option passes a given limit string to a BOS session. The --recursive option specifies a slot or other higher-level component in the limit string\nChanges to sat bootprep The --delete-ims-jobs option was added to sat bootprep run. It deletes IMS jobs after sat bootprep is run. Jobs are no longer deleted by default.\nChanges to sat status sat status now includes information about nodes\u0026rsquo; CFS configuration statuses, such as desired configuration, configuration status, and error count.\nThe output of sat status now splits different component types into different report tables.\nThe following options were added to sat status.\n--hsm-fields, --sls-fields, --cfs-fields --bos-template The --hsm-fields, --sls-fields, --cfs-fields options limit the output columns according to specified CSM services.\nThe --bos-template option filters the status report according to the specified session template\u0026rsquo;s boot sets.\nCompatibility with CSM 1.2 The following components were modified to be compatible with CSM 1.2.\nsat-cfs-install container image and Helm chart sat-install-utility container image SAT product installer GPG Checking The sat-ncn ansible role provided by sat-cfs-install was modified to enable GPG checks on packages while leaving GPG checks disabled on repository metadata.\nSecurity Updated urllib3 dependency to version 1.26.5 to mitigate CVE-2021-33503 and refreshed Python dependency versions.\nBug Fixes Minor bug fixes were made in each of the repositories. For full change lists, see each repository’s CHANGELOG.md file.\nThe known issues listed under the SAT 2.2 release were fixed.\nSummary of changes in SAT 2.2 SAT 2.2.16 was released on February 25th, 2022.\nThis version of the SAT product included:\nVersion 3.14.0 of the sat python package and CLI Version 1.6.4 of the sat-podman wrapper script Version 1.0.4 of the sat-cfs-install container image and Helm chart It also added the following new components:\nVersion 1.4.3 of the sat-install-utility container image Version 2.0.2 of the cfs-config-util container image The following sections detail the changes in this release.\nKnown issues in SAT 2.2 sat command unavailable in sat bash shell After launching a shell within the SAT container with sat bash, the sat command will not be found. For example:\n(CONTAINER-ID) sat-container:~ # sat status bash: sat: command not found This can be resolved temporarily in one of two ways. /sat/venv/bin/ may be prepended to the $PATH environment variable:\n(CONTAINER-ID) sat-container:~ # export PATH=/sat/venv/bin:$PATH (CONTAINER-ID) sat-container:~ # sat status Or, the file /sat/venv/bin/activate may be sourced:\n(CONTAINER-ID) sat-container:~ # source /sat/venv/bin/activate (CONTAINER-ID) sat-container:~ # sat status Tab completion unavailable in sat bash shell After launching a shell within the SAT container with sat bash, tab completion for sat commands does not work.\nThis can be resolved temporarily by sourcing the file /etc/bash_completion.d/sat-completion.bash:\nsource /etc/bash_completion.d/sat-completion.bash OCI runtime permission error when running sat in root directory sat commands will not work if the current directory is /. For example:\nncn-m001:/ # sat --help Error: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: open /dev/console: operation not permitted: OCI runtime permission denied error To resolve, run sat in another directory.\nDuplicate mount error when running sat in config directory sat commands will not work if the current directory is ~/.config/sat. For example:\nncn-m001:~/.config/sat # sat --help Error: /root/.config/sat: duplicate mount destination To resolve, run sat in another directory.\nNew sat commands sat bootprep automates the creation of CFS configurations, the build and customization of IMS images, and the creation of BOS session templates. See SAT Bootprep for details. sat slscheck performs a check for consistency between the System Layout Service (SLS) and the Hardware State Manager (HSM). sat bmccreds provides a simple interface for interacting with the System Configuration Service (SCSD) to set BMC Redfish credentials. sat hwhist displays hardware component history by xname (location) or by its Field-Replaceable Unit ID (FRUID). This command queries the Hardware State Manager (HSM) API to obtain this information. Since the sat hwhist command supports querying for the history of a component by its FRUID, the FRUID of components has been added to the output of sat hwinv. Additional Install Automation The following automation has been added to the install script, install.sh:\nWait for the completion of the sat-config-import Kubernetes job, which is started when the sat-cfs-install Helm chart is deployed. Automate the modification of the CFS configuration, which applies to master management NCNs (e.g. \u0026ldquo;ncn-personalization\u0026rdquo;). Changes to Product Catalog Data Schema The SAT product uploads additional information to the cray-product-catalog Kubernetes ConfigMap detailing the components it provides, including container (Docker) images, Helm charts, RPMs, and package repositories.\nThis information is used to support uninstall and activation of SAT product versions moving forward.\nSupport for Uninstall and Activation of SAT Versions Beginning with the 2.2 release, SAT now provides partial support for the uninstall and activation of the SAT product stream.\nSee Uninstall: Removing a Version of SAT and Activate: Switching Between Versions for details.\nImprovements to sat status A Subrole column has been added to the output of sat status. This allows you to easily differentiate between master, worker, and storage nodes in the management role, for example.\nHostname information from SLS has been added to sat status output.\nAdded Support for JSON Output Support for JSON-formatted output has been added to commands which currently support the --format option, such as hwinv, status, and showrev.\nUsability Improvements Many usability improvements have been made to multiple sat commands, mostly related to filtering command output. The following are some highlights:\nAdded --fields option to display only specific fields for subcommands which display tabular reports. Added ability to filter on exact matches of a field name. Improved handling of multiple matches of a field name in --filter queries so that the first match is used, similar to --sort-by. Added support for --filter, --fields, and --reverse for summaries displayed by sat hwinv. Added borders to summary tables generated by sat hwinv. Improved documentation in the man pages. Default Log Level Changed The default log level for stderr has been changed from \u0026ldquo;WARNING\u0026rdquo; to \u0026ldquo;INFO\u0026rdquo;. For details, see SAT Logging.\nMore Granular Log Level Configuration Options With the command-line options --loglevel-stderr and --loglevel-file, the log level can now be configured separately for stderr and the log file.\nThe existing --loglevel option is now an alias for the --loglevel-stderr option.\nPodman Wrapper Script Improvements The Podman wrapper script is the script installed at /usr/bin/sat on the master management NCNs by the cray-sat-podman RPM that runs the cray-sat container in podman. The following subsections detail improvements that were made to the wrapper script in this release.\nMounting of $HOME and Current Directories in cray-sat Container The Podman wrapper script that launches the cray-sat container with podman has been modified to mount the user\u0026rsquo;s current directory and home directory into the cray-sat container to provide access to local files in the container.\nPodman Wrapper Script Documentation Improvements The man page for the Podman wrapper script, which is accessed by typing man sat on a master management NCN, has been improved to document the following:\nEnvironment variables that affect execution of the wrapper script Host files and directories mounted in the container Fixes to Podman Wrapper Script Output Redirection Fixed issues with redirecting stdout and stderr, and piping output to commands, such as awk, less, and more.\nConfigurable HTTP Timeout A new sat option has been added to configure the HTTP timeout length for requests to the API gateway. See sat-man sat for details.\nsat bootsys Improvements Many improvements and fixes have been made to sat bootsys. The following are some highlights:\nAdded the --excluded-ncns option, which can be used to omit NCNs from the platform-services and ncn-power stages in case they are inaccessible. Disruptive shutdown stages in sat bootsys shutdown now prompt the user to continue before proceeding. A new option, --disruptive, will bypass this. Improvements to Ceph service health checks and restart during the platform-services stage of sat bootsys boot. sat xname2nid Improvements sat xname2nid can now recursively expand slot, chassis, and cabinet xnames to a list of nids in those locations.\nA new --format option has been added to sat xname2nid. It sets the output format to either \u0026ldquo;range\u0026rdquo; (the default) or \u0026ldquo;nid\u0026rdquo;. The \u0026ldquo;range\u0026rdquo; format displays nids in a compressed range format suitable for use with a workload manager like Slurm.\nUsage of v2 HSM API The commands which interact with HSM (e.g., sat status and sat hwinv) now use the v2 HSM API.\nsat diag Limited to HSN Switches sat diag will now only operate against HSN switches by default. These are the only controllers that support running diagnostics with HMJTD.\nsat showrev Enhancements A column has been added to the output of sat showrev that indicates whether a product version is \u0026ldquo;active\u0026rdquo;. The definition of \u0026ldquo;active\u0026rdquo; varies across products, and not all products may set an \u0026ldquo;active\u0026rdquo; version.\nFor SAT, the active version is the one with its hosted-type package repository in Nexus set as the member of the group-type package repository in Nexus, meaning that it will be used when installing the cray-sat-podman RPM.\ncray-sat Container Image Size Reduction The size of the cray-sat container image has been approximately cut in half by leveraging multi-stage builds. This also improved the repeatability of the unit tests by running them in the container.\nBug Fixes Minor bug fixes were made in cray-sat and in cray-sat-podman. For full change lists, see each repository\u0026rsquo;s CHANGELOG.md file.\nSummary of SAT changes in Shasta v1.5 We released version 2.1.16 of the SAT product in Shasta v1.5.\nThis version of the SAT product included:\nVersion 3.7.4 of the sat python package and CLI Version 1.4.10 of the sat-podman wrapper script It also added the following new component:\nVersion 1.0.3 of the sat-cfs-install docker image and helm chart The following sections detail the changes in this release.\nInstall Changes to Separate Product from CSM This release further decouples the installation of the SAT product from the CSM product. The cray-sat-podman RPM is no longer installed in the management non-compute node (NCN) image. Instead, the cray-sat-podman RPM is installed on all master management NCNs via an Ansible playbook which is referenced by a layer of the CFS configuration that applies to management NCNs. This CFS configuration is typically named \u0026ldquo;ncn-personalization\u0026rdquo;.\nThe SAT product now includes a Docker image and a Helm chart named sat-cfs-install. The SAT install script, install.sh, deploys the Helm chart with Loftsman. This helm chart deploys a Kubernetes job that imports the SAT Ansible content to a git repository in VCS (Gitea) named sat-config-management. This repository is referenced by the layer added to the NCN personalization CFS configuration.\nRemoval of Direct Redfish Access All commands which used to access Redfish directly have either been removed or modified to use higher-level service APIs. This includes the following commands:\nsat sensors sat diag sat linkhealth The sat sensors command has been rewritten to use the SMA telemetry API to obtain the latest sensor values. The command\u0026rsquo;s usage has changed slightly, but legacy options work as before, so it is backwards compatible. Additionally, new commands have been added.\nThe sat diag command has been rewritten to use a new service called Fox, which is delivered with the CSM-diags product. The sat diag command now launches diagnostics using the Fox service, which launches the corresponding diagnostic executables on controllers using the Hardware Management Job and Task Daemon (HMJTD) over Redfish. Essentially, Fox serves as a proxy for us to start diagnostics over Redfish.\nThe sat linkhealth command has been removed. Its functionality has been replaced by functionality from the Slingshot Topology Tool (STT) in the fabric manager pod.\nThe Redfish username and password command line options and config file options have been removed. For further instructions, see Remove Obsolete Configuration File Sections.\nAdditional Fields in sat setrev and sat showrev sat setrev now collects the following information from the admin, which is then displayed by sat showrev:\nSystem description Product number Company name Country code Additional guidance and validation has been added to each field collected by sat setrev. This sets the stage for sdu setup to stop collecting this information and instead collect it from sat showrev or its S3 bucket.\nImprovements to sat bootsys The platform-services stage of the sat bootsys boot command has been improved to start inactive Ceph services, unfreeze Ceph, and wait for Ceph health in the correct order. The ceph-check stage has been removed as it is no longer needed.\nThe platform-services stage of sat bootsys boot now prompts for confirmation of the storage NCN hostnames in addition to the Kubernetes masters and workers.\nBug Fixes and Security Fixes Improved error handling in sat firmware. Incremented version of Alpine Linux to 3.13.2 to address a security vulnerability. Other Notable Changes Ansible has been removed from the cray-sat container image. Support for the Firmware Update Service (FUS) has been removed from the sat firmware command. Summary of SAT Changes in Shasta v1.4.1 We released version 2.0.4 of the SAT product in Shasta v1.4.1.\nThis version of the SAT product included:\nVersion 3.5.0 of the sat python package and CLI. Version 1.4.3 of the sat-podman wrapper script. The following sections detail the changes in this release.\nNew Commands to Translate Between NIDs and XNames Two new commands were added to translate between NIDs and XNames:\nsat nid2xname sat xname2nid These commands perform this translation by making requests to the Hardware State Manager (HSM) API.\nBug Fixes Fixed a problem in sat swap where creating the offline port policy failed. Changed sat bootsys shutdown --stage bos-operations to no longer forcefully power off all compute nodes and application nodes using CAPMC when BOS sessions complete or time out. Fixed an issue with the command sat bootsys boot --stage cabinet-power. Summary of SAT Changes in Shasta v1.4 In Shasta v1.4, SAT became an independent product, which meant we began to designate a version number for the entire SAT product. We released version 2.0.3 of the SAT product in Shasta v1.4.\nThis version of the SAT product included the following components:\nVersion 3.4.0 of the sat python package and CLI It also added the following new component:\nVersion 1.4.2 of the sat-podman wrapper script The following sections detail the changes in this release.\nSAT as an Independent Product SAT is now packaged and released as an independent product. The product deliverable is called a \u0026ldquo;release distribution\u0026rdquo;. The release distribution is a gzipped tar file containing an install script. This install script loads the cray/cray-sat container image into the Docker registry in Nexus and loads the cray-sat-podman RPM into a package repository in Nexus.\nIn this release, the cray-sat-podman package is still installed in the master and worker NCN images provided by CSM. This is changed in SAT 2.1.16 released in Shasta v1.5.\nSAT Running in a Container Under Podman The sat command now runs in a container under Podman. The sat executable is now installed on all nodes in the Kubernetes management cluster (i.e., workers and masters). This executable is a wrapper script that starts a SAT container in Podman and invokes the sat Python CLI within that container. The admin can run individual sat commands directly on the master or worker NCNs as before, or they can run sat commands inside the SAT container after using sat bash to enter an interactive shell inside the SAT container.\nTo view man pages for sat commands, the user can run sat-man SAT_COMMAND, replacing SAT_COMMAND with the name of the sat command. Alternatively, the user can enter the sat container with sat bash and use the man command.\nNew sat init Command and Config File Location Change The default location of the SAT config file has been changed from /etc/sat.toml to ~/.config/sat/sat.toml. A new command, sat init, has been added that initializes a configuration file in the new default directory. This better supports individual users on the system who want their own config files.\n~/.config/sat is mounted into the container that runs under Podman, so changes are persistent across invocations of the sat container. If desired, an alternate configuration directory can be specified with the SAT_CONFIG_DIR environment variable.\nAdditionally, if a config file does not yet exist when a user runs a sat command, one is generated automatically.\nAdditional Types Added to sat hwinv Additional functionality has been added to sat hwinv including:\nList node enclosure power supplies with the --list-node-enclosure-power-supplies option. List node accelerators (e.g., GPUs) with the --list-node-accels option. The count of node accelerators is also included for each node. List node accelerator risers (e.g., Redstone modules) with the --list-node-accel-risers option. The count of node accelerator risers is also included for each node. List High-Speed Node Network Interface Cards (HSN NICs) with the --list-node-hsn-nics option. The count of HSN NICs is also included for each node. Documentation for these new options has been added to the man page for sat hwinv.\nSite Information Stored by sat setrev in S3 The sat setrev and sat showrev commands now use S3 to store and obtain site information, including system name, site name, serial number, install date, and system type. Since the information is stored in S3, it will now be consistent regardless of the node on which sat is executed.\nAs a result of this change, S3 credentials must be configured for SAT. For detailed instructions, see Generate SAT S3 Credentials.\nProduct Version Information Shown by sat showrev sat showrev now shows product information from the cray-product-catalog ConfigMap in Kubernetes.\nAdditional Changes to sat showrev The output from sat showrev has also been changed in the following ways:\nThe --docker and --packages options were considered misleading and have been removed. Information pertaining to only to the local host, where the command is run, has been moved to the output of the --local option. Removal of sat cablecheck The sat cablecheck command has been removed. To verify that the system\u0026rsquo;s Slingshot network is cabled correctly, admins should now use the show cables command in the Slingshot Topology Tool (STT).\nsat swap Command Compatibility with Next-gen Fabric Controller The sat swap command was added in Shasta v1.3.2. This command used the Fabric Controller API. Shasta v1.4 introduced a new Fabric Manager API and removed the Fabric Controller API, so this command has been rewritten to use the new backwards-incompatible API. Usage of the command did not change.\nsat bootsys Functionality Much of the functionality added to sat bootsys in Shasta v1.3.2 was broken by changes introduced in Shasta v1.4, which removed the Ansible inventory and playbooks.\nThe functionality in the platform-services stage of sat bootsys has been re-implemented to use python directly instead of Ansible. This resulted in a more robust procedure with better logging to the sat log file. Failures to stop containers on Kubernetes nodes are handled more gracefully, and more information about the containers that failed to stop, including how to debug the problem, is included.\nImprovements were made to console logging setup for non-compute nodes (NCNs) when they are shut down and booted.\nThe following improvements were made to the bos-operations stage of sat bootsys:\nMore information about the BOS sessions, BOA jobs, and BOA pods is printed. A command-line option, --bos-templates, and a corresponding config-file option, bos_templates, were added, and the --cle-bos-template and --uan-bos-template options and their corresponding config file options were deprecated. The following functionality has been removed from sat bootsys:\nThe hsn-bringup stage of sat bootsys boot has been removed due to removal of the underlying Ansible playbook. The bgp-check stage of sat bootys {boot,shutdown} has been removed. It is now a manual procedure. Log File Location Change The location of the sat log file has changed from /var/log/cray/sat.log to /var/log/cray/sat/sat.log. This change simplifies mounting this file into the sat container running under Podman.\nSummary of SAT Changes in Shasta v1.3.2 Shasta v1.3.2 included version 2.4.0 of the sat python package and CLI.\nThe following sections detail the changes in this release.\nsat swap Command for Switch and Cable Replacement The sat switch command which supported operations for replacing a switch has been deprecated and replaced with the sat swap command, which now supports replacing a switch OR cable.\nThe sat swap switch command is equivalent to sat switch. The sat switch command will be removed in a future release.\nAddition of Stages to sat bootsys Command The sat bootsys command now has multiple stages for both the boot and shutdown actions. Please refer to the \u0026ldquo;System Power On Procedures\u0026rdquo; and \u0026ldquo;System Power Off Procedures\u0026rdquo; sections of the Cray Shasta Administration Guide (S-8001) for more details on using this command in the context of a full system power off and power on.\nSummary of SAT Changes in Shasta v1.3 Shasta v1.3 included version 2.2.3 of the sat python package and CLI.\nThis version of the sat CLI contained the following commands:\nauth bootsys cablecheck diag firmware hwinv hwmatch k8s linkhealth sensors setrev showrev status swap switch See the System Admin Toolkit Command Overview and the table of commands in the SAT Authentication section of this document for more details on each of these commands.\n" +}, +{ + "uri": "/docs-sat/en-23/usage/", + "title": "SAT Usage", + "tags": [], + "description": "", + "content": "SAT Usage SAT Bootprep SAT provides an automated solution for creating CFS configurations, building and configuring images in IMS, and creating BOS session templates based on a given input file which defines how those configurations, images, and session templates should be created.\nThis automated process centers around the sat bootprep command. Man page documentation for sat bootprep can be viewed similarly to other SAT commands.\nncn-m001# sat-man sat-bootprep SAT Bootprep vs SAT Bootsys sat bootprep is used to create CFS configurations, build and rename IMS images, and create BOS session templates which tie the configurations and images together during a BOS session.\nsat bootsys automates several portions of the boot and shutdown processes, including (but not limited to) performing BOS operations (such as creating BOS sessions), powering on and off cabinets, and checking the state of the system prior to shutdown.\nEditing a bootprep input file The input file provided to sat bootprep is a YAML-formatted file containing information which CFS, IMS, and BOS use to create configurations, images, and BOS session templates respectively. Writing and modifying these input files is the main task associated with using sat bootprep. An input file is composed of three main sections, one each for configurations, images, and session templates. These sections may be specified in any order, and any of the sections may be omitted if desired.\nCreating CFS configurations The configurations section begins with a configurations: key.\n--- configurations: Under this key, the user can list one or more configurations to create. For each configuration, a name should be given, in addition to the list of layers which comprise the configuration. Each layer can be defined by a product name and optionally a version number, or commit hash or branch in the product\u0026rsquo;s configuration repository. Alternatively, a layer can be defined by a Git repository URL directly, along with an associated branch or commit hash.\nWhen a configuration layer is specified in terms of a product name, the layer is created in CFS by looking up relevant configuration information (including the configuration repository and commit information) from the cray-product-catalog Kubernetes ConfigMap as necessary. A version may be supplied, but if it is absent, the version is assumed to be the latest version found in the cray-product-catalog.\n--- configurations: - name: example-configuration layers: - name: example product playbook: example.yml product: name: example version: 1.2.3 Alternatively, a configuration layer may be specified by explicitly referencing the desired configuration repository, along with the branch containing the intended version of the Ansible playbooks. A commit hash may be specified by replacing branch with commit.\n... - name: another example product playbook: another-example.yml git: url: \u0026#34;https://vcs.local/vcs/another-example-config-management.git\u0026#34; branch: main ... When sat bootprep is run against an input file, a CFS configuration will be created corresponding to each configuration in the configurations section. For example, the configuration created from an input file with the layers listed above might look something like the following:\n{ \u0026#34;lastUpdated\u0026#34;: \u0026#34;2022-02-07T21:47:49Z\u0026#34;, \u0026#34;layers\u0026#34;: [ { \u0026#34;cloneUrl\u0026#34;: \u0026#34;https://vcs.local/vcs/example-config-management.git\u0026#34;, \u0026#34;commit\u0026#34;: \u0026#34;\u0026lt;commit hash\u0026gt;\u0026#34;, \u0026#34;name\u0026#34;: \u0026#34;example product\u0026#34;, \u0026#34;playbook\u0026#34;: \u0026#34;example.yml\u0026#34; }, { \u0026#34;cloneUrl\u0026#34;: \u0026#34;https://vcs.local/vcs/another-example-config-management.git\u0026#34;, \u0026#34;commit\u0026#34;: \u0026#34;\u0026lt;commit hash\u0026gt;\u0026#34;, \u0026#34;name\u0026#34;: \u0026#34;another example product\u0026#34;, \u0026#34;playbook\u0026#34;: \u0026#34;another-example.yml\u0026#34; } ], \u0026#34;name\u0026#34;: \u0026#34;example-configuration\u0026#34; } Creating IMS images After specifying configurations, the user may add images to the input file which are to be built by IMS. To add an images section, the user should add an images key.\n--- configurations: ... (omitted for brevity) images: Under the images key, the user may define one or more images to be created in a list. Each element of the list defines a separate IMS image to be built and/or configured. Images must contain a name, as well as an ims section containing a definition of the image to be built and/or configured. Images may be defined by an image recipe, or by a pre-built image. Recipes and pre-built images are referred to by their names or IDs in IMS. The ims section should also contain an is_recipe property, which indicates whether the name or ID refers to an image recipe or a pre-built image. Images may also optionally provide a text description of the image. This description is not stored or used by sat bootprep or any CSM services, but is useful for documenting images in the input file.\n--- configurations: ... (omitted for brevity) images: - name: example-compute-image description: \u0026gt; An example compute node image for illustrative purposes. ims: name: example-compute-image-recipe is_recipe: true - name: another-example-compute-image description: \u0026gt; Another example compute node image. ims: id: \u0026lt;IMS image UUID\u0026gt; is_recipe: false Images may also contain a configuration property in their definition, which specifies a configuration with which to customize the built image prior to booting. If a configuration is specified, then configuration groups must also be specified using the configuration_group_names property.\n--- configurations: ... (omitted for brevity) images: - name: example-compute-image description: \u0026gt; An example compute node image for illustrative purposes. ims: name: example-compute-image-recipe is_recipe: true configuration: example configuration configuration_group_names: - Compute Creating BOS session templates BOS session templates are the final section of the input file, and are defined under the session_templates key.\n--- configurations: ... (omitted for brevity) images: ... (omitted for brevity) session_templates: Each session template is defined in terms of its name, an image, a configuration, and a set of parameters which can be used to configure the session. The name, image, and configuration are specified with their respective name, image, and configuration keys. bos_parameters may also be specified; currently, the only setting under bos_parameters that is supported is boot_sets, which can be used to define boot sets in the BOS session template. Each boot set is defined under its own property under boot_sets, and the value of each boot set can contain the following properties, all of which are optional:\nkernel_parameters: the parameters passed to the kernel on the command line network: the network over which the nodes will boot node_list: nodes to add to the boot set node_roles_groups: HSM roles to add to the boot set node_groups: HSM groups to add to the boot set rootfs_provider: the root file system provider rootfs_provider_passthrough: parameters to add to the rootfs= kernel parameter The properties listed previously are the same as the parameters that can be specified directly through BOS boot sets. More information can be found in the CSM documentation on session templates. Additional properties not listed are passed through to the BOS session template as written.\nAn example session template might look like the following:\nconfigurations: ... (omitted for brevity) images: ... (omitted for brevity) session_templates: - name: example-session-template image: example-image configuration: example-configuration bos_parameters: boot_sets: example_boot_set: kernel_parameters: ip=dhcp quiet node_list: [] rootfs_provider: cpss3 rootfs_provider_passthrough: dvs:api-gw-service-nmn.local:300:nmn0 Example bootprep input files Putting together all of the previous input file sections, an example bootprep input file might look something like the following.\n--- configurations: - name: cos-config layers: - name: cos-integration-2.2.87 playbook: site.yml product: name: cos version: 2.2.87 branch: integration - name: cpe-integration-21.12.3 playbook: pe_deploy.yml product: name: cpe version: 21.12.3 branch: integration - name: slurm-master-1.1.1 playbook: site.yml product: name: slurm version: 1.1.1 branch: master images: - name: cray-shasta-compute-sles15sp3.x86_64-2.2.35 ims: is_recipe: true name: cray-shasta-compute-sles15sp3.x86_64-2.2.35 configuration: cos-config configuration_group_names: - Compute session_templates: - name: cray-shasta-compute-sles15sp3.x86_64-2.2.35 image: cray-shasta-compute-sles15sp3.x86_64-2.2.35 configuration: cos-config bos_parameters: boot_sets: compute: kernel_parameters: ip=dhcp quiet spire_join_token=${SPIRE_JOIN_TOKEN} node_roles_groups: - Compute Creating a pre-populated example bootprep input file It is possible to create an example bootprep input file using values from the system\u0026rsquo;s product catalog using the sat bootprep generate-example command.\nncn-m001# sat bootprep generate-example INFO: Using latest version (2.3.24-20220113160653) of product cos INFO: Using latest version (21.11.4) of product cpe INFO: Using latest version (1.0.7) of product slurm INFO: Using latest version (1.1.24) of product analytics INFO: Using latest version (2.1.5) of product uan INFO: Using latest version (21.11.4) of product cpe INFO: Using latest version (1.0.7) of product slurm INFO: Using latest version (1.1.24) of product analytics INFO: Using latest version (2.3.24-20220113160653) of product cos INFO: Using latest version (2.1.5) of product uan INFO: Wrote example bootprep input file to ./example-bootprep-input.yaml. This file should be reviewed and edited to match the desired parameters of the configurations, images, and session templates.\nViewing built-in generated documentation The contents of the YAML input files described above must conform to a schema which defines the structure of the data. The schema definition is written using the JSON Schema format. (Although the format is named \u0026ldquo;JSON Schema\u0026rdquo;, the schema itself is written in YAML as well.) More information, including introductory materials and a formal specification of the JSON Schema metaschema, can be found on the JSON Schema website.\nViewing the exact schema specification To view the exact schema specification, run sat bootprep view-schema.\nncn-m001# sat bootprep view-schema --- $schema: \u0026#34;https://json-schema.org/draft-07/schema\u0026#34; title: Bootprep Input File description: \u0026gt; A description of the set of CFS configurations to create, the set of IMS images to create and optionally customize with the defined CFS configurations, and the set of BOS session templates to create that reference the defined images and configurations. type: object additionalProperties: false properties: ... Generating user-friendly documentation The raw schema definition can be difficult to understand without experience working with JSON Schema specifications. For this reason, a feature was included which can generate user-friendly HTML documentation for the input file schema which can be browsed with the user\u0026rsquo;s preferred web browser.\nCreate a documentation tarball using sat bootprep.\nncn-m001# sat bootprep generate-docs INFO: Wrote input schema documentation to /root/bootprep-schema-docs.tar.gz An alternate output directory can be specified with the --output-dir option. The generated tarball is always named bootprep-schema-docs.tar.gz.\nncn-m001# sat bootprep generate-docs --output-dir /tmp INFO: Wrote input schema documentation to /tmp/bootprep-schema-docs.tar.gz From another machine, copy the tarball to a local directory.\nanother-machine$ scp root@ncn-m001:bootprep-schema-docs.tar.gz . Extract the contents of the tarball and open the contained index.html.\nanother-machine$ tar xzvf bootprep-schema-docs.tar.gz x bootprep-schema-docs/ x bootprep-schema-docs/index.html x bootprep-schema-docs/schema_doc.css x bootprep-schema-docs/schema_doc.min.js another-machine$ open bootprep-schema-docs/index.html " +}, +{ + "uri": "/docs-sat/en-23/categories/", + "title": "Categories", + "tags": [], + "description": "", + "content": "" +}, +{ + "uri": "/docs-sat/en-23/tags/", + "title": "Tags", + "tags": [], + "description": "", + "content": "" +}] \ No newline at end of file diff --git a/en-23/index.xml b/en-23/index.xml new file mode 100644 index 0000000000..62096a20a3 --- /dev/null +++ b/en-23/index.xml @@ -0,0 +1,54 @@ + + + + HPE Cray EX System Admin Toolkit (SAT) Guide on System Admin Toolkit (SAT) + /docs-sat/en-23/ + Recent content in HPE Cray EX System Admin Toolkit (SAT) Guide on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-23 + Wed, 11 Dec 2024 03:40:00 +0000 + + + SAT Installation + /docs-sat/en-23/install/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-23/install/ + SAT Installation Install the System Admin Toolkit Product Stream Describes how to install the System Admin Toolkit (SAT) product stream. Prerequisites CSM is installed and verified. cray-product-catalog is running. There must be at least 2 gigabytes of free space on the manager NCN on which the procedure is run. Notes on the Procedures Ellipses (...) in shell output indicate omitted lines. In the examples below, replace 2.2.x with the version of the SAT product stream being installed. + + + Introduction to SAT + /docs-sat/en-23/introduction/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-23/introduction/ + Introduction to SAT About System Admin Toolkit (SAT) The System Admin Toolkit (SAT) is designed to assist administrators with common tasks, such as troubleshooting and querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components. SAT offers a command line utility which uses subcommands. There are similarities between SAT commands and xt commands used on the Cray XC platform. For more information on SAT commands, see System Admin Toolkit Command Overview. + + + SAT Grafana Dashboards + /docs-sat/en-23/dashboards/sat_grafana_dashboards/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-23/dashboards/sat_grafana_dashboards/ + SAT Grafana Dashboards The SAT Grafana Dashboards display messages that are generated by the HSN (High Speed Network) and reported through Redfish. The messages are displayed based on severity. Grafana can be accessed via web browser at the following URL: https://sma-grafana.cmn.&lt;site-domain&gt; The value of site-domain can be obtained as follows: ncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath=&#39;{.data.customizations\.yaml}&#39; | \ base64 -d | grep &#34;external:&#34; That command will produce the following output, for example: + + + SAT Kibana Dashboards + /docs-sat/en-23/dashboards/sat_kibana_dashboards/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-23/dashboards/sat_kibana_dashboards/ + SAT Kibana Dashboards Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored in Elasticsearch indices. Kibana runs as a web service and has a browser-based interface. It offers visual output of node data in the forms of charts, tables and maps that display real-time Elasticsearch queries. Viewing system data in this way breaks down the complexity of large data volumes into easily understood information. + + + SAT Release Notes + /docs-sat/en-23/release_notes/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-23/release_notes/ + SAT Release Notes Summary of Changes in SAT 2.3 The 2.3.4 version of the SAT product includes: Version 3.15.4 of the sat python package and CLI Version 1.6.11 of the sat-podman wrapper script Version 1.2.0 of the sat-cfs-install container image Version 2.0.0 of the sat-cfs-install Helm chart Version 1.5.0 of the sat-install-utility container image Version 2.0.3 of the cfs-config-util container image New sat Commands None. Current Working Directory in SAT Container When running sat commands, the current working directory is now mounted in the container as /sat/share, and the current working directory within the container is also /sat/share. + + + SAT Usage + /docs-sat/en-23/usage/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-23/usage/ + SAT Usage SAT Bootprep SAT provides an automated solution for creating CFS configurations, building and configuring images in IMS, and creating BOS session templates based on a given input file which defines how those configurations, images, and session templates should be created. This automated process centers around the sat bootprep command. Man page documentation for sat bootprep can be viewed similarly to other SAT commands. ncn-m001# sat-man sat-bootprep SAT Bootprep vs SAT Bootsys sat bootprep is used to create CFS configurations, build and rename IMS images, and create BOS session templates which tie the configurations and images together during a BOS session. + + + diff --git a/en-23/install/index.html b/en-23/install/index.html new file mode 100644 index 0000000000..e598887d68 --- /dev/null +++ b/en-23/install/index.html @@ -0,0 +1,1505 @@ + + + + + + + + + + + + SAT Installation :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+ +
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Installation

+

Install the System Admin Toolkit Product Stream

+

Describes how to install the System Admin Toolkit (SAT) product stream.

+

Prerequisites

+
    +
  • CSM is installed and verified.
    • +
  • cray-product-catalog is running.
    • +
  • There must be at least 2 gigabytes of free space on the manager NCN on which the +procedure is run.
    • +
+

Notes on the Procedures

+
    +
  • Ellipses (...) in shell output indicate omitted lines.
    • +
  • In the examples below, replace 2.2.x with the version of the SAT product stream +being installed.
    • +
  • ‘manager’ and ‘master’ are used interchangeably in the steps below.
    • +
  • To upgrade SAT, execute the pre-installation, installation, and post-installation +procedures for a newer distribution. The newly installed version will become +the default.
    • +
+

Pre-Installation Procedure

+
    +
  1. +

    Start a typescript.

    +

    The typescript will record the commands and the output from this installation.

    +
    ncn-m001# script -af product-sat.$(date +%Y-%m-%d).txt
+ncn-m001# export PS1='\u@\H \D{%Y-%m-%d} \t \w # '
+
    2. +
+

Installation Procedure

+
    +
  1. +

    Copy the release distribution gzipped tar file to ncn-m001.

    +
    2. +
  2. +

    Unzip and extract the release distribution, 2.2.x.

    +
    ncn-m001# tar -xvzf sat-2.2.x.tar.gz
+
    3. +
  3. +

    Change directory to the extracted release distribution directory.

    +
    ncn-m001# cd sat-2.2.x
+
    4. +
  4. +

    Run the installer: install.sh.

    +

    The script produces a lot of output. A successful install ends with “SAT +version 2.2.x has been installed”.

    +
    ncn-m001# ./install.sh
+...
+====> Updating active CFS configurations
+...
+====> SAT version 2.2.x has been installed.
+
    5. +
  5. +

    Upgrade only: Record the names of the CFS configuration or +configurations modified by install.sh.

    +

    The install.sh script attempts to modify any CFS configurations that apply +to the master management NCNs. During an upgrade, install.sh will log +messages indicating the CFS configuration or configurations that were +modified. For example, if there are three master nodes all using the same +CFS configuration named “ncn-personalization”, the output would look like +this:

    +
    ====> Updating active CFS configurations
+INFO: Querying CFS configurations for the following NCNs: x3000c0s1b0n0, x3000c0s3b0n0, x3000c0s5b0n0
+INFO: Found configuration "ncn-personalization" for component x3000c0s1b0n0
+INFO: Found configuration "ncn-personalization" for component x3000c0s3b0n0
+INFO: Found configuration "ncn-personalization" for component x3000c0s5b0n0
+INFO: Updating CFS configuration "ncn-personalization"
+INFO: Updating existing layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml in configuration "ncn-personalization".
+INFO: Key "name" in layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml updated from sat-ncn to sat-2.2.16
+INFO: Successfully updated layers in configuration "ncn-personalization"
+

    Save the name of each CFS configuration updated by the installer. In the +previous example, a single configuration named “ncn-personalization” was +updated, so that name is saved to a temporary file.

    +
    ncn-m001# echo ncn-personalization >> /tmp/sat-ncn-cfs-configurations.txt
+

    Repeat the previous command for each CFS configuration that was updated.

    +
    6. +
  6. +

    Upgrade only: Save the new name of the SAT CFS configuration layer.

    +

    In the example install.sh output above, the new layer name is +sat-2.2.16. Save this value to a file to be used later.

    +
    ncn-m001# echo sat-2.2.16 > /tmp/sat-layer-name.txt
+
    7. +
  7. +

    Fresh install only: Save the CFS configuration layer for SAT to a file +for later use.

    +

    The install.sh script attempts to modify any CFS configurations that apply +to the master management NCNs. During a fresh install, no such CFS +configurations will be found, and it will instead log the SAT configuration +layer that must be added to the CFS configuration that will be created. Here +is an example of the output in that case:

    +
    ====> Updating active CFS configurations
+INFO: Querying CFS configurations for the following NCNs: x3000c0s1b0n0, x3000c0s3b0n0, x3000c0s5b0n0
+WARNING: No CFS configurations found that apply to components with role Management and subrole Master.
+INFO: The following sat layer should be used in the CFS configuration that will be applied to NCNs with role Management and subrole Master.
+{
+    "name": "sat-2.2.15",
+    "commit": "9a74b8f5ba499af6fbcecfd2518a40e081312933",
+    "cloneUrl": "https://api-gw-service-nmn.local/vcs/cray/sat-config-management.git",
+    "playbook": "sat-ncn.yml"
+}
+

    Save the JSON output to a file for later use. For example:

    +
    ncn-m001# cat > /tmp/sat-layer.json <<EOF
+> {
+>     "name": "sat-2.2.15",
+>     "commit": "9a74b8f5ba499af6fbcecfd2518a40e081312933",
+>     "cloneUrl": "https://api-gw-service-nmn.local/vcs/cray/sat-config-management.git",
+>     "playbook": "sat-ncn.yml"
+> }
+> EOF
+

    Do not copy the previous command verbatim. Use the JSON output from the +install.sh script.

    +
    8. +
+

Post-Installation Procedure

+
    +
  1. +

    Optional: Remove the SAT release distribution tar file and extracted directory.

    +
    ncn-m001# rm sat-2.2.x.tar.gz
+ncn-m001# rm -rf sat-2.2.x/
+
    2. +
  2. +

    Upgrade only: Ensure that the environment variable SAT_TAG is not set +in the ~/.bashrc file on any of the management NCNs.

    +

    NOTE: This step should only be required when updating from +Shasta 1.4.1 or Shasta 1.4.2.

    +

    The following example assumes three manager NCNs: ncn-m001, ncn-m002, and ncn-m003, +and shows output from a system in which no further action is needed.

    +
    ncn-m001# pdsh -w ncn-m00[1-3] cat ~/.bashrc
+ncn-m001: source <(kubectl completion bash)
+ncn-m003: source <(kubectl completion bash)
+ncn-m002: source <(kubectl completion bash)
+

    The following example shows that SAT_TAG is set in ~/.bashrc on ncn-m002. +Remove that line from the ~/.bashrc file on ncn-m002.

    +
    ncn-m001# pdsh -w ncn-m00[1-3] cat ~/.bashrc
+ncn-m001: source <(kubectl completion bash)
+ncn-m002: source <(kubectl completion bash)
+ncn-m002: export SAT_TAG=3.5.0
+ncn-m003: source <(kubectl completion bash)
+
    3. +
  3. +

    Stop the typescript.

    +

    NOTE: This step can be skipped if you wish to use the same typescript +for the remainder of the SAT install. See Next Steps.

    +
    ncn-m001# exit
+
    4. +
+

SAT version 2.2.x is now installed/upgraded, meaning the SAT 2.2.x release +has been loaded into the system software repository.

+
    +
  • SAT configuration content for this release has been uploaded to VCS.
    • +
  • SAT content for this release has been uploaded to the CSM product catalog.
    • +
  • SAT content for this release has been uploaded to Nexus repositories.
    • +
  • The sat command won’t be available until the NCN Personalization +procedure has been executed.
    • +
+

Next Steps

+

If other HPE Cray EX software products are being installed or upgraded in conjunction +with SAT, refer to the HPE Cray EX System Software Getting Started Guide +to determine which step to execute next.

+

If no other HPE Cray EX software products are being installed or upgraded at this time, +proceed to the sections listed below.

+

NOTE: The NCN Personalization procedure is required when +upgrading SAT. The setup procedures in SAT Setup, however, are +not required when upgrading SAT. They should have been executed +during the first installation of SAT.

+

Execute the NCN Personalization procedure:

+ +

If performing a fresh install, execute the SAT Setup procedures:

+ +

If performing an upgrade, execute the upgrade procedures:

+ +

Perform NCN Personalization

+

Describes how to perform NCN personalization using CFS. This personalization process +will configure the System Admin Toolkit (SAT) product stream.

+

Prerequisites

+
    +
  • The Install the System Admin Toolkit Product Stream +procedure has been successfully completed.
    • +
  • If upgrading, the names of the CFS configurations updated during installation +were saved to the file /tmp/sat-ncn-cfs-configurations.txt.
    • +
  • If upgrading, the name of the new SAT CFS configuration layer was saved to +the file /tmp/sat-layer-name.txt.
    • +
  • If performing a fresh install, the SAT CFS configuration layer was saved to +the file /tmp/sat-layer.json.
    • +
+

Notes on the Procedure

+
    +
  • Ellipses (...) in shell output indicate omitted lines.
    • +
  • In the examples below, replace 2.2.x with the version of the SAT product stream +being installed.
    • +
  • ‘manager’ and ‘master’ are used interchangeably in the steps below.
    • +
  • If upgrading SAT, the existing configuration will likely include other Cray EX product +entries. Update the SAT entry as described in this procedure. The HPE Cray EX System +Software Getting Started Guide provides guidance on how and when to update the +entries for the other products.
    • +
+

Procedure

+
    +
  1. +

    Start a typescript if not already using one.

    +

    The typescript will capture the commands and the output from this installation procedure.

    +
    ncn-m001# script -af product-sat.$(date +%Y-%m-%d).txt
+ncn-m001# export PS1='\u@\H \D{%Y-%m-%d} \t \w # '
+
    2. +
  2. +

    Fresh install only: Add the SAT layer to the NCN personalization JSON file.

    +

    If the SAT install script, install.sh, did not identify and modify the CFS +configurations that apply to each master management NCN, it will have printed +the SAT CFS configuration layer in JSON format. This layer must be added to +the JSON file being used to construct the CFS configuration. For example, +if the file being used is named ncn-personalization.json, and the SAT +layer was saved to the file /tmp/sat-layer.json as described in the +install instructions, the following jq command will append the SAT layer +and save the result in a new file named ncn-personalization.json.

    +
    ncn-m001# jq -s '{layers: (.[0].layers + [.[1]])}' ncn-personalization.json \
+    /tmp/sat-layer.json > ncn-personalization.new.json
+

    For instructions on how to create a CFS configuration from the previous +file and how to apply it to the management NCNs, refer to “Perform NCN +Personalization” in the HPE Cray System Management Documentation. After +the CFS configuration has been created and applied, return to this +procedure.

    +
    3. +
  3. +

    Upgrade only: Invoke each CFS configuration that was updated during the +upgrade.

    +

    If the SAT install script, install.sh, identified CFS configurations that +apply to the master management NCNs and modified them in place, invoke each +CFS configuration that was created or updated during installation.

    +

    This step will create a CFS session for each given configuration and install +SAT on the associated manager NCNs.

    +

    The --configuration-limit option limits the configuration session to run +only the SAT layer of the configuration.

    +

    You should see a representation of the CFS session in the output.

    +
    ncn-m001# for cfs_configuration in $(cat /tmp/sat-ncn-cfs-configurations.txt);
+do cray cfs sessions create --name "sat-session-${cfs_configuration}" --configuration-name \
+    "${cfs_configuration}" --configuration-limit $(cat /tmp/sat-layer-name.txt);
+done
+
+name="sat-session-ncn-personalization"
+
+[ansible]
+...
+
    4. +
  4. +

    Upgrade only: Monitor the progress of each CFS session.

    +

    This step assumes a single session named sat-session-ncn-personalization was created in the previous step.

    +

    First, list all containers associated with the CFS session:

    +
    ncn-m001# kubectl get pod -n services --selector=cfsession=sat-session-ncn-personalization \
+    -o json | jq '.items[0].spec.containers[] | .name'
+"inventory"
+"ansible-1"
+"istio-proxy"
+

    Next, get the logs for the ansible-1 container.

    +

    NOTE: the trailing digit might differ from “1”. It is the zero-based +index of the sat-ncn layer within the configuration’s layers.

    +
    ncn-m001# kubectl logs -c ansible-1 --tail 100 -f -n services \
+    --selector=cfsession=sat-session-ncn-personalization
+

    Ansible plays, which are run by the CFS session, will install SAT on all the +manager NCNs on the system. Successful results for all of the manager NCN xnames +can be found at the end of the container log. For example:

    +
    ...
+PLAY RECAP *********************************************************************
+x3000c0s1b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+x3000c0s3b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+x3000c0s5b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+

    Execute this step for each unique CFS configuration.

    +

    NOTE: Ensure that the PLAY RECAPs for each session show successes for all +manager NCNs before proceeding.

    +
    5. +
  5. +

    Verify that SAT was successfully configured.

    +

    If sat is configured, the --version command will indicate which version +is installed. If sat is not properly configured, the command will fail.

    +

    NOTE: This version number will differ from the version number of the SAT +release distribution. This is the semantic version of the sat Python package, +which is different from the version number of the overall SAT release distribution.

    +
    ncn-m001# sat --version
+sat 3.7.0
+

    NOTE: Upon first running sat, you may see additional output while the sat +container image is downloaded. This will occur the first time sat is run on +each manager NCN. For example, if you run sat for the first time on ncn-m001 +and then for the first time on ncn-m002, you will see this additional output +both times.

    +
    Trying to pull registry.local/cray/cray-sat:3.7.0-20210514024359_9fed037...
+Getting image source signatures
+Copying blob da64e8df3afc done
+Copying blob 0f36fd81d583 done
+Copying blob 12527cf455ba done
+...
+sat 3.7.0
+
    6. +
  6. +

    Stop the typescript.

    +
    ncn-m001# exit
+
    7. +
+

SAT version 2.2.x is now configured:

+
    +
  • The SAT RPM package is installed on the associated NCNs.
    • +
+

Next Steps

+

If other HPE Cray EX software products are being installed or upgraded in conjunction +with SAT, refer to the HPE Cray EX System Software Getting Started Guide +to determine which step to execute next.

+

If no other HPE Cray EX software products are being installed or upgraded at this time, +proceed to the remaining SAT Setup or SAT Post-Upgrade procedures.

+

If performing a fresh install, execute the SAT Setup procedures:

+ +

If performing an upgrade, execute the SAT Post-Upgrade procedures:

+ +

SAT Authentication

+

Initially, as part of the installation and configuration, SAT authentication is set up so sat commands can be used in +later steps of the install process. The admin account used to authenticate with sat auth must be enabled in +Keycloak and must have its assigned role set to admin. For instructions on editing Role Mappings see +Create Internal User Accounts in the Keycloak Shasta Realm in the CSM product documentation. +For additional information on SAT authentication, see System Security and Authentication in the CSM +documentation.

+

NOTE: This procedure is only required after initially installing SAT. It is not +required after upgrading SAT.

+

Description of SAT Command Authentication Types

+

Some SAT subcommands make requests to the Shasta services through the API gateway and thus require authentication to +the API gateway in order to function. Other SAT subcommands use the Kubernetes API. Some sat commands require S3 to +be configured (see: Generate SAT S3 Credentials). In order to use the SAT S3 bucket, +the System Administrator must generate the S3 access key and secret keys and write them to a local file. This must be +done on every Kubernetes manager node where SAT commands are run.

+

Below is a table describing SAT commands and the types of authentication they require.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
SAT SubcommandAuthentication/Credentials RequiredMan PageDescription
sat authResponsible for authenticating to the API gateway and storing a token.sat-authAuthenticate to the API gateway and save the token.
sat bmccredsRequires authentication to the API gateway.sat-bmccredsSet BMC passwords.
sat bootprepRequires authentication to the API gateway. Requires kubernetes configuration and authentication, which is done on ncn-m001 during the install.sat-bootprepPrepare to boot nodes with images and configurations.
sat bootsysRequires authentication to the API gateway. Requires kubernetes configuration and authentication, which is configured on ncn-m001 during the install. Some stages require passwordless SSH to be configured to all other NCNs. Requires S3 to be configured for some stages.sat-bootsysBoot or shutdown the system, including compute nodes, application nodes, and non-compute nodes (NCNs) running the management software.
sat diagRequires authentication to the API gateway.sat-diagLaunch diagnostics on the HSN switches and generate a report.
sat firmwareRequires authentication to the API gateway.sat-firmwareReport firmware version.
sat hwhistRequires authentication to the API gateway.sat-hwhistReport hardware component history.
sat hwinvRequires authentication to the API gateway.sat-hwinvGive a listing of the hardware of the HPE Cray EX system.
sat hwmatchRequires authentication to the API gateway.sat-hwmatchReport hardware mismatches.
sat initNonesat-initCreate a default SAT configuration file.
sat k8sRequires kubernetes configuration and authentication, which is automatically configured on ncn-w001 during the install.sat-k8sReport on kubernetes replicasets that have co-located replicas (i.e. replicas on the same node).
sat linkhealthThis command has been deprecated.
sat nid2xnameRequires authentication to the API gateway.sat-nid2xnameTranslate node IDs to node xnames.
sat sensorsRequires authentication to the API gateway.sat-sensorsReport current sensor data.
sat setrevRequires S3 to be configured for site information such as system name, serial number, install date, and site name.sat-setrevSet HPE Cray EX system revision information.
sat showrevRequires API gateway authentication in order to query the Interconnect from HSM. Requires S3 to be configured for site information such as system name, serial number, install date, and site name.sat-showrevPrint revision information for the HPE Cray EX system.
sat slscheckRequires authentication to the API gateway.sat-slscheckPerform a cross-check between SLS and HSM.
sat statusRequires authentication to the API gateway.sat-statusReport node status across the HPE Cray EX system.
sat swapRequires authentication to the API gateway.sat-swapPrepare HSN switch or cable for replacement and bring HSN switch or cable into service.
sat xname2nidRequires authentication to the API gateway.sat-xname2nidTranslate node and node BMC xnames to node IDs.
sat switchThis command has been deprecated. It has been replaced by sat swap.
+

In order to authenticate to the API gateway, you must run the sat auth command. This command will prompt for a password +on the command line. The username value is obtained from the following locations, in order of higher precedence to lower +precedence:

+
    +
  • The --username global command-line option.
    • +
  • The username option in the api_gateway section of the config file at ~/.config/sat/sat.toml.
    • +
  • The name of currently logged in user running the sat command.
    • +
+

If credentials are entered correctly when prompted by sat auth, a token file will be obtained and saved to +~/.config/sat/tokens. Subsequent sat commands will determine the username the same way as sat auth described above, +and will use the token for that username if it has been obtained and saved by sat auth.

+

Prerequisites

+ +

Procedure

+

The following is the procedure to globally configure the username used by SAT and authenticate to the API gateway:

+
    +
  1. +

    Generate a default SAT configuration file, if one does not exist.

    +
    ncn-m001# sat init
+Configuration file "/root/.config/sat/sat.toml" generated.
+

    Note: If the config file already exists, it will print out an error:

    +
    ERROR: Configuration file "/root/.config/sat/sat.toml" already exists.
+Not generating configuration file.
+
    2. +
  2. +

    Edit ~/.config/sat/sat.toml and set the username option in the api_gateway section of the config file. E.g.:

    +
    username = "crayadmin"
+
    3. +
  3. +

    Run sat auth. Enter your password when prompted. E.g.:

    +
    ncn-m001# sat auth
+Password for crayadmin:
+Succeeded!
+
    4. +
  4. +

    Other sat commands are now authenticated to make requests to the API gateway. E.g.:

    +
    ncn-m001# sat status
+
    5. +
+

Generate SAT S3 Credentials

+

Generate S3 credentials and write them to a local file so the SAT user can access S3 storage. In order to use the SAT +S3 bucket, the System Administrator must generate the S3 access key and secret keys and write them to a local file. +This must be done on every Kubernetes master node where SAT commands are run.

+

SAT uses S3 storage for several purposes, most importantly to store the site-specific information set with sat setrev +(see: Run Sat Setrev to Set System Information).

+

NOTE: This procedure is only required after initially installing SAT. It is not +required after upgrading SAT.

+

Prerequisites

+ +

Procedure

+
    +
  1. +

    Ensure the files are readable only by root.

    +
    ncn-m001# touch /root/.config/sat/s3_access_key \
+    /root/.config/sat/s3_secret_key
+
    ncn-m001# chmod 600 /root/.config/sat/s3_access_key \
+    /root/.config/sat/s3_secret_key
+
    2. +
  2. +

    Write the credentials to local files using kubectl.

    +
    ncn-m001# kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.access_key}' | base64 -d > \
+    /root/.config/sat/s3_access_key
+
    ncn-m001# kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.secret_key}' | base64 -d > \
+    /root/.config/sat/s3_secret_key
+
    3. +
  3. +

    Verify the S3 endpoint specified in the SAT configuration file is correct.

    +
      +
    1. +

      Get the SAT configuration file’s endpoint value.

      +

      NOTE: If the command’s output is commented out, indicated by an initial # +character, the SAT configuration will take the default value – "https://rgw-vip.nmn".

      +
      ncn-m001# grep endpoint ~/.config/sat/sat.toml
+# endpoint = "https://rgw-vip.nmn"
+
      2. +
    2. +

      Get the sat-s3-credentials secret’s endpoint value.

      +
      ncn-m001# kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.s3_endpoint}' | base64 -d | xargs
+https://rgw-vip.nmn
+
      3. +
    3. +

      Compare the two endpoint values.

      +

      If the values differ, change the SAT configuration file’s endpoint value to match the secret’s.

      +
      4. +
    +
    4. +
  4. +

    Copy SAT configurations to each manager node on the system.

    +
    ncn-m001# for i in ncn-m002 ncn-m003; do echo $i; ssh ${i} \
+    mkdir -p /root/.config/sat; \
+    scp -pr /root/.config/sat ${i}:/root/.config; done
+

    NOTE: Depending on how many manager nodes are on the system, the list of manager nodes may +be different. This example assumes three manager nodes, where the configuration files must be +copied from ncn-m001 to ncn-m002 and ncn-m003. Therefore, the list of hosts above is ncn-m002 +and ncn-m003.

    +
    5. +
+

Run sat setrev to Set System Information

+

NOTE: This procedure is only required after initially installing SAT. It is not +required after upgrading SAT.

+

Prerequisites

+ +

Procedure

+
    +
  1. +

    Run sat setrev to set System Revision Information. Follow the on-screen prompts to set +the following site-specific values:

    +
      +
    • Serial number
      • +
    • System name
      • +
    • System type
      • +
    • System description
      • +
    • Product number
      • +
    • Company name
      • +
    • Site name
      • +
    • Country code
      • +
    • System install date
      • +
    +

    TIP: For “System type”, a system with any liquid-cooled components should be +considered a liquid-cooled system. I.e., “System type” is EX-1C.

    +
    ncn-m001# sat setrev
+--------------------------------------------------------------------------------
+Setting:        Serial number
+Purpose:        System identification. This will affect how snapshots are
+                identified in the HPE backend services.
+Description:    This is the top-level serial number which uniquely identifies
+                the system. It can be requested from an HPE representative.
+Valid values:   Alpha-numeric string, 4 - 20 characters.
+Type:           <class 'str'>
+Default:        None
+Current value:  None
+--------------------------------------------------------------------------------
+Please do one of the following to set the value of the above setting:
+    - Input a new value
+    - Press CTRL-C to exit
+...
+
    2. +
  2. +

    Run sat showrev to verify System Revision Information. The following tables contain example information.

    +
    ncn-m001# sat showrev
+################################################################################
+System Revision Information
+################################################################################
++---------------------+---------------+
+| component           | data          |
++---------------------+---------------+
+| Company name        | HPE           |
+| Country code        | US            |
+| Interconnect        | Sling         |
+| Product number      | R4K98A        |
+| Serial number       | 12345         |
+| Site name           | HPE           |
+| Slurm version       | slurm 20.02.5 |
+| System description  | Test System   |
+| System install date | 2021-01-29    |
+| System name         | eniac         |
+| System type         | EX-1C         |
++---------------------+---------------+
+################################################################################
+Product Revision Information
+################################################################################
++--------------+-----------------+------------------------------+------------------------------+
+| product_name | product_version | images                       | image_recipes                |
++--------------+-----------------+------------------------------+------------------------------+
+| csm          | 0.8.14          | cray-shasta-csm-sles15sp1... | cray-shasta-csm-sles15sp1... |
+| sat          | 2.0.1           | -                            | -                            |
+| sdu          | 1.0.8           | -                            | -                            |
+| slingshot    | 0.8.0           | -                            | -                            |
+| sma          | 1.4.12          | -                            | -                            |
++--------------+-----------------+------------------------------+------------------------------+
+################################################################################
+Local Host Operating System
+################################################################################
++-----------+----------------------+
+| component | version              |
++-----------+----------------------+
+| Kernel    | 5.3.18-24.15-default |
+| SLES      | SLES 15-SP2          |
++-----------+----------------------+
+
    3. +
+

Remove obsolete configuration file sections

+

Prerequisites

+ +

Procedure

+

After upgrading SAT, if using the configuration file from a previous version, there may be +configuration file sections no longer used in the new version. For example, when upgrading +from Shasta 1.4 to Shasta 1.5, the [redfish] configuration file section is no longer used. +In that case, the following warning may appear upon running sat commands.

+
WARNING: Ignoring unknown section 'redfish' in config file.
+

Remove the [redfish] section from /root/.config/sat/sat.toml to resolve the warning.

+
[redfish]
+username = "admin"
+password = "adminpass"
+

Repeat this process for any configuration file sections for which there are “unknown section” warnings.

+

SAT Logging

+

As of SAT version 2.2, some command output that was previously printed to stdout +is now logged to stderr. These messages are logged at the INFO level. The +default logging threshold was changed from WARNING to INFO to accomodate +this logging change. Additionally, some messages previously logged at the INFO +are now logged at the DEBUG level.

+

These changes take effect automatically. However, if the default output threshold +has been manually set in ~/.config/sat/sat.toml, it should be changed to ensure +that important output is shown in the terminal.

+

Update Configuration

+

In the following example, the stderr log level, logging.stderr_level, is set to +WARNING, which will exclude INFO-level logging from terminal output.

+
ncn-m001:~ # grep -A 3 logging ~/.config/sat/sat.toml
+[logging]
+...
+stderr_level = "WARNING"
+

To enable the new default behavior, comment this line out, delete it, or set +the value to “INFO”.

+

If logging.stderr_level is commented out, its value will not affect logging +behavior. However, it may be helpful set its value to INFO as a reminder of +the new default behavior.

+

Affected Commands

+

The following commands trigger messages that have been changed from stdout +print calls to INFO-level (or WARNING- or ERROR-level) log messages:

+
sat bootsys --stage shutdown --stage session-checks
+sat sensors
+

The following commands trigger messages that have been changed from INFO-level +log messages to DEBUG-level log messages:

+
sat nid2xname
+sat xname2nid
+sat swap
+

Uninstall: Removing a Version of SAT

+

Prerequisites

+
    +
  • Only versions 2.2 or newer of SAT can be uninstalled with prodmgr.
    • +
  • CSM version 1.2 or newer must be installed, so that the prodmgr command is available.
    • +
+

Procedure

+
    +
  1. +

    Use sat showrev to list versions of SAT.

    +

    NOTE: It is not recommended to uninstall a version designated as “active”. +If the active version is uninstalled, then the activate procedure must be executed +on a remaining version.

    +
    ncn-m001# sat showrev --products --filter product_name=sat
+###############################################################################
+Product Revision Information
+###############################################################################
++--------------+-----------------+--------+-------------------+-----------------------+
+| product_name | product_version | active | images            | image_recipes         |
++--------------+-----------------+--------+-------------------+-----------------------+
+| sat          | 2.3.3           | True   | -                 | -                     |
+| sat          | 2.2.10          | False  | -                 | -                     |
++--------------+-----------------+--------+-------------------+-----------------------+
+
    2. +
  2. +

    Use prodmgr to uninstall a version of SAT.

    +

    This command will do three things:

    +
      +
    • Remove all hosted-type package repositories associated with the given version of SAT. Group-type +repositories are not removed.
      • +
    • Remove all container images associated with the given version of SAT.
      • +
    • Remove SAT from the cray-product-catalog Kubernetes ConfigMap, so that it will no longer show up +in the output of sat showrev.
      • +
    +
    ncn-m001# prodmgr uninstall sat 2.2.10
+Repository sat-2.2.10-sle-15sp2 has been removed.
+Removed Docker image cray/cray-sat:3.9.0
+Removed Docker image cray/sat-cfs-install:1.0.2
+Removed Docker image cray/sat-install-utility:1.4.0
+Deleted sat-2.2.10 from product catalog.
+
    3. +
+

Activate: Switching Between Versions

+

This procedure can be used to downgrade the active version of SAT.

+

Prerequisites

+
    +
  • Only versions 2.2 or newer of SAT can be activated. Older versions must be activated manually.
    • +
  • CSM version 1.2 or newer must be installed, so that the prodmgr command is available.
    • +
+

Procedure

+
    +
  1. +

    Use sat showrev to list versions of SAT.

    +
    ncn-m001# sat showrev --products --filter product_name=sat
+###############################################################################
+Product Revision Information
+###############################################################################
++--------------+-----------------+--------+--------------------+-----------------------+
+| product_name | product_version | active | images             | image_recipes         |
++--------------+-----------------+--------+--------------------+-----------------------+
+| sat          | 2.3.3           | True   | -                  | -                     |
+| sat          | 2.2.10          | False  | -                  | -                     |
++--------------+-----------------+--------+--------------------+-----------------------+
+
    2. +
  2. +

    Use prodmgr to activate a different version of SAT.

    +

    This command will do three things:

    +
      +
    • For all hosted-type package repositories associated with this version of SAT, set them as the sole member +of their corresponding group-type repository. For example, activating SAT version 2.2.10 +sets the repository sat-2.2.10-sle-15sp2 as the only member of the sat-sle-15sp2 group.
      • +
    • Set the version 2.2.10 as active within the product catalog, so that it appears active in the output of +sat showrev.
      • +
    • Ensure that the SAT CFS configuration content exists as a layer in all CFS configurations that are +associated with NCNs with the role “Management” and subrole “Master” (for example, the CFS configuration +ncn-personalization). Specifically, it will ensure that the layer refers to the version of SAT CFS +configuration content associated with the version of SAT being activated.
      • +
    +
    ncn-m001# prodmgr activate sat 2.2.10
+Repository sat-2.2.10-sle-15sp2 is now the default in sat-sle-15sp2.
+Set sat-2.2.10 as active in product catalog.
+Updated CFS configurations: [ncn-personalization]
+
    3. +
  3. +

    Verify that the chosen version is marked as active.

    +
    ncn-m001# sat showrev --products --filter product_name=sat
+###############################################################################
+Product Revision Information
+###############################################################################
++--------------+-----------------+--------+--------------------+-----------------------+
+| product_name | product_version | active | images             | image_recipes         |
++--------------+-----------------+--------+--------------------+-----------------------+
+| sat          | 2.3.3           | False  | -                  | -                     |
+| sat          | 2.2.10          | True   | -                  | -                     |
++--------------+-----------------+--------+--------------------+-----------------------+
+
    4. +
  4. +

    Run NCN Personalization.

    +

    At this point, the command has modified Nexus package repositories to set a particular package repository +as active, but no packages on the NCNs have been changed. In order to complete the activation process, +NCN Personalization must be executed to change the cray-sat-podman package version on the manager NCNs.

    +

    NOTE: Refer to the command output from step 2 for the names of all CFS configurations that were updated, +which may not necessarily be just ncn-personalization. If multiple configurations were updated in step 2, then +a cray cfs sessions create command should be run for each of them. This example assumes a single configuration +named ncn-personalization was updated. If multiple were updated, set cfs_configurations to a space-separated +list below.

    +
    ncn-m001# cfs_configurations="ncn-personalization"
+ncn-m001# for cfs_configuration in ${cfs_configurations}
+do cray cfs sessions create --name "sat-session-${cfs_configuration}" --configuration-name \
+    "${cfs_configuration}" --configuration-limit sat-ncn;
+done
+
    5. +
  5. +

    Monitor the progress of each CFS session.

    +

    This step assumes a single session named sat-session-ncn-personalization was created in the previous step.

    +

    First, list all containers associated with the CFS session:

    +
    ncn-m001# kubectl get pod -n services --selector=cfsession=sat-session-ncn-personalization \
+    -o json | jq '.items[0].spec.containers[] | .name'
+"inventory"
+"ansible-1"
+"istio-proxy"
+

    Next, get the logs for the ansible-1 container.

    +

    NOTE: the trailing digit might differ from “1”. It is the zero-based +index of the sat-ncn layer within the configuration’s layers.

    +
    ncn-m001# kubectl logs -c ansible-1 --tail 100 -f -n services \
+    --selector=cfsession=sat-session-ncn-personalization
+

    Ansible plays, which are run by the CFS session, will install SAT on all the +manager NCNs on the system. Successful results for all of the manager NCN xnames +can be found at the end of the container log. For example:

    +
    ...
+PLAY RECAP *********************************************************************
+x3000c0s1b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+x3000c0s3b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+x3000c0s5b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+

    Execute this step for each unique CFS configuration.

    +

    NOTE: Ensure that the PLAY RECAPs for each session show successes for all +manager NCNs before proceeding.

    +
    6. +
  6. +

    Verify the new version of the SAT CLI.

    +

    NOTE: This version number will differ from the version number of the SAT +release distribution. This is the semantic version of the SAT Python package, +which is different from the version number of the overall SAT release distribution.

    +
    ncn-m001# sat --version
+3.9.0
+
    7. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-23/introduction/index.html b/en-23/introduction/index.html new file mode 100644 index 0000000000..0e051c8096 --- /dev/null +++ b/en-23/introduction/index.html @@ -0,0 +1,823 @@ + + + + + + + + + + + + Introduction to SAT :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

Introduction to SAT

+

About System Admin Toolkit (SAT)

+

The System Admin Toolkit (SAT) is designed to assist administrators with common tasks, such as troubleshooting and +querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware +components.

+

SAT offers a command line utility which uses subcommands. There are similarities between SAT commands and xt commands +used on the Cray XC platform. For more information on SAT commands, see System Admin Toolkit Command Overview.

+

Six Kibana Dashboards are included with SAT. They provide organized output for system health information.

+ +

Four Grafana Dashboards are included with SAT. They display messages that are generated by the HSN (High Speed Network) and +are reported through Redfish.

+ +

SAT is installed as a separate product as part of the HPE Cray EX System base installation.

+

System Admin Toolkit Command Overview

+

Describes the SAT Command Line Utility, lists the key commands found in the System Admin Toolkit man pages, and provides +instruction on the SAT Container Environment.

+

SAT Command Line Utility

+

The primary component of the System Admin Toolkit (SAT) is a command-line utility run from Kubernetes manager nodes +(ncn-m nodes).

+

It is designed to assist administrators with common tasks, such as troubleshooting and querying information about the +HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components. There are +similarities between SAT commands and xt commands used on the Cray XC platform.

+

SAT Commands

+

The top-level SAT man page describes the toolkit, documents the global options affecting all subcommands, documents +configuration file options, and references the man page for each subcommand. SAT consists of many subcommands that each +have their own set of options.

+

SAT Container Environment

+

The sat command-line utility runs in a container using podman, a daemonless container runtime. SAT runs on Kubernetes +manager nodes. A few important points about the SAT container environment include the following:

+
    +
  • Using either sat or sat bash always launches a container.
    • +
  • The SAT container does not have access to the NCN file system.
    • +
+

There are two ways to run sat.

+
    +
  • Interactive: Launching a container using sat bash, followed by a sat command.
    • +
  • Non-interactive: Running a sat command directly on a Kubernetes manager node.
    • +
+

In both of these cases, a container is launched in the background to execute the command. The first option, running +sat bash first, gives an interactive shell, at which point sat commands can be run. In the second option, the +container is launched, executes the command, and upon the command’s completion the container exits. The following two +examples show the same action, checking the system status, using interactive and non-interactive modes.

+

Interactive

+
ncn-m001# sat bash
+(CONTAINER-ID)sat-container# sat status
+

Non-interactive

+
ncn-m001# sat status
+

Interactive Advantages

+

Running sat using the interactive command prompt gives the ability to read and write local files on ephemeral +container storage. If multiple sat commands are being run in succession, then use sat bash to launch the +container beforehand. This will save time because the container does not need to be launched for each sat command.

+

Non-interactive Advantages

+

The non-interactive mode is useful if calling sat with a script, or when running a single sat command as a part of +several steps that need to be executed from a management NCN.

+

Man Pages - Interactive and Non-interactive Modes

+

To view a sat man page from a Kubernetes manager node, use sat-man on the manager node as shown in the following +example.

+
ncn-m001# sat-man status
+

A man page describing the SAT container environment is available on the Kubernetes manager nodes, which can be viewed +either with man sat or man sat-podman from the manager node.

+
ncn-m001# man sat
+
ncn-m001# man sat-podman
+

Command Prompt Conventions in SAT

+

The host name in a command prompt indicates where the command must be run. The account that must run the command is +also indicated in the prompt.

+
    +
  • The root or super-user account always has the # character at the end of the prompt and has the host name of the +host in the prompt.
    • +
  • Any non-root account is indicated with account@hostname>. A user account that is neither root nor crayadm is +referred to as user.
    • +
  • The command prompt inside the SAT container environment is indicated with the string as follows. It also has the “#” +character at the end of the prompt.
    • +
+ + + + + + + + + + + + + + + + + +
Command PromptMeaning
ncn-m001#Run on one of the Kubernetes Manager servers. (Non-interactive)
(CONTAINER_ID) sat-container#Run the command inside the SAT container environment by first running sat bash. (Interactive)
+

Examples of the sat status command used by an administrator:

+
ncn-m001# sat status
+
ncn-m001# sat bash
+(CONTAINER_ID) sat-container# sat status
+

SAT Dependencies

+

Most sat subcommands depend on services or components from other products in the +HPE Cray EX (Shasta) software stack. The following list shows these dependencies +for each subcommand. Each service or component is listed under the product it belongs to.

+

sat auth

+

CSM

+
    +
  • Keycloak
    • +
+

sat bmccreds

+

CSM

+
    +
  • System Configuration Service (SCSD)
    • +
+

sat bootprep

+

CSM

+
    +
  • Boot Orchestration Service (BOS)
    • +
  • Configuration Framework Service (CFS)
    • +
  • Image Management Service (IMS)
    • +
  • Version Control Service (VCS)
    • +
  • Kubernetes
    • +
  • S3
    • +
+

sat bootsys

+

CSM

+
    +
  • Boot Orchestration Service (BOS)
    • +
  • Cray Advanced Platform Monitoring and Control (CAPMC)
    • +
  • Ceph
    • +
  • Compute Rolling Upgrade Service (CRUS)
    • +
  • Etcd
    • +
  • Firmware Action Service (FAS)
    • +
  • Hardware State Manager (HSM)
    • +
  • Kubernetes
    • +
  • S3
    • +
+

COS

+
    +
  • Node Memory Dump (NMD)
    • +
+

sat diag

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

CSM-Diag

+
    +
  • Fox
    • +
+

sat firmware

+

CSM

+
    +
  • Firmware Action Service (FAS)
    • +
+

sat hwhist

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat hwinv

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat hwmatch

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat init

+

None

+

sat k8s

+

CSM

+
    +
  • Kubernetes
    • +
+

sat nid2xname

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat sensors

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
  • HM Collector
    • +
+

SMA

+
    +
  • Telemetry API
    • +
+

sat setrev

+

CSM

+
    +
  • S3
    • +
+

sat showrev

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
  • Kubernetes
    • +
  • S3
    • +
+

sat slscheck

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
  • Kubernetes
    • +
  • S3
    • +
+

sat status

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat swap

+

Slingshot

+
    +
  • Fabric Manager
    • +
+

sat switch

+

Deprecated: See sat swap

+

sat xname2nid

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-23/release_notes/index.html b/en-23/release_notes/index.html new file mode 100644 index 0000000000..07443f28eb --- /dev/null +++ b/en-23/release_notes/index.html @@ -0,0 +1,1132 @@ + + + + + + + + + + + + SAT Release Notes :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Release Notes

+

Summary of Changes in SAT 2.3

+

The 2.3.4 version of the SAT product includes:

+
    +
  • Version 3.15.4 of the sat python package and CLI
    • +
  • Version 1.6.11 of the sat-podman wrapper script
    • +
  • Version 1.2.0 of the sat-cfs-install container image
    • +
  • Version 2.0.0 of the sat-cfs-install Helm chart
    • +
  • Version 1.5.0 of the sat-install-utility container image
    • +
  • Version 2.0.3 of the cfs-config-util container image
    • +
+

New sat Commands

+

None.

+

Current Working Directory in SAT Container

+

When running sat commands, the current working directory is now mounted in the +container as /sat/share, and the current working directory within the container +is also /sat/share.

+

Files in the current working directory must be specified using relative paths to +that directory, because the current working directory is always mounted on /sat/share. +Absolute paths should be avoided, and paths that are outside of $HOME or $PWD +are never accessible to the container environment.

+

The home directory is still mounted on the same path inside the container as it +is on the host.

+

Changes to sat bootsys

+

The following options were added to sat bootsys.

+
    +
  • --bos-limit
    • +
  • --recursive
    • +
+

The --bos-limit option passes a given limit string to a BOS session. The --recursive +option specifies a slot or other higher-level component in the limit string

+

Changes to sat bootprep

+

The --delete-ims-jobs option was added to sat bootprep run. It deletes IMS +jobs after sat bootprep is run. Jobs are no longer deleted by default.

+

Changes to sat status

+

sat status now includes information about nodes’ CFS configuration statuses, such +as desired configuration, configuration status, and error count.

+

The output of sat status now splits different component types into different report tables.

+

The following options were added to sat status.

+
    +
  • --hsm-fields, --sls-fields, --cfs-fields
    • +
  • --bos-template
    • +
+

The --hsm-fields, --sls-fields, --cfs-fields options limit the output columns +according to specified CSM services.

+

The --bos-template option filters the status report according to the specified +session template’s boot sets.

+

Compatibility with CSM 1.2

+

The following components were modified to be compatible with CSM 1.2.

+
    +
  • sat-cfs-install container image and Helm chart
    • +
  • sat-install-utility container image
    • +
  • SAT product installer
    • +
+

GPG Checking

+

The sat-ncn ansible role provided by sat-cfs-install was modified to enable +GPG checks on packages while leaving GPG checks disabled on repository metadata.

+

Security

+

Updated urllib3 dependency to version 1.26.5 to mitigate CVE-2021-33503 and refreshed +Python dependency versions.

+

Bug Fixes

+

Minor bug fixes were made in each of the repositories. For full change lists, see each +repository’s CHANGELOG.md file.

+

The known issues listed under the SAT 2.2 release were fixed.

+

Summary of changes in SAT 2.2

+

SAT 2.2.16 was released on February 25th, 2022.

+

This version of the SAT product included:

+
    +
  • Version 3.14.0 of the sat python package and CLI
    • +
  • Version 1.6.4 of the sat-podman wrapper script
    • +
  • Version 1.0.4 of the sat-cfs-install container image and Helm chart
    • +
+

It also added the following new components:

+
    +
  • Version 1.4.3 of the sat-install-utility container image
    • +
  • Version 2.0.2 of the cfs-config-util container image
    • +
+

The following sections detail the changes in this release.

+

Known issues in SAT 2.2

+

sat command unavailable in sat bash shell

+

After launching a shell within the SAT container with sat bash, the sat command will not +be found. For example:

+
(CONTAINER-ID) sat-container:~ # sat status
+bash: sat: command not found
+

This can be resolved temporarily in one of two ways. /sat/venv/bin/ may be prepended to the +$PATH environment variable:

+
(CONTAINER-ID) sat-container:~ # export PATH=/sat/venv/bin:$PATH
+(CONTAINER-ID) sat-container:~ # sat status
+

Or, the file /sat/venv/bin/activate may be sourced:

+
(CONTAINER-ID) sat-container:~ # source /sat/venv/bin/activate
+(CONTAINER-ID) sat-container:~ # sat status
+

Tab completion unavailable in sat bash shell

+

After launching a shell within the SAT container with sat bash, tab completion for sat +commands does not work.

+

This can be resolved temporarily by sourcing the file /etc/bash_completion.d/sat-completion.bash:

+
source /etc/bash_completion.d/sat-completion.bash
+

OCI runtime permission error when running sat in root directory

+

sat commands will not work if the current directory is /. For example:

+
ncn-m001:/ # sat --help
+Error: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: open /dev/console: operation not permitted: OCI runtime permission denied error
+

To resolve, run sat in another directory.

+

Duplicate mount error when running sat in config directory

+

sat commands will not work if the current directory is ~/.config/sat. For example:

+
ncn-m001:~/.config/sat # sat --help
+Error: /root/.config/sat: duplicate mount destination
+

To resolve, run sat in another directory.

+

New sat commands

+
    +
  • sat bootprep automates the creation of CFS configurations, the build and +customization of IMS images, and the creation of BOS session templates. See +SAT Bootprep for details.
    • +
  • sat slscheck performs a check for consistency between the System Layout +Service (SLS) and the Hardware State Manager (HSM).
    • +
  • sat bmccreds provides a simple interface for interacting with the System +Configuration Service (SCSD) to set BMC Redfish credentials.
    • +
  • sat hwhist displays hardware component history by xname (location) or by +its Field-Replaceable Unit ID (FRUID). This command queries the Hardware +State Manager (HSM) API to obtain this information. Since the sat hwhist +command supports querying for the history of a component by its FRUID, the +FRUID of components has been added to the output of sat hwinv.
    • +
+

Additional Install Automation

+

The following automation has been added to the install script, install.sh:

+
    +
  • Wait for the completion of the sat-config-import Kubernetes job, which is +started when the sat-cfs-install Helm chart is deployed.
    • +
  • Automate the modification of the CFS configuration, which applies to master +management NCNs (e.g. “ncn-personalization”).
    • +
+

Changes to Product Catalog Data Schema

+

The SAT product uploads additional information to the cray-product-catalog +Kubernetes ConfigMap detailing the components it provides, including container +(Docker) images, Helm charts, RPMs, and package repositories.

+

This information is used to support uninstall and activation of SAT product +versions moving forward.

+

Support for Uninstall and Activation of SAT Versions

+

Beginning with the 2.2 release, SAT now provides partial support for the +uninstall and activation of the SAT product stream.

+

See Uninstall: Removing a Version of SAT +and Activate: Switching Between Versions +for details.

+

Improvements to sat status

+

A Subrole column has been added to the output of sat status. This allows you +to easily differentiate between master, worker, and storage nodes in the +management role, for example.

+

Hostname information from SLS has been added to sat status output.

+

Added Support for JSON Output

+

Support for JSON-formatted output has been added to commands which currently +support the --format option, such as hwinv, status, and showrev.

+

Usability Improvements

+

Many usability improvements have been made to multiple sat commands, +mostly related to filtering command output. The following are some highlights:

+
    +
  • Added --fields option to display only specific fields for subcommands which +display tabular reports.
    • +
  • Added ability to filter on exact matches of a field name.
    • +
  • Improved handling of multiple matches of a field name in --filter queries +so that the first match is used, similar to --sort-by.
    • +
  • Added support for --filter, --fields, and --reverse for summaries +displayed by sat hwinv.
    • +
  • Added borders to summary tables generated by sat hwinv.
    • +
  • Improved documentation in the man pages.
    • +
+

Default Log Level Changed

+

The default log level for stderr has been changed from “WARNING” to “INFO”. For +details, see SAT Logging.

+

More Granular Log Level Configuration Options

+

With the command-line options --loglevel-stderr and --loglevel-file, the log level +can now be configured separately for stderr and the log file.

+

The existing --loglevel option is now an alias for the --loglevel-stderr option.

+

Podman Wrapper Script Improvements

+

The Podman wrapper script is the script installed at /usr/bin/sat on the +master management NCNs by the cray-sat-podman RPM that runs the cray-sat +container in podman. The following subsections detail improvements that were +made to the wrapper script in this release.

+

Mounting of $HOME and Current Directories in cray-sat Container

+

The Podman wrapper script that launches the cray-sat container with podman +has been modified to mount the user’s current directory and home directory into +the cray-sat container to provide access to local files in the container.

+

Podman Wrapper Script Documentation Improvements

+

The man page for the Podman wrapper script, which is accessed by typing man sat on a master management NCN, has been improved to document the following:

+
    +
  • Environment variables that affect execution of the wrapper script
    • +
  • Host files and directories mounted in the container
    • +
+

Fixes to Podman Wrapper Script Output Redirection

+

Fixed issues with redirecting stdout and stderr, and piping output to commands, +such as awk, less, and more.

+

Configurable HTTP Timeout

+

A new sat option has been added to configure the HTTP timeout length for +requests to the API gateway. See sat-man sat for details.

+

sat bootsys Improvements

+

Many improvements and fixes have been made to sat bootsys. The following are some +highlights:

+
    +
  • Added the --excluded-ncns option, which can be used to omit NCNs +from the platform-services and ncn-power stages in case they are +inaccessible.
    • +
  • Disruptive shutdown stages in sat bootsys shutdown now prompt the user to +continue before proceeding. A new option, --disruptive, will bypass this.
    • +
  • Improvements to Ceph service health checks and restart during the platform-services +stage of sat bootsys boot.
    • +
+

sat xname2nid Improvements

+

sat xname2nid can now recursively expand slot, chassis, and cabinet xnames to +a list of nids in those locations.

+

A new --format option has been added to sat xname2nid. It sets the output format to +either “range” (the default) or “nid”. The “range” format displays nids in a +compressed range format suitable for use with a workload manager like Slurm.

+

Usage of v2 HSM API

+

The commands which interact with HSM (e.g., sat status and sat hwinv) now +use the v2 HSM API.

+

sat diag Limited to HSN Switches

+

sat diag will now only operate against HSN switches by default. These are the +only controllers that support running diagnostics with HMJTD.

+

sat showrev Enhancements

+

A column has been added to the output of sat showrev that indicates whether a +product version is “active”. The definition of “active” varies across products, +and not all products may set an “active” version.

+

For SAT, the active version is the one with its hosted-type package repository in +Nexus set as the member of the group-type package repository in Nexus, +meaning that it will be used when installing the cray-sat-podman RPM.

+

cray-sat Container Image Size Reduction

+

The size of the cray-sat container image has been approximately cut in half by +leveraging multi-stage builds. This also improved the repeatability of the unit +tests by running them in the container.

+

Bug Fixes

+

Minor bug fixes were made in cray-sat and in cray-sat-podman. For full change lists, +see each repository’s CHANGELOG.md file.

+

Summary of SAT changes in Shasta v1.5

+

We released version 2.1.16 of the SAT product in Shasta v1.5.

+

This version of the SAT product included:

+
    +
  • Version 3.7.4 of the sat python package and CLI
    • +
  • Version 1.4.10 of the sat-podman wrapper script
    • +
+

It also added the following new component:

+
    +
  • Version 1.0.3 of the sat-cfs-install docker image and helm chart
    • +
+

The following sections detail the changes in this release.

+

Install Changes to Separate Product from CSM

+

This release further decouples the installation of the SAT product from the CSM +product. The cray-sat-podman RPM is no longer installed in the management +non-compute node (NCN) image. Instead, the cray-sat-podman RPM is installed on +all master management NCNs via an Ansible playbook which is referenced by a +layer of the CFS configuration that applies to management NCNs. This CFS +configuration is typically named “ncn-personalization”.

+

The SAT product now includes a Docker image and a Helm chart named +sat-cfs-install. The SAT install script, install.sh, deploys the Helm chart +with Loftsman. This helm chart deploys a Kubernetes job that imports the +SAT Ansible content to a git repository in VCS (Gitea) named sat-config-management. +This repository is referenced by the layer added to the NCN personalization +CFS configuration.

+

Removal of Direct Redfish Access

+

All commands which used to access Redfish directly have either been removed or +modified to use higher-level service APIs. This includes the following commands:

+
    +
  • sat sensors
    • +
  • sat diag
    • +
  • sat linkhealth
    • +
+

The sat sensors command has been rewritten to use the SMA telemetry API to +obtain the latest sensor values. The command’s usage has changed slightly, but +legacy options work as before, so it is backwards compatible. Additionally, new +commands have been added.

+

The sat diag command has been rewritten to use a new service called Fox, which +is delivered with the CSM-diags product. The sat diag command now launches +diagnostics using the Fox service, which launches the corresponding diagnostic +executables on controllers using the Hardware Management Job and Task Daemon +(HMJTD) over Redfish. Essentially, Fox serves as a proxy for us to start +diagnostics over Redfish.

+

The sat linkhealth command has been removed. Its functionality has been +replaced by functionality from the Slingshot Topology Tool (STT) in the +fabric manager pod.

+

The Redfish username and password command line options and config file options +have been removed. For further instructions, see Remove Obsolete Configuration +File Sections.

+

Additional Fields in sat setrev and sat showrev

+

sat setrev now collects the following information from the admin, which is then displayed by sat showrev:

+
    +
  • System description
    • +
  • Product number
    • +
  • Company name
    • +
  • Country code
    • +
+

Additional guidance and validation has been added to each field collected by +sat setrev. This sets the stage for sdu setup to stop collecting this +information and instead collect it from sat showrev or its S3 bucket.

+

Improvements to sat bootsys

+

The platform-services stage of the sat bootsys boot command has been +improved to start inactive Ceph services, unfreeze Ceph, and wait for Ceph +health in the correct order. The ceph-check stage has been removed as it is no +longer needed.

+

The platform-services stage of sat bootsys boot now prompts for confirmation +of the storage NCN hostnames in addition to the Kubernetes masters and workers.

+

Bug Fixes and Security Fixes

+
    +
  • Improved error handling in sat firmware.
    • +
  • Incremented version of Alpine Linux to 3.13.2 to address a security +vulnerability.
    • +
+

Other Notable Changes

+
    +
  • Ansible has been removed from the cray-sat container image.
    • +
  • Support for the Firmware Update Service (FUS) has been removed from the sat firmware command.
    • +
+

Summary of SAT Changes in Shasta v1.4.1

+

We released version 2.0.4 of the SAT product in Shasta v1.4.1.

+

This version of the SAT product included:

+
    +
  • Version 3.5.0 of the sat python package and CLI.
    • +
  • Version 1.4.3 of the sat-podman wrapper script.
    • +
+

The following sections detail the changes in this release.

+

New Commands to Translate Between NIDs and XNames

+

Two new commands were added to translate between NIDs and XNames:

+
    +
  • sat nid2xname
    • +
  • sat xname2nid
    • +
+

These commands perform this translation by making requests to the Hardware +State Manager (HSM) API.

+

Bug Fixes

+
    +
  • Fixed a problem in sat swap where creating the offline port policy failed.
    • +
  • Changed sat bootsys shutdown --stage bos-operations to no longer forcefully +power off all compute nodes and application nodes using CAPMC when BOS +sessions complete or time out.
    • +
  • Fixed an issue with the command sat bootsys boot --stage cabinet-power.
    • +
+

Summary of SAT Changes in Shasta v1.4

+

In Shasta v1.4, SAT became an independent product, which meant we began to +designate a version number for the entire SAT product. We released version +2.0.3 of the SAT product in Shasta v1.4.

+

This version of the SAT product included the following components:

+
    +
  • Version 3.4.0 of the sat python package and CLI
    • +
+

It also added the following new component:

+
    +
  • Version 1.4.2 of the sat-podman wrapper script
    • +
+

The following sections detail the changes in this release.

+

SAT as an Independent Product

+

SAT is now packaged and released as an independent product. The product +deliverable is called a “release distribution”. The release distribution is a +gzipped tar file containing an install script. This install script loads the +cray/cray-sat container image into the Docker registry in Nexus and loads the +cray-sat-podman RPM into a package repository in Nexus.

+

In this release, the cray-sat-podman package is still installed in the master +and worker NCN images provided by CSM. This is changed in SAT 2.1.16 released in +Shasta v1.5.

+

SAT Running in a Container Under Podman

+

The sat command now runs in a container under Podman. The sat executable is +now installed on all nodes in the Kubernetes management cluster (i.e., workers +and masters). This executable is a wrapper script that starts a SAT container in +Podman and invokes the sat Python CLI within that container. The admin can run +individual sat commands directly on the master or worker NCNs as before, or +they can run sat commands inside the SAT container after using sat bash to +enter an interactive shell inside the SAT container.

+

To view man pages for sat commands, the user can run sat-man SAT_COMMAND, +replacing SAT_COMMAND with the name of the sat command. Alternatively, +the user can enter the sat container with sat bash and use the man command.

+

New sat init Command and Config File Location Change

+

The default location of the SAT config file has been changed from /etc/sat.toml +to ~/.config/sat/sat.toml. A new command, sat init, has been added that +initializes a configuration file in the new default directory. This better supports +individual users on the system who want their own config files.

+

~/.config/sat is mounted into the container that runs under Podman, so changes +are persistent across invocations of the sat container. If desired, an alternate +configuration directory can be specified with the SAT_CONFIG_DIR environment variable.

+

Additionally, if a config file does not yet exist when a user runs a sat +command, one is generated automatically.

+

Additional Types Added to sat hwinv

+

Additional functionality has been added to sat hwinv including:

+
    +
  • List node enclosure power supplies with the --list-node-enclosure-power-supplies option.
    • +
  • List node accelerators (e.g., GPUs) with the --list-node-accels option. The count of +node accelerators is also included for each node.
    • +
  • List node accelerator risers (e.g., Redstone modules) with the --list-node-accel-risers +option. The count of node accelerator risers is also included for each node.
    • +
  • List High-Speed Node Network Interface Cards (HSN NICs) with the --list-node-hsn-nics +option. The count of HSN NICs is also included for each node.
    • +
+

Documentation for these new options has been added to the man page for sat hwinv.

+

Site Information Stored by sat setrev in S3

+

The sat setrev and sat showrev commands now use S3 to store and obtain site +information, including system name, site name, serial number, install date, and +system type. Since the information is stored in S3, it will now be consistent +regardless of the node on which sat is executed.

+

As a result of this change, S3 credentials must be configured for SAT. For detailed +instructions, see Generate SAT S3 Credentials.

+

Product Version Information Shown by sat showrev

+

sat showrev now shows product information from the cray-product-catalog +ConfigMap in Kubernetes.

+

Additional Changes to sat showrev

+

The output from sat showrev has also been changed in the following ways:

+
    +
  • The --docker and --packages options were considered misleading and have +been removed.
    • +
  • Information pertaining to only to the local host, where the command is run, +has been moved to the output of the --local option.
    • +
+

Removal of sat cablecheck

+

The sat cablecheck command has been removed. To verify that the system’s Slingshot +network is cabled correctly, admins should now use the show cables command in the +Slingshot Topology Tool (STT).

+

sat swap Command Compatibility with Next-gen Fabric Controller

+

The sat swap command was added in Shasta v1.3.2. This command used the Fabric +Controller API. Shasta v1.4 introduced a new Fabric Manager API and removed the +Fabric Controller API, so this command has been rewritten to use the new +backwards-incompatible API. Usage of the command did not change.

+

sat bootsys Functionality

+

Much of the functionality added to sat bootsys in Shasta v1.3.2 was broken +by changes introduced in Shasta v1.4, which removed the Ansible inventory +and playbooks.

+

The functionality in the platform-services stage of sat bootsys has been +re-implemented to use python directly instead of Ansible. This resulted in +a more robust procedure with better logging to the sat log file. Failures +to stop containers on Kubernetes nodes are handled more gracefully, and +more information about the containers that failed to stop, including how to +debug the problem, is included.

+

Improvements were made to console logging setup for non-compute nodes +(NCNs) when they are shut down and booted.

+

The following improvements were made to the bos-operations stage +of sat bootsys:

+
    +
  • More information about the BOS sessions, BOA jobs, and BOA pods is printed.
    • +
  • A command-line option, --bos-templates, and a corresponding config-file +option, bos_templates, were added, and the --cle-bos-template and +--uan-bos-template options and their corresponding config file options were +deprecated.
    • +
+

The following functionality has been removed from sat bootsys:

+
    +
  • The hsn-bringup stage of sat bootsys boot has been removed due to removal +of the underlying Ansible playbook.
    • +
  • The bgp-check stage of sat bootys {boot,shutdown} has been removed. It is +now a manual procedure.
    • +
+

Log File Location Change

+

The location of the sat log file has changed from /var/log/cray/sat.log to +/var/log/cray/sat/sat.log. This change simplifies mounting this file into the +sat container running under Podman.

+

Summary of SAT Changes in Shasta v1.3.2

+

Shasta v1.3.2 included version 2.4.0 of the sat python package and CLI.

+

The following sections detail the changes in this release.

+

sat swap Command for Switch and Cable Replacement

+

The sat switch command which supported operations for replacing a switch has +been deprecated and replaced with the sat swap command, which now supports +replacing a switch OR cable.

+

The sat swap switch command is equivalent to sat switch. The sat switch +command will be removed in a future release.

+

Addition of Stages to sat bootsys Command

+

The sat bootsys command now has multiple stages for both the boot and +shutdown actions. Please refer to the “System Power On Procedures” and “System +Power Off Procedures” sections of the Cray Shasta Administration Guide (S-8001) +for more details on using this command in the context of a full system power off +and power on.

+

Summary of SAT Changes in Shasta v1.3

+

Shasta v1.3 included version 2.2.3 of the sat python package and CLI.

+

This version of the sat CLI contained the following commands:

+
    +
  • auth
    • +
  • bootsys
    • +
  • cablecheck
    • +
  • diag
    • +
  • firmware
    • +
  • hwinv
    • +
  • hwmatch
    • +
  • k8s
    • +
  • linkhealth
    • +
  • sensors
    • +
  • setrev
    • +
  • showrev
    • +
  • status
    • +
  • swap
    • +
  • switch
    • +
+

See the System Admin Toolkit Command Overview +and the table of commands in the SAT Authentication section +of this document for more details on each of these commands.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-23/sitemap.xml b/en-23/sitemap.xml new file mode 100644 index 0000000000..3cc2f26aa9 --- /dev/null +++ b/en-23/sitemap.xml @@ -0,0 +1,308 @@ + + + + /docs-sat/en-23/ + 2024-12-11T03:40:00+00:00 + + + + + + + + /docs-sat/en-23/dashboards/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-23/install/ + 2024-12-11T03:40:00+00:00 + + + + + + + + /docs-sat/en-23/introduction/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-23/dashboards/sat_grafana_dashboards/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-23/dashboards/sat_kibana_dashboards/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-23/release_notes/ + 2024-12-11T03:40:00+00:00 + + + + + + + + /docs-sat/en-23/usage/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-23/categories/ + + + + + + + + /docs-sat/en-23/tags/ + + + + + + + + diff --git a/en-23/tags/index.html b/en-23/tags/index.html new file mode 100644 index 0000000000..dcecd78679 --- /dev/null +++ b/en-23/tags/index.html @@ -0,0 +1,579 @@ + + + + + + + + + + + + Tags :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ + tag :: + +

+ + + + + + + + +
    + +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-23/tags/index.xml b/en-23/tags/index.xml new file mode 100644 index 0000000000..b732ee9033 --- /dev/null +++ b/en-23/tags/index.xml @@ -0,0 +1,11 @@ + + + + Tags on System Admin Toolkit (SAT) + /docs-sat/en-23/tags/ + Recent content in Tags on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-23 + + + diff --git a/en-23/usage/index.html b/en-23/usage/index.html new file mode 100644 index 0000000000..5120166708 --- /dev/null +++ b/en-23/usage/index.html @@ -0,0 +1,858 @@ + + + + + + + + + + + + SAT Usage :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Usage

+

SAT Bootprep

+

SAT provides an automated solution for creating CFS configurations, building +and configuring images in IMS, and creating BOS session templates based on a +given input file which defines how those configurations, images, and session +templates should be created.

+

This automated process centers around the sat bootprep command. Man page +documentation for sat bootprep can be viewed similarly to other SAT commands.

+
ncn-m001# sat-man sat-bootprep
+

SAT Bootprep vs SAT Bootsys

+

sat bootprep is used to create CFS configurations, build and +rename IMS images, and create BOS session templates which tie the +configurations and images together during a BOS session.

+

sat bootsys automates several portions of the boot and shutdown processes, +including (but not limited to) performing BOS operations (such as creating BOS +sessions), powering on and off cabinets, and checking the state of the system +prior to shutdown.

+

Editing a bootprep input file

+

The input file provided to sat bootprep is a YAML-formatted file containing +information which CFS, IMS, and BOS use to create configurations, images, and +BOS session templates respectively. Writing and modifying these input files is +the main task associated with using sat bootprep. An input file is composed of +three main sections, one each for configurations, images, and session templates. +These sections may be specified in any order, and any of the sections may be +omitted if desired.

+

Creating CFS configurations

+

The configurations section begins with a configurations: key.

+
---
+configurations:
+

Under this key, the user can list one or more configurations to create. For +each configuration, a name should be given, in addition to the list of layers +which comprise the configuration. Each layer can be defined by a product name +and optionally a version number, or commit hash or branch in the product’s +configuration repository. Alternatively, a layer can be defined by a Git +repository URL directly, along with an associated branch or commit hash.

+

When a configuration layer is specified in terms of a product name, the layer +is created in CFS by looking up relevant configuration information (including +the configuration repository and commit information) from the +cray-product-catalog Kubernetes ConfigMap as necessary. A version may be +supplied, but if it is absent, the version is assumed to be the latest version +found in the cray-product-catalog.

+
---
+configurations:
+- name: example-configuration
+  layers:
+  - name: example product
+    playbook: example.yml
+    product:
+      name: example
+      version: 1.2.3
+

Alternatively, a configuration layer may be specified by explicitly referencing +the desired configuration repository, along with the branch containing the +intended version of the Ansible playbooks. A commit hash may be specified by replacing +branch with commit.

+
  ...
+  - name: another example product
+    playbook: another-example.yml
+    git:
+      url: "https://vcs.local/vcs/another-example-config-management.git"
+      branch: main
+  ...
+

When sat bootprep is run against an input file, a CFS configuration will be +created corresponding to each configuration in the configurations section. For +example, the configuration created from an input file with the layers listed +above might look something like the following:

+
{
+    "lastUpdated": "2022-02-07T21:47:49Z",
+    "layers": [
+        {
+            "cloneUrl": "https://vcs.local/vcs/example-config-management.git",
+            "commit": "<commit hash>",
+            "name": "example product",
+            "playbook": "example.yml"
+        },
+        {
+            "cloneUrl": "https://vcs.local/vcs/another-example-config-management.git",
+            "commit": "<commit hash>",
+            "name": "another example product",
+            "playbook": "another-example.yml"
+        }
+    ],
+    "name": "example-configuration"
+}
+

Creating IMS images

+

After specifying configurations, the user may add images to the input file +which are to be built by IMS. To add an images section, the user should add +an images key.

+
---
+configurations:
+  ... (omitted for brevity)
+images:
+

Under the images key, the user may define one or more images to be created in +a list. Each element of the list defines a separate IMS image to be built and/or +configured. Images must contain a name, as well as an ims section containing a +definition of the image to be built and/or configured. Images may be defined by +an image recipe, or by a pre-built image. Recipes and pre-built images are +referred to by their names or IDs in IMS. The ims section should also contain +an is_recipe property, which indicates whether the name or ID refers to an +image recipe or a pre-built image. Images may also optionally provide a text +description of the image. This description is not stored or used by sat bootprep or any CSM services, but is useful for documenting images in the input +file.

+
---
+configurations:
+  ... (omitted for brevity)
+images:
+- name: example-compute-image
+  description: >
+    An example compute node image for illustrative purposes.
+  ims:
+    name: example-compute-image-recipe
+    is_recipe: true
+- name: another-example-compute-image
+  description: >
+    Another example compute node image.
+  ims:
+    id: <IMS image UUID>
+    is_recipe: false
+

Images may also contain a configuration property in their definition, which +specifies a configuration with which to customize the built image prior to +booting. If a configuration is specified, then configuration groups must also +be specified using the configuration_group_names property.

+
---
+configurations:
+  ... (omitted for brevity)
+images:
+- name: example-compute-image
+  description: >
+    An example compute node image for illustrative purposes.
+  ims:
+    name: example-compute-image-recipe
+    is_recipe: true
+  configuration: example configuration
+  configuration_group_names:
+  - Compute
+

Creating BOS session templates

+

BOS session templates are the final section of the input file, and are defined +under the session_templates key.

+
---
+configurations:
+  ... (omitted for brevity)
+images:
+  ... (omitted for brevity)
+session_templates:
+

Each session template is defined in terms of its name, an image, a +configuration, and a set of parameters which can be used to configure the +session. The name, image, and configuration are specified with their respective +name, image, and configuration keys. bos_parameters may also be +specified; currently, the only setting under bos_parameters that is supported +is boot_sets, which can be used to define boot sets in the BOS session +template. Each boot set is defined under its own property under boot_sets, and +the value of each boot set can contain the following properties, all of +which are optional:

+
    +
  • kernel_parameters: the parameters passed to the kernel on the command line
    • +
  • network: the network over which the nodes will boot
    • +
  • node_list: nodes to add to the boot set
    • +
  • node_roles_groups: HSM roles to add to the boot set
    • +
  • node_groups: HSM groups to add to the boot set
    • +
  • rootfs_provider: the root file system provider
    • +
  • rootfs_provider_passthrough: parameters to add to the rootfs= kernel +parameter
    • +
+

The properties listed previously are the same as the parameters that can be +specified directly through BOS boot sets. More information can be found in the +CSM documentation on session +templates. +Additional properties not listed are passed through to the BOS session template +as written.

+

An example session template might look like the following:

+
configurations:
+  ... (omitted for brevity)
+images:
+  ... (omitted for brevity)
+session_templates:
+- name: example-session-template
+  image: example-image
+  configuration: example-configuration
+  bos_parameters:
+    boot_sets:
+      example_boot_set:
+        kernel_parameters: ip=dhcp quiet
+        node_list: []
+        rootfs_provider: cpss3
+        rootfs_provider_passthrough: dvs:api-gw-service-nmn.local:300:nmn0
+

Example bootprep input files

+

Putting together all of the previous input file sections, an example bootprep input +file might look something like the following.

+
---
+configurations:
+- name: cos-config
+  layers:
+  - name: cos-integration-2.2.87
+    playbook: site.yml
+    product:
+      name: cos
+      version: 2.2.87
+      branch: integration
+  - name: cpe-integration-21.12.3
+    playbook: pe_deploy.yml
+    product:
+      name: cpe
+      version: 21.12.3
+      branch: integration
+  - name: slurm-master-1.1.1
+    playbook: site.yml
+    product:
+      name: slurm
+      version: 1.1.1
+      branch: master
+images:
+- name: cray-shasta-compute-sles15sp3.x86_64-2.2.35
+  ims:
+    is_recipe: true
+    name: cray-shasta-compute-sles15sp3.x86_64-2.2.35
+  configuration: cos-config
+  configuration_group_names:
+  - Compute
+session_templates:
+- name: cray-shasta-compute-sles15sp3.x86_64-2.2.35
+  image: cray-shasta-compute-sles15sp3.x86_64-2.2.35
+  configuration: cos-config
+  bos_parameters:
+    boot_sets:
+      compute:
+        kernel_parameters: ip=dhcp quiet spire_join_token=${SPIRE_JOIN_TOKEN}
+        node_roles_groups:
+        - Compute
+

Creating a pre-populated example bootprep input file

+

It is possible to create an example bootprep input file using values from the +system’s product catalog using the sat bootprep generate-example command.

+
ncn-m001# sat bootprep generate-example
+INFO: Using latest version (2.3.24-20220113160653) of product cos
+INFO: Using latest version (21.11.4) of product cpe
+INFO: Using latest version (1.0.7) of product slurm
+INFO: Using latest version (1.1.24) of product analytics
+INFO: Using latest version (2.1.5) of product uan
+INFO: Using latest version (21.11.4) of product cpe
+INFO: Using latest version (1.0.7) of product slurm
+INFO: Using latest version (1.1.24) of product analytics
+INFO: Using latest version (2.3.24-20220113160653) of product cos
+INFO: Using latest version (2.1.5) of product uan
+INFO: Wrote example bootprep input file to ./example-bootprep-input.yaml.
+

This file should be reviewed and edited to match the desired parameters of the +configurations, images, and session templates.

+

Viewing built-in generated documentation

+

The contents of the YAML input files described above must conform to a schema +which defines the structure of the data. The schema definition is written using +the JSON Schema format. (Although the format is named “JSON Schema”, the schema +itself is written in YAML as well.) More information, including introductory +materials and a formal specification of the JSON Schema metaschema, can be found +on the JSON Schema website.

+

Viewing the exact schema specification

+

To view the exact schema specification, run sat bootprep view-schema.

+
ncn-m001# sat bootprep view-schema
+---
+$schema: "https://json-schema.org/draft-07/schema"
+title: Bootprep Input File
+description: >
+  A description of the set of CFS configurations to create, the set of IMS
+  images to create and optionally customize with the defined CFS configurations,
+  and the set of BOS session templates to create that reference the defined
+  images and configurations.
+type: object
+additionalProperties: false
+properties:
+  ...
+

Generating user-friendly documentation

+

The raw schema definition can be difficult to understand without experience +working with JSON Schema specifications. For this reason, a feature was included +which can generate user-friendly HTML documentation for the input file schema +which can be browsed with the user’s preferred web browser.

+
    +
  1. +

    Create a documentation tarball using sat bootprep.

    +
    ncn-m001# sat bootprep generate-docs
+INFO: Wrote input schema documentation to /root/bootprep-schema-docs.tar.gz
+

    An alternate output directory can be specified with the --output-dir +option. The generated tarball is always named bootprep-schema-docs.tar.gz.

    +
    ncn-m001# sat bootprep generate-docs --output-dir /tmp
+INFO: Wrote input schema documentation to /tmp/bootprep-schema-docs.tar.gz
+
    2. +
  2. +

    From another machine, copy the tarball to a local directory.

    +
    another-machine$ scp root@ncn-m001:bootprep-schema-docs.tar.gz .
+
    3. +
  3. +

    Extract the contents of the tarball and open the contained index.html.

    +
    another-machine$ tar xzvf bootprep-schema-docs.tar.gz
+x bootprep-schema-docs/
+x bootprep-schema-docs/index.html
+x bootprep-schema-docs/schema_doc.css
+x bootprep-schema-docs/schema_doc.min.js
+another-machine$ open bootprep-schema-docs/index.html
+
    4. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-24/404.html b/en-24/404.html new file mode 100644 index 0000000000..6fbed99adc --- /dev/null +++ b/en-24/404.html @@ -0,0 +1,59 @@ + + + + + + + + + 404 Page not found + + + + + + + + + + + + + + + + + + +
+
+
+
+

+

+

+

+

+

+

Page not found!

+
+
+ +
+ + + diff --git a/en-24/categories/index.html b/en-24/categories/index.html new file mode 100644 index 0000000000..9f768b9977 --- /dev/null +++ b/en-24/categories/index.html @@ -0,0 +1,703 @@ + + + + + + + + + + + + Categories :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ + category :: + +

+ + + + + + + + +
    + +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-24/categories/index.xml b/en-24/categories/index.xml new file mode 100644 index 0000000000..68f4b008af --- /dev/null +++ b/en-24/categories/index.xml @@ -0,0 +1,11 @@ + + + + Categories on System Admin Toolkit (SAT) + /docs-sat/en-24/categories/ + Recent content in Categories on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-24 + + + diff --git a/en-24/cne_install/index.html b/en-24/cne_install/index.html new file mode 100644 index 0000000000..6cc23db896 --- /dev/null +++ b/en-24/cne_install/index.html @@ -0,0 +1,775 @@ + + + + + + + + + + + + SAT Upgrade with CNE Installer :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Upgrade with CNE Installer

+

Upgrade the System Admin Toolkit Product Stream

+

Describes how to upgrade the System Admin Toolkit (SAT) product +stream by using the Compute Node Environment (CNE) installer (cne-install). +The CNE installer can be used only for upgrades and not for fresh installations. +For installation instructions, see Install the System Admin Toolkit Product +Stream.

+

Upgrading SAT with cne-install is recommended because the process is both +automated and logged to help you save time. The CNE installer can be used to +upgrade SAT alone or with other supported products. For more information +on cne-install and its options, refer to the HPE Cray EX System Software +Getting Started Guide (S-8000).

+

Prerequisites

+
    +
  • CSM is installed and verified.
    • +
  • There must be at least 2 gigabytes of free space on the manager NCN on which +the procedure is run.
    • +
+

Notes on the Procedures

+
    +
  • Ellipses (...) in shell output indicate omitted lines.
    • +
  • In the examples below, replace x.y.z with the version of the SAT product stream +being upgraded.
    • +
  • ‘manager’ and ‘master’ are used interchangeably in the steps below.
    • +
+

Pre-Upgrade Procedure

+
    +
  1. +

    Start a typescript and set the shell prompt.

    +

    The typescript will record the commands and the output from this upgrade. +The prompt is set to include the date and time.

    +
    ncn-m001# script -af product-sat.$(date +%Y-%m-%d).txt
+ncn-m001# export PS1='\u@\H \D{%Y-%m-%d} \t \w # '
+
    2. +
+

Upgrade Procedure

+
    +
  1. +

    Copy the release distribution gzipped tar file to ncn-m001.

    +

    The cne-install command installs all files in the media directory +by default. If you are upgrading SAT alone, ensure only the SAT tarball is in +the media directory.

    +
    2. +
  2. +

    Run the CNE installer.

    +
      +
    • +

      If you are upgrading SAT along with other supported products, run the +following command.

      +
      ncn-m001# cne-install -m MEDIA_DIR install -B WORKING_BRANCH -bpc BOOTPREP_CONFIG_CN \
+    -bpn BOOTPREP_CONFIG_NCN
+

      The cne-install command will use the provided BOOTPREP_CONFIG_CN and +BOOTPREP_CONFIG_NCN files for the run.

      +
      • +
    • +

      If you are upgrading SAT alone, run the following commands.

      +
      ncn-m001# cne-install -m MEDIA_DIR install -B '{{product_type}}-{{version_x_y_z}}' \
+    -bpn BOOTPREP_CONFIG_NCN -e update_working_branches
+ncn-m001# cne-install -m MEDIA_DIR install -B '{{product_type}}-{{version_x_y_z}}' \
+    -bpn BOOTPREP_CONFIG_NCN -b sat_bootprep_ncn -e ncn_personalization
+
      • +
    +
    3. +
  3. +

    Optional: Stop the typescript.

    +

    NOTE: This step can be skipped if you wish to use the same typescript +for the remainder of the SAT upgrade (see Next Steps).

    +
    ncn-m001# exit
+
    4. +
+

SAT version x.y.z is now upgraded, meaning the SAT x.y.z release +has been loaded into the system software repository.

+
    +
  • SAT configuration content for this release has been uploaded to VCS.
    • +
  • SAT content for this release has been uploaded to the CSM product catalog.
    • +
  • SAT content for this release has been uploaded to Nexus repositories.
    • +
  • The sat command is available.
    • +
+

Next Steps

+

At this point, the release distribution files can be removed from the system as +described in Post-Upgrade Cleanup Procedure.

+

If other HPE Cray EX software products are being upgraded in conjunction +with SAT, refer to the HPE Cray EX System Software Getting Started Guide +(S-8000) to determine which step +to execute next.

+

If no other HPE Cray EX software products are being upgraded at this time, +execute the SAT Post-Upgrade procedures:

+ +

Post-Upgrade Cleanup Procedure

+
    +
  1. +

    Optional: Remove the SAT release distribution tar file and extracted directory.

    +
    ncn-m001# rm sat-x.y.z.tar.gz
+ncn-m001# rm -rf sat-x.y.z/
+
    2. +
+

Remove Obsolete Configuration File Sections

+

Prerequisites

+ +

Procedure

+

After upgrading SAT, if using the configuration file from a previous version, +there may be configuration file sections no longer used in the new version. +For example, when upgrading from Shasta 1.4 to Shasta 1.5, the [redfish] +configuration file section is no longer used. In that case, the following +warning may appear upon running sat commands.

+
WARNING: Ignoring unknown section 'redfish' in config file.
+

Remove the [redfish] section from /root/.config/sat/sat.toml to resolve +the warning.

+
[redfish]
+username = "admin"
+password = "adminpass"
+

Repeat this process for any configuration file sections for which there are +“unknown section” warnings.

+

SAT Logging

+

As of SAT version 2.2, some command output that was previously printed to stdout +is now logged to stderr. These messages are logged at the INFO level. The +default logging threshold was changed from WARNING to INFO to accommodate +this logging change. Additionally, some messages previously logged at the INFO +are now logged at the DEBUG level.

+

These changes take effect automatically. However, if the default output threshold +has been manually set in ~/.config/sat/sat.toml, it should be changed to ensure +that important output is shown in the terminal.

+

Update Configuration

+

In the following example, the stderr log level, logging.stderr_level, is set to +WARNING, which will exclude INFO-level logging from terminal output.

+
ncn-m001:~ # grep -A 3 logging ~/.config/sat/sat.toml
+[logging]
+...
+stderr_level = "WARNING"
+

To enable the new default behavior, comment this line out, delete it, or set +the value to “INFO”.

+

If logging.stderr_level is commented out, its value will not affect logging +behavior. However, it may be helpful set its value to INFO as a reminder of +the new default behavior.

+

Affected Commands

+

The following commands trigger messages that have been changed from stdout +print calls to INFO-level (or WARNING- or ERROR-level) log messages:

+
    +
  • sat bootsys --stage shutdown --stage session-checks
    • +
  • sat sensors
    • +
+

The following commands trigger messages that have been changed from INFO-level +log messages to DEBUG-level log messages:

+
    +
  • sat nid2xname
    • +
  • sat xname2nid
    • +
  • sat swap
    • +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-24/dashboards/index.html b/en-24/dashboards/index.html new file mode 100644 index 0000000000..1291acecbf --- /dev/null +++ b/en-24/dashboards/index.html @@ -0,0 +1,685 @@ + + + + + + + + + + + + SAT Dashboards :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + + +

SAT Dashboards

+ + + + + + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-24/dashboards/index.xml b/en-24/dashboards/index.xml new file mode 100644 index 0000000000..915ed3e927 --- /dev/null +++ b/en-24/dashboards/index.xml @@ -0,0 +1,26 @@ + + + + SAT Dashboards on System Admin Toolkit (SAT) + /docs-sat/en-24/dashboards/ + Recent content in SAT Dashboards on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-24 + Wed, 11 Dec 2024 03:40:00 +0000 + + + SAT Grafana Dashboards + /docs-sat/en-24/dashboards/sat_grafana_dashboards/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-24/dashboards/sat_grafana_dashboards/ + SAT Grafana Dashboards The SAT Grafana Dashboards display messages that are generated by the HSN (High Speed Network) and reported through Redfish. The messages are displayed based on severity. Grafana can be accessed via web browser at the following URL: https://sma-grafana.cmn.&lt;site-domain&gt; The value of site-domain can be obtained as follows: ncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath=&#39;{.data.customizations\.yaml}&#39; | \ base64 -d | grep &#34;external:&#34; That command will produce the following output, for example: + + + SAT Kibana Dashboards + /docs-sat/en-24/dashboards/sat_kibana_dashboards/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-24/dashboards/sat_kibana_dashboards/ + SAT Kibana Dashboards Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored in Elasticsearch indices. Kibana runs as a web service and has a browser-based interface. It offers visual output of node data in the forms of charts, tables and maps that display real-time Elasticsearch queries. Viewing system data in this way breaks down the complexity of large data volumes into easily understood information. + + + diff --git a/en-24/dashboards/sat_grafana_dashboards/index.html b/en-24/dashboards/sat_grafana_dashboards/index.html new file mode 100644 index 0000000000..841ae09bdd --- /dev/null +++ b/en-24/dashboards/sat_grafana_dashboards/index.html @@ -0,0 +1,790 @@ + + + + + + + + + + + + SAT Grafana Dashboards :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Grafana Dashboards

+

The SAT Grafana Dashboards display messages that are generated by the HSN (High Speed Network) and reported through +Redfish. The messages are displayed based on severity.

+

Grafana can be accessed via web browser at the following URL:

+
    +
  • https://sma-grafana.cmn.<site-domain>
    • +
+

The value of site-domain can be obtained as follows:

+
ncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath='{.data.customizations\.yaml}' | \
+    base64 -d | grep "external:"
+

That command will produce the following output, for example:

+
    external: EXAMPLE_DOMAIN.com
+

This would result in the address for Grafana being https://sma-grafana.cmn.EXAMPLE_DOMAIN.com

+

For more information on accessing the Grafana Dashboards, refer to Access the Grafana Monitoring UI in the +SMA product documentation.

+

For more information on the interpretation of metrics for the SAT Grafana Dashboards, refer to “Fabric Telemetry +Kafka Topics” in the SMA product documentation.

+ +

There are four Fabric Telemetry dashboards used in SAT that report on the HSN. Two contain chart panels and two display +telemetry in a tabular format.

+ + + + + + + + + + + + + + + + + + + + + + + + + +
Dashboard NameDisplay Type
Fabric CongestionChart Panels
Fabric RFC3635Chart Panels
Fabric ErrorsTabular Format
Fabric Port StateTabular Format
+

The tabular format presents a single point of telemetry for a given location and metric, either because the telemetry +is not numerical or that it changes infrequently. The value shown is the most recently reported value for that location +during the time range selected, if any. The interval setting is not used for tabular dashboards.

+

SAT Grafana Interval and Locations Options

+

Shows the Interval and Locations Options for the available telemetry.

+

Grafana Interval and Locations Options

+

The value of the Interval option sets the time resolution of the received telemetry. This works a bit like a +histogram, with the available telemetry in an interval of time going into a “bucket” and averaging out to a single +point on the chart or table. The special value auto will choose an interval based on the time range selected.

+

For more information, refer to Grafana Templates and Variables.

+

The Locations option allows restriction of the telemetry shown by locations, either individual links or all links +in a switch. The selection presented updates dynamically according to time range, except for the errors dashboard, +which always has entries for all links and switches, although the errors shown are restricted to the selected time +range.

+

The chart panels for the RFC3635 and Congestion dashboards allow selection of a single location from the chart’s legend +or the trace on the chart.

+

Grafana Fabric Congestion Dashboard

+

Grafana Fabric Congestion Dashboard

+

SAT Grafana Dashboards provide system administrators a way to view fabric telemetry data across all Rosetta switches in +the system and assess the past and present health of the high-speed network. It also allows the ability to drill down +to view data for specific ports on specific switches.

+

This dashboard contains the variable, Port Type not found in the other dashboards. The possible values are edge, +local, and global and correspond to the link’s relationship to the network topology. The locations presented in the +panels are restricted to the values (any combination, defaults to “all”) selected.

+

The metric values for links of a given port type are similar in value to each other but very distinct from the values of +other types. If the values for different port types are all plotted together, the values for links with lower values are +indistinguishable from zero when plotted.

+

The port type of a link is reported as a port state “subtype” event when defined at port initialization.

+

Grafana Fabric Errors Dashboard

+

Grafana HSN Errors Dashboard

+

This dashboard reports error counters in a tabular format in three panels.

+

There is no Interval option because this parameter is not used to set a coarseness of the data. Only a single value +is presented that displays the most recent value in the time range.

+

Unlike other dashboards, the locations presented are all locations in the system rather than having telemetry within +the time range selected. However, the values are taken from telemetry within the time range.

+

Grafana Fabric Port State Dashboard

+

Grafana Fabric Port State Dashboard

+

There is no Interval option because this parameter is not used to set a coarseness of the data. Only a single value +is presented that displays the most recent value in the time range.

+

The Fabric Port State telemetry is distinct because it typically is not numeric. It also updates infrequently, so a +long time range may be necessary to obtain any values. Port State is refreshed daily, so a time range of 24 hours +results in all states for all links in the system being shown.

+

The three columns named, group, switch, and port are not port state events, but extra information included with +all port state events.

+

Grafana Fabric RFC3635 Dashboard

+

Grafana Fabric RFC3635 Dashboard

+

For more information on performance counters, refer to +Definitions of Managed Objects for the Ethernet-like Interface Types, +an Internet standards document.

+

Because these metrics are counters that only increase over time, the values plotted are the change in the counter’s +value over the interval setting.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-24/dashboards/sat_kibana_dashboards/index.html b/en-24/dashboards/sat_kibana_dashboards/index.html new file mode 100644 index 0000000000..d93877cb7c --- /dev/null +++ b/en-24/dashboards/sat_kibana_dashboards/index.html @@ -0,0 +1,982 @@ + + + + + + + + + + + + SAT Kibana Dashboards :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Kibana Dashboards

+

Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored +in Elasticsearch indices. Kibana runs as a web service and has a browser-based interface. It offers visual output of +node data in the forms of charts, tables and maps that display real-time Elasticsearch queries. Viewing system data in +this way breaks down the complexity of large data volumes into easily understood information.

+

Kibana can be accessed via web browser at the following URL:

+
    +
  • https://sma-kibana.cmn.<site-domain>
    • +
+

The value of site-domain can be obtained as follows:

+
ncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath='{.data.customizations\.yaml}' | \
+    base64 -d | grep "external:"
+

That command will produce the following output, for example:

+
    external: EXAMPLE_DOMAIN.com
+

This would result in the address for Kibana being https://sma-kibana.cmn.EXAMPLE_DOMAIN.com

+

For more information on accessing the Kibana Dashboards, refer to View Logs Via Kibana in the SMA product +documentation.

+

Additional details about the AER, ATOM, Heartbeat, Kernel, MCE, and RAS Daemon Kibana Dashboards are included in this +table.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
DashboardShort DescriptionLong DescriptionKibana Visualization and Search Name
sat-aerAER correctedCorrected Advanced Error Reporting messages from PCI Express devices on each node.Visualization: aer-corrected Search: sat-aer-corrected
sat-aerAER fatalFatal Advanced Error Reporting messages from PCI Express devices on each node.Visualization: aer-fatal Search: sat-aer-fatal
sat-atomATOM failuresApplication Task Orchestration and Management tests are run on a node when a job finishes. Test failures are logged.sat-atom-failed
sat-atomATOM admindownApplication Task Orchestration and Management test failures can result in nodes being marked admindown. An admindown node is not available for job launch.sat-atom-admindown
sat-heartbeatHeartbeat loss eventsHeartbeat loss event messages reported by the hbtd pods that monitor for heartbeats across nodes in the system.sat-heartbeat
sat-kernelKernel assertionsThe kernel software performs a failed assertion when some condition represents a serious fault. The node goes down.sat-kassertions
sat-kernelKernel panicsThe kernel panics when something is seriously wrong. The node goes down.sat-kernel-panic
sat-kernelLustre bugs (LBUGs)The Lustre software in the kernel stack performs a failed assertion when some condition related to file system logic represents a serious fault. The node goes down.sat-lbug
sat-kernelCPU stallsCPU stalls are serous conditions that can reduce node performance, and sometimes cause a node to go down. Technically these are Read-Copy-Update stalls where software in the kernel stack holds onto memory for too long. Read-Copy-Update is a vital aspect of kernel performance and rather esoteric.sat-cpu-stall
sat-kernelOut of memoryAn Out Of Memory (OOM) condition has occurred. The kernel must kill a process to continue. The kernel will select an expendable process when possible. If there is no expendable process the node usually goes down in some manner. Even if there are expendable processes the job is likely to be impacted. OOM conditions are best avoided.sat-oom
sat-mceMCEMachine Check Exceptions (MCE) are errors detected at the processor level.sat-mce
sat-rasdaemonrasdaemon errorsErrors from the rasdaemon service on nodes. The rasdaemon service is the Reliability, Availability, and Serviceability Daemon, and it is intended to collect all hardware error events reported by the Linux kernel, including PCI and MCE errors. This may include certain HSN errors in the future.sat-rasdaemon-error
sat-rasdaemonrasdaemon messagesAll messages from the rasdaemon service on nodes.sat-rasdaemon
+

Disable Search Highlighting in Kibana Dashboard

+

By default, search highlighting is enabled. This procedure instructs how to disable search highlighting.

+

The Kibana Dashboard should be open on your system.

+
    +
  1. +

    Navigate to Management

    +
    2. +
  2. +

    Navigate to Advanced Settings in the Kibana section, below the Elastic search section

    +
    3. +
  3. +

    Scroll down to the Discover section

    +
    4. +
  4. +

    Change Highlight results from on to off

    +
    5. +
  5. +

    Click Save to save changes

    +
    6. +
+

AER Kibana Dashboard

+

The AER Dashboard displays errors that come from the PCI Express Advanced Error Reporting (AER) driver. These errors +are split up into separate visualizations depending on whether they are fatal or corrected errors.

+

View the AER Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-aer dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the Corrected and Fatal Advanced Error Reporting messages from PCI Express devices on each node. View the +matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on +the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass +next to each NID.

    +
    5. +
+

ATOM Kibana Dashboard

+

The ATOM (Application Task Orchestration and Management) Dashboard displays node failures that occur during health +checks and application test failures. Some test failures are of possible interest even though a node is not marked +admindown or otherwise fails. They are of clear interest if a node is marked admindown, and might provide +clues if a node otherwise fails. They might also show application problems.

+

View the ATOM Kibana Dashboard

+

HPE Cray EX is installed on the system along with the System Admin Toolkit, which contains the ATOM Kibana Dashboard.

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-atom dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View any nodes marked admindown and any ATOM test failures. These failures occur during health checks and +application test failures. Test failures marked admindown are important to note. View the matching log messages +in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, +results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.

    +
    5. +
+

Heartbeat Kibana Dashboard

+

The Heartbeat Dashboard displays heartbeat loss messages that are logged by the hbtd pods in the system. The hbtd +pods are responsible for monitoring nodes in the system for heartbeat loss.

+

View the Heartbeat Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-heartbeat dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the heartbeat loss messages that are logged by the hbtd pods in the system. The hbtd pods are responsible +for monitoring nodes in the system for heartbeat loss. View the matching log messages in the panel.

    +
    5. +
+

Kernel Kibana Dashboard

+

The Kernel Dashboard displays compute node failures such as kernel assertions, kernel panics, and Lustre LBUG messages. +The messages reveal if Lustre has experienced a fatal error on any compute nodes in the system. A CPU stall is a serious +problem that might result in a node failure. Out-of-memory conditions can be due to applications or system problems and +may require expert analysis. They provide useful clues for some node failures and may reveal if an application is using +too much memory.

+

View the Kernel Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-kernel dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the compute node failures such as kernel assertions, kernel panics, and Lustre LBUG messages. View the matching +log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. +If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to +each NID.

    +
    5. +
+

MCE Kibana Dashboard

+

The MCE Dashboard displays CPU detected processor-level hardware errors.

+

View the MCE Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-mce dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the Machine Check Exceptions (MCEs) listed including the counts per NID (node). For an MCE, the CPU number and +DIMM number can be found in the message, if applicable. View the matching log messages in the panel(s) on the right, +and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID +by clicking the icon showing a + inside a magnifying glass next to each NID.

    +
    5. +
+

RAS Daemon Kibana Dashboard

+

The RAS Daemon Dashboard displays errors that come from the Reliability, Availability, and Serviceability (RAS) daemon +service on nodes in the system. This service collects all hardware error events reported by the Linux kernel, including +PCI and MCE errors. As a result there may be some duplication between the messages presented here and the messages +presented in the MCE and AER dashboards. This dashboard splits up the messages into two separate visualizations, one +for only messages of severity emerg or err and another for all messages from rasdaemon.

+

View the RAS Daemon Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-rasdaemon dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the errors that come from the Reliability, Availability, and Serviceability (RAS) daemon service on nodes in +the system. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID +in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside +a magnifying glass next to each NID.

    +
    5. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-24/img/Fabric_PortState_Locations_UI.png b/en-24/img/Fabric_PortState_Locations_UI.png new file mode 100644 index 0000000000000000000000000000000000000000..704511ebce3d09b05ef60e3c174c516850b1e875 GIT binary patch literal 10312 zcmeHtWl)@3v+j@}K@&VU!QE}p5G*(Wf;$Wj1A`8lkN_cQ&|pIX0fM`G(8&Zyg1a-g zyWU~%eb4^BTXm}L_v8FHReNgWeOLGD)$h}?x>rqvmWC2O4kZo%0Kiv%F0Ty$pz)xt z%^zT*zV(zj5>P*xe!2#p+Lk`_ZV<4ogENTU6Y2({2l+bK0sy{~E-?uFE_yuq-BJeT z@v}GV;m>7Nu#9igo{Gp%0_XSTC?8U1RdtLiyr)l_c~24c<+-wO)KVOSw!((stg3eJ zm+OAnAwKy1{lnJ@f*9*TSrdYN@9h$q?LDDPK2#TNoN2}gEA@$Sww!fRA)~I;n*Oqv zdn=COc}t>Wqi@JM$d71c^paGV&H(_Nrw%AZ4b;`dt-&rlmNsB35Rb2m8|n!F07)5N zH%n_LkSDzr$j-r4iea~@je*|5Mv6gSSe;MZO%7!5@Z1jq((%*Kwf1we2HG&lNaINQ zilYR$fIKbfeO;VgJ;Z&b82*qej=H`Z=4GJ&gT>QHiorl#i(U>40nrQb2=VZ7EBHEi z3ouCI&`UyWY{j+Z75@@}x|3qC_w;lV=jHYB@!|0i@qATOT)uYdqIii6t& z>gs9f%kApHcqigd8S)?xYlwrJrvuoP{!XT)71+yDih%(|r~ga1r-SX^(p^3N0s#dF z?;VAgpNEh4U)k?$_+QHW8~YvQZ}z*%;s)9v53sY>-SSclq5{19e@Oa+Wcc5c{-(Ti zbwFt=@b@eou&t+$B?KhJpk)vC1nXE^x`F!*$_#e3bf$Kj) z;6Gyi$GiT4>pw!^KVtsJyZ(2a52=rpFF=0C+kbp%%|nr^X`p2)#qUFL>+TgAjVpwB_2{yD!0&lf zm6ec*x?BJEk@)@IF)=YVSM^MaQIA#pE*yfyAk`z+ET+ldKFMDD=MRU_Ulj{)y1PtQ z=XP75YneD(boOuqoX5vcf~Z7YwmYnFLg-C?a=A@7*GR>e_uFm`-?-K_^_LA8w5+No zb3tPck+>3GCURlF1x$GKQ)0`;W;_}m7mqsP;0!!bo{=$^t$&<`Pa4d1Ds%SO+kaE` z@Rt&;#Z`R;jS43xXZp8At3owfD{Be!*N$_4iQyi@UA&J?)u^xE9|OZ8LnUlDqNYNZe>3 zZ}GBce_*Q2lYMYhNUE&r9D~cWF={KrB!*g*(P3+i7T#;BZ&f!nV>=;Zeklw%M9zHs zkvh~eHC8s)HR-i^el%1QRfKCoqh8g0AoQ5h-0zJ|hrX$RRB22+Q-r3pVdwr5D|^{j zd2*7zWq3mULYPz9@$h@xNW;1lPMm>ErJP@UmRANl_1F4+8z;s!el$w4U-+FyUph}T zXKGsm2c-|Om{KBFc5f1};mXsJr{R zaC^SX(Q48bVV4CZif+p@ycro80jPb98@9iUDk@vv#5ex>wRq7}k?i(judO6+!pyY! zdf+mnpA*pTTw87f_fSg{`mkBnh6xDogooi9i}}v;tt2JMD=4~cmUvL`TiNHEYc3!a zCUWaKVrYj(s*Qmf@g|b{mohI54I@lS>6zqXf7vfb^0xJ88TDMB&J5Y#1_vLp3#4Xz z`b1w?sOCJkkB@ml~nQwgJUHz$;Km6adh%V*~Wz;yF=Ro=FN z&d41`AT(gAEPtc`Ay&z2q*z86SF>BPO_Uqp<`8nDmJbESp z)SsXD5zvUsgFwt52nnyeCOrCV1W-}Ee^kX=9(>zj`k0#3pKcXEvUJniAnd@3sqN;yl$1La z_07Sn$>~VX4N3gm+%LJ%17&J~N3Ys$wuPNVs02%41KWq-{bpJRR^Q{Ay7N<|qK{(k z_l&kfXHAD7=I-50v!?rKSOnCoI}%_CmmX8juqyNZy=w}AaY36@;X@8g zyyxwX1rD|5Ha21v6@iVqpG4=3emPI|dm!Dew+y3bB*H+!(3p9P%+npcfB@>(uVoFm zY}Hr<#ZBW*>qBvOj|Mmu6chx6+#j)Og52iYKP$f8Y`txm^53sxVqC&=t&6xUbJHoxqIxZ0*}DyIVjmGQs)O$C?_nu}sPtyj;&pPONX58)laj zV`-I9sj}w)LO?6Iwe98gW!eQ5ENr~3dt97)#Z0_1S%H@i%fYv3-@bjTUpg_SNEtrK zFt*#wF6a!8z30}uUFR1*nGg)6xIJGJEY@>s>cy1-qtFnY+j6Mt6}CNkZaeUCV3m7n zYTI2sQ@mjaBTZ(PEb)7f$IH%e{QHufkHd%h(!t!UtfyQxHQv)ZVNS7>u@Pwl&}bTo z_X+s|Z2UrIVnw<&QX@Vao-6?Co+#()z@P1C%?Ag#+c4sGxDLf^7Dxbyg6-Z0QBRL&KJ_vlPMP9AU0>lm)tYb>(zE${lGDfE$|~Ei(G!~`AtJNM`>?;xpPw?i zd4IKu%fyXUU#+2e#9G3bT%9zM@{q6#X6epwXy?KaW`kCsTjb@}kqvLe^**c9c%zF_j>~;4y!myR>(&`-jJdq6 z3p_u~ow1{j$+4Hay+!Wg%<&1m`+M1!%~L+xlW!`TYeTK6Zq0N}?mgADkx#!AzHZRW zvIoS_N(~gJ>O*fA-NfKR_ENCrN}!;HzL#ggpYQKD^Vn^{7iL+Yre_S+6NYjt*iHJkt@>g(Q{ zcRuL*K9JeeBBL7LHR{p?cr4QFQ8%>-9?XJ&-zNY8q|Gmxd2fziihw76O@5{!BP5Jb z%;{K(7lSa3G|gC5xa|ZG0#F|3AWEY!vsYgNt$V>3z64RG77vJukMHSRC0>V7VICJ< z8mm_2cs)t+zgIpJwBU7rEoB~C4^{d&RbRKi?%bL_cWFXmf6``$o_#hK^!~wSm7N1U zfX`(=-0>?j*rSoIiE%Rd{aE8mmetVewv8Qf5z+wvKCn+9fip->M45fM6MPn)BY8Z0 zh({?9S6%I?#zHKf8504|Y+6eFDGDQG4Eq2Jdfy8>BTmUxqvz$F^XI%xGt~FFoVF35 zz}oHfDNo8VrIbRqH0gFsqI~5bFX6uisO(*vLn9)$962<%>OVq}6 zITOq$?I6U?PJDhG=ySLnj}&v8=L6-gFtHFYNJyka{SdSlx-kiYs$8n7?V*<`-JAwF zI&GsA$_$*qp!0$s)$`y*8wHcOPFA!3Xmw>VDv_Z`wG&H7QkXk4SiJBJGemCC7M5mB z!`zRB-s9(P&9EOY%=+{-fsGGpAA*$blTKzK?-3YGkt>{^<_h)jR;#<^`if z6^w8K8p~7IH9%fbvHWO)6&oM>i3DqSbb4((w5LjP5sXOoX0spBVIyI%zy8sep<$OZ zm~lIW09X6}qzgK=4?o@H#*|}kw4g~N5Za3;x{nG6Q=^61#HsDP`uewVj{>V;YMKJ6 zYGTv_1jm&|Rzk@+T5Lb-1kPvTm>Sr)IG)i_t7&Ns0ZUGXww{|lkB?kjv|?and?DOG zWn^ruiYhQ(y!fyv>-BK_d6mtTh zsVL!GI+Fa$kQZm{&&F3{AC^{dfbQ-U+dFecX*3164bL>P8fya8PjxQOO%um-&(`fv zPQ15;1>e1QhOQBlQoy~&1_1MoPE)hHc~o|%7W^2pk9gvMnHr*ta|zfX^Kz02_}Rfc z4?-Ri3V!~(1z~VQ(LChmiO@Tcs66^0WRUQ+>Lc_l#(OFB52TfNlJDqF^09YgI;S67 z*L+a-5`W(RUmnE>lsw8`OaF}wbROA90WsRsx+LfwWAAAHko)J@zxG0ZDv}7ZBkc~Z zBt!4;`8Q7OfQth92d#=nfAmd@AL#BxuDRdop2+RORaD%=-oWE+_|{dcZw39V=%=IZ zjE3rPn;W}*k-8|ZN%pT=9%+uVUY=(~Oz_Z(LdrVad)1~7&9ZNT%>ruFMX5O6D{iKf z-~cTl0=a|=*&BY~w^k3yftEEBy}LP1`l9{DdA<&fYagG1yqab$$mC#(O| z=HHMU?AvyA(N+w*vcR-C1^$DWE5KTSOcHGn`BZ-EZelzH8b-BuMR&#==*9qd{s zPvHettHE9&8Q;@rd7(Pq`MCO~70LNz0(LJsNNabbVxj!w%;ch_$}8QwgZJngX2vtO zWnzwpVbno&E1qETGF81|19-5ES%0eFM0BmFb1!+3x=%sxOTBGW{qK>NeM+@6Js7h; zpR5MBH;i+2MS_0mb(>@CH?%Wz>DFXgZ$jkXdU?~!qY;bvT5c&a#a`xq;wU|J@IAF@ z<1rnK?cUQez4@{ipOQKKgy&$N;t&spzdk6t)O};uiU92tT9c$Y1uw^Ysi#(CpqkWW z2nLmi>vcus&;iojYpnDNM`Zc&2l#yLlNW05u@VdDtY6@d0^0HoRff;*_d5 zH1CZBnpoMsGV5&add_fvMDoy-2Y~5;e=BL$wOnt38Se0lL+VyT9ny5Z{N?q11(t7D zNs>Y$$$bFf@W>y<2o8`@GYr3BrOW=>K#XH@>fH&fXgRW2;M>*6bo}EE`j+5W*zGE} z#A9hLLS;w=2;rS)<_^t|;pHux-=Dk2PEmC{sgrQMB^9(&+bzgGsUO`yZ?~v99H=+EBMf${MG7jphszk-4V=B4LS}hIfU;@0ClZIprBq~_z= z7Q64wB`|03l(Fy+XN4y$YJCRA=k74yj8u&E#U0(h^WVr!fSj1OmaV`hw zI$E0AvS;;Ez;h%9;&iMOxAPgsENt~_KM2=FJ*jdn-i0&*LDfVhFB6Qk;6Jsv85!?E z?VVVV(R#}eiUuChQ!?GkozV(v4*m~DTFQ>H%#emCwUme)Okz57nUJ!oXf7EyvYM>; zAp*fUP|E&7bWXEuNfTa}whA8R>R=m%a=h-|p*o=~#Y;=>_0!Xr$I2N5*bOF%K?R|7@B6PV8yB1h z__d7;J7=kL@~JTe74#&6KaQs;`D83){CeM}r|umQQ6`8m@Ht!~8|+?(R9RdrGv&YS zG4H>`I-D@o>iG77{|lM!L8xALc11-%l3A3=6T8`RHfcDY+oB2S#d7PHRef!{0u^Qa)m6DdEsO zj~ulF8(bIhUoBy3Dl}*5y&c)fF0Kqidm&rg=E5};CT~$Q2`{Q9q+078i6AU)fs%~j z$9`jO7*8^XZ%|3~Duvra9X38Go-e|xrNWn4IysQ=QqCJ+F(BO#^{$?ig@W!_LXu^Q*T)etw)=~{KQ|?AEyJWP;=BxN?x!HsO+I1J1?Q6P&vpdt)*9JOv3}6ALYrUhAcT2hg&p`sL}&`)%?8GA=CP4*0Am^> z_Tl%xjc2~>$#fdp8!JRv5|6OtNG%v$3xpaUJ9XE-3BjxP9 z?V?t#^>Nvr`ne! z5Ekl)CZ>NHV_>vxq3VjUBElLx=aanQ7=g^kx9vDPTg9$ROvz&9m8)TG`PS%pysb9f zyD8Kx>A`l`)0M5wG5*2uI~IOe?TkB@Fn&`@GTJq6-d zqVJBWFOqp?sBla#lWFY=AO_w);t)U-O{D2-I7X!6v#LHAX7k;gT)=xj>cz%eGCAZq zm@c)xG8PzHkgn+zF|@MUh-S&v##dGeG>ngL7t|-PRcofT z&W)aPIhlef~Xq(NCa0bEW@wHVb2E zsl|L~QO>VMeQbExO?(M2FgvHkMO;J#GgWOMk4NKoFUol%dT;7frAqu}{FYgV>{rZt zdDUvwHGeLdk2OKhEu=vrSg81kdro7W9iqiXvehR-v{SZ>5Cj>Nc+a*4y+vA3kQg`` znu-n=xw>uE|IkK!X7I>q&hJ`>?pjDUc_6Tl^($IjBf6?vpOEO+1tD$sOP!sCy@Lb` z=n|HWon7__W=yF>U0M0~-gRqAkJ?{mhi6$V^^`B<)Ynnv~L!4D>oEpiTjk&G_5>uO4Cw0&`(7-5NQD>A6D|&+?yL zi7Zm@HZkA2H~#F(Iz{sPTcB@hj+|OO8;_qlfKcQkx)Y2AwJzDuJ3-fCpyIr*(<;g} znVOm@k5IWalQEkoF~6&;$p3JSincH01^*ZFba!z{Q8n9#c-H;<&j7B9r=1khIy^u7!o9=I_pkkW^h%-y)^3YN{!%}o$z<@ zLzYU_&+x$fHn2S#>32`Y=1c})Em-xJJLgi#`o?}oA5h5>zbKa6ukC~^&DVY7sjee4 z>dDBg8KoGz%>`eYnb4#`)q}JMwd&r`VQ8 z^7i22DyLkSS6jUQ^DlFg{ z4J$9o9_F`Npwg9`93&?1fd?oDei$qkuClUTlbiH1frRvJmSQ(BC+XpD zo+El2f%;1DgOrC4a`GlSHkLx`O?ha~6z=_c?P%n$AgqE>7rXtYlV=|Zu4F6yiV6o< z1i$PSqG&$->b>Hn<~G&$as!%k5E*RF3$u=D=lRC{r}cWF+PP0ZYw-!GAx5sHI+s2@ z6;^@1xhUc6SC3feTNbFbeJo~R!>iw)95T|x?? zpDRoLg*V1U#Q6wyXmn?jd^T)k=UMKj?h8JH?Y9mu*^KJxnd+#ly$+8it;;7{dLKJc zPgm`Tp$Y+^bf?0>oa~;7?Ius2I@Ysy1r%(~+0^(+jz^uP47r8uM$!Uwj8~W2OSUHpz{RWtE>e0b5RlBw0#^Lr_Ih zHh-W|e-3LhSs$q1JY@ir8q<8gBeC|x)seI-=>>PbcYm$5$m)_o%fiMSm^%8@{T zMlz%~X**@?WXHTFIFpV;+?c4A`>kr~WAX?8Pji1BypCwFm+=8M-2JakSwTa-^qED- F{{e^I_u2pe literal 0 HcmV?d00001 diff --git a/en-24/img/Grafana_Fabric_Congestion.png b/en-24/img/Grafana_Fabric_Congestion.png new file mode 100644 index 0000000000000000000000000000000000000000..dbf481d94ce7036204bb81960b1e9ecf3b28182d GIT binary patch literal 13882 zcmeHuWmKF`((e$G5C{?o5P}9mfZz~Z6EqC&4#Azl-4X}{2ol^0?k_m z8RS0vclX^_?mhSHhx_54vm9U^p02LyuIjG-RaFzLASa21L5u+cfv}`LiYb9W4|srQ z{U?us-y0;&g1|?rhl+-il7Z_hI|qoVg|*2mCwDuOS0-*2rXY~poK3hcHY(+lfMs6s z2++xE@?KfXagwvk?rxXG>}7vUBX&%IGNZ>fZD{*^!VKo;-*G`8jQ1A6Ks97#_>3Sn%m&5~Llb5<8#`bIAdrBt zo1KA?m5I|ULlZL#TS2PB##X9V7RG{9>YTEyvUZ{-<`y44988ow!m--@j&|di58Hla(NqhOELXQHX=dD-LE3W>zL~ zHwzbbDj|$l0uIKed`e;xe`f*wB}irNcyM`>Ve*cd{`3CwE)N zzbgSy2g`j63mY>l%YP=nx8Z*b=D(2NxBQd*zB8YOl8Gb4+WB6*AQd+|3)^3u{%X?v zKR5leMb*{<7%lrhdnrRqom>qZOa!SE%ppz?Wg`PSlfPQ;h4YC*tRW7{fYE^Vzlr+m zwStA4iM589g^h`=<6k4;&|6$a7&Hlgt`nQmO zNyqEFKOUkBL4U4`nS6NB@O&b#Q$Dh|9`0q8G% zpfBtdz>i4tWQX@Pj|jpSJPBMH7Yh{Vo{2o64A^3f$!mOY|MYB$20i@#9UqyLT>$Vf zww)iLADNig8CTMp0gJEJ;H9AnaSX&UYV&I$<%#SmUGx+vb-i`Z+MX&x78KOn_Z1`2 zI{VG2Ur{-g{pfue%Szq`1Ind^`}{7Geno%i6#l&+9(yJ{(yIC;hDXUmn=U1XPJHv% z6Xc=s*KNx3f+J&DU-#!q3!=u^NwFn^por|Ij*n6niLim2cXZ6Qf|P^+i>8w9XH(k_ zBg^FNhQ}#7f@i<=dCe|IpVKqEdlxFwoCa1Vu(#hYlLmw7Ax-BHkBhD0lv(-eR=>4` zp>waZK6rL6d3J3rA?T|}pL^EG#;e>~I74fFO{e0+RnczZ_5@Oc|&gfWJ-6JCr+1Yxux^bN=zjNaC zUYGp@2@4Ak3q$Z9i}Jn-1{vUQ2UQ-q*iJf-xWS&R6Jp-rO7_GRMrDl$L_0Puk?^;iU$--qt=|)}| z7?3cGXC{L)99%iS?{&3-r=*Odq-Q`)$LhysG;G!%)5qlDbN1Dv1$iNP@-#eiVw=c* zSi!bsn-3pr*SqSH|6*^cH(TmO)d_qmhPdC|cKG=W8TOL)CGP8CvL4Qf+`57JDp!iu z+lIvI>Q3_-;y;MpP9~^K@AC49k+F-=`*kjNhg4Icd>U zzr1jXF|4#1KRyPR09Vf8geZ#kyCcM^xOjc)3c}|0>wV_y&MTAiGNOKlC+OI#o5^KH zzal>jwUo&V>575-eHaND78~C<90!DIoV4cXI2`jt(dw-0A&yoU)k<|bZ&59_oP;om zC)2ed^|)c18VSb6#wQ!`(sbi5vQ+4$zC{@I48fu!iAF|*?>fp_Z8HiBiT!3B^)jV( z7;)}y^rlO%V)fO^;DOr{M043b+uK2!&8C8AIJsF$1zSskKj!b){UakkA^1+=t)CYU z*5|D9j;7S_*32`=Q{{RC*4boIJ={sgr~;m?TIU>$Zkz?%PK;FwTAM-n-Oi59*oedE zV(CRhMOle3z3w{M!Qg>9c)-^g(25tmqHD zk=}GK?7GeFnSE@TSXKP(^L1l*!)~QFQttL5IOj*qPA`eb)~o%}N`-?)^igdFe)w6f6x_ z(BcCGt;ONPbj-I zi^Oq;f8ln{wm3q2u^!_P|GvFznM5Urk?gXl{B>}mh?6jNot=n)VCtiQ;qn?m3GcwVtEOBnt ztdA#URv}_k%~#FWSGY&V&Dwlt7t->Y7V#wb_;@hwhMG7mX?&bL&FA8g%fVddXH*MJ zqEV>kOXzR{uy@3HNU=AEJYyG{1h{M$`hlHU?g+ERI4@lakJtAIFCTqoX=&+hI86$C zESPANsBO0HfH}y$+Bg#%8yb?}Y3UK|pFXYSmVB>25)itv#+A$SFHmNN?-Z4SeuqJq zOqN@20Dm9Sy5xwat|Js2MDBwJcr|I3p${+(jjr-w zu+~!l9>s5IrNbqVOp+U$poddVZbNCehoT~GSGV)F!q+7q_zmGeX(CrFLs>%CXohIQ z-O1@gG_ ze;Lb?D7T*=R4dV&U~CT#`A*F{%h{E!LjUre3rBrATv2JYfy{FtZXcw>dCuM;BD&z5 z$Y;VH+M=_{47W4o!VXGhW@9_xp8|%Nz+wMDpYczipr;a%@$>-T4wCZ`9&WjZ&Ff;?+IVHU1mZBu-hES*p5 zIc|{Ws5+vwYRR9W%kB|-DX%AC+6$eO%tO6?;px%uoVH#8TFa};zB<*IOsdVJA_EVA zKK+XPJQRo6ne~V1d-kolw6wH3lF!vn01GT8L#Cs;S&&Y zm$^pIm!o_ki9$(U#C|Vj{}$vO6%{_OeG2WR5J-6ZUeO-iw-J)->AvRZM?8?|v0<_| z@9JkW?^@yAOYY%x*fUcBcf56fEhvYHSpQ84W7WL79rDa}5)$g_=~BpsMW?&QM1JVS zOUd1z<&n&DM?M9x4l~p6p3NI>&|BoiyW??m8yfDg4JYb$DRSZIwZ6*xg%5B3GPJp4 zv$d4PUs0jRcykQrO3#>}6JW&j`{N=sSbn?`L`nH!e~!5{wCF`qW@hHp$nMS{ses$J zpFdwUIPZo`Y`3i_)M%6)^YU^fm*^rPG7809R>`}nDk=|tj+sBPVy}lP8j3>H5eK^N zYc=tg_Ol~Ed)AeeRad6Rt^(X}DMVBHb4A_#oyE%8Jtm>kF-sJ=d|CO)gT=Sk zyQzqz!(Pc=tEYOeSXtYwkhmgG>`fJ1y=cn0Vf;SH(@>=0n4vWnKRk^;1$o#!(CoF? z5JuF$t36wL)f#$MN*=kD|BDO8e|xCg&;=?tlc$fS(c8Q2vaI=$nkucJ0IH~9W7;7h zAP5)9$ZpE~!tVe1+flh`I%J_bQCy$d;CI`t0M{uB2Qiac(bwW)YmW*+6-L(eo}B%`ivd4^4%Ve31M0ykz7Ka9eISwaKj$9(sFSG3{G*z$4o76`2RjeCc?l+$`HvScqYMJK8!}Y~9bGbINLc zvDryr1+%rgTeO8%?Zi8S&iHLL))5@Tp1diEVN)K(-0Qx}w`~k%E$t%=uD8q`rml--LOS%MmegvB&Gh^=JF>T^at{F>##f@0U2)KCg5JmV3%$LyuZ(#7u0tauEMtoQYL)c(2H z9sNCy z=AX01PJl~D9eFw7KjEf6dHnoSGFXm$fFNGJYh)z;?0YBa@E|oCW%y-aJ@X?h7MOL@ z#OAnk)L48>r9r3ZcZt_OaB&Bdkt)&N4b#eRlSe!)iop|7CGRL&A^@4I1a2lPq?!#3GMab} zEjl_ocw*v)PY7BSOzF%33kjSKW*r>5A7ew)2qf+ z?CsG}P*7;S8eOzgEP^$Zr?KNCWHX$~Je5P#`p8t6-y5H3LA+n!G^o*B9ScbCXLuN0!q|TK8Wu@T2*C zMnyukeB3&Xw`woQTpsLJ!#yqKJuv`bt$E#~DFZb6{hLGcS^^A@U-8k0;J((u`OcA+6w7=4-=lxJjj_wWNUXEb{?tbEkfVSP@!VKBy5oba0uqOU3s-M`iV} zs9ipfce^rs@y;vzM%-*|D1n)K%AjJdS%JYm*OEaGKuu-?ADAimE}hid8TMSz0{gX6 zu#XVCmnbXN7Km`3Xe04CeW!q~v)Nr4TV%L7&;?Ub>iu#8=7SX&kM_R`38u-UDkjn$xVaH7U zEUQg9u>4k~AvcVxR;o2&cm*8AgN}~+7RRoXppe2HsdtlU2bR@fLoK&TgEh5-CS=Bh zE>^@O*~^Vdb!|6e-N*4xPvPMoDr`!vD)<%N66E8Dgijv_2-ef520Za4)SH9H92PNY zYVvxWY*VFqZ?buLdEK@NrqAK-iUw+J+VpMC361GQGir1B7w&-EA-a&iUEaQrJ?nXG6R?Y*Im2cVhK$$=P!LZa~x{&NS|LJR$Au z$+2J#vT}wrUlkmK;l`2^NwA&c#hxRaq370lR^a4SJeMlB=R&LHJP(VKhYaRUYV=kn z2i|?)6tp)JmEqnY-W$O3&Lkovo5?sy>aocp4)t$TBe!!x z$(H-Nc|4v$o?@AtT1fvisNYxkXP$R+d~3A#>FM;#6{cQZ6_`yv~#6x z#ZE!X^fwUXnL2t`ITx#uY!LJa7cVWTsafR|_IIp=G$^-}Z42+g=iVSefGQtuafqdK zC4aqpViM>80Q?v*fiRQ4b3@UZ^EQELVIgA-Y*udD$ET0UY>wOW%GehdM5#s4!bhN$ zvlDXwBMFa~;!So)xERs{3@Pt8#J6c3Y*94ioFZg5*|oj=mr^C8$RV`v{i*TYl;ln@A0C+zN2!RiAXxVl{HUqr zb;K(Q&MVdPfXjTgNzIoeFFLx&4OFJ)6I*YdWEuJ=j5B<3b|<)wv1wB;S^tww_gMUq z+gh*rO510SrE9ndW1I&*#+%MS?A4Xl<)>}?u1h0B+`1!O($Odh=aZ*ml9G7%_+7a} z+9+;Ehw?}9+7RP~I<}^Z9{#=M!~WG8Eei5vcM5N0?cjp&&7Smh@l8#)gRrpg(iN;I ze@f4yQaQ6i7ayaJ@@*1sMQPEiuR4Q1xqRs*gG{7(hY6+529 zM&6+M7fyLr-@-rY!=yS7oK7~{@oEVYpCD8nmq&RruWR-g3s)Nlm7<=DT)xdq(GaGv zrNCbknzd$TJ@GbuxzeIly8m2?g#{tPsNaH7G96T)OjEV)D_x;gV$QKI-ETUSB%PtR zYx60k%Auv77*(;5acN!+HE9RfGa6T% zwfCA>((K@RGdogUe{VP8oXAflA=@{ZQg2IFlfNq+kWY4#6%ABjX2&)#KhR(NF*4}5 zDup?HY$Ne@_cRO`n*FXHQHOWL)Y|-arRj~A^{<$}SxEf=JOQcPC7C=_+@*j{bg=ktZ%vP*QY)*k%T^K5)SF1odV;o! zIEQ|{W zrdJMZ;r;AZFEJd#eGT|G6L8rRKQ5zHW8PFbJ>OH^i~V_=_X-NEBf<#kl@$XORn>Q9 z2Mk1*k3kO}Bq5xdZ#Vg~v+HU@!$UIbvI8W|gnmV~qkfc@hKE534Y`t0>O6KfbiB`F znJx~89Dk~}{E(e}Od4(^NC3f4esZE1J;s{5SI*08oS!jl3BNEwtI)EhQw5)Zi+By$ zPfrrauak7cvsTV8*fMVMNvxz;icAb6SmR9MqoN?j@9QY^$;VH-(?nD(3FLzO1>Gf< z8j90lz7;69R~MdL&cQ2Vi8zr-9)5_s!{_Ym>{8&J4f|yN!-V!W6mR!K{|NWpF!d+s z=$p~Flx#MBS87S)8#U4NJdpq=- z??d+b%eQ4U4yuPA542<36-BYYIbTSFqWMq5yj*V-T=0`W_HhGq6Dv@OTw$%q>*@k* zS5fU!jji#~J36TPE-O?>)YduWVwEB~!?BrfY zj5Uc?kS9gzz$pMMfHfGe=~s;KQ-|{M?R%T=j9$F zE4q1oU7@AZtm{tToWRJnw5Z$`BKn3d2BR{xNF!RYe|0yo4skO!?B%)`p$0qMst*=u zx?r8{Rt0A204|)#;y!M*@Tbm|M~M~rthG-}2%ROnMkv@9_11jU4?}98KFe3F{WkwR zLyb(O#|8&+(T9eEK@>46D@AG!Qc%_iwiT@O8w3MTQ8+;a-Aa7? z_@s>4Ei^r@Y;{^Y_dec^iC4dO$JzR=LX2+vHibpH^Cl+nsHnI(RC9AV#l$=8fu)ZOFk-%x%Qm=W-Jmq)>gaf<-sQAEme*qzLQDC`$# z(3y~ah)WIL@Wot9i5deRQ|gJqarK8L&H@$?#evoAn=P!vYbz8-Q{m4obq^amgGDlo zN0z*8Y=Lb5sHLuYDPJlMI46pXA2D8J=E~gSCLrkPv=+{9`l)JGYSH&+_XUsz6S$r6 zKiio_wd34-9w9hms^m;_x#CA23+@I?bCmwJ)a9<#TYOT3H0I^*7B1PZagxBO6nrV! zu&+8rb3ik|(~cy@d#UeRiMdS+gSPk>hv zc0X})3q1g*xNH*hfYsNF<4U%5q&$EA>jq8(Vy)4~hhl|T)Ru``yqPI>DJ6Z@IlkSw^^#1? zJ*R&5*{I{1=jjbrCul}d1HEl5L0J5y;b_v&KpgSP6ZljaV1D?W?Ah= z8P74~+phw(LeaY|%Mm$C67T&8OSHC+>!v^MX04PA{5f7tAh+o$p*6z$qF5M1I+|S0 zpGx%I^!ldeKu-{`CapTw>f(T|;QN8f{`v3dkeLcc9Qz8k%RhgV^!4S-(iUf%`5*c1 z&%6GZY^3e$dx1+r(zy}M;sSv>@48G{5hH(I zB;zB>oA>|*TZZ0vo|10W#M}J2%>RZyx>{x*7Og%FB{iB?-UFW#<`Gu%)QmP?=l4yS zY-CNaW@rBt=S=mIPr>x#jn}BUZiS?I~dXxIrP`NNQEHjTl*a>drsqS&fZD; z>IAD5z2T#OkT-FRB&o>+vKKAho{e{ljqz5QdQwuFMZ4TwM|U^ycQmpocB@#PNogUf zYF6DVc6bz}o$6T~>RBT2BFfg{K#D3Iv=w`-PP})L)U1vHyYGMJDb_YJag#ZxmNSFx zobTlJ3EF%4Pc?ri4_{%?M*m?lG7gt zZeX20kMnB82N~s{`?tTBvUsWZ19zXk=s4hLihJ1sz7I{g4F1hg5FjD^>^}WDEo#}3$Kr#nxDI+yx=4iE#2NvTK5qjVZGI~UM)JqL-4`5FvAKt zz{Om!!@UIZ73*J&MmdJ6}*~isF#MWvg00?4(X%Z1FyYRocmZ{L6fv+K)vvUxvJQu#WxVJo9Z{FYJ;N;Z|lN943;kCpH;j-97r?#9RowqR(`&k@W8P1O}Ot-`bbht0TobKdM$xzRnY<+ z{_MMz5L9abfg_&KzMULt77)v`sW|w0ObHwtErKfFC$^0(AuyK7FJ$g9M7wnm74_kW zr=~qn8$`Yn0ERf1@5=v5f1HuzqS*E7A{vF&>0&0Q(q?Q@wMuYazSKPM&C6?~(RJNT z+Oj9n*ViZaI4UD6_(Q?`aTjb^#Mn!duEppQWBKT&LuX%S)b6XUmX(RCJ!h67D*t5M z2cc5$*vW=|25UO#vDl83NMtyS=E5YeC4>SyzLF*@1_&=)Jy!e_)YT=m{unfLb$zO7 zXz{PB)94>y(5Udb-)zc_1K&e;JF+4K?8cpuudAnMbp5@E1GNVMGyhQ3lP>L(sV)ml z$0mFZSo(Z@si~&XPsV%qIdSsIL_>JBWYHj??_Wg@x}@EItd8*of%AL7Gr&<3!K${Q zc4XzkduYSo@$(y~;W4ynpkmy5tzb;Ipn~s`a)J{$5?Ed`HXG0xt%_$;^`9!`6YMpvDdd zg1K&a3Hl3nXBAbtO%^**W>n2PcFIphP2Yx2gd9&*3n@+0(tsL=oW*^`MMb$>#9=dg zO_$otp!3@B^Wy66Udd3Ug3O=4>8`FGd0ijFXRKXzEOlL!sR`Ui7YQU zR1a^Jm8{yK8PN5befPn+$giCTKh4BIqM4|Q1uDgT?B!cO)6jgR;QJ-K8hhbf^W%~w zT?VcIdK|T0Hd@nF&nI!{zoM)8rb(g`Y~;`xAS7>EGO$_^YaxcTB3kP%(($X=2AG=dLY~xgk!q4X)|k%{UpBn{*hc*K!g?opmC z+;Ro^)2ipZGZW>4_da?~um`3Kv0`d!V2T*Q!ROZYRj&vJnop%Hag{yAGpF+x94Sk; zULNQj&I$d{nO&PfHD#C{FKuj)a6z|yN7J;DvLeb8plNO|d}LtD(s68VsA#cHgh4kbJacVN#+ta1PV$ZWpx>c!v~s*#m#b8jI5Z z-CtQ&e*w0%v~oWwsP{TMeqmnITl&xwaUgXMUt5p4ieSZX0KQI?K_D#})d}t_jBPsl zBPnJS5X9mWvk*L^RL=x^drQjXr?O4#rL@E)N#}_sdo20X0%E<_6{T#G^MTIowpCT; z5K2x?!d&d{l>PeirrLV5cF_CqMVEPWuricTv2=heCy zE8?eBBZnd2lGSu=2hCVL5smWjR!o5k`;+A=k8=;;tXl}S$&!kfYcnh`TNZ-p6y=`t zx0L$Qv~Cb5)wD`voXybKf8Yyr#mcEHOdCOvKKh-=CJ1D=K0@=~V@kYB-=lv&!CKv1 zRvc$A_W5#)1E0t;X{bz@?vs}x-HWp)d8O0+tCJ!r*l50FQ?Uu4lHO&nRIP4V(Z)|T zGw$}@G=D<00;vP;vjt4`1jP^{a!U?ow(manAJ$`4-$51)QsnB~HC}+It~v5K=~d_n zygP5|vKtvHFfd0OA{6ZyFG>%de-cEcSptEDCVD(RwQ4i2V1qTQBx2 z4k-CJaZ;DD9v$gg;%V1{VDLz!z{ZF7oSN-bN2@N`j zAHdS}!yAjQGyp=h-KUrUoL?sybmXVJl6;HC85WMjwt+PYK{phywEhD|@g(C~w;nzo9JrWbm z^9A0eiJ8OJ_FPzlQ5c89#RVPKK;l3w&xNduR1Q{>MLY3IqN-#zpydMmO{jwH6L8C{ zPet6$PGR?)Rn3D`o{Ko_;iE?x)JA%-LYa{|G2t<Zr5Hj65X z&Vm&vOhFF?YD`k6>a}8Zkjht)x`gS36lf z?_6{NnQ(HhSFObX5e2+9^xRO7mC9D%{gLP01uD*bn5ZLVqX(E39$565aewde?-W^CfziOP;3Q z0_Us93R^wOTngh0yz!=ajV#5iv6LjUi9`mo$=rD0t{BgmbPn5oEm{X;)= zu(ZRvW_#ZAUHm;4{?`p(-DQ3Xbcg0890k@6tCzeHOw^nm^fW;6N5gtwG*#(2A_QD? zn_vXSC6MkhpNRZK0Ni){3b?BViXNJ-?Qw?wh+ABg1+Jf0N2}{XKOUM7U+1}U?@U#p zRi$|aa9T|(>*@|P`!@RH!Z8I)od3E86Tl;@N3q;EwE=|xNPjDb6F`LMosZdYV-4Tb zd>3%1;|b;azgG%G{!v-^M}Gf5)l;?~0#yt89FC1yFi@!ATKcvveCQY}?&%&9PbfWi z${}O_XLcVOGgs@{OYR`t*8(9-YvDUK>&B3)N-t$U{Me>jI#it#L?r91u^%qHBYVC| zogV|f_TsqoSm_%EDjPz7RW@8?wD*>LUsmxrRuiz4(EL?pdgg07&cgJ+uK`{8wln@n V3c#c@x&KcpDRDWmQjt$z{ug;*Mo0hv literal 0 HcmV?d00001 diff --git a/en-24/img/Grafana_HSN_Errors.png b/en-24/img/Grafana_HSN_Errors.png new file mode 100644 index 0000000000000000000000000000000000000000..f43b7d02a6f59e15f0d4289ae9f98d81f47d1801 GIT binary patch literal 9558 zcmeHtcT`i`_HGnVigX2O(m_B%Z=p9afb`yLAe00{=v5F95fG#ps!9{-y@Q1wib(Ih zcLeF=7tXoko_og|?~Ql5SomF}x&gw(P2Vsb;kAy5~4CZvy>J(ImR6aoNvPq@aQiCdZO zDD4)ru#cUDaz#9mSG{d|l_DpqG$Ap!uSiQupIPyBMEMm{%JeIm@a!jGk=KiFSag&( zgl5!qIr25R(F9b^l41zOv|ZR~;Gu5Q>7 z002_5-fq^m&h|(q8+!*ROqyl4p@oGBYA4NNDDss5shgs`BlL+c!d}-`L(kUN*;c}i zMOKDT${U0=;A)SwX7YA*fw_acrCI*43&I{>U*=G8izV9%sk9Fa&j5FekHmlx1W2na_w@CisrNbvCs@(Bv^ zVl{Z(ePBpyZ(f)?>$QnLZ7A8h+ajQDNGKe}bZyhx2JV5BW?{j~nf_%Q35EP+9p?To z5U_CYT}$``fc$*_seYZqe+Tnl>erIL)UR&_8R^)&!(BYC-Al8G3Gxa2Vd)Q%@&8`* zmqZ^1#YQXm*Il}B2-3?MVK2?1M>?>Yy3|4ITjr+oiT>NT?e?_d8o`CAzO1J^%r z{VfFkmhwNd>mRuO76N}u`JdVK{})_@f6+pF7?ulqVM(8k49N>DVI**SV(bn85K&ye zZ~UANyZ``bDZxtedfsW<(_Y>Q`psYVcZbwDTz}qJ3^tvGR`xG2afQpR% zUp=8261zVAT@t%|tJ3gD^?0@#bq+-`+^?3Md`LW8c`}eHE>NEAA_m_qgz1D~xsJd% z4>8t)0p!>(%bq2VN~ZMx6qi4k>OCZ_Nr-QQ^)T_BymzL4Q?4 zLdoTz#uBrxGbCTUQfq2b;O>et@?s;!L~WoKuP9-Z}$y>WS7b~w%{X(7kzTD4hix{Bx>7HX&@l|QMfbG$i<8t>>N z|NaIYP(q`mqMTk+{~{tHYuJfK%G)X#?NneM89-6rc&)7Mxnh^oG>OdJ>UiLXpQt*_ zyIdz}9PvVCzwvm-Ieo%Gt-iuMWY5`apr>|1EuO9U#D*6N<@{9mnM0WE9hWYL`*&i) z^BzalC^h327%N_wvZF99$7@D3Lk)(?Sh0E7dBlAwSr5|R9A9MWsRb)ss>{)2sWU6| z$H3K}Xe_MMiFumON+~K5j-$L+y;S>J!tTX2^Xw(R3N}s)0p%4vh zAWlZNnZlc=Y(R28K6t5Oa8CB+`y&&e1>fU^5mUHb=NtJMgsGFQzdt<+m3OibRh5vC z#GH%e%lZ3H<(DYB9WW|>TkLOz+OG_*}*{869fmE3Nemz4&)?^-h(ot(++S9XC zxIluT8z#U@tP2y{-=f6vmXd-(;c0XvgQSQ+!l-${gK9=36FQh%J<*O(#6ufi+^d;X zc5}l&Iy$nmgOnl15f(!SL_9;>;b z7p5~9lcghCWZGm{LH0(LfZL5bRdtLN*?{>cVnlbohyaMvG z#L}{G1eED7FreMqalE4!HWRptlUbR%+Bbi;2@&$#x^K{UC}nN^A0)9dDjucD)^*WNr&6Gwf0juVlBTYSD#hxU^b<78ze!X}2VDWf?u zV|&O+govtV@$y*qE2N@oyqGcQqKmWFM)VxFxZ^><{jhIdla zF{bfs)vmL6UrOf{B`asiS*1=ZG?wSw#2eQ!Cdb5R%fNJAQ!md?jm58GVid9l<`CeE z1GQIT(>7&VMtV2D>{*AJ@-B|AS}b(2_iJm-p#;{C1bP|~w16-)rjmCOth0y}Y958RL~+Q2XiKOSg0} z%zS3--r*o0zuO)_M>p115QR@nY;SW=OR_CirWtY^eLt4(N+?+)Mb5%P#yGD$u4~Cm zx?x+zbH?A9{QyF;k*^E1SGZmBrQ1&Mx)>%h26jvC2K3~-<#<1QtK4h$#uSX&us;KA zXQxzPuU>B_<@bAMm5;Bv{p49zT-P!^XvvtP_H2V^(mc7d6F`k-kt~h3#q!7mycE zN~p>q!(z%YGsBWldz`zfvZ&bV$<;>xgvuKY#_fe zNc`ZJdv3r67tkOO^E6`P=Sek@yf~wsMqWjiX9Dn)^%gUoN@YdJ= zN4Ki|6|WZfjEO?#WdBQ(YbKBzKct0R=nwAby`*v-JLC@vY409+Z`dF${$125Wtdrv zsFw1Z$HU9zN*E&Q(2@2^&AHE?su$eq-*mM$nXjt8ByRYj?-<8c$3HT};vOnm`s=IO zA*Lj%B?g+QtDHB;d#i|1=i!o4IJ9hn-ke+Iu*I#+(N+Dt_*taDX3bqfiFovImBO|0 zxTN+F2e+1@%^lb-)TS!r&AIf4Z9 zt-po-2pr_UFXUh4D-B@uKjG@XtTM>G zE9BrosBiB7;Fo`?8W3id`t2Z71Ba<@dMw>lHsiq$#gpl#9`Sj|*c~6<%1l z#jzgUv42WCn4a=Xe+a~%x^1U_bnzwqd|3OzR0@II8xwiC;E>Yb;+Fax&da^;u~?R2 z28@*U3#$JyyzWV(FWLiJE&K z9{s|C86a*Bn~~Oe02PfAHyHJ)WR6zU2@{42bbjIt22K4S*BvjVzG zGWeEo!hcKIX@FZ=^QIb1%rcGN?R~3~-TU~6j&^d&>=n02)KOkHD&zfP!<4Eo6vs$d zb(cZuoUq{ZOb;*axf6_rqF2t`s-`*!J(7NhQ4|-9DD&7P$u$o&j;JmvEL@0`y`V`} zJ2>5mnG8Y~7C?}O`VHo40XMBmCwz7t$@N7e>q4_?rQ~l15AQ5oW`!-GHc&%638}Y~ zb?wUbm%%sy$zR;-)Va)NSrEBes=6K_JfRVZlhsJUpFGYq6y%+|@eA7B_Wp@5ro8%? z59IRxnU-y>7R*zkY`3a(Vy4#@Ch1u*z)#l5*GYAu9|_>g3=nU#dy*rim04V8lMDf~O?~y`X@S6sN6H!2b4PnUj2A8;3F~N>OQVBhTHZ|0XS+ zE9N>8Zo=>-jjkB7-6D$JQ?>FzqR)-W?P%I^a%9%Q;4GhuvIt2%gPPmLnm<*IG7T0k zG4{$FSAw==;4^RWxW}cz~Hgrqa{Hl%+rq)y36!AL2aI}oCV=X`8t9s;c-&@M_JuDi8(FQlGoXXMa z{;9@a&r(&yCaLn!z2AsA-=tBb$cZpA^sGjNa8pHZDXYqhSUT%V35&)=cc@`w>!G7U zQ`6jvxi|7&ZAVcxP$aR6BwPh=zSIwrcdGC4Zc8Hx*5&%!NPH03+yoW##Lt+wAPDZD+rDbw&1ddf?s&PKGYCp^`G(H#c`+d=QxSs6w>9xv(y3AyQ zi+dI0TTeHOMl05KBtd4GFv~Q|iZ>TwScpgq!}ks`Z_q;45JjOU^}S(_!&qYL@2<8e z8FAWzVGWC_=-N2|gd`F&-J4bG>HP@U)mD7rG%~d|Zoyc*oCw89-Qp~ncpNvN>Qb9T z{43r_nE6Hxx_9GH5T3zvOS#P2g2I~l#=D-QCor*1x{+lAGl4gT5E5o)?w5=0JCdBU zjXsj9IU(6)Sv0b+N7$p@R7sht3}G%*!~>%j>MQFXmzJJMUCcE-yi2_c)o~6e=glKb zM)!t1+jpsTeG~^Gjvy+?FO#65qWgA9d0x7btKGVGQ$TN2(1P*XZagL6ozSE329@>H zEoc4u8+nQgXXL)3J!&>`E)Nq$syXs(`ppGimcZ3+&S^a(1}N)SJxm~!Ns&(Q<2;mS zq>%G*{pAdi81{IgK@d=zq%U^IVdKj~JwgfAtkAeFdwQ;lQjrouK=RUpQC*mBJ4o+_ zDl(S=<}Mi-Y5B_mC1_+-1Ft()+X z=hev5{It%j)8U1 zmEd<+Kxh5Ok>}`T4jCQA_p0*mRiATcDa(f?MvrGO?o@^khH`SS?X}|ee^DQ~{Y%?P zU{a_L_}g%Nt7yj=9_PShkwHfCCGEMkzi(}DZ(X7~>^>XiQAQAJm6H=TUGb@sDy;_- zGiDiM@i96@a|g}jGrCE|h=%E{aW6oQPMhhjKOoqw*sgyj)5vYLktA6Rsv{^^muB0c zS-w|%x=m_Ay+$%La;7v|3iL6@JOs!zKx(}jTD6EXbCUMvzxu;XnktSSXD1m0YJIdS z^QLZ)HyT40(04+`G!fq^!W7s$21@y5a)Q`o(>~AjdF10d4NpmbrXJw!QNN|)I1uLa zu;{b>j-g8A5Y!u@V+pYNc9W|l-_|{b+#{GU?|auo55mR6^KpAkAXByHqqMlYe$_ii zB#{Bi902U9EjB%h5}VC6vyF{`?xk_uEHtmV5xhZ5`8bPQ(FYIPYBO+es_&g4jzBx+ zmG3X*3pg3eN%Z|l9#vd!eJq*=G8=Z^r}}{RzI0y9#-}K>s7_yRBJJX+V{m9hwUIx7 zjHrY2glcN4`KHvl;E-=O5A31gX#2MSg-_vz4#f5|@5J>~@g#-Nr`ZGfu7>na!ELaT zyr32(dJ;~Oh_~2hWHuG!Pr%YM`GR~X@eDueX&>$W%09;;O$tREz{7HH$URhIl?%Fn zEvKi)i?bVl8o}N zzOsWaP>oUH7Ap%|_k*Eqr6dc1mjVQ!*TbS$rPJ;o996N|L_ZCz3wze25E*-CVGr8B z>QMH1>AJT<^GC`gYjW}F{4x`mhIJ0hI6F)Uh-G_%fM)rzd^YR+rlJlV67kzF#N zApc~e@|~Ar@cf0Y$>c#|DtkkD+3>iJ3&Jv&ZEb91O$=%1I#C&leJ+x8vA)l-PI?Iw zNELOp?O7wAt}Yo#D3)Es`e2_gZgZe}YInF1{m`z3>;ba*lnuMrx z*p4q>Hcet&_}}X8puoc*wvV(kLV=}YtwZh*veDnMY)xaWn63WB`Wpi-;yw^6%D$1Q z6?pQqdb10t>8%X_yQalN^4oS3RqmpM;fYhhrq|fwx8?mZqP%Wrl(;j#TJvt5z~yDJG?o`;1o{em_`p1KC^l=+l@V~ecC+~O zdhp0iR@v|k&`9<@KiTtFPakE90uoKSc69I2^As}cyxxT{6)$;tD3)#sQ;F%P7b(8y3yl6cjbj01pnhg%kCC0VzpyH- z-apPH($1Hvs2+M{5^tl3-R&O=o1C&8ZQW7e2<16@;ckq1vf;!~2ADa>1qQF#~-_6mldJX;|P-ciPyP{tv+432D1r1=iPerX77#2qDX+Q7z zodMi*td?=7bN+icvxKk!TTx#0^qgYr>!Q~AeH|+faE8(n~S6}dtg&L># z?!X#Z74?rFZRn5F<8m)MCN$@XvnTob;@uVozny{=dPe>L%o3#+CE{s0l~Gb=Kc0D> zX_(k6|3>w>$-vcEfB;50L5Q&1=_LW_#^LYjVGQq4Lis*%qNK$`h8v&78RiYRH1v%qBVHr_e%NCHW*oP p-R{rZa8Rw{{kyyWvsb^66}p>B&dU80bNw$Pu(F0yv4T~|{{Y&dKWhL0 literal 0 HcmV?d00001 diff --git a/en-24/img/Grafana_rfc3635.png b/en-24/img/Grafana_rfc3635.png new file mode 100644 index 0000000000000000000000000000000000000000..dff176c82d085701f29a34152934d91f08de1242 GIT binary patch literal 11670 zcmeHtXE>bQ*6@TNh!znoYJ#YvlVOMwC3-K>d!4}yGkT(n;1Qi5A|g6rh#G>3-ih7` zqmEwZn>^?F&U4-$-}heU$NS^Gt~1x%GxzMZ_S)-SYwgu$M{8>;laVlx0000oRTV{D z0N_Rm?%whiA?~xf?w}m^mF1^z4A-?ruzGkw9h}|lS>e7O_N?|uX9oZPIprQVOV-AE zJ8V9k{lU*uA`$Y!kWn&Fkh(e}`w{crnF7cXB(s}c!**ANucNvsB!+ilW`-{8CV+7v z?b>4L9`y;A)|)mvnBobMy5=vt(?Ev-)>6Y4sqcPy#e8+&!wS6n*i_-e#?gVtW29ZZ zC*qoE$-CY&cAOEHZFYXkG)eO!L^d>`of-@PkUVk5F>0)#4zh*13s~DhZR`b*?jE=& z005+Aksj8zuJ&+N8+%7*2$+4h;VV0Al&`$VIVu}pD1uwFuSpaHmd^E%brzKKvY1G z|0&YhN0?oPgjL$h&H<#WsPq>J+%GV@6CCaV0s;{TgaATB0P5uk6ngylF;Gw#C@jp6 z!{CScLg3a&ehBQrZxa8Yp=b}Y^>X%rJ3}F?ziC?AK)vB$c6J<`^)KRZXNSM3LtuXi z0VfXNZwOFGKoIz^=)ZONPiFoL`fteJ=)Wg}jCJi{P&e=2%Y)e^gn>eTQu-5Q^8W_? z4KaW?|5)nJVQpum zy_>P3v%5V6_9rKz!jgYa`V(sMFVM$g?7-hT0RE)}oKAuNRO)ZZ{?EVuv&g?C`GHR2Aj)k#DzW5lDT5^OpVHQFTshVKy+^4LsspRVqrIKi=EO>5PYz z*_$I~QC6*UIurHds262djzpwSZ{B?RiU7_=eB+KTD>zYIxXbQM*XTS8HKDxU?Qbm? zzS+LFB-XS2cfedHP3tqT-A6N!TBBTT)-X!>`+Z5u^#J)>Y>GxIEqCN^QBgj$B4!J_ zb!$_Bc4h6}-m;dgo(04uSyEg)gSs=$`gBk9^JkxfX>1KD6EfUIO)rgHSmZ`g%1140 z7Bi1`Lk(-`!vNhq8UamSVgSqXEy>w#==hSV-`im4&t~I$_%p2aUlVOFxIqyLlxf;)gL_F6fen58+?=Ha60w zu}iMEpE3VXpqLxGx=oHb37&a1vf)&zUTR21&D6J=YTh12)pps_0K2_)%sCfyf-fwB z7#vo0e8X2uyrcknU^4FSasl)Y)x3^}J`##&x zSCm&oMMMzZ;}6K~JTr%FYap9SL$j6gR{JC@To9JwluO#m8ZA@79blVN?WFE;nB05z z2iS_wVUdw}6KGWprWse?o%!X*c1W8FL`@8EFYv0k>?_tDTc;>Q%%<++(EWs(? zmTV6Fz=@hN#8q_}Z^6Eorz60vX`>(1@v=8hBOG%A&Yw0~PuJX!Cs`80Y-9mN&@%oPDuyA@m^dJda z9QCFGkwd+(_VTt;{Z9RA3VO&%wCRndQIGGZ_76dg$D1(ll!HI{95BAKZF)DL<)en| z{>}x9Nb_SWRPwR5#X?`L?7NCDY1gXJ(t9mg*VW{aq0?*g%Bs%vjN;cnR=N^T&ojl4 zP0X5-);ABJ4OB0RU!t!)dA+^8S5|2RCG9Bz^z)-l zU+)2?=;@n!j&cI83(PoXr@MH&^L#wMIV3d z!usp5R_IrE{DqH<*g5tJXOwBb?5>;4wH@*E+UxkPM6QINz?Ys}af^*O))JI4Ef0Mh zcXLZ-Rwx8n0`|B8wF6%h*c5c9W_%EsVqqhEN_zUC)j(?bsN+xm@bu|1Z@&zL6uNGf z8S?eu2H!o>XZf%8JRUeyrI)9awdk94cn3GsKRrK@J-rz&ubLwh_^GticDw%QE={t> zF8JWaj{)9yC5>+pb60@9S$wYs@aUK+H!rY&HMsmM-}9QwZr7MOJXUu0kj+hoplf^H z=@G=>GbE3+Z$cy+cDY#xq-3@bv#oUa5HRifuO36LC>B;XlQ8E)W!Fp@5Hmg{5E6C_Z2;^ zvx8liAi&xhbIJtie82&JcsR%5Zca;5SHZgp1n>tbnd#m z!#q|`54U^tv;>~y4QcCGFU?)Ba7Z~)5creQOR{$5^jit;EnFe)(5yBnC#Ba_J(W2+ zI^qksVglTg4glhxb1iyEA}^yICyk8TF*L$e|oOYI?N)TP{o2}5@+bWKd^%H22);jTdZ5Bm~DFIk6=&p{*@r zM&@&+wpLY>fO_z46YHX-17ONIwtNCzxA)D2=&Jb}_TaEkPjY=GeRN{tU~~ld8RtZy z6G5Hnj=jIUf&e-?fkPYc5Bd4RXQPRQMZ#499WI;b(nd@-zd!|D zeJA%f&eNo8?GKAL+*y&UaAR--E@|#y5oAwwMsVTe z;&orxzJB%eXYNV0Qap24zxkwonyJiQ$v8ZK7do+XAD|S=Fl2MKAlD^*vbCJGLw))& zmp7RN3)65xy`s(b$4h=T#^bKs$to#H2gocv3YS+VJk(m+4+bl$s&Z$FUn$~@vbO(g z{Dg(?y)4bhNi)(GT(J4FS=0lFdi|@X1U6vTwXQZ7O z#LHj2ufh6;2B`WLT#${c2I(R0mH>uDd;|}A>6r+Nug(r1T505n=g-o6;S5w7^DFU- z8Dz=UmOf4Tk1t=GQur;$77x@eaJEkRL{EYxZVoGm8v1!q_!Ic`P?RB-uzaFNLt;L< z&tVy-Tw&+oc0*?=5Fzn?bGEC7hDPRBs9SXvY+c|sAwG9sA`3vDhl6 zbmIc?G0naGo|Jh>_ipZAN6oC%5Yd_+yDQPu#+WnRqN3vGe7k&KkLhBq6%`e3`C zxb4%dRT`Xc$ebgIU7O7(Y$o5W*f9qz^pj6e%is4;BHGzQINm`bhP{tQ&Oj_d)pV&n zeW&}jzDv=Orx){OcH?y-8`KP5KkD7r4Geb}k1^nxsY!8)O92^~doSFlg`a=$1ZCO% zcBLgHJs0`fEtVPng1fqLa=bfw|5FXASdTWpwIKYbMp)=L#sg{AE`8`H>7AXPO zG{D9~p5)|Y{^9LltH)AOM0;=kpd>mKP$Abe8k6??Hc^H43tF&Wd@td9k%e_N`2JnV za#!%-!!K=t1VCC#(afPdrSo`oGdI42HS>uLKTJY=KwOj7lcv&H7Ze^p3wwWGPeJ{6 zyca#Qm{^kez}i-9)%3PQU+p};Al#T?wi4_60bF+`nWc%v;5K@9qL%DH(HMH_IZ9)> zGoFJ-_)f!YKZa%=?rNT|+lBMAH(S1iLl^>t zZan?+Mf1ccPY1S47VLQVDWSdNyVuEVtxZy7T)3nF!6?kww)3@(^0+{=2`Z(r5l@;K zSm%3oePNu>k$*@gEBN6E4W0h7+pJ9g78LdRHQ(murXbyIb-MW``qx*9cj#pT9+{Xl zeAzxGlJs4YJl^5A(}FOQgukg80Od_zcx_vjFBCdj*iB*#dZl56t*!O_MlL>Q_Ow+; z6Wc4Rv>wyjCqiEBg19_$g?6h0eKaV`ouH?+PbStcgLT6tsFl{s@hj`w92^|!?i*4S z#(YjFxwpg84+}>&(!6)nahswGp91_nNsr6AtdI>HNCbcZ(??1#0c&PRf!*d4Dy;7r znNl1b2?+r`ee>l<^~VGnTqoowBTl2e4I7}0jQhWiTFqrN<)dtSbVk}hg7&6Ekc^Fy z0zvdlIu2yFzGbZi5m1dLK6Gs^*PFTgJbg9NJ|JxiTK)J;-0kP<4jVQe;Wx^(Gya3( zfgAeWDby^-w5toMj0e!Bmx)}OEe=)t+f%!fiJ6f@PAfwMCzSp_TqCC@+wNi2)YR-3 zUR)!kA@_jSpL;q1tdho^F$1#wgVk)trAKbp`;Hh);DB6~`0CxA21K*0yGys#+AN&O zuPJ+JShpE#O?@vWJZOJk8nZXckGJ}k)X{Ts3+CC-6i^%VU}HmS5PdY`e-eP@>)u(B zII7mGTUjF2d34v#&LJV85dY*cp*3WaKks`@KSKD`UUF^ z9IuK`{&>L=M#;|lS9O(yx%C_PgcbZJYVH|n^oJZA!qP9!e~kP!`CZb`6CACVPyGH{ z%Af4t;F$O)$^YN#qs<6no;dhpT;Uf*u1fK*{C!%Tj=|38*`vmH6gy|CXk_6@wq(ZitI@B&qMx{rlt$b%7bq8<0=(Ddj=nWwTO}22 zB%{0gQgzevzAMOOq;%I>HIqz|C;3io=fQ<=f**ykE_TUy#3D0AmG)l+&JV1Yj8HLW zp8s&&QMvYqIRAf<<^NR#f|yz1gFrm=Hw~CmW(xDas!8%Ao}poKEXJ=hK_Eghj^^%` z?NNqzY0B5@?^3uh*JUV6dPCd6-KMr~QH3^7Ls>7=@LY+Q;u>DoIM-_5gV^(NFez|m zf>1zqSw!lCPBPq>&ng!vCJmJ_7!u@OZl|-0%Xw&RfRnk;`beGm8lk}R=FkBckAKrj zq?d1_?smE;VwfbpCDMA==bt?8>Ki{L9JnM)@j|Kk;uu?4hB#}ev#1lt8Q9%1*( zynfFQP_r#hz0@X8CDMXb-pfxFzNmt`1g&4(!QP6jF{qu0X&XCpt=gGR8(=C%u1xZZBbfzgTvYP8p7++U-ozxT&av2tfg2f`SVPc34asksfH(op|WYsTV)5TtV zm0$KK5;oE^wTRO#TtX+i#=$-P%za{+ipS)<^UxKL_35Uu-ZM9;-JLyiN=6h8zFK8EN1zzygl& zgF#M9Xs4a~%66~tHAt8|X0`*n&F7d}_flsl_wp(XnM8twxUxmCiaj0Yd@bkF8>{*8 zAzga<46SQoWJq7U*E{B0#nySk_PNP+zAi%#;n z+QJTpDv+jCKR{XCvC?(G83!&ffdD5n7q^6jbZ~XFxcfEn3*XwA4$HFo*M)jq2U`c_ z6}Fw4fa)pMowQ(lXJ-Xd_k*SrS%+DKY_)0GMC4v~aJEwEPBM=a-|<9@{EgI)-vtHA zC>GHCP4%T|Z#R`VPe^SwpWQV@eeM7eO{^AAzw#8V+e0?;{WNO{(IXt5|MZ~fte9}d z0?4u}y02!!MAhm7q04##k4mxZDG5k_-gT(>z>-#vFR?!cy_5$@QGRHv_4QaL|xbJ+0kto#T!C)z#9JczPIK?W~sqlm<0{ zGU5VoW`<7Gq-xtDM7YG>jNFL@{JhV64+3<6np0CR-!@CT^HjAdOUox6U|d_9@zNUf z&D)eP9Ie9>KpVWK#Kp2xVukR=S2!nxEvE&2N+yw+b!VR+RxzEYZ00SomN#P&V7e1) zSlYgbsbHV)rFe>ZOIhlOlffcWK%{Z(Y?tF?@>Yq9m0$1!M~W>q+YcQYlS_b~1qIbR z4ccs@C4cdXHvcGGxsWFgwVU^Y&;!n_W!s(g{h&K7}^6;i7)@5Z(8N-9Qz?aY$MH zk}e@9h27$}S|lzE?@jRz|O_$s~(&=uFd;h=`fYdb@MIvghoWs zCXMd@e0}$O`{5$A*hkOaS+P(TBWDk`T+_#FY*B5GuL{8OzJj;KFRm9xNcr_8BhnC>L)O*&_?DXb+QIcH)5g<#!!dl1l1aRzz1>8{_J@4iOcER&hJY7? zgoTsa)t|Y`Um<{Wlf_LnxRi4V*I7#w3M7e14e0nDD=Qp$?mXLVJJ*OtE)~*Nn3i7K z?^jlu!H#nLOW#H+_{>eP`~-NJVjpR?z?OB;iC1Pxa+ z3#&yxKc3&>jqG}s-q&hQ{pO4BEc2^A@sJ}^49})J}moE~%u&9}v8t@pZUoDTw#trw16D4NB9h;`IcXnMn(0 z+o#5HN~&)K;Kp|{17lQL9=Ztk zXBz9uxMaW;G)8gTouAc|sjWx%T`R*)8)9;W0>41y@5BJ_t5yrqCFZ}Rw!QFJK2-!b zP{ginCRFm*91TIJ1qw0`B04|2?a&c+(0wXH)zW$SBTY#x%|V1OO7l^Gq*2j#y2Yov zCeCJ30?|KZ1GV_(hoh!fImOKel-DV2yBAbMc{m=tm)Chj<5v91@o0_#APu3A z;z4(bNxUc4wH;;p^69Na4a)=SfTQEh^upIsB=+V(WG=C&k~-4!uU9#|eJq(lWFmxz1Xd8!yIScb0jL6!#QcOuwt^tks}0q~67ElH?>RQE zi#>|-j%xhcUX>eFx}CXHoAL_{B_Nx?7yWFReM+XLudrC|P@)@F!Um}Hpy0vt-OOFs zcrU#iqnF%vw1rpAd1GpYGDNSzI z&*(2n-N;IzBX8MiO=vuDrJBF1FH(56BFHv=0u8fJD@764PWRBX*&-o&Hx7)pl}Zgf zr(QH)=N8UYeD)0p?xO7hRE&;Wi)RWM7*a9OOqMntV_ybiCTY$5`;yJEZ8Gvl^Ez2{ zp#er0Rc``27n)!ZXA@}X;J$?tJ=Bf+5a{aV-AGN}xBiE0zTz2%X*4yJXY=&o^oo{9 zv+pC*e4Qn?>^;H9k3-1n49xbQ61MvB8^ynVP?VLe;$jI_3XQ{L5UvH(XWhz+yWk=R zu!8u~x~G(yyCm|+h8Mi*jo;`+Hx0E$1u;z|)(u7Hb#*NmlC8;L^Zv5?b&MP^~iKkYY)8^-MR;clVvEk(3TLsGJ_p+0@i3N4u zqG5?^m)I&ye9U!0$*rv1PqR+U+Rh9Ueiy9UfWC>_>bQSh?jM190iojvvywP`iDf2o ziD#&g+`uEiT?xw@M&gnt=GvhhJDWP@3?Tv2!eXZwUiW?kHo6iVO~^FRuWq~Z>87X) z4bBhx7L!()HN3B^OqiYYkBX1&*nls>>s3^u6mqpO8Wd1{u7~Zg3wH^oF>vt}s3`H8 zaQ+X3YSZp}(SrJyV*bUdxX6FhPa^NlWAWILF4UIHd@98PEoGl<9C$_}j%B1BKEMAt zr)PO}X605k=t1%Zw~l1S4Bxpu%Z1By_AMP(gy(MiwX`UIxK6ZE?>#9*0Qw>`Yi1y- zb2%RuE-F0<&!2|vp=B&9(kBBdXR|%B2*c&&VrNf&#ZIH`z2(U2n0o6+#pcnm!i2Sw zj+$DxWd)`WSuidii_SS~QcNB@THS1Tws~4w9rw~&uB5m8`yxh=ORT8xD55>$bMYC8 z?KrDt%hdc)ZQaZzdc6rC>TNycgdiYr#x-v4(xz(b>-SEf(4KWOqT;6vMmF-&j1pJ9 zs$8+QS`Zl;PHG{c<|{$E03%g@FH$;j(d1~ZtRLSsWUKu8K!jurKX7@%Yo$C~8lhdD zau#3T(l0cP1Rk_#jM87l-jq0T$ez_zNuG`F+-4J-YWb8V^GTm)d^J7#wqX@qi$**% zRH#ZBZk#IT!f~v`#f$0fWw^UIKb{n%H1`u12SZ%W30;jFY8hVOoI;XBwJbF{d-tG1 z0`$dx7{JNJU;-PYIomy&Jz?DU1J5Alx3BAo=D~xpnZb)i#R6!QyZ1_b5!QfU%+7#` z&JP6S2$856bjVVVBC`*K(8Rk5EHt(z1SIK1$md$MI(JF=QSmu5Gu1n(+$Fdt zRW6)v3;^i|T68AG&r{ z+T8O;N2k)$C?h^+m9ICm_f16MtnVE}6F%}Y=+h|A+(l{Hd(-(b1Mjw%k>NB=hvxI9 zr73Cx%`dVVd|=p6tPL8v;UsGM>Q$hTU~v5}X*V*mnZRAVxuA80>M8t0E?r$hYf%Q@ zowHPv1_;>5{BdfoGk3u0kPUO-7X6lnhV)@e)@-&rtXj~7;i|1ZMnrAW%(OF6k0^Jj z$Ry`^N8FMr`)g2k#*!4bIhd2Vwx>^dTCH;OelIhX8a%3|tzH^hv5RLv1SHCC(tX$R zNe|YhdWCEL1SFU!Wuc-I2^Br8T^_ztn3`*KUu;#q!ezmYhsze@cA38zKQ03wn9i|m z6rx-w5`O}7J6Ob9OdR`L7M<81v?0nd3m7KT@h6xA3s}tg#G|C`an%sH&Y#zdqo$ds zR?mq6Ct8{g>gp_niYKjZl?OY}4yOz#hn>EdAm>L4IS^Tg!}FMn5fTD*HIntDm0Jvq zZ~6N9I?(%j@rmcuj79DzK+6I{&$D01x8xF7(;PKl4SZalq#lKCi}!amo|nE~J3soN z`L>3jwz0uL-u!MWI$Sn>pCDPKi4dg}{w$xJUw(idKd|jxpgigtcK5!MKP`E*Vy=D# z=X86@XFmvIYSgp56?7JjU8)H^-E5><3iPO^%aO#9q6!}n%f9r_FnY<`Zby1mRu{Wyp zzN)g?Rjm=1Kz!<^QbBOhMUZ$TQS2*mH16arW$wf~mu1CY$9_T*)&1onoSAK3cB?f}ew( z6_}E>E`zqmqD>2(M81SMP0M!q+O+Q>U;Wo8SLeEpFlT!f$dQiWCl-X?T}d5&v~bqf6V4Zmt~W94528SmF; zAQU{SyN$nOo!vX{@G%D_>Th|SPHV32+9mh-NWCflvST< KDwfGxh5R3D=9yUl literal 0 HcmV?d00001 diff --git a/en-24/img/SAT_Grafana_Fabric_Vars.png b/en-24/img/SAT_Grafana_Fabric_Vars.png new file mode 100644 index 0000000000000000000000000000000000000000..194d75b124e8e6289c15cde200bda4ac11006cbe GIT binary patch literal 8031 zcmeHMcR1T`*H0I!sFv1Vsnr@GR0*N>-fFLi*aQi&DMb}kLA7Q}t%|BuRhwExRS`8) zyY}Aei9Wyg`91IZUe6!DKi)sy>-y!olH56;bD#U%pL37%J&DrMQl=zlBnJQhl&UHU zdH}#V9I?$uMne4LB(L!yex>^v7^C%I7(wbmh1^6aaChGB$El~!&Z9&0Oa=_iH;g;YCzyfS3#I9(gq>ukvyQrY3ppbx~ zkE1sjC{4~T}NJ%Hb^ft6bK~Z?0*SrgM@!u`VE=Jx)T#Q!eU8f!g$$T#RLTaT)BSsKKFer=m-Fy zWmZ*?HSkGWPWKHk7#M1+-yI(+)7*jH7rTG|@uc2i)_K=e%$_JgGNIjb`L zzxvt*^+0=kze?;{cFb)?a;eI(QHNd{?9|L8z~<{j zVdLZbcfZL-cdN4VdKSlr06XcooF>r=+3(bUNpDaeT+tFE*_;nL*J*>Ay!uFd=$_5A zJ$JeTjg6cTebex~9C?_m%$C-oL2n>0g}v3agDVkDD%>74@g);s4SMO}Jy7 zWR_O$y{}cy5UT%TcsLMeS@wajK9><3PLSSmsIR|tKICR(vRdJyLaH!(b4T7xJO9K( znaJFV&bGU&E7LP90+CXKbQISp*fNKli5_ z*Dp~W|G*vM2iq*#%esG}3WGRuc4I}EPmSCv^R$Nkji;n zQnJc($QwXw0<_HI?snfQ{wDt17`H51`2pBTzFK68%Ic1ic)-HSOvSdm(je?QC*!r; z<%{AgUWuW29LspAR!jC4Ut9T@vHSaC>5s3UOCa5HT0CkXxe#)xexK##%Xv<2?o!y)9H6Uy z%F^xA1fyV$JEOMLzNjQ-<^28ZUe6wjN)flwA3?5y2XoH2<6j9uZIlt>87Cubx&=1C zAz@g(Aoe0kUF2m-IzXW`$Nqz;-q?zrspWN)+V|f4X=wyi|Hey!*u9!_a<7H1y5eSD zBcH+&b(Q^g3rRvJgo>BJ>xk%dgW4w}dDGZyc@u>-)$~APecEn;a^N?H{U5OHFUT!8I@HVA+2Co!Ffbix|z`&9YJ{gVN7TN!(5@Zml_=*L4F) z?d^GlFfJsFNyKGrgNRMiW`syUn;X)wXe_C3q;X_hPwE3ZZxiz_dc<@!T#vU>+{Dmz zwk>ZCd`GntHIkzGowtiAv*UvpDbg@?zxPcVtCdB?pjwUuIRA8NmShDY5*NzJf_#u_ zGH4Cgz&>T-wvG2|;1eBxE4JxT8;hLf2Iq;g!~$u^o0*b|0`Sx9eXn3A3{{--z~hF3 z**@Xeh2pgp0EWM`>pULv>Gp=vR?l5){{`}@8e$5*U6&wJ0}q;RVh z`RoU}^O*Or;&3BSCT$;XxoJH|WW0=%p`FDiRg>+7wU;W?Rz(+^u^ess=dH`e z-YDztZe?`-OqCFJGcV4+NAM?|Gp5hME9;)aj}be2L`C=vK_;-F=Q>$DV^L>v7Oa3MeR?zYSv%Y7$R)!;XJKnlf>bt+<} zgo)ObD{EcPmBx#OI6AK1b)~`^rkeN-OlN$sI(hrLZ6{X{gvor+0FoKj)J(l#5?^pv z;>UNVIRc719V^XJrb+iCYi$xiOC; z91mX)evfGC3-(VVW&43*Na1Y+M-kpS{Y+8F^tfu`-L7T)jA@D>_*b z9SrloqGd%E-K`0;J5O{KrsN3G%8P@f^1OYn9b9-Z-7*%}UNden7_{KRnu5~;Cs5*E z7`1lmZ(fdUsxcYDqrProMGd?7ZrzrR9-H8zrz)%QA6qV&Z#kMDfp=&}XOA*gOYFLi zbgu8$n2S1dlY~9YY7)j-ZmwS&Oh`>_4!p9$$-#k5pS4AlSU0BA$2RYV`-eG}=H`a! z@OEw6PnX!N(CWoP>YU1Z=PwIMi#%k@v}pLw#~lyrhnH4~i|{?nOi#Mnu(ZxFDt^0A z+f4nA=EWmf!SrV>Pka%y2=4FW^YbDzJ0tU4HPA|mknZkufT-6;9RqTZx#&}~yqnLG zUbQSS`e@=>XSwOgut_e~9f&-SAP+_-MLQcmDJ*|UPEquL7YpD~D2I1S^$)mLHvX;9 zf*)zpW=}g@&rPAyzE1zk=Pe&R9{oy>kH6keP1|Z;>A`BsTC<41E1};dFQ-#oGc~NH zU)-=Oy{YRvx`tJz$f8dFdmeme&8*0fgU?bv4Fc{Nou}N9v{yHy1E^y}%h1ZGo^|eO z9=%Ad?ylb3fG(!wuW)Wswfi+W6>&rWMCm)w#2%!G4uUTb)j2+)PBS3MpDP2n;BT z?(>-`BpEMuovT^-IpMTO8LUG_&05%^Rvf{e2hgY zAu%Pad_FP$5t}kF3W8Y;4K!6_Gs%prwVo(oN$#Na40u0 z+Ff~H@b-y|90T+%yAwmLWe;ff)b@wHAs{NHeRpzgTd?&oK-M$1+C zg<&d}jD~0B8vRPc;40wuUCdy0Jv>G!DC;SYT`YWj+Pwcxc*TI7B_zh;U1ZqEa&D>9 zJqZ(&z2kGlRI;jSNCn$ z%v@7h80(YX)JK=8;~v zw-DTFu7QaI0zDUmTH$3)vuv6UxMi3c>3>2~WtTU@a5=oGKebx?mSj9}>(mX?T^1|* zL^{%|f-i{YjH1$>#;00~cM<2fLs7b@H&}~Lb?e`q7qOq_$;3(rnzMG>&To`fwKTTC z^$HwHH@(Wzg;h-r2g;|eJbIy@B5hq&VzO?4juR5R{p2F;@aGoo^IH21W0@?tzcW4u_Z2#)fk*Cz4mjiW3`8T0=xQTOi(Z$P^X7`N6`%9280g4isg2GTQD*4H*o$bp zyltCYry-Bv?N+h%v^)PK>%Dhzl4$J{jJKIPBrvf%Lp=YvX;Mtvvi*!DUovgZPPtc5 zM*Q48;$`P5dE4(U8@}R#P&WHZL!+&9<15nR(QV69PdAlB1PJXZ7nG)zJC)grd6=m@ z2!WVghpX{-zil(sPe(Ali!w0_^QhT6ef1&TQ+>6+FNdo@sy^!6T?t9P3@?BFBR9A} z^3A*wTmLIq&h>AX!l5(uViNhn%3z*k85PrA?nj#4-d|;S;d_>_J4xN%tot=j)t`Jf z(Jhe))3)<+Jq+0)k>d!e%_WaDY^f#CYlaUfs#hn7CC3f&jkL!OdX7Envh*KblBz0s z8d~n-mXfIHTNoB1gWb2%OZ-y0GW43SEmz-pb4{aixo_jZ{+^QNbQyn<80z?uhNm8d zs7bn1bww1EMewaDv$-S}&jRMys!EmrBER?5^g2K_zr~VpwYWdt_+|ilVSnox7?&Y; z!JMPCf7fDU%JcgA;d!YYUzWZr*q4^rh`}lQ_2+gF2sAA<^%3*T_UK@2w79ON6Z6}Z zgrFcL)+cJP-oaQ=w33q1^1JcW@ErQuMYHT)_w5JCWrbPTLpGmB-Bw8XBK)^+^bCyw zr(e`PKA9gK+`GEI!57`@;CD|uF_9J~%DBIo5IomhvG{S~z&D1?sA-Z*egC*QZff1n zcdb6y>vOeh#1-z;YI{@6{8KwIu@T>`CSX6~jl~_~A45M>-|Du(=aeBiOr4%&B%%C6 z!!dpH@SV^6;7QRiCtpVo+mO<=&T;=@PRDaxB)nw3UoUB{bIv$ANlQ04QsU0dE&k`s&`Wut4(}A zHkrjQa;`{AGkajjKF}0v?I#N+@N2XzZxAmvkqMp0nQ0EhYjKk1SHDCP#l;!GvrIcf+LmTc< zKvDnX&Wn5(jlPWnBEzVZ_CWMOTux6l?nrtkFH-L}x#Fknmc zMCXUpL+LAN%4$Kg6FE5(?)24TvU=Ye^lyrp+4s{9+Lgt>c=4EDS+0h_*08uu&Bk`< zx<~1nZp+z5Srvdo%NQ?SaGc-3vJ@|4q*9){1ydu1m>LOd~t$4)YeRt`N5MAr@oKJ`7(qYAQel4PW5y`^2`1)2*YB$JEVD$04bAYF%c2EtF^OkY z-lb(@?2>NmrO~8G;-{oHpA_wt9BK@W2U407UW>o)@^G0X;~^X{87@n$bVMjiXr=t zf>*%}5ZSBWXerXIg&qOfW`4;3lD7F>p32%s*WYqV(lGW}eat~m0jsDMVxF8Rj+Fbi z`c+Vz-T7bdtJg{4r}s@{mvn6z!VF`jNwiO>KgCHsItfjPZ4B^h2;n-bx;47XyL|fH hczpkVy7lw)-0`;Ui@PhQbZ37zt14 + + + + + + + + + + + HPE Cray EX System Admin Toolkit (SAT) Guide :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+ +
+ +
+ + + + + + navigation + + + +

HPE Cray EX System Admin Toolkit (SAT) Guide

+

Introduction to SAT

+ +

SAT Installation

+

Install the System Admin Toolkit Product Stream

+

Configure SAT

+ +

Perform NCN Personalization

+

SAT Post-Upgrade

+ +

SAT Uninstall and Downgrade

+ +

Optional: Installing and Configuring SAT on an External System

+

SAT Upgrade with CNE Installer

+ +

SAT Dashboards

+ +

SAT Usage

+ +

SAT Release Notes

+ + + + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-24/index.json b/en-24/index.json new file mode 100644 index 0000000000..f2684da3e3 --- /dev/null +++ b/en-24/index.json @@ -0,0 +1,92 @@ +[ +{ + "uri": "/docs-sat/en-24/", + "title": "HPE Cray EX System Admin Toolkit (SAT) Guide", + "tags": [], + "description": "", + "content": "HPE Cray EX System Admin Toolkit (SAT) Guide Introduction to SAT About System Admin Toolkit (SAT) System Admin Toolkit Command Overview Command Prompt Conventions in SAT SAT in CSM SAT Dependencies SAT Installation Install the System Admin Toolkit Product Stream Configure SAT SAT Authentication Generate SAT S3 Credentials Set System Revision Information Perform NCN Personalization SAT Post-Upgrade Remove Obsolete Configuration File Sections SAT Logging Set System Revision Information SAT Uninstall and Downgrade Uninstall: Removing a Version of SAT Activate: Switching Between Versions Optional: Installing and Configuring SAT on an External System SAT Upgrade with CNE Installer Upgrade the System Admin Toolkit Product Stream Post-Upgrade Cleanup Procedure Remove Obsolete Configuration File Sections SAT Logging SAT Dashboards SAT Kibana Dashboards SAT Grafana Dashboards SAT Usage SAT Bootprep Change the BOS Version SAT Release Notes Summary of Changes in SAT 2.4 Summary of Changes in SAT 2.3 Summary of Changes in SAT 2.2 Summary of SAT Changes in Shasta v1.5 Summary of SAT Changes in Shasta v1.4.1 Summary of SAT Changes in Shasta v1.4 Summary of SAT Changes in Shasta v1.3.2 Summary of SAT Changes in Shasta v1.3 " +}, +{ + "uri": "/docs-sat/en-24/dashboards/", + "title": "SAT Dashboards", + "tags": [], + "description": "", + "content": "SAT Dashboards SAT Kibana Dashboards SAT Grafana Dashboards " +}, +{ + "uri": "/docs-sat/en-24/install/", + "title": "SAT Installation", + "tags": [], + "description": "", + "content": "SAT Installation Install the System Admin Toolkit Product Stream Describes how to install or upgrade the System Admin Toolkit (SAT) product stream.\nPrerequisites CSM is installed and verified. There must be at least 2 gigabytes of free space on the manager NCN on which the procedure is run. Notes on the Procedures Ellipses (...) in shell output indicate omitted lines.\nIn the examples below, replace x.y.z with the version of the SAT product stream being installed.\n\u0026lsquo;manager\u0026rsquo; and \u0026lsquo;master\u0026rsquo; are used interchangeably in the steps below.\nTo upgrade SAT, execute the pre-installation, installation, and post-installation procedures for a newer distribution. The newly installed version will become the default.\nIn SAT 2.4, you can instead upgrade the product stream by using the Compute Node Environment (CNE) installer. It is recommended that you upgrade SAT with the CNE installer because the process is both automated and logged to help you save time. For more information, see SAT Upgrade with CNE Installer.\nPre-Installation Procedure Start a typescript and set the shell prompt.\nThe typescript will record the commands and the output from this installation. The prompt is set to include the date and time.\nncn-m001# script -af product-sat.$(date +%Y-%m-%d).txt ncn-m001# export PS1=\u0026#39;\\u@\\H \\D{%Y-%m-%d} \\t \\w # \u0026#39; Installation Procedure Copy the release distribution gzipped tar file to ncn-m001.\nUnzip and extract the release distribution.\nncn-m001# tar -xvzf sat-x.y.z.tar.gz Change directory to the extracted release distribution directory.\nncn-m001# cd sat-x.y.z Run the installer: install.sh.\nThe script produces a lot of output. A successful install ends with \u0026ldquo;SAT version x.y.z has been installed\u0026rdquo;, where x.y.z is the SAT product version.\nncn-m001# ./install.sh ====\u0026gt; Installing System Admin Toolkit version x.y.z ... ====\u0026gt; Waiting 300 seconds for sat-config-import-x.y.z to complete ... ====\u0026gt; SAT version x.y.z has been installed. Optional: Stop the typescript.\nNOTE: This step can be skipped if you wish to use the same typescript for the remainder of the SAT install (see Next Steps).\nncn-m001# exit SAT version x.y.z is now installed/upgraded, meaning the SAT x.y.z release has been loaded into the system software repository.\nSAT configuration content for this release has been uploaded to VCS. SAT content for this release has been uploaded to the CSM product catalog. SAT content for this release has been uploaded to Nexus repositories. The sat command won\u0026rsquo;t be available until the NCN Personalization procedure has been executed. Next Steps If other HPE Cray EX software products are being installed or upgraded in conjunction with SAT, refer to the HPE Cray EX System Software Getting Started Guide (S-8000) to determine which step to execute next.\nIf no other HPE Cray EX software products are being installed or upgraded at this time, proceed to the sections listed below.\nNOTE: The procedures in Configure SAT are only required during the first installation of SAT. However, the NCN Personalization procedure is required both when installing and upgrading SAT.\nIf performing a fresh install, execute the Configure SAT procedures:\nSAT Authentication Generate SAT S3 Credentials Set System Revision Information Execute the NCN Personalization procedure:\nPerform NCN Personalization If performing an upgrade, execute the SAT Post-Upgrade procedures:\nRemove obsolete configuration file sections SAT Logging Set System Revision Information NOTE: The Set System Revision Information procedure is not required after upgrading from SAT 2.1 or later.\nConfigure SAT SAT Authentication Initially, as part of the installation and configuration, SAT authentication is set up so SAT commands can be used in later steps of the install process. The admin account used to authenticate with sat auth must be enabled in Keycloak and must have its assigned role set to admin. For instructions on editing Role Mappings see Create Internal User Accounts in the Keycloak Shasta Realm in the CSM product documentation. For additional information on SAT authentication, see System Security and Authentication in the CSM documentation.\nNOTE: This procedure is only required after initially installing SAT. It is not required after upgrading SAT.\nDescription of SAT Command Authentication Types Some SAT subcommands make requests to the Shasta services through the API gateway and thus require authentication to the API gateway in order to function. Other SAT subcommands use the Kubernetes API. Some sat commands require S3 to be configured (see: Generate SAT S3 Credentials). In order to use the SAT S3 bucket, the System Administrator must generate the S3 access key and secret keys and write them to a local file. This must be done on every Kubernetes manager node where SAT commands are run.\nBelow is a table describing SAT commands and the types of authentication they require.\nSAT Subcommand Authentication/Credentials Required Man Page Description sat auth Responsible for authenticating to the API gateway and storing a token. sat-auth Authenticate to the API gateway and save the token. sat bmccreds Requires authentication to the API gateway. sat-bmccreds Set BMC passwords. sat bootprep Requires authentication to the API gateway. Requires Kubernetes configuration and authentication, which is done on ncn-m001 during the install. sat-bootprep Prepare to boot nodes with images and configurations. sat bootsys Requires authentication to the API gateway. Requires Kubernetes configuration and authentication, which is configured on ncn-m001 during the install. Some stages require passwordless SSH to be configured to all other NCNs. Requires S3 to be configured for some stages. sat-bootsys Boot or shutdown the system, including compute nodes, application nodes, and non-compute nodes (NCNs) running the management software. sat diag Requires authentication to the API gateway. sat-diag Launch diagnostics on the HSN switches and generate a report. sat firmware Requires authentication to the API gateway. sat-firmware Report firmware version. sat hwhist Requires authentication to the API gateway. sat-hwhist Report hardware component history. sat hwinv Requires authentication to the API gateway. sat-hwinv Give a listing of the hardware of the HPE Cray EX system. sat hwmatch Requires authentication to the API gateway. sat-hwmatch Report hardware mismatches. sat init None sat-init Create a default SAT configuration file. sat k8s Requires Kubernetes configuration and authentication, which is automatically configured on ncn-m001 during the install. sat-k8s Report on Kubernetes replica sets that have co-located (on the same node) replicas. sat linkhealth This command has been deprecated. sat nid2xname Requires authentication to the API gateway. sat-nid2xname Translate node IDs to node XNames. sat sensors Requires authentication to the API gateway. sat-sensors Report current sensor data. sat setrev Requires S3 to be configured for site information such as system name, serial number, install date, and site name. sat-setrev Set HPE Cray EX system revision information. sat showrev Requires API gateway authentication in order to query the Interconnect from HSM. Requires S3 to be configured for site information such as system name, serial number, install date, and site name. sat-showrev Print revision information for the HPE Cray EX system. sat slscheck Requires authentication to the API gateway. sat-slscheck Perform a cross-check between SLS and HSM. sat status Requires authentication to the API gateway. sat-status Report node status across the HPE Cray EX system. sat swap Requires authentication to the API gateway. sat-swap Prepare HSN switch or cable for replacement and bring HSN switch or cable into service. sat xname2nid Requires authentication to the API gateway. sat-xname2nid Translate node and node BMC XNames to node IDs. sat switch This command has been deprecated. It has been replaced by sat swap. In order to authenticate to the API gateway, you must run the sat auth command. This command will prompt for a password on the command line. The username value is obtained from the following locations, in order of higher precedence to lower precedence:\nThe --username global command-line option. The username option in the api_gateway section of the config file at ~/.config/sat/sat.toml. The name of currently logged in user running the sat command. If credentials are entered correctly when prompted by sat auth, a token file will be obtained and saved to ~/.config/sat/tokens. Subsequent sat commands will determine the username the same way as sat auth described above, and will use the token for that username if it has been obtained and saved by sat auth.\nPrerequisites The sat CLI has been installed following Install The System Admin Toolkit Product Stream. Procedure The following is the procedure to globally configure the username used by SAT and authenticate to the API gateway:\nGenerate a default SAT configuration file, if one does not exist.\nncn-m001# sat init Configuration file \u0026#34;/root/.config/sat/sat.toml\u0026#34; generated. Note: If the config file already exists, it will print out an error:\nERROR: Configuration file \u0026#34;/root/.config/sat/sat.toml\u0026#34; already exists. Not generating configuration file. Edit ~/.config/sat/sat.toml and set the username option in the api_gateway section of the config file. For example:\nusername = \u0026#34;crayadmin\u0026#34; Run sat auth. Enter your password when prompted. For example:\nncn-m001# sat auth Password for crayadmin: Succeeded! Other sat commands are now authenticated to make requests to the API gateway. For example:\nncn-m001# sat status Generate SAT S3 Credentials Generate S3 credentials and write them to a local file so the SAT user can access S3 storage. In order to use the SAT S3 bucket, the System Administrator must generate the S3 access key and secret keys and write them to a local file. This must be done on every Kubernetes master node where SAT commands are run.\nSAT uses S3 storage for several purposes, most importantly to store the site-specific information set with sat setrev (see: Set System Revision Information).\nNOTE: This procedure is only required after initially installing SAT. It is not required after upgrading SAT.\nPrerequisites The SAT CLI has been installed following Install The System Admin Toolkit Product Stream The SAT configuration file has been created (See SAT Authentication). CSM has been installed and verified. Procedure Ensure the files are readable only by root.\nncn-m001# touch /root/.config/sat/s3_access_key \\ /root/.config/sat/s3_secret_key ncn-m001# chmod 600 /root/.config/sat/s3_access_key \\ /root/.config/sat/s3_secret_key Write the credentials to local files using kubectl.\nncn-m001# kubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.access_key}\u0026#39; | base64 -d \u0026gt; \\ /root/.config/sat/s3_access_key ncn-m001# kubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.secret_key}\u0026#39; | base64 -d \u0026gt; \\ /root/.config/sat/s3_secret_key Verify the S3 endpoint specified in the SAT configuration file is correct.\nGet the SAT configuration file\u0026rsquo;s endpoint value.\nNOTE: If the command\u0026rsquo;s output is commented out, indicated by an initial # character, the SAT configuration will take the default value – \u0026quot;https://rgw-vip.nmn\u0026quot;.\nncn-m001# grep endpoint ~/.config/sat/sat.toml # endpoint = \u0026#34;https://rgw-vip.nmn\u0026#34; Get the sat-s3-credentials secret\u0026rsquo;s endpoint value.\nncn-m001# kubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.s3_endpoint}\u0026#39; | base64 -d | xargs https://rgw-vip.nmn Compare the two endpoint values.\nIf the values differ, change the SAT configuration file\u0026rsquo;s endpoint value to match the secret\u0026rsquo;s.\nCopy SAT configurations to each manager node on the system.\nncn-m001# for i in ncn-m002 ncn-m003; do echo $i; ssh ${i} \\ mkdir -p /root/.config/sat; \\ scp -pr /root/.config/sat ${i}:/root/.config; done NOTE: Depending on how many manager nodes are on the system, the list of manager nodes may be different. This example assumes three manager nodes, where the configuration files must be copied from ncn-m001 to ncn-m002 and ncn-m003. Therefore, the list of hosts above is ncn-m002 and ncn-m003.\nSet System Revision Information HPE service representatives use system revision information data to identify systems in support cases.\nPrerequisites SAT authentication has been set up. See SAT Authentication. S3 credentials have been generated. See Generate SAT S3 Credentials. Notes on the Procedure This procedure is required after a fresh install of SAT. After an upgrade of SAT, this procedure is not required if SAT was upgraded from 2.1 (Shasta v1.5) or later. It is required if SAT was upgraded from 2.0 (Shasta v1.4) or earlier. Procedure Set System Revision Information.\nRun sat setrev and follow the prompts to set the following site-specific values:\nSerial number System name System type System description Product number Company name Site name Country code System install date TIP: For \u0026ldquo;System type\u0026rdquo;, a system with any liquid-cooled components should be considered a liquid-cooled system. In other words, \u0026ldquo;System type\u0026rdquo; is EX-1C.\nncn-m001# sat setrev -------------------------------------------------------------------------------- Setting: Serial number Purpose: System identification. This will affect how snapshots are identified in the HPE backend services. Description: This is the top-level serial number which uniquely identifies the system. It can be requested from an HPE representative. Valid values: Alpha-numeric string, 4 - 20 characters. Type: \u0026lt;class \u0026#39;str\u0026#39;\u0026gt; Default: None Current value: None -------------------------------------------------------------------------------- Please do one of the following to set the value of the above setting: - Input a new value - Press CTRL-C to exit ... Verify System Revision Information.\nRun sat showrev and verify the output shown in the \u0026ldquo;System Revision Information table.\u0026rdquo;\nThe following example shows sample table output.\nncn-m001# sat showrev ################################################################################ System Revision Information ################################################################################ +---------------------+---------------+ | component | data | +---------------------+---------------+ | Company name | HPE | | Country code | US | | Interconnect | Sling | | Product number | R4K98A | | Serial number | 12345 | | Site name | HPE | | Slurm version | slurm 20.02.5 | | System description | Test System | | System install date | 2021-01-29 | | System name | eniac | | System type | EX-1C | +---------------------+---------------+ ################################################################################ Product Revision Information ################################################################################ +--------------+-----------------+------------------------------+------------------------------+ | product_name | product_version | images | image_recipes | +--------------+-----------------+------------------------------+------------------------------+ | csm | 0.8.14 | cray-shasta-csm-sles15sp1... | cray-shasta-csm-sles15sp1... | | sat | 2.0.1 | - | - | | sdu | 1.0.8 | - | - | | slingshot | 0.8.0 | - | - | | sma | 1.4.12 | - | - | +--------------+-----------------+------------------------------+------------------------------+ ################################################################################ Local Host Operating System ################################################################################ +-----------+----------------------+ | component | version | +-----------+----------------------+ | Kernel | 5.3.18-24.15-default | | SLES | SLES 15-SP2 | +-----------+----------------------+ Perform NCN Personalization A new CFS configuration layer must be added to the CFS configuration used on management NCNs. It is required following SAT installation and configuration. This procedure describes how to add that layer.\nPrerequisites The Install the System Admin Toolkit Product Stream procedure has been successfully completed. If performing a fresh install, the Configure SAT procedures have been successfully completed. Notes on the Procedure Ellipses (...) in shell output indicate omitted lines. In the examples below, replace x.y.z with the version of the SAT product stream being installed. \u0026lsquo;manager\u0026rsquo; and \u0026lsquo;master\u0026rsquo; are used interchangeably in the steps below. If upgrading SAT, the existing configuration will likely include other Cray EX product entries. Update the SAT entry as described in this procedure. The HPE Cray EX System Software Getting Started Guide (S-8000) provides guidance on how and when to update the entries for the other products. Pre-NCN-Personalization Procedure Start a typescript if not already using one, and set the shell prompt.\nThe typescript will record the commands and the output from this installation. The prompt is set to include the date and time.\nncn-m001# script -af product-sat.$(date +%Y-%m-%d).txt ncn-m001# export PS1=\u0026#39;\\u@\\H \\D{%Y-%m-%d} \\t \\w # \u0026#39; Procedure to Update CFS Configuration The SAT release distribution includes a script, update-mgmt-ncn-cfs-config.sh, that updates a CFS configuration to include the SAT layer required to install and configure SAT on the management NCNs.\nThe script supports modifying a named CFS configuration in CFS, a CFS configuration defined in a JSON file, or the CFS configuration currently applied to particular components in CFS.\nThe script also includes options for specifying:\nhow the modified CFS configuration should be saved. the git commit hash or branch specified in the SAT layer. This procedure is split into three alternatives, which cover common use cases:\nUpdate Active CFS Configuration Update CFS Configuration in a JSON File Update Existing CFS Configuration by Name If none of these alternatives fit your use case, see Advanced Options for Updating CFS Configurations.\nUpdate Active CFS Configuration Use this alternative if there is already a CFS configuration assigned to the management NCNs and you would like to update it in place for the new version of SAT.\nRun the script with the following options:\nncn-m001# ./update-mgmt-ncn-cfs-config.sh --base-query role=Management,type=Node --save Examine the output to ensure the CFS configuration was updated.\nFor example, if there is a single CFS configuration that applies to NCNs, and if that configuration does not have a layer yet for any version of SAT, the output will look like this:\n====\u0026gt; Updating CFS configuration(s) INFO: Querying CFS configurations for the following NCNs: x3000c0s1b0n0, ..., x3000c0s9b0n0 INFO: Found configuration \u0026#34;ncn-personalization\u0026#34; for component x3000c0s1b0n0 ... INFO: Found configuration \u0026#34;ncn-personalization\u0026#34; for component x3000c0s9b0n0 ... INFO: No layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml found. INFO: Adding a layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml to the end. INFO: Successfully saved CFS configuration \u0026#34;ncn-personalization\u0026#34; INFO: Successfully saved 1 changed CFS configurations. ====\u0026gt; Completed CFS configuration(s) ====\u0026gt; Cleaning up install dependencies Alternatively, if the CFS configuration already contains a layer for SAT that just needs to be updated, the output will look like this:\n====\u0026gt; Updating CFS configuration(s) INFO: Querying CFS configurations for the following NCNs: x3000c0s1b0n0, ..., x3000c0s9b0n0 INFO: Found configuration \u0026#34;ncn-personalization\u0026#34; for component x3000c0s1b0n0 ... INFO: Found configuration \u0026#34;ncn-personalization\u0026#34; for component x3000c0s9b0n0 ... INFO: Updating existing layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml INFO: Property \u0026#34;commit\u0026#34; of layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml updated from 01ae28c92b9b4740e9e0e01ae01216c6c2d89a65 to bcbd6db0803cc4137c7558df9546b0faab303cbd INFO: Property \u0026#34;name\u0026#34; of layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml updated from sat-2.2.16 to sat-sat-ncn-bcbd6db-20220608T170152 INFO: Successfully saved CFS configuration \u0026#34;ncn-personalization\u0026#34; INFO: Successfully saved 1 changed CFS configurations. ====\u0026gt; Completed CFS configuration(s) ====\u0026gt; Cleaning up install dependencies Update CFS Configuration in a JSON File Use this alternative if you are constructing a new CFS configuration for management NCNs in a JSON file.\nRun the script with the following options, where JSON_FILE is an environment variable set to the path of the JSON file to modify:\nncn-m001# ./update-mgmt-ncn-cfs-config.sh --base-file $JSON_FILE --save Examine the output to ensure the JSON file was updated.\nFor example, if the configuration defined in the JSON file does not have a layer yet for any version of SAT, the output will look like this:\n====\u0026gt; Updating CFS configuration(s) INFO: No layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml found. INFO: Adding a layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml to the end. INFO: Successfully saved 1 changed CFS configurations. ====\u0026gt; Completed CFS configuration(s) ====\u0026gt; Cleaning up install dependencies Update Existing CFS Configuration by Name Use this alternative if you are updating a specific named CFS configuration. This may be the case if you are constructing a new CFS configuration during an install or upgrade of multiple products.\nRun the script with the following options, where CFS_CONFIG_NAME is an environment variable set to the name of the CFS configuration to update.\nncn-m001# ./update-mgmt-ncn-cfs-config.sh --base-config $CFS_CONFIG_NAME --save Examine the output to ensure the CFS configuration was updated.\nFor example, if the CFS configuration does not have a layer yet for any version of SAT, the output will look like this:\n====\u0026gt; Updating CFS configuration(s) INFO: No layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml found. INFO: Adding a layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml to the end. INFO: Successfully saved CFS configuration \u0026#34;CFS_CONFIG_NAME\u0026#34; INFO: Successfully saved 1 changed CFS configurations. ====\u0026gt; Completed CFS configuration(s) ====\u0026gt; Cleaning up install dependencies Advanced Options for Updating CFS Configurations If none of the alternatives described in the previous sections apply, view the full description of the options accepted by the update-mgmt-ncn-cfs-config.sh script by invoking it with the --help option.\nncn-m001# ./update-mgmt-ncn-cfs-config.sh --help Procedure to Apply CFS Configuration After the CFS configuration that applies to management NCNs has been updated as described in the Procedure to Update CFS Configuration, execute the following steps to ensure the modified CFS configuration is re-applied to the management NCNs.\nSet an environment variable that refers to the name of the CFS configuration to be applied to the management NCNs.\nncn-m001# export CFS_CONFIG_NAME=\u0026#34;ncn-personalization\u0026#34; Note: If the Update Active CFS Configuration section was followed above, the name of the updated CFS configuration will have been logged in the following format. If multiple CFS configurations were modified, any one of them can be used in this procedure.\nINFO: Successfully saved CFS configuration \u0026#34;ncn-personalization\u0026#34; Obtain the name of the CFS configuration layer for SAT and save it in an environment variable:\nncn-m001# export SAT_LAYER_NAME=$(cray cfs configurations describe $CFS_CONFIG_NAME --format json \\ | jq -r \u0026#39;.layers | map(select(.cloneUrl | contains(\u0026#34;sat-config-management.git\u0026#34;)))[0].name\u0026#39;) Create a CFS session that executes only the SAT layer of the given CFS configuration.\nThe --configuration-limit option limits the configuration session to run only the SAT layer of the configuration.\nncn-m001# cray cfs sessions create --name \u0026#34;sat-session-${CFS_CONFIG_NAME}\u0026#34; --configuration-name \\ \u0026#34;${CFS_CONFIG_NAME}\u0026#34; --configuration-limit \u0026#34;${SAT_LAYER_NAME}\u0026#34; Monitor the progress of the CFS session.\nSet an environment variable to name of the Ansible container within the pod for the CFS session:\nncn-m001# export ANSIBLE_CONTAINER=$(kubectl get pod -n services \\ --selector=cfsession=sat-session-${CFS_CONFIG_NAME} -o json \\ -o json | jq -r \u0026#39;.items[0].spec.containers | map(select(.name | contains(\u0026#34;ansible\u0026#34;))) | .[0].name\u0026#39;) Next, get the logs for the Ansible container.\nncn-m001# kubectl logs -c $ANSIBLE_CONTAINER --tail 100 -f -n services \\ --selector=cfsession=sat-session-${CFS_CONFIG_NAME} Ansible plays, which are run by the CFS session, will install SAT on all the master management NCNs on the system. A summary of results can be found at the end of the log output. The following example shows a successful session.\n... PLAY RECAP ********************************************************************* x3000c0s1b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 x3000c0s3b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 x3000c0s5b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 NOTE: Ensure that the PLAY RECAPs for each session show successes for all manager NCNs before proceeding.\nVerify that SAT was successfully configured.\nIf sat is configured, the --version command will indicate which version is installed. If sat is not properly configured, the command will fail.\nNOTE: This version number will differ from the version number of the SAT release distribution. This is the semantic version of the sat Python package, which is different from the version number of the overall SAT release distribution.\nncn-m001# sat --version sat 3.7.0 NOTE: Upon first running sat, you may see additional output while the sat container image is downloaded. This will occur the first time sat is run on each manager NCN. For example, if you run sat for the first time on ncn-m001 and then for the first time on ncn-m002, you will see this additional output both times.\nTrying to pull registry.local/cray/cray-sat:3.7.0-20210514024359_9fed037... Getting image source signatures Copying blob da64e8df3afc done Copying blob 0f36fd81d583 done Copying blob 12527cf455ba done ... sat 3.7.0 Stop the typescript.\nncn-m001# exit SAT version x.y.z is now installed and configured:\nThe SAT RPM package is installed on the associated NCNs. Note on Procedure to Apply CFS Configuration The previous procedure is not always necessary because the CFS Batcher service automatically detects configuration changes and will automatically create new sessions to apply configuration changes according to certain rules. For more information on these rules, refer to Configuration Management with the CFS Batcher in the Cray System Management Documentation.\nThe main scenario in which the CFS batcher will not automatically re-apply the SAT layer is when the commit hash of the sat-config-management git repository has not changed between SAT versions. The previous procedure ensures the configuration is re-applied in all cases, and it is harmless if the batcher has already applied an updated configuration.\nNext Steps At this point, the release distribution files can be removed from the system as described in Post-Installation Cleanup Procedure.\nIf other HPE Cray EX software products are being installed or upgraded in conjunction with SAT, refer to the HPE Cray EX System Software Getting Started Guide (S-8000) to determine which step to execute next.\nIf no other HPE Cray EX software products are being installed at this time, the installation process is complete. If no other HPE Cray EX software products are being upgraded at this time, proceed to the remaining SAT Post-Upgrade procedures:\nRemove obsolete configuration file sections SAT Logging Set System Revision Information NOTE: The Set System Revision Information procedure is not required after upgrading from SAT 2.1 or later.\nPost-Installation Cleanup Procedure Optional: Remove the SAT release distribution tar file and extracted directory.\nncn-m001# rm sat-x.y.z.tar.gz ncn-m001# rm -rf sat-x.y.z/ SAT Post-Upgrade Remove Obsolete Configuration File Sections Prerequisites The Install the System Admin Toolkit Product Stream procedure has been successfully completed. The Perform NCN Personalization procedure has been successfully completed. Procedure After upgrading SAT, if using the configuration file from a previous version, there may be configuration file sections no longer used in the new version. For example, when upgrading from Shasta 1.4 to Shasta 1.5, the [redfish] configuration file section is no longer used. In that case, the following warning may appear upon running sat commands.\nWARNING: Ignoring unknown section \u0026#39;redfish\u0026#39; in config file. Remove the [redfish] section from /root/.config/sat/sat.toml to resolve the warning.\n[redfish] username = \u0026#34;admin\u0026#34; password = \u0026#34;adminpass\u0026#34; Repeat this process for any configuration file sections for which there are \u0026ldquo;unknown section\u0026rdquo; warnings.\nSAT Logging As of SAT version 2.2, some command output that was previously printed to stdout is now logged to stderr. These messages are logged at the INFO level. The default logging threshold was changed from WARNING to INFO to accommodate this logging change. Additionally, some messages previously logged at the INFO are now logged at the DEBUG level.\nThese changes take effect automatically. However, if the default output threshold has been manually set in ~/.config/sat/sat.toml, it should be changed to ensure that important output is shown in the terminal.\nUpdate Configuration In the following example, the stderr log level, logging.stderr_level, is set to WARNING, which will exclude INFO-level logging from terminal output.\nncn-m001:~ # grep -A 3 logging ~/.config/sat/sat.toml [logging] ... stderr_level = \u0026#34;WARNING\u0026#34; To enable the new default behavior, comment this line out, delete it, or set the value to \u0026ldquo;INFO\u0026rdquo;.\nIf logging.stderr_level is commented out, its value will not affect logging behavior. However, it may be helpful set its value to INFO as a reminder of the new default behavior.\nAffected Commands The following commands trigger messages that have been changed from stdout print calls to INFO-level (or WARNING- or ERROR-level) log messages:\nsat bootsys --stage shutdown --stage session-checks sat sensors The following commands trigger messages that have been changed from INFO-level log messages to DEBUG-level log messages:\nsat nid2xname sat xname2nid sat swap SAT Uninstall and Downgrade Uninstall: Removing a Version of SAT This procedure can be used to uninstall a version of SAT.\nPrerequisites Only versions 2.2 or newer of SAT can be uninstalled with prodmgr. CSM version 1.2 or newer must be installed, so that the prodmgr command is available. Procedure Use sat showrev to list versions of SAT.\nNOTE: It is not recommended to uninstall a version designated as \u0026ldquo;active\u0026rdquo;. If the active version is uninstalled, then the activate procedure must be executed on a remaining version.\nncn-m001# sat showrev --products --filter product_name=sat ############################################################################### Product Revision Information ############################################################################### +--------------+-----------------+--------+-------------------+-----------------------+ | product_name | product_version | active | images | image_recipes | +--------------+-----------------+--------+-------------------+-----------------------+ | sat | 2.3.3 | True | - | - | | sat | 2.2.10 | False | - | - | +--------------+-----------------+--------+-------------------+-----------------------+ Use prodmgr to uninstall a version of SAT.\nThis command will do three things:\nRemove all hosted-type package repositories associated with the given version of SAT. Group-type repositories are not removed. Remove all container images associated with the given version of SAT. Remove SAT from the cray-product-catalog Kubernetes ConfigMap, so that it will no longer show up in the output of sat showrev. ncn-m001# prodmgr uninstall sat 2.2.10 Repository sat-2.2.10-sle-15sp2 has been removed. Removed Docker image cray/cray-sat:3.9.0 Removed Docker image cray/sat-cfs-install:1.0.2 Removed Docker image cray/sat-install-utility:1.4.0 Deleted sat-2.2.10 from product catalog. Activate: Switching Between Versions This procedure can be used to downgrade the active version of SAT.\nPrerequisites Only versions 2.2 or newer of SAT can be activated. Older versions must be activated manually. CSM version 1.2 or newer must be installed, so that the prodmgr command is available. Procedure Use sat showrev to list versions of SAT.\nncn-m001# sat showrev --products --filter product_name=sat ############################################################################### Product Revision Information ############################################################################### +--------------+-----------------+--------+--------------------+-----------------------+ | product_name | product_version | active | images | image_recipes | +--------------+-----------------+--------+--------------------+-----------------------+ | sat | 2.3.3 | True | - | - | | sat | 2.2.10 | False | - | - | +--------------+-----------------+--------+--------------------+-----------------------+ Use prodmgr to activate a different version of SAT.\nThis command will do three things:\nFor all hosted-type package repositories associated with this version of SAT, set them as the sole member of their corresponding group-type repository. For example, activating SAT version 2.2.10 sets the repository sat-2.2.10-sle-15sp2 as the only member of the sat-sle-15sp2 group. Set the version 2.2.10 as active within the product catalog, so that it appears active in the output of sat showrev. Ensure that the SAT CFS configuration content exists as a layer in all CFS configurations that are associated with NCNs with the role \u0026ldquo;Management\u0026rdquo; and subrole \u0026ldquo;Master\u0026rdquo; (for example, the CFS configuration ncn-personalization). Specifically, it will ensure that the layer refers to the version of SAT CFS configuration content associated with the version of SAT being activated. ncn-m001# prodmgr activate sat 2.2.10 Repository sat-2.2.10-sle-15sp2 is now the default in sat-sle-15sp2. Set sat-2.2.10 as active in product catalog. Updated CFS configurations: [ncn-personalization] Verify that the chosen version is marked as active.\nncn-m001# sat showrev --products --filter product_name=sat ############################################################################### Product Revision Information ############################################################################### +--------------+-----------------+--------+--------------------+-----------------------+ | product_name | product_version | active | images | image_recipes | +--------------+-----------------+--------+--------------------+-----------------------+ | sat | 2.3.3 | False | - | - | | sat | 2.2.10 | True | - | - | +--------------+-----------------+--------+--------------------+-----------------------+ Apply the modified CFS configuration to the management NCNs.\nAt this point, Nexus package repositories have been modified to set a particular package repository as active, but the SAT package may not have been updated on management NCNs.\nTo ensure that management NCNs have been updated to use the active SAT version, follow the Procedure to Apply CFS Configuration. Refer to the output from the prodmgr activate command to find the name of the modified CFS configuration. If more than one CFS configuration was modified, use the first one.\nOptional: Installing and Configuring SAT on an External System SAT can optionally be installed and configured on an external system to interact with CSM over the CAN.\nLimitations Most SAT subcommands work by accessing APIs which are reachable via the CAN. However, certain SAT commands depend on host-based functionality on the management NCNs and will not work from an external system. This includes the following:\nThe platform-services and ncn-power stages of sat bootsys The local host information displayed by the --local option of sat showrev Installing SAT on an external system is not an officially supported configuration. These instructions are provided \u0026ldquo;as-is\u0026rdquo; with the hope that they can useful for users who desire additional flexibility.\nCertain additional steps may need to be taken to install and configure SAT depending on the configuration of the external system in use. These additional steps may include provisioning virtual machines, installing packages, or configuring TLS certificates, and these steps are outside the scope of this documentation. This section covers only the steps needed to configure SAT to use externally-accessible API endpoints exposed by CSM.\nPrerequisites The external system must be on the Customer Access Network (CAN). Python 3.7 or newer is installed on the system. kubectl, openssh, git, and curl are installed on the external system. The root CA certificates used when installing CSM have been added to the external system\u0026rsquo;s trust store such that authenticated TLS connections can be made to the CSM REST API gateway. For more information, refer to Certificate Authority in the Cray System Management Documentation. Procedure Create a Python virtual environment.\n$ SAT_VENV_PATH=\u0026#34;$(pwd)/venv\u0026#34; $ python3 -m venv ${SAT_VENV_PATH} $ . ${SAT_VENV_PATH}/bin/activate Clone the SAT source code.\nNote: To use SAT version 3.19, this example clones the release/3.19 branch of Cray-HPE/sat. However, for better clarity, these instructions include steps that apply only to versions newer than 3.19. Specifically, the instructions include references to the csm-api-client package, which was not a dependency of SAT in version 3.19.\n(venv) $ git clone --branch=release/3.19 https://github.com/Cray-HPE/sat.git Set up the SAT CSM Python dependencies to be installed from their source code.\nSAT CSM Python dependency packages are not currently distributed publicly as source packages or binary distributions. They must be installed from their source code hosted on GitHub. Also, to install the cray-product-catalog Python package, you must first clone it locally. Use the following steps to modify the SAT CSM Python dependencies so they can be installed from their source code.\nClone the source code for cray-product-catalog.\n(venv) $ git clone --branch v1.6.0 https://github.com/Cray-HPE/cray-product-catalog In the cray-product-catalog directory, create a file named .version that contains the version of cray-product-catalog.\n(venv) $ echo 1.6.0 \u0026gt; cray-product-catalog/.version Open the \u0026ldquo;locked\u0026rdquo; requirements file in a text editor.\n(venv) $ vim sat/requirements.lock.txt Update the line containing cray-product-catalog so that it reflects the local path to cray-product-catalog.\nIt should read as follows:\n./cray-product-catalog For versions of SAT newer than 3.19, change the line containing csm-api-client to read as follows:\ncsm-api-client@git+https://github.com/Cray-HPE/python-csm-api-client@release/1.1 (Optional) Confirm that requirements.lock.txt is modified as expected.\nNote: For versions newer than 3.19, you will see both cray-product-catalog and csm-api-client. For version 3.19 and older, you will only see cray-product-catalog.\n(venv) $ grep -E \u0026#39;cray-product-catalog|csm-api-client\u0026#39; sat/requirements.lock.txt ./cray-product-catalog csm-api-client@git+https://github.com/Cray-HPE/python-csm-api-client@release/1.1 Install the modified SAT dependencies.\n(venv) $ pip install -r sat/requirements.lock.txt ... Install the SAT Python package.\n(venv) $ pip install ./sat ... Optional: Add the sat virtual environment to the user\u0026rsquo;s PATH environment variable.\nIf a shell other than bash is in use, replace ~/.bash_profile with the appropriate profile path.\nIf the virtual environment is not added to the user\u0026rsquo;s PATH environment variable, then source ${SAT_VENV_PATH}/bin/activate will need to be run before running any SAT commands.\n(venv) $ deactivate $ echo export PATH=\\\u0026#34;${SAT_VENV_PATH}/bin:${PATH}\\\u0026#34; \u0026gt;\u0026gt; ~/.bash_profile $ source ~/.bash_profile Copy the file /etc/kubernetes/admin.conf from ncn-m001 to ~/.kube/config on the external system.\nNote that this file contains credentials to authenticate against the Kubernetes API as the administrative user, so it should be treated as sensitive.\n$ mkdir -p ~/.kube $ scp ncn-m001:/etc/kubernetes/admin.conf ~/.kube/config admin.conf 100% 5566 3.0MB/s 00:00 Add a new entry for the hostname kubernetes to the external system\u0026rsquo;s /etc/hosts file.\nThe kubernetes hostname should correspond to the CAN IP address on ncn-m001. On CSM 1.2, this can be determined by querying the IP address of the bond0.cmn0 interface.\n$ ssh ncn-m001 ip addr show bond0.cmn0 13: bond0.cmn0@bond0: \u0026lt;BROADCAST,MULTICAST,UP,LOWER_UP\u0026gt; mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether b8:59:9f:1d:d9:0e brd ff:ff:ff:ff:ff:ff inet 10.102.1.11/24 brd 10.102.1.255 scope global vlan007 valid_lft forever preferred_lft forever inet6 fe80::ba59:9fff:fe1d:d90e/64 scope link valid_lft forever preferred_lft forever $ IP_ADDRESS=10.102.1.11 On CSM versions prior to 1.2, the CAN IP can be determined by querying the IP address of the vlan007 interface.\n$ ssh ncn-m001 ip addr show vlan007 13: vlan007@bond0: \u0026lt;BROADCAST,MULTICAST,UP,LOWER_UP\u0026gt; mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether b8:59:9f:1d:d9:0e brd ff:ff:ff:ff:ff:ff inet 10.102.1.10/24 brd 10.102.1.255 scope global vlan007 valid_lft forever preferred_lft forever inet6 fe80::ba59:9fff:fe1d:d90e/64 scope link valid_lft forever preferred_lft forever $ IP_ADDRESS=10.102.1.10 Once the IP address is determined, add an entry to /etc/hosts mapping the IP address to the hostname kubernetes.\n$ echo \u0026#34;${IP_ADDRESS} kubernetes\u0026#34; | sudo tee -a /etc/hosts 10.102.1.11 kubernetes Modify ~/.kube/config to set the cluster server address.\nThe value of the server key for the kubernetes cluster under the clusters section should be set to https://kubernetes:6443.\n--- clusters: - cluster: certificate-authority-data: REDACTED server: https://kubernetes:6443 name: kubernetes ... Confirm that kubectl can access the CSM Kubernetes cluster.\n$ kubectl get nodes NAME STATUS ROLES AGE VERSION ncn-m001 Ready master 135d v1.19.9 ncn-m002 Ready master 136d v1.19.9 ncn-m003 Ready master 136d v1.19.9 ncn-w001 Ready \u0026lt;none\u0026gt; 136d v1.19.9 ncn-w002 Ready \u0026lt;none\u0026gt; 136d v1.19.9 ncn-w003 Ready \u0026lt;none\u0026gt; 136d v1.19.9 Use sat init to create a configuration file for SAT.\n$ sat init INFO: Configuration file \u0026#34;/home/user/.config/sat/sat.toml\u0026#34; generated. Copy the platform CA certificates from the management NCN and configure the certificates for use with SAT.\nIf a shell other than bash is in use, replace ~/.bash_profile with the appropriate profile path.\n$ scp ncn-m001:/etc/pki/trust/anchors/platform-ca-certs.crt . $ echo export REQUESTS_CA_BUNDLE=\\\u0026#34;$(realpath platform-ca-certs.crt)\\\u0026#34; \u0026gt;\u0026gt; ~/.bash_profile $ source ~/.bash_profile Edit the SAT configuration file to set the API and S3 hostnames.\nExternally available API endpoints are given domain names in PowerDNS, so the endpoints in the configuration file should each be set to subdomain.system-name.site-domain, where system-name and site-domain are replaced with the values specified during csi config init, and subdomain is the DNS name for the externally available service. For more information, refer to Externally Exposed Services in the Cray System Management Documentation.\nThe API gateway has the subdomain api, and S3 has the subdomain s3. The S3 endpoint runs on port 8080. The following options should be set in the SAT configuration file:\n[api_gateway] host = \u0026#34;api.system-name.site-domain\u0026#34; [s3] endpoint = \u0026#34;http://s3.system-name.site-domain:8080\u0026#34; Edit the SAT configuration file to specify the Keycloak user which will be accessing the REST API.\n[api_gateway] username = \u0026#34;user\u0026#34; Authenticate against the API gateway with sat auth.\nFor more information, see SAT Authentication.\nGenerate S3 credentials.\nFor more information, see Generate SAT S3 Credentials.\n" +}, +{ + "uri": "/docs-sat/en-24/usage/", + "title": "SAT Usage", + "tags": [], + "description": "", + "content": "SAT Usage SAT Bootprep Change the BOS Version " +}, +{ + "uri": "/docs-sat/en-24/usage/change_bos_version/", + "title": "Change the BOS Version", + "tags": [], + "description": "", + "content": "Change the BOS Version By default, SAT uses Boot Orchestration Service (BOS) version one. You can select the BOS version to use for individual commands with the --bos-version option. For more information on this option, refer to the man page for a specific command.\nYou can also configure the BOS version to use in the SAT config file. Do this under the api_version setting in the bos section of the config file. If the system is using an existing SAT config file from an older version of SAT, the bos section might not exist. In that case, add the bos section with the BOS version desired in the api_version setting.\nFind the SAT config file at ~/.config/sat/sat.toml, and look for a section like this:\n[bos] api_version = \u0026#34;v1\u0026#34; In this example, SAT is using BOS version \u0026quot;v1\u0026quot;.\nChange the line specifying the api_version to the BOS version desired (for example, \u0026quot;v2\u0026quot;).\n[bos] api_version = \u0026#34;v2\u0026#34; If applicable, uncomment the api_version line.\nIf the system is using an existing SAT config file from a recent version of SAT, the api_version line might be commented out like this:\n[bos] # api_version = \u0026#34;v2\u0026#34; If the line is commented out, SAT will still use the default BOS version. To ensure a different BOS version is used, uncomment the api_version line by removing # at the beginning of the line.\n" +}, +{ + "uri": "/docs-sat/en-24/introduction/", + "title": "Introduction to SAT", + "tags": [], + "description": "", + "content": "Introduction to SAT About System Admin Toolkit (SAT) The System Admin Toolkit (SAT) is designed to assist administrators with common tasks, such as troubleshooting and querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components.\nSAT offers a command line utility which uses subcommands. There are similarities between SAT commands and xt commands used on the Cray XC platform. For more information on SAT commands, see System Admin Toolkit Command Overview.\nSix Kibana Dashboards are included with SAT. They provide organized output for system health information.\nAER Kibana Dashboard ATOM Kibana Dashboard Heartbeat Kibana Dashboard Kernel Kibana Dashboard MCE Kibana Dashboard RAS Daemon Kibana Dashboard Four Grafana Dashboards are included with SAT. They display messages that are generated by the HSN (High Speed Network) and are reported through Redfish.\nGrafana Fabric Congestion Dashboard Grafana Fabric Errors Dashboard Grafana Fabric Port State Dashboard Grafana Fabric RFC3635 Dashboard In CSM 1.3 and newer, the sat command is automatically available on all the Kubernetes NCNs. For more information, see SAT in CSM. Older versions of CSM do not have the sat command automatically available, and SAT must be installed as a separate product.\nSystem Admin Toolkit Command Overview Describes the SAT Command Line Utility, lists the key commands found in the System Admin Toolkit man pages, and provides instruction on the SAT Container Environment.\nSAT Command Line Utility The primary component of the System Admin Toolkit (SAT) is a command-line utility run from Kubernetes manager nodes (ncn-m nodes).\nIt is designed to assist administrators with common tasks, such as troubleshooting and querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components. There are similarities between SAT commands and xt commands used on the Cray XC platform.\nSAT Commands The top-level SAT man page describes the toolkit, documents the global options affecting all subcommands, documents configuration file options, and references the man page for each subcommand. SAT consists of many subcommands that each have their own set of options.\nSAT Container Environment The sat command-line utility runs in a container using Podman, a daemonless container runtime. SAT runs on Kubernetes manager nodes. A few important points about the SAT container environment include the following:\nUsing either sat or sat bash always launches a container. The SAT container does not have access to the NCN file system. There are two ways to run sat.\nInteractive: Launching a container using sat bash, followed by a sat command. Non-interactive: Running a sat command directly on a Kubernetes manager node. In both of these cases, a container is launched in the background to execute the command. The first option, running sat bash first, gives an interactive shell, at which point sat commands can be run. In the second option, the container is launched, executes the command, and upon the command\u0026rsquo;s completion the container exits. The following two examples show the same action, checking the system status, using interactive and non-interactive modes.\nInteractive ncn-m001# sat bash (CONTAINER-ID)sat-container# sat status Non-interactive ncn-m001# sat status Interactive Advantages Running sat using the interactive command prompt gives the ability to read and write local files on ephemeral container storage. If multiple sat commands are being run in succession, then use sat bash to launch the container beforehand. This will save time because the container does not need to be launched for each sat command.\nNon-interactive Advantages The non-interactive mode is useful if calling sat with a script, or when running a single sat command as a part of several steps that need to be executed from a management NCN.\nMan Pages - Interactive and Non-interactive Modes To view a sat man page from a Kubernetes manager node, use sat-man on the manager node as shown in the following example.\nncn-m001# sat-man status A man page describing the SAT container environment is available on the Kubernetes manager nodes, which can be viewed either with man sat or man sat-podman from the manager node.\nncn-m001# man sat ncn-m001# man sat-podman Command Prompt Conventions in SAT The host name in a command prompt indicates where the command must be run. The account that must run the command is also indicated in the prompt.\nThe root or super-user account always has the # character at the end of the prompt and has the host name of the host in the prompt. Any non-root account is indicated with account@hostname\u0026gt;. A user account that is neither root nor crayadm is referred to as user. The command prompt inside the SAT container environment is indicated with the string as follows. It also has the \u0026ldquo;#\u0026rdquo; character at the end of the prompt. Command Prompt Meaning ncn-m001# Run on one of the Kubernetes Manager servers. (Non-interactive) (CONTAINER_ID) sat-container# Run the command inside the SAT container environment by first running sat bash. (Interactive) Examples of the sat status command used by an administrator:\nncn-m001# sat status ncn-m001# sat bash (CONTAINER_ID) sat-container# sat status SAT in CSM In CSM 1.3 and newer, the sat command is automatically available on all the Kubernetes NCNs, but it is still possible to install SAT as a separate product stream. Any version of SAT installed as a separate product stream overrides the sat command available in CSM. Installing the SAT product stream allows additional supporting components to be added:\nAn entry for SAT in the cray-product-catalog Kubernetes ConfigMap is only created by installing the SAT product stream. Otherwise, there will be no entry for this version of SAT in the output of sat showrev.\nThe sat-install-utility container image is only available with the full SAT product stream. This container image provides uninstall and activate functionality when used with the prodmgr command. (In SAT 2.3 and older, SAT was only available to install as a separate product stream. Because these versions were packaged with sat-install-utility, it is still possible to uninstall these versions of SAT.)\nThe docs-sat RPM package is only available with the full SAT product stream.\nThe sat-config-management git repository in Gitea (VCS) and thus the SAT layer of NCN CFS configuration is only available with the full SAT product stream.\nIf the SAT product stream is not installed, there will be no configuration content for SAT in VCS. Therefore, CFS configurations that apply to NCNs (for example, ncn-personalization) should not include a SAT layer.\nThe SAT configuration layer modifies the permissions of files left over from prior installations of SAT, so that the Keycloak username that authenticates to the API gateway cannot be read by users other than root. Specifically, it it does the following:\nModifies the sat.toml configuration file which contains the username so that it is only readable by root.\nModifies the /root/.config/sat/tokens directory so that the directory is only readable by root. This is needed because the names of the files within the tokens directory contain the username.\nRegardless of the SAT configuration being applied, passwords and the contents of the tokens are never readable by other users. These permission changes only apply to files created by previous installations of SAT. In the current version of SAT all files and directories are created with the appropriate permissions.\nSAT Dependencies Most sat subcommands depend on services or components from other products in the HPE Cray EX (Shasta) software stack. The following list shows these dependencies for each subcommand. Each service or component is listed under the product it belongs to.\nsat auth CSM Keycloak sat bmccreds CSM System Configuration Service (SCSD) sat bootprep CSM Boot Orchestration Service (BOS) Configuration Framework Service (CFS) Image Management Service (IMS) Version Control Service (VCS) Kubernetes S3 sat bootsys CSM Boot Orchestration Service (BOS) Cray Advanced Platform Monitoring and Control (CAPMC) Ceph Compute Rolling Upgrade Service (CRUS) Etcd Firmware Action Service (FAS) Hardware State Manager (HSM) Kubernetes S3 COS Node Memory Dump (NMD) sat diag CSM Hardware State Manager (HSM) CSM-Diags Fox sat firmware CSM Firmware Action Service (FAS) sat hwhist CSM Hardware State Manager (HSM) sat hwinv CSM Hardware State Manager (HSM) sat hwmatch CSM Hardware State Manager (HSM) sat init None\nsat k8s CSM Kubernetes sat nid2xname CSM Hardware State Manager (HSM) sat sensors CSM Hardware State Manager (HSM) HM Collector SMA Telemetry API sat setrev CSM S3 sat showrev CSM Hardware State Manager (HSM) Kubernetes S3 sat slscheck CSM Hardware State Manager (HSM) Kubernetes S3 sat status CSM Hardware State Manager (HSM) sat swap Slingshot Fabric Manager sat switch Deprecated: See sat swap\nsat xname2nid CSM Hardware State Manager (HSM) " +}, +{ + "uri": "/docs-sat/en-24/dashboards/sat_grafana_dashboards/", + "title": "SAT Grafana Dashboards", + "tags": [], + "description": "", + "content": "SAT Grafana Dashboards The SAT Grafana Dashboards display messages that are generated by the HSN (High Speed Network) and reported through Redfish. The messages are displayed based on severity.\nGrafana can be accessed via web browser at the following URL:\nhttps://sma-grafana.cmn.\u0026lt;site-domain\u0026gt; The value of site-domain can be obtained as follows:\nncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath=\u0026#39;{.data.customizations\\.yaml}\u0026#39; | \\ base64 -d | grep \u0026#34;external:\u0026#34; That command will produce the following output, for example:\nexternal: EXAMPLE_DOMAIN.com This would result in the address for Grafana being https://sma-grafana.cmn.EXAMPLE_DOMAIN.com\nFor more information on accessing the Grafana Dashboards, refer to Access the Grafana Monitoring UI in the SMA product documentation.\nFor more information on the interpretation of metrics for the SAT Grafana Dashboards, refer to \u0026ldquo;Fabric Telemetry Kafka Topics\u0026rdquo; in the SMA product documentation.\nNavigate SAT Grafana Dashboards There are four Fabric Telemetry dashboards used in SAT that report on the HSN. Two contain chart panels and two display telemetry in a tabular format.\nDashboard Name Display Type Fabric Congestion Chart Panels Fabric RFC3635 Chart Panels Fabric Errors Tabular Format Fabric Port State Tabular Format The tabular format presents a single point of telemetry for a given location and metric, either because the telemetry is not numerical or that it changes infrequently. The value shown is the most recently reported value for that location during the time range selected, if any. The interval setting is not used for tabular dashboards.\nSAT Grafana Interval and Locations Options Shows the Interval and Locations Options for the available telemetry.\nThe value of the Interval option sets the time resolution of the received telemetry. This works a bit like a histogram, with the available telemetry in an interval of time going into a \u0026ldquo;bucket\u0026rdquo; and averaging out to a single point on the chart or table. The special value auto will choose an interval based on the time range selected.\nFor more information, refer to Grafana Templates and Variables.\nThe Locations option allows restriction of the telemetry shown by locations, either individual links or all links in a switch. The selection presented updates dynamically according to time range, except for the errors dashboard, which always has entries for all links and switches, although the errors shown are restricted to the selected time range.\nThe chart panels for the RFC3635 and Congestion dashboards allow selection of a single location from the chart\u0026rsquo;s legend or the trace on the chart.\nGrafana Fabric Congestion Dashboard SAT Grafana Dashboards provide system administrators a way to view fabric telemetry data across all Rosetta switches in the system and assess the past and present health of the high-speed network. It also allows the ability to drill down to view data for specific ports on specific switches.\nThis dashboard contains the variable, Port Type not found in the other dashboards. The possible values are edge, local, and global and correspond to the link\u0026rsquo;s relationship to the network topology. The locations presented in the panels are restricted to the values (any combination, defaults to \u0026ldquo;all\u0026rdquo;) selected.\nThe metric values for links of a given port type are similar in value to each other but very distinct from the values of other types. If the values for different port types are all plotted together, the values for links with lower values are indistinguishable from zero when plotted.\nThe port type of a link is reported as a port state \u0026ldquo;subtype\u0026rdquo; event when defined at port initialization.\nGrafana Fabric Errors Dashboard This dashboard reports error counters in a tabular format in three panels.\nThere is no Interval option because this parameter is not used to set a coarseness of the data. Only a single value is presented that displays the most recent value in the time range.\nUnlike other dashboards, the locations presented are all locations in the system rather than having telemetry within the time range selected. However, the values are taken from telemetry within the time range.\nGrafana Fabric Port State Dashboard There is no Interval option because this parameter is not used to set a coarseness of the data. Only a single value is presented that displays the most recent value in the time range.\nThe Fabric Port State telemetry is distinct because it typically is not numeric. It also updates infrequently, so a long time range may be necessary to obtain any values. Port State is refreshed daily, so a time range of 24 hours results in all states for all links in the system being shown.\nThe three columns named, group, switch, and port are not port state events, but extra information included with all port state events.\nGrafana Fabric RFC3635 Dashboard For more information on performance counters, refer to Definitions of Managed Objects for the Ethernet-like Interface Types, an Internet standards document.\nBecause these metrics are counters that only increase over time, the values plotted are the change in the counter\u0026rsquo;s value over the interval setting.\n" +}, +{ + "uri": "/docs-sat/en-24/cne_install/", + "title": "SAT Upgrade with CNE Installer", + "tags": [], + "description": "", + "content": "SAT Upgrade with CNE Installer Upgrade the System Admin Toolkit Product Stream Describes how to upgrade the System Admin Toolkit (SAT) product stream by using the Compute Node Environment (CNE) installer (cne-install). The CNE installer can be used only for upgrades and not for fresh installations. For installation instructions, see Install the System Admin Toolkit Product Stream.\nUpgrading SAT with cne-install is recommended because the process is both automated and logged to help you save time. The CNE installer can be used to upgrade SAT alone or with other supported products. For more information on cne-install and its options, refer to the HPE Cray EX System Software Getting Started Guide (S-8000).\nPrerequisites CSM is installed and verified. There must be at least 2 gigabytes of free space on the manager NCN on which the procedure is run. Notes on the Procedures Ellipses (...) in shell output indicate omitted lines. In the examples below, replace x.y.z with the version of the SAT product stream being upgraded. \u0026lsquo;manager\u0026rsquo; and \u0026lsquo;master\u0026rsquo; are used interchangeably in the steps below. Pre-Upgrade Procedure Start a typescript and set the shell prompt.\nThe typescript will record the commands and the output from this upgrade. The prompt is set to include the date and time.\nncn-m001# script -af product-sat.$(date +%Y-%m-%d).txt ncn-m001# export PS1=\u0026#39;\\u@\\H \\D{%Y-%m-%d} \\t \\w # \u0026#39; Upgrade Procedure Copy the release distribution gzipped tar file to ncn-m001.\nThe cne-install command installs all files in the media directory by default. If you are upgrading SAT alone, ensure only the SAT tarball is in the media directory.\nRun the CNE installer.\nIf you are upgrading SAT along with other supported products, run the following command.\nncn-m001# cne-install -m MEDIA_DIR install -B WORKING_BRANCH -bpc BOOTPREP_CONFIG_CN \\ -bpn BOOTPREP_CONFIG_NCN The cne-install command will use the provided BOOTPREP_CONFIG_CN and BOOTPREP_CONFIG_NCN files for the run.\nIf you are upgrading SAT alone, run the following commands.\nncn-m001# cne-install -m MEDIA_DIR install -B \u0026#39;{{product_type}}-{{version_x_y_z}}\u0026#39; \\ -bpn BOOTPREP_CONFIG_NCN -e update_working_branches ncn-m001# cne-install -m MEDIA_DIR install -B \u0026#39;{{product_type}}-{{version_x_y_z}}\u0026#39; \\ -bpn BOOTPREP_CONFIG_NCN -b sat_bootprep_ncn -e ncn_personalization Optional: Stop the typescript.\nNOTE: This step can be skipped if you wish to use the same typescript for the remainder of the SAT upgrade (see Next Steps).\nncn-m001# exit SAT version x.y.z is now upgraded, meaning the SAT x.y.z release has been loaded into the system software repository.\nSAT configuration content for this release has been uploaded to VCS. SAT content for this release has been uploaded to the CSM product catalog. SAT content for this release has been uploaded to Nexus repositories. The sat command is available. Next Steps At this point, the release distribution files can be removed from the system as described in Post-Upgrade Cleanup Procedure.\nIf other HPE Cray EX software products are being upgraded in conjunction with SAT, refer to the HPE Cray EX System Software Getting Started Guide (S-8000) to determine which step to execute next.\nIf no other HPE Cray EX software products are being upgraded at this time, execute the SAT Post-Upgrade procedures:\nRemove obsolete configuration file sections SAT Logging Post-Upgrade Cleanup Procedure Optional: Remove the SAT release distribution tar file and extracted directory.\nncn-m001# rm sat-x.y.z.tar.gz ncn-m001# rm -rf sat-x.y.z/ Remove Obsolete Configuration File Sections Prerequisites The Upgrade the System Admin Toolkit Product Stream procedure has been successfully completed. Procedure After upgrading SAT, if using the configuration file from a previous version, there may be configuration file sections no longer used in the new version. For example, when upgrading from Shasta 1.4 to Shasta 1.5, the [redfish] configuration file section is no longer used. In that case, the following warning may appear upon running sat commands.\nWARNING: Ignoring unknown section \u0026#39;redfish\u0026#39; in config file. Remove the [redfish] section from /root/.config/sat/sat.toml to resolve the warning.\n[redfish] username = \u0026#34;admin\u0026#34; password = \u0026#34;adminpass\u0026#34; Repeat this process for any configuration file sections for which there are \u0026ldquo;unknown section\u0026rdquo; warnings.\nSAT Logging As of SAT version 2.2, some command output that was previously printed to stdout is now logged to stderr. These messages are logged at the INFO level. The default logging threshold was changed from WARNING to INFO to accommodate this logging change. Additionally, some messages previously logged at the INFO are now logged at the DEBUG level.\nThese changes take effect automatically. However, if the default output threshold has been manually set in ~/.config/sat/sat.toml, it should be changed to ensure that important output is shown in the terminal.\nUpdate Configuration In the following example, the stderr log level, logging.stderr_level, is set to WARNING, which will exclude INFO-level logging from terminal output.\nncn-m001:~ # grep -A 3 logging ~/.config/sat/sat.toml [logging] ... stderr_level = \u0026#34;WARNING\u0026#34; To enable the new default behavior, comment this line out, delete it, or set the value to \u0026ldquo;INFO\u0026rdquo;.\nIf logging.stderr_level is commented out, its value will not affect logging behavior. However, it may be helpful set its value to INFO as a reminder of the new default behavior.\nAffected Commands The following commands trigger messages that have been changed from stdout print calls to INFO-level (or WARNING- or ERROR-level) log messages:\nsat bootsys --stage shutdown --stage session-checks sat sensors The following commands trigger messages that have been changed from INFO-level log messages to DEBUG-level log messages:\nsat nid2xname sat xname2nid sat swap " +}, +{ + "uri": "/docs-sat/en-24/usage/sat_bootprep/", + "title": "SAT Bootprep", + "tags": [], + "description": "", + "content": "SAT Bootprep SAT provides an automated solution for creating CFS configurations, building and configuring images in IMS, and creating BOS session templates based on a given input file which defines how those configurations, images, and session templates should be created.\nThis automated process centers around the sat bootprep command. Man page documentation for sat bootprep can be viewed similarly to other SAT commands.\nncn-m001# sat-man sat-bootprep SAT Bootprep vs SAT Bootsys sat bootprep is used to create CFS configurations, build and rename IMS images, and create BOS session templates which tie the configurations and images together during a BOS session.\nsat bootsys automates several portions of the boot and shutdown processes, including (but not limited to) performing BOS operations (such as creating BOS sessions), powering on and off cabinets, and checking the state of the system prior to shutdown.\nEditing a Bootprep Input File The input file provided to sat bootprep is a YAML-formatted file containing information which CFS, IMS, and BOS use to create configurations, images, and BOS session templates respectively. Writing and modifying these input files is the main task associated with using sat bootprep. An input file is composed of three main sections, one each for configurations, images, and session templates. These sections may be specified in any order, and any of the sections may be omitted if desired.\nProviding a Schema Version The sat bootprep input file is validated against a versioned schema definition. The input file should specify the version of the schema with which it is compatible under a schema_version key. For example:\n--- schema_version: 1.0.2 The current sat bootprep input file schema version can be viewed with the following command:\nncn-m001# sat bootprep view-schema | grep \u0026#39;^version:\u0026#39; version: \u0026#39;1.0.2\u0026#39; The sat bootprep run command validates the schema version specified in the input file. The command also makes sure that the schema version of the input file is compatible with the schema version understood by the current version of sat bootprep. For more information on schema version validation, refer to the schema_version property description in the bootprep input file schema. For more information on viewing the bootprep input file schema in either raw form or user-friendly HTML form, see Viewing the Exact Schema Specification or Generating User-Friendly Documentation.\nThe default sat bootprep input files provided by the hpc-csm-software-recipe release distribution already contain the correct schema version.\nDefining CFS Configurations The CFS configurations are defined under a configurations key. Under this key, you can list one or more configurations to create. For each configuration, give a name in addition to the list of layers that comprise the configuration.\nEach layer can be defined by a product name and optionally a version number, commit hash, or branch in the product\u0026rsquo;s configuration repository. If this method is used, the layer is created in CFS by looking up relevant configuration information (including the configuration repository and commit information) from the cray-product-catalog Kubernetes ConfigMap as necessary. A version may be supplied. However, if it is absent, the version is assumed to be the latest version found in the cray-product-catalog.\nAlternatively, a configuration layer can be defined by explicitly referencing the desired configuration repository. You must then specify the intended version of the Ansible playbooks by providing a branch name or commit hash with branch or commit.\nThe following example shows a CFS configuration with two layers. The first layer is defined in terms of a product name and version, and the second layer is defined in terms of a Git clone URL and branch:\n--- configurations: - name: example-configuration layers: - name: example-product playbook: example.yml product: name: example version: 1.2.3 - name: another-example-product playbook: another-example.yml git: url: \u0026#34;https://vcs.local/vcs/another-example-config-management.git\u0026#34; branch: main When sat bootprep is run against an input file, a CFS configuration is created corresponding to each configuration in the configurations section. For example, the configuration created from an input file with the layers listed above might look something like the following:\n{ \u0026#34;lastUpdated\u0026#34;: \u0026#34;2022-02-07T21:47:49Z\u0026#34;, \u0026#34;layers\u0026#34;: [ { \u0026#34;cloneUrl\u0026#34;: \u0026#34;https://vcs.local/vcs/example-config-management.git\u0026#34;, \u0026#34;commit\u0026#34;: \u0026#34;\u0026lt;commit hash\u0026gt;\u0026#34;, \u0026#34;name\u0026#34;: \u0026#34;example product\u0026#34;, \u0026#34;playbook\u0026#34;: \u0026#34;example.yml\u0026#34; }, { \u0026#34;cloneUrl\u0026#34;: \u0026#34;https://vcs.local/vcs/another-example-config-management.git\u0026#34;, \u0026#34;commit\u0026#34;: \u0026#34;\u0026lt;commit hash\u0026gt;\u0026#34;, \u0026#34;name\u0026#34;: \u0026#34;another example product\u0026#34;, \u0026#34;playbook\u0026#34;: \u0026#34;another-example.yml\u0026#34; } ], \u0026#34;name\u0026#34;: \u0026#34;example-configuration\u0026#34; } Defining IMS Images The IMS images are defined under an images key. Under the images key, the user may define one or more images to be created in a list. Each element of the list defines a separate IMS image to be built and/or configured. Images must contain a name key and a base key.\nThe name key defines the name of the resulting IMS image. The base key defines the base image to be configured or the base recipe to be built and optionally configured. One of the following keys must be present under the base key:\nUse an ims key to specify an existing image or recipe in IMS. Use a product key to specify an image or recipe provided by a particular version of a product. Note that this is only possible if the product provides a single image or recipe. Use an image_ref key to specify another image from the input file using its ref_name. Images may also contain the following keys:\nUse a configuration key to specify a CFS configuration with which to customize the built image. If a configuration is specified, then configuration groups must also be specified using the configuration_group_names key. Use a ref_name key to specify a unique name that can refer to this image within the input file in other images or in session templates. The ref_name key allows references to images from the input file that have dynamically generated names as described in Dynamic Variable Substitutions. Use a description key to describe the image in the bootprep input file. Note that this key is not currently used. Here is an example of an image using an existing IMS recipe as its base. This example builds an IMS image from that recipe. It then configures it with a CFS configuration named example-compute-config. The example-compute-config CFS configuration can be defined under the configurations key in the same input file, or it can be an existing CFS configuration. Running sat bootprep against this input file results in an image named example-compute-image.\nimages: - name: example-compute-image description: \u0026gt; An example compute node image built from an existing IMS recipe. base: ims: name: example-compute-image-recipe type: recipe configuration: example-compute-config configuration_group_names: - Compute Here is an example showing the definition of two images. The first image is built from a recipe provided by the cos product. The second image uses the first image as a base and configures it with a configuration named example-compute-config. The value of the first image\u0026rsquo;s ref_name key is used in the second image\u0026rsquo;s base.image_ref key to specify it as a dependency. Running sat bootprep against this input file results in two images, the first named example-cos-image and the second named example-compute-image.\nimages: - name: example-cos-image ref_name: example-cos-image description: \u0026gt; An example image built from a recipe provided by the COS product. base: product: name: cos version: 2.3.101 type: recipe - name: example-compute-image description: \u0026gt; An example image built from a recipe provided by the COS product. base: image_ref: example-cos-image configuration: example-compute-config configuration_group_names: - Compute Defining BOS Session Templates The BOS session templates are defined under the session_templates key. Each session template must provide values for the name, image, configuration, and bos_parameters keys. The name key defines the name of the resulting BOS session template. The image key defines the image to use in the BOS session template. One of the following keys must be present under the image key:\nUse an ims key to specify an existing image or recipe in IMS. Use an image_ref key to specify another image from the input file using its ref_name. The configuration key defines the CFS configuration specified in the BOS session template.\nThe bos_parameters key defines parameters that are passed through directly to the BOS session template. The bos_parameters key should contain a boot_sets key, and each boot set in the session template should be specified under boot_sets. Each boot set can contain the following keys, all of which are optional:\nUse a kernel_parameters key to specify the parameters passed to the kernel on the command line. Use a network key to specify the network over which the nodes boot. Use a node_list key to specify the nodes to add to the boot set. Use a node_roles_groups key to specify the HSM roles to add to the boot set. Use a node_groups key to specify the HSM groups to add to the boot set. Use a rootfs_provider key to specify the root file system provider. Use a rootfs_provider_passthrough key to specify the parameters to add to the rootfs= kernel parameter. As mentioned above, the parameters under bos_parameters are passed through directly to BOS. For more information on the properties of a BOS boot set, refer to BOS Session Templates in the Cray System Management Documentation.\nHere is an example of a BOS session template that refers to an existing IMS image by name:\nsession_templates: - name: example-session-template image: ims: name: example-image configuration: example-configuration bos_parameters: boot_sets: example_boot_set: kernel_parameters: ip=dhcp quiet node_roles_groups: - Compute rootfs_provider: cpss3 rootfs_provider_passthrough: dvs:api-gw-service-nmn.local:300:nmn0 Here is an example of a BOS session template that refers to an image from the input file by its ref_name. This requires that an image defined in the input file specifies example-image as the value of its ref_name key.\nsession_templates: - name: example-session-template image: image_ref: example-image configuration: example-configuration bos_parameters: boot_sets: example_boot_set: kernel_parameters: ip=dhcp quiet node_roles_groups: - Compute rootfs_provider: cpss3 rootfs_provider_passthrough: dvs:api-gw-service-nmn.local:300:nmn0 HPC CSM Software Recipe Variable Substitutions The HPC CSM Software Recipe provides a manifest defining the versions of each HPC software product included in the recipe. These product versions can be used in the sat bootprep input file with Jinja2 template syntax.\nSelecting an HPC CSM Software Recipe Version By default, the sat bootprep command uses the product versions from the latest installed version of the HPC CSM Software Recipe. However, you can override this with the --recipe-version command line argument to sat bootprep run.\nFor example, to explicitly select the 22.11.0 version of the HPC CSM Software Recipe, specify --recipe-version 22.11.0:\nncn-m001# sat bootprep run --recipe-version 22.11.0 compute-and-uan-bootprep.yaml Values Supporting Jinja2 Template Rendering The entire sat bootprep input file is not rendered by the Jinja2 template engine. Jinja2 template rendering of the input file is performed individually for each supported value. The values of the following keys support rendering as a Jinja2 template:\nThe name key of each configuration under the configurations key. The following keys of each layer under the layers key in a configuration: name git.branch product.version product.branch The following keys of each image under the images key: name base.product.version configuration The following keys of each session template under the session_templates key: name configuration You can use Jinja2 built-in filters in values of any of the keys listed above. In addition, Python string methods can be called on the string variables.\nViewing HPC CSM Software Recipe Variables HPC CSM Software Recipe variables are available, and you can use them in the values of the keys listed above. View these variables by cloning the hpc-csm-software-recipe repository from VCS and accessing the product_vars.yaml file on the branch that corresponds to the targeted version of the HPC CSM Software Recipe.\nSet up a shell script to access the password for the crayvcs user:\nncn-m001# cat \u0026gt; vcs-creds-helper.sh \u0026lt;\u0026lt;EOF #!/bin/bash kubectl get secret -n services vcs-user-credentials -o jsonpath={.data.vcs_password} | base64 -d EOF Ensure vcs-creds-helper.sh is executable:\nncn-m001# chmod u+x vcs-creds-helper.sh Set the GIT_ASKPASS environment variable to the path to the vcs-creds-helper.sh script:\nncn-m001# export GIT_ASKPASS=\u0026#34;$PWD/vcs-creds-helper.sh\u0026#34; Clone the hpc-csm-software-recipe repository:\nncn-m001# git clone https://crayvcs@api-gw-service-nmn.local/vcs/cray/hpc-csm-software-recipe.git Change the directory to the hpc-csm-software-recipe repository:\nncn-m001# cd hpc-csm-software-recipe View the versions of the HPC CSM Software Recipe on the system:\nncn-m001# git branch -r Check out the branch of the hpc-csm-software-recipe repository that corresponds to the targeted HPC CSM Software Recipe version. For example, for recipe version 22.11.0:\nncn-m001# git checkout cray/hpc-csm-software-recipe/22.11.0 View the contents of the file product_vars.yaml in the clone of the repository:\nncn-m001# cat product_vars.yaml The variables defined in the product_vars.yaml file can be used in the values that support Jinja2 templates. A variable is specified by a dot-separated path, with each component of the path representing a key in the YAML file. For example, a version of the COS product appears as follows in the product_vars.yaml file:\ncos: version: 2.4.76 This COS version can be used by specifying cos.version within a value in the input file.\nHPC CSM Software Recipe Variable Substitution Example The following example bootprep input file shows how a COS version can be used in a bootprep input file that creates a CFS configuration for computes. Only one layer is shown for brevity.\n--- configurations: - name: compute-{{recipe.version}} layers: - name: cos-compute-integration-{{cos.version}} playbook: cos-compute.yaml product: name: cos version: \u0026#34;{{cos.version}}\u0026#34; branch: integration-{{cos.version}} Note: When the value of a key in the bootprep input file is a Jinja2 expression, it must be quoted to pass YAML syntax checking.\nJinja2 expressions can also use filters and Python\u0026rsquo;s built-in string methods to manipulate the variable values. For example, suppose only the major and minor components of a COS version are to be used in the branch name for the COS layer of the CFS configuration. You can use the split string method to achieve this as follows:\n--- configurations: - name: compute-{{recipe.version}} layers: - name: cos-compute-integration-{{cos.version}} playbook: cos-compute.yaml product: name: cos version: \u0026#34;{{cos.version}}\u0026#34; branch: integration-{{cos.version.split(\u0026#39;.\u0026#39;)[0]}}-{{cos.version.split(\u0026#39;.\u0026#39;)[1]}} Dynamic Variable Substitutions Additional variables are available besides the product version variables provided by the HPC CSM Software Recipe. (For more information, see HPC CSM Software Recipe Variable Substitutions.) These additional variables are dynamic because their values are determined at run-time based on the context in which they appear. Available dynamic variables include the following:\nThe variable base.name can be used in the name of an image under the images key. The value of this variable is the name of the IMS image or recipe used as the base of this image. The variable image.name can be used in the name of a session template under the session_templates key. The value of this variable is the name of the IMS image used in this session template. These variables reduce the need to duplicate values throughout the sat bootprep input file and make the following use cases possible:\nYou want to build an image from a recipe provided by a product and use the name of the recipe in the name of the resulting image. You want to use the name of the image in the name of a session template, and the image is generated as described in the previous use case. Example Bootprep Input Files This section provides an example bootprep input file. It also gives instructions for obtaining the default bootprep input files delivered with a release of the HPC CSM Software Recipe.\nExample Bootprep Input File The following bootprep input file provides an example of using most of the features described in previous sections. It is not intended to be a complete bootprep file for the entire CSM product.\n--- configurations: - name: compute-{{recipe.version}} layers: - name: cos-compute-integration-{{cos.version}} playbook: site.yml product: name: cos version: \u0026#34;{{cos.version}}\u0026#34; branch: integration-{{cos.version}} - name: cpe-pe_deploy-integration-{{cpe.version}} playbook: pe_deploy.yml product: name: cpe version: \u0026#34;{{cpe.version}}\u0026#34; branch: integration-{{cpe.version}} images: - name: \u0026#34;{{base.name}}\u0026#34; ref_name: base_cos_image base: product: name: cos type: recipe version: \u0026#34;{{cos.version}}\u0026#34; - name: compute-{{base.name}} ref_name: compute_image base: image_ref: base_cos_image configuration: compute-{{recipe.version}} configuration_group_names: - Compute session_templates: - name: compute-{{recipe.version}} image: image_ref: compute_image configuration: compute-{{recipe.version}} bos_parameters: boot_sets: compute: kernel_parameters: ip=dhcp quiet spire_join_token=${SPIRE_JOIN_TOKEN} node_roles_groups: - Compute rootfs_provider_passthrough: \u0026#34;dvs:api-gw-service-nmn.local:300:hsn0,nmn0:0\u0026#34; Accessing Default Bootprep Input Files Default bootprep input files are delivered by the HPC CSM Software Recipe product. You can access these files by cloning the hpc-csm-software-recipe repository.\nTo do this, follow steps 1-7 of the procedure in Viewing HPC CSM Software Recipe Variables. Then, access the files in the bootprep directory of that repository:\nncn-m001# ls bootprep/ Generating an Example Bootprep Input File The sat bootprep generate-example command was not updated for recent bootprep schema changes. It is recommended that you instead use the default bootprep input files described in Accessing Default Bootprep Input Files. The sat bootprep generate-example command will be updated in a future release of SAT.\nEditing HPC CSM Software Recipe Defaults You might need to edit the default bootprep input files delivered by the HPC CSM Software Recipe for your system. Here are some examples of how to edit the files.\nEditing Default Branch Names Before running sat bootprep, HPE recommends reading the bootprep input files and paying specific attention to the branch parameters. Some HPE Cray EX products require system-specific changes on a working branch of VCS. For these products, the default bootprep input files assume certain naming conventions for the VCS branches. The files refer to a particular branch of a product\u0026rsquo;s configuration management repository.\nThus, it is important to confirm that the bootprep input files delivered by the HPC CSM Software Recipe match the actual system branch names. For example, the COS product\u0026rsquo;s CFS configuration layer is defined as follows in the default management-bootprep.yaml bootprep input file.\n- name: cos-ncn-integration-{{cos.version}} playbook: ncn.yml product: name: cos version: \u0026#34;{{cos.version}}\u0026#34; branch: integration-{{cos.version}} The default file is assuming that system-specific Ansible configuration changes for the COS product in VCS are stored in a branch named integration-{{cos.version}}. If the version being installed is COS 2.4.99, sat bootprep looks for a branch named integration-2.4.99 from which to create CFS configuration layers.\nYou can create VCS working branches that are not the default bootprep input file branch names. A simple example of this is using cne-install to update working VCS branches. If you use cne-install to update working VCS branches, (namely in the update_working_branches stage), you create or update the branches specified by the -B WORKING_BRANCH command line option. For example, consider the following cne-install command.\nncn-m001# ./cne-install install \\ -B integration \\ -s deploy_products \\ -e update_working_branches Products installed with this cne-install example use the working branch integration for system-specific changes to VCS. The branch specified by the -B option must match the branch specified in the bootprep input file.\nIn another example, to use the branch integration for COS instead of integration-{{cos.version}}, edit the bootprep input file so it reads as follows.\n- name: cos-ncn-integration-{{cos.version}} playbook: ncn.yml product: name: cos version: \u0026#34;{{cos.version}}\u0026#34; branch: integration Editing Default Management CFS Configuration Names The default bootprep input file for management CFS configurations (management-bootprep.yaml) creates configurations that have names specified within the input file. For example, in the bootprep input files included in the 22.11 HPC CSM Software Recipe, the following configurations are named:\nncn-personalization ncn-image-customization These default management CFS configuration names might be acceptable for your system. However, it is possible to create other names. sat bootprep creates whatever configurations are specified in the input file. For example, to create a NCN node personalization configuration named ncn-personalization-test, edit the file as follows.\nconfigurations: - name: ncn-personalization-test layers: ... For management configurations, use sat status to identify the current desired configuration for each of the management nodes.\nncn-m001# sat status --fields xname,role,subrole,desiredconfig --filter role=management +----------------+------------+---------+---------------------+ | xname | Role | SubRole | Desired Config | +----------------+------------+---------+---------------------+ | x3000c0s1b0n0 | Management | Master | ncn-personalization | | x3000c0s3b0n0 | Management | Master | ncn-personalization | | x3000c0s5b0n0 | Management | Master | ncn-personalization | | x3000c0s7b0n0 | Management | Worker | ncn-personalization | | x3000c0s9b0n0 | Management | Worker | ncn-personalization | | x3000c0s11b0n0 | Management | Worker | ncn-personalization | | x3000c0s13b0n0 | Management | Worker | ncn-personalization | | x3000c0s17b0n0 | Management | Storage | ncn-personalization | | x3000c0s19b0n0 | Management | Storage | ncn-personalization | | x3000c0s21b0n0 | Management | Storage | ncn-personalization | | x3000c0s25b0n0 | Management | Worker | ncn-personalization | +----------------+------------+---------+---------------------+ To overwrite the desired configuration using sat bootprep, ensure the bootprep input file specifies to create a configuration with the same name (ncn-personalization in the example above). To create a different configuration, ensure the bootprep input file specifies to create a configuration with a different name than the desired configuration (different than ncn-personalization in the example above).\nUpgrading a Single Product and Overriding its Default Version When working with a given HPC CSM Software Recipe, it might be necessary to upgrade a single HPE Cray EX product past the default version given in the recipe. However, you might still want to use the other default product versions contained in that recipe. To do this, first upgrade the single product. For more information, refer to the upgrade instructions in that product\u0026rsquo;s documentation.\nAfter the product is upgraded, you must override its default version in subsequent runs of sat bootprep. The following process explains how to do this. In this example, all the default product versions from the 22.11 software recipe are used except for COS. The COS default product version is overridden to version 2.4.199 instead, and the CFS configurations in management-bootprep.yaml are created.\nEnsure you have a local copy of the default bootprep input files.\nFor more information, see Accessing Default Bootprep Input Files.\nEdit the product_vars.yaml file to change the default product version.\nncn-m001# vim product_vars.yaml Confirm the new product version in the edited product_vars.yaml file.\nncn-m001# grep -A1 cos: `product_vars.yaml`: cos: version: 2.4.199 Use the --vars-file option when running sat bootprep to override the default product version.\nYou must run this command from the directory containing the product_vars.yaml file. The product_vars.yaml file must also be specified when using the --vars-file option. It is not sufficient to just edit the file.\nncn-m001# sat bootprep run --vars-file product_vars.yaml bootprep/management-bootprep.yaml Note: This example is specific to creating the configurations defined in management-bootprep.yaml. Review what configurations, images, or session templates you intend to create by viewing the input file.\nViewing Built-in Generated Documentation The contents of the YAML input files described above must conform to a schema which defines the structure of the data. The schema definition is written using the JSON Schema format. (Although the format is named \u0026ldquo;JSON Schema\u0026rdquo;, the schema itself is written in YAML as well.) More information, including introductory materials and a formal specification of the JSON Schema metaschema, can be found on the JSON Schema website.\nViewing the Exact Schema Specification To view the exact schema specification, run sat bootprep view-schema.\nncn-m001# sat bootprep view-schema --- $schema: \u0026#34;https://json-schema.org/draft/2020-12/schema\u0026#34; ... title: Bootprep Input File description: \u0026gt; A description of the set of CFS configurations to create, the set of IMS images to create and optionally customize with the defined CFS configurations, and the set of BOS session templates to create that reference the defined images and configurations. type: object additionalProperties: false properties: ... Generating User-Friendly Documentation The raw schema definition can be difficult to understand without experience working with JSON Schema specifications. For this reason, a feature is included that generates user-friendly HTML documentation for the input file schema. This HTML documentation can be browsed with your preferred web browser.\nCreate a documentation tarball using sat bootprep.\nncn-m001# sat bootprep generate-docs INFO: Wrote input schema documentation to /root/bootprep-schema-docs.tar.gz An alternate output directory can be specified with the --output-dir option. The generated tarball is always named bootprep-schema-docs.tar.gz.\nncn-m001# sat bootprep generate-docs --output-dir /tmp INFO: Wrote input schema documentation to /tmp/bootprep-schema-docs.tar.gz From another machine, copy the tarball to a local directory.\nanother-machine$ scp root@ncn-m001:bootprep-schema-docs.tar.gz . Extract the contents of the tarball and open the contained index.html.\nanother-machine$ tar xzvf bootprep-schema-docs.tar.gz x bootprep-schema-docs/ x bootprep-schema-docs/index.html x bootprep-schema-docs/schema_doc.css x bootprep-schema-docs/schema_doc.min.js another-machine$ open bootprep-schema-docs/index.html " +}, +{ + "uri": "/docs-sat/en-24/dashboards/sat_kibana_dashboards/", + "title": "SAT Kibana Dashboards", + "tags": [], + "description": "", + "content": "SAT Kibana Dashboards Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored in Elasticsearch indices. Kibana runs as a web service and has a browser-based interface. It offers visual output of node data in the forms of charts, tables and maps that display real-time Elasticsearch queries. Viewing system data in this way breaks down the complexity of large data volumes into easily understood information.\nKibana can be accessed via web browser at the following URL:\nhttps://sma-kibana.cmn.\u0026lt;site-domain\u0026gt; The value of site-domain can be obtained as follows:\nncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath=\u0026#39;{.data.customizations\\.yaml}\u0026#39; | \\ base64 -d | grep \u0026#34;external:\u0026#34; That command will produce the following output, for example:\nexternal: EXAMPLE_DOMAIN.com This would result in the address for Kibana being https://sma-kibana.cmn.EXAMPLE_DOMAIN.com\nFor more information on accessing the Kibana Dashboards, refer to View Logs Via Kibana in the SMA product documentation.\nAdditional details about the AER, ATOM, Heartbeat, Kernel, MCE, and RAS Daemon Kibana Dashboards are included in this table.\nDashboard Short Description Long Description Kibana Visualization and Search Name sat-aer AER corrected Corrected Advanced Error Reporting messages from PCI Express devices on each node. Visualization: aer-corrected Search: sat-aer-corrected sat-aer AER fatal Fatal Advanced Error Reporting messages from PCI Express devices on each node. Visualization: aer-fatal Search: sat-aer-fatal sat-atom ATOM failures Application Task Orchestration and Management tests are run on a node when a job finishes. Test failures are logged. sat-atom-failed sat-atom ATOM admindown Application Task Orchestration and Management test failures can result in nodes being marked admindown. An admindown node is not available for job launch. sat-atom-admindown sat-heartbeat Heartbeat loss events Heartbeat loss event messages reported by the hbtd pods that monitor for heartbeats across nodes in the system. sat-heartbeat sat-kernel Kernel assertions The kernel software performs a failed assertion when some condition represents a serious fault. The node goes down. sat-kassertions sat-kernel Kernel panics The kernel panics when something is seriously wrong. The node goes down. sat-kernel-panic sat-kernel Lustre bugs (LBUGs) The Lustre software in the kernel stack performs a failed assertion when some condition related to file system logic represents a serious fault. The node goes down. sat-lbug sat-kernel CPU stalls CPU stalls are serous conditions that can reduce node performance, and sometimes cause a node to go down. Technically these are Read-Copy-Update stalls where software in the kernel stack holds onto memory for too long. Read-Copy-Update is a vital aspect of kernel performance and rather esoteric. sat-cpu-stall sat-kernel Out of memory An Out Of Memory (OOM) condition has occurred. The kernel must kill a process to continue. The kernel will select an expendable process when possible. If there is no expendable process the node usually goes down in some manner. Even if there are expendable processes the job is likely to be impacted. OOM conditions are best avoided. sat-oom sat-mce MCE Machine Check Exceptions (MCE) are errors detected at the processor level. sat-mce sat-rasdaemon rasdaemon errors Errors from the rasdaemon service on nodes. The rasdaemon service is the Reliability, Availability, and Serviceability Daemon, and it is intended to collect all hardware error events reported by the Linux kernel, including PCI and MCE errors. This may include certain HSN errors in the future. sat-rasdaemon-error sat-rasdaemon rasdaemon messages All messages from the rasdaemon service on nodes. sat-rasdaemon Disable Search Highlighting in Kibana Dashboard By default, search highlighting is enabled. This procedure instructs how to disable search highlighting.\nThe Kibana Dashboard should be open on your system.\nNavigate to Management\nNavigate to Advanced Settings in the Kibana section, below the Elastic search section\nScroll down to the Discover section\nChange Highlight results from on to off\nClick Save to save changes\nAER Kibana Dashboard The AER Dashboard displays errors that come from the PCI Express Advanced Error Reporting (AER) driver. These errors are split up into separate visualizations depending on whether they are fatal or corrected errors.\nView the AER Kibana Dashboard Go to the dashboard section.\nSelect sat-aer dashboard.\nChoose the time range of interest.\nView the Corrected and Fatal Advanced Error Reporting messages from PCI Express devices on each node. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\nATOM Kibana Dashboard The ATOM (Application Task Orchestration and Management) Dashboard displays node failures that occur during health checks and application test failures. Some test failures are of possible interest even though a node is not marked admindown or otherwise fails. They are of clear interest if a node is marked admindown, and might provide clues if a node otherwise fails. They might also show application problems.\nView the ATOM Kibana Dashboard HPE Cray EX is installed on the system along with the System Admin Toolkit, which contains the ATOM Kibana Dashboard.\nGo to the dashboard section.\nSelect sat-atom dashboard.\nChoose the time range of interest.\nView any nodes marked admindown and any ATOM test failures. These failures occur during health checks and application test failures. Test failures marked admindown are important to note. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\nHeartbeat Kibana Dashboard The Heartbeat Dashboard displays heartbeat loss messages that are logged by the hbtd pods in the system. The hbtd pods are responsible for monitoring nodes in the system for heartbeat loss.\nView the Heartbeat Kibana Dashboard Go to the dashboard section.\nSelect sat-heartbeat dashboard.\nChoose the time range of interest.\nView the heartbeat loss messages that are logged by the hbtd pods in the system. The hbtd pods are responsible for monitoring nodes in the system for heartbeat loss. View the matching log messages in the panel.\nKernel Kibana Dashboard The Kernel Dashboard displays compute node failures such as kernel assertions, kernel panics, and Lustre LBUG messages. The messages reveal if Lustre has experienced a fatal error on any compute nodes in the system. A CPU stall is a serious problem that might result in a node failure. Out-of-memory conditions can be due to applications or system problems and may require expert analysis. They provide useful clues for some node failures and may reveal if an application is using too much memory.\nView the Kernel Kibana Dashboard Go to the dashboard section.\nSelect sat-kernel dashboard.\nChoose the time range of interest.\nView the compute node failures such as kernel assertions, kernel panics, and Lustre LBUG messages. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\nMCE Kibana Dashboard The MCE Dashboard displays CPU detected processor-level hardware errors.\nView the MCE Kibana Dashboard Go to the dashboard section.\nSelect sat-mce dashboard.\nChoose the time range of interest.\nView the Machine Check Exceptions (MCEs) listed including the counts per NID (node). For an MCE, the CPU number and DIMM number can be found in the message, if applicable. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\nRAS Daemon Kibana Dashboard The RAS Daemon Dashboard displays errors that come from the Reliability, Availability, and Serviceability (RAS) daemon service on nodes in the system. This service collects all hardware error events reported by the Linux kernel, including PCI and MCE errors. As a result there may be some duplication between the messages presented here and the messages presented in the MCE and AER dashboards. This dashboard splits up the messages into two separate visualizations, one for only messages of severity emerg or err and another for all messages from rasdaemon.\nView the RAS Daemon Kibana Dashboard Go to the dashboard section.\nSelect sat-rasdaemon dashboard.\nChoose the time range of interest.\nView the errors that come from the Reliability, Availability, and Serviceability (RAS) daemon service on nodes in the system. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\n" +}, +{ + "uri": "/docs-sat/en-24/release_notes/", + "title": "SAT Release Notes", + "tags": [], + "description": "", + "content": "SAT Release Notes Summary of Changes in SAT 2.4 The 2.4.13 version of the SAT product includes:\nVersion 3.19.3 of the sat python package and CLI. Version 2.0.0-1 of the sat-podman wrapper script. Version 1.5.5 of the sat-install-utility container image. Version 3.3.1 of the cfs-config-util container image. Because of installation refactoring efforts, the following two components are no longer delivered with SAT:\nsat-cfs-install container image sat-cfs-install Helm chart Inclusion of SAT in CSM A version of the cray-sat container image is now included in CSM. For more information, see SAT in CSM.\nSAT Installation Improvements The SAT install.sh script no longer uses a sat-cfs-install Helm chart and container image to upload its Ansible content to the sat-config-management repository in VCS. Instead, it uses Podman to run the cf-gitea-import container directly. Some of the benefits of this change include the following:\nFewer container images that need to be managed by the SAT product Simplified SAT installation without Helm charts or Loftsman manifests Reduced SAT installation time Decoupling of cray-sat container image and cray-sat-podman package Decoupling of cray-sat Container Image and cray-sat-podman Package In older SAT releases, the sat wrapper script that was provided by the cray-sat-podman package installed on Kubernetes master NCNs included a hard-coded version of the cray-sat container image. As a result, every new version of the cray-sat image required a corresponding new version of the cray-sat-podman package.\nIn this release, this tight coupling of the cray-sat-podman package and the cray-sat container image was removed. The sat wrapper script provided by the cray-sat-podman package now looks for the version of the cray-sat container image in the /opt/cray/etc/sat/version file. This file is populated with the correct version of the cray-sat container image by the SAT layer of the CFS configuration that is applied to management NCNs. If the version file does not exist, the wrapper script defaults to the version of the cray-sat container image delivered with the latest version of CSM installed on the system.\nImproved NCN Personalization Automation The steps for performing NCN personalization as part of the SAT installation were moved out of the install.sh script and into a new update-mgmt-ncn-cfs-config.sh script that is provided in the SAT release distribution. The new script provides additional flexibility in how it modifies the NCN personalization CFS configuration for SAT. It can modify an existing CFS configuration by name, a CFS configuration being built in a JSON file, or an existing CFS configuration that applies to certain components. For more information, see Perform NCN Personalization.\nNew sat bootprep Features The following new features were added to the sat bootprep command:\nVariable substitutions using Jinja2 templates in certain fields of the sat bootprep input file\nFor more information, see HPC CSM Software Recipe Variable Substitutions and Dynamic Variable Substitutions.\nSchema version validation in the sat bootprep input files\nFor more information, see Providing a Schema Version.\nAbility to look up images and recipes provided by products\nFor more information, see Defining IMS Images.\nThe schema of the sat bootprep input files was also changed to support these new features:\nThe base recipe or image used by an image in the input file should now be specified under a base key instead of under an ims key. The old ims key is deprecated. To specify an image that depends on another image in the input file, the dependent image should specify the dependency under base.image_ref. You should no longer use the IMS name of the image on which it depends. The image used by a session template should now be specified under image.ims.name, image.ims.id, or image.image_ref. Specifying a string value directly under the image key is deprecated. For more information on defining IMS images and BOS session templates in the sat bootprep input file, see Defining IMS Images and Defining BOS Session Templates.\nAdded Blade Swap Support to sat swap The sat swap command was updated to support swapping compute and UAN blades with sat swap blade. This functionality is described in the following processes of the Cray System Management Documentation:\nAdding a Liquid-cooled blade to a System Using SAT Removing a Liquid-cooled blade from a System Using SAT Replace a Compute Blade Using SAT Swap a Compute Blade with a Different System Using SAT Support for BOS v2 A new v2 version of the Boot Orchestration Service (BOS) is available in CSM 1.3.0. SAT has added support for BOS v2. This impacts the following commands that interact with BOS:\nsat bootprep sat bootsys sat status By default, SAT uses BOS v1. However, you can choose the BOS version you want to use. For more information, see Change the BOS Version.\nAdded BOS Fields to sat status When using BOS v2, sat status outputs additional fields. These fields show the most recent BOS session, session template, booted image, and boot status for each node. An additional --bos-fields option was added to limit the output of sat status to these fields. The fields are not displayed when using BOS v1.\nOpen Source Repositories This is the first release of SAT built from open source code repositories. As a result, build infrastructure was changed to use an external Jenkins instance, and artifacts are now published to an external Artifactory instance. These changes should not impact the functionality of the SAT product in any way.\nSecurity CVE Mitigation The paramiko Python package version was updated from 2.9.2 to 2.10.1 to mitigate CVE-2022-24302. The oauthlib Python package version was updated from 3.2.0 to 3.2.1 to mitigate CVE-2022-36087. Restricted Permissions on SAT Config Files and Directories SAT stores information used to authenticate to the API gateway with Keycloak. Token files are stored in the ~/.config/sat/tokens/ directory. Those files have always had permissions appropriately set to restrict them to be readable only by the user.\nKeycloak usernames used to authenticate to the API gateway are stored in the SAT config file at /.config/sat/sat.toml. Keycloak usernames are also used in the file names of tokens stored in /.config/sat/tokens. As an additional security measure, SAT now restricts the permissions of the SAT config file to be readable and writable only by the user. It also restricts the tokens directory and the entire SAT config directory ~/.config/sat to be accessible only by the user. This prevents other users on the system from viewing Keycloak usernames used to authenticate to the API gateway.\nBug Fixes Fixed an issue where sat init did not print a message confirming a new configuration file was created. Fixed an issue where sat showrev exited with a traceback if the file /opt/cray/etc/site_info.yaml existed but was empty. This could occur if the user exited sat setrev with Ctrl-C. Fixed outdated information in the sat bootsys man page, and added a description of the command stages. Summary of Changes in SAT 2.3 The 2.3.4 version of the SAT product includes:\nVersion 3.15.4 of the sat python package and CLI Version 1.6.11 of the sat-podman wrapper script Version 1.2.0 of the sat-cfs-install container image Version 2.0.0 of the sat-cfs-install Helm chart Version 1.5.0 of the sat-install-utility container image Version 2.0.3 of the cfs-config-util container image New sat Commands None.\nCurrent Working Directory in SAT Container When running sat commands, the current working directory is now mounted in the container as /sat/share, and the current working directory within the container is also /sat/share.\nFiles in the current working directory must be specified using relative paths to that directory, because the current working directory is always mounted on /sat/share. Absolute paths should be avoided, and paths that are outside of $HOME or $PWD are never accessible to the container environment.\nThe home directory is still mounted on the same path inside the container as it is on the host.\nChanges to sat bootsys The following options were added to sat bootsys.\n--bos-limit --recursive The --bos-limit option passes a given limit string to a BOS session. The --recursive option specifies a slot or other higher-level component in the limit string\nChanges to sat bootprep The --delete-ims-jobs option was added to sat bootprep run. It deletes IMS jobs after sat bootprep is run. Jobs are no longer deleted by default.\nChanges to sat status sat status now includes information about nodes\u0026rsquo; CFS configuration statuses, such as desired configuration, configuration status, and error count.\nThe output of sat status now splits different component types into different report tables.\nThe following options were added to sat status.\n--hsm-fields, --sls-fields, --cfs-fields --bos-template The --hsm-fields, --sls-fields, --cfs-fields options limit the output columns according to specified CSM services.\nThe --bos-template option filters the status report according to the specified session template\u0026rsquo;s boot sets.\nCompatibility with CSM 1.2 The following components were modified to be compatible with CSM 1.2.\nsat-cfs-install container image and Helm chart sat-install-utility container image SAT product installer GPG Checking The sat-ncn Ansible role provided by sat-cfs-install was modified to enable GPG checks on packages while leaving GPG checks disabled on repository metadata.\nSecurity Updated urllib3 dependency to version 1.26.5 to mitigate CVE-2021-33503 and refreshed Python dependency versions.\nBug Fixes Minor bug fixes were made in each of the repositories. For full change lists, refer to each repository’s CHANGELOG.md file.\nThe known issues listed under the SAT 2.2 release were fixed.\nSummary of Changes in SAT 2.2 SAT 2.2.16 was released on February 25th, 2022.\nThis version of the SAT product included:\nVersion 3.14.0 of the sat python package and CLI Version 1.6.4 of the sat-podman wrapper script Version 1.0.4 of the sat-cfs-install container image and Helm chart It also added the following new components:\nVersion 1.4.3 of the sat-install-utility container image Version 2.0.2 of the cfs-config-util container image The following sections detail the changes in this release.\nKnown Issues in SAT 2.2 sat Command Unavailable in sat bash Shell After launching a shell within the SAT container with sat bash, the sat command will not be found. For example:\n(CONTAINER-ID) sat-container:~ # sat status bash: sat: command not found This can be resolved temporarily in one of two ways. /sat/venv/bin/ may be prepended to the $PATH environment variable:\n(CONTAINER-ID) sat-container:~ # export PATH=/sat/venv/bin:$PATH (CONTAINER-ID) sat-container:~ # sat status Or, the file /sat/venv/bin/activate may be sourced:\n(CONTAINER-ID) sat-container:~ # source /sat/venv/bin/activate (CONTAINER-ID) sat-container:~ # sat status Tab Completion Unavailable in sat bash Shell After launching a shell within the SAT container with sat bash, tab completion for sat commands does not work.\nThis can be resolved temporarily by sourcing the file /etc/bash_completion.d/sat-completion.bash:\nsource /etc/bash_completion.d/sat-completion.bash OCI Runtime Permission Error when Running sat in Root Directory sat commands will not work if the current directory is /. For example:\nncn-m001:/ # sat --help Error: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: open /dev/console: operation not permitted: OCI runtime permission denied error To resolve, run sat in another directory.\nDuplicate Mount Error when Running sat in Config Directory sat commands will not work if the current directory is ~/.config/sat. For example:\nncn-m001:~/.config/sat # sat --help Error: /root/.config/sat: duplicate mount destination To resolve, run sat in another directory.\nNew sat Commands sat bootprep automates the creation of CFS configurations, the build and customization of IMS images, and the creation of BOS session templates. For more information, see SAT Bootprep. sat slscheck performs a check for consistency between the System Layout Service (SLS) and the Hardware State Manager (HSM). sat bmccreds provides a simple interface for interacting with the System Configuration Service (SCSD) to set BMC Redfish credentials. sat hwhist displays hardware component history by XName (location) or by its Field-Replaceable Unit ID (FRUID). This command queries the Hardware State Manager (HSM) API to obtain this information. Since the sat hwhist command supports querying for the history of a component by its FRUID, the FRUID of components has been added to the output of sat hwinv. Additional Install Automation The following automation has been added to the install script, install.sh:\nWait for the completion of the sat-config-import Kubernetes job, which is started when the sat-cfs-install Helm chart is deployed. Automate the modification of the CFS configuration, which applies to master management NCNs (for example, ncn-personalization). Changes to Product Catalog Data Schema The SAT product uploads additional information to the cray-product-catalog Kubernetes ConfigMap detailing the components it provides, including container (Docker) images, Helm charts, RPMs, and package repositories.\nThis information is used to support uninstall and activation of SAT product versions moving forward.\nSupport for Uninstall and Activation of SAT Versions Beginning with the 2.2 release, SAT now provides partial support for the uninstall and activation of the SAT product stream.\nFor more information, see Uninstall: Removing a Version of SAT and Activate: Switching Between Versions.\nImprovements to sat status A Subrole column has been added to the output of sat status. This allows you to easily differentiate between master, worker, and storage nodes in the management role, for example.\nHostname information from SLS has been added to sat status output.\nAdded Support for JSON Output Support for JSON-formatted output has been added to commands which currently support the --format option, such as hwinv, status, and showrev.\nUsability Improvements Many usability improvements have been made to multiple sat commands, mostly related to filtering command output. The following are some highlights:\nAdded --fields option to display only specific fields for subcommands which display tabular reports. Added ability to filter on exact matches of a field name. Improved handling of multiple matches of a field name in --filter queries so that the first match is used, similar to --sort-by. Added support for --filter, --fields, and --reverse for summaries displayed by sat hwinv. Added borders to summary tables generated by sat hwinv. Improved documentation in the man pages. Default Log Level Changed The default log level for stderr has been changed from \u0026ldquo;WARNING\u0026rdquo; to \u0026ldquo;INFO\u0026rdquo;. For more information, see SAT Logging.\nMore Granular Log Level Configuration Options With the command-line options --loglevel-stderr and --loglevel-file, the log level can now be configured separately for stderr and the log file.\nThe existing --loglevel option is now an alias for the --loglevel-stderr option.\nPodman Wrapper Script Improvements The Podman wrapper script is the script installed at /usr/bin/sat on the master management NCNs by the cray-sat-podman RPM that runs the cray-sat container in podman. The following subsections detail improvements that were made to the wrapper script in this release.\nMounting of $HOME and Current Directories in cray-sat Container The Podman wrapper script that launches the cray-sat container with podman has been modified to mount the user\u0026rsquo;s current directory and home directory into the cray-sat container to provide access to local files in the container.\nPodman Wrapper Script Documentation Improvements The man page for the Podman wrapper script, which is accessed by typing man sat on a master management NCN, has been improved to document the following:\nEnvironment variables that affect execution of the wrapper script Host files and directories mounted in the container Fixes to Podman Wrapper Script Output Redirection Fixed issues with redirecting stdout and stderr, and piping output to commands, such as awk, less, and more.\nConfigurable HTTP Timeout A new sat option has been added to configure the HTTP timeout length for requests to the API gateway. For more information, refer to sat-man sat.\nsat bootsys Improvements Many improvements and fixes have been made to sat bootsys. The following are some highlights:\nAdded the --excluded-ncns option, which can be used to omit NCNs from the platform-services and ncn-power stages in case they are inaccessible. Disruptive shutdown stages in sat bootsys shutdown now prompt the user to continue before proceeding. A new option, --disruptive, will bypass this. Improvements to Ceph service health checks and restart during the platform-services stage of sat bootsys boot. sat xname2nid Improvements sat xname2nid can now recursively expand slot, chassis, and cabinet XNames to a list of NIDs in those locations.\nA new --format option has been added to sat xname2nid. It sets the output format to either \u0026ldquo;range\u0026rdquo; (the default) or \u0026ldquo;NID\u0026rdquo;. The \u0026ldquo;range\u0026rdquo; format displays NIDs in a compressed range format suitable for use with a workload manager like Slurm.\nUsage of v2 HSM API The commands which interact with HSM (for example, sat status and sat hwinv) now use the v2 HSM API.\nsat diag Limited to HSN Switches sat diag will now only operate against HSN switches by default. These are the only controllers that support running diagnostics with HMJTD.\nsat showrev Enhancements A column has been added to the output of sat showrev that indicates whether a product version is \u0026ldquo;active\u0026rdquo;. The definition of \u0026ldquo;active\u0026rdquo; varies across products, and not all products may set an \u0026ldquo;active\u0026rdquo; version.\nFor SAT, the active version is the one with its hosted-type package repository in Nexus set as the member of the group-type package repository in Nexus, meaning that it will be used when installing the cray-sat-podman RPM.\ncray-sat Container Image Size Reduction The size of the cray-sat container image has been approximately cut in half by leveraging multi-stage builds. This also improved the repeatability of the unit tests by running them in the container.\nBug Fixes Minor bug fixes were made in cray-sat and in cray-sat-podman. For full change lists, refer to each repository\u0026rsquo;s CHANGELOG.md file.\nSummary of SAT Changes in Shasta v1.5 We released version 2.1.16 of the SAT product in Shasta v1.5.\nThis version of the SAT product included:\nVersion 3.7.4 of the sat python package and CLI Version 1.4.10 of the sat-podman wrapper script It also added the following new component:\nVersion 1.0.3 of the sat-cfs-install docker image and helm chart The following sections detail the changes in this release.\nInstall Changes to Separate Product from CSM This release further decouples the installation of the SAT product from the CSM product. The cray-sat-podman RPM is no longer installed in the management non-compute node (NCN) image. Instead, the cray-sat-podman RPM is installed on all master management NCNs via an Ansible playbook which is referenced by a layer of the CFS configuration that applies to management NCNs. This CFS configuration is typically named ncn-personalization.\nThe SAT product now includes a Docker image and a Helm chart named sat-cfs-install. The SAT install script, install.sh, deploys the Helm chart with Loftsman. This helm chart deploys a Kubernetes job that imports the SAT Ansible content to a git repository in VCS (Gitea) named sat-config-management. This repository is referenced by the layer added to the NCN personalization CFS configuration.\nRemoval of Direct Redfish Access All commands which used to access Redfish directly have either been removed or modified to use higher-level service APIs. This includes the following commands:\nsat sensors sat diag sat linkhealth The sat sensors command has been rewritten to use the SMA telemetry API to obtain the latest sensor values. The command\u0026rsquo;s usage has changed slightly, but legacy options work as before, so it is backwards compatible. Additionally, new commands have been added.\nThe sat diag command has been rewritten to use a new service called Fox, which is delivered with the CSM-Diags product. The sat diag command now launches diagnostics using the Fox service, which launches the corresponding diagnostic programs on controllers using the Hardware Management Job and Task Daemon (HMJTD) over Redfish. Essentially, Fox serves as a proxy for us to start diagnostics over Redfish.\nThe sat linkhealth command has been removed. Its functionality has been replaced by functionality from the Slingshot Topology Tool (STT) in the fabric manager pod.\nThe Redfish username and password command line options and config file options have been removed. For more information, see Remove Obsolete Configuration File Sections.\nAdditional Fields in sat setrev and sat showrev sat setrev now collects the following information from the admin, which is then displayed by sat showrev:\nSystem description Product number Company name Country code Additional guidance and validation has been added to each field collected by sat setrev. This sets the stage for sdu setup to stop collecting this information and instead collect it from sat showrev or its S3 bucket.\nImprovements to sat bootsys The platform-services stage of the sat bootsys boot command has been improved to start inactive Ceph services, unfreeze Ceph, and wait for Ceph health in the correct order. The ceph-check stage has been removed as it is no longer needed.\nThe platform-services stage of sat bootsys boot now prompts for confirmation of the storage NCN hostnames in addition to the Kubernetes masters and workers.\nBug Fixes and Security Fixes Improved error handling in sat firmware. Incremented version of Alpine Linux to 3.13.2 to address a security vulnerability. Other Notable Changes Ansible has been removed from the cray-sat container image. Support for the Firmware Update Service (FUS) has been removed from the sat firmware command. Summary of SAT Changes in Shasta v1.4.1 We released version 2.0.4 of the SAT product in Shasta v1.4.1.\nThis version of the SAT product included:\nVersion 3.5.0 of the sat python package and CLI. Version 1.4.3 of the sat-podman wrapper script. The following sections detail the changes in this release.\nNew Commands to Translate Between NIDs and XNames Two new commands were added to translate between NIDs and XNames:\nsat nid2xname sat xname2nid These commands perform this translation by making requests to the Hardware State Manager (HSM) API.\nBug Fixes Fixed a problem in sat swap where creating the offline port policy failed. Changed sat bootsys shutdown --stage bos-operations to no longer forcefully power off all compute nodes and application nodes using CAPMC when BOS sessions complete or time out. Fixed an issue with the command sat bootsys boot --stage cabinet-power. Summary of SAT Changes in Shasta v1.4 In Shasta v1.4, SAT became an independent product, which meant we began to designate a version number for the entire SAT product. We released version 2.0.3 of the SAT product in Shasta v1.4.\nThis version of the SAT product included the following components:\nVersion 3.4.0 of the sat python package and CLI It also added the following new component:\nVersion 1.4.2 of the sat-podman wrapper script The following sections detail the changes in this release.\nSAT as an Independent Product SAT is now packaged and released as an independent product. The product deliverable is called a \u0026ldquo;release distribution\u0026rdquo;. The release distribution is a gzipped tar file containing an install script. This install script loads the cray/cray-sat container image into the Docker registry in Nexus and loads the cray-sat-podman RPM into a package repository in Nexus.\nIn this release, the cray-sat-podman package is still installed in the master and worker NCN images provided by CSM. This is changed in SAT 2.1.16 released in Shasta v1.5.\nSAT Running in a Container Under Podman The sat command now runs in a container under Podman. The sat executable is now installed on all nodes in the Kubernetes management cluster (workers and masters). This executable is a wrapper script that starts a SAT container in Podman and invokes the sat Python CLI within that container. The admin can run individual sat commands directly on the master or worker NCNs as before, or they can run sat commands inside the SAT container after using sat bash to enter an interactive shell inside the SAT container.\nTo view man pages for sat commands, the user can run sat-man SAT_COMMAND, replacing SAT_COMMAND with the name of the sat command. Alternatively, the user can enter the sat container with sat bash and use the man command.\nNew sat init Command and Config File Location Change The default location of the SAT config file has been changed from /etc/sat.toml to ~/.config/sat/sat.toml. A new command, sat init, has been added that initializes a configuration file in the new default directory. This better supports individual users on the system who want their own config files.\n~/.config/sat is mounted into the container that runs under Podman, so changes are persistent across invocations of the sat container. If desired, an alternate configuration directory can be specified with the SAT_CONFIG_DIR environment variable.\nAdditionally, if a config file does not yet exist when a user runs a sat command, one is generated automatically.\nAdditional Types Added to sat hwinv Additional functionality has been added to sat hwinv including:\nList node enclosure power supplies with the --list-node-enclosure-power-supplies option. List node accelerators (for example, GPUs) with the --list-node-accels option. The count of node accelerators is also included for each node. List node accelerator risers (for example, Redstone modules) with the --list-node-accel-risers option. The count of node accelerator risers is also included for each node. List High-Speed Node Network Interface Cards (HSN NICs) with the --list-node-hsn-nics option. The count of HSN NICs is also included for each node. Documentation for these new options has been added to the man page for sat hwinv.\nSite Information Stored by sat setrev in S3 The sat setrev and sat showrev commands now use S3 to store and obtain site information, including system name, site name, serial number, install date, and system type. Since the information is stored in S3, it will now be consistent regardless of the node on which sat is executed.\nAs a result of this change, S3 credentials must be configured for SAT. For more information, see Generate SAT S3 Credentials.\nProduct Version Information Shown by sat showrev sat showrev now shows product information from the cray-product-catalog ConfigMap in Kubernetes.\nAdditional Changes to sat showrev The output from sat showrev has also been changed in the following ways:\nThe --docker and --packages options were considered misleading and have been removed. Information pertaining to only to the local host, where the command is run, has been moved to the output of the --local option. Removal of sat cablecheck The sat cablecheck command has been removed. To verify that the system\u0026rsquo;s Slingshot network is cabled correctly, admins should now use the show cables command in the Slingshot Topology Tool (STT).\nsat swap Command Compatibility with Next-gen Fabric Controller The sat swap command was added in Shasta v1.3.2. This command used the Fabric Controller API. Shasta v1.4 introduced a new Fabric Manager API and removed the Fabric Controller API, so this command has been rewritten to use the new backwards-incompatible API. Usage of the command did not change.\nsat bootsys Functionality Much of the functionality added to sat bootsys in Shasta v1.3.2 was broken by changes introduced in Shasta v1.4, which removed the Ansible inventory and playbooks.\nThe functionality in the platform-services stage of sat bootsys has been re-implemented to use python directly instead of Ansible. This resulted in a more robust procedure with better logging to the sat log file. Failures to stop containers on Kubernetes nodes are handled more gracefully, and more information about the containers that failed to stop, including how to debug the problem, is included.\nImprovements were made to console logging setup for non-compute nodes (NCNs) when they are shut down and booted.\nThe following improvements were made to the bos-operations stage of sat bootsys:\nMore information about the BOS sessions, BOA jobs, and BOA pods is printed. A command-line option, --bos-templates, and a corresponding config-file option, bos_templates, were added, and the --cle-bos-template and --uan-bos-template options and their corresponding config file options were deprecated. The following functionality has been removed from sat bootsys:\nThe hsn-bringup stage of sat bootsys boot has been removed due to removal of the underlying Ansible playbook. The bgp-check stage of sat bootys {boot,shutdown} has been removed. It is now a manual procedure. Log File Location Change The location of the sat log file has changed from /var/log/cray/sat.log to /var/log/cray/sat/sat.log. This change simplifies mounting this file into the sat container running under Podman.\nSummary of SAT Changes in Shasta v1.3.2 Shasta v1.3.2 included version 2.4.0 of the sat python package and CLI.\nThe following sections detail the changes in this release.\nsat swap Command for Switch and Cable Replacement The sat switch command which supported operations for replacing a switch has been deprecated and replaced with the sat swap command, which now supports replacing a switch OR cable.\nThe sat swap switch command is equivalent to sat switch. The sat switch command will be removed in a future release.\nAddition of Stages to sat bootsys Command The sat bootsys command now has multiple stages for both the boot and shutdown actions. Please refer to the \u0026ldquo;System Power On Procedures\u0026rdquo; and \u0026ldquo;System Power Off Procedures\u0026rdquo; sections of the Cray Shasta Administration Guide (S-8001) for more details on using this command in the context of a full system power off and power on.\nSummary of SAT Changes in Shasta v1.3 Shasta v1.3 included version 2.2.3 of the sat python package and CLI.\nThis version of the sat CLI contained the following commands:\nauth bootsys cablecheck diag firmware hwinv hwmatch k8s linkhealth sensors setrev showrev status swap switch For more information on each of these commands, see the System Admin Toolkit Command Overview and the table of commands in the SAT Authentication section of this document.\n" +}, +{ + "uri": "/docs-sat/en-24/categories/", + "title": "Categories", + "tags": [], + "description": "", + "content": "" +}, +{ + "uri": "/docs-sat/en-24/tags/", + "title": "Tags", + "tags": [], + "description": "", + "content": "" +}] \ No newline at end of file diff --git a/en-24/index.xml b/en-24/index.xml new file mode 100644 index 0000000000..0a4f52069d --- /dev/null +++ b/en-24/index.xml @@ -0,0 +1,68 @@ + + + + HPE Cray EX System Admin Toolkit (SAT) Guide on System Admin Toolkit (SAT) + /docs-sat/en-24/ + Recent content in HPE Cray EX System Admin Toolkit (SAT) Guide on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-24 + Wed, 11 Dec 2024 03:40:00 +0000 + + + SAT Installation + /docs-sat/en-24/install/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-24/install/ + SAT Installation Install the System Admin Toolkit Product Stream Describes how to install or upgrade the System Admin Toolkit (SAT) product stream. Prerequisites CSM is installed and verified. There must be at least 2 gigabytes of free space on the manager NCN on which the procedure is run. Notes on the Procedures Ellipses (...) in shell output indicate omitted lines. In the examples below, replace x.y.z with the version of the SAT product stream being installed. + + + Change the BOS Version + /docs-sat/en-24/usage/change_bos_version/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-24/usage/change_bos_version/ + Change the BOS Version By default, SAT uses Boot Orchestration Service (BOS) version one. You can select the BOS version to use for individual commands with the --bos-version option. For more information on this option, refer to the man page for a specific command. You can also configure the BOS version to use in the SAT config file. Do this under the api_version setting in the bos section of the config file. + + + Introduction to SAT + /docs-sat/en-24/introduction/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-24/introduction/ + Introduction to SAT About System Admin Toolkit (SAT) The System Admin Toolkit (SAT) is designed to assist administrators with common tasks, such as troubleshooting and querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components. SAT offers a command line utility which uses subcommands. There are similarities between SAT commands and xt commands used on the Cray XC platform. For more information on SAT commands, see System Admin Toolkit Command Overview. + + + SAT Grafana Dashboards + /docs-sat/en-24/dashboards/sat_grafana_dashboards/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-24/dashboards/sat_grafana_dashboards/ + SAT Grafana Dashboards The SAT Grafana Dashboards display messages that are generated by the HSN (High Speed Network) and reported through Redfish. The messages are displayed based on severity. Grafana can be accessed via web browser at the following URL: https://sma-grafana.cmn.&lt;site-domain&gt; The value of site-domain can be obtained as follows: ncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath=&#39;{.data.customizations\.yaml}&#39; | \ base64 -d | grep &#34;external:&#34; That command will produce the following output, for example: + + + SAT Upgrade with CNE Installer + /docs-sat/en-24/cne_install/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-24/cne_install/ + SAT Upgrade with CNE Installer Upgrade the System Admin Toolkit Product Stream Describes how to upgrade the System Admin Toolkit (SAT) product stream by using the Compute Node Environment (CNE) installer (cne-install). The CNE installer can be used only for upgrades and not for fresh installations. For installation instructions, see Install the System Admin Toolkit Product Stream. Upgrading SAT with cne-install is recommended because the process is both automated and logged to help you save time. + + + SAT Bootprep + /docs-sat/en-24/usage/sat_bootprep/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-24/usage/sat_bootprep/ + SAT Bootprep SAT provides an automated solution for creating CFS configurations, building and configuring images in IMS, and creating BOS session templates based on a given input file which defines how those configurations, images, and session templates should be created. This automated process centers around the sat bootprep command. Man page documentation for sat bootprep can be viewed similarly to other SAT commands. ncn-m001# sat-man sat-bootprep SAT Bootprep vs SAT Bootsys sat bootprep is used to create CFS configurations, build and rename IMS images, and create BOS session templates which tie the configurations and images together during a BOS session. + + + SAT Kibana Dashboards + /docs-sat/en-24/dashboards/sat_kibana_dashboards/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-24/dashboards/sat_kibana_dashboards/ + SAT Kibana Dashboards Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored in Elasticsearch indices. Kibana runs as a web service and has a browser-based interface. It offers visual output of node data in the forms of charts, tables and maps that display real-time Elasticsearch queries. Viewing system data in this way breaks down the complexity of large data volumes into easily understood information. + + + SAT Release Notes + /docs-sat/en-24/release_notes/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-24/release_notes/ + SAT Release Notes Summary of Changes in SAT 2.4 The 2.4.13 version of the SAT product includes: Version 3.19.3 of the sat python package and CLI. Version 2.0.0-1 of the sat-podman wrapper script. Version 1.5.5 of the sat-install-utility container image. Version 3.3.1 of the cfs-config-util container image. Because of installation refactoring efforts, the following two components are no longer delivered with SAT: sat-cfs-install container image sat-cfs-install Helm chart Inclusion of SAT in CSM A version of the cray-sat container image is now included in CSM. + + + diff --git a/en-24/install/index.html b/en-24/install/index.html new file mode 100644 index 0000000000..420af9130e --- /dev/null +++ b/en-24/install/index.html @@ -0,0 +1,1836 @@ + + + + + + + + + + + + SAT Installation :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+ +
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Installation

+

Install the System Admin Toolkit Product Stream

+

Describes how to install or upgrade the System Admin Toolkit (SAT) product +stream.

+

Prerequisites

+
    +
  • CSM is installed and verified.
    • +
  • There must be at least 2 gigabytes of free space on the manager NCN on which the +procedure is run.
    • +
+

Notes on the Procedures

+
    +
  • +

    Ellipses (...) in shell output indicate omitted lines.

    +
    • +
  • +

    In the examples below, replace x.y.z with the version of the SAT product stream +being installed.

    +
    • +
  • +

    ‘manager’ and ‘master’ are used interchangeably in the steps below.

    +
    • +
  • +

    To upgrade SAT, execute the pre-installation, installation, and post-installation +procedures for a newer distribution. The newly installed version will become +the default.

    +

    In SAT 2.4, you can instead upgrade the product stream by using the +Compute Node Environment (CNE) installer. It is recommended that you upgrade +SAT with the CNE installer because the process is both automated and logged +to help you save time. For more information, see +SAT Upgrade with CNE Installer.

    +
    • +
+

Pre-Installation Procedure

+
    +
  1. +

    Start a typescript and set the shell prompt.

    +

    The typescript will record the commands and the output from this installation. +The prompt is set to include the date and time.

    +
    ncn-m001# script -af product-sat.$(date +%Y-%m-%d).txt
+ncn-m001# export PS1='\u@\H \D{%Y-%m-%d} \t \w # '
+
    2. +
+

Installation Procedure

+
    +
  1. +

    Copy the release distribution gzipped tar file to ncn-m001.

    +
    2. +
  2. +

    Unzip and extract the release distribution.

    +
    ncn-m001# tar -xvzf sat-x.y.z.tar.gz
+
    3. +
  3. +

    Change directory to the extracted release distribution directory.

    +
    ncn-m001# cd sat-x.y.z
+
    4. +
  4. +

    Run the installer: install.sh.

    +

    The script produces a lot of output. A successful install ends with “SAT +version x.y.z has been installed”, where x.y.z is the SAT product version.

    +
    ncn-m001# ./install.sh
+====> Installing System Admin Toolkit version x.y.z
+...
+====> Waiting 300 seconds for sat-config-import-x.y.z to complete
+...
+====> SAT version x.y.z has been installed.
+
    5. +
  5. +

    Optional: Stop the typescript.

    +

    NOTE: This step can be skipped if you wish to use the same typescript +for the remainder of the SAT install (see Next Steps).

    +
    ncn-m001# exit
+
    6. +
+

SAT version x.y.z is now installed/upgraded, meaning the SAT x.y.z release +has been loaded into the system software repository.

+
    +
  • SAT configuration content for this release has been uploaded to VCS.
    • +
  • SAT content for this release has been uploaded to the CSM product catalog.
    • +
  • SAT content for this release has been uploaded to Nexus repositories.
    • +
  • The sat command won’t be available until the NCN Personalization +procedure has been executed.
    • +
+

Next Steps

+

If other HPE Cray EX software products are being installed or upgraded in conjunction +with SAT, refer to the HPE Cray EX System Software Getting Started Guide +(S-8000) to determine which step to +execute next.

+

If no other HPE Cray EX software products are being installed or upgraded at this time, +proceed to the sections listed below.

+

NOTE: The procedures in Configure SAT are only required during the +first installation of SAT. However, the NCN Personalization procedure +is required both when installing and upgrading SAT.

+

If performing a fresh install, execute the Configure SAT procedures:

+ +

Execute the NCN Personalization procedure:

+ +

If performing an upgrade, execute the SAT Post-Upgrade procedures:

+ +

NOTE: The Set System Revision Information procedure is not required +after upgrading from SAT 2.1 or later.

+

Configure SAT

+

SAT Authentication

+

Initially, as part of the installation and configuration, SAT authentication is set up so SAT commands can be used in +later steps of the install process. The admin account used to authenticate with sat auth must be enabled in +Keycloak and must have its assigned role set to admin. For instructions on editing Role Mappings see +Create Internal User Accounts in the Keycloak Shasta Realm in the CSM product documentation. +For additional information on SAT authentication, see System Security and Authentication in the CSM +documentation.

+

NOTE: This procedure is only required after initially installing SAT. It is not +required after upgrading SAT.

+

Description of SAT Command Authentication Types

+

Some SAT subcommands make requests to the Shasta services through the API gateway and thus require authentication to +the API gateway in order to function. Other SAT subcommands use the Kubernetes API. Some sat commands require S3 to +be configured (see: Generate SAT S3 Credentials). In order to use the SAT S3 bucket, +the System Administrator must generate the S3 access key and secret keys and write them to a local file. This must be +done on every Kubernetes manager node where SAT commands are run.

+

Below is a table describing SAT commands and the types of authentication they require.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
SAT SubcommandAuthentication/Credentials RequiredMan PageDescription
sat authResponsible for authenticating to the API gateway and storing a token.sat-authAuthenticate to the API gateway and save the token.
sat bmccredsRequires authentication to the API gateway.sat-bmccredsSet BMC passwords.
sat bootprepRequires authentication to the API gateway. Requires Kubernetes configuration and authentication, which is done on ncn-m001 during the install.sat-bootprepPrepare to boot nodes with images and configurations.
sat bootsysRequires authentication to the API gateway. Requires Kubernetes configuration and authentication, which is configured on ncn-m001 during the install. Some stages require passwordless SSH to be configured to all other NCNs. Requires S3 to be configured for some stages.sat-bootsysBoot or shutdown the system, including compute nodes, application nodes, and non-compute nodes (NCNs) running the management software.
sat diagRequires authentication to the API gateway.sat-diagLaunch diagnostics on the HSN switches and generate a report.
sat firmwareRequires authentication to the API gateway.sat-firmwareReport firmware version.
sat hwhistRequires authentication to the API gateway.sat-hwhistReport hardware component history.
sat hwinvRequires authentication to the API gateway.sat-hwinvGive a listing of the hardware of the HPE Cray EX system.
sat hwmatchRequires authentication to the API gateway.sat-hwmatchReport hardware mismatches.
sat initNonesat-initCreate a default SAT configuration file.
sat k8sRequires Kubernetes configuration and authentication, which is automatically configured on ncn-m001 during the install.sat-k8sReport on Kubernetes replica sets that have co-located (on the same node) replicas.
sat linkhealthThis command has been deprecated.
sat nid2xnameRequires authentication to the API gateway.sat-nid2xnameTranslate node IDs to node XNames.
sat sensorsRequires authentication to the API gateway.sat-sensorsReport current sensor data.
sat setrevRequires S3 to be configured for site information such as system name, serial number, install date, and site name.sat-setrevSet HPE Cray EX system revision information.
sat showrevRequires API gateway authentication in order to query the Interconnect from HSM. Requires S3 to be configured for site information such as system name, serial number, install date, and site name.sat-showrevPrint revision information for the HPE Cray EX system.
sat slscheckRequires authentication to the API gateway.sat-slscheckPerform a cross-check between SLS and HSM.
sat statusRequires authentication to the API gateway.sat-statusReport node status across the HPE Cray EX system.
sat swapRequires authentication to the API gateway.sat-swapPrepare HSN switch or cable for replacement and bring HSN switch or cable into service.
sat xname2nidRequires authentication to the API gateway.sat-xname2nidTranslate node and node BMC XNames to node IDs.
sat switchThis command has been deprecated. It has been replaced by sat swap.
+

In order to authenticate to the API gateway, you must run the sat auth command. This command will prompt for a password +on the command line. The username value is obtained from the following locations, in order of higher precedence to lower +precedence:

+
    +
  • The --username global command-line option.
    • +
  • The username option in the api_gateway section of the config file at ~/.config/sat/sat.toml.
    • +
  • The name of currently logged in user running the sat command.
    • +
+

If credentials are entered correctly when prompted by sat auth, a token file will be obtained and saved to +~/.config/sat/tokens. Subsequent sat commands will determine the username the same way as sat auth described above, +and will use the token for that username if it has been obtained and saved by sat auth.

+

Prerequisites

+ +

Procedure

+

The following is the procedure to globally configure the username used by SAT and authenticate to the API gateway:

+
    +
  1. +

    Generate a default SAT configuration file, if one does not exist.

    +
    ncn-m001# sat init
+Configuration file "/root/.config/sat/sat.toml" generated.
+

    Note: If the config file already exists, it will print out an error:

    +
    ERROR: Configuration file "/root/.config/sat/sat.toml" already exists.
+Not generating configuration file.
+
    2. +
  2. +

    Edit ~/.config/sat/sat.toml and set the username option in the api_gateway section of the config file. For +example:

    +
    username = "crayadmin"
+
    3. +
  3. +

    Run sat auth. Enter your password when prompted. For example:

    +
    ncn-m001# sat auth
+Password for crayadmin:
+Succeeded!
+
    4. +
  4. +

    Other sat commands are now authenticated to make requests to the API gateway. For example:

    +
    ncn-m001# sat status
+
    5. +
+

Generate SAT S3 Credentials

+

Generate S3 credentials and write them to a local file so the SAT user can access S3 storage. In order to use the SAT +S3 bucket, the System Administrator must generate the S3 access key and secret keys and write them to a local file. +This must be done on every Kubernetes master node where SAT commands are run.

+

SAT uses S3 storage for several purposes, most importantly to store the site-specific information set with sat setrev +(see: Set System Revision Information).

+

NOTE: This procedure is only required after initially installing SAT. It is not +required after upgrading SAT.

+

Prerequisites

+ +

Procedure

+
    +
  1. +

    Ensure the files are readable only by root.

    +
    ncn-m001# touch /root/.config/sat/s3_access_key \
+    /root/.config/sat/s3_secret_key
+
    ncn-m001# chmod 600 /root/.config/sat/s3_access_key \
+    /root/.config/sat/s3_secret_key
+
    2. +
  2. +

    Write the credentials to local files using kubectl.

    +
    ncn-m001# kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.access_key}' | base64 -d > \
+    /root/.config/sat/s3_access_key
+
    ncn-m001# kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.secret_key}' | base64 -d > \
+    /root/.config/sat/s3_secret_key
+
    3. +
  3. +

    Verify the S3 endpoint specified in the SAT configuration file is correct.

    +
      +
    1. +

      Get the SAT configuration file’s endpoint value.

      +

      NOTE: If the command’s output is commented out, indicated by an initial # +character, the SAT configuration will take the default value – "https://rgw-vip.nmn".

      +
      ncn-m001# grep endpoint ~/.config/sat/sat.toml
+# endpoint = "https://rgw-vip.nmn"
+
      2. +
    2. +

      Get the sat-s3-credentials secret’s endpoint value.

      +
      ncn-m001# kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.s3_endpoint}' | base64 -d | xargs
+https://rgw-vip.nmn
+
      3. +
    3. +

      Compare the two endpoint values.

      +

      If the values differ, change the SAT configuration file’s endpoint value to match the secret’s.

      +
      4. +
    +
    4. +
  4. +

    Copy SAT configurations to each manager node on the system.

    +
    ncn-m001# for i in ncn-m002 ncn-m003; do echo $i; ssh ${i} \
+    mkdir -p /root/.config/sat; \
+    scp -pr /root/.config/sat ${i}:/root/.config; done
+

    NOTE: Depending on how many manager nodes are on the system, the list of manager nodes may +be different. This example assumes three manager nodes, where the configuration files must be +copied from ncn-m001 to ncn-m002 and ncn-m003. Therefore, the list of hosts above is +ncn-m002 and ncn-m003.

    +
    5. +
+

Set System Revision Information

+

HPE service representatives use system revision information data to identify +systems in support cases.

+

Prerequisites

+ +

Notes on the Procedure

+
    +
  • This procedure is required after a fresh install of SAT.
    • +
  • After an upgrade of SAT, this procedure is not required if SAT was upgraded +from 2.1 (Shasta v1.5) or later. It is required if SAT was upgraded from +2.0 (Shasta v1.4) or earlier.
    • +
+

Procedure

+
    +
  1. +

    Set System Revision Information.

    +

    Run sat setrev and follow the prompts to set the following site-specific values:

    +
      +
    • Serial number
      • +
    • System name
      • +
    • System type
      • +
    • System description
      • +
    • Product number
      • +
    • Company name
      • +
    • Site name
      • +
    • Country code
      • +
    • System install date
      • +
    +

    TIP: For “System type”, a system with any liquid-cooled components should be +considered a liquid-cooled system. In other words, “System type” is EX-1C.

    +
    ncn-m001# sat setrev
+--------------------------------------------------------------------------------
+Setting:        Serial number
+Purpose:        System identification. This will affect how snapshots are
+                identified in the HPE backend services.
+Description:    This is the top-level serial number which uniquely identifies
+                the system. It can be requested from an HPE representative.
+Valid values:   Alpha-numeric string, 4 - 20 characters.
+Type:           <class 'str'>
+Default:        None
+Current value:  None
+--------------------------------------------------------------------------------
+Please do one of the following to set the value of the above setting:
+    - Input a new value
+    - Press CTRL-C to exit
+...
+
    2. +
  2. +

    Verify System Revision Information.

    +

    Run sat showrev and verify the output shown in the “System Revision Information table.”

    +

    The following example shows sample table output.

    +
    ncn-m001# sat showrev
+################################################################################
+System Revision Information
+################################################################################
++---------------------+---------------+
+| component           | data          |
++---------------------+---------------+
+| Company name        | HPE           |
+| Country code        | US            |
+| Interconnect        | Sling         |
+| Product number      | R4K98A        |
+| Serial number       | 12345         |
+| Site name           | HPE           |
+| Slurm version       | slurm 20.02.5 |
+| System description  | Test System   |
+| System install date | 2021-01-29    |
+| System name         | eniac         |
+| System type         | EX-1C         |
++---------------------+---------------+
+################################################################################
+Product Revision Information
+################################################################################
++--------------+-----------------+------------------------------+------------------------------+
+| product_name | product_version | images                       | image_recipes                |
++--------------+-----------------+------------------------------+------------------------------+
+| csm          | 0.8.14          | cray-shasta-csm-sles15sp1... | cray-shasta-csm-sles15sp1... |
+| sat          | 2.0.1           | -                            | -                            |
+| sdu          | 1.0.8           | -                            | -                            |
+| slingshot    | 0.8.0           | -                            | -                            |
+| sma          | 1.4.12          | -                            | -                            |
++--------------+-----------------+------------------------------+------------------------------+
+################################################################################
+Local Host Operating System
+################################################################################
++-----------+----------------------+
+| component | version              |
++-----------+----------------------+
+| Kernel    | 5.3.18-24.15-default |
+| SLES      | SLES 15-SP2          |
++-----------+----------------------+
+
    3. +
+

Perform NCN Personalization

+

A new CFS configuration layer must be added to the CFS configuration used on +management NCNs. It is required following SAT installation and configuration. +This procedure describes how to add that layer.

+

Prerequisites

+ +

Notes on the Procedure

+
    +
  • Ellipses (...) in shell output indicate omitted lines.
    • +
  • In the examples below, replace x.y.z with the version of the SAT product stream +being installed.
    • +
  • ‘manager’ and ‘master’ are used interchangeably in the steps below.
    • +
  • If upgrading SAT, the existing configuration will likely include other Cray EX product +entries. Update the SAT entry as described in this procedure. The HPE Cray EX System +Software Getting Started Guide (S-8000) +provides guidance on how and when to update the entries for the other products.
    • +
+

Pre-NCN-Personalization Procedure

+
    +
  1. +

    Start a typescript if not already using one, and set the shell prompt.

    +

    The typescript will record the commands and the output from this installation. +The prompt is set to include the date and time.

    +
    ncn-m001# script -af product-sat.$(date +%Y-%m-%d).txt
+ncn-m001# export PS1='\u@\H \D{%Y-%m-%d} \t \w # '
+
    2. +
+

Procedure to Update CFS Configuration

+

The SAT release distribution includes a script, update-mgmt-ncn-cfs-config.sh, +that updates a CFS configuration to include the SAT layer required to +install and configure SAT on the management NCNs.

+

The script supports modifying a named CFS configuration in CFS, a CFS +configuration defined in a JSON file, or the CFS configuration +currently applied to particular components in CFS.

+

The script also includes options for specifying:

+
    +
  • how the modified CFS configuration should be saved.
    • +
  • the git commit hash or branch specified in the SAT layer.
    • +
+

This procedure is split into three alternatives, which cover common use cases:

+ +

If none of these alternatives fit your use case, see Advanced Options for +Updating CFS Configurations.

+

Update Active CFS Configuration

+

Use this alternative if there is already a CFS configuration assigned to the +management NCNs and you would like to update it in place for the new version of +SAT.

+
    +
  1. +

    Run the script with the following options:

    +
    ncn-m001# ./update-mgmt-ncn-cfs-config.sh --base-query role=Management,type=Node --save
+
    2. +
  2. +

    Examine the output to ensure the CFS configuration was updated.

    +

    For example, if there is a single CFS configuration that applies to NCNs, and if +that configuration does not have a layer yet for any version of SAT, the +output will look like this:

    +
    ====> Updating CFS configuration(s)
+INFO: Querying CFS configurations for the following NCNs: x3000c0s1b0n0, ..., x3000c0s9b0n0
+INFO: Found configuration "ncn-personalization" for component x3000c0s1b0n0
+...
+INFO: Found configuration "ncn-personalization" for component x3000c0s9b0n0
+...
+INFO: No layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml found.
+INFO: Adding a layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml to the end.
+INFO: Successfully saved CFS configuration "ncn-personalization"
+INFO: Successfully saved 1 changed CFS configurations.
+====> Completed CFS configuration(s)
+====> Cleaning up install dependencies
+

    Alternatively, if the CFS configuration already contains a layer for +SAT that just needs to be updated, the output will look like this:

    +
    ====> Updating CFS configuration(s)
+INFO: Querying CFS configurations for the following NCNs: x3000c0s1b0n0, ..., x3000c0s9b0n0
+INFO: Found configuration "ncn-personalization" for component x3000c0s1b0n0
+...
+INFO: Found configuration "ncn-personalization" for component x3000c0s9b0n0
+...
+INFO: Updating existing layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml
+INFO: Property "commit" of layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml updated from 01ae28c92b9b4740e9e0e01ae01216c6c2d89a65 to bcbd6db0803cc4137c7558df9546b0faab303cbd
+INFO: Property "name" of layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml updated from sat-2.2.16 to sat-sat-ncn-bcbd6db-20220608T170152
+INFO: Successfully saved CFS configuration "ncn-personalization"
+INFO: Successfully saved 1 changed CFS configurations.
+====> Completed CFS configuration(s)
+====> Cleaning up install dependencies
+
    3. +
+

Update CFS Configuration in a JSON File

+

Use this alternative if you are constructing a new CFS configuration for +management NCNs in a JSON file.

+
    +
  1. +

    Run the script with the following options, where JSON_FILE is an +environment variable set to the path of the JSON file to modify:

    +
    ncn-m001# ./update-mgmt-ncn-cfs-config.sh --base-file $JSON_FILE --save
+
    2. +
  2. +

    Examine the output to ensure the JSON file was updated.

    +

    For example, if the configuration defined in the JSON file does not have a layer yet for any +version of SAT, the output will look like this:

    +
    ====> Updating CFS configuration(s)
+INFO: No layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml found.
+INFO: Adding a layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml to the end.
+INFO: Successfully saved 1 changed CFS configurations.
+====> Completed CFS configuration(s)
+====> Cleaning up install dependencies
+
    3. +
+

Update Existing CFS Configuration by Name

+

Use this alternative if you are updating a specific named CFS configuration. +This may be the case if you are constructing a new CFS configuration during an +install or upgrade of multiple products.

+
    +
  1. +

    Run the script with the following options, where CFS_CONFIG_NAME is an +environment variable set to the name of the CFS configuration to update.

    +
    ncn-m001# ./update-mgmt-ncn-cfs-config.sh --base-config $CFS_CONFIG_NAME --save
+
    2. +
  2. +

    Examine the output to ensure the CFS configuration was updated.

    +

    For example, if the CFS configuration does not have a layer yet for any version of SAT, +the output will look like this:

    +
    ====> Updating CFS configuration(s)
+INFO: No layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml found.
+INFO: Adding a layer with repo path /vcs/cray/sat-config-management.git and playbook sat-ncn.yml to the end.
+INFO: Successfully saved CFS configuration "CFS_CONFIG_NAME"
+INFO: Successfully saved 1 changed CFS configurations.
+====> Completed CFS configuration(s)
+====> Cleaning up install dependencies
+
    3. +
+

Advanced Options for Updating CFS Configurations

+

If none of the alternatives described in the previous sections apply, view the +full description of the options accepted by the update-mgmt-ncn-cfs-config.sh +script by invoking it with the --help option.

+
ncn-m001# ./update-mgmt-ncn-cfs-config.sh --help
+

Procedure to Apply CFS Configuration

+

After the CFS configuration that applies to management NCNs has been updated as +described in the Procedure to Update CFS Configuration, +execute the following steps to ensure the modified CFS configuration is re-applied to the management NCNs.

+
    +
  1. +

    Set an environment variable that refers to the name of the CFS configuration +to be applied to the management NCNs.

    +
    ncn-m001# export CFS_CONFIG_NAME="ncn-personalization"
+

    Note: If the Update Active CFS Configuration +section was followed above, the name of the updated CFS configuration will +have been logged in the following format. If multiple CFS configurations +were modified, any one of them can be used in this procedure.

    +
    INFO: Successfully saved CFS configuration "ncn-personalization"
+
    2. +
  2. +

    Obtain the name of the CFS configuration layer for SAT and save it in an +environment variable:

    +
    ncn-m001# export SAT_LAYER_NAME=$(cray cfs configurations describe $CFS_CONFIG_NAME --format json \
+    | jq -r '.layers | map(select(.cloneUrl | contains("sat-config-management.git")))[0].name')
+
    3. +
  3. +

    Create a CFS session that executes only the SAT layer of the given CFS +configuration.

    +

    The --configuration-limit option limits the configuration session to run +only the SAT layer of the configuration.

    +
    ncn-m001# cray cfs sessions create --name "sat-session-${CFS_CONFIG_NAME}" --configuration-name \
+    "${CFS_CONFIG_NAME}" --configuration-limit "${SAT_LAYER_NAME}"
+
    4. +
  4. +

    Monitor the progress of the CFS session.

    +

    Set an environment variable to name of the Ansible container within the pod +for the CFS session:

    +
    ncn-m001# export ANSIBLE_CONTAINER=$(kubectl get pod -n services \
+    --selector=cfsession=sat-session-${CFS_CONFIG_NAME} -o json \
+    -o json | jq -r '.items[0].spec.containers | map(select(.name | contains("ansible"))) | .[0].name')
+

    Next, get the logs for the Ansible container.

    +
    ncn-m001# kubectl logs -c $ANSIBLE_CONTAINER --tail 100 -f -n services \
+    --selector=cfsession=sat-session-${CFS_CONFIG_NAME}
+

    Ansible plays, which are run by the CFS session, will install SAT on all the +master management NCNs on the system. A summary of results can be found at +the end of the log output. The following example shows a successful session.

    +
    ...
+PLAY RECAP *********************************************************************
+x3000c0s1b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+x3000c0s3b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+x3000c0s5b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+

    NOTE: Ensure that the PLAY RECAPs for each session show successes for all +manager NCNs before proceeding.

    +
    5. +
  5. +

    Verify that SAT was successfully configured.

    +

    If sat is configured, the --version command will indicate which version +is installed. If sat is not properly configured, the command will fail.

    +

    NOTE: This version number will differ from the version number of the SAT +release distribution. This is the semantic version of the sat Python package, +which is different from the version number of the overall SAT release distribution.

    +
    ncn-m001# sat --version
+sat 3.7.0
+

    NOTE: Upon first running sat, you may see additional output while the sat +container image is downloaded. This will occur the first time sat is run on +each manager NCN. For example, if you run sat for the first time on ncn-m001 +and then for the first time on ncn-m002, you will see this additional output +both times.

    +
    Trying to pull registry.local/cray/cray-sat:3.7.0-20210514024359_9fed037...
+Getting image source signatures
+Copying blob da64e8df3afc done
+Copying blob 0f36fd81d583 done
+Copying blob 12527cf455ba done
+...
+sat 3.7.0
+
    6. +
  6. +

    Stop the typescript.

    +
    ncn-m001# exit
+
    7. +
+

SAT version x.y.z is now installed and configured:

+
    +
  • The SAT RPM package is installed on the associated NCNs.
    • +
+

Note on Procedure to Apply CFS Configuration

+

The previous procedure is not always necessary because the CFS Batcher service +automatically detects configuration changes and will automatically create new +sessions to apply configuration changes according to certain rules. For more +information on these rules, refer to Configuration Management with +the CFS Batcher in the Cray System Management Documentation.

+

The main scenario in which the CFS batcher will not automatically re-apply the +SAT layer is when the commit hash of the sat-config-management git repository +has not changed between SAT versions. The previous procedure ensures the +configuration is re-applied in all cases, and it is harmless if the batcher has +already applied an updated configuration.

+

Next Steps

+

At this point, the release distribution files can be removed from the system as +described in Post-Installation Cleanup Procedure.

+

If other HPE Cray EX software products are being installed or upgraded in conjunction +with SAT, refer to the HPE Cray EX System Software Getting Started Guide +(S-8000) to determine which step +to execute next.

+

If no other HPE Cray EX software products are being installed at this time, +the installation process is complete. If no other HPE Cray EX software products +are being upgraded at this time, proceed to the remaining SAT Post-Upgrade +procedures:

+ +

NOTE: The Set System Revision Information procedure is not required after upgrading from SAT 2.1 or later.

+

Post-Installation Cleanup Procedure

+
    +
  1. +

    Optional: Remove the SAT release distribution tar file and extracted directory.

    +
    ncn-m001# rm sat-x.y.z.tar.gz
+ncn-m001# rm -rf sat-x.y.z/
+
    2. +
+

SAT Post-Upgrade

+

Remove Obsolete Configuration File Sections

+

Prerequisites

+ +

Procedure

+

After upgrading SAT, if using the configuration file from a previous version, there may be +configuration file sections no longer used in the new version. For example, when upgrading +from Shasta 1.4 to Shasta 1.5, the [redfish] configuration file section is no longer used. +In that case, the following warning may appear upon running sat commands.

+
WARNING: Ignoring unknown section 'redfish' in config file.
+

Remove the [redfish] section from /root/.config/sat/sat.toml to resolve the warning.

+
[redfish]
+username = "admin"
+password = "adminpass"
+

Repeat this process for any configuration file sections for which there are “unknown section” warnings.

+

SAT Logging

+

As of SAT version 2.2, some command output that was previously printed to stdout +is now logged to stderr. These messages are logged at the INFO level. The +default logging threshold was changed from WARNING to INFO to accommodate +this logging change. Additionally, some messages previously logged at the INFO +are now logged at the DEBUG level.

+

These changes take effect automatically. However, if the default output threshold +has been manually set in ~/.config/sat/sat.toml, it should be changed to ensure +that important output is shown in the terminal.

+

Update Configuration

+

In the following example, the stderr log level, logging.stderr_level, is set to +WARNING, which will exclude INFO-level logging from terminal output.

+
ncn-m001:~ # grep -A 3 logging ~/.config/sat/sat.toml
+[logging]
+...
+stderr_level = "WARNING"
+

To enable the new default behavior, comment this line out, delete it, or set +the value to “INFO”.

+

If logging.stderr_level is commented out, its value will not affect logging +behavior. However, it may be helpful set its value to INFO as a reminder of +the new default behavior.

+

Affected Commands

+

The following commands trigger messages that have been changed from stdout +print calls to INFO-level (or WARNING- or ERROR-level) log messages:

+
    +
  • sat bootsys --stage shutdown --stage session-checks
    • +
  • sat sensors
    • +
+

The following commands trigger messages that have been changed from INFO-level +log messages to DEBUG-level log messages:

+
    +
  • sat nid2xname
    • +
  • sat xname2nid
    • +
  • sat swap
    • +
+

SAT Uninstall and Downgrade

+

Uninstall: Removing a Version of SAT

+

This procedure can be used to uninstall a version of SAT.

+

Prerequisites

+
    +
  • Only versions 2.2 or newer of SAT can be uninstalled with prodmgr.
    • +
  • CSM version 1.2 or newer must be installed, so that the prodmgr command is available.
    • +
+

Procedure

+
    +
  1. +

    Use sat showrev to list versions of SAT.

    +

    NOTE: It is not recommended to uninstall a version designated as “active”. +If the active version is uninstalled, then the activate procedure must be executed +on a remaining version.

    +
    ncn-m001# sat showrev --products --filter product_name=sat
+###############################################################################
+Product Revision Information
+###############################################################################
++--------------+-----------------+--------+-------------------+-----------------------+
+| product_name | product_version | active | images            | image_recipes         |
++--------------+-----------------+--------+-------------------+-----------------------+
+| sat          | 2.3.3           | True   | -                 | -                     |
+| sat          | 2.2.10          | False  | -                 | -                     |
++--------------+-----------------+--------+-------------------+-----------------------+
+
    2. +
  2. +

    Use prodmgr to uninstall a version of SAT.

    +

    This command will do three things:

    +
      +
    • Remove all hosted-type package repositories associated with the given version of SAT. Group-type +repositories are not removed.
      • +
    • Remove all container images associated with the given version of SAT.
      • +
    • Remove SAT from the cray-product-catalog Kubernetes ConfigMap, so that it will no longer show up +in the output of sat showrev.
      • +
    +
    ncn-m001# prodmgr uninstall sat 2.2.10
+Repository sat-2.2.10-sle-15sp2 has been removed.
+Removed Docker image cray/cray-sat:3.9.0
+Removed Docker image cray/sat-cfs-install:1.0.2
+Removed Docker image cray/sat-install-utility:1.4.0
+Deleted sat-2.2.10 from product catalog.
+
    3. +
+

Activate: Switching Between Versions

+

This procedure can be used to downgrade the active version of SAT.

+

Prerequisites

+
    +
  • Only versions 2.2 or newer of SAT can be activated. Older versions must be activated manually.
    • +
  • CSM version 1.2 or newer must be installed, so that the prodmgr command is available.
    • +
+

Procedure

+
    +
  1. +

    Use sat showrev to list versions of SAT.

    +
    ncn-m001# sat showrev --products --filter product_name=sat
+###############################################################################
+Product Revision Information
+###############################################################################
++--------------+-----------------+--------+--------------------+-----------------------+
+| product_name | product_version | active | images             | image_recipes         |
++--------------+-----------------+--------+--------------------+-----------------------+
+| sat          | 2.3.3           | True   | -                  | -                     |
+| sat          | 2.2.10          | False  | -                  | -                     |
++--------------+-----------------+--------+--------------------+-----------------------+
+
    2. +
  2. +

    Use prodmgr to activate a different version of SAT.

    +

    This command will do three things:

    +
      +
    • For all hosted-type package repositories associated with this version of SAT, set them as the sole member +of their corresponding group-type repository. For example, activating SAT version 2.2.10 +sets the repository sat-2.2.10-sle-15sp2 as the only member of the sat-sle-15sp2 group.
      • +
    • Set the version 2.2.10 as active within the product catalog, so that it appears active in the output of +sat showrev.
      • +
    • Ensure that the SAT CFS configuration content exists as a layer in all CFS configurations that are +associated with NCNs with the role “Management” and subrole “Master” (for example, the CFS configuration +ncn-personalization). Specifically, it will ensure that the layer refers to the version of SAT CFS +configuration content associated with the version of SAT being activated.
      • +
    +
    ncn-m001# prodmgr activate sat 2.2.10
+Repository sat-2.2.10-sle-15sp2 is now the default in sat-sle-15sp2.
+Set sat-2.2.10 as active in product catalog.
+Updated CFS configurations: [ncn-personalization]
+
    3. +
  3. +

    Verify that the chosen version is marked as active.

    +
    ncn-m001# sat showrev --products --filter product_name=sat
+###############################################################################
+Product Revision Information
+###############################################################################
++--------------+-----------------+--------+--------------------+-----------------------+
+| product_name | product_version | active | images             | image_recipes         |
++--------------+-----------------+--------+--------------------+-----------------------+
+| sat          | 2.3.3           | False  | -                  | -                     |
+| sat          | 2.2.10          | True   | -                  | -                     |
++--------------+-----------------+--------+--------------------+-----------------------+
+
    4. +
  4. +

    Apply the modified CFS configuration to the management NCNs.

    +

    At this point, Nexus package repositories have been modified to set a +particular package repository as active, but the SAT package may not have +been updated on management NCNs.

    +

    To ensure that management NCNs have been updated to use the active SAT +version, follow the Procedure to Apply CFS Configuration. +Refer to the output from the prodmgr activate command to find the name of +the modified CFS configuration. If more than one CFS configuration was +modified, use the first one.

    +
    5. +
+

Optional: Installing and Configuring SAT on an External System

+

SAT can optionally be installed and configured on an external system to interact with CSM over the CAN.

+

Limitations

+

Most SAT subcommands work by accessing APIs which are reachable via the CAN. However, certain SAT commands depend on +host-based functionality on the management NCNs and will not work from an external system. This includes the following:

+
    +
  • The platform-services and ncn-power stages of sat bootsys
    • +
  • The local host information displayed by the --local option of sat showrev
    • +
+

Installing SAT on an external system is not an officially supported configuration. These instructions are provided +“as-is” with the hope that they can useful for users who desire additional flexibility.

+

Certain additional steps may need to be taken to install and configure SAT depending on the configuration of the +external system in use. These additional steps may include provisioning virtual machines, installing packages, or +configuring TLS certificates, and these steps are outside the scope of this documentation. This section covers only the +steps needed to configure SAT to use externally-accessible API endpoints exposed by CSM.

+

Prerequisites

+
    +
  • The external system must be on the Customer Access Network (CAN).
    • +
  • Python 3.7 or newer is installed on the system.
    • +
  • kubectl, openssh, git, and curl are installed on the external system.
    • +
  • The root CA certificates used when installing CSM have been added to the external system’s trust store such that +authenticated TLS connections can be made to the CSM REST API gateway. For more information, refer to Certificate +Authority in the Cray System Management Documentation.
    • +
+

Procedure

+
    +
  1. +

    Create a Python virtual environment.

    +
    $ SAT_VENV_PATH="$(pwd)/venv"
+$ python3 -m venv ${SAT_VENV_PATH}
+$ . ${SAT_VENV_PATH}/bin/activate
+
    2. +
  2. +

    Clone the SAT source code.

    +

    Note: To use SAT version 3.19, this example clones the release/3.19 branch of +Cray-HPE/sat. However, for better clarity, these instructions include steps that apply only to +versions newer than 3.19. Specifically, the instructions include references to the +csm-api-client package, which was not a dependency of SAT in version 3.19.

    +
    (venv) $ git clone --branch=release/3.19 https://github.com/Cray-HPE/sat.git
+
    3. +
  3. +

    Set up the SAT CSM Python dependencies to be installed from their source code.

    +

    SAT CSM Python dependency packages are not currently distributed publicly as +source packages or binary distributions. They must be installed from +their source code hosted on GitHub. Also, to install the cray-product-catalog +Python package, you must first clone it locally. Use the following steps to +modify the SAT CSM Python dependencies so they can be installed from their source code.

    +
      +
    1. +

      Clone the source code for cray-product-catalog.

      +
      (venv) $ git clone --branch v1.6.0 https://github.com/Cray-HPE/cray-product-catalog
+
      2. +
    2. +

      In the cray-product-catalog directory, create a file named .version +that contains the version of cray-product-catalog.

      +
      (venv) $ echo 1.6.0 > cray-product-catalog/.version
+
      3. +
    3. +

      Open the “locked” requirements file in a text editor.

      +
      (venv) $ vim sat/requirements.lock.txt
+
      4. +
    4. +

      Update the line containing cray-product-catalog so that it reflects the local path +to cray-product-catalog.

      +

      It should read as follows:

      +
      ./cray-product-catalog
+
      5. +
    5. +

      For versions of SAT newer than 3.19, change the line containing csm-api-client to +read as follows:

      +
      csm-api-client@git+https://github.com/Cray-HPE/python-csm-api-client@release/1.1
+
      6. +
    6. +

      (Optional) Confirm that requirements.lock.txt is modified as expected.

      +

      Note: For versions newer than 3.19, you will see both cray-product-catalog and csm-api-client. +For version 3.19 and older, you will only see cray-product-catalog.

      +
      (venv) $ grep -E 'cray-product-catalog|csm-api-client' sat/requirements.lock.txt
+./cray-product-catalog
+csm-api-client@git+https://github.com/Cray-HPE/python-csm-api-client@release/1.1
+
      7. +
    +
    4. +
  4. +

    Install the modified SAT dependencies.

    +
    (venv) $ pip install -r sat/requirements.lock.txt
+...
+
    5. +
  5. +

    Install the SAT Python package.

    +
    (venv) $ pip install ./sat
+...
+
    6. +
  6. +

    Optional: Add the sat virtual environment to the user’s PATH environment variable.

    +

    If a shell other than bash is in use, replace ~/.bash_profile with the appropriate profile path.

    +

    If the virtual environment is not added to the user’s PATH environment variable, then +source ${SAT_VENV_PATH}/bin/activate will need to be run before running any SAT commands.

    +
    (venv) $ deactivate
+$ echo export PATH=\"${SAT_VENV_PATH}/bin:${PATH}\" >> ~/.bash_profile
+$ source ~/.bash_profile
+
    7. +
  7. +

    Copy the file /etc/kubernetes/admin.conf from ncn-m001 to ~/.kube/config on the external system.

    +

    Note that this file contains credentials to authenticate against the Kubernetes API as the administrative user, so +it should be treated as sensitive.

    +
    $ mkdir -p ~/.kube
+$ scp ncn-m001:/etc/kubernetes/admin.conf ~/.kube/config
+admin.conf                                       100% 5566   3.0MB/s   00:00
+
    8. +
  8. +

    Add a new entry for the hostname kubernetes to the external system’s /etc/hosts file.

    +

    The kubernetes hostname should correspond to the CAN IP address on ncn-m001. On CSM 1.2, this can be determined +by querying the IP address of the bond0.cmn0 interface.

    +
    $ ssh ncn-m001 ip addr show bond0.cmn0
+13: bond0.cmn0@bond0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
+link/ether b8:59:9f:1d:d9:0e brd ff:ff:ff:ff:ff:ff
+inet 10.102.1.11/24 brd 10.102.1.255 scope global vlan007
+   valid_lft forever preferred_lft forever
+inet6 fe80::ba59:9fff:fe1d:d90e/64 scope link
+   valid_lft forever preferred_lft forever
+$ IP_ADDRESS=10.102.1.11
+

    On CSM versions prior to 1.2, the CAN IP can be determined by querying the IP address of the vlan007 interface.

    +
    $ ssh ncn-m001 ip addr show vlan007
+13: vlan007@bond0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
+link/ether b8:59:9f:1d:d9:0e brd ff:ff:ff:ff:ff:ff
+inet 10.102.1.10/24 brd 10.102.1.255 scope global vlan007
+   valid_lft forever preferred_lft forever
+inet6 fe80::ba59:9fff:fe1d:d90e/64 scope link
+   valid_lft forever preferred_lft forever
+$ IP_ADDRESS=10.102.1.10
+

    Once the IP address is determined, add an entry to /etc/hosts mapping the IP address to the hostname kubernetes.

    +
    $ echo "${IP_ADDRESS} kubernetes" | sudo tee -a /etc/hosts
+10.102.1.11 kubernetes
+
    9. +
  9. +

    Modify ~/.kube/config to set the cluster server address.

    +

    The value of the server key for the kubernetes cluster under the clusters section should be set to +https://kubernetes:6443.

    +
    ---
+clusters:
+- cluster:
+    certificate-authority-data: REDACTED
+    server: https://kubernetes:6443
+  name: kubernetes
+...
+
    10. +
  10. +

    Confirm that kubectl can access the CSM Kubernetes cluster.

    +
    $ kubectl get nodes
+NAME       STATUS   ROLES    AGE    VERSION
+ncn-m001   Ready    master   135d   v1.19.9
+ncn-m002   Ready    master   136d   v1.19.9
+ncn-m003   Ready    master   136d   v1.19.9
+ncn-w001   Ready    <none>   136d   v1.19.9
+ncn-w002   Ready    <none>   136d   v1.19.9
+ncn-w003   Ready    <none>   136d   v1.19.9
+
    11. +
  11. +

    Use sat init to create a configuration file for SAT.

    +
    $ sat init
+INFO: Configuration file "/home/user/.config/sat/sat.toml" generated.
+
    12. +
  12. +

    Copy the platform CA certificates from the management NCN and configure the certificates for use with SAT.

    +

    If a shell other than bash is in use, replace ~/.bash_profile with the appropriate profile path.

    +
    $ scp ncn-m001:/etc/pki/trust/anchors/platform-ca-certs.crt .
+$ echo export REQUESTS_CA_BUNDLE=\"$(realpath platform-ca-certs.crt)\" >> ~/.bash_profile
+$ source ~/.bash_profile
+
    13. +
  13. +

    Edit the SAT configuration file to set the API and S3 hostnames.

    +

    Externally available API endpoints are given domain names in PowerDNS, so the endpoints in the configuration file +should each be set to subdomain.system-name.site-domain, where system-name and site-domain are replaced with +the values specified during csi config init, and subdomain is the DNS name for the externally available service. +For more information, refer to Externally Exposed Services in the Cray System Management Documentation.

    +

    The API gateway has the subdomain api, and S3 has the subdomain s3. The S3 endpoint runs on port 8080. The +following options should be set in the SAT configuration file:

    +
    [api_gateway]
+host = "api.system-name.site-domain"
+
+[s3]
+endpoint = "http://s3.system-name.site-domain:8080"
+
    14. +
  14. +

    Edit the SAT configuration file to specify the Keycloak user which will be accessing the REST API.

    +
    [api_gateway]
+username = "user"
+
    15. +
  15. +

    Authenticate against the API gateway with sat auth.

    +

    For more information, see SAT Authentication.

    +
    16. +
  16. +

    Generate S3 credentials.

    +

    For more information, see Generate SAT S3 Credentials.

    +
    17. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-24/introduction/index.html b/en-24/introduction/index.html new file mode 100644 index 0000000000..c8ce9b3e91 --- /dev/null +++ b/en-24/introduction/index.html @@ -0,0 +1,991 @@ + + + + + + + + + + + + Introduction to SAT :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

Introduction to SAT

+

About System Admin Toolkit (SAT)

+

The System Admin Toolkit (SAT) is designed to assist administrators with common tasks, such as troubleshooting and +querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware +components.

+

SAT offers a command line utility which uses subcommands. There are similarities between SAT commands and xt commands +used on the Cray XC platform. For more information on SAT commands, see System Admin Toolkit Command Overview.

+

Six Kibana Dashboards are included with SAT. They provide organized output for system health information.

+ +

Four Grafana Dashboards are included with SAT. They display messages that are generated by the HSN (High Speed Network) and +are reported through Redfish.

+ +

In CSM 1.3 and newer, the sat command is automatically available on all the +Kubernetes NCNs. For more information, see SAT in CSM. Older +versions of CSM do not have the sat command automatically available, and SAT +must be installed as a separate product.

+

System Admin Toolkit Command Overview

+

Describes the SAT Command Line Utility, lists the key commands found in the System Admin Toolkit man pages, and provides +instruction on the SAT Container Environment.

+

SAT Command Line Utility

+

The primary component of the System Admin Toolkit (SAT) is a command-line utility run from Kubernetes manager nodes +(ncn-m nodes).

+

It is designed to assist administrators with common tasks, such as troubleshooting and querying information about the +HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components. There are +similarities between SAT commands and xt commands used on the Cray XC platform.

+

SAT Commands

+

The top-level SAT man page describes the toolkit, documents the global options affecting all subcommands, documents +configuration file options, and references the man page for each subcommand. SAT consists of many subcommands that each +have their own set of options.

+

SAT Container Environment

+

The sat command-line utility runs in a container using Podman, a daemonless container runtime. SAT runs on +Kubernetes manager nodes. A few important points about the SAT container environment include the following:

+
    +
  • Using either sat or sat bash always launches a container.
    • +
  • The SAT container does not have access to the NCN file system.
    • +
+

There are two ways to run sat.

+
    +
  • Interactive: Launching a container using sat bash, followed by a sat command.
    • +
  • Non-interactive: Running a sat command directly on a Kubernetes manager node.
    • +
+

In both of these cases, a container is launched in the background to execute the command. The first option, running +sat bash first, gives an interactive shell, at which point sat commands can be run. In the second option, the +container is launched, executes the command, and upon the command’s completion the container exits. The following two +examples show the same action, checking the system status, using interactive and non-interactive modes.

+

Interactive

+
ncn-m001# sat bash
+(CONTAINER-ID)sat-container# sat status
+

Non-interactive

+
ncn-m001# sat status
+

Interactive Advantages

+

Running sat using the interactive command prompt gives the ability to read and write local files on ephemeral +container storage. If multiple sat commands are being run in succession, then use sat bash to launch the +container beforehand. This will save time because the container does not need to be launched for each sat command.

+

Non-interactive Advantages

+

The non-interactive mode is useful if calling sat with a script, or when running a single sat command as a part of +several steps that need to be executed from a management NCN.

+

Man Pages - Interactive and Non-interactive Modes

+

To view a sat man page from a Kubernetes manager node, use sat-man on the manager node as shown in the following +example.

+
ncn-m001# sat-man status
+

A man page describing the SAT container environment is available on the Kubernetes manager nodes, which can be viewed +either with man sat or man sat-podman from the manager node.

+
ncn-m001# man sat
+
ncn-m001# man sat-podman
+

Command Prompt Conventions in SAT

+

The host name in a command prompt indicates where the command must be run. The account that must run the command is +also indicated in the prompt.

+
    +
  • The root or super-user account always has the # character at the end of the prompt and has the host name of the +host in the prompt.
    • +
  • Any non-root account is indicated with account@hostname>. A user account that is neither root nor crayadm is +referred to as user.
    • +
  • The command prompt inside the SAT container environment is indicated with the string as follows. It also has the “#” +character at the end of the prompt.
    • +
+ + + + + + + + + + + + + + + + + +
Command PromptMeaning
ncn-m001#Run on one of the Kubernetes Manager servers. (Non-interactive)
(CONTAINER_ID) sat-container#Run the command inside the SAT container environment by first running sat bash. (Interactive)
+

Examples of the sat status command used by an administrator:

+
ncn-m001# sat status
+
ncn-m001# sat bash
+(CONTAINER_ID) sat-container# sat status
+

SAT in CSM

+

In CSM 1.3 and newer, the sat command is automatically available on all the Kubernetes NCNs, but it is still possible +to install SAT as a separate product stream. Any version of SAT installed as a separate product stream overrides the +sat command available in CSM. Installing the SAT product stream allows additional supporting components to be added:

+
    +
  • +

    An entry for SAT in the cray-product-catalog Kubernetes ConfigMap is only created by installing the SAT product +stream. Otherwise, there will be no entry for this version of SAT in the output of sat showrev.

    +
    • +
  • +

    The sat-install-utility container image is only available with the full SAT product stream. This container image +provides uninstall and activate functionality when used with the prodmgr command. (In SAT 2.3 and older, SAT was +only available to install as a separate product stream. Because these versions were packaged with +sat-install-utility, it is still possible to uninstall these versions of SAT.)

    +
    • +
  • +

    The docs-sat RPM package is only available with the full SAT product stream.

    +
    • +
  • +

    The sat-config-management git repository in Gitea (VCS) and thus the SAT layer of NCN CFS configuration is +only available with the full SAT product stream.

    +
    • +
+

If the SAT product stream is not installed, there will be no configuration content for SAT in VCS. Therefore, CFS +configurations that apply to NCNs (for example, ncn-personalization) should not include a SAT layer.

+

The SAT configuration layer modifies the permissions of files left over from prior installations of SAT, so that the +Keycloak username that authenticates to the API gateway cannot be read by users other than root. Specifically, it +it does the following:

+
    +
  • +

    Modifies the sat.toml configuration file which contains the username so that it is only readable by root.

    +
    • +
  • +

    Modifies the /root/.config/sat/tokens directory so that the directory is only readable by root. This is needed +because the names of the files within the tokens directory contain the username.

    +
    • +
+

Regardless of the SAT configuration being applied, passwords and the contents of the tokens are never readable by other +users. These permission changes only apply to files created by previous installations of SAT. In the current version of +SAT all files and directories are created with the appropriate permissions.

+

SAT Dependencies

+

Most sat subcommands depend on services or components from other products in the +HPE Cray EX (Shasta) software stack. The following list shows these dependencies +for each subcommand. Each service or component is listed under the product it belongs to.

+

sat auth

+

CSM

+
    +
  • Keycloak
    • +
+

sat bmccreds

+

CSM

+
    +
  • System Configuration Service (SCSD)
    • +
+

sat bootprep

+

CSM

+
    +
  • Boot Orchestration Service (BOS)
    • +
  • Configuration Framework Service (CFS)
    • +
  • Image Management Service (IMS)
    • +
  • Version Control Service (VCS)
    • +
  • Kubernetes
    • +
  • S3
    • +
+

sat bootsys

+

CSM

+
    +
  • Boot Orchestration Service (BOS)
    • +
  • Cray Advanced Platform Monitoring and Control (CAPMC)
    • +
  • Ceph
    • +
  • Compute Rolling Upgrade Service (CRUS)
    • +
  • Etcd
    • +
  • Firmware Action Service (FAS)
    • +
  • Hardware State Manager (HSM)
    • +
  • Kubernetes
    • +
  • S3
    • +
+

COS

+
    +
  • Node Memory Dump (NMD)
    • +
+

sat diag

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

CSM-Diags

+
    +
  • Fox
    • +
+

sat firmware

+

CSM

+
    +
  • Firmware Action Service (FAS)
    • +
+

sat hwhist

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat hwinv

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat hwmatch

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat init

+

None

+

sat k8s

+

CSM

+
    +
  • Kubernetes
    • +
+

sat nid2xname

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat sensors

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
  • HM Collector
    • +
+

SMA

+
    +
  • Telemetry API
    • +
+

sat setrev

+

CSM

+
    +
  • S3
    • +
+

sat showrev

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
  • Kubernetes
    • +
  • S3
    • +
+

sat slscheck

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
  • Kubernetes
    • +
  • S3
    • +
+

sat status

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat swap

+

Slingshot

+
    +
  • Fabric Manager
    • +
+

sat switch

+

Deprecated: See sat swap

+

sat xname2nid

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-24/release_notes/index.html b/en-24/release_notes/index.html new file mode 100644 index 0000000000..ec90a2abec --- /dev/null +++ b/en-24/release_notes/index.html @@ -0,0 +1,1420 @@ + + + + + + + + + + + + SAT Release Notes :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Release Notes

+

Summary of Changes in SAT 2.4

+

The 2.4.13 version of the SAT product includes:

+
    +
  • Version 3.19.3 of the sat python package and CLI.
    • +
  • Version 2.0.0-1 of the sat-podman wrapper script.
    • +
  • Version 1.5.5 of the sat-install-utility container image.
    • +
  • Version 3.3.1 of the cfs-config-util container image.
    • +
+

Because of installation refactoring efforts, the following two components +are no longer delivered with SAT:

+
    +
  • sat-cfs-install container image
    • +
  • sat-cfs-install Helm chart
    • +
+

Inclusion of SAT in CSM

+

A version of the cray-sat container image is now included in CSM. For more +information, see SAT in CSM.

+

SAT Installation Improvements

+

The SAT install.sh script no longer uses a sat-cfs-install Helm chart and +container image to upload its Ansible content to the sat-config-management +repository in VCS. Instead, it uses Podman to run the cf-gitea-import container +directly. Some of the benefits of this change include the following:

+ +

Decoupling of cray-sat Container Image and cray-sat-podman Package

+

In older SAT releases, the sat wrapper script that was provided by the +cray-sat-podman package installed on Kubernetes master NCNs included a +hard-coded version of the cray-sat container image. As a result, every new +version of the cray-sat image required a corresponding new version of the +cray-sat-podman package.

+

In this release, this tight coupling of the cray-sat-podman package and the +cray-sat container image was removed. The sat wrapper script provided +by the cray-sat-podman package now looks for the version of the cray-sat +container image in the /opt/cray/etc/sat/version file. This file is populated +with the correct version of the cray-sat container image by the SAT layer of +the CFS configuration that is applied to management NCNs. If the version file +does not exist, the wrapper script defaults to the version of the cray-sat +container image delivered with the latest version of CSM installed on the system.

+

Improved NCN Personalization Automation

+

The steps for performing NCN personalization as part of the SAT installation +were moved out of the install.sh script and into a new +update-mgmt-ncn-cfs-config.sh script that is provided in the SAT release +distribution. The new script provides additional flexibility in how it modifies +the NCN personalization CFS configuration for SAT. It can modify an existing CFS +configuration by name, a CFS configuration being built in a JSON file, or an +existing CFS configuration that applies to certain components. For more information, +see Perform NCN Personalization.

+

New sat bootprep Features

+

The following new features were added to the sat bootprep command:

+ +

The schema of the sat bootprep input files was also changed to support these +new features:

+
    +
  • The base recipe or image used by an image in the input file should now be +specified under a base key instead of under an ims key. The old ims +key is deprecated.
    • +
  • To specify an image that depends on another image in the input file, the +dependent image should specify the dependency under base.image_ref. +You should no longer use the IMS name of the image on which it depends.
    • +
  • The image used by a session template should now be specified under +image.ims.name, image.ims.id, or image.image_ref. Specifying a string +value directly under the image key is deprecated.
    • +
+

For more information on defining IMS images and BOS session templates in the +sat bootprep input file, see Defining IMS Images +and Defining BOS Session Templates.

+

Added Blade Swap Support to sat swap

+

The sat swap command was updated to support swapping compute and UAN blades +with sat swap blade. This functionality is described in the following processes +of the Cray System Management Documentation:

+
    +
  • Adding a Liquid-cooled blade to a System Using SAT
    • +
  • Removing a Liquid-cooled blade from a System Using SAT
    • +
  • Replace a Compute Blade Using SAT
    • +
  • Swap a Compute Blade with a Different System Using SAT
    • +
+

Support for BOS v2

+

A new v2 version of the Boot Orchestration Service (BOS) is available in CSM +1.3.0. SAT has added support for BOS v2. This impacts the following commands +that interact with BOS:

+
    +
  • sat bootprep
    • +
  • sat bootsys
    • +
  • sat status
    • +
+

By default, SAT uses BOS v1. However, you can choose the BOS version you want +to use. For more information, see Change the BOS Version.

+

Added BOS Fields to sat status

+

When using BOS v2, sat status outputs additional fields. These fields show +the most recent BOS session, session template, booted image, and boot status for +each node. An additional --bos-fields option was added to limit the output of +sat status to these fields. The fields are not displayed when using BOS v1.

+

Open Source Repositories

+

This is the first release of SAT built from open source code repositories. +As a result, build infrastructure was changed to use an external Jenkins instance, +and artifacts are now published to an external Artifactory instance. These +changes should not impact the functionality of the SAT product in any way.

+

Security

+

CVE Mitigation

+
    +
  • The paramiko Python package version was updated from 2.9.2 to 2.10.1 to +mitigate CVE-2022-24302.
    • +
  • The oauthlib Python package version was updated from 3.2.0 to 3.2.1 to +mitigate CVE-2022-36087.
    • +
+

Restricted Permissions on SAT Config Files and Directories

+

SAT stores information used to authenticate to the API gateway with Keycloak. +Token files are stored in the ~/.config/sat/tokens/ directory. Those files +have always had permissions appropriately set to restrict them to be readable +only by the user.

+

Keycloak usernames used to authenticate to the API gateway are stored in the +SAT config file at /.config/sat/sat.toml. Keycloak usernames are also used in +the file names of tokens stored in /.config/sat/tokens. As an additional +security measure, SAT now restricts the permissions of the SAT config file +to be readable and writable only by the user. It also restricts the tokens +directory and the entire SAT config directory ~/.config/sat to be accessible +only by the user. This prevents other users on the system from viewing +Keycloak usernames used to authenticate to the API gateway.

+

Bug Fixes

+
    +
  • Fixed an issue where sat init did not print a message confirming a new +configuration file was created.
    • +
  • Fixed an issue where sat showrev exited with a traceback if the file +/opt/cray/etc/site_info.yaml existed but was empty. This could occur if the +user exited sat setrev with Ctrl-C.
    • +
  • Fixed outdated information in the sat bootsys man page, and added a +description of the command stages.
    • +
+

Summary of Changes in SAT 2.3

+

The 2.3.4 version of the SAT product includes:

+
    +
  • Version 3.15.4 of the sat python package and CLI
    • +
  • Version 1.6.11 of the sat-podman wrapper script
    • +
  • Version 1.2.0 of the sat-cfs-install container image
    • +
  • Version 2.0.0 of the sat-cfs-install Helm chart
    • +
  • Version 1.5.0 of the sat-install-utility container image
    • +
  • Version 2.0.3 of the cfs-config-util container image
    • +
+

New sat Commands

+

None.

+

Current Working Directory in SAT Container

+

When running sat commands, the current working directory is now mounted in the +container as /sat/share, and the current working directory within the container +is also /sat/share.

+

Files in the current working directory must be specified using relative paths to +that directory, because the current working directory is always mounted on /sat/share. +Absolute paths should be avoided, and paths that are outside of $HOME or $PWD +are never accessible to the container environment.

+

The home directory is still mounted on the same path inside the container as it +is on the host.

+

Changes to sat bootsys

+

The following options were added to sat bootsys.

+
    +
  • --bos-limit
    • +
  • --recursive
    • +
+

The --bos-limit option passes a given limit string to a BOS session. The --recursive +option specifies a slot or other higher-level component in the limit string

+

Changes to sat bootprep

+

The --delete-ims-jobs option was added to sat bootprep run. It deletes IMS +jobs after sat bootprep is run. Jobs are no longer deleted by default.

+

Changes to sat status

+

sat status now includes information about nodes’ CFS configuration statuses, such +as desired configuration, configuration status, and error count.

+

The output of sat status now splits different component types into different report tables.

+

The following options were added to sat status.

+
    +
  • --hsm-fields, --sls-fields, --cfs-fields
    • +
  • --bos-template
    • +
+

The --hsm-fields, --sls-fields, --cfs-fields options limit the output columns +according to specified CSM services.

+

The --bos-template option filters the status report according to the specified +session template’s boot sets.

+

Compatibility with CSM 1.2

+

The following components were modified to be compatible with CSM 1.2.

+
    +
  • sat-cfs-install container image and Helm chart
    • +
  • sat-install-utility container image
    • +
  • SAT product installer
    • +
+

GPG Checking

+

The sat-ncn Ansible role provided by sat-cfs-install was modified to enable +GPG checks on packages while leaving GPG checks disabled on repository metadata.

+

Security

+

Updated urllib3 dependency to version 1.26.5 to mitigate CVE-2021-33503 and refreshed +Python dependency versions.

+

Bug Fixes

+

Minor bug fixes were made in each of the repositories. For full change lists, +refer to each repository’s CHANGELOG.md file.

+

The known issues listed under the SAT 2.2 release were fixed.

+

Summary of Changes in SAT 2.2

+

SAT 2.2.16 was released on February 25th, 2022.

+

This version of the SAT product included:

+
    +
  • Version 3.14.0 of the sat python package and CLI
    • +
  • Version 1.6.4 of the sat-podman wrapper script
    • +
  • Version 1.0.4 of the sat-cfs-install container image and Helm chart
    • +
+

It also added the following new components:

+
    +
  • Version 1.4.3 of the sat-install-utility container image
    • +
  • Version 2.0.2 of the cfs-config-util container image
    • +
+

The following sections detail the changes in this release.

+

Known Issues in SAT 2.2

+

sat Command Unavailable in sat bash Shell

+

After launching a shell within the SAT container with sat bash, the sat command will not +be found. For example:

+
(CONTAINER-ID) sat-container:~ # sat status
+bash: sat: command not found
+

This can be resolved temporarily in one of two ways. /sat/venv/bin/ may be prepended to the +$PATH environment variable:

+
(CONTAINER-ID) sat-container:~ # export PATH=/sat/venv/bin:$PATH
+(CONTAINER-ID) sat-container:~ # sat status
+

Or, the file /sat/venv/bin/activate may be sourced:

+
(CONTAINER-ID) sat-container:~ # source /sat/venv/bin/activate
+(CONTAINER-ID) sat-container:~ # sat status
+

Tab Completion Unavailable in sat bash Shell

+

After launching a shell within the SAT container with sat bash, tab completion for sat +commands does not work.

+

This can be resolved temporarily by sourcing the file /etc/bash_completion.d/sat-completion.bash:

+
source /etc/bash_completion.d/sat-completion.bash
+

OCI Runtime Permission Error when Running sat in Root Directory

+

sat commands will not work if the current directory is /. For example:

+
ncn-m001:/ # sat --help
+Error: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: open /dev/console: operation not permitted: OCI runtime permission denied error
+

To resolve, run sat in another directory.

+

Duplicate Mount Error when Running sat in Config Directory

+

sat commands will not work if the current directory is ~/.config/sat. For example:

+
ncn-m001:~/.config/sat # sat --help
+Error: /root/.config/sat: duplicate mount destination
+

To resolve, run sat in another directory.

+

New sat Commands

+
    +
  • sat bootprep automates the creation of CFS configurations, the build and +customization of IMS images, and the creation of BOS session templates. For +more information, see SAT Bootprep.
    • +
  • sat slscheck performs a check for consistency between the System Layout +Service (SLS) and the Hardware State Manager (HSM).
    • +
  • sat bmccreds provides a simple interface for interacting with the System +Configuration Service (SCSD) to set BMC Redfish credentials.
    • +
  • sat hwhist displays hardware component history by XName (location) or by +its Field-Replaceable Unit ID (FRUID). This command queries the Hardware +State Manager (HSM) API to obtain this information. Since the sat hwhist +command supports querying for the history of a component by its FRUID, the +FRUID of components has been added to the output of sat hwinv.
    • +
+

Additional Install Automation

+

The following automation has been added to the install script, install.sh:

+
    +
  • Wait for the completion of the sat-config-import Kubernetes job, which is +started when the sat-cfs-install Helm chart is deployed.
    • +
  • Automate the modification of the CFS configuration, which applies to master +management NCNs (for example, ncn-personalization).
    • +
+

Changes to Product Catalog Data Schema

+

The SAT product uploads additional information to the cray-product-catalog +Kubernetes ConfigMap detailing the components it provides, including container +(Docker) images, Helm charts, RPMs, and package repositories.

+

This information is used to support uninstall and activation of SAT product +versions moving forward.

+

Support for Uninstall and Activation of SAT Versions

+

Beginning with the 2.2 release, SAT now provides partial support for the +uninstall and activation of the SAT product stream.

+

For more information, see Uninstall: Removing a Version of +SAT and Activate: Switching +Between Versions.

+

Improvements to sat status

+

A Subrole column has been added to the output of sat status. This allows you +to easily differentiate between master, worker, and storage nodes in the +management role, for example.

+

Hostname information from SLS has been added to sat status output.

+

Added Support for JSON Output

+

Support for JSON-formatted output has been added to commands which currently +support the --format option, such as hwinv, status, and showrev.

+

Usability Improvements

+

Many usability improvements have been made to multiple sat commands, +mostly related to filtering command output. The following are some highlights:

+
    +
  • Added --fields option to display only specific fields for subcommands which +display tabular reports.
    • +
  • Added ability to filter on exact matches of a field name.
    • +
  • Improved handling of multiple matches of a field name in --filter queries +so that the first match is used, similar to --sort-by.
    • +
  • Added support for --filter, --fields, and --reverse for summaries +displayed by sat hwinv.
    • +
  • Added borders to summary tables generated by sat hwinv.
    • +
  • Improved documentation in the man pages.
    • +
+

Default Log Level Changed

+

The default log level for stderr has been changed from “WARNING” to “INFO”. For +more information, see SAT Logging.

+

More Granular Log Level Configuration Options

+

With the command-line options --loglevel-stderr and --loglevel-file, the log level +can now be configured separately for stderr and the log file.

+

The existing --loglevel option is now an alias for the --loglevel-stderr option.

+

Podman Wrapper Script Improvements

+

The Podman wrapper script is the script installed at /usr/bin/sat on the +master management NCNs by the cray-sat-podman RPM that runs the cray-sat +container in podman. The following subsections detail improvements that were +made to the wrapper script in this release.

+

Mounting of $HOME and Current Directories in cray-sat Container

+

The Podman wrapper script that launches the cray-sat container with podman +has been modified to mount the user’s current directory and home directory into +the cray-sat container to provide access to local files in the container.

+

Podman Wrapper Script Documentation Improvements

+

The man page for the Podman wrapper script, which is accessed by typing man sat on a master management NCN, has been improved to document the following:

+
    +
  • Environment variables that affect execution of the wrapper script
    • +
  • Host files and directories mounted in the container
    • +
+

Fixes to Podman Wrapper Script Output Redirection

+

Fixed issues with redirecting stdout and stderr, and piping output to commands, +such as awk, less, and more.

+

Configurable HTTP Timeout

+

A new sat option has been added to configure the HTTP timeout length for +requests to the API gateway. For more information, refer to sat-man sat.

+

sat bootsys Improvements

+

Many improvements and fixes have been made to sat bootsys. The following are some +highlights:

+
    +
  • Added the --excluded-ncns option, which can be used to omit NCNs +from the platform-services and ncn-power stages in case they are +inaccessible.
    • +
  • Disruptive shutdown stages in sat bootsys shutdown now prompt the user to +continue before proceeding. A new option, --disruptive, will bypass this.
    • +
  • Improvements to Ceph service health checks and restart during the platform-services +stage of sat bootsys boot.
    • +
+

sat xname2nid Improvements

+

sat xname2nid can now recursively expand slot, chassis, and cabinet XNames to +a list of NIDs in those locations.

+

A new --format option has been added to sat xname2nid. It sets the output format to +either “range” (the default) or “NID”. The “range” format displays NIDs in a +compressed range format suitable for use with a workload manager like Slurm.

+

Usage of v2 HSM API

+

The commands which interact with HSM (for example, sat status and sat hwinv) now +use the v2 HSM API.

+

sat diag Limited to HSN Switches

+

sat diag will now only operate against HSN switches by default. These are the +only controllers that support running diagnostics with HMJTD.

+

sat showrev Enhancements

+

A column has been added to the output of sat showrev that indicates whether a +product version is “active”. The definition of “active” varies across products, +and not all products may set an “active” version.

+

For SAT, the active version is the one with its hosted-type package repository in +Nexus set as the member of the group-type package repository in Nexus, +meaning that it will be used when installing the cray-sat-podman RPM.

+

cray-sat Container Image Size Reduction

+

The size of the cray-sat container image has been approximately cut in half by +leveraging multi-stage builds. This also improved the repeatability of the unit +tests by running them in the container.

+

Bug Fixes

+

Minor bug fixes were made in cray-sat and in cray-sat-podman. For full change lists, +refer to each repository’s CHANGELOG.md file.

+

Summary of SAT Changes in Shasta v1.5

+

We released version 2.1.16 of the SAT product in Shasta v1.5.

+

This version of the SAT product included:

+
    +
  • Version 3.7.4 of the sat python package and CLI
    • +
  • Version 1.4.10 of the sat-podman wrapper script
    • +
+

It also added the following new component:

+
    +
  • Version 1.0.3 of the sat-cfs-install docker image and helm chart
    • +
+

The following sections detail the changes in this release.

+

Install Changes to Separate Product from CSM

+

This release further decouples the installation of the SAT product from the CSM +product. The cray-sat-podman RPM is no longer installed in the management +non-compute node (NCN) image. Instead, the cray-sat-podman RPM is installed on +all master management NCNs via an Ansible playbook which is referenced by a +layer of the CFS configuration that applies to management NCNs. This CFS +configuration is typically named ncn-personalization.

+

The SAT product now includes a Docker image and a Helm chart named +sat-cfs-install. The SAT install script, install.sh, deploys the Helm chart +with Loftsman. This helm chart deploys a Kubernetes job that imports the +SAT Ansible content to a git repository in VCS (Gitea) named sat-config-management. +This repository is referenced by the layer added to the NCN personalization +CFS configuration.

+

Removal of Direct Redfish Access

+

All commands which used to access Redfish directly have either been removed or +modified to use higher-level service APIs. This includes the following commands:

+
    +
  • sat sensors
    • +
  • sat diag
    • +
  • sat linkhealth
    • +
+

The sat sensors command has been rewritten to use the SMA telemetry API to +obtain the latest sensor values. The command’s usage has changed slightly, but +legacy options work as before, so it is backwards compatible. Additionally, new +commands have been added.

+

The sat diag command has been rewritten to use a new service called Fox, which +is delivered with the CSM-Diags product. The sat diag command now launches +diagnostics using the Fox service, which launches the corresponding diagnostic +programs on controllers using the Hardware Management Job and Task Daemon +(HMJTD) over Redfish. Essentially, Fox serves as a proxy for us to start +diagnostics over Redfish.

+

The sat linkhealth command has been removed. Its functionality has been +replaced by functionality from the Slingshot Topology Tool (STT) in the +fabric manager pod.

+

The Redfish username and password command line options and config file options +have been removed. For more information, see Remove Obsolete Configuration +File Sections.

+

Additional Fields in sat setrev and sat showrev

+

sat setrev now collects the following information from the admin, which is then displayed by sat showrev:

+
    +
  • System description
    • +
  • Product number
    • +
  • Company name
    • +
  • Country code
    • +
+

Additional guidance and validation has been added to each field collected by +sat setrev. This sets the stage for sdu setup to stop collecting this +information and instead collect it from sat showrev or its S3 bucket.

+

Improvements to sat bootsys

+

The platform-services stage of the sat bootsys boot command has been +improved to start inactive Ceph services, unfreeze Ceph, and wait for Ceph +health in the correct order. The ceph-check stage has been removed as it is no +longer needed.

+

The platform-services stage of sat bootsys boot now prompts for confirmation +of the storage NCN hostnames in addition to the Kubernetes masters and workers.

+

Bug Fixes and Security Fixes

+
    +
  • Improved error handling in sat firmware.
    • +
  • Incremented version of Alpine Linux to 3.13.2 to address a security +vulnerability.
    • +
+

Other Notable Changes

+
    +
  • Ansible has been removed from the cray-sat container image.
    • +
  • Support for the Firmware Update Service (FUS) has been removed from the sat firmware command.
    • +
+

Summary of SAT Changes in Shasta v1.4.1

+

We released version 2.0.4 of the SAT product in Shasta v1.4.1.

+

This version of the SAT product included:

+
    +
  • Version 3.5.0 of the sat python package and CLI.
    • +
  • Version 1.4.3 of the sat-podman wrapper script.
    • +
+

The following sections detail the changes in this release.

+

New Commands to Translate Between NIDs and XNames

+

Two new commands were added to translate between NIDs and XNames:

+
    +
  • sat nid2xname
    • +
  • sat xname2nid
    • +
+

These commands perform this translation by making requests to the Hardware +State Manager (HSM) API.

+

Bug Fixes

+
    +
  • Fixed a problem in sat swap where creating the offline port policy failed.
    • +
  • Changed sat bootsys shutdown --stage bos-operations to no longer forcefully +power off all compute nodes and application nodes using CAPMC when BOS +sessions complete or time out.
    • +
  • Fixed an issue with the command sat bootsys boot --stage cabinet-power.
    • +
+

Summary of SAT Changes in Shasta v1.4

+

In Shasta v1.4, SAT became an independent product, which meant we began to +designate a version number for the entire SAT product. We released version +2.0.3 of the SAT product in Shasta v1.4.

+

This version of the SAT product included the following components:

+
    +
  • Version 3.4.0 of the sat python package and CLI
    • +
+

It also added the following new component:

+
    +
  • Version 1.4.2 of the sat-podman wrapper script
    • +
+

The following sections detail the changes in this release.

+

SAT as an Independent Product

+

SAT is now packaged and released as an independent product. The product +deliverable is called a “release distribution”. The release distribution is a +gzipped tar file containing an install script. This install script loads the +cray/cray-sat container image into the Docker registry in Nexus and loads the +cray-sat-podman RPM into a package repository in Nexus.

+

In this release, the cray-sat-podman package is still installed in the master +and worker NCN images provided by CSM. This is changed in SAT 2.1.16 released in +Shasta v1.5.

+

SAT Running in a Container Under Podman

+

The sat command now runs in a container under Podman. The sat executable is +now installed on all nodes in the Kubernetes management cluster (workers and +masters). This executable is a wrapper script that starts a SAT container in +Podman and invokes the sat Python CLI within that container. The admin can run +individual sat commands directly on the master or worker NCNs as before, or +they can run sat commands inside the SAT container after using sat bash to +enter an interactive shell inside the SAT container.

+

To view man pages for sat commands, the user can run sat-man SAT_COMMAND, +replacing SAT_COMMAND with the name of the sat command. Alternatively, +the user can enter the sat container with sat bash and use the man command.

+

New sat init Command and Config File Location Change

+

The default location of the SAT config file has been changed from /etc/sat.toml +to ~/.config/sat/sat.toml. A new command, sat init, has been added that +initializes a configuration file in the new default directory. This better supports +individual users on the system who want their own config files.

+

~/.config/sat is mounted into the container that runs under Podman, so changes +are persistent across invocations of the sat container. If desired, an alternate +configuration directory can be specified with the SAT_CONFIG_DIR environment variable.

+

Additionally, if a config file does not yet exist when a user runs a sat +command, one is generated automatically.

+

Additional Types Added to sat hwinv

+

Additional functionality has been added to sat hwinv including:

+
    +
  • List node enclosure power supplies with the --list-node-enclosure-power-supplies option.
    • +
  • List node accelerators (for example, GPUs) with the --list-node-accels option. The +count of node accelerators is also included for each node.
    • +
  • List node accelerator risers (for example, Redstone modules) with the --list-node-accel-risers +option. The count of node accelerator risers is also included for each node.
    • +
  • List High-Speed Node Network Interface Cards (HSN NICs) with the --list-node-hsn-nics +option. The count of HSN NICs is also included for each node.
    • +
+

Documentation for these new options has been added to the man page for sat hwinv.

+

Site Information Stored by sat setrev in S3

+

The sat setrev and sat showrev commands now use S3 to store and obtain site +information, including system name, site name, serial number, install date, and +system type. Since the information is stored in S3, it will now be consistent +regardless of the node on which sat is executed.

+

As a result of this change, S3 credentials must be configured for SAT. For more +information, see Generate SAT S3 Credentials.

+

Product Version Information Shown by sat showrev

+

sat showrev now shows product information from the cray-product-catalog +ConfigMap in Kubernetes.

+

Additional Changes to sat showrev

+

The output from sat showrev has also been changed in the following ways:

+
    +
  • The --docker and --packages options were considered misleading and have +been removed.
    • +
  • Information pertaining to only to the local host, where the command is run, +has been moved to the output of the --local option.
    • +
+

Removal of sat cablecheck

+

The sat cablecheck command has been removed. To verify that the system’s Slingshot +network is cabled correctly, admins should now use the show cables command in the +Slingshot Topology Tool (STT).

+

sat swap Command Compatibility with Next-gen Fabric Controller

+

The sat swap command was added in Shasta v1.3.2. This command used the Fabric +Controller API. Shasta v1.4 introduced a new Fabric Manager API and removed the +Fabric Controller API, so this command has been rewritten to use the new +backwards-incompatible API. Usage of the command did not change.

+

sat bootsys Functionality

+

Much of the functionality added to sat bootsys in Shasta v1.3.2 was broken +by changes introduced in Shasta v1.4, which removed the Ansible inventory +and playbooks.

+

The functionality in the platform-services stage of sat bootsys has been +re-implemented to use python directly instead of Ansible. This resulted in +a more robust procedure with better logging to the sat log file. Failures +to stop containers on Kubernetes nodes are handled more gracefully, and +more information about the containers that failed to stop, including how to +debug the problem, is included.

+

Improvements were made to console logging setup for non-compute nodes +(NCNs) when they are shut down and booted.

+

The following improvements were made to the bos-operations stage +of sat bootsys:

+
    +
  • More information about the BOS sessions, BOA jobs, and BOA pods is printed.
    • +
  • A command-line option, --bos-templates, and a corresponding config-file +option, bos_templates, were added, and the --cle-bos-template and +--uan-bos-template options and their corresponding config file options were +deprecated.
    • +
+

The following functionality has been removed from sat bootsys:

+
    +
  • The hsn-bringup stage of sat bootsys boot has been removed due to removal +of the underlying Ansible playbook.
    • +
  • The bgp-check stage of sat bootys {boot,shutdown} has been removed. It is +now a manual procedure.
    • +
+

Log File Location Change

+

The location of the sat log file has changed from /var/log/cray/sat.log to +/var/log/cray/sat/sat.log. This change simplifies mounting this file into the +sat container running under Podman.

+

Summary of SAT Changes in Shasta v1.3.2

+

Shasta v1.3.2 included version 2.4.0 of the sat python package and CLI.

+

The following sections detail the changes in this release.

+

sat swap Command for Switch and Cable Replacement

+

The sat switch command which supported operations for replacing a switch has +been deprecated and replaced with the sat swap command, which now supports +replacing a switch OR cable.

+

The sat swap switch command is equivalent to sat switch. The sat switch +command will be removed in a future release.

+

Addition of Stages to sat bootsys Command

+

The sat bootsys command now has multiple stages for both the boot and +shutdown actions. Please refer to the “System Power On Procedures” and “System +Power Off Procedures” sections of the Cray Shasta Administration Guide (S-8001) +for more details on using this command in the context of a full system power off +and power on.

+

Summary of SAT Changes in Shasta v1.3

+

Shasta v1.3 included version 2.2.3 of the sat python package and CLI.

+

This version of the sat CLI contained the following commands:

+
    +
  • auth
    • +
  • bootsys
    • +
  • cablecheck
    • +
  • diag
    • +
  • firmware
    • +
  • hwinv
    • +
  • hwmatch
    • +
  • k8s
    • +
  • linkhealth
    • +
  • sensors
    • +
  • setrev
    • +
  • showrev
    • +
  • status
    • +
  • swap
    • +
  • switch
    • +
+

For more information on each of these commands, see the System Admin Toolkit Command +Overview and the table +of commands in the SAT Authentication section +of this document.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-24/sitemap.xml b/en-24/sitemap.xml new file mode 100644 index 0000000000..c94c124078 --- /dev/null +++ b/en-24/sitemap.xml @@ -0,0 +1,347 @@ + + + + /docs-sat/en-24/ + 2024-12-11T03:40:00+00:00 + + + + + + + + /docs-sat/en-24/dashboards/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-24/install/ + 2024-12-11T03:40:00+00:00 + + + + + + + + /docs-sat/en-24/usage/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-24/usage/change_bos_version/ + 2024-12-11T03:40:00+00:00 + + + + + /docs-sat/en-24/introduction/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-24/dashboards/sat_grafana_dashboards/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-24/cne_install/ + 2024-12-11T03:40:00+00:00 + + /docs-sat/en-24/usage/sat_bootprep/ + 2024-12-11T03:40:00+00:00 + + + + + /docs-sat/en-24/dashboards/sat_kibana_dashboards/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-24/release_notes/ + 2024-12-11T03:40:00+00:00 + + + + + + + + /docs-sat/en-24/categories/ + + + + + + + + /docs-sat/en-24/tags/ + + + + + + + + diff --git a/en-24/tags/index.html b/en-24/tags/index.html new file mode 100644 index 0000000000..12358999a4 --- /dev/null +++ b/en-24/tags/index.html @@ -0,0 +1,703 @@ + + + + + + + + + + + + Tags :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ + tag :: + +

+ + + + + + + + +
    + +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-24/tags/index.xml b/en-24/tags/index.xml new file mode 100644 index 0000000000..d47073ce7e --- /dev/null +++ b/en-24/tags/index.xml @@ -0,0 +1,11 @@ + + + + Tags on System Admin Toolkit (SAT) + /docs-sat/en-24/tags/ + Recent content in Tags on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-24 + + + diff --git a/en-24/usage/change_bos_version/index.html b/en-24/usage/change_bos_version/index.html new file mode 100644 index 0000000000..4285ed2f2e --- /dev/null +++ b/en-24/usage/change_bos_version/index.html @@ -0,0 +1,682 @@ + + + + + + + + + + + + Change the BOS Version :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

Change the BOS Version

+

By default, SAT uses Boot Orchestration Service (BOS) version one. You can +select the BOS version to use for individual commands with the --bos-version +option. For more information on this option, refer to the man page for a specific +command.

+

You can also configure the BOS version to use in the SAT config file. Do this +under the api_version setting in the bos section of the config file. If +the system is using an existing SAT config file from an older version of SAT, +the bos section might not exist. In that case, add the bos section with the +BOS version desired in the api_version setting.

+
    +
  1. +

    Find the SAT config file at ~/.config/sat/sat.toml, and look for a section +like this:

    +
    [bos]
+api_version = "v1"
+

    In this example, SAT is using BOS version "v1".

    +
    2. +
  2. +

    Change the line specifying the api_version to the BOS version desired (for +example, "v2").

    +
    [bos]
+api_version = "v2"
+
    3. +
  3. +

    If applicable, uncomment the api_version line.

    +

    If the system is using an existing SAT config file from a recent version of +SAT, the api_version line might be commented out like this:

    +
    [bos]
+# api_version = "v2"
+

    If the line is commented out, SAT will still use the default BOS +version. To ensure a different BOS version is used, uncomment the +api_version line by removing # at the beginning of the line.

    +
    4. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-24/usage/index.html b/en-24/usage/index.html new file mode 100644 index 0000000000..ab9a5433f7 --- /dev/null +++ b/en-24/usage/index.html @@ -0,0 +1,688 @@ + + + + + + + + + + + + SAT Usage :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + + +

SAT Usage

+ + + + + + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-24/usage/index.xml b/en-24/usage/index.xml new file mode 100644 index 0000000000..2372847f87 --- /dev/null +++ b/en-24/usage/index.xml @@ -0,0 +1,26 @@ + + + + SAT Usage on System Admin Toolkit (SAT) + /docs-sat/en-24/usage/ + Recent content in SAT Usage on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-24 + Wed, 11 Dec 2024 03:40:00 +0000 + + + Change the BOS Version + /docs-sat/en-24/usage/change_bos_version/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-24/usage/change_bos_version/ + Change the BOS Version By default, SAT uses Boot Orchestration Service (BOS) version one. You can select the BOS version to use for individual commands with the --bos-version option. For more information on this option, refer to the man page for a specific command. You can also configure the BOS version to use in the SAT config file. Do this under the api_version setting in the bos section of the config file. + + + SAT Bootprep + /docs-sat/en-24/usage/sat_bootprep/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-24/usage/sat_bootprep/ + SAT Bootprep SAT provides an automated solution for creating CFS configurations, building and configuring images in IMS, and creating BOS session templates based on a given input file which defines how those configurations, images, and session templates should be created. This automated process centers around the sat bootprep command. Man page documentation for sat bootprep can be viewed similarly to other SAT commands. ncn-m001# sat-man sat-bootprep SAT Bootprep vs SAT Bootsys sat bootprep is used to create CFS configurations, build and rename IMS images, and create BOS session templates which tie the configurations and images together during a BOS session. + + + diff --git a/en-24/usage/sat_bootprep/index.html b/en-24/usage/sat_bootprep/index.html new file mode 100644 index 0000000000..873fbd9a82 --- /dev/null +++ b/en-24/usage/sat_bootprep/index.html @@ -0,0 +1,1319 @@ + + + + + + + + + + + + SAT Bootprep :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+ +
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Bootprep

+

SAT provides an automated solution for creating CFS configurations, building +and configuring images in IMS, and creating BOS session templates based on a +given input file which defines how those configurations, images, and session +templates should be created.

+

This automated process centers around the sat bootprep command. Man page +documentation for sat bootprep can be viewed similarly to other SAT commands.

+
ncn-m001# sat-man sat-bootprep
+

SAT Bootprep vs SAT Bootsys

+

sat bootprep is used to create CFS configurations, build and +rename IMS images, and create BOS session templates which tie the +configurations and images together during a BOS session.

+

sat bootsys automates several portions of the boot and shutdown processes, +including (but not limited to) performing BOS operations (such as creating BOS +sessions), powering on and off cabinets, and checking the state of the system +prior to shutdown.

+

Editing a Bootprep Input File

+

The input file provided to sat bootprep is a YAML-formatted file containing +information which CFS, IMS, and BOS use to create configurations, images, and +BOS session templates respectively. Writing and modifying these input files is +the main task associated with using sat bootprep. An input file is composed of +three main sections, one each for configurations, images, and session templates. +These sections may be specified in any order, and any of the sections may be +omitted if desired.

+

Providing a Schema Version

+

The sat bootprep input file is validated against a versioned schema +definition. The input file should specify the version of the schema with which +it is compatible under a schema_version key. For example:

+
---
+schema_version: 1.0.2
+

The current sat bootprep input file schema version can be viewed with the +following command:

+
ncn-m001# sat bootprep view-schema | grep '^version:'
+version: '1.0.2'
+

The sat bootprep run command validates the schema version specified +in the input file. The command also makes sure that the schema version +of the input file is compatible with the schema version understood by the +current version of sat bootprep. For more information on schema version +validation, refer to the schema_version property description in the bootprep +input file schema. For more information on viewing the bootprep input file +schema in either raw form or user-friendly HTML form, see Viewing the Exact +Schema Specification or +Generating User-Friendly Documentation.

+

The default sat bootprep input files provided by the hpc-csm-software-recipe +release distribution already contain the correct schema version.

+

Defining CFS Configurations

+

The CFS configurations are defined under a configurations key. Under this +key, you can list one or more configurations to create. For each +configuration, give a name in addition to the list of layers that +comprise the configuration.

+

Each layer can be defined by a product name and optionally a version number, +commit hash, or branch in the product’s configuration repository. If this +method is used, the layer is created in CFS by looking up relevant configuration +information (including the configuration repository and commit information) from +the cray-product-catalog Kubernetes ConfigMap as necessary. A version may be +supplied. However, if it is absent, the version is assumed to be the latest +version found in the cray-product-catalog.

+

Alternatively, a configuration layer can be defined by explicitly referencing +the desired configuration repository. You must then specify the intended version +of the Ansible playbooks by providing a branch name or commit hash with branch +or commit.

+

The following example shows a CFS configuration with two layers. The first +layer is defined in terms of a product name and version, and the second layer +is defined in terms of a Git clone URL and branch:

+
---
+configurations:
+- name: example-configuration
+  layers:
+  - name: example-product
+    playbook: example.yml
+    product:
+      name: example
+      version: 1.2.3
+  - name: another-example-product
+    playbook: another-example.yml
+    git:
+      url: "https://vcs.local/vcs/another-example-config-management.git"
+      branch: main
+

When sat bootprep is run against an input file, a CFS configuration is created +corresponding to each configuration in the configurations section. For +example, the configuration created from an input file with the layers listed +above might look something like the following:

+
{
+    "lastUpdated": "2022-02-07T21:47:49Z",
+    "layers": [
+        {
+            "cloneUrl": "https://vcs.local/vcs/example-config-management.git",
+            "commit": "<commit hash>",
+            "name": "example product",
+            "playbook": "example.yml"
+        },
+        {
+            "cloneUrl": "https://vcs.local/vcs/another-example-config-management.git",
+            "commit": "<commit hash>",
+            "name": "another example product",
+            "playbook": "another-example.yml"
+        }
+    ],
+    "name": "example-configuration"
+}
+

Defining IMS Images

+

The IMS images are defined under an images key. Under the images key, the +user may define one or more images to be created in a list. Each element of the +list defines a separate IMS image to be built and/or configured. Images must +contain a name key and a base key.

+

The name key defines the name of the resulting IMS image. The base key +defines the base image to be configured or the base recipe to be built and +optionally configured. One of the following keys must be present under the +base key:

+
    +
  • Use an ims key to specify an existing image or recipe in IMS.
    • +
  • Use a product key to specify an image or recipe provided by a +particular version of a product. Note that this is only possible if the +product provides a single image or recipe.
    • +
  • Use an image_ref key to specify another image from the input file +using its ref_name.
    • +
+

Images may also contain the following keys:

+
    +
  • Use a configuration key to specify a CFS configuration with which to +customize the built image. If a configuration is specified, then configuration +groups must also be specified using the configuration_group_names key.
    • +
  • Use a ref_name key to specify a unique name that can refer to this image +within the input file in other images or in session templates. The ref_name +key allows references to images from the input file that have dynamically +generated names as described in +Dynamic Variable Substitutions.
    • +
  • Use a description key to describe the image in the bootprep input file. +Note that this key is not currently used.
    • +
+

Here is an example of an image using an existing IMS recipe as its base. This +example builds an IMS image from that recipe. It then configures it with +a CFS configuration named example-compute-config. The example-compute-config +CFS configuration can be defined under the configurations key in the same +input file, or it can be an existing CFS configuration. Running sat bootprep +against this input file results in an image named example-compute-image.

+
images:
+- name: example-compute-image
+  description: >
+    An example compute node image built from an existing IMS recipe.    
+  base:
+    ims:
+      name: example-compute-image-recipe
+      type: recipe
+  configuration: example-compute-config
+  configuration_group_names:
+  - Compute
+

Here is an example showing the definition of two images. The first image is +built from a recipe provided by the cos product. The second image uses the +first image as a base and configures it with a configuration named +example-compute-config. The value of the first image’s ref_name key is used +in the second image’s base.image_ref key to specify it as a dependency. +Running sat bootprep against this input file results in two images, the +first named example-cos-image and the second named example-compute-image.

+
images:
+- name: example-cos-image
+  ref_name: example-cos-image
+  description: >
+    An example image built from a recipe provided by the COS product.    
+  base:
+    product:
+      name: cos
+      version: 2.3.101
+      type: recipe
+- name: example-compute-image
+  description: >
+    An example image built from a recipe provided by the COS product.    
+  base:
+    image_ref: example-cos-image
+  configuration: example-compute-config
+  configuration_group_names:
+  - Compute
+

Defining BOS Session Templates

+

The BOS session templates are defined under the session_templates key. Each +session template must provide values for the name, image, configuration, +and bos_parameters keys. The name key defines the name of the resulting BOS +session template. The image key defines the image to use in the BOS session +template. One of the following keys must be present under the image key:

+
    +
  • Use an ims key to specify an existing image or recipe in IMS.
    • +
  • Use an image_ref key to specify another image from the input file +using its ref_name.
    • +
+

The configuration key defines the CFS configuration specified +in the BOS session template.

+

The bos_parameters key defines parameters that are passed through directly to +the BOS session template. The bos_parameters key should contain a boot_sets +key, and each boot set in the session template should be specified under +boot_sets. Each boot set can contain the following keys, all of +which are optional:

+
    +
  • Use a kernel_parameters key to specify the parameters passed to the kernel on the command line.
    • +
  • Use a network key to specify the network over which the nodes boot.
    • +
  • Use a node_list key to specify the nodes to add to the boot set.
    • +
  • Use a node_roles_groups key to specify the HSM roles to add to the boot set.
    • +
  • Use a node_groups key to specify the HSM groups to add to the boot set.
    • +
  • Use a rootfs_provider key to specify the root file system provider.
    • +
  • Use a rootfs_provider_passthrough key to specify the parameters to add to the rootfs= +kernel parameter.
    • +
+

As mentioned above, the parameters under bos_parameters are passed through +directly to BOS. For more information on the properties of a BOS boot set, +refer to BOS Session Templates in the Cray +System Management Documentation.

+

Here is an example of a BOS session template that refers to an existing IMS +image by name:

+
session_templates:
+- name: example-session-template
+  image:
+    ims:
+      name: example-image
+  configuration: example-configuration
+  bos_parameters:
+    boot_sets:
+      example_boot_set:
+        kernel_parameters: ip=dhcp quiet
+        node_roles_groups:
+        - Compute
+        rootfs_provider: cpss3
+        rootfs_provider_passthrough: dvs:api-gw-service-nmn.local:300:nmn0
+

Here is an example of a BOS session template that refers to an image from the +input file by its ref_name. This requires that an image defined in the input +file specifies example-image as the value of its ref_name key.

+
session_templates:
+- name: example-session-template
+  image:
+    image_ref: example-image
+  configuration: example-configuration
+  bos_parameters:
+    boot_sets:
+      example_boot_set:
+        kernel_parameters: ip=dhcp quiet
+        node_roles_groups:
+        - Compute
+        rootfs_provider: cpss3
+        rootfs_provider_passthrough: dvs:api-gw-service-nmn.local:300:nmn0
+

HPC CSM Software Recipe Variable Substitutions

+

The HPC CSM Software Recipe provides a manifest defining the versions of each +HPC software product included in the recipe. These product versions can be used +in the sat bootprep input file with Jinja2 template syntax.

+

Selecting an HPC CSM Software Recipe Version

+

By default, the sat bootprep command uses the product versions from the +latest installed version of the HPC CSM Software Recipe. However, you can +override this with the --recipe-version command line argument to sat bootprep run.

+

For example, to explicitly select the 22.11.0 version of the HPC CSM Software +Recipe, specify --recipe-version 22.11.0:

+
ncn-m001# sat bootprep run --recipe-version 22.11.0 compute-and-uan-bootprep.yaml
+

Values Supporting Jinja2 Template Rendering

+

The entire sat bootprep input file is not rendered by the Jinja2 template +engine. Jinja2 template rendering of the input file is performed individually +for each supported value. The values of the following keys support rendering as +a Jinja2 template:

+
    +
  • The name key of each configuration under the configurations key.
    • +
  • The following keys of each layer under the layers key in a +configuration: +
      +
    • name
      • +
    • git.branch
      • +
    • product.version
      • +
    • product.branch
      • +
    +
    • +
  • The following keys of each image under the images key: +
      +
    • name
      • +
    • base.product.version
      • +
    • configuration
      • +
    +
    • +
  • The following keys of each session template under the +session_templates key: +
      +
    • name
      • +
    • configuration
      • +
    +
    • +
+

You can use Jinja2 built-in filters in values of any of the keys listed above. +In addition, Python string methods can be called on the string variables.

+

Viewing HPC CSM Software Recipe Variables

+

HPC CSM Software Recipe variables are available, and you can use them in the values +of the keys listed above. View these variables by cloning the hpc-csm-software-recipe +repository from VCS and accessing the product_vars.yaml file on the branch that +corresponds to the targeted version of the HPC CSM Software Recipe.

+
    +
  1. +

    Set up a shell script to access the password for the crayvcs user:

    +
    ncn-m001# cat > vcs-creds-helper.sh <<EOF
+#!/bin/bash
+kubectl get secret -n services vcs-user-credentials -o jsonpath={.data.vcs_password} | base64 -d
+EOF
+
    2. +
  2. +

    Ensure vcs-creds-helper.sh is executable:

    +
    ncn-m001# chmod u+x vcs-creds-helper.sh
+
    3. +
  3. +

    Set the GIT_ASKPASS environment variable to the path to the +vcs-creds-helper.sh script:

    +
    ncn-m001# export GIT_ASKPASS="$PWD/vcs-creds-helper.sh"
+
    4. +
  4. +

    Clone the hpc-csm-software-recipe repository:

    +
    ncn-m001# git clone https://crayvcs@api-gw-service-nmn.local/vcs/cray/hpc-csm-software-recipe.git
+
    5. +
  5. +

    Change the directory to the hpc-csm-software-recipe repository:

    +
    ncn-m001# cd hpc-csm-software-recipe
+
    6. +
  6. +

    View the versions of the HPC CSM Software Recipe on the system:

    +
    ncn-m001# git branch -r
+
    7. +
  7. +

    Check out the branch of the hpc-csm-software-recipe repository that corresponds to +the targeted HPC CSM Software Recipe version. For example, for recipe version +22.11.0:

    +
    ncn-m001# git checkout cray/hpc-csm-software-recipe/22.11.0
+
    8. +
  8. +

    View the contents of the file product_vars.yaml in the clone of the +repository:

    +
    ncn-m001# cat product_vars.yaml
+
    9. +
+

The variables defined in the product_vars.yaml file can be used in the values +that support Jinja2 templates. A variable is specified by a dot-separated path, +with each component of the path representing a key in the YAML file. For +example, a version of the COS product appears as follows in the +product_vars.yaml file:

+
cos:
+  version: 2.4.76
+

This COS version can be used by specifying cos.version within a value in the +input file.

+

HPC CSM Software Recipe Variable Substitution Example

+

The following example bootprep input file shows how a COS version can be +used in a bootprep input file that creates a CFS configuration for computes. +Only one layer is shown for brevity.

+
---
+configurations:
+- name: compute-{{recipe.version}}
+  layers:
+  - name: cos-compute-integration-{{cos.version}}
+    playbook: cos-compute.yaml
+    product:
+      name: cos
+      version: "{{cos.version}}"
+      branch: integration-{{cos.version}}
+

Note: When the value of a key in the bootprep input file is a Jinja2 +expression, it must be quoted to pass YAML syntax checking.

+

Jinja2 expressions can also use filters and Python’s built-in string methods to +manipulate the variable values. For example, suppose only the major and minor +components of a COS version are to be used in the branch name for the COS +layer of the CFS configuration. You can use the split string method to +achieve this as follows:

+
---
+configurations:
+- name: compute-{{recipe.version}}
+  layers:
+  - name: cos-compute-integration-{{cos.version}}
+    playbook: cos-compute.yaml
+    product:
+      name: cos
+      version: "{{cos.version}}"
+      branch: integration-{{cos.version.split('.')[0]}}-{{cos.version.split('.')[1]}}
+

Dynamic Variable Substitutions

+

Additional variables are available besides the product version variables +provided by the HPC CSM Software Recipe. (For more information, see HPC +CSM Software Recipe Variable Substitutions.) +These additional variables are dynamic because their values are +determined at run-time based on the context in which they appear. Available +dynamic variables include the following:

+
    +
  • The variable base.name can be used in the name of an image under the +images key. The value of this variable is the name of the IMS image or +recipe used as the base of this image.
    • +
  • The variable image.name can be used in the name of a session template +under the session_templates key. The value of this variable is the name of +the IMS image used in this session template.
    • +
+

These variables reduce the need to duplicate values throughout the sat bootprep input file and make the following use cases possible:

+
    +
  • You want to build an image from a recipe provided by a product and use the +name of the recipe in the name of the resulting image.
    • +
  • You want to use the name of the image in the name of a session template, and +the image is generated as described in the previous use case.
    • +
+

Example Bootprep Input Files

+

This section provides an example bootprep input file. It also gives +instructions for obtaining the default bootprep input files delivered +with a release of the HPC CSM Software Recipe.

+

Example Bootprep Input File

+

The following bootprep input file provides an example of using most of the +features described in previous sections. It is not intended to be a complete +bootprep file for the entire CSM product.

+
---
+configurations:
+- name: compute-{{recipe.version}}
+  layers:
+  - name: cos-compute-integration-{{cos.version}}
+    playbook: site.yml
+    product:
+      name: cos
+      version: "{{cos.version}}"
+      branch: integration-{{cos.version}}
+  - name: cpe-pe_deploy-integration-{{cpe.version}}
+    playbook: pe_deploy.yml
+    product:
+      name: cpe
+      version: "{{cpe.version}}"
+      branch: integration-{{cpe.version}}
+
+images:
+- name: "{{base.name}}"
+  ref_name: base_cos_image
+  base:
+    product:
+      name: cos
+      type: recipe
+      version: "{{cos.version}}"
+
+- name: compute-{{base.name}}
+  ref_name: compute_image
+  base:
+    image_ref: base_cos_image
+  configuration: compute-{{recipe.version}}
+  configuration_group_names:
+  - Compute
+
+session_templates:
+- name: compute-{{recipe.version}}
+  image:
+    image_ref: compute_image
+  configuration: compute-{{recipe.version}}
+  bos_parameters:
+    boot_sets:
+      compute:
+        kernel_parameters: ip=dhcp quiet spire_join_token=${SPIRE_JOIN_TOKEN}
+        node_roles_groups:
+        - Compute
+        rootfs_provider_passthrough: "dvs:api-gw-service-nmn.local:300:hsn0,nmn0:0"
+

Accessing Default Bootprep Input Files

+

Default bootprep input files are delivered by the HPC CSM Software Recipe +product. You can access these files by cloning the hpc-csm-software-recipe +repository.

+

To do this, follow steps 1-7 of the procedure in Viewing HPC CSM Software Recipe +Variables. Then, access the files in the +bootprep directory of that repository:

+
ncn-m001# ls bootprep/
+

Generating an Example Bootprep Input File

+

The sat bootprep generate-example command was not updated for +recent bootprep schema changes. It is recommended that you instead use the +default bootprep input files described in Accessing Default Bootprep Input +Files. The sat bootprep generate-example command will be updated in a future release of SAT.

+

Editing HPC CSM Software Recipe Defaults

+

You might need to edit the default bootprep input files delivered by the HPC +CSM Software Recipe for your system. Here are some examples of how to edit +the files.

+

Editing Default Branch Names

+

Before running sat bootprep, HPE recommends reading the bootprep input files +and paying specific attention to the branch parameters. Some HPE Cray EX +products require system-specific changes on a working branch of VCS. For these +products, the default bootprep input files assume certain naming conventions for +the VCS branches. The files refer to a particular branch of a product’s +configuration management repository.

+

Thus, it is important to confirm that the bootprep input files delivered by the +HPC CSM Software Recipe match the actual system branch names. For example, the +COS product’s CFS configuration layer is defined as follows in the default +management-bootprep.yaml bootprep input file.

+
- name: cos-ncn-integration-{{cos.version}}
+  playbook: ncn.yml
+  product:
+    name: cos
+    version: "{{cos.version}}"
+    branch: integration-{{cos.version}}
+

The default file is assuming that system-specific Ansible configuration changes +for the COS product in VCS are stored in a branch named +integration-{{cos.version}}. If the version being installed is COS 2.4.99, +sat bootprep looks for a branch named integration-2.4.99 from which to +create CFS configuration layers.

+

You can create VCS working branches that are not the default bootprep input file +branch names. A simple example of this is using cne-install to update working +VCS branches. If you use cne-install to update working VCS branches, (namely in +the update_working_branches stage), you create or update the branches specified +by the -B WORKING_BRANCH command line option. For example, consider the +following cne-install command.

+
ncn-m001# ./cne-install install \
+    -B integration \
+    -s deploy_products \
+    -e update_working_branches
+

Products installed with this cne-install example use the working branch +integration for system-specific changes to VCS. The branch specified by the +-B option must match the branch specified in the bootprep input file.

+

In another example, to use the branch integration for COS instead of +integration-{{cos.version}}, edit the bootprep input file so it reads as +follows.

+
- name: cos-ncn-integration-{{cos.version}}
+  playbook: ncn.yml
+  product:
+    name: cos
+    version: "{{cos.version}}"
+    branch: integration
+

Editing Default Management CFS Configuration Names

+

The default bootprep input file for management CFS configurations +(management-bootprep.yaml) creates configurations that have names specified +within the input file. For example, in the bootprep input files included in the +22.11 HPC CSM Software Recipe, the following configurations are named:

+
    +
  • ncn-personalization
    • +
  • ncn-image-customization
    • +
+

These default management CFS configuration names might be acceptable for your +system. However, it is possible to create other names. sat bootprep creates +whatever configurations are specified in the input file. For example, to +create a NCN node personalization configuration named +ncn-personalization-test, edit the file as follows.

+
configurations:
+- name: ncn-personalization-test
+  layers:
+  ...
+

For management configurations, use sat status to identify the current +desired configuration for each of the management nodes.

+
ncn-m001# sat status --fields xname,role,subrole,desiredconfig --filter role=management
++----------------+------------+---------+---------------------+
+| xname          | Role       | SubRole | Desired Config      |
++----------------+------------+---------+---------------------+
+| x3000c0s1b0n0  | Management | Master  | ncn-personalization |
+| x3000c0s3b0n0  | Management | Master  | ncn-personalization |
+| x3000c0s5b0n0  | Management | Master  | ncn-personalization |
+| x3000c0s7b0n0  | Management | Worker  | ncn-personalization |
+| x3000c0s9b0n0  | Management | Worker  | ncn-personalization |
+| x3000c0s11b0n0 | Management | Worker  | ncn-personalization |
+| x3000c0s13b0n0 | Management | Worker  | ncn-personalization |
+| x3000c0s17b0n0 | Management | Storage | ncn-personalization |
+| x3000c0s19b0n0 | Management | Storage | ncn-personalization |
+| x3000c0s21b0n0 | Management | Storage | ncn-personalization |
+| x3000c0s25b0n0 | Management | Worker  | ncn-personalization |
++----------------+------------+---------+---------------------+
+

To overwrite the desired configuration using sat bootprep, ensure the bootprep +input file specifies to create a configuration with the same name +(ncn-personalization in the example above). To create a different configuration, +ensure the bootprep input file specifies to create a configuration with a +different name than the desired configuration (different than ncn-personalization +in the example above).

+

Upgrading a Single Product and Overriding its Default Version

+

When working with a given HPC CSM Software Recipe, it might be necessary to +upgrade a single HPE Cray EX product past the default version given in the +recipe. However, you might still want to use the other default product versions +contained in that recipe. To do this, first upgrade the single product. For +more information, refer to the upgrade instructions in that product’s +documentation.

+

After the product is upgraded, you must override its default version in subsequent +runs of sat bootprep. The following process explains how to do this. In this +example, all the default product versions from the 22.11 software recipe are +used except for COS. The COS default product version is overridden to version +2.4.199 instead, and the CFS configurations in management-bootprep.yaml are +created.

+
    +
  1. +

    Ensure you have a local copy of the default bootprep input files.

    +

    For more information, see Accessing Default Bootprep Input +Files.

    +
    2. +
  2. +

    Edit the product_vars.yaml file to change the default product version.

    +
    ncn-m001# vim product_vars.yaml
+
    3. +
  3. +

    Confirm the new product version in the edited product_vars.yaml file.

    +
    ncn-m001# grep -A1 cos: `product_vars.yaml`:
+cos:
+  version: 2.4.199
+
    4. +
  4. +

    Use the --vars-file option when running sat bootprep to override the +default product version.

    +

    You must run this command from the directory containing the product_vars.yaml +file. The product_vars.yaml file must also be specified when using the +--vars-file option. It is not sufficient to just edit the file.

    +
    ncn-m001# sat bootprep run --vars-file product_vars.yaml bootprep/management-bootprep.yaml
+

    Note: This example is specific to creating the configurations defined in +management-bootprep.yaml. Review what configurations, images, or session templates +you intend to create by viewing the input file.

    +
    5. +
+

Viewing Built-in Generated Documentation

+

The contents of the YAML input files described above must conform to a schema +which defines the structure of the data. The schema definition is written using +the JSON Schema format. (Although the format is named “JSON Schema”, the schema +itself is written in YAML as well.) More information, including introductory +materials and a formal specification of the JSON Schema metaschema, can be found +on the JSON Schema website.

+

Viewing the Exact Schema Specification

+

To view the exact schema specification, run sat bootprep view-schema.

+
ncn-m001# sat bootprep view-schema
+---
+$schema: "https://json-schema.org/draft/2020-12/schema"
+...
+title: Bootprep Input File
+description: >
+  A description of the set of CFS configurations to create, the set of IMS
+  images to create and optionally customize with the defined CFS configurations,
+  and the set of BOS session templates to create that reference the defined
+  images and configurations.
+type: object
+additionalProperties: false
+properties:
+  ...
+

Generating User-Friendly Documentation

+

The raw schema definition can be difficult to understand without experience +working with JSON Schema specifications. For this reason, a feature is included +that generates user-friendly HTML documentation for the input file schema. This +HTML documentation can be browsed with your preferred web browser.

+
    +
  1. +

    Create a documentation tarball using sat bootprep.

    +
    ncn-m001# sat bootprep generate-docs
+INFO: Wrote input schema documentation to /root/bootprep-schema-docs.tar.gz
+

    An alternate output directory can be specified with the --output-dir +option. The generated tarball is always named bootprep-schema-docs.tar.gz.

    +
    ncn-m001# sat bootprep generate-docs --output-dir /tmp
+INFO: Wrote input schema documentation to /tmp/bootprep-schema-docs.tar.gz
+
    2. +
  2. +

    From another machine, copy the tarball to a local directory.

    +
    another-machine$ scp root@ncn-m001:bootprep-schema-docs.tar.gz .
+
    3. +
  3. +

    Extract the contents of the tarball and open the contained index.html.

    +
    another-machine$ tar xzvf bootprep-schema-docs.tar.gz
+x bootprep-schema-docs/
+x bootprep-schema-docs/index.html
+x bootprep-schema-docs/schema_doc.css
+x bootprep-schema-docs/schema_doc.min.js
+another-machine$ open bootprep-schema-docs/index.html
+
    4. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-25/404.html b/en-25/404.html new file mode 100644 index 0000000000..8ecbe94b97 --- /dev/null +++ b/en-25/404.html @@ -0,0 +1,59 @@ + + + + + + + + + 404 Page not found + + + + + + + + + + + + + + + + + + +
+
+
+
+

+

+

+

+

+

+

Page not found!

+
+
+ +
+ + + diff --git a/en-25/categories/index.html b/en-25/categories/index.html new file mode 100644 index 0000000000..825636410e --- /dev/null +++ b/en-25/categories/index.html @@ -0,0 +1,1142 @@ + + + + + + + + + + + + Categories :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ + category :: + +

+ + + + + + + + +
    + +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-25/categories/index.xml b/en-25/categories/index.xml new file mode 100644 index 0000000000..3d4e90be62 --- /dev/null +++ b/en-25/categories/index.xml @@ -0,0 +1,11 @@ + + + + Categories on System Admin Toolkit (SAT) + /docs-sat/en-25/categories/ + Recent content in Categories on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-25 + + + diff --git a/en-25/dashboards/index.html b/en-25/dashboards/index.html new file mode 100644 index 0000000000..0b47986efe --- /dev/null +++ b/en-25/dashboards/index.html @@ -0,0 +1,1127 @@ + + + + + + + + + + + + SAT Dashboards :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + + +

SAT Dashboards

+ + + + + + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-25/dashboards/index.xml b/en-25/dashboards/index.xml new file mode 100644 index 0000000000..b2009f4665 --- /dev/null +++ b/en-25/dashboards/index.xml @@ -0,0 +1,26 @@ + + + + SAT Dashboards on System Admin Toolkit (SAT) + /docs-sat/en-25/dashboards/ + Recent content in SAT Dashboards on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-25 + Wed, 11 Dec 2024 03:40:00 +0000 + + + SAT Grafana Dashboards + /docs-sat/en-25/dashboards/sat_grafana_dashboards/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-25/dashboards/sat_grafana_dashboards/ + SAT Grafana Dashboards The SAT Grafana Dashboards display messages that are generated by the HSN (High Speed Network) and reported through Redfish. The messages are displayed based on severity. Grafana can be accessed via web browser at the following URL: https://sma-grafana.cmn.&lt;site-domain&gt; The value of site-domain can be obtained as follows: ncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath=&#39;{.data.customizations\.yaml}&#39; | \ base64 -d | grep &#34;external:&#34; That command will produce the following output, for example: + + + SAT Kibana Dashboards + /docs-sat/en-25/dashboards/sat_kibana_dashboards/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-25/dashboards/sat_kibana_dashboards/ + SAT Kibana Dashboards Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored in Elasticsearch indices. Kibana runs as a web service and has a browser-based interface. It offers visual output of node data in the forms of charts, tables and maps that display real-time Elasticsearch queries. Viewing system data in this way breaks down the complexity of large data volumes into easily understood information. + + + diff --git a/en-25/dashboards/sat_grafana_dashboards/index.html b/en-25/dashboards/sat_grafana_dashboards/index.html new file mode 100644 index 0000000000..5320f516aa --- /dev/null +++ b/en-25/dashboards/sat_grafana_dashboards/index.html @@ -0,0 +1,1232 @@ + + + + + + + + + + + + SAT Grafana Dashboards :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Grafana Dashboards

+

The SAT Grafana Dashboards display messages that are generated by the HSN (High Speed Network) and reported through +Redfish. The messages are displayed based on severity.

+

Grafana can be accessed via web browser at the following URL:

+
    +
  • https://sma-grafana.cmn.<site-domain>
    • +
+

The value of site-domain can be obtained as follows:

+
ncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath='{.data.customizations\.yaml}' | \
+    base64 -d | grep "external:"
+

That command will produce the following output, for example:

+
    external: EXAMPLE_DOMAIN.com
+

This would result in the address for Grafana being https://sma-grafana.cmn.EXAMPLE_DOMAIN.com

+

For more information on accessing the Grafana Dashboards, refer to Access the Grafana Monitoring UI in the +SMA product documentation.

+

For more information on the interpretation of metrics for the SAT Grafana Dashboards, refer to “Fabric Telemetry +Kafka Topics” in the SMA product documentation.

+ +

There are four Fabric Telemetry dashboards used in SAT that report on the HSN. Two contain chart panels and two display +telemetry in a tabular format.

+ + + + + + + + + + + + + + + + + + + + + + + + + +
Dashboard NameDisplay Type
Fabric CongestionChart Panels
Fabric RFC3635Chart Panels
Fabric ErrorsTabular Format
Fabric Port StateTabular Format
+

The tabular format presents a single point of telemetry for a given location and metric, either because the telemetry +is not numerical or that it changes infrequently. The value shown is the most recently reported value for that location +during the time range selected, if any. The interval setting is not used for tabular dashboards.

+

SAT Grafana Interval and Locations Options

+

Shows the Interval and Locations Options for the available telemetry.

+

Grafana Interval and Locations Options

+

The value of the Interval option sets the time resolution of the received telemetry. This works a bit like a +histogram, with the available telemetry in an interval of time going into a “bucket” and averaging out to a single +point on the chart or table. The special value auto will choose an interval based on the time range selected.

+

For more information, refer to Grafana Templates and Variables.

+

The Locations option allows restriction of the telemetry shown by locations, either individual links or all links +in a switch. The selection presented updates dynamically according to time range, except for the errors dashboard, +which always has entries for all links and switches, although the errors shown are restricted to the selected time +range.

+

The chart panels for the RFC3635 and Congestion dashboards allow selection of a single location from the chart’s legend +or the trace on the chart.

+

Grafana Fabric Congestion Dashboard

+

Grafana Fabric Congestion Dashboard

+

SAT Grafana Dashboards provide system administrators a way to view fabric telemetry data across all Rosetta switches in +the system and assess the past and present health of the high-speed network. It also allows the ability to drill down +to view data for specific ports on specific switches.

+

This dashboard contains the variable, Port Type not found in the other dashboards. The possible values are edge, +local, and global and correspond to the link’s relationship to the network topology. The locations presented in the +panels are restricted to the values (any combination, defaults to “all”) selected.

+

The metric values for links of a given port type are similar in value to each other but very distinct from the values of +other types. If the values for different port types are all plotted together, the values for links with lower values are +indistinguishable from zero when plotted.

+

The port type of a link is reported as a port state “subtype” event when defined at port initialization.

+

Grafana Fabric Errors Dashboard

+

Grafana HSN Errors Dashboard

+

This dashboard reports error counters in a tabular format in three panels.

+

There is no Interval option because this parameter is not used to set a coarseness of the data. Only a single value +is presented that displays the most recent value in the time range.

+

Unlike other dashboards, the locations presented are all locations in the system rather than having telemetry within +the time range selected. However, the values are taken from telemetry within the time range.

+

Grafana Fabric Port State Dashboard

+

Grafana Fabric Port State Dashboard

+

There is no Interval option because this parameter is not used to set a coarseness of the data. Only a single value +is presented that displays the most recent value in the time range.

+

The Fabric Port State telemetry is distinct because it typically is not numeric. It also updates infrequently, so a +long time range may be necessary to obtain any values. Port State is refreshed daily, so a time range of 24 hours +results in all states for all links in the system being shown.

+

The three columns named, group, switch, and port are not port state events, but extra information included with +all port state events.

+

Grafana Fabric RFC3635 Dashboard

+

Grafana Fabric RFC3635 Dashboard

+

For more information on performance counters, refer to +Definitions of Managed Objects for the Ethernet-like Interface Types, +an Internet standards document.

+

Because these metrics are counters that only increase over time, the values plotted are the change in the counter’s +value over the interval setting.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-25/dashboards/sat_kibana_dashboards/index.html b/en-25/dashboards/sat_kibana_dashboards/index.html new file mode 100644 index 0000000000..2402c2d0b4 --- /dev/null +++ b/en-25/dashboards/sat_kibana_dashboards/index.html @@ -0,0 +1,1424 @@ + + + + + + + + + + + + SAT Kibana Dashboards :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Kibana Dashboards

+

Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored +in Elasticsearch indices. Kibana runs as a web service and has a browser-based interface. It offers visual output of +node data in the forms of charts, tables and maps that display real-time Elasticsearch queries. Viewing system data in +this way breaks down the complexity of large data volumes into easily understood information.

+

Kibana can be accessed via web browser at the following URL:

+
    +
  • https://sma-kibana.cmn.<site-domain>
    • +
+

The value of site-domain can be obtained as follows:

+
ncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath='{.data.customizations\.yaml}' | \
+    base64 -d | grep "external:"
+

That command will produce the following output, for example:

+
    external: EXAMPLE_DOMAIN.com
+

This would result in the address for Kibana being https://sma-kibana.cmn.EXAMPLE_DOMAIN.com

+

For more information on accessing the Kibana Dashboards, refer to View Logs Via Kibana in the SMA product +documentation.

+

Additional details about the AER, ATOM, Heartbeat, Kernel, MCE, and RAS Daemon Kibana Dashboards are included in this +table.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
DashboardShort DescriptionLong DescriptionKibana Visualization and Search Name
sat-aerAER correctedCorrected Advanced Error Reporting messages from PCI Express devices on each node.Visualization: aer-corrected Search: sat-aer-corrected
sat-aerAER fatalFatal Advanced Error Reporting messages from PCI Express devices on each node.Visualization: aer-fatal Search: sat-aer-fatal
sat-atomATOM failuresApplication Task Orchestration and Management tests are run on a node when a job finishes. Test failures are logged.sat-atom-failed
sat-atomATOM admindownApplication Task Orchestration and Management test failures can result in nodes being marked admindown. An admindown node is not available for job launch.sat-atom-admindown
sat-heartbeatHeartbeat loss eventsHeartbeat loss event messages reported by the hbtd pods that monitor for heartbeats across nodes in the system.sat-heartbeat
sat-kernelKernel assertionsThe kernel software performs a failed assertion when some condition represents a serious fault. The node goes down.sat-kassertions
sat-kernelKernel panicsThe kernel panics when something is seriously wrong. The node goes down.sat-kernel-panic
sat-kernelLustre bugs (LBUGs)The Lustre software in the kernel stack performs a failed assertion when some condition related to file system logic represents a serious fault. The node goes down.sat-lbug
sat-kernelCPU stallsCPU stalls are serous conditions that can reduce node performance, and sometimes cause a node to go down. Technically these are Read-Copy-Update stalls where software in the kernel stack holds onto memory for too long. Read-Copy-Update is a vital aspect of kernel performance and rather esoteric.sat-cpu-stall
sat-kernelOut of memoryAn Out Of Memory (OOM) condition has occurred. The kernel must kill a process to continue. The kernel will select an expendable process when possible. If there is no expendable process the node usually goes down in some manner. Even if there are expendable processes the job is likely to be impacted. OOM conditions are best avoided.sat-oom
sat-mceMCEMachine Check Exceptions (MCE) are errors detected at the processor level.sat-mce
sat-rasdaemonrasdaemon errorsErrors from the rasdaemon service on nodes. The rasdaemon service is the Reliability, Availability, and Serviceability Daemon, and it is intended to collect all hardware error events reported by the Linux kernel, including PCI and MCE errors. This may include certain HSN errors in the future.sat-rasdaemon-error
sat-rasdaemonrasdaemon messagesAll messages from the rasdaemon service on nodes.sat-rasdaemon
+

Disable Search Highlighting in Kibana Dashboard

+

By default, search highlighting is enabled. This procedure instructs how to disable search highlighting.

+

The Kibana Dashboard should be open on your system.

+
    +
  1. +

    Navigate to Management

    +
    2. +
  2. +

    Navigate to Advanced Settings in the Kibana section, below the Elastic search section

    +
    3. +
  3. +

    Scroll down to the Discover section

    +
    4. +
  4. +

    Change Highlight results from on to off

    +
    5. +
  5. +

    Click Save to save changes

    +
    6. +
+

AER Kibana Dashboard

+

The AER Dashboard displays errors that come from the PCI Express Advanced Error Reporting (AER) driver. These errors +are split up into separate visualizations depending on whether they are fatal or corrected errors.

+

View the AER Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-aer dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the Corrected and Fatal Advanced Error Reporting messages from PCI Express devices on each node. View the +matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on +the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass +next to each NID.

    +
    5. +
+

ATOM Kibana Dashboard

+

The ATOM (Application Task Orchestration and Management) Dashboard displays node failures that occur during health +checks and application test failures. Some test failures are of possible interest even though a node is not marked +admindown or otherwise fails. They are of clear interest if a node is marked admindown, and might provide +clues if a node otherwise fails. They might also show application problems.

+

View the ATOM Kibana Dashboard

+

HPE Cray EX is installed on the system along with the System Admin Toolkit, which contains the ATOM Kibana Dashboard.

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-atom dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View any nodes marked admindown and any ATOM test failures. These failures occur during health checks and +application test failures. Test failures marked admindown are important to note. View the matching log messages +in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, +results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.

    +
    5. +
+

Heartbeat Kibana Dashboard

+

The Heartbeat Dashboard displays heartbeat loss messages that are logged by the hbtd pods in the system. The hbtd +pods are responsible for monitoring nodes in the system for heartbeat loss.

+

View the Heartbeat Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-heartbeat dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the heartbeat loss messages that are logged by the hbtd pods in the system. The hbtd pods are responsible +for monitoring nodes in the system for heartbeat loss. View the matching log messages in the panel.

    +
    5. +
+

Kernel Kibana Dashboard

+

The Kernel Dashboard displays compute node failures such as kernel assertions, kernel panics, and Lustre LBUG messages. +The messages reveal if Lustre has experienced a fatal error on any compute nodes in the system. A CPU stall is a serious +problem that might result in a node failure. Out-of-memory conditions can be due to applications or system problems and +may require expert analysis. They provide useful clues for some node failures and may reveal if an application is using +too much memory.

+

View the Kernel Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-kernel dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the compute node failures such as kernel assertions, kernel panics, and Lustre LBUG messages. View the matching +log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. +If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to +each NID.

    +
    5. +
+

MCE Kibana Dashboard

+

The MCE Dashboard displays CPU detected processor-level hardware errors.

+

View the MCE Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-mce dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the Machine Check Exceptions (MCEs) listed including the counts per NID (node). For an MCE, the CPU number and +DIMM number can be found in the message, if applicable. View the matching log messages in the panel(s) on the right, +and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID +by clicking the icon showing a + inside a magnifying glass next to each NID.

    +
    5. +
+

RAS Daemon Kibana Dashboard

+

The RAS Daemon Dashboard displays errors that come from the Reliability, Availability, and Serviceability (RAS) daemon +service on nodes in the system. This service collects all hardware error events reported by the Linux kernel, including +PCI and MCE errors. As a result there may be some duplication between the messages presented here and the messages +presented in the MCE and AER dashboards. This dashboard splits up the messages into two separate visualizations, one +for only messages of severity emerg or err and another for all messages from rasdaemon.

+

View the RAS Daemon Kibana Dashboard

+
    +
  1. +

    Go to the dashboard section.

    +
    2. +
  2. +

    Select sat-rasdaemon dashboard.

    +
    3. +
  3. +

    Choose the time range of interest.

    +
    4. +
  4. +

    View the errors that come from the Reliability, Availability, and Serviceability (RAS) daemon service on nodes in +the system. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID +in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside +a magnifying glass next to each NID.

    +
    5. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-25/external_system/index.html b/en-25/external_system/index.html new file mode 100644 index 0000000000..acd3e12d72 --- /dev/null +++ b/en-25/external_system/index.html @@ -0,0 +1,1311 @@ + + + + + + + + + + + + SAT on an External System :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT on an External System

+

SAT can optionally be installed and configured on an external system to interact +with CSM over the CAN.

+

Limitations

+

Most SAT subcommands work by accessing APIs which are reachable via the CAN. +However, certain SAT commands depend on host-based functionality on the +management NCNs and will not work from an external system. This includes the +following:

+
    +
  • The platform-services and ncn-power stages of sat bootsys
    • +
  • The local host information displayed by the --local option of sat showrev
    • +
+

Installing SAT on an external system is not an officially supported configuration. +These instructions are provided “as-is” with the hope that they can useful for +users who desire additional flexibility.

+

Certain additional steps may need to be taken to install and configure SAT +depending on the configuration of the external system in use. These additional +steps may include provisioning virtual machines, installing packages, or +configuring TLS certificates, and these steps are outside the scope of this +documentation. This section covers only the steps needed to configure SAT to +use externally-accessible API endpoints exposed by CSM.

+

Install and Configure SAT

+

Prerequisites

+
    +
  • The external system must be on the Customer Access Network (CAN).
    • +
  • Python 3.7 or newer is installed on the system.
    • +
  • kubectl, openssh, git, and curl are installed on the external system.
    • +
  • The root CA certificates used when installing CSM have been added to the +external system’s trust store such that authenticated TLS connections can be +made to the CSM REST API gateway. For more information, refer to Certificate +Authority in the Cray System Management Documentation.
    • +
+

Procedure

+
    +
  1. +

    Create a Python virtual environment.

    +
    $ SAT_VENV_PATH="$(pwd)/venv"
+$ python3 -m venv ${SAT_VENV_PATH}
+$ . ${SAT_VENV_PATH}/bin/activate
+
    2. +
  2. +

    Clone the SAT source code.

    +

    To use SAT version 3.21, this example clones the release/3.21 branch of +Cray-HPE/sat.

    +
    (venv) $ git clone --branch=release/3.21 https://github.com/Cray-HPE/sat.git
+
    3. +
  3. +

    Set up the SAT CSM Python dependencies to be installed from their source code.

    +

    SAT CSM Python dependency packages are not currently distributed publicly as +source packages or binary distributions. They must be installed from +their source code hosted on GitHub. Also, to install the cray-product-catalog +Python package, you must first clone it locally. Use the following steps to +modify the SAT CSM Python dependencies so they can be installed from their source +code.

    +
      +
    1. +

      Clone the source code for cray-product-catalog.

      +
      (venv) $ git clone --branch v1.6.0 https://github.com/Cray-HPE/cray-product-catalog
+
      2. +
    2. +

      In the cray-product-catalog directory, create a file named .version +that contains the version of cray-product-catalog.

      +
      (venv) $ echo 1.6.0 > cray-product-catalog/.version
+
      3. +
    3. +

      Open the “locked” requirements file in a text editor.

      +
      (venv) $ vim sat/requirements.lock.txt
+
      4. +
    4. +

      Update the line containing cray-product-catalog so that it reflects the +local path to cray-product-catalog.

      +

      It should read as follows.

      +
      ./cray-product-catalog
+
      5. +
    5. +

      For versions of SAT newer than 3.19, change the line containing csm-api-client +to read as follows.

      +
      csm-api-client@git+https://github.com/Cray-HPE/python-csm-api-client@release/1.1
+
      6. +
    6. +

      (Optional) Confirm that requirements.lock.txt is modified as expected.

      +

      Note: For versions newer than 3.19, you will see both cray-product-catalog +and csm-api-client. For version 3.19 and older, you will only see +cray-product-catalog.

      +
      (venv) $ grep -E 'cray-product-catalog|csm-api-client' sat/requirements.lock.txt
+./cray-product-catalog
+csm-api-client@git+https://github.com/Cray-HPE/python-csm-api-client@release/1.1
+
      7. +
    +
    4. +
  4. +

    Install the modified SAT dependencies.

    +
    (venv) $ pip install -r sat/requirements.lock.txt
+...
+
    5. +
  5. +

    Install the SAT Python package.

    +
    (venv) $ pip install ./sat
+...
+
    6. +
  6. +

    (Optional) Add the sat virtual environment to the user’s PATH environment +variable.

    +

    If a shell other than bash is in use, replace ~/.bash_profile with the +appropriate profile path.

    +

    If the virtual environment is not added to the user’s PATH environment +variable, then source ${SAT_VENV_PATH}/bin/activate will need to be run before +running any SAT commands.

    +
    (venv) $ deactivate
+$ echo export PATH=\"${SAT_VENV_PATH}/bin:${PATH}\" >> ~/.bash_profile
+$ source ~/.bash_profile
+
    7. +
  7. +

    Copy the file /etc/kubernetes/admin.conf from ncn-m001 to ~/.kube/config +on the external system.

    +

    Note that this file contains credentials to authenticate against the Kubernetes +API as the administrative user, so it should be treated as sensitive.

    +
    $ mkdir -p ~/.kube
+$ scp ncn-m001:/etc/kubernetes/admin.conf ~/.kube/config
+admin.conf                                       100% 5566   3.0MB/s   00:00
+
    8. +
  8. +

    Add a new entry for the hostname kubernetes to the external system’s +/etc/hosts file.

    +

    The kubernetes hostname should correspond to the CAN IP address on ncn-m001. +On CSM 1.2, this can be determined by querying the IP address of the bond0.cmn0 +interface.

    +
    $ ssh ncn-m001 ip addr show bond0.cmn0
+13: bond0.cmn0@bond0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
+link/ether b8:59:9f:1d:d9:0e brd ff:ff:ff:ff:ff:ff
+inet 10.102.1.11/24 brd 10.102.1.255 scope global vlan007
+   valid_lft forever preferred_lft forever
+inet6 fe80::ba59:9fff:fe1d:d90e/64 scope link
+   valid_lft forever preferred_lft forever
+$ IP_ADDRESS=10.102.1.11
+

    On CSM versions prior to 1.2, the CAN IP can be determined by querying the +IP address of the vlan007 interface.

    +
    $ ssh ncn-m001 ip addr show vlan007
+13: vlan007@bond0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
+link/ether b8:59:9f:1d:d9:0e brd ff:ff:ff:ff:ff:ff
+inet 10.102.1.10/24 brd 10.102.1.255 scope global vlan007
+   valid_lft forever preferred_lft forever
+inet6 fe80::ba59:9fff:fe1d:d90e/64 scope link
+   valid_lft forever preferred_lft forever
+$ IP_ADDRESS=10.102.1.10
+

    Once the IP address is determined, add an entry to /etc/hosts mapping the +IP address to the hostname kubernetes.

    +
    $ echo "${IP_ADDRESS} kubernetes" | sudo tee -a /etc/hosts
+10.102.1.11 kubernetes
+
    9. +
  9. +

    Modify ~/.kube/config to set the cluster server address.

    +

    The value of the server key for the kubernetes cluster under the clusters +section should be set to https://kubernetes:6443.

    +
    ---
+clusters:
+- cluster:
+    certificate-authority-data: REDACTED
+    server: https://kubernetes:6443
+  name: kubernetes
+...
+
    10. +
  10. +

    Confirm that kubectl can access the CSM Kubernetes cluster.

    +
    $ kubectl get nodes
+NAME       STATUS   ROLES    AGE    VERSION
+ncn-m001   Ready    master   135d   v1.19.9
+ncn-m002   Ready    master   136d   v1.19.9
+ncn-m003   Ready    master   136d   v1.19.9
+ncn-w001   Ready    <none>   136d   v1.19.9
+ncn-w002   Ready    <none>   136d   v1.19.9
+ncn-w003   Ready    <none>   136d   v1.19.9
+
    11. +
  11. +

    Use sat init to create a configuration file for SAT.

    +
    $ sat init
+INFO: Configuration file "/home/user/.config/sat/sat.toml" generated.
+
    12. +
  12. +

    Copy the platform CA certificates from the management NCN and configure the +certificates for use with SAT.

    +

    If a shell other than bash is in use, replace ~/.bash_profile with the +appropriate profile path.

    +
    $ scp ncn-m001:/etc/pki/trust/anchors/platform-ca-certs.crt .
+$ echo export REQUESTS_CA_BUNDLE=\"$(realpath platform-ca-certs.crt)\" >> ~/.bash_profile
+$ source ~/.bash_profile
+
    13. +
  13. +

    Edit the SAT configuration file to set the API and S3 hostnames.

    +

    Externally available API endpoints are given domain names in PowerDNS, so the +endpoints in the configuration file should each be set to +subdomain.system-name.site-domain, where system-name and site-domain are +replaced with the values specified during csi config init, and subdomain +is the DNS name for the externally available service. For more information, +refer to Externally Exposed Services in the Cray System Management +Documentation.

    +

    The API gateway has the subdomain api, and S3 has the subdomain s3. The +S3 endpoint runs on port 8080. The following options should be set in the +SAT configuration file.

    +
    [api_gateway]
+host = "api.system-name.site-domain"
+
+[s3]
+endpoint = "http://s3.system-name.site-domain:8080"
+
    14. +
  14. +

    Edit the SAT configuration file to specify the Keycloak user which will be +accessing the REST API.

    +
    [api_gateway]
+username = "user"
+
    15. +
  15. +

    Run sat auth. Enter your password when prompted.

    +

    The admin account used to authenticate with sat auth must be enabled in +Keycloak and must have its assigned role set to admin. For more +information on editing Role Mappings, see Create Internal User Accounts +in the Keycloak Shasta Realm in the +Cray System Management Documentation. +For more information on authentication types and authentication credentials, +see SAT Command Authentication.

    +
    $ sat auth
+Password for user:
+Succeeded!
+
    16. +
  16. +

    Ensure the files are readable only by the current user.

    +
    $ touch ~/.config/sat/s3_access_key \
+    ~/.config/sat/s3_secret_key
+
    $ chmod 600 ~/.config/sat/s3_access_key \
+    ~/.config/sat/s3_secret_key
+
    17. +
  17. +

    Write the credentials to local files using kubectl.

    +

    Generate S3 credentials and write them to a local file so the SAT user can +access S3 storage. In order to use the SAT S3 bucket, the user must generate +the S3 access key and secret keys and write them to a local file. SAT uses +S3 storage for several purposes, most importantly to store the site-specific +information set with sat setrev.

    +
    $ kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.access_key}' | base64 -d > \
+    ~/.config/sat/s3_access_key
+
    $ kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.secret_key}' | base64 -d > \
+    ~/.config/sat/s3_secret_key
+
    18. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-25/img/Fabric_PortState_Locations_UI.png b/en-25/img/Fabric_PortState_Locations_UI.png new file mode 100644 index 0000000000000000000000000000000000000000..704511ebce3d09b05ef60e3c174c516850b1e875 GIT binary patch literal 10312 zcmeHtWl)@3v+j@}K@&VU!QE}p5G*(Wf;$Wj1A`8lkN_cQ&|pIX0fM`G(8&Zyg1a-g zyWU~%eb4^BTXm}L_v8FHReNgWeOLGD)$h}?x>rqvmWC2O4kZo%0Kiv%F0Ty$pz)xt z%^zT*zV(zj5>P*xe!2#p+Lk`_ZV<4ogENTU6Y2({2l+bK0sy{~E-?uFE_yuq-BJeT z@v}GV;m>7Nu#9igo{Gp%0_XSTC?8U1RdtLiyr)l_c~24c<+-wO)KVOSw!((stg3eJ zm+OAnAwKy1{lnJ@f*9*TSrdYN@9h$q?LDDPK2#TNoN2}gEA@$Sww!fRA)~I;n*Oqv zdn=COc}t>Wqi@JM$d71c^paGV&H(_Nrw%AZ4b;`dt-&rlmNsB35Rb2m8|n!F07)5N zH%n_LkSDzr$j-r4iea~@je*|5Mv6gSSe;MZO%7!5@Z1jq((%*Kwf1we2HG&lNaINQ zilYR$fIKbfeO;VgJ;Z&b82*qej=H`Z=4GJ&gT>QHiorl#i(U>40nrQb2=VZ7EBHEi z3ouCI&`UyWY{j+Z75@@}x|3qC_w;lV=jHYB@!|0i@qATOT)uYdqIii6t& z>gs9f%kApHcqigd8S)?xYlwrJrvuoP{!XT)71+yDih%(|r~ga1r-SX^(p^3N0s#dF z?;VAgpNEh4U)k?$_+QHW8~YvQZ}z*%;s)9v53sY>-SSclq5{19e@Oa+Wcc5c{-(Ti zbwFt=@b@eou&t+$B?KhJpk)vC1nXE^x`F!*$_#e3bf$Kj) z;6Gyi$GiT4>pw!^KVtsJyZ(2a52=rpFF=0C+kbp%%|nr^X`p2)#qUFL>+TgAjVpwB_2{yD!0&lf zm6ec*x?BJEk@)@IF)=YVSM^MaQIA#pE*yfyAk`z+ET+ldKFMDD=MRU_Ulj{)y1PtQ z=XP75YneD(boOuqoX5vcf~Z7YwmYnFLg-C?a=A@7*GR>e_uFm`-?-K_^_LA8w5+No zb3tPck+>3GCURlF1x$GKQ)0`;W;_}m7mqsP;0!!bo{=$^t$&<`Pa4d1Ds%SO+kaE` z@Rt&;#Z`R;jS43xXZp8At3owfD{Be!*N$_4iQyi@UA&J?)u^xE9|OZ8LnUlDqNYNZe>3 zZ}GBce_*Q2lYMYhNUE&r9D~cWF={KrB!*g*(P3+i7T#;BZ&f!nV>=;Zeklw%M9zHs zkvh~eHC8s)HR-i^el%1QRfKCoqh8g0AoQ5h-0zJ|hrX$RRB22+Q-r3pVdwr5D|^{j zd2*7zWq3mULYPz9@$h@xNW;1lPMm>ErJP@UmRANl_1F4+8z;s!el$w4U-+FyUph}T zXKGsm2c-|Om{KBFc5f1};mXsJr{R zaC^SX(Q48bVV4CZif+p@ycro80jPb98@9iUDk@vv#5ex>wRq7}k?i(judO6+!pyY! zdf+mnpA*pTTw87f_fSg{`mkBnh6xDogooi9i}}v;tt2JMD=4~cmUvL`TiNHEYc3!a zCUWaKVrYj(s*Qmf@g|b{mohI54I@lS>6zqXf7vfb^0xJ88TDMB&J5Y#1_vLp3#4Xz z`b1w?sOCJkkB@ml~nQwgJUHz$;Km6adh%V*~Wz;yF=Ro=FN z&d41`AT(gAEPtc`Ay&z2q*z86SF>BPO_Uqp<`8nDmJbESp z)SsXD5zvUsgFwt52nnyeCOrCV1W-}Ee^kX=9(>zj`k0#3pKcXEvUJniAnd@3sqN;yl$1La z_07Sn$>~VX4N3gm+%LJ%17&J~N3Ys$wuPNVs02%41KWq-{bpJRR^Q{Ay7N<|qK{(k z_l&kfXHAD7=I-50v!?rKSOnCoI}%_CmmX8juqyNZy=w}AaY36@;X@8g zyyxwX1rD|5Ha21v6@iVqpG4=3emPI|dm!Dew+y3bB*H+!(3p9P%+npcfB@>(uVoFm zY}Hr<#ZBW*>qBvOj|Mmu6chx6+#j)Og52iYKP$f8Y`txm^53sxVqC&=t&6xUbJHoxqIxZ0*}DyIVjmGQs)O$C?_nu}sPtyj;&pPONX58)laj zV`-I9sj}w)LO?6Iwe98gW!eQ5ENr~3dt97)#Z0_1S%H@i%fYv3-@bjTUpg_SNEtrK zFt*#wF6a!8z30}uUFR1*nGg)6xIJGJEY@>s>cy1-qtFnY+j6Mt6}CNkZaeUCV3m7n zYTI2sQ@mjaBTZ(PEb)7f$IH%e{QHufkHd%h(!t!UtfyQxHQv)ZVNS7>u@Pwl&}bTo z_X+s|Z2UrIVnw<&QX@Vao-6?Co+#()z@P1C%?Ag#+c4sGxDLf^7Dxbyg6-Z0QBRL&KJ_vlPMP9AU0>lm)tYb>(zE${lGDfE$|~Ei(G!~`AtJNM`>?;xpPw?i zd4IKu%fyXUU#+2e#9G3bT%9zM@{q6#X6epwXy?KaW`kCsTjb@}kqvLe^**c9c%zF_j>~;4y!myR>(&`-jJdq6 z3p_u~ow1{j$+4Hay+!Wg%<&1m`+M1!%~L+xlW!`TYeTK6Zq0N}?mgADkx#!AzHZRW zvIoS_N(~gJ>O*fA-NfKR_ENCrN}!;HzL#ggpYQKD^Vn^{7iL+Yre_S+6NYjt*iHJkt@>g(Q{ zcRuL*K9JeeBBL7LHR{p?cr4QFQ8%>-9?XJ&-zNY8q|Gmxd2fziihw76O@5{!BP5Jb z%;{K(7lSa3G|gC5xa|ZG0#F|3AWEY!vsYgNt$V>3z64RG77vJukMHSRC0>V7VICJ< z8mm_2cs)t+zgIpJwBU7rEoB~C4^{d&RbRKi?%bL_cWFXmf6``$o_#hK^!~wSm7N1U zfX`(=-0>?j*rSoIiE%Rd{aE8mmetVewv8Qf5z+wvKCn+9fip->M45fM6MPn)BY8Z0 zh({?9S6%I?#zHKf8504|Y+6eFDGDQG4Eq2Jdfy8>BTmUxqvz$F^XI%xGt~FFoVF35 zz}oHfDNo8VrIbRqH0gFsqI~5bFX6uisO(*vLn9)$962<%>OVq}6 zITOq$?I6U?PJDhG=ySLnj}&v8=L6-gFtHFYNJyka{SdSlx-kiYs$8n7?V*<`-JAwF zI&GsA$_$*qp!0$s)$`y*8wHcOPFA!3Xmw>VDv_Z`wG&H7QkXk4SiJBJGemCC7M5mB z!`zRB-s9(P&9EOY%=+{-fsGGpAA*$blTKzK?-3YGkt>{^<_h)jR;#<^`if z6^w8K8p~7IH9%fbvHWO)6&oM>i3DqSbb4((w5LjP5sXOoX0spBVIyI%zy8sep<$OZ zm~lIW09X6}qzgK=4?o@H#*|}kw4g~N5Za3;x{nG6Q=^61#HsDP`uewVj{>V;YMKJ6 zYGTv_1jm&|Rzk@+T5Lb-1kPvTm>Sr)IG)i_t7&Ns0ZUGXww{|lkB?kjv|?and?DOG zWn^ruiYhQ(y!fyv>-BK_d6mtTh zsVL!GI+Fa$kQZm{&&F3{AC^{dfbQ-U+dFecX*3164bL>P8fya8PjxQOO%um-&(`fv zPQ15;1>e1QhOQBlQoy~&1_1MoPE)hHc~o|%7W^2pk9gvMnHr*ta|zfX^Kz02_}Rfc z4?-Ri3V!~(1z~VQ(LChmiO@Tcs66^0WRUQ+>Lc_l#(OFB52TfNlJDqF^09YgI;S67 z*L+a-5`W(RUmnE>lsw8`OaF}wbROA90WsRsx+LfwWAAAHko)J@zxG0ZDv}7ZBkc~Z zBt!4;`8Q7OfQth92d#=nfAmd@AL#BxuDRdop2+RORaD%=-oWE+_|{dcZw39V=%=IZ zjE3rPn;W}*k-8|ZN%pT=9%+uVUY=(~Oz_Z(LdrVad)1~7&9ZNT%>ruFMX5O6D{iKf z-~cTl0=a|=*&BY~w^k3yftEEBy}LP1`l9{DdA<&fYagG1yqab$$mC#(O| z=HHMU?AvyA(N+w*vcR-C1^$DWE5KTSOcHGn`BZ-EZelzH8b-BuMR&#==*9qd{s zPvHettHE9&8Q;@rd7(Pq`MCO~70LNz0(LJsNNabbVxj!w%;ch_$}8QwgZJngX2vtO zWnzwpVbno&E1qETGF81|19-5ES%0eFM0BmFb1!+3x=%sxOTBGW{qK>NeM+@6Js7h; zpR5MBH;i+2MS_0mb(>@CH?%Wz>DFXgZ$jkXdU?~!qY;bvT5c&a#a`xq;wU|J@IAF@ z<1rnK?cUQez4@{ipOQKKgy&$N;t&spzdk6t)O};uiU92tT9c$Y1uw^Ysi#(CpqkWW z2nLmi>vcus&;iojYpnDNM`Zc&2l#yLlNW05u@VdDtY6@d0^0HoRff;*_d5 zH1CZBnpoMsGV5&add_fvMDoy-2Y~5;e=BL$wOnt38Se0lL+VyT9ny5Z{N?q11(t7D zNs>Y$$$bFf@W>y<2o8`@GYr3BrOW=>K#XH@>fH&fXgRW2;M>*6bo}EE`j+5W*zGE} z#A9hLLS;w=2;rS)<_^t|;pHux-=Dk2PEmC{sgrQMB^9(&+bzgGsUO`yZ?~v99H=+EBMf${MG7jphszk-4V=B4LS}hIfU;@0ClZIprBq~_z= z7Q64wB`|03l(Fy+XN4y$YJCRA=k74yj8u&E#U0(h^WVr!fSj1OmaV`hw zI$E0AvS;;Ez;h%9;&iMOxAPgsENt~_KM2=FJ*jdn-i0&*LDfVhFB6Qk;6Jsv85!?E z?VVVV(R#}eiUuChQ!?GkozV(v4*m~DTFQ>H%#emCwUme)Okz57nUJ!oXf7EyvYM>; zAp*fUP|E&7bWXEuNfTa}whA8R>R=m%a=h-|p*o=~#Y;=>_0!Xr$I2N5*bOF%K?R|7@B6PV8yB1h z__d7;J7=kL@~JTe74#&6KaQs;`D83){CeM}r|umQQ6`8m@Ht!~8|+?(R9RdrGv&YS zG4H>`I-D@o>iG77{|lM!L8xALc11-%l3A3=6T8`RHfcDY+oB2S#d7PHRef!{0u^Qa)m6DdEsO zj~ulF8(bIhUoBy3Dl}*5y&c)fF0Kqidm&rg=E5};CT~$Q2`{Q9q+078i6AU)fs%~j z$9`jO7*8^XZ%|3~Duvra9X38Go-e|xrNWn4IysQ=QqCJ+F(BO#^{$?ig@W!_LXu^Q*T)etw)=~{KQ|?AEyJWP;=BxN?x!HsO+I1J1?Q6P&vpdt)*9JOv3}6ALYrUhAcT2hg&p`sL}&`)%?8GA=CP4*0Am^> z_Tl%xjc2~>$#fdp8!JRv5|6OtNG%v$3xpaUJ9XE-3BjxP9 z?V?t#^>Nvr`ne! z5Ekl)CZ>NHV_>vxq3VjUBElLx=aanQ7=g^kx9vDPTg9$ROvz&9m8)TG`PS%pysb9f zyD8Kx>A`l`)0M5wG5*2uI~IOe?TkB@Fn&`@GTJq6-d zqVJBWFOqp?sBla#lWFY=AO_w);t)U-O{D2-I7X!6v#LHAX7k;gT)=xj>cz%eGCAZq zm@c)xG8PzHkgn+zF|@MUh-S&v##dGeG>ngL7t|-PRcofT z&W)aPIhlef~Xq(NCa0bEW@wHVb2E zsl|L~QO>VMeQbExO?(M2FgvHkMO;J#GgWOMk4NKoFUol%dT;7frAqu}{FYgV>{rZt zdDUvwHGeLdk2OKhEu=vrSg81kdro7W9iqiXvehR-v{SZ>5Cj>Nc+a*4y+vA3kQg`` znu-n=xw>uE|IkK!X7I>q&hJ`>?pjDUc_6Tl^($IjBf6?vpOEO+1tD$sOP!sCy@Lb` z=n|HWon7__W=yF>U0M0~-gRqAkJ?{mhi6$V^^`B<)Ynnv~L!4D>oEpiTjk&G_5>uO4Cw0&`(7-5NQD>A6D|&+?yL zi7Zm@HZkA2H~#F(Iz{sPTcB@hj+|OO8;_qlfKcQkx)Y2AwJzDuJ3-fCpyIr*(<;g} znVOm@k5IWalQEkoF~6&;$p3JSincH01^*ZFba!z{Q8n9#c-H;<&j7B9r=1khIy^u7!o9=I_pkkW^h%-y)^3YN{!%}o$z<@ zLzYU_&+x$fHn2S#>32`Y=1c})Em-xJJLgi#`o?}oA5h5>zbKa6ukC~^&DVY7sjee4 z>dDBg8KoGz%>`eYnb4#`)q}JMwd&r`VQ8 z^7i22DyLkSS6jUQ^DlFg{ z4J$9o9_F`Npwg9`93&?1fd?oDei$qkuClUTlbiH1frRvJmSQ(BC+XpD zo+El2f%;1DgOrC4a`GlSHkLx`O?ha~6z=_c?P%n$AgqE>7rXtYlV=|Zu4F6yiV6o< z1i$PSqG&$->b>Hn<~G&$as!%k5E*RF3$u=D=lRC{r}cWF+PP0ZYw-!GAx5sHI+s2@ z6;^@1xhUc6SC3feTNbFbeJo~R!>iw)95T|x?? zpDRoLg*V1U#Q6wyXmn?jd^T)k=UMKj?h8JH?Y9mu*^KJxnd+#ly$+8it;;7{dLKJc zPgm`Tp$Y+^bf?0>oa~;7?Ius2I@Ysy1r%(~+0^(+jz^uP47r8uM$!Uwj8~W2OSUHpz{RWtE>e0b5RlBw0#^Lr_Ih zHh-W|e-3LhSs$q1JY@ir8q<8gBeC|x)seI-=>>PbcYm$5$m)_o%fiMSm^%8@{T zMlz%~X**@?WXHTFIFpV;+?c4A`>kr~WAX?8Pji1BypCwFm+=8M-2JakSwTa-^qED- F{{e^I_u2pe literal 0 HcmV?d00001 diff --git a/en-25/img/Grafana_Fabric_Congestion.png b/en-25/img/Grafana_Fabric_Congestion.png new file mode 100644 index 0000000000000000000000000000000000000000..dbf481d94ce7036204bb81960b1e9ecf3b28182d GIT binary patch literal 13882 zcmeHuWmKF`((e$G5C{?o5P}9mfZz~Z6EqC&4#Azl-4X}{2ol^0?k_m z8RS0vclX^_?mhSHhx_54vm9U^p02LyuIjG-RaFzLASa21L5u+cfv}`LiYb9W4|srQ z{U?us-y0;&g1|?rhl+-il7Z_hI|qoVg|*2mCwDuOS0-*2rXY~poK3hcHY(+lfMs6s z2++xE@?KfXagwvk?rxXG>}7vUBX&%IGNZ>fZD{*^!VKo;-*G`8jQ1A6Ks97#_>3Sn%m&5~Llb5<8#`bIAdrBt zo1KA?m5I|ULlZL#TS2PB##X9V7RG{9>YTEyvUZ{-<`y44988ow!m--@j&|di58Hla(NqhOELXQHX=dD-LE3W>zL~ zHwzbbDj|$l0uIKed`e;xe`f*wB}irNcyM`>Ve*cd{`3CwE)N zzbgSy2g`j63mY>l%YP=nx8Z*b=D(2NxBQd*zB8YOl8Gb4+WB6*AQd+|3)^3u{%X?v zKR5leMb*{<7%lrhdnrRqom>qZOa!SE%ppz?Wg`PSlfPQ;h4YC*tRW7{fYE^Vzlr+m zwStA4iM589g^h`=<6k4;&|6$a7&Hlgt`nQmO zNyqEFKOUkBL4U4`nS6NB@O&b#Q$Dh|9`0q8G% zpfBtdz>i4tWQX@Pj|jpSJPBMH7Yh{Vo{2o64A^3f$!mOY|MYB$20i@#9UqyLT>$Vf zww)iLADNig8CTMp0gJEJ;H9AnaSX&UYV&I$<%#SmUGx+vb-i`Z+MX&x78KOn_Z1`2 zI{VG2Ur{-g{pfue%Szq`1Ind^`}{7Geno%i6#l&+9(yJ{(yIC;hDXUmn=U1XPJHv% z6Xc=s*KNx3f+J&DU-#!q3!=u^NwFn^por|Ij*n6niLim2cXZ6Qf|P^+i>8w9XH(k_ zBg^FNhQ}#7f@i<=dCe|IpVKqEdlxFwoCa1Vu(#hYlLmw7Ax-BHkBhD0lv(-eR=>4` zp>waZK6rL6d3J3rA?T|}pL^EG#;e>~I74fFO{e0+RnczZ_5@Oc|&gfWJ-6JCr+1Yxux^bN=zjNaC zUYGp@2@4Ak3q$Z9i}Jn-1{vUQ2UQ-q*iJf-xWS&R6Jp-rO7_GRMrDl$L_0Puk?^;iU$--qt=|)}| z7?3cGXC{L)99%iS?{&3-r=*Odq-Q`)$LhysG;G!%)5qlDbN1Dv1$iNP@-#eiVw=c* zSi!bsn-3pr*SqSH|6*^cH(TmO)d_qmhPdC|cKG=W8TOL)CGP8CvL4Qf+`57JDp!iu z+lIvI>Q3_-;y;MpP9~^K@AC49k+F-=`*kjNhg4Icd>U zzr1jXF|4#1KRyPR09Vf8geZ#kyCcM^xOjc)3c}|0>wV_y&MTAiGNOKlC+OI#o5^KH zzal>jwUo&V>575-eHaND78~C<90!DIoV4cXI2`jt(dw-0A&yoU)k<|bZ&59_oP;om zC)2ed^|)c18VSb6#wQ!`(sbi5vQ+4$zC{@I48fu!iAF|*?>fp_Z8HiBiT!3B^)jV( z7;)}y^rlO%V)fO^;DOr{M043b+uK2!&8C8AIJsF$1zSskKj!b){UakkA^1+=t)CYU z*5|D9j;7S_*32`=Q{{RC*4boIJ={sgr~;m?TIU>$Zkz?%PK;FwTAM-n-Oi59*oedE zV(CRhMOle3z3w{M!Qg>9c)-^g(25tmqHD zk=}GK?7GeFnSE@TSXKP(^L1l*!)~QFQttL5IOj*qPA`eb)~o%}N`-?)^igdFe)w6f6x_ z(BcCGt;ONPbj-I zi^Oq;f8ln{wm3q2u^!_P|GvFznM5Urk?gXl{B>}mh?6jNot=n)VCtiQ;qn?m3GcwVtEOBnt ztdA#URv}_k%~#FWSGY&V&Dwlt7t->Y7V#wb_;@hwhMG7mX?&bL&FA8g%fVddXH*MJ zqEV>kOXzR{uy@3HNU=AEJYyG{1h{M$`hlHU?g+ERI4@lakJtAIFCTqoX=&+hI86$C zESPANsBO0HfH}y$+Bg#%8yb?}Y3UK|pFXYSmVB>25)itv#+A$SFHmNN?-Z4SeuqJq zOqN@20Dm9Sy5xwat|Js2MDBwJcr|I3p${+(jjr-w zu+~!l9>s5IrNbqVOp+U$poddVZbNCehoT~GSGV)F!q+7q_zmGeX(CrFLs>%CXohIQ z-O1@gG_ ze;Lb?D7T*=R4dV&U~CT#`A*F{%h{E!LjUre3rBrATv2JYfy{FtZXcw>dCuM;BD&z5 z$Y;VH+M=_{47W4o!VXGhW@9_xp8|%Nz+wMDpYczipr;a%@$>-T4wCZ`9&WjZ&Ff;?+IVHU1mZBu-hES*p5 zIc|{Ws5+vwYRR9W%kB|-DX%AC+6$eO%tO6?;px%uoVH#8TFa};zB<*IOsdVJA_EVA zKK+XPJQRo6ne~V1d-kolw6wH3lF!vn01GT8L#Cs;S&&Y zm$^pIm!o_ki9$(U#C|Vj{}$vO6%{_OeG2WR5J-6ZUeO-iw-J)->AvRZM?8?|v0<_| z@9JkW?^@yAOYY%x*fUcBcf56fEhvYHSpQ84W7WL79rDa}5)$g_=~BpsMW?&QM1JVS zOUd1z<&n&DM?M9x4l~p6p3NI>&|BoiyW??m8yfDg4JYb$DRSZIwZ6*xg%5B3GPJp4 zv$d4PUs0jRcykQrO3#>}6JW&j`{N=sSbn?`L`nH!e~!5{wCF`qW@hHp$nMS{ses$J zpFdwUIPZo`Y`3i_)M%6)^YU^fm*^rPG7809R>`}nDk=|tj+sBPVy}lP8j3>H5eK^N zYc=tg_Ol~Ed)AeeRad6Rt^(X}DMVBHb4A_#oyE%8Jtm>kF-sJ=d|CO)gT=Sk zyQzqz!(Pc=tEYOeSXtYwkhmgG>`fJ1y=cn0Vf;SH(@>=0n4vWnKRk^;1$o#!(CoF? z5JuF$t36wL)f#$MN*=kD|BDO8e|xCg&;=?tlc$fS(c8Q2vaI=$nkucJ0IH~9W7;7h zAP5)9$ZpE~!tVe1+flh`I%J_bQCy$d;CI`t0M{uB2Qiac(bwW)YmW*+6-L(eo}B%`ivd4^4%Ve31M0ykz7Ka9eISwaKj$9(sFSG3{G*z$4o76`2RjeCc?l+$`HvScqYMJK8!}Y~9bGbINLc zvDryr1+%rgTeO8%?Zi8S&iHLL))5@Tp1diEVN)K(-0Qx}w`~k%E$t%=uD8q`rml--LOS%MmegvB&Gh^=JF>T^at{F>##f@0U2)KCg5JmV3%$LyuZ(#7u0tauEMtoQYL)c(2H z9sNCy z=AX01PJl~D9eFw7KjEf6dHnoSGFXm$fFNGJYh)z;?0YBa@E|oCW%y-aJ@X?h7MOL@ z#OAnk)L48>r9r3ZcZt_OaB&Bdkt)&N4b#eRlSe!)iop|7CGRL&A^@4I1a2lPq?!#3GMab} zEjl_ocw*v)PY7BSOzF%33kjSKW*r>5A7ew)2qf+ z?CsG}P*7;S8eOzgEP^$Zr?KNCWHX$~Je5P#`p8t6-y5H3LA+n!G^o*B9ScbCXLuN0!q|TK8Wu@T2*C zMnyukeB3&Xw`woQTpsLJ!#yqKJuv`bt$E#~DFZb6{hLGcS^^A@U-8k0;J((u`OcA+6w7=4-=lxJjj_wWNUXEb{?tbEkfVSP@!VKBy5oba0uqOU3s-M`iV} zs9ipfce^rs@y;vzM%-*|D1n)K%AjJdS%JYm*OEaGKuu-?ADAimE}hid8TMSz0{gX6 zu#XVCmnbXN7Km`3Xe04CeW!q~v)Nr4TV%L7&;?Ub>iu#8=7SX&kM_R`38u-UDkjn$xVaH7U zEUQg9u>4k~AvcVxR;o2&cm*8AgN}~+7RRoXppe2HsdtlU2bR@fLoK&TgEh5-CS=Bh zE>^@O*~^Vdb!|6e-N*4xPvPMoDr`!vD)<%N66E8Dgijv_2-ef520Za4)SH9H92PNY zYVvxWY*VFqZ?buLdEK@NrqAK-iUw+J+VpMC361GQGir1B7w&-EA-a&iUEaQrJ?nXG6R?Y*Im2cVhK$$=P!LZa~x{&NS|LJR$Au z$+2J#vT}wrUlkmK;l`2^NwA&c#hxRaq370lR^a4SJeMlB=R&LHJP(VKhYaRUYV=kn z2i|?)6tp)JmEqnY-W$O3&Lkovo5?sy>aocp4)t$TBe!!x z$(H-Nc|4v$o?@AtT1fvisNYxkXP$R+d~3A#>FM;#6{cQZ6_`yv~#6x z#ZE!X^fwUXnL2t`ITx#uY!LJa7cVWTsafR|_IIp=G$^-}Z42+g=iVSefGQtuafqdK zC4aqpViM>80Q?v*fiRQ4b3@UZ^EQELVIgA-Y*udD$ET0UY>wOW%GehdM5#s4!bhN$ zvlDXwBMFa~;!So)xERs{3@Pt8#J6c3Y*94ioFZg5*|oj=mr^C8$RV`v{i*TYl;ln@A0C+zN2!RiAXxVl{HUqr zb;K(Q&MVdPfXjTgNzIoeFFLx&4OFJ)6I*YdWEuJ=j5B<3b|<)wv1wB;S^tww_gMUq z+gh*rO510SrE9ndW1I&*#+%MS?A4Xl<)>}?u1h0B+`1!O($Odh=aZ*ml9G7%_+7a} z+9+;Ehw?}9+7RP~I<}^Z9{#=M!~WG8Eei5vcM5N0?cjp&&7Smh@l8#)gRrpg(iN;I ze@f4yQaQ6i7ayaJ@@*1sMQPEiuR4Q1xqRs*gG{7(hY6+529 zM&6+M7fyLr-@-rY!=yS7oK7~{@oEVYpCD8nmq&RruWR-g3s)Nlm7<=DT)xdq(GaGv zrNCbknzd$TJ@GbuxzeIly8m2?g#{tPsNaH7G96T)OjEV)D_x;gV$QKI-ETUSB%PtR zYx60k%Auv77*(;5acN!+HE9RfGa6T% zwfCA>((K@RGdogUe{VP8oXAflA=@{ZQg2IFlfNq+kWY4#6%ABjX2&)#KhR(NF*4}5 zDup?HY$Ne@_cRO`n*FXHQHOWL)Y|-arRj~A^{<$}SxEf=JOQcPC7C=_+@*j{bg=ktZ%vP*QY)*k%T^K5)SF1odV;o! zIEQ|{W zrdJMZ;r;AZFEJd#eGT|G6L8rRKQ5zHW8PFbJ>OH^i~V_=_X-NEBf<#kl@$XORn>Q9 z2Mk1*k3kO}Bq5xdZ#Vg~v+HU@!$UIbvI8W|gnmV~qkfc@hKE534Y`t0>O6KfbiB`F znJx~89Dk~}{E(e}Od4(^NC3f4esZE1J;s{5SI*08oS!jl3BNEwtI)EhQw5)Zi+By$ zPfrrauak7cvsTV8*fMVMNvxz;icAb6SmR9MqoN?j@9QY^$;VH-(?nD(3FLzO1>Gf< z8j90lz7;69R~MdL&cQ2Vi8zr-9)5_s!{_Ym>{8&J4f|yN!-V!W6mR!K{|NWpF!d+s z=$p~Flx#MBS87S)8#U4NJdpq=- z??d+b%eQ4U4yuPA542<36-BYYIbTSFqWMq5yj*V-T=0`W_HhGq6Dv@OTw$%q>*@k* zS5fU!jji#~J36TPE-O?>)YduWVwEB~!?BrfY zj5Uc?kS9gzz$pMMfHfGe=~s;KQ-|{M?R%T=j9$F zE4q1oU7@AZtm{tToWRJnw5Z$`BKn3d2BR{xNF!RYe|0yo4skO!?B%)`p$0qMst*=u zx?r8{Rt0A204|)#;y!M*@Tbm|M~M~rthG-}2%ROnMkv@9_11jU4?}98KFe3F{WkwR zLyb(O#|8&+(T9eEK@>46D@AG!Qc%_iwiT@O8w3MTQ8+;a-Aa7? z_@s>4Ei^r@Y;{^Y_dec^iC4dO$JzR=LX2+vHibpH^Cl+nsHnI(RC9AV#l$=8fu)ZOFk-%x%Qm=W-Jmq)>gaf<-sQAEme*qzLQDC`$# z(3y~ah)WIL@Wot9i5deRQ|gJqarK8L&H@$?#evoAn=P!vYbz8-Q{m4obq^amgGDlo zN0z*8Y=Lb5sHLuYDPJlMI46pXA2D8J=E~gSCLrkPv=+{9`l)JGYSH&+_XUsz6S$r6 zKiio_wd34-9w9hms^m;_x#CA23+@I?bCmwJ)a9<#TYOT3H0I^*7B1PZagxBO6nrV! zu&+8rb3ik|(~cy@d#UeRiMdS+gSPk>hv zc0X})3q1g*xNH*hfYsNF<4U%5q&$EA>jq8(Vy)4~hhl|T)Ru``yqPI>DJ6Z@IlkSw^^#1? zJ*R&5*{I{1=jjbrCul}d1HEl5L0J5y;b_v&KpgSP6ZljaV1D?W?Ah= z8P74~+phw(LeaY|%Mm$C67T&8OSHC+>!v^MX04PA{5f7tAh+o$p*6z$qF5M1I+|S0 zpGx%I^!ldeKu-{`CapTw>f(T|;QN8f{`v3dkeLcc9Qz8k%RhgV^!4S-(iUf%`5*c1 z&%6GZY^3e$dx1+r(zy}M;sSv>@48G{5hH(I zB;zB>oA>|*TZZ0vo|10W#M}J2%>RZyx>{x*7Og%FB{iB?-UFW#<`Gu%)QmP?=l4yS zY-CNaW@rBt=S=mIPr>x#jn}BUZiS?I~dXxIrP`NNQEHjTl*a>drsqS&fZD; z>IAD5z2T#OkT-FRB&o>+vKKAho{e{ljqz5QdQwuFMZ4TwM|U^ycQmpocB@#PNogUf zYF6DVc6bz}o$6T~>RBT2BFfg{K#D3Iv=w`-PP})L)U1vHyYGMJDb_YJag#ZxmNSFx zobTlJ3EF%4Pc?ri4_{%?M*m?lG7gt zZeX20kMnB82N~s{`?tTBvUsWZ19zXk=s4hLihJ1sz7I{g4F1hg5FjD^>^}WDEo#}3$Kr#nxDI+yx=4iE#2NvTK5qjVZGI~UM)JqL-4`5FvAKt zz{Om!!@UIZ73*J&MmdJ6}*~isF#MWvg00?4(X%Z1FyYRocmZ{L6fv+K)vvUxvJQu#WxVJo9Z{FYJ;N;Z|lN943;kCpH;j-97r?#9RowqR(`&k@W8P1O}Ot-`bbht0TobKdM$xzRnY<+ z{_MMz5L9abfg_&KzMULt77)v`sW|w0ObHwtErKfFC$^0(AuyK7FJ$g9M7wnm74_kW zr=~qn8$`Yn0ERf1@5=v5f1HuzqS*E7A{vF&>0&0Q(q?Q@wMuYazSKPM&C6?~(RJNT z+Oj9n*ViZaI4UD6_(Q?`aTjb^#Mn!duEppQWBKT&LuX%S)b6XUmX(RCJ!h67D*t5M z2cc5$*vW=|25UO#vDl83NMtyS=E5YeC4>SyzLF*@1_&=)Jy!e_)YT=m{unfLb$zO7 zXz{PB)94>y(5Udb-)zc_1K&e;JF+4K?8cpuudAnMbp5@E1GNVMGyhQ3lP>L(sV)ml z$0mFZSo(Z@si~&XPsV%qIdSsIL_>JBWYHj??_Wg@x}@EItd8*of%AL7Gr&<3!K${Q zc4XzkduYSo@$(y~;W4ynpkmy5tzb;Ipn~s`a)J{$5?Ed`HXG0xt%_$;^`9!`6YMpvDdd zg1K&a3Hl3nXBAbtO%^**W>n2PcFIphP2Yx2gd9&*3n@+0(tsL=oW*^`MMb$>#9=dg zO_$otp!3@B^Wy66Udd3Ug3O=4>8`FGd0ijFXRKXzEOlL!sR`Ui7YQU zR1a^Jm8{yK8PN5befPn+$giCTKh4BIqM4|Q1uDgT?B!cO)6jgR;QJ-K8hhbf^W%~w zT?VcIdK|T0Hd@nF&nI!{zoM)8rb(g`Y~;`xAS7>EGO$_^YaxcTB3kP%(($X=2AG=dLY~xgk!q4X)|k%{UpBn{*hc*K!g?opmC z+;Ro^)2ipZGZW>4_da?~um`3Kv0`d!V2T*Q!ROZYRj&vJnop%Hag{yAGpF+x94Sk; zULNQj&I$d{nO&PfHD#C{FKuj)a6z|yN7J;DvLeb8plNO|d}LtD(s68VsA#cHgh4kbJacVN#+ta1PV$ZWpx>c!v~s*#m#b8jI5Z z-CtQ&e*w0%v~oWwsP{TMeqmnITl&xwaUgXMUt5p4ieSZX0KQI?K_D#})d}t_jBPsl zBPnJS5X9mWvk*L^RL=x^drQjXr?O4#rL@E)N#}_sdo20X0%E<_6{T#G^MTIowpCT; z5K2x?!d&d{l>PeirrLV5cF_CqMVEPWuricTv2=heCy zE8?eBBZnd2lGSu=2hCVL5smWjR!o5k`;+A=k8=;;tXl}S$&!kfYcnh`TNZ-p6y=`t zx0L$Qv~Cb5)wD`voXybKf8Yyr#mcEHOdCOvKKh-=CJ1D=K0@=~V@kYB-=lv&!CKv1 zRvc$A_W5#)1E0t;X{bz@?vs}x-HWp)d8O0+tCJ!r*l50FQ?Uu4lHO&nRIP4V(Z)|T zGw$}@G=D<00;vP;vjt4`1jP^{a!U?ow(manAJ$`4-$51)QsnB~HC}+It~v5K=~d_n zygP5|vKtvHFfd0OA{6ZyFG>%de-cEcSptEDCVD(RwQ4i2V1qTQBx2 z4k-CJaZ;DD9v$gg;%V1{VDLz!z{ZF7oSN-bN2@N`j zAHdS}!yAjQGyp=h-KUrUoL?sybmXVJl6;HC85WMjwt+PYK{phywEhD|@g(C~w;nzo9JrWbm z^9A0eiJ8OJ_FPzlQ5c89#RVPKK;l3w&xNduR1Q{>MLY3IqN-#zpydMmO{jwH6L8C{ zPet6$PGR?)Rn3D`o{Ko_;iE?x)JA%-LYa{|G2t<Zr5Hj65X z&Vm&vOhFF?YD`k6>a}8Zkjht)x`gS36lf z?_6{NnQ(HhSFObX5e2+9^xRO7mC9D%{gLP01uD*bn5ZLVqX(E39$565aewde?-W^CfziOP;3Q z0_Us93R^wOTngh0yz!=ajV#5iv6LjUi9`mo$=rD0t{BgmbPn5oEm{X;)= zu(ZRvW_#ZAUHm;4{?`p(-DQ3Xbcg0890k@6tCzeHOw^nm^fW;6N5gtwG*#(2A_QD? zn_vXSC6MkhpNRZK0Ni){3b?BViXNJ-?Qw?wh+ABg1+Jf0N2}{XKOUM7U+1}U?@U#p zRi$|aa9T|(>*@|P`!@RH!Z8I)od3E86Tl;@N3q;EwE=|xNPjDb6F`LMosZdYV-4Tb zd>3%1;|b;azgG%G{!v-^M}Gf5)l;?~0#yt89FC1yFi@!ATKcvveCQY}?&%&9PbfWi z${}O_XLcVOGgs@{OYR`t*8(9-YvDUK>&B3)N-t$U{Me>jI#it#L?r91u^%qHBYVC| zogV|f_TsqoSm_%EDjPz7RW@8?wD*>LUsmxrRuiz4(EL?pdgg07&cgJ+uK`{8wln@n V3c#c@x&KcpDRDWmQjt$z{ug;*Mo0hv literal 0 HcmV?d00001 diff --git a/en-25/img/Grafana_HSN_Errors.png b/en-25/img/Grafana_HSN_Errors.png new file mode 100644 index 0000000000000000000000000000000000000000..f43b7d02a6f59e15f0d4289ae9f98d81f47d1801 GIT binary patch literal 9558 zcmeHtcT`i`_HGnVigX2O(m_B%Z=p9afb`yLAe00{=v5F95fG#ps!9{-y@Q1wib(Ih zcLeF=7tXoko_og|?~Ql5SomF}x&gw(P2Vsb;kAy5~4CZvy>J(ImR6aoNvPq@aQiCdZO zDD4)ru#cUDaz#9mSG{d|l_DpqG$Ap!uSiQupIPyBMEMm{%JeIm@a!jGk=KiFSag&( zgl5!qIr25R(F9b^l41zOv|ZR~;Gu5Q>7 z002_5-fq^m&h|(q8+!*ROqyl4p@oGBYA4NNDDss5shgs`BlL+c!d}-`L(kUN*;c}i zMOKDT${U0=;A)SwX7YA*fw_acrCI*43&I{>U*=G8izV9%sk9Fa&j5FekHmlx1W2na_w@CisrNbvCs@(Bv^ zVl{Z(ePBpyZ(f)?>$QnLZ7A8h+ajQDNGKe}bZyhx2JV5BW?{j~nf_%Q35EP+9p?To z5U_CYT}$``fc$*_seYZqe+Tnl>erIL)UR&_8R^)&!(BYC-Al8G3Gxa2Vd)Q%@&8`* zmqZ^1#YQXm*Il}B2-3?MVK2?1M>?>Yy3|4ITjr+oiT>NT?e?_d8o`CAzO1J^%r z{VfFkmhwNd>mRuO76N}u`JdVK{})_@f6+pF7?ulqVM(8k49N>DVI**SV(bn85K&ye zZ~UANyZ``bDZxtedfsW<(_Y>Q`psYVcZbwDTz}qJ3^tvGR`xG2afQpR% zUp=8261zVAT@t%|tJ3gD^?0@#bq+-`+^?3Md`LW8c`}eHE>NEAA_m_qgz1D~xsJd% z4>8t)0p!>(%bq2VN~ZMx6qi4k>OCZ_Nr-QQ^)T_BymzL4Q?4 zLdoTz#uBrxGbCTUQfq2b;O>et@?s;!L~WoKuP9-Z}$y>WS7b~w%{X(7kzTD4hix{Bx>7HX&@l|QMfbG$i<8t>>N z|NaIYP(q`mqMTk+{~{tHYuJfK%G)X#?NneM89-6rc&)7Mxnh^oG>OdJ>UiLXpQt*_ zyIdz}9PvVCzwvm-Ieo%Gt-iuMWY5`apr>|1EuO9U#D*6N<@{9mnM0WE9hWYL`*&i) z^BzalC^h327%N_wvZF99$7@D3Lk)(?Sh0E7dBlAwSr5|R9A9MWsRb)ss>{)2sWU6| z$H3K}Xe_MMiFumON+~K5j-$L+y;S>J!tTX2^Xw(R3N}s)0p%4vh zAWlZNnZlc=Y(R28K6t5Oa8CB+`y&&e1>fU^5mUHb=NtJMgsGFQzdt<+m3OibRh5vC z#GH%e%lZ3H<(DYB9WW|>TkLOz+OG_*}*{869fmE3Nemz4&)?^-h(ot(++S9XC zxIluT8z#U@tP2y{-=f6vmXd-(;c0XvgQSQ+!l-${gK9=36FQh%J<*O(#6ufi+^d;X zc5}l&Iy$nmgOnl15f(!SL_9;>;b z7p5~9lcghCWZGm{LH0(LfZL5bRdtLN*?{>cVnlbohyaMvG z#L}{G1eED7FreMqalE4!HWRptlUbR%+Bbi;2@&$#x^K{UC}nN^A0)9dDjucD)^*WNr&6Gwf0juVlBTYSD#hxU^b<78ze!X}2VDWf?u zV|&O+govtV@$y*qE2N@oyqGcQqKmWFM)VxFxZ^><{jhIdla zF{bfs)vmL6UrOf{B`asiS*1=ZG?wSw#2eQ!Cdb5R%fNJAQ!md?jm58GVid9l<`CeE z1GQIT(>7&VMtV2D>{*AJ@-B|AS}b(2_iJm-p#;{C1bP|~w16-)rjmCOth0y}Y958RL~+Q2XiKOSg0} z%zS3--r*o0zuO)_M>p115QR@nY;SW=OR_CirWtY^eLt4(N+?+)Mb5%P#yGD$u4~Cm zx?x+zbH?A9{QyF;k*^E1SGZmBrQ1&Mx)>%h26jvC2K3~-<#<1QtK4h$#uSX&us;KA zXQxzPuU>B_<@bAMm5;Bv{p49zT-P!^XvvtP_H2V^(mc7d6F`k-kt~h3#q!7mycE zN~p>q!(z%YGsBWldz`zfvZ&bV$<;>xgvuKY#_fe zNc`ZJdv3r67tkOO^E6`P=Sek@yf~wsMqWjiX9Dn)^%gUoN@YdJ= zN4Ki|6|WZfjEO?#WdBQ(YbKBzKct0R=nwAby`*v-JLC@vY409+Z`dF${$125Wtdrv zsFw1Z$HU9zN*E&Q(2@2^&AHE?su$eq-*mM$nXjt8ByRYj?-<8c$3HT};vOnm`s=IO zA*Lj%B?g+QtDHB;d#i|1=i!o4IJ9hn-ke+Iu*I#+(N+Dt_*taDX3bqfiFovImBO|0 zxTN+F2e+1@%^lb-)TS!r&AIf4Z9 zt-po-2pr_UFXUh4D-B@uKjG@XtTM>G zE9BrosBiB7;Fo`?8W3id`t2Z71Ba<@dMw>lHsiq$#gpl#9`Sj|*c~6<%1l z#jzgUv42WCn4a=Xe+a~%x^1U_bnzwqd|3OzR0@II8xwiC;E>Yb;+Fax&da^;u~?R2 z28@*U3#$JyyzWV(FWLiJE&K z9{s|C86a*Bn~~Oe02PfAHyHJ)WR6zU2@{42bbjIt22K4S*BvjVzG zGWeEo!hcKIX@FZ=^QIb1%rcGN?R~3~-TU~6j&^d&>=n02)KOkHD&zfP!<4Eo6vs$d zb(cZuoUq{ZOb;*axf6_rqF2t`s-`*!J(7NhQ4|-9DD&7P$u$o&j;JmvEL@0`y`V`} zJ2>5mnG8Y~7C?}O`VHo40XMBmCwz7t$@N7e>q4_?rQ~l15AQ5oW`!-GHc&%638}Y~ zb?wUbm%%sy$zR;-)Va)NSrEBes=6K_JfRVZlhsJUpFGYq6y%+|@eA7B_Wp@5ro8%? z59IRxnU-y>7R*zkY`3a(Vy4#@Ch1u*z)#l5*GYAu9|_>g3=nU#dy*rim04V8lMDf~O?~y`X@S6sN6H!2b4PnUj2A8;3F~N>OQVBhTHZ|0XS+ zE9N>8Zo=>-jjkB7-6D$JQ?>FzqR)-W?P%I^a%9%Q;4GhuvIt2%gPPmLnm<*IG7T0k zG4{$FSAw==;4^RWxW}cz~Hgrqa{Hl%+rq)y36!AL2aI}oCV=X`8t9s;c-&@M_JuDi8(FQlGoXXMa z{;9@a&r(&yCaLn!z2AsA-=tBb$cZpA^sGjNa8pHZDXYqhSUT%V35&)=cc@`w>!G7U zQ`6jvxi|7&ZAVcxP$aR6BwPh=zSIwrcdGC4Zc8Hx*5&%!NPH03+yoW##Lt+wAPDZD+rDbw&1ddf?s&PKGYCp^`G(H#c`+d=QxSs6w>9xv(y3AyQ zi+dI0TTeHOMl05KBtd4GFv~Q|iZ>TwScpgq!}ks`Z_q;45JjOU^}S(_!&qYL@2<8e z8FAWzVGWC_=-N2|gd`F&-J4bG>HP@U)mD7rG%~d|Zoyc*oCw89-Qp~ncpNvN>Qb9T z{43r_nE6Hxx_9GH5T3zvOS#P2g2I~l#=D-QCor*1x{+lAGl4gT5E5o)?w5=0JCdBU zjXsj9IU(6)Sv0b+N7$p@R7sht3}G%*!~>%j>MQFXmzJJMUCcE-yi2_c)o~6e=glKb zM)!t1+jpsTeG~^Gjvy+?FO#65qWgA9d0x7btKGVGQ$TN2(1P*XZagL6ozSE329@>H zEoc4u8+nQgXXL)3J!&>`E)Nq$syXs(`ppGimcZ3+&S^a(1}N)SJxm~!Ns&(Q<2;mS zq>%G*{pAdi81{IgK@d=zq%U^IVdKj~JwgfAtkAeFdwQ;lQjrouK=RUpQC*mBJ4o+_ zDl(S=<}Mi-Y5B_mC1_+-1Ft()+X z=hev5{It%j)8U1 zmEd<+Kxh5Ok>}`T4jCQA_p0*mRiATcDa(f?MvrGO?o@^khH`SS?X}|ee^DQ~{Y%?P zU{a_L_}g%Nt7yj=9_PShkwHfCCGEMkzi(}DZ(X7~>^>XiQAQAJm6H=TUGb@sDy;_- zGiDiM@i96@a|g}jGrCE|h=%E{aW6oQPMhhjKOoqw*sgyj)5vYLktA6Rsv{^^muB0c zS-w|%x=m_Ay+$%La;7v|3iL6@JOs!zKx(}jTD6EXbCUMvzxu;XnktSSXD1m0YJIdS z^QLZ)HyT40(04+`G!fq^!W7s$21@y5a)Q`o(>~AjdF10d4NpmbrXJw!QNN|)I1uLa zu;{b>j-g8A5Y!u@V+pYNc9W|l-_|{b+#{GU?|auo55mR6^KpAkAXByHqqMlYe$_ii zB#{Bi902U9EjB%h5}VC6vyF{`?xk_uEHtmV5xhZ5`8bPQ(FYIPYBO+es_&g4jzBx+ zmG3X*3pg3eN%Z|l9#vd!eJq*=G8=Z^r}}{RzI0y9#-}K>s7_yRBJJX+V{m9hwUIx7 zjHrY2glcN4`KHvl;E-=O5A31gX#2MSg-_vz4#f5|@5J>~@g#-Nr`ZGfu7>na!ELaT zyr32(dJ;~Oh_~2hWHuG!Pr%YM`GR~X@eDueX&>$W%09;;O$tREz{7HH$URhIl?%Fn zEvKi)i?bVl8o}N zzOsWaP>oUH7Ap%|_k*Eqr6dc1mjVQ!*TbS$rPJ;o996N|L_ZCz3wze25E*-CVGr8B z>QMH1>AJT<^GC`gYjW}F{4x`mhIJ0hI6F)Uh-G_%fM)rzd^YR+rlJlV67kzF#N zApc~e@|~Ar@cf0Y$>c#|DtkkD+3>iJ3&Jv&ZEb91O$=%1I#C&leJ+x8vA)l-PI?Iw zNELOp?O7wAt}Yo#D3)Es`e2_gZgZe}YInF1{m`z3>;ba*lnuMrx z*p4q>Hcet&_}}X8puoc*wvV(kLV=}YtwZh*veDnMY)xaWn63WB`Wpi-;yw^6%D$1Q z6?pQqdb10t>8%X_yQalN^4oS3RqmpM;fYhhrq|fwx8?mZqP%Wrl(;j#TJvt5z~yDJG?o`;1o{em_`p1KC^l=+l@V~ecC+~O zdhp0iR@v|k&`9<@KiTtFPakE90uoKSc69I2^As}cyxxT{6)$;tD3)#sQ;F%P7b(8y3yl6cjbj01pnhg%kCC0VzpyH- z-apPH($1Hvs2+M{5^tl3-R&O=o1C&8ZQW7e2<16@;ckq1vf;!~2ADa>1qQF#~-_6mldJX;|P-ciPyP{tv+432D1r1=iPerX77#2qDX+Q7z zodMi*td?=7bN+icvxKk!TTx#0^qgYr>!Q~AeH|+faE8(n~S6}dtg&L># z?!X#Z74?rFZRn5F<8m)MCN$@XvnTob;@uVozny{=dPe>L%o3#+CE{s0l~Gb=Kc0D> zX_(k6|3>w>$-vcEfB;50L5Q&1=_LW_#^LYjVGQq4Lis*%qNK$`h8v&78RiYRH1v%qBVHr_e%NCHW*oP p-R{rZa8Rw{{kyyWvsb^66}p>B&dU80bNw$Pu(F0yv4T~|{{Y&dKWhL0 literal 0 HcmV?d00001 diff --git a/en-25/img/Grafana_rfc3635.png b/en-25/img/Grafana_rfc3635.png new file mode 100644 index 0000000000000000000000000000000000000000..dff176c82d085701f29a34152934d91f08de1242 GIT binary patch literal 11670 zcmeHtXE>bQ*6@TNh!znoYJ#YvlVOMwC3-K>d!4}yGkT(n;1Qi5A|g6rh#G>3-ih7` zqmEwZn>^?F&U4-$-}heU$NS^Gt~1x%GxzMZ_S)-SYwgu$M{8>;laVlx0000oRTV{D z0N_Rm?%whiA?~xf?w}m^mF1^z4A-?ruzGkw9h}|lS>e7O_N?|uX9oZPIprQVOV-AE zJ8V9k{lU*uA`$Y!kWn&Fkh(e}`w{crnF7cXB(s}c!**ANucNvsB!+ilW`-{8CV+7v z?b>4L9`y;A)|)mvnBobMy5=vt(?Ev-)>6Y4sqcPy#e8+&!wS6n*i_-e#?gVtW29ZZ zC*qoE$-CY&cAOEHZFYXkG)eO!L^d>`of-@PkUVk5F>0)#4zh*13s~DhZR`b*?jE=& z005+Aksj8zuJ&+N8+%7*2$+4h;VV0Al&`$VIVu}pD1uwFuSpaHmd^E%brzKKvY1G z|0&YhN0?oPgjL$h&H<#WsPq>J+%GV@6CCaV0s;{TgaATB0P5uk6ngylF;Gw#C@jp6 z!{CScLg3a&ehBQrZxa8Yp=b}Y^>X%rJ3}F?ziC?AK)vB$c6J<`^)KRZXNSM3LtuXi z0VfXNZwOFGKoIz^=)ZONPiFoL`fteJ=)Wg}jCJi{P&e=2%Y)e^gn>eTQu-5Q^8W_? z4KaW?|5)nJVQpum zy_>P3v%5V6_9rKz!jgYa`V(sMFVM$g?7-hT0RE)}oKAuNRO)ZZ{?EVuv&g?C`GHR2Aj)k#DzW5lDT5^OpVHQFTshVKy+^4LsspRVqrIKi=EO>5PYz z*_$I~QC6*UIurHds262djzpwSZ{B?RiU7_=eB+KTD>zYIxXbQM*XTS8HKDxU?Qbm? zzS+LFB-XS2cfedHP3tqT-A6N!TBBTT)-X!>`+Z5u^#J)>Y>GxIEqCN^QBgj$B4!J_ zb!$_Bc4h6}-m;dgo(04uSyEg)gSs=$`gBk9^JkxfX>1KD6EfUIO)rgHSmZ`g%1140 z7Bi1`Lk(-`!vNhq8UamSVgSqXEy>w#==hSV-`im4&t~I$_%p2aUlVOFxIqyLlxf;)gL_F6fen58+?=Ha60w zu}iMEpE3VXpqLxGx=oHb37&a1vf)&zUTR21&D6J=YTh12)pps_0K2_)%sCfyf-fwB z7#vo0e8X2uyrcknU^4FSasl)Y)x3^}J`##&x zSCm&oMMMzZ;}6K~JTr%FYap9SL$j6gR{JC@To9JwluO#m8ZA@79blVN?WFE;nB05z z2iS_wVUdw}6KGWprWse?o%!X*c1W8FL`@8EFYv0k>?_tDTc;>Q%%<++(EWs(? zmTV6Fz=@hN#8q_}Z^6Eorz60vX`>(1@v=8hBOG%A&Yw0~PuJX!Cs`80Y-9mN&@%oPDuyA@m^dJda z9QCFGkwd+(_VTt;{Z9RA3VO&%wCRndQIGGZ_76dg$D1(ll!HI{95BAKZF)DL<)en| z{>}x9Nb_SWRPwR5#X?`L?7NCDY1gXJ(t9mg*VW{aq0?*g%Bs%vjN;cnR=N^T&ojl4 zP0X5-);ABJ4OB0RU!t!)dA+^8S5|2RCG9Bz^z)-l zU+)2?=;@n!j&cI83(PoXr@MH&^L#wMIV3d z!usp5R_IrE{DqH<*g5tJXOwBb?5>;4wH@*E+UxkPM6QINz?Ys}af^*O))JI4Ef0Mh zcXLZ-Rwx8n0`|B8wF6%h*c5c9W_%EsVqqhEN_zUC)j(?bsN+xm@bu|1Z@&zL6uNGf z8S?eu2H!o>XZf%8JRUeyrI)9awdk94cn3GsKRrK@J-rz&ubLwh_^GticDw%QE={t> zF8JWaj{)9yC5>+pb60@9S$wYs@aUK+H!rY&HMsmM-}9QwZr7MOJXUu0kj+hoplf^H z=@G=>GbE3+Z$cy+cDY#xq-3@bv#oUa5HRifuO36LC>B;XlQ8E)W!Fp@5Hmg{5E6C_Z2;^ zvx8liAi&xhbIJtie82&JcsR%5Zca;5SHZgp1n>tbnd#m z!#q|`54U^tv;>~y4QcCGFU?)Ba7Z~)5creQOR{$5^jit;EnFe)(5yBnC#Ba_J(W2+ zI^qksVglTg4glhxb1iyEA}^yICyk8TF*L$e|oOYI?N)TP{o2}5@+bWKd^%H22);jTdZ5Bm~DFIk6=&p{*@r zM&@&+wpLY>fO_z46YHX-17ONIwtNCzxA)D2=&Jb}_TaEkPjY=GeRN{tU~~ld8RtZy z6G5Hnj=jIUf&e-?fkPYc5Bd4RXQPRQMZ#499WI;b(nd@-zd!|D zeJA%f&eNo8?GKAL+*y&UaAR--E@|#y5oAwwMsVTe z;&orxzJB%eXYNV0Qap24zxkwonyJiQ$v8ZK7do+XAD|S=Fl2MKAlD^*vbCJGLw))& zmp7RN3)65xy`s(b$4h=T#^bKs$to#H2gocv3YS+VJk(m+4+bl$s&Z$FUn$~@vbO(g z{Dg(?y)4bhNi)(GT(J4FS=0lFdi|@X1U6vTwXQZ7O z#LHj2ufh6;2B`WLT#${c2I(R0mH>uDd;|}A>6r+Nug(r1T505n=g-o6;S5w7^DFU- z8Dz=UmOf4Tk1t=GQur;$77x@eaJEkRL{EYxZVoGm8v1!q_!Ic`P?RB-uzaFNLt;L< z&tVy-Tw&+oc0*?=5Fzn?bGEC7hDPRBs9SXvY+c|sAwG9sA`3vDhl6 zbmIc?G0naGo|Jh>_ipZAN6oC%5Yd_+yDQPu#+WnRqN3vGe7k&KkLhBq6%`e3`C zxb4%dRT`Xc$ebgIU7O7(Y$o5W*f9qz^pj6e%is4;BHGzQINm`bhP{tQ&Oj_d)pV&n zeW&}jzDv=Orx){OcH?y-8`KP5KkD7r4Geb}k1^nxsY!8)O92^~doSFlg`a=$1ZCO% zcBLgHJs0`fEtVPng1fqLa=bfw|5FXASdTWpwIKYbMp)=L#sg{AE`8`H>7AXPO zG{D9~p5)|Y{^9LltH)AOM0;=kpd>mKP$Abe8k6??Hc^H43tF&Wd@td9k%e_N`2JnV za#!%-!!K=t1VCC#(afPdrSo`oGdI42HS>uLKTJY=KwOj7lcv&H7Ze^p3wwWGPeJ{6 zyca#Qm{^kez}i-9)%3PQU+p};Al#T?wi4_60bF+`nWc%v;5K@9qL%DH(HMH_IZ9)> zGoFJ-_)f!YKZa%=?rNT|+lBMAH(S1iLl^>t zZan?+Mf1ccPY1S47VLQVDWSdNyVuEVtxZy7T)3nF!6?kww)3@(^0+{=2`Z(r5l@;K zSm%3oePNu>k$*@gEBN6E4W0h7+pJ9g78LdRHQ(murXbyIb-MW``qx*9cj#pT9+{Xl zeAzxGlJs4YJl^5A(}FOQgukg80Od_zcx_vjFBCdj*iB*#dZl56t*!O_MlL>Q_Ow+; z6Wc4Rv>wyjCqiEBg19_$g?6h0eKaV`ouH?+PbStcgLT6tsFl{s@hj`w92^|!?i*4S z#(YjFxwpg84+}>&(!6)nahswGp91_nNsr6AtdI>HNCbcZ(??1#0c&PRf!*d4Dy;7r znNl1b2?+r`ee>l<^~VGnTqoowBTl2e4I7}0jQhWiTFqrN<)dtSbVk}hg7&6Ekc^Fy z0zvdlIu2yFzGbZi5m1dLK6Gs^*PFTgJbg9NJ|JxiTK)J;-0kP<4jVQe;Wx^(Gya3( zfgAeWDby^-w5toMj0e!Bmx)}OEe=)t+f%!fiJ6f@PAfwMCzSp_TqCC@+wNi2)YR-3 zUR)!kA@_jSpL;q1tdho^F$1#wgVk)trAKbp`;Hh);DB6~`0CxA21K*0yGys#+AN&O zuPJ+JShpE#O?@vWJZOJk8nZXckGJ}k)X{Ts3+CC-6i^%VU}HmS5PdY`e-eP@>)u(B zII7mGTUjF2d34v#&LJV85dY*cp*3WaKks`@KSKD`UUF^ z9IuK`{&>L=M#;|lS9O(yx%C_PgcbZJYVH|n^oJZA!qP9!e~kP!`CZb`6CACVPyGH{ z%Af4t;F$O)$^YN#qs<6no;dhpT;Uf*u1fK*{C!%Tj=|38*`vmH6gy|CXk_6@wq(ZitI@B&qMx{rlt$b%7bq8<0=(Ddj=nWwTO}22 zB%{0gQgzevzAMOOq;%I>HIqz|C;3io=fQ<=f**ykE_TUy#3D0AmG)l+&JV1Yj8HLW zp8s&&QMvYqIRAf<<^NR#f|yz1gFrm=Hw~CmW(xDas!8%Ao}poKEXJ=hK_Eghj^^%` z?NNqzY0B5@?^3uh*JUV6dPCd6-KMr~QH3^7Ls>7=@LY+Q;u>DoIM-_5gV^(NFez|m zf>1zqSw!lCPBPq>&ng!vCJmJ_7!u@OZl|-0%Xw&RfRnk;`beGm8lk}R=FkBckAKrj zq?d1_?smE;VwfbpCDMA==bt?8>Ki{L9JnM)@j|Kk;uu?4hB#}ev#1lt8Q9%1*( zynfFQP_r#hz0@X8CDMXb-pfxFzNmt`1g&4(!QP6jF{qu0X&XCpt=gGR8(=C%u1xZZBbfzgTvYP8p7++U-ozxT&av2tfg2f`SVPc34asksfH(op|WYsTV)5TtV zm0$KK5;oE^wTRO#TtX+i#=$-P%za{+ipS)<^UxKL_35Uu-ZM9;-JLyiN=6h8zFK8EN1zzygl& zgF#M9Xs4a~%66~tHAt8|X0`*n&F7d}_flsl_wp(XnM8twxUxmCiaj0Yd@bkF8>{*8 zAzga<46SQoWJq7U*E{B0#nySk_PNP+zAi%#;n z+QJTpDv+jCKR{XCvC?(G83!&ffdD5n7q^6jbZ~XFxcfEn3*XwA4$HFo*M)jq2U`c_ z6}Fw4fa)pMowQ(lXJ-Xd_k*SrS%+DKY_)0GMC4v~aJEwEPBM=a-|<9@{EgI)-vtHA zC>GHCP4%T|Z#R`VPe^SwpWQV@eeM7eO{^AAzw#8V+e0?;{WNO{(IXt5|MZ~fte9}d z0?4u}y02!!MAhm7q04##k4mxZDG5k_-gT(>z>-#vFR?!cy_5$@QGRHv_4QaL|xbJ+0kto#T!C)z#9JczPIK?W~sqlm<0{ zGU5VoW`<7Gq-xtDM7YG>jNFL@{JhV64+3<6np0CR-!@CT^HjAdOUox6U|d_9@zNUf z&D)eP9Ie9>KpVWK#Kp2xVukR=S2!nxEvE&2N+yw+b!VR+RxzEYZ00SomN#P&V7e1) zSlYgbsbHV)rFe>ZOIhlOlffcWK%{Z(Y?tF?@>Yq9m0$1!M~W>q+YcQYlS_b~1qIbR z4ccs@C4cdXHvcGGxsWFgwVU^Y&;!n_W!s(g{h&K7}^6;i7)@5Z(8N-9Qz?aY$MH zk}e@9h27$}S|lzE?@jRz|O_$s~(&=uFd;h=`fYdb@MIvghoWs zCXMd@e0}$O`{5$A*hkOaS+P(TBWDk`T+_#FY*B5GuL{8OzJj;KFRm9xNcr_8BhnC>L)O*&_?DXb+QIcH)5g<#!!dl1l1aRzz1>8{_J@4iOcER&hJY7? zgoTsa)t|Y`Um<{Wlf_LnxRi4V*I7#w3M7e14e0nDD=Qp$?mXLVJJ*OtE)~*Nn3i7K z?^jlu!H#nLOW#H+_{>eP`~-NJVjpR?z?OB;iC1Pxa+ z3#&yxKc3&>jqG}s-q&hQ{pO4BEc2^A@sJ}^49})J}moE~%u&9}v8t@pZUoDTw#trw16D4NB9h;`IcXnMn(0 z+o#5HN~&)K;Kp|{17lQL9=Ztk zXBz9uxMaW;G)8gTouAc|sjWx%T`R*)8)9;W0>41y@5BJ_t5yrqCFZ}Rw!QFJK2-!b zP{ginCRFm*91TIJ1qw0`B04|2?a&c+(0wXH)zW$SBTY#x%|V1OO7l^Gq*2j#y2Yov zCeCJ30?|KZ1GV_(hoh!fImOKel-DV2yBAbMc{m=tm)Chj<5v91@o0_#APu3A z;z4(bNxUc4wH;;p^69Na4a)=SfTQEh^upIsB=+V(WG=C&k~-4!uU9#|eJq(lWFmxz1Xd8!yIScb0jL6!#QcOuwt^tks}0q~67ElH?>RQE zi#>|-j%xhcUX>eFx}CXHoAL_{B_Nx?7yWFReM+XLudrC|P@)@F!Um}Hpy0vt-OOFs zcrU#iqnF%vw1rpAd1GpYGDNSzI z&*(2n-N;IzBX8MiO=vuDrJBF1FH(56BFHv=0u8fJD@764PWRBX*&-o&Hx7)pl}Zgf zr(QH)=N8UYeD)0p?xO7hRE&;Wi)RWM7*a9OOqMntV_ybiCTY$5`;yJEZ8Gvl^Ez2{ zp#er0Rc``27n)!ZXA@}X;J$?tJ=Bf+5a{aV-AGN}xBiE0zTz2%X*4yJXY=&o^oo{9 zv+pC*e4Qn?>^;H9k3-1n49xbQ61MvB8^ynVP?VLe;$jI_3XQ{L5UvH(XWhz+yWk=R zu!8u~x~G(yyCm|+h8Mi*jo;`+Hx0E$1u;z|)(u7Hb#*NmlC8;L^Zv5?b&MP^~iKkYY)8^-MR;clVvEk(3TLsGJ_p+0@i3N4u zqG5?^m)I&ye9U!0$*rv1PqR+U+Rh9Ueiy9UfWC>_>bQSh?jM190iojvvywP`iDf2o ziD#&g+`uEiT?xw@M&gnt=GvhhJDWP@3?Tv2!eXZwUiW?kHo6iVO~^FRuWq~Z>87X) z4bBhx7L!()HN3B^OqiYYkBX1&*nls>>s3^u6mqpO8Wd1{u7~Zg3wH^oF>vt}s3`H8 zaQ+X3YSZp}(SrJyV*bUdxX6FhPa^NlWAWILF4UIHd@98PEoGl<9C$_}j%B1BKEMAt zr)PO}X605k=t1%Zw~l1S4Bxpu%Z1By_AMP(gy(MiwX`UIxK6ZE?>#9*0Qw>`Yi1y- zb2%RuE-F0<&!2|vp=B&9(kBBdXR|%B2*c&&VrNf&#ZIH`z2(U2n0o6+#pcnm!i2Sw zj+$DxWd)`WSuidii_SS~QcNB@THS1Tws~4w9rw~&uB5m8`yxh=ORT8xD55>$bMYC8 z?KrDt%hdc)ZQaZzdc6rC>TNycgdiYr#x-v4(xz(b>-SEf(4KWOqT;6vMmF-&j1pJ9 zs$8+QS`Zl;PHG{c<|{$E03%g@FH$;j(d1~ZtRLSsWUKu8K!jurKX7@%Yo$C~8lhdD zau#3T(l0cP1Rk_#jM87l-jq0T$ez_zNuG`F+-4J-YWb8V^GTm)d^J7#wqX@qi$**% zRH#ZBZk#IT!f~v`#f$0fWw^UIKb{n%H1`u12SZ%W30;jFY8hVOoI;XBwJbF{d-tG1 z0`$dx7{JNJU;-PYIomy&Jz?DU1J5Alx3BAo=D~xpnZb)i#R6!QyZ1_b5!QfU%+7#` z&JP6S2$856bjVVVBC`*K(8Rk5EHt(z1SIK1$md$MI(JF=QSmu5Gu1n(+$Fdt zRW6)v3;^i|T68AG&r{ z+T8O;N2k)$C?h^+m9ICm_f16MtnVE}6F%}Y=+h|A+(l{Hd(-(b1Mjw%k>NB=hvxI9 zr73Cx%`dVVd|=p6tPL8v;UsGM>Q$hTU~v5}X*V*mnZRAVxuA80>M8t0E?r$hYf%Q@ zowHPv1_;>5{BdfoGk3u0kPUO-7X6lnhV)@e)@-&rtXj~7;i|1ZMnrAW%(OF6k0^Jj z$Ry`^N8FMr`)g2k#*!4bIhd2Vwx>^dTCH;OelIhX8a%3|tzH^hv5RLv1SHCC(tX$R zNe|YhdWCEL1SFU!Wuc-I2^Br8T^_ztn3`*KUu;#q!ezmYhsze@cA38zKQ03wn9i|m z6rx-w5`O}7J6Ob9OdR`L7M<81v?0nd3m7KT@h6xA3s}tg#G|C`an%sH&Y#zdqo$ds zR?mq6Ct8{g>gp_niYKjZl?OY}4yOz#hn>EdAm>L4IS^Tg!}FMn5fTD*HIntDm0Jvq zZ~6N9I?(%j@rmcuj79DzK+6I{&$D01x8xF7(;PKl4SZalq#lKCi}!amo|nE~J3soN z`L>3jwz0uL-u!MWI$Sn>pCDPKi4dg}{w$xJUw(idKd|jxpgigtcK5!MKP`E*Vy=D# z=X86@XFmvIYSgp56?7JjU8)H^-E5><3iPO^%aO#9q6!}n%f9r_FnY<`Zby1mRu{Wyp zzN)g?Rjm=1Kz!<^QbBOhMUZ$TQS2*mH16arW$wf~mu1CY$9_T*)&1onoSAK3cB?f}ew( z6_}E>E`zqmqD>2(M81SMP0M!q+O+Q>U;Wo8SLeEpFlT!f$dQiWCl-X?T}d5&v~bqf6V4Zmt~W94528SmF; zAQU{SyN$nOo!vX{@G%D_>Th|SPHV32+9mh-NWCflvST< KDwfGxh5R3D=9yUl literal 0 HcmV?d00001 diff --git a/en-25/img/SAT_Grafana_Fabric_Vars.png b/en-25/img/SAT_Grafana_Fabric_Vars.png new file mode 100644 index 0000000000000000000000000000000000000000..194d75b124e8e6289c15cde200bda4ac11006cbe GIT binary patch literal 8031 zcmeHMcR1T`*H0I!sFv1Vsnr@GR0*N>-fFLi*aQi&DMb}kLA7Q}t%|BuRhwExRS`8) zyY}Aei9Wyg`91IZUe6!DKi)sy>-y!olH56;bD#U%pL37%J&DrMQl=zlBnJQhl&UHU zdH}#V9I?$uMne4LB(L!yex>^v7^C%I7(wbmh1^6aaChGB$El~!&Z9&0Oa=_iH;g;YCzyfS3#I9(gq>ukvyQrY3ppbx~ zkE1sjC{4~T}NJ%Hb^ft6bK~Z?0*SrgM@!u`VE=Jx)T#Q!eU8f!g$$T#RLTaT)BSsKKFer=m-Fy zWmZ*?HSkGWPWKHk7#M1+-yI(+)7*jH7rTG|@uc2i)_K=e%$_JgGNIjb`L zzxvt*^+0=kze?;{cFb)?a;eI(QHNd{?9|L8z~<{j zVdLZbcfZL-cdN4VdKSlr06XcooF>r=+3(bUNpDaeT+tFE*_;nL*J*>Ay!uFd=$_5A zJ$JeTjg6cTebex~9C?_m%$C-oL2n>0g}v3agDVkDD%>74@g);s4SMO}Jy7 zWR_O$y{}cy5UT%TcsLMeS@wajK9><3PLSSmsIR|tKICR(vRdJyLaH!(b4T7xJO9K( znaJFV&bGU&E7LP90+CXKbQISp*fNKli5_ z*Dp~W|G*vM2iq*#%esG}3WGRuc4I}EPmSCv^R$Nkji;n zQnJc($QwXw0<_HI?snfQ{wDt17`H51`2pBTzFK68%Ic1ic)-HSOvSdm(je?QC*!r; z<%{AgUWuW29LspAR!jC4Ut9T@vHSaC>5s3UOCa5HT0CkXxe#)xexK##%Xv<2?o!y)9H6Uy z%F^xA1fyV$JEOMLzNjQ-<^28ZUe6wjN)flwA3?5y2XoH2<6j9uZIlt>87Cubx&=1C zAz@g(Aoe0kUF2m-IzXW`$Nqz;-q?zrspWN)+V|f4X=wyi|Hey!*u9!_a<7H1y5eSD zBcH+&b(Q^g3rRvJgo>BJ>xk%dgW4w}dDGZyc@u>-)$~APecEn;a^N?H{U5OHFUT!8I@HVA+2Co!Ffbix|z`&9YJ{gVN7TN!(5@Zml_=*L4F) z?d^GlFfJsFNyKGrgNRMiW`syUn;X)wXe_C3q;X_hPwE3ZZxiz_dc<@!T#vU>+{Dmz zwk>ZCd`GntHIkzGowtiAv*UvpDbg@?zxPcVtCdB?pjwUuIRA8NmShDY5*NzJf_#u_ zGH4Cgz&>T-wvG2|;1eBxE4JxT8;hLf2Iq;g!~$u^o0*b|0`Sx9eXn3A3{{--z~hF3 z**@Xeh2pgp0EWM`>pULv>Gp=vR?l5){{`}@8e$5*U6&wJ0}q;RVh z`RoU}^O*Or;&3BSCT$;XxoJH|WW0=%p`FDiRg>+7wU;W?Rz(+^u^ess=dH`e z-YDztZe?`-OqCFJGcV4+NAM?|Gp5hME9;)aj}be2L`C=vK_;-F=Q>$DV^L>v7Oa3MeR?zYSv%Y7$R)!;XJKnlf>bt+<} zgo)ObD{EcPmBx#OI6AK1b)~`^rkeN-OlN$sI(hrLZ6{X{gvor+0FoKj)J(l#5?^pv z;>UNVIRc719V^XJrb+iCYi$xiOC; z91mX)evfGC3-(VVW&43*Na1Y+M-kpS{Y+8F^tfu`-L7T)jA@D>_*b z9SrloqGd%E-K`0;J5O{KrsN3G%8P@f^1OYn9b9-Z-7*%}UNden7_{KRnu5~;Cs5*E z7`1lmZ(fdUsxcYDqrProMGd?7ZrzrR9-H8zrz)%QA6qV&Z#kMDfp=&}XOA*gOYFLi zbgu8$n2S1dlY~9YY7)j-ZmwS&Oh`>_4!p9$$-#k5pS4AlSU0BA$2RYV`-eG}=H`a! z@OEw6PnX!N(CWoP>YU1Z=PwIMi#%k@v}pLw#~lyrhnH4~i|{?nOi#Mnu(ZxFDt^0A z+f4nA=EWmf!SrV>Pka%y2=4FW^YbDzJ0tU4HPA|mknZkufT-6;9RqTZx#&}~yqnLG zUbQSS`e@=>XSwOgut_e~9f&-SAP+_-MLQcmDJ*|UPEquL7YpD~D2I1S^$)mLHvX;9 zf*)zpW=}g@&rPAyzE1zk=Pe&R9{oy>kH6keP1|Z;>A`BsTC<41E1};dFQ-#oGc~NH zU)-=Oy{YRvx`tJz$f8dFdmeme&8*0fgU?bv4Fc{Nou}N9v{yHy1E^y}%h1ZGo^|eO z9=%Ad?ylb3fG(!wuW)Wswfi+W6>&rWMCm)w#2%!G4uUTb)j2+)PBS3MpDP2n;BT z?(>-`BpEMuovT^-IpMTO8LUG_&05%^Rvf{e2hgY zAu%Pad_FP$5t}kF3W8Y;4K!6_Gs%prwVo(oN$#Na40u0 z+Ff~H@b-y|90T+%yAwmLWe;ff)b@wHAs{NHeRpzgTd?&oK-M$1+C zg<&d}jD~0B8vRPc;40wuUCdy0Jv>G!DC;SYT`YWj+Pwcxc*TI7B_zh;U1ZqEa&D>9 zJqZ(&z2kGlRI;jSNCn$ z%v@7h80(YX)JK=8;~v zw-DTFu7QaI0zDUmTH$3)vuv6UxMi3c>3>2~WtTU@a5=oGKebx?mSj9}>(mX?T^1|* zL^{%|f-i{YjH1$>#;00~cM<2fLs7b@H&}~Lb?e`q7qOq_$;3(rnzMG>&To`fwKTTC z^$HwHH@(Wzg;h-r2g;|eJbIy@B5hq&VzO?4juR5R{p2F;@aGoo^IH21W0@?tzcW4u_Z2#)fk*Cz4mjiW3`8T0=xQTOi(Z$P^X7`N6`%9280g4isg2GTQD*4H*o$bp zyltCYry-Bv?N+h%v^)PK>%Dhzl4$J{jJKIPBrvf%Lp=YvX;Mtvvi*!DUovgZPPtc5 zM*Q48;$`P5dE4(U8@}R#P&WHZL!+&9<15nR(QV69PdAlB1PJXZ7nG)zJC)grd6=m@ z2!WVghpX{-zil(sPe(Ali!w0_^QhT6ef1&TQ+>6+FNdo@sy^!6T?t9P3@?BFBR9A} z^3A*wTmLIq&h>AX!l5(uViNhn%3z*k85PrA?nj#4-d|;S;d_>_J4xN%tot=j)t`Jf z(Jhe))3)<+Jq+0)k>d!e%_WaDY^f#CYlaUfs#hn7CC3f&jkL!OdX7Envh*KblBz0s z8d~n-mXfIHTNoB1gWb2%OZ-y0GW43SEmz-pb4{aixo_jZ{+^QNbQyn<80z?uhNm8d zs7bn1bww1EMewaDv$-S}&jRMys!EmrBER?5^g2K_zr~VpwYWdt_+|ilVSnox7?&Y; z!JMPCf7fDU%JcgA;d!YYUzWZr*q4^rh`}lQ_2+gF2sAA<^%3*T_UK@2w79ON6Z6}Z zgrFcL)+cJP-oaQ=w33q1^1JcW@ErQuMYHT)_w5JCWrbPTLpGmB-Bw8XBK)^+^bCyw zr(e`PKA9gK+`GEI!57`@;CD|uF_9J~%DBIo5IomhvG{S~z&D1?sA-Z*egC*QZff1n zcdb6y>vOeh#1-z;YI{@6{8KwIu@T>`CSX6~jl~_~A45M>-|Du(=aeBiOr4%&B%%C6 z!!dpH@SV^6;7QRiCtpVo+mO<=&T;=@PRDaxB)nw3UoUB{bIv$ANlQ04QsU0dE&k`s&`Wut4(}A zHkrjQa;`{AGkajjKF}0v?I#N+@N2XzZxAmvkqMp0nQ0EhYjKk1SHDCP#l;!GvrIcf+LmTc< zKvDnX&Wn5(jlPWnBEzVZ_CWMOTux6l?nrtkFH-L}x#Fknmc zMCXUpL+LAN%4$Kg6FE5(?)24TvU=Ye^lyrp+4s{9+Lgt>c=4EDS+0h_*08uu&Bk`< zx<~1nZp+z5Srvdo%NQ?SaGc-3vJ@|4q*9){1ydu1m>LOd~t$4)YeRt`N5MAr@oKJ`7(qYAQel4PW5y`^2`1)2*YB$JEVD$04bAYF%c2EtF^OkY z-lb(@?2>NmrO~8G;-{oHpA_wt9BK@W2U407UW>o)@^G0X;~^X{87@n$bVMjiXr=t zf>*%}5ZSBWXerXIg&qOfW`4;3lD7F>p32%s*WYqV(lGW}eat~m0jsDMVxF8Rj+Fbi z`c+Vz-T7bdtJg{4r}s@{mvn6z!VF`jNwiO>KgCHsItfjPZ4B^h2;n-bx;47XyL|fH hczpkVy7lw)-0`;Ui@PhQbZ37zt14 + + + + + + + + + + + HPE Cray EX System Admin Toolkit (SAT) Guide :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+ +
+ +
+ + + + + + navigation + + + +

HPE Cray EX System Admin Toolkit (SAT) Guide

+

Introduction to SAT

+ +

SAT Installation

+ +

SAT Upgrade

+ +

SAT Uninstall and Downgrade

+ +

SAT on an External System

+ +

SAT Dashboards

+ +

SAT Usage

+ +

SAT Release Notes

+ + + + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-25/index.json b/en-25/index.json new file mode 100644 index 0000000000..277a61fe6d --- /dev/null +++ b/en-25/index.json @@ -0,0 +1,176 @@ +[ +{ + "uri": "/docs-sat/en-25/usage/", + "title": "SAT Usage", + "tags": [], + "description": "", + "content": "SAT Usage SAT Bootprep SAT and IUF Change the BOS Version " +}, +{ + "uri": "/docs-sat/en-25/", + "title": "HPE Cray EX System Admin Toolkit (SAT) Guide", + "tags": [], + "description": "", + "content": "HPE Cray EX System Admin Toolkit (SAT) Guide Introduction to SAT About System Admin Toolkit (SAT) SAT Command Overview SAT Command Authentication Command Prompt Conventions in SAT SAT in CSM SAT Dependencies SAT Installation Install and Upgrade Framework IUF Stage Details for SAT Post-Installation Procedures SAT Upgrade Install and Upgrade Framework IUF Stage Details for SAT Post-Upgrade Procedures SAT Uninstall and Downgrade Uninstall: Remove a Version of SAT Downgrade: Switch Between SAT Versions SAT on an External System Limitations Install and Configure SAT Authenticate SAT Commands Generate SAT S3 Credentials SAT Dashboards SAT Kibana Dashboards SAT Grafana Dashboards SAT Usage SAT Bootprep SAT and IUF Change the BOS Version SAT Release Notes Changes in SAT Version 2.x SAT Changes in Shasta Version 1.x " +}, +{ + "uri": "/docs-sat/en-25/dashboards/", + "title": "SAT Dashboards", + "tags": [], + "description": "", + "content": "SAT Dashboards SAT Kibana Dashboards SAT Grafana Dashboards " +}, +{ + "uri": "/docs-sat/en-25/install/", + "title": "SAT Installation", + "tags": [], + "description": "", + "content": "SAT Installation Install and Upgrade Framework The Install and Upgrade Framework (IUF) provides commands which install, upgrade, and deploy products on systems managed by CSM. IUF capabilities are described in detail in the IUF section of the Cray System Management Documentation. The initial install and upgrade workflows described in the HPE Cray EX System Software Stack Installation and Upgrade Guide for CSM (S-8052) detail when and how to use IUF with a new release of SAT or any other HPE Cray EX product.\nThis document does not replicate install, upgrade, or deployment procedures detailed in the Cray System Management Documentation. This document provides details regarding software and configuration content specific to SAT which is needed when installing, upgrading, or deploying a SAT release. The Cray System Management Documentation will indicate when sections of this document should be referred to for detailed information.\nIUF will perform the following tasks for a release of SAT.\nIUF deliver-product stage: Uploads SAT configuration content to VCS Uploads SAT information to the CSM product catalog Uploads SAT content to Nexus repositories IUF update-vcs-config stage: Updates the VCS integration branch with new SAT configuration content if a working branch is specified IUF update-cfs-config stage: Creates a new CFS configuration for management nodes with new SAT configuration content IUF prepare-images stage: Creates updated management NCN and managed node images with new SAT content IUF management-nodes-rollout stage: Boots management NCNs with an image containing new SAT content IUF uses a variety of CSM and SAT tools when performing these tasks. The IUF section of the Cray System Management Documentation describes how to use these tools directly if it is desirable to use them instead of IUF.\nIUF Stage Details for SAT This section describes SAT details that an administrator must be aware of before running IUF stages. Entries are prefixed with Information if no administrative action is required or Action if an administrator needs to perform tasks outside of IUF.\nupdate-vcs-config Information: This stage is only run if a VCS working branch is specified for SAT. By default, SAT does not create or specify a VCS working branch.\nupdate-cfs-config Information: This stage only applies to the management configuration and not to the managed configuration.\nprepare-images Information: This stage only applies to management images and not to managed images.\nPost-Installation Procedures After installing SAT with IUF, you must complete the following SAT configuration procedures before using SAT:\nAuthenticate SAT Commands Generate SAT S3 Credentials Set System Revision Information Notes on the Procedures Ellipses (...) in shell output indicate omitted lines. In the examples below, replace x.y.z with the version of the SAT product stream being installed. \u0026lsquo;manager\u0026rsquo; and \u0026lsquo;master\u0026rsquo; are used interchangeably in the steps below. Authenticate SAT Commands To run SAT commands on the manager NCNs, you must first set up authentication to the API gateway. The admin account used to authenticate with sat auth must be enabled in Keycloak and must have its assigned role set to admin. For more information on editing Role Mappings, see Create Internal User Accounts in the Keycloak Shasta Realm in the Cray System Management Documentation. For more information on authentication types and authentication credentials, see SAT Command Authentication.\nPrerequisites The sat CLI has been installed following the IUF section of the Cray System Management Documentation. Procedure The following is the procedure to globally configure the username used by SAT and authenticate to the API gateway.\nGenerate a default SAT configuration file, if one does not exist.\nncn-m001# sat init Configuration file \u0026#34;/root/.config/sat/sat.toml\u0026#34; generated. Note: If the config file already exists, it will print out the following error.\nERROR: Configuration file \u0026#34;/root/.config/sat/sat.toml\u0026#34; already exists. Not generating configuration file. Edit ~/.config/sat/sat.toml and set the username option in the api_gateway section of the config file.\nusername = \u0026#34;crayadmin\u0026#34; Run sat auth. Enter your password when prompted.\nncn-m001# sat auth Password for crayadmin: Succeeded! Other sat commands are now authenticated to make requests to the API gateway.\nncn-m001# sat status Generate SAT S3 Credentials Generate S3 credentials and write them to a local file so the SAT user can access S3 storage. In order to use the SAT S3 bucket, the System Administrator must generate the S3 access key and secret keys and write them to a local file. This must be done on every Kubernetes master node where SAT commands are run.\nSAT uses S3 storage for several purposes, most importantly to store the site-specific information set with sat setrev (see Set System Revision Information).\nPrerequisites The SAT CLI has been installed following the IUF section of the Cray System Management Documentation. The SAT configuration file has been created (See Authenticate SAT Commands). CSM has been installed and verified. Procedure Ensure the files are readable only by root.\nncn-m001# touch /root/.config/sat/s3_access_key \\ /root/.config/sat/s3_secret_key ncn-m001# chmod 600 /root/.config/sat/s3_access_key \\ /root/.config/sat/s3_secret_key Write the credentials to local files using kubectl.\nncn-m001# kubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.access_key}\u0026#39; | base64 -d \u0026gt; \\ /root/.config/sat/s3_access_key ncn-m001# kubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.secret_key}\u0026#39; | base64 -d \u0026gt; \\ /root/.config/sat/s3_secret_key Verify the S3 endpoint specified in the SAT configuration file is correct.\nGet the SAT configuration file\u0026rsquo;s endpoint value.\nNote: If the command\u0026rsquo;s output is commented out, indicated by an initial # character, the SAT configuration will take the default value – \u0026quot;https://rgw-vip.nmn\u0026quot;.\nncn-m001# grep endpoint ~/.config/sat/sat.toml # endpoint = \u0026#34;https://rgw-vip.nmn\u0026#34; Get the sat-s3-credentials secret\u0026rsquo;s endpoint value.\nncn-m001# kubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.s3_endpoint}\u0026#39; | base64 -d | xargs https://rgw-vip.nmn Compare the two endpoint values.\nIf the values differ, change the SAT configuration file\u0026rsquo;s endpoint value to match the secret\u0026rsquo;s.\nCopy SAT configurations to each manager node on the system.\nncn-m001# for i in ncn-m002 ncn-m003; do echo $i; ssh ${i} \\ mkdir -p /root/.config/sat; \\ scp -pr /root/.config/sat ${i}:/root/.config; done Note: Depending on how many manager nodes are on the system, the list of manager nodes may be different. This example assumes three manager nodes, where the configuration files must be copied from ncn-m001 to ncn-m002 and ncn-m003. Therefore, the list of hosts above is ncn-m002 and ncn-m003.\nSet System Revision Information HPE service representatives use system revision information data to identify systems in support cases.\nPrerequisites SAT authentication has been set up. See Authenticate SAT Commands. S3 credentials have been generated. See Generate SAT S3 Credentials. Procedure Set System Revision Information.\nRun sat setrev and follow the prompts to set the following site-specific values:\nSerial number System name System type System description Product number Company name Site name Country code System install date Tip: For \u0026ldquo;System type\u0026rdquo;, a system with any liquid-cooled components should be considered a liquid-cooled system. In other words, \u0026ldquo;System type\u0026rdquo; is EX-1C.\nncn-m001# sat setrev -------------------------------------------------------------------------------- Setting: Serial number Purpose: System identification. This will affect how snapshots are identified in the HPE backend services. Description: This is the top-level serial number which uniquely identifies the system. It can be requested from an HPE representative. Valid values: Alpha-numeric string, 4 - 20 characters. Type: \u0026lt;class \u0026#39;str\u0026#39;\u0026gt; Default: None Current value: None -------------------------------------------------------------------------------- Please do one of the following to set the value of the above setting: - Input a new value - Press CTRL-C to exit ... Verify System Revision Information.\nRun sat showrev and verify the output shown in the \u0026ldquo;System Revision Information table.\u0026rdquo;\nThe following example shows sample table output.\nncn-m001# sat showrev ################################################################################ System Revision Information ################################################################################ +---------------------+---------------+ | component | data | +---------------------+---------------+ | Company name | HPE | | Country code | US | | Interconnect | Sling | | Product number | R4K98A | | Serial number | 12345 | | Site name | HPE | | Slurm version | slurm 20.02.5 | | System description | Test System | | System install date | 2021-01-29 | | System name | eniac | | System type | EX-1C | +---------------------+---------------+ ################################################################################ Product Revision Information ################################################################################ +--------------+-----------------+------------------------------+------------------------------+ | product_name | product_version | images | image_recipes | +--------------+-----------------+------------------------------+------------------------------+ | csm | 0.8.14 | cray-shasta-csm-sles15sp1... | cray-shasta-csm-sles15sp1... | | sat | 2.0.1 | - | - | | sdu | 1.0.8 | - | - | | slingshot | 0.8.0 | - | - | | sma | 1.4.12 | - | - | +--------------+-----------------+------------------------------+------------------------------+ ################################################################################ Local Host Operating System ################################################################################ +-----------+----------------------+ | component | version | +-----------+----------------------+ | Kernel | 5.3.18-24.15-default | | SLES | SLES 15-SP2 | +-----------+----------------------+ " +}, +{ + "uri": "/docs-sat/en-25/release_notes/", + "title": "SAT Release Notes", + "tags": [], + "description": "", + "content": "SAT Release Notes Changes in SAT Version 2.x Changes in SAT 2.5 Changes in SAT 2.4 Changes in SAT 2.3 Changes in SAT 2.2 SAT Changes in Shasta Version 1.x SAT Changes in Shasta v1.5 SAT Changes in Shasta v1.4.1 SAT Changes in Shasta v1.4 SAT Changes in Shasta v1.3.2 SAT Changes in Shasta v1.3 " +}, +{ + "uri": "/docs-sat/en-25/usage/change_bos_version/", + "title": "Change the BOS Version", + "tags": [], + "description": "", + "content": "Change the BOS Version By default, SAT uses Boot Orchestration Service (BOS) version two (v2). You can select the BOS version to use for individual commands with the --bos-version option. For more information on this option, refer to the man page for a specific command.\nYou can also configure the BOS version to use in the SAT config file. Do this under the api_version setting in the bos section of the config file. If the system is using an existing SAT config file from an older version of SAT, the bos section might not exist. In that case, add the bos section with the BOS version desired in the api_version setting.\nFind the SAT config file at ~/.config/sat/sat.toml, and look for a section like this:\n[bos] api_version = \u0026#34;v2\u0026#34; In this example, SAT is using BOS version \u0026quot;v2\u0026quot;.\nChange the line specifying the api_version to the BOS version desired (for example, \u0026quot;v1\u0026quot;).\n[bos] api_version = \u0026#34;v1\u0026#34; If applicable, uncomment the api_version line.\nIf the system is using an existing SAT config file from a recent version of SAT, the api_version line might be commented out like this:\n[bos] # api_version = \u0026#34;v2\u0026#34; If the line is commented out, SAT will still use the default BOS version. To ensure a different BOS version is used, uncomment the api_version line by removing # at the beginning of the line.\n" +}, +{ + "uri": "/docs-sat/en-25/release_notes/sat_2.2_release_notes/", + "title": "Changes in SAT 2.2", + "tags": [], + "description": "", + "content": "Changes in SAT 2.2 SAT 2.2.16 was released on February 25th, 2022.\nThis version of the SAT product included:\nVersion 3.14.0 of the sat python package and CLI Version 1.6.4 of the sat-podman wrapper script Version 1.0.4 of the sat-cfs-install container image and Helm chart It also added the following new components:\nVersion 1.4.3 of the sat-install-utility container image Version 2.0.2 of the cfs-config-util container image The following sections detail the changes in this release.\nKnown Issues in SAT 2.2 sat Command Unavailable in sat bash Shell After launching a shell within the SAT container with sat bash, the sat command will not be found. For example:\n(CONTAINER-ID) sat-container:~ # sat status bash: sat: command not found This can be resolved temporarily in one of two ways. /sat/venv/bin/ may be prepended to the $PATH environment variable:\n(CONTAINER-ID) sat-container:~ # export PATH=/sat/venv/bin:$PATH (CONTAINER-ID) sat-container:~ # sat status Or, the file /sat/venv/bin/activate may be sourced:\n(CONTAINER-ID) sat-container:~ # source /sat/venv/bin/activate (CONTAINER-ID) sat-container:~ # sat status Tab Completion Unavailable in sat bash Shell After launching a shell within the SAT container with sat bash, tab completion for sat commands does not work.\nThis can be resolved temporarily by sourcing the file /etc/bash_completion.d/sat-completion.bash:\nsource /etc/bash_completion.d/sat-completion.bash OCI Runtime Permission Error when Running sat in Root Directory sat commands will not work if the current directory is /. For example:\nncn-m001:/ # sat --help Error: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: open /dev/console: operation not permitted: OCI runtime permission denied error To resolve, run sat in another directory.\nDuplicate Mount Error when Running sat in Config Directory sat commands will not work if the current directory is ~/.config/sat. For example:\nncn-m001:~/.config/sat # sat --help Error: /root/.config/sat: duplicate mount destination To resolve, run sat in another directory.\nNew sat Commands sat bootprep automates the creation of CFS configurations, the build and customization of IMS images, and the creation of BOS session templates. For more information, see SAT Bootprep. sat slscheck performs a check for consistency between the System Layout Service (SLS) and the Hardware State Manager (HSM). sat bmccreds provides a simple interface for interacting with the System Configuration Service (SCSD) to set BMC Redfish credentials. sat hwhist displays hardware component history by XName (location) or by its Field-Replaceable Unit ID (FRUID). This command queries the Hardware State Manager (HSM) API to obtain this information. Since the sat hwhist command supports querying for the history of a component by its FRUID, the FRUID of components has been added to the output of sat hwinv. Additional Install Automation The following automation has been added to the install script, install.sh:\nWait for the completion of the sat-config-import Kubernetes job, which is started when the sat-cfs-install Helm chart is deployed. Automate the modification of the CFS configuration, which applies to master management NCNs (for example, ncn-personalization). Changes to Product Catalog Data Schema The SAT product uploads additional information to the cray-product-catalog Kubernetes ConfigMap detailing the components it provides, including container (Docker) images, Helm charts, RPMs, and package repositories.\nThis information is used to support uninstall and downgrade of SAT product versions moving forward.\nSupport for Uninstall and Downgrade of SAT Versions Beginning with the 2.2 release, SAT now provides partial support for the uninstall and downgrade of the SAT product stream.\nFor more information, see Uninstall: Remove a Version of SAT and Downgrade: Switch Between SAT Versions.\nImprovements to sat status A Subrole column has been added to the output of sat status. This allows you to easily differentiate between master, worker, and storage nodes in the management role, for example.\nHostname information from SLS has been added to sat status output.\nAdded Support for JSON Output Support for JSON-formatted output has been added to commands which currently support the --format option, such as hwinv, status, and showrev.\nUsability Improvements Many usability improvements have been made to multiple sat commands, mostly related to filtering command output. The following are some highlights:\nAdded --fields option to display only specific fields for subcommands which display tabular reports. Added ability to filter on exact matches of a field name. Improved handling of multiple matches of a field name in --filter queries so that the first match is used, similar to --sort-by. Added support for --filter, --fields, and --reverse for summaries displayed by sat hwinv. Added borders to summary tables generated by sat hwinv. Improved documentation in the man pages. Default Log Level Changed The default log level for stderr has been changed from \u0026ldquo;WARNING\u0026rdquo; to \u0026ldquo;INFO\u0026rdquo;. For more information, see Update SAT Logging.\nMore Granular Log Level Configuration Options With the command-line options --loglevel-stderr and --loglevel-file, the log level can now be configured separately for stderr and the log file.\nThe existing --loglevel option is now an alias for the --loglevel-stderr option.\nPodman Wrapper Script Improvements The Podman wrapper script is the script installed at /usr/bin/sat on the master management NCNs by the cray-sat-podman RPM that runs the cray-sat container in podman. The following subsections detail improvements that were made to the wrapper script in this release.\nMounting of $HOME and Current Directories in cray-sat Container The Podman wrapper script that launches the cray-sat container with podman has been modified to mount the user\u0026rsquo;s current directory and home directory into the cray-sat container to provide access to local files in the container.\nPodman Wrapper Script Documentation Improvements The man page for the Podman wrapper script, which is accessed by typing man sat on a master management NCN, has been improved to document the following:\nEnvironment variables that affect execution of the wrapper script Host files and directories mounted in the container Fixes to Podman Wrapper Script Output Redirection Fixed issues with redirecting stdout and stderr, and piping output to commands, such as awk, less, and more.\nConfigurable HTTP Timeout A new sat option has been added to configure the HTTP timeout length for requests to the API gateway. For more information, refer to sat-man sat.\nsat bootsys Improvements Many improvements and fixes have been made to sat bootsys. The following are some highlights:\nAdded the --excluded-ncns option, which can be used to omit NCNs from the platform-services and ncn-power stages in case they are inaccessible. Disruptive shutdown stages in sat bootsys shutdown now prompt the user to continue before proceeding. A new option, --disruptive, will bypass this. Improvements to Ceph service health checks and restart during the platform-services stage of sat bootsys boot. sat xname2nid Improvements sat xname2nid can now recursively expand slot, chassis, and cabinet XNames to a list of NIDs in those locations.\nA new --format option has been added to sat xname2nid. It sets the output format to either \u0026ldquo;range\u0026rdquo; (the default) or \u0026ldquo;NID\u0026rdquo;. The \u0026ldquo;range\u0026rdquo; format displays NIDs in a compressed range format suitable for use with a workload manager like Slurm.\nUsage of v2 HSM API The commands which interact with HSM (for example, sat status and sat hwinv) now use the v2 HSM API.\nsat diag Limited to HSN Switches sat diag will now only operate against HSN switches by default. These are the only controllers that support running diagnostics with HMJTD.\nsat showrev Enhancements A column has been added to the output of sat showrev that indicates whether a product version is \u0026ldquo;active\u0026rdquo;. The definition of \u0026ldquo;active\u0026rdquo; varies across products, and not all products may set an \u0026ldquo;active\u0026rdquo; version.\nFor SAT, the active version is the one with its hosted-type package repository in Nexus set as the member of the group-type package repository in Nexus, meaning that it will be used when installing the cray-sat-podman RPM.\ncray-sat Container Image Size Reduction The size of the cray-sat container image has been approximately cut in half by leveraging multi-stage builds. This also improved the repeatability of the unit tests by running them in the container.\nBug Fixes Minor bug fixes were made in cray-sat and in cray-sat-podman. For full change lists, refer to each repository\u0026rsquo;s CHANGELOG.md file.\n" +}, +{ + "uri": "/docs-sat/en-25/introduction/", + "title": "Introduction to SAT", + "tags": [], + "description": "", + "content": "Introduction to SAT About System Admin Toolkit (SAT) The System Admin Toolkit (SAT) is designed to assist administrators with common tasks, such as troubleshooting and querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components.\nSAT offers a command line utility which uses subcommands. There are similarities between SAT commands and xt commands used on the Cray XC platform. For more information on SAT commands, see SAT Command Overview.\nSix Kibana Dashboards are included with SAT. They provide organized output for system health information.\nAER Kibana Dashboard ATOM Kibana Dashboard Heartbeat Kibana Dashboard Kernel Kibana Dashboard MCE Kibana Dashboard RAS Daemon Kibana Dashboard Four Grafana Dashboards are included with SAT. They display messages that are generated by the HSN (High Speed Network) and are reported through Redfish.\nGrafana Fabric Congestion Dashboard Grafana Fabric Errors Dashboard Grafana Fabric Port State Dashboard Grafana Fabric RFC3635 Dashboard In CSM 1.3 and newer, the sat command is automatically available on all the Kubernetes NCNs. For more information, see SAT in CSM. Older versions of CSM do not have the sat command automatically available, and SAT must be installed as a separate product.\nSAT Command Overview Describes the SAT Command Line Utility, lists the key commands found in the System Admin Toolkit man pages, and provides instruction on the SAT Container Environment.\nSAT Command Line Utility The primary component of the System Admin Toolkit (SAT) is a command-line utility run from Kubernetes manager nodes (ncn-m nodes).\nIt is designed to assist administrators with common tasks, such as troubleshooting and querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components. There are similarities between SAT commands and xt commands used on the Cray XC platform.\nSAT Commands The top-level SAT man page describes the toolkit, documents the global options affecting all subcommands, documents configuration file options, and references the man page for each subcommand. SAT consists of many subcommands that each have their own set of options.\nSAT Container Environment The sat command-line utility runs in a container using Podman, a daemonless container runtime. SAT runs on Kubernetes manager nodes. A few important points about the SAT container environment include the following:\nUsing either sat or sat bash always launches a container. The SAT container does not have access to the NCN file system. There are two ways to run sat.\nInteractive: Launching a container using sat bash, followed by a sat command. Non-interactive: Running a sat command directly on a Kubernetes manager node. In both of these cases, a container is launched in the background to execute the command. The first option, running sat bash first, gives an interactive shell, at which point sat commands can be run. In the second option, the container is launched, executes the command, and upon the command\u0026rsquo;s completion the container exits. The following two examples show the same action, checking the system status, using interactive and non-interactive modes.\nInteractive ncn-m001# sat bash (CONTAINER-ID)sat-container# sat status Non-interactive ncn-m001# sat status Interactive Advantages Running sat using the interactive command prompt gives the ability to read and write local files on ephemeral container storage. If multiple sat commands are being run in succession, then use sat bash to launch the container beforehand. This will save time because the container does not need to be launched for each sat command.\nNon-interactive Advantages The non-interactive mode is useful if calling sat with a script, or when running a single sat command as a part of several steps that need to be executed from a management NCN.\nMan Pages - Interactive and Non-interactive Modes To view a sat man page from a Kubernetes manager node, use sat-man on the manager node as shown in the following example.\nncn-m001# sat-man status A man page describing the SAT container environment is available on the Kubernetes manager nodes, which can be viewed either with man sat or man sat-podman from the manager node.\nncn-m001# man sat ncn-m001# man sat-podman SAT Command Authentication Some SAT subcommands make requests to the Shasta services through the API gateway and thus require authentication to the API gateway in order to function. Other SAT subcommands use the Kubernetes API. Some sat commands require S3 to be configured. In order to use the SAT S3 bucket, the System Administrator must generate the S3 access key and secret keys and write them to a local file. This must be done on every Kubernetes manager node where SAT commands are run.\nFor more information on authentication requests, see System Security and Authentication in the Cray System Management Documentation. The following is a table describing SAT commands and the types of authentication they require.\nSAT Subcommand Authentication/Credentials Required Man Page Description sat auth Responsible for authenticating to the API gateway and storing a token. sat-auth Authenticate to the API gateway and save the token. sat bmccreds Requires authentication to the API gateway. sat-bmccreds Set BMC passwords. sat bootprep Requires authentication to the API gateway. Requires Kubernetes configuration and authentication, which is done on ncn-m001 during the install. sat-bootprep Prepare to boot nodes with images and configurations. sat bootsys Requires authentication to the API gateway. Requires Kubernetes configuration and authentication, which is configured on ncn-m001 during the install. Some stages require passwordless SSH to be configured to all other NCNs. Requires S3 to be configured for some stages. sat-bootsys Boot or shutdown the system, including compute nodes, application nodes, and non-compute nodes (NCNs) running the management software. sat diag Requires authentication to the API gateway. sat-diag Launch diagnostics on the HSN switches and generate a report. sat firmware Requires authentication to the API gateway. sat-firmware Report firmware version. sat hwhist Requires authentication to the API gateway. sat-hwhist Report hardware component history. sat hwinv Requires authentication to the API gateway. sat-hwinv Give a listing of the hardware of the HPE Cray EX system. sat hwmatch Requires authentication to the API gateway. sat-hwmatch Report hardware mismatches. sat init None sat-init Create a default SAT configuration file. sat jobstat Requires authentication to the API gateway. sat-jobstat Check the status of jobs and applications. sat k8s Requires Kubernetes configuration and authentication, which is automatically configured on ncn-m001 during the install. sat-k8s Report on Kubernetes replica sets that have co-located (on the same node) replicas. sat linkhealth This command has been deprecated. sat nid2xname Requires authentication to the API gateway. sat-nid2xname Translate node IDs to node XNames. sat sensors Requires authentication to the API gateway. sat-sensors Report current sensor data. sat setrev Requires S3 to be configured for site information such as system name, serial number, install date, and site name. sat-setrev Set HPE Cray EX system revision information. sat showrev Requires API gateway authentication in order to query the Interconnect from HSM. Requires S3 to be configured for site information such as system name, serial number, install date, and site name. sat-showrev Print revision information for the HPE Cray EX system. sat slscheck Requires authentication to the API gateway. sat-slscheck Perform a cross-check between SLS and HSM. sat status Requires authentication to the API gateway. sat-status Report node status across the HPE Cray EX system. sat swap Requires authentication to the API gateway. sat-swap Prepare HSN switch or cable for replacement and bring HSN switch or cable into service. sat xname2nid Requires authentication to the API gateway. sat-xname2nid Translate node and node BMC XNames to node IDs. sat switch This command has been deprecated. It has been replaced by sat swap. In order to authenticate to the API gateway, you must run the sat auth command. This command will prompt for a password on the command line. The username value is obtained from the following locations, in order of higher precedence to lower precedence:\nThe --username global command-line option. The username option in the api_gateway section of the config file at ~/.config/sat/sat.toml. The name of currently logged in user running the sat command. If credentials are entered correctly when prompted by sat auth, a token file will be obtained and saved to ~/.config/sat/tokens. Subsequent sat commands will determine the username the same way as sat auth described above and will use the token for that username if it has been obtained and saved by sat auth.\nCommand Prompt Conventions in SAT The host name in a command prompt indicates where the command must be run. The account that must run the command is also indicated in the prompt.\nThe root or super-user account always has the # character at the end of the prompt and has the host name of the host in the prompt. Any non-root account is indicated with account@hostname\u0026gt;. A user account that is neither root nor crayadm is referred to as user. The command prompt inside the SAT container environment is indicated with the string as follows. It also has the \u0026ldquo;#\u0026rdquo; character at the end of the prompt. Command Prompt Meaning ncn-m001# Run on one of the Kubernetes Manager servers. (Non-interactive) (CONTAINER_ID) sat-container# Run the command inside the SAT container environment by first running sat bash. (Interactive) Here are examples of the sat status command used by an administrator.\nncn-m001# sat status ncn-m001# sat bash (CONTAINER_ID) sat-container# sat status SAT in CSM In CSM 1.3 and newer, the sat command is automatically available on all the Kubernetes NCNs, but it is still possible to install SAT as a separate product stream. Any version of SAT installed as a separate product stream overrides the sat command available in CSM. Installing the SAT product stream allows additional supporting components to be added:\nAn entry for SAT in the cray-product-catalog Kubernetes ConfigMap is only created by installing the SAT product stream. Otherwise, there will be no entry for this version of SAT in the output of sat showrev.\nThe sat-install-utility container image is only available with the full SAT product stream. This container image provides uninstall and downgrade functionality when used with the prodmgr command. (In SAT 2.3 and older, SAT was only available to install as a separate product stream. Because these versions were packaged with sat-install-utility, it is still possible to uninstall these versions of SAT.)\nThe docs-sat RPM package is only available with the full SAT product stream.\nThe sat-config-management git repository in Gitea (VCS) and thus the SAT layer of NCN CFS configuration is only available with the full SAT product stream.\nIf the SAT product stream is not installed, there will be no configuration content for SAT in VCS. Therefore, CFS configurations that apply to management NCNs (for example, management-23.5.0) should not include a SAT layer.\nThe SAT configuration layer modifies the permissions of files left over from prior installations of SAT, so that the Keycloak username that authenticates to the API gateway cannot be read by users other than root. Specifically, it it does the following:\nModifies the sat.toml configuration file which contains the username so that it is only readable by root.\nModifies the /root/.config/sat/tokens directory so that the directory is only readable by root. This is needed because the names of the files within the tokens directory contain the username.\nRegardless of the SAT configuration being applied, passwords and the contents of the tokens are never readable by other users. These permission changes only apply to files created by previous installations of SAT. In the current version of SAT all files and directories are created with the appropriate permissions.\nSAT Dependencies Most sat subcommands depend on services or components from other products in the HPE Cray EX (Shasta) software stack. The following list shows these dependencies for each subcommand. Each service or component is listed under the product it belongs to.\nsat auth CSM Keycloak sat bmccreds CSM System Configuration Service (SCSD) sat bootprep CSM Boot Orchestration Service (BOS) Configuration Framework Service (CFS) Image Management Service (IMS) Version Control Service (VCS) Kubernetes S3 sat bootsys CSM Boot Orchestration Service (BOS) Cray Advanced Platform Monitoring and Control (CAPMC) Ceph Compute Rolling Upgrade Service (CRUS) Etcd Firmware Action Service (FAS) Hardware State Manager (HSM) Kubernetes S3 COS Node Memory Dump (NMD) sat diag CSM Hardware State Manager (HSM) CSM-Diags Fox sat firmware CSM Firmware Action Service (FAS) sat hwhist CSM Hardware State Manager (HSM) sat hwinv CSM Hardware State Manager (HSM) sat hwmatch CSM Hardware State Manager (HSM) sat init None\nsat jobstat PBS HPE State Checker sat k8s CSM Kubernetes sat nid2xname CSM Hardware State Manager (HSM) sat sensors CSM Hardware State Manager (HSM) HM Collector SMA Telemetry API sat setrev CSM S3 sat showrev CSM Hardware State Manager (HSM) Kubernetes S3 sat slscheck CSM Hardware State Manager (HSM) Kubernetes S3 sat status CSM Hardware State Manager (HSM) sat swap Slingshot Fabric Manager sat switch Deprecated: See sat swap\nsat xname2nid CSM Hardware State Manager (HSM) " +}, +{ + "uri": "/docs-sat/en-25/dashboards/sat_grafana_dashboards/", + "title": "SAT Grafana Dashboards", + "tags": [], + "description": "", + "content": "SAT Grafana Dashboards The SAT Grafana Dashboards display messages that are generated by the HSN (High Speed Network) and reported through Redfish. The messages are displayed based on severity.\nGrafana can be accessed via web browser at the following URL:\nhttps://sma-grafana.cmn.\u0026lt;site-domain\u0026gt; The value of site-domain can be obtained as follows:\nncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath=\u0026#39;{.data.customizations\\.yaml}\u0026#39; | \\ base64 -d | grep \u0026#34;external:\u0026#34; That command will produce the following output, for example:\nexternal: EXAMPLE_DOMAIN.com This would result in the address for Grafana being https://sma-grafana.cmn.EXAMPLE_DOMAIN.com\nFor more information on accessing the Grafana Dashboards, refer to Access the Grafana Monitoring UI in the SMA product documentation.\nFor more information on the interpretation of metrics for the SAT Grafana Dashboards, refer to \u0026ldquo;Fabric Telemetry Kafka Topics\u0026rdquo; in the SMA product documentation.\nNavigate SAT Grafana Dashboards There are four Fabric Telemetry dashboards used in SAT that report on the HSN. Two contain chart panels and two display telemetry in a tabular format.\nDashboard Name Display Type Fabric Congestion Chart Panels Fabric RFC3635 Chart Panels Fabric Errors Tabular Format Fabric Port State Tabular Format The tabular format presents a single point of telemetry for a given location and metric, either because the telemetry is not numerical or that it changes infrequently. The value shown is the most recently reported value for that location during the time range selected, if any. The interval setting is not used for tabular dashboards.\nSAT Grafana Interval and Locations Options Shows the Interval and Locations Options for the available telemetry.\nThe value of the Interval option sets the time resolution of the received telemetry. This works a bit like a histogram, with the available telemetry in an interval of time going into a \u0026ldquo;bucket\u0026rdquo; and averaging out to a single point on the chart or table. The special value auto will choose an interval based on the time range selected.\nFor more information, refer to Grafana Templates and Variables.\nThe Locations option allows restriction of the telemetry shown by locations, either individual links or all links in a switch. The selection presented updates dynamically according to time range, except for the errors dashboard, which always has entries for all links and switches, although the errors shown are restricted to the selected time range.\nThe chart panels for the RFC3635 and Congestion dashboards allow selection of a single location from the chart\u0026rsquo;s legend or the trace on the chart.\nGrafana Fabric Congestion Dashboard SAT Grafana Dashboards provide system administrators a way to view fabric telemetry data across all Rosetta switches in the system and assess the past and present health of the high-speed network. It also allows the ability to drill down to view data for specific ports on specific switches.\nThis dashboard contains the variable, Port Type not found in the other dashboards. The possible values are edge, local, and global and correspond to the link\u0026rsquo;s relationship to the network topology. The locations presented in the panels are restricted to the values (any combination, defaults to \u0026ldquo;all\u0026rdquo;) selected.\nThe metric values for links of a given port type are similar in value to each other but very distinct from the values of other types. If the values for different port types are all plotted together, the values for links with lower values are indistinguishable from zero when plotted.\nThe port type of a link is reported as a port state \u0026ldquo;subtype\u0026rdquo; event when defined at port initialization.\nGrafana Fabric Errors Dashboard This dashboard reports error counters in a tabular format in three panels.\nThere is no Interval option because this parameter is not used to set a coarseness of the data. Only a single value is presented that displays the most recent value in the time range.\nUnlike other dashboards, the locations presented are all locations in the system rather than having telemetry within the time range selected. However, the values are taken from telemetry within the time range.\nGrafana Fabric Port State Dashboard There is no Interval option because this parameter is not used to set a coarseness of the data. Only a single value is presented that displays the most recent value in the time range.\nThe Fabric Port State telemetry is distinct because it typically is not numeric. It also updates infrequently, so a long time range may be necessary to obtain any values. Port State is refreshed daily, so a time range of 24 hours results in all states for all links in the system being shown.\nThe three columns named, group, switch, and port are not port state events, but extra information included with all port state events.\nGrafana Fabric RFC3635 Dashboard For more information on performance counters, refer to Definitions of Managed Objects for the Ethernet-like Interface Types, an Internet standards document.\nBecause these metrics are counters that only increase over time, the values plotted are the change in the counter\u0026rsquo;s value over the interval setting.\n" +}, +{ + "uri": "/docs-sat/en-25/usage/sat_and_iuf/", + "title": "SAT and IUF", + "tags": [], + "description": "", + "content": "SAT and IUF The Install and Upgrade Framework (IUF) provides commands which install, upgrade, and deploy products on systems managed by CSM with the help of sat bootprep. Outside of IUF, it is uncommon to use sat bootprep. For more information on IUF, see the IUF section of the Cray System Management Documentation. For more information on sat bootprep, see SAT Bootprep.\nVariable Substitutions Both IUF and sat bootprep allow variable substitutions into the default HPC CSM Software Recipe bootprep input files. The default variables of the HPC CSM Software Recipe are available in a product_vars.yaml file. To override the default variables, specify any site variables in a site_vars.yaml file. Variables are sourced from the command line, any variable files directly provided, and the HPC CSM Software Recipe files used, in that order.\nIUF Session Variables IUF also has special session variables internal to the iuf command that override any matching entries. Session variables are the set of product and version combinations being installed by the current IUF activity, and they are found inside IUF\u0026rsquo;s internal session_vars.yaml file. For more information on IUF and variable substitutions, see the IUF section of the Cray System Management Documentation.\nSAT Variable Limitations When using sat bootprep outside of IUF, you might encounter problems substituting variables into the default bootprep input files. Complex variables like \u0026quot;{{ working_branch }}\u0026quot; cannot be completely resolved outside of IUF and its internal session variables. Thus, the default product_vars.yaml file is unusable with only the sat bootprep command when variables like \u0026quot;{{ working_branch }}\u0026quot; are used. To work around this limitation if you are substituting complex variables, use the internal IUF session_vars.yaml file with sat bootprep and the default bootprep input files.\nFind the session_vars.yaml file from the most recent IUF activity on the system.\nThis process is documented in the upgrade prerequisites procedure of the Cray System Management Documentation. For more information, see steps 1-6 of Stage 0.3 - Option 2.\nUse the session_vars.yaml file to substitute variables into the default bootprep input files.\nncn-m001# sat bootprep run --vars-file session_vars.yaml Limit SAT Bootprep Run into Stages The sat bootprep run command uses information from the bootprep input files to create CFS configurations, IMS images, and BOS session templates. To restrict this creation into separate stages, use the --limit option and list whether you want to create configurations, images, session_templates, or some combination of these. IUF uses the --limit option in this way to install, upgrade, and deploy products on a system in stages. For example, to create only CFS configurations, run the following command used by the IUF update-cfs-config stage:\nncn-m001# sat bootprep run --limit configurations example-bootprep-input-file.yaml INFO: Validating given input file example-bootprep-input-file.yaml INFO: Input file successfully validated against schema INFO: Creating 3 CFS configurations ... INFO: Skipping creation of IMS images based on value of --limit option. INFO: Skipping creation of BOS session templates based on value of --limit option. To create only IMS images and BOS session templates, run the following command used by the IUF prepare-images stage:\nncn-m001# sat bootprep run --limit images --limit session_templates example-bootprep-input-file.yaml INFO: Validating given input file example-bootprep-input-file.yaml INFO: Input file successfully validated against schema INFO: Skipping creation of CFS configurations based on value of --limit option. " +}, +{ + "uri": "/docs-sat/en-25/release_notes/sat_2.3_release_notes/", + "title": "Changes in SAT 2.3", + "tags": [], + "description": "", + "content": "Changes in SAT 2.3 The 2.3.4 version of the SAT product includes:\nVersion 3.15.4 of the sat python package and CLI Version 1.6.11 of the sat-podman wrapper script Version 1.2.0 of the sat-cfs-install container image Version 2.0.0 of the sat-cfs-install Helm chart Version 1.5.0 of the sat-install-utility container image Version 2.0.3 of the cfs-config-util container image New sat Commands None.\nCurrent Working Directory in SAT Container When running sat commands, the current working directory is now mounted in the container as /sat/share, and the current working directory within the container is also /sat/share.\nFiles in the current working directory must be specified using relative paths to that directory, because the current working directory is always mounted on /sat/share. Absolute paths should be avoided, and paths that are outside of $HOME or $PWD are never accessible to the container environment.\nThe home directory is still mounted on the same path inside the container as it is on the host.\nChanges to sat bootsys The following options were added to sat bootsys.\n--bos-limit --recursive The --bos-limit option passes a given limit string to a BOS session. The --recursive option specifies a slot or other higher-level component in the limit string.\nChanges to sat bootprep The --delete-ims-jobs option was added to sat bootprep run. It deletes IMS jobs after sat bootprep is run. Jobs are no longer deleted by default.\nChanges to sat status sat status now includes information about nodes\u0026rsquo; CFS configuration statuses, such as desired configuration, configuration status, and error count.\nThe output of sat status now splits different component types into different report tables.\nThe following options were added to sat status.\n--hsm-fields, --sls-fields, --cfs-fields --bos-template The --hsm-fields, --sls-fields, --cfs-fields options limit the output columns according to specified CSM services.\nThe --bos-template option filters the status report according to the specified session template\u0026rsquo;s boot sets.\nCompatibility with CSM 1.2 The following components were modified to be compatible with CSM 1.2.\nsat-cfs-install container image and Helm chart sat-install-utility container image SAT product installer GPG Checking The sat-ncn Ansible role provided by sat-cfs-install was modified to enable GPG checks on packages while leaving GPG checks disabled on repository metadata.\nSecurity Updated urllib3 dependency to version 1.26.5 to mitigate CVE-2021-33503 and refreshed Python dependency versions.\nBug Fixes Minor bug fixes were made in each of the repositories. For full change lists, refer to each repository’s CHANGELOG.md file.\nThe known issues listed under the SAT 2.2 release were fixed.\n" +}, +{ + "uri": "/docs-sat/en-25/dashboards/sat_kibana_dashboards/", + "title": "SAT Kibana Dashboards", + "tags": [], + "description": "", + "content": "SAT Kibana Dashboards Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored in Elasticsearch indices. Kibana runs as a web service and has a browser-based interface. It offers visual output of node data in the forms of charts, tables and maps that display real-time Elasticsearch queries. Viewing system data in this way breaks down the complexity of large data volumes into easily understood information.\nKibana can be accessed via web browser at the following URL:\nhttps://sma-kibana.cmn.\u0026lt;site-domain\u0026gt; The value of site-domain can be obtained as follows:\nncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath=\u0026#39;{.data.customizations\\.yaml}\u0026#39; | \\ base64 -d | grep \u0026#34;external:\u0026#34; That command will produce the following output, for example:\nexternal: EXAMPLE_DOMAIN.com This would result in the address for Kibana being https://sma-kibana.cmn.EXAMPLE_DOMAIN.com\nFor more information on accessing the Kibana Dashboards, refer to View Logs Via Kibana in the SMA product documentation.\nAdditional details about the AER, ATOM, Heartbeat, Kernel, MCE, and RAS Daemon Kibana Dashboards are included in this table.\nDashboard Short Description Long Description Kibana Visualization and Search Name sat-aer AER corrected Corrected Advanced Error Reporting messages from PCI Express devices on each node. Visualization: aer-corrected Search: sat-aer-corrected sat-aer AER fatal Fatal Advanced Error Reporting messages from PCI Express devices on each node. Visualization: aer-fatal Search: sat-aer-fatal sat-atom ATOM failures Application Task Orchestration and Management tests are run on a node when a job finishes. Test failures are logged. sat-atom-failed sat-atom ATOM admindown Application Task Orchestration and Management test failures can result in nodes being marked admindown. An admindown node is not available for job launch. sat-atom-admindown sat-heartbeat Heartbeat loss events Heartbeat loss event messages reported by the hbtd pods that monitor for heartbeats across nodes in the system. sat-heartbeat sat-kernel Kernel assertions The kernel software performs a failed assertion when some condition represents a serious fault. The node goes down. sat-kassertions sat-kernel Kernel panics The kernel panics when something is seriously wrong. The node goes down. sat-kernel-panic sat-kernel Lustre bugs (LBUGs) The Lustre software in the kernel stack performs a failed assertion when some condition related to file system logic represents a serious fault. The node goes down. sat-lbug sat-kernel CPU stalls CPU stalls are serous conditions that can reduce node performance, and sometimes cause a node to go down. Technically these are Read-Copy-Update stalls where software in the kernel stack holds onto memory for too long. Read-Copy-Update is a vital aspect of kernel performance and rather esoteric. sat-cpu-stall sat-kernel Out of memory An Out Of Memory (OOM) condition has occurred. The kernel must kill a process to continue. The kernel will select an expendable process when possible. If there is no expendable process the node usually goes down in some manner. Even if there are expendable processes the job is likely to be impacted. OOM conditions are best avoided. sat-oom sat-mce MCE Machine Check Exceptions (MCE) are errors detected at the processor level. sat-mce sat-rasdaemon rasdaemon errors Errors from the rasdaemon service on nodes. The rasdaemon service is the Reliability, Availability, and Serviceability Daemon, and it is intended to collect all hardware error events reported by the Linux kernel, including PCI and MCE errors. This may include certain HSN errors in the future. sat-rasdaemon-error sat-rasdaemon rasdaemon messages All messages from the rasdaemon service on nodes. sat-rasdaemon Disable Search Highlighting in Kibana Dashboard By default, search highlighting is enabled. This procedure instructs how to disable search highlighting.\nThe Kibana Dashboard should be open on your system.\nNavigate to Management\nNavigate to Advanced Settings in the Kibana section, below the Elastic search section\nScroll down to the Discover section\nChange Highlight results from on to off\nClick Save to save changes\nAER Kibana Dashboard The AER Dashboard displays errors that come from the PCI Express Advanced Error Reporting (AER) driver. These errors are split up into separate visualizations depending on whether they are fatal or corrected errors.\nView the AER Kibana Dashboard Go to the dashboard section.\nSelect sat-aer dashboard.\nChoose the time range of interest.\nView the Corrected and Fatal Advanced Error Reporting messages from PCI Express devices on each node. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\nATOM Kibana Dashboard The ATOM (Application Task Orchestration and Management) Dashboard displays node failures that occur during health checks and application test failures. Some test failures are of possible interest even though a node is not marked admindown or otherwise fails. They are of clear interest if a node is marked admindown, and might provide clues if a node otherwise fails. They might also show application problems.\nView the ATOM Kibana Dashboard HPE Cray EX is installed on the system along with the System Admin Toolkit, which contains the ATOM Kibana Dashboard.\nGo to the dashboard section.\nSelect sat-atom dashboard.\nChoose the time range of interest.\nView any nodes marked admindown and any ATOM test failures. These failures occur during health checks and application test failures. Test failures marked admindown are important to note. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\nHeartbeat Kibana Dashboard The Heartbeat Dashboard displays heartbeat loss messages that are logged by the hbtd pods in the system. The hbtd pods are responsible for monitoring nodes in the system for heartbeat loss.\nView the Heartbeat Kibana Dashboard Go to the dashboard section.\nSelect sat-heartbeat dashboard.\nChoose the time range of interest.\nView the heartbeat loss messages that are logged by the hbtd pods in the system. The hbtd pods are responsible for monitoring nodes in the system for heartbeat loss. View the matching log messages in the panel.\nKernel Kibana Dashboard The Kernel Dashboard displays compute node failures such as kernel assertions, kernel panics, and Lustre LBUG messages. The messages reveal if Lustre has experienced a fatal error on any compute nodes in the system. A CPU stall is a serious problem that might result in a node failure. Out-of-memory conditions can be due to applications or system problems and may require expert analysis. They provide useful clues for some node failures and may reveal if an application is using too much memory.\nView the Kernel Kibana Dashboard Go to the dashboard section.\nSelect sat-kernel dashboard.\nChoose the time range of interest.\nView the compute node failures such as kernel assertions, kernel panics, and Lustre LBUG messages. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\nMCE Kibana Dashboard The MCE Dashboard displays CPU detected processor-level hardware errors.\nView the MCE Kibana Dashboard Go to the dashboard section.\nSelect sat-mce dashboard.\nChoose the time range of interest.\nView the Machine Check Exceptions (MCEs) listed including the counts per NID (node). For an MCE, the CPU number and DIMM number can be found in the message, if applicable. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\nRAS Daemon Kibana Dashboard The RAS Daemon Dashboard displays errors that come from the Reliability, Availability, and Serviceability (RAS) daemon service on nodes in the system. This service collects all hardware error events reported by the Linux kernel, including PCI and MCE errors. As a result there may be some duplication between the messages presented here and the messages presented in the MCE and AER dashboards. This dashboard splits up the messages into two separate visualizations, one for only messages of severity emerg or err and another for all messages from rasdaemon.\nView the RAS Daemon Kibana Dashboard Go to the dashboard section.\nSelect sat-rasdaemon dashboard.\nChoose the time range of interest.\nView the errors that come from the Reliability, Availability, and Serviceability (RAS) daemon service on nodes in the system. View the matching log messages in the panel(s) on the right, and view the counts of each message per NID in the panel(s) on the left. If desired, results can be filtered by NID by clicking the icon showing a + inside a magnifying glass next to each NID.\n" +}, +{ + "uri": "/docs-sat/en-25/usage/sat_bootprep/", + "title": "SAT Bootprep", + "tags": [], + "description": "", + "content": "SAT Bootprep SAT provides an automated solution for creating CFS configurations, building and configuring images in IMS, and creating BOS session templates. The solution is based on a given input file that defines how those configurations, images, and session templates should be created. This automated process centers around the sat bootprep command. Man page documentation for sat bootprep can be viewed similar to other SAT commands.\nncn-m001# sat-man sat-bootprep The sat bootprep command helps the Install and Upgrade Framework (IUF) install, upgrade, and deploy products on systems managed by CSM. Outside of IUF, it is uncommon to use sat bootprep. For more information on this relationship, see SAT and IUF. For more information on IUF, see the IUF section of the Cray System Management Documentation.\nSAT Bootprep vs SAT Bootsys sat bootprep is used to create CFS configurations, build and rename IMS images, and create BOS session templates which tie the configurations and images together during a BOS session.\nsat bootsys automates several portions of the boot and shutdown processes, including (but not limited to) performing BOS operations (such as creating BOS sessions), powering on and off cabinets, and checking the state of the system prior to shutdown.\nEdit a Bootprep Input File The input file provided to sat bootprep is a YAML-formatted file containing information which CFS, IMS, and BOS use to create configurations, images, and BOS session templates respectively. Writing and modifying these input files is the main task associated with using sat bootprep. An input file is composed of three main sections, one each for configurations, images, and session templates. These sections may be specified in any order, and any of the sections may be omitted if desired.\nProvide a Schema Version The sat bootprep input file is validated against a versioned schema definition. The input file should specify the version of the schema with which it is compatible under a schema_version key. For example:\n--- schema_version: 1.0.2 The current sat bootprep input file schema version can be viewed with the following command:\nncn-m001# sat bootprep view-schema | grep \u0026#39;^version:\u0026#39; version: \u0026#39;1.0.2\u0026#39; The sat bootprep run command validates the schema version specified in the input file. The command also makes sure that the schema version of the input file is compatible with the schema version understood by the current version of sat bootprep. For more information on schema version validation, refer to the schema_version property description in the bootprep input file schema. For more information on viewing the bootprep input file schema in either raw form or user-friendly HTML form, see View SAT Bootprep Schema.\nThe default HPC CSM Software Recipe bootprep input files provided by the hpc-csm-software-recipe release distribution already contain the correct schema version.\nDefine CFS Configurations The CFS configurations are defined under a configurations key. Under this key, you can list one or more configurations to create. For each configuration, give a name in addition to the list of layers that comprise the configuration.\nEach layer can be defined by a product name and optionally a version number, commit hash, or branch in the product\u0026rsquo;s configuration repository. If this method is used, the layer is created in CFS by looking up relevant configuration information (including the configuration repository and commit information) from the cray-product-catalog Kubernetes ConfigMap as necessary. A version may be supplied. However, if it is absent, the version is assumed to be the latest version found in the cray-product-catalog.\nAlternatively, a configuration layer can be defined by explicitly referencing the desired configuration repository. You must then specify the intended version of the Ansible playbooks by providing a branch name or commit hash with branch or commit.\nThe following example shows a CFS configuration with two layers. The first layer is defined in terms of a product name and version, and the second layer is defined in terms of a Git clone URL and branch:\n--- configurations: - name: example-configuration layers: - name: example-product playbook: example.yml product: name: example version: 1.2.3 - name: another-example-product playbook: another-example.yml git: url: \u0026#34;https://vcs.local/vcs/another-example-config-management.git\u0026#34; branch: main When sat bootprep is run against an input file, a CFS configuration is created corresponding to each configuration in the configurations section. For example, the configuration created from an input file with the layers listed above might look something like the following:\n{ \u0026#34;lastUpdated\u0026#34;: \u0026#34;2022-02-07T21:47:49Z\u0026#34;, \u0026#34;layers\u0026#34;: [ { \u0026#34;cloneUrl\u0026#34;: \u0026#34;https://vcs.local/vcs/example-config-management.git\u0026#34;, \u0026#34;commit\u0026#34;: \u0026#34;\u0026lt;commit hash\u0026gt;\u0026#34;, \u0026#34;name\u0026#34;: \u0026#34;example product\u0026#34;, \u0026#34;playbook\u0026#34;: \u0026#34;example.yml\u0026#34; }, { \u0026#34;cloneUrl\u0026#34;: \u0026#34;https://vcs.local/vcs/another-example-config-management.git\u0026#34;, \u0026#34;commit\u0026#34;: \u0026#34;\u0026lt;commit hash\u0026gt;\u0026#34;, \u0026#34;name\u0026#34;: \u0026#34;another example product\u0026#34;, \u0026#34;playbook\u0026#34;: \u0026#34;another-example.yml\u0026#34; } ], \u0026#34;name\u0026#34;: \u0026#34;example-configuration\u0026#34; } Define IMS Images The IMS images are defined under an images key. Under the images key, the user may define one or more images to be created in a list. Each element of the list defines a separate IMS image to be built and/or configured. Images must contain a name key and a base key.\nThe name key defines the name of the resulting IMS image. The base key defines the base image to be configured or the base recipe to be built and optionally configured. One of the following keys must be present under the base key:\nUse an ims key to specify an existing image or recipe in IMS. Use a product key to specify an image or recipe provided by a particular version of a product. If a product provides more than one image or recipe, a filter string prefix must be specified to select one. Use an image_ref key to specify another image from the input file using its ref_name. Images may also contain the following keys:\nUse a configuration key to specify a CFS configuration with which to customize the built image. If a configuration is specified, then configuration groups must also be specified using the configuration_group_names key. Use a ref_name key to specify a unique name that can refer to this image within the input file in other images or in session templates. The ref_name key allows references to images from the input file that have dynamically generated names as described in Dynamic Variable Substitutions. Use a description key to describe the image in the bootprep input file. Note that this key is not currently used. Here is an example of an image using an existing IMS recipe as its base. This example builds an IMS image from that recipe. It then configures it with a CFS configuration named example-compute-config. The example-compute-config CFS configuration can be defined under the configurations key in the same input file, or it can be an existing CFS configuration. Running sat bootprep against this input file results in an image named example-compute-image.\nimages: - name: example-compute-image description: \u0026gt; An example compute node image built from an existing IMS recipe. base: ims: name: example-compute-image-recipe type: recipe configuration: example-compute-config configuration_group_names: - Compute Here is an example showing the definition of two images. The first image is built from a recipe provided by the cos product. The second image uses the first image as a base and configures it with a configuration named example-compute-config. The value of the first image\u0026rsquo;s ref_name key is used in the second image\u0026rsquo;s base.image_ref key to specify it as a dependency. Running sat bootprep against this input file results in two images, the first named example-cos-image and the second named example-compute-image.\nimages: - name: example-cos-image ref_name: example-cos-image description: \u0026gt; An example image built from a recipe provided by the COS product. base: product: name: cos version: 2.3.101 type: recipe - name: example-compute-image description: \u0026gt; An example image built from a recipe provided by the COS product. base: image_ref: example-cos-image configuration: example-compute-config configuration_group_names: - Compute Here is an example of three IMS images built from the Kubernetes image and the Ceph storage image provided by the csm product. This example uses a filter string prefix to select from the multiple images provided by the CSM product. The first two IMS images in the example find any image from the specified csm product version whose name starts with secure-kubernetes. The third image in the example finds any csm image whose name starts with secure-storage-ceph. All three images are then configured with a configuration named example-management-config. Running sat bootprep against this input file results in three IMS images named worker-example-csm-image, master-example-csm-image, and storage-example-csm-image.\nimages: - name: worker-example-csm-image base: product: name: csm version: 1.4.1 type: image filter: prefix: secure-kubernetes configuration: example-management-config configuration_group_names: - Management_Worker - name: master-example-csm-image base: product: name: csm version: 1.4.1 type: image filter: prefix: secure-kubernetes configuration: example-management-config configuration_group_names: - Management_Master - name: storage-example-csm-image base: product: name: csm version: 1.4.1 type: image filter: prefix: secure-storage-ceph configuration: example-management-config configuration_group_names: - Management_Storage Define BOS Session Templates The BOS session templates are defined under the session_templates key. Each session template must provide values for the name, image, configuration, and bos_parameters keys. The name key defines the name of the resulting BOS session template. The image key defines the image to use in the BOS session template. One of the following keys must be present under the image key:\nUse an ims key to specify an existing image or recipe in IMS. Use an image_ref key to specify another image from the input file using its ref_name. The configuration key defines the CFS configuration specified in the BOS session template.\nThe bos_parameters key defines parameters that are passed through directly to the BOS session template. The bos_parameters key should contain a boot_sets key, and each boot set in the session template should be specified under boot_sets. Each boot set can contain the following keys, all of which are optional:\nUse a kernel_parameters key to specify the parameters passed to the kernel on the command line. Use a network key to specify the network over which the nodes boot. Use a node_list key to specify the nodes to add to the boot set. Use a node_roles_groups key to specify the HSM roles to add to the boot set. Use a node_groups key to specify the HSM groups to add to the boot set. Use a rootfs_provider key to specify the root file system provider. Use a rootfs_provider_passthrough key to specify the parameters to add to the rootfs= kernel parameter. As mentioned above, the parameters under bos_parameters are passed through directly to BOS. For more information on the properties of a BOS boot set, refer to BOS Session Templates in the Cray System Management Documentation.\nHere is an example of a BOS session template that refers to an existing IMS image by name:\nsession_templates: - name: example-session-template image: ims: name: example-image configuration: example-configuration bos_parameters: boot_sets: example_boot_set: kernel_parameters: ip=dhcp quiet node_roles_groups: - Compute rootfs_provider: cpss3 rootfs_provider_passthrough: dvs:api-gw-service-nmn.local:300:nmn0 Here is an example of a BOS session template that refers to an image from the input file by its ref_name. This requires that an image defined in the input file specifies example-image as the value of its ref_name key.\nsession_templates: - name: example-session-template image: image_ref: example-image configuration: example-configuration bos_parameters: boot_sets: example_boot_set: kernel_parameters: ip=dhcp quiet node_roles_groups: - Compute rootfs_provider: cpss3 rootfs_provider_passthrough: dvs:api-gw-service-nmn.local:300:nmn0 HPC CSM Software Recipe Variable Substitutions The sat bootprep command takes any variables you provide and substitutes them into the input file. Variables are sourced from the command line, any variable files directly provided, and the HPC CSM Software Recipe files used, in that order. When you provide values through a variable file, sat bootprep substitutes the values with Jinja2 template syntax. The HPC CSM Software Recipe provides default variables in a product_vars.yaml variable file. This file defines information about each HPC software product included in the recipe.\nYou will primarily substitute variables into the default HPC CSM Software Recipe bootprep input files through IUF. However, variable files can also be given to sat bootprep directly from IUF\u0026rsquo;s use of the recipe. If you do use variables directly with sat bootprep, you might encounter some limitations. For more information on SAT variable limitations, see SAT and IUF. For more information on IUF and variable substitutions, see the IUF section of the Cray System Management Documentation.\nSelect an HPC CSM Software Recipe Version You can view a listing of the default HPC CSM Software Recipe variables and their values by running sat bootprep list-vars. For more information on options that can be used with the list-vars subcommand, refer to the man page for the sat bootprep subcommand.\nBy default, the sat bootprep command uses the variables from the latest installed version of the HPC CSM Software Recipe. However, you can override this with the --recipe-version command line argument to sat bootprep run.\nFor example, to explicitly select the 22.11.0 version of the HPC CSM Software Recipe default variables, specify --recipe-version 22.11.0:\nncn-m001# sat bootprep run --recipe-version 22.11.0 compute-and-uan-bootprep.yaml Values Supporting Jinja2 Template Rendering The entire sat bootprep input file is not rendered by the Jinja2 template engine. Jinja2 template rendering of the input file is performed individually for each supported value. The values of the following keys in the bootprep input file support rendering as a Jinja2 template and thus support variables:\nThe name key of each configuration under the configurations key. The following keys of each layer under the layers key in a configuration: name playbook git.branch product.version product.branch The following keys of each image under the images key: name base.product.version configuration The following keys of each session template under the session_templates key: name configuration You can use Jinja2 built-in filters in values of any of the keys listed above. In addition, Python string methods can be called on the string variables.\nHyphens in HPC CSM Software Recipe Variables Variable names with hyphens are not allowed in Jinja2 expressions because they are parsed as an arithmetic expression instead of a single variable. To support product names with hyphens, sat bootprep converts hyphens to underscores in all top-level keys of the default HPC CSM Software Recipe variables. It also converts any variables sourced from the command line or any variable files you provide directly. When referring to a variable with hyphens in the bootprep input file, keep this in mind. For example, to refer to the product version variable for slingshot-host-software in the bootprep input file, write \u0026quot;{{slingshot_host_software.version}}\u0026quot;.\nHPC CSM Software Recipe Variable Substitution Example The following example bootprep input file shows how a variable of a COS version can be used in an input file that creates a CFS configuration for computes. Only one layer is shown for brevity.\n--- configurations: - name: \u0026#34;{{default.note}}compute-{{recipe.version}}{{default.suffix}}\u0026#34; layers: - name: cos-compute-{{cos.working_branch}} playbook: cos-compute.yml product: name: cos version: \u0026#34;{{cos.version}}\u0026#34; branch: \u0026#34;{{cos.working_branch}}\u0026#34; Note: When the value of a key in the bootprep input file is a Jinja2 expression, it must be quoted to pass YAML syntax checking.\nJinja2 expressions can also use filters and Python\u0026rsquo;s built-in string methods to manipulate the variable values. For example, suppose only the major and minor components of a COS version are to be used in the branch name for the COS layer of the CFS configuration. You can use the split string method to achieve this as follows:\n--- configurations: - name: \u0026#34;{{default.note}}compute-{{recipe.version}}{{default.suffix}}\u0026#34; layers: - name: cos-compute-{{cos.working_branch}} playbook: cos-compute.yml product: name: cos version: \u0026#34;{{cos.version}}\u0026#34; branch: integration-{{cos.version.split(\u0026#39;.\u0026#39;)[0]}}-{{cos.version.split(\u0026#39;.\u0026#39;)[1]}} Dynamic Variable Substitutions Additional variables are available besides the default variables provided by the HPC CSM Software Recipe. (For more information, see HPC CSM Software Recipe Variable Substitutions.) These additional variables are dynamic because their values are determined at run-time based on the context in which they appear. Available dynamic variables include the following:\nThe variable base.name can be used in the name of an image under the images key. The value of this variable is the name of the IMS image or recipe used as the base of this image.\nThe variable image.name can be used in the name of a session template under the session_templates key. The value of this variable is the name of the IMS image used in this session template.\nNote: The name of a session template is restricted to 45 characters. Keep this in mind when using image.name in the name of a session template.\nThese variables reduce the need to duplicate values throughout the sat bootprep input file and make the following use cases possible:\nYou want to build an image from a recipe provided by a product and use the name of the recipe in the name of the resulting image. You want to use the name of the image in the name of a session template, and the image is generated as described in the previous use case. Example Bootprep Input Files This section provides an example bootprep input file. It also gives instructions for obtaining the default bootprep input files delivered with a release of the HPC CSM Software Recipe.\nExample Bootprep Input File The following bootprep input file provides an example of using most of the features described in previous sections. It is not intended to be a complete bootprep file for the entire CSM product.\n--- configurations: - name: \u0026#34;{{default.note}}compute-{{recipe.version}}{{default.suffix}}\u0026#34; layers: - name: cos-compute-{{cos.working_branch}} playbook: cos-compute.yml product: name: cos version: \u0026#34;{{cos.version}}\u0026#34; branch: \u0026#34;{{cos.working_branch}}\u0026#34; - name: cpe-pe_deploy-{{cpe.working_branch}} playbook: pe_deploy.yml product: name: cpe version: \u0026#34;{{cpe.version}}\u0026#34; branch: \u0026#34;{{cpe.working_branch}}\u0026#34; images: - name: \u0026#34;{{default.note}}{{base.name}}{{default.suffix}}\u0026#34; ref_name: base_cos_image base: product: name: cos type: recipe version: \u0026#34;{{cos.version}}\u0026#34; - name: \u0026#34;compute-{{base.name}}\u0026#34; ref_name: compute_image base: image_ref: base_cos_image configuration: \u0026#34;{{default.note}}compute-{{recipe.version}}{{default.suffix}}\u0026#34; configuration_group_names: - Compute session_templates: - name: \u0026#34;{{default.note}}compute-{{recipe.version}}{{default.suffix}}\u0026#34; image: image_ref: compute_image configuration: \u0026#34;{{default.note}}compute-{{recipe.version}}{{default.suffix}}\u0026#34; bos_parameters: boot_sets: compute: kernel_parameters: ip=dhcp quiet spire_join_token=${SPIRE_JOIN_TOKEN} node_roles_groups: - Compute rootfs_provider_passthrough: \u0026#34;dvs:api-gw-service-nmn.local:300:hsn0,nmn0:0\u0026#34; Access Default Bootprep Input Files Default bootprep input files are delivered by the HPC CSM Software Recipe product. You can access these files by cloning the hpc-csm-software-recipe repository, as described in the Accessing sat bootprep files process of the Cray System Management Documentation. Find the default input files in the bootprep directory of the cloned repository:\nncn-m001# ls bootprep/ Generate an Example Bootprep Input File The sat bootprep generate-example command was not updated for recent bootprep schema changes. It is recommended that you instead use the default bootprep input files described in Access Default Bootprep Input Files. The sat bootprep generate-example command will be updated in a future release of SAT.\nSummary of SAT Bootprep Results The sat bootprep run command uses information from the bootprep input file to create CFS configurations, IMS images, and BOS session templates. For easy reference, the command also includes output summarizing the final creation results. The following example shows a sample table output.\nncn-m001# sat bootprep run ... ################################################################################ CFS configurations ################################################################################ +------------------+ | name | +------------------+ | example-config-1 | | example-config-2 | +------------------+ ################################################################################ IMS images ################################################################################ +---------------+--------------------------------------+--------------------------------------+----------------+----------------------------+ | name | preconfigured_image_id | final_image_id | configuration | configuration_group_names | +---------------+--------------------------------------+--------------------------------------+----------------+----------------------------+ | example-image | c1bcaf00-109d-470f-b665-e7b37dedb62f | a22fb912-22be-449b-a51b-081af2d7aff6 | example-config | Compute | +---------------+--------------------------------------+--------------------------------------+----------------+----------------------------+ ################################################################################ BOS session templates ################################################################################ +------------------+----------------+ | name | configuration | +------------------+----------------+ | example-template | example-config | +------------------+----------------+ View SAT Bootprep Schema The contents of the YAML input files used by sat bootprep must conform to a schema which defines the structure of the data. The schema definition is written using the JSON Schema format. (Although the format is named \u0026ldquo;JSON Schema\u0026rdquo;, the schema itself is written in YAML as well.) More information, including introductory materials and a formal specification of the JSON Schema metaschema, can be found on the JSON Schema website.\nView the Exact Schema Specification To view the exact schema specification, run sat bootprep view-schema.\nncn-m001# sat bootprep view-schema --- $schema: \u0026#34;https://json-schema.org/draft/2020-12/schema\u0026#34; ... title: Bootprep Input File description: \u0026gt; A description of the set of CFS configurations to create, the set of IMS images to create and optionally customize with the defined CFS configurations, and the set of BOS session templates to create that reference the defined images and configurations. type: object additionalProperties: false properties: ... Generate User-Friendly Documentation The raw schema definition can be difficult to understand without experience working with JSON Schema specifications. For this reason, a feature is included with sat bootprep that generates user-friendly HTML documentation for the input file schema. This HTML documentation can be browsed with your preferred web browser.\nCreate a documentation tarball using sat bootprep.\nncn-m001# sat bootprep generate-docs INFO: Wrote input schema documentation to /root/bootprep-schema-docs.tar.gz An alternate output directory can be specified with the --output-dir option. The generated tarball is always named bootprep-schema-docs.tar.gz.\nncn-m001# sat bootprep generate-docs --output-dir /tmp INFO: Wrote input schema documentation to /tmp/bootprep-schema-docs.tar.gz From another machine, copy the tarball to a local directory.\nanother-machine$ scp root@ncn-m001:bootprep-schema-docs.tar.gz . Extract the contents of the tarball and open the contained index.html.\nanother-machine$ tar xzvf bootprep-schema-docs.tar.gz x bootprep-schema-docs/ x bootprep-schema-docs/index.html x bootprep-schema-docs/schema_doc.css x bootprep-schema-docs/schema_doc.min.js another-machine$ open bootprep-schema-docs/index.html " +}, +{ + "uri": "/docs-sat/en-25/release_notes/sat_2.4_release_notes/", + "title": "Changes in SAT 2.4", + "tags": [], + "description": "", + "content": "Changes in SAT 2.4 The 2.4.13 version of the SAT product includes:\nVersion 3.19.3 of the sat python package and CLI. Version 2.0.0-1 of the sat-podman wrapper script. Version 1.5.5 of the sat-install-utility container image. Version 3.3.1 of the cfs-config-util container image. Because of installation refactoring efforts, the following two components are no longer delivered with SAT:\nsat-cfs-install container image sat-cfs-install Helm chart Inclusion of SAT in CSM A version of the cray-sat container image is now included in CSM. For more information, see SAT in CSM.\nSAT Installation Improvements The SAT install.sh script no longer uses a sat-cfs-install Helm chart and container image to upload its Ansible content to the sat-config-management repository in VCS. Instead, it uses Podman to run the cf-gitea-import container directly. Some of the benefits of this change include the following:\nFewer container images that need to be managed by the SAT product Simplified SAT installation without Helm charts or Loftsman manifests Reduced SAT installation time Decoupling of cray-sat container image and cray-sat-podman package Decoupling of cray-sat Container Image and cray-sat-podman Package In older SAT releases, the sat wrapper script that was provided by the cray-sat-podman package installed on Kubernetes master NCNs included a hard-coded version of the cray-sat container image. As a result, every new version of the cray-sat image required a corresponding new version of the cray-sat-podman package.\nIn this release, this tight coupling of the cray-sat-podman package and the cray-sat container image was removed. The sat wrapper script provided by the cray-sat-podman package now looks for the version of the cray-sat container image in the /opt/cray/etc/sat/version file. This file is populated with the correct version of the cray-sat container image by the SAT layer of the CFS configuration that is applied to management NCNs. If the version file does not exist, the wrapper script defaults to the version of the cray-sat container image delivered with the latest version of CSM installed on the system.\nImproved NCN Personalization Automation The steps for performing NCN personalization as part of the SAT installation were moved out of the install.sh script and into a new update-mgmt-ncn-cfs-config.sh script that is provided in the SAT release distribution. The new script provides additional flexibility in how it modifies the NCN personalization CFS configuration for SAT. It can modify an existing CFS configuration by name, a CFS configuration being built in a JSON file, or an existing CFS configuration that applies to certain components.\nNew sat bootprep Features The following new features were added to the sat bootprep command:\nVariable substitutions using Jinja2 templates in certain fields of the sat bootprep input file\nFor more information, see HPC CSM Software Recipe Variable Substitutions and Dynamic Variable Substitutions.\nSchema version validation in the sat bootprep input files\nFor more information, see Provide a Schema Version.\nAbility to look up images and recipes provided by products\nFor more information, see Define IMS Images.\nThe schema of the sat bootprep input files was also changed to support these new features:\nThe base recipe or image used by an image in the input file should now be specified under a base key instead of under an ims key. The old ims key is deprecated. To specify an image that depends on another image in the input file, the dependent image should specify the dependency under base.image_ref. You should no longer use the IMS name of the image on which it depends. The image used by a session template should now be specified under image.ims.name, image.ims.id, or image.image_ref. Specifying a string value directly under the image key is deprecated. For more information on defining IMS images and BOS session templates in the sat bootprep input file, see Define IMS Images and Define BOS Session Templates.\nAdded Blade Swap Support to sat swap The sat swap command was updated to support swapping compute and UAN blades with sat swap blade. This functionality is described in the following processes of the Cray System Management Documentation:\nAdding a Liquid-cooled blade to a System Using SAT Removing a Liquid-cooled blade from a System Using SAT Replace a Compute Blade Using SAT Swap a Compute Blade with a Different System Using SAT Support for BOS v2 A new v2 version of the Boot Orchestration Service (BOS) is available in CSM 1.3.0. SAT has added support for BOS v2. This impacts the following commands that interact with BOS:\nsat bootprep sat bootsys sat status By default, SAT uses BOS v1. However, you can choose the BOS version you want to use. For more information, see Change the BOS Version.\nAdded BOS Fields to sat status When using BOS v2, sat status outputs additional fields. These fields show the most recent BOS session, session template, booted image, and boot status for each node. An additional --bos-fields option was added to limit the output of sat status to these fields. The fields are not displayed when using BOS v1.\nOpen Source Repositories This is the first release of SAT built from open source code repositories. As a result, build infrastructure was changed to use an external Jenkins instance, and artifacts are now published to an external Artifactory instance. These changes should not impact the functionality of the SAT product in any way.\nSecurity CVE Mitigation The paramiko Python package version was updated from 2.9.2 to 2.10.1 to mitigate CVE-2022-24302. The oauthlib Python package version was updated from 3.2.0 to 3.2.1 to mitigate CVE-2022-36087. Restricted Permissions on SAT Config Files and Directories SAT stores information used to authenticate to the API gateway with Keycloak. Token files are stored in the ~/.config/sat/tokens/ directory. Those files have always had permissions appropriately set to restrict them to be readable only by the user.\nKeycloak usernames used to authenticate to the API gateway are stored in the SAT config file at /.config/sat/sat.toml. Keycloak usernames are also used in the file names of tokens stored in /.config/sat/tokens. As an additional security measure, SAT now restricts the permissions of the SAT config file to be readable and writable only by the user. It also restricts the tokens directory and the entire SAT config directory ~/.config/sat to be accessible only by the user. This prevents other users on the system from viewing Keycloak usernames used to authenticate to the API gateway.\nBug Fixes Fixed an issue where sat init did not print a message confirming a new configuration file was created. Fixed an issue where sat showrev exited with a traceback if the file /opt/cray/etc/site_info.yaml existed but was empty. This could occur if the user exited sat setrev with Ctrl-C. Fixed outdated information in the sat bootsys man page, and added a description of the command stages. " +}, +{ + "uri": "/docs-sat/en-25/external_system/", + "title": "SAT on an External System", + "tags": [], + "description": "", + "content": "SAT on an External System SAT can optionally be installed and configured on an external system to interact with CSM over the CAN.\nLimitations Most SAT subcommands work by accessing APIs which are reachable via the CAN. However, certain SAT commands depend on host-based functionality on the management NCNs and will not work from an external system. This includes the following:\nThe platform-services and ncn-power stages of sat bootsys The local host information displayed by the --local option of sat showrev Installing SAT on an external system is not an officially supported configuration. These instructions are provided \u0026ldquo;as-is\u0026rdquo; with the hope that they can useful for users who desire additional flexibility.\nCertain additional steps may need to be taken to install and configure SAT depending on the configuration of the external system in use. These additional steps may include provisioning virtual machines, installing packages, or configuring TLS certificates, and these steps are outside the scope of this documentation. This section covers only the steps needed to configure SAT to use externally-accessible API endpoints exposed by CSM.\nInstall and Configure SAT Prerequisites The external system must be on the Customer Access Network (CAN). Python 3.7 or newer is installed on the system. kubectl, openssh, git, and curl are installed on the external system. The root CA certificates used when installing CSM have been added to the external system\u0026rsquo;s trust store such that authenticated TLS connections can be made to the CSM REST API gateway. For more information, refer to Certificate Authority in the Cray System Management Documentation. Procedure Create a Python virtual environment.\n$ SAT_VENV_PATH=\u0026#34;$(pwd)/venv\u0026#34; $ python3 -m venv ${SAT_VENV_PATH} $ . ${SAT_VENV_PATH}/bin/activate Clone the SAT source code.\nTo use SAT version 3.21, this example clones the release/3.21 branch of Cray-HPE/sat.\n(venv) $ git clone --branch=release/3.21 https://github.com/Cray-HPE/sat.git Set up the SAT CSM Python dependencies to be installed from their source code.\nSAT CSM Python dependency packages are not currently distributed publicly as source packages or binary distributions. They must be installed from their source code hosted on GitHub. Also, to install the cray-product-catalog Python package, you must first clone it locally. Use the following steps to modify the SAT CSM Python dependencies so they can be installed from their source code.\nClone the source code for cray-product-catalog.\n(venv) $ git clone --branch v1.6.0 https://github.com/Cray-HPE/cray-product-catalog In the cray-product-catalog directory, create a file named .version that contains the version of cray-product-catalog.\n(venv) $ echo 1.6.0 \u0026gt; cray-product-catalog/.version Open the \u0026ldquo;locked\u0026rdquo; requirements file in a text editor.\n(venv) $ vim sat/requirements.lock.txt Update the line containing cray-product-catalog so that it reflects the local path to cray-product-catalog.\nIt should read as follows.\n./cray-product-catalog For versions of SAT newer than 3.19, change the line containing csm-api-client to read as follows.\ncsm-api-client@git+https://github.com/Cray-HPE/python-csm-api-client@release/1.1 (Optional) Confirm that requirements.lock.txt is modified as expected.\nNote: For versions newer than 3.19, you will see both cray-product-catalog and csm-api-client. For version 3.19 and older, you will only see cray-product-catalog.\n(venv) $ grep -E \u0026#39;cray-product-catalog|csm-api-client\u0026#39; sat/requirements.lock.txt ./cray-product-catalog csm-api-client@git+https://github.com/Cray-HPE/python-csm-api-client@release/1.1 Install the modified SAT dependencies.\n(venv) $ pip install -r sat/requirements.lock.txt ... Install the SAT Python package.\n(venv) $ pip install ./sat ... (Optional) Add the sat virtual environment to the user\u0026rsquo;s PATH environment variable.\nIf a shell other than bash is in use, replace ~/.bash_profile with the appropriate profile path.\nIf the virtual environment is not added to the user\u0026rsquo;s PATH environment variable, then source ${SAT_VENV_PATH}/bin/activate will need to be run before running any SAT commands.\n(venv) $ deactivate $ echo export PATH=\\\u0026#34;${SAT_VENV_PATH}/bin:${PATH}\\\u0026#34; \u0026gt;\u0026gt; ~/.bash_profile $ source ~/.bash_profile Copy the file /etc/kubernetes/admin.conf from ncn-m001 to ~/.kube/config on the external system.\nNote that this file contains credentials to authenticate against the Kubernetes API as the administrative user, so it should be treated as sensitive.\n$ mkdir -p ~/.kube $ scp ncn-m001:/etc/kubernetes/admin.conf ~/.kube/config admin.conf 100% 5566 3.0MB/s 00:00 Add a new entry for the hostname kubernetes to the external system\u0026rsquo;s /etc/hosts file.\nThe kubernetes hostname should correspond to the CAN IP address on ncn-m001. On CSM 1.2, this can be determined by querying the IP address of the bond0.cmn0 interface.\n$ ssh ncn-m001 ip addr show bond0.cmn0 13: bond0.cmn0@bond0: \u0026lt;BROADCAST,MULTICAST,UP,LOWER_UP\u0026gt; mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether b8:59:9f:1d:d9:0e brd ff:ff:ff:ff:ff:ff inet 10.102.1.11/24 brd 10.102.1.255 scope global vlan007 valid_lft forever preferred_lft forever inet6 fe80::ba59:9fff:fe1d:d90e/64 scope link valid_lft forever preferred_lft forever $ IP_ADDRESS=10.102.1.11 On CSM versions prior to 1.2, the CAN IP can be determined by querying the IP address of the vlan007 interface.\n$ ssh ncn-m001 ip addr show vlan007 13: vlan007@bond0: \u0026lt;BROADCAST,MULTICAST,UP,LOWER_UP\u0026gt; mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether b8:59:9f:1d:d9:0e brd ff:ff:ff:ff:ff:ff inet 10.102.1.10/24 brd 10.102.1.255 scope global vlan007 valid_lft forever preferred_lft forever inet6 fe80::ba59:9fff:fe1d:d90e/64 scope link valid_lft forever preferred_lft forever $ IP_ADDRESS=10.102.1.10 Once the IP address is determined, add an entry to /etc/hosts mapping the IP address to the hostname kubernetes.\n$ echo \u0026#34;${IP_ADDRESS} kubernetes\u0026#34; | sudo tee -a /etc/hosts 10.102.1.11 kubernetes Modify ~/.kube/config to set the cluster server address.\nThe value of the server key for the kubernetes cluster under the clusters section should be set to https://kubernetes:6443.\n--- clusters: - cluster: certificate-authority-data: REDACTED server: https://kubernetes:6443 name: kubernetes ... Confirm that kubectl can access the CSM Kubernetes cluster.\n$ kubectl get nodes NAME STATUS ROLES AGE VERSION ncn-m001 Ready master 135d v1.19.9 ncn-m002 Ready master 136d v1.19.9 ncn-m003 Ready master 136d v1.19.9 ncn-w001 Ready \u0026lt;none\u0026gt; 136d v1.19.9 ncn-w002 Ready \u0026lt;none\u0026gt; 136d v1.19.9 ncn-w003 Ready \u0026lt;none\u0026gt; 136d v1.19.9 Use sat init to create a configuration file for SAT.\n$ sat init INFO: Configuration file \u0026#34;/home/user/.config/sat/sat.toml\u0026#34; generated. Copy the platform CA certificates from the management NCN and configure the certificates for use with SAT.\nIf a shell other than bash is in use, replace ~/.bash_profile with the appropriate profile path.\n$ scp ncn-m001:/etc/pki/trust/anchors/platform-ca-certs.crt . $ echo export REQUESTS_CA_BUNDLE=\\\u0026#34;$(realpath platform-ca-certs.crt)\\\u0026#34; \u0026gt;\u0026gt; ~/.bash_profile $ source ~/.bash_profile Edit the SAT configuration file to set the API and S3 hostnames.\nExternally available API endpoints are given domain names in PowerDNS, so the endpoints in the configuration file should each be set to subdomain.system-name.site-domain, where system-name and site-domain are replaced with the values specified during csi config init, and subdomain is the DNS name for the externally available service. For more information, refer to Externally Exposed Services in the Cray System Management Documentation.\nThe API gateway has the subdomain api, and S3 has the subdomain s3. The S3 endpoint runs on port 8080. The following options should be set in the SAT configuration file.\n[api_gateway] host = \u0026#34;api.system-name.site-domain\u0026#34; [s3] endpoint = \u0026#34;http://s3.system-name.site-domain:8080\u0026#34; Edit the SAT configuration file to specify the Keycloak user which will be accessing the REST API.\n[api_gateway] username = \u0026#34;user\u0026#34; Run sat auth. Enter your password when prompted.\nThe admin account used to authenticate with sat auth must be enabled in Keycloak and must have its assigned role set to admin. For more information on editing Role Mappings, see Create Internal User Accounts in the Keycloak Shasta Realm in the Cray System Management Documentation. For more information on authentication types and authentication credentials, see SAT Command Authentication.\n$ sat auth Password for user: Succeeded! Ensure the files are readable only by the current user.\n$ touch ~/.config/sat/s3_access_key \\ ~/.config/sat/s3_secret_key $ chmod 600 ~/.config/sat/s3_access_key \\ ~/.config/sat/s3_secret_key Write the credentials to local files using kubectl.\nGenerate S3 credentials and write them to a local file so the SAT user can access S3 storage. In order to use the SAT S3 bucket, the user must generate the S3 access key and secret keys and write them to a local file. SAT uses S3 storage for several purposes, most importantly to store the site-specific information set with sat setrev.\n$ kubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.access_key}\u0026#39; | base64 -d \u0026gt; \\ ~/.config/sat/s3_access_key $ kubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.secret_key}\u0026#39; | base64 -d \u0026gt; \\ ~/.config/sat/s3_secret_key " +}, +{ + "uri": "/docs-sat/en-25/release_notes/sat_2.5_release_notes/", + "title": "Changes in SAT 2.5", + "tags": [], + "description": "", + "content": "Changes in SAT 2.5 The 2.5.22 version of the SAT product includes:\nVersion 3.21.9 of the sat python package and CLI. Version 2.0.0-1 of the sat-podman wrapper script. Version 1.6.2 of the sat-install-utility container image. Version 3.3.1 of the cfs-config-util container image. New sat Commands sat jobstat allows you to access application and job data through the command line. It provides a table summarizing information for all jobs on the system.\nChanges to sat bootprep A list-vars subcommand was added to sat bootprep.\nIt lists the variables available for use in bootprep input files at runtime.\nA --limit option was added to sat bootprep run.\nIt restricts the creation of CFS configurations, IMS images, and BOS session templates into separate stages. For more information, see Limit SAT Bootprep Run into Stages.\nsat bootprep now prompts individually for each CFS configuration that already exists.\nsat bootprep can now filter images provided by a product by using a prefix.\nThis is useful when specifying the base of an image in a bootprep input file. For more information, see Define IMS Images.\nTo support product names with hyphens, sat bootprep now converts hyphens to underscores within variables.\nFor more information, see Hyphens in HPC CSM Software Recipe Variables.\nIn sat bootprep input files, you can now render the value of the playbook property of CFS configuration layers with Jinja2 templates.\nFor more information, see Values Supporting Jinja2 Template Rendering.\nOutput was added to sat bootprep run that summarizes the CFS configurations, IMS images, and BOS session templates created.\nFor more information, see Summary of SAT Bootprep Results.\nImprovements were made to the sat bootprep output when CFS configuration and BOS session templates are created.\nChanges to sat bootsys A reboot subcommand was added to sat bootsys. It uses BOS to reboot nodes in the bos-operations stage. The --staged-session option was added to sat bootsys. It can be used to create staged BOS sessions. For more information, refer to Staging Changes with BOS in the Cray System Management Documentation. Changes to Other sat Commands When switching SAT versions with prodmgr, a version is no longer set as \u0026ldquo;active\u0026rdquo; in the product catalog. The \u0026ldquo;active\u0026rdquo; field was also removed from the output of sat showrev. Improvements were made to the performance of sat status when using BOS version two. New Install and Upgrade Framework The new Install and Upgrade Framework (IUF) provides commands which install, upgrade, and deploy products with the help of sat bootprep on HPE Cray EX systems managed by Cray System Management (CSM). IUF capabilities are described in detail in the IUF section of the Cray System Management Documentation. The initial install and upgrade workflows described in the HPE Cray EX System Software Stack Installation and Upgrade Guide for CSM (S-8052) detail when and how to use IUF with a new release of SAT or any other HPE Cray EX product.\nBecause IUF now handles NCN personalization, information about this process was removed from the SAT documentation. Other sections in the documentation were also revised to support the new Install and Upgrade Framework. For example, the SAT Installation and SAT Upgrade sections of this guide now provide details on software and configuration content specific to SAT. The Cray System Management Documentation will indicate when these sections should be referred to for detailed information.\nFor more information on the relationship between sat bootprep and IUF, see SAT and IUF.\nNew Default BOS Version By default, SAT now uses version two of the Boot Orchestration Service (BOS). This change to BOS v2 impacts the following commands that interact with BOS:\nsat bootprep sat bootsys sat status If needed, you can choose the BOS version you want to use. For more information, see Change the BOS Version.\nSecurity Updated the version of certifi in the sat python package and CLI from 2021.10.8 to 2022.12.7 to resolve CVE-2022-23491. Updated the version of certifi in the sat-install-utility container image from 2021.5.30 to 2022.12.7 to resolve CVE-2022-23491. Updated the version of oauthlib from 3.2.1 to 3.2.2 to resolve CVE-2022-36087. Updated the version of cryptography from 36.0.1 to 39.0.1 to resolve CVE-2023-23931. Bug Fixes Fixed a bug that prevented sat init from creating a configuration file in the current directory when not prefixed with ./. Fixed a bug in which sat status failed with a traceback when using BOS version two and reported components whose most recent image did not exist. Fixed a build issue where the sat container could contain a different version of kubectl than the version found in CSM. Fixed error handling and improved command messages for sat bootprep and sat swap blade. " +}, +{ + "uri": "/docs-sat/en-25/release_notes/shasta_1.3.2_release_notes/", + "title": "SAT Changes in Shasta v1.3.2", + "tags": [], + "description": "", + "content": "SAT Changes in Shasta v1.3.2 Shasta v1.3.2 included version 2.4.0 of the sat python package and CLI.\nThe following sections detail the changes in this release.\nsat swap Command for Switch and Cable Replacement The sat switch command which supported operations for replacing a switch has been deprecated and replaced with the sat swap command, which now supports replacing a switch OR cable.\nThe sat swap switch command is equivalent to sat switch. The sat switch command will be removed in a future release.\nAddition of Stages to sat bootsys Command The sat bootsys command now has multiple stages for both the boot and shutdown actions. Please refer to the \u0026ldquo;System Power On Procedures\u0026rdquo; and \u0026ldquo;System Power Off Procedures\u0026rdquo; sections of the Cray Shasta Administration Guide (S-8001) for more details on using this command in the context of a full system power off and power on.\n" +}, +{ + "uri": "/docs-sat/en-25/release_notes/shasta_1.3_release_notes/", + "title": "SAT Changes in Shasta v1.3", + "tags": [], + "description": "", + "content": "SAT Changes in Shasta v1.3 Shasta v1.3 included version 2.2.3 of the sat python package and CLI.\nThis version of the sat CLI contained the following commands:\nauth bootsys cablecheck diag firmware hwinv hwmatch k8s linkhealth sensors setrev showrev status swap switch For more information on each of these commands, see the SAT Command Overview and the table of commands in the Authenticate SAT Commands section of this document.\n" +}, +{ + "uri": "/docs-sat/en-25/release_notes/shasta_1.4.1_release_notes/", + "title": "SAT Changes in Shasta v1.4.1", + "tags": [], + "description": "", + "content": "SAT Changes in Shasta v1.4.1 We released version 2.0.4 of the SAT product in Shasta v1.4.1.\nThis version of the SAT product included:\nVersion 3.5.0 of the sat python package and CLI. Version 1.4.3 of the sat-podman wrapper script. The following sections detail the changes in this release.\nNew Commands to Translate Between NIDs and XNames Two new commands were added to translate between NIDs and XNames:\nsat nid2xname sat xname2nid These commands perform this translation by making requests to the Hardware State Manager (HSM) API.\nBug Fixes Fixed a problem in sat swap where creating the offline port policy failed. Changed sat bootsys shutdown --stage bos-operations to no longer forcefully power off all compute nodes and application nodes using CAPMC when BOS sessions complete or time out. Fixed an issue with the command sat bootsys boot --stage cabinet-power. " +}, +{ + "uri": "/docs-sat/en-25/release_notes/shasta_1.4_release_notes/", + "title": "SAT Changes in Shasta v1.4", + "tags": [], + "description": "", + "content": "SAT Changes in Shasta v1.4 In Shasta v1.4, SAT became an independent product, which meant we began to designate a version number for the entire SAT product. We released version 2.0.3 of the SAT product in Shasta v1.4.\nThis version of the SAT product included the following components:\nVersion 3.4.0 of the sat python package and CLI It also added the following new component:\nVersion 1.4.2 of the sat-podman wrapper script The following sections detail the changes in this release.\nSAT as an Independent Product SAT is now packaged and released as an independent product. The product deliverable is called a \u0026ldquo;release distribution\u0026rdquo;. The release distribution is a gzipped tar file containing an install script. This install script loads the cray/cray-sat container image into the Docker registry in Nexus and loads the cray-sat-podman RPM into a package repository in Nexus.\nIn this release, the cray-sat-podman package is still installed in the master and worker NCN images provided by CSM. This is changed in SAT 2.1.16 released in Shasta v1.5.\nSAT Running in a Container Under Podman The sat command now runs in a container under Podman. The sat executable is now installed on all nodes in the Kubernetes management cluster (workers and masters). This executable is a wrapper script that starts a SAT container in Podman and invokes the sat Python CLI within that container. The admin can run individual sat commands directly on the master or worker NCNs as before, or they can run sat commands inside the SAT container after using sat bash to enter an interactive shell inside the SAT container.\nTo view man pages for sat commands, the user can run sat-man SAT_COMMAND, replacing SAT_COMMAND with the name of the sat command. Alternatively, the user can enter the sat container with sat bash and use the man command.\nNew sat init Command and Config File Location Change The default location of the SAT config file has been changed from /etc/sat.toml to ~/.config/sat/sat.toml. A new command, sat init, has been added that initializes a configuration file in the new default directory. This better supports individual users on the system who want their own config files.\n~/.config/sat is mounted into the container that runs under Podman, so changes are persistent across invocations of the sat container. If desired, an alternate configuration directory can be specified with the SAT_CONFIG_DIR environment variable.\nAdditionally, if a config file does not yet exist when a user runs a sat command, one is generated automatically.\nAdditional Types Added to sat hwinv Additional functionality has been added to sat hwinv including:\nList node enclosure power supplies with the --list-node-enclosure-power-supplies option. List node accelerators (for example, GPUs) with the --list-node-accels option. The count of node accelerators is also included for each node. List node accelerator risers (for example, Redstone modules) with the --list-node-accel-risers option. The count of node accelerator risers is also included for each node. List High-Speed Node Network Interface Cards (HSN NICs) with the --list-node-hsn-nics option. The count of HSN NICs is also included for each node. Documentation for these new options has been added to the man page for sat hwinv.\nSite Information Stored by sat setrev in S3 The sat setrev and sat showrev commands now use S3 to store and obtain site information, including system name, site name, serial number, install date, and system type. Since the information is stored in S3, it will now be consistent regardless of the node on which sat is executed.\nAs a result of this change, S3 credentials must be configured for SAT. For more information, see Generate SAT S3 Credentials.\nProduct Version Information Shown by sat showrev sat showrev now shows product information from the cray-product-catalog ConfigMap in Kubernetes.\nAdditional Changes to sat showrev The output from sat showrev has also been changed in the following ways:\nThe --docker and --packages options were considered misleading and have been removed. Information pertaining to only to the local host, where the command is run, has been moved to the output of the --local option. Removal of sat cablecheck The sat cablecheck command has been removed. To verify that the system\u0026rsquo;s Slingshot network is cabled correctly, admins should now use the show cables command in the Slingshot Topology Tool (STT).\nsat swap Command Compatibility with Next-gen Fabric Controller The sat swap command was added in Shasta v1.3.2. This command used the Fabric Controller API. Shasta v1.4 introduced a new Fabric Manager API and removed the Fabric Controller API, so this command has been rewritten to use the new backwards-incompatible API. Usage of the command did not change.\nsat bootsys Functionality Much of the functionality added to sat bootsys in Shasta v1.3.2 was broken by changes introduced in Shasta v1.4, which removed the Ansible inventory and playbooks.\nThe functionality in the platform-services stage of sat bootsys has been re-implemented to use python directly instead of Ansible. This resulted in a more robust procedure with better logging to the sat log file. Failures to stop containers on Kubernetes nodes are handled more gracefully, and more information about the containers that failed to stop, including how to debug the problem, is included.\nImprovements were made to console logging setup for non-compute nodes (NCNs) when they are shut down and booted.\nThe following improvements were made to the bos-operations stage of sat bootsys:\nMore information about the BOS sessions, BOA jobs, and BOA pods is printed. A command-line option, --bos-templates, and a corresponding config-file option, bos_templates, were added, and the --cle-bos-template and --uan-bos-template options and their corresponding config file options were deprecated. The following functionality has been removed from sat bootsys:\nThe hsn-bringup stage of sat bootsys boot has been removed due to removal of the underlying Ansible playbook. The bgp-check stage of sat bootys {boot,shutdown} has been removed. It is now a manual procedure. Log File Location Change The location of the sat log file has changed from /var/log/cray/sat.log to /var/log/cray/sat/sat.log. This change simplifies mounting this file into the sat container running under Podman.\n" +}, +{ + "uri": "/docs-sat/en-25/release_notes/shasta_1.5_release_notes/", + "title": "SAT Changes in Shasta v1.5", + "tags": [], + "description": "", + "content": "SAT Changes in Shasta v1.5 We released version 2.1.16 of the SAT product in Shasta v1.5.\nThis version of the SAT product included:\nVersion 3.7.4 of the sat python package and CLI Version 1.4.10 of the sat-podman wrapper script It also added the following new component:\nVersion 1.0.3 of the sat-cfs-install docker image and helm chart The following sections detail the changes in this release.\nInstall Changes to Separate Product from CSM This release further decouples the installation of the SAT product from the CSM product. The cray-sat-podman RPM is no longer installed in the management non-compute node (NCN) image. Instead, the cray-sat-podman RPM is installed on all master management NCNs via an Ansible playbook which is referenced by a layer of the CFS configuration that applies to management NCNs. This CFS configuration is typically named ncn-personalization.\nThe SAT product now includes a Docker image and a Helm chart named sat-cfs-install. The SAT install script, install.sh, deploys the Helm chart with Loftsman. This helm chart deploys a Kubernetes job that imports the SAT Ansible content to a git repository in VCS (Gitea) named sat-config-management. This repository is referenced by the layer added to the NCN personalization CFS configuration.\nRemoval of Direct Redfish Access All commands which used to access Redfish directly have either been removed or modified to use higher-level service APIs. This includes the following commands:\nsat sensors sat diag sat linkhealth The sat sensors command has been rewritten to use the SMA telemetry API to obtain the latest sensor values. The command\u0026rsquo;s usage has changed slightly, but legacy options work as before, so it is backwards compatible. Additionally, new commands have been added.\nThe sat diag command has been rewritten to use a new service called Fox, which is delivered with the CSM-Diags product. The sat diag command now launches diagnostics using the Fox service, which launches the corresponding diagnostic programs on controllers using the Hardware Management Job and Task Daemon (HMJTD) over Redfish. Essentially, Fox serves as a proxy for us to start diagnostics over Redfish.\nThe sat linkhealth command has been removed. Its functionality has been replaced by functionality from the Slingshot Topology Tool (STT) in the fabric manager pod.\nThe Redfish username and password command line options and config file options have been removed. For more information, see Remove Obsolete Configuration File Sections.\nAdditional Fields in sat setrev and sat showrev sat setrev now collects the following information from the admin, which is then displayed by sat showrev:\nSystem description Product number Company name Country code Additional guidance and validation has been added to each field collected by sat setrev. This sets the stage for sdu setup to stop collecting this information and instead collect it from sat showrev or its S3 bucket.\nImprovements to sat bootsys The platform-services stage of the sat bootsys boot command has been improved to start inactive Ceph services, unfreeze Ceph, and wait for Ceph health in the correct order. The ceph-check stage has been removed as it is no longer needed.\nThe platform-services stage of sat bootsys boot now prompts for confirmation of the storage NCN hostnames in addition to the Kubernetes masters and workers.\nBug Fixes and Security Fixes Improved error handling in sat firmware. Incremented version of Alpine Linux to 3.13.2 to address a security vulnerability. Other Notable Changes Ansible has been removed from the cray-sat container image. Support for the Firmware Update Service (FUS) has been removed from the sat firmware command. " +}, +{ + "uri": "/docs-sat/en-25/uninstall_and_downgrade/", + "title": "SAT Uninstall and Downgrade", + "tags": [], + "description": "", + "content": "SAT Uninstall and Downgrade Uninstall: Remove a Version of SAT This procedure can be used to uninstall a version of SAT.\nPrerequisites Only versions 2.2 or newer of SAT can be uninstalled with prodmgr. CSM version 1.2 or newer must be installed, so that the prodmgr command is available. Procedure Use sat showrev to list versions of SAT.\nncn-m001# sat showrev --products --filter product_name=sat ############################################################################### Product Revision Information ############################################################################### +--------------+-----------------+-------------------+-----------------------+ | product_name | product_version | images | image_recipes | +--------------+-----------------+-------------------+-----------------------+ | sat | 2.3.3 | - | - | | sat | 2.2.10 | - | - | +--------------+-----------------+-------------------+-----------------------+ Use prodmgr to uninstall a version of SAT.\nThis command will do three things:\nRemove all hosted-type package repositories associated with the given version of SAT. Group-type repositories are not removed. Remove all container images associated with the given version of SAT. Remove SAT from the cray-product-catalog Kubernetes ConfigMap, so that it will no longer show up in the output of sat showrev. ncn-m001# prodmgr uninstall sat 2.2.10 Repository sat-2.2.10-sle-15sp2 has been removed. Removed Docker image cray/cray-sat:3.9.0 Removed Docker image cray/sat-cfs-install:1.0.2 Removed Docker image cray/sat-install-utility:1.4.0 Deleted sat-2.2.10 from product catalog. Downgrade: Switch Between SAT Versions This procedure can be used to downgrade the active version of SAT.\nPrerequisites Only versions 2.2 or newer of SAT can be switched. Older versions must be switched manually. CSM version 1.2 or newer must be installed, so that the prodmgr command is available. Procedure Use sat showrev to list versions of SAT.\nncn-m001# sat showrev --products --filter product_name=sat ############################################################################### Product Revision Information ############################################################################### +--------------+-----------------+--------------------+-----------------------+ | product_name | product_version | images | image_recipes | +--------------+-----------------+--------------------+-----------------------+ | sat | 2.3.3 | - | - | | sat | 2.2.10 | - | - | +--------------+-----------------+--------------------+-----------------------+ Use prodmgr to switch to a different version of SAT.\nThis command will do two things:\nFor all hosted-type package repositories associated with this version of SAT, set them as the sole member of their corresponding group-type repository. For example, switching to SAT version 2.2.10 sets the repository sat-2.2.10-sle-15sp2 as the only member of the sat-sle-15sp2 group. Ensure that the SAT CFS configuration content exists as a layer in all CFS configurations that are associated with NCNs with the role \u0026ldquo;Management\u0026rdquo; and subrole \u0026ldquo;Master\u0026rdquo; (for example, the CFS configuration management-23.5.0). Specifically, it will ensure that the layer refers to the version of SAT CFS configuration content associated with the version of SAT to which you are switching. ncn-m001# prodmgr activate sat 2.5.15 Repository sat-2.5.15-sle-15sp4 is now the default in sat-sle-15sp4. Updated CFS configurations: [management-23.5.0] Apply the modified CFS configuration to the management NCNs.\nAt this point, Nexus package repositories have been modified to set a particular package repository as active, but the SAT package may not have been updated on management NCNs.\nTo ensure that management NCNs have been updated to use the active SAT version, follow the Procedure to Apply CFS Configuration.\nProcedure to Apply CFS Configuration Set an environment variable that refers to the name of the CFS configuration to be applied to the management NCNs.\nncn-m001# export CFS_CONFIG_NAME=\u0026#34;management-23.5.0\u0026#34; Note: Refer to the output from the prodmgr activate command to find the name of the modified CFS configuration. If more than one CFS configuration was modified, use the first one.\nINFO: Successfully saved CFS configuration \u0026#34;management-23.5.0\u0026#34; Obtain the name of the CFS configuration layer for SAT and save it in an environment variable:\nncn-m001# export SAT_LAYER_NAME=$(cray cfs configurations describe $CFS_CONFIG_NAME --format json \\ | jq -r \u0026#39;.layers | map(select(.cloneUrl | contains(\u0026#34;sat-config-management.git\u0026#34;)))[0].name\u0026#39;) Create a CFS session that executes only the SAT layer of the given CFS configuration.\nThe --configuration-limit option limits the configuration session to run only the SAT layer of the configuration.\nncn-m001# cray cfs sessions create --name \u0026#34;sat-session-${CFS_CONFIG_NAME}\u0026#34; --configuration-name \\ \u0026#34;${CFS_CONFIG_NAME}\u0026#34; --configuration-limit \u0026#34;${SAT_LAYER_NAME}\u0026#34; Monitor the progress of the CFS session.\nSet an environment variable to name of the Ansible container within the pod for the CFS session:\nncn-m001# export ANSIBLE_CONTAINER=$(kubectl get pod -n services \\ --selector=cfsession=sat-session-${CFS_CONFIG_NAME} -o json \\ -o json | jq -r \u0026#39;.items[0].spec.containers | map(select(.name | contains(\u0026#34;ansible\u0026#34;))) | .[0].name\u0026#39;) Next, get the logs for the Ansible container.\nncn-m001# kubectl logs -c $ANSIBLE_CONTAINER --tail 100 -f -n services \\ --selector=cfsession=sat-session-${CFS_CONFIG_NAME} Ansible plays, which are run by the CFS session, will install SAT on all the master management NCNs on the system. A summary of results can be found at the end of the log output. The following example shows a successful session.\n... PLAY RECAP ********************************************************************* x3000c0s1b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 x3000c0s3b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 x3000c0s5b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Note: Ensure that the PLAY RECAPs for each session show successes for all manager NCNs before proceeding.\nVerify that SAT was successfully configured.\nIf sat is configured, the --version command will indicate which version is installed. If sat is not properly configured, the command will fail.\nNote: This version number will differ from the version number of the SAT release distribution. This is the semantic version of the sat Python package, which is different from the version number of the overall SAT release distribution.\nncn-m001# sat --version sat 3.7.0 Note: Upon first running sat, you may see additional output while the sat container image is downloaded. This will occur the first time sat is run on each manager NCN. For example, if you run sat for the first time on ncn-m001 and then for the first time on ncn-m002, you will see this additional output both times.\nTrying to pull registry.local/cray/cray-sat:3.7.0-20210514024359_9fed037... Getting image source signatures Copying blob da64e8df3afc done Copying blob 0f36fd81d583 done Copying blob 12527cf455ba done ... sat 3.7.0 Stop the typescript.\nncn-m001# exit SAT version x.y.z is now installed and configured:\nThe SAT RPM package is installed on the associated NCNs. Note on Procedure to Apply CFS Configuration The previous procedure is not always necessary because the CFS Batcher service automatically detects configuration changes and will automatically create new sessions to apply configuration changes according to certain rules. For more information on these rules, refer to Configuration Management with the CFS Batcher in the Cray System Management Documentation.\nThe main scenario in which the CFS batcher will not automatically re-apply the SAT layer is when the commit hash of the sat-config-management git repository has not changed between SAT versions. The previous procedure ensures the configuration is re-applied in all cases, and it is harmless if the batcher has already applied an updated configuration.\n" +}, +{ + "uri": "/docs-sat/en-25/upgrade/", + "title": "SAT Upgrade", + "tags": [], + "description": "", + "content": "SAT Upgrade Install and Upgrade Framework The Install and Upgrade Framework (IUF) provides commands which install, upgrade, and deploy products on systems managed by CSM. IUF capabilities are described in detail in the IUF section of the Cray System Management Documentation. The initial install and upgrade workflows described in the HPE Cray EX System Software Stack Installation and Upgrade Guide for CSM (S-8052) detail when and how to use IUF with a new release of SAT or any other HPE Cray EX product.\nThis document does not replicate install, upgrade, or deployment procedures detailed in the Cray System Management Documentation. This document provides details regarding software and configuration content specific to SAT which is needed when installing, upgrading, or deploying a SAT release. The Cray System Management Documentation will indicate when sections of this document should be referred to for detailed information.\nIUF will perform the following tasks for a release of SAT.\nIUF deliver-product stage: Uploads SAT configuration content to VCS Uploads SAT information to the CSM product catalog Uploads SAT content to Nexus repositories IUF update-vcs-config stage: Updates the VCS integration branch with new SAT configuration content if a working branch is specified IUF update-cfs-config stage: Creates a new CFS configuration for management nodes with new SAT configuration content IUF prepare-images stage: Creates updated management NCN and managed node images with new SAT content IUF management-nodes-rollout stage: Boots management NCNs with an image containing new SAT content IUF uses a variety of CSM and SAT tools when performing these tasks. The IUF section of the Cray System Management Documentation describes how to use these tools directly if it is desirable to use them instead of IUF.\nIUF Stage Details for SAT This section describes SAT details that an administrator must be aware of before running IUF stages. Entries are prefixed with Information if no administrative action is required or Action if an administrator needs to perform tasks outside of IUF.\nupdate-vcs-config Information: This stage is only run if a VCS working branch is specified for SAT. By default, SAT does not create or specify a VCS working branch.\nupdate-cfs-config Information: This stage only applies to the management configuration and not to the managed configuration.\nprepare-images Information: This stage only applies to management images and not to managed images.\nPost-Upgrade Procedures After upgrading SAT with IUF, it is recommended that you complete the following procedures before using SAT:\nRemove Obsolete Configuration File Sections Update SAT Logging Set System Revision Information Notes on the Procedures Ellipses (...) in shell output indicate omitted lines. In the examples below, replace x.y.z with the version of the SAT product stream being upgraded. \u0026lsquo;manager\u0026rsquo; and \u0026lsquo;master\u0026rsquo; are used interchangeably in the steps below. Remove Obsolete Configuration File Sections After upgrading SAT, if using the configuration file from a previous version, there may be configuration file sections no longer used in the new version. For example, when upgrading from Shasta 1.4 to Shasta 1.5, the [redfish] configuration file section is no longer used. In that case, the following warning may appear upon running sat commands.\nWARNING: Ignoring unknown section \u0026#39;redfish\u0026#39; in config file. Remove the [redfish] section from /root/.config/sat/sat.toml to resolve the warning.\n[redfish] username = \u0026#34;admin\u0026#34; password = \u0026#34;adminpass\u0026#34; Repeat this process for any configuration file sections for which there are \u0026ldquo;unknown section\u0026rdquo; warnings.\nUpdate SAT Logging As of SAT version 2.2, some command output that was previously printed to stdout is now logged to stderr. These messages are logged at the INFO level. The default logging threshold was changed from WARNING to INFO to accommodate this logging change. Additionally, some messages previously logged at the INFO are now logged at the DEBUG level.\nThese changes take effect automatically. However, if the default output threshold has been manually set in ~/.config/sat/sat.toml, it should be changed to ensure that important output is shown in the terminal.\nUpdate Configuration In the following example, the stderr log level, logging.stderr_level, is set to WARNING, which will exclude INFO-level logging from terminal output.\nncn-m001:~ # grep -A 3 logging ~/.config/sat/sat.toml [logging] ... stderr_level = \u0026#34;WARNING\u0026#34; To enable the new default behavior, comment this line out, delete it, or set the value to \u0026ldquo;INFO\u0026rdquo;.\nIf logging.stderr_level is commented out, its value will not affect logging behavior. However, it may be helpful to set its value to INFO as a reminder of the new default behavior.\nAffected Commands The following commands trigger messages that have been changed from stdout print calls to INFO-level (or WARNING- or ERROR-level) log messages:\nsat bootsys --stage shutdown --stage session-checks sat sensors The following commands trigger messages that have been changed from INFO-level log messages to DEBUG-level log messages:\nsat nid2xname sat xname2nid sat swap Set System Revision Information HPE service representatives use system revision information data to identify systems in support cases.\nPrerequisites SAT authentication has been set up during installation. See Authenticate SAT Commands. S3 credentials have been generated during installation. See Generate SAT S3 Credentials. Notes on the Procedure This procedure is not required if SAT was upgraded from 2.1 (Shasta v1.5) or later. It is required if SAT was upgraded from 2.0 (Shasta v1.4) or earlier.\nProcedure Set System Revision Information.\nRun sat setrev and follow the prompts to set the following site-specific values:\nSerial number System name System type System description Product number Company name Site name Country code System install date Tip: For \u0026ldquo;System type\u0026rdquo;, a system with any liquid-cooled components should be considered a liquid-cooled system. In other words, \u0026ldquo;System type\u0026rdquo; is EX-1C.\nncn-m001# sat setrev -------------------------------------------------------------------------------- Setting: Serial number Purpose: System identification. This will affect how snapshots are identified in the HPE backend services. Description: This is the top-level serial number which uniquely identifies the system. It can be requested from an HPE representative. Valid values: Alpha-numeric string, 4 - 20 characters. Type: \u0026lt;class \u0026#39;str\u0026#39;\u0026gt; Default: None Current value: None -------------------------------------------------------------------------------- Please do one of the following to set the value of the above setting: - Input a new value - Press CTRL-C to exit ... Verify System Revision Information.\nRun sat showrev and verify the output shown in the \u0026ldquo;System Revision Information table.\u0026rdquo;\nThe following example shows sample table output.\nncn-m001# sat showrev ################################################################################ System Revision Information ################################################################################ +---------------------+---------------+ | component | data | +---------------------+---------------+ | Company name | HPE | | Country code | US | | Interconnect | Sling | | Product number | R4K98A | | Serial number | 12345 | | Site name | HPE | | Slurm version | slurm 20.02.5 | | System description | Test System | | System install date | 2021-01-29 | | System name | eniac | | System type | EX-1C | +---------------------+---------------+ ################################################################################ Product Revision Information ################################################################################ +--------------+-----------------+------------------------------+------------------------------+ | product_name | product_version | images | image_recipes | +--------------+-----------------+------------------------------+------------------------------+ | csm | 0.8.14 | cray-shasta-csm-sles15sp1... | cray-shasta-csm-sles15sp1... | | sat | 2.0.1 | - | - | | sdu | 1.0.8 | - | - | | slingshot | 0.8.0 | - | - | | sma | 1.4.12 | - | - | +--------------+-----------------+------------------------------+------------------------------+ ################################################################################ Local Host Operating System ################################################################################ +-----------+----------------------+ | component | version | +-----------+----------------------+ | Kernel | 5.3.18-24.15-default | | SLES | SLES 15-SP2 | +-----------+----------------------+ " +}, +{ + "uri": "/docs-sat/en-25/categories/", + "title": "Categories", + "tags": [], + "description": "", + "content": "" +}, +{ + "uri": "/docs-sat/en-25/tags/", + "title": "Tags", + "tags": [], + "description": "", + "content": "" +}] \ No newline at end of file diff --git a/en-25/index.xml b/en-25/index.xml new file mode 100644 index 0000000000..57669d4497 --- /dev/null +++ b/en-25/index.xml @@ -0,0 +1,145 @@ + + + + HPE Cray EX System Admin Toolkit (SAT) Guide on System Admin Toolkit (SAT) + /docs-sat/en-25/ + Recent content in HPE Cray EX System Admin Toolkit (SAT) Guide on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-25 + Wed, 11 Dec 2024 03:40:01 +0000 + + + SAT Installation + /docs-sat/en-25/install/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-25/install/ + SAT Installation Install and Upgrade Framework The Install and Upgrade Framework (IUF) provides commands which install, upgrade, and deploy products on systems managed by CSM. IUF capabilities are described in detail in the IUF section of the Cray System Management Documentation. The initial install and upgrade workflows described in the HPE Cray EX System Software Stack Installation and Upgrade Guide for CSM (S-8052) detail when and how to use IUF with a new release of SAT or any other HPE Cray EX product. + + + Change the BOS Version + /docs-sat/en-25/usage/change_bos_version/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-25/usage/change_bos_version/ + Change the BOS Version By default, SAT uses Boot Orchestration Service (BOS) version two (v2). You can select the BOS version to use for individual commands with the --bos-version option. For more information on this option, refer to the man page for a specific command. You can also configure the BOS version to use in the SAT config file. Do this under the api_version setting in the bos section of the config file. + + + Changes in SAT 2.2 + /docs-sat/en-25/release_notes/sat_2.2_release_notes/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-25/release_notes/sat_2.2_release_notes/ + Changes in SAT 2.2 SAT 2.2.16 was released on February 25th, 2022. This version of the SAT product included: Version 3.14.0 of the sat python package and CLI Version 1.6.4 of the sat-podman wrapper script Version 1.0.4 of the sat-cfs-install container image and Helm chart It also added the following new components: Version 1.4.3 of the sat-install-utility container image Version 2.0.2 of the cfs-config-util container image The following sections detail the changes in this release. + + + Introduction to SAT + /docs-sat/en-25/introduction/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-25/introduction/ + Introduction to SAT About System Admin Toolkit (SAT) The System Admin Toolkit (SAT) is designed to assist administrators with common tasks, such as troubleshooting and querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components. SAT offers a command line utility which uses subcommands. There are similarities between SAT commands and xt commands used on the Cray XC platform. For more information on SAT commands, see SAT Command Overview. + + + SAT Grafana Dashboards + /docs-sat/en-25/dashboards/sat_grafana_dashboards/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-25/dashboards/sat_grafana_dashboards/ + SAT Grafana Dashboards The SAT Grafana Dashboards display messages that are generated by the HSN (High Speed Network) and reported through Redfish. The messages are displayed based on severity. Grafana can be accessed via web browser at the following URL: https://sma-grafana.cmn.&lt;site-domain&gt; The value of site-domain can be obtained as follows: ncn-m001:~ # kubectl get secret site-init -n loftsman -o jsonpath=&#39;{.data.customizations\.yaml}&#39; | \ base64 -d | grep &#34;external:&#34; That command will produce the following output, for example: + + + SAT and IUF + /docs-sat/en-25/usage/sat_and_iuf/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-25/usage/sat_and_iuf/ + SAT and IUF The Install and Upgrade Framework (IUF) provides commands which install, upgrade, and deploy products on systems managed by CSM with the help of sat bootprep. Outside of IUF, it is uncommon to use sat bootprep. For more information on IUF, see the IUF section of the Cray System Management Documentation. For more information on sat bootprep, see SAT Bootprep. Variable Substitutions Both IUF and sat bootprep allow variable substitutions into the default HPC CSM Software Recipe bootprep input files. + + + Changes in SAT 2.3 + /docs-sat/en-25/release_notes/sat_2.3_release_notes/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-25/release_notes/sat_2.3_release_notes/ + Changes in SAT 2.3 The 2.3.4 version of the SAT product includes: Version 3.15.4 of the sat python package and CLI Version 1.6.11 of the sat-podman wrapper script Version 1.2.0 of the sat-cfs-install container image Version 2.0.0 of the sat-cfs-install Helm chart Version 1.5.0 of the sat-install-utility container image Version 2.0.3 of the cfs-config-util container image New sat Commands None. Current Working Directory in SAT Container When running sat commands, the current working directory is now mounted in the container as /sat/share, and the current working directory within the container is also /sat/share. + + + SAT Kibana Dashboards + /docs-sat/en-25/dashboards/sat_kibana_dashboards/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-25/dashboards/sat_kibana_dashboards/ + SAT Kibana Dashboards Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored in Elasticsearch indices. Kibana runs as a web service and has a browser-based interface. It offers visual output of node data in the forms of charts, tables and maps that display real-time Elasticsearch queries. Viewing system data in this way breaks down the complexity of large data volumes into easily understood information. + + + SAT Bootprep + /docs-sat/en-25/usage/sat_bootprep/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-25/usage/sat_bootprep/ + SAT Bootprep SAT provides an automated solution for creating CFS configurations, building and configuring images in IMS, and creating BOS session templates. The solution is based on a given input file that defines how those configurations, images, and session templates should be created. This automated process centers around the sat bootprep command. Man page documentation for sat bootprep can be viewed similar to other SAT commands. ncn-m001# sat-man sat-bootprep The sat bootprep command helps the Install and Upgrade Framework (IUF) install, upgrade, and deploy products on systems managed by CSM. + + + Changes in SAT 2.4 + /docs-sat/en-25/release_notes/sat_2.4_release_notes/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-25/release_notes/sat_2.4_release_notes/ + Changes in SAT 2.4 The 2.4.13 version of the SAT product includes: Version 3.19.3 of the sat python package and CLI. Version 2.0.0-1 of the sat-podman wrapper script. Version 1.5.5 of the sat-install-utility container image. Version 3.3.1 of the cfs-config-util container image. Because of installation refactoring efforts, the following two components are no longer delivered with SAT: sat-cfs-install container image sat-cfs-install Helm chart Inclusion of SAT in CSM A version of the cray-sat container image is now included in CSM. + + + SAT on an External System + /docs-sat/en-25/external_system/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-25/external_system/ + SAT on an External System SAT can optionally be installed and configured on an external system to interact with CSM over the CAN. Limitations Most SAT subcommands work by accessing APIs which are reachable via the CAN. However, certain SAT commands depend on host-based functionality on the management NCNs and will not work from an external system. This includes the following: The platform-services and ncn-power stages of sat bootsys The local host information displayed by the --local option of sat showrev Installing SAT on an external system is not an officially supported configuration. + + + Changes in SAT 2.5 + /docs-sat/en-25/release_notes/sat_2.5_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-25/release_notes/sat_2.5_release_notes/ + Changes in SAT 2.5 The 2.5.22 version of the SAT product includes: Version 3.21.9 of the sat python package and CLI. Version 2.0.0-1 of the sat-podman wrapper script. Version 1.6.2 of the sat-install-utility container image. Version 3.3.1 of the cfs-config-util container image. New sat Commands sat jobstat allows you to access application and job data through the command line. It provides a table summarizing information for all jobs on the system. + + + SAT Changes in Shasta v1.3.2 + /docs-sat/en-25/release_notes/shasta_1.3.2_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-25/release_notes/shasta_1.3.2_release_notes/ + SAT Changes in Shasta v1.3.2 Shasta v1.3.2 included version 2.4.0 of the sat python package and CLI. The following sections detail the changes in this release. sat swap Command for Switch and Cable Replacement The sat switch command which supported operations for replacing a switch has been deprecated and replaced with the sat swap command, which now supports replacing a switch OR cable. The sat swap switch command is equivalent to sat switch. + + + SAT Changes in Shasta v1.3 + /docs-sat/en-25/release_notes/shasta_1.3_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-25/release_notes/shasta_1.3_release_notes/ + SAT Changes in Shasta v1.3 Shasta v1.3 included version 2.2.3 of the sat python package and CLI. This version of the sat CLI contained the following commands: auth bootsys cablecheck diag firmware hwinv hwmatch k8s linkhealth sensors setrev showrev status swap switch For more information on each of these commands, see the SAT Command Overview and the table of commands in the Authenticate SAT Commands section of this document. + + + SAT Changes in Shasta v1.4.1 + /docs-sat/en-25/release_notes/shasta_1.4.1_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-25/release_notes/shasta_1.4.1_release_notes/ + SAT Changes in Shasta v1.4.1 We released version 2.0.4 of the SAT product in Shasta v1.4.1. This version of the SAT product included: Version 3.5.0 of the sat python package and CLI. Version 1.4.3 of the sat-podman wrapper script. The following sections detail the changes in this release. New Commands to Translate Between NIDs and XNames Two new commands were added to translate between NIDs and XNames: sat nid2xname sat xname2nid These commands perform this translation by making requests to the Hardware State Manager (HSM) API. + + + SAT Changes in Shasta v1.4 + /docs-sat/en-25/release_notes/shasta_1.4_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-25/release_notes/shasta_1.4_release_notes/ + SAT Changes in Shasta v1.4 In Shasta v1.4, SAT became an independent product, which meant we began to designate a version number for the entire SAT product. We released version 2.0.3 of the SAT product in Shasta v1.4. This version of the SAT product included the following components: Version 3.4.0 of the sat python package and CLI It also added the following new component: Version 1.4.2 of the sat-podman wrapper script The following sections detail the changes in this release. + + + SAT Changes in Shasta v1.5 + /docs-sat/en-25/release_notes/shasta_1.5_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-25/release_notes/shasta_1.5_release_notes/ + SAT Changes in Shasta v1.5 We released version 2.1.16 of the SAT product in Shasta v1.5. This version of the SAT product included: Version 3.7.4 of the sat python package and CLI Version 1.4.10 of the sat-podman wrapper script It also added the following new component: Version 1.0.3 of the sat-cfs-install docker image and helm chart The following sections detail the changes in this release. Install Changes to Separate Product from CSM This release further decouples the installation of the SAT product from the CSM product. + + + SAT Uninstall and Downgrade + /docs-sat/en-25/uninstall_and_downgrade/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-25/uninstall_and_downgrade/ + SAT Uninstall and Downgrade Uninstall: Remove a Version of SAT This procedure can be used to uninstall a version of SAT. Prerequisites Only versions 2.2 or newer of SAT can be uninstalled with prodmgr. CSM version 1.2 or newer must be installed, so that the prodmgr command is available. Procedure Use sat showrev to list versions of SAT. ncn-m001# sat showrev --products --filter product_name=sat ############################################################################### Product Revision Information ############################################################################### +--------------+-----------------+-------------------+-----------------------+ | product_name | product_version | images | image_recipes | +--------------+-----------------+-------------------+-----------------------+ | sat | 2. + + + SAT Upgrade + /docs-sat/en-25/upgrade/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-25/upgrade/ + SAT Upgrade Install and Upgrade Framework The Install and Upgrade Framework (IUF) provides commands which install, upgrade, and deploy products on systems managed by CSM. IUF capabilities are described in detail in the IUF section of the Cray System Management Documentation. The initial install and upgrade workflows described in the HPE Cray EX System Software Stack Installation and Upgrade Guide for CSM (S-8052) detail when and how to use IUF with a new release of SAT or any other HPE Cray EX product. + + + diff --git a/en-25/install/index.html b/en-25/install/index.html new file mode 100644 index 0000000000..16ca47dc3a --- /dev/null +++ b/en-25/install/index.html @@ -0,0 +1,1440 @@ + + + + + + + + + + + + SAT Installation :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Installation

+

Install and Upgrade Framework

+

The Install and Upgrade Framework (IUF) provides commands which install, +upgrade, and deploy products on systems managed by CSM. IUF capabilities are +described in detail in the IUF +section of the +Cray System Management Documentation. +The initial install and upgrade workflows described in the +HPE Cray EX System Software Stack Installation and Upgrade Guide for CSM +(S-8052) detail when and how to use +IUF with a new release of SAT or any other HPE Cray EX product.

+

This document does not replicate install, upgrade, or deployment procedures +detailed in the Cray System Management +Documentation. This document provides +details regarding software and configuration content specific to SAT which is +needed when installing, upgrading, or deploying a SAT release. The Cray +System Management Documentation will +indicate when sections of this document should be referred to for detailed +information.

+

IUF will perform the following tasks for a release of SAT.

+
    +
  • IUF deliver-product stage: +
      +
    • Uploads SAT configuration content to VCS
      • +
    • Uploads SAT information to the CSM product catalog
      • +
    • Uploads SAT content to Nexus repositories
      • +
    +
    • +
  • IUF update-vcs-config stage: +
      +
    • Updates the VCS integration branch with new SAT configuration content if a +working branch is specified
      • +
    +
    • +
  • IUF update-cfs-config stage: +
      +
    • Creates a new CFS configuration for management nodes with new SAT configuration content
      • +
    +
    • +
  • IUF prepare-images stage: +
      +
    • Creates updated management NCN and managed node images with new SAT content
      • +
    +
    • +
  • IUF management-nodes-rollout stage: +
      +
    • Boots management NCNs with an image containing new SAT content
      • +
    +
    • +
+

IUF uses a variety of CSM and SAT tools when performing these tasks. The IUF +section of the +Cray System Management Documentation +describes how to use these tools directly if it is desirable to use them +instead of IUF.

+

IUF Stage Details for SAT

+

This section describes SAT details that an administrator must be aware of +before running IUF stages. Entries are prefixed with Information if no +administrative action is required or Action if an administrator needs +to perform tasks outside of IUF.

+

update-vcs-config

+

Information: This stage is only run if a VCS working branch is specified for +SAT. By default, SAT does not create or specify a VCS working branch.

+

update-cfs-config

+

Information: This stage only applies to the management configuration and +not to the managed configuration.

+

prepare-images

+

Information: This stage only applies to management images and not to +managed images.

+

Post-Installation Procedures

+

After installing SAT with IUF, you must complete the following SAT configuration +procedures before using SAT:

+ +

Notes on the Procedures

+
    +
  • Ellipses (...) in shell output indicate omitted lines.
    • +
  • In the examples below, replace x.y.z with the version of the SAT product stream +being installed.
    • +
  • ‘manager’ and ‘master’ are used interchangeably in the steps below.
    • +
+

Authenticate SAT Commands

+

To run SAT commands on the manager NCNs, you must first set up authentication +to the API gateway. The admin account used to authenticate with sat auth +must be enabled in Keycloak and must have its assigned role set to admin. +For more information on editing Role Mappings, see Create Internal User Accounts +in the Keycloak Shasta Realm in the Cray System Management +Documentation. For more information on +authentication types and authentication credentials, see SAT Command +Authentication.

+

Prerequisites

+ +

Procedure

+

The following is the procedure to globally configure the username used by SAT and +authenticate to the API gateway.

+
    +
  1. +

    Generate a default SAT configuration file, if one does not exist.

    +
    ncn-m001# sat init
+Configuration file "/root/.config/sat/sat.toml" generated.
+

    Note: If the config file already exists, it will print out the following +error.

    +
    ERROR: Configuration file "/root/.config/sat/sat.toml" already exists.
+Not generating configuration file.
+
    2. +
  2. +

    Edit ~/.config/sat/sat.toml and set the username option in the api_gateway +section of the config file.

    +
    username = "crayadmin"
+
    3. +
  3. +

    Run sat auth. Enter your password when prompted.

    +
    ncn-m001# sat auth
+Password for crayadmin:
+Succeeded!
+
    4. +
  4. +

    Other sat commands are now authenticated to make requests to the API gateway.

    +
    ncn-m001# sat status
+
    5. +
+

Generate SAT S3 Credentials

+

Generate S3 credentials and write them to a local file so the SAT user can access +S3 storage. In order to use the SAT S3 bucket, the System Administrator must +generate the S3 access key and secret keys and write them to a local file. This +must be done on every Kubernetes master node where SAT commands are run.

+

SAT uses S3 storage for several purposes, most importantly to store the +site-specific information set with sat setrev (see Set System Revision +Information).

+

Prerequisites

+ +

Procedure

+
    +
  1. +

    Ensure the files are readable only by root.

    +
    ncn-m001# touch /root/.config/sat/s3_access_key \
+    /root/.config/sat/s3_secret_key
+
    ncn-m001# chmod 600 /root/.config/sat/s3_access_key \
+    /root/.config/sat/s3_secret_key
+
    2. +
  2. +

    Write the credentials to local files using kubectl.

    +
    ncn-m001# kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.access_key}' | base64 -d > \
+    /root/.config/sat/s3_access_key
+
    ncn-m001# kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.secret_key}' | base64 -d > \
+    /root/.config/sat/s3_secret_key
+
    3. +
  3. +

    Verify the S3 endpoint specified in the SAT configuration file is correct.

    +
      +
    1. +

      Get the SAT configuration file’s endpoint value.

      +

      Note: If the command’s output is commented out, indicated by an initial # +character, the SAT configuration will take the default value – "https://rgw-vip.nmn".

      +
      ncn-m001# grep endpoint ~/.config/sat/sat.toml
+# endpoint = "https://rgw-vip.nmn"
+
      2. +
    2. +

      Get the sat-s3-credentials secret’s endpoint value.

      +
      ncn-m001# kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.s3_endpoint}' | base64 -d | xargs
+https://rgw-vip.nmn
+
      3. +
    3. +

      Compare the two endpoint values.

      +

      If the values differ, change the SAT configuration file’s endpoint value to +match the secret’s.

      +
      4. +
    +
    4. +
  4. +

    Copy SAT configurations to each manager node on the system.

    +
    ncn-m001# for i in ncn-m002 ncn-m003; do echo $i; ssh ${i} \
+    mkdir -p /root/.config/sat; \
+    scp -pr /root/.config/sat ${i}:/root/.config; done
+

    Note: Depending on how many manager nodes are on the system, the list of +manager nodes may be different. This example assumes three manager nodes, where +the configuration files must be copied from ncn-m001 to ncn-m002 and +ncn-m003. Therefore, the list of hosts above is ncn-m002 and ncn-m003.

    +
    5. +
+

Set System Revision Information

+

HPE service representatives use system revision information data to identify +systems in support cases.

+

Prerequisites

+ +

Procedure

+
    +
  1. +

    Set System Revision Information.

    +

    Run sat setrev and follow the prompts to set the following site-specific values:

    +
      +
    • Serial number
      • +
    • System name
      • +
    • System type
      • +
    • System description
      • +
    • Product number
      • +
    • Company name
      • +
    • Site name
      • +
    • Country code
      • +
    • System install date
      • +
    +

    Tip: For “System type”, a system with any liquid-cooled components should be +considered a liquid-cooled system. In other words, “System type” is EX-1C.

    +
    ncn-m001# sat setrev
+--------------------------------------------------------------------------------
+Setting:        Serial number
+Purpose:        System identification. This will affect how snapshots are
+                identified in the HPE backend services.
+Description:    This is the top-level serial number which uniquely identifies
+                the system. It can be requested from an HPE representative.
+Valid values:   Alpha-numeric string, 4 - 20 characters.
+Type:           <class 'str'>
+Default:        None
+Current value:  None
+--------------------------------------------------------------------------------
+Please do one of the following to set the value of the above setting:
+    - Input a new value
+    - Press CTRL-C to exit
+...
+
    2. +
  2. +

    Verify System Revision Information.

    +

    Run sat showrev and verify the output shown in the “System Revision Information table.”

    +

    The following example shows sample table output.

    +
    ncn-m001# sat showrev
+################################################################################
+System Revision Information
+################################################################################
++---------------------+---------------+
+| component           | data          |
++---------------------+---------------+
+| Company name        | HPE           |
+| Country code        | US            |
+| Interconnect        | Sling         |
+| Product number      | R4K98A        |
+| Serial number       | 12345         |
+| Site name           | HPE           |
+| Slurm version       | slurm 20.02.5 |
+| System description  | Test System   |
+| System install date | 2021-01-29    |
+| System name         | eniac         |
+| System type         | EX-1C         |
++---------------------+---------------+
+################################################################################
+Product Revision Information
+################################################################################
++--------------+-----------------+------------------------------+------------------------------+
+| product_name | product_version | images                       | image_recipes                |
++--------------+-----------------+------------------------------+------------------------------+
+| csm          | 0.8.14          | cray-shasta-csm-sles15sp1... | cray-shasta-csm-sles15sp1... |
+| sat          | 2.0.1           | -                            | -                            |
+| sdu          | 1.0.8           | -                            | -                            |
+| slingshot    | 0.8.0           | -                            | -                            |
+| sma          | 1.4.12          | -                            | -                            |
++--------------+-----------------+------------------------------+------------------------------+
+################################################################################
+Local Host Operating System
+################################################################################
++-----------+----------------------+
+| component | version              |
++-----------+----------------------+
+| Kernel    | 5.3.18-24.15-default |
+| SLES      | SLES 15-SP2          |
++-----------+----------------------+
+
    3. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-25/introduction/index.html b/en-25/introduction/index.html new file mode 100644 index 0000000000..60ec49377a --- /dev/null +++ b/en-25/introduction/index.html @@ -0,0 +1,1606 @@ + + + + + + + + + + + + Introduction to SAT :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

Introduction to SAT

+

About System Admin Toolkit (SAT)

+

The System Admin Toolkit (SAT) is designed to assist administrators with common tasks, such as troubleshooting and +querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware +components.

+

SAT offers a command line utility which uses subcommands. There are similarities between SAT commands and xt commands +used on the Cray XC platform. For more information on SAT commands, see SAT Command Overview.

+

Six Kibana Dashboards are included with SAT. They provide organized output for system health information.

+ +

Four Grafana Dashboards are included with SAT. They display messages that are generated by the HSN (High Speed Network) and +are reported through Redfish.

+ +

In CSM 1.3 and newer, the sat command is automatically available on all the +Kubernetes NCNs. For more information, see SAT in CSM. Older +versions of CSM do not have the sat command automatically available, and SAT +must be installed as a separate product.

+

SAT Command Overview

+

Describes the SAT Command Line Utility, lists the key commands found in the System Admin Toolkit man pages, and provides +instruction on the SAT Container Environment.

+

SAT Command Line Utility

+

The primary component of the System Admin Toolkit (SAT) is a command-line utility run from Kubernetes manager nodes +(ncn-m nodes).

+

It is designed to assist administrators with common tasks, such as troubleshooting and querying information about the +HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components. There are +similarities between SAT commands and xt commands used on the Cray XC platform.

+

SAT Commands

+

The top-level SAT man page describes the toolkit, documents the global options affecting all subcommands, documents +configuration file options, and references the man page for each subcommand. SAT consists of many subcommands that each +have their own set of options.

+

SAT Container Environment

+

The sat command-line utility runs in a container using Podman, a daemonless container runtime. SAT runs on +Kubernetes manager nodes. A few important points about the SAT container environment include the following:

+
    +
  • Using either sat or sat bash always launches a container.
    • +
  • The SAT container does not have access to the NCN file system.
    • +
+

There are two ways to run sat.

+
    +
  • Interactive: Launching a container using sat bash, followed by a sat command.
    • +
  • Non-interactive: Running a sat command directly on a Kubernetes manager node.
    • +
+

In both of these cases, a container is launched in the background to execute the command. The first option, running +sat bash first, gives an interactive shell, at which point sat commands can be run. In the second option, the +container is launched, executes the command, and upon the command’s completion the container exits. The following two +examples show the same action, checking the system status, using interactive and non-interactive modes.

+

Interactive

+
ncn-m001# sat bash
+(CONTAINER-ID)sat-container# sat status
+

Non-interactive

+
ncn-m001# sat status
+

Interactive Advantages

+

Running sat using the interactive command prompt gives the ability to read and write local files on ephemeral +container storage. If multiple sat commands are being run in succession, then use sat bash to launch the +container beforehand. This will save time because the container does not need to be launched for each sat command.

+

Non-interactive Advantages

+

The non-interactive mode is useful if calling sat with a script, or when running a single sat command as a part of +several steps that need to be executed from a management NCN.

+

Man Pages - Interactive and Non-interactive Modes

+

To view a sat man page from a Kubernetes manager node, use sat-man on the manager node as shown in the following +example.

+
ncn-m001# sat-man status
+

A man page describing the SAT container environment is available on the Kubernetes manager nodes, which can be viewed +either with man sat or man sat-podman from the manager node.

+
ncn-m001# man sat
+
ncn-m001# man sat-podman
+

SAT Command Authentication

+

Some SAT subcommands make requests to the Shasta services through the API +gateway and thus require authentication to the API gateway in order to function. +Other SAT subcommands use the Kubernetes API. Some sat commands require S3 to +be configured. In order to use the SAT S3 bucket, the System Administrator must +generate the S3 access key and secret keys and write them to a local file. This +must be done on every Kubernetes manager node where SAT commands are run.

+

For more information on authentication requests, see System Security and +Authentication in the Cray System Management +Documentation. The following is a table +describing SAT commands and the types of authentication they require.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
SAT SubcommandAuthentication/Credentials RequiredMan PageDescription
sat authResponsible for authenticating to the API gateway and storing a token.sat-authAuthenticate to the API gateway and save the token.
sat bmccredsRequires authentication to the API gateway.sat-bmccredsSet BMC passwords.
sat bootprepRequires authentication to the API gateway. Requires Kubernetes configuration and authentication, which is done on ncn-m001 during the install.sat-bootprepPrepare to boot nodes with images and configurations.
sat bootsysRequires authentication to the API gateway. Requires Kubernetes configuration and authentication, which is configured on ncn-m001 during the install. Some stages require passwordless SSH to be configured to all other NCNs. Requires S3 to be configured for some stages.sat-bootsysBoot or shutdown the system, including compute nodes, application nodes, and non-compute nodes (NCNs) running the management software.
sat diagRequires authentication to the API gateway.sat-diagLaunch diagnostics on the HSN switches and generate a report.
sat firmwareRequires authentication to the API gateway.sat-firmwareReport firmware version.
sat hwhistRequires authentication to the API gateway.sat-hwhistReport hardware component history.
sat hwinvRequires authentication to the API gateway.sat-hwinvGive a listing of the hardware of the HPE Cray EX system.
sat hwmatchRequires authentication to the API gateway.sat-hwmatchReport hardware mismatches.
sat initNonesat-initCreate a default SAT configuration file.
sat jobstatRequires authentication to the API gateway.sat-jobstatCheck the status of jobs and applications.
sat k8sRequires Kubernetes configuration and authentication, which is automatically configured on ncn-m001 during the install.sat-k8sReport on Kubernetes replica sets that have co-located (on the same node) replicas.
sat linkhealthThis command has been deprecated.
sat nid2xnameRequires authentication to the API gateway.sat-nid2xnameTranslate node IDs to node XNames.
sat sensorsRequires authentication to the API gateway.sat-sensorsReport current sensor data.
sat setrevRequires S3 to be configured for site information such as system name, serial number, install date, and site name.sat-setrevSet HPE Cray EX system revision information.
sat showrevRequires API gateway authentication in order to query the Interconnect from HSM. Requires S3 to be configured for site information such as system name, serial number, install date, and site name.sat-showrevPrint revision information for the HPE Cray EX system.
sat slscheckRequires authentication to the API gateway.sat-slscheckPerform a cross-check between SLS and HSM.
sat statusRequires authentication to the API gateway.sat-statusReport node status across the HPE Cray EX system.
sat swapRequires authentication to the API gateway.sat-swapPrepare HSN switch or cable for replacement and bring HSN switch or cable into service.
sat xname2nidRequires authentication to the API gateway.sat-xname2nidTranslate node and node BMC XNames to node IDs.
sat switchThis command has been deprecated. It has been replaced by sat swap.
+

In order to authenticate to the API gateway, you must run the sat auth +command. This command will prompt for a password on the command line. The +username value is obtained from the following locations, in order of higher +precedence to lower precedence:

+
    +
  • The --username global command-line option.
    • +
  • The username option in the api_gateway section of the config file at +~/.config/sat/sat.toml.
    • +
  • The name of currently logged in user running the sat command.
    • +
+

If credentials are entered correctly when prompted by sat auth, a token file +will be obtained and saved to ~/.config/sat/tokens. Subsequent sat commands +will determine the username the same way as sat auth described above and will +use the token for that username if it has been obtained and saved by sat auth.

+

Command Prompt Conventions in SAT

+

The host name in a command prompt indicates where the command must be run. The account that must run the command is +also indicated in the prompt.

+
    +
  • The root or super-user account always has the # character at the end of the prompt and has the host name of the +host in the prompt.
    • +
  • Any non-root account is indicated with account@hostname>. A user account that is neither root nor crayadm is +referred to as user.
    • +
  • The command prompt inside the SAT container environment is indicated with the string as follows. It also has the “#” +character at the end of the prompt.
    • +
+ + + + + + + + + + + + + + + + + +
Command PromptMeaning
ncn-m001#Run on one of the Kubernetes Manager servers. (Non-interactive)
(CONTAINER_ID) sat-container#Run the command inside the SAT container environment by first running sat bash. (Interactive)
+

Here are examples of the sat status command used by an administrator.

+
ncn-m001# sat status
+
ncn-m001# sat bash
+(CONTAINER_ID) sat-container# sat status
+

SAT in CSM

+

In CSM 1.3 and newer, the sat command is automatically available on all the Kubernetes NCNs, but it is still possible +to install SAT as a separate product stream. Any version of SAT installed as a separate product stream overrides the +sat command available in CSM. Installing the SAT product stream allows additional supporting components to be added:

+
    +
  • +

    An entry for SAT in the cray-product-catalog Kubernetes ConfigMap is only created by installing the SAT product +stream. Otherwise, there will be no entry for this version of SAT in the output of sat showrev.

    +
    • +
  • +

    The sat-install-utility container image is only available with the full SAT product stream. This container image +provides uninstall and downgrade functionality when used with the prodmgr command. (In SAT 2.3 and older, SAT was +only available to install as a separate product stream. Because these versions were packaged with +sat-install-utility, it is still possible to uninstall these versions of SAT.)

    +
    • +
  • +

    The docs-sat RPM package is only available with the full SAT product stream.

    +
    • +
  • +

    The sat-config-management git repository in Gitea (VCS) and thus the SAT layer of NCN CFS configuration is +only available with the full SAT product stream.

    +
    • +
+

If the SAT product stream is not installed, there will be no configuration content for SAT in VCS. Therefore, CFS +configurations that apply to management NCNs (for example, management-23.5.0) should not include a SAT layer.

+

The SAT configuration layer modifies the permissions of files left over from prior installations of SAT, so that the +Keycloak username that authenticates to the API gateway cannot be read by users other than root. Specifically, it +it does the following:

+
    +
  • +

    Modifies the sat.toml configuration file which contains the username so that it is only readable by root.

    +
    • +
  • +

    Modifies the /root/.config/sat/tokens directory so that the directory is only readable by root. This is needed +because the names of the files within the tokens directory contain the username.

    +
    • +
+

Regardless of the SAT configuration being applied, passwords and the contents of the tokens are never readable by other +users. These permission changes only apply to files created by previous installations of SAT. In the current version of +SAT all files and directories are created with the appropriate permissions.

+

SAT Dependencies

+

Most sat subcommands depend on services or components from other products in the +HPE Cray EX (Shasta) software stack. The following list shows these dependencies +for each subcommand. Each service or component is listed under the product it belongs to.

+

sat auth

+

CSM

+
    +
  • Keycloak
    • +
+

sat bmccreds

+

CSM

+
    +
  • System Configuration Service (SCSD)
    • +
+

sat bootprep

+

CSM

+
    +
  • Boot Orchestration Service (BOS)
    • +
  • Configuration Framework Service (CFS)
    • +
  • Image Management Service (IMS)
    • +
  • Version Control Service (VCS)
    • +
  • Kubernetes
    • +
  • S3
    • +
+

sat bootsys

+

CSM

+
    +
  • Boot Orchestration Service (BOS)
    • +
  • Cray Advanced Platform Monitoring and Control (CAPMC)
    • +
  • Ceph
    • +
  • Compute Rolling Upgrade Service (CRUS)
    • +
  • Etcd
    • +
  • Firmware Action Service (FAS)
    • +
  • Hardware State Manager (HSM)
    • +
  • Kubernetes
    • +
  • S3
    • +
+

COS

+
    +
  • Node Memory Dump (NMD)
    • +
+

sat diag

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

CSM-Diags

+
    +
  • Fox
    • +
+

sat firmware

+

CSM

+
    +
  • Firmware Action Service (FAS)
    • +
+

sat hwhist

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat hwinv

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat hwmatch

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat init

+

None

+

sat jobstat

+

PBS

+
    +
  • HPE State Checker
    • +
+

sat k8s

+

CSM

+
    +
  • Kubernetes
    • +
+

sat nid2xname

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat sensors

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
  • HM Collector
    • +
+

SMA

+
    +
  • Telemetry API
    • +
+

sat setrev

+

CSM

+
    +
  • S3
    • +
+

sat showrev

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
  • Kubernetes
    • +
  • S3
    • +
+

sat slscheck

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
  • Kubernetes
    • +
  • S3
    • +
+

sat status

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat swap

+

Slingshot

+
    +
  • Fabric Manager
    • +
+

sat switch

+

Deprecated: See sat swap

+

sat xname2nid

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-25/release_notes/index.html b/en-25/release_notes/index.html new file mode 100644 index 0000000000..adc938f153 --- /dev/null +++ b/en-25/release_notes/index.html @@ -0,0 +1,1163 @@ + + + + + + + + + + + + SAT Release Notes :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + + +

SAT Release Notes

+

Changes in SAT Version 2.x

+ +

SAT Changes in Shasta Version 1.x

+ + + + + + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-25/release_notes/index.xml b/en-25/release_notes/index.xml new file mode 100644 index 0000000000..6942ad2ee6 --- /dev/null +++ b/en-25/release_notes/index.xml @@ -0,0 +1,75 @@ + + + + SAT Release Notes on System Admin Toolkit (SAT) + /docs-sat/en-25/release_notes/ + Recent content in SAT Release Notes on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-25 + Wed, 11 Dec 2024 03:40:01 +0000 + + + Changes in SAT 2.2 + /docs-sat/en-25/release_notes/sat_2.2_release_notes/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-25/release_notes/sat_2.2_release_notes/ + Changes in SAT 2.2 SAT 2.2.16 was released on February 25th, 2022. This version of the SAT product included: Version 3.14.0 of the sat python package and CLI Version 1.6.4 of the sat-podman wrapper script Version 1.0.4 of the sat-cfs-install container image and Helm chart It also added the following new components: Version 1.4.3 of the sat-install-utility container image Version 2.0.2 of the cfs-config-util container image The following sections detail the changes in this release. + + + Changes in SAT 2.3 + /docs-sat/en-25/release_notes/sat_2.3_release_notes/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-25/release_notes/sat_2.3_release_notes/ + Changes in SAT 2.3 The 2.3.4 version of the SAT product includes: Version 3.15.4 of the sat python package and CLI Version 1.6.11 of the sat-podman wrapper script Version 1.2.0 of the sat-cfs-install container image Version 2.0.0 of the sat-cfs-install Helm chart Version 1.5.0 of the sat-install-utility container image Version 2.0.3 of the cfs-config-util container image New sat Commands None. Current Working Directory in SAT Container When running sat commands, the current working directory is now mounted in the container as /sat/share, and the current working directory within the container is also /sat/share. + + + Changes in SAT 2.4 + /docs-sat/en-25/release_notes/sat_2.4_release_notes/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-25/release_notes/sat_2.4_release_notes/ + Changes in SAT 2.4 The 2.4.13 version of the SAT product includes: Version 3.19.3 of the sat python package and CLI. Version 2.0.0-1 of the sat-podman wrapper script. Version 1.5.5 of the sat-install-utility container image. Version 3.3.1 of the cfs-config-util container image. Because of installation refactoring efforts, the following two components are no longer delivered with SAT: sat-cfs-install container image sat-cfs-install Helm chart Inclusion of SAT in CSM A version of the cray-sat container image is now included in CSM. + + + Changes in SAT 2.5 + /docs-sat/en-25/release_notes/sat_2.5_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-25/release_notes/sat_2.5_release_notes/ + Changes in SAT 2.5 The 2.5.22 version of the SAT product includes: Version 3.21.9 of the sat python package and CLI. Version 2.0.0-1 of the sat-podman wrapper script. Version 1.6.2 of the sat-install-utility container image. Version 3.3.1 of the cfs-config-util container image. New sat Commands sat jobstat allows you to access application and job data through the command line. It provides a table summarizing information for all jobs on the system. + + + SAT Changes in Shasta v1.3.2 + /docs-sat/en-25/release_notes/shasta_1.3.2_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-25/release_notes/shasta_1.3.2_release_notes/ + SAT Changes in Shasta v1.3.2 Shasta v1.3.2 included version 2.4.0 of the sat python package and CLI. The following sections detail the changes in this release. sat swap Command for Switch and Cable Replacement The sat switch command which supported operations for replacing a switch has been deprecated and replaced with the sat swap command, which now supports replacing a switch OR cable. The sat swap switch command is equivalent to sat switch. + + + SAT Changes in Shasta v1.3 + /docs-sat/en-25/release_notes/shasta_1.3_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-25/release_notes/shasta_1.3_release_notes/ + SAT Changes in Shasta v1.3 Shasta v1.3 included version 2.2.3 of the sat python package and CLI. This version of the sat CLI contained the following commands: auth bootsys cablecheck diag firmware hwinv hwmatch k8s linkhealth sensors setrev showrev status swap switch For more information on each of these commands, see the SAT Command Overview and the table of commands in the Authenticate SAT Commands section of this document. + + + SAT Changes in Shasta v1.4.1 + /docs-sat/en-25/release_notes/shasta_1.4.1_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-25/release_notes/shasta_1.4.1_release_notes/ + SAT Changes in Shasta v1.4.1 We released version 2.0.4 of the SAT product in Shasta v1.4.1. This version of the SAT product included: Version 3.5.0 of the sat python package and CLI. Version 1.4.3 of the sat-podman wrapper script. The following sections detail the changes in this release. New Commands to Translate Between NIDs and XNames Two new commands were added to translate between NIDs and XNames: sat nid2xname sat xname2nid These commands perform this translation by making requests to the Hardware State Manager (HSM) API. + + + SAT Changes in Shasta v1.4 + /docs-sat/en-25/release_notes/shasta_1.4_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-25/release_notes/shasta_1.4_release_notes/ + SAT Changes in Shasta v1.4 In Shasta v1.4, SAT became an independent product, which meant we began to designate a version number for the entire SAT product. We released version 2.0.3 of the SAT product in Shasta v1.4. This version of the SAT product included the following components: Version 3.4.0 of the sat python package and CLI It also added the following new component: Version 1.4.2 of the sat-podman wrapper script The following sections detail the changes in this release. + + + SAT Changes in Shasta v1.5 + /docs-sat/en-25/release_notes/shasta_1.5_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-25/release_notes/shasta_1.5_release_notes/ + SAT Changes in Shasta v1.5 We released version 2.1.16 of the SAT product in Shasta v1.5. This version of the SAT product included: Version 3.7.4 of the sat python package and CLI Version 1.4.10 of the sat-podman wrapper script It also added the following new component: Version 1.0.3 of the sat-cfs-install docker image and helm chart The following sections detail the changes in this release. Install Changes to Separate Product from CSM This release further decouples the installation of the SAT product from the CSM product. + + + diff --git a/en-25/release_notes/sat_2.2_release_notes/index.html b/en-25/release_notes/sat_2.2_release_notes/index.html new file mode 100644 index 0000000000..58d8a1cf51 --- /dev/null +++ b/en-25/release_notes/sat_2.2_release_notes/index.html @@ -0,0 +1,1269 @@ + + + + + + + + + + + + Changes in SAT 2.2 :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+ +
+ +
+ +
+ +
+ +

+ +

+ + + + + +

Changes in SAT 2.2

+

SAT 2.2.16 was released on February 25th, 2022.

+

This version of the SAT product included:

+
    +
  • Version 3.14.0 of the sat python package and CLI
    • +
  • Version 1.6.4 of the sat-podman wrapper script
    • +
  • Version 1.0.4 of the sat-cfs-install container image and Helm chart
    • +
+

It also added the following new components:

+
    +
  • Version 1.4.3 of the sat-install-utility container image
    • +
  • Version 2.0.2 of the cfs-config-util container image
    • +
+

The following sections detail the changes in this release.

+

Known Issues in SAT 2.2

+

sat Command Unavailable in sat bash Shell

+

After launching a shell within the SAT container with sat bash, the sat +command will not be found. For example:

+
(CONTAINER-ID) sat-container:~ # sat status
+bash: sat: command not found
+

This can be resolved temporarily in one of two ways. /sat/venv/bin/ may be +prepended to the $PATH environment variable:

+
(CONTAINER-ID) sat-container:~ # export PATH=/sat/venv/bin:$PATH
+(CONTAINER-ID) sat-container:~ # sat status
+

Or, the file /sat/venv/bin/activate may be sourced:

+
(CONTAINER-ID) sat-container:~ # source /sat/venv/bin/activate
+(CONTAINER-ID) sat-container:~ # sat status
+

Tab Completion Unavailable in sat bash Shell

+

After launching a shell within the SAT container with sat bash, tab completion +for sat commands does not work.

+

This can be resolved temporarily by sourcing the file +/etc/bash_completion.d/sat-completion.bash:

+
source /etc/bash_completion.d/sat-completion.bash
+

OCI Runtime Permission Error when Running sat in Root Directory

+

sat commands will not work if the current directory is /. For example:

+
ncn-m001:/ # sat --help
+Error: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: open /dev/console: operation not permitted: OCI runtime permission denied error
+

To resolve, run sat in another directory.

+

Duplicate Mount Error when Running sat in Config Directory

+

sat commands will not work if the current directory is ~/.config/sat. +For example:

+
ncn-m001:~/.config/sat # sat --help
+Error: /root/.config/sat: duplicate mount destination
+

To resolve, run sat in another directory.

+

New sat Commands

+
    +
  • sat bootprep automates the creation of CFS configurations, the build and +customization of IMS images, and the creation of BOS session templates. For +more information, see SAT Bootprep.
    • +
  • sat slscheck performs a check for consistency between the System Layout +Service (SLS) and the Hardware State Manager (HSM).
    • +
  • sat bmccreds provides a simple interface for interacting with the System +Configuration Service (SCSD) to set BMC Redfish credentials.
    • +
  • sat hwhist displays hardware component history by XName (location) or by +its Field-Replaceable Unit ID (FRUID). This command queries the Hardware +State Manager (HSM) API to obtain this information. Since the sat hwhist +command supports querying for the history of a component by its FRUID, the +FRUID of components has been added to the output of sat hwinv.
    • +
+

Additional Install Automation

+

The following automation has been added to the install script, install.sh:

+
    +
  • Wait for the completion of the sat-config-import Kubernetes job, which is +started when the sat-cfs-install Helm chart is deployed.
    • +
  • Automate the modification of the CFS configuration, which applies to master +management NCNs (for example, ncn-personalization).
    • +
+

Changes to Product Catalog Data Schema

+

The SAT product uploads additional information to the cray-product-catalog +Kubernetes ConfigMap detailing the components it provides, including container +(Docker) images, Helm charts, RPMs, and package repositories.

+

This information is used to support uninstall and downgrade of SAT product +versions moving forward.

+

Support for Uninstall and Downgrade of SAT Versions

+

Beginning with the 2.2 release, SAT now provides partial support for the +uninstall and downgrade of the SAT product stream.

+

For more information, see +Uninstall: Remove a Version of SAT and +Downgrade: Switch Between SAT Versions.

+

Improvements to sat status

+

A Subrole column has been added to the output of sat status. This allows you +to easily differentiate between master, worker, and storage nodes in the +management role, for example.

+

Hostname information from SLS has been added to sat status output.

+

Added Support for JSON Output

+

Support for JSON-formatted output has been added to commands which currently +support the --format option, such as hwinv, status, and showrev.

+

Usability Improvements

+

Many usability improvements have been made to multiple sat commands, +mostly related to filtering command output. The following are some highlights:

+
    +
  • Added --fields option to display only specific fields for subcommands which +display tabular reports.
    • +
  • Added ability to filter on exact matches of a field name.
    • +
  • Improved handling of multiple matches of a field name in --filter queries +so that the first match is used, similar to --sort-by.
    • +
  • Added support for --filter, --fields, and --reverse for summaries +displayed by sat hwinv.
    • +
  • Added borders to summary tables generated by sat hwinv.
    • +
  • Improved documentation in the man pages.
    • +
+

Default Log Level Changed

+

The default log level for stderr has been changed from “WARNING” to “INFO”. For +more information, see Update SAT Logging.

+

More Granular Log Level Configuration Options

+

With the command-line options --loglevel-stderr and --loglevel-file, the log +level can now be configured separately for stderr and the log file.

+

The existing --loglevel option is now an alias for the --loglevel-stderr +option.

+

Podman Wrapper Script Improvements

+

The Podman wrapper script is the script installed at /usr/bin/sat on the +master management NCNs by the cray-sat-podman RPM that runs the cray-sat +container in podman. The following subsections detail improvements that were +made to the wrapper script in this release.

+

Mounting of $HOME and Current Directories in cray-sat Container

+

The Podman wrapper script that launches the cray-sat container with podman +has been modified to mount the user’s current directory and home directory into +the cray-sat container to provide access to local files in the container.

+

Podman Wrapper Script Documentation Improvements

+

The man page for the Podman wrapper script, which is accessed by typing man sat on a master management NCN, has been improved to document the following:

+
    +
  • Environment variables that affect execution of the wrapper script
    • +
  • Host files and directories mounted in the container
    • +
+

Fixes to Podman Wrapper Script Output Redirection

+

Fixed issues with redirecting stdout and stderr, and piping output to +commands, such as awk, less, and more.

+

Configurable HTTP Timeout

+

A new sat option has been added to configure the HTTP timeout length for +requests to the API gateway. For more information, refer to sat-man sat.

+

sat bootsys Improvements

+

Many improvements and fixes have been made to sat bootsys. The following are +some highlights:

+
    +
  • Added the --excluded-ncns option, which can be used to omit NCNs +from the platform-services and ncn-power stages in case they are +inaccessible.
    • +
  • Disruptive shutdown stages in sat bootsys shutdown now prompt the user to +continue before proceeding. A new option, --disruptive, will bypass this.
    • +
  • Improvements to Ceph service health checks and restart during the +platform-services stage of sat bootsys boot.
    • +
+

sat xname2nid Improvements

+

sat xname2nid can now recursively expand slot, chassis, and cabinet XNames to +a list of NIDs in those locations.

+

A new --format option has been added to sat xname2nid. It sets the output +format to either “range” (the default) or “NID”. The “range” format displays NIDs +in a compressed range format suitable for use with a workload manager like Slurm.

+

Usage of v2 HSM API

+

The commands which interact with HSM (for example, sat status and sat hwinv) +now use the v2 HSM API.

+

sat diag Limited to HSN Switches

+

sat diag will now only operate against HSN switches by default. These are the +only controllers that support running diagnostics with HMJTD.

+

sat showrev Enhancements

+

A column has been added to the output of sat showrev that indicates whether a +product version is “active”. The definition of “active” varies across products, +and not all products may set an “active” version.

+

For SAT, the active version is the one with its hosted-type package repository +in Nexus set as the member of the group-type package repository in Nexus, +meaning that it will be used when installing the cray-sat-podman RPM.

+

cray-sat Container Image Size Reduction

+

The size of the cray-sat container image has been approximately cut in half by +leveraging multi-stage builds. This also improved the repeatability of the unit +tests by running them in the container.

+

Bug Fixes

+

Minor bug fixes were made in cray-sat and in cray-sat-podman. For full +change lists, refer to each repository’s CHANGELOG.md file.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-25/release_notes/sat_2.3_release_notes/index.html b/en-25/release_notes/sat_2.3_release_notes/index.html new file mode 100644 index 0000000000..a524d83463 --- /dev/null +++ b/en-25/release_notes/sat_2.3_release_notes/index.html @@ -0,0 +1,1147 @@ + + + + + + + + + + + + Changes in SAT 2.3 :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

Changes in SAT 2.3

+

The 2.3.4 version of the SAT product includes:

+
    +
  • Version 3.15.4 of the sat python package and CLI
    • +
  • Version 1.6.11 of the sat-podman wrapper script
    • +
  • Version 1.2.0 of the sat-cfs-install container image
    • +
  • Version 2.0.0 of the sat-cfs-install Helm chart
    • +
  • Version 1.5.0 of the sat-install-utility container image
    • +
  • Version 2.0.3 of the cfs-config-util container image
    • +
+

New sat Commands

+

None.

+

Current Working Directory in SAT Container

+

When running sat commands, the current working directory is now mounted in the +container as /sat/share, and the current working directory within the container +is also /sat/share.

+

Files in the current working directory must be specified using relative paths to +that directory, because the current working directory is always mounted on +/sat/share. Absolute paths should be avoided, and paths that are outside of +$HOME or $PWD are never accessible to the container environment.

+

The home directory is still mounted on the same path inside the container as it +is on the host.

+

Changes to sat bootsys

+

The following options were added to sat bootsys.

+
    +
  • --bos-limit
    • +
  • --recursive
    • +
+

The --bos-limit option passes a given limit string to a BOS session. The +--recursive option specifies a slot or other higher-level component in the +limit string.

+

Changes to sat bootprep

+

The --delete-ims-jobs option was added to sat bootprep run. It deletes IMS +jobs after sat bootprep is run. Jobs are no longer deleted by default.

+

Changes to sat status

+

sat status now includes information about nodes’ CFS configuration statuses, +such as desired configuration, configuration status, and error count.

+

The output of sat status now splits different component types into different +report tables.

+

The following options were added to sat status.

+
    +
  • --hsm-fields, --sls-fields, --cfs-fields
    • +
  • --bos-template
    • +
+

The --hsm-fields, --sls-fields, --cfs-fields options limit the output +columns according to specified CSM services.

+

The --bos-template option filters the status report according to the specified +session template’s boot sets.

+

Compatibility with CSM 1.2

+

The following components were modified to be compatible with CSM 1.2.

+
    +
  • sat-cfs-install container image and Helm chart
    • +
  • sat-install-utility container image
    • +
  • SAT product installer
    • +
+

GPG Checking

+

The sat-ncn Ansible role provided by sat-cfs-install was modified to enable +GPG checks on packages while leaving GPG checks disabled on repository metadata.

+

Security

+

Updated urllib3 dependency to version 1.26.5 to mitigate CVE-2021-33503 and +refreshed Python dependency versions.

+

Bug Fixes

+

Minor bug fixes were made in each of the repositories. For full change lists, +refer to each repository’s CHANGELOG.md file.

+

The known issues listed under the SAT 2.2 release +were fixed.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-25/release_notes/sat_2.4_release_notes/index.html b/en-25/release_notes/sat_2.4_release_notes/index.html new file mode 100644 index 0000000000..2f98bcb08e --- /dev/null +++ b/en-25/release_notes/sat_2.4_release_notes/index.html @@ -0,0 +1,1237 @@ + + + + + + + + + + + + Changes in SAT 2.4 :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

Changes in SAT 2.4

+

The 2.4.13 version of the SAT product includes:

+
    +
  • Version 3.19.3 of the sat python package and CLI.
    • +
  • Version 2.0.0-1 of the sat-podman wrapper script.
    • +
  • Version 1.5.5 of the sat-install-utility container image.
    • +
  • Version 3.3.1 of the cfs-config-util container image.
    • +
+

Because of installation refactoring efforts, the following two components +are no longer delivered with SAT:

+
    +
  • sat-cfs-install container image
    • +
  • sat-cfs-install Helm chart
    • +
+

Inclusion of SAT in CSM

+

A version of the cray-sat container image is now included in CSM. For more +information, see SAT in CSM.

+

SAT Installation Improvements

+

The SAT install.sh script no longer uses a sat-cfs-install Helm chart and +container image to upload its Ansible content to the sat-config-management +repository in VCS. Instead, it uses Podman to run the cf-gitea-import container +directly. Some of the benefits of this change include the following:

+ +

Decoupling of cray-sat Container Image and cray-sat-podman Package

+

In older SAT releases, the sat wrapper script that was provided by the +cray-sat-podman package installed on Kubernetes master NCNs included a +hard-coded version of the cray-sat container image. As a result, every new +version of the cray-sat image required a corresponding new version of the +cray-sat-podman package.

+

In this release, this tight coupling of the cray-sat-podman package and the +cray-sat container image was removed. The sat wrapper script provided +by the cray-sat-podman package now looks for the version of the cray-sat +container image in the /opt/cray/etc/sat/version file. This file is populated +with the correct version of the cray-sat container image by the SAT layer of +the CFS configuration that is applied to management NCNs. If the version file +does not exist, the wrapper script defaults to the version of the cray-sat +container image delivered with the latest version of CSM installed on the system.

+

Improved NCN Personalization Automation

+

The steps for performing NCN personalization as part of the SAT installation +were moved out of the install.sh script and into a new +update-mgmt-ncn-cfs-config.sh script that is provided in the SAT release +distribution. The new script provides additional flexibility in how it modifies +the NCN personalization CFS configuration for SAT. It can modify an existing CFS +configuration by name, a CFS configuration being built in a JSON file, or an +existing CFS configuration that applies to certain components.

+

New sat bootprep Features

+

The following new features were added to the sat bootprep command:

+ +

The schema of the sat bootprep input files was also changed to support these +new features:

+
    +
  • The base recipe or image used by an image in the input file should now be +specified under a base key instead of under an ims key. The old ims +key is deprecated.
    • +
  • To specify an image that depends on another image in the input file, the +dependent image should specify the dependency under base.image_ref. +You should no longer use the IMS name of the image on which it depends.
    • +
  • The image used by a session template should now be specified under +image.ims.name, image.ims.id, or image.image_ref. Specifying a string +value directly under the image key is deprecated.
    • +
+

For more information on defining IMS images and BOS session templates in the +sat bootprep input file, see Define IMS Images +and Define BOS Session Templates.

+

Added Blade Swap Support to sat swap

+

The sat swap command was updated to support swapping compute and UAN blades +with sat swap blade. This functionality is described in the following processes +of the Cray System Management Documentation:

+
    +
  • Adding a Liquid-cooled blade to a System Using SAT
    • +
  • Removing a Liquid-cooled blade from a System Using SAT
    • +
  • Replace a Compute Blade Using SAT
    • +
  • Swap a Compute Blade with a Different System Using SAT
    • +
+

Support for BOS v2

+

A new v2 version of the Boot Orchestration Service (BOS) is available in CSM +1.3.0. SAT has added support for BOS v2. This impacts the following commands +that interact with BOS:

+
    +
  • sat bootprep
    • +
  • sat bootsys
    • +
  • sat status
    • +
+

By default, SAT uses BOS v1. However, you can choose the BOS version you want +to use. For more information, see Change the BOS Version.

+

Added BOS Fields to sat status

+

When using BOS v2, sat status outputs additional fields. These fields show +the most recent BOS session, session template, booted image, and boot status for +each node. An additional --bos-fields option was added to limit the output of +sat status to these fields. The fields are not displayed when using BOS v1.

+

Open Source Repositories

+

This is the first release of SAT built from open source code repositories. +As a result, build infrastructure was changed to use an external Jenkins instance, +and artifacts are now published to an external Artifactory instance. These +changes should not impact the functionality of the SAT product in any way.

+

Security

+

CVE Mitigation

+
    +
  • The paramiko Python package version was updated from 2.9.2 to 2.10.1 to +mitigate CVE-2022-24302.
    • +
  • The oauthlib Python package version was updated from 3.2.0 to 3.2.1 to +mitigate CVE-2022-36087.
    • +
+

Restricted Permissions on SAT Config Files and Directories

+

SAT stores information used to authenticate to the API gateway with Keycloak. +Token files are stored in the ~/.config/sat/tokens/ directory. Those files +have always had permissions appropriately set to restrict them to be readable +only by the user.

+

Keycloak usernames used to authenticate to the API gateway are stored in the +SAT config file at /.config/sat/sat.toml. Keycloak usernames are also used in +the file names of tokens stored in /.config/sat/tokens. As an additional +security measure, SAT now restricts the permissions of the SAT config file +to be readable and writable only by the user. It also restricts the tokens +directory and the entire SAT config directory ~/.config/sat to be accessible +only by the user. This prevents other users on the system from viewing +Keycloak usernames used to authenticate to the API gateway.

+

Bug Fixes

+
    +
  • Fixed an issue where sat init did not print a message confirming a new +configuration file was created.
    • +
  • Fixed an issue where sat showrev exited with a traceback if the file +/opt/cray/etc/site_info.yaml existed but was empty. This could occur if the +user exited sat setrev with Ctrl-C.
    • +
  • Fixed outdated information in the sat bootsys man page, and added a +description of the command stages.
    • +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-25/release_notes/sat_2.5_release_notes/index.html b/en-25/release_notes/sat_2.5_release_notes/index.html new file mode 100644 index 0000000000..1b0d96f8d4 --- /dev/null +++ b/en-25/release_notes/sat_2.5_release_notes/index.html @@ -0,0 +1,1202 @@ + + + + + + + + + + + + Changes in SAT 2.5 :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

Changes in SAT 2.5

+

The 2.5.22 version of the SAT product includes:

+
    +
  • Version 3.21.9 of the sat python package and CLI.
    • +
  • Version 2.0.0-1 of the sat-podman wrapper script.
    • +
  • Version 1.6.2 of the sat-install-utility container image.
    • +
  • Version 3.3.1 of the cfs-config-util container image.
    • +
+

New sat Commands

+

sat jobstat allows you to access application and job data through the command +line. It provides a table summarizing information for all jobs on the system.

+

Changes to sat bootprep

+
    +
  • +

    A list-vars subcommand was added to sat bootprep.

    +

    It lists the variables available for use in bootprep input files at runtime.

    +
    • +
  • +

    A --limit option was added to sat bootprep run.

    +

    It restricts the creation of CFS configurations, IMS images, and BOS session +templates into separate stages. For more information, see +Limit SAT Bootprep Run into Stages.

    +
    • +
  • +

    sat bootprep now prompts individually for each CFS configuration that +already exists.

    +
    • +
  • +

    sat bootprep can now filter images provided by a product by using a prefix.

    +

    This is useful when specifying the base of an image in a bootprep input +file. For more information, see +Define IMS Images.

    +
    • +
  • +

    To support product names with hyphens, sat bootprep now converts hyphens to +underscores within variables.

    +

    For more information, see +Hyphens in HPC CSM Software Recipe Variables.

    +
    • +
  • +

    In sat bootprep input files, you can now render the value of the playbook +property of CFS configuration layers with Jinja2 templates.

    +

    For more information, see +Values Supporting Jinja2 Template Rendering.

    +
    • +
  • +

    Output was added to sat bootprep run that summarizes the CFS configurations, +IMS images, and BOS session templates created.

    +

    For more information, see +Summary of SAT Bootprep Results.

    +
    • +
  • +

    Improvements were made to the sat bootprep output when CFS configuration +and BOS session templates are created.

    +
    • +
+

Changes to sat bootsys

+
    +
  • A reboot subcommand was added to sat bootsys. It uses BOS to reboot +nodes in the bos-operations stage.
    • +
  • The --staged-session option was added to sat bootsys. It can be used to +create staged BOS sessions. For more information, refer to Staging Changes +with BOS in the Cray System Management Documentation.
    • +
+

Changes to Other sat Commands

+
    +
  • When switching SAT versions with prodmgr, a version is no longer set as +“active” in the product catalog. The “active” field was also removed from the +output of sat showrev.
    • +
  • Improvements were made to the performance of sat status when using BOS +version two.
    • +
+

New Install and Upgrade Framework

+

The new Install and Upgrade Framework (IUF) provides commands which install, +upgrade, and deploy products with the help of sat bootprep on HPE Cray EX +systems managed by Cray System Management (CSM). IUF capabilities are described +in detail in the IUF section +of the Cray System Management Documentation. +The initial install and upgrade workflows described in the +HPE Cray EX System Software Stack Installation and Upgrade Guide for CSM +(S-8052) detail when and how to use +IUF with a new release of SAT or any other HPE Cray EX product.

+

Because IUF now handles NCN personalization, information about this process was +removed from the SAT documentation. Other sections in the documentation were +also revised to support the new Install and Upgrade Framework. For example, the +SAT Installation and SAT Upgrade sections of this +guide now provide details on software and configuration content specific to SAT. +The Cray System Management Documentation +will indicate when these sections should be referred to for detailed information.

+

For more information on the relationship between sat bootprep and IUF, see +SAT and IUF.

+

New Default BOS Version

+

By default, SAT now uses version two of the Boot Orchestration Service (BOS). +This change to BOS v2 impacts the following commands that interact with BOS:

+
    +
  • sat bootprep
    • +
  • sat bootsys
    • +
  • sat status
    • +
+

If needed, you can choose the BOS version you want to use. For more information, +see Change the BOS Version.

+

Security

+
    +
  • Updated the version of certifi in the sat python package and CLI from +2021.10.8 to 2022.12.7 to resolve CVE-2022-23491.
    • +
  • Updated the version of certifi in the sat-install-utility container image +from 2021.5.30 to 2022.12.7 to resolve CVE-2022-23491.
    • +
  • Updated the version of oauthlib from 3.2.1 to 3.2.2 to resolve CVE-2022-36087.
    • +
  • Updated the version of cryptography from 36.0.1 to 39.0.1 to resolve +CVE-2023-23931.
    • +
+

Bug Fixes

+
    +
  • Fixed a bug that prevented sat init from creating a configuration file in +the current directory when not prefixed with ./.
    • +
  • Fixed a bug in which sat status failed with a traceback when using BOS +version two and reported components whose most recent image did not exist.
    • +
  • Fixed a build issue where the sat container could contain a different +version of kubectl than the version found in CSM.
    • +
  • Fixed error handling and improved command messages for sat bootprep and +sat swap blade.
    • +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-25/release_notes/shasta_1.3.2_release_notes/index.html b/en-25/release_notes/shasta_1.3.2_release_notes/index.html new file mode 100644 index 0000000000..4792575636 --- /dev/null +++ b/en-25/release_notes/shasta_1.3.2_release_notes/index.html @@ -0,0 +1,1089 @@ + + + + + + + + + + + + SAT Changes in Shasta v1.3.2 :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Changes in Shasta v1.3.2

+

Shasta v1.3.2 included version 2.4.0 of the sat python package and CLI.

+

The following sections detail the changes in this release.

+

sat swap Command for Switch and Cable Replacement

+

The sat switch command which supported operations for replacing a switch has +been deprecated and replaced with the sat swap command, which now supports +replacing a switch OR cable.

+

The sat swap switch command is equivalent to sat switch. The sat switch +command will be removed in a future release.

+

Addition of Stages to sat bootsys Command

+

The sat bootsys command now has multiple stages for both the boot and +shutdown actions. Please refer to the “System Power On Procedures” and “System +Power Off Procedures” sections of the Cray Shasta Administration Guide (S-8001) +for more details on using this command in the context of a full system power off +and power on.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-25/release_notes/shasta_1.3_release_notes/index.html b/en-25/release_notes/shasta_1.3_release_notes/index.html new file mode 100644 index 0000000000..c1c504a9e7 --- /dev/null +++ b/en-25/release_notes/shasta_1.3_release_notes/index.html @@ -0,0 +1,1093 @@ + + + + + + + + + + + + SAT Changes in Shasta v1.3 :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Changes in Shasta v1.3

+

Shasta v1.3 included version 2.2.3 of the sat python package and CLI.

+

This version of the sat CLI contained the following commands:

+
    +
  • auth
    • +
  • bootsys
    • +
  • cablecheck
    • +
  • diag
    • +
  • firmware
    • +
  • hwinv
    • +
  • hwmatch
    • +
  • k8s
    • +
  • linkhealth
    • +
  • sensors
    • +
  • setrev
    • +
  • showrev
    • +
  • status
    • +
  • swap
    • +
  • switch
    • +
+

For more information on each of these commands, see the +SAT Command Overview and the table +of commands in the Authenticate SAT Commands +section of this document.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-25/release_notes/shasta_1.4.1_release_notes/index.html b/en-25/release_notes/shasta_1.4.1_release_notes/index.html new file mode 100644 index 0000000000..37bf95ae9b --- /dev/null +++ b/en-25/release_notes/shasta_1.4.1_release_notes/index.html @@ -0,0 +1,1098 @@ + + + + + + + + + + + + SAT Changes in Shasta v1.4.1 :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Changes in Shasta v1.4.1

+

We released version 2.0.4 of the SAT product in Shasta v1.4.1.

+

This version of the SAT product included:

+
    +
  • Version 3.5.0 of the sat python package and CLI.
    • +
  • Version 1.4.3 of the sat-podman wrapper script.
    • +
+

The following sections detail the changes in this release.

+

New Commands to Translate Between NIDs and XNames

+

Two new commands were added to translate between NIDs and XNames:

+
    +
  • sat nid2xname
    • +
  • sat xname2nid
    • +
+

These commands perform this translation by making requests to the Hardware +State Manager (HSM) API.

+

Bug Fixes

+
    +
  • Fixed a problem in sat swap where creating the offline port policy failed.
    • +
  • Changed sat bootsys shutdown --stage bos-operations to no longer forcefully +power off all compute nodes and application nodes using CAPMC when BOS +sessions complete or time out.
    • +
  • Fixed an issue with the command sat bootsys boot --stage cabinet-power.
    • +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-25/release_notes/shasta_1.4_release_notes/index.html b/en-25/release_notes/shasta_1.4_release_notes/index.html new file mode 100644 index 0000000000..d8fdb361bd --- /dev/null +++ b/en-25/release_notes/shasta_1.4_release_notes/index.html @@ -0,0 +1,1200 @@ + + + + + + + + + + + + SAT Changes in Shasta v1.4 :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Changes in Shasta v1.4

+

In Shasta v1.4, SAT became an independent product, which meant we began to +designate a version number for the entire SAT product. We released version +2.0.3 of the SAT product in Shasta v1.4.

+

This version of the SAT product included the following components:

+
    +
  • Version 3.4.0 of the sat python package and CLI
    • +
+

It also added the following new component:

+
    +
  • Version 1.4.2 of the sat-podman wrapper script
    • +
+

The following sections detail the changes in this release.

+

SAT as an Independent Product

+

SAT is now packaged and released as an independent product. The product +deliverable is called a “release distribution”. The release distribution is a +gzipped tar file containing an install script. This install script loads the +cray/cray-sat container image into the Docker registry in Nexus and loads the +cray-sat-podman RPM into a package repository in Nexus.

+

In this release, the cray-sat-podman package is still installed in the master +and worker NCN images provided by CSM. This is changed in SAT 2.1.16 released in +Shasta v1.5.

+

SAT Running in a Container Under Podman

+

The sat command now runs in a container under Podman. The sat executable is +now installed on all nodes in the Kubernetes management cluster (workers and +masters). This executable is a wrapper script that starts a SAT container in +Podman and invokes the sat Python CLI within that container. The admin can run +individual sat commands directly on the master or worker NCNs as before, or +they can run sat commands inside the SAT container after using sat bash to +enter an interactive shell inside the SAT container.

+

To view man pages for sat commands, the user can run sat-man SAT_COMMAND, +replacing SAT_COMMAND with the name of the sat command. Alternatively, +the user can enter the sat container with sat bash and use the man command.

+

New sat init Command and Config File Location Change

+

The default location of the SAT config file has been changed from /etc/sat.toml +to ~/.config/sat/sat.toml. A new command, sat init, has been added that +initializes a configuration file in the new default directory. This better supports +individual users on the system who want their own config files.

+

~/.config/sat is mounted into the container that runs under Podman, so changes +are persistent across invocations of the sat container. If desired, an alternate +configuration directory can be specified with the SAT_CONFIG_DIR environment +variable.

+

Additionally, if a config file does not yet exist when a user runs a sat +command, one is generated automatically.

+

Additional Types Added to sat hwinv

+

Additional functionality has been added to sat hwinv including:

+
    +
  • List node enclosure power supplies with the --list-node-enclosure-power-supplies +option.
    • +
  • List node accelerators (for example, GPUs) with the --list-node-accels option. +The count of node accelerators is also included for each node.
    • +
  • List node accelerator risers (for example, Redstone modules) with the +--list-node-accel-risers option. The count of node accelerator risers is also +included for each node.
    • +
  • List High-Speed Node Network Interface Cards (HSN NICs) with the +--list-node-hsn-nics option. The count of HSN NICs is also included for each node.
    • +
+

Documentation for these new options has been added to the man page for sat hwinv.

+

Site Information Stored by sat setrev in S3

+

The sat setrev and sat showrev commands now use S3 to store and obtain site +information, including system name, site name, serial number, install date, and +system type. Since the information is stored in S3, it will now be consistent +regardless of the node on which sat is executed.

+

As a result of this change, S3 credentials must be configured for SAT. For more +information, see Generate SAT S3 Credentials.

+

Product Version Information Shown by sat showrev

+

sat showrev now shows product information from the cray-product-catalog +ConfigMap in Kubernetes.

+

Additional Changes to sat showrev

+

The output from sat showrev has also been changed in the following ways:

+
    +
  • The --docker and --packages options were considered misleading and have +been removed.
    • +
  • Information pertaining to only to the local host, where the command is run, +has been moved to the output of the --local option.
    • +
+

Removal of sat cablecheck

+

The sat cablecheck command has been removed. To verify that the system’s Slingshot +network is cabled correctly, admins should now use the show cables command in the +Slingshot Topology Tool (STT).

+

sat swap Command Compatibility with Next-gen Fabric Controller

+

The sat swap command was added in Shasta v1.3.2. This command used the Fabric +Controller API. Shasta v1.4 introduced a new Fabric Manager API and removed the +Fabric Controller API, so this command has been rewritten to use the new +backwards-incompatible API. Usage of the command did not change.

+

sat bootsys Functionality

+

Much of the functionality added to sat bootsys in Shasta v1.3.2 was broken +by changes introduced in Shasta v1.4, which removed the Ansible inventory +and playbooks.

+

The functionality in the platform-services stage of sat bootsys has been +re-implemented to use python directly instead of Ansible. This resulted in +a more robust procedure with better logging to the sat log file. Failures +to stop containers on Kubernetes nodes are handled more gracefully, and +more information about the containers that failed to stop, including how to +debug the problem, is included.

+

Improvements were made to console logging setup for non-compute nodes +(NCNs) when they are shut down and booted.

+

The following improvements were made to the bos-operations stage +of sat bootsys:

+
    +
  • More information about the BOS sessions, BOA jobs, and BOA pods is printed.
    • +
  • A command-line option, --bos-templates, and a corresponding config-file +option, bos_templates, were added, and the --cle-bos-template and +--uan-bos-template options and their corresponding config file options were +deprecated.
    • +
+

The following functionality has been removed from sat bootsys:

+
    +
  • The hsn-bringup stage of sat bootsys boot has been removed due to removal +of the underlying Ansible playbook.
    • +
  • The bgp-check stage of sat bootys {boot,shutdown} has been removed. It is +now a manual procedure.
    • +
+

Log File Location Change

+

The location of the sat log file has changed from /var/log/cray/sat.log to +/var/log/cray/sat/sat.log. This change simplifies mounting this file into the +sat container running under Podman.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-25/release_notes/shasta_1.5_release_notes/index.html b/en-25/release_notes/shasta_1.5_release_notes/index.html new file mode 100644 index 0000000000..d5321b1d80 --- /dev/null +++ b/en-25/release_notes/shasta_1.5_release_notes/index.html @@ -0,0 +1,1154 @@ + + + + + + + + + + + + SAT Changes in Shasta v1.5 :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Changes in Shasta v1.5

+

We released version 2.1.16 of the SAT product in Shasta v1.5.

+

This version of the SAT product included:

+
    +
  • Version 3.7.4 of the sat python package and CLI
    • +
  • Version 1.4.10 of the sat-podman wrapper script
    • +
+

It also added the following new component:

+
    +
  • Version 1.0.3 of the sat-cfs-install docker image and helm chart
    • +
+

The following sections detail the changes in this release.

+

Install Changes to Separate Product from CSM

+

This release further decouples the installation of the SAT product from the CSM +product. The cray-sat-podman RPM is no longer installed in the management +non-compute node (NCN) image. Instead, the cray-sat-podman RPM is installed on +all master management NCNs via an Ansible playbook which is referenced by a +layer of the CFS configuration that applies to management NCNs. This CFS +configuration is typically named ncn-personalization.

+

The SAT product now includes a Docker image and a Helm chart named +sat-cfs-install. The SAT install script, install.sh, deploys the Helm chart +with Loftsman. This helm chart deploys a Kubernetes job that imports the +SAT Ansible content to a git repository in VCS (Gitea) named sat-config-management. +This repository is referenced by the layer added to the NCN personalization +CFS configuration.

+

Removal of Direct Redfish Access

+

All commands which used to access Redfish directly have either been removed or +modified to use higher-level service APIs. This includes the following commands:

+
    +
  • sat sensors
    • +
  • sat diag
    • +
  • sat linkhealth
    • +
+

The sat sensors command has been rewritten to use the SMA telemetry API to +obtain the latest sensor values. The command’s usage has changed slightly, but +legacy options work as before, so it is backwards compatible. Additionally, new +commands have been added.

+

The sat diag command has been rewritten to use a new service called Fox, which +is delivered with the CSM-Diags product. The sat diag command now launches +diagnostics using the Fox service, which launches the corresponding diagnostic +programs on controllers using the Hardware Management Job and Task Daemon +(HMJTD) over Redfish. Essentially, Fox serves as a proxy for us to start +diagnostics over Redfish.

+

The sat linkhealth command has been removed. Its functionality has been +replaced by functionality from the Slingshot Topology Tool (STT) in the +fabric manager pod.

+

The Redfish username and password command line options and config file options +have been removed. For more information, see +Remove Obsolete Configuration File Sections.

+

Additional Fields in sat setrev and sat showrev

+

sat setrev now collects the following information from the admin, which is then +displayed by sat showrev:

+
    +
  • System description
    • +
  • Product number
    • +
  • Company name
    • +
  • Country code
    • +
+

Additional guidance and validation has been added to each field collected by +sat setrev. This sets the stage for sdu setup to stop collecting this +information and instead collect it from sat showrev or its S3 bucket.

+

Improvements to sat bootsys

+

The platform-services stage of the sat bootsys boot command has been +improved to start inactive Ceph services, unfreeze Ceph, and wait for Ceph +health in the correct order. The ceph-check stage has been removed as it is no +longer needed.

+

The platform-services stage of sat bootsys boot now prompts for confirmation +of the storage NCN hostnames in addition to the Kubernetes masters and workers.

+

Bug Fixes and Security Fixes

+
    +
  • Improved error handling in sat firmware.
    • +
  • Incremented version of Alpine Linux to 3.13.2 to address a security +vulnerability.
    • +
+

Other Notable Changes

+
    +
  • Ansible has been removed from the cray-sat container image.
    • +
  • Support for the Firmware Update Service (FUS) has been removed from the sat firmware command.
    • +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-25/sitemap.xml b/en-25/sitemap.xml new file mode 100644 index 0000000000..148822c842 --- /dev/null +++ b/en-25/sitemap.xml @@ -0,0 +1,513 @@ + + + + /docs-sat/en-25/usage/ + 2024-12-11T03:40:01+00:00 + + + + + + + /docs-sat/en-25/ + 2024-12-11T03:40:00+00:00 + + + + + + + + /docs-sat/en-25/dashboards/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-25/install/ + 2024-12-11T03:40:00+00:00 + + + + + + + + /docs-sat/en-25/release_notes/ + 2024-12-11T03:40:00+00:00 + + + + + + + + /docs-sat/en-25/usage/change_bos_version/ + 2024-12-11T03:40:01+00:00 + + + + + /docs-sat/en-25/release_notes/sat_2.2_release_notes/ + 2024-12-11T03:40:00+00:00 + + + + /docs-sat/en-25/introduction/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-25/dashboards/sat_grafana_dashboards/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-25/usage/sat_and_iuf/ + 2024-12-11T03:40:01+00:00 + + + + /docs-sat/en-25/release_notes/sat_2.3_release_notes/ + 2024-12-11T03:40:00+00:00 + + + + /docs-sat/en-25/dashboards/sat_kibana_dashboards/ + 2024-12-11T03:40:00+00:00 + + + + + + + /docs-sat/en-25/usage/sat_bootprep/ + 2024-12-11T03:40:01+00:00 + + + + + /docs-sat/en-25/release_notes/sat_2.4_release_notes/ + 2024-12-11T03:40:00+00:00 + + + + /docs-sat/en-25/external_system/ + 2024-12-11T03:40:00+00:00 + + + + /docs-sat/en-25/release_notes/sat_2.5_release_notes/ + 2024-12-11T03:40:01+00:00 + + + + /docs-sat/en-25/release_notes/shasta_1.3.2_release_notes/ + 2024-12-11T03:40:01+00:00 + + + + /docs-sat/en-25/release_notes/shasta_1.3_release_notes/ + 2024-12-11T03:40:01+00:00 + + + + /docs-sat/en-25/release_notes/shasta_1.4.1_release_notes/ + 2024-12-11T03:40:01+00:00 + + + + /docs-sat/en-25/release_notes/shasta_1.4_release_notes/ + 2024-12-11T03:40:01+00:00 + + + + /docs-sat/en-25/release_notes/shasta_1.5_release_notes/ + 2024-12-11T03:40:01+00:00 + + + + /docs-sat/en-25/uninstall_and_downgrade/ + 2024-12-11T03:40:01+00:00 + + + + /docs-sat/en-25/upgrade/ + 2024-12-11T03:40:01+00:00 + + + + /docs-sat/en-25/categories/ + + + + + + + + /docs-sat/en-25/tags/ + + + + + + + + diff --git a/en-25/tags/index.html b/en-25/tags/index.html new file mode 100644 index 0000000000..472edf8b6d --- /dev/null +++ b/en-25/tags/index.html @@ -0,0 +1,1142 @@ + + + + + + + + + + + + Tags :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ + tag :: + +

+ + + + + + + + +
    + +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-25/tags/index.xml b/en-25/tags/index.xml new file mode 100644 index 0000000000..2be1589e57 --- /dev/null +++ b/en-25/tags/index.xml @@ -0,0 +1,11 @@ + + + + Tags on System Admin Toolkit (SAT) + /docs-sat/en-25/tags/ + Recent content in Tags on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-25 + + + diff --git a/en-25/uninstall_and_downgrade/index.html b/en-25/uninstall_and_downgrade/index.html new file mode 100644 index 0000000000..ac935ff3f7 --- /dev/null +++ b/en-25/uninstall_and_downgrade/index.html @@ -0,0 +1,1247 @@ + + + + + + + + + + + + SAT Uninstall and Downgrade :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Uninstall and Downgrade

+

Uninstall: Remove a Version of SAT

+

This procedure can be used to uninstall a version of SAT.

+

Prerequisites

+
    +
  • Only versions 2.2 or newer of SAT can be uninstalled with prodmgr.
    • +
  • CSM version 1.2 or newer must be installed, so that the prodmgr command is available.
    • +
+

Procedure

+
    +
  1. +

    Use sat showrev to list versions of SAT.

    +
    ncn-m001# sat showrev --products --filter product_name=sat
+###############################################################################
+Product Revision Information
+###############################################################################
++--------------+-----------------+-------------------+-----------------------+
+| product_name | product_version | images            | image_recipes         |
++--------------+-----------------+-------------------+-----------------------+
+| sat          | 2.3.3           | -                 | -                     |
+| sat          | 2.2.10          | -                 | -                     |
++--------------+-----------------+-------------------+-----------------------+
+
    2. +
  2. +

    Use prodmgr to uninstall a version of SAT.

    +

    This command will do three things:

    +
      +
    • Remove all hosted-type package repositories associated with the given version of SAT. Group-type +repositories are not removed.
      • +
    • Remove all container images associated with the given version of SAT.
      • +
    • Remove SAT from the cray-product-catalog Kubernetes ConfigMap, so that it will no longer show up +in the output of sat showrev.
      • +
    +
    ncn-m001# prodmgr uninstall sat 2.2.10
+Repository sat-2.2.10-sle-15sp2 has been removed.
+Removed Docker image cray/cray-sat:3.9.0
+Removed Docker image cray/sat-cfs-install:1.0.2
+Removed Docker image cray/sat-install-utility:1.4.0
+Deleted sat-2.2.10 from product catalog.
+
    3. +
+

Downgrade: Switch Between SAT Versions

+

This procedure can be used to downgrade the active version of SAT.

+

Prerequisites

+
    +
  • Only versions 2.2 or newer of SAT can be switched. Older versions must be switched manually.
    • +
  • CSM version 1.2 or newer must be installed, so that the prodmgr command is available.
    • +
+

Procedure

+
    +
  1. +

    Use sat showrev to list versions of SAT.

    +
    ncn-m001# sat showrev --products --filter product_name=sat
+###############################################################################
+Product Revision Information
+###############################################################################
++--------------+-----------------+--------------------+-----------------------+
+| product_name | product_version | images             | image_recipes         |
++--------------+-----------------+--------------------+-----------------------+
+| sat          | 2.3.3           | -                  | -                     |
+| sat          | 2.2.10          | -                  | -                     |
++--------------+-----------------+--------------------+-----------------------+
+
    2. +
  2. +

    Use prodmgr to switch to a different version of SAT.

    +

    This command will do two things:

    +
      +
    • For all hosted-type package repositories associated with this version of SAT, set them as the sole member +of their corresponding group-type repository. For example, switching to SAT version 2.2.10 +sets the repository sat-2.2.10-sle-15sp2 as the only member of the sat-sle-15sp2 group.
      • +
    • Ensure that the SAT CFS configuration content exists as a layer in all CFS configurations that are +associated with NCNs with the role “Management” and subrole “Master” (for example, the CFS configuration +management-23.5.0). Specifically, it will ensure that the layer refers to the version of SAT CFS +configuration content associated with the version of SAT to which you are switching.
      • +
    +
    ncn-m001# prodmgr activate sat 2.5.15
+Repository sat-2.5.15-sle-15sp4 is now the default in sat-sle-15sp4.
+Updated CFS configurations: [management-23.5.0]
+
    3. +
  3. +

    Apply the modified CFS configuration to the management NCNs.

    +

    At this point, Nexus package repositories have been modified to set a +particular package repository as active, but the SAT package may not have +been updated on management NCNs.

    +

    To ensure that management NCNs have been updated to use the active SAT +version, follow the Procedure to Apply CFS Configuration.

    +
    4. +
+

Procedure to Apply CFS Configuration

+
    +
  1. +

    Set an environment variable that refers to the name of the CFS configuration +to be applied to the management NCNs.

    +
    ncn-m001# export CFS_CONFIG_NAME="management-23.5.0"
+

    Note: Refer to the output from the prodmgr activate command to find +the name of the modified CFS configuration. If more than one CFS configuration +was modified, use the first one.

    +
    INFO: Successfully saved CFS configuration "management-23.5.0"
+
    2. +
  2. +

    Obtain the name of the CFS configuration layer for SAT and save it in an +environment variable:

    +
    ncn-m001# export SAT_LAYER_NAME=$(cray cfs configurations describe $CFS_CONFIG_NAME --format json \
+    | jq -r '.layers | map(select(.cloneUrl | contains("sat-config-management.git")))[0].name')
+
    3. +
  3. +

    Create a CFS session that executes only the SAT layer of the given CFS +configuration.

    +

    The --configuration-limit option limits the configuration session to run +only the SAT layer of the configuration.

    +
    ncn-m001# cray cfs sessions create --name "sat-session-${CFS_CONFIG_NAME}" --configuration-name \
+    "${CFS_CONFIG_NAME}" --configuration-limit "${SAT_LAYER_NAME}"
+
    4. +
  4. +

    Monitor the progress of the CFS session.

    +

    Set an environment variable to name of the Ansible container within the pod +for the CFS session:

    +
    ncn-m001# export ANSIBLE_CONTAINER=$(kubectl get pod -n services \
+    --selector=cfsession=sat-session-${CFS_CONFIG_NAME} -o json \
+    -o json | jq -r '.items[0].spec.containers | map(select(.name | contains("ansible"))) | .[0].name')
+

    Next, get the logs for the Ansible container.

    +
    ncn-m001# kubectl logs -c $ANSIBLE_CONTAINER --tail 100 -f -n services \
+    --selector=cfsession=sat-session-${CFS_CONFIG_NAME}
+

    Ansible plays, which are run by the CFS session, will install SAT on all the +master management NCNs on the system. A summary of results can be found at +the end of the log output. The following example shows a successful session.

    +
    ...
+PLAY RECAP *********************************************************************
+x3000c0s1b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+x3000c0s3b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+x3000c0s5b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+

    Note: Ensure that the PLAY RECAPs for each session show successes for all +manager NCNs before proceeding.

    +
    5. +
  5. +

    Verify that SAT was successfully configured.

    +

    If sat is configured, the --version command will indicate which version +is installed. If sat is not properly configured, the command will fail.

    +

    Note: This version number will differ from the version number of the SAT +release distribution. This is the semantic version of the sat Python package, +which is different from the version number of the overall SAT release distribution.

    +
    ncn-m001# sat --version
+sat 3.7.0
+

    Note: Upon first running sat, you may see additional output while the sat +container image is downloaded. This will occur the first time sat is run on +each manager NCN. For example, if you run sat for the first time on ncn-m001 +and then for the first time on ncn-m002, you will see this additional output +both times.

    +
    Trying to pull registry.local/cray/cray-sat:3.7.0-20210514024359_9fed037...
+Getting image source signatures
+Copying blob da64e8df3afc done
+Copying blob 0f36fd81d583 done
+Copying blob 12527cf455ba done
+...
+sat 3.7.0
+
    6. +
  6. +

    Stop the typescript.

    +
    ncn-m001# exit
+
    7. +
+

SAT version x.y.z is now installed and configured:

+
    +
  • The SAT RPM package is installed on the associated NCNs.
    • +
+

Note on Procedure to Apply CFS Configuration

+

The previous procedure is not always necessary because the CFS Batcher service +automatically detects configuration changes and will automatically create new +sessions to apply configuration changes according to certain rules. For more +information on these rules, refer to Configuration Management with +the CFS Batcher in the Cray System Management Documentation.

+

The main scenario in which the CFS batcher will not automatically re-apply the +SAT layer is when the commit hash of the sat-config-management git repository +has not changed between SAT versions. The previous procedure ensures the +configuration is re-applied in all cases, and it is harmless if the batcher has +already applied an updated configuration.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-25/upgrade/index.html b/en-25/upgrade/index.html new file mode 100644 index 0000000000..090e582f57 --- /dev/null +++ b/en-25/upgrade/index.html @@ -0,0 +1,1297 @@ + + + + + + + + + + + + SAT Upgrade :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Upgrade

+

Install and Upgrade Framework

+

The Install and Upgrade Framework (IUF) provides commands which install, +upgrade, and deploy products on systems managed by CSM. IUF capabilities are +described in detail in the IUF +section of the +Cray System Management Documentation. +The initial install and upgrade workflows described in the +HPE Cray EX System Software Stack Installation and Upgrade Guide for CSM +(S-8052) detail when and how to use +IUF with a new release of SAT or any other HPE Cray EX product.

+

This document does not replicate install, upgrade, or deployment procedures +detailed in the Cray System Management +Documentation. This document provides +details regarding software and configuration content specific to SAT which is +needed when installing, upgrading, or deploying a SAT release. The Cray +System Management Documentation will +indicate when sections of this document should be referred to for detailed +information.

+

IUF will perform the following tasks for a release of SAT.

+
    +
  • IUF deliver-product stage: +
      +
    • Uploads SAT configuration content to VCS
      • +
    • Uploads SAT information to the CSM product catalog
      • +
    • Uploads SAT content to Nexus repositories
      • +
    +
    • +
  • IUF update-vcs-config stage: +
      +
    • Updates the VCS integration branch with new SAT configuration content if a +working branch is specified
      • +
    +
    • +
  • IUF update-cfs-config stage: +
      +
    • Creates a new CFS configuration for management nodes with new SAT configuration content
      • +
    +
    • +
  • IUF prepare-images stage: +
      +
    • Creates updated management NCN and managed node images with new SAT content
      • +
    +
    • +
  • IUF management-nodes-rollout stage: +
      +
    • Boots management NCNs with an image containing new SAT content
      • +
    +
    • +
+

IUF uses a variety of CSM and SAT tools when performing these tasks. The IUF +section of the +Cray System Management Documentation +describes how to use these tools directly if it is desirable to use them +instead of IUF.

+

IUF Stage Details for SAT

+

This section describes SAT details that an administrator must be aware of +before running IUF stages. Entries are prefixed with Information if no +administrative action is required or Action if an administrator needs +to perform tasks outside of IUF.

+

update-vcs-config

+

Information: This stage is only run if a VCS working branch is specified for +SAT. By default, SAT does not create or specify a VCS working branch.

+

update-cfs-config

+

Information: This stage only applies to the management configuration and +not to the managed configuration.

+

prepare-images

+

Information: This stage only applies to management images and not to +managed images.

+

Post-Upgrade Procedures

+

After upgrading SAT with IUF, it is recommended that you complete the following +procedures before using SAT:

+ +

Notes on the Procedures

+
    +
  • Ellipses (...) in shell output indicate omitted lines.
    • +
  • In the examples below, replace x.y.z with the version of the SAT product stream +being upgraded.
    • +
  • ‘manager’ and ‘master’ are used interchangeably in the steps below.
    • +
+

Remove Obsolete Configuration File Sections

+

After upgrading SAT, if using the configuration file from a previous version, there may be +configuration file sections no longer used in the new version. For example, when upgrading +from Shasta 1.4 to Shasta 1.5, the [redfish] configuration file section is no longer used. +In that case, the following warning may appear upon running sat commands.

+
WARNING: Ignoring unknown section 'redfish' in config file.
+

Remove the [redfish] section from /root/.config/sat/sat.toml to resolve the warning.

+
[redfish]
+username = "admin"
+password = "adminpass"
+

Repeat this process for any configuration file sections for which there are “unknown section” warnings.

+

Update SAT Logging

+

As of SAT version 2.2, some command output that was previously printed to stdout +is now logged to stderr. These messages are logged at the INFO level. The +default logging threshold was changed from WARNING to INFO to accommodate +this logging change. Additionally, some messages previously logged at the INFO +are now logged at the DEBUG level.

+

These changes take effect automatically. However, if the default output threshold +has been manually set in ~/.config/sat/sat.toml, it should be changed to ensure +that important output is shown in the terminal.

+

Update Configuration

+

In the following example, the stderr log level, logging.stderr_level, is set to +WARNING, which will exclude INFO-level logging from terminal output.

+
ncn-m001:~ # grep -A 3 logging ~/.config/sat/sat.toml
+[logging]
+...
+stderr_level = "WARNING"
+

To enable the new default behavior, comment this line out, delete it, or set +the value to “INFO”.

+

If logging.stderr_level is commented out, its value will not affect logging +behavior. However, it may be helpful to set its value to INFO as a reminder of +the new default behavior.

+

Affected Commands

+

The following commands trigger messages that have been changed from stdout +print calls to INFO-level (or WARNING- or ERROR-level) log messages:

+
    +
  • sat bootsys --stage shutdown --stage session-checks
    • +
  • sat sensors
    • +
+

The following commands trigger messages that have been changed from INFO-level +log messages to DEBUG-level log messages:

+
    +
  • sat nid2xname
    • +
  • sat xname2nid
    • +
  • sat swap
    • +
+

Set System Revision Information

+

HPE service representatives use system revision information data to identify +systems in support cases.

+

Prerequisites

+ +

Notes on the Procedure

+

This procedure is not required if SAT was upgraded from 2.1 (Shasta v1.5) +or later. It is required if SAT was upgraded from 2.0 (Shasta v1.4) or +earlier.

+

Procedure

+
    +
  1. +

    Set System Revision Information.

    +

    Run sat setrev and follow the prompts to set the following site-specific values:

    +
      +
    • Serial number
      • +
    • System name
      • +
    • System type
      • +
    • System description
      • +
    • Product number
      • +
    • Company name
      • +
    • Site name
      • +
    • Country code
      • +
    • System install date
      • +
    +

    Tip: For “System type”, a system with any liquid-cooled components should be +considered a liquid-cooled system. In other words, “System type” is EX-1C.

    +
    ncn-m001# sat setrev
+--------------------------------------------------------------------------------
+Setting:        Serial number
+Purpose:        System identification. This will affect how snapshots are
+                identified in the HPE backend services.
+Description:    This is the top-level serial number which uniquely identifies
+                the system. It can be requested from an HPE representative.
+Valid values:   Alpha-numeric string, 4 - 20 characters.
+Type:           <class 'str'>
+Default:        None
+Current value:  None
+--------------------------------------------------------------------------------
+Please do one of the following to set the value of the above setting:
+    - Input a new value
+    - Press CTRL-C to exit
+...
+
    2. +
  2. +

    Verify System Revision Information.

    +

    Run sat showrev and verify the output shown in the “System Revision Information table.”

    +

    The following example shows sample table output.

    +
    ncn-m001# sat showrev
+################################################################################
+System Revision Information
+################################################################################
++---------------------+---------------+
+| component           | data          |
++---------------------+---------------+
+| Company name        | HPE           |
+| Country code        | US            |
+| Interconnect        | Sling         |
+| Product number      | R4K98A        |
+| Serial number       | 12345         |
+| Site name           | HPE           |
+| Slurm version       | slurm 20.02.5 |
+| System description  | Test System   |
+| System install date | 2021-01-29    |
+| System name         | eniac         |
+| System type         | EX-1C         |
++---------------------+---------------+
+################################################################################
+Product Revision Information
+################################################################################
++--------------+-----------------+------------------------------+------------------------------+
+| product_name | product_version | images                       | image_recipes                |
++--------------+-----------------+------------------------------+------------------------------+
+| csm          | 0.8.14          | cray-shasta-csm-sles15sp1... | cray-shasta-csm-sles15sp1... |
+| sat          | 2.0.1           | -                            | -                            |
+| sdu          | 1.0.8           | -                            | -                            |
+| slingshot    | 0.8.0           | -                            | -                            |
+| sma          | 1.4.12          | -                            | -                            |
++--------------+-----------------+------------------------------+------------------------------+
+################################################################################
+Local Host Operating System
+################################################################################
++-----------+----------------------+
+| component | version              |
++-----------+----------------------+
+| Kernel    | 5.3.18-24.15-default |
+| SLES      | SLES 15-SP2          |
++-----------+----------------------+
+
    3. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-25/usage/change_bos_version/index.html b/en-25/usage/change_bos_version/index.html new file mode 100644 index 0000000000..9534270522 --- /dev/null +++ b/en-25/usage/change_bos_version/index.html @@ -0,0 +1,1118 @@ + + + + + + + + + + + + Change the BOS Version :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

Change the BOS Version

+

By default, SAT uses Boot Orchestration Service (BOS) version two (v2). You can +select the BOS version to use for individual commands with the --bos-version +option. For more information on this option, refer to the man page for a specific +command.

+

You can also configure the BOS version to use in the SAT config file. Do this +under the api_version setting in the bos section of the config file. If +the system is using an existing SAT config file from an older version of SAT, +the bos section might not exist. In that case, add the bos section with the +BOS version desired in the api_version setting.

+
    +
  1. +

    Find the SAT config file at ~/.config/sat/sat.toml, and look for a section +like this:

    +
    [bos]
+api_version = "v2"
+

    In this example, SAT is using BOS version "v2".

    +
    2. +
  2. +

    Change the line specifying the api_version to the BOS version desired (for +example, "v1").

    +
    [bos]
+api_version = "v1"
+
    3. +
  3. +

    If applicable, uncomment the api_version line.

    +

    If the system is using an existing SAT config file from a recent version of +SAT, the api_version line might be commented out like this:

    +
    [bos]
+# api_version = "v2"
+

    If the line is commented out, SAT will still use the default BOS +version. To ensure a different BOS version is used, uncomment the +api_version line by removing # at the beginning of the line.

    +
    4. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-25/usage/index.html b/en-25/usage/index.html new file mode 100644 index 0000000000..331e2a4931 --- /dev/null +++ b/en-25/usage/index.html @@ -0,0 +1,1125 @@ + + + + + + + + + + + + SAT Usage :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + + +

SAT Usage

+ + + + + + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-25/usage/index.xml b/en-25/usage/index.xml new file mode 100644 index 0000000000..0543a94a35 --- /dev/null +++ b/en-25/usage/index.xml @@ -0,0 +1,33 @@ + + + + SAT Usage on System Admin Toolkit (SAT) + /docs-sat/en-25/usage/ + Recent content in SAT Usage on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-25 + Wed, 11 Dec 2024 03:40:01 +0000 + + + Change the BOS Version + /docs-sat/en-25/usage/change_bos_version/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-25/usage/change_bos_version/ + Change the BOS Version By default, SAT uses Boot Orchestration Service (BOS) version two (v2). You can select the BOS version to use for individual commands with the --bos-version option. For more information on this option, refer to the man page for a specific command. You can also configure the BOS version to use in the SAT config file. Do this under the api_version setting in the bos section of the config file. + + + SAT and IUF + /docs-sat/en-25/usage/sat_and_iuf/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-25/usage/sat_and_iuf/ + SAT and IUF The Install and Upgrade Framework (IUF) provides commands which install, upgrade, and deploy products on systems managed by CSM with the help of sat bootprep. Outside of IUF, it is uncommon to use sat bootprep. For more information on IUF, see the IUF section of the Cray System Management Documentation. For more information on sat bootprep, see SAT Bootprep. Variable Substitutions Both IUF and sat bootprep allow variable substitutions into the default HPC CSM Software Recipe bootprep input files. + + + SAT Bootprep + /docs-sat/en-25/usage/sat_bootprep/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-25/usage/sat_bootprep/ + SAT Bootprep SAT provides an automated solution for creating CFS configurations, building and configuring images in IMS, and creating BOS session templates. The solution is based on a given input file that defines how those configurations, images, and session templates should be created. This automated process centers around the sat bootprep command. Man page documentation for sat bootprep can be viewed similar to other SAT commands. ncn-m001# sat-man sat-bootprep The sat bootprep command helps the Install and Upgrade Framework (IUF) install, upgrade, and deploy products on systems managed by CSM. + + + diff --git a/en-25/usage/sat_and_iuf/index.html b/en-25/usage/sat_and_iuf/index.html new file mode 100644 index 0000000000..4b27a0f6a1 --- /dev/null +++ b/en-25/usage/sat_and_iuf/index.html @@ -0,0 +1,1144 @@ + + + + + + + + + + + + SAT and IUF :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT and IUF

+

The Install and Upgrade Framework (IUF) provides commands which install, +upgrade, and deploy products on systems managed by CSM with the help of +sat bootprep. Outside of IUF, it is uncommon to use sat bootprep. +For more information on IUF, see the +IUF section of +the Cray System Management Documentation. +For more information on sat bootprep, see SAT Bootprep.

+

Variable Substitutions

+

Both IUF and sat bootprep allow variable substitutions into the default HPC +CSM Software Recipe bootprep input files. The default variables of the HPC +CSM Software Recipe are available in a product_vars.yaml file. To override +the default variables, specify any site variables in a site_vars.yaml file. +Variables are sourced from the command line, any variable files directly +provided, and the HPC CSM Software Recipe files used, in that order.

+

IUF Session Variables

+

IUF also has special session variables internal to the iuf command that +override any matching entries. Session variables are the set of product and +version combinations being installed by the current IUF activity, and they are +found inside IUF’s internal session_vars.yaml file. For more information on +IUF and variable substitutions, see the +IUF section of +the Cray System Management Documentation.

+

SAT Variable Limitations

+

When using sat bootprep outside of IUF, you might encounter problems +substituting variables into the default bootprep input files. Complex variables +like "{{ working_branch }}" cannot be completely resolved outside of IUF and +its internal session variables. Thus, the default product_vars.yaml file is +unusable with only the sat bootprep command when variables like +"{{ working_branch }}" are used. To work around this limitation if you are +substituting complex variables, use the internal IUF session_vars.yaml file +with sat bootprep and the default bootprep input files.

+
    +
  1. +

    Find the session_vars.yaml file from the most recent IUF activity on the +system.

    +

    This process is documented in the upgrade prerequisites procedure of the +Cray System Management Documentation. For more information, see steps 1-6 of +Stage 0.3 - Option 2.

    +
    2. +
  2. +

    Use the session_vars.yaml file to substitute variables into the default +bootprep input files.

    +
    ncn-m001# sat bootprep run --vars-file session_vars.yaml
+
    3. +
+

Limit SAT Bootprep Run into Stages

+

The sat bootprep run command uses information from the bootprep input files +to create CFS configurations, IMS images, and BOS session templates. To restrict +this creation into separate stages, use the --limit option and list whether +you want to create configurations, images, session_templates, or some +combination of these. IUF uses the --limit option in this way to install, +upgrade, and deploy products on a system in stages. For example, to create only +CFS configurations, run the following command used by the IUF update-cfs-config +stage:

+
ncn-m001# sat bootprep run --limit configurations example-bootprep-input-file.yaml
+INFO: Validating given input file example-bootprep-input-file.yaml
+INFO: Input file successfully validated against schema
+INFO: Creating 3 CFS configurations
+...
+INFO: Skipping creation of IMS images based on value of --limit option.
+INFO: Skipping creation of BOS session templates based on value of --limit option.
+

To create only IMS images and BOS session templates, run the following command +used by the IUF prepare-images stage:

+
ncn-m001# sat bootprep run --limit images --limit session_templates example-bootprep-input-file.yaml
+INFO: Validating given input file example-bootprep-input-file.yaml
+INFO: Input file successfully validated against schema
+INFO: Skipping creation of CFS configurations based on value of --limit option.
+
+ +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-25/usage/sat_bootprep/index.html b/en-25/usage/sat_bootprep/index.html new file mode 100644 index 0000000000..7dc9b8689d --- /dev/null +++ b/en-25/usage/sat_bootprep/index.html @@ -0,0 +1,1684 @@ + + + + + + + + + + + + SAT Bootprep :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Bootprep

+

SAT provides an automated solution for creating CFS configurations, building +and configuring images in IMS, and creating BOS session templates. The +solution is based on a given input file that defines how those configurations, +images, and session templates should be created. This automated process centers +around the sat bootprep command. Man page documentation for sat bootprep +can be viewed similar to other SAT commands.

+
ncn-m001# sat-man sat-bootprep
+

The sat bootprep command helps the Install and Upgrade Framework (IUF) +install, upgrade, and deploy products on systems managed by CSM. Outside of IUF, +it is uncommon to use sat bootprep. For more information on this relationship, +see SAT and IUF. For more information on IUF, see the +IUF section of +the Cray System Management Documentation.

+

SAT Bootprep vs SAT Bootsys

+

sat bootprep is used to create CFS configurations, build and +rename IMS images, and create BOS session templates which tie the +configurations and images together during a BOS session.

+

sat bootsys automates several portions of the boot and shutdown processes, +including (but not limited to) performing BOS operations (such as creating BOS +sessions), powering on and off cabinets, and checking the state of the system +prior to shutdown.

+

Edit a Bootprep Input File

+

The input file provided to sat bootprep is a YAML-formatted file containing +information which CFS, IMS, and BOS use to create configurations, images, and +BOS session templates respectively. Writing and modifying these input files is +the main task associated with using sat bootprep. An input file is composed of +three main sections, one each for configurations, images, and session templates. +These sections may be specified in any order, and any of the sections may be +omitted if desired.

+

Provide a Schema Version

+

The sat bootprep input file is validated against a versioned schema +definition. The input file should specify the version of the schema with which +it is compatible under a schema_version key. For example:

+
---
+schema_version: 1.0.2
+

The current sat bootprep input file schema version can be viewed with the +following command:

+
ncn-m001# sat bootprep view-schema | grep '^version:'
+version: '1.0.2'
+

The sat bootprep run command validates the schema version specified +in the input file. The command also makes sure that the schema version +of the input file is compatible with the schema version understood by the +current version of sat bootprep. For more information on schema version +validation, refer to the schema_version property description in the bootprep +input file schema. For more information on viewing the bootprep input file +schema in either raw form or user-friendly HTML form, see View SAT Bootprep +Schema.

+

The default HPC CSM Software Recipe bootprep input files provided by the +hpc-csm-software-recipe release distribution already contain the correct +schema version.

+

Define CFS Configurations

+

The CFS configurations are defined under a configurations key. Under this +key, you can list one or more configurations to create. For each +configuration, give a name in addition to the list of layers that +comprise the configuration.

+

Each layer can be defined by a product name and optionally a version number, +commit hash, or branch in the product’s configuration repository. If this +method is used, the layer is created in CFS by looking up relevant configuration +information (including the configuration repository and commit information) from +the cray-product-catalog Kubernetes ConfigMap as necessary. A version may be +supplied. However, if it is absent, the version is assumed to be the latest +version found in the cray-product-catalog.

+

Alternatively, a configuration layer can be defined by explicitly referencing +the desired configuration repository. You must then specify the intended version +of the Ansible playbooks by providing a branch name or commit hash with branch +or commit.

+

The following example shows a CFS configuration with two layers. The first +layer is defined in terms of a product name and version, and the second layer +is defined in terms of a Git clone URL and branch:

+
---
+configurations:
+- name: example-configuration
+  layers:
+  - name: example-product
+    playbook: example.yml
+    product:
+      name: example
+      version: 1.2.3
+  - name: another-example-product
+    playbook: another-example.yml
+    git:
+      url: "https://vcs.local/vcs/another-example-config-management.git"
+      branch: main
+

When sat bootprep is run against an input file, a CFS configuration is created +corresponding to each configuration in the configurations section. For +example, the configuration created from an input file with the layers listed +above might look something like the following:

+
{
+    "lastUpdated": "2022-02-07T21:47:49Z",
+    "layers": [
+        {
+            "cloneUrl": "https://vcs.local/vcs/example-config-management.git",
+            "commit": "<commit hash>",
+            "name": "example product",
+            "playbook": "example.yml"
+        },
+        {
+            "cloneUrl": "https://vcs.local/vcs/another-example-config-management.git",
+            "commit": "<commit hash>",
+            "name": "another example product",
+            "playbook": "another-example.yml"
+        }
+    ],
+    "name": "example-configuration"
+}
+

Define IMS Images

+

The IMS images are defined under an images key. Under the images key, the +user may define one or more images to be created in a list. Each element of the +list defines a separate IMS image to be built and/or configured. Images must +contain a name key and a base key.

+

The name key defines the name of the resulting IMS image. The base key +defines the base image to be configured or the base recipe to be built and +optionally configured. One of the following keys must be present under the +base key:

+
    +
  • Use an ims key to specify an existing image or recipe in IMS.
    • +
  • Use a product key to specify an image or recipe provided by a particular +version of a product. If a product provides more than one image or recipe, +a filter string prefix must be specified to select one.
    • +
  • Use an image_ref key to specify another image from the input file +using its ref_name.
    • +
+

Images may also contain the following keys:

+
    +
  • Use a configuration key to specify a CFS configuration with which to +customize the built image. If a configuration is specified, then configuration +groups must also be specified using the configuration_group_names key.
    • +
  • Use a ref_name key to specify a unique name that can refer to this image +within the input file in other images or in session templates. The ref_name +key allows references to images from the input file that have dynamically +generated names as described in +Dynamic Variable Substitutions.
    • +
  • Use a description key to describe the image in the bootprep input file. +Note that this key is not currently used.
    • +
+

Here is an example of an image using an existing IMS recipe as its base. This +example builds an IMS image from that recipe. It then configures it with +a CFS configuration named example-compute-config. The example-compute-config +CFS configuration can be defined under the configurations key in the same +input file, or it can be an existing CFS configuration. Running sat bootprep +against this input file results in an image named example-compute-image.

+
images:
+- name: example-compute-image
+  description: >
+    An example compute node image built from an existing IMS recipe.    
+  base:
+    ims:
+      name: example-compute-image-recipe
+      type: recipe
+  configuration: example-compute-config
+  configuration_group_names:
+  - Compute
+

Here is an example showing the definition of two images. The first image is +built from a recipe provided by the cos product. The second image uses the +first image as a base and configures it with a configuration named +example-compute-config. The value of the first image’s ref_name key is used +in the second image’s base.image_ref key to specify it as a dependency. +Running sat bootprep against this input file results in two images, the +first named example-cos-image and the second named example-compute-image.

+
images:
+- name: example-cos-image
+  ref_name: example-cos-image
+  description: >
+    An example image built from a recipe provided by the COS product.    
+  base:
+    product:
+      name: cos
+      version: 2.3.101
+      type: recipe
+- name: example-compute-image
+  description: >
+    An example image built from a recipe provided by the COS product.    
+  base:
+    image_ref: example-cos-image
+  configuration: example-compute-config
+  configuration_group_names:
+  - Compute
+

Here is an example of three IMS images built from the Kubernetes image and the +Ceph storage image provided by the csm product. This example uses a filter +string prefix to select from the multiple images provided by the CSM product. +The first two IMS images in the example find any image from the specified csm +product version whose name starts with secure-kubernetes. The third image in +the example finds any csm image whose name starts with secure-storage-ceph. +All three images are then configured with a configuration named +example-management-config. Running sat bootprep against this input file +results in three IMS images named worker-example-csm-image, +master-example-csm-image, and storage-example-csm-image.

+
images:
+- name: worker-example-csm-image
+  base:
+    product:
+      name: csm
+      version: 1.4.1
+      type: image
+      filter:
+        prefix: secure-kubernetes
+  configuration: example-management-config
+  configuration_group_names:
+  - Management_Worker
+
+- name: master-example-csm-image
+  base:
+    product:
+      name: csm
+      version: 1.4.1
+      type: image
+      filter:
+        prefix: secure-kubernetes
+  configuration: example-management-config
+  configuration_group_names:
+  - Management_Master
+
+- name: storage-example-csm-image
+  base:
+    product:
+      name: csm
+      version: 1.4.1
+      type: image
+      filter:
+        prefix: secure-storage-ceph
+  configuration: example-management-config
+  configuration_group_names:
+  - Management_Storage
+

Define BOS Session Templates

+

The BOS session templates are defined under the session_templates key. Each +session template must provide values for the name, image, configuration, +and bos_parameters keys. The name key defines the name of the resulting BOS +session template. The image key defines the image to use in the BOS session +template. One of the following keys must be present under the image key:

+
    +
  • Use an ims key to specify an existing image or recipe in IMS.
    • +
  • Use an image_ref key to specify another image from the input file +using its ref_name.
    • +
+

The configuration key defines the CFS configuration specified +in the BOS session template.

+

The bos_parameters key defines parameters that are passed through directly to +the BOS session template. The bos_parameters key should contain a boot_sets +key, and each boot set in the session template should be specified under +boot_sets. Each boot set can contain the following keys, all of +which are optional:

+
    +
  • Use a kernel_parameters key to specify the parameters passed to the kernel on the command line.
    • +
  • Use a network key to specify the network over which the nodes boot.
    • +
  • Use a node_list key to specify the nodes to add to the boot set.
    • +
  • Use a node_roles_groups key to specify the HSM roles to add to the boot set.
    • +
  • Use a node_groups key to specify the HSM groups to add to the boot set.
    • +
  • Use a rootfs_provider key to specify the root file system provider.
    • +
  • Use a rootfs_provider_passthrough key to specify the parameters to add to the rootfs= +kernel parameter.
    • +
+

As mentioned above, the parameters under bos_parameters are passed through +directly to BOS. For more information on the properties of a BOS boot set, +refer to BOS Session Templates in the Cray +System Management Documentation.

+

Here is an example of a BOS session template that refers to an existing IMS +image by name:

+
session_templates:
+- name: example-session-template
+  image:
+    ims:
+      name: example-image
+  configuration: example-configuration
+  bos_parameters:
+    boot_sets:
+      example_boot_set:
+        kernel_parameters: ip=dhcp quiet
+        node_roles_groups:
+        - Compute
+        rootfs_provider: cpss3
+        rootfs_provider_passthrough: dvs:api-gw-service-nmn.local:300:nmn0
+

Here is an example of a BOS session template that refers to an image from the +input file by its ref_name. This requires that an image defined in the input +file specifies example-image as the value of its ref_name key.

+
session_templates:
+- name: example-session-template
+  image:
+    image_ref: example-image
+  configuration: example-configuration
+  bos_parameters:
+    boot_sets:
+      example_boot_set:
+        kernel_parameters: ip=dhcp quiet
+        node_roles_groups:
+        - Compute
+        rootfs_provider: cpss3
+        rootfs_provider_passthrough: dvs:api-gw-service-nmn.local:300:nmn0
+

HPC CSM Software Recipe Variable Substitutions

+

The sat bootprep command takes any variables you provide and substitutes them +into the input file. Variables are sourced from the command line, any variable +files directly provided, and the HPC CSM Software Recipe files used, in that +order. When you provide values through a variable file, sat bootprep +substitutes the values with Jinja2 template syntax. The HPC CSM Software Recipe +provides default variables in a product_vars.yaml variable file. This file +defines information about each HPC software product included in the recipe.

+

You will primarily substitute variables into the default HPC CSM Software Recipe +bootprep input files through IUF. However, variable files can also be given to +sat bootprep directly from IUF’s use of the recipe. If you do use variables +directly with sat bootprep, you might encounter some limitations. For more +information on SAT variable limitations, see SAT and IUF. +For more information on IUF and variable substitutions, see the +IUF section of +the Cray System Management Documentation.

+

Select an HPC CSM Software Recipe Version

+

You can view a listing of the default HPC CSM Software Recipe variables and +their values by running sat bootprep list-vars. For more information on +options that can be used with the list-vars subcommand, refer to the man page +for the sat bootprep subcommand.

+

By default, the sat bootprep command uses the variables from the latest +installed version of the HPC CSM Software Recipe. However, you can override +this with the --recipe-version command line argument to sat bootprep run.

+

For example, to explicitly select the 22.11.0 version of the HPC CSM Software +Recipe default variables, specify --recipe-version 22.11.0:

+
ncn-m001# sat bootprep run --recipe-version 22.11.0 compute-and-uan-bootprep.yaml
+

Values Supporting Jinja2 Template Rendering

+

The entire sat bootprep input file is not rendered by the Jinja2 template +engine. Jinja2 template rendering of the input file is performed individually +for each supported value. The values of the following keys in the bootprep +input file support rendering as a Jinja2 template and thus support variables:

+
    +
  • The name key of each configuration under the configurations key.
    • +
  • The following keys of each layer under the layers key in a +configuration: +
      +
    • name
      • +
    • playbook
      • +
    • git.branch
      • +
    • product.version
      • +
    • product.branch
      • +
    +
    • +
  • The following keys of each image under the images key: +
      +
    • name
      • +
    • base.product.version
      • +
    • configuration
      • +
    +
    • +
  • The following keys of each session template under the +session_templates key: +
      +
    • name
      • +
    • configuration
      • +
    +
    • +
+

You can use Jinja2 built-in filters in values of any of the keys listed above. +In addition, Python string methods can be called on the string variables.

+

Hyphens in HPC CSM Software Recipe Variables

+

Variable names with hyphens are not allowed in Jinja2 expressions because they +are parsed as an arithmetic expression instead of a single variable. To support +product names with hyphens, sat bootprep converts hyphens to underscores in +all top-level keys of the default HPC CSM Software Recipe variables. It also +converts any variables sourced from the command line or any variable files +you provide directly. When referring to a variable with hyphens in the bootprep +input file, keep this in mind. For example, to refer to the product version +variable for slingshot-host-software in the bootprep input file, write +"{{slingshot_host_software.version}}".

+

HPC CSM Software Recipe Variable Substitution Example

+

The following example bootprep input file shows how a variable of a COS version +can be used in an input file that creates a CFS configuration for computes. +Only one layer is shown for brevity.

+
---
+configurations:
+- name: "{{default.note}}compute-{{recipe.version}}{{default.suffix}}"
+  layers:
+  - name: cos-compute-{{cos.working_branch}}
+    playbook: cos-compute.yml
+    product:
+      name: cos
+      version: "{{cos.version}}"
+      branch: "{{cos.working_branch}}"
+

Note: When the value of a key in the bootprep input file is a Jinja2 +expression, it must be quoted to pass YAML syntax checking.

+

Jinja2 expressions can also use filters and Python’s built-in string methods to +manipulate the variable values. For example, suppose only the major and minor +components of a COS version are to be used in the branch name for the COS +layer of the CFS configuration. You can use the split string method to +achieve this as follows:

+
---
+configurations:
+- name: "{{default.note}}compute-{{recipe.version}}{{default.suffix}}"
+  layers:
+  - name: cos-compute-{{cos.working_branch}}
+    playbook: cos-compute.yml
+    product:
+      name: cos
+      version: "{{cos.version}}"
+      branch: integration-{{cos.version.split('.')[0]}}-{{cos.version.split('.')[1]}}
+

Dynamic Variable Substitutions

+

Additional variables are available besides the default variables provided by +the HPC CSM Software Recipe. (For more information, see HPC CSM Software +Recipe Variable Substitutions.) +These additional variables are dynamic because their values are determined +at run-time based on the context in which they appear. Available dynamic +variables include the following:

+
    +
  • +

    The variable base.name can be used in the name of an image under the +images key. The value of this variable is the name of the IMS image or +recipe used as the base of this image.

    +
    • +
  • +

    The variable image.name can be used in the name of a session template +under the session_templates key. The value of this variable is the name of +the IMS image used in this session template.

    +

    Note: The name of a session template is restricted to 45 characters. Keep +this in mind when using image.name in the name of a session template.

    +
    • +
+

These variables reduce the need to duplicate values throughout the sat bootprep input file and make the following use cases possible:

+
    +
  • You want to build an image from a recipe provided by a product and use the +name of the recipe in the name of the resulting image.
    • +
  • You want to use the name of the image in the name of a session template, and +the image is generated as described in the previous use case.
    • +
+

Example Bootprep Input Files

+

This section provides an example bootprep input file. It also gives +instructions for obtaining the default bootprep input files delivered +with a release of the HPC CSM Software Recipe.

+

Example Bootprep Input File

+

The following bootprep input file provides an example of using most of the +features described in previous sections. It is not intended to be a complete +bootprep file for the entire CSM product.

+
---
+configurations:
+- name: "{{default.note}}compute-{{recipe.version}}{{default.suffix}}"
+  layers:
+  - name: cos-compute-{{cos.working_branch}}
+    playbook: cos-compute.yml
+    product:
+      name: cos
+      version: "{{cos.version}}"
+      branch: "{{cos.working_branch}}"
+  - name: cpe-pe_deploy-{{cpe.working_branch}}
+    playbook: pe_deploy.yml
+    product:
+      name: cpe
+      version: "{{cpe.version}}"
+      branch: "{{cpe.working_branch}}"
+
+images:
+- name: "{{default.note}}{{base.name}}{{default.suffix}}"
+  ref_name: base_cos_image
+  base:
+    product:
+      name: cos
+      type: recipe
+      version: "{{cos.version}}"
+
+- name: "compute-{{base.name}}"
+  ref_name: compute_image
+  base:
+    image_ref: base_cos_image
+  configuration: "{{default.note}}compute-{{recipe.version}}{{default.suffix}}"
+  configuration_group_names:
+  - Compute
+
+session_templates:
+- name: "{{default.note}}compute-{{recipe.version}}{{default.suffix}}"
+  image:
+    image_ref: compute_image
+  configuration: "{{default.note}}compute-{{recipe.version}}{{default.suffix}}"
+  bos_parameters:
+    boot_sets:
+      compute:
+        kernel_parameters: ip=dhcp quiet spire_join_token=${SPIRE_JOIN_TOKEN}
+        node_roles_groups:
+        - Compute
+        rootfs_provider_passthrough: "dvs:api-gw-service-nmn.local:300:hsn0,nmn0:0"
+

Access Default Bootprep Input Files

+

Default bootprep input files are delivered by the HPC CSM Software Recipe +product. You can access these files by cloning the hpc-csm-software-recipe +repository, as described in the Accessing sat bootprep files process of +the Cray System Management +Documentation. Find the +default input files in the bootprep directory of the cloned repository:

+
ncn-m001# ls bootprep/
+

Generate an Example Bootprep Input File

+

The sat bootprep generate-example command was not updated for +recent bootprep schema changes. It is recommended that you instead use the +default bootprep input files described in Access Default Bootprep Input +Files. The sat bootprep generate-example command will be updated in a future release of SAT.

+

Summary of SAT Bootprep Results

+

The sat bootprep run command uses information from the bootprep input file to +create CFS configurations, IMS images, and BOS session templates. For easy +reference, the command also includes output summarizing the final creation +results. The following example shows a sample table output.

+
ncn-m001# sat bootprep run
+...
+################################################################################
+CFS configurations
+################################################################################
++------------------+
+| name             |
++------------------+
+| example-config-1 |
+| example-config-2 |
++------------------+
+################################################################################
+IMS images
+################################################################################
++---------------+--------------------------------------+--------------------------------------+----------------+----------------------------+
+| name          | preconfigured_image_id               | final_image_id                       | configuration  | configuration_group_names  |
++---------------+--------------------------------------+--------------------------------------+----------------+----------------------------+
+| example-image | c1bcaf00-109d-470f-b665-e7b37dedb62f | a22fb912-22be-449b-a51b-081af2d7aff6 | example-config | Compute                    |
++---------------+--------------------------------------+--------------------------------------+----------------+----------------------------+
+################################################################################
+BOS session templates
+################################################################################
++------------------+----------------+
+| name             | configuration  |
++------------------+----------------+
+| example-template | example-config |
++------------------+----------------+
+

View SAT Bootprep Schema

+

The contents of the YAML input files used by sat bootprep must conform to a +schema which defines the structure of the data. The schema definition is written +using the JSON Schema format. (Although the format is named “JSON Schema”, the +schema itself is written in YAML as well.) More information, including introductory +materials and a formal specification of the JSON Schema metaschema, can be found +on the JSON Schema website.

+

View the Exact Schema Specification

+

To view the exact schema specification, run sat bootprep view-schema.

+
ncn-m001# sat bootprep view-schema
+---
+$schema: "https://json-schema.org/draft/2020-12/schema"
+...
+title: Bootprep Input File
+description: >
+  A description of the set of CFS configurations to create, the set of IMS
+  images to create and optionally customize with the defined CFS configurations,
+  and the set of BOS session templates to create that reference the defined
+  images and configurations.
+type: object
+additionalProperties: false
+properties:
+  ...
+

Generate User-Friendly Documentation

+

The raw schema definition can be difficult to understand without experience +working with JSON Schema specifications. For this reason, a feature is included +with sat bootprep that generates user-friendly HTML documentation for the input +file schema. This HTML documentation can be browsed with your preferred web +browser.

+
    +
  1. +

    Create a documentation tarball using sat bootprep.

    +
    ncn-m001# sat bootprep generate-docs
+INFO: Wrote input schema documentation to /root/bootprep-schema-docs.tar.gz
+

    An alternate output directory can be specified with the --output-dir +option. The generated tarball is always named bootprep-schema-docs.tar.gz.

    +
    ncn-m001# sat bootprep generate-docs --output-dir /tmp
+INFO: Wrote input schema documentation to /tmp/bootprep-schema-docs.tar.gz
+
    2. +
  2. +

    From another machine, copy the tarball to a local directory.

    +
    another-machine$ scp root@ncn-m001:bootprep-schema-docs.tar.gz .
+
    3. +
  3. +

    Extract the contents of the tarball and open the contained index.html.

    +
    another-machine$ tar xzvf bootprep-schema-docs.tar.gz
+x bootprep-schema-docs/
+x bootprep-schema-docs/index.html
+x bootprep-schema-docs/schema_doc.css
+x bootprep-schema-docs/schema_doc.min.js
+another-machine$ open bootprep-schema-docs/index.html
+
    4. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/404.html b/en-26/404.html new file mode 100644 index 0000000000..bbffb11fa9 --- /dev/null +++ b/en-26/404.html @@ -0,0 +1,59 @@ + + + + + + + + + 404 Page not found + + + + + + + + + + + + + + + + + + +
+
+
+
+

+

+

+

+

+

+

Page not found!

+
+
+ +
+ + + diff --git a/en-26/about_sat/command_authentication/index.html b/en-26/about_sat/command_authentication/index.html new file mode 100644 index 0000000000..9967a220b3 --- /dev/null +++ b/en-26/about_sat/command_authentication/index.html @@ -0,0 +1,1381 @@ + + + + + + + + + + + + SAT Command Authentication :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Command Authentication

+

Some SAT subcommands make requests to the HPE Cray EX services through the API +gateway and thus require authentication to the API gateway in order to function. +Other SAT subcommands use the Kubernetes API. Some sat commands require S3 to +be configured. In order to use the SAT S3 bucket, the System Administrator must +generate the S3 access key and secret keys and write them to a local file. This +must be done on every Kubernetes control plane node where SAT commands are run.

+

For more information on authentication requests, see System Security and +Authentication in the Cray System Management +Documentation. The following is a table +describing SAT commands and the types of authentication they require.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
SAT SubcommandAuthentication/Credentials RequiredMan PageDescription
sat authResponsible for authenticating to the API gateway and storing a token.sat-authAuthenticate to the API gateway and save the token.
sat bmccredsRequires authentication to the API gateway.sat-bmccredsSet BMC passwords.
sat bootprepRequires authentication to the API gateway. Requires Kubernetes configuration and authentication, which is done on ncn-m001 during the install.sat-bootprepPrepare to boot nodes with images and configurations.
sat bootsysRequires authentication to the API gateway. Requires Kubernetes configuration and authentication, which is configured on ncn-m001 during the install. Some stages require passwordless SSH to be configured to all other NCNs. Requires S3 to be configured for some stages.sat-bootsysBoot or shutdown the system, including compute nodes, application nodes, and non-compute nodes (NCNs) running the management software.
sat diagRequires authentication to the API gateway.sat-diagLaunch diagnostics on the HSN switches and generate a report.
sat firmwareRequires authentication to the API gateway.sat-firmwareReport firmware version.
sat hwhistRequires authentication to the API gateway.sat-hwhistReport hardware component history.
sat hwinvRequires authentication to the API gateway.sat-hwinvGive a listing of the hardware of the HPE Cray EX system.
sat hwmatchRequires authentication to the API gateway.sat-hwmatchReport hardware mismatches.
sat initNonesat-initCreate a default SAT configuration file.
sat jobstatRequires authentication to the API gateway.sat-jobstatCheck the status of jobs and applications.
sat k8sRequires Kubernetes configuration and authentication, which is automatically configured on ncn-m001 during the install.sat-k8sReport on Kubernetes replica sets that have co-located (on the same node) replicas.
sat linkhealthThis command has been deprecated.
sat nid2xnameRequires authentication to the API gateway.sat-nid2xnameTranslate node IDs to node XNames.
sat sensorsRequires authentication to the API gateway.sat-sensorsReport current sensor data.
sat setrevRequires S3 to be configured for site information such as system name, serial number, install date, and site name.sat-setrevSet HPE Cray EX system revision information.
sat showrevRequires API gateway authentication in order to query the Interconnect from HSM. Requires S3 to be configured for site information such as system name, serial number, install date, and site name.sat-showrevPrint revision information for the HPE Cray EX system.
sat slscheckRequires authentication to the API gateway.sat-slscheckPerform a cross-check between SLS and HSM.
sat statusRequires authentication to the API gateway.sat-statusReport node status across the HPE Cray EX system.
sat swapRequires authentication to the API gateway.sat-swapPrepare HSN switch or cable for replacement and bring HSN switch or cable into service.
sat xname2nidRequires authentication to the API gateway.sat-xname2nidTranslate node and node BMC XNames to node IDs.
sat switchThis command has been deprecated. It has been replaced by sat swap.
+

In order to authenticate to the API gateway, run the sat auth +command. This command will prompt for a password on the command line. The +username value is obtained from the following locations, in order of higher +precedence to lower precedence:

+
    +
  • The --username global command-line option.
    • +
  • The username option in the api_gateway section of the configuration file +at ~/.config/sat/sat.toml.
    • +
  • The name of currently logged in user running the sat command.
    • +
+

If credentials are entered correctly when prompted by sat auth, a token file +will be obtained and saved to ~/.config/sat/tokens. Subsequent sat commands +will determine the username the same way as sat auth described above and will +use the token for that username if it has been obtained and saved by sat auth.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/about_sat/dependencies/index.html b/en-26/about_sat/dependencies/index.html new file mode 100644 index 0000000000..6bc224bb30 --- /dev/null +++ b/en-26/about_sat/dependencies/index.html @@ -0,0 +1,1453 @@ + + + + + + + + + + + + SAT Dependencies :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Dependencies

+

Most sat subcommands depend on services or components from other products in the +HPE Cray EX software stack. The following list shows these dependencies for each +subcommand. Each service or component is listed under the product it belongs to.

+

sat auth

+

CSM

+
    +
  • Keycloak
    • +
+

sat bmccreds

+

CSM

+
    +
  • System Configuration Service (SCSD)
    • +
+

sat bootprep

+

CSM

+
    +
  • Boot Orchestration Service (BOS)
    • +
  • Configuration Framework Service (CFS)
    • +
  • Image Management Service (IMS)
    • +
  • Version Control Service (VCS)
    • +
  • Kubernetes
    • +
  • S3
    • +
+

sat bootsys

+

CSM

+
    +
  • Boot Orchestration Service (BOS)
    • +
  • Cray Advanced Platform Monitoring and Control (CAPMC)
    • +
  • Ceph
    • +
  • Etcd
    • +
  • Firmware Action Service (FAS)
    • +
  • Hardware State Manager (HSM)
    • +
  • Kubernetes
    • +
  • S3
    • +
+

HPE Cray Supercomputing User Services Software (USS)

+
    +
  • Node Memory Dump (NMD)
    • +
+

sat diag

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

CSM-Diags

+
    +
  • Fox
    • +
+

sat firmware

+

CSM

+
    +
  • Firmware Action Service (FAS)
    • +
+

sat hwhist

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat hwinv

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat hwmatch

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat init

+

None

+

sat jobstat

+

PBS

+
    +
  • HPE State Checker
    • +
+

sat k8s

+

CSM

+
    +
  • Kubernetes
    • +
+

sat nid2xname

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+

sat sensors

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
  • HM Collector
    • +
+

SMA

+
    +
  • Telemetry API
    • +
+

sat setrev

+

CSM

+
    +
  • S3
    • +
+

sat showrev

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
  • Kubernetes
    • +
  • S3
    • +
+

sat slscheck

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
  • System Layout Service (SLS)
    • +
+

sat status

+

CSM

+
    +
  • Boot Orchestration Service (BOS)
    • +
  • Configuration Framework Service (CFS)
    • +
  • Hardware State Manager (HSM)
    • +
  • Image Management Service (IMS)
    • +
  • System Layout Service (SLS)
    • +
+

sat swap

+

Slingshot

+
    +
  • Fabric Manager
    • +
+

sat switch

+

Deprecated: See sat swap

+

sat xname2nid

+

CSM

+
    +
  • Hardware State Manager (HSM)
    • +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/about_sat/index.html b/en-26/about_sat/index.html new file mode 100644 index 0000000000..5782aaa08d --- /dev/null +++ b/en-26/about_sat/index.html @@ -0,0 +1,1216 @@ + + + + + + + + + + + + About SAT :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + + +

About SAT

+ + + + + + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-26/about_sat/index.xml b/en-26/about_sat/index.xml new file mode 100644 index 0000000000..1303404e03 --- /dev/null +++ b/en-26/about_sat/index.xml @@ -0,0 +1,47 @@ + + + + About SAT on System Admin Toolkit (SAT) + /docs-sat/en-26/about_sat/ + Recent content in About SAT on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-26 + Wed, 11 Dec 2024 03:40:00 +0000 + + + SAT Command Authentication + /docs-sat/en-26/about_sat/command_authentication/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-26/about_sat/command_authentication/ + SAT Command Authentication Some SAT subcommands make requests to the HPE Cray EX services through the API gateway and thus require authentication to the API gateway in order to function. Other SAT subcommands use the Kubernetes API. Some sat commands require S3 to be configured. In order to use the SAT S3 bucket, the System Administrator must generate the S3 access key and secret keys and write them to a local file. + + + SAT Dependencies + /docs-sat/en-26/about_sat/dependencies/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-26/about_sat/dependencies/ + SAT Dependencies Most sat subcommands depend on services or components from other products in the HPE Cray EX software stack. The following list shows these dependencies for each subcommand. Each service or component is listed under the product it belongs to. sat auth CSM Keycloak sat bmccreds CSM System Configuration Service (SCSD) sat bootprep CSM Boot Orchestration Service (BOS) Configuration Framework Service (CFS) Image Management Service (IMS) Version Control Service (VCS) Kubernetes S3 sat bootsys CSM Boot Orchestration Service (BOS) Cray Advanced Platform Monitoring and Control (CAPMC) Ceph Etcd Firmware Action Service (FAS) Hardware State Manager (HSM) Kubernetes S3 HPE Cray Supercomputing User Services Software (USS) Node Memory Dump (NMD) sat diag CSM Hardware State Manager (HSM) CSM-Diags Fox sat firmware CSM Firmware Action Service (FAS) sat hwhist CSM Hardware State Manager (HSM) sat hwinv CSM Hardware State Manager (HSM) sat hwmatch CSM Hardware State Manager (HSM) sat init None + + + Introduction to SAT + /docs-sat/en-26/about_sat/introduction/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-26/about_sat/introduction/ + Introduction to SAT About System Admin Toolkit (SAT) The System Admin Toolkit (SAT) is designed to assist administrators with common tasks, such as troubleshooting and querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components. SAT offers a command line utility which uses subcommands. There are similarities between SAT commands and xt commands used on the Cray XC platform. For more information on SAT commands, see SAT Command Overview. + + + SAT in CSM + /docs-sat/en-26/about_sat/sat_in_csm/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-26/about_sat/sat_in_csm/ + SAT in CSM In CSM 1.3 and newer, the sat command is automatically available on the Kubernetes control plane, but it is still possible to install SAT as a separate product stream. Any version of SAT installed as a separate product stream overrides the sat command available in CSM. Installing the SAT product stream allows additional supporting components to be added: An entry for SAT in the cray-product-catalog Kubernetes ConfigMap is only created by installing the SAT product stream. + + + View SAT Documentation + /docs-sat/en-26/about_sat/view_sat_docs/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-26/about_sat/view_sat_docs/ + View SAT Documentation View the System Admin Toolkit (SAT) documentation both online and offline by using the information in this section. Online Documentation The SAT documentation can be found online in HTML form at the following link: SAT Documentation. The navigation pane on the left of the HTML page orders topics alphabetically. Navigate an individual topic&rsquo;s headings by using the Headings icon at the top of the page, as shown in the following images. + + + diff --git a/en-26/about_sat/introduction/index.html b/en-26/about_sat/introduction/index.html new file mode 100644 index 0000000000..cf9c34cbd8 --- /dev/null +++ b/en-26/about_sat/introduction/index.html @@ -0,0 +1,1335 @@ + + + + + + + + + + + + Introduction to SAT :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

Introduction to SAT

+

About System Admin Toolkit (SAT)

+

The System Admin Toolkit (SAT) is designed to assist administrators with common tasks, such as troubleshooting and +querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware +components.

+

SAT offers a command line utility which uses subcommands. There are similarities between SAT commands and xt commands +used on the Cray XC platform. For more information on SAT commands, see SAT Command Overview.

+

In CSM 1.3 and newer, the sat command is automatically available on all the +Kubernetes control plane. For more information, see SAT in CSM. Older +versions of CSM do not have the sat command automatically available, and SAT +must be installed as a separate product.

+

SAT Command Overview

+

Describes the SAT Command Line Utility, lists the key commands found in the System Admin Toolkit man pages, and provides +instruction on the SAT Container Environment.

+

SAT Command Line Utility

+

The primary component of the System Admin Toolkit (SAT) is a command-line utility run from Kubernetes control plane nodes +(ncn-m nodes).

+

It is designed to assist administrators with common tasks, such as troubleshooting and querying information about the +HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components. There are +similarities between SAT commands and xt commands used on the Cray XC platform.

+

SAT Commands

+

The top-level SAT man page describes the toolkit, documents the global options affecting all subcommands, documents +configuration file options, and references the man page for each subcommand. SAT consists of many subcommands that each +have their own set of options.

+

SAT Container Environment

+

The sat command-line utility runs in a container using Podman, a daemonless container runtime. SAT runs on +Kubernetes control plane nodes. A few important points about the SAT container environment include the following:

+
    +
  • Using either sat or sat bash always launches a container.
    • +
  • The SAT container does not have access to the NCN file system.
    • +
+

There are two ways to run sat.

+
    +
  • Interactive: Launching a container using sat bash, followed by a sat command.
    • +
  • Non-interactive: Running a sat command directly on a Kubernetes control plane node.
    • +
+

In both of these cases, a container is launched in the background to execute the command. The first option, running +sat bash first, gives an interactive shell, at which point sat commands can be run. In the second option, the +container is launched, executes the command, and upon the command’s completion the container exits. The following two +examples show the same action, checking the system status, using both modes.

+

(ncn-m001#) Here is an example using interactive mode:

+
sat bash
+

((CONTAINER_ID) sat-container#) Example sat command after a container is launched:

+
sat status
+

(ncn-m001#) Here is an example using non-interactive mode:

+
sat status
+

Interactive Advantages

+

Running sat using the interactive command prompt gives the ability to read and write local files on ephemeral +container storage. If multiple sat commands are being run in succession, use sat bash to launch the +container beforehand. This will save time because the container does not need to be launched for each sat command.

+

Non-interactive Advantages

+

The non-interactive mode is useful if calling sat with a script, or when running a single sat command as a part of +several steps that need to be executed from a management NCN.

+

Man Pages - Interactive and Non-interactive Modes

+

To view a sat man page from a Kubernetes control plane node, use sat-man on the manager node.

+

(ncn-m001#) Here is an example:

+
sat-man status
+

A man page describing the SAT container environment is available on the Kubernetes control plane nodes, which can be viewed +either with man sat or man sat-podman from the manager node.

+

(ncn-m001#) Here are examples:

+
man sat
+
man sat-podman
+

Command Prompt Conventions in SAT

+

The host name in a command prompt indicates where the command must be run. The +user account that must run the command is also indicated in the prompt.

+
    +
  • The root or super-user account always has host name in the prompt and the +# character at the end of the prompt.
    • +
  • Any non-root account is indicated with account@hostname>. A non-privileged +account is referred to as user.
    • +
  • The command prompt inside the SAT container environment is indicated with the +string as follows. It also has the # character at the end of the prompt.
    • +
+ + + + + + + + + + + + + + + + + + + + + + + + + +
Command PromptMeaning
ncn-m001#Run the command as root on the specific Kubernetes control plane server which has this hostname (ncn-m001 in this example). (Non-interactive)
user@hostname>Run the command as any non-root user on the specified hostname. (Non-interactive)
(venv) user@hostname>Run the command as any non-root user within a Python virtual environment on the specified hostname. (Non-interactive)
(CONTAINER_ID) sat-container#Run the command inside the SAT container environment by first running sat bash. (Interactive)
+

These command prompts should be inserted into text before the fenced code block +instead of inside of it. This is a change from the documentation of SAT 2.5 and +earlier. Here is an example of the new use of the command prompt:

+
    +
  1. +

    (ncn-m001#) Example first step.

    +
    yes >/dev/null
+
    2. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/about_sat/sat_in_csm/index.html b/en-26/about_sat/sat_in_csm/index.html new file mode 100644 index 0000000000..ed6fb4f0d0 --- /dev/null +++ b/en-26/about_sat/sat_in_csm/index.html @@ -0,0 +1,1255 @@ + + + + + + + + + + + + SAT in CSM :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT in CSM

+

In CSM 1.3 and newer, the sat command is automatically available on the Kubernetes control plane, but it is still possible +to install SAT as a separate product stream. Any version of SAT installed as a separate product stream overrides the +sat command available in CSM. Installing the SAT product stream allows additional supporting components to be added:

+
    +
  • +

    An entry for SAT in the cray-product-catalog Kubernetes ConfigMap is only created by installing the SAT product +stream. Otherwise, there will be no entry for this version of SAT in the output of sat showrev.

    +
    • +
  • +

    The sat-install-utility container image is only available with the full SAT product stream. This container image +provides uninstall and downgrade functionality when used with the prodmgr command. (In SAT 2.3 and older, SAT was +only available to install as a separate product stream. Because these versions were packaged with +sat-install-utility, it is still possible to uninstall these versions of SAT.)

    +
    • +
  • +

    The docs-sat RPM package is only available with the full SAT product stream.

    +
    • +
  • +

    The sat-config-management git repository in Gitea (VCS) and thus the SAT layer of NCN CFS configuration is +only available with the full SAT product stream.

    +
    • +
+

If the SAT product stream is not installed, there will be no configuration content for SAT in VCS. Therefore, CFS +configurations that apply to management NCNs (for example, management-23.5.0) should not include a SAT layer.

+

The SAT configuration layer modifies the permissions of files left over from prior installations of SAT, so that the +Keycloak username that authenticates to the API gateway cannot be read by users other than root. Specifically, +it does the following:

+
    +
  • +

    Modifies the sat.toml configuration file which contains the username so that it is only readable by root.

    +
    • +
  • +

    Modifies the /root/.config/sat/tokens directory so that the directory is only readable by root. This is needed +because the names of the files within the tokens directory contain the username.

    +
    • +
+

Regardless of the SAT configuration being applied, passwords and the contents of the tokens are never readable by other +users. These permission changes only apply to files created by previous installations of SAT. In the current version of +SAT all files and directories are created with the appropriate permissions.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/about_sat/view_sat_docs/index.html b/en-26/about_sat/view_sat_docs/index.html new file mode 100644 index 0000000000..258c5910c0 --- /dev/null +++ b/en-26/about_sat/view_sat_docs/index.html @@ -0,0 +1,1245 @@ + + + + + + + + + + + + View SAT Documentation :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

View SAT Documentation

+

View the System Admin Toolkit (SAT) documentation both online and +offline by using the information in this section.

+

Online Documentation

+

The SAT documentation can be found online in HTML form at the following link: +SAT Documentation. The navigation pane +on the left of the HTML page orders topics alphabetically. Navigate an +individual topic’s headings by using the Headings icon at the top of the +page, as shown in the following images.

+

HTML Heading Icon

+

HTML Heading Navigation

+

The documentation can also be viewed online in GitHub by navigating to the +docs/ subdirectory of the +docs-sat repository. +Navigate an individual topic’s headings with a similar +Headings icon at the top of the page, as shown in the following images.

+

GitHub Heading Icon

+

GitHub Heading Navigation

+

Offline Documentation

+

The SAT documentation is available offline as markdown, which can be +viewed with a markdown viewer or with a text editor. The offline +documentation is available in the docs/ directory of the SAT release +distribution as well as in RPM package format. The RPM package is +installed as a part of the Ansible plays launched by the Configuration +Framework Service (CFS). Its files are installed to /usr/share/doc/sat.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/categories/index.html b/en-26/categories/index.html new file mode 100644 index 0000000000..a135ff44cb --- /dev/null +++ b/en-26/categories/index.html @@ -0,0 +1,1308 @@ + + + + + + + + + + + + Categories :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ + category :: + +

+ + + + + + + + +
    + +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-26/categories/index.xml b/en-26/categories/index.xml new file mode 100644 index 0000000000..50e66fc9b7 --- /dev/null +++ b/en-26/categories/index.xml @@ -0,0 +1,11 @@ + + + + Categories on System Admin Toolkit (SAT) + /docs-sat/en-26/categories/ + Recent content in Categories on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-26 + + + diff --git a/en-26/external_system/index.html b/en-26/external_system/index.html new file mode 100644 index 0000000000..96722f18ba --- /dev/null +++ b/en-26/external_system/index.html @@ -0,0 +1,1492 @@ + + + + + + + + + + + + SAT on an External System :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT on an External System

+

SAT can optionally be installed and configured on an external system to interact +with CSM over the CAN.

+

Limitations

+

Most SAT subcommands work by accessing APIs which are reachable via the CAN. +However, certain SAT commands depend on host-based functionality on the +management NCNs and will not work from an external system. This includes the +following:

+
    +
  • The platform-services and ncn-power stages of sat bootsys
    • +
  • The local host information displayed by the --local option of sat showrev
    • +
+

Installing SAT on an external system is not an officially supported configuration. +These instructions are provided “as-is” with the hope that they can be useful for +users who desire additional flexibility.

+

Certain additional steps may need to be taken to install and configure SAT +depending on the configuration of the external system in use. These additional +steps may include provisioning virtual machines, installing packages, or +configuring TLS certificates, and these steps are outside the scope of this +documentation. This section covers only the steps needed to configure SAT to +use externally-accessible API endpoints exposed by CSM.

+

Install and Configure SAT

+

Prerequisites

+
    +
  • The external system must be on the Customer Access Network (CAN).
    • +
  • Python 3.7 or newer is installed on the system.
    • +
  • kubectl, openssh, git, and curl are installed on the external system.
    • +
  • The root CA certificates used when installing CSM have been added to the +external system’s trust store such that authenticated TLS connections can be +made to the CSM REST API gateway. For more information, refer to Certificate +Authority in the Cray System Management Documentation.
    • +
+

Procedure

+
    +
  1. +

    (user@hostname>) Create a Python virtual environment.

    +
    SAT_VENV_PATH="$(pwd)/venv"
+python3 -m venv ${SAT_VENV_PATH}
+. ${SAT_VENV_PATH}/bin/activate
+
    2. +
  2. +

    ((venv) user@hostname>) Clone the SAT source code.

    +

    To use SAT version 3.21, this example clones the release/3.21 branch of +Cray-HPE/sat.

    +
    git clone --branch=release/3.21 https://github.com/Cray-HPE/sat.git
+
    3. +
  3. +

    Set up the SAT CSM Python dependencies to be installed from their source code.

    +

    SAT CSM Python dependency packages are not currently distributed publicly as +source packages or binary distributions. They must be installed from +their source code hosted on GitHub. Also, to install the cray-product-catalog +Python package, first clone it locally. Use the following steps to +modify the SAT CSM Python dependencies so they can be installed from their source +code.

    +
      +
    1. +

      ((venv) user@hostname>) Clone the source code for cray-product-catalog.

      +
      git clone --branch v1.6.0 https://github.com/Cray-HPE/cray-product-catalog
+
      2. +
    2. +

      ((venv) user@hostname>) In the cray-product-catalog directory, create a file named .version +that contains the version of cray-product-catalog.

      +
      echo 1.6.0 > cray-product-catalog/.version
+
      3. +
    3. +

      ((venv) user@hostname>) Open the “locked” requirements file in a text editor.

      +
      vim sat/requirements.lock.txt
+
      4. +
    4. +

      Update the line containing cray-product-catalog so that it reflects the +local path to cray-product-catalog.

      +

      It should read as follows:

      +
      ./cray-product-catalog
+
      5. +
    5. +

      For versions of SAT newer than 3.19, change the line containing csm-api-client +to read as follows.

      +
      csm-api-client@git+https://github.com/Cray-HPE/python-csm-api-client@release/1.1
+
      6. +
    6. +

      (Optional) ((venv) user@hostname>) Confirm that requirements.lock.txt is modified as expected.

      +
      grep -E 'cray-product-catalog|csm-api-client' sat/requirements.lock.txt
+

      Example output:

      +
      ./cray-product-catalog
+csm-api-client@git+https://github.com/Cray-HPE/python-csm-api-client@release/1.1
+

      Note: For versions newer than 3.19, the output will show both +cray-product-catalog and csm-api-client. For version 3.19 and older, +the output will only show cray-product-catalog.

      +
      7. +
    +
    4. +
  4. +

    ((venv) user@hostname>) Install the modified SAT dependencies.

    +
    pip install -r sat/requirements.lock.txt
+
    5. +
  5. +

    ((venv) user@hostname>) Install the SAT Python package.

    +
    pip install ./sat
+
    6. +
  6. +

    (Optional) ((venv) user@hostname>) Add the sat virtual environment to the user’s PATH environment +variable.

    +

    If a shell other than bash is in use, replace ~/.bash_profile with the +appropriate profile path.

    +

    If the virtual environment is not added to the user’s PATH environment +variable, then source ${SAT_VENV_PATH}/bin/activate will need to be run before +running any SAT commands.

    +
    deactivate
+echo export PATH=\"${SAT_VENV_PATH}/bin:${PATH}\" >> ~/.bash_profile
+source ~/.bash_profile
+
    7. +
  7. +

    (user@hostname>) Copy the file /etc/kubernetes/admin.conf from ncn-m001 to ~/.kube/config +on the external system.

    +

    Note that this file contains credentials to authenticate against the Kubernetes +API as the administrative user, so it should be treated as sensitive.

    +
    mkdir -p ~/.kube
+scp ncn-m001:/etc/kubernetes/admin.conf ~/.kube/config\
+

    Example output:

    +
    admin.conf                                       100% 5566   3.0MB/s   00:00
+
    8. +
  8. +

    (user@hostname>) Find the CAN IP address on ncn-m001 to determine the +corresponding kubernetes hostname.

    +
      +
    • +

      On CSM 1.2 and newer, query the IP address of the bond0.cmn0 +interface.

      +
      ssh ncn-m001 ip addr show bond0.cmn0
+

      Example output:

      +
      13: bond0.cmn0@bond0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
+link/ether b8:59:9f:1d:d9:0e brd ff:ff:ff:ff:ff:ff
+inet 10.102.1.11/24 brd 10.102.1.255 scope global vlan007
+   valid_lft forever preferred_lft forever
+inet6 fe80::ba59:9fff:fe1d:d90e/64 scope link
+   valid_lft forever preferred_lft forever
+
      • +
    • +

      On CSM versions prior to 1.2, query the IP address of the vlan007 interface.

      +
      ssh ncn-m001 ip addr show vlan007
+

      Example output:

      +
      13: vlan007@bond0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
+link/ether b8:59:9f:1d:d9:0e brd ff:ff:ff:ff:ff:ff
+inet 10.102.1.10/24 brd 10.102.1.255 scope global vlan007
+   valid_lft forever preferred_lft forever
+inet6 fe80::ba59:9fff:fe1d:d90e/64 scope link
+   valid_lft forever preferred_lft forever
+
      • +
    +
    9. +
  9. +

    (user@hostname>) Set the IP_ADDRESS variable to the value found in the +previous step.

    +
    IP_ADDRESS=10.102.1.11
+
    10. +
  10. +

    (user@hostname>) Add an entry to /etc/hosts mapping the IP address to +the hostname kubernetes.

    +
    echo "${IP_ADDRESS} kubernetes" | sudo tee -a /etc/hosts
+10.102.1.11 kubernetes
+
    11. +
  11. +

    (user@hostname>) Modify ~/.kube/config to set the cluster server address.

    +

    The value of the server key for the kubernetes cluster under the clusters +section should be set to https://kubernetes:6443.

    +
    ---
+clusters:
+- cluster:
+    certificate-authority-data: REDACTED
+    server: https://kubernetes:6443
+  name: kubernetes
+...
+
    12. +
  12. +

    (user@hostname>) Confirm that kubectl can access the CSM Kubernetes cluster.

    +
    kubectl get nodes
+

    Example output:

    +
    NAME       STATUS   ROLES    AGE    VERSION
+ncn-m001   Ready    master   135d   v1.19.9
+ncn-m002   Ready    master   136d   v1.19.9
+ncn-m003   Ready    master   136d   v1.19.9
+ncn-w001   Ready    <none>   136d   v1.19.9
+ncn-w002   Ready    <none>   136d   v1.19.9
+ncn-w003   Ready    <none>   136d   v1.19.9
+
    13. +
  13. +

    (user@hostname>) Use sat init to create a configuration file for SAT.

    +
    sat init
+

    Example output:

    +
    INFO: Configuration file "/home/user/.config/sat/sat.toml" generated.
+
    14. +
  14. +

    (user@hostname>) Copy the platform CA certificates from the management NCN +and configure the certificates for use with SAT.

    +

    If a shell other than bash is in use, replace ~/.bash_profile with the +appropriate profile path.

    +
    scp ncn-m001:/etc/pki/trust/anchors/platform-ca-certs.crt .
+echo export REQUESTS_CA_BUNDLE=\"$(realpath platform-ca-certs.crt)\" >> ~/.bash_profile
+source ~/.bash_profile
+
    15. +
  15. +

    Edit the SAT configuration file to set the API and S3 hostnames.

    +

    Externally available API endpoints are given domain names in PowerDNS, so the +endpoints in the configuration file should each be set to the format +subdomain.system-name.site-domain. Here system-name and site-domain are +replaced with the values specified during csi config init, and subdomain +is the DNS name for the externally available service. For more information, +refer to Externally Exposed Services in the Cray System Management +Documentation.

    +

    The API gateway has the subdomain api, and S3 has the subdomain s3. The +S3 endpoint runs on port 8080. The following options should be set in the +SAT configuration file.

    +
    [api_gateway]
+host = "api.system-name.site-domain"
+
+[s3]
+endpoint = "http://s3.system-name.site-domain:8080"
+
    16. +
  16. +

    Edit the SAT configuration file to specify the Keycloak user who will be +accessing the REST API.

    +
    [api_gateway]
+username = "user"
+
    17. +
  17. +

    (user@hostname>) Run sat auth, and enter the password when prompted.

    +

    The admin account used to authenticate with sat auth must be enabled in +Keycloak and must have its assigned role set to admin.

    +
    sat auth
+

    Example output:

    +
    Password for user:
+Succeeded!
+

    For more information on authentication types and authentication credentials, +see SAT Command Authentication. +For more information on Keycloak accounts and changing Role Mappings, +refer to both Configure Keycloak Account and Create Internal User +Accounts in the Keycloak Shasta Realm in the Cray System Management +Documentation.

    +
    18. +
  18. +

    (user@hostname>) Ensure the files are readable only by the current user.

    +
    touch ~/.config/sat/s3_access_key \
+    ~/.config/sat/s3_secret_key
+
    chmod 600 ~/.config/sat/s3_access_key \
+    ~/.config/sat/s3_secret_key
+
    19. +
  19. +

    (user@hostname>) Write the credentials to local files using kubectl.

    +

    Generate S3 credentials and write them to a local file so the SAT user can +access S3 storage. In order to use the SAT S3 bucket, the user must generate +the S3 access key and secret keys and write them to a local file. SAT uses +S3 storage for several purposes, most importantly to store the site-specific +information set with sat setrev.

    +
    kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.access_key}' | base64 -d > \
+    ~/.config/sat/s3_access_key
+
    kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.secret_key}' | base64 -d > \
+    ~/.config/sat/s3_secret_key
+
    20. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/img/GitHub_Heading_Icon.png b/en-26/img/GitHub_Heading_Icon.png new file mode 100644 index 0000000000000000000000000000000000000000..7fcbbb3a31bc6f06161da04ff1ad374e229e564a GIT binary patch literal 5945 zcmb7|XE14$a1d$hDsltCgv7L>MATiP=*)n)c2 z8M$oHsqXKc4E(+V+pNGwgKb)do;rx{A1V{wQ>OT>oU&P(ahV^rx_*hVNzg}IsIb-! zc#>~i0wW4vkmpA_Y~Vp-&3O}@_zSF}Gzzv1J=rr3I^OeCrCe!x@uZVTHDOYKmnSAG zi=MuJRGX4=$ggu7d++ONkMQv?yb<>;Te%0hTlP{Vvs*lNIRU@rx z%HoIFvk^&M?6Q(9G@i9W14O(WF{94K#l=xwi|lW*bEZ2Dxs%cVzM6=M>8@ji%r8u% zE5b#9V8KXW=ve^%54bTeCW4;!V?)CoSy{Zy*uNeW>IpJX#}-fc-62+eEJsDeoA>V= z0|QkRN+F^D$=7@gfER04pcF~N^&~}!DAFzLHQ@ftb{p(Um>E^DcHUf-zt~^ALsn>H(bwMST2WIoG*>6frxABsDTHIQM}7bqzF*kU(UE2C zwaibd{`R)CD;GlPB6kGFF%%K`IZysV?Bb@IISe#!<5F$_=NElV18%0cS-fNw%vzKw z5zv9cvD*04JZP%!&t~y`%vSZvUXuJAibO6smho zFVNW0Ms3d;szh!3tuw}HgTSC!PK}xq`$_3fuj|h_Q#AMhO5LxwE05c&_Eu5?;%GQ0 z6Ecc87JCo4zzD6uHlP0NvzW%Tm*s4BFnIJo8tKPq^^I^JIkJo-YXRL~M(~{h8yp`6AE?Gdw_@h=-S&@HY@}Bo~I1Y%el_{82bL5Km ze*W!NC0*oFO1J}2*2BIo(m3P=Z5*xIKZC;*Sv^=z+D#c@66bv#-hERRV;o#IARjS< zF|gwH4%kG1<_KYQ(?Zb-f}5Zi*l%EE&r;t02QP(r9|gA7Pq^iA*Nc7n`GD^9T+-rm zk}HM;g#FS<{>WrkojsTE%z?Kt#<$%`xlD{7(gY17(Xwvt!Nx8HVK}CxAJMq@V{qVh zOv}bpjdkPL(UBh&&0Z+nIt)oC&5+R6p1}*hiX{uT9_f#d+A1RT!t$N%_K4Uwetrka5tb=vFES(7Urr3?lZYr&Q$xJkLbzOVJlUr4wJT~vkeY<9H z^fLY?nTBVzChRo}sDC6wS_>OdNh4296n^>eiV8Pxu=6o1*UqhxCH#bwmO=X!{|Ahm z9%a5R<4+V zB0NZ?iV-{7AK*{i%ldozp76wKi&uoX-D!Z{Qaurk?j${>OVOO8U$;$Hs z`mloJ$y&>HHyR3~?Ht~hmn!lKEK*R}Ftu~dJMt@cJ${DeP&v8Xa7-hDjltz&)riH= zJo<-jR|ld~2%Lnd^QFz$gsS761a`l;nc13gMMiGEnp!WLr?)%euD%NNwmEDbu0iA? zs;@?P9#=aQKlHE&Q^6=1OpNi?T(jgqQOhY~wo-vsvFvY==?j@0I3j&glMQ(wO|n+p z;r>4#roxxCr=@q}l|5T8U^D0$Nnz2h`QEU$4Vx3}(zC!orU8wVSAS$B>bMx0n<3oS zReMQx>aVYQXGb2m*Z!DuZMRyVJd`^)I{TTNtN8J(=2<+&8tjPvV9=X??JqC7t0}v2 z9ZRaIuxuoF@#S92Z1<@2bG&bhV8V*OU_XO2%SvcgioSR2wC!#~2~uTE_NmE4V4Yf7 z%G0XIAE&@p<`YAnmN_;ww#enWd+P3T$FBZI!oFJ;{Oz#S@*eJ$tg@-8D@fPf7iRD) zMFye@=l0 zT*_$YV7k;e*cHX$ekDWAtM;T!G3$Bro5OaN92pByq1bnZuD4qc9~AT1IV4V>K%cbD71c_A>9i&=S2G{(@^rWMCH4GSZ@_#vHBMcKQ+ z(Y3>!&XLJeO{v6v^Slg{z)hM=oE|I5yim>c#@Iq`|AHRNlgl)?!BuEUDT@uJCyu5P z0k4#YWwC|OJLrLPW$QgV4V}4$oTY$4hmy&2iMfwinVFdlkdM(22i?3StsPxp*B=*| zHVWV+FHdWX@Z$Du`|AY1pOvpDLvl;291~a`WsrHJ?1NhGOv1WrhbDR&x9MA>1RH#+ zB`lihCPx+^y4meIkZ#E*xdYU;&_R=!sB-h4bR2% zZfb`b#KpxG9{~d+$Yu-!ZqYoA zM#pgxbrWy8+zO)4?~gYGtjo&vKr+tO1~#pJoRr~5U!OVLyU25~-YL59_K^RAN>98% zXUqxS&(=Y{28$C#KFzy2VT_-~n^;W;kS=4!k_*&P9}HD^mh-Q2Z0yPcBgf)|{-Ar{ z38G;Iyi@x(_nQO=n3ffWQ>}8@`zXZIQP|;NeLkF4SzA^Xr(Xcm8~pGfg;h4vfltGC z-H*1_Ys19GCRL-v;aj=`!Kl$do(eE%-1 z;9@)I^y-=BAmAWJIuwPhSTtp1YJpfkl0FmuL{F<)WK?KgwOxeMSTDPGFnlW+?SG5w z;g4Z`2Gs!4tWkBsLF7_e`g`5#E`Y~Q;BNo+Xx{&Zl>euv|3%6FIjy}ifu45IUeX8z zdg^O@+blc#ZcWMIKbIMcrs|XwD=RCJR{N1v2oYI-|H_IAH-Ao6TFMm_VPWC>qBF)$ z)t~2kQV>-yt;L##rhrrm}9|@kc_?bi4H~)o+51Q zQA!~SNNcIBlUePb=x5CT5T$BFmzN6(XH&3Ps0I zIJa9_S@~%TIwv1hS0^Fsy|gzS_<)i6jg9~ki3|z}$t);;s7hhPCZD>11%G|1*LO9DzwiI^+F>emRzQ&a z>he;OE%gl}^UuB5jd4Qqpiz>sy6Twn=+Wuf8K?FmJmdz=Kd^YVMD zX^e8=p&}32ZV6^3CjDuV(A}rD`suBvyc|cR06}WAqt$X3Q1G|V~FRg7FSSS&dM9JlL&B)Y@ zVAWJgpBp=UJ~g!@1W3IUe07f@TgPRp>#4=`Dy;Ki2qNHjdU>sQR)34PNoN6z>3zl- zhzh=nPcQtpu_H2s`T!|rhqAG(Sj#$QKMh%4qJ0H2X>M-zoctrgNL@8f)Yj2aJPRI0 zp?VKIF%r5bKX1>6Q9jOe-9&BfWQ)8$p6#^~J?bM_84t(GRmJxG)#M_xhl&J3?$(%( zd5mRJQc~IvjBp>J#0sF0th~$^6^iFovw4qw^YjbC(BSs;r_t5so6#m^fD>loo*tN} zuE8({lm9oG;%r_TRTyB_5d6Jt(rZC6`FdLv&~oK34d9I?U&9Qyo+c$xk9Guo-thED zjfvRufpv#Az8<3PfZ|u@aCLrH=Yhf^BEfzT8ao*7+1q@dF8?hyrI#F5HHKBYTLENu zh|y99ctir*H@Bx#0+1R5#|eisw<#n+2pMm>h-GD=rov2g`uSfcIpryD-CF;eEn*`B z0JM0WX=aVEE1$JxSxqZJZnjlA-yk=>GmU|88|0Ic>0b(NqHgEUyxE2;e6_o2d2cA= zwTcf9YE;`r(gSbTpfIjH+y%CJ3AsOtJl)584Y@Pz?6mb$GluHK9d~oYF8?OJs}4DW zx3#z9HfNL}RzLIJ4g4h?r}jvNb~Z5KO( z932Ow?Cg|t>MSEamBo2W(FVGO0*Hx;Ejtw6?d*Uva|DY;?%OZ-bSrQ%#ZKAVgBS%(OcLMt4sX5bf6OyJ9lKB~MdL%gnvj z&xSmv;;)mGg$yD|#?B6u^Iu-B;w>K@J`}M%XK=+93FH_MFZAz@Wr2De$+Sf>E2}Hi zS5{T0lbnt2TV}kOS=px|hyvs%6$d8KPOK~XzWuLA&XVS)cE_|{G{jtXbzRhM3K>r+ z$cMuk!!Hh_=}!GFnDI869?p*6xPnq04OZ{>^)-k04pe#XYtR`5q>>a|=g9VU#5k-v zUe~)(!za!exLwwz1NT(Qh)0BIi(E^I%#0o*8SgBi*uxAq6vZNlAAnF|NdFQ z6{tS~^|&0pL{I>}3>JpnpZHy4(E{Y(ZdFfvH|~tWeAteRl8O?%P68c;u2nuSB2Ieo zYy7h=qdwPY!p-5J{0E`8X-GkzexrMlk=Nv~AMMK@Cq#sW9e;l@uE}AQ^J9D#yMHtM zQpop50RwCMb{{~^X*mJ2iBCtUi2zsb=&oad=;hqc z<8RB;Pdcy0FZDSxA~!9M5CVH0C;Z;8@*KoNA4cnzGEj1y@FOEF+SC7v#eFiAIvo-w z7D3@Ev+d*yyngh3_YWWb<}hF-YGPU8G;n^rzXVx^U2QRZ`}>mlEI9Zw1m_sh8C7bi z0tmY}_JAtpJQvOuwMOa%wy@t1G$ zZq?>Y8^oyse*Lj($eZ*RH@hvHs51fkw_DyZzJ!6P5$muKONluEBfV^ z&6U@eRF|C??$7HrmKT?wpeU~s?7ZiCO$*jGgb6Jf@I$hzt1IZh`{22$rB?6t73h6a zo?kcegNyDI6XTDj>!uoO&yFz7)m&Zx$6`HVtDaR4dBdOF5M$U`5nhevzR z3b9GKzN_skQ5Tm|QM(Std;{0U5cw=U8c0K6vTI{4E^5raem+W$M9R0$7HK%)pX}9}2A#Tr!C%@ax8$#Jv-`vImgzB}~9(#0B00HV=u-{=xeczW<2 z3y4_)(k@TeJeSW9UEpasr>cE%kJp|rC-0qSm<(1=qPMBO5y2zsjOQg({Cs?UxBc*p z^{vwWp#%tM3P#Jk(=+cZkLa#lJh5|Zg^e-1>g?1(DM^M!d#e+=3pm_qoe5)xD7-=Y`;}^bU*Y3`m_Z` zV(#$~chpk_v#!6Om%Or+L-!e}6*}ZJ=$l%WYvp8( zP2Yu5uES$MSLGw`O_-k0J4KwWJ(~^w3H$UFs|MgvR_3-Sy;EbJOyIBN{Yq`Lsk_nqk^39Q$=?6qVlGy(|c2ip4cbp6t%n>lwR5 zu0`YLyTWL?(fdPAH}j!Owkq~K^PVr_zm=-0BuqO0@hRtr2%D8ed)mI$1qoo3 zG4S)lD;q6mZOX^!zqRx-A1W$TkFc~UVPTcj`-Z7?`q2I{q{_EG-xBxrC6?(Q(SGX!@C?ht~6;O;QE1c%@qNiVp-7^=fHp^vrcdNn+S z=frTFHg^raO(mBpz{_|LMFGkjD60?4k%+eYbF?)f4}2rK9uW3ngVv2y(*b7i4_r&jrmqlDV84cWU!x zvxdiVB(@L9?{R;Gge2#Dq>eTGDVMpvDoK!LYxesUy2RbR!FEhY2nII_eatI<_tSSf zJ8QCa9B-*aOoVV^6s3Hnj3Y)Dy@1;%At!_YKax9Ci%)QfOxGrO`L`^EG9b?*D7eR4 zaBzsyJcb>{vW>LQm(X%EggBO0MP4X>`6*{|y51iFbnnCD+aOsmn8j>3edYRO4Hzur z(Y@%&GeZ|BwK;;P5eh*!3p?E&N@jh$8!roRkIw4{bEA$C*SIM%kUA#4Lf+4x9FChZ z9=>b6(T6rp{^tdG~<&pwE6>jv+ZL1Vaq$!PhcDd$ovjzEeEFdqEK1aD9|!$eiW$ zJ(bUyJ~xj}CWERsn#^eTkA+MIAEyD4_3ocv=a-jJv#hU~X73WqtFjvWGSfiQS9kT7 zF!qW=Si|Ax7AvOn^}mu=b&~t^RBZr7qsew@a4V59V-+x*^ z`onRP72aZ98Tq(Mt5T;O*OL+xU6us$+}kN2fwBBY#&hS_K6(eoD=uz|W9KcUh;Pjc$j5* zeBd@ZLfd5)!*-a3=chMY+lWL5)Ykk=`N zcrlogl5*?!I^CDPdu_ReD^QZ7VB)VYah436zF{1s*BkTuHa7&iXQaWQaVd$Zn3(1_ zVXsLA+`i@a5V-AhXJt*;u)sGR?x#+?i>Fe&%QQ+j+!t1sGdBiCEcAp+8+Ykd%iPl^ z%!ZE_B`7vVX|u{5xAxA@&qwjR4qPd`SSh{Z9BH@G_S{Znxyi`om#xau$S@}vQ%ovX zDrKuZ1gg1|kyxQql120Vc-@5*IT!;@T7$mO z%E!2ji4{YCuxhH4E=>uxN`^@Ic%Y52IEC3B-}`e>Qw<1||H zO_hZD6~#kuir>-k6}ETi575n%Gy$~wgK%iC%}1?ITodvc241GjalA5zH4{9oFu`0_ z&T*mpYbtWjbFdpQ>AQn6NLXZiT}D1eTg$w+BExV09ul|~8m)Y~{)JI=Q0E^QACKcE zMiGUllX}OiHfU>Qqg#@ys*qKsv4(tW^2+FaCbo2?Se&C9z8 z{59&?|5^4s->&Ihp^b4FBp{G`>32z->+x^<XI~Sw?SF^DD2z3^ORoS z{7tf;yy-s>(;Id>dMn38I-G+DSLK!2P8$ImOKZ4o1hd}k$}Q>KVVSjFV{RhExYe?5IYA_wBP&@p zOENo)t|tw9rQuD3E1khJh>0w$#sjO;mPCfKM*7v7rxZRi8?LQSM_F=p+$UAE9c>&g zX0r*oZAoEwOT=>NJj1RO-tkltjrE&zR_^CbMLR;yVUsX#Mw1*95ZH3{d}jiPHpfTv zbw7g$JSgwXfa62)fj_a+x*oV^DKcU=^PQ#EonSf<0JBUXNER zjNeGCaVCn|{hE4x;eJct@`A7RPKjm%bMO7g$oDFDGAnJ42D3@_P0%$)!jQB^lh0@q z17&P=mDxzDCa7j4`}RP7<`Rmoe$m}@9nK53^ICP|S?Wg9S?j+G7brzVp2&jfAKiQQ zGpVxDlfF_+2m9)Amai_EZ9l8kiIb4fz&e9sS{ccX zZBYnOs6qaVX|Cn#S4j?gVc_G@%ZJq|=rwNi{aMoX zEtngvZ(r*$q2-}BOBWQ}X#+le((AtH__e#rtP(s8{n;4asp+!E=jGPs@MBCtI=uf@ z*p@j9a!YsA0%xvUZ2f8iL(ud_k!^TJ3-)A-1S{1p#^g%woY>4Ctvz?>LwG%T$tiC+ z#i>s7G(#xWH{sWA0Bo9jr=_a*xDIWAy#iUgE`lu6BxWx{TE$FsU6|m-my(A`zdg{? z31{X;bJ8vkIL1zJ)9N-5&_`t`Fo38sW6wuzRSR4{_NJP9ljd)9rHBVcvOG zP?Ku~rrGR)nHJX_1VopJC1qQ6QD)_=CR^qP?%_44rprVnoWQ&62ng{l=MF%;Z}W`? zt@^~7?=?S6aP&tIVs5=3+be770e-oT{kHl5etEOqiS52uqPpODx$J%<=rM8z`c5K9 zcNaK>X`k4PbWpa^ZxdL|Qmfe98o0p4eL!KN-<0>2)CzTRNqp+r(XpfR?fc9)$$P3j z^@hB-h1X(1Y#ZOJkW?K=u}`|{F~|>DCmKqsTbf?YJBt--Z?D~$VjI6!^y0VHs!q@` zO~uCvUGc|W+EUqaxolkovEOZxH1X_SowcJKbsm{u&rG>f6vPs-NnN}j``q}j6#v@R zIATskMbrY$m#MB2zy$q^YsCzB%3ITD&t|1!K|uyw1Y*rG_CD)6+)cC zOmBPI8*Kd8v!7S7XGN%SzJ)08-^A>h-XVeLhZ_}vZ5kl7d14FhiQSAtT;)r#AKC&IxV_O7^7S&y&Dvg39!|FZ={i97d}N9HDI;m%`p)=wJl*I#iNN6r z8K8Qrt3NPjIza*ojjyx-j`~58PvHqEkKNaE`?dP>ap_07%iQ=GJD5lgi1J3OU7?Tt zj3D8T0$BaKnk7K0C9^`1@xucF;u@Ejn7EpWRhE5N2T)XVwt{|cKm#BSU7>(3`X!So zkV5x`Cb|$CTr|m-UpF~FKLGUb7=GtZoE<8}@(V*H#{w!QDk>iScF0u7VLe3XTKsJW z0S-<~3|m2L)}w?y|M`&`=(}O;zZC5YW#EXChE5?AIGLRLzn!jQ zSInVbNJy?i<5i2RL?brkmf*bER)iCQsOY;uuNpw>uMyr2HQ7rJcdDbwEcP ze2G91fh0Y5YBRa46}+ryKyr`G&-0Hj;^OfB93LM~=CP+t{58?ne5omPe=Gtl0FL!b zps@{Y+K`Qe$6G~%ZodHnkzOXW59L=~T@vv6^hAQfVSihZ8G0)9*_9(pRn}hpomO3Y(a7;!t1?(!ROu5iX}FsAfb=opC>GJYit`uZx;u-G)2y`` zL2up`BD~mTaXV>nv(oN8fHlU*`x#hS!(W#PCjI#Ko^mSySV!;9VWkhow|PmJ7K@$1 zLPVQOz$nN8D=Su^w`^X*ZqHskJKsBnU#irMn6+qK_q1_ohhai?K&yw0Thk96(q=W% zG6*r!@{EdgU7I{kn_f%A`bj(=qR9+_j~$^5B*G)$4kT5=M+fe`<=sRGNPmX*6tT9D zx`)@0CsQ5mL^P~<*lIz1X=U`i-g>QJ^nGZb9kA+RDt_(}G+(Ee>CL1j)lb?tmh?{MT7BoT+KYD-kA~pv6PI^> z%$=maZoOZ=P^h}rSHErF2j%ZGjMmVW?-rxfu{n>R|7pTTz2)>QK+_bB%>%ZOq_nBf zr2eKXk!;h6+;3Y9Zvx)axOAeyN{ty9ai+r3#!}}!c*tNXN)KiJbZv>FO*^mD)lKk2 z>cj>50<MbQ*{(rPZVM{iJMOvf5nt1T`cT2oj^Wj#U zMLF!e>*C#9)?IJB_l9Msr!P){MUpOZ@Df=*KU#@4*U$*|EIlZ!0%|9u!D^KCd zun;*64;;werI9W5uKQeH9*0++)EG)|+Inh&_sL}Y z08KpG%RAd-&a4!ZW!gEp)M7f0oBzB61LCtZIVSsVN6pRWY1JmtEgKyF^tLsn{fOl+ z=(O|p_RBgdO8;yedK@C$HLt?#;WYLwwfd`tKC+%B!~$kB*PZU+_0+{mH}1j^w|eLt z_TbOP$jXrgeDzCiiU5g#Mo4>jq@9Fhf%bOq-7deAH+4H{;j_ylw-feCPx&M&dFc+kPf$eS&F%*)MBE;5)=9I zW{7|jCo&;{;|}|6W>5_JU@rxvZ$nL2QoKhLA<@X=yc_?^{V8xSMNLg&z+UQNcP3t= zjo4bl27Q>!e0<_2fYna-mvu5}LKy?asx&fvqoU3@4aw4roc}pi{ijdnLP-)&y26>N4=+Yno_pPmFMg)}I7_1`NUljj zFW#6W!d>JS2|mno9uP6cst8R7ml}EQEw!#qjIEeTo180MRc<8tUe!$p)hc(o$Y0ls z``DC4wv-USFu;3BC0g#*lKYuv%)d4zi*6@IqlIVbw{hAvrucp% zbcg=qgZ2Kp$^wKX`PIUUQf?CW)0Lh!N|QA64DeGubZn3|fve+?ykJ+=d@ZWK9!(+{ zzXtmru|u}rcgu%aOQ|{=YNt)UGP^G+S(3vCAMZw8HAHd0^vjEO{HE_42{^2Sq>Cmu z23-v66BQb<%v+)RmnAK`RRm69$-_MPA7b}4#?2)2zXKlDM( z9=!QZ>Y^zEpTTfjY_dbycr=3k=3WKcy&37f@S+q7FP5!)imFaB=Ik1-?iX_Hm1$Kp z^{{OAP0LQ92KSSS4#GWTi6&nRht|d@>MBE)j$#n4D;BAjCj*I#8_#DNcbGO`8(XA} znqD$;eNcpb+pH~uEzy~%3Zx8pCXt<@G~_vNhO@v; zH2=iL z^FGof$g5Nt%b}vdEZ6%vN0xv0QT3`zHMIm$2v)u#IS_zuzRg@%p;`+v@p_P;{>T}n z5@?JH(>ja8my4EeRj^2@do@2VU$sf$IzDUkb}MsKNX))??WXR|cqZ{wv?}eudGgLr z<=#JVJ>smQ&YhvTI-x}<*}hXLEbdU&`pim=1BBNITk1c1%9wUjBD-)Fh_UT-hLEP= zW~6-nYn_%-WNqHv97`a8Iho(Mq4ayKMX{Pm%;#g`SO4X4qw!)jC8;z{vf8D_%86dUYC zgg=I*n}Y~?#t!eo+DuoJ-r;%$b$_(NO>{FT3`k@WDUNZ<3~|ruukC=RB(S0|~?Ql)`L(diNmcqb zG&iuqo)dkXGw7Y5s*p-YmH$$lv2*3n341rJ@9jev>EV;cq(KwZMK?Xi@g?rDe&OK` zVQb#HlQ$zTU70;GxIHeLh65f`+Xw`WEbut zs}J;~@@?oy9vaeU2-cJ0zi}`(_nkFeo-UW5tgA8hPM1HQmPlDAfQ8!lyq&)<31Z?e zuIIAto$x1;65~dGwSASnU?L{qLe-#UU@{q>wo{0;IHwwhFv4&rY;Cw1=ZkIKI zFrOV9=Tgmx1$xzPk)W)d{dsbHXKWb>#pq6Nqbn!L(g)@= ze`mgLF_QPwRM8D}624OJ62_TRAnr$>U4_@Z%;5W^%||V1v0QS>Ne*0Fnn*Ow3&P?P zB>A-*y9@UpntYVIB3w!Ob&XeN6)7o2oNleS$HLJErpdKWYKi#^2iHJ|-NaE`&#B$s3!Rc->b6b~XW04e+pfz=Y^Bd@HB}x~Ft_ zBJB^jAmbAg{Xq7v05&pPWfr`Uz6l6i{a5*-qLe_2*)g=+un_Zade|LDLnjj&()BGf za~ODy>F)jb_GfYNp3knIM2-KjpYba_YTsBPxf~z`f0BGd_6yLvZ^s@p<|irFk4He; z|94J<7DUuoT?K5BeZ1@ucKBd%oFL)WYVy453cQv$eiUsE!`*=$Ddsx~4xrS!T~798U1&Xd)N^DjQnWUex!pwYfyKbbry)=-yPv z6s;j^5{#*Ml(P!l&Nasu>3WME|qY z!o{B=Mw-S!S8kA3P2ko+^s$#TdXtvs%;G6Mh%pbw-elAQh7BI7O*^WYkBwjOP)+#+ zZ27}rz~}atPXC(J>agKO!@-T%BdQ}hy8tfG;*tmm8olg{fRoN90iB&Jho%_?ME7}f z)Mov;x4HS|Ke*}P`9lyAuxExMtTr?cPma}jDKu<4W6HWQ^XU?^etA*born~nu%gvN z1JFDo$gIgi)}2*m*cal|mTS}{y7$Y8e#pABpg&f0z_V|StFY5F3Nzg>R>2yZ27Tvz7-CkZDyqhN-y!X!XgdF2@;M4wPeMyqs@^GM^ z!g9)ky|{=dx8v&N(=;5(4x72hwN1z645MKWdan@LSDuDUDt+wRe3a0HOtJ7xTKJ18 zE6Mljulsaxw{F5N()k%j#t)6B-b+AF2K*d-Oh>*7dS0@b^jN=nSaL7^N6w482$IsG+Z@RX)IC zR90wXDr;L!Oe`3y`glBh<+5Fm7FE@7s>MT!t$tbqHoaOU+P`Vn=|5`fd;b`~I}g<* z1jYUy#vcRjPeU}wZ|Nu?$Q-2@UiC-(ZV|KG0>}a#7fHZa!eLl)KU&lLthe1938loN znmXD$)s-TyZjlZf9Z+R%D6dGQAXhLR>X*;zihpdQL22N=ZF?iMj02cYdvz9+$}EU{G z3NU+h1Zslq8kmWe{8z>b-)A>)roj--`mt5Oh&WZ3ryQLP-_L4;vxZE*V4bemdB5jB zd=WnmIku{#2zjAWp)0R{7K~;9&5j_teGwQrx~N*}K9NW6Z$*>U0Cidjak#GL&! z4S@mHI#X$MvR+dKb)FpXhr-PR@4@%YOaf?qxlNgKq*zi~LhH*&WmiBUNn<7m9dt~` zN^3C{JM*c(b@upHNQjpUga2iTli-Mij5;*UZ=a5ozrO4Uw&I}o`Hd5b_|rJGy9<_% zOq+@k{}UR&@rzf(bG>qlPw2Ov3j)$rsSpToYORf7a4jy5CjEIN>4$hI;sxS(Qf1#( z1J}!jqU;sn))XQ>F^b)GkV{7BiaemZYPQbNjhwXcMx_417vBZ+a=)Dc#n&O8X?V{o z%Tu?(cQIURriGB_62EMpw`Y|o8y`9%2&%{3dfI;F+lpr8fz94|d|M&7M@M`ZI;$lV zfTmi}WTFC-?!A0QVQ2{(jQny*wCPF|)tLs}93iidq)3GLC~VZzaf{oc`(YoPi?i^i zbu%$Ba<#^9fBH_DqdrGH!E!{lBNvi>WSy1a4;aK>#(P3{m4-L9(c1!&wEE0FsBB3% zidDaOzr^8%k)7Y%wzxdvu8!tkZS~$196Mu?cZrICGW)OG<8|R5S_%OCa-94FJmZeF zX1PsoDA_Gj{(+t+JBNqlJIsLjsA&q3pno)O9*eKGs%u_Xh^zIi!bk&#l^*Z z@qA%`ATlce`F6rYJpkW+{Nt-z{Fg@hzj?9`CD$(!5R{q6YE~lMpIzxWe{+rP+OLM( zm}1Tg+Hxg|LCJZ9=B>UgHPw^KVUrD~F1w!G&g!}Q&zI|B)X4EIq`jwbing3NB$_oE z*E{W{b{FBj@-@P{cYmP=ewrCAN;#}Tf62)SbisH~dN;}S(WIDMub%#vk?>~Xt(1XF)KqC^cyeT-*0NGlxKT`4ffXqb3B=d}rKRO44dL%o zL{-XLb{++Tbze&YqTKRQ<^-(o@l#O=O+pr2lzCazgY3?k@EAo1;U=WiB>SgqwG>N9 z`m;GMcqJ84vM}}_XM%T2)5Zbf_oTya)Z+!Q@&z(@RsqzjH9UK4ZRSSlR^Roq)<|KW zW4uH3ZX+23F}-AP&uK&VQZ#AFE|D2$-jn|k5>4pFB`vD=CN7Z8iF$g?duQ;F#DA1Dkr%%ll2Gm$#jY&1_ z2W8GT6-*z7Zz{e)UuI$^((6D-x^WyMrM}Z?|32S%rBC#yJ-Sm>*f#B?9!7BJXp?D> z7U{->@@g9Sg5Tn5zK@fXU&7)^y>45kdCQZoCe#RT9U_6HSq;wmVru&ix$_gtF0%y| zj@~Zwzot1<#C)xuf|u{=H{{W8E(PXp=Z<5**uk;&2ejLGUrTrvOyj17?+ba(hIf-V z%K8cF^Vf!CrR~!Hu5KVKb1ho&AWwT-I`I`jTL#K1XhL6~cq%HwpuZf}IGN2fQO+D0 z-O@1Tzo*h9QD~K}BsD_=&5}^00!Uo;yQ3+l6PM9+@8st0@QY_L>~Hu~Uojn_dq187 zr-U*s5SCtKU+t-n?W0(kF8de5{?aC6n5tXmc2`C^<_Z$AoJ6mW@Ghlie>P(|*Q`HO zjI=v5X)EBuxju)eJ}My5Z|Op9Ms1E9)WWAaqv>5SG)@e#1`5(Ce?oL!Fz>l|LZM7r4axoTK({ObZxC zs{Qi5N{L7ov%~zlQxl9OV&i}8@z(P3c}rGj708QJ8))e6<1E%!mTR`DS~rW7KbtSV zr`=ij0;rL(JP7ZZp9x`@KlFHjYs@lBvMQT&i%cd>#kTqRmZ#fsH;D;h?RWOCz}iR0 zK2P|FY?8I!g#nr6zdi3Q%;?S@1CE4O-s)k8vi1m@$~Ozld&lpWMi>3n>k`CIr?V)MsCKW-Hi(3;W*!+z zjzr1C@xY=#OZ@xCU_kMg&-*`{n5RDHzOizxg14PHev!kn@xfBc-94cdoYpK{sJ?%~ z$W7?=Sh;U_70A$zB?d(b_18K?CEicn`*mvIa>mAgJ}=P4Y*0+Au5+*0;Onn(wSg$?Xp8N-S!yz^XlZfNhZKok(-$FFiTOU%`ga!K?LKUC{$c z62ZNAh$Wy@iB*7xPt_i7Yzx!31F?`KZWuUvba)4R()G!a|2KfT^N$OV(H-9@TNHJ* zc#E`l={=Y$!F{PEP7V4WCUyUlQU2dd2miaDH2!1v=+hc{^V)am09Ly#_PkZFf#)zW zUJJL;HXKP|X*s{MCG>RVKv@CN%A5XZ%PUn*8jBvf{)4O34Z1%Zb@oVCPl^qi%(l1K zI0tpKPB7ds*3PLAXZS*D{@{T(tJ-;{dT|Lt>}juYc1CpL1IhkE7#8=;rFZ`*RJQ(q z>%*!F;kwQ|Puqtw!(_3jf+sqK^)Sy8C!drXXpobL*UM8GoFBMyhGR@m@G91Zs={Sb ztHQ)joJp?TbLhhNM@JlIX}CeLf(is~xrUiwfDF_wILSni|omKUF8NYS7$OViBHLBG6N zxhZsN8SXo-_I-T9wT~|BB50UcfMQz0H5wxkutPYQ; zf>EH~>dazQRoOTE+puIH+QwiVEw|)aNS(qBG(YB7!!zuax}TzsKs%==O}lP;>KX_JrmM2x-YJ(jqZ2l_yjQ*RVrQSC*A#nF+}Eq zTF)6oyd&KqBFMcQy)&*>lBZ`*xMXqL2gUSlX4{VQAK^+Wugvkl%bIjydbTo72fPlE z)2Rf~_ZjV0)St5adRZH+3R1^#B^bikh3*Siv2H-K)j3{_=uv1 zy@o?!=G?PFsI?EmZgMgJ(k2fejFIK-o|X1ruV`K%mlllr)v*bHN_J7SA?T`Aj+zK2 z0TSYyB0ae(g5s3d-Y}M3lGh)|v)Z6G4cXXz#11x)IoD@NCG_lrIYs$HGp3YJOSWwG z)BN$_2-FLbF$_kM!y_bMFbF%2RE&=JK_UXEsG+5To-qdZDhVVks_dB4nu9{^%ca@3 z8-oMCDVsuPaxCoU3-uvUDB!AOVd>urqvZzp#JP z`f0zaljyzL<#QK@PIlVv%r>;#7B1|x>HZ(BtR$rNRRL;e@Yvb8H`9AOUwsTBrmM^@ z6aIunmcg+VusV6@T7lJ7K1L>Rv?SgcGNBOt$qQ#%7a-XOC;@3#Yb53JBFZYFE-Lyy znj`{23MBIQs^~Lef=;5DNM5EA%E2j*N#FA#=kbc;kFak(-v?uohb%+y#3OLOigRREfbh{(K_6UU4Dw<2=~4g z8~j!1tYjU|eIlSdA@?lnJZoYXYESTqni;$3NGx=HF zBv+S&0?=%QB|D0n>d|=Rw01>k>qmn3Yog%J#JzXiKeGN|R@p~ZeUYGQ^KV@qwUnLr zf67~C@D){ezd++$UZ|&>ZrMzhFWL=vP<<8=M2%V1^&F#0t#J=xB`=frSFQ~`!0BbN zyT22X$7PtVD9TtS?HH2<0FCGZnK~PnPk#zH_2Lq>h|K#d7cHUKrL_ zT4>NjTUos6I?2j%E+ogd55RTM6)L0ryF@37qA>Neo&0fi)6=?gE*^SA*m#GqCns4Z z+>ZD3hb@RZ(LzdCE5CoxG0cz@+sFr1wKr^&e`lLv{`$ltXIMXhq>T2MC)^HHWa02y zakfr}WhqzOELMG_i9l5>1D3qP$|{WKUE-D&1Shf}_fqZTJp-P@Qr;2(SAwQ*D#?F; zm-77`!PQ)m$CK#}OL~zb_m&`>!fS8h_*=R1-fIo%(=Ch6N&#y*`TA&9fsI~+M3?^a z0Z)lWJjyM8pn7ZB`)Dz~+Wtpld=>9BGV96)K6~mCYYmxXpfadHSyXA~eA@O$Q}xTQ z_HZH7@f;F3Q_eqXSMpzi_Hpxl{ykYi33j7UdqbHM4y@n*OBny(xvh9MajmC-6JaZW z^M)*%wV_iXCX3dL=&fpdxsN;`nL!oUqz#c+(RdP;E`6hFA`eQxrig05K#`A$(FN<6Yh4@ntGU(=Ec{1yTbf(VhgbG77m_bAiye>0o79`0CRV)-)FRP} z=*`C|D|vVCV;VFYWa4ggtNqxN_e$+ODk#f^21}KEoqNv3eMRkJPr9=|D(vO5!z8{q zef*_2{3FCU&I~s02V=*ZS7-vIPO@xiBvDvxHr&|7pMBz#Wd`9}O?`GXmH|pFV#acc zzmbL~Z6^B`MClwrtQ&lBC;(Le-9y=@+mGrb(y=Ty@YL&PR$yPywPKVH8gR$@8T{J| zeMSmngKO<}1&1-1qjFsxko;P^A6mI*aPxq8HkYJMJ-H0wd^P|AQs=?9IwZ``Q4+ap z4fdtCXP!YL>8UZ#J)kiy+ovX?M1?-EAl*jH+R0@MFs-`7{C31xuN(Ca&z>k0#*I5y z_KMU!18F8=KAgU@8%h&&HWP45)Bss;AlCP6zjNuDPYPL!z20JI7VPw_xr4hh|E=U= z1o6Tjkd}DB;O%o?&Nzp^fx^+8O0gnPycd;V+`8Mn`XT{?X}#=)*PEH}O7*={|GJoc z(G3=@=M6SNu{ph+Qkhus+NsUzr$_tnukXP?kwH~mSw!8GNgmHEFEd~pn4e9w=0vrj zDL(%YD9zuBfK!6n9G7Q99FhYOf$h_zOy3@T;+ONd zqILJiUr9bXQ`_wE+2HopcS6j*Yoz?untgSRPv>7GkTIdC`)`>msvHZf!zrbVS`oW_ z%dcwW0_eGQ2edbX{Vx0()XTr&(W@kx7+wG_jCXxWV767qm>*0P7iS+=56@qa3-!_5 zz%FI-r-NdZw>*R6N;hYf-A^A+l$Rq(Bl4BxfV2s-dF|>b+Maj05JTY~9#-%dMLi@E zrT)?RnJZr_@ELLtP9yNhVq;W^uFWm=W3J$>WNY=!E~|m?2atpGlZ5PL{l`t9PF?~? zUU2rWBmY)Fk*{Doh0Mr(rI@~5wt6%&j0oRiM3B?aV+Kk`PRCsZai}-^II>NRwCQY;X-b`fG>hE9meq9emYrHYAVj z<9Pi&bZs_5+B^~=!U2ww7=r=4_wqC#H5xla9LZaZK_9D;Us3cYU7m~Yhd-|)O-ovu z7}Q*!IE%ItlMBj5O%uG(=UmsksEA!3Ym$52A8#uKeDZ1o&r}dVnXn~n z$fqtdtiPvnl|?ShF&5)fWJqRAtTfTwqDNf6RCz(J^5d!XrAz`sR1_H*+69L#>9zmO zpzYiv3JL5KKboAs`%@`vO`-ID_u5jM+F>S1--E_t%-H6p7i2MG6*-btU!+Ih4LP zj6m7o;A}Z#G>x9|FI#hL-C|S4;|66miV(hHf$L)Gm2tyi-6?z(S~o!{6`WaFq0@ty z=??v^MzOH;c%d177#HI}c;g{*Tn^gRLdi$MO8sQ7C3_^s#7`(yz=*EaP#}oxrjRBX zEl-1_BZ|Jyatc=^0_NMu48e%^s6eG-!9SVpzijo^{q+C$nQbaccA81P9d);_HFRz~ z+y7tjPW4#k&EA9ZyYwE10Y&8YFB>%gP>n;7N3z+6Q%|qp=;&LCfZhbWbGAvw-%=Ye zPf~%$DgJNNZx8zbm04t`S*pMEbLOwjq);DzN)3ij2H*P_<^q)q!Te%A)3TztkIa#+ zthqho`Y37gaaPC~cGp7HeQ###s+a2qjg22_y_cg!xZQ0StqTapfNyv{+PCZ*n1?fY zHJWCk4Mm)Ulz?ZRaD!i-FuHP5-om9?)Ps}w@y6QI26G-h$H9MVXw9H1$=YaaHlte- zhvoSM-}+VW`!&q2rOocxFNB0lMb5-hkoG(48PTF%BR9dyvXU_a#$6upLlW>kN~v;# zx3I&|_jKZ!MFq8f-m}{uYVn-4WfBa<#0eggqJqDS%8WGDj z@Aw(Q#Z>xjeygTSXz4v40jyYKX}8zb+A2t;1m#b&p>(FsljjL*Q;o$zvHFj8-8!7O zQ<3c5A0#9KyvP3wu+d0EadW9(UqDX@2xbbf{zDk*4N#$q^^TOOYNM?RpeIWD-^mVVJ$MV}3_1fW)%w3J2V~qOx27tnrjX{bermHKEt&x=pP zjPQu){~qtheN>S|+Vs=srj${=@ziZQ! zQ=pFS8hbg?4H_j!q0SL(aQJ2L(um<-u53!_->xi*@!xU#UDepkfbC!V%7~a&dRODo zF2Z`zztf#WI>19&)P;ZW5EcS%$=^O~bG*#g&w-c&nLT1p82rxySA#?Jmp?1So;go- zyE(J^e;3#H9t540B$YG^ia6-zU7q>1D6ab%Y0XlaZ+B;L3iyFX}3!z zrf-fE3}@aSSU5=Di-}|ZJ*s?I`Uh!6%Cd5vvTqobTfU-;{Gv|^!70QXNO!|q+Tb4C zO*$(MU+y}!#7ChuzDgK#xU8%_a#sMzD7qjA{mg@*`R}mwqCfj&*UZpk0cIfEMd=mQ zE@xO~8k5s)7eRHzvrx{+!kR5~p6Si(^lZw?0mnW`4{G8cw}^(}3b2J_aQgh z2~AXV9a#Y&^*{({{$P@~ILe6`B4q>zHTi3B;(%@WLU^ zN2wEy7o5U{fE1$}`FxM(er3Qharu%by*~hnMK;JWA)_uGb1T=?=qog^CVOqw+!wL? z%-7w`Mm>>xcewkbugix^ch*Pi>Q5DcNyQY(O-I*@EuOuMaBtg8)I>Q; zcBNUd(JQyI8Pr6?Za^<{>2fU>s&xIl)mpRo@pUglWVZ(Gr4UXtSH#_c4{3zS#x_oU zUn^mhnH@jY8r<}E@Kc@6r#3A8SDn)(X^}NOxHjkJmVcZT(%iZ@e|!M*+>dRItE-kh zW;)+NEIdcO$#ot(WLFTAz=*3Dkb%Q@jT&l}2AYk4xqR z%wHtb5ua$jcwdSFI1(<^%h(CfutKBiF90&K>-YCI4Tesu8vlg^K!thdJibmWU}FD# zR+KH!2&fUaZ;lGq-77|a)@!~&E%7$~04y+^23&wh1-`6Y&-6^#xcI9fUE3VKxu>Ga z{`B7-BOJq|Q`~DTuR{GGK)Ko>gQSeZU>o6}o9RS#s-rl{9 zkEMyjORemSnn?+UMxQHQm4EvQmvV#5w{2C){~dcaO`Ii5zja-rPEw%Xps&o1)@;`i zT{77*1(qHBG%$FQC<-^kOyZd4az%v!PVl4~0x{!9z2Ek}ilRBPVr1<*T;TRmOSTK%J04OF5MQ*8k;@&*DOhYo{waOfv*M zYhtz3uqC};Qv+TtO_6t2AF1-!^InO2gj^Fls013cD*m#NUg!L1v;~Y-ELu)NE7r3! zafbsMD~ED@3#ps!7rM$p;IBsrVWt#Eswj4fA{uiS!ZVyty6B8^b};=jxn*~fBiiEY zW9u62TgVb!^$_CL`xsHFpM@MAV@ga6a|4@S9}IAPQ0M$jvo=d22==N7ef=1jRjqR4 z#i=G`A(hj@L0SHg#g>Q%@xbq#by*YiWj2`X!YYpCY12k9;QVx#mf5!u1&g$*P3X-ka5d!ci>gLt3 z=CGn9zh6(D$N?m6trrK7(-ll0Pup7*O^Bl*x>$ZXXnIqYu^E42`c?l;X-Fi6W4gzT z<=SZhAAg!gEA?vo-J)ubF`F@=5r5#VBEb@0fyhu`3SaWRdRW|*(Kn(5g%gL`tiQch z3)6A&dfElrF8fs-x}WK48(&-9>k0Gc+7WOpSvkcs8dqfL0hD`aJ3n>Svd7M1v^mJH zhnCm}*7@QE#>9SfO(E8fk02K}&Dcg1s2=&mqXD10^jF+5UyMawq;noH4RL6iHY6FI ze1GM*+V00eMJXYe>(fu+I$@1bhSFIc-e^wzmVJzf{L;{>YK4+(^;^qy)na0+ceT8n zUiVUHDa%0I79*)`I;YJw7NDEzE}mk?tN9xm@yA{seR=Z>q|Ogc5pd_RTbgkXvSp1< zo)ocP$3Zln)3#(`N+#b&^Q5+1Uqg=)Q zER||w$&7DTR zxYEeE)$A)%QL={PReB~xo}q-6-`xQ?I+&!v%*XI%to6>7Z>!(=XV}oG5<6brdOR(lnyBaSd)}mtj_V^vlaK=ZZpC zLZ(5;P2ujAe;vLcP|tnXvtR|cMWRQ#q}=JqbXpZ#Hf@2>rIoqz zUDzq%3!U*4GUzB5nSojKjQ?1A<#^v!I+FSp@r;I#$Eb}(=UM@2$X{$ZLM~IWa|F|G z^4lKJol(abRJZS6wECQ$3h&2aOmsG>6$qip!M6K`m3~8#{t(Cio^D+SbmJ4UT95jk zE~||ilV_c&iPix;ezz`N2@Ia(;V1v;^I(#o?P#M=K18)HeRD(SqBJOm?NnI*&V}g^ z=+DAcE=wI=%t)zvq4DINF2+y&@@D_JQlYh+~%G0 z$xH^^LNLy52JCdS74zX9E-;E%d6rCZPsw3D><{vne<&7)s`*I)#1kB#DgMBugyO^y+1@jdf)c-ohP?lu{f(Gixo|_KTQc1xa@Jw`4JSIs zHzEF?Gbscb9k|i#dcy&4Ki+ze>ipb~y}>oV-muVT_-ZhS29NU?QF!0=Z=iD=dL5E0 zPtLLY-5xZ*OPukYz)Ah6lII%AtXj&fJ>k!ECYhihcpogT7~E4#;b5TEXbsJHGl4K= zW4PC_eZ&1KZbKNBI}z{?2u`LIV$jie=<$bO8PtmmOT3oy&ZOz> zmcl&^{I>Xvtv^FCEt-4W51A&|pRbEHRveCDI&ST~if2tMSR!V7Y49jw?05>wKq`Db zO?!)}(#UU{h>Y(u!lTz}YBuwf_{H{sL_Jc#O)|iUpr52x-1vI$ZTr0fwRM~MC;^nTq$RcT z`VZx&i^J*Cx|hVH)smA$;u0p`xPSJxDco@Q zYx?WBkPlS@s#nl*n4PwN!{GV-*cgXT31z4LTVPi}Ns;E(KUbH*d<4mAP`+50#rz@A zQA!|+nwNog7LK8Is)W0QJlQ{jsJz5d`rmIEBG8^V{L1%z(IT8=vFj^a=Z1s?oXJ^x z*>~I)s&W|D3f|<_n&NEr$|Q{d2{2lU&GF5(n|N=hl6!IUn9 z#M9yXf->a#a*1az&v!sKNA$OOQpg&J^-w5!E=*0U!e8)>Q`8}D4ZmuzoQYchq4;ZG z{s9&s;h|~c#+6s-Uj3GSRP)2Zdfy-jIB!1SE@AsV@7}|3yY`G8T8U7XuX8d9YRQip zx3dRo1Yka72E&&cq{WuIXO?1FqRSRbsllJ4zh(bf)uJxhu^UQ;SLlntymi&T1h&oO zvK!p^`52(VHX@+>$^FV=^3iB@eo+T!>=S}Txl|1-w^~3vH`Jlwc|u7Vz9fyiX{jb= zZ^?4z?0b>e7`^GX3FXdnwt{V*!9%eb9?Jna>knu?l#!2G3^tWQJ{

*jJX|Won&B zF)gya2Z`cz5Ni9wKNykJ>~sJ(|1)eFt7G6k z7Mo_A@$CZVISM6@gZ2)c|DEkK18n#E^q-&FReAAcp1|Q9thoCS&Uqt_hX!0I(ws)( z7ght{#REL~)E0Nvs%yxz_yeU}-VdI4#-%l&Q5G8>5R{JQ1s)qmguzbz_HBtfD$zRc z``+>We^Tn`u!6}=mP}zN`vsi;3&{QtTb(6r2qjaVc9K}kqwcY8^mrP@ zpgUz%27Z5H9|T5kEZUM`?rb;(o!uh(%8sGigRGbSE{c*Fp4JWvP>b;%{5M3`(Al7DL>VY=fFG6TftFN1|mpp(N49&+M}-pek; zvu#+z3(ACFoqKK7n(?>+i{#hFj{ycZ`0-;J9E1Y0U+k7-X};(|xAxwcGE{$nW1j=d zo1zXgJ5d$)?+3Kc_Ga~;(Z$TxOc4+kQL{JL2V^v6gnPGuS@qD?LrfTD?%n8(GpXG; zc<&`XB1A{z0{n`fds)OD_1Mga64_;6+TNl{M{H}etdpefyD^kZLaX0o>jOiekpx*lQOsU%?oRter)O99g-xe(qqR)QB3tORn_e=Z5=QkNBvteyfY_{p z{_7kO)@=JbeP>C#rM&5Mc7tyE?mx)~{K$rq3cOB&RuPbu)hor-Dg(;i)^7$c8h^i7 zLN2`!(c!&wI7v3|8Dv;cgzVb^5;VqCcUvLL9l+-1*Up~&KE9MNs3J72AbB=Ws9xG-9X=lU@4GtSPJmA=aIt5_?EJF15v*IqS$&l@=2 zrk^s7rc{66N97Q`mH`jBkY;v9{aF#PmyH{!SBpitSTWi$!z*swH@Wn_Z#|a6Y|z9WS&+FZJOrZdAuz( zMa?F3rdL^+>wb4e@mC9@`z%?Ru@}l*E>cj*xwJh}Vxr6Gy=PuQdkDFs$&(Ew`HGv*1OWZDxuDvfIdFTYkxiCHZ*Gu zm9iN4el1wkuvPYNb$Wegl?Eg?yq(fy4-qX{r(0m(ei=WnR`-IewalCY^?w^dlLh>3 z8)Zhd+K2mj4NW^%`-(||e3XFNu<7p5<~mBAI5<4tI{b{IvkP?zkR86mY}PgVXCaP5 zqQv**+MYX((acE{%_LZo@MoB@dik8N*KI{kWPz_-S2IMeF7k-Q*2yUfB_P-qWPOeo zMJ>ym26(F!0IyD{1Rf$H=Z;UmA;Mw^X^~?^@$e0)(b1pNHoe|{OKp(geZ-mP&)Tfz zrwF*qof}H+tt5g3=EVFGpyOzS-8wRW2f2Jg<4tnvK?w=oe(xl+a{oxE<8W0SkMi48 z>iWtUu~SDG=&W(i55vQ^8mE398g^h-rF<5B004MJkOVL%8((Py-@-S3Wgjk^{aYD7 z2L^@9d#mb4=v?bAKR@w$ewybwdbX>SwoS)05$n5o(G?cDzLwjdxZ4=zp6FcbEk8fv zsXf~xXH2~xhd32aQV-)B$O@k3W14Us?NI9(C7jbB&vzxCVm{twXX9OeK3 literal 0 HcmV?d00001 diff --git a/en-26/img/HTML_Heading_Icon.png b/en-26/img/HTML_Heading_Icon.png new file mode 100644 index 0000000000000000000000000000000000000000..29f55993ecde91c6c3cebc614f24e3613dad253b GIT binary patch literal 25210 zcmeFZWmuG38$XJoAT6kLNlJH@7)Ymdw{$Z!B1(vWfHVUrNOyPFFm!i!cgIh z^FQa~;kwwHJ>opiv(|n8>Rz*h73Du*p%bGcAt7N&NxoA?LP8z^KTkhF0ss7AIoSjL zg=R0Q>4b!Y-HP~r&}o-t0$wC?ey`!IVrS+IF?2LVfv+N=*%4D@W_yKVLM3R9qwI8Snr7FLX7N*ZBtj{ZYCB@mrRE?_vq%@yLHSWUKi4 z|M`mnjH{{#hdp8!y%CEMC6;Q3FVnTKFvEY*{rjfMuH;x*a`2_ubnlz>4d2Uoibl_p zPg@rs%|AiyB}Qx{cs#2`P@m%d^TmMMTEd)Lq@OI}S<&_w%GJ+h&~LdUPkJcXiay-U z_PJl{ol~g#sAK+zf1fG+6*)#0#qFlmoXiyJYaY)Rd)2(Z4sve}S&VrFhMgVRm$@l! zYf|R>%^waFo7t#U?D+S-(xg9N4n$_N+vhBQ`|sPdMSpm>Wn&(>S$6u2In{P_%WLot zU#Pd0M@}eGQkP&SnUL{hM9jmc>BZTq^Qi$mZ{EXL{U-(L{b{@Z-giVJZ+Op9{l)n0 zio|LmPksAxGj|h@o~pYT6*?PrEsTQZwtv~>zfJx1>x0?(mE9E@(!;u(!FDnJeYPk* zcB>n1BOHEd-2%ubZk1%{>-DCc6q1j*;)%q5Z7Fxr_ZiSvR;B-K<;+?H=IOrXI?|Jq z0$13OTDG>)EPBQRQdFbh*~o|t461a$OUq0viyBlU+YibG2h*x*kG&|CSVPE2 z-FZFONmBD}!i}=Ue>%a4(+HzySC#0x@M)(Ud2o5q_X;OSbEeFt;KE8qC<+G3^b@Db zAO3X6jZSDeC6t3P=Qo6;HkqZqn#5WtvDRs@8`FV(pR^69r$`~AiOg5;r_uVnh2zai zmaIbJxPDqZF094do_n2^!Y;_tW_fR5i2RuDc)sjl)6!hARoSQP zPdq+aqTCwUmtRS*dpZgBY>lZI(?9RBE+kFY_Q9BAN9?~NTe{WiY=5sZBe*z6dSYeG ze$|2JWv5>BYd`76w~>&!y3_UWrs@Dbvu(4PyuGhsv3BX{sp*tadcO^EJ5SpcAo^ri z=TB8-wb1H}ldlI0by{6GAaK&O=S|qWP57nFlC3WcTdL{j`V)_eE;FyNvyBlX#~|RlZhbiJ+Gu$9{H$D1W%6v!T5tB(G{MUtwR^(mpu{iIwX0N) zL^%VWuL@W8uw4UqT-;y6joRtyWO65}h0NpJ;oCMn^@E`cEUhMYoFP_%lX26dtH+>& z8o8x5jWQty@d^7CXvn)|C-(8d^YK0XoP_i95}`AmY{OKGBvG*W$+*2f(YiM~v&Oii zeFn$mQMFc{S#PB*zD{YVXD$TN(2h-XP{jr^Fw6^RuBGhXWXYONcKG8@Z%@Q6Bpy3~ z;?@W$dPRbvLtzc&j(@hD4kvTfx~jo9C|>ksPkWI!Wq~`{hlD9OZ;^TY?fm)SYqq8i zBsO}EPKGPL5R2j^<0yYQ8(E5tp#tU*Ed7KZa^)Pg-WGk-B&}E43)(kA@I7`CQMvU1 zQQV8^5MPKMzK~i%UZIWg*=Lzb&pQE<)`Yd$y)S*$MFp<-)xWBj-bO84%lPEiuIxX+ z4^EV&^ET(WR`9xgNVsFiu}uNh1^Y8X+>Pq>ky zE*%bDzY@N#Zy!9ihx~%hl`r<_(f8Zd$7Sb`ShF|CxHctJ4Z?;RCkegZ&K+?(j`j#QrXRJYo9tX*0CrHQUTh8p)rUu>Y-vxB9j4%c?;+2uV%tPdTG{v8z`0Z4+Qa zqxejBU3VN!^9F9?Ui(rU@xDz9ehGB_w*8YnLNl|268l#_51=womx1h(8m4 zL7-u^=Jl6u&fhXZB>pYkt~&Hy=A7#WuHhIIB#*{<31?~NeWZCbFQVJ8l2~U%8|)$4 zBub|;DwXeBP@=xMk_-zGyH{}VJ&WJ?d@-|}8nm+{Ha%NC)< z8&JtH=^(2App!*yls#_tA)aW3q_z1^JFQM59!sO5gV%#NI(^nWnyURBGx(QNtEK}2 zQG%glb}3PpI+&P{JigztGK%gqCU-=5Qm^6hmwT~_*e3U-KUCKk&2zRQy7Ky~JWOM;MBFoAVk zlx9BSM{LEC)g0!Hu?vDu*?2qsm{BkEHJL@Ck4wo=W{jwFDrBlV<<@-7i$$o-vm{mh z(JCjOz;~4v)uu~K$4UpyGhsK#_^sbJ(IVFOm2LaOSb2#r9e-!aWFYr>Et**Lo#}4O zF4bTOh*Y3_c+r4`WC;5D)zZGEGVJdO058kH+kyeQRsW5f7xWoucA1&`rwKBmk<|(pHGPs`jRH->JoB+FNz-%9U_JgErJ0FoMljVoML94|#X+Q{ z7fH(=WF385y)>0n-49DL@n^Wzt#FTmCGFy?Os$wa!r1&$1%blCI(W?>HH0Q~ww&=5 zqaD9^38w3XX32 z6x2s8Wi?@Uilf62D}Sk!la-GxrfXrTXZ-f&}_mtuRz$phB?>k*U12VKs+ zbEa`U`er4UqMpC~+GtJV@pHv^G&M$V_ZmGLIo)$}LaSLPhq>;1=X^^&SDiydOgUM` z{`5m#QC8<@%;T6tc{G*s)9X1Mzij64W)S?0=2LYm%BQKDTxy<>l5*XQ$8DXoc5!&>t51IP={MH`?1F# zSy6m53A-s&nvZ-uHurR+OtR7p7riG0n^{AD3iYc&x{-k4@AT$4)lzBpLp zHV&LrlLmXALvWBe!{daXS#jp2gf1i{vt9;jJh1OJ8B-(l3WOR~w`L8=u5~8Z7lyKv zq+9c9ZY?|JbCr6sF$;febJ^aabEXi5?uF4*uq47(zHV=5|7jA8-fzJEv;X7GpEvts zGwU9HbioSvHVXwGQr63p;^4*my2)Oy$itbg8G=7+EQv9asNF7mlN1Ny`zqWO4wPEQ ztM=bqlUcjjaVXtp9#6Ga%W1Zj74I*duf63iM!udi9g2CP=XU!tN589p)qHG7#F-q= zkFUu0Q0MGj*y^Pa8_H)Xj;Q$4(|2?;%4DRTao62GHNvOF)QV9f)to*SdiS2y;IyGZ_+tRMvYdx(x~reB z-OT~(#z59s!f)hy4D5t@40qjk1+UcgDDt|G0^9RU<>?3x_VeeZ4=%arWX@kx#L}O5 z;v~fW;_-!WJiAExN^#5Jj?VA#SH!qDlobyhK$7SNuv%u3M> zOMelY@4g**YaF?7g`!W=YRjX6ZxtD5R$?F6{5AP~C^h%SOzT3A2Yr+nmu7t@4M%S` zdE!=19ItuC+op1fIU8GZW9MTdTNE<7Tv8OAl})UlP~99)?)^vNhKsC|Pg5o0#MhtU zhuRk7?r^G!@(-md6-Qxc<_Ve%Pz%@UrP%w|1m+2I-I(oFNPe?78RrHJq*L1` zaFUpB`b;{NLb!;&?ZhToe+o}RHE8a|4BO+Gjg#%8oRG&YtZh|bE zr|G|)@LGHvr5cQathIWb+-iLyU|L-H=+q6he61lfgX?c1&f#&g$&t_@4U}c;883

m*@aV|v24g!JLW#_KA3#$lHjtkB-&Y~_=?SC0j>{kjgCz* zU*&+TWP$YD;cYoq2L$fUzo|BTbXd+&L)N3MK5=MMyk&4U|8P7RUG&rj^SZYE`|V?& zjW2EYT3;bWxC?^x!6~7r#HM1h4<%uriv-;ZwOMK>HVBlzoOz-S*4#hOQ25?reyo%1 zwWYiCEJUk*g+I`u#f4UM{p{J$>bMUz8hl%L#Dm@0Od(NfpYqhVSrJHIy+M%||*ZjLA1_+GgE$<*2D1g>QE z*3@VA&y@sR9=U`r9dz4NRi4R)y}p;J94-z#MHL*VNgb)I7reWRCCAJ@%tiZN_xm$W zP*=2sZiCDgqd(g1_qboo^H$rH0#Y+k$8Yf!dsENzd8w>)y%aQ-(FyOh6%Tf!ozi}p zI;^F)&*{H>IY>3=TFhdIi(*&(<7M4XDW;AEA6i0n!cWE@z3IG7DX!SgD&?y2Fjh>l~ z%}MVlcUTqEqxObWjqhFvGsi>o(MZpE304li`o4HbZ#mXp-z*>RG%ZojFO`8mN)I{} z*qyu1mD4^y6MyFD1Dsp#^?q^nOSoZ6BY& zQcnthj71nz*xS6j(_@1g@2f#`V_m%Xx&4eL zYkH=GGFIw@)$Fa)2=|5`EI{RH^nDydU-eE?MjOr)cB1T@2S<@`tOfhU0|o4=<&U{;^h^+NCO?-;P*8@qYMzkb@gSEpKL^EY z^go`R>((RVyzeocx+nV$CyOX6&?mXit%b(gkYqvf5!6u3E;#n{O@e=m92)QB3fF^iz_|pjfS*YY-^i0p1-UR<3cj?B%pA_qE|@-59H&fWozyiSmNjdS!*pwksb~9c zSy~yICHgelNu}OBw>@C_>FB8Z`ce)0IB%TZJIDxz@YsB-(Xn30FU$}aTt`n7XIdd% zc%bTp3t9ctK>xWyjH=RDA&L>|2cWrwT|gie8ZX}W@mCt_-MhZJ*Ba_4(kgE@gqJOPpUuEbkq&p@w1%) z3Ia(^1xGg`UF`8MkjakZ0@Rkaf8+uu(&JCpzf<-}sh_egS=FM~n zu_f7(_PG@1xvTazK(-q*doz1wyLc#uvsgYi112suLQ1C0ERD6E6Pr3s%vS^>MI0OC zl&w^YS?vM$33&=!gfnmn4Jo>DIJEd012zBtkiBqLd1OSj9LV#sHx)Gxo*Bb>Z? zGj6=!7tX%g{KxG2j4r*CFazTBGub)r-X?ezigh^Pf@y5au)49LtiT;tNIUBPX^1z7 z&PM3zECn{(B>~%!ulK(;TZzRzEMOOqtJt-{0*kXE6F_k2B zdoFGHaaR(5oOovDof`&Pio|V?d3-byX631=pt=>5*;FMP$*$fdin0lvakVCXkC49< znmasLEz+co8Z^o4k%yB7E+57M-KSZ!@VVzkxhD@v+&yES5BQ5Ns;4#uTB0=jGF{Zd zgl&rj`ARpiLi;p#>P`Nzg>YFAaAkj!o@+fi$1lp);>HnShsMf8>IxbiH52)x+P+HN zxq5o1d*(o(*y7Yj?Pc@BcF|;qIBK#Q4y|^AGQjR+x#G*8b)1*3i&P%@HqsezWgSBN zyBgn`2!)JNB<_4N&HPJW=*LR}f$+uOluKz4jN5R0a_*yQUWr^5W+Z~@&^tA8eSzBG}7nZqqI9_p^PSTM9 zr|TWsk#W^@(b$y)Pu+yhj|YEHJNx8#qH!f`TDxt&wG`oiUh9Nk-$aqdq^F0nmDJrm z2X^VFBI~Q5R5?#ck0Pmt3IRz42<(l}gIc~(|HJ{oDzyCC_r+`3kclyiNBM9<8iL;D zMN_zd`?Ysjf$OH-+X5Wg%};_0IM-^=eBsA+UQ!E5ZAXW>lk=Ge4pX#|HK7pw+1I>taY~)TQU~USW?u zOQi0#-gGnlvC-#W@rHhtp`yN(aiz^Y&-iJ5>^N;ar8;(F^uR=+#_+Ls;3N*F+HUt8 zb_xk5@h+F9gYZ72dg%k)7)OlpYh@@o4@-tk_w{YkWg+ZZ74whdP$NRl`mCD-!moNv z;+SVm2GivF{`O#tVza_3c(J=g@G-T{xU0+(VQW9ArdGak3FzCI85*Z@JUOnAl&rmQ zvbPDTG?F_@hMf}y!oEWXs`Xr5Jpiba_o54CVtR0wX`C7}bfnS0F;Y~Toqb6;B$4}; z?)ZF#i4Sh{HmN%goAnR&)MiY{|;^q#>R`*3CT%Msd7ExytgVjQEb@dWx?aqywMQy zY>YlhI)0v#!5d&)Y(L-b&Lr&!J>;M~ZdvHZ+fxv7f4IRFC>L|PH5BJBFR{Ypj~Vin zncDLrFtgClk2m14cF+7`jRKYjcST%uAzAzf*|mGifoWRJE#pA0>UCR*GglNoKK{~H zlhW;?DDEg6BgcNHkWo0)y)gQw2qgWKbEtVdo5-xq=58S3WVm#M%jXCAngWY9}Oh0CG8E2x7_l zxcc}lMrAYdg_CqU!uO8~$15ZD1ko3E4DTRAIE{`tc=g%d-gFpd%;xu-UX6~VbZ7p^ z&OryLq}JN*aajeAcULL@)KJj5)?QO*t5i0^%PLiZ6S(R23GK(%s=~HKJ>w=Oxh6?D ze=*#?kPW$+{Ae9;WzBefUM)0m)NkIYK!=Qje^ZMg0Mbu*^3mr-Qx~A+GYW|BH_{j5o@$8fk=D*^xQ$@|1N7j>h@B6;^ zUmEzo=Of9x82h7N2Cv$DO~R$cPo({cPscyYhnLuf$K8yBCULSkG8{{bhdXYX{@xtj zvQ%6HLK43%*J0aOCH!#~$)8A9m$zr$;9!(4yl(j`LLNm}At4Rw-MzQiB8D|PIL zDjLTAM61OGITj^XRpK8r-}uZ=P&!)Kq6~MW3dzM3@DjzDPcr-e;_v6n7yjl_%5ftU zg&T6jn#j}Y(o&PaoAEA@`DO@4I&NAzH67HwySQM-o|*uo4oSKg;nA>{c`&bJ8^b(C zQV5)AzUd{c_4 zJ66gqopdByCJc>Acc1-kMP+tq`&fJ}pa#R&WN$s1*YPMo8F7is07Zc)c zuXL{Q(v_8PwHk7+8`B31;G}tZ8QS-U7;lMqW0I`z|L-gS7G?v;y8C5OYG|aa%8I!l zg~v-3E3Anxpy#AmRu)f7r(jK33(HpQi`f1W;Hj!-O%~PV*H(2%ve47);84{W%ADBd zty8-2Jh*#SlBZ53yJ$%7lRe@iVQO?j zA)Tr%XP+`;F#HID3?u1_ZSmEI|E8ud@jY3_oH~EP_G4GangQul%SgiK*g>*#NKM6 zR-yQl6}FVTM0WSIFm$Hl!@YYXL6p21TjlDmTz)F+3E8DE*%!ZIk|5fI;BUfSxpNG} zX4aJTHs{Ln=_s2d=7V-a9+rIhy(=HYdamLBjNZPS*qINm_ddmM@TPc4x|a45*=^bS z*&82^q)~U#fvxkh@y{DJ0ojcNEFcG~A3@xougxixDrTdpUC39X~w1i+FC4csCgWCuO@>~FJQC+-pc+u2q33cg9{ z0w?K_tqEBd;V95}x5CyzO|&H_IyxEc6PePVy!c~S9IF=oO|XdT*_>YIBb*UqE&SS{ z(sAW1?a|)M4&}O;VlxGQlhDU$VuK zbyib0_bJPAP_d0w!;M&aGzjrR6-_v%!EmgVUJlex6(idtg#}eee+&w$YNgg~=ud(? z#l3$(Us8g~hK1AMhlVv}AF5uQyBi}p<&IiNG2MDkHuWaPbjhZ)wEni9J5Q}7-ooel zRK4K#dR}A*|KCFoxCe@_u?|$Xl&^4MHk7qsm3y{t_WyASG2kF3m4G{@Sr z#qOPS%>zczn3h!jJ7=;AH-5m=G&PbYTmm6$6#T9g-r>!&Ggmi|PL2GffGPIqzjF@K z-D%+WDEgRV=qOgUN8aJ}|8?qf#=rkf)NRiL+zmpgx2X6m6 z#B!vby7}{eM9Uk3vB2q>OC~P4sNqZnr;7ta zPEJmHK`1{|zOKIhL6&wU>w^amKIW?BM`|;w6T?d+Wn`ASBB+xDoKQZOn)mDR$2>$v z&epBvRo8V<+L_V~{#f?CB-J20uT3)`~NDIGMOSJ3i>3P)D*%>GiN(_GSy@!V& z8X6jb=x~{ZipR-DGZZo>Wp8gEZ+q8xf9IL(xhF8^bu4#xR@oTs?umYMz2C@X()F|> zl;p$p*{+D*-P!K6`^92lJclvL;NT!Rn^@)TxW2E5g4pfJH&oKq#p?BBWP_P12UAui zCZ>?x>B>^COUJQ1&DPD~%m-P@f6+sUdHz_A=9rk8M*RF~zgUIwrThC%d96$W~Q7E7R14mbUO8m zd|2)Xh3AuZHK5o|l?7MM`y}RTS32I^xFZqsSiU>m8Wn)-k%EOv67x-FRLvR4kR!P} z4EG%&{GdX_6KsyFG*;7Ve@ZErB@S zC;3eQZ5vm(G&MD8XlZdNDEc!~e7fOmjXf-t zGc6l~X=oT2*D_|KN%Hhe>IIJ|Sy{shbZeKkx3yVaSafTC;j?JjkLyBo$F2pbsr|u4 zkHLOBuJsVvHr~1-wz8$Q6%7-U`C!6P5K2Q&U+T0jFM7ShwO6yv`sU3WLNOm72Y1)|!zHFN8M5(jrYmd?&(9l85@m;JczB{& zv?~twYWGVFnjh{p-up=WAZ+Ft*I6E{h;0WO?S6N;?!Ngq_6a6t-p*Q8ZwYgS^<)d! zQGS=L=jXE!3I&nV=cn7_Y()fplcnYYjw??%I5>Wg@P#GtSaF(m|Kg-bc@OLA0#A(n zIhsj*sLuWPVSh@Cj?1X3Y!d%r3vzDc6?oQ(de2Jjb-7QUK4s6bCI3YLe|l1U25hR_ z%6%(4^Wgm49F(5()=2idcziZCwyn|J5A`0WRp)b_QnIouU_VyCBbqmTe(-~kMZfRe+xZ4>i>We;V6pw(UAaW? zH+A<9mpdmo`9(@g-NuD$|g=6ioV|ARs-x!Ab#Xwp0d_r;4<*UI*V1%nKE zsI;ssX07Y4(Z;}Uf)4V#7vR=%RC7PgRB=EBU6#hQ?P$S<2DU1(o|aorM&8|CbD8&% z4h;=;|HXztg&<*|7PySso}l26_jE@y!JVxyFE2R&{1_Pz#~C#xKcP5C-m#BL6d!5yq@W~Qtacak%m`oGrK*AKuV=>YY1vEYy6wi>MtP@LQ* zt#y%-jxGS3OmHAug&uJQP-2B~POljQ{{dY`$E^_tI{BooKB$mpi3u8H-n+81rYYd- z*MljmLZwW3GIIA7Tx@dTjR;3J2n+_x)2)r!*!WaXv&Cpzf2!uXJJtUCZD4nPpI*Jk z;`TON+pd1~ki-pQYGT4}GsWF-wZ$~&d+$x|w(uaFOnY3%2@6!EDOl$pqymv_4Hrw_ zpSzv5c>IuU@DJWl+f&`12k^&-c~^@R9I@^!ejQkJ!B~?Df13+u?Kr zY}sXH+;cwHHlPg1_v()2D+3h>1H?PS$lMRx2{aqL1m=D3>px7pZw$Pwu$}F;shkZc zEMx;MWVAa~4iLq&jQr9`2_eIju^qXF85kH4*tR;P%YWV>Mn&}nms;Y6_RCf%2_HZ$ zcqrf8lh>^QSQcY>L=FxPtN1%tS64?D%i*OC%M#)9O|{gZz5oO!eEs?epIPHI*ivD= zz**Z&-}^h^!?tILPHXGz^sK{H5cE7_29R;GJ>E~fo&fIYZ6LNOz^K@ENOCUtdB*2@ zH&!)O9}mFo>UxUr8i2z?Nxoe`Ux1(~0CKJrCsWI3MpaeugSvm~=EjfIo50gLK7Rgv z_XXvPxBr~X4itdO&$%sQg;9w0?M#-Up`$Za)_8e)#|yeJE-o(C9d$FQkI1=Nfa?AZ zfFlWzjWlcV&kGb+@p*C@Aq0hW@fvSxcUw=+vA%?&K7l(aNsrN{RuPwU$wI9pG$ zNMeo4c8snJl9$%sI9Y|$<{D3Az|e;(5i@g0oztH zFr8-Bn{cu-8HKoCP($wN=mz+Rov4|PqeKG2AAOko!pl!qFvzfVh!}D`Q_2-4`QAi9sf-o za66#3hd?2&^(LxYOzS2^(JL4w(3M+`9%;mbKLyKn1fKK|FrQoAOv%ydscBmfE;C>_ z3ZIMLC5b9|d3ns>8WM_%KR?hRcO0}6=zqLW*2FGty*2|YKM+)`tTRi4sLk0#EQLu>H zm>o#2F6{@AFRiEGi~pQRQ7-eQw!K}jYc045zxi#<@V>zlJ z4$B>fKvt-^5o`b!ayVL%+N)X)Ll>)f^Y*R#ZXSK0*S=owARDPMpk7pOy_fZI{uIXfA#ER zPG1}+YaYqhygL zl`-UNl^d;gN2|BBhLrGoUvVS!S}kOs4sall1;eT0{xaky!~uSdjbgV~r^cY!g#ljz zX*QUa`_K!lFwj$9d~cR1ynt75-W~&@-%{sD6i6^2N#g~a=qP+|I0CWBjBYLtlZ4%e zsCQq5{ktRr&KpkwKfaTYP;*te`v}&v11tzDv%c!j8Rj7X-;>o&=G7IQ?3iE+s@D>% z+}5EG#uXIL`@35Ly4gsX$0#Ux&!4w}3S$J1y#?skbfqhzCq?YOB$;~;=&XfK3SS^$ z%S#d+gT1fMioy3A&qgGIm;tS7M_MsZ=#MLlmVk2uB+=IFkBXo|-~<>3*Maiy7Q4Sx zxH{kOmtm`4i7>@{hKCmitPmhIrqPnmU{8gwcS>n!Xo}npm(Z(4nNmT7a`+R7#%JW@ zdY@w6O81vAtL15kgNm{MbQQ7R+e_8n*0x~J-(9ZT(9nQM!utbkgIZUKv=C%3{e1{N zX#d8U?Hat%EG2({>PALJ7YJ2WEAS!*-1)or?{&vyEXpm01AqxBHf#-mTMoSgk_bGc zj>&$k4nPD%U#sS->8edHNTFhr8o(lH5fHYpu%PTcW?RYSc3?ovXWIkxYWMRlL8yET zv*sIMk2c2(^|L$Q1_lIhx*wT<7nNV)B>eL+CAZfAFu?9nadV%raaqW{mz0+Wgunx6 zrF0@V77%1`SeO|Co?${*}_JJj9NW73~2B3SW#u-+2_eih*r*ruCG zgeP`g$$c&iLA|m~Yu+J0eCT%2jOxDljes?mrx%Azuq{I_F(@pI)s@uMz-rH7))b8)qy?w4FJ^Edk!>`=YD-G774HY&4okdw8K(cFotpF?aj>$W14QQ>({`* zQrlU<%4sF#e-a{LO3*?nzIT@;$z_|;Wu|a^a1)!Ox$41mOEm!f!8;#btnh!^9LavB zTjR_y{?J6YSHFCSr>zxzD#%utd0RxDGvSeevRGq7r z{BEp?Z#7;(OGERO#ICM*;+!Nv9MFfPf`U09@fQOv-=m|W+kug81Ki*SlU@Hi2y`lD z>njz7h?&)@1U|bxS0WG(ya3g-KJfdkiJ4iAuDsN%e@g5#pw!5in6*Pw&%15_7VUsb zz9%uiYMh}h6TLkdMn}s62IcnpeEs5ZnH>6~Gde6k5(5j%^zP;|Ju`DSUz-o%j2Bx2 z+2DEknLM^Lae?F>LF#($t0g_DQ@gGKI23&ci>>jTrs!blSC0F|)@Q1nqKA^xK7^MT zwSRvY+s!Duw-QLy6P_Gw&FS}gnn<<2%0L-eN<1*?*FE#_<9C#YW&M{SC zfL{RQUjvfq{uowS$%pVl@Q)HeJRYz2v#Df|W)+R{=6sYye74TlF+M&%I>y4G6HqVP zHc=WGHYyOk0NC(_G!=cSHPeBy#UmrrT}v#9{51IIG2nEgjvqvICqpvi`CKe4p+K95 zN2}w4jt>eBW^fV+Az*X0!un)qXNM4ih-U@pqzN!9#p?)-t?uCAPmwzjPR>XGl1{By ze2PG3D2tR;>$rP*ayhO@f&d8N#x}r8oAPD9ZfJ9lH=UyAjC1ifa=>z0QwO?XB_U7_W!d6KtVKkU*nOGcpA3+K8mUR zHHIU0(Dw_b>3iJ@H&7FA6c8rQXnmkYX&%`;pRvNJkQdZbt!nB znZPG4eeQ1|2m^=MW&j=8N@*wx!iSH%uTH9sO2a`)w+_tt>gl-tdc1jZ_RrT-~Mq)uN`)bfsM;cq>}H)|$E`eupnWzOw^gUsqSxUCtW%8$pstVq%S)3aM0+ z|4}~pJc**u+}zyB)@TSoyi&V)QJl&md!WAoNA{%2SVWH(kAipA%`fR?^jv|rIE(4fpTQPPR^u``Mulf#$GI?ZVqz1z1 z&p3SehFQ+=!&Ea*tNc5tglZm>^s;|(?K6M~knIuB(LXx}Q3%k(4-ii!?pP`bRAu1+ ztp|c3KKLW)8!E ztQFVLAOuyyq~hsVr~vRteFqss!I7U7;oC=m0^gghRkzee#6tky-2nrG;N{i%)!mHx zdqlXboU6tHkX<+?`X*Nzus%?JwsQEt^ub$JFNXbGL2x3mX6(Ktv1!x(NRvvjZ63&(9B}GZk-2CBaXK zcx7DAGqm3GJSLl&OgowyBzT~UB7r^8Exw*($3$eU2+Oct*yy9l`gb*KhPDNu%LQ=p zG9$?CCCtDz%NQ7>e&Eakcn6vw0wjMRrs>w1i|*cZK3WWh}mAMFDbA)CM* z41R$VATT<~bb%BMWW~aW2tO$32_o2E4i~H1%E@J{l~PXv)(jX=gd${>m0n?3?}MfR z=o-ldpIBbS{|kr|la&8wJeTy* z`4k^t4fu~G;9H|XPILt5$HSQ_9z;Nhu0*)@&kvA=)odLwTT}HLeGvKp#J7dAK=ghZ z`~uK#Ya+)0*qJoISs)yWiimJ%7wvh1j&1~|5Iso(QQ*Vaa1Vz3p(j8ef{Gy(@hF@4 z>@o1zJnw&J0YLF0(s2_Q9I)r%6yziJZ5|F3j%2?qd9oq!cmm*!=H;N>wH#*?aJ2O_MRpv%@f zK+eKbcVL@=1n31t3>0(00JHL*vR0Zz=pP{0ZRhRzEQY>I{H1x1i-D9cf!w(kJH5cQEouE@xEan z&;>!?J-DXF2|ujfti8P*mx#!{owZzzxbgOk1V~Tr|MCuQz^2Mmh6!}Q$QoRoYziNB zQG*O5OF4#pnD8I#3i1hBLBRyzY{4{2Yw=V&rv1tphcDtbbj=f&h>9@ud^G35ZES83GK~WnCo+ z@SC+|JF5faO#sBfI!M!x-I~Bj7sRLs85P^DYzICFgooS4@4$oOW8=k^Z_)U&LZsM; zMFg%Lv5-I|O8(79EkKME+Wc)BF3k`I9$~5$pCRqe*2W^L7d(x=l9iDVuuN?F@{*F0 z)uGK8I5?Srt3h}*LM@{itrku$67=K83b2jg)2H)Z$Gsz9(4-ueKZ6EUR#5?2MkIpe zLBe)$QDRg8WKKYMxI%TbzLMow9xO^h6b6JmqX`2Gke-OmzkR6)Xc^;H7i=+*+PI*@ zX@!OBbhaA*^(l)$nBNb}-o)td@fZxGiX(~>p;DuH&2GT$x@(}|+qS4G~} zu0U<7v${NQx2-$|5mt-^0}GH>h*{aki{i(VnhW=h^|j&OOZx7`?wn!2H9GUznI#pB ztE&pW>^h8LIz4lGyOX=oKfzgqH!{M>juqO&Lv38Fc+85-!oyj?Q}*sEexjs^NobE_ zK)NAgI5>d!neW;w)~KjPu_`j#&Il44{ctDY4+WPxDcero1=|T+``b?E9VB+nS{RBl zAd;f1aoz2X)%TfXy-X2yj|3yra>6oQDTIeN4i_1FDP!RRf)!8>AUbRT1BhwidjyF9 zKUGmR1{_Zya1s4BYkZA{09&9#-&X+ZgJNW}V8~C1Z$&s%>}@>{5NAxWMk5A)fuzSqCmVzQ zAYP43Nts_8KW+Jj;RTotL*EV#>}^4WiLEKU4RlRvSy`E`o*Su{Pm*23 zWyYk`7#J=J2nftLbdrHqtLhEcp9c@UIhIcX)Vf0;>)`mDrIvrC&9sD;7BNT#md(Ys zFP@fUe7gapwbm!JZ_@t#1;Y5Z!Uv!KBm8ahz(5NzAp%!6>xmmIVEMzd+yx>{#5|2} z)>);NELQ{}sKK-}s;Gz^l-|^-29Gfr7{|2AlWg-lZzv*0DIn=)U}J0CxUF^GY*~Rt z5s7;7BSfpd*Wr7iUnPAAEeq!7ZbvZs>g&DQ=~Ip5qoX4#X67HDDU@_{W-{CLr zc!9Z%^mu{pH1~er3YY?cn?>xYkn7H;apTj?;lR{XO2iPPaxA2Q5YS>P$Pct_tN+6K z^VOI@>SY^SO+-;}sli2tdq+ z^W_-8y)OOxD|JM43W^wH!nZGoWYs@@{0W810b7l@x?@j5aTqAko9p@ey`RRsh%E#X zs1GPr5poRO`?&-#jRBBrQwkfCmXQJK1fPhAsP1ga3M#r7E@at}g)DqFVH`Vy41gX3 zQFK5wB?J8j&#${+dZ^@BVds7DrPbdLb4ed86~Bq z5z|D(h6x`uA=})|?%4BRj5prB2Tc?rGpNZNGlhQy0CEt-HoPn!v}|1s70l9CL6fYku8tPidH0K)|8ugT z(rzApWK$1_9~G28B@In_>o~_L5Cq_)!ph2uJ!npssUbGw&ahSBnL$c6UQwWz2c|xV z399J-)!ub>HPvlhnjnuL%?G3i0-;F>y@QHKm#TmSX`zVpE<{ACQ~_zBD;=e`P^9;c z^p3Ppr3!?8cb{7l8oexlVqQ@*P3h2dG^Nq!UvkFKA-~uFJlQpC?GIU z!1323(0rY-*D0j|IU7`nq{hqN4z>#osbKg7fV7RxGobYND4&dD;|N^0WQ`~fz}D>b z8ef%74I+*dV$Rp6HsVQuc(CdRlgG7xFqUB;0 z>SMYyTZ8q;G+tlsGOkU`me+#ofF4XId+tpHM6j@kqH{n}CCYkB0={V$#N(a6|MoQe z^u4Gy6wLdH-_t$+K&&i(5PEw+aTk1l@%DIkVGu}&gE|^A?Eq$xVcTdhf4D(fUj=o5 z&jxiHTw1_|11$k&$bwdJTIr$yDHbabNnH?G0mxDf3WDcWAqqqz4y!`=`q1)39<7zn z-mhlWfnLx_0kQ%lB7=GqsL8Fs2Vrw^kKg2xU06|LqfatH6et34;D|^_(RczBk~N^4 z*$ecK=^4K|Pgz}CD+dHI;5eRISg_$VV%nkWb9G`5&!+|r(}X~~1k|UZ>C>A6#ot^@rC^z#mU{~X4{jcJg};8 zKz7!&!@-RD@?_02Z?LyF467lI>S%!f8|@A|uPsakBaii)0mm2M=bgJxYYq!Ub2Bph zb{ntLz(k!+BTW12=1mho0?oS5*d@ejsMZ={xcayFSXi6`PeB1Y1=I8t^oIF)c}*Lx zORkavcS*3M2&fkJ)r&#tqa>}v0<$$J5IME%up2&a09@eENLv9|5M1{8Y(A`m0W=6B zwonRdA283dfmZ7-SL3oaFgBk6oGO^}^TWgR>mNd4oOW%Cj*h^B1!Ur0pe#arvoU<} z|ENBIDWo8Ktu2Us1`o1-iYWHg{)hj5{=YZ>Hz3&76Z`moM2K};l~{}!!YW~DY4Tw= z1XWS4`jc?GedWD#;EVSh!EeVSVQqj?&1Rv$~c;w!{M`c>f#Ub+vs<z{i(r6i$3HJ^X88oc(WSIf-cHb z9^iTf3HfL}KRoU7sXVw>e)`ZMEziSvLgD=zt5$pTioQrEk*6Q&S= z%SPiz&?G2ez0G_!g@mJ3_YU=qD0*GC;QU@M99*ZlP7e?J&P6}PmXhMl3_5o;I*(QeJPO%1LAw^E1p!9e${>6y$v6p`U`IF^W z4gJhcGHvxqkL8|us+J>V#9}Za(a0Z$F*B-V`VBkxuj>6?J>={)oBxYQh{g_*gZ@}H z*OK(N1V)x#;c)TCg%~}Gzcu3gtT7~c(9wcz*=W13)}=gU0UcF+C0rUN7+f5J0Ov)C zhgH+C-rU3Eo8yC(sHf&$2wD+uhGQ^0MhAo#Y zAbY;zEGLqVIBuqe_`L)00F4OdESRXxv6Rx?VfmpgK7{PdU|SS__59EJaAYQXxo7e7VWdi;H#AvLa)ReAoE=MM|h6+g&? zE=Oi!;$W5LY>H=r0DBGLS$3kdieDyl&^PG*ePD8is6 z)jf0p5mNEWBE|7J-W>7!*UZGGyn#pUSw(pe(TaezgxzNM0VVST6&5dFUTEB^12x>` z`I6nb@AbMqI+E-g!gM%x7*AU-Tgy;aIlDQT5jQi$&HBj0WG-6eAU!Paje|`___3Lw z&hVs#)Z=V?enKJ7$9Sgoo1d$7L}5k`dW}&g_&-Q-Ns&>P@+o1OZBhMxP^z0kSWETJ z2X7z#tnvhL`sw+VI|8ET@C=>0L^Vm&8MB|2*vf6`vh5ou|HoCvc0cs_TfwxXs`-P< zjUN?eWR-TMndrmWCr6t#wTvvJFr_OO3J&$e5FeMjH5xBNym-r+Z?VxQ?n@9rUFth= zQR#~Zf<(By!oO%7lG;@3?!|h0(y6*yj&(HY8+nUXY+esI^H@Vm(M(m}5Z^nMmeM1d zw|Ce;RIyD>5oo}aO)j^_xc$Tr;pU9td0xz#pPyDqe2P2TvH5`)jHGPKJTH)+H*iwvutG)D%3m)FfXiO2lc-qxhwFn%3c#=sUX# zkA-mNgV<3-LC}^)D=H?FwjsxlzR_)D1!u)udo!*24-_cv3eKX_uDI^1`)^$7noRtmk zgi>%WBz8&7QI`tVOG-LUmlh-`)>_{a@O_qW<3nbmdD4=Sa`DzZlWWdIUZc{itcj;| z$CvqiGb{bIipkyE&-uDx%*X8!Zoav5a&P1$=Zkf3Xst?7y<855&!Gcq1&fgV@eTAL zwUyt3%F_@ZcMkQ+N^@-(b2g=Cxsoq4<{d*^G>swJd+FrQd4O(q%|ys3m?)^l(tcaWaAg zQEjiUJhVb0$W9X@S?83n>)dpJW-t1rVhXqI?_i)zSIRv{v-@4-RKHNCPiIo&X2#|AH9EvpcT+~#(YqvJFtA6 zNbI)p*})=#EozdY=;2C)KRg6uM%FIep9E)ibbkGc{HBR8mDKTFgzWdT5f6+DB%;`Z z2g-_Ge0*^@lBD-H2d4)i)#QjsnAIjWo$JTY-ZHxMB4ofoqg{1eG;5o80_Y@-b=oZS38fTmGdF`2+8n57yh zO^x>&eB@Rfi%8nwT^twMZhF7z!ei`eHJcGvpk~xvtG7n==OxRbd#%t&%HN&8OZjB( z?U62%Jqg8J1kl&jy&7;Xz=+ArF4N(s6cr5g(k$4}vpZ_0Adsg1__G?U*us)fKhD7> zL`YG|$upu4|RZ;cyAwoSZ-j7EpHQv^)mu=zmECWDc+_2Dnpmc%Vu4G!4S6INnimR~fE z)_j-Y-9Dy_`K_!s8)a@@rzwQXc8tTW9K;rfokq2S+ZO9rLV2!Pzs7NxI{e^yBl#g zT;Ze_&DrXu^N@wEQk-u6WQ+W2%1{O;_N9ct(5!qa?K;)X(*>NdiRnA8s>|^`$!f@k zHyb!FV8wH-0pAV%}unp!yq|9ercqJ<5SkseB?!+vzR-7%NjrBa1sbe>e5zNVNb z_Y3Ui*C+lPG9U&qPSh}`p|hdh zL8C>p^SU;r0om25KxIt2#xPVLvPN3sT@fIX9nIraajNIFlZD0o(Y+eIxNe@f8|N1x zv?FZ<5*_aeysl%M@8d|-NZsf1w#aOn(n9tv8A_o`R6|(4vB#)Li6ougGDwvEUbRg< zthYkRFA{n>U~u=NTBA#7H8RaYs6HZ)?f&9kxS)BJ+RoRNTve zOYkH4%b2Tm>a8*XW^Yf1GgFq0a3E>XxJOQ+@-bBJHPGXA#EGB@rs{;0Z=rT5m$0=Q^d$(8uJ zU=mZ$&=7B?fJ1jyn?(2pVZFA&1HJOWlFWcUSNcpV;dhD7bVPI3l4^EPUhfHlz3($* zaEZSjqiT07X41npj+G`N03@O}Wtg=h7{GWVzaIZqd^CRuS(~DZNUox> zXF1GS7$*DTN;8!c%ntiX>d(4^y z$k3aN+PfbQPgTN6Hw&eqF@4hlm8&b#Vvz-e@Sk?ZcYe-I)@S<(H@B_ljbs&Ze))0b zd2hCF`^616+_>gXne)8_I{L!7dRf|Z`Fou)AtBRj5QwJ=et%uYu5{)1cY30q}}vknHdx+eToPBZM33oi9ky|=WL#o8$6 z-+b}fnEj^MP@Jli6ep7iU@R{=JJFlWNdA&qJ@`UT^mUB za!n>FUpBDu3QLqTP*tCxauv*<;BqYM9W*jF zF|W0F%>7~WPlCSseSYbbjHATZ$t^pcezO|3@Gjq@syLXEaf-rey>kCx$F6!(n6x5x zK5gh1x}F}hZMVlE-E*VG3z1ZxR379TeB*p=C|oT2YV2OwO6$9zIr=GAY9rr(zyf<| zp%PeuZAe(wHiC(-;=s;AFiCU%$2J-$Et9;lgXSCH=IAO>XvWEna$^2?P|{%}$Z+Cv^Vu}c&W zF8^Hm#^(EjRAybwp4y3(uVHNAtp;T=-H7K#^q89}`z2qR#nAxw>sh9^Ry&ZgB4YMq z4dQ^aAl>gD!A1hO%h){vKF7X+cyB;-C-{Dge8xOvGdafPrX>`tegg>oq+Riqz$$4HTQ7ID*d>R8R8_?Zozj@8$}6p5_A?vzRKV zF6~sZS)Ija^7hBv%a^A9U2Cg5ylj7)x%&A;m2Tu%keX?Z&+U*AUcO#Swg_u)QqJXI zf+exBIgNkL8M7}xqdSp9e9_9oGx*GG81><+6mIp;DnR1$(dDEHu8Ln!J9(+3G@hGo-Y7Vy7aV_Da;WMlrnhGS3=2ipCY5(;^Uwpr3 zBgb|wX&{7Hz)mpTAA8)*idx(FV5Q1w`{Ua@GX(*{sORGrdD76hSM^DZ@mRRTvcy#h zZYY3l2ihP}57I|mIWUWX5X1lMouGvH?^Xu5Zm0jbWBvc;4V$isVn*gXSD3y&1p7wd NC_hz~FOoCy`xp6ltET_} literal 0 HcmV?d00001 diff --git a/en-26/img/HTML_Heading_Navigation.png b/en-26/img/HTML_Heading_Navigation.png new file mode 100644 index 0000000000000000000000000000000000000000..034749f9756e714e55e055e12bf60bc66d07aa6a GIT binary patch literal 73112 zcmb5VWn3Ih)9{M~cXto&5ZnSua1ZY8?ykEK+$Fd}aCcoGkR>?5ZGna0?smAY`?=ru zIiJq&eAu1Y>7JVE+Me#}>VHM4D$8J?lA^-Ez+lM9epZKpfuDanUqMEE`~H@Xa{hKe zago(^hk?Ny{O1EZ;#^_zc9F#6i;l-vXDbhHQ#VT(Z*Ol7TPJ&Wb5j>f4re#(>=RK^ z7#M08xzCasJ~>A{-W~=Eo~N%%x61jFr_>)q2#%ES<&u)=!7PN9ztUq2b_8o(9m*G@ zjE`=|PJ1%$EQf!|H$E9@1$k|y>u6bY{A#dJXtW`yRK@o{eaHF{yC>s&hxhACCW#3b zafk_yq}*N;p{&X7y8DFKUY`Ht?NQ(jj;1C$V)(#Yh5sB32QV)O_BUTGb& z|5e8Yf!NgXzt!LF8YD0QwESNI#OT@~IP?E6k+A>21z0yC3CDk8BmAVv$yyv58agJv z@UKdP*+?s`=a0`{4blJAxt1h_a9*3X^6R^B$(7goPxpH502=6jk54glIb>*=@wYl$@Cxj97%`rI(<_?@qJ<~xeJ|HF5@>w z|CIQUHF6n@<}a}AeS*3t{osiG_x=bu8sT3Ul}Lz)wM=iOfQ1W%pl4Y;xlS_*)J$+v9s9+%0a9R0qPtVC(v@Q(=xSCW_o zQ2OSU1lcOlM1z7lj*RFk|FQL1YsnnZP9)l?iE9aRNX6lqkGjQwdRlwXcQ@0(f;Pvy zTmNW#=Ckew-qn;3Q~wrn(fbT-4MN=`U&W^u#DS&U|2C0}q|89ad!%@8Qe2%S?r2MXH6m!^# zYGIEz2rbUKQU z^!66`^%P@yY!Brgj;ZI8)>~c5Q&F(@MX4fX$Bs@Z21{s5xhSb5DJr*sTI7vJbB&ZD-m&-6 zeZnl~Ov8KExUc-r>DAUNl;1;RMN$r965G9{(~JjPWfJazLp^E7c}ikHjw1+6r_0eLq$y>{eGk)4M93C2uXia)LX0b3}35@xAoaQhYBWU&glF_or>- zdETRQq>!~W4CaZ)U8E6&>ZF-TA^0cDke=bo2<2Uu2*)v`>r^Ns0?O}A)Q55+;hp%i zXYwN3xbG)qmonmPlexlloZ{APB>FpkB;KbFn%>dybu81h(wN;ha4T?a7f5ZIeWpU5 z4o|E>YWEWNb8v^?5sqg@U&u(p`O);{6=r9}h{CU&E}zZ7LtRze{*?o`V?xT5z-~*dNwIr; zP70d>R>V-ym+tL#jMYX5VT5(=$Z*W5W^X)|=bJBHd4~v~R1TdH!`o_WrSWX*F0pXP z@$Xa=`_BybGYXZnhf%4PCduK-rq#&uD4#NtU~}Fh4QG7KYezE+6)<<%YTqm~^q_ai$Xs2?4$af$#o9 zO3}}Xq4~J68N#}rjw>pzhF{nY8<&51;vVm`j090mUWiW2-?G_zWD8=-N{c7~WE)Rr z#r=7G$PJh)<#kL;nKoATFEUtpS;-#EGxBQjR1|{@&`7;SWmKR_znL%~O`JhbOsih4 z&u5QE?7hJ2{CiTWaXHKpkC2o}i3#@=B;B3>oR*G-f$9@gk>j|>C92-sggWNnPfat6 zFrOxd6S|nfWqfzCIk}$0gZmf6KhPGH9#Tu(zo@u~--{EbK}*CEkQT2msBbq!hC+Ft z*;rYriGP_w;Ek;&o}Fg8cJccjCgccLTVhFC5Tan4kLfnYcv4Tq`|m}hF+1^YdNC5o|-8q6V&f24u^6t5kck=8fd5jvn z21t-eUhICiO{tVI-mbKH(HN{6+)7S5uFgXqHVq!$hME#S`g_Awxh5-a+B-g>Zk5*I+b?O|$QD5_a^lmKd`g-qyzz;-m7B#xz?Gl+f3TGoTdTQFK~ ziK6NhC^6QAhfp7_8pYKTg0IQ*W8Al1tBm_=5g*5A zU5vKl!itN+rd95tt0X|S8`t_WlG@6m6lLd%M<{W=quMMNICt|a5Doq~oN`D({N-;I z8zGP4&YHAAJm%qtyB&~ZmmS3b!?$#^bO3H7HmuhWu{M&a3{1|q*US4cXdqCNpCrn$ z!e@OoqG7ZxV7^70>qFkaR;_@)xbG--uQ2^(cA>~4=Ku35 zKUO&MD35mkSRg=gSuABq#j_DK4?mzDv;37qf>}*mgV*)&n%wnnZ*2<3WS}_!Qhdl} z1qeyu2yRx|KL*xr2#My-QB(EIS{c%eB4k9iF?T(hOobJNoI$*GeordRM^=%qoLnsG z+C($fdfq6;OmY&1ZFg^jt^c@O?4O>^mZ8pXcnb(jj1EftTAIkC=(F%YuUYll#ZQyfFVkGt_&OC$5ewd>Bwl}*%j?~b6 zEsosp9wn&ZoSK5x=ZK5IQbFf-$qmj3%_Zt4$NIDh>#~Zy#$%W~EXj^g{LDY#DPkrm z#$om6ZO|QYB*)Mt!Z<+Sw3dUKGjsmyr?LCZuHrfWp210Wn5?#Xp2!wo0MyD3Q$O(+i=^-vLRY)94>gQrE@dhsvi9MS2P;&=0Ws|p)RX>w!n-e6bMpg7 znT^hE7uV*frVy2KNx8odcz*^fc<_P6$MsZDvGcL7)Y}-Cq19n4e*o07tcb1@?6`AE z(WtE4qjW;;w}i;v=C_Lk3Q#s^=;Yspt27k|uEC6F%zuunryy_r<_y8=9GhNEeb zzqy?>U!=IZn5f!L0&OL2Y_)?H&}FuCXKp@O2(!@$F=?09$@#h^T;#`by}LuWp;Gm_ zZ4a>eKHRvKH1K1#?nt62;5MXjJk+3|L1pPrsVIKSooa5Z+bcfFIkqf2tjj98Yp!Xj zh5&a*67J$4p}v4=$Cc5J)t{aB(TR5(zpz~r@6cII*_B$#w_^!-DmO>}x(O<8@zRe& zh3Mxv&46Rger0Thgc;V?N^NH43r$r~QF*DG^4<$ngee)2o6N1_mt@@p*a+HyZQ@* z_X5S@fh3`q6!Z9s_cYy&MIMgiS+V|;yKWaL+lsund)H!1X0>0H`-bs5iH`J(P{equ)d7VG_NQOQ5`am>D6g3SJI=apzX-C^nlD`< zLN6faj{2RZfa8;oX1?+ciD=ocxz2qz2;#wCktu|KWA(ZN$a>Ef0t7S32Mv9aoP)f1 zgI`Kp6t(ob8Yqn(_P19XAu&&VWXZQC3xqGnWPQ{Z0;kr>qbb)tJL4#`{)GfGRjM<2 zNLw_GCVXgY{&Vio--lh99e;~Iqsr@iy%lNY=PYff&VYM;kCr95-`%B)hYZ1rn^-Y_ zJX@S!w2m*2r5}sI7U5#6gk@Wi7Bw2ed0R|G2*5h~X}ieK9E6c+W1ecg++^aSp&IKj zvvDGnPeb=cOh&P8U>uya-?Mewht^lhkDjxHvxCb%ommvm`~`v3Aum9X0ht%2c0A_5 zg|Mma_bIm-DAaEX*L2OH@O|x(c-hfO1j!d{^04CP#6w_{BUnyGM-9z;0Y%d`NCN!r zuS+s$-m|bzU&!P0(pQ(ux2AyA4pN$CGOriI#THVa3D%RtQlA()(Z7IaIs` z9IM#o3DKstGK?KG^)7%a)vco~X{~tR$s1-e|9&FCoAgs-6P)@1ThApAS>Hkwy#N=5 zw6h5yApr!(b&F*&erBok0~QK}E0dkKuUYvFDRyPf&^y|eyVbXARYwS9i;(Vm*Wpu2Gm>L2HF zsUCy%8y7VI`-;oK5Su7V-&9*}6!l?D_23d+z_0-~5A{1Ca|5nceH2?tBKhy- z?fhaV^&E@$X8LlI5$HTf(DaWv=tO@@Ji(rljKo9wB(+0?wudsDp9)G550ljZ%WnGISaFDM~U_gwJVfOG+f< z!(RMcMs=;8QjHId}!eCsLm-a z-ZF2lxnRI$k3BQ#5oq7peEG?rSrJ+aYbF+$+S{1ot|z^2A|~>nb-DSw2nVeP@vNpR z<_ybw#&=fu!mQ>)g#EpZ9KfU!6?Aw%82JSF`D5b9fVy#qbyYo^cS{JnH_dzEg-qE? ztiO6w5HFxH0F2rh&N(@|h!yp0m{)iu~sl%+LPMs`}QSCZ%z?}YtQpW)9KDRs7i#-|!V z0hAmt;y~W=wBqNpC7~&a3I_*lzvu$~3UUX4ah~QkDOZ$tW?II8FnNc@e(Nas1cpdwIx_!30Cf_8)b&RbKK5%ZPq5Zqe{}reqOIZEpe?ir zs}KzYnb78ns+c9>UwzEOy67%mlOB#}bZhTZak&5r0j1g%n9pFvz=?DyRW%HV87~H= zTOvx7z8nAqO@Yo9D#ds=-3ec1pEKN{>w0e7yE~OMs}@mXF4@ zqhJ=<y^$)tUiBuVa@Cw}QCf>iQ>Z zafXv_U1Z;gF%j~e>sPP0PzA%uKy&p^4sTgjqGAc<_H%0mB5C$da*Xa~GP9(#mv^SD zEh55{vVQlPcq!7%21I`N%El$HrS$<)_YN_S{9R8YrckT{o?50d^6UOw5^k}fi0`Fm zHT*!KZ9c%v6k=VoF!>_iLjXlcW!TUuZwB&;k*80yt`47JrWWg&+5TT*4@4=(Jm;wMO?i18DmcYp*@(AFQWRen^g)Mgw zocclT-9L*Uqn9R1G;t+q%BQg>xdI#-dzsKB%+Ev0wN5)d)>QUj4UAV!esTCsJn-4v zrIx~v-DlDOQtS?B{mM}%4YU=9sK(6TNBUc%1h;Gat@8G5l*z=wkM9DTJW$KyrDxJ0 zkV8kgEw`~nJ;H~r_t2&=u@nc;>A;H-{ePLrX`+|u_J%MO@E(|1}S2as*u&mz|x7j$nS;mU;gL@ z_>LfV=moCaC9)bPw0e)U@?695NSc;H>0_Oz`j;$sPZQ59<-MhAy!E$)RQh9#CSfD% zl4=X>XdYTZ2kF(jx^_y-l33k6K^}mW9m&UoAbH(w-WA_P$48cA#~HIZy$5^zcc{d8 zv1g5{!=B^@@6Y2q07DTA9`H;C5Bejj4ah zRb9QLJ&4lxey!aa+%lG~r2)dvrJ;Hf@Yo)faK2~LrO)x5fTrPQtKA4Gap?bYGXfu) z(2@g1oEkfrtsM+~MCFKX;9_pqP)IeiveF!742(_*PWqP2Bv0NmsIJ0JoZRuLh;Aq^ zE$iPOt+k}?#xq8sGDAJ}%)>S8q(2T;`<(e#$9l)d-r%||3!QB#9N7^U6gY9CRqfVW zX`Y3s-Wb zk)zg&-8k_ZmPR;$j$UIjd-7n#kfZyGJ*f9KMYO&o)4*7yuFoa*VIcB;-TnoF5;?GI ze&y$6q9utVH;ngMd^5jlFC%;>((|<+&STu=V{!Fdk_Gfmh%6x6vb}-NLZEAe5 zvNIfDh*?<`dUuJzWe5S*C4+4&< zZ-*+mmK_L1;lkvDf`xtpmo;!$B9)~}h1EYB^22D+LwRW)dLiM|*uI3Ozk&-3Zl%)H zldT>(v5UAilvj$6)y=2>5j?~8U26Hk3W-#uLo`5R2}M+uosB&y>5^E?h2p?tDM0n! z7Y|<(naqkCZ0Rft@#xSRj!ABQZ;6%;6)wIUKX?(98=LkVe79!QM4n!={#DAPi1Axm zBO&Xcy;fa>$X(`vit=Ymyr0G3a=Q7;-=A^?s7=xnAvgXcihmu&dvRQcD85In*r*4} z83m(vuL2rXzskrhXG{2*)y4l3Td&t znwh*Ux@U_5qbKwIT%@>Q?toc|s=63e%3T4s-+0_RuqRr@a6?v62hmn zHTye&fM1$hMQU!+pB*5L(#oi)oL7{Doz!S&Ri`sB_IkT;WO!+tZV;{7z4Jm)?7Dqw zV;m@Q>GtF^1iH~%G~#@Ld1oJeue(is-VVB7SQNV54)F8j8%}EWa?$s>hXgj?&Z+0< zhrGHy`fQLG1v|0U2)XMtI>2iBuE!|O2zo4>nv4ygwL{0+9o6WCUhG9f zb*@K8nD2@NR)cN^K~*($yo<;4*PJgeyMUa8A#E~3vrxCUhzaZSRBe4ZSIE&+xApWW>j;@ymn!&YrqznS z67X~f2OMw-9A{3KCzRyB^u&H1$UEYf!Er4F3~MA^bS~9pA){7OF2Tu zi|U;dgLaxf+S`qlM^)1GOj;^Q=*IuP`no6g;HnFT94rQ<>&h-fF~UVHQ64!+hW@0x zPXy0ff5oHu;gwTyYIy9}FhuJ5tioyMcNLVpp`sx`OE(X_a-S*oE-#k|P?Q#4%Cp~h z6kqisvHWqWMJeHHn?}dKqouc+Q7#(5)dL6co@aW!{gRQ_EdMRf{XT&KV%Q`NhG0>6 zGX0kYXe#jLx*rL_MJQv(7QXFxThVsih-WbJcRHNHBSHVfVfNW8ve`C@VV@0tOyE&d zoSt{w*vo&pU&sOLk1&d#Q@3&EE6bT;N^X2EBK^pu<4JW%mcN}=gCw|-ds7tG=C&!I z;xgw9VgEhZxGqX2AJG5h3=cID`L27>iHH&NbZ2yWJ4K!bNJeI6Q-E~6mzfj;EQYwBv5DHHE7eKdY=69@84DbMK1shTNpO4jQOMg&h@aOlW9D}41jrdV} za>04e90^$ck5;Gxis8%QVCRQT#h4kjx_~M)$}HCEn$Qma)YI!vgVb{j&&RF#>bo~g z`k4Kg1)uvbBpp$9nx*#@p)4u%VpZ*r~$S)LO9hCDK%1sMTA1fh#LQj`4N+KRvvhkcyVM} zO2gJ|-KsiOCF=L_-jXO4X!0FvVu5wqD^rs_6%h}_$afZ3u4}=w05(!G$fbsBc+d8U z+1|=dq~%HoXGNa;(u$T(Zrd)a%37VNtnOavivT4(_`P{7W#MQYc5+fuaMxfxi2V#AQ6zzWYTtm|&`VFQ*+(G+}5aXYQw1(5r= zr?a|X>5PX_cEiy)g*`5@`uqi|XBv1i{<8@=9~1xRGBtGr@C{WUkaIX$vX_ktG9y&o zdGEE}&=?_WgrIPGPkb^au^0S0Z2N%Y;0){T97vVlQA0ii61g-CDB31@i_j*_%uvup z5IO(CJ$anP;(5f-jt=WP5r1KG`=(9#Y8|w^2C4GYiXf65?#G|k-G^%eU&*>>I^WO^=l2U5 zIx#vrTL$aseedA{V{b)Uv4`N@4*?tYn!SON_v0v#XFR3bXw?rG;!~v`@&LgSC88`` z6)p4aRR(t)eG)$9tcJh))g)9Z+?xxD2s!7Q0-{rmLWLPzhr_GP`QE~HH%Th(;o3@XNV#hdq#r8^ zUtlB>K3b+RVz4?Y0S$>$ouV_~w=jt_N~YMvULK0U_D>PU!`tLLky+tvUqvl78~SCD zOV$SI4WwcQ?4LN5+d+B9Qz%1DoiZr8VE*o(DMw@Y5wi_4G5ro&qrcrOTBCI6u*Rb} z*a`TA4PE5Yy-3pH6$7v=SSQ;@4oAJTQVyz?4rs?*Q*0Bsud`@i808<$0$Ir1fI*8y zT{j8`{wab%8shVJoDgo<4W0*Ti#bi68nsL2`M*KjyE(4Qy!5qSM~s@sEiFLYzzw(! zpOe`TMkYmLtFP&$y#X|kc@f8;l=LKM_`yAYel{PE5VV0Bm)MYV-7RKvJq1}S`n}g* z?9f%znA={w^|Z!nw4Dc%);z=u_W2qh)K(wQPZaw+j%uYpLp$uX@l*mWSQ&*keeKKA zs(zG^6R5>V^j(-K+)ENMY+74)xZ4VE+4GoIP2o^$Jx(=9x4O42Y}k7!nHw?S-ILK! zM^cO0FcCV=l?L|r-T03EZcE-wHH|nwL%%FN8&N9jU)C=ow|nu({@w*~KU4JY&+Ubt z20Epr=-qW%3X>5I&3`>Kp95(>Cx_||kri4Eiv@I^c#&(Xy=!>>?8dPEDir*@aM$jL zvEcjSNM+tLNjZz?+a^Bb*n6H4_)XyR%hmAe%M{!E&)l8Q#U@KZVTIH|b-;Fo`_XVI zrk!z?Ec)g|B=NtSSod!(%U<3_-4NN8;fI2vx*Ljs-740oj@aD0OGIR(a382N<#yN&sp0yU^m7)EI=8V}zp6&Xk0 z)=_KXT1v9v%NGt=4WYG?xwemWQfl14neo6zWrL%5A> zrY_q~34=6wX$?J&3x_(B2K1wIwp%Mvv;rI0z3CK|;#gg|g@yeS3A`qmJQ`4)^FuRJ z52dLV&X8Z~S3~n~yvRW*$Bsm6ICoM8g_$sc?}2r7{7yWLcYiRwtlGVv{yv$Cd;dj% zIbpAbS}UA<-@;X*9C7_NvVHfQ(ScHL8ckfZKP7qNAT$z-)sx*(n1m$T{T4^}cHFt% ze7s+bOIZW{gFdbs8Tgy#(!}=}^`-TRw7|rd z-;;(?I zGw+_Iy5mlnV_V5~bqb}I9G}#%3rfj+bFZ4hyPspcwmIDPm+M1sh->=|lX5Vb^=K$;t^A6U42+El5+RU z??KQr@q~r>SAcW}g7r>{?yD}&na{|22wraXeXfP=qwAO`>^?M~NhutnPBJC%{V2eduA|^^#6jx{}y4`+I08#1>LH7ovcs(CYkN9T#FOEd%?&^ zjreke!SXiN{HqUSJVMv}4LM%dy1Ke)@Eudeq!5}I5x+39D_7apf4v#iAR7Bm&4Dw9 zpE}hT3&@ru9GO~-set~xgDnGE$7Apk8kc`B_V>U2#8-Un-8&8K<#svd${kN{fx!i% zXE)NHjn*5cFE3QDY1`N3ur6Det&Z*+5i1?1>)vipcg#Ugvy8f)WAKA}@1Dd@f^TyJ zpbGgN;8HcCK&9_}%SC6&<$P)E`f0jj?9tsOx$eF!P7S@NVY_lp|FI}nX(nV5ALm#* zo=V%u8EAs-LS3iWZXUmxdjRT@^tffBk1sIqRl7L~Pu45^!1!FIaYF^@mM;{|w>RJf zFS&!y(dy3-(F72C0yhnwKIBN2I(CEJyqpilRzH+`P8zE~TVj7qepxbH@D~>rMj1c* z(a{fo2{_@Ug52mkgAOm%b&cfTlbfw~>pqR#zJ%7+QesjG4M+rCb{&ZY#z$YwjE&X* zfu09qV@L@iV(_natroE$!+Cf~<_y)i{7_o_gTXCuKTD1cMsv5{I*gNpY z3xc=jOxg6+7~$Q|PDx`7lnJvN60+_JWD-x)+fNTa_L?a7DrXiJCYK@@G|~!fu4Z^+ zI-V|I*bLvl>)CWQ<*Mv{=o~X_)5Fj5;{A_0J_;AD1oP=PW*vqF+*1PmJ9KbcgDn>> z^r9CXQVRKQ-B?=VIPza5frg`KVJqM7W}`qI+Z>!;ACr&}x4FCvhm!+THTh4~c6ULS zO4v9y*giI;Q|;PI1i*TS1IPRPuloeY>k=OSglO@SW+#e-BXA{T2el>#!hMkvK*^aszyu2A7ESI zJJO=;+XGTRl~YgEk)HrV1<_I2GTDE#62ifW?HRV_g~tn4^k3P6K(vB>M(2?LAc36b zHj4~tT05%yrRl3JRF?71;oA<1f;FmTC;<2%g#|^T>DzGNa2Vqs#9C@@ddB1WbUKc{!w`c|txZD#y;NV^XAUn(--`;|OIWpv z9Qsua4j;wO|6%&kBM#HsYU&BwkQ9odLhs1TFfK4_p$ zW&Mp2_Oq~R+VU{5K8W(}T|^N$>Y1Z_K}SP>%BZfJYh!EIH|h<0Bul00DPYrMs>XOv zdh=wOp;W`)Mi_p@Dp5hy+bW-F%6Ro>y$3w$W)hfdvVwi6&423sL&p*)mW7j_Nnlbz zXWa}Q93x|3Roh%IHsv}4^=PTLi^snCSgqs>`F8PwAT?BVw75-cNyzFxfP|i-{bG-8 zWhfbUlcSBP$JHdy^w!yGjvT`3k#-ls4V0st1iMg}9+wibi92f1cWbD}s6e;|{=cUP z%ptrK-~yR;UvV9d99!-9-0;RFDKd&-1X#up*A;E3Uv1E2l0nheHjG=$p_w^}N@!CxR9t{Qb|29bxW`EONJkpk zhWxg*PNKING~9$;69si7Ns3|FVEeGlo~M>eG}xOn^HNx9u|-eM%R&^)&|&C7)hq*tz(k@^&4UD{21!$^(E4&T(yjt7Dvm1{S`B>EB*9eb z9Yk17#79Vgz?F(BqO)p6CMMLB#vv4wX&uw222U%M-r!LI4R9befK;GL4Q|Clg_6{) z{~&J#M9SmRq7~SDyjvoHmOVAx$};fLODQ#M62KIiMt)*dm5->OXQCDQ*8OKZZz*4` zmc`O?IN+rTYkEbX({m7l9T@oRu+*9DA~^H`%pvjk?JV>Qc!>^Nri?)K`#S?$4NgS) zLI4P)7qc%ni4Bs!vizc1Fb$Q;8_pe;qFze4yf6$}faBXn82q0BmP=9SE!~DP;Vrr3 zWgd6oYv}vnobyjaUkpoaWiwNDMOX-TGLWBZP}4$)z@Kax5e7~zbu>P0o$6$Dw9wL) zko}@FLI%!&O+xcafb$V<#!~Hh2WkGKj z<#PoJbFZt1VL$xMuto_IY8W~iW_J|X;>^&guWRW`tXl~|gz5njfJ_RT39(9nZ586d}2PD0s~V76gD3#OSz+a6;({_Ook>)L%9`!KB=Sv z5&MiNWF@6^d?mGpy?@O1nWgLssytC?ki=Mg^BYaiV#81uvc>aU^YO-BLvw=f!}-DP zagLyG#Bvr(@55fc`NWZ)ut?YaOYl?btDhTP@Z^W0*S=TDhX;l%BN8Nqipnrq z%2X`+Xmd~2*A^1~YCP0;XBJn65=t_RNcJ9&J+L5!E&MCvNd&F z;ZOIxpRfHl73$Wn?C~n-V5Jyfr_I%7g3EX}fFae4u*EAa@KLnPqa~a`t~&cfVZjs? zok_W$mJifBH{V{uG!qEsykQ!%LQxod*MiGYHE28f4z?K%+j(54vv!IKL7++y8x%iN zEFU|qHofhnC(JXz=gm^b$D;L7hYOw!O%R?2rcM>AIWe+n!K*`ASn&C5D0R>}4GmuE z*rQOopip;zvQklo_()ATPeacgNY6{d|L%DlygpaT@|l-WnY{6on~>0opkL%bdMV@F z>fB~D!qQNGFxfldX!Gdc^yD`|+TysiQpho|mNp+;fq}Xjp#Z+BitVV@}f4 z)DBkp?CXn?|8$4+cmJ3U7e!4=OYzNVczvp&x+s2qq8}f3eA>?s&h75bQQJd+3(C8@ z_h!hD%bwAr#@}NMTQ9_(4DD>9>5NMcUSoO0_9c_!0`6@r;Yw~*y z$`I~wJ~wZR~K6KmvRdK5_ASi{h}!qV*v!B zgkn3ZVtz4Q7cAEx1UZuxjOJq#!JHG8uA!wF4Y=dDuYJtGZ30}F6$&F&8!bXue(dKY zn?a;v+zL?a6adlGQy9;m3WTIIx!+*GHN;~gZVk-Og~eDbhXDCtv$e}8ce)L%pO9-S zD7>ds;rscfHj1y^1iGneNnE^@fEYluhO>jF7bY{`LLtz%;F^3quP}){pF^sL&?S}EnhbWaGjKBV z5(Jsboc#H=C2}$68?&LGnnR3p_AW%whq2*cNJQz|QD`(R%|bT1)qFvYN8G^j*{;;* zS{t7Aepm~Ll^0@#HoWdzkm>R%dGeotuMHXLsvJcQ(sTABzAk-4rPg zvQ~euIa)t$TtI`R#*Sd28a({Q`|CRgn_y{otIRoLxDN)3VjV8njl(JT4eRd3gig_v zt|L0bn8BlJ5^V4Z>^Pzodm{qx zqtRZfymZs4z=mAtLo0vf7_;#g))uYq$po+Kp=c;%hR^%F*Ya&!1D-tKK$k!F#F`p2 zm2LO=c3y4GJC*ABhRa&TW9B$G%bfG^Tz9tPc>wyG6OFgQurjWvPiSInZO!8k+wPjc zxT%v|Nb9F;U)K?4Wp9|&hOHa=Y6Bf901c_vsoCX(-^2|pv`MGU4yVdKx%VdgnB4E0 z-YZWe@+)6TT2;FHU~`QAPq2K<{b=M#c~@6PP7W76J@BsEsP`_iZ)9@{d&T=``}IDC zQ&qrwx8l-4gFk4WuKJQKs=17wMg>rz(mHRm(`_Bl(Md9v@t8G zDMp_FRc*AiUp0~JREq@Ik)KU?6f*fS+`s@67MoO+iVDC-j?eTB{L7359N5@yqN<7b zGCL?SM0y@*J4gt@;_ndq%|k8eY0I_Ir6f6a001P|{m6lxmPOM-7Eg10)KkMOWDTNs z7nJ}@SmH*!!#N}eCMrg_E0=88j!QPJ2H(bV*hL7cKN+2qC~S8%fuyqb|0&MU!F znc>i`YX38QAm#7chSS#N>P>T;7iBmcJ)-&7BRQSMRxX-VPwl<+D2W^TPm_?)TgRz& zt&BSG(;Ag-9RFWLQeqP;L7#l&ca#=QaeMqWW1lifbTQrBB4od~12h4=;!>!|iF z(oA8b3b7M{{$lstZ@l0pxqNdDy7i?DvXSUQY(39-z0X!uRKApWz1--P`%%?ED;3NL z*bbq3`nVoy5w5CF(S>yTsivAzMCJ7M0hiXpBlK%bd9tBPxYVbql|JW;FU@dC-xl`r z*Y}5?WCBl}WJCU^@0;>T>%eb*T0{8Bse}_J_ACB{Qm^)nORVP-9BnWkRD>kwGEX;) zD7R4*w$X*;k8gu%_1vh>SDh3p4!N# zc43xn?TE>RAOA47dWOG%-1ec#(uB2ZCHxJ<_7TrE=hvo5&xc$^T^i&tNpX*>dXP~V zQedmCewX9;JwH3YHayV#ph}3@r;j#7PFrA z5YXJhhlh?R=wl-ALnG`S_@UJ8`@)9c#NE!-E{6+7Z~c^ixOmI@;;~}w9VvdNfKU2o zGC(iEh^KSo#(z_dPdMKGB9mE<4M|EB4la??yY2P=vH-53RDsWYVPZ%=E|Y{HymB8; z8${t&xAwJ>yC0^}*|N(PT;2I79#mWIlfTs_FfO659su=8_<$D|)`pJRr}0an8F+1VH)I&AVC1`w>51kPzy<1R>0{9$8z zCJi~J>&cTPrBJ|M3d4WGivKhbvOa)($Wj=g)ymhL>|9H4;0r8{K~uD1`7k-I{sU#U z$sP%b%<68SLy|$EDq)-etaFdMdPT5d;**c9)L`w6%5#0U`sHQpoS6`l5ATvtz^9lh0YcGi(F{=dop4w!V+ zu(Iwq_vYQcreQ(_jZ7t&LpIed6|-KXoH@`I=YSYI_Ljv<%s7fMnVsgI`-kF&uW+(p>xP<+ z(vVR8{K`XYwvK1hm#KZPMJl)p;j!d)cDLx{Ro;P=YG|b#lZKkY;w1Li_9z=W+p@h} zvX^l?;?MsSB#qerKQP4c@rBW78GTpJ0(zDehEy?JD1SBt((p-+#BA&+)ze#LJP=kn zyf6GAPzp5)Se)gOw6?N}SfLiL={j4*vRml3FBQwT{-$8}5d%$2MxII0?+QKm(i~z> za$HVw^%&n<`fh$=)YoUb`klq4IkELeuq-M& zx=+-P4<9QUkU9n+WXo;faZN9%Q|4%D|%=YB7ae0Xc6UW-yp?I&?Z^}bwej>1aqQc|i2FeXVxx#vf zH=ETCaC6&g|5;w`p1i|+4W9{YO;{M$5?Qkdy|A4s0pFu9QBGeGFHPS*r`}}49L1+e z$!lAM-uQ12bvfcST87jyIVHSVU+$~DQ+kIn7kW!NVBI?do$>TUz7@q6$x*+(8ghvg z9qM@A0owboOxtSM1bk8U4bB$ibK`rZV$oBIQ=~{i;Z+i2mQAI}mQ$~PtJFpwug+u0 ze`PIxWGY^kp9&5vfRaDk%htFIXps6}1?tj^R)6R`x&FW81i;rvjN9gL{u1}wAhGP< z6Q+fC{SE#B=18Wd@lP9M&kJ@5SEBBf@Bc-)Wfaruc1c+mh#5hUtJsC*Y`mW5J&ItX zK6-rJQ_^pgv8qGgtNK@)=x52;j!{grTQk|(!{m3)I?HQWiiK%-d52ToLyjnke zbs}f;zrnQh3o(_sa6;BwZNzbBb-!4G$)Vn;9UEQ`(HBQlIizw19sK%G*@Ck$m$OykmH?aqAnSW z8q!SYw-Zyd_f>E2qM%u1==C87u@*vjmJXu+lRfdM{OfM>=w~2N5M)Z07WpL>9rkIK z1e=Ldm%?WpZ8jB(5B|rZ@`FY&wdG{?+A4dl4$WIC*N}70d@q-+k0%OBRf<08G zPa|u7r;C0Shc#7I;aj{#jQdxc<(b3E211oqKv77f3ffrO^BJ3X)kQ$V`v2Qmz)sg= zinoSV*a4Wub#?CxLH_|o3N~SYtQ6mSL=X)ec#%K56oXQ(e1|?hUWuN`6VHbto0BGQ z_MLH3Eu=T01|Jvo)~lP4JUO&9SGIt1dMQ?0DO!;JfXL2?TwB=rxl(xwH6bn~{jk%^pSmG8z_&s@Pw@C7M zxU-i8A17!6#9B|o)c|4<4yT+evyI$>=z?T_2dTiRl;f^AIY4hrs^=?ge9}0F;lrqR zM;=U_!QI#0I7rxJ>eez~XjH<;uKQ?J8S*AJQ)h=zw<1btJEQY3CM3RBt1x>4E66pv2HutR0dar{k_n z9MXj|k5Hx}xH^;``)gD&>(8MqFUD=wW_qP2B@wkC^=`du=3nwSFRWZKfGbFxi|BSZ z!Lm-WFoT>erp#b*?U%CdIiussP#vvMPA?eDq{Ho8E9Y;*FpiH?+m_Iju zG`=-+@RSWFQJ@D`DOMo^h;p_dR#=WQM$ZXXgoKRU_Gk&SKtQvHM|eO%yUxrQKPAgR z4a*3b;p?kdol1doghh2jTp<3YAR_*Fkg68JE>!YKAZQIiE#V%cQH{>_I&iCdye#hX z&B^zOI0BXE2e9v4`Dk96P^lSo23`nFEP=+T6!`f2p)SSyf;633_a(X8soGXn}hmZuHfNjqw9PP>d^*u=;9i zk(zZUE|gqKb51X%*r7M3u*ttEvJpc{t1_64^6EYESN!!(8_R@Y$^@)cqH3n`dHUr! zW-Y`8r=8(%90|CDgqq3fj@is&&gI-oH_R*5H5~5>QNErXxlvHBCxr}_vW}rK3b-Rj z#PyhXXQE??s(U_$u~zo6_?dcNv$U1@+=t29i-f~$(zK9Z8YsAc9nP6bF=Mk zB_}wC^Sys2tGE2>QO zsMF+~rUl!P=RWxlB$~vR6?*eXV-#VzT_MYhlB2B&l``iAdW{holQUEItls;3eM}ic z_I<~j96Z5n8`J$H*ccsai+z+cxxo5`3$fABNrE6X#AG0!53i`af!H97$(z4C0z4;{utw0TZ!!w?fb7?>XX(^ zR^BuGC1<&(j984*H9A_6KYK2u(eKF-w(QgLb=8Y`M;{)GR2UQad~YZhY@_=_o0lrZ z#5}Sz2nbb16GVN-RnXE0%^l#eyIHz>KAsDLCLtZ(;!Xl^7KvLp8!k)WDm0NFya&!c zsByFl|L)!QJOcE2&IFWx4LNFcwuaPxLK_u#L5IxfV=7Z%>PPcM_jV?S_I(rED%XZy z!AzJ!|LB=R*m)sNjl?Z3i_~S=6+P{&S3v#?Oi_2C=SOjJa1qh$r+8MrER62vDKOyL z{V+*AJg^=D*GAiIQOjOB?i2rjHj1?5hS*M1M?OBo+{#s`hAHx_j!UB0O{gJ?PX%y(!>J ze`qKqWFH?zgbsGu!YRV6=E=KpfnIF(Fb;fKJ!ikil>B~V)OoV6axyJuEMfKQ$TVUX z5%(p@eA$+^`mFGs4f}56lI?t^(m#3a?ul*l_R-_$JHnr(N!LU5s*o_Z?!#yT864M!B>m}1 zszSXqm0jcvrg|!+iGyd5crKa+i2WT1hkTlRnwMQz-xaO_9Cx^K`E!5F8G}|jaROPZ z0?*LCe4qYjriJn}PQ(t*``>7{`8=B8r~0IWm&vOpl*`hVl(JS>d#noj8)Cw;E;)hy zX99RP_bH{HSdtK_y{!xe)cwS<8F9jFSrz%yDbNwud0A6zqaA!7!+g$TI);BrD`KL+ zYxHTpcD>%yNPyQKEnlr%_6F%AF|u29|G+Ed^CGPI>+`Kq9DRLLsUChj;e=9+PK*B2GGIcpasP)s^L6FE== z!fhx9>Wdn^+IzK-_3%v|q$sD~3QRk+V+Tbz^rND}yXFjIE2FO18_Ouan41bT6I?w1 zAXcs@|B)B1_;}|iTcI6UNSkmM=TR<#B$(YI^}~IJalkS$+G4CGx_drvGPdSyfv9EM zUV;+VVMNr_jE^t5rHEN4whHbM-oE`!z9;@Caq-%|cG!7I8rA6%DO{b+*bGgDXryBN zUvto&<~|xJ^&ta~tvnr$l1*IRTg|x6kTZH%H|?WJIJ!zbp>hg?c=1cxsJi*z zJB38%YMW&1V$TMQ?d7(!Dm1ATw727Cj!E;UZ`k-h3K`ser7P&TBkS;4aY{0`)6o*( zgfLxpOD~q1%7Bf8uI}^;7~eZ<+=g?3(rGrTp(u3h3@t~8N{x~<|2qZpY7D;CvCST> zG@FF%Bi||G)+jk9e3i_`fYMA!bK*<6-ORkyb||ihUObEhNrV(&=Se5VCkqbc(3@RG zG>TbDgx_V`DR^E|f_>JLC^ExH^iS8{E?!_}wWZuF=ebDI#Q);OzB0HX!d}H!SyUCP zkv5Xxiwi75gW%+=;hxArLytg9SJ1!Zp;i^UL{^XegZo4UnMg}kZq-xfpggi_Y~yyt zIu>)(;&VkhuxV{hszEQqJD_@hT6LhA!;`m{Fr{6kPm>-Z8FJ3dH77bEIBb#7++Pxo z6Mh#+oJOGWMDGHM9b^cut>T!RWy_-3*+%4AP{IO-5bX2{T1hf!fS<}ZGSI~W#*{}5 z&zHOFP*ObSr&QZ2G3Zel>B6!b#2YIW_?)1+MG>2;eyDHSIUbf0uOUaKy$d7uV%a z6qCL;D01Y(Ilr|#TAlnPx2))PL}`go_yYpnyT81upy-`OnAOTYdM}rYGL{rTUoK>4 zyI*eM$Fzsv;gNx-FuXoX^XK5Wpzvik=9hER@b)$emF56Ll5E0|`Q|yjqTmDh-k9O; zQwWpK#THpXzNagD?Q&4g47-|Co0BMdP^SqJW1X0x8J7Dm5YiTKT6dUMv-ykBl5UxW6!4leP8{?fS#0^y) zs!eHOU>G-9UNt2Hc_wS|Y?R{_xrLq(I}%7FNS2Ud7uvNuz>BrGT`KY!E_rSbhef;? zWker$M6?QHaf$rE@IHs_s!nVK{_D_@*G3l10BvGO8eXJ6Dl!aN*rj6hs;iy0zEAWII|9GVe7*cI87NfCvC)r8FCX1q^=J@mrEa0*ef z*?;8;I#E+(a~GrRi5_Ivs(aW-XJEIkrco(cXnCbnnqvMErV)lk%@4N%X7V>a!u}v6 z9H@RMZrk;_WL@JqHgX@%qTq6ygg$y$R3F?^=V@WNmomg}w!+0J99G6Aqq)$;s%OHo zFu@?D|AE3kV>Bl|oMvj3`JYokExb_yEsIbugFXDQopDp>{3i`I`KP^^15!cndYrnbf z*mC!Kyd)N^`l)H?9l6j1CwzU5ww5MyY{yJu*{`$e? zbgky3V(3}{G3>oHQ&#QP14lz0i~q?1xPoZ;XDF>h+XYUT>Jt4?+o+`Xy*H)7GkRe8 z5=(u>{NW(CZ+?UM{axD|d7^0=YM(D_5q6>*>n9`E#a1zWqxoYiLz&4|hihpqb(}o? zN{vau-fov>{zBYy9Og6Q6VN;lL>RIg$ zUm?aO^z@kHtu8y`e*Y)^=;2}Z`uR@|c0p>9FyE2$q&;1oBMJs_9}bP}`K9wQP4~iX zs!EweTOWE;p&<6*)Adjpp5&d0Wa(SW>s+8^JuN(BNmfGw3lB4t03&h{UNv!Q%-y{Y zk0>iEBwF?I)oPoS9TzOD286BV#&4CT$OYRKJi^1OTn4T?gr++-ZS*|M<{kzLy;y{6 zHXo^O2^jv>zdbWB0i79dbz@QtKiU~$ja*|`pJ7EJRO5BAusH4yFSR;51qOA5$~a|6u1zvag%`BLOMy(k zW%5ZI+kTUf1Fh(<23@>OkLs_CPPN8q<>FtYLkXq%R`n7vxlrAW?7(g-QIcu+5aRbkaKzB} z^sRw_O?5f9)X=oH0kO>?`iR|^YNqI+Q`(BJG+bV)LECa8`85ClYiyOx$bOweK z@XE@orT8&}zqR^Ch|LcS%Op)EnMb-ZrtTE2o=Sm9bN^D!b+666mdd&jBknkTNno1yUO1;Nj}}y-i6&9xEGHc3ms#@gl#! zZ@*{w61mnilKWqYH#F)Ua9X)BY*5}{<7yu|B;wY0{T!80Ot{R7O!3xmXD6G2HVyTL zY*msRJGY=Y+}U|R)D0zleKUUuMTK%To*H9G>jM5D_48X44i29Xf-KY1=PL&}WxSw3 zUnJb9YkB(#~F>iz8O)YGJ;}o=m&=RQ&Gi!3*#IkiCQBRiI^oyGZVMqwL#N@l^bJs9Cc^sGSNrywN7GZMD4v+V zHMeT5qqd5Fbc|04`%UcFm*v8<8p{mIj)KEVf=#lW-Rptc<9jaWxi)cCpAb?vZZSzWEW$b4Dp zKckpm4PM$`{cw#e8y#r$+P5m zM@%84A7A3>G`iNBzZ@N%lDomOXJ{uOhe;yWG0c8|dl~Z^3u9m%)d(FmmHVBUJ8W{t z2jomZt?q@jj52XVtfH*Q!#963XpF5_9KCf2e!-almqWJ90C9CNXr_%Rhp;F~*EgVy zKrb<_-y4MPX?p^B4RztbPjF+^Pn5O8D^_d>*56so@c%*L{C(kK49!7<9l?_ z+UZP}Lm+?b5L0CRxDOtwZ6rasq(gh=KX&QyTAu3G8Di%vXnj{U+??@;h2a->R|YBt z!HwV0UP2cWWa2Zu_PRTc0QJ!U?gOS6dwE)>8tx&B@bs5w&jMO~1HKCE!w`C*%4_`cY^3JYcoR1$tACysjW(#i9aeY-2G!30oif~MDwP+fZG*E4EQ0qV& zEhptAX~KnC41Z3s?S;^Oad4D;GdJENrEsDv-4*j&++mBRhmp6jcNX#~c{Panu0EQs zFnDP26 zJCuz}R4j=`yK0c(JnOU_wb6T%?wwM+gdc`hXQJ(}1ab=tR6s>aVs*k0+58K#T6TkP zunhwP9xDSIDievT*kIrn0uv{5{{~5Kn0Zg2Bx)nAWe}F6D5xWfXckIs z$U%qX*f*R=ZNc*&Dw-^;>DSDMAew7hGzl50>;(0i1MPK^%veM=-2z!Y^LA+AKx8qy zJ9ymQtg~&X$Rt7s%AlMfO#`)pcrjgkh_==jY`IR!q9~D0XxUgeMw&iXI77tl19|>N z^ZcBQoncgDvsPlM9cx{8H~mb6 z7?|Upxe~Nlf*vmVt97@5UIK0xFR^CF6DpbIl$3Qa0HE_FW_n{kbNnQIms@L$kX*YC z9B}Z5#7xV)$O6RRmz8Eb!-5cxurzskCK&M+f^DEG$54;Z)ka zA;#D=E?Ou$y)(Y$iClFvE`CJI{6df(C__xBj~=)l$0Q1Ofm-y|I8f!fMOB%&vj&_> z7=9Cii_8}4tdOEhh-J>}I&I!Q zu*vDJw+*$=`E;L5BAhN%Yxv(;fLqA$4N{Z;8!G(A@ zhR}@?^6Rpox_O!626*mNvWbYlwUtxL{3uzOu1%;LSmLTjp&8(_U}K3#K@6^1BXZ}| zu4J2I2^vGoCZCf}g%ulLvpnA@pLrY2!CgWua2iKaHBW-!4K9BJ1`b*rHRJ zpL>cA@oS9|)Ep*ZZ*74gk);S<={B_3lm5l(KV_-2Ri{&A8%;i8xOBU5gO1JHtg1?N zPkR-D3_MCW^U=_U>6#*V87`#2oZBFOfje771R;zctW9Z+%z`y74+rX@!{%WQk9L0f zAmn8I_7f2wHEk3qPsBPM9}^M8k*23VtwPKh%A({y+@@I=E z5|RWAAhI>8VM8T_#KdsWB{y#7ie}xH#DrQpJp+gc<(tdsD*v!P-;auF%hj&TH z{y5`g*U8V%F>uY&`1$G^b+PAuQ?L z&nw+`_`}=A18-nKkR8#T@^^jbP>f)r5a|Zww@~I527C`ZU|&cRN3VpV2}Jc)o7#Rx z7SVBG#{pKwRJIF)pY#_m*U^P*U@ty4N&c2-B#CzNUbHxEo&*!SF(`A{VFDMvYv+D0 zO90V9K(=vWQ*~)ORlxBjZfGr{Z?7ICN|eTs%+`jS=?%$YJNgg1a3v!ce@=@?K*Fbt8uk5}dHFl3gKW}PvLWbsR+@?$FjU-?Q+Nlq=|yY01~I9u`Z8_S)JFtbcioYp{M|9Kh`wrH2FAW{xk>5L;n=F(4pT zQGhctR#7IqW6ACqGg0I;+It&@QOav1Ya2ahP8a4+EGqQP zpQ05-$7%6P3*T*Sh4vr5OFm7u6P^IoQL(PE1qq;fW^N{t&(jOmuTbLXWW+XM*h_qU z2|tIn;vG^>voq45ufUt} zMsW!ueXI3Ly47-cp+Vo^x2VgTe$MXfXIzBt4C#sD&xpjg;Opo%+@)v7m%O1EyljRy zDS}_Fv<2rGz|1>z4)j7!J5iGK5@3HLrnR#Lp9+7^ZtFiR$)GkKMJ|?CK&l*I;Tyq& zZA@jgRqJ61WV2q*512th#WD&hBjSS0dDe4BYIQGfVq5O_WogVUlv|Tk)OYcWhjAWE zJqq%Pl*;JWNHAZXIe8dB)9R~F6+=IDZBYxE{aAN4{XgDq_b>%@YjTvfuG*cK#(cHp zCUCx=8)H!PAKuh7$)GXcR1Z5mj?{g65IrwTfJ?4yKbm}|h-|)QW<$Qz z?lZ(?7THa3p)gK{tEEdE#Emqx?W(;RZh0EJo-KJ{8kvegD{SV`t;umAN7b$J&$VyCyNMH# zklPCSj#fL8nOr5-t}B!4mNz`qVnYHx$E|0UV~bo`rT&jomMnxUoyzT(#7BPpCPONZ zXiZNorVs}qa#-dc#A+&;Rri&LO$t7eUf}LhS2P!?SfD^(h{p3qT#fK7& zUQe3GfRV8VucVa=xa1CE6~YE2?jA^Sz}a~i^B7!n(bKaotUbkVM*S z5dIKDu3x18RbB`h8}rsYU-G_%&2^)D7H^^6e*Imy=on=xk;{E_H%AW?*|`x(UAg+`qt3rRr3uHSxqAws&IlTTeBX7 zexd~7w@w7jk0Fuq^9=IDkB-)`rBd|KO|AL?zPAgu#V~4o?qUS#V5K+xtc;j=87rpB zHc&2*NGiu}wA))GdnLyi&|D);5PG!e6xa5g-kP5B{eJ7&V~qARvKlh`msy%Mhszk% z05S9aov}3)KY+e}*t-zw=sOiwE*J0GVe>zz+3LYnB-4;(W61QFZ@%#vN^`#Z*trRc ziF{w6x06rSoc3w{CW}pD4D#e0qTHLQI5t58NeD^CH-g7BHXy# z(yh~FiIh}!nPcglq%GIwBuHV}7LP{-ESc2}Qe6?7mE5v~&CgTX#Ns=bQnw)r;P3KwGSEglKhbSRoFYJ+@4iu>SPu>n9W&=@TTe8fL-PGN z7Ii%tarnDYmWDN>sG?rK3^h*E7^)NP96q~)5wnjD);h8C=t2IpnVo0z!ZMP{?-O!| zw_}sI&?Ezs#5I4%2%|XC2Ekgy$0&vD*94B>ag=fLqvAFLH8%YoC`|(QtO1Qtwe{-b zv)f?VeB~;-PI-^>GZmIYqpcd<#ttaxOLA7dlz^miC1)d^LvAk@ZEdCN%_-CFXsK|` zHUS@3F-Oue2>&%Seb@IX)|AWjQV|0%%u)zi9nw2xsrS6LUuSg?=R{k*R=#JUzhz7* zL6(z*^DosqG~})y|D!rtM!*l9T~y`$@lM-_CVL|x2pKy;WLRgEpg>Hu@c`FXyx-&g z(aG<{&?mGl>U@R|q4{*r|L*wl%yvQZez(KxYviqef_UaDG}>_cV8?TEZ1&StmAgv)1xF*D!ulA(Qy@Ws{ItlFu~1*kDf-yOX%h2sktwxoAarBQ=(zQ#AV=Uz87BMS!2qMD9)HcU8 z{(_zH@Fyavtom*l3nQ>o~l#_G$Ja|#P z)CXxo!p)aE|Gz+Q#A|d9se2op%gah%^Uzn=%{^q&dD<49G^CfzvFKEZ;~MXRq}v># zc#5@2V{WC!*PJyC$8+0E13e*s(!x3$C!??ZM@oQ+Q`_TSGI<>0%h*lF!%t29bg+T* zZk7p>ny$L)rLEaCoa`fJdF?Xq|6HR0wID*iT80$V9lYXr(Rxwm!itG|^93ZJ171`x zK2+bSQ)Ok_2CHG-+#>6{G9j~Ut~~xIV@ayYH#=9+)NLQJL~F49b5wVC9c5A$IM09U zHsf#!sWH(OlhI-Yts~jI^51&&wF|^SVl1r*Wi#L8>mQbf!+1&r>!;7U+et*@bLGGug@$sh8{`2P9G)~5xMK-jJLUg zYY~;4<}fN0x+i;`v?a~jlzvUshj)bVUP&fpiCwvn8F)l5d)VO;yeU#WZ3C^Uy)GRk zHb-yyEy>-&Uxd zKIEFdgY!i#u?EH&Wb>iP-Bw#SyAV|cZQ;m(0@&lJdTt>9QDW{&v+*K?OH#cvs!YBev1*&rQ|cCksYV+MEQ2C8GhRcz?tLN-S>zzCAr_@ZJbHzK&LMopp{|EUDYuU?5O+T>UqvGBB zm>E;`(M!Az@6WD8{H(0as}LP`f@~XsR#&mFb0UH?T#pGz2+pk2YE0VNYQ(x(qE!Wf z-4W`Ydgfhlc!)4^;?EkDeS@M-P`^gyKJoYm`##sRk0bepvFKfGUJxmsi-Jq zIBI{Xh+J()>b~Jk!`HNMG0<)b8mb1`2+?IZ+~swFR5L+BwDXmMg2sk+NotL)wD{iV z4dY}hg&MsD_mts&7R}}%2RpN;R<0hxnHwt)&N>sxd3rWRyC2)U+UbzZBKdmmnBY3k zn7W8VJjASG<&hJA#4<9l?PjqZX(t{&lKU&Clwyee`~nh|?95=a@hEWcB~#JqLqrtuT79iO zbt|$2Z?SF{%~CoL<0T!IlS%%Z1jZL8+E(ji23+Tel zZNMGgoZDnl z0P|w75!Ib^dmSkLRt| z`TQrd(=+uYa3*DwIZ#f^AeY%^$C8*W7(yQSVwgR$vqS{+tyCt0fO(5dvJu zA(2S;VQ+0W=4I~G<)hFLr#{(+;f;29ujh7(I3RywxEa1RdAW~vX=O$Fs`B>0?ed6f z?40anomvv1S@_)3Z*KxSn~3GeZm{n0%kd?oK--d-h3xQpBQY6sjS+09IvF{>Z0kh6 zcX8{`(y9f;I6i6Tm) znPg)|ogQyvnI^ednZBh;>)cscuuj+N0*dC8FbOlT+?Q2H)N1kbgiG(vhqOQovQG(M zMPYl-t1FMerJ!E3KZwf%&oH5#58mD_*{K>C-d||k9^S-|~jVec`9Qb_B`K*vU z_~_i$9BR4O>#`lvU!cdw5eC{3Ivm$WX;~hD3u%{CMHO7a0;>{=bPxcMzIMeg!KDtk)kD9fo^S<+@+doQ)#=uI(myC*t07WR{ znyaEKxs@EOUOwj1!@{Z+L33Sul9FbfwC%Ourgtw}Xpoxl#LZo0PjG}Lo?Vl9FjfB&mb8>NUk1Q^-ptj#UXt}(1aDWpkP{Or^qK-tdo-y z`iRXdzrsU)+{pavl;)PqibLR6zvvH`aqwOHPP?Y}_e%)^&wG&xXq4jAE`0L!6;fAM zPe@20&(CXWA^={KnwJ0ugV{aKj9Ob;fuS@uHC+!jTAfOZh0oq@Is-@r^!&Pbqkn1& z>wN=R9r7P8@DbIeg1R~mZTx;v@>B7XzMy6!LO@uK^rc>RLOc3E2ndgr6{%R|ab8HymsY%q@Gr2MP~)$>gW* zHp0j}HbU?`&bkl?I4wTK>>Njwl`)^R-5O+gY$8>(-ROidz1bU0-bj zn30jOl3~g7lYxPOf{H4b+h$ftMJ1@>(8JpsirlT&mDVZ>jm=5%geI=>$8M}gx*sQE;BA@sorku zelN2yD{H;x#D>h$d(wZ^=Te?lACn4*2;~H`5~yo>8MT(V_hwUQ+pP z_ou@TPD|AG_7#WdIaMC}Wf?Is=!O-ypHn9jx_JqJr~kD90-2A9g$1pss3@~mRRHi` zY-1y@kFPJAhvkt$7htTKni{PZHke3IJB6@!Tyb|u>;jr>@D)S|wFA{I-^z;;aXVI3&<eMaAxXwJA6xME_#Gv;@%bWq5kI?QkGzVGG&awWzmSk}@zLWzwwZU1>YKs!QMa zWcoXXWbW7a-*9XeRi^k%>{G8`+BT7t)wTfLj~LPt=I$J*6gwH=7$mI?Nn!z2v=*(E z5)Vc@e7TVwhsJ*CYdBU(m+JwvcJn3FXNHh(>%5C_BtI7#fhZoBiJh~QwX}ZEmg{;R z6c>6NmN(4TTB31Uj(&-#Hr|0G+OD;yPvlB-`aRtZWo+{kG0;d#NMijK#XQyDqAt?$yL6oP`S(lu}h z2=PftZpvddxy5B=+bNbA*+oU+e;xi~JgqT@Yny*@4*lKz{X5qKwSrG6Vxpo@m2EeK zio*BQx2xW4F1y2BLqnx#nOQDDK|z1#RYex?so!tkFRv$<-l-fc%q(aX$alDV!9LVYzl5KAl;YSo$I;*xK%4QW>W2o_OS$CdllaJ`Vz1c*L zu`zd@+4U4oOH6$H-+P(<3g+fJ0lyV&tF`8Tea0%)tfZx&2>kH0 zf%YklcY?wuRb8D%SU7_&!z0LiDCvC2@FfmFD+>|9+rGa8Y;ix`{R=Sf-c=7gkM{Hg zx16^ByuaLwPe~d4Yhm(-lrAHqyR(f?KiC7`uld9SF!O@DUsF_Cx&;i~^5yAX&wa&J zh$j?@0-w_YMN#k^mQEqf=y0}tdUlro(Dm931?H{|-91tFtQ@p}4Zr zeco43PrK2=l2s2dOSj|)qfD^CRIV-C5~=lz>E9MSJUrMvFU-K`fH!aesMY@RU^8q{ zt9tU8BSovpna0!8)93a1R$<7^w-`tevz3Npz_4mxoVQT8b+w+V3QN1As0A zsjYWl;Bt^I^B3(?GbXRs75)AFJ+pRAF9pUMDyeTq8{Hv)9W*EiI_z6;b47f7d~lzM z@ztLRSOf$tLPA+HGiq~l^W^mK;l7z*xoS7yc_4}&@JnYFQzvE?jC<@74@-U7R%T+(m>(BOL~MR$NqM1U#WB!3EVB2!jwF8A-*(HBDifn?wKUCr^~i z-st!A^kekO>n4}Izvv0TV77QzP6;FM2ax{B^UY3I+n(+9TqZs=&T6#)lM0O1H(bB# zc&OLJ4(q3W@uPtuG6EWDUQSNX)zy{T*pIk4F-J#sAW2iv()NEwN>@=;P2sU41TH5s zKtVxCNK4<|dmV0Wn()}p2gJmnMdGqJm#Ekc3=KtkpEQL{6)M(R&oE|q9TY>QC>1w1 z6PC{WHABy$q%wAY4A~d}_YCy(CKlyo5FLJ@ ze_@-s3iFfYCLpQu^)+UdFwW_@yd4vMWc~>p_B;IVEC7$)X7gc%&2`!>9N_0>78WKv zKbv+_Z2&5D5dVlwadvrW3S_*$l)%i~{Ch^mD&1{6@vsFaZTw(%1h@ z!*}F#V~!Mj0XJqk#f;x{46S>4`Z^2!C{~QqNvQEE!FjKR#{h9PD=|P zU>^W%0~tEJ&*U$21(-}U4wDAE*>ChhAH0+i3%BFNzQ@y!v76(i&(_wITwK^6K71I> z5R#LWgaa^FLQ2Z{xNgq*`FakEgycB(6gJu9xH}{gDwxtnxsEgIy~z^J`~;%X@%q+W&DahO4q?A3@~MHgH4QvN0NxS^ z2f{rA(!vEaOjyNX8sNtAKY7jp$U6hR>I4{|)~GAUfDOZmVHN;te0Ib(QpxZ1@P=ve z&|*1<7I|){fFDN+_mf7fWG)%Ly+U$T1UMuxv+pd1@qx|@sMGiK^rUdx;Qr0^vt`xOpGOvz5$;s{PBraOkAAL_kqizwrQ<_ z?J#`7*5dW$xv`}sJ}z$ZGZ_d4g&GhTD%Wjr-u{iz-P40GeB(WuRZtN6;pIGLduIno z^bTM6W*2gGl9;u-0Sa+o8k<;2>I|mIn(vN|XuDXE zta^z4t|woCU>bONe)RqyU2h##RkXc-E7Bp|-QC@SN_Te(h;(;Ihjf>8cStt^0@5wr z-O}N2o%_A_{qG&aF^nUy&)$2@HRtnuo_$tG6|)5T*Z#e@QBY7o1{D?$#tv}$Y`dOs z=7bQuZck5Uy>9b0Dv)jtDh!G*{&mi|J7o=!iq7BZ7AbrWbd#;|OPWiTZ8SfuU_LSP zP_cMEHSiYG+<)3di6WNIf?j&bsogfsGAVb0a#&I>xO%4Nn;&&7XxA60_N}~Vs^(s` zexAHzgOAYnU0GCjHXxD`j#Jc$RngUchgao?m(I$%~&Dg(1S_ zrKSj10zLB6h(Od}XU&g6RZ=T&4{?DKQt3w0fJG$r7pE5Sh^9|VqTHSIfkh%&Zc=Y| zrH2{D|NYZ18W_+E@8eCgOn$Qeu&0>)XZ1wgiu?Ps_?F$0a|EHz*kn$-)LvJoV>ElY zNz54fsDo*4BF0DMsxN0B{lH#2n$GR+;lXa)8)S=uD=jSz#<%#mxQ)LR9bh3WgZ5>6 zZ?E2T@NMy#jjoPPL>?WuvH52S{iwkd-Usf$g+?1fP_~KK@Y^4uP*G7KBZiC&;u$Cs z{-Zj=o_{~LcXZspJf2zF+Me1u=+ypSvkf*e6&01%(Jas-NSK&VU}Iww@jGspMMZA{rXGIm*+V;>4H+m{(S9-BWOfJ_r}Bt7o}2D=cj=)fk6jL)%Mhr9r8 z9f&>v)@$eEsUZ0GX-fX}K@vn3mI3opBIi=D13NRuX~%Ifgndzj)qJ18JCK}+IN&x zP^EX%gCRfZN~3PdhQLZjJz2uPCp>98o5@`Xe%UjJQcFR0jwBBHC(^)21Wyv@Y5qM0 zqRoko{LhqjMh}Hdb}Hm_;^*aPVlf)xhwHaHoBf<2n!0r6uxoWP*UQ7}+hZU>K<*=<$K!g4re-x) zAu>X-LToXXX}s3y0}TrspO`pfLwW^{V*6Lz_V#v--I@rfw47ud{etN}k2mO`-leje z3XEDgu!EaPyWO3gwd;uk1_lOv@y+MsveHs=P$^SW@qmEfr6%F-&IdSj&~!LF-8qPh zi?g&L-_y!?`j zAkF2EOUWWYgptz^hRZxiCE*wX+VOjkd)OG*_SWt6y%%aEE{fp&y)Zx$b6BAxIt zeiphfl#VF^xAK;bDT#;~r=WNdtNRaUybm1p>;>XT{%gj>lml-M0$UQA8lJvMeS$P> zw484IK%;)^V0$lJwS)E+ZO1V}xhNw!wPvs86JKmW=gZLU=rd~f_fEue=|vnJg#B`1 zH`kcxP)RO4g^#~&v*K$J>1`Y6MB?puWK^cGVcTSRPUETQ;>Q)fRzvNG+dn%8L$lhy z-&^WHQ=+_YBoT5c`HQv8u1r2f_@VZbJf<8m1w8ZoVwKpWgLEORIp-Y;`ft)Qv{M8w z*~a5pepj5>*d?Y^K?OE)nf27H4}zTp7|lX<4)TH9Le)*#hp2eR0i6=N#ugB$|z@BCd8t`7o?&@ zj=z;5|A{gjwBERg$c~f6-A1)ELT-@|l1-7y|33HBi`XVYCISIDO5k79M@Itt`rcFX zo~|)fyhF;N-^t$y%hpYs4AhRib;zVh8Q@E27K{20#HIBs$(+BDjgr>g9uk$pak0I{ z`7N)3XOd+7B4%NQ;7-^*PKU=Xo}(@edoQln(A~$hn2=vzjO7fIuGX_p)$^Ae3VZ0n zWT@1;#5#VPH!$OM$WMAE5{A|n4h)-baJB(CNuX$d}`wzMGh&$l=W*Mr0leJ|G1F7;$SHB_|kb_V#^7#i8mr?mqr z;8RK8l4$NZ?upPcGDZTm5r~yH67$I9YF4UIAjFv z9O%g0nmO!hwLlj#xU!O!lS3Ao?DJ#e=x8JmRpghQ-=i)><|gsjMwj@8H%ZyQF7sX) zi-MA}1qd@9_d6-!VDtnAL|1>SzjnQOTuRE|w4$iIr6oP@vi%zo5s_ze=vWm<2S-3i zn8s$@`!V4PfgCcg0__9z%nF%&VxUzbm0scnQ&%*J@Nl!k7CcbL9G1XHY05=VT2|I; zQu|kmzN)GU#Eid#9_iNIOAOcx;2^*p017b?n9=juHx5ZZvJi?jbQLtbE<5UuR1hjt zX&n1YP?o!ZXgbL7`x2Ib+Dk!dZm+k_I17u_W+!c2S^>bo zi2W@B=$vZF?*8T>c`F2K8oj;n!AZsfR$aJES=PL8@A?(8w%)6g#8{^-fS%?|VaO-p z;~ruf+V6|`ApyAhXPecrKYG$~bpei2jficQl*k#Cj#;7d>GT>lPN7Y(<(ePr47Ag`5i`c%D^rA>)p(XVGB0G0FTE22+-^S-Ffu|{8V7h%B z^y!Eviy=Y$kGoh9dV@@sO%fZQ^hP?{YZVoHJ;%eKXp1^1?s&`}Xi0hJpY0`44A9nL z$;+s^lw(ceXDIlq#6GvYokUF6o>D`23B;bDl1GVehYlX3fuG2&)!N%RqwY$hh*i0q zuJj%*D+Y<`3e!5IsIlMA z89F&yQ;URxjbiB80DJ=B&*@K`Rqh`d^hCwhi^bo6AB*;+s|pM{jTcMayBtcR=$WA%zob&E9*J+ zHrBRmlqsh2u5Mif#ALC=)nlpSzilAKu%I_HlF7Ol{E8RiQ#M{?3V)Os`sEzlbK2M_ zOeNN5F0#<1i@_~s_LUS5=4so1V7{2Fj<7uVSzGkswXKx876B6*{7{cieAotJLI5-k zm86^O*o=&KA2jC_mUpyRSQi-wJX-u4^_x1XmKKar)s2VXfOjw@@t=~rZ>ib1p}sKY zN`=-Ys8?OUR;oDWsMWPV?@H)xzFL1v@)}K_q13MQV$QYxokQnOxA5WjzGN;X3x#nh z1()t0WanAtwSTByc7GDPQqJOKM(oo4VkNkkbM=QNE36PPzqmB$Y=SDq&3+PY_?H-)K{&}nEdvtWf z?{&juYis+)@!$Se2_P$v3tb_zwx2@*zv0uL2Fs^o3sF-rrN8MFJd`^QZ^B{H>V_!g zs*1wg>)+TxXFIR&wz0F*Kf>De8&tUw;oIfDcxqYC4mcM@;B1%=MiYbP{6|%GCmwL; zfWjP`kud_aiSU@1uEU3-rY2rs)^%`Td3tzkY;C;<76BMYCBysF)T#OSQh|A6fd310 zOhClDymSPbCeQ}4VBhRxRHW4X9e`H;8sMItES*tIHjMO>f8Ungr4qZ$C6%MVjKkKy z=5z34{yVzZ)S|`^!M0K~9O#U)uQ^wU`}YnX>*^)ggr`Vo5QE@N>ZvUX$eJTBXgRdc z{rKaxRiWwPQ3?YtO6}>2cY?l1i}@Rs2{tdD;nU)!v+@@krWZTNRFI89pE7ThE58Kz z$Q#WriAuVeZu2fVm;JcfsMwOAmy1D%#q`rQ}43B`> z_y{ki_bOA6a;Q2)iC4@SjVjpLHVAJU##bcPOC}xz@sM9k3hx7#45ABsWA}joo-l05 z8&<=fpLfZ1YD#_N=Oxheu@+SQ(P# z&b+HOVBi^N@Su4W)KdxU!#AEJdNQHE7Uvcov%&K*C|@UoNc`6O?xj)JWjy2oD737K zBVtl&yhF2?8ML5#nK7-LMMQ1_WJkF1WXE=I7!nJylg1cs$0vIjUv^6&-w`Pj;a8JW zA;{*Nb=k3vYEb48^{7|xPer0X$eCUKXyUZ~4WP{R%}Wd!IwN>2IRp_>6FWpqycjoM z&jftA72k20I!2iKK?Jpa4Y*!?W7pV$+V~B= z&_g6fpXt4nV!PD_shQuBkkW)*V^sP$Z{tmxmj;tr$8IZea;5i-FHpc`{hEAbu?!v9 z4kLDRD~J}rNF9Zugerv^rZOIrVryXZ7rLn^a%2(bBm8olUhH8(;mW}M((ruTag`N5 z;mKYQ;$|H+HvCwoKef|`qh|VctW(`(<8L;Y=qgIDR4owIW>-aF>O;E;``H@$1M0|> zYk%avT85#_aJk{_!&9eFKq`ZRHaLtC>Ir|t59|)Ow?yl}X1X`4Jj)PpVetF+xV8x9 zPIh*71=Os!@bK$nf@j;Te)mX|laoN4SjkPWe$+8e7}`dB)Aa!uXzmyNxQi`LwB;I= zo6&-&WI%rPxY}h0UI#?%y0~azaH0SUtrnQw(ZqrSlB7OAf$bo=?urb&|7G9Dli!*A z3Aby0*+1&eKfwV*6w;35{*e(RJG(Q3%5XROxvYs9 z>nkR`DZKoE!?{ihb?e-$IhH^->L@7&bUB+xhYaa@+oVL21Z$S~OrG~SZ=H8v+tF7y z%hg@g-{{EXi?J0EPJWCvS}>5N5BS9~l*T3&^s3E3J~-$V%;c%yN3^PawKqL0i8dCo zkN476Ba{ZNG&vrsSRlq(U2Dr*>Q+yWd6GVif_!*Cu_v=K_dW0rPiS$a&k6xGT_ex2 zgpQ&@`Shh$w6%CAd6&QknwE6^Yhk35i%u|AdTwd29&D zonY?+bER z3Q={im@k@nB380=P;qztl1Cw&NT)o}_+9du>=&(0zO1-PiEF2A+vNe=?2`>VvO-*h zt*Pedx)Ssk}#cj)`&gQ26dY9272kY$Eb!xYG zTJbr5ESCWu5BYo9w$#_3tgCaVEFo@$eQA|kLuo=o(FyVG5)*`E-pypECNQ%y8D`b` z8HnE48BoiwvZ7Oj?-3hhh8A&5b=#aVp+01ICaO5reYkus#*L0DmAb45Xn5;F)mp(R z{hbD{+I63`2kL$9s68w*Y%&kAxn98fiMaHz5?>svlngdrmA{<g-;6O7m{NcLIs?_FHyo1| zvbh2Af9IrWZNQob6CZyFbhN;2Hk~O^hP1RCX;mcxr^t_r!8N1vUN;d)P{G>`HKUKhCoxkKQ??|`a4Zz> z{GkF1xBX!?$fa(BE{(_}C4>CQ z1w#>$ZxD~n2>DGO(6E^oYIQA^M7s53(I`{#Y2Z7ge(LY1wk-2{zTJWA+8UWvyy{;E z&nHilo=GEeP2xrKxqb8GS;0%a7|O3R2#zDwo!XcjIwvwcX^ns|<7 zXH3Ytn#vtHo}A7k+7IZpXu;vw3UtNrAG zNe%kXG66Hh!2X7f1pHtA~PZ)WVb5x^1Sx1V}A8fED-iuD-A<@eHXNvdPKlFT6US&pP8Li zR#JNB>dNy!Zl|aS7Jz5K7SwLE##b#?pk`w`kGTF^UM3?ahYV4fA&xf-OEhrEBMlc& z0dWR=+j{d+6QEOlP9G>$E#`CFhEGdN`}FD4`C)mr$q$`y-~j>?4cNFq^$Icwy&)C# z%>+ah#36tzVq-QuDQRhAuu`m-8l!+4h(^4!lGi{=3ZzhgJ+1HU%~wzIsK^YDj97mD zyzhX)ZBIXkJE6ujRQs+Vg*m8IIw@0t@$*dpn&>(cmZn%BD>BUIAk5i#kdHY}=AP?E ziC0l)!{M9j_wimP`$;xbiuM~B*14o?W-%U>Qv!ZWM%RS)qdyHbt%B)D&P;FG0FJyN z9F|yF%-Dd*Q01g+O4Ha}M=Vd()hAh3Iq85R;`rxuqZZVY_7P}!lQC(9bQlK`W~WgT z=^nD4zsXE9N$QO?=SJ`L<9(=^SDR$Ft>4T3>Ij%Np?vdZ-M!_f4huXA3{|EOZLLh$ zbzsP!$dnD!I_lJ=6xy)xy5QZ161D|~`%c(+7V1{XS1$pvh|;+%$2KU$)<%&IRCtahBZ8KB%Zr(OY3S|Il4QfRVUIfQs@@Ow0^y<++?qrS2pkMz;0G zg+6SoIdf|5)_grCp7fE-+vc9ZGwN-Uh4W3OzqBf=fn@~Rx0|`e8Ds0^I$WA))v%b5 zCRFKxZ*`;z-q%r7HeaV&gNhp8p4YAjvcRs6#(g82t;+~tS=2yIC~EjyJ%$!AWDp-1 z+D(*439Hp?=C(i^n^Jy<0O2xM%zI|JqCgELVXRLts_7<|!k^>g;|JfRfT~~Bb}9g|pz3`dUBMv4m(w)x#oGE4a4dzM|4yg;fRP6b0_d(< zOY+RQ2oMkv4<}n?B&T`40lp^%0z3ivUZX@o87&7z z8SqF*Z4}tnKpmk`{Qet|0q$TsyIVQ){Z?BUw2)xvpJa;GqFB=~ayn@821v+kDN6Tat-IhhMw$rM9oC$$Bb`5fPY| zrqd{3j9cPY1YH_sm4t0D$Bb{J(Cpy(-cWmSHF7QOrYpxGI>p<3XEdZQWuEjH$zv0_ z^DZc9t0prED`3*yQZ$EGdac+q6^_`65g$l(RyhgJh2V^>(hEHs%H4>fl7_*MO6L4h zqhK1#q9ve6?wZ$IQYipprE#!ywnKd0lYbE6!T;7P~#wxQYPRhZ7YO{dHE>{sb>rDjVtgD9g*m zm7zg*`UIURmB7yuldQ=o7=2V=jd=3cvegLUDItZFtOmSGV1O+BPeNxuw&eHDvK&&1 zZeQ(Ux337YI#f~q#{y_MhMN{BLCY4&zSL@%M$sbIy{j!=PvIouO2Z5Y?xP+*i=!$) z@Rp$eX+5Qth5B8i2AWY0B{8ev2PgW6R@s*p#bV`v6hu5|dWV1wT&=5mfV>985$HjXKn$#R%1_rh`{VCk+QP#vh%cj`@fe*z<01)P8Ap^(w&4LODf6% zLzUC~Hv~*e*+xlGQBhLr2H55xgiLE^WXZi?Pg6*_WuRpZqMS4%V`l{@Wq5B$(k4e2i^gt$zZv}iZbvIdB}OkYH) zZI9B}`x%7LrVSJpFEjX(bU&X(U6EF@m0xoP!_<$btW>S)hGplVElCqD3V%n>*A-&e zi(#|*87%$li2^G**zI#)a#2_m`cFsn9SQind}!skOhc#B*9i28io;j)o?ZyMa(3Bt zBcGL;y-x4{VH*bPCcBhOCqo4Q1Mqhr+9W(ve`+_3d22>c2U4{}Z1guSKDISVY~E zqOW24s?UOH=io1O<57^~q(8hU>r(w2cLMCw%$41oSLg-yhDP)Aj1oN!9$(tp5o`vb zz{3JtWmJ}|bdEZGx~%wzhxzxG99EBS1|@%gvGj@@JB95z;lv6M)*Zl)91B?yC{ha! zdl#&`*N}psvwf+erSRyAq@dQ!ocnyQx_xhPLCn%@s+Ccf_t8q6^IJfzsoKD|(~7sy zr4D%=o+spZIIIFOIc$g+2{2u9t>;QhwY_V)8_CW~YX&sIg62O&HSwS+i^@+_)EYXc z#nHIMcADy*Yv&H(HQb$Bp7nG^qvX`@T{5<@ZI<}h;v9#G=H!0-hDyMcQ^1u!zr1Q~Vp zNv=wls2oZ&?lifS3bw;m1s9iV^`p3YFF80Af}cQ|#OMBk1wnaPJMSm}o5~AN-j-uC zgy$%<0DwG@c9HA3yHI2N2150Kb`wIjrnK9& zR2_Y?u*g3W05))kN(kU-q~+v30jdgoz?whE59px}AXxywA3#2+6I@Z2(?!=uB5TD8 zStbA?030TV%i+w3j^tWgxzl#rhoBmH9l;l8@7drQ`NreHq-f)cETXP;oi>VjF)@|a zW;e;j<9|)&)hEa4kwTKX9!m^^;+9=FZTSI9$^&D=Ul{j1KISDLn1_xhM*dn-C!}}X zk{E2v0VdE|Q^L_f-nX%uro#R6G~G~v18b4V+SS%F)m%L-i@c1+|JV zJi5klb!>HYrNqXgWtd*yW%-ZlZ40hd85U=U`dtgx#B0+xKYdg5dnh+!GwVD3y_)j z^Q?^YVliN}H|+_40l}2Gv@{QGjzO%P&JK-_#xmIUjV0h3iFfipsWY%d2lO*v7%FHBcv|W+W z*I%L5_j~wj$-&8aaeGV4&VCUOIUZJ4R*(q^2e4F|>q%bY4aOXqK|dg!2TA>YCo}6d z1NIpx)MvbQE+7w+?R|*=KyL_~0p#z9$X@Cv50oEqt*+)=912MP z2qoi_Y8W42f#xyntfy(h2zRwiPGp2J3@#-Ru(O_V-y+m~e(7?-IOBu)7a2s?W=|7O zOvv@psIVnmZWQ0uT@ogux?E)rvJHGLhgd*e&w7s$EuSTjw7zZx-ciJ&cMpxN0wo!l zfA-ThEx6l3Lwh6p{oE}CJyjz767_8fkC-Gr)y^hFyamloxdS~dc6Pv5`gwXOb4JOnp9&yk-E^ipP_#X zZ;PPW2TgZ)4qot*0F$Pse7(f)czm-J+n;BwG8?){Fo;OH$WDJhBfxfsNFg;=#!V0wSS86sb3QuhKvEF>EMw)PeCylMb$0K*qV zk~*Jn{^Qk#{xbfd1I7oF$D0#mVgcuOv=L6Q=|vZd7TFg79&`FHDCnyzpscRmA4=-` z3s7H>nH|(Vhp>P%l?tzLtIfmS{(f|*WtJZJ5+plkUc1b;n5Efy%iv9d-*6NWe?&~) zDPyG!wx%4fw52fXHlC++Jq3dSoUdZJw^tleGhL4t#H_8Yv(1Xtv4TP21{Y5eglPid zP-%F08YN)^0Vy4X1~@(kFpL+&8&-%IA2Y+O>!z)eL zi)U!ar%h7UZwheZ5KrpQ53BorR$qt!_%K?d1mZK0e+BzTGnk=L1zgJd+IOp3QUL%C zimn(ALGCF$xq4Hp?k0^U?I#a%fIs$jJtE#2cJhNKgn+!?)UM zUyF-rWm8yoc2W#!I5{yzMY~9-We`C?4{&^7W&)ktzDk842+K7#;sD*G_*k0+9sO&+ zNp54~O@w+y508R;8b>g=u8{Hq;ig4Y{Xq~21qB5ND17bz0PBnn=w(w=(L{FH6g0K!-d#JL}V`v4#)6`)T`? z0s|wX2M7{8ergA^^Y%e;w)sk{i$bZWm&9#E1Y&wdMw`$XXl?-q7X+drdHMM^;mX8( zW8m$hp`%ZxGj4vN6&1|}3~dS+qR#>Kd9&2$3%i=+Im;cJ2K)5uk|%1jb0sabM9kxLuh%5Elf*F}vT(lfen?67fx? z2Z*_NRxI3rsA)GSxfcLG19mG=nIGy#&d<+{Hh+eL>jp`C3??`5>;ZPYm*`CnrAYLAQwHc%Uz1)Tl55nIVO>fDu6I6B5dT*cHgD zzU4*KuG9b$#rfssp-KxQGcz?PfFLdjfd5Ub{*ljI9M1bnfL&ea@Ztrm{jJeRTHL9r?DZ3rEcRlfT72yr2)NY)GP%Z@aRwXS0K!?8_C+4 zQ#W<*1TR1RYjkwS?`6*qQjsz@4~`%#Ke)unpneK?SKIw3^act68WxtbI^CQRClm`{ z#{K;KR^7KyiU~6SSSSfXNg&{3f7byq=7GEl@?)pYqs>)E$4gD9pyUAO?TqUU2_!`T zt^ovn2h!^8(iEA6lB#MS5^H-mWOIPH5zI}?0omDx*@RAoiQBuomxH1&aZgX)ke~~s zsmc)x%w!lzx;+tyjg6v9RYoyr#)sp78C-$;=pwoQhP9x~FIElv(7Q%#>ugbg`udqU z2C}UFBCD&Ti~kLG1nViiNWWI*8f2v)c}lR6o1L%sD0HNNG5Bh4oR*U_0Tit3mia%O zF!ReTPLNsxIOLAw>!OIfSkRb(n-3&pc7SW*R;KwIB<7Nm`s>FFWjtrw>#-~4%309MPt zr}2N=Kf^I0kvGuh5GyKs#EOuC)K1k_8v=Jkszf08|PSj?30E7()k4`~~mBwXP^5Wy%N{*hSs!`f@} z``40ly>DQT0gabdyL;{QdxT&#kVcCO3xjX8TU%w7E>TlA17#ZcuXRp)3W!KZAi3CH z@oey4odfXlkin+w`NR%LiTul)8ixOu>;l`)I0!a^knNcN&0I7ddjMzwt^mTUs-(1z z))$@_pC#y~qN5`Na<>p4E7p0PEQk!m-wdBNaoYjf4;lk>G_>`^66l1XpI{47)X=~I zW7HAP(87+Afx#Hq!o#DZX#@lwpbE8Rq=63s-q<%1;XeoX*THC@XO9JeC247d!5C7v z!{^MX#Q5ibqF%Se#PbfMo==Z$OKy{1aMJ#-1V2XPm6*g)RDKysCSI)D!dM)tH{84= zqGr92zN*jK=Hr*n+{9gqFl3TssioG{s25O|s*NBfgO4S9mFEV6)z%$dw}UYBu~768 z@_9npPVNQ$s~m2-EHzz%U1^I=F|589k)}Ye3%lSK7^k4k5L2LV)BQ9s;-h7|)n8(EV5OUi$4rc$*tVxx7=~+(Wo9*W7-Zf6u zFYWrBD!sIz>P*Gr2f_&^j@vePxSX%x>y?YEkQd^%XruJ8vAk|tiZatKP$@%YVXu35X zSLPBD6044nFi@{SMr#l->9TfqtcL#{<`;p}IkbH*nxs&uLL}rK3qJK$bPqJ(d*z1D z3?M?{r%OZQ$=GhdO8U4kc=0|==j{F2sp-{#Uj`Aowprl7lEWt{udV)SDs{8Z$lwFwX(V` z$Vh_w(qhFNgz$ms1DfzB*{P5oqu7s;ILdl@-eZif+c68KEg>A^%YMvD7s76gGv08C*F7EpZ zg50B$OY6wXZ9M2_d#et6Cj=s!z!lS)&tL7$=nFg(adnews8&xvO2`Vx?g<-NfW88d_QTK%ToAWUhm+qJUr59b&G^ciK0P%oHqOG-+bw@3Pj6tz15O!}XO989-krMRPKw@yIZ0Wp_fkXvN! zd1bBE``%IHGA^d(^JHF=UUB$`0MM|U*JnR}1H*^?v^?)cxT1Fe&}lGbhdQQ{5)&a; z_@dIzCsOpOPjtJ<_o%5E%X^_}0R*LHG)U6A`j@>WsiQFcW>Ja^VzQ{WB4wa(n zwGe&OK0G?IK)D0YLcqhrTTj-t1tIc%af2~S?PQQphXD|Q^=f-sV?5)U##5=M|UGQBA3ixvXu7iG+sKzJY1lL_1FkP?M_reQV_5DhRZwH zVv(HcjY@Pqj`98mkOsU5^uc0JnTXm^{1m;jyPNHqAp4GkXaG+Nlm5 z)`J*YRY%Vzy6&&H{@)g#wmo(XX~{xVB}J`N4e&z$HGe!0O&WYKsxeeH>O{FERUzSn zI>5rxoxoQ9PO9GNlF6Y zry&M}yHGI=^l*7Rey&*`ZS*XO{3U4<;gzT-O#71cd8D)Zvx0}mgom31vqz8$9l79Q_3UGJIOBVXZih>D|-lPRHoEK7D#L#~Wz-U5c6Bk;Ga#Xn`l%DROhs za5my_bC!k?4h_MOS}unf(?tDVsD<4e94^8QjvzHrL&J6GXsV7$quM}TQxg{w&>n9Y zTs?7B)zuxr?L3Ep2JSATsfJ{R!v?n?d1;6lan@QpTMyc}4bV?e_+8Ta zIVz81!b3Mdp0;V%eL{frHIS(X;MAKyGuioLRb5zD7q3Leb@VJCATZqN^XLvZlm7u; zs4wfNAUK|JEfOh_Z@pL-42F7OcCsA2Z-7jFtcD7JiUCJnP*rtGESzXkq{h&H+j%Pt zdFX`$cydK-Qqo6N)oFfGRuC!yU&z}q3DQP)p?-I8;HPQTo1+*$Or?}mSBoCh&&|&E zcRh`CO@QAaji#A4Kw2_Y`I$y2z^Hb4dFdo$)+MBKCJ+6lH#8zi({rQry^K0GRkUOY zLSe2XKSpqj0sXSDVvT2_-I-=OY>o&fhtC8%vaq(jJF)=ggc;*#KHDHnD8>3{a2e70 z_Y1dO=t^DJ%WX<8J}4!=(DJ$Jt%MOK9fPHwaZ*d8SN?JgM^&4qq}lJEerVq9NoGh7 znEvz#=(6_ye*8pm`tU5+%;0rXPbcFJ75(}LztXyoF!>5GM#L*Id|Oo##P`~r=e)c+ zYD+v_o?`cH#%4}UHLI>Fdq_?}cD6Nis7u~f`In!GMEs)qh1F}WursRv_H~kL>BBY( zJbFLLL@Lhq#u4-QExh(<={3}|Q06qgs$?F%5!u(K`((yo6&dWp2--Q1JF}f0<^AYh zB8NIe6R0k)r1P(cxn?P&Yi{C$%^aCQ^7*mw@P_)-?X;4MO`7*z)8(NBML9N5o?ow# zf@0Lf>{2*311@tA%24{6pNLSyEPO3%Y#s}0I|sYuNEBm)NaV)l?mIKze6g=8{qZ9S z#4s;^RQsI7-{Q6Dv4B*PCyCcFJCGd|m}Z?zJvt0P?7KUTQWB4pRCI4kEBPa6*C2~x zD4yEc#RX&z-hv_M_Zw89cN}RycO2uAl3Yvznz!od${9#vLczkY2Nkx)^ZE-wH4tC} z_p(gx!7U0@So@x{`5527`LqLGV*_gpJGp=dL0&{t&xhb#*`8{|9qVp$IQDZ#I1+IkNC*iU0;Pj5x< zdQe#oTR_K)<$dP0_Qrs;I5R0J*k;Mu&5e_vUs@omC@04s z2$1P^-dluBK<+(0KAv7Jx3RHlXlkklD1eNtEUTrUPVz@Efq|-jyxNg*eKfDCt?e;1 z<|m?3iWL|b_$?~xBKzNc_S1Q&s8DsQ7r-&cA$TTl!67XM0u2ofd}!YXia2dj0Y!Ov zb~ZLh%>T2cC4Y4&X0B3L+i7bgB;fq?^wiYewNIVC(6dSgyW9`IpySE+ejq4|48|^N=Yr=3pLW}%MwfNbv?7DLX$&=T^0Y}}wbIYY z%FB`IhfS)bDgA4w_vjk^?>mOHPhS|M)2Z@_Lp=`qC3+d{wyw&Z@DBM0tj2|hXl&O} zPfKa%9k)>Lv&al=REFTC6`zl2H46QjM$e7|Hu-y-)~w<@z=xPJ+GJR-&LflR*k1T) zAlWAFrr4YcAd~7EJ5<|T4f)ixE8JxqF>}yZzg)BLcu@%1hxV5-?M%q>bgjVN8rWPs zst@-m())?R{Bv%LBt%TAI^iL;3OG7selbak1uJWOoKCbp$ZpNL_Gdm9vBu3?y6Wie zuk?6sJ-lmH4*9b8V>CM+*e{M*_VTYAP8#kLaI|XQ-7(AFKlZJ&V!eD$`smX*RjYYF z5-8)^a^CN`Z>8~4h@t}nMWXecdAVakdU4#_0`-~$xsR_B&I|RTr3m-6yI~KJZ{v3I zw5`|E*`eT0q>n(Bg!)j^F8$&ESb*QZg|=Kv)gp$5qyu`^D>?!P=d(tC|Mu1$I4zpC z?A>7NF+!`Je++q0R|kLb?ed$uWyMmbCWtaw;`#b+J>c)>!f8ve$ALKmd<*bo7<@cD zzJu4%BarI@B8cK(b>=GV|NQa2)Pg5T1~9;48X9x>Z_c!s27plIVK`z9^|iY~IK5t3 zJ${I)R_hyh0jQ4p`ueoVy7e}XKl`fU0VIxy2oD zrthi2>X`ft)^Ozbo|mq9P4wUvRf4p5?u52*g^IdKEncbGVL-7#HnTc4Mz~%LaO!+T z!8<|8E(UKDlp{O>0u!LU{LT`*MM2e3EyaqH+79?lN=|Y2>Dw(#7ms#yCI z@y~dw-;aaQ331+Nt=GMSp4�RceWCiP z38g2eh78wnZQJO0gXLNUks< zmiA}`Ip1|NHlHUXWjUBUogW}*d-M_|j`mGp20k26-_z*Wygd7>2pejh1aRf>6ufE* z5Pr^~-QWD_e89r1wK)^FLqyWF^E5B;qCK0S5aZRV5aX9DTs42BUDPz6Sm)I>y5=hW z3w3_?eGMrOF=>FA;F1UPxmG~fcP{Kq9W<=4LNZ(Mp>z}n-?HJz$SO(#$2}5#0&9GT z430D@aP9)_ZAuS*@E~ukY^Q>%_dsyXDw2#@AOLmRb9RJAAP^ zjWo35hz<`84-EyJA5|5VUZ5(hu}RPTUfdqP8EIQO5h+irefIrFJ^mpzDs27Q^TM+O z#7F@v*bO53tFh=%dY9xl$!6f`Y?t@8UY#s1OD%dV0f2uqiUoNvQ2rJF>Wx`vZ=t?h z9X^w7T9Vh8%kaDE)M6SDxX>2TrMOIP?85sH^!xX3ULSwYPVrnc@OT7j@cabF7IUBT zb=Nl5VW#W7O?^x)O7R-xRZ-1FXZVNBX@`8x)C>gtzzENrMznU*VOFmkzE@Vu;_|Pt z+!zT5b2$i;lMsSQ7Pu?8s5V;lQnQ)wR=1r9=*suzVp5d5+;~}qIsy%SE&S(ZHJu(q z(1P;PAlfG;c$b{-H-1WW=8Nb)*F{D`jUT#gK`eL3xdN%fEE$H&M@!byA(;`Ri zPb90i42mSR+MBq^59_roN?#wuV^^J+yN}I01EtMwU;QoIn05;4r!OodwI+m>Bu_v1 zc~t!Pn3%*ol)t;`Cq04lJRKSZcOuwHyZw;^EVSSJLCI38p!XVRG>5ovr475gJ70s*IAR?ECemy zGE?n~+8=!1-t2%2CmD+W_EGvL%!uj-vqt%X(uDbttfBU?d!6Ur)}tWN#WL@5MN1MW zWAyFAJIeR+xVTSQn1M}K z*kGynbnRug`$ksZxwA1r(ziWwEWiX2>5BgC4TqiwoZ+HU1Whl|Qd8PL_nJ5sn4f7kWi*?nW>7I%=;+Zk65+K) zY9td^-pJ4?YAMlaSr+E&AN&aFS0Af0nH0$waG(QE<$XUfUFuvM{J=oI1XoL5Xsm^> zgXH27AXwPoO5X?XvJ=3XOLU;|hjNTvhPkj5bHJzfdX|m5=v!ORJ+*ids>yqv&_S|T zO0`}1(}tJ zC^UKHh9_nJIO_z@3UbQbd0X1wSY@*J@fc}W$G~ZLc@kB%i=5&HI}^k=Ui}dkrn&p+ zV7-^EHCFqf*w1yi)W}VP3CA;$*VFR!ZjJ!eA8c-f1g+g-r$dHUc|+nP?{#+E*pq0-WR9si!te~zG}JO z<3a!0oJn@wup_YYSU;0+lqk44(<<~sVO42r4WH&~M&$_;uKT#Xj|u-# zWQKG%8L#@9W@y@$u5sh@dt?E0+^7?Q92sXQgs*?D*feX8Yzwg{hT|i-es}WCJNCkY5)W zzdr>3_s`(34kU6$|KDrIczZq2bN~M@Zt&V&)}_`}Yg?uU_5bJ%fa(#wx(Gm7vEfGmuy;OO56a`+tXDb#;1| zo~@xnXzlwqezXrRDQ*G3QC?g!`|=k%AJ*5urRAR%hxh5)?d29lDx8T_NtW}yO`9&i zbj8c{Dpl8A<&5TvQ0Jl{Ewy`3?3N2A{`;aX5s!PJgH02f1Q>%h3G+3oNxQ4(Vw=vZ zba^VD?|YGqp&2$jJb%8?j+-d66T&_uh5kuOW-FLtTPS|Ydv8e)THurZJT*KikwMz^ z>B>HzgX{M~?zyhYgQko9cc2eBv1A zO3MFExnAQc=xR#Y-S5LLC+HR^mC{)&ZXExt_Ix53P(^F9K*gH23@b1i4*5o;rA?RE znnQ#1NoH}r?5T`YgE^p#;v6pMk9aeF$*;g~k;{};#l}=Hs>KND+=zm$NeH@kCs)WE z36#UEHw@c9yp5w!+bu5k zX^Fpr(UsGsWxeGm@qK#0hVKsTW1>Af(|1~EX7b{9T86JMVZ^`QP9+ch-`xvJ z_SPk8g*yJJhC!--G}S`>@C&(_a#idR%#@5~+og#h7j+Iz!QWu=s_HY*MO58rh73t^ zO8DFwjPGy3Gi96OV;jjupaeq_Lj{sfl<{m-dY{F8UVozMiGE{Ai(=%c#y?Tk&h|hY%arhF+`u32J-&Qv3HEN{50O z0uBLx=$Aa$7psJ(-Uh?O5`ER|Q%Z+(W5U@rM~YYZ6T=|bYBY#7^QrGpCzqw_sZQC0 z0(nbyIEHs|J7_(*Fu?6qqZ{KAE!lqP?QhJgDy)FLg%C>N;Q@rtqN^c+!<%~KYyXe6 z_Y7*X?b=4AlZ4(uT9gtxqS9*srT3=Ph$u)gbdVw?0To1)gx-6v0s*Os0tN&Gq(}`I zkRF3l1a$Mf?|nae@0suCwjU(<2_Or#lorrP>FQ#f6EL5jgnx>x_W9@?MGU5lWRSw7RxyL!qw;8He|z?|Oy8m2s6($x+f`XRZNhiB$Py~M3hw!IV1Mv#J1-w4KM z@SzKWBnPcl0%K?8@8Q^l1>*<&iG{|MLl#zPcx`?$U!FXKtR=Y%tH&0?B=z|o?4+@I zx9}6ypc@20zrz=IzDBC@XdEfy-?7;fqAQ@O62Wlt;qaNjP;{ShgT!A&`qwu&C>XCA zx!YhKe{tM@!N@Gd+}eMid)9EMolpiAS3avbiit8fsfouoNkE$1wuRL-3(xi+eb0`u z6wZpvw-n{)zNLnCy(!sX25nOg{$EkP*KU3_0Kqb%T>2IH_#5RU5Xjt z$Obq_yYkwu%v#u8HG(j6Zj?Yb;s2~c`?T;HLxBsmej5Jiu9f14z7jX78_E5*%iX;A zpNN5LS&X!go+)H;T)ER2O5Z7S3^(G{xPM^(a-1JoNE4CZHs45o=auwoG`?S!sC5dS z0yI${TQ`PMCrqs$*gG6A3B)V?0~u@1#AfE&iUd@hduoBif~pXc2QJKC>zN=U@$fG}lUPRaVH6=Z(&ioc22WtcIfl6EN4PuP z6@P#+PkP`->R=_th-@?*SPUq8Oy3r)s~~c=L}J6_9rchK-x=3a~S{G%+I0d*E!h;fY7w**ISppq@H z`;+3+FSHS-FkOP6B6D}jOIdkLiASFq@?$1V|q#y|1QvL`C3lf12;Js#ELo{j)jJi+6`p$2vkP- z{L+5`_{V5qINfyH#Fw(2lzs!FxkwILF__36b$Cs@(HOPKrQuF8zEDkSuJcO>xJ?0r(a>|LBz2O*0>BOwSctjI#3=Q*lX)HBWGQ1q1lpN=WG6)wUU98tip!(e zPg2upn&(5A;#gW?BI~8Iy=Ab)iz}T5Xae?l?0 z=Trggir+XvN~MKGuHi%$AHHA(QDE8&&PK?XML-Nd&W4k|gYs%g!%V_Jkvrv^XhQc* z?8Jqx7b&2HJfxgFn)%Z&7!8lgO11Gw>6@lD=@v+9=KVMND3{&uQ>A?O8z#K@Q(bd< z+XTgFIs2t9h)YE$|57^56=BKQ>IS-}lN3$#4y!&7C5Ad^uaSRi4VQ&E#fh#217uMm zqdzDX(o=T>)7Jw!at9hY?^)vsT*SY>bc?vF)h!s3&3m8LE1boR5mBGKDS(R550OdB zIRQ^jn3-{beLbb7rpOO(?u>E^S>}6M=I6xN&Oz%yeDDVjTDY_OElGWQ(cjHgy$)Ut zR*1i{o?R@t7}nJ#K7dpEYgmDjKwdWu^8;h_{J|I*_#LzP-{tdn{GaqXa~&_5w5Qzz zggKe@`98l6$OetyNKS#sy@ljdxVcJ| zxQ*AN#AYD))X7nyir>dJU&wmemVV|!6jug+wPc(tLElCES7ex#%J`$nT&@>l=-Y|H z4ceGa{@?St!f?rQ2K~I>6yJI6vZE%AeE>h1q&`tN*vL|M3q#za@HMQJ(ri7AeTFwP zN}K=2kcTn@;QZ+hFNWjlSv|d43>hG5So!G4bl;4?Kb}r16I40H7Mxb(DB)`!j%p~X z*lV+Dz&BtNHTY(D_N`10o(NSY=X3ltYaivT$2&hl6MLZd*bMwuJGSTe>CWXcG}Q$&yGplO;@zG zjtv;4%?G4IKOBS|U6PhzolcP&3zmASMV%eiQ8sQ(6o6B9cA;L6 zo%DgS=qpH}gz<4D{A=Uv{#)4RRPuuI&SoO<1Y4a-h8B=tT}?I8e$0P18QVI{%n7EK zP@k;t+KOkEi}S`KZo1htDMr*L7~=MaRC zvSPJ*G=ruS!$IU|e9q(DcEAZzt1hBDU#6h($!k(i9=^fR_wZ+&nT~?+!aIYZj-lbV z|N0Dnf2W?Y8h$go8Zau zh>SR+JYF%PKfFYd=_oexDK^3mDl**Rcce}*roeP^KPh3Ujp+mu@b~(6t*W_zu2S(H z;c=Jpr3r`V#tCtbtiJhwc05b3^?udfO3ZJ+$oQW{Yh4lFz(k*aXX=^j0maDK%53Dc z&g3sraIOMG>*8iWds$RAz6K&F6ul-hhC|HVXo0rZ9=^7-aTpV!8l@zdScSM3p6fsK zC?1pdqpk{dJ%45`OVj+TVMM-3+@Mn4w2!XBZte4(U^Sw#XztH%h`2Fv>WV?@8pe;` zf_S@DnsRUKhgtQrQ3^iHsmf$)0rRk^w<#zBwphtfZ7Aq5VW^WRWx zW>9$uLOnHEiv1e=1Su_4x@HviJ9s@vBX=rc($~LSF?j%m*hP(5iN4I85_?@~?Ygw7 z=``y7Q%ZM_a|rP7XSH;-tjlofed(wD_@F z)sQSb#^rAoMwo{!?mAPZ)P(QqAk_w|zpB>Hfb z3a9wnL)re_^{FcbKYC{5zKtEn2IIHah+$H`VUMD6-_!7BK?kZT;5x!#MvkWYdxyCT z57LM43`UAQ%$XS@9zxSY2ez&2=WiOnqo#Z;?F|WBKUZFhbWu6c^@{yFb^b306n6Vs z&Fa6%4C5IHmyd1zUn1x~$6Pvghs*!&`TlSIcr@=ElO!Wxo2`nD=H#-Y7X>$d+m-$D zE{|=`GK5LzK~ZCu0jXnYPr;cQ_!&TSOH?3m*Job+_GD=f+I=8$3w0i4G$ki3%Sons z9Qyp<-3_+$jLIANT&FBt+v|BB#Db55iv!mc+0Th|PDJ~99qTc1Bz#*9os=q_eDQLn zL;GfJwaLrA&z3`wSQXxl!yw_C^*-L#w|qBRhiN)^p}qhP1Oh}J(SeoT4kyVwS;|dq z1V+aO0}~R^e|R`J>BDv47dhgOhD3+n33cFY_LU=T=XwiQX^x(cx}0i&wKb!s916|I z7duK48H}I(iC^OJ{XUtF(SotT(B~c0e+_??>OFC@E_jpu=lK{_2N-6?%W*tb-i?}t z@C(FhgKa$UUfX-gZ;V1;O{g=N`VSr9aw98TTB05rMOhY?-~&J5!xX=50K+L{N1`75 zgX{Y&8KG`<@}J!g4&ocbwKvUU=qwtn7GxqLRciHkU+IPdi@nB^oJ#N8s7zGt2qaEe zVd|kIrx*y<47v@@dAc3{?u;u?VRTn{)1UZ}3QvJVMjMF2`YJA{@xSggQy$JSD|f+J zF(ubB)2L6?r8ERA+XSrIZV^&A;T{&5GG^wtPa{r0jJv|jw`ot?nPHuiZjg1aN2M}GVan(I) z&mWix-ozafn7#z+0Wh7B;9nN3?Ufa?WXL0ES-yb%>hlbN?uqtT=3$^bXhsq}p!#B- zz$@-XfxQ!4G{1DBdgOcc=trM@x4KqVr5|1_pr{W%YQ#2LSwL!KV+np9rj0@h zux5SN1c0s+O+==q#qH@RbJz`V;xE!%A5zf?>sRsD2i>fpyumuEl<07I@k`EBMhDak zR5v@!i~^e;r~kG!FqQDl!{_^Zwik)%I^4Oafy|>d)JIJVmWA`HPK+;BC4*~a!qx~A zhMp<7EhEBV2UNP~Mu_CAR)_|ma+DR{g*TAn=eNtQ5MGJ*D1%1H2JzeGKeBcK#8=q* zzm)nwgXNqX|Ga@JnoRiW1G|H?;E!}~h>mm!FV~;TifaWS%fPSzXn3ow%0h#Q4S>e) z`@Z!dvt*qign>R--y%nAZH+H6T`{L*w@?sfDKRq4N$K~@98%Za_|%D)PBH+&DGD{z z<`oQ3xak9$0C)%k!aJb8V(-OPRx0nEB1Fq9@}w}6@~Xve86b6*22T(lkQTq$i~m~- z;3|DT%O>i7sr$7nm|Cjs_nFPXEcXO4EiRa{yF+Ap_i)9VS1nSRV>ef1`QpV>AX$by zHbZhT=FSxMbSRm`m5*j+O0?HvcTB>TuV6YDI^X#S`o_yrn6uHcuK*>L^pVUXi6ivt zp+oB@6wgH6)B#bHN+Yr1njTL<>X9}ossM>t3yVAKT+tD+EZK;S!+G`V)CB64IBX>5 zI*pROX~mA@ETHT>b3&f@ldJ6~WDizpS^2y_lo>LAOV~&EE6uM((sNF@`^n}h%|RSI zxGr@guK5~~y9DmZbIV#$OO+l58dzKT)i-hF`z}H#6hc=btau-R5?I4N%m5K(Js!uC zg?#aUcu*1j;w*-08%BxfjLYalmJ8Q2=jTDn{Pb!b)=KZei?^sCmpt&;mN%JOIg~6r z!6t%=y6wH5;|%z+JJCZt2!)~>#xBgYYxvL6p4o9H2MBZNrphr2wPI;mD_UC!r^h~P z*jZ&j5O5V3o7&uFhXGT4J5tFD7tue9 z(<*gRg8g_d3Vr?en;`L9=>%6|B`BQ;v|rb`)nUPnFi1$5>k?KH1p~;m*##{ zz8}BmPb>n!#lc&4TM39)vauhcXBTVFwkp}_#W^T>@t^M|G27t6UVU0iEMg>8z-|EQ z8OjtyM2d|b^GG)|yE%kC6&TSCuhKd3&|>(|zirpXLErub=Nm}Vo7MdJe`8oopX_#@ zs>0sS6ygH_=m5#U{7l=g>cgo~-d}S@%3=}Up^t%2Xd)s|6?AB4DvKOY3Hu8rT}&0N z6O8y=(8F3udN?kOO;sEQv3Ahnt~c!)@FSuH9jppDUiOun@eIW=PXm)BdUp_?ZzSuv zdFM=Aflsm(0cR)6d>-3xDZq4q`P&Fxo#XLH@QfW3lN4b#x$#yXk$uaXPz~@n5|OUq zQse-tfIY?piAB+v2l;S!aL|$DD?w{PhQ1f~z#BJY)LASqvNiXCH(qM z&A4ne$*jue@A*>4myM0Ru}(ky5f7IQaApH~0oWY2SQnUoR^yH0(l?FwQW}f3D?f5} zU8fXLV~VmAm9$8cLwTr5jMX#1?!1iA4xrAys(6g>mI7c}aQ)cI386$= zG}hDuYIj#bFcw-wL3sY5b(555K_JV%!h!VexZVg063WJAyUk7+ZzHQWy`M>;(104<@u{kv?{-{h zfC^+R7&7RD{i<)4*E78tX;!Uk!IM~T$TPyBXaf!5R}7K3ERG_6z?zoH&o=Dr*aRpD zYth{*NzIaSa%D({$o+(j(ICAg3-7m?Q2mqeRA$cbcdMIK6rpIiypYarK;_o$uOQmX z>{rjZSBn_Ev2)oPd#zCyTm5JVpnErWY5{?DU=VvVsRojkjb)Z$eKCOkA@5@hAz)Hp zO(yNMBYa+^)n@}RK0F0MapbT|x7cG;yDX+lTquyz2q%yIA77qgK?2TLdYW7J#^Aa`J9$-@K~%-pO@lx7??OWu#~I~z z4Pt(sK3`FsT=yx_T#o(4;&{vC1ADy6{=N+R3nvSW@~#OAQygB>HblhDC5yCK#>MGZ z_P}XQH8?~jD;Z*%wsM4{)K zcr?wV&-3hC-&Zp=9A!3}e1je)w8NSkWQ`xCYU~wS?HD~TuD<^c${|84?lzYk$#C7lrJpTL}-%ir00>#Cy}7Lm7x z@&JT>QDZh!G?#oiD9msDqy#PvT%+K5rdEJ!WE?Cnl%dROv(88Ak3N(S)#DY6WxbG@ zzIAK?*r8x*g+%%H7ckarK$oa7G3lEpoC)`gZus5`{b#Skz2w2~0E&&VxR?Mcp2xAv zN7JAk;50W+$A{=RdwRH}{c|eDT&H~JIX0wYAbDe zfo4ey4n}>YpkRBYas7*`4@+AM>S`*m0F+f2AmYNyuNLAnnBqIvEb5(pQ`7Kq^wHw! zUPP$o>CDre)BJof<|c5dazSgU=;HO=mc*9B(7y?Fl~DEj?I(bDin^`hcF9>>BX+Q( zQY&wrG74iEgUXkzhnM(=-Xm38yM|J(zRnSz4v3_I8}-lctX zQ(23KhGLE0F;G60t5X#f%BWLz>GmLMFbY!+>f}Pb?3lTjU|z?`V!mlYN%=!0=mjU+ zpR(yu+aOUw{V(VUXTsISD!N+-@=;#}_YJfcS`4crsXUO8PCJifgWm5zZ{gYjRn^+6 zKma#C^P3{6`zzC+r`bK6nU{DRXP&2~GJ^6!S+%B->CXUuz9*|SYY1WPgvN#udqkO7 zsZ(K9ZXP1g_PYVJgErzJYLl;$xs29e3OFofoAEp3wZ~Ylf+O8n;=SSYbE98119$%h zvJN5oS;5?iUCHQ`9ll7JeWyi7hz%FLZAK+^*G-qzXqrF8@X%iQOxuyz4iXU zS0mhOTdp4-9FI&rFKI|PWFY@!HkO!U+UQa&J~ zKn!EMTSyDFXSK9?7;TDMky+E@$TgfR=<5j+I9R@(b+FoeYhQbAmWTRTjS5Phnlh` z#Mf8!Y^u^x`vTU2b$z?%*jDYjV*YDJWx(LE!@38$S&|Ye2p7vk?mD%DbRPa31R!>P zVnxwypwEqOnkXz37ZI_N9-QGw$e0&!d!VBdIdB($RAAk6C-$|p&&R$6Lt=|K+KzTf zMYvX_M%^0uL|0;lx*}@1s+dgXeWp*?)Wt8Suk5j6KE{7g$hC5)g_u4?=X7JwREP(3 zh53mQv`Et^Y@=j_n41fD!mpQG65n%RR1r%qCF`-arO;o_whwFYxLC)+oC#+3m^$w1 zgcUssF5PkN*0{gbPO4&29*_70RqMMr5}1ENgFcIK`n0-L0i$L-MOn@%$<)?$O?;SM zotAe~e^+PM0T?rrx-J9rruX|En>I=Ep%`%T=%N-A?HWcR!)G<>O+*mC49i5P>$>Iq zJ6iAZ50w=KvI%NcCFdn)y;KC>E z=z9o@@aMGdtt$Q079{Md5Scet##|LjbKu4FXkvGB8aDkc`PZG}9Nh#Hfs_ncdT%As zovrxALG)vRn_cR%(p=~`I^Fmd-F-ZE4BU~TZ_OXfU+i1rLrL$Z|X zQiJ+sZpkG4eNadWR-12hWOlM*o0Qv->#fsK%%2(O3;Uj|gQ-{d=X2JxA1FO#>A z=g!8LLaTsdxru)$a-Mf%s9jac7p55>?=%ipA9r;Jy zoXeMG-BF>t>$=v@uaCF1B^kX}Lx%Go;rueb%*!mad>mLUcXp`ORbW*6Ezo%{ZW^6U zRpQJv69mcw!x?S}fYZ1YOA$f%AzwcW*Vl zo_ZnB7)U@h25MuXExv~qHb=gqUT7U9{CNr0jHJ<@uzA7A^PS6Yt7UcX$|DP_*$FA1 z?YE90Dy-jM>R_Af&YGd-uSi8QOz%38o+Ex5L}BS^omFhB2G;W~rpI-5fzjEL1#y@C ziUgrkHX?E(Mm{?}AC-Dg>wOaUnBBbFyBoI~553L5Iw0r`yx)vHbb$#sJu9))B(D7M>3g>aP9ksUm zSbJ8c;^}i#5nbBql1^&EKlSULS>MJyaKJRp49v;3xiyJ?Q$J(YYjjgVjr|~$oY2Y>UX9%!Yp$95K{O1v1 z2C-W`XV8v2l!bdw3#g*rI_B>V#cczBalLQGjxvEa;sAhmw1`oId9#;dR0dFe zQ_^i0DCQ!J)3}W2Pae-|yw|#^JC}IhENtUR;yfLAL;DMTR5;ABebKMZg$jx-cX8a; z^(V0y1(%hN&r2+H+RZLWAd>6mgEg=Nxh!^-t-?78-Vum=$kgQ(HLT~W#%@Q0j_JBZ z4Ak6ZHoGmH#R~B5<;>RZ4khKEYvhSlY1bSL#=e2Dbmk+U<9@F1!G*hDwhTmuIC%c! z_(@E^JjrVOqh-Fg9%{Z%v67L{uogPA{5xuKxdAc>Qk=e?m*8VU z;_vI5cwS34Vd5Sy(qBkL$8^No$WHnzM>8eL@3)YRk5 z`_2F^It3}?)C8fvtLceT0=03i2M6IX0e5%>8=>unZk_EHQ(?pg>5`hO63L$DurF1VvJs$M? zX`oHMh6G!dGedew$*b$g(@tRq6LX1z?8Jh1UkI+g7sZ}ZWqeXDzg=br@**M7==MK}jG3I!7gOyB?-bLQUak&KJ} z6Si^mTad2Q;QVg;_}k!j6VayIoa1Dl+@PV@yS7y~`;%t02vEq~7~`%FZhJf>|K2G%&A+3S} zWvrIgnZTvJO@2bs{PGc%>}T)6qbM7+jpVO*StITLSf3V;)>QpUjsF_d^$bYIZ%~T( zBG~4qXVBnc@QPl*x#o`$Qg2<7nJk>ou^Lkad7k-_Dz6G>d|=@%k8} zi!*Y$jPV}66w~bBu1=<|;lUtfNre64_;bKwO~Z5OR&y--zd;ELX`QtEvhk13%6o*V zH$j{o`>{EolS!2I_nP8^u&531p&bE|IV~$#=^F`DoGXdj1e#p=$<$x3N%&e{*zzw> zQB$AEv(axW#c5xW^7)8OpXmYl_i4dIBx_yeYX9nRiwOVMR!rB>ip>D}|DT0%Qo;oO zdrtr3IB4k+!T9H2`)fBmQU(myB0R zSc`fhk$GLEE&e%`hoNEs{{r8M* zPY4Amzb#yB9!SYg#%0pY@dSw>E04s?x0dxxKjn`xM z>lh%E%yjj)TUDY^2R98Wkb7b8@*_Q-Fd1pPx)?~$6l@W%hap!nPy|(C^RS={~DL@*rcCvMs?u}ot)6k$f%2nc)?*ako$i%(X9;}6{v=u z!jT}L*3%Z<$H%MICe~T9+8^IOWucEqO$G?~!(DFwsGp*K%mxB9@LbLI1ugVF$+qu4&B?6TY56lkf*@DKlX9*w#gC-etmo3;5Rq$B`ul z25C;lcg#3|dH6n4B4L(T;bokqRuj2i7;uHjksQa}bJjKUQgVZd_s;=Omv06xar!x@ z?@i+K3iNH;;}7ki9BaFgDn6S9<5gPJ>Ra+k`1eCX8!Pw+?N+Da!?2$`s8v$_C#dVH zt*pF7ecuwzci)&FMNY^JE@4|bcMf+B){Xt!sggJN;LX&x-R&}6o^JkgejVgEJg3Wal+0t22AiIGgZ&G0mgw$1lKw6zTs_b%wxNrRkZ zRWyP7aa0=O7di8Cq90XzZ~ry!e-|Wa{YPiT=TAug(OkI+dD{5+HT|JqOrLWAuCO@! zhrfrS*8?0k?}ooAu6ZzD&28S@>YM#;>%L{MNAq3=D)A6fAOjVXTDVA4RFkoHJf;)- zm5*gnj;Ur)Ngrq14asrxg%5lC$f(Jy&fz7O^f3#guK7gg-L^+YMU*|4XpKzenS#WH zx!c(vOvaJlDA*$PsXns=i6fjC-U7<>%N8h0EN&_`M!_frm5caILEFDM(-2NZLvN8S zKVU_b{P|X9AfGLk=g5)v~a@!-c!#;YM|7v+bvy+rxtI0K&F6Ho=|pUglltGJ!U)IgLK#S5T6 z9X{BBT6Jwa&u7LO*GU@vQp8kxb^JA3rR1QQl&dmLc47~|P0M&1%iAK38Vk?Z4V{PY zTwE6|Dm>qD%N&XJdeyBW`J{QDAui?@v6ALJY9zuaiL^KPzbAtP0H=;M6d&|G%9#eV z>nK0fXbJYxJmg;SLJA34k%41!*d8iU-F1@Vnzn+6Dl@XbhWnf>j!Y1l(;#s=3llQ z#{M=x7(2YHG;-}(alJybDJfaOHRkqc|5e8C*YI_LSVq|}!y=E`;IsGYHaNH`U05-O z6`ovt2+QC*uW$yd6y=T z!}&c>>wI|GUY$!!rWl&FtcG6aNGw{|Fr|)%3BrhNY}-H-S0`O&ewvGQH+KuX9#mtUK6xz}yUI*_nDz!SN=g4sjYB|nmX zB=h=`aUeEd0dWueH!QxfMVC~K4?U7%_cu8HPZef+5`I3k&opX0lcgtso=X9Hez_>f zC>+iaJf>;&U=3IP@ zFknff%Hf~xcHwq#&C0hC)T&ljq1nhDe;pg@2gi8JgwYTQRQNx%A_B_Sm_M*AXi6@; zn}dmzCl}ZY&NirDqtkPP0Npe0RySxX(`p5<`xy0&aS{5(3GL-*IRT_Vc#*A@;NrvM zEuNhQT}|51dQQ!^`k4#v#|!FR8)C#iH=zU+Iq{S;jXRoXR@7dme)5*EeUsqcuDjDn z&f;}QV=aGx>b^NUD|ObA*I46NX(F+#d~fzTjrf-Qe2kObahR5TedL~p2Sw&x#2xNv zSO$w+U+5q@<7?cX1Q;QHM%iaXJ8FRR=^U>#2>XouOwC`V`*xRW(ZS}B|7PU2h)tYDPN0!NI`<4U%N7WqpFzl}Ky7g8VBxx23oT}b8OYnOa0E%4YRLOcOqq0+K(L#H^-naxbykM^_Z?FZb~jZ^b`YCp9Ko2MoI`NTw(LO^QZT}&|NwJEBn132A+l?z1F6-i&aW{PZi zbq;v?%ZIM_tOo{_df{+q;fP~nIY^`+=h7wq4~BX=Ha}{**0LUwMq2~$>`Z- z>GKcvMh_8V08Ny4-e8es}6MIUQw@bLq4TAt2561U(YJpk68@Ta;#Qqzl=^u(EuNbKV z7A@&zpwhHa0?-P`D~-CdWzpGGWCWJ9+C|1SMR_gT*4oio#41(x(%r{lJB_P7T*+YfdW0kx+>qZHD0B2 z22H=={@6EmB;`6^b2dj=`?0SPl=y%%(CXwhL(m7|9%?a$compD721nfv*Bh^`vG2D zd-eeaetps0D=Vw@X!xn^%o<;=a*etI-~$hX_{tgO*(Xa;zWB==W~h}|(eGwhi@VQc zC6|?p5bg=gM}5|bsNP&;JqH6~1q=W>)VLpx>n(_7TqONbj|`@C@zX9hhL2u8L=oP`_DefmP7KmN z8Q={A%zkAI1d%?JyvUG0+fh{x&_0`1bR~q$?3-gL6W`#wszI*1zMk6#nKpu$`zU*#d$n2v&>_E19^3fT8yZCBvEdf%|^ z-C{jx40D7yssYImF99w<%(sIy!cRX-$x5Dz7v{$Nh1J1#Dw`vqyfyTWa)wNm)s<_6 zy5D#CdXbO$yGr2)F>h3WuL>-eK5t*sA{^KV)L%wg-aa{;Bo*Kro2d4VRyOYtmUmgF zLjY01xa%MbxZ7LZSx#GQ3tmWog-HeONH?`bS}`oEvBtC%@5thQzp$$7%im!93mcH- zSwP3Hf$$YavD~)Nk1hc{j`wO;-@_tkJ1@NHvxZIlf?2CzNkG3|?HAY2BzO zRf>)MqWaI~aHW;3iufg+*qgCBs>LtXbN5u$KVj+580HAM{-Jn4?n1GPbMN=}n@%}T z;s!3KtlMor>A{<-PfIPlyTyAs{^6+PvL-;ZWI<8*?7iYFx^v-65YaD#ALCA~8C{3d zHa*GFz-Md_;DF{Hjh=el<8Nk!!!9z`7%wCgfAyfTjD~K#e|UcF@jl`_apl#K)F}vW zYU%hjU*zl?6JhW+rx*4cLf+Qma2>(Ce5Ll)$*zyxi|T%W)MZ6nxAC-5=-@M)cnILv zWWwKIK{kow_E3p=Yb>FH@Gu1%Ittl$emHzN1^alJ*mxZ@eXHVa@~Y~KA97v2)%R@r zAs1|@W_Rb4>2IjN8v?R9@{t!@>(eSopsj(-_8r?~ipl7y#CDal9WjqTG2|cT@U}{h z>(hDjM=Jw2u`=PAJk|l{jo}WwOn_w>-Ac#fs&-``6A91;A-{Yz1cLKY4zW3I3B-S6 zldgXe`=yOL-tx}LUm7XT%gnTD$Rj?3P+&JW>{}(FDV!L|TmSNF=%zVtu%3Nym(xZ4 zQbF_`m6pQf+lZ@ysbkoNC2FN|w|$*s=ES1IyPf+AS47yLa`=< z19E7QN1W(}5!?n7#KYBaaOKahgb1g^o7Xb)VmF3a_E>HySUkt#Jcu6*Jtm)Y7+Ab; z%8&Wv&%YhMro!-wK2*>?q=0>(U2<@&PlxW$r)Rp&-wy6uJ`+Kh@7bt2!_EbXO691H z3gl7EZdpklR;X(j2Jy+9tuUeJ1`wuAu?gwqv(f-v@h~*V!;=FgzR~}@uVHx)?kJwz z?RK1zxYBWe?{?nxmnQYsF$pbGekn*w_1eSOS63W zmq=+yoB@X(FgVY+?TkzOJ`E_fx_0j~3wTh!H0jffYh*~^>a~!HrH^uDPHZ#1Ina}r zlHUFP->z``2O~ef#5NGoErHmgaAFpXvV7IqAm7<&Gs;Sf|6_wy#G+S_VPK*mBtT9$9)?v)`kbf93 zDaHAXDDn^^@Z*lU^;C^w8U87gz&A4*ovXM^h=}~8G(grqLvq0u{kqy$Ldrp9x z)+*q~&MZ$d1|#_1c^lU?b>kR=P}jNE){~pWEjYbVBu+aKSNqUiXtaKs3(TJG?D(0xOh-zSZ%yYLO11o(wI6XU50QgL z@J8Uq-NqIV_gwo&7S#SUgP+@Ue+1;!<4XnD$O7Y*3SDrUlgCN$N?JrweOo?1%7=k= z(&&9`82!E3+0(LwW;bD0?gTQE<;-}FLQst%yaLg9g zNpo{;r5&YG^6ehpf(;7;7g*Bj!nyQcHcnY(YpMs?gp)D8Lbg1HfPwmr+GlpXG#)}$ zmarS5rMN;voG0`mkSOac`cU0;HE!*RaJj|P^~xBW%^vrnHI&m_H@Q$g_<=*Fdm2&WSx+mr5nNig#se}bdj3F0@S zhYL(uG+BgZEPhFL_S-%8r3?*ab%%LaAdm&=LU&gaBY|n6%5T86GfBCsQqK^P7o(RQ zjxY3v|JPprhk?JlHw7o-^jeh!|6VCf#e@iKA1I^ zEA>>P4+>+J%@}^22Y4+6drXr;PdVCMF;Ok>K)vIp3+&vr6!a2*2;KSFJ{?mA9Fc(p z%3y{F3w>vA7W2gyVm|WS5XjNPdpp){)X29&YJVZ1pDYv=y&NQ~-|NaR#mwnD{48{6 zy&}yKSNV{pDSq`XZ|CYCS;`*fBwG(10X6`=THKloWbs8p-zBEc&&Fc|FtlqPqWtVe zAbGml=WS``{k9{fA^wyl?^jbVnT-KjIETXVSZV&pP-z(vryDs?8${GQ;HUm7`aEymWheYzZ&$ zGe&NaWghp-{O-yWP2U$i?AcVC%BEfJ7G`-{yrbcBoR(3P#kIE+w|C(v5C14LTW|3JTQHc#xf9`4U zl4VV%ca<^j7RMR8yVVcolaz2_?izJI!2B*l4bQSU%G7^@g$J+}XaxUb5PPZ#IXxx&Pi2 zg-hh-rOBcT5#hnzo!L}T=|Xh8`cLc=zo+y3fh~4so%Kn4`gt=sdfSpbW%5Pp3f|85 zTvh3mLMTMlnieN0O1v^(={}-$Q7;L*=$Z9bc18x*?3a<=1L)->oP&vuEi9wh1QES? zuL9TXgx+XF-Xw{{2P-J4F0Gp6b<}GKLc}DV`%q#-L0*ySG`9VIk(!v)n6{2U|F1fv z;uf@tnt2!5(-?4I1`GU}U)#CGCyNQX6#%ye=4ab$o+k&`XTZNfOrDV3&!JEkolTi{ zpVgobdr712c>B>lmIOviB!*J6e3}kE(nls3($>MO;faLk91yfBhh#!L3R`7(?(VO<cQ2VM87UXOyymRu~!!%Cj>t8i!k0<#MeCCkCS#NKL_aju~`8h%CZ$CCK)}+7v_z z?JeN0)YlYhi^{`XwTC>&_Q+t)k%@3#nP7wU`3cb_u+ z9~1EOIpzAy)xT1z2BYq(eZPgCA?2Ni;d4viy72Z9A?$$UVOI*CEJMkKfhZguQ@*8e z{VLCp6z%_EZt zffFLzzmaVJMz+26J+SmVfAH(yr29X8m^C3`;koay$E(u#>o4H6XN({D$VUiyVN~Co zeT7w&{!PNKwUpmG4bRUg&rE~k!p6Mt)7J?bI-t4+ZY?X{nNjwOwGd_!&>6khs;5SI zViFn(P7Hoz)Fw}=747kqz^M|PELu16w+zAE1JIum-d+=?>dLnYaCiKL1vYF!n$r>HYr|J@reQ9qwAG}r{Tf#@O8C5UY=DRn6$~YKGFdjTkygx94bI}2of z&*p@;Zh({fmG4X{&pP%!Hzn-*UuM}8+ZQu2n*sibSsP62hTxVC;a|K(*wHDN7VNxE z_+&--^F{cthpd%-XRq*yYlV~pbio}Ruzv~e8iLM<;0z1zKczhG!>wz?*12!%dLRJ_ zubpSxflM5FqYw%UBY7o!R{6|j~ z3PVQ}3Jc0}C5Ml!g?G1eC;~sePS}(ZLV>k9ARr(hARr*%H6wcIM$%WK_#A)!h|9fq zZzmh|E)vJ4eulsPH{ayC-}wYvnB#%p{W2r}>JwZW_f{+>g+hU7B!rKPw`xNCTPL38 z-<{bDz%LD7$M3Gc^;L_a#NoMl!>hyCdF9L^B-5~dNJuT;P<@KCP-+ONyhA<)_)1|$DK(Y8 zewU~VYFdl(HnsK$oC(#kdX~87r=7Dl^kC zHgEgNaJP_+TOnz!zczGW`J2+JDpNDc`I5D$5B4~8rP_PVR}94kr4@3>W`wwBx9MAs zv0gF!)(ypia;_xQJv$!zQ-a@AN(Dp3b;#%K_3hz7tD(#k6yFtkIs~_+OwB2+s4$dU zE~|5ys9tWz+M>rySqUeF-mI+r?n?->XgEG@!&8QOU@)g34sOLJg7Z>BZ)#NziKby< zLK!Ow;k2;1-|j8Vl5(!p9&>5y{@+|MoSKB$n*H{S_6hM2h*3&&O1UNE^Fk~FQdK64 ziiy}U8FG~BymDq5$^w184n3*%9_0Z)P(D9#gnxecI{@6%Il>pWzwZZJqSub^`=~0Z zRO$y^lz@PMfPjF1FkZXGI=h}VFaI`w@obV0U(-RzS&j{KX&il!r`KN3eIm3@eVb=T z-^u&J?&WTX;v&959d~5{9Ct2kNW9c)zDgk!zvY9|7EA4IqP(QTa0-Uo=UjA!@d+nk zQ+k!9JcV_Ou3k9b3k!XNLOvwzOxYLTN<~TLg-zMzn<#4R`h|R-B5gPK zXb=d?l+VfNulM>uZ zEvL)X8-k8LC5wZ16`>-I3oRcLbs1VG47HzQnm&dL3scFQk`$XHP8Dz<*Ja3vYeoBV z{p1|d`PJ_%^!5rZh1LX2`Y_pmvo+}UtOfXt3%BR21+yz^>v6fg6eW}rHl)S&3l*F- zLig&I$OxM<0_x-Y22H!Tt3y6QLe~IvUDPiX;~SfJPL}J_9`Rzrz_2i&zRg%K7m}WZ zqDn`^jvwbj*K6O>_E7UTT2cJXPo>}+2|5XZxHn)tqtxE`+SV*C~@b3s^(>s?j6y&{f_ixou63l-wH z|9^XTuNqYl#R2?3XJ*$$jEhDDMFd$TcK=FC`}*)Q15Mi!F2+5fLv?#|phAIybwXYO41zG%&f0IJXoNC*&T z!9q$3O(h_5Vtr8RBI2N`B}gsj6c5n^RhwP(BG6RQl$XfG`(B$m50Qj4a2|n3U%NYj zAR#5~?wl^2G~?>-1YRs}RBKD;q+DaLUx)Xy8}&zDt}%NGINKFnH9~Xmm=9sF{Nmw} zpqhLAT?d{=+bR0m35P3-g8enMU^-hncyIYMI{4r> zu16`iLxPNJ7G&$wH0*PD&c>C91)s3~*AmQH-}r&CIz=Rwu5v1u`Uw;Wj& zF**3!kOzS!jYhTmO&oIH387p|5PU+6+6%m$APlryLR7WO_XSNx5NcN6?)5fIlYkJo zx!4Z&L^KsPzZ85z?RFcDMx$@{Tk|9S#qk#p@k?#C`sSficyRI} zb_uu5A*z(ljJ9(_W7?@yzImQE^B{(33#6QJ|Klp|ynod__VV0SoSi$cjivfOTnbJ^ zM6+npk4sOi8S1!wbP@N~-T<)o%AS7zgbVu)W6syd)WE P00000NkvXXu0mjf1djoU literal 0 HcmV?d00001 diff --git a/en-26/index.html b/en-26/index.html new file mode 100644 index 0000000000..aeb3ac8345 --- /dev/null +++ b/en-26/index.html @@ -0,0 +1,1307 @@ + + + + + + + + + + + + HPE Cray EX System Admin Toolkit (SAT) Guide :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + +

+ + + + +
+
+
+ +
+ +
+ +
+ + + + + + navigation + + + +

HPE Cray EX System Admin Toolkit (SAT) Guide

+

IMPORTANT: Starting in CSM 1.6.0, SAT is fully included in CSM. There is no longer a separate SAT +product stream to install. SAT 2.6 releases, which accompanied CSM 1.5, are the last releases of +SAT as a separate product.

+

Similarly, the SAT documentation moved to be fully included within the CSM documentation. Starting in +CSM 1.6.0, find information on SAT in the +System Admin Toolkit (SAT) section +of the Cray System Management Documentation.

+

About SAT

+ +

SAT Installation

+ +

SAT Upgrade

+ +

SAT Uninstall and Downgrade

+ +

SAT on an External System

+ +

SAT Usage

+ +

SAT Release Notes

+ + + + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/index.json b/en-26/index.json new file mode 100644 index 0000000000..49878f21e8 --- /dev/null +++ b/en-26/index.json @@ -0,0 +1,204 @@ +[ +{ + "uri": "/docs-sat/en-26/usage/", + "title": "SAT Usage", + "tags": [], + "description": "", + "content": "SAT Usage SAT Bootprep SAT and IUF Change the BOS Version Configure Multi-tenancy " +}, +{ + "uri": "/docs-sat/en-26/about_sat/", + "title": "About SAT", + "tags": [], + "description": "", + "content": "About SAT View SAT Documentation Introduction to SAT SAT Command Authentication SAT in CSM SAT Dependencies " +}, +{ + "uri": "/docs-sat/en-26/", + "title": "HPE Cray EX System Admin Toolkit (SAT) Guide", + "tags": [], + "description": "", + "content": "HPE Cray EX System Admin Toolkit (SAT) Guide IMPORTANT: Starting in CSM 1.6.0, SAT is fully included in CSM. There is no longer a separate SAT product stream to install. SAT 2.6 releases, which accompanied CSM 1.5, are the last releases of SAT as a separate product.\nSimilarly, the SAT documentation moved to be fully included within the CSM documentation. Starting in CSM 1.6.0, find information on SAT in the System Admin Toolkit (SAT) section of the Cray System Management Documentation.\nAbout SAT View SAT Documentation Introduction to SAT SAT Command Authentication SAT in CSM SAT Dependencies SAT Installation Install and Upgrade Framework IUF Stage Details for SAT Post-Installation Procedures SAT Upgrade Install and Upgrade Framework IUF Stage Details for SAT Post-Upgrade Procedures SAT Uninstall and Downgrade Uninstall: Remove a Version of SAT Downgrade: Switch Between SAT Versions SAT on an External System Limitations Install and Configure SAT Authenticate SAT Commands Generate SAT S3 Credentials SAT Usage SAT Bootprep SAT and IUF Change the BOS Version Configure Multi-tenancy SAT Release Notes Changes in SAT Version 2.x SAT Changes in Shasta Version 1.x " +}, +{ + "uri": "/docs-sat/en-26/install/", + "title": "SAT Installation", + "tags": [], + "description": "", + "content": "SAT Installation Install and Upgrade Framework The Install and Upgrade Framework (IUF) provides commands which install, upgrade, and deploy products on systems managed by CSM. IUF capabilities are described in detail in the IUF section of the Cray System Management Documentation. The initial install and upgrade workflows described in the HPE Cray EX System Software Stack Installation and Upgrade Guide for CSM (S-8052) detail when and how to use IUF with a new release of SAT or any other HPE Cray EX product.\nThis document does not replicate install, upgrade, or deployment procedures detailed in the Cray System Management Documentation. This document provides details regarding software and configuration content specific to SAT which is needed when installing, upgrading, or deploying a SAT release. The Cray System Management Documentation will indicate when sections of this document should be referred to for detailed information.\nIUF will perform the following tasks for a release of SAT.\nIUF deliver-product stage: Uploads SAT configuration content to VCS Uploads SAT information to the CSM product catalog Uploads SAT content to Nexus repositories IUF update-vcs-config stage: Updates the VCS integration branch with new SAT configuration content if a working branch is specified IUF update-cfs-config stage: Creates a new CFS configuration for management nodes with new SAT configuration content IUF prepare-images stage: Creates updated management NCN and managed node images with new SAT content IUF management-nodes-rollout stage: Boots management NCNs with an image containing new SAT content IUF uses a variety of CSM and SAT tools when performing these tasks. The IUF section of the Cray System Management Documentation describes how to use these tools directly if it is desirable to use them instead of IUF.\nIUF Stage Details for SAT This section describes SAT details that an administrator must be aware of before running IUF stages. Entries are prefixed with Information if no administrative action is required or Action if an administrator needs to perform tasks outside of IUF.\nupdate-vcs-config Information: This stage is only run if a VCS working branch is specified for SAT. By default, SAT does not create or specify a VCS working branch.\nupdate-cfs-config Information: This stage only applies to the management configuration and not to the managed configuration.\nprepare-images Information: This stage only applies to management images and not to managed images.\nPost-Installation Procedures After installing SAT with IUF, complete the following SAT configuration procedures before using SAT:\nAuthenticate SAT Commands Generate SAT S3 Credentials (Optional) Configure Multi-tenancy Set System Revision Information Notes on the Procedures Ellipses (...) in shell output indicate omitted lines. In the examples below, replace x.y.z with the version of the SAT product stream being installed. \u0026lsquo;manager\u0026rsquo; and \u0026lsquo;master\u0026rsquo; are used interchangeably in the steps below. Authenticate SAT Commands To run SAT commands on the manager NCNs, first set up authentication to the API gateway. For more information on authentication types and authentication credentials, see SAT Command Authentication.\nThe admin account used to authenticate with sat auth must be enabled in Keycloak and must have its assigned role set to admin. For more information on Keycloak accounts and changing Role Mappings, refer to both Configure Keycloak Account and Create Internal User Accounts in the Keycloak Shasta Realm in the Cray System Management Documentation.\nPrerequisites The sat CLI has been installed following the IUF section of the Cray System Management Documentation. Procedure The following is the procedure to globally configure the username used by SAT and authenticate to the API gateway.\n(ncn-m001#) Generate a default SAT configuration file if one does not exist.\nsat init Example output:\nConfiguration file \u0026#34;/root/.config/sat/sat.toml\u0026#34; generated. Note: If the configuration file already exists, it will print out the following error.\nERROR: Configuration file \u0026#34;/root/.config/sat/sat.toml\u0026#34; already exists. Not generating configuration file. Edit ~/.config/sat/sat.toml and set the username option in the api_gateway section of the configuration file.\nusername = \u0026#34;crayadmin\u0026#34; (ncn-m001#) Run sat auth. Enter the password when prompted.\nsat auth Example output:\nPassword for crayadmin: Succeeded! (ncn-m001#) Other sat commands are now authenticated to make requests to the API gateway.\nsat status Generate SAT S3 Credentials Generate S3 credentials and write them to a local file so the SAT user can access S3 storage. In order to use the SAT S3 bucket, the System Administrator must generate the S3 access key and secret keys and write them to a local file. This must be done on every Kubernetes control plane node where SAT commands are run.\nSAT uses S3 storage for several purposes, most importantly to store the site-specific information set with sat setrev (see Set System Revision Information).\nPrerequisites The SAT CLI has been installed following the IUF section of the Cray System Management Documentation. The SAT configuration file has been created (See Authenticate SAT Commands). CSM has been installed and verified. Procedure (ncn-m001#) Ensure the files are readable only by root.\ntouch /root/.config/sat/s3_access_key \\ /root/.config/sat/s3_secret_key chmod 600 /root/.config/sat/s3_access_key \\ /root/.config/sat/s3_secret_key (ncn-m001#) Write the credentials to local files using kubectl.\nkubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.access_key}\u0026#39; | base64 -d \u0026gt; \\ /root/.config/sat/s3_access_key kubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.secret_key}\u0026#39; | base64 -d \u0026gt; \\ /root/.config/sat/s3_secret_key Verify the S3 endpoint specified in the SAT configuration file is correct.\n(ncn-m001#) Get the SAT configuration file\u0026rsquo;s endpoint value.\nNote: If the command\u0026rsquo;s output is commented out, indicated by an initial # character, the SAT configuration will take the default value – \u0026quot;https://rgw-vip.nmn\u0026quot;.\ngrep endpoint ~/.config/sat/sat.toml Example output:\n# endpoint = \u0026#34;https://rgw-vip.nmn\u0026#34; (ncn-m001#) Get the sat-s3-credentials secret\u0026rsquo;s endpoint value.\nkubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.s3_endpoint}\u0026#39; | base64 -d | xargs Example output:\nhttps://rgw-vip.nmn Compare the two endpoint values.\nIf the values differ, change the SAT configuration file\u0026rsquo;s endpoint value to match the secret\u0026rsquo;s.\n(ncn-m001#) Copy SAT configurations to each manager node on the system.\nfor i in ncn-m002 ncn-m003; do echo $i; ssh ${i} \\ mkdir -p /root/.config/sat; \\ scp -pr /root/.config/sat ${i}:/root/.config; done Note: Depending on how many manager nodes are on the system, the list of manager nodes may be different. This example assumes three manager nodes, where the configuration files must be copied from ncn-m001 to ncn-m002 and ncn-m003. Therefore, the list of hosts above is ncn-m002 and ncn-m003.\n(Optional) Configure Multi-tenancy If installing SAT on a multi-tenant system, the tenant name can be configured at this point. For more information, see Configure multi-tenancy.\nSet System Revision Information HPE service representatives use system revision information data to identify systems in support cases.\nPrerequisites SAT authentication has been set up. See Authenticate SAT Commands. S3 credentials have been generated. See Generate SAT S3 Credentials. Procedure (ncn-m001#) Set System Revision Information.\nRun sat setrev and follow the prompts to set the following site-specific values:\nSerial number System name System type System description Product number Company name Site name Country code System install date Tip: For \u0026ldquo;System type\u0026rdquo;, a system with any liquid-cooled components should be considered a liquid-cooled system. In other words, \u0026ldquo;System type\u0026rdquo; is EX-1C.\nsat setrev Example output:\n-------------------------------------------------------------------------------- Setting: Serial number Purpose: System identification. This will affect how snapshots are identified in the HPE backend services. Description: This is the top-level serial number which uniquely identifies the system. It can be requested from an HPE representative. Valid values: Alpha-numeric string, 4 - 20 characters. Type: \u0026lt;class \u0026#39;str\u0026#39;\u0026gt; Default: None Current value: None -------------------------------------------------------------------------------- Please do one of the following to set the value of the above setting: - Input a new value - Press CTRL-C to exit ... Verify System Revision Information.\n(ncn-m001#) Run sat showrev and verify the output shown in the \u0026ldquo;System Revision Information table.\u0026rdquo;\nsat showrev Example table output:\n################################################################################ System Revision Information ################################################################################ +---------------------+---------------+ | component | data | +---------------------+---------------+ | Company name | HPE | | Country code | US | | Interconnect | Sling | | Product number | R4K98A | | Serial number | 12345 | | Site name | HPE | | Slurm version | slurm 20.02.5 | | System description | Test System | | System install date | 2021-01-29 | | System name | eniac | | System type | EX-1C | +---------------------+---------------+ ################################################################################ Product Revision Information ################################################################################ +--------------+-----------------+------------------------------+------------------------------+ | product_name | product_version | images | image_recipes | +--------------+-----------------+------------------------------+------------------------------+ | csm | 0.8.14 | cray-shasta-csm-sles15sp1... | cray-shasta-csm-sles15sp1... | | sat | 2.0.1 | - | - | | sdu | 1.0.8 | - | - | | slingshot | 0.8.0 | - | - | | sma | 1.4.12 | - | - | +--------------+-----------------+------------------------------+------------------------------+ ################################################################################ Local Host Operating System ################################################################################ +-----------+----------------------+ | component | version | +-----------+----------------------+ | Kernel | 5.3.18-24.15-default | | SLES | SLES 15-SP2 | +-----------+----------------------+ " +}, +{ + "uri": "/docs-sat/en-26/release_notes/", + "title": "SAT Release Notes", + "tags": [], + "description": "", + "content": "SAT Release Notes Changes in SAT Version 2.x Changes in SAT 2.6 Changes in SAT 2.5 Changes in SAT 2.4 Changes in SAT 2.3 Changes in SAT 2.2 SAT Changes in Shasta Version 1.x SAT Changes in Shasta v1.5 SAT Changes in Shasta v1.4.1 SAT Changes in Shasta v1.4 SAT Changes in Shasta v1.3.2 SAT Changes in Shasta v1.3 " +}, +{ + "uri": "/docs-sat/en-26/usage/change_bos_version/", + "title": "Change the BOS Version", + "tags": [], + "description": "", + "content": "Change the BOS Version By default, SAT uses Boot Orchestration Service (BOS) version two (v2). Select the BOS version to use for individual commands with the --bos-version option. For more information on this option, refer to the man page for a specific command.\nAnother way to change the BOS version is by configuring it under the api_version setting in the bos section of the SAT configuration file. If the system is using an existing SAT configuration file from an older version of SAT, the bos section might not exist. In that case, add the bos section with the BOS version desired in the api_version setting.\nFind the SAT configuration file at ~/.config/sat/sat.toml, and look for a section like this:\n[bos] api_version = \u0026#34;v2\u0026#34; In this example, SAT is using BOS version \u0026quot;v2\u0026quot;.\nChange the line specifying the api_version to the BOS version desired (for example, \u0026quot;v1\u0026quot;).\n[bos] api_version = \u0026#34;v1\u0026#34; If applicable, uncomment the api_version line.\nIf the system is using an existing SAT configuration file from a recent version of SAT, the api_version line might be commented out like this:\n[bos] # api_version = \u0026#34;v2\u0026#34; If the line is commented out, SAT will still use the default BOS version. To ensure a different BOS version is used, uncomment the api_version line by removing # at the beginning of the line.\n" +}, +{ + "uri": "/docs-sat/en-26/release_notes/sat_2.2_release_notes/", + "title": "Changes in SAT 2.2", + "tags": [], + "description": "", + "content": "Changes in SAT 2.2 SAT 2.2.16 was released on February 25th, 2022.\nThis version of the SAT product included:\nVersion 3.14.0 of the sat python package and CLI Version 1.6.4 of the sat-podman wrapper script Version 1.0.4 of the sat-cfs-install container image and Helm chart It also added the following new components:\nVersion 1.4.3 of the sat-install-utility container image Version 2.0.2 of the cfs-config-util container image The following sections detail the changes in this release.\nKnown Issues in SAT 2.2 sat Command Unavailable in sat bash Shell After launching a shell within the SAT container with sat bash, the sat command will not be found.\n((CONTAINER_ID) sat-container#) Here is an example output after running sat status:\nbash: sat: command not found ((CONTAINER_ID) sat-container#) This can be resolved temporarily in one of two ways. /sat/venv/bin/ may be prepended to the $PATH environment variable:\nexport PATH=/sat/venv/bin:$PATH sat status ((CONTAINER_ID) sat-container#) Another option is to source the file /sat/venv/bin/activate:\nsource /sat/venv/bin/activate sat status Tab Completion Unavailable in sat bash Shell After launching a shell within the SAT container with sat bash, tab completion for sat commands does not work.\n((CONTAINER_ID) sat-container#) This can be resolved temporarily by sourcing the file /etc/bash_completion.d/sat-completion.bash:\nsource /etc/bash_completion.d/sat-completion.bash OCI Runtime Permission Error when Running sat in Root Directory sat commands will not work if the current directory is /.\n(ncn-m001#) Here is an example output after running sat --help:\nError: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: open /dev/console: operation not permitted: OCI runtime permission denied error To resolve, run sat in another directory.\nDuplicate Mount Error when Running sat in Configuration Directory sat commands will not work if the current directory is ~/.config/sat.\n(ncn-m001#) Here is an example output after running sat --help:\nError: /root/.config/sat: duplicate mount destination To resolve, run sat in another directory.\nNew sat Commands sat bootprep automates the creation of CFS configurations, the build and customization of IMS images, and the creation of BOS session templates. For more information, see SAT Bootprep. sat slscheck performs a check for consistency between the System Layout Service (SLS) and the Hardware State Manager (HSM). sat bmccreds provides a simple interface for interacting with the System Configuration Service (SCSD) to set BMC Redfish credentials. sat hwhist displays hardware component history by XName (location) or by its Field-Replaceable Unit ID (FRUID). This command queries the Hardware State Manager (HSM) API to obtain this information. Since the sat hwhist command supports querying for the history of a component by its FRUID, the FRUID of components has been added to the output of sat hwinv. Additional Install Automation The following automation has been added to the install script, install.sh:\nWait for the completion of the sat-config-import Kubernetes job, which is started when the sat-cfs-install Helm chart is deployed. Automate the modification of the CFS configuration, which applies to master management NCNs (for example, ncn-personalization). Changes to Product Catalog Data Schema The SAT product uploads additional information to the cray-product-catalog Kubernetes ConfigMap detailing the components it provides, including container (Docker) images, Helm charts, RPMs, and package repositories.\nThis information is used to support uninstall and downgrade of SAT product versions moving forward.\nSupport for Uninstall and Downgrade of SAT Versions Beginning with the 2.2 release, SAT now provides partial support for the uninstall and downgrade of the SAT product stream.\nFor more information, see Uninstall: Remove a Version of SAT and Downgrade: Switch Between SAT Versions.\nImprovements to sat status A Subrole column has been added to the output of sat status. This allows easy differentiation between master, worker, and storage nodes in the management role, for example.\nHostname information from SLS has been added to sat status output.\nAdded Support for JSON Output Support for JSON-formatted output has been added to commands which currently support the --format option, such as hwinv, status, and showrev.\nUsability Improvements Many usability improvements have been made to multiple sat commands, mostly related to filtering command output. The following are some highlights:\nAdded --fields option to display only specific fields for subcommands which display tabular reports. Added ability to filter on exact matches of a field name. Improved handling of multiple matches of a field name in --filter queries so that the first match is used, similar to --sort-by. Added support for --filter, --fields, and --reverse for summaries displayed by sat hwinv. Added borders to summary tables generated by sat hwinv. Improved documentation in the man pages. Default Log Level Changed The default log level for stderr has been changed from \u0026ldquo;WARNING\u0026rdquo; to \u0026ldquo;INFO\u0026rdquo;. For more information, see Update SAT Logging.\nMore Granular Log Level Configuration Options With the command-line options --loglevel-stderr and --loglevel-file, the log level can now be configured separately for stderr and the log file.\nThe existing --loglevel option is now an alias for the --loglevel-stderr option.\nPodman Wrapper Script Improvements The Podman wrapper script is the script installed at /usr/bin/sat on the master management NCNs by the cray-sat-podman RPM that runs the cray-sat container in podman. The following subsections detail improvements that were made to the wrapper script in this release.\nMounting of $HOME and Current Directories in cray-sat Container The Podman wrapper script that launches the cray-sat container with podman has been modified to mount the user\u0026rsquo;s current directory and home directory into the cray-sat container to provide access to local files in the container.\nPodman Wrapper Script Documentation Improvements The man page for the Podman wrapper script, which is accessed by typing man sat on a master management NCN, has been improved to document the following:\nEnvironment variables that affect execution of the wrapper script Host files and directories mounted in the container Fixes to Podman Wrapper Script Output Redirection Fixed issues with redirecting stdout and stderr, and piping output to commands, such as awk, less, and more.\nConfigurable HTTP Timeout A new sat option has been added to configure the HTTP timeout length for requests to the API gateway. For more information, refer to sat-man sat.\nsat bootsys Improvements Many improvements and fixes have been made to sat bootsys. The following are some highlights:\nAdded the --excluded-ncns option, which can be used to omit NCNs from the platform-services and ncn-power stages in case they are inaccessible. Disruptive shutdown stages in sat bootsys shutdown now prompt the user to continue before proceeding. A new option, --disruptive, will bypass this. Improvements to Ceph service health checks and restart during the platform-services stage of sat bootsys boot. sat xname2nid Improvements sat xname2nid can now recursively expand slot, chassis, and cabinet XNames to a list of NIDs in those locations.\nA new --format option has been added to sat xname2nid. It sets the output format to either \u0026ldquo;range\u0026rdquo; (the default) or \u0026ldquo;NID\u0026rdquo;. The \u0026ldquo;range\u0026rdquo; format displays NIDs in a compressed range format suitable for use with a workload manager like Slurm.\nUsage of v2 HSM API The commands which interact with HSM (for example, sat status and sat hwinv) now use the v2 HSM API.\nsat diag Limited to HSN Switches sat diag will now only operate against HSN switches by default. These are the only controllers that support running diagnostics with HMJTD.\nsat showrev Enhancements A column has been added to the output of sat showrev that indicates whether a product version is \u0026ldquo;active\u0026rdquo;. The definition of \u0026ldquo;active\u0026rdquo; varies across products, and not all products may set an \u0026ldquo;active\u0026rdquo; version.\nFor SAT, the active version is the one with its hosted-type package repository in Nexus set as the member of the group-type package repository in Nexus, meaning that it will be used when installing the cray-sat-podman RPM.\ncray-sat Container Image Size Reduction The size of the cray-sat container image has been approximately cut in half by leveraging multi-stage builds. This also improved the repeatability of the unit tests by running them in the container.\nBug Fixes Minor bug fixes were made in cray-sat and in cray-sat-podman. For full change lists, refer to each repository\u0026rsquo;s CHANGELOG.md file.\n" +}, +{ + "uri": "/docs-sat/en-26/about_sat/command_authentication/", + "title": "SAT Command Authentication", + "tags": [], + "description": "", + "content": "SAT Command Authentication Some SAT subcommands make requests to the HPE Cray EX services through the API gateway and thus require authentication to the API gateway in order to function. Other SAT subcommands use the Kubernetes API. Some sat commands require S3 to be configured. In order to use the SAT S3 bucket, the System Administrator must generate the S3 access key and secret keys and write them to a local file. This must be done on every Kubernetes control plane node where SAT commands are run.\nFor more information on authentication requests, see System Security and Authentication in the Cray System Management Documentation. The following is a table describing SAT commands and the types of authentication they require.\nSAT Subcommand Authentication/Credentials Required Man Page Description sat auth Responsible for authenticating to the API gateway and storing a token. sat-auth Authenticate to the API gateway and save the token. sat bmccreds Requires authentication to the API gateway. sat-bmccreds Set BMC passwords. sat bootprep Requires authentication to the API gateway. Requires Kubernetes configuration and authentication, which is done on ncn-m001 during the install. sat-bootprep Prepare to boot nodes with images and configurations. sat bootsys Requires authentication to the API gateway. Requires Kubernetes configuration and authentication, which is configured on ncn-m001 during the install. Some stages require passwordless SSH to be configured to all other NCNs. Requires S3 to be configured for some stages. sat-bootsys Boot or shutdown the system, including compute nodes, application nodes, and non-compute nodes (NCNs) running the management software. sat diag Requires authentication to the API gateway. sat-diag Launch diagnostics on the HSN switches and generate a report. sat firmware Requires authentication to the API gateway. sat-firmware Report firmware version. sat hwhist Requires authentication to the API gateway. sat-hwhist Report hardware component history. sat hwinv Requires authentication to the API gateway. sat-hwinv Give a listing of the hardware of the HPE Cray EX system. sat hwmatch Requires authentication to the API gateway. sat-hwmatch Report hardware mismatches. sat init None sat-init Create a default SAT configuration file. sat jobstat Requires authentication to the API gateway. sat-jobstat Check the status of jobs and applications. sat k8s Requires Kubernetes configuration and authentication, which is automatically configured on ncn-m001 during the install. sat-k8s Report on Kubernetes replica sets that have co-located (on the same node) replicas. sat linkhealth This command has been deprecated. sat nid2xname Requires authentication to the API gateway. sat-nid2xname Translate node IDs to node XNames. sat sensors Requires authentication to the API gateway. sat-sensors Report current sensor data. sat setrev Requires S3 to be configured for site information such as system name, serial number, install date, and site name. sat-setrev Set HPE Cray EX system revision information. sat showrev Requires API gateway authentication in order to query the Interconnect from HSM. Requires S3 to be configured for site information such as system name, serial number, install date, and site name. sat-showrev Print revision information for the HPE Cray EX system. sat slscheck Requires authentication to the API gateway. sat-slscheck Perform a cross-check between SLS and HSM. sat status Requires authentication to the API gateway. sat-status Report node status across the HPE Cray EX system. sat swap Requires authentication to the API gateway. sat-swap Prepare HSN switch or cable for replacement and bring HSN switch or cable into service. sat xname2nid Requires authentication to the API gateway. sat-xname2nid Translate node and node BMC XNames to node IDs. sat switch This command has been deprecated. It has been replaced by sat swap. In order to authenticate to the API gateway, run the sat auth command. This command will prompt for a password on the command line. The username value is obtained from the following locations, in order of higher precedence to lower precedence:\nThe --username global command-line option. The username option in the api_gateway section of the configuration file at ~/.config/sat/sat.toml. The name of currently logged in user running the sat command. If credentials are entered correctly when prompted by sat auth, a token file will be obtained and saved to ~/.config/sat/tokens. Subsequent sat commands will determine the username the same way as sat auth described above and will use the token for that username if it has been obtained and saved by sat auth.\n" +}, +{ + "uri": "/docs-sat/en-26/usage/multi-tenancy/", + "title": "Configure Multi-tenancy", + "tags": [], + "description": "", + "content": "Configure Multi-tenancy SAT supports supplying tenant information to CSM services in order to allow tenant admins to use SAT within their tenant. By default, the tenant name is not set, and SAT will not send any tenant information with its requests to CSM services. Configure the tenant name either in the SAT configuration file or on the command line.\nConfigure the Tenant Name in the SAT Configuration File Set the tenant name in the SAT configuration file using the api_gateway.tenant_name option.\nHere is an example:\n[api_gateway] tenant_name = \u0026#34;my_tenant\u0026#34; Configure the Tenant Name on the Command Line Set the tenant name for each sat invocation using the --tenant-name option. The --tenant-name option must be specified before the subcommand name.\n(ncn-m001#) Here is an example:\nsat --tenant-name=my_tenant status " +}, +{ + "uri": "/docs-sat/en-26/release_notes/sat_2.3_release_notes/", + "title": "Changes in SAT 2.3", + "tags": [], + "description": "", + "content": "Changes in SAT 2.3 The 2.3.4 version of the SAT product includes:\nVersion 3.15.4 of the sat python package and CLI Version 1.6.11 of the sat-podman wrapper script Version 1.2.0 of the sat-cfs-install container image Version 2.0.0 of the sat-cfs-install Helm chart Version 1.5.0 of the sat-install-utility container image Version 2.0.3 of the cfs-config-util container image New sat Commands None.\nCurrent Working Directory in SAT Container When running sat commands, the current working directory is now mounted in the container as /sat/share, and the current working directory within the container is also /sat/share.\nFiles in the current working directory must be specified using relative paths to that directory, because the current working directory is always mounted on /sat/share. Absolute paths should be avoided, and paths that are outside of $HOME or $PWD are never accessible to the container environment.\nThe home directory is still mounted on the same path inside the container as it is on the host.\nChanges to sat bootsys The following options were added to sat bootsys.\n--bos-limit --recursive The --bos-limit option passes a given limit string to a BOS session. The --recursive option specifies a slot or other higher-level component in the limit string.\nChanges to sat bootprep The --delete-ims-jobs option was added to sat bootprep run. It deletes IMS jobs after sat bootprep is run. Jobs are no longer deleted by default.\nChanges to sat status sat status now includes information about nodes\u0026rsquo; CFS configuration statuses, such as desired configuration, configuration status, and error count.\nThe output of sat status now splits different component types into different report tables.\nThe following options were added to sat status.\n--hsm-fields, --sls-fields, --cfs-fields --bos-template The --hsm-fields, --sls-fields, --cfs-fields options limit the output columns according to specified CSM services.\nThe --bos-template option filters the status report according to the specified session template\u0026rsquo;s boot sets.\nCompatibility with CSM 1.2 The following components were modified to be compatible with CSM 1.2.\nsat-cfs-install container image and Helm chart sat-install-utility container image SAT product installer GPG Checking The sat-ncn Ansible role provided by sat-cfs-install was modified to enable GPG checks on packages while leaving GPG checks disabled on repository metadata.\nSecurity Updated urllib3 dependency to version 1.26.5 to mitigate CVE-2021-33503 and refreshed Python dependency versions.\nBug Fixes Minor bug fixes were made in each of the repositories. For full change lists, refer to each repository’s CHANGELOG.md file.\nThe known issues listed under the SAT 2.2 release were fixed.\n" +}, +{ + "uri": "/docs-sat/en-26/about_sat/dependencies/", + "title": "SAT Dependencies", + "tags": [], + "description": "", + "content": "SAT Dependencies Most sat subcommands depend on services or components from other products in the HPE Cray EX software stack. The following list shows these dependencies for each subcommand. Each service or component is listed under the product it belongs to.\nsat auth CSM Keycloak sat bmccreds CSM System Configuration Service (SCSD) sat bootprep CSM Boot Orchestration Service (BOS) Configuration Framework Service (CFS) Image Management Service (IMS) Version Control Service (VCS) Kubernetes S3 sat bootsys CSM Boot Orchestration Service (BOS) Cray Advanced Platform Monitoring and Control (CAPMC) Ceph Etcd Firmware Action Service (FAS) Hardware State Manager (HSM) Kubernetes S3 HPE Cray Supercomputing User Services Software (USS) Node Memory Dump (NMD) sat diag CSM Hardware State Manager (HSM) CSM-Diags Fox sat firmware CSM Firmware Action Service (FAS) sat hwhist CSM Hardware State Manager (HSM) sat hwinv CSM Hardware State Manager (HSM) sat hwmatch CSM Hardware State Manager (HSM) sat init None\nsat jobstat PBS HPE State Checker sat k8s CSM Kubernetes sat nid2xname CSM Hardware State Manager (HSM) sat sensors CSM Hardware State Manager (HSM) HM Collector SMA Telemetry API sat setrev CSM S3 sat showrev CSM Hardware State Manager (HSM) Kubernetes S3 sat slscheck CSM Hardware State Manager (HSM) System Layout Service (SLS) sat status CSM Boot Orchestration Service (BOS) Configuration Framework Service (CFS) Hardware State Manager (HSM) Image Management Service (IMS) System Layout Service (SLS) sat swap Slingshot Fabric Manager sat switch Deprecated: See sat swap\nsat xname2nid CSM Hardware State Manager (HSM) " +}, +{ + "uri": "/docs-sat/en-26/release_notes/sat_2.4_release_notes/", + "title": "Changes in SAT 2.4", + "tags": [], + "description": "", + "content": "Changes in SAT 2.4 The 2.4.13 version of the SAT product includes:\nVersion 3.19.3 of the sat python package and CLI. Version 2.0.0-1 of the sat-podman wrapper script. Version 1.5.5 of the sat-install-utility container image. Version 3.3.1 of the cfs-config-util container image. Because of installation refactoring efforts, the following two components are no longer delivered with SAT:\nsat-cfs-install container image sat-cfs-install Helm chart Inclusion of SAT in CSM A version of the cray-sat container image is now included in CSM. For more information, see SAT in CSM.\nSAT Installation Improvements The SAT install.sh script no longer uses a sat-cfs-install Helm chart and container image to upload its Ansible content to the sat-config-management repository in VCS. Instead, it uses Podman to run the cf-gitea-import container directly. Some of the benefits of this change include the following:\nFewer container images that need to be managed by the SAT product Simplified SAT installation without Helm charts or Loftsman manifests Reduced SAT installation time Decoupling of cray-sat container image and cray-sat-podman package Decoupling of cray-sat Container Image and cray-sat-podman Package In older SAT releases, the sat wrapper script that was provided by the cray-sat-podman package installed on Kubernetes control plane nodes included a hard-coded version of the cray-sat container image. As a result, every new version of the cray-sat image required a corresponding new version of the cray-sat-podman package.\nIn this release, this tight coupling of the cray-sat-podman package and the cray-sat container image was removed. The sat wrapper script provided by the cray-sat-podman package now looks for the version of the cray-sat container image in the /opt/cray/etc/sat/version file. This file is populated with the correct version of the cray-sat container image by the SAT layer of the CFS configuration that is applied to management NCNs. If the version file does not exist, the wrapper script defaults to the version of the cray-sat container image delivered with the latest version of CSM installed on the system.\nImproved NCN Personalization Automation The steps for performing NCN personalization as part of the SAT installation were moved out of the install.sh script and into a new update-mgmt-ncn-cfs-config.sh script that is provided in the SAT release distribution. The new script provides additional flexibility in how it modifies the NCN personalization CFS configuration for SAT. It can modify an existing CFS configuration by name, a CFS configuration being built in a JSON file, or an existing CFS configuration that applies to certain components.\nNew sat bootprep Features The following new features were added to the sat bootprep command:\nVariable substitutions using Jinja2 templates in certain fields of the sat bootprep input file\nFor more information, see HPC CSM Software Recipe Variable Substitutions and Dynamic Variable Substitutions.\nSchema version validation in the sat bootprep input files\nFor more information, see Provide a Schema Version.\nAbility to look up images and recipes provided by products\nFor more information, see Define IMS Images.\nThe schema of the sat bootprep input files was also changed to support these new features:\nThe base recipe or image used by an image in the input file should now be specified under a base key instead of under an ims key. The old ims key is deprecated. To specify an image that depends on another image in the input file, the dependent image should specify the dependency under base.image_ref. Going forward, do not use the IMS name of the image on which it depends. The image used by a session template should now be specified under image.ims.name, image.ims.id, or image.image_ref. Specifying a string value directly under the image key is deprecated. For more information on defining IMS images and BOS session templates in the sat bootprep input file, see Define IMS Images and Define BOS Session Templates.\nAdded Blade Swap Support to sat swap The sat swap command was updated to support swapping compute and UAN blades with sat swap blade. This functionality is described in the following processes of the Cray System Management Documentation:\nAdding a Liquid-cooled blade to a System Using SAT Removing a Liquid-cooled blade from a System Using SAT Replace a Compute Blade Using SAT Swap a Compute Blade with a Different System Using SAT Support for BOS v2 A new v2 version of the Boot Orchestration Service (BOS) is available in CSM 1.3.0. SAT has added support for BOS v2. This impacts the following commands that interact with BOS:\nsat bootprep sat bootsys sat status By default, SAT uses BOS v1. To change the default to a different BOS version, see Change the BOS Version.\nAdded BOS Fields to sat status When using BOS v2, sat status outputs additional fields. These fields show the most recent BOS session, session template, booted image, and boot status for each node. An additional --bos-fields option was added to limit the output of sat status to these fields. The fields are not displayed when using BOS v1.\nOpen Source Repositories This is the first release of SAT built from open source code repositories. As a result, build infrastructure was changed to use an external Jenkins instance, and artifacts are now published to an external Artifactory instance. These changes should not impact the functionality of the SAT product in any way.\nSecurity CVE Mitigation The paramiko Python package version was updated from 2.9.2 to 2.10.1 to mitigate CVE-2022-24302. The oauthlib Python package version was updated from 3.2.0 to 3.2.1 to mitigate CVE-2022-36087. Restricted Permissions on SAT Configuration Files and Directories SAT stores information used to authenticate to the API gateway with Keycloak. Token files are stored in the ~/.config/sat/tokens/ directory. Those files have always had permissions appropriately set to restrict them to be readable only by the user.\nKeycloak usernames used to authenticate to the API gateway are stored in the SAT configuration file at /.config/sat/sat.toml. Keycloak usernames are also used in the file names of tokens stored in /.config/sat/tokens. As an additional security measure, SAT now restricts the permissions of the SAT configuration file to be readable and writable only by the user. It also restricts the tokens directory and the entire SAT configuration directory ~/.config/sat to be accessible only by the user. This prevents other users on the system from viewing Keycloak usernames used to authenticate to the API gateway.\nBug Fixes Fixed an issue where sat init did not print a message confirming a new configuration file was created. Fixed an issue where sat showrev exited with a traceback if the file /opt/cray/etc/site_info.yaml existed but was empty. This could occur if the user exited sat setrev with Ctrl-C. Fixed outdated information in the sat bootsys man page, and added a description of the command stages. " +}, +{ + "uri": "/docs-sat/en-26/usage/sat_and_iuf/", + "title": "SAT and IUF", + "tags": [], + "description": "", + "content": "SAT and IUF The Install and Upgrade Framework (IUF) provides commands which install, upgrade, and deploy products on systems managed by CSM with the help of sat bootprep. Outside of IUF, it is uncommon to use sat bootprep. For more information on IUF, see the IUF section of the Cray System Management Documentation. For more information on sat bootprep, see SAT Bootprep.\nVariable Substitutions Both IUF and sat bootprep allow variable substitutions into the default HPC CSM Software Recipe bootprep input files. The default variables of the HPC CSM Software Recipe are available in a product_vars.yaml file. To override the default variables, specify any site variables in a site_vars.yaml file. Variables are sourced from the command line, any variable files directly provided, and the HPC CSM Software Recipe files used, in that order.\nIUF Session Variables IUF also has special session variables internal to the iuf command that override any matching entries. Session variables are the set of product and version combinations being installed by the current IUF activity, and they are found inside IUF\u0026rsquo;s internal session_vars.yaml file. For more information on IUF and variable substitutions, see the IUF section of the Cray System Management Documentation.\nSAT Variable Limitations When using sat bootprep outside of IUF, substituting variables into the default bootprep input files might cause problems. Complex variables like \u0026quot;{{ working_branch }}\u0026quot; cannot be completely resolved outside of IUF and its internal session variables. Thus, the default product_vars.yaml file is unusable with only the sat bootprep command when variables like \u0026quot;{{ working_branch }}\u0026quot; are used. To work around this limitation when substituting complex variables, use the internal IUF session_vars.yaml file with sat bootprep and the default bootprep input files.\nFind the session_vars.yaml file from the most recent IUF activity on the system.\nThis process is documented in the upgrade prerequisites procedure of the Cray System Management Documentation. For more information, see steps 1-6 of Stage 0.3 - Option 2.\n(ncn-m001#) Use the session_vars.yaml file to substitute variables into the default bootprep input files.\nsat bootprep run --vars-file session_vars.yaml Limit SAT Bootprep Run into Stages The sat bootprep run command uses information from the bootprep input files to create CFS configurations, IMS images, and BOS session templates. To restrict this creation into separate stages, use the --limit option and list whether to create configurations, images, session_templates, or some combination of these. IUF uses the --limit option in this way to install, upgrade, and deploy products on a system in stages.\n(ncn-m001#) For example, to create only CFS configurations, run the following command used by the IUF update-cfs-config stage:\nsat bootprep run --limit configurations example-bootprep-input-file.yaml Example output:\nINFO: Validating given input file example-bootprep-input-file.yaml INFO: Input file successfully validated against schema INFO: Creating 3 CFS configurations ... INFO: Skipping creation of IMS images based on value of --limit option. INFO: Skipping creation of BOS session templates based on value of --limit option. (ncn-m001#) To create only IMS images and BOS session templates, run the following command used by the IUF prepare-images stage:\nsat bootprep run --limit images --limit session_templates example-bootprep-input-file.yaml Example output:\nINFO: Validating given input file example-bootprep-input-file.yaml INFO: Input file successfully validated against schema INFO: Skipping creation of CFS configurations based on value of --limit option. " +}, +{ + "uri": "/docs-sat/en-26/about_sat/introduction/", + "title": "Introduction to SAT", + "tags": [], + "description": "", + "content": "Introduction to SAT About System Admin Toolkit (SAT) The System Admin Toolkit (SAT) is designed to assist administrators with common tasks, such as troubleshooting and querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components.\nSAT offers a command line utility which uses subcommands. There are similarities between SAT commands and xt commands used on the Cray XC platform. For more information on SAT commands, see SAT Command Overview.\nIn CSM 1.3 and newer, the sat command is automatically available on all the Kubernetes control plane. For more information, see SAT in CSM. Older versions of CSM do not have the sat command automatically available, and SAT must be installed as a separate product.\nSAT Command Overview Describes the SAT Command Line Utility, lists the key commands found in the System Admin Toolkit man pages, and provides instruction on the SAT Container Environment.\nSAT Command Line Utility The primary component of the System Admin Toolkit (SAT) is a command-line utility run from Kubernetes control plane nodes (ncn-m nodes).\nIt is designed to assist administrators with common tasks, such as troubleshooting and querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components. There are similarities between SAT commands and xt commands used on the Cray XC platform.\nSAT Commands The top-level SAT man page describes the toolkit, documents the global options affecting all subcommands, documents configuration file options, and references the man page for each subcommand. SAT consists of many subcommands that each have their own set of options.\nSAT Container Environment The sat command-line utility runs in a container using Podman, a daemonless container runtime. SAT runs on Kubernetes control plane nodes. A few important points about the SAT container environment include the following:\nUsing either sat or sat bash always launches a container. The SAT container does not have access to the NCN file system. There are two ways to run sat.\nInteractive: Launching a container using sat bash, followed by a sat command. Non-interactive: Running a sat command directly on a Kubernetes control plane node. In both of these cases, a container is launched in the background to execute the command. The first option, running sat bash first, gives an interactive shell, at which point sat commands can be run. In the second option, the container is launched, executes the command, and upon the command\u0026rsquo;s completion the container exits. The following two examples show the same action, checking the system status, using both modes.\n(ncn-m001#) Here is an example using interactive mode:\nsat bash ((CONTAINER_ID) sat-container#) Example sat command after a container is launched:\nsat status (ncn-m001#) Here is an example using non-interactive mode:\nsat status Interactive Advantages Running sat using the interactive command prompt gives the ability to read and write local files on ephemeral container storage. If multiple sat commands are being run in succession, use sat bash to launch the container beforehand. This will save time because the container does not need to be launched for each sat command.\nNon-interactive Advantages The non-interactive mode is useful if calling sat with a script, or when running a single sat command as a part of several steps that need to be executed from a management NCN.\nMan Pages - Interactive and Non-interactive Modes To view a sat man page from a Kubernetes control plane node, use sat-man on the manager node.\n(ncn-m001#) Here is an example:\nsat-man status A man page describing the SAT container environment is available on the Kubernetes control plane nodes, which can be viewed either with man sat or man sat-podman from the manager node.\n(ncn-m001#) Here are examples:\nman sat man sat-podman Command Prompt Conventions in SAT The host name in a command prompt indicates where the command must be run. The user account that must run the command is also indicated in the prompt.\nThe root or super-user account always has host name in the prompt and the # character at the end of the prompt. Any non-root account is indicated with account@hostname\u0026gt;. A non-privileged account is referred to as user. The command prompt inside the SAT container environment is indicated with the string as follows. It also has the # character at the end of the prompt. Command Prompt Meaning ncn-m001# Run the command as root on the specific Kubernetes control plane server which has this hostname (ncn-m001 in this example). (Non-interactive) user@hostname\u0026gt; Run the command as any non-root user on the specified hostname. (Non-interactive) (venv) user@hostname\u0026gt; Run the command as any non-root user within a Python virtual environment on the specified hostname. (Non-interactive) (CONTAINER_ID) sat-container# Run the command inside the SAT container environment by first running sat bash. (Interactive) These command prompts should be inserted into text before the fenced code block instead of inside of it. This is a change from the documentation of SAT 2.5 and earlier. Here is an example of the new use of the command prompt:\n(ncn-m001#) Example first step.\nyes \u0026gt;/dev/null " +}, +{ + "uri": "/docs-sat/en-26/release_notes/sat_2.5_release_notes/", + "title": "Changes in SAT 2.5", + "tags": [], + "description": "", + "content": "Changes in SAT 2.5 The 2.5.17 version of the SAT product includes:\nVersion 3.21.4 of the sat python package and CLI. Version 2.0.0-1 of the sat-podman wrapper script. Version 1.6.0 of the sat-install-utility container image. Version 3.3.1 of the cfs-config-util container image. New sat Commands sat jobstat allows access to application and job data through the command line. It provides a table summarizing information for all jobs on the system.\nChanges to sat bootprep A list-vars subcommand was added to sat bootprep.\nIt lists the variables available for use in bootprep input files at runtime.\nA --limit option was added to sat bootprep run.\nIt restricts the creation of CFS configurations, IMS images, and BOS session templates into separate stages. For more information, see Limit SAT Bootprep Run into Stages.\nsat bootprep now prompts individually for each CFS configuration that already exists.\nsat bootprep can now filter images provided by a product by using a prefix.\nThis is useful when specifying the base of an image in a bootprep input file. For more information, see Define IMS Images.\nTo support product names with hyphens, sat bootprep now converts hyphens to underscores within variables.\nFor more information, see Hyphens in HPC CSM Software Recipe Variables.\nIn sat bootprep input files, the value of the playbook property of CFS configuration layers can now be rendered with Jinja2 templates.\nFor more information, see Values Supporting Jinja2 Template Rendering.\nOutput was added to sat bootprep run that summarizes the CFS configurations, IMS images, and BOS session templates created.\nFor more information, see Summary of SAT Bootprep Results.\nImprovements were made to the sat bootprep output when CFS configuration and BOS session templates are created.\nChanges to sat bootsys A reboot subcommand was added to sat bootsys. It uses BOS to reboot nodes in the bos-operations stage. The --staged-session option was added to sat bootsys. It can be used to create staged BOS sessions. For more information, refer to Staging Changes with BOS in the Cray System Management Documentation. Changes to Other sat Commands When switching SAT versions with prodmgr, a version is no longer set as \u0026ldquo;active\u0026rdquo; in the product catalog. The \u0026ldquo;active\u0026rdquo; field was also removed from the output of sat showrev. Improvements were made to the performance of sat status when using BOS version two. New Install and Upgrade Framework The new Install and Upgrade Framework (IUF) provides commands which install, upgrade, and deploy products with the help of sat bootprep on HPE Cray EX systems managed by Cray System Management (CSM). IUF capabilities are described in detail in the IUF section of the Cray System Management Documentation. The initial install and upgrade workflows described in the HPE Cray EX System Software Stack Installation and Upgrade Guide for CSM (S-8052) detail when and how to use IUF with a new release of SAT or any other HPE Cray EX product.\nBecause IUF now handles NCN personalization, information about this process was removed from the SAT documentation. Other sections in the documentation were also revised to support the new Install and Upgrade Framework. For example, the SAT Installation and SAT Upgrade sections of this guide now provide details on software and configuration content specific to SAT. The Cray System Management Documentation will indicate when these sections should be referred to for detailed information.\nFor more information on the relationship between sat bootprep and IUF, see SAT and IUF.\nNew Default BOS Version By default, SAT now uses version two of the Boot Orchestration Service (BOS). This change to BOS v2 impacts the following commands that interact with BOS:\nsat bootprep sat bootsys sat status To change the default to a different BOS version, see Change the BOS Version.\nSecurity Updated the version of certifi in the sat python package and CLI from 2021.10.8 to 2022.12.7 to resolve CVE-2022-23491. Updated the version of certifi in the sat-install-utility container image from 2021.5.30 to 2022.12.7 to resolve CVE-2022-23491. Updated the version of oauthlib from 3.2.1 to 3.2.2 to resolve CVE-2022-36087. Updated the version of cryptography from 36.0.1 to 39.0.1 to resolve CVE-2023-23931. Bug Fixes Fixed a bug that prevented sat init from creating a configuration file in the current directory when not prefixed with ./. Fixed a bug in which sat status failed with a traceback when using BOS version two and reported components whose most recent image did not exist. Fixed a build issue where the sat container could contain a different version of kubectl than the version found in CSM. Fixed error handling and improved command messages for sat bootprep and sat swap blade. " +}, +{ + "uri": "/docs-sat/en-26/usage/sat_bootprep/", + "title": "SAT Bootprep", + "tags": [], + "description": "", + "content": "SAT Bootprep SAT provides an automated solution for creating CFS configurations, building and configuring images in IMS, and creating BOS session templates. The solution is based on a given input file that defines how those configurations, images, and session templates should be created. This automated process centers around the sat bootprep command. Man page documentation for sat bootprep can be viewed similar to other SAT commands.\n(ncn-m001#) Here is an example:\nsat-man sat-bootprep The sat bootprep command helps the Install and Upgrade Framework (IUF) install, upgrade, and deploy products on systems managed by CSM. Outside of IUF, it is uncommon to use sat bootprep. For more information on this relationship, see SAT and IUF. For more information on IUF, see the IUF section of the Cray System Management Documentation.\nSAT Bootprep vs SAT Bootsys sat bootprep is used to create CFS configurations, build and rename IMS images, and create BOS session templates which tie the configurations and images together during a BOS session.\nsat bootsys automates several portions of the boot and shutdown processes, including (but not limited to) performing BOS operations (such as creating BOS sessions), powering on and off cabinets, and checking the state of the system prior to shutdown.\nEdit a Bootprep Input File The input file provided to sat bootprep is a YAML-formatted file containing information which CFS, IMS, and BOS use to create configurations, images, and BOS session templates respectively. Writing and modifying these input files is the main task associated with using sat bootprep. An input file is composed of three main sections, one each for configurations, images, and session templates. These sections may be specified in any order, and any of the sections may be omitted if desired.\nProvide a Schema Version The sat bootprep input file is validated against a versioned schema definition. The input file should specify the version of the schema with which it is compatible under a schema_version key. For example:\n--- schema_version: 1.0.2 (ncn-m001#) The current sat bootprep input file schema version can be viewed with the following command:\nsat bootprep view-schema | grep \u0026#39;^version:\u0026#39; Example output:\nversion: \u0026#39;1.0.2\u0026#39; The sat bootprep run command validates the schema version specified in the input file. The command also makes sure that the schema version of the input file is compatible with the schema version understood by the current version of sat bootprep. For more information on schema version validation, refer to the schema_version property description in the bootprep input file schema. For more information on viewing the bootprep input file schema in either raw form or user-friendly HTML form, see View SAT Bootprep Schema.\nThe default HPC CSM Software Recipe bootprep input files provided by the hpc-csm-software-recipe release distribution already contain the correct schema version.\nDefine CFS Configurations The CFS configurations are defined under a configurations key. Under this key, list one or more configurations to create. For each configuration, give a name in addition to the list of layers that comprise the configuration.\nEach layer can be defined by a product name and optionally a version number, commit hash, or branch in the product\u0026rsquo;s configuration repository. If this method is used, the layer is created in CFS by looking up relevant configuration information (including the configuration repository and commit information) from the cray-product-catalog Kubernetes ConfigMap as necessary. A version may be supplied. However, if it is absent, the version is assumed to be the latest version found in the cray-product-catalog.\nAlternatively, a configuration layer can be defined by explicitly referencing the desired configuration repository. Specify the intended version of the Ansible playbooks by providing a branch name or commit hash with branch or commit.\nThe following example shows a CFS configuration with two layers. The first layer is defined in terms of a product name and version, and the second layer is defined in terms of a Git clone URL and branch:\n--- configurations: - name: example-configuration layers: - name: example-product playbook: example.yml product: name: example version: 1.2.3 - name: another-example-product playbook: another-example.yml git: url: \u0026#34;https://vcs.local/vcs/another-example-config-management.git\u0026#34; branch: main When sat bootprep is run against an input file, a CFS configuration is created corresponding to each configuration in the configurations section. For example, the configuration created from an input file with the layers listed above might look something like the following:\n{ \u0026#34;lastUpdated\u0026#34;: \u0026#34;2022-02-07T21:47:49Z\u0026#34;, \u0026#34;layers\u0026#34;: [ { \u0026#34;cloneUrl\u0026#34;: \u0026#34;https://vcs.local/vcs/example-config-management.git\u0026#34;, \u0026#34;commit\u0026#34;: \u0026#34;\u0026lt;commit hash\u0026gt;\u0026#34;, \u0026#34;name\u0026#34;: \u0026#34;example product\u0026#34;, \u0026#34;playbook\u0026#34;: \u0026#34;example.yml\u0026#34; }, { \u0026#34;cloneUrl\u0026#34;: \u0026#34;https://vcs.local/vcs/another-example-config-management.git\u0026#34;, \u0026#34;commit\u0026#34;: \u0026#34;\u0026lt;commit hash\u0026gt;\u0026#34;, \u0026#34;name\u0026#34;: \u0026#34;another example product\u0026#34;, \u0026#34;playbook\u0026#34;: \u0026#34;another-example.yml\u0026#34; } ], \u0026#34;name\u0026#34;: \u0026#34;example-configuration\u0026#34; } Define IMS Images The IMS images are defined under an images key. Under the images key, the user may define one or more images to be created in a list. Each element of the list defines a separate IMS image to be built and/or configured. Images must contain a name key and a base key.\nThe name key defines the name of the resulting IMS image. The base key defines the base image to be configured or the base recipe to be built and optionally configured. One of the following keys must be present under the base key:\nUse an ims key to specify an existing image or recipe in IMS. Use a product key to specify an image or recipe provided by a particular version of a product. If a product provides more than one image or recipe, specify a filter to select one. For more information, see Filter Base Images or Recipes from a Product. Use an image_ref key to specify another image from the input file using its ref_name. Images may also contain the following keys:\nUse a configuration key to specify a CFS configuration with which to customize the built image. If a configuration is specified, then configuration groups must also be specified using the configuration_group_names key. Use a ref_name key to specify a unique name that can refer to this image within the input file in other images or in session templates. The ref_name key allows references to images from the input file that have dynamically generated names as described in Dynamic Variable Substitutions. Use a description key to describe the image in the bootprep input file. Note that this key is not currently used. Use Base Images or Recipes from IMS Here is an example of an image using an existing IMS recipe as its base. This example builds an IMS image from that recipe. It then configures it with a CFS configuration named example-compute-config. The example-compute-config CFS configuration can be defined under the configurations key in the same input file, or it can be an existing CFS configuration. Running sat bootprep against this input file results in an image named example-compute-image.\nimages: - name: example-compute-image description: \u0026gt; An example compute node image built from an existing IMS recipe. base: ims: name: example-compute-image-recipe type: recipe configuration: example-compute-config configuration_group_names: - Compute Use Base Images or Recipes from a Product Here is an example showing the definition of two images. The first image is built from a recipe provided by the uss product. The second image uses the first image as a base and configures it with a configuration named example-compute-config. The value of the first image\u0026rsquo;s ref_name key is used in the second image\u0026rsquo;s base.image_ref key to specify it as a dependency. Running sat bootprep against this input file results in two images, the first named example-uss-image and the second named example-compute-image.\nimages: - name: example-uss-image ref_name: example-uss-image description: \u0026gt; An example image built from the recipe provided by the USS product. base: product: name: uss version: 1.0.0 type: recipe - name: example-compute-image description: \u0026gt; An example image that is configured from an image built from the recipe provided by the USS product. base: image_ref: example-uss-image configuration: example-compute-config configuration_group_names: - Compute This example assumes that the given version of the uss product provides only a single IMS recipe. If more than one recipe is provided by the given version of the uss product, use a filter as described in Filter Base Images or Recipes from a Product.\nFilter Base Images or Recipes from a Product A product may provide more than one image or recipe. If this happens, filter the product\u0026rsquo;s images or recipes whenever a base image or recipe from that product is used. Beneath the base.product value within an image, specify a filter key to create a filter using the following criteria:\nUse the prefix key to filter based on a prefix matching the name of the image or recipe. Use the wildcard key to filter based on a shell-style wildcard matching the name of the image or recipe. Use the arch key to filter based on the target architecture of the image or recipe in IMS. When specifying more than one filter key, all filters must match only the desired image or recipe. An error occurs if either no images or recipes match the given filters or if more than one image or recipe matches the given filters.\nHere is an example of three IMS images built from the Kubernetes image and the Ceph storage image provided by the csm product. This example uses a prefix filter to select from the multiple images provided by the CSM product. The first two IMS images in the example find any image from the specified csm product version whose name starts with secure-kubernetes. The third image in the example finds any csm image whose name starts with secure-storage-ceph. All three images are then configured with a configuration named example-management-config. Running sat bootprep against this input file results in three IMS images named worker-example-csm-image, master-example-csm-image, and storage-example-csm-image.\nimages: - name: worker-example-csm-image base: product: name: csm version: 1.4.1 type: image filter: prefix: secure-kubernetes configuration: example-management-config configuration_group_names: - Management_Worker - name: master-example-csm-image base: product: name: csm version: 1.4.1 type: image filter: prefix: secure-kubernetes configuration: example-management-config configuration_group_names: - Management_Master - name: storage-example-csm-image base: product: name: csm version: 1.4.1 type: image filter: prefix: secure-storage-ceph configuration: example-management-config configuration_group_names: - Management_Storage Here is an example of two IMS images built from recipes provided by the uss product. This example uses an architecture filter to select from the multiple recipes provided by the USS product. The first image will be built from the x86_64 version of the IMS recipe provided by the specified version of the uss product. The second image will be built from the aarch64 version of the IMS recipe provided by the specified version of the uss product.\nimages: - name: example-uss-image-x86_64 ref_name: example-uss-image-x86_64 description: \u0026gt; An example image built from the x86_64 recipe provided by the USS product. base: product: name: uss version: 1.0.0 type: recipe filter: arch: x86_64 - name: example-uss-image-aarch64 ref_name: example-uss-image-aarch64 description: \u0026gt; An example image built from the aarch64 recipe provided by the USS product. base: product: name: uss version: 1.0.0 type: recipe filter: arch: aarch64 Define BOS Session Templates The BOS session templates are defined under the session_templates key. Each session template must provide values for the name, image, configuration, and bos_parameters keys. The name key defines the name of the resulting BOS session template. The image key defines the image to use in the BOS session template. One of the following keys must be present under the image key:\nUse an ims key to specify an existing image or recipe in IMS. Use an image_ref key to specify another image from the input file using its ref_name. The configuration key defines the CFS configuration specified in the BOS session template.\nThe bos_parameters key defines parameters that are passed through directly to the BOS session template. The bos_parameters key should contain a boot_sets key, and each boot set in the session template should be specified under boot_sets. Each boot set can contain the following keys, all of which are optional:\nUse an arch key to specify the architecture of the nodes that should be targeted by the boot set. Valid values are the same as those used by Hardware State Manager (HSM). Use a kernel_parameters key to specify the parameters passed to the kernel on the command line. Use a network key to specify the network over which the nodes boot. Use a node_list key to specify the nodes to add to the boot set. Use a node_roles_groups key to specify the HSM roles to add to the boot set. Use a node_groups key to specify the HSM groups to add to the boot set. Use a rootfs_provider key to specify the root file system provider. Use a rootfs_provider_passthrough key to specify the parameters to add to the rootfs= kernel parameter. As mentioned above, the parameters under bos_parameters are passed through directly to BOS. For more information on the properties of a BOS boot set, refer to BOS Session Templates in the Cray System Management Documentation.\nHere is an example of a BOS session template that refers to an existing IMS image by name and targets nodes with the role Compute and the architecture X86 in HSM:\nsession_templates: - name: example-session-template image: ims: name: example-image configuration: example-configuration bos_parameters: boot_sets: example_boot_set: arch: X86 kernel_parameters: ip=dhcp quiet node_roles_groups: - Compute rootfs_provider: cpss3 rootfs_provider_passthrough: dvs:api-gw-service-nmn.local:300:nmn0 Here is an example of a BOS session template that refers to an image from the input file by its ref_name and targets nodes with the role Compute and the architecture ARM in HSM. Note that using the image_ref key requires that an image defined in the input file specifies example-image as the value of its ref_name key.\nsession_templates: - name: example-session-template image: image_ref: example-image configuration: example-configuration bos_parameters: boot_sets: example_boot_set: arch: ARM kernel_parameters: ip=dhcp quiet node_roles_groups: - Compute rootfs_provider: cpss3 rootfs_provider_passthrough: dvs:api-gw-service-nmn.local:300:nmn0 HPC CSM Software Recipe Variable Substitutions The sat bootprep command takes any variables provided and substitutes them into the input file. Variables are sourced from the command line, any variable files directly provided, and the HPC CSM Software Recipe files used, in that order. When providing values through a variable file, sat bootprep substitutes the values with Jinja2 template syntax. The HPC CSM Software Recipe provides default variables in a product_vars.yaml variable file. This file defines information about each HPC software product included in the recipe.\nVariables are primarily substituted into the default HPC CSM Software Recipe bootprep input files through IUF. However, variable files can also be given to sat bootprep directly from IUF\u0026rsquo;s use of the recipe. When using variables directly with sat bootprep, there are some limitations. For more information on SAT variable limitations, see SAT and IUF. For more information on IUF and variable substitutions, see the IUF section of the Cray System Management Documentation.\nSelect an HPC CSM Software Recipe Version View a listing of the default HPC CSM Software Recipe variables and their values by running sat bootprep list-vars. For more information on options that can be used with the list-vars subcommand, refer to the man page for the sat bootprep subcommand.\nBy default, the sat bootprep command uses the variables from the latest installed version of the HPC CSM Software Recipe. Override this with the --recipe-version command line argument to sat bootprep run.\n(ncn-m001#) For example, to explicitly select the 22.11.0 version of the HPC CSM Software Recipe default variables, specify --recipe-version 22.11.0:\nsat bootprep run --recipe-version 22.11.0 compute-and-uan-bootprep.yaml Values Supporting Jinja2 Template Rendering The entire sat bootprep input file is not rendered by the Jinja2 template engine. Jinja2 template rendering of the input file is performed individually for each supported value. The values of the following keys in the bootprep input file support rendering as a Jinja2 template and thus support variables:\nThe name key of each configuration under the configurations key. The following keys of each layer under the layers key in a configuration: name playbook git.branch product.version product.branch The following keys of each image under the images key: name base.product.version base.product.filter.arch base.product.filter.prefix base.product.filter.wildcard configuration The following keys of each session template under the session_templates key: name configuration You can use Jinja2 built-in filters in values of any of the keys listed above. In addition, Python string methods can be called on the string variables.\nHyphens in HPC CSM Software Recipe Variables Variable names with hyphens are not allowed in Jinja2 expressions because they are parsed as an arithmetic expression instead of a single variable. To support product names with hyphens, sat bootprep converts hyphens to underscores in all top-level keys of the default HPC CSM Software Recipe variables. It also converts any variables sourced from the command line or any variable files provided directly. When referring to a variable with hyphens in the bootprep input file, keep this in mind. For example, to refer to the product version variable for slingshot-host-software in the bootprep input file, write \u0026quot;{{slingshot_host_software.version}}\u0026quot;.\nHPC CSM Software Recipe Variable Substitution Example The following example bootprep input file shows how a variable of a USS version can be used in an input file that creates a CFS configuration for computes. Only one layer is shown for brevity.\n--- configurations: - name: \u0026#34;{{default.note}}compute-{{recipe.version}}{{default.suffix}}\u0026#34; layers: - name: uss-compute-{{uss.working_branch}} playbook: cos-compute.yml product: name: uss version: \u0026#34;{{uss.version}}\u0026#34; branch: \u0026#34;{{uss.working_branch}}\u0026#34; Note: When the value of a key in the bootprep input file is a Jinja2 expression, it must be quoted to pass YAML syntax checking.\nJinja2 expressions can also use filters and Python\u0026rsquo;s built-in string methods to manipulate the variable values. For example, suppose only the major and minor components of a USS version are to be used in the branch name for the USS layer of the CFS configuration. Use the split string method to achieve this as follows:\n--- configurations: - name: \u0026#34;{{default.note}}compute-{{recipe.version}}{{default.suffix}}\u0026#34; layers: - name: uss-compute-{{uss.working_branch}} playbook: cos-compute.yml product: name: uss version: \u0026#34;{{uss.version}}\u0026#34; branch: integration-{{uss.version.split(\u0026#39;.\u0026#39;)[0]}}-{{uss.version.split(\u0026#39;.\u0026#39;)[1]}} Dynamic Variable Substitutions Additional variables are available besides the default variables provided by the HPC CSM Software Recipe. (For more information, see HPC CSM Software Recipe Variable Substitutions.) These additional variables are dynamic because their values are determined at run-time based on the context in which they appear. Available dynamic variables include the following:\nThe variable base.name can be used in the name of an image under the images key. The value of this variable is the name of the IMS image or recipe used as the base of this image.\nThe variable image.name can be used in the name of a session template under the session_templates key. The value of this variable is the name of the IMS image used in this session template.\nNote: The name of a session template is restricted to 45 characters. Keep this in mind when using image.name in the name of a session template.\nThese variables reduce the need to duplicate values throughout the sat bootprep input file and make the following use cases possible:\nBuilding an image from a recipe provided by a product and using the name of the recipe in the name of the resulting image Using the name of the image in the name of a session template when the image is generated as described in the previous use case Example Bootprep Input Files This section provides an example bootprep input file. It also gives instructions for obtaining the default bootprep input files delivered with a release of the HPC CSM Software Recipe.\nExample Bootprep Input File The following bootprep input file provides an example of using most of the features described in previous sections. It is not intended to be a complete bootprep file for the entire CSM product.\n--- configurations: - name: \u0026#34;{{default.note}}compute-{{recipe.version}}{{default.suffix}}\u0026#34; layers: - name: uss-compute-{{uss.working_branch}} playbook: cos-compute.yml product: name: uss version: \u0026#34;{{uss.version}}\u0026#34; branch: \u0026#34;{{uss.working_branch}}\u0026#34; - name: cpe-pe_deploy-{{cpe.working_branch}} playbook: pe_deploy.yml product: name: cpe version: \u0026#34;{{cpe.version}}\u0026#34; branch: \u0026#34;{{cpe.working_branch}}\u0026#34; images: - name: \u0026#34;{{default.note}}{{base.name}}{{default.suffix}}\u0026#34; ref_name: base_uss_image base: product: name: uss type: recipe version: \u0026#34;{{uss.version}}\u0026#34; - name: \u0026#34;compute-{{base.name}}\u0026#34; ref_name: compute_image base: image_ref: base_uss_image configuration: \u0026#34;{{default.note}}compute-{{recipe.version}}{{default.suffix}}\u0026#34; configuration_group_names: - Compute session_templates: - name: \u0026#34;{{default.note}}compute-{{recipe.version}}{{default.suffix}}\u0026#34; image: image_ref: compute_image configuration: \u0026#34;{{default.note}}compute-{{recipe.version}}{{default.suffix}}\u0026#34; bos_parameters: boot_sets: compute: kernel_parameters: ip=dhcp quiet spire_join_token=${SPIRE_JOIN_TOKEN} node_roles_groups: - Compute rootfs_provider_passthrough: \u0026#34;dvs:api-gw-service-nmn.local:300:hsn0,nmn0:0\u0026#34; Access Default Bootprep Input Files Default bootprep input files are delivered by the HPC CSM Software Recipe product. Access these files by cloning the hpc-csm-software-recipe repository, as described in the Accessing sat bootprep files process of the Cray System Management Documentation.\n(ncn-m001#) Find the default input files in the bootprep directory of the cloned repository:\nls bootprep/ Generate an Example Bootprep Input File The sat bootprep generate-example command was not updated for recent bootprep schema changes. It is recommended to instead use the default bootprep input files described in Access Default Bootprep Input Files. The sat bootprep generate-example command will be updated in a future release of SAT.\nSummary of SAT Bootprep Results The sat bootprep run command uses information from the bootprep input file to create CFS configurations, IMS images, and BOS session templates. For easy reference, the command also includes output summarizing the final creation results.\n(ncn-m001#) Here is a sample table output after running sat bootprep run:\n################################################################################ CFS configurations ################################################################################ +------------------+ | name | +------------------+ | example-config-1 | | example-config-2 | +------------------+ ################################################################################ IMS images ################################################################################ +---------------+--------------------------------------+--------------------------------------+----------------+----------------------------+ | name | preconfigured_image_id | final_image_id | configuration | configuration_group_names | +---------------+--------------------------------------+--------------------------------------+----------------+----------------------------+ | example-image | c1bcaf00-109d-470f-b665-e7b37dedb62f | a22fb912-22be-449b-a51b-081af2d7aff6 | example-config | Compute | +---------------+--------------------------------------+--------------------------------------+----------------+----------------------------+ ################################################################################ BOS session templates ################################################################################ +------------------+----------------+ | name | configuration | +------------------+----------------+ | example-template | example-config | +------------------+----------------+ View SAT Bootprep Schema The contents of the YAML input files used by sat bootprep must conform to a schema which defines the structure of the data. The schema definition is written using the JSON Schema format. (Although the format is named \u0026ldquo;JSON Schema\u0026rdquo;, the schema itself is written in YAML as well.) More information, including introductory materials and a formal specification of the JSON Schema metaschema, can be found on the JSON Schema website.\nView the Exact Schema Specification (ncn-m001#) To view the exact schema specification, run sat bootprep view-schema.\nsat bootprep view-schema --- $schema: \u0026#34;https://json-schema.org/draft/2020-12/schema\u0026#34; Example output:\ntitle: Bootprep Input File description: \u0026gt; A description of the set of CFS configurations to create, the set of IMS images to create and optionally customize with the defined CFS configurations, and the set of BOS session templates to create that reference the defined images and configurations. type: object additionalProperties: false properties: ... Generate User-Friendly Documentation The raw schema definition can be difficult to understand without experience working with JSON Schema specifications. For this reason, a feature is included with sat bootprep that generates user-friendly HTML documentation for the input file schema. This HTML documentation can be browsed with a web browser.\n(ncn-m001#) Create a documentation tarball using sat bootprep.\nsat bootprep generate-docs Example output:\nINFO: Wrote input schema documentation to /root/bootprep-schema-docs.tar.gz An alternate output directory can be specified with the --output-dir option. The generated tarball is always named bootprep-schema-docs.tar.gz.\nsat bootprep generate-docs --output-dir /tmp Example output:\nINFO: Wrote input schema documentation to /tmp/bootprep-schema-docs.tar.gz (user@hostname\u0026gt;) From another machine, copy the tarball to a local directory.\nscp root@ncn-m001:bootprep-schema-docs.tar.gz . (user@hostname\u0026gt;) Extract the contents of the tarball and open the contained index.html.\ntar xzvf bootprep-schema-docs.tar.gz Example output:\nx bootprep-schema-docs/ x bootprep-schema-docs/index.html x bootprep-schema-docs/schema_doc.css x bootprep-schema-docs/schema_doc.min.js another-machine$ open bootprep-schema-docs/index.html " +}, +{ + "uri": "/docs-sat/en-26/about_sat/sat_in_csm/", + "title": "SAT in CSM", + "tags": [], + "description": "", + "content": "SAT in CSM In CSM 1.3 and newer, the sat command is automatically available on the Kubernetes control plane, but it is still possible to install SAT as a separate product stream. Any version of SAT installed as a separate product stream overrides the sat command available in CSM. Installing the SAT product stream allows additional supporting components to be added:\nAn entry for SAT in the cray-product-catalog Kubernetes ConfigMap is only created by installing the SAT product stream. Otherwise, there will be no entry for this version of SAT in the output of sat showrev.\nThe sat-install-utility container image is only available with the full SAT product stream. This container image provides uninstall and downgrade functionality when used with the prodmgr command. (In SAT 2.3 and older, SAT was only available to install as a separate product stream. Because these versions were packaged with sat-install-utility, it is still possible to uninstall these versions of SAT.)\nThe docs-sat RPM package is only available with the full SAT product stream.\nThe sat-config-management git repository in Gitea (VCS) and thus the SAT layer of NCN CFS configuration is only available with the full SAT product stream.\nIf the SAT product stream is not installed, there will be no configuration content for SAT in VCS. Therefore, CFS configurations that apply to management NCNs (for example, management-23.5.0) should not include a SAT layer.\nThe SAT configuration layer modifies the permissions of files left over from prior installations of SAT, so that the Keycloak username that authenticates to the API gateway cannot be read by users other than root. Specifically, it does the following:\nModifies the sat.toml configuration file which contains the username so that it is only readable by root.\nModifies the /root/.config/sat/tokens directory so that the directory is only readable by root. This is needed because the names of the files within the tokens directory contain the username.\nRegardless of the SAT configuration being applied, passwords and the contents of the tokens are never readable by other users. These permission changes only apply to files created by previous installations of SAT. In the current version of SAT all files and directories are created with the appropriate permissions.\n" +}, +{ + "uri": "/docs-sat/en-26/release_notes/sat_2.6_release_notes/", + "title": "Changes in SAT 2.6", + "tags": [], + "description": "", + "content": "Changes in SAT 2.6 The 2.6.14 version of the SAT product includes:\nVersion 3.25.10 of the sat python package and CLI. Version 2.0.0-1 of the sat-podman wrapper script. Version 1.6.2 of the sat-install-utility container image. New sat Commands No new sat commands were added in SAT 2.6.\nChanges to sat bootsys Functionality was added to the platform-services and cabinet-power stages of sat bootsys boot. This allows SAT to automatically recreate Kubernetes CronJobs that may have become stuck during shutdown, boot, or reboot.\nsat bootsys boot more reliably determines if the hms-discovery CronJob was scheduled during the cabinet-power stage.\nSAT now uses the BatchV1 Kubernetes API to manipulate CronJobs instead of the BatchV1Beta1 API.\nsat bootsys now logs the ID of all BOS sessions when performing BOS operations. A warning is logged for any BOS sessions with failed components.\nSupport for the Compute Rolling Upgrade Service (CRUS) has been removed, and the sat bootsys command will no longer interact with CRUS.\nThe bos-operations stage of sat bootsys no longer checks whether BOS session templates need any operations to be performed before creating a BOS session. BOS instead determines whether the session will need to boot or shut down any nodes to reach the desired state.\nChanges to sat bootprep Wildcard matching was added for images in sat bootprep input files. Use wildcards similar to how prefix filters were used in older versions of SAT. For more information, see Define IMS Images.\nSupport for multiple architectures was added to sat bootprep. It is now possible to filter base IMS images and recipes from products based on their target architecture. This support also allows specifying target architectures in boot sets of BOS session templates. For more information, see Filter Base Images or Recipes from a Product and Define BOS Session Templates.\nWhen specifying a base image or recipe from a product, sat bootprep can combine multiple image or recipe filters. When specifying multiple filters, the unique base image or recipe that satisfies all of the given filters is selected. An error occurs if either no images or recipes match the given filters or if more than one image or recipe matches the given filters.\nIn CFS configuration layers, support was added for the new imsRequireDkms field under the specialParameters section. CFS configurations in bootprep input files can specify an ims_require_dkms field in a new, optional special_parameters section for each layer.\nOther SAT Changes The SAT Kibana and Grafana dashboards were moved to the System Monitoring Application (SMA) beside other dashboards. For more information on how to view these dashboards going forward, see the HPE Cray EX System Monitoring Application Administration Guide (S-8029).\nAdd the new s3.cert_verify option to the SAT configuration file to control whether certificate verification is performed when accessing S3.\nLog messages spanning multiple lines now print the log level on each line instead of only at the beginning of the message.\nWhen certificate verification is disabled for CSM API requests, only a single warning now prints at the beginning of SAT\u0026rsquo;s invocation instead of for each request.\nsat swap blade more reliably determines if the hms-discovery CronJob was scheduled when enabling a blade following a hardware swap.\nsat swap blade will use the BatchV1 Kubernetes API to manipulate CronJobs, instead of the BatchV1Beta1 API as previously.\nCommand prompts in this guide are now inserted into text before the fenced code block instead of inside of it. This is a change from the documentation of SAT 2.5 and earlier. In addition, two new command prompts were added for better clarity. For more information, see Command Prompt Conventions in SAT.\nMulti-tenancy Support SAT 2.6 supports supplying tenant information to CSM services in order to allow tenant admins to use SAT within their tenant. For more information, see Configure multi-tenancy.\nSecurity Updated the version of cryptography from 36.0.1 to 41.0.0 to resolve CVE-2023-2650.\nUpdated the version of requests from 2.27.1 to 2.31.0 to resolve CVE-2023-32681.\nUpdated the version of curl/libcurl from 7.80.0-r6 to 8.1.2-r0 to address CVE-2023-27536.\nBug Fixes Improved extreme slowness in the platform-services stage of sat bootsys shutdown in cases where a large known_hosts file is used on the host where SAT is running.\nFixed a bug that caused the wrong container name to be logged when CFS configuration sessions failed on newer CSM systems.\n" +}, +{ + "uri": "/docs-sat/en-26/about_sat/view_sat_docs/", + "title": "View SAT Documentation", + "tags": [], + "description": "", + "content": "View SAT Documentation View the System Admin Toolkit (SAT) documentation both online and offline by using the information in this section.\nOnline Documentation The SAT documentation can be found online in HTML form at the following link: SAT Documentation. The navigation pane on the left of the HTML page orders topics alphabetically. Navigate an individual topic\u0026rsquo;s headings by using the Headings icon at the top of the page, as shown in the following images.\nThe documentation can also be viewed online in GitHub by navigating to the docs/ subdirectory of the docs-sat repository. Navigate an individual topic\u0026rsquo;s headings with a similar Headings icon at the top of the page, as shown in the following images.\nOffline Documentation The SAT documentation is available offline as markdown, which can be viewed with a markdown viewer or with a text editor. The offline documentation is available in the docs/ directory of the SAT release distribution as well as in RPM package format. The RPM package is installed as a part of the Ansible plays launched by the Configuration Framework Service (CFS). Its files are installed to /usr/share/doc/sat.\n" +}, +{ + "uri": "/docs-sat/en-26/release_notes/shasta_1.3.2_release_notes/", + "title": "SAT Changes in Shasta v1.3.2", + "tags": [], + "description": "", + "content": "SAT Changes in Shasta v1.3.2 Shasta v1.3.2 included version 2.4.0 of the sat python package and CLI.\nThe following sections detail the changes in this release.\nsat swap Command for Switch and Cable Replacement The sat switch command which supported operations for replacing a switch has been deprecated and replaced with the sat swap command, which now supports replacing a switch OR cable.\nThe sat swap switch command is equivalent to sat switch. The sat switch command will be removed in a future release.\nAddition of Stages to sat bootsys Command The sat bootsys command now has multiple stages for both the boot and shutdown actions. Please refer to the \u0026ldquo;System Power On Procedures\u0026rdquo; and \u0026ldquo;System Power Off Procedures\u0026rdquo; sections of the Cray Shasta Administration Guide (S-8001) for more details on using this command in the context of a full system power off and power on.\n" +}, +{ + "uri": "/docs-sat/en-26/external_system/", + "title": "SAT on an External System", + "tags": [], + "description": "", + "content": "SAT on an External System SAT can optionally be installed and configured on an external system to interact with CSM over the CAN.\nLimitations Most SAT subcommands work by accessing APIs which are reachable via the CAN. However, certain SAT commands depend on host-based functionality on the management NCNs and will not work from an external system. This includes the following:\nThe platform-services and ncn-power stages of sat bootsys The local host information displayed by the --local option of sat showrev Installing SAT on an external system is not an officially supported configuration. These instructions are provided \u0026ldquo;as-is\u0026rdquo; with the hope that they can be useful for users who desire additional flexibility.\nCertain additional steps may need to be taken to install and configure SAT depending on the configuration of the external system in use. These additional steps may include provisioning virtual machines, installing packages, or configuring TLS certificates, and these steps are outside the scope of this documentation. This section covers only the steps needed to configure SAT to use externally-accessible API endpoints exposed by CSM.\nInstall and Configure SAT Prerequisites The external system must be on the Customer Access Network (CAN). Python 3.7 or newer is installed on the system. kubectl, openssh, git, and curl are installed on the external system. The root CA certificates used when installing CSM have been added to the external system\u0026rsquo;s trust store such that authenticated TLS connections can be made to the CSM REST API gateway. For more information, refer to Certificate Authority in the Cray System Management Documentation. Procedure (user@hostname\u0026gt;) Create a Python virtual environment.\nSAT_VENV_PATH=\u0026#34;$(pwd)/venv\u0026#34; python3 -m venv ${SAT_VENV_PATH} . ${SAT_VENV_PATH}/bin/activate ((venv) user@hostname\u0026gt;) Clone the SAT source code.\nTo use SAT version 3.21, this example clones the release/3.21 branch of Cray-HPE/sat.\ngit clone --branch=release/3.21 https://github.com/Cray-HPE/sat.git Set up the SAT CSM Python dependencies to be installed from their source code.\nSAT CSM Python dependency packages are not currently distributed publicly as source packages or binary distributions. They must be installed from their source code hosted on GitHub. Also, to install the cray-product-catalog Python package, first clone it locally. Use the following steps to modify the SAT CSM Python dependencies so they can be installed from their source code.\n((venv) user@hostname\u0026gt;) Clone the source code for cray-product-catalog.\ngit clone --branch v1.6.0 https://github.com/Cray-HPE/cray-product-catalog ((venv) user@hostname\u0026gt;) In the cray-product-catalog directory, create a file named .version that contains the version of cray-product-catalog.\necho 1.6.0 \u0026gt; cray-product-catalog/.version ((venv) user@hostname\u0026gt;) Open the \u0026ldquo;locked\u0026rdquo; requirements file in a text editor.\nvim sat/requirements.lock.txt Update the line containing cray-product-catalog so that it reflects the local path to cray-product-catalog.\nIt should read as follows:\n./cray-product-catalog For versions of SAT newer than 3.19, change the line containing csm-api-client to read as follows.\ncsm-api-client@git+https://github.com/Cray-HPE/python-csm-api-client@release/1.1 (Optional) ((venv) user@hostname\u0026gt;) Confirm that requirements.lock.txt is modified as expected.\ngrep -E \u0026#39;cray-product-catalog|csm-api-client\u0026#39; sat/requirements.lock.txt Example output:\n./cray-product-catalog csm-api-client@git+https://github.com/Cray-HPE/python-csm-api-client@release/1.1 Note: For versions newer than 3.19, the output will show both cray-product-catalog and csm-api-client. For version 3.19 and older, the output will only show cray-product-catalog.\n((venv) user@hostname\u0026gt;) Install the modified SAT dependencies.\npip install -r sat/requirements.lock.txt ((venv) user@hostname\u0026gt;) Install the SAT Python package.\npip install ./sat (Optional) ((venv) user@hostname\u0026gt;) Add the sat virtual environment to the user\u0026rsquo;s PATH environment variable.\nIf a shell other than bash is in use, replace ~/.bash_profile with the appropriate profile path.\nIf the virtual environment is not added to the user\u0026rsquo;s PATH environment variable, then source ${SAT_VENV_PATH}/bin/activate will need to be run before running any SAT commands.\ndeactivate echo export PATH=\\\u0026#34;${SAT_VENV_PATH}/bin:${PATH}\\\u0026#34; \u0026gt;\u0026gt; ~/.bash_profile source ~/.bash_profile (user@hostname\u0026gt;) Copy the file /etc/kubernetes/admin.conf from ncn-m001 to ~/.kube/config on the external system.\nNote that this file contains credentials to authenticate against the Kubernetes API as the administrative user, so it should be treated as sensitive.\nmkdir -p ~/.kube scp ncn-m001:/etc/kubernetes/admin.conf ~/.kube/config\\ Example output:\nadmin.conf 100% 5566 3.0MB/s 00:00 (user@hostname\u0026gt;) Find the CAN IP address on ncn-m001 to determine the corresponding kubernetes hostname.\nOn CSM 1.2 and newer, query the IP address of the bond0.cmn0 interface.\nssh ncn-m001 ip addr show bond0.cmn0 Example output:\n13: bond0.cmn0@bond0: \u0026lt;BROADCAST,MULTICAST,UP,LOWER_UP\u0026gt; mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether b8:59:9f:1d:d9:0e brd ff:ff:ff:ff:ff:ff inet 10.102.1.11/24 brd 10.102.1.255 scope global vlan007 valid_lft forever preferred_lft forever inet6 fe80::ba59:9fff:fe1d:d90e/64 scope link valid_lft forever preferred_lft forever On CSM versions prior to 1.2, query the IP address of the vlan007 interface.\nssh ncn-m001 ip addr show vlan007 Example output:\n13: vlan007@bond0: \u0026lt;BROADCAST,MULTICAST,UP,LOWER_UP\u0026gt; mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether b8:59:9f:1d:d9:0e brd ff:ff:ff:ff:ff:ff inet 10.102.1.10/24 brd 10.102.1.255 scope global vlan007 valid_lft forever preferred_lft forever inet6 fe80::ba59:9fff:fe1d:d90e/64 scope link valid_lft forever preferred_lft forever (user@hostname\u0026gt;) Set the IP_ADDRESS variable to the value found in the previous step.\nIP_ADDRESS=10.102.1.11 (user@hostname\u0026gt;) Add an entry to /etc/hosts mapping the IP address to the hostname kubernetes.\necho \u0026#34;${IP_ADDRESS} kubernetes\u0026#34; | sudo tee -a /etc/hosts 10.102.1.11 kubernetes (user@hostname\u0026gt;) Modify ~/.kube/config to set the cluster server address.\nThe value of the server key for the kubernetes cluster under the clusters section should be set to https://kubernetes:6443.\n--- clusters: - cluster: certificate-authority-data: REDACTED server: https://kubernetes:6443 name: kubernetes ... (user@hostname\u0026gt;) Confirm that kubectl can access the CSM Kubernetes cluster.\nkubectl get nodes Example output:\nNAME STATUS ROLES AGE VERSION ncn-m001 Ready master 135d v1.19.9 ncn-m002 Ready master 136d v1.19.9 ncn-m003 Ready master 136d v1.19.9 ncn-w001 Ready \u0026lt;none\u0026gt; 136d v1.19.9 ncn-w002 Ready \u0026lt;none\u0026gt; 136d v1.19.9 ncn-w003 Ready \u0026lt;none\u0026gt; 136d v1.19.9 (user@hostname\u0026gt;) Use sat init to create a configuration file for SAT.\nsat init Example output:\nINFO: Configuration file \u0026#34;/home/user/.config/sat/sat.toml\u0026#34; generated. (user@hostname\u0026gt;) Copy the platform CA certificates from the management NCN and configure the certificates for use with SAT.\nIf a shell other than bash is in use, replace ~/.bash_profile with the appropriate profile path.\nscp ncn-m001:/etc/pki/trust/anchors/platform-ca-certs.crt . echo export REQUESTS_CA_BUNDLE=\\\u0026#34;$(realpath platform-ca-certs.crt)\\\u0026#34; \u0026gt;\u0026gt; ~/.bash_profile source ~/.bash_profile Edit the SAT configuration file to set the API and S3 hostnames.\nExternally available API endpoints are given domain names in PowerDNS, so the endpoints in the configuration file should each be set to the format subdomain.system-name.site-domain. Here system-name and site-domain are replaced with the values specified during csi config init, and subdomain is the DNS name for the externally available service. For more information, refer to Externally Exposed Services in the Cray System Management Documentation.\nThe API gateway has the subdomain api, and S3 has the subdomain s3. The S3 endpoint runs on port 8080. The following options should be set in the SAT configuration file.\n[api_gateway] host = \u0026#34;api.system-name.site-domain\u0026#34; [s3] endpoint = \u0026#34;http://s3.system-name.site-domain:8080\u0026#34; Edit the SAT configuration file to specify the Keycloak user who will be accessing the REST API.\n[api_gateway] username = \u0026#34;user\u0026#34; (user@hostname\u0026gt;) Run sat auth, and enter the password when prompted.\nThe admin account used to authenticate with sat auth must be enabled in Keycloak and must have its assigned role set to admin.\nsat auth Example output:\nPassword for user: Succeeded! For more information on authentication types and authentication credentials, see SAT Command Authentication. For more information on Keycloak accounts and changing Role Mappings, refer to both Configure Keycloak Account and Create Internal User Accounts in the Keycloak Shasta Realm in the Cray System Management Documentation.\n(user@hostname\u0026gt;) Ensure the files are readable only by the current user.\ntouch ~/.config/sat/s3_access_key \\ ~/.config/sat/s3_secret_key chmod 600 ~/.config/sat/s3_access_key \\ ~/.config/sat/s3_secret_key (user@hostname\u0026gt;) Write the credentials to local files using kubectl.\nGenerate S3 credentials and write them to a local file so the SAT user can access S3 storage. In order to use the SAT S3 bucket, the user must generate the S3 access key and secret keys and write them to a local file. SAT uses S3 storage for several purposes, most importantly to store the site-specific information set with sat setrev.\nkubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.access_key}\u0026#39; | base64 -d \u0026gt; \\ ~/.config/sat/s3_access_key kubectl get secret sat-s3-credentials -o json -o \\ jsonpath=\u0026#39;{.data.secret_key}\u0026#39; | base64 -d \u0026gt; \\ ~/.config/sat/s3_secret_key " +}, +{ + "uri": "/docs-sat/en-26/release_notes/shasta_1.3_release_notes/", + "title": "SAT Changes in Shasta v1.3", + "tags": [], + "description": "", + "content": "SAT Changes in Shasta v1.3 Shasta v1.3 included version 2.2.3 of the sat python package and CLI.\nThis version of the sat CLI contained the following commands:\nauth bootsys cablecheck diag firmware hwinv hwmatch k8s linkhealth sensors setrev showrev status swap switch For more information on each of these commands, see the SAT Command Overview and the table of commands in the SAT Command Authentication section of this document.\n" +}, +{ + "uri": "/docs-sat/en-26/release_notes/shasta_1.4.1_release_notes/", + "title": "SAT Changes in Shasta v1.4.1", + "tags": [], + "description": "", + "content": "SAT Changes in Shasta v1.4.1 We released version 2.0.4 of the SAT product in Shasta v1.4.1.\nThis version of the SAT product included:\nVersion 3.5.0 of the sat python package and CLI. Version 1.4.3 of the sat-podman wrapper script. The following sections detail the changes in this release.\nNew Commands to Translate Between NIDs and XNames Two new commands were added to translate between NIDs and XNames:\nsat nid2xname sat xname2nid These commands perform this translation by making requests to the Hardware State Manager (HSM) API.\nBug Fixes Fixed a problem in sat swap where creating the offline port policy failed. Changed sat bootsys shutdown --stage bos-operations to no longer forcefully power off all compute nodes and application nodes using CAPMC when BOS sessions complete or time out. Fixed an issue with the command sat bootsys boot --stage cabinet-power. " +}, +{ + "uri": "/docs-sat/en-26/release_notes/shasta_1.4_release_notes/", + "title": "SAT Changes in Shasta v1.4", + "tags": [], + "description": "", + "content": "SAT Changes in Shasta v1.4 In Shasta v1.4, SAT became an independent product, which meant we began to designate a version number for the entire SAT product. We released version 2.0.3 of the SAT product in Shasta v1.4.\nThis version of the SAT product included the following components:\nVersion 3.4.0 of the sat python package and CLI It also added the following new component:\nVersion 1.4.2 of the sat-podman wrapper script The following sections detail the changes in this release.\nSAT as an Independent Product SAT is now packaged and released as an independent product. The product deliverable is called a \u0026ldquo;release distribution\u0026rdquo;. The release distribution is a gzipped tar file containing an install script. This install script loads the cray/cray-sat container image into the Docker registry in Nexus and loads the cray-sat-podman RPM into a package repository in Nexus.\nIn this release, the cray-sat-podman package is still installed in the master and worker NCN images provided by CSM. This is changed in SAT 2.1.16 released in Shasta v1.5.\nSAT Running in a Container Under Podman The sat command now runs in a container under Podman. The sat executable is now installed on all nodes in the Kubernetes cluster (workers and control plane nodes). This executable is a wrapper script that starts a SAT container in Podman and invokes the sat Python CLI within that container. The admin can run individual sat commands directly on the master or worker NCNs as before, or they can run sat commands inside the SAT container after using sat bash to enter an interactive shell inside the SAT container.\nTo view man pages for sat commands, the user can run sat-man SAT_COMMAND, replacing SAT_COMMAND with the name of the sat command. Alternatively, the user can enter the sat container with sat bash and use the man command.\nNew sat init Command and Configuration File Location Change The default location of the SAT configuration file has been changed from /etc/sat.toml to ~/.config/sat/sat.toml. A new command, sat init, has been added that initializes a configuration file in the new default directory. This better supports individual users on the system who want their own configuration files.\n~/.config/sat is mounted into the container that runs under Podman, so changes are persistent across invocations of the sat container. If desired, an alternate configuration directory can be specified with the SAT_CONFIG_DIR environment variable.\nAdditionally, if a configuration file does not yet exist when a user runs a sat command, one is generated automatically.\nAdditional Types Added to sat hwinv Additional functionality has been added to sat hwinv including:\nList node enclosure power supplies with the --list-node-enclosure-power-supplies option. List node accelerators (for example, GPUs) with the --list-node-accels option. The count of node accelerators is also included for each node. List node accelerator risers (for example, Redstone modules) with the --list-node-accel-risers option. The count of node accelerator risers is also included for each node. List High-Speed Node Network Interface Cards (HSN NICs) with the --list-node-hsn-nics option. The count of HSN NICs is also included for each node. Documentation for these new options has been added to the man page for sat hwinv.\nSite Information Stored by sat setrev in S3 The sat setrev and sat showrev commands now use S3 to store and obtain site information, including system name, site name, serial number, install date, and system type. Since the information is stored in S3, it will now be consistent regardless of the node on which sat is executed.\nAs a result of this change, S3 credentials must be configured for SAT. For more information, see Generate SAT S3 Credentials.\nProduct Version Information Shown by sat showrev sat showrev now shows product information from the cray-product-catalog ConfigMap in Kubernetes.\nAdditional Changes to sat showrev The output from sat showrev has also been changed in the following ways:\nThe --docker and --packages options were considered misleading and have been removed. Information pertaining to only to the local host, where the command is run, has been moved to the output of the --local option. Removal of sat cablecheck The sat cablecheck command has been removed. To verify that the system\u0026rsquo;s Slingshot network is cabled correctly, admins should now use the show cables command in the Slingshot Topology Tool (STT).\nsat swap Command Compatibility with Next-gen Fabric Controller The sat swap command was added in Shasta v1.3.2. This command used the Fabric Controller API. Shasta v1.4 introduced a new Fabric Manager API and removed the Fabric Controller API, so this command has been rewritten to use the new backwards-incompatible API. Usage of the command did not change.\nsat bootsys Functionality Much of the functionality added to sat bootsys in Shasta v1.3.2 was broken by changes introduced in Shasta v1.4, which removed the Ansible inventory and playbooks.\nThe functionality in the platform-services stage of sat bootsys has been re-implemented to use python directly instead of Ansible. This resulted in a more robust procedure with better logging to the sat log file. Failures to stop containers on Kubernetes nodes are handled more gracefully, and more information about the containers that failed to stop, including how to debug the problem, is included.\nImprovements were made to console logging setup for non-compute nodes (NCNs) when they are shut down and booted.\nThe following improvements were made to the bos-operations stage of sat bootsys:\nMore information about the BOS sessions, BOA jobs, and BOA pods is printed. A command-line option, --bos-templates, and a corresponding configuration file option, bos_templates, were added, and the --cle-bos-template and --uan-bos-template options and their corresponding configuration file options were deprecated. The following functionality has been removed from sat bootsys:\nThe hsn-bringup stage of sat bootsys boot has been removed due to removal of the underlying Ansible playbook. The bgp-check stage of sat bootys {boot,shutdown} has been removed. It is now a manual procedure. Log File Location Change The location of the sat log file has changed from /var/log/cray/sat.log to /var/log/cray/sat/sat.log. This change simplifies mounting this file into the sat container running under Podman.\n" +}, +{ + "uri": "/docs-sat/en-26/release_notes/shasta_1.5_release_notes/", + "title": "SAT Changes in Shasta v1.5", + "tags": [], + "description": "", + "content": "SAT Changes in Shasta v1.5 We released version 2.1.16 of the SAT product in Shasta v1.5.\nThis version of the SAT product included:\nVersion 3.7.4 of the sat python package and CLI Version 1.4.10 of the sat-podman wrapper script It also added the following new component:\nVersion 1.0.3 of the sat-cfs-install docker image and helm chart The following sections detail the changes in this release.\nInstall Changes to Separate Product from CSM This release further decouples the installation of the SAT product from the CSM product. The cray-sat-podman RPM is no longer installed in the management non-compute node (NCN) image. Instead, the cray-sat-podman RPM is installed on all master management NCNs via an Ansible playbook which is referenced by a layer of the CFS configuration that applies to management NCNs. This CFS configuration is typically named ncn-personalization.\nThe SAT product now includes a Docker image and a Helm chart named sat-cfs-install. The SAT install script, install.sh, deploys the Helm chart with Loftsman. This helm chart deploys a Kubernetes job that imports the SAT Ansible content to a git repository in VCS (Gitea) named sat-config-management. This repository is referenced by the layer added to the NCN personalization CFS configuration.\nRemoval of Direct Redfish Access All commands which used to access Redfish directly have either been removed or modified to use higher-level service APIs. This includes the following commands:\nsat sensors sat diag sat linkhealth The sat sensors command has been rewritten to use the SMA telemetry API to obtain the latest sensor values. The command\u0026rsquo;s usage has changed slightly, but legacy options work as before, so it is backwards compatible. Additionally, new commands have been added.\nThe sat diag command has been rewritten to use a new service called Fox, which is delivered with the CSM-Diags product. The sat diag command now launches diagnostics using the Fox service, which launches the corresponding diagnostic programs on controllers using the Hardware Management Job and Task Daemon (HMJTD) over Redfish. Essentially, Fox serves as a proxy for us to start diagnostics over Redfish.\nThe sat linkhealth command has been removed. Its functionality has been replaced by functionality from the Slingshot Topology Tool (STT) in the fabric manager pod.\nThe Redfish username and password command line options and configuration file options have been removed. For more information, see Remove Obsolete Configuration File Sections.\nAdditional Fields in sat setrev and sat showrev sat setrev now collects the following information from the admin, which is then displayed by sat showrev:\nSystem description Product number Company name Country code Additional guidance and validation has been added to each field collected by sat setrev. This sets the stage for sdu setup to stop collecting this information and instead collect it from sat showrev or its S3 bucket.\nImprovements to sat bootsys The platform-services stage of the sat bootsys boot command has been improved to start inactive Ceph services, unfreeze Ceph, and wait for Ceph health in the correct order. The ceph-check stage has been removed as it is no longer needed.\nThe platform-services stage of sat bootsys boot now prompts for confirmation of the storage NCN hostnames in addition to the Kubernetes control plane and worker nodes.\nBug Fixes and Security Fixes Improved error handling in sat firmware. Incremented version of Alpine Linux to 3.13.2 to address a security vulnerability. Other Notable Changes Ansible has been removed from the cray-sat container image. Support for the Firmware Update Service (FUS) has been removed from the sat firmware command. " +}, +{ + "uri": "/docs-sat/en-26/uninstall_and_downgrade/", + "title": "SAT Uninstall and Downgrade", + "tags": [], + "description": "", + "content": "SAT Uninstall and Downgrade Uninstall: Remove a Version of SAT This procedure can be used to uninstall a version of SAT.\nPrerequisites Only versions 2.2 or newer of SAT can be uninstalled with prodmgr. CSM version 1.2 or newer must be installed, so that the prodmgr command is available. Procedure (ncn-m001#) Use sat showrev to list versions of SAT.\nsat showrev --products --filter product_name=sat Example output:\n############################################################################### Product Revision Information ############################################################################### +--------------+-----------------+-------------------+-----------------------+ | product_name | product_version | images | image_recipes | +--------------+-----------------+-------------------+-----------------------+ | sat | 2.3.3 | - | - | | sat | 2.2.10 | - | - | +--------------+-----------------+-------------------+-----------------------+ (ncn-m001#) Use prodmgr to uninstall a version of SAT.\nThis command will do three things:\nRemove all hosted-type package repositories associated with the given version of SAT. Group-type repositories are not removed. Remove all container images associated with the given version of SAT. Remove SAT from the cray-product-catalog Kubernetes ConfigMap, so that it will no longer show up in the output of sat showrev. prodmgr uninstall sat 2.2.10 Example output:\nRepository sat-2.2.10-sle-15sp2 has been removed. Removed Docker image cray/cray-sat:3.9.0 Removed Docker image cray/sat-cfs-install:1.0.2 Removed Docker image cray/sat-install-utility:1.4.0 Deleted sat-2.2.10 from product catalog. Downgrade: Switch Between SAT Versions This procedure can be used to downgrade the active version of SAT.\nNote: The prodmgr activate command is deprecated in SAT 2.6, and the ability to switch between SAT versions will be removed in a future release.\nPrerequisites Only versions 2.2 or newer of SAT can be switched. Older versions must be switched manually. CSM version 1.2 or newer must be installed, so that the prodmgr command is available. Procedure (ncn-m001#) Use sat showrev to list versions of SAT.\nsat showrev --products --filter product_name=sat Example output:\n############################################################################### Product Revision Information ############################################################################### +--------------+-----------------+--------------------+-----------------------+ | product_name | product_version | images | image_recipes | +--------------+-----------------+--------------------+-----------------------+ | sat | 2.3.3 | - | - | | sat | 2.2.10 | - | - | +--------------+-----------------+--------------------+-----------------------+ (ncn-m001#) Use prodmgr to switch to a different version of SAT.\nThis command will do two things:\nFor all hosted-type package repositories associated with this version of SAT, set them as the sole member of their corresponding group-type repository. For example, switching to SAT version 2.2.10 sets the repository sat-2.2.10-sle-15sp2 as the only member of the sat-sle-15sp2 group. Ensure that the SAT CFS configuration content exists as a layer in all CFS configurations that are associated with NCNs with the role \u0026ldquo;Management\u0026rdquo; and subrole \u0026ldquo;Master\u0026rdquo; (for example, the CFS configuration management-23.5.0). Specifically, it will ensure that the layer refers to the version of SAT CFS configuration content associated with the version of SAT to which the system is switching. prodmgr activate sat 2.5.15 Example output:\nRepository sat-2.5.15-sle-15sp4 is now the default in sat-sle-15sp4. Updated CFS configurations: [management-23.5.0] Apply the modified CFS configuration to the management NCNs.\nAt this point, Nexus package repositories have been modified to set a particular package repository as active, but the SAT package may not have been updated on management NCNs.\nTo ensure that management NCNs have been updated to use the active SAT version, follow the Procedure to Apply CFS Configuration.\nProcedure to Apply CFS Configuration (ncn-m001#) Set an environment variable that refers to the name of the CFS configuration to be applied to the management NCNs.\nexport CFS_CONFIG_NAME=\u0026#34;management-23.5.0\u0026#34; Note: Refer to the output from the prodmgr activate command to find the name of the modified CFS configuration. If more than one CFS configuration was modified, use the first one.\nINFO: Successfully saved CFS configuration \u0026#34;management-23.5.0\u0026#34; (ncn-m001#) Obtain the name of the CFS configuration layer for SAT and save it in an environment variable:\nexport SAT_LAYER_NAME=$(cray cfs configurations describe $CFS_CONFIG_NAME --format json \\ | jq -r \u0026#39;.layers | map(select(.cloneUrl | contains(\u0026#34;sat-config-management.git\u0026#34;)))[0].name\u0026#39;) (ncn-m001#) Create a CFS session that executes only the SAT layer of the given CFS configuration.\nThe --configuration-limit option limits the configuration session to run only the SAT layer of the configuration.\ncray cfs sessions create --name \u0026#34;sat-session-${CFS_CONFIG_NAME}\u0026#34; --configuration-name \\ \u0026#34;${CFS_CONFIG_NAME}\u0026#34; --configuration-limit \u0026#34;${SAT_LAYER_NAME}\u0026#34; Monitor the progress of the CFS session.\n(ncn-m001#) Set an environment variable to name of the Ansible container within the pod for the CFS session:\nexport ANSIBLE_CONTAINER=$(kubectl get pod -n services \\ --selector=cfsession=sat-session-${CFS_CONFIG_NAME} -o json \\ -o json | jq -r \u0026#39;.items[0].spec.containers | map(select(.name | contains(\u0026#34;ansible\u0026#34;))) | .[0].name\u0026#39;) (ncn-m001#) Next, get the logs for the Ansible container.\nkubectl logs -c $ANSIBLE_CONTAINER --tail 100 -f -n services \\ --selector=cfsession=sat-session-${CFS_CONFIG_NAME} Ansible plays, which are run by the CFS session, will install SAT on all the master management NCNs on the system. A summary of results can be found at the end of the log output.\n(ncn-m001#) The following example shows a successful session:\n... PLAY RECAP ********************************************************************* x3000c0s1b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 x3000c0s3b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 x3000c0s5b0n0 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Note: Ensure that the PLAY RECAPs for each session show successes for all manager NCNs before proceeding.\n(ncn-m001#) Verify that SAT was successfully configured.\nIf sat is configured, the --version command will indicate which version is installed. If sat is not properly configured, the command will fail.\nNote: This version number will differ from the version number of the SAT release distribution. This is the semantic version of the sat Python package, which is different from the version number of the overall SAT release distribution.\nsat --version Example output:\nsat 3.7.0 Note: Upon first running sat, there might be additional output while the sat container image is downloaded. This occurs the first time sat is run on each manager NCN. For example, when running sat for the first time on ncn-m001 and then for the first time on ncn-m002, this additional output is seen both times.\nTrying to pull registry.local/cray/cray-sat:3.7.0-20210514024359_9fed037... Getting image source signatures Copying blob da64e8df3afc done Copying blob 0f36fd81d583 done Copying blob 12527cf455ba done ... sat 3.7.0 (ncn-m001#) Stop the typescript.\nexit SAT version x.y.z is now installed and configured:\nThe SAT RPM package is installed on the associated NCNs. Note on Procedure to Apply CFS Configuration The previous procedure is not always necessary because the CFS Batcher service automatically detects configuration changes and will automatically create new sessions to apply configuration changes according to certain rules. For more information on these rules, refer to Configuration Management with the CFS Batcher in the Cray System Management Documentation.\nThe main scenario in which the CFS batcher will not automatically re-apply the SAT layer is when the commit hash of the sat-config-management git repository has not changed between SAT versions. The previous procedure ensures the configuration is re-applied in all cases, and it is harmless if the batcher has already applied an updated configuration.\n" +}, +{ + "uri": "/docs-sat/en-26/upgrade/", + "title": "SAT Upgrade", + "tags": [], + "description": "", + "content": "SAT Upgrade Install and Upgrade Framework The Install and Upgrade Framework (IUF) provides commands which install, upgrade, and deploy products on systems managed by CSM. IUF capabilities are described in detail in the IUF section of the Cray System Management Documentation. The initial install and upgrade workflows described in the HPE Cray EX System Software Stack Installation and Upgrade Guide for CSM (S-8052) detail when and how to use IUF with a new release of SAT or any other HPE Cray EX product.\nThis document does not replicate install, upgrade, or deployment procedures detailed in the Cray System Management Documentation. This document provides details regarding software and configuration content specific to SAT which is needed when installing, upgrading, or deploying a SAT release. The Cray System Management Documentation will indicate when sections of this document should be referred to for detailed information.\nIUF will perform the following tasks for a release of SAT.\nIUF deliver-product stage: Uploads SAT configuration content to VCS Uploads SAT information to the CSM product catalog Uploads SAT content to Nexus repositories IUF update-vcs-config stage: Updates the VCS integration branch with new SAT configuration content if a working branch is specified IUF update-cfs-config stage: Creates a new CFS configuration for management nodes with new SAT configuration content IUF prepare-images stage: Creates updated management NCN and managed node images with new SAT content IUF management-nodes-rollout stage: Boots management NCNs with an image containing new SAT content IUF uses a variety of CSM and SAT tools when performing these tasks. The IUF section of the Cray System Management Documentation describes how to use these tools directly if it is desirable to use them instead of IUF.\nIUF Stage Details for SAT This section describes SAT details that an administrator must be aware of before running IUF stages. Entries are prefixed with Information if no administrative action is required or Action if an administrator needs to perform tasks outside of IUF.\nupdate-vcs-config Information: This stage is only run if a VCS working branch is specified for SAT. By default, SAT does not create or specify a VCS working branch.\nupdate-cfs-config Information: This stage only applies to the management configuration and not to the managed configuration.\nprepare-images Information: This stage only applies to management images and not to managed images.\nPost-Upgrade Procedures After upgrading SAT with IUF, it is recommended to complete the following procedures before using SAT:\nRemove Obsolete Configuration File Sections Update SAT Logging Set System Revision Information Notes on the Procedures Ellipses (...) in shell output indicate omitted lines. In the examples below, replace x.y.z with the version of the SAT product stream being upgraded. \u0026lsquo;manager\u0026rsquo; and \u0026lsquo;master\u0026rsquo; are used interchangeably in the steps below. Remove Obsolete Configuration File Sections After upgrading SAT, if using the configuration file from a previous version, there may be configuration file sections no longer used in the new version. For example, when upgrading from Shasta 1.4 to Shasta 1.5, the [redfish] configuration file section is no longer used.\n(ncn-m001#) In that case, the following warning may appear upon running sat commands.\nWARNING: Ignoring unknown section \u0026#39;redfish\u0026#39; in config file. Remove the [redfish] section from /root/.config/sat/sat.toml to resolve the warning.\n[redfish] username = \u0026#34;admin\u0026#34; password = \u0026#34;adminpass\u0026#34; Repeat this process for any configuration file sections for which there are \u0026ldquo;unknown section\u0026rdquo; warnings.\nUpdate SAT Logging As of SAT version 2.2, some command output that was previously printed to stdout is now logged to stderr. These messages are logged at the INFO level. The default logging threshold was changed from WARNING to INFO to accommodate this logging change. Additionally, some messages previously logged at the INFO are now logged at the DEBUG level.\nThese changes take effect automatically. However, if the default output threshold has been manually set in ~/.config/sat/sat.toml, it should be changed to ensure that important output is shown in the terminal.\nUpdate Configuration (ncn-m001#) In the following example, the stderr log level, logging.stderr_level, is set to WARNING, which will exclude INFO-level logging from terminal output.\ngrep -A 3 logging ~/.config/sat/sat.toml Example output:\n[logging] ... stderr_level = \u0026#34;WARNING\u0026#34; To enable the new default behavior, comment this line out, delete it, or set the value to \u0026ldquo;INFO\u0026rdquo;.\nIf logging.stderr_level is commented out, its value will not affect logging behavior. However, it may be helpful to set its value to INFO as a reminder of the new default behavior.\nAffected Commands The following commands trigger messages that have been changed from stdout print calls to INFO-level (or WARNING- or ERROR-level) log messages:\nsat bootsys --stage shutdown --stage session-checks sat sensors The following commands trigger messages that have been changed from INFO-level log messages to DEBUG-level log messages:\nsat nid2xname sat xname2nid sat swap Set System Revision Information HPE service representatives use system revision information data to identify systems in support cases.\nPrerequisites SAT authentication has been set up during installation. See Authenticate SAT Commands. S3 credentials have been generated during installation. See Generate SAT S3 Credentials. Notes on the Procedure This procedure is not required if SAT was upgraded from 2.1 (Shasta v1.5) or later. It is required if SAT was upgraded from 2.0 (Shasta v1.4) or earlier.\nProcedure Set System Revision Information.\n(ncn-m001#) Run sat setrev and follow the prompts to set the following site-specific values:\nSerial number System name System type System description Product number Company name Site name Country code System install date Tip: For \u0026ldquo;System type\u0026rdquo;, a system with any liquid-cooled components should be considered a liquid-cooled system. In other words, \u0026ldquo;System type\u0026rdquo; is EX-1C.\nsat setrev Example output:\n-------------------------------------------------------------------------------- Setting: Serial number Purpose: System identification. This will affect how snapshots are identified in the HPE backend services. Description: This is the top-level serial number which uniquely identifies the system. It can be requested from an HPE representative. Valid values: Alpha-numeric string, 4 - 20 characters. Type: \u0026lt;class \u0026#39;str\u0026#39;\u0026gt; Default: None Current value: None -------------------------------------------------------------------------------- Please do one of the following to set the value of the above setting: - Input a new value - Press CTRL-C to exit ... Verify System Revision Information.\n(ncn-m001#) Run sat showrev and verify the output shown in the \u0026ldquo;System Revision Information table.\u0026rdquo;\nThe following example shows sample table output.\nsat showrev Example output:\n################################################################################ System Revision Information ################################################################################ +---------------------+---------------+ | component | data | +---------------------+---------------+ | Company name | HPE | | Country code | US | | Interconnect | Sling | | Product number | R4K98A | | Serial number | 12345 | | Site name | HPE | | Slurm version | slurm 20.02.5 | | System description | Test System | | System install date | 2021-01-29 | | System name | eniac | | System type | EX-1C | +---------------------+---------------+ ################################################################################ Product Revision Information ################################################################################ +--------------+-----------------+------------------------------+------------------------------+ | product_name | product_version | images | image_recipes | +--------------+-----------------+------------------------------+------------------------------+ | csm | 0.8.14 | cray-shasta-csm-sles15sp1... | cray-shasta-csm-sles15sp1... | | sat | 2.0.1 | - | - | | sdu | 1.0.8 | - | - | | slingshot | 0.8.0 | - | - | | sma | 1.4.12 | - | - | +--------------+-----------------+------------------------------+------------------------------+ ################################################################################ Local Host Operating System ################################################################################ +-----------+----------------------+ | component | version | +-----------+----------------------+ | Kernel | 5.3.18-24.15-default | | SLES | SLES 15-SP2 | +-----------+----------------------+ " +}, +{ + "uri": "/docs-sat/en-26/categories/", + "title": "Categories", + "tags": [], + "description": "", + "content": "" +}, +{ + "uri": "/docs-sat/en-26/tags/", + "title": "Tags", + "tags": [], + "description": "", + "content": "" +}] \ No newline at end of file diff --git a/en-26/index.xml b/en-26/index.xml new file mode 100644 index 0000000000..d4a70ba1c3 --- /dev/null +++ b/en-26/index.xml @@ -0,0 +1,173 @@ + + + + HPE Cray EX System Admin Toolkit (SAT) Guide on System Admin Toolkit (SAT) + /docs-sat/en-26/ + Recent content in HPE Cray EX System Admin Toolkit (SAT) Guide on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-26 + Wed, 11 Dec 2024 03:40:01 +0000 + + + SAT Installation + /docs-sat/en-26/install/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-26/install/ + SAT Installation Install and Upgrade Framework The Install and Upgrade Framework (IUF) provides commands which install, upgrade, and deploy products on systems managed by CSM. IUF capabilities are described in detail in the IUF section of the Cray System Management Documentation. The initial install and upgrade workflows described in the HPE Cray EX System Software Stack Installation and Upgrade Guide for CSM (S-8052) detail when and how to use IUF with a new release of SAT or any other HPE Cray EX product. + + + Change the BOS Version + /docs-sat/en-26/usage/change_bos_version/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/usage/change_bos_version/ + Change the BOS Version By default, SAT uses Boot Orchestration Service (BOS) version two (v2). Select the BOS version to use for individual commands with the --bos-version option. For more information on this option, refer to the man page for a specific command. Another way to change the BOS version is by configuring it under the api_version setting in the bos section of the SAT configuration file. If the system is using an existing SAT configuration file from an older version of SAT, the bos section might not exist. + + + Changes in SAT 2.2 + /docs-sat/en-26/release_notes/sat_2.2_release_notes/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-26/release_notes/sat_2.2_release_notes/ + Changes in SAT 2.2 SAT 2.2.16 was released on February 25th, 2022. This version of the SAT product included: Version 3.14.0 of the sat python package and CLI Version 1.6.4 of the sat-podman wrapper script Version 1.0.4 of the sat-cfs-install container image and Helm chart It also added the following new components: Version 1.4.3 of the sat-install-utility container image Version 2.0.2 of the cfs-config-util container image The following sections detail the changes in this release. + + + SAT Command Authentication + /docs-sat/en-26/about_sat/command_authentication/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-26/about_sat/command_authentication/ + SAT Command Authentication Some SAT subcommands make requests to the HPE Cray EX services through the API gateway and thus require authentication to the API gateway in order to function. Other SAT subcommands use the Kubernetes API. Some sat commands require S3 to be configured. In order to use the SAT S3 bucket, the System Administrator must generate the S3 access key and secret keys and write them to a local file. + + + Configure Multi-tenancy + /docs-sat/en-26/usage/multi-tenancy/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/usage/multi-tenancy/ + Configure Multi-tenancy SAT supports supplying tenant information to CSM services in order to allow tenant admins to use SAT within their tenant. By default, the tenant name is not set, and SAT will not send any tenant information with its requests to CSM services. Configure the tenant name either in the SAT configuration file or on the command line. Configure the Tenant Name in the SAT Configuration File Set the tenant name in the SAT configuration file using the api_gateway. + + + Changes in SAT 2.3 + /docs-sat/en-26/release_notes/sat_2.3_release_notes/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-26/release_notes/sat_2.3_release_notes/ + Changes in SAT 2.3 The 2.3.4 version of the SAT product includes: Version 3.15.4 of the sat python package and CLI Version 1.6.11 of the sat-podman wrapper script Version 1.2.0 of the sat-cfs-install container image Version 2.0.0 of the sat-cfs-install Helm chart Version 1.5.0 of the sat-install-utility container image Version 2.0.3 of the cfs-config-util container image New sat Commands None. Current Working Directory in SAT Container When running sat commands, the current working directory is now mounted in the container as /sat/share, and the current working directory within the container is also /sat/share. + + + SAT Dependencies + /docs-sat/en-26/about_sat/dependencies/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-26/about_sat/dependencies/ + SAT Dependencies Most sat subcommands depend on services or components from other products in the HPE Cray EX software stack. The following list shows these dependencies for each subcommand. Each service or component is listed under the product it belongs to. sat auth CSM Keycloak sat bmccreds CSM System Configuration Service (SCSD) sat bootprep CSM Boot Orchestration Service (BOS) Configuration Framework Service (CFS) Image Management Service (IMS) Version Control Service (VCS) Kubernetes S3 sat bootsys CSM Boot Orchestration Service (BOS) Cray Advanced Platform Monitoring and Control (CAPMC) Ceph Etcd Firmware Action Service (FAS) Hardware State Manager (HSM) Kubernetes S3 HPE Cray Supercomputing User Services Software (USS) Node Memory Dump (NMD) sat diag CSM Hardware State Manager (HSM) CSM-Diags Fox sat firmware CSM Firmware Action Service (FAS) sat hwhist CSM Hardware State Manager (HSM) sat hwinv CSM Hardware State Manager (HSM) sat hwmatch CSM Hardware State Manager (HSM) sat init None + + + Changes in SAT 2.4 + /docs-sat/en-26/release_notes/sat_2.4_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/release_notes/sat_2.4_release_notes/ + Changes in SAT 2.4 The 2.4.13 version of the SAT product includes: Version 3.19.3 of the sat python package and CLI. Version 2.0.0-1 of the sat-podman wrapper script. Version 1.5.5 of the sat-install-utility container image. Version 3.3.1 of the cfs-config-util container image. Because of installation refactoring efforts, the following two components are no longer delivered with SAT: sat-cfs-install container image sat-cfs-install Helm chart Inclusion of SAT in CSM A version of the cray-sat container image is now included in CSM. + + + SAT and IUF + /docs-sat/en-26/usage/sat_and_iuf/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/usage/sat_and_iuf/ + SAT and IUF The Install and Upgrade Framework (IUF) provides commands which install, upgrade, and deploy products on systems managed by CSM with the help of sat bootprep. Outside of IUF, it is uncommon to use sat bootprep. For more information on IUF, see the IUF section of the Cray System Management Documentation. For more information on sat bootprep, see SAT Bootprep. Variable Substitutions Both IUF and sat bootprep allow variable substitutions into the default HPC CSM Software Recipe bootprep input files. + + + Introduction to SAT + /docs-sat/en-26/about_sat/introduction/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-26/about_sat/introduction/ + Introduction to SAT About System Admin Toolkit (SAT) The System Admin Toolkit (SAT) is designed to assist administrators with common tasks, such as troubleshooting and querying information about the HPE Cray EX System and its components, system boot and shutdown, and replacing hardware components. SAT offers a command line utility which uses subcommands. There are similarities between SAT commands and xt commands used on the Cray XC platform. For more information on SAT commands, see SAT Command Overview. + + + Changes in SAT 2.5 + /docs-sat/en-26/release_notes/sat_2.5_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/release_notes/sat_2.5_release_notes/ + Changes in SAT 2.5 The 2.5.17 version of the SAT product includes: Version 3.21.4 of the sat python package and CLI. Version 2.0.0-1 of the sat-podman wrapper script. Version 1.6.0 of the sat-install-utility container image. Version 3.3.1 of the cfs-config-util container image. New sat Commands sat jobstat allows access to application and job data through the command line. It provides a table summarizing information for all jobs on the system. + + + SAT Bootprep + /docs-sat/en-26/usage/sat_bootprep/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/usage/sat_bootprep/ + SAT Bootprep SAT provides an automated solution for creating CFS configurations, building and configuring images in IMS, and creating BOS session templates. The solution is based on a given input file that defines how those configurations, images, and session templates should be created. This automated process centers around the sat bootprep command. Man page documentation for sat bootprep can be viewed similar to other SAT commands. (ncn-m001#) Here is an example: + + + SAT in CSM + /docs-sat/en-26/about_sat/sat_in_csm/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-26/about_sat/sat_in_csm/ + SAT in CSM In CSM 1.3 and newer, the sat command is automatically available on the Kubernetes control plane, but it is still possible to install SAT as a separate product stream. Any version of SAT installed as a separate product stream overrides the sat command available in CSM. Installing the SAT product stream allows additional supporting components to be added: An entry for SAT in the cray-product-catalog Kubernetes ConfigMap is only created by installing the SAT product stream. + + + Changes in SAT 2.6 + /docs-sat/en-26/release_notes/sat_2.6_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/release_notes/sat_2.6_release_notes/ + Changes in SAT 2.6 The 2.6.14 version of the SAT product includes: Version 3.25.10 of the sat python package and CLI. Version 2.0.0-1 of the sat-podman wrapper script. Version 1.6.2 of the sat-install-utility container image. New sat Commands No new sat commands were added in SAT 2.6. Changes to sat bootsys Functionality was added to the platform-services and cabinet-power stages of sat bootsys boot. This allows SAT to automatically recreate Kubernetes CronJobs that may have become stuck during shutdown, boot, or reboot. + + + View SAT Documentation + /docs-sat/en-26/about_sat/view_sat_docs/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-26/about_sat/view_sat_docs/ + View SAT Documentation View the System Admin Toolkit (SAT) documentation both online and offline by using the information in this section. Online Documentation The SAT documentation can be found online in HTML form at the following link: SAT Documentation. The navigation pane on the left of the HTML page orders topics alphabetically. Navigate an individual topic&rsquo;s headings by using the Headings icon at the top of the page, as shown in the following images. + + + SAT Changes in Shasta v1.3.2 + /docs-sat/en-26/release_notes/shasta_1.3.2_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/release_notes/shasta_1.3.2_release_notes/ + SAT Changes in Shasta v1.3.2 Shasta v1.3.2 included version 2.4.0 of the sat python package and CLI. The following sections detail the changes in this release. sat swap Command for Switch and Cable Replacement The sat switch command which supported operations for replacing a switch has been deprecated and replaced with the sat swap command, which now supports replacing a switch OR cable. The sat swap switch command is equivalent to sat switch. + + + SAT on an External System + /docs-sat/en-26/external_system/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-26/external_system/ + SAT on an External System SAT can optionally be installed and configured on an external system to interact with CSM over the CAN. Limitations Most SAT subcommands work by accessing APIs which are reachable via the CAN. However, certain SAT commands depend on host-based functionality on the management NCNs and will not work from an external system. This includes the following: The platform-services and ncn-power stages of sat bootsys The local host information displayed by the --local option of sat showrev Installing SAT on an external system is not an officially supported configuration. + + + SAT Changes in Shasta v1.3 + /docs-sat/en-26/release_notes/shasta_1.3_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/release_notes/shasta_1.3_release_notes/ + SAT Changes in Shasta v1.3 Shasta v1.3 included version 2.2.3 of the sat python package and CLI. This version of the sat CLI contained the following commands: auth bootsys cablecheck diag firmware hwinv hwmatch k8s linkhealth sensors setrev showrev status swap switch For more information on each of these commands, see the SAT Command Overview and the table of commands in the SAT Command Authentication section of this document. + + + SAT Changes in Shasta v1.4.1 + /docs-sat/en-26/release_notes/shasta_1.4.1_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/release_notes/shasta_1.4.1_release_notes/ + SAT Changes in Shasta v1.4.1 We released version 2.0.4 of the SAT product in Shasta v1.4.1. This version of the SAT product included: Version 3.5.0 of the sat python package and CLI. Version 1.4.3 of the sat-podman wrapper script. The following sections detail the changes in this release. New Commands to Translate Between NIDs and XNames Two new commands were added to translate between NIDs and XNames: sat nid2xname sat xname2nid These commands perform this translation by making requests to the Hardware State Manager (HSM) API. + + + SAT Changes in Shasta v1.4 + /docs-sat/en-26/release_notes/shasta_1.4_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/release_notes/shasta_1.4_release_notes/ + SAT Changes in Shasta v1.4 In Shasta v1.4, SAT became an independent product, which meant we began to designate a version number for the entire SAT product. We released version 2.0.3 of the SAT product in Shasta v1.4. This version of the SAT product included the following components: Version 3.4.0 of the sat python package and CLI It also added the following new component: Version 1.4.2 of the sat-podman wrapper script The following sections detail the changes in this release. + + + SAT Changes in Shasta v1.5 + /docs-sat/en-26/release_notes/shasta_1.5_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/release_notes/shasta_1.5_release_notes/ + SAT Changes in Shasta v1.5 We released version 2.1.16 of the SAT product in Shasta v1.5. This version of the SAT product included: Version 3.7.4 of the sat python package and CLI Version 1.4.10 of the sat-podman wrapper script It also added the following new component: Version 1.0.3 of the sat-cfs-install docker image and helm chart The following sections detail the changes in this release. Install Changes to Separate Product from CSM This release further decouples the installation of the SAT product from the CSM product. + + + SAT Uninstall and Downgrade + /docs-sat/en-26/uninstall_and_downgrade/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/uninstall_and_downgrade/ + SAT Uninstall and Downgrade Uninstall: Remove a Version of SAT This procedure can be used to uninstall a version of SAT. Prerequisites Only versions 2.2 or newer of SAT can be uninstalled with prodmgr. CSM version 1.2 or newer must be installed, so that the prodmgr command is available. Procedure (ncn-m001#) Use sat showrev to list versions of SAT. sat showrev --products --filter product_name=sat Example output: ############################################################################### Product Revision Information ############################################################################### +--------------+-----------------+-------------------+-----------------------+ | product_name | product_version | images | image_recipes | +--------------+-----------------+-------------------+-----------------------+ | sat | 2. + + + SAT Upgrade + /docs-sat/en-26/upgrade/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/upgrade/ + SAT Upgrade Install and Upgrade Framework The Install and Upgrade Framework (IUF) provides commands which install, upgrade, and deploy products on systems managed by CSM. IUF capabilities are described in detail in the IUF section of the Cray System Management Documentation. The initial install and upgrade workflows described in the HPE Cray EX System Software Stack Installation and Upgrade Guide for CSM (S-8052) detail when and how to use IUF with a new release of SAT or any other HPE Cray EX product. + + + diff --git a/en-26/install/index.html b/en-26/install/index.html new file mode 100644 index 0000000000..6ae1b23543 --- /dev/null +++ b/en-26/install/index.html @@ -0,0 +1,1617 @@ + + + + + + + + + + + + SAT Installation :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Installation

+

Install and Upgrade Framework

+

The Install and Upgrade Framework (IUF) provides commands which install, +upgrade, and deploy products on systems managed by CSM. IUF capabilities are +described in detail in the IUF +section of the +Cray System Management Documentation. +The initial install and upgrade workflows described in the +HPE Cray EX System Software Stack Installation and Upgrade Guide for CSM +(S-8052) detail when and how to use +IUF with a new release of SAT or any other HPE Cray EX product.

+

This document does not replicate install, upgrade, or deployment procedures +detailed in the Cray System Management +Documentation. This document provides +details regarding software and configuration content specific to SAT which is +needed when installing, upgrading, or deploying a SAT release. The Cray +System Management Documentation will +indicate when sections of this document should be referred to for detailed +information.

+

IUF will perform the following tasks for a release of SAT.

+
    +
  • IUF deliver-product stage: +
      +
    • Uploads SAT configuration content to VCS
      • +
    • Uploads SAT information to the CSM product catalog
      • +
    • Uploads SAT content to Nexus repositories
      • +
    +
    • +
  • IUF update-vcs-config stage: +
      +
    • Updates the VCS integration branch with new SAT configuration content if a +working branch is specified
      • +
    +
    • +
  • IUF update-cfs-config stage: +
      +
    • Creates a new CFS configuration for management nodes with new SAT configuration content
      • +
    +
    • +
  • IUF prepare-images stage: +
      +
    • Creates updated management NCN and managed node images with new SAT content
      • +
    +
    • +
  • IUF management-nodes-rollout stage: +
      +
    • Boots management NCNs with an image containing new SAT content
      • +
    +
    • +
+

IUF uses a variety of CSM and SAT tools when performing these tasks. The IUF +section of the +Cray System Management Documentation +describes how to use these tools directly if it is desirable to use them +instead of IUF.

+

IUF Stage Details for SAT

+

This section describes SAT details that an administrator must be aware of +before running IUF stages. Entries are prefixed with Information if no +administrative action is required or Action if an administrator needs +to perform tasks outside of IUF.

+

update-vcs-config

+

Information: This stage is only run if a VCS working branch is specified for +SAT. By default, SAT does not create or specify a VCS working branch.

+

update-cfs-config

+

Information: This stage only applies to the management configuration and +not to the managed configuration.

+

prepare-images

+

Information: This stage only applies to management images and not to +managed images.

+

Post-Installation Procedures

+

After installing SAT with IUF, complete the following SAT configuration +procedures before using SAT:

+ +

Notes on the Procedures

+
    +
  • Ellipses (...) in shell output indicate omitted lines.
    • +
  • In the examples below, replace x.y.z with the version of the SAT product stream +being installed.
    • +
  • ‘manager’ and ‘master’ are used interchangeably in the steps below.
    • +
+

Authenticate SAT Commands

+

To run SAT commands on the manager NCNs, first set up authentication +to the API gateway. For more information on authentication types and +authentication credentials, see SAT Command +Authentication.

+

The admin account used to authenticate with sat auth must be enabled in +Keycloak and must have its assigned role set to admin. For more information +on Keycloak accounts and changing Role Mappings, refer to both Configure Keycloak +Account and Create Internal User Accounts in the Keycloak Shasta Realm in +the Cray System Management Documentation.

+

Prerequisites

+ +

Procedure

+

The following is the procedure to globally configure the username used by SAT and +authenticate to the API gateway.

+
    +
  1. +

    (ncn-m001#) Generate a default SAT configuration file if one does not exist.

    +
    sat init
+

    Example output:

    +
    Configuration file "/root/.config/sat/sat.toml" generated.
+

    Note: If the configuration file already exists, it will print out the +following error.

    +
    ERROR: Configuration file "/root/.config/sat/sat.toml" already exists.
+Not generating configuration file.
+
    2. +
  2. +

    Edit ~/.config/sat/sat.toml and set the username option in the api_gateway +section of the configuration file.

    +
    username = "crayadmin"
+
    3. +
  3. +

    (ncn-m001#) Run sat auth. Enter the password when prompted.

    +
    sat auth
+

    Example output:

    +
    Password for crayadmin:
+Succeeded!
+
    4. +
  4. +

    (ncn-m001#) Other sat commands are now authenticated to make requests to the API gateway.

    +
    sat status
+
    5. +
+

Generate SAT S3 Credentials

+

Generate S3 credentials and write them to a local file so the SAT user can access +S3 storage. In order to use the SAT S3 bucket, the System Administrator must +generate the S3 access key and secret keys and write them to a local file. This +must be done on every Kubernetes control plane node where SAT commands are run.

+

SAT uses S3 storage for several purposes, most importantly to store the +site-specific information set with sat setrev (see Set System Revision +Information).

+

Prerequisites

+ +

Procedure

+
    +
  1. +

    (ncn-m001#) Ensure the files are readable only by root.

    +
    touch /root/.config/sat/s3_access_key \
+    /root/.config/sat/s3_secret_key
+
    chmod 600 /root/.config/sat/s3_access_key \
+    /root/.config/sat/s3_secret_key
+
    2. +
  2. +

    (ncn-m001#) Write the credentials to local files using kubectl.

    +
    kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.access_key}' | base64 -d > \
+    /root/.config/sat/s3_access_key
+
    kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.secret_key}' | base64 -d > \
+    /root/.config/sat/s3_secret_key
+
    3. +
  3. +

    Verify the S3 endpoint specified in the SAT configuration file is correct.

    +
      +
    1. +

      (ncn-m001#) Get the SAT configuration file’s endpoint value.

      +

      Note: If the command’s output is commented out, indicated by an initial # +character, the SAT configuration will take the default value – "https://rgw-vip.nmn".

      +
      grep endpoint ~/.config/sat/sat.toml
+

      Example output:

      +
      # endpoint = "https://rgw-vip.nmn"
+
      2. +
    2. +

      (ncn-m001#) Get the sat-s3-credentials secret’s endpoint value.

      +
      kubectl get secret sat-s3-credentials -o json -o \
+    jsonpath='{.data.s3_endpoint}' | base64 -d | xargs
+

      Example output:

      +
      https://rgw-vip.nmn
+
      3. +
    3. +

      Compare the two endpoint values.

      +

      If the values differ, change the SAT configuration file’s endpoint value to +match the secret’s.

      +
      4. +
    +
    4. +
  4. +

    (ncn-m001#) Copy SAT configurations to each manager node on the system.

    +
    for i in ncn-m002 ncn-m003; do echo $i; ssh ${i} \
+    mkdir -p /root/.config/sat; \
+    scp -pr /root/.config/sat ${i}:/root/.config; done
+

    Note: Depending on how many manager nodes are on the system, the list of +manager nodes may be different. This example assumes three manager nodes, where +the configuration files must be copied from ncn-m001 to ncn-m002 and +ncn-m003. Therefore, the list of hosts above is ncn-m002 and ncn-m003.

    +
    5. +
+

(Optional) Configure Multi-tenancy

+

If installing SAT on a multi-tenant system, the tenant name can be configured +at this point. For more information, see Configure multi-tenancy.

+

Set System Revision Information

+

HPE service representatives use system revision information data to identify +systems in support cases.

+

Prerequisites

+ +

Procedure

+
    +
  1. +

    (ncn-m001#) Set System Revision Information.

    +

    Run sat setrev and follow the prompts to set the following site-specific values:

    +
      +
    • Serial number
      • +
    • System name
      • +
    • System type
      • +
    • System description
      • +
    • Product number
      • +
    • Company name
      • +
    • Site name
      • +
    • Country code
      • +
    • System install date
      • +
    +

    Tip: For “System type”, a system with any liquid-cooled components should be +considered a liquid-cooled system. In other words, “System type” is EX-1C.

    +
    sat setrev
+

    Example output:

    +
    --------------------------------------------------------------------------------
+Setting:        Serial number
+Purpose:        System identification. This will affect how snapshots are
+                identified in the HPE backend services.
+Description:    This is the top-level serial number which uniquely identifies
+                the system. It can be requested from an HPE representative.
+Valid values:   Alpha-numeric string, 4 - 20 characters.
+Type:           <class 'str'>
+Default:        None
+Current value:  None
+--------------------------------------------------------------------------------
+Please do one of the following to set the value of the above setting:
+    - Input a new value
+    - Press CTRL-C to exit
+...
+
    2. +
  2. +

    Verify System Revision Information.

    +

    (ncn-m001#) Run sat showrev and verify the output shown in the “System Revision Information table.”

    +
    sat showrev
+

    Example table output:

    +
    ################################################################################
+System Revision Information
+################################################################################
++---------------------+---------------+
+| component           | data          |
++---------------------+---------------+
+| Company name        | HPE           |
+| Country code        | US            |
+| Interconnect        | Sling         |
+| Product number      | R4K98A        |
+| Serial number       | 12345         |
+| Site name           | HPE           |
+| Slurm version       | slurm 20.02.5 |
+| System description  | Test System   |
+| System install date | 2021-01-29    |
+| System name         | eniac         |
+| System type         | EX-1C         |
++---------------------+---------------+
+################################################################################
+Product Revision Information
+################################################################################
++--------------+-----------------+------------------------------+------------------------------+
+| product_name | product_version | images                       | image_recipes                |
++--------------+-----------------+------------------------------+------------------------------+
+| csm          | 0.8.14          | cray-shasta-csm-sles15sp1... | cray-shasta-csm-sles15sp1... |
+| sat          | 2.0.1           | -                            | -                            |
+| sdu          | 1.0.8           | -                            | -                            |
+| slingshot    | 0.8.0           | -                            | -                            |
+| sma          | 1.4.12          | -                            | -                            |
++--------------+-----------------+------------------------------+------------------------------+
+################################################################################
+Local Host Operating System
+################################################################################
++-----------+----------------------+
+| component | version              |
++-----------+----------------------+
+| Kernel    | 5.3.18-24.15-default |
+| SLES      | SLES 15-SP2          |
++-----------+----------------------+
+
    3. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/release_notes/index.html b/en-26/release_notes/index.html new file mode 100644 index 0000000000..ca5c34524e --- /dev/null +++ b/en-26/release_notes/index.html @@ -0,0 +1,1330 @@ + + + + + + + + + + + + SAT Release Notes :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + + +

SAT Release Notes

+

Changes in SAT Version 2.x

+ +

SAT Changes in Shasta Version 1.x

+ + + + + + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-26/release_notes/index.xml b/en-26/release_notes/index.xml new file mode 100644 index 0000000000..ec48c0ba18 --- /dev/null +++ b/en-26/release_notes/index.xml @@ -0,0 +1,82 @@ + + + + SAT Release Notes on System Admin Toolkit (SAT) + /docs-sat/en-26/release_notes/ + Recent content in SAT Release Notes on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-26 + Wed, 11 Dec 2024 03:40:01 +0000 + + + Changes in SAT 2.2 + /docs-sat/en-26/release_notes/sat_2.2_release_notes/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-26/release_notes/sat_2.2_release_notes/ + Changes in SAT 2.2 SAT 2.2.16 was released on February 25th, 2022. This version of the SAT product included: Version 3.14.0 of the sat python package and CLI Version 1.6.4 of the sat-podman wrapper script Version 1.0.4 of the sat-cfs-install container image and Helm chart It also added the following new components: Version 1.4.3 of the sat-install-utility container image Version 2.0.2 of the cfs-config-util container image The following sections detail the changes in this release. + + + Changes in SAT 2.3 + /docs-sat/en-26/release_notes/sat_2.3_release_notes/ + Wed, 11 Dec 2024 03:40:00 +0000 + /docs-sat/en-26/release_notes/sat_2.3_release_notes/ + Changes in SAT 2.3 The 2.3.4 version of the SAT product includes: Version 3.15.4 of the sat python package and CLI Version 1.6.11 of the sat-podman wrapper script Version 1.2.0 of the sat-cfs-install container image Version 2.0.0 of the sat-cfs-install Helm chart Version 1.5.0 of the sat-install-utility container image Version 2.0.3 of the cfs-config-util container image New sat Commands None. Current Working Directory in SAT Container When running sat commands, the current working directory is now mounted in the container as /sat/share, and the current working directory within the container is also /sat/share. + + + Changes in SAT 2.4 + /docs-sat/en-26/release_notes/sat_2.4_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/release_notes/sat_2.4_release_notes/ + Changes in SAT 2.4 The 2.4.13 version of the SAT product includes: Version 3.19.3 of the sat python package and CLI. Version 2.0.0-1 of the sat-podman wrapper script. Version 1.5.5 of the sat-install-utility container image. Version 3.3.1 of the cfs-config-util container image. Because of installation refactoring efforts, the following two components are no longer delivered with SAT: sat-cfs-install container image sat-cfs-install Helm chart Inclusion of SAT in CSM A version of the cray-sat container image is now included in CSM. + + + Changes in SAT 2.5 + /docs-sat/en-26/release_notes/sat_2.5_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/release_notes/sat_2.5_release_notes/ + Changes in SAT 2.5 The 2.5.17 version of the SAT product includes: Version 3.21.4 of the sat python package and CLI. Version 2.0.0-1 of the sat-podman wrapper script. Version 1.6.0 of the sat-install-utility container image. Version 3.3.1 of the cfs-config-util container image. New sat Commands sat jobstat allows access to application and job data through the command line. It provides a table summarizing information for all jobs on the system. + + + Changes in SAT 2.6 + /docs-sat/en-26/release_notes/sat_2.6_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/release_notes/sat_2.6_release_notes/ + Changes in SAT 2.6 The 2.6.14 version of the SAT product includes: Version 3.25.10 of the sat python package and CLI. Version 2.0.0-1 of the sat-podman wrapper script. Version 1.6.2 of the sat-install-utility container image. New sat Commands No new sat commands were added in SAT 2.6. Changes to sat bootsys Functionality was added to the platform-services and cabinet-power stages of sat bootsys boot. This allows SAT to automatically recreate Kubernetes CronJobs that may have become stuck during shutdown, boot, or reboot. + + + SAT Changes in Shasta v1.3.2 + /docs-sat/en-26/release_notes/shasta_1.3.2_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/release_notes/shasta_1.3.2_release_notes/ + SAT Changes in Shasta v1.3.2 Shasta v1.3.2 included version 2.4.0 of the sat python package and CLI. The following sections detail the changes in this release. sat swap Command for Switch and Cable Replacement The sat switch command which supported operations for replacing a switch has been deprecated and replaced with the sat swap command, which now supports replacing a switch OR cable. The sat swap switch command is equivalent to sat switch. + + + SAT Changes in Shasta v1.3 + /docs-sat/en-26/release_notes/shasta_1.3_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/release_notes/shasta_1.3_release_notes/ + SAT Changes in Shasta v1.3 Shasta v1.3 included version 2.2.3 of the sat python package and CLI. This version of the sat CLI contained the following commands: auth bootsys cablecheck diag firmware hwinv hwmatch k8s linkhealth sensors setrev showrev status swap switch For more information on each of these commands, see the SAT Command Overview and the table of commands in the SAT Command Authentication section of this document. + + + SAT Changes in Shasta v1.4.1 + /docs-sat/en-26/release_notes/shasta_1.4.1_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/release_notes/shasta_1.4.1_release_notes/ + SAT Changes in Shasta v1.4.1 We released version 2.0.4 of the SAT product in Shasta v1.4.1. This version of the SAT product included: Version 3.5.0 of the sat python package and CLI. Version 1.4.3 of the sat-podman wrapper script. The following sections detail the changes in this release. New Commands to Translate Between NIDs and XNames Two new commands were added to translate between NIDs and XNames: sat nid2xname sat xname2nid These commands perform this translation by making requests to the Hardware State Manager (HSM) API. + + + SAT Changes in Shasta v1.4 + /docs-sat/en-26/release_notes/shasta_1.4_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/release_notes/shasta_1.4_release_notes/ + SAT Changes in Shasta v1.4 In Shasta v1.4, SAT became an independent product, which meant we began to designate a version number for the entire SAT product. We released version 2.0.3 of the SAT product in Shasta v1.4. This version of the SAT product included the following components: Version 3.4.0 of the sat python package and CLI It also added the following new component: Version 1.4.2 of the sat-podman wrapper script The following sections detail the changes in this release. + + + SAT Changes in Shasta v1.5 + /docs-sat/en-26/release_notes/shasta_1.5_release_notes/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/release_notes/shasta_1.5_release_notes/ + SAT Changes in Shasta v1.5 We released version 2.1.16 of the SAT product in Shasta v1.5. This version of the SAT product included: Version 3.7.4 of the sat python package and CLI Version 1.4.10 of the sat-podman wrapper script It also added the following new component: Version 1.0.3 of the sat-cfs-install docker image and helm chart The following sections detail the changes in this release. Install Changes to Separate Product from CSM This release further decouples the installation of the SAT product from the CSM product. + + + diff --git a/en-26/release_notes/sat_2.2_release_notes/index.html b/en-26/release_notes/sat_2.2_release_notes/index.html new file mode 100644 index 0000000000..0e994e8486 --- /dev/null +++ b/en-26/release_notes/sat_2.2_release_notes/index.html @@ -0,0 +1,1434 @@ + + + + + + + + + + + + Changes in SAT 2.2 :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+ +
+ +
+ +
+ +
+ +

+ +

+ + + + + +

Changes in SAT 2.2

+

SAT 2.2.16 was released on February 25th, 2022.

+

This version of the SAT product included:

+
    +
  • Version 3.14.0 of the sat python package and CLI
    • +
  • Version 1.6.4 of the sat-podman wrapper script
    • +
  • Version 1.0.4 of the sat-cfs-install container image and Helm chart
    • +
+

It also added the following new components:

+
    +
  • Version 1.4.3 of the sat-install-utility container image
    • +
  • Version 2.0.2 of the cfs-config-util container image
    • +
+

The following sections detail the changes in this release.

+

Known Issues in SAT 2.2

+

sat Command Unavailable in sat bash Shell

+

After launching a shell within the SAT container with sat bash, the sat +command will not be found.

+

((CONTAINER_ID) sat-container#) Here is an example output after running sat status:

+
bash: sat: command not found
+

((CONTAINER_ID) sat-container#) This can be resolved temporarily in one of two ways. /sat/venv/bin/ may be +prepended to the $PATH environment variable:

+
export PATH=/sat/venv/bin:$PATH
+sat status
+

((CONTAINER_ID) sat-container#) Another option is to source the file /sat/venv/bin/activate:

+
source /sat/venv/bin/activate
+sat status
+

Tab Completion Unavailable in sat bash Shell

+

After launching a shell within the SAT container with sat bash, tab completion +for sat commands does not work.

+

((CONTAINER_ID) sat-container#) This can be resolved temporarily by sourcing the file +/etc/bash_completion.d/sat-completion.bash:

+
source /etc/bash_completion.d/sat-completion.bash
+

OCI Runtime Permission Error when Running sat in Root Directory

+

sat commands will not work if the current directory is /.

+

(ncn-m001#) Here is an example output after running sat --help:

+
Error: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: open /dev/console: operation not permitted: OCI runtime permission denied error
+

To resolve, run sat in another directory.

+

Duplicate Mount Error when Running sat in Configuration Directory

+

sat commands will not work if the current directory is ~/.config/sat.

+

(ncn-m001#) Here is an example output after running sat --help:

+
Error: /root/.config/sat: duplicate mount destination
+

To resolve, run sat in another directory.

+

New sat Commands

+
    +
  • sat bootprep automates the creation of CFS configurations, the build and +customization of IMS images, and the creation of BOS session templates. For +more information, see SAT Bootprep.
    • +
  • sat slscheck performs a check for consistency between the System Layout +Service (SLS) and the Hardware State Manager (HSM).
    • +
  • sat bmccreds provides a simple interface for interacting with the System +Configuration Service (SCSD) to set BMC Redfish credentials.
    • +
  • sat hwhist displays hardware component history by XName (location) or by +its Field-Replaceable Unit ID (FRUID). This command queries the Hardware +State Manager (HSM) API to obtain this information. Since the sat hwhist +command supports querying for the history of a component by its FRUID, the +FRUID of components has been added to the output of sat hwinv.
    • +
+

Additional Install Automation

+

The following automation has been added to the install script, install.sh:

+
    +
  • Wait for the completion of the sat-config-import Kubernetes job, which is +started when the sat-cfs-install Helm chart is deployed.
    • +
  • Automate the modification of the CFS configuration, which applies to master +management NCNs (for example, ncn-personalization).
    • +
+

Changes to Product Catalog Data Schema

+

The SAT product uploads additional information to the cray-product-catalog +Kubernetes ConfigMap detailing the components it provides, including container +(Docker) images, Helm charts, RPMs, and package repositories.

+

This information is used to support uninstall and downgrade of SAT product +versions moving forward.

+

Support for Uninstall and Downgrade of SAT Versions

+

Beginning with the 2.2 release, SAT now provides partial support for the +uninstall and downgrade of the SAT product stream.

+

For more information, see +Uninstall: Remove a Version of SAT and +Downgrade: Switch Between SAT Versions.

+

Improvements to sat status

+

A Subrole column has been added to the output of sat status. This allows +easy differentiation between master, worker, and storage nodes in the +management role, for example.

+

Hostname information from SLS has been added to sat status output.

+

Added Support for JSON Output

+

Support for JSON-formatted output has been added to commands which currently +support the --format option, such as hwinv, status, and showrev.

+

Usability Improvements

+

Many usability improvements have been made to multiple sat commands, +mostly related to filtering command output. The following are some highlights:

+
    +
  • Added --fields option to display only specific fields for subcommands which +display tabular reports.
    • +
  • Added ability to filter on exact matches of a field name.
    • +
  • Improved handling of multiple matches of a field name in --filter queries +so that the first match is used, similar to --sort-by.
    • +
  • Added support for --filter, --fields, and --reverse for summaries +displayed by sat hwinv.
    • +
  • Added borders to summary tables generated by sat hwinv.
    • +
  • Improved documentation in the man pages.
    • +
+

Default Log Level Changed

+

The default log level for stderr has been changed from “WARNING” to “INFO”. For +more information, see Update SAT Logging.

+

More Granular Log Level Configuration Options

+

With the command-line options --loglevel-stderr and --loglevel-file, the log +level can now be configured separately for stderr and the log file.

+

The existing --loglevel option is now an alias for the --loglevel-stderr +option.

+

Podman Wrapper Script Improvements

+

The Podman wrapper script is the script installed at /usr/bin/sat on the +master management NCNs by the cray-sat-podman RPM that runs the cray-sat +container in podman. The following subsections detail improvements that were +made to the wrapper script in this release.

+

Mounting of $HOME and Current Directories in cray-sat Container

+

The Podman wrapper script that launches the cray-sat container with podman +has been modified to mount the user’s current directory and home directory into +the cray-sat container to provide access to local files in the container.

+

Podman Wrapper Script Documentation Improvements

+

The man page for the Podman wrapper script, which is accessed by typing man sat on a master management NCN, has been improved to document the following:

+
    +
  • Environment variables that affect execution of the wrapper script
    • +
  • Host files and directories mounted in the container
    • +
+

Fixes to Podman Wrapper Script Output Redirection

+

Fixed issues with redirecting stdout and stderr, and piping output to +commands, such as awk, less, and more.

+

Configurable HTTP Timeout

+

A new sat option has been added to configure the HTTP timeout length for +requests to the API gateway. For more information, refer to sat-man sat.

+

sat bootsys Improvements

+

Many improvements and fixes have been made to sat bootsys. The following are +some highlights:

+
    +
  • Added the --excluded-ncns option, which can be used to omit NCNs +from the platform-services and ncn-power stages in case they are +inaccessible.
    • +
  • Disruptive shutdown stages in sat bootsys shutdown now prompt the user to +continue before proceeding. A new option, --disruptive, will bypass this.
    • +
  • Improvements to Ceph service health checks and restart during the +platform-services stage of sat bootsys boot.
    • +
+

sat xname2nid Improvements

+

sat xname2nid can now recursively expand slot, chassis, and cabinet XNames to +a list of NIDs in those locations.

+

A new --format option has been added to sat xname2nid. It sets the output +format to either “range” (the default) or “NID”. The “range” format displays NIDs +in a compressed range format suitable for use with a workload manager like Slurm.

+

Usage of v2 HSM API

+

The commands which interact with HSM (for example, sat status and sat hwinv) +now use the v2 HSM API.

+

sat diag Limited to HSN Switches

+

sat diag will now only operate against HSN switches by default. These are the +only controllers that support running diagnostics with HMJTD.

+

sat showrev Enhancements

+

A column has been added to the output of sat showrev that indicates whether a +product version is “active”. The definition of “active” varies across products, +and not all products may set an “active” version.

+

For SAT, the active version is the one with its hosted-type package repository +in Nexus set as the member of the group-type package repository in Nexus, +meaning that it will be used when installing the cray-sat-podman RPM.

+

cray-sat Container Image Size Reduction

+

The size of the cray-sat container image has been approximately cut in half by +leveraging multi-stage builds. This also improved the repeatability of the unit +tests by running them in the container.

+

Bug Fixes

+

Minor bug fixes were made in cray-sat and in cray-sat-podman. For full +change lists, refer to each repository’s CHANGELOG.md file.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/release_notes/sat_2.3_release_notes/index.html b/en-26/release_notes/sat_2.3_release_notes/index.html new file mode 100644 index 0000000000..41bcd89a20 --- /dev/null +++ b/en-26/release_notes/sat_2.3_release_notes/index.html @@ -0,0 +1,1313 @@ + + + + + + + + + + + + Changes in SAT 2.3 :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

Changes in SAT 2.3

+

The 2.3.4 version of the SAT product includes:

+
    +
  • Version 3.15.4 of the sat python package and CLI
    • +
  • Version 1.6.11 of the sat-podman wrapper script
    • +
  • Version 1.2.0 of the sat-cfs-install container image
    • +
  • Version 2.0.0 of the sat-cfs-install Helm chart
    • +
  • Version 1.5.0 of the sat-install-utility container image
    • +
  • Version 2.0.3 of the cfs-config-util container image
    • +
+

New sat Commands

+

None.

+

Current Working Directory in SAT Container

+

When running sat commands, the current working directory is now mounted in the +container as /sat/share, and the current working directory within the container +is also /sat/share.

+

Files in the current working directory must be specified using relative paths to +that directory, because the current working directory is always mounted on +/sat/share. Absolute paths should be avoided, and paths that are outside of +$HOME or $PWD are never accessible to the container environment.

+

The home directory is still mounted on the same path inside the container as it +is on the host.

+

Changes to sat bootsys

+

The following options were added to sat bootsys.

+
    +
  • --bos-limit
    • +
  • --recursive
    • +
+

The --bos-limit option passes a given limit string to a BOS session. The +--recursive option specifies a slot or other higher-level component in the +limit string.

+

Changes to sat bootprep

+

The --delete-ims-jobs option was added to sat bootprep run. It deletes IMS +jobs after sat bootprep is run. Jobs are no longer deleted by default.

+

Changes to sat status

+

sat status now includes information about nodes’ CFS configuration statuses, +such as desired configuration, configuration status, and error count.

+

The output of sat status now splits different component types into different +report tables.

+

The following options were added to sat status.

+
    +
  • --hsm-fields, --sls-fields, --cfs-fields
    • +
  • --bos-template
    • +
+

The --hsm-fields, --sls-fields, --cfs-fields options limit the output +columns according to specified CSM services.

+

The --bos-template option filters the status report according to the specified +session template’s boot sets.

+

Compatibility with CSM 1.2

+

The following components were modified to be compatible with CSM 1.2.

+
    +
  • sat-cfs-install container image and Helm chart
    • +
  • sat-install-utility container image
    • +
  • SAT product installer
    • +
+

GPG Checking

+

The sat-ncn Ansible role provided by sat-cfs-install was modified to enable +GPG checks on packages while leaving GPG checks disabled on repository metadata.

+

Security

+

Updated urllib3 dependency to version 1.26.5 to mitigate CVE-2021-33503 and +refreshed Python dependency versions.

+

Bug Fixes

+

Minor bug fixes were made in each of the repositories. For full change lists, +refer to each repository’s CHANGELOG.md file.

+

The known issues listed under the SAT 2.2 release +were fixed.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/release_notes/sat_2.4_release_notes/index.html b/en-26/release_notes/sat_2.4_release_notes/index.html new file mode 100644 index 0000000000..40fe6c3014 --- /dev/null +++ b/en-26/release_notes/sat_2.4_release_notes/index.html @@ -0,0 +1,1404 @@ + + + + + + + + + + + + Changes in SAT 2.4 :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

Changes in SAT 2.4

+

The 2.4.13 version of the SAT product includes:

+
    +
  • Version 3.19.3 of the sat python package and CLI.
    • +
  • Version 2.0.0-1 of the sat-podman wrapper script.
    • +
  • Version 1.5.5 of the sat-install-utility container image.
    • +
  • Version 3.3.1 of the cfs-config-util container image.
    • +
+

Because of installation refactoring efforts, the following two components +are no longer delivered with SAT:

+
    +
  • sat-cfs-install container image
    • +
  • sat-cfs-install Helm chart
    • +
+

Inclusion of SAT in CSM

+

A version of the cray-sat container image is now included in CSM. For more +information, see SAT in CSM.

+

SAT Installation Improvements

+

The SAT install.sh script no longer uses a sat-cfs-install Helm chart and +container image to upload its Ansible content to the sat-config-management +repository in VCS. Instead, it uses Podman to run the cf-gitea-import container +directly. Some of the benefits of this change include the following:

+ +

Decoupling of cray-sat Container Image and cray-sat-podman Package

+

In older SAT releases, the sat wrapper script that was provided by the +cray-sat-podman package installed on Kubernetes control plane nodes included a +hard-coded version of the cray-sat container image. As a result, every new +version of the cray-sat image required a corresponding new version of the +cray-sat-podman package.

+

In this release, this tight coupling of the cray-sat-podman package and the +cray-sat container image was removed. The sat wrapper script provided +by the cray-sat-podman package now looks for the version of the cray-sat +container image in the /opt/cray/etc/sat/version file. This file is populated +with the correct version of the cray-sat container image by the SAT layer of +the CFS configuration that is applied to management NCNs. If the version file +does not exist, the wrapper script defaults to the version of the cray-sat +container image delivered with the latest version of CSM installed on the system.

+

Improved NCN Personalization Automation

+

The steps for performing NCN personalization as part of the SAT installation +were moved out of the install.sh script and into a new +update-mgmt-ncn-cfs-config.sh script that is provided in the SAT release +distribution. The new script provides additional flexibility in how it modifies +the NCN personalization CFS configuration for SAT. It can modify an existing CFS +configuration by name, a CFS configuration being built in a JSON file, or an +existing CFS configuration that applies to certain components.

+

New sat bootprep Features

+

The following new features were added to the sat bootprep command:

+ +

The schema of the sat bootprep input files was also changed to support these +new features:

+
    +
  • The base recipe or image used by an image in the input file should now be +specified under a base key instead of under an ims key. The old ims +key is deprecated.
    • +
  • To specify an image that depends on another image in the input file, the +dependent image should specify the dependency under base.image_ref. +Going forward, do not use the IMS name of the image on which it depends.
    • +
  • The image used by a session template should now be specified under +image.ims.name, image.ims.id, or image.image_ref. Specifying a string +value directly under the image key is deprecated.
    • +
+

For more information on defining IMS images and BOS session templates in the +sat bootprep input file, see Define IMS Images +and Define BOS Session Templates.

+

Added Blade Swap Support to sat swap

+

The sat swap command was updated to support swapping compute and UAN blades +with sat swap blade. This functionality is described in the following processes +of the Cray System Management Documentation:

+
    +
  • Adding a Liquid-cooled blade to a System Using SAT
    • +
  • Removing a Liquid-cooled blade from a System Using SAT
    • +
  • Replace a Compute Blade Using SAT
    • +
  • Swap a Compute Blade with a Different System Using SAT
    • +
+

Support for BOS v2

+

A new v2 version of the Boot Orchestration Service (BOS) is available in CSM +1.3.0. SAT has added support for BOS v2. This impacts the following commands +that interact with BOS:

+
    +
  • sat bootprep
    • +
  • sat bootsys
    • +
  • sat status
    • +
+

By default, SAT uses BOS v1. To change the default to a different BOS version, +see Change the BOS Version.

+

Added BOS Fields to sat status

+

When using BOS v2, sat status outputs additional fields. These fields show +the most recent BOS session, session template, booted image, and boot status for +each node. An additional --bos-fields option was added to limit the output of +sat status to these fields. The fields are not displayed when using BOS v1.

+

Open Source Repositories

+

This is the first release of SAT built from open source code repositories. +As a result, build infrastructure was changed to use an external Jenkins instance, +and artifacts are now published to an external Artifactory instance. These +changes should not impact the functionality of the SAT product in any way.

+

Security

+

CVE Mitigation

+
    +
  • The paramiko Python package version was updated from 2.9.2 to 2.10.1 to +mitigate CVE-2022-24302.
    • +
  • The oauthlib Python package version was updated from 3.2.0 to 3.2.1 to +mitigate CVE-2022-36087.
    • +
+

Restricted Permissions on SAT Configuration Files and Directories

+

SAT stores information used to authenticate to the API gateway with Keycloak. +Token files are stored in the ~/.config/sat/tokens/ directory. Those files +have always had permissions appropriately set to restrict them to be readable +only by the user.

+

Keycloak usernames used to authenticate to the API gateway are stored in the +SAT configuration file at /.config/sat/sat.toml. Keycloak usernames are also +used in the file names of tokens stored in /.config/sat/tokens. As an +additional security measure, SAT now restricts the permissions of the SAT +configuration file to be readable and writable only by the user. It also +restricts the tokens directory and the entire SAT configuration directory +~/.config/sat to be accessible only by the user. This prevents other users on +the system from viewing Keycloak usernames used to authenticate to the API +gateway.

+

Bug Fixes

+
    +
  • Fixed an issue where sat init did not print a message confirming a new +configuration file was created.
    • +
  • Fixed an issue where sat showrev exited with a traceback if the file +/opt/cray/etc/site_info.yaml existed but was empty. This could occur if the +user exited sat setrev with Ctrl-C.
    • +
  • Fixed outdated information in the sat bootsys man page, and added a +description of the command stages.
    • +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/release_notes/sat_2.5_release_notes/index.html b/en-26/release_notes/sat_2.5_release_notes/index.html new file mode 100644 index 0000000000..8147d8cd77 --- /dev/null +++ b/en-26/release_notes/sat_2.5_release_notes/index.html @@ -0,0 +1,1368 @@ + + + + + + + + + + + + Changes in SAT 2.5 :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

Changes in SAT 2.5

+

The 2.5.17 version of the SAT product includes:

+
    +
  • Version 3.21.4 of the sat python package and CLI.
    • +
  • Version 2.0.0-1 of the sat-podman wrapper script.
    • +
  • Version 1.6.0 of the sat-install-utility container image.
    • +
  • Version 3.3.1 of the cfs-config-util container image.
    • +
+

New sat Commands

+

sat jobstat allows access to application and job data through the command +line. It provides a table summarizing information for all jobs on the system.

+

Changes to sat bootprep

+
    +
  • +

    A list-vars subcommand was added to sat bootprep.

    +

    It lists the variables available for use in bootprep input files at runtime.

    +
    • +
  • +

    A --limit option was added to sat bootprep run.

    +

    It restricts the creation of CFS configurations, IMS images, and BOS session +templates into separate stages. For more information, see +Limit SAT Bootprep Run into Stages.

    +
    • +
  • +

    sat bootprep now prompts individually for each CFS configuration that +already exists.

    +
    • +
  • +

    sat bootprep can now filter images provided by a product by using a prefix.

    +

    This is useful when specifying the base of an image in a bootprep input +file. For more information, see +Define IMS Images.

    +
    • +
  • +

    To support product names with hyphens, sat bootprep now converts hyphens to +underscores within variables.

    +

    For more information, see +Hyphens in HPC CSM Software Recipe Variables.

    +
    • +
  • +

    In sat bootprep input files, the value of the playbook property of CFS +configuration layers can now be rendered with Jinja2 templates.

    +

    For more information, see +Values Supporting Jinja2 Template Rendering.

    +
    • +
  • +

    Output was added to sat bootprep run that summarizes the CFS configurations, +IMS images, and BOS session templates created.

    +

    For more information, see +Summary of SAT Bootprep Results.

    +
    • +
  • +

    Improvements were made to the sat bootprep output when CFS configuration +and BOS session templates are created.

    +
    • +
+

Changes to sat bootsys

+
    +
  • A reboot subcommand was added to sat bootsys. It uses BOS to reboot +nodes in the bos-operations stage.
    • +
  • The --staged-session option was added to sat bootsys. It can be used to +create staged BOS sessions. For more information, refer to Staging Changes +with BOS in the Cray System Management Documentation.
    • +
+

Changes to Other sat Commands

+
    +
  • When switching SAT versions with prodmgr, a version is no longer set as +“active” in the product catalog. The “active” field was also removed from the +output of sat showrev.
    • +
  • Improvements were made to the performance of sat status when using BOS +version two.
    • +
+

New Install and Upgrade Framework

+

The new Install and Upgrade Framework (IUF) provides commands which install, +upgrade, and deploy products with the help of sat bootprep on HPE Cray EX +systems managed by Cray System Management (CSM). IUF capabilities are described +in detail in the IUF section +of the Cray System Management Documentation. +The initial install and upgrade workflows described in the +HPE Cray EX System Software Stack Installation and Upgrade Guide for CSM +(S-8052) detail when and how to use +IUF with a new release of SAT or any other HPE Cray EX product.

+

Because IUF now handles NCN personalization, information about this process was +removed from the SAT documentation. Other sections in the documentation were +also revised to support the new Install and Upgrade Framework. For example, the +SAT Installation and SAT Upgrade sections of this +guide now provide details on software and configuration content specific to SAT. +The Cray System Management Documentation +will indicate when these sections should be referred to for detailed information.

+

For more information on the relationship between sat bootprep and IUF, see +SAT and IUF.

+

New Default BOS Version

+

By default, SAT now uses version two of the Boot Orchestration Service (BOS). +This change to BOS v2 impacts the following commands that interact with BOS:

+
    +
  • sat bootprep
    • +
  • sat bootsys
    • +
  • sat status
    • +
+

To change the default to a different BOS version, see +Change the BOS Version.

+

Security

+
    +
  • Updated the version of certifi in the sat python package and CLI from +2021.10.8 to 2022.12.7 to resolve CVE-2022-23491.
    • +
  • Updated the version of certifi in the sat-install-utility container image +from 2021.5.30 to 2022.12.7 to resolve CVE-2022-23491.
    • +
  • Updated the version of oauthlib from 3.2.1 to 3.2.2 to resolve CVE-2022-36087.
    • +
  • Updated the version of cryptography from 36.0.1 to 39.0.1 to resolve +CVE-2023-23931.
    • +
+

Bug Fixes

+
    +
  • Fixed a bug that prevented sat init from creating a configuration file in +the current directory when not prefixed with ./.
    • +
  • Fixed a bug in which sat status failed with a traceback when using BOS +version two and reported components whose most recent image did not exist.
    • +
  • Fixed a build issue where the sat container could contain a different +version of kubectl than the version found in CSM.
    • +
  • Fixed error handling and improved command messages for sat bootprep and +sat swap blade.
    • +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/release_notes/sat_2.6_release_notes/index.html b/en-26/release_notes/sat_2.6_release_notes/index.html new file mode 100644 index 0000000000..aeb8204104 --- /dev/null +++ b/en-26/release_notes/sat_2.6_release_notes/index.html @@ -0,0 +1,1364 @@ + + + + + + + + + + + + Changes in SAT 2.6 :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

Changes in SAT 2.6

+

The 2.6.14 version of the SAT product includes:

+
    +
  • Version 3.25.10 of the sat python package and CLI.
    • +
  • Version 2.0.0-1 of the sat-podman wrapper script.
    • +
  • Version 1.6.2 of the sat-install-utility container image.
    • +
+

New sat Commands

+

No new sat commands were added in SAT 2.6.

+

Changes to sat bootsys

+
    +
  • +

    Functionality was added to the platform-services and cabinet-power +stages of sat bootsys boot. This allows SAT to automatically recreate +Kubernetes CronJobs that may have become stuck during shutdown, boot, or +reboot.

    +
    • +
  • +

    sat bootsys boot more reliably determines if the hms-discovery CronJob +was scheduled during the cabinet-power stage.

    +
    • +
  • +

    SAT now uses the BatchV1 Kubernetes API to manipulate CronJobs instead of the +BatchV1Beta1 API.

    +
    • +
  • +

    sat bootsys now logs the ID of all BOS sessions when performing BOS +operations. A warning is logged for any BOS sessions with failed +components.

    +
    • +
  • +

    Support for the Compute Rolling Upgrade Service (CRUS) has been removed, +and the sat bootsys command will no longer interact with CRUS.

    +
    • +
  • +

    The bos-operations stage of sat bootsys no longer checks whether BOS +session templates need any operations to be performed before creating a BOS +session. BOS instead determines whether the session will need to boot or +shut down any nodes to reach the desired state.

    +
    • +
+

Changes to sat bootprep

+
    +
  • +

    Wildcard matching was added for images in sat bootprep input files. Use +wildcards similar to how prefix filters were used in older versions of SAT. +For more information, see Define IMS Images.

    +
    • +
  • +

    Support for multiple architectures was added to sat bootprep. It is now +possible to filter base IMS images and recipes from products based on their +target architecture. This support also allows specifying target architectures +in boot sets of BOS session templates. For more information, see +Filter Base Images or Recipes from a Product +and +Define BOS Session Templates.

    +
    • +
  • +

    When specifying a base image or recipe from a product, sat bootprep +can combine multiple image or recipe filters. When specifying multiple +filters, the unique base image or recipe that satisfies all of the given +filters is selected. An error occurs if either no images or recipes match the +given filters or if more than one image or recipe matches the given filters.

    +
    • +
  • +

    In CFS configuration layers, support was added for the new imsRequireDkms +field under the specialParameters section. CFS configurations in bootprep +input files can specify an ims_require_dkms field in a new, optional +special_parameters section for each layer.

    +
    • +
+

Other SAT Changes

+
    +
  • +

    The SAT Kibana and Grafana dashboards were moved to the System Monitoring +Application (SMA) beside other dashboards. For more information on how to +view these dashboards going forward, see the HPE Cray EX System Monitoring +Application Administration Guide (S-8029).

    +
    • +
  • +

    Add the new s3.cert_verify option to the SAT configuration file to +control whether certificate verification is performed when accessing S3.

    +
    • +
  • +

    Log messages spanning multiple lines now print the log level on each line +instead of only at the beginning of the message.

    +
    • +
  • +

    When certificate verification is disabled for CSM API requests, only a single +warning now prints at the beginning of SAT’s invocation instead of for +each request.

    +
    • +
  • +

    sat swap blade more reliably determines if the hms-discovery CronJob was +scheduled when enabling a blade following a hardware swap.

    +
    • +
  • +

    sat swap blade will use the BatchV1 Kubernetes API to manipulate CronJobs, +instead of the BatchV1Beta1 API as previously.

    +
    • +
  • +

    Command prompts in this guide are now inserted into text before the +fenced code block instead of inside of it. This is a change from the +documentation of SAT 2.5 and earlier. In addition, two new command prompts +were added for better clarity. For more information, see +Command Prompt Conventions in SAT.

    +
    • +
+

Multi-tenancy Support

+

SAT 2.6 supports supplying tenant information to CSM services in order to allow +tenant admins to use SAT within their tenant. For more information, see +Configure multi-tenancy.

+

Security

+
    +
  • +

    Updated the version of cryptography from 36.0.1 to 41.0.0 to resolve +CVE-2023-2650.

    +
    • +
  • +

    Updated the version of requests from 2.27.1 to 2.31.0 to resolve +CVE-2023-32681.

    +
    • +
  • +

    Updated the version of curl/libcurl from 7.80.0-r6 to 8.1.2-r0 to address +CVE-2023-27536.

    +
    • +
+

Bug Fixes

+
    +
  • +

    Improved extreme slowness in the platform-services stage of +sat bootsys shutdown in cases where a large known_hosts file is used on +the host where SAT is running.

    +
    • +
  • +

    Fixed a bug that caused the wrong container name to be logged when CFS +configuration sessions failed on newer CSM systems.

    +
    • +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/release_notes/shasta_1.3.2_release_notes/index.html b/en-26/release_notes/shasta_1.3.2_release_notes/index.html new file mode 100644 index 0000000000..03e8d52c16 --- /dev/null +++ b/en-26/release_notes/shasta_1.3.2_release_notes/index.html @@ -0,0 +1,1255 @@ + + + + + + + + + + + + SAT Changes in Shasta v1.3.2 :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Changes in Shasta v1.3.2

+

Shasta v1.3.2 included version 2.4.0 of the sat python package and CLI.

+

The following sections detail the changes in this release.

+

sat swap Command for Switch and Cable Replacement

+

The sat switch command which supported operations for replacing a switch has +been deprecated and replaced with the sat swap command, which now supports +replacing a switch OR cable.

+

The sat swap switch command is equivalent to sat switch. The sat switch +command will be removed in a future release.

+

Addition of Stages to sat bootsys Command

+

The sat bootsys command now has multiple stages for both the boot and +shutdown actions. Please refer to the “System Power On Procedures” and “System +Power Off Procedures” sections of the Cray Shasta Administration Guide (S-8001) +for more details on using this command in the context of a full system power off +and power on.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/release_notes/shasta_1.3_release_notes/index.html b/en-26/release_notes/shasta_1.3_release_notes/index.html new file mode 100644 index 0000000000..5377f0e87e --- /dev/null +++ b/en-26/release_notes/shasta_1.3_release_notes/index.html @@ -0,0 +1,1259 @@ + + + + + + + + + + + + SAT Changes in Shasta v1.3 :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Changes in Shasta v1.3

+

Shasta v1.3 included version 2.2.3 of the sat python package and CLI.

+

This version of the sat CLI contained the following commands:

+
    +
  • auth
    • +
  • bootsys
    • +
  • cablecheck
    • +
  • diag
    • +
  • firmware
    • +
  • hwinv
    • +
  • hwmatch
    • +
  • k8s
    • +
  • linkhealth
    • +
  • sensors
    • +
  • setrev
    • +
  • showrev
    • +
  • status
    • +
  • swap
    • +
  • switch
    • +
+

For more information on each of these commands, see the +SAT Command Overview and the table +of commands in the SAT Command Authentication +section of this document.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/release_notes/shasta_1.4.1_release_notes/index.html b/en-26/release_notes/shasta_1.4.1_release_notes/index.html new file mode 100644 index 0000000000..4dc92c42e6 --- /dev/null +++ b/en-26/release_notes/shasta_1.4.1_release_notes/index.html @@ -0,0 +1,1264 @@ + + + + + + + + + + + + SAT Changes in Shasta v1.4.1 :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Changes in Shasta v1.4.1

+

We released version 2.0.4 of the SAT product in Shasta v1.4.1.

+

This version of the SAT product included:

+
    +
  • Version 3.5.0 of the sat python package and CLI.
    • +
  • Version 1.4.3 of the sat-podman wrapper script.
    • +
+

The following sections detail the changes in this release.

+

New Commands to Translate Between NIDs and XNames

+

Two new commands were added to translate between NIDs and XNames:

+
    +
  • sat nid2xname
    • +
  • sat xname2nid
    • +
+

These commands perform this translation by making requests to the Hardware +State Manager (HSM) API.

+

Bug Fixes

+
    +
  • Fixed a problem in sat swap where creating the offline port policy failed.
    • +
  • Changed sat bootsys shutdown --stage bos-operations to no longer forcefully +power off all compute nodes and application nodes using CAPMC when BOS +sessions complete or time out.
    • +
  • Fixed an issue with the command sat bootsys boot --stage cabinet-power.
    • +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/release_notes/shasta_1.4_release_notes/index.html b/en-26/release_notes/shasta_1.4_release_notes/index.html new file mode 100644 index 0000000000..98a1b7427b --- /dev/null +++ b/en-26/release_notes/shasta_1.4_release_notes/index.html @@ -0,0 +1,1366 @@ + + + + + + + + + + + + SAT Changes in Shasta v1.4 :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Changes in Shasta v1.4

+

In Shasta v1.4, SAT became an independent product, which meant we began to +designate a version number for the entire SAT product. We released version +2.0.3 of the SAT product in Shasta v1.4.

+

This version of the SAT product included the following components:

+
    +
  • Version 3.4.0 of the sat python package and CLI
    • +
+

It also added the following new component:

+
    +
  • Version 1.4.2 of the sat-podman wrapper script
    • +
+

The following sections detail the changes in this release.

+

SAT as an Independent Product

+

SAT is now packaged and released as an independent product. The product +deliverable is called a “release distribution”. The release distribution is a +gzipped tar file containing an install script. This install script loads the +cray/cray-sat container image into the Docker registry in Nexus and loads the +cray-sat-podman RPM into a package repository in Nexus.

+

In this release, the cray-sat-podman package is still installed in the master +and worker NCN images provided by CSM. This is changed in SAT 2.1.16 released in +Shasta v1.5.

+

SAT Running in a Container Under Podman

+

The sat command now runs in a container under Podman. The sat executable is +now installed on all nodes in the Kubernetes cluster (workers and +control plane nodes). This executable is a wrapper script that starts a SAT container in +Podman and invokes the sat Python CLI within that container. The admin can run +individual sat commands directly on the master or worker NCNs as before, or +they can run sat commands inside the SAT container after using sat bash to +enter an interactive shell inside the SAT container.

+

To view man pages for sat commands, the user can run sat-man SAT_COMMAND, +replacing SAT_COMMAND with the name of the sat command. Alternatively, +the user can enter the sat container with sat bash and use the man command.

+

New sat init Command and Configuration File Location Change

+

The default location of the SAT configuration file has been changed from /etc/sat.toml +to ~/.config/sat/sat.toml. A new command, sat init, has been added that +initializes a configuration file in the new default directory. This better supports +individual users on the system who want their own configuration files.

+

~/.config/sat is mounted into the container that runs under Podman, so changes +are persistent across invocations of the sat container. If desired, an alternate +configuration directory can be specified with the SAT_CONFIG_DIR environment +variable.

+

Additionally, if a configuration file does not yet exist when a user runs a sat +command, one is generated automatically.

+

Additional Types Added to sat hwinv

+

Additional functionality has been added to sat hwinv including:

+
    +
  • List node enclosure power supplies with the --list-node-enclosure-power-supplies +option.
    • +
  • List node accelerators (for example, GPUs) with the --list-node-accels option. +The count of node accelerators is also included for each node.
    • +
  • List node accelerator risers (for example, Redstone modules) with the +--list-node-accel-risers option. The count of node accelerator risers is also +included for each node.
    • +
  • List High-Speed Node Network Interface Cards (HSN NICs) with the +--list-node-hsn-nics option. The count of HSN NICs is also included for each node.
    • +
+

Documentation for these new options has been added to the man page for sat hwinv.

+

Site Information Stored by sat setrev in S3

+

The sat setrev and sat showrev commands now use S3 to store and obtain site +information, including system name, site name, serial number, install date, and +system type. Since the information is stored in S3, it will now be consistent +regardless of the node on which sat is executed.

+

As a result of this change, S3 credentials must be configured for SAT. For more +information, see Generate SAT S3 Credentials.

+

Product Version Information Shown by sat showrev

+

sat showrev now shows product information from the cray-product-catalog +ConfigMap in Kubernetes.

+

Additional Changes to sat showrev

+

The output from sat showrev has also been changed in the following ways:

+
    +
  • The --docker and --packages options were considered misleading and have +been removed.
    • +
  • Information pertaining to only to the local host, where the command is run, +has been moved to the output of the --local option.
    • +
+

Removal of sat cablecheck

+

The sat cablecheck command has been removed. To verify that the system’s Slingshot +network is cabled correctly, admins should now use the show cables command in the +Slingshot Topology Tool (STT).

+

sat swap Command Compatibility with Next-gen Fabric Controller

+

The sat swap command was added in Shasta v1.3.2. This command used the Fabric +Controller API. Shasta v1.4 introduced a new Fabric Manager API and removed the +Fabric Controller API, so this command has been rewritten to use the new +backwards-incompatible API. Usage of the command did not change.

+

sat bootsys Functionality

+

Much of the functionality added to sat bootsys in Shasta v1.3.2 was broken +by changes introduced in Shasta v1.4, which removed the Ansible inventory +and playbooks.

+

The functionality in the platform-services stage of sat bootsys has been +re-implemented to use python directly instead of Ansible. This resulted in +a more robust procedure with better logging to the sat log file. Failures +to stop containers on Kubernetes nodes are handled more gracefully, and +more information about the containers that failed to stop, including how to +debug the problem, is included.

+

Improvements were made to console logging setup for non-compute nodes +(NCNs) when they are shut down and booted.

+

The following improvements were made to the bos-operations stage +of sat bootsys:

+
    +
  • More information about the BOS sessions, BOA jobs, and BOA pods is printed.
    • +
  • A command-line option, --bos-templates, and a corresponding configuration +file option, bos_templates, were added, and the --cle-bos-template and +--uan-bos-template options and their corresponding configuration file +options were deprecated.
    • +
+

The following functionality has been removed from sat bootsys:

+
    +
  • The hsn-bringup stage of sat bootsys boot has been removed due to removal +of the underlying Ansible playbook.
    • +
  • The bgp-check stage of sat bootys {boot,shutdown} has been removed. It is +now a manual procedure.
    • +
+

Log File Location Change

+

The location of the sat log file has changed from /var/log/cray/sat.log to +/var/log/cray/sat/sat.log. This change simplifies mounting this file into the +sat container running under Podman.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/release_notes/shasta_1.5_release_notes/index.html b/en-26/release_notes/shasta_1.5_release_notes/index.html new file mode 100644 index 0000000000..290a7ce78c --- /dev/null +++ b/en-26/release_notes/shasta_1.5_release_notes/index.html @@ -0,0 +1,1320 @@ + + + + + + + + + + + + SAT Changes in Shasta v1.5 :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Changes in Shasta v1.5

+

We released version 2.1.16 of the SAT product in Shasta v1.5.

+

This version of the SAT product included:

+
    +
  • Version 3.7.4 of the sat python package and CLI
    • +
  • Version 1.4.10 of the sat-podman wrapper script
    • +
+

It also added the following new component:

+
    +
  • Version 1.0.3 of the sat-cfs-install docker image and helm chart
    • +
+

The following sections detail the changes in this release.

+

Install Changes to Separate Product from CSM

+

This release further decouples the installation of the SAT product from the CSM +product. The cray-sat-podman RPM is no longer installed in the management +non-compute node (NCN) image. Instead, the cray-sat-podman RPM is installed on +all master management NCNs via an Ansible playbook which is referenced by a +layer of the CFS configuration that applies to management NCNs. This CFS +configuration is typically named ncn-personalization.

+

The SAT product now includes a Docker image and a Helm chart named +sat-cfs-install. The SAT install script, install.sh, deploys the Helm chart +with Loftsman. This helm chart deploys a Kubernetes job that imports the +SAT Ansible content to a git repository in VCS (Gitea) named sat-config-management. +This repository is referenced by the layer added to the NCN personalization +CFS configuration.

+

Removal of Direct Redfish Access

+

All commands which used to access Redfish directly have either been removed or +modified to use higher-level service APIs. This includes the following commands:

+
    +
  • sat sensors
    • +
  • sat diag
    • +
  • sat linkhealth
    • +
+

The sat sensors command has been rewritten to use the SMA telemetry API to +obtain the latest sensor values. The command’s usage has changed slightly, but +legacy options work as before, so it is backwards compatible. Additionally, new +commands have been added.

+

The sat diag command has been rewritten to use a new service called Fox, which +is delivered with the CSM-Diags product. The sat diag command now launches +diagnostics using the Fox service, which launches the corresponding diagnostic +programs on controllers using the Hardware Management Job and Task Daemon +(HMJTD) over Redfish. Essentially, Fox serves as a proxy for us to start +diagnostics over Redfish.

+

The sat linkhealth command has been removed. Its functionality has been +replaced by functionality from the Slingshot Topology Tool (STT) in the +fabric manager pod.

+

The Redfish username and password command line options and configuration file +options have been removed. For more information, see +Remove Obsolete Configuration File Sections.

+

Additional Fields in sat setrev and sat showrev

+

sat setrev now collects the following information from the admin, which is then +displayed by sat showrev:

+
    +
  • System description
    • +
  • Product number
    • +
  • Company name
    • +
  • Country code
    • +
+

Additional guidance and validation has been added to each field collected by +sat setrev. This sets the stage for sdu setup to stop collecting this +information and instead collect it from sat showrev or its S3 bucket.

+

Improvements to sat bootsys

+

The platform-services stage of the sat bootsys boot command has been +improved to start inactive Ceph services, unfreeze Ceph, and wait for Ceph +health in the correct order. The ceph-check stage has been removed as it is no +longer needed.

+

The platform-services stage of sat bootsys boot now prompts for confirmation +of the storage NCN hostnames in addition to the Kubernetes control plane and worker nodes.

+

Bug Fixes and Security Fixes

+
    +
  • Improved error handling in sat firmware.
    • +
  • Incremented version of Alpine Linux to 3.13.2 to address a security +vulnerability.
    • +
+

Other Notable Changes

+
    +
  • Ansible has been removed from the cray-sat container image.
    • +
  • Support for the Firmware Update Service (FUS) has been removed from the sat firmware command.
    • +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/sitemap.xml b/en-26/sitemap.xml new file mode 100644 index 0000000000..cd6e8d75ad --- /dev/null +++ b/en-26/sitemap.xml @@ -0,0 +1,425 @@ + + + + /docs-sat/en-26/usage/ + 2024-12-11T03:40:01+00:00 + + + + + + + /docs-sat/en-26/about_sat/ + 2024-12-11T03:40:00+00:00 + + /docs-sat/en-26/ + 2024-12-11T03:40:00+00:00 + + + + + + + + /docs-sat/en-26/install/ + 2024-12-11T03:40:00+00:00 + + + + + + + + /docs-sat/en-26/release_notes/ + 2024-12-11T03:40:00+00:00 + + + + + + + + /docs-sat/en-26/usage/change_bos_version/ + 2024-12-11T03:40:01+00:00 + + + + + /docs-sat/en-26/release_notes/sat_2.2_release_notes/ + 2024-12-11T03:40:00+00:00 + + + + /docs-sat/en-26/about_sat/command_authentication/ + 2024-12-11T03:40:00+00:00 + + /docs-sat/en-26/usage/multi-tenancy/ + 2024-12-11T03:40:01+00:00 + + /docs-sat/en-26/release_notes/sat_2.3_release_notes/ + 2024-12-11T03:40:00+00:00 + + + + /docs-sat/en-26/about_sat/dependencies/ + 2024-12-11T03:40:00+00:00 + + /docs-sat/en-26/release_notes/sat_2.4_release_notes/ + 2024-12-11T03:40:01+00:00 + + + + /docs-sat/en-26/usage/sat_and_iuf/ + 2024-12-11T03:40:01+00:00 + + + + /docs-sat/en-26/about_sat/introduction/ + 2024-12-11T03:40:00+00:00 + + /docs-sat/en-26/release_notes/sat_2.5_release_notes/ + 2024-12-11T03:40:01+00:00 + + + + /docs-sat/en-26/usage/sat_bootprep/ + 2024-12-11T03:40:01+00:00 + + + + + /docs-sat/en-26/about_sat/sat_in_csm/ + 2024-12-11T03:40:00+00:00 + + /docs-sat/en-26/release_notes/sat_2.6_release_notes/ + 2024-12-11T03:40:01+00:00 + + /docs-sat/en-26/about_sat/view_sat_docs/ + 2024-12-11T03:40:00+00:00 + + /docs-sat/en-26/release_notes/shasta_1.3.2_release_notes/ + 2024-12-11T03:40:01+00:00 + + + + /docs-sat/en-26/external_system/ + 2024-12-11T03:40:00+00:00 + + + + /docs-sat/en-26/release_notes/shasta_1.3_release_notes/ + 2024-12-11T03:40:01+00:00 + + + + /docs-sat/en-26/release_notes/shasta_1.4.1_release_notes/ + 2024-12-11T03:40:01+00:00 + + + + /docs-sat/en-26/release_notes/shasta_1.4_release_notes/ + 2024-12-11T03:40:01+00:00 + + + + /docs-sat/en-26/release_notes/shasta_1.5_release_notes/ + 2024-12-11T03:40:01+00:00 + + + + /docs-sat/en-26/uninstall_and_downgrade/ + 2024-12-11T03:40:01+00:00 + + + + /docs-sat/en-26/upgrade/ + 2024-12-11T03:40:01+00:00 + + + + /docs-sat/en-26/categories/ + + + + + + + + /docs-sat/en-26/tags/ + + + + + + + + diff --git a/en-26/tags/index.html b/en-26/tags/index.html new file mode 100644 index 0000000000..4cf4e0c36f --- /dev/null +++ b/en-26/tags/index.html @@ -0,0 +1,1308 @@ + + + + + + + + + + + + Tags :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ + tag :: + +

+ + + + + + + + +
    + +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-26/tags/index.xml b/en-26/tags/index.xml new file mode 100644 index 0000000000..2ec967b886 --- /dev/null +++ b/en-26/tags/index.xml @@ -0,0 +1,11 @@ + + + + Tags on System Admin Toolkit (SAT) + /docs-sat/en-26/tags/ + Recent content in Tags on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-26 + + + diff --git a/en-26/uninstall_and_downgrade/index.html b/en-26/uninstall_and_downgrade/index.html new file mode 100644 index 0000000000..34eea1e4cb --- /dev/null +++ b/en-26/uninstall_and_downgrade/index.html @@ -0,0 +1,1423 @@ + + + + + + + + + + + + SAT Uninstall and Downgrade :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Uninstall and Downgrade

+

Uninstall: Remove a Version of SAT

+

This procedure can be used to uninstall a version of SAT.

+

Prerequisites

+
    +
  • Only versions 2.2 or newer of SAT can be uninstalled with prodmgr.
    • +
  • CSM version 1.2 or newer must be installed, so that the prodmgr command is available.
    • +
+

Procedure

+
    +
  1. +

    (ncn-m001#) Use sat showrev to list versions of SAT.

    +
    sat showrev --products --filter product_name=sat
+

    Example output:

    +
    ###############################################################################
+Product Revision Information
+###############################################################################
++--------------+-----------------+-------------------+-----------------------+
+| product_name | product_version | images            | image_recipes         |
++--------------+-----------------+-------------------+-----------------------+
+| sat          | 2.3.3           | -                 | -                     |
+| sat          | 2.2.10          | -                 | -                     |
++--------------+-----------------+-------------------+-----------------------+
+
    2. +
  2. +

    (ncn-m001#) Use prodmgr to uninstall a version of SAT.

    +

    This command will do three things:

    +
      +
    • Remove all hosted-type package repositories associated with the given version of SAT. Group-type +repositories are not removed.
      • +
    • Remove all container images associated with the given version of SAT.
      • +
    • Remove SAT from the cray-product-catalog Kubernetes ConfigMap, so that it will no longer show up +in the output of sat showrev.
      • +
    +
    prodmgr uninstall sat 2.2.10
+

    Example output:

    +
    Repository sat-2.2.10-sle-15sp2 has been removed.
+Removed Docker image cray/cray-sat:3.9.0
+Removed Docker image cray/sat-cfs-install:1.0.2
+Removed Docker image cray/sat-install-utility:1.4.0
+Deleted sat-2.2.10 from product catalog.
+
    3. +
+

Downgrade: Switch Between SAT Versions

+

This procedure can be used to downgrade the active version of SAT.

+

Note: The prodmgr activate command is deprecated in SAT 2.6, and the +ability to switch between SAT versions will be removed in a future release.

+

Prerequisites

+
    +
  • Only versions 2.2 or newer of SAT can be switched. Older versions must be +switched manually.
    • +
  • CSM version 1.2 or newer must be installed, so that the prodmgr command is +available.
    • +
+

Procedure

+
    +
  1. +

    (ncn-m001#) Use sat showrev to list versions of SAT.

    +
    sat showrev --products --filter product_name=sat
+

    Example output:

    +
    ###############################################################################
+Product Revision Information
+###############################################################################
++--------------+-----------------+--------------------+-----------------------+
+| product_name | product_version | images             | image_recipes         |
++--------------+-----------------+--------------------+-----------------------+
+| sat          | 2.3.3           | -                  | -                     |
+| sat          | 2.2.10          | -                  | -                     |
++--------------+-----------------+--------------------+-----------------------+
+
    2. +
  2. +

    (ncn-m001#) Use prodmgr to switch to a different version of SAT.

    +

    This command will do two things:

    +
      +
    • For all hosted-type package repositories associated with this version of SAT, set them as the sole member +of their corresponding group-type repository. For example, switching to SAT version 2.2.10 +sets the repository sat-2.2.10-sle-15sp2 as the only member of the sat-sle-15sp2 group.
      • +
    • Ensure that the SAT CFS configuration content exists as a layer in all CFS configurations that are +associated with NCNs with the role “Management” and subrole “Master” (for example, the CFS configuration +management-23.5.0). Specifically, it will ensure that the layer refers to the version of SAT CFS +configuration content associated with the version of SAT to which the system is switching.
      • +
    +
    prodmgr activate sat 2.5.15
+

    Example output:

    +
    Repository sat-2.5.15-sle-15sp4 is now the default in sat-sle-15sp4.
+Updated CFS configurations: [management-23.5.0]
+
    3. +
  3. +

    Apply the modified CFS configuration to the management NCNs.

    +

    At this point, Nexus package repositories have been modified to set a +particular package repository as active, but the SAT package may not have +been updated on management NCNs.

    +

    To ensure that management NCNs have been updated to use the active SAT +version, follow the Procedure to Apply CFS Configuration.

    +
    4. +
+

Procedure to Apply CFS Configuration

+
    +
  1. +

    (ncn-m001#) Set an environment variable that refers to the name of the CFS configuration +to be applied to the management NCNs.

    +
    export CFS_CONFIG_NAME="management-23.5.0"
+

    Note: Refer to the output from the prodmgr activate command to find +the name of the modified CFS configuration. If more than one CFS configuration +was modified, use the first one.

    +
    INFO: Successfully saved CFS configuration "management-23.5.0"
+
    2. +
  2. +

    (ncn-m001#) Obtain the name of the CFS configuration layer for SAT and save it in an +environment variable:

    +
    export SAT_LAYER_NAME=$(cray cfs configurations describe $CFS_CONFIG_NAME --format json \
+    | jq -r '.layers | map(select(.cloneUrl | contains("sat-config-management.git")))[0].name')
+
    3. +
  3. +

    (ncn-m001#) Create a CFS session that executes only the SAT layer of the given CFS +configuration.

    +

    The --configuration-limit option limits the configuration session to run +only the SAT layer of the configuration.

    +
    cray cfs sessions create --name "sat-session-${CFS_CONFIG_NAME}" --configuration-name \
+    "${CFS_CONFIG_NAME}" --configuration-limit "${SAT_LAYER_NAME}"
+
    4. +
  4. +

    Monitor the progress of the CFS session.

    +

    (ncn-m001#) Set an environment variable to name of the Ansible container within the pod +for the CFS session:

    +
    export ANSIBLE_CONTAINER=$(kubectl get pod -n services \
+    --selector=cfsession=sat-session-${CFS_CONFIG_NAME} -o json \
+    -o json | jq -r '.items[0].spec.containers | map(select(.name | contains("ansible"))) | .[0].name')
+

    (ncn-m001#) Next, get the logs for the Ansible container.

    +
    kubectl logs -c $ANSIBLE_CONTAINER --tail 100 -f -n services \
+    --selector=cfsession=sat-session-${CFS_CONFIG_NAME}
+

    Ansible plays, which are run by the CFS session, will install SAT on all the +master management NCNs on the system. A summary of results can be found at +the end of the log output.

    +

    (ncn-m001#) The following example shows a successful session:

    +
    ...
+PLAY RECAP *********************************************************************
+x3000c0s1b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+x3000c0s3b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+x3000c0s5b0n0              : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+

    Note: Ensure that the PLAY RECAPs for each session show successes for all +manager NCNs before proceeding.

    +
    5. +
  5. +

    (ncn-m001#) Verify that SAT was successfully configured.

    +

    If sat is configured, the --version command will indicate which version +is installed. If sat is not properly configured, the command will fail.

    +

    Note: This version number will differ from the version number of the SAT +release distribution. This is the semantic version of the sat Python package, +which is different from the version number of the overall SAT release distribution.

    +
    sat --version
+

    Example output:

    +
    sat 3.7.0
+

    Note: Upon first running sat, there might be additional output while +the sat container image is downloaded. This occurs the first time sat +is run on each manager NCN. For example, when running sat for the first time +on ncn-m001 and then for the first time on ncn-m002, this additional +output is seen both times.

    +
    Trying to pull registry.local/cray/cray-sat:3.7.0-20210514024359_9fed037...
+Getting image source signatures
+Copying blob da64e8df3afc done
+Copying blob 0f36fd81d583 done
+Copying blob 12527cf455ba done
+...
+sat 3.7.0
+
    6. +
  6. +

    (ncn-m001#) Stop the typescript.

    +
    exit
+
    7. +
+

SAT version x.y.z is now installed and configured:

+
    +
  • The SAT RPM package is installed on the associated NCNs.
    • +
+

Note on Procedure to Apply CFS Configuration

+

The previous procedure is not always necessary because the CFS Batcher service +automatically detects configuration changes and will automatically create new +sessions to apply configuration changes according to certain rules. For more +information on these rules, refer to Configuration Management with +the CFS Batcher in the Cray System Management Documentation.

+

The main scenario in which the CFS batcher will not automatically re-apply the +SAT layer is when the commit hash of the sat-config-management git repository +has not changed between SAT versions. The previous procedure ensures the +configuration is re-applied in all cases, and it is harmless if the batcher has +already applied an updated configuration.

+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/upgrade/index.html b/en-26/upgrade/index.html new file mode 100644 index 0000000000..49b6b32fe5 --- /dev/null +++ b/en-26/upgrade/index.html @@ -0,0 +1,1466 @@ + + + + + + + + + + + + SAT Upgrade :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Upgrade

+

Install and Upgrade Framework

+

The Install and Upgrade Framework (IUF) provides commands which install, +upgrade, and deploy products on systems managed by CSM. IUF capabilities are +described in detail in the IUF +section of the +Cray System Management Documentation. +The initial install and upgrade workflows described in the +HPE Cray EX System Software Stack Installation and Upgrade Guide for CSM +(S-8052) detail when and how to use +IUF with a new release of SAT or any other HPE Cray EX product.

+

This document does not replicate install, upgrade, or deployment procedures +detailed in the Cray System Management +Documentation. This document provides +details regarding software and configuration content specific to SAT which is +needed when installing, upgrading, or deploying a SAT release. The Cray +System Management Documentation will +indicate when sections of this document should be referred to for detailed +information.

+

IUF will perform the following tasks for a release of SAT.

+
    +
  • IUF deliver-product stage: +
      +
    • Uploads SAT configuration content to VCS
      • +
    • Uploads SAT information to the CSM product catalog
      • +
    • Uploads SAT content to Nexus repositories
      • +
    +
    • +
  • IUF update-vcs-config stage: +
      +
    • Updates the VCS integration branch with new SAT configuration content if a +working branch is specified
      • +
    +
    • +
  • IUF update-cfs-config stage: +
      +
    • Creates a new CFS configuration for management nodes with new SAT configuration content
      • +
    +
    • +
  • IUF prepare-images stage: +
      +
    • Creates updated management NCN and managed node images with new SAT content
      • +
    +
    • +
  • IUF management-nodes-rollout stage: +
      +
    • Boots management NCNs with an image containing new SAT content
      • +
    +
    • +
+

IUF uses a variety of CSM and SAT tools when performing these tasks. The IUF +section of the +Cray System Management Documentation +describes how to use these tools directly if it is desirable to use them +instead of IUF.

+

IUF Stage Details for SAT

+

This section describes SAT details that an administrator must be aware of +before running IUF stages. Entries are prefixed with Information if no +administrative action is required or Action if an administrator needs +to perform tasks outside of IUF.

+

update-vcs-config

+

Information: This stage is only run if a VCS working branch is specified for +SAT. By default, SAT does not create or specify a VCS working branch.

+

update-cfs-config

+

Information: This stage only applies to the management configuration and +not to the managed configuration.

+

prepare-images

+

Information: This stage only applies to management images and not to +managed images.

+

Post-Upgrade Procedures

+

After upgrading SAT with IUF, it is recommended to complete the following +procedures before using SAT:

+ +

Notes on the Procedures

+
    +
  • Ellipses (...) in shell output indicate omitted lines.
    • +
  • In the examples below, replace x.y.z with the version of the SAT product stream +being upgraded.
    • +
  • ‘manager’ and ‘master’ are used interchangeably in the steps below.
    • +
+

Remove Obsolete Configuration File Sections

+

After upgrading SAT, if using the configuration file from a previous version, there may be +configuration file sections no longer used in the new version. For example, when upgrading +from Shasta 1.4 to Shasta 1.5, the [redfish] configuration file section is no longer used.

+

(ncn-m001#) In that case, the following warning may appear upon running sat commands.

+
WARNING: Ignoring unknown section 'redfish' in config file.
+

Remove the [redfish] section from /root/.config/sat/sat.toml to resolve the warning.

+
[redfish]
+username = "admin"
+password = "adminpass"
+

Repeat this process for any configuration file sections for which there are “unknown section” warnings.

+

Update SAT Logging

+

As of SAT version 2.2, some command output that was previously printed to stdout +is now logged to stderr. These messages are logged at the INFO level. The +default logging threshold was changed from WARNING to INFO to accommodate +this logging change. Additionally, some messages previously logged at the INFO +are now logged at the DEBUG level.

+

These changes take effect automatically. However, if the default output threshold +has been manually set in ~/.config/sat/sat.toml, it should be changed to ensure +that important output is shown in the terminal.

+

Update Configuration

+

(ncn-m001#) In the following example, the stderr log level, logging.stderr_level, is set to +WARNING, which will exclude INFO-level logging from terminal output.

+
grep -A 3 logging ~/.config/sat/sat.toml
+

Example output:

+
[logging]
+...
+stderr_level = "WARNING"
+

To enable the new default behavior, comment this line out, delete it, or set +the value to “INFO”.

+

If logging.stderr_level is commented out, its value will not affect logging +behavior. However, it may be helpful to set its value to INFO as a reminder of +the new default behavior.

+

Affected Commands

+

The following commands trigger messages that have been changed from stdout +print calls to INFO-level (or WARNING- or ERROR-level) log messages:

+
    +
  • sat bootsys --stage shutdown --stage session-checks
    • +
  • sat sensors
    • +
+

The following commands trigger messages that have been changed from INFO-level +log messages to DEBUG-level log messages:

+
    +
  • sat nid2xname
    • +
  • sat xname2nid
    • +
  • sat swap
    • +
+

Set System Revision Information

+

HPE service representatives use system revision information data to identify +systems in support cases.

+

Prerequisites

+ +

Notes on the Procedure

+

This procedure is not required if SAT was upgraded from 2.1 (Shasta v1.5) +or later. It is required if SAT was upgraded from 2.0 (Shasta v1.4) or +earlier.

+

Procedure

+
    +
  1. +

    Set System Revision Information.

    +

    (ncn-m001#) Run sat setrev and follow the prompts to set the following site-specific values:

    +
      +
    • Serial number
      • +
    • System name
      • +
    • System type
      • +
    • System description
      • +
    • Product number
      • +
    • Company name
      • +
    • Site name
      • +
    • Country code
      • +
    • System install date
      • +
    +

    Tip: For “System type”, a system with any liquid-cooled components should be +considered a liquid-cooled system. In other words, “System type” is EX-1C.

    +
    sat setrev
+

    Example output:

    +
    --------------------------------------------------------------------------------
+Setting:        Serial number
+Purpose:        System identification. This will affect how snapshots are
+                identified in the HPE backend services.
+Description:    This is the top-level serial number which uniquely identifies
+                the system. It can be requested from an HPE representative.
+Valid values:   Alpha-numeric string, 4 - 20 characters.
+Type:           <class 'str'>
+Default:        None
+Current value:  None
+--------------------------------------------------------------------------------
+Please do one of the following to set the value of the above setting:
+    - Input a new value
+    - Press CTRL-C to exit
+...
+
    2. +
  2. +

    Verify System Revision Information.

    +

    (ncn-m001#) Run sat showrev and verify the output shown in the “System Revision Information table.”

    +

    The following example shows sample table output.

    +
    sat showrev
+

    Example output:

    +
    ################################################################################
+System Revision Information
+################################################################################
++---------------------+---------------+
+| component           | data          |
++---------------------+---------------+
+| Company name        | HPE           |
+| Country code        | US            |
+| Interconnect        | Sling         |
+| Product number      | R4K98A        |
+| Serial number       | 12345         |
+| Site name           | HPE           |
+| Slurm version       | slurm 20.02.5 |
+| System description  | Test System   |
+| System install date | 2021-01-29    |
+| System name         | eniac         |
+| System type         | EX-1C         |
++---------------------+---------------+
+################################################################################
+Product Revision Information
+################################################################################
++--------------+-----------------+------------------------------+------------------------------+
+| product_name | product_version | images                       | image_recipes                |
++--------------+-----------------+------------------------------+------------------------------+
+| csm          | 0.8.14          | cray-shasta-csm-sles15sp1... | cray-shasta-csm-sles15sp1... |
+| sat          | 2.0.1           | -                            | -                            |
+| sdu          | 1.0.8           | -                            | -                            |
+| slingshot    | 0.8.0           | -                            | -                            |
+| sma          | 1.4.12          | -                            | -                            |
++--------------+-----------------+------------------------------+------------------------------+
+################################################################################
+Local Host Operating System
+################################################################################
++-----------+----------------------+
+| component | version              |
++-----------+----------------------+
+| Kernel    | 5.3.18-24.15-default |
+| SLES      | SLES 15-SP2          |
++-----------+----------------------+
+
    3. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/usage/change_bos_version/index.html b/en-26/usage/change_bos_version/index.html new file mode 100644 index 0000000000..bfd812ffd4 --- /dev/null +++ b/en-26/usage/change_bos_version/index.html @@ -0,0 +1,1284 @@ + + + + + + + + + + + + Change the BOS Version :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

Change the BOS Version

+

By default, SAT uses Boot Orchestration Service (BOS) version two (v2). +Select the BOS version to use for individual commands with the --bos-version +option. For more information on this option, refer to the man page for a specific +command.

+

Another way to change the BOS version is by configuring it under the +api_version setting in the bos section of the SAT configuration file. +If the system is using an existing SAT configuration file from an older +version of SAT, the bos section might not exist. In that case, add the bos +section with the BOS version desired in the api_version setting.

+
    +
  1. +

    Find the SAT configuration file at ~/.config/sat/sat.toml, and look for a +section like this:

    +
    [bos]
+api_version = "v2"
+

    In this example, SAT is using BOS version "v2".

    +
    2. +
  2. +

    Change the line specifying the api_version to the BOS version desired (for +example, "v1").

    +
    [bos]
+api_version = "v1"
+
    3. +
  3. +

    If applicable, uncomment the api_version line.

    +

    If the system is using an existing SAT configuration file from a recent +version of SAT, the api_version line might be commented out like this:

    +
    [bos]
+# api_version = "v2"
+

    If the line is commented out, SAT will still use the default BOS +version. To ensure a different BOS version is used, uncomment the +api_version line by removing # at the beginning of the line.

    +
    4. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/usage/index.html b/en-26/usage/index.html new file mode 100644 index 0000000000..b925078170 --- /dev/null +++ b/en-26/usage/index.html @@ -0,0 +1,1292 @@ + + + + + + + + + + + + SAT Usage :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + + +

SAT Usage

+ + + + + + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + diff --git a/en-26/usage/index.xml b/en-26/usage/index.xml new file mode 100644 index 0000000000..41186b21ea --- /dev/null +++ b/en-26/usage/index.xml @@ -0,0 +1,40 @@ + + + + SAT Usage on System Admin Toolkit (SAT) + /docs-sat/en-26/usage/ + Recent content in SAT Usage on System Admin Toolkit (SAT) + Hugo -- gohugo.io + en-26 + Wed, 11 Dec 2024 03:40:01 +0000 + + + Change the BOS Version + /docs-sat/en-26/usage/change_bos_version/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/usage/change_bos_version/ + Change the BOS Version By default, SAT uses Boot Orchestration Service (BOS) version two (v2). Select the BOS version to use for individual commands with the --bos-version option. For more information on this option, refer to the man page for a specific command. Another way to change the BOS version is by configuring it under the api_version setting in the bos section of the SAT configuration file. If the system is using an existing SAT configuration file from an older version of SAT, the bos section might not exist. + + + Configure Multi-tenancy + /docs-sat/en-26/usage/multi-tenancy/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/usage/multi-tenancy/ + Configure Multi-tenancy SAT supports supplying tenant information to CSM services in order to allow tenant admins to use SAT within their tenant. By default, the tenant name is not set, and SAT will not send any tenant information with its requests to CSM services. Configure the tenant name either in the SAT configuration file or on the command line. Configure the Tenant Name in the SAT Configuration File Set the tenant name in the SAT configuration file using the api_gateway. + + + SAT and IUF + /docs-sat/en-26/usage/sat_and_iuf/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/usage/sat_and_iuf/ + SAT and IUF The Install and Upgrade Framework (IUF) provides commands which install, upgrade, and deploy products on systems managed by CSM with the help of sat bootprep. Outside of IUF, it is uncommon to use sat bootprep. For more information on IUF, see the IUF section of the Cray System Management Documentation. For more information on sat bootprep, see SAT Bootprep. Variable Substitutions Both IUF and sat bootprep allow variable substitutions into the default HPC CSM Software Recipe bootprep input files. + + + SAT Bootprep + /docs-sat/en-26/usage/sat_bootprep/ + Wed, 11 Dec 2024 03:40:01 +0000 + /docs-sat/en-26/usage/sat_bootprep/ + SAT Bootprep SAT provides an automated solution for creating CFS configurations, building and configuring images in IMS, and creating BOS session templates. The solution is based on a given input file that defines how those configurations, images, and session templates should be created. This automated process centers around the sat bootprep command. Man page documentation for sat bootprep can be viewed similar to other SAT commands. (ncn-m001#) Here is an example: + + + diff --git a/en-26/usage/multi-tenancy/index.html b/en-26/usage/multi-tenancy/index.html new file mode 100644 index 0000000000..5defa03a7f --- /dev/null +++ b/en-26/usage/multi-tenancy/index.html @@ -0,0 +1,1235 @@ + + + + + + + + + + + + Configure Multi-tenancy :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

Configure Multi-tenancy

+

SAT supports supplying tenant information to CSM services in order to allow +tenant admins to use SAT within their tenant. By default, the tenant name is +not set, and SAT will not send any tenant information with its requests to +CSM services. Configure the tenant name either in the SAT configuration file +or on the command line.

+

Configure the Tenant Name in the SAT Configuration File

+

Set the tenant name in the SAT configuration file using the +api_gateway.tenant_name option.

+

Here is an example:

+
[api_gateway]
+tenant_name = "my_tenant"
+

Configure the Tenant Name on the Command Line

+

Set the tenant name for each sat invocation using the --tenant-name +option. The --tenant-name option must be specified before the subcommand +name.

+

(ncn-m001#) Here is an example:

+
sat --tenant-name=my_tenant status
+
+ +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/usage/sat_and_iuf/index.html b/en-26/usage/sat_and_iuf/index.html new file mode 100644 index 0000000000..f697f356d3 --- /dev/null +++ b/en-26/usage/sat_and_iuf/index.html @@ -0,0 +1,1312 @@ + + + + + + + + + + + + SAT and IUF :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+ + + + +
+
+ +
+
+ + +
+
+ +
+ +
+ +
+ +

+ +

+ + + + + +

SAT and IUF

+

The Install and Upgrade Framework (IUF) provides commands which install, +upgrade, and deploy products on systems managed by CSM with the help of +sat bootprep. Outside of IUF, it is uncommon to use sat bootprep. +For more information on IUF, see the +IUF section of +the Cray System Management Documentation. +For more information on sat bootprep, see SAT Bootprep.

+

Variable Substitutions

+

Both IUF and sat bootprep allow variable substitutions into the default HPC +CSM Software Recipe bootprep input files. The default variables of the HPC +CSM Software Recipe are available in a product_vars.yaml file. To override +the default variables, specify any site variables in a site_vars.yaml file. +Variables are sourced from the command line, any variable files directly +provided, and the HPC CSM Software Recipe files used, in that order.

+

IUF Session Variables

+

IUF also has special session variables internal to the iuf command that +override any matching entries. Session variables are the set of product and +version combinations being installed by the current IUF activity, and they are +found inside IUF’s internal session_vars.yaml file. For more information on +IUF and variable substitutions, see the +IUF section of +the Cray System Management Documentation.

+

SAT Variable Limitations

+

When using sat bootprep outside of IUF, substituting variables into the +default bootprep input files might cause problems. Complex variables like +"{{ working_branch }}" cannot be completely resolved outside of IUF and +its internal session variables. Thus, the default product_vars.yaml file is +unusable with only the sat bootprep command when variables like +"{{ working_branch }}" are used. To work around this limitation when +substituting complex variables, use the internal IUF session_vars.yaml file +with sat bootprep and the default bootprep input files.

+
    +
  1. +

    Find the session_vars.yaml file from the most recent IUF activity on the +system.

    +

    This process is documented in the upgrade prerequisites procedure of the +Cray System Management Documentation. For more information, see steps 1-6 of +Stage 0.3 - Option 2.

    +
    2. +
  2. +

    (ncn-m001#) Use the session_vars.yaml file to substitute variables into the default +bootprep input files.

    +
    sat bootprep run --vars-file session_vars.yaml
+
    3. +
+

Limit SAT Bootprep Run into Stages

+

The sat bootprep run command uses information from the bootprep input files +to create CFS configurations, IMS images, and BOS session templates. To restrict +this creation into separate stages, use the --limit option and list whether +to create configurations, images, session_templates, or some +combination of these. IUF uses the --limit option in this way to install, +upgrade, and deploy products on a system in stages.

+

(ncn-m001#) For example, to create only CFS configurations, run the following command used +by the IUF update-cfs-config stage:

+
sat bootprep run --limit configurations example-bootprep-input-file.yaml
+

Example output:

+
INFO: Validating given input file example-bootprep-input-file.yaml
+INFO: Input file successfully validated against schema
+INFO: Creating 3 CFS configurations
+...
+INFO: Skipping creation of IMS images based on value of --limit option.
+INFO: Skipping creation of BOS session templates based on value of --limit option.
+

(ncn-m001#) To create only IMS images and BOS session templates, run the following command +used by the IUF prepare-images stage:

+
sat bootprep run --limit images --limit session_templates example-bootprep-input-file.yaml
+

Example output:

+
INFO: Validating given input file example-bootprep-input-file.yaml
+INFO: Input file successfully validated against schema
+INFO: Skipping creation of CFS configurations based on value of --limit option.
+
+ +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/en-26/usage/sat_bootprep/index.html b/en-26/usage/sat_bootprep/index.html new file mode 100644 index 0000000000..8f1515b90e --- /dev/null +++ b/en-26/usage/sat_bootprep/index.html @@ -0,0 +1,1922 @@ + + + + + + + + + + + + SAT Bootprep :: System Admin Toolkit (SAT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +
+ +
+ +
+ +

+ +

+ + + + + +

SAT Bootprep

+

SAT provides an automated solution for creating CFS configurations, building +and configuring images in IMS, and creating BOS session templates. The +solution is based on a given input file that defines how those configurations, +images, and session templates should be created. This automated process centers +around the sat bootprep command. Man page documentation for sat bootprep +can be viewed similar to other SAT commands.

+

(ncn-m001#) Here is an example:

+
sat-man sat-bootprep
+

The sat bootprep command helps the Install and Upgrade Framework (IUF) +install, upgrade, and deploy products on systems managed by CSM. Outside of IUF, +it is uncommon to use sat bootprep. For more information on this relationship, +see SAT and IUF. For more information on IUF, see the +IUF section of +the Cray System Management Documentation.

+

SAT Bootprep vs SAT Bootsys

+

sat bootprep is used to create CFS configurations, build and +rename IMS images, and create BOS session templates which tie the +configurations and images together during a BOS session.

+

sat bootsys automates several portions of the boot and shutdown processes, +including (but not limited to) performing BOS operations (such as creating BOS +sessions), powering on and off cabinets, and checking the state of the system +prior to shutdown.

+

Edit a Bootprep Input File

+

The input file provided to sat bootprep is a YAML-formatted file containing +information which CFS, IMS, and BOS use to create configurations, images, and +BOS session templates respectively. Writing and modifying these input files is +the main task associated with using sat bootprep. An input file is composed of +three main sections, one each for configurations, images, and session templates. +These sections may be specified in any order, and any of the sections may be +omitted if desired.

+

Provide a Schema Version

+

The sat bootprep input file is validated against a versioned schema +definition. The input file should specify the version of the schema with which +it is compatible under a schema_version key. For example:

+
---
+schema_version: 1.0.2
+

(ncn-m001#) The current sat bootprep input file schema version can be viewed with the +following command:

+
sat bootprep view-schema | grep '^version:'
+

Example output:

+
version: '1.0.2'
+

The sat bootprep run command validates the schema version specified +in the input file. The command also makes sure that the schema version +of the input file is compatible with the schema version understood by the +current version of sat bootprep. For more information on schema version +validation, refer to the schema_version property description in the bootprep +input file schema. For more information on viewing the bootprep input file +schema in either raw form or user-friendly HTML form, see View SAT Bootprep +Schema.

+

The default HPC CSM Software Recipe bootprep input files provided by the +hpc-csm-software-recipe release distribution already contain the correct +schema version.

+

Define CFS Configurations

+

The CFS configurations are defined under a configurations key. Under this +key, list one or more configurations to create. For each +configuration, give a name in addition to the list of layers that +comprise the configuration.

+

Each layer can be defined by a product name and optionally a version number, +commit hash, or branch in the product’s configuration repository. If this +method is used, the layer is created in CFS by looking up relevant configuration +information (including the configuration repository and commit information) from +the cray-product-catalog Kubernetes ConfigMap as necessary. A version may be +supplied. However, if it is absent, the version is assumed to be the latest +version found in the cray-product-catalog.

+

Alternatively, a configuration layer can be defined by explicitly referencing +the desired configuration repository. Specify the intended version +of the Ansible playbooks by providing a branch name or commit hash with branch +or commit.

+

The following example shows a CFS configuration with two layers. The first +layer is defined in terms of a product name and version, and the second layer +is defined in terms of a Git clone URL and branch:

+
---
+configurations:
+- name: example-configuration
+  layers:
+  - name: example-product
+    playbook: example.yml
+    product:
+      name: example
+      version: 1.2.3
+  - name: another-example-product
+    playbook: another-example.yml
+    git:
+      url: "https://vcs.local/vcs/another-example-config-management.git"
+      branch: main
+

When sat bootprep is run against an input file, a CFS configuration is created +corresponding to each configuration in the configurations section. For +example, the configuration created from an input file with the layers listed +above might look something like the following:

+
{
+    "lastUpdated": "2022-02-07T21:47:49Z",
+    "layers": [
+        {
+            "cloneUrl": "https://vcs.local/vcs/example-config-management.git",
+            "commit": "<commit hash>",
+            "name": "example product",
+            "playbook": "example.yml"
+        },
+        {
+            "cloneUrl": "https://vcs.local/vcs/another-example-config-management.git",
+            "commit": "<commit hash>",
+            "name": "another example product",
+            "playbook": "another-example.yml"
+        }
+    ],
+    "name": "example-configuration"
+}
+

Define IMS Images

+

The IMS images are defined under an images key. Under the images key, the +user may define one or more images to be created in a list. Each element of the +list defines a separate IMS image to be built and/or configured. Images must +contain a name key and a base key.

+

The name key defines the name of the resulting IMS image. The base key +defines the base image to be configured or the base recipe to be built and +optionally configured. One of the following keys must be present under the +base key:

+
    +
  • Use an ims key to specify an existing image or recipe in IMS.
    • +
  • Use a product key to specify an image or recipe provided by a particular +version of a product. If a product provides more than one image or recipe, +specify a filter to select one. For more information, see +Filter Base Images or Recipes from a Product.
    • +
  • Use an image_ref key to specify another image from the input file +using its ref_name.
    • +
+

Images may also contain the following keys:

+
    +
  • Use a configuration key to specify a CFS configuration with which to +customize the built image. If a configuration is specified, then configuration +groups must also be specified using the configuration_group_names key.
    • +
  • Use a ref_name key to specify a unique name that can refer to this image +within the input file in other images or in session templates. The ref_name +key allows references to images from the input file that have dynamically +generated names as described in +Dynamic Variable Substitutions.
    • +
  • Use a description key to describe the image in the bootprep input file. +Note that this key is not currently used.
    • +
+

Use Base Images or Recipes from IMS

+

Here is an example of an image using an existing IMS recipe as its base. This +example builds an IMS image from that recipe. It then configures it with +a CFS configuration named example-compute-config. The example-compute-config +CFS configuration can be defined under the configurations key in the same +input file, or it can be an existing CFS configuration. Running sat bootprep +against this input file results in an image named example-compute-image.

+
images:
+- name: example-compute-image
+  description: >
+    An example compute node image built from an existing IMS recipe.    
+  base:
+    ims:
+      name: example-compute-image-recipe
+      type: recipe
+  configuration: example-compute-config
+  configuration_group_names:
+  - Compute
+

Use Base Images or Recipes from a Product

+

Here is an example showing the definition of two images. The first image is +built from a recipe provided by the uss product. The second image uses the +first image as a base and configures it with a configuration named +example-compute-config. The value of the first image’s ref_name key is used +in the second image’s base.image_ref key to specify it as a dependency. +Running sat bootprep against this input file results in two images, the +first named example-uss-image and the second named example-compute-image.

+
images:
+- name: example-uss-image
+  ref_name: example-uss-image
+  description: >
+    An example image built from the recipe provided by the USS product.    
+  base:
+    product:
+      name: uss
+      version: 1.0.0
+      type: recipe
+- name: example-compute-image
+  description: >
+    An example image that is configured from an image built from the recipe provided
+    by the USS product.    
+  base:
+    image_ref: example-uss-image
+  configuration: example-compute-config
+  configuration_group_names:
+  - Compute
+

This example assumes that the given version of the uss product provides +only a single IMS recipe. If more than one recipe is provided by the +given version of the uss product, use a filter as described in +Filter Base Images or Recipes from a Product.

+

Filter Base Images or Recipes from a Product

+

A product may provide more than one image or recipe. If this happens, +filter the product’s images or recipes whenever a base image or recipe from +that product is used. Beneath the base.product value within an image, +specify a filter key to create a filter using the following criteria:

+
    +
  • Use the prefix key to filter based on a prefix matching the name of the +image or recipe.
    • +
  • Use the wildcard key to filter based on a shell-style wildcard matching the +name of the image or recipe.
    • +
  • Use the arch key to filter based on the target architecture of the image or +recipe in IMS.
    • +
+

When specifying more than one filter key, all filters must match only the +desired image or recipe. An error occurs if either no images or recipes +match the given filters or if more than one image or recipe matches +the given filters.

+

Here is an example of three IMS images built from the Kubernetes image and the +Ceph storage image provided by the csm product. This example uses a prefix +filter to select from the multiple images provided by the CSM product. +The first two IMS images in the example find any image from the specified csm +product version whose name starts with secure-kubernetes. The third image in +the example finds any csm image whose name starts with secure-storage-ceph. +All three images are then configured with a configuration named +example-management-config. Running sat bootprep against this input file +results in three IMS images named worker-example-csm-image, +master-example-csm-image, and storage-example-csm-image.

+
images:
+- name: worker-example-csm-image
+  base:
+    product:
+      name: csm
+      version: 1.4.1
+      type: image
+      filter:
+        prefix: secure-kubernetes
+  configuration: example-management-config
+  configuration_group_names:
+  - Management_Worker
+
+- name: master-example-csm-image
+  base:
+    product:
+      name: csm
+      version: 1.4.1
+      type: image
+      filter:
+        prefix: secure-kubernetes
+  configuration: example-management-config
+  configuration_group_names:
+  - Management_Master
+
+- name: storage-example-csm-image
+  base:
+    product:
+      name: csm
+      version: 1.4.1
+      type: image
+      filter:
+        prefix: secure-storage-ceph
+  configuration: example-management-config
+  configuration_group_names:
+  - Management_Storage
+

Here is an example of two IMS images built from recipes provided by the uss +product. This example uses an architecture filter to select from the multiple +recipes provided by the USS product. The first image will be built from the +x86_64 version of the IMS recipe provided by the specified version of the +uss product. The second image will be built from the aarch64 version of +the IMS recipe provided by the specified version of the uss product.

+
images:
+- name: example-uss-image-x86_64
+  ref_name: example-uss-image-x86_64
+  description: >
+    An example image built from the x86_64 recipe provided by the USS product.    
+  base:
+    product:
+      name: uss
+      version: 1.0.0
+      type: recipe
+      filter:
+        arch: x86_64
+
+- name: example-uss-image-aarch64
+  ref_name: example-uss-image-aarch64
+  description: >
+    An example image built from the aarch64 recipe provided by the USS product.    
+  base:
+    product:
+      name: uss
+      version: 1.0.0
+      type: recipe
+      filter:
+        arch: aarch64
+

Define BOS Session Templates

+

The BOS session templates are defined under the session_templates key. Each +session template must provide values for the name, image, configuration, +and bos_parameters keys. The name key defines the name of the resulting BOS +session template. The image key defines the image to use in the BOS session +template. One of the following keys must be present under the image key:

+
    +
  • Use an ims key to specify an existing image or recipe in IMS.
    • +
  • Use an image_ref key to specify another image from the input file +using its ref_name.
    • +
+

The configuration key defines the CFS configuration specified +in the BOS session template.

+

The bos_parameters key defines parameters that are passed through directly to +the BOS session template. The bos_parameters key should contain a boot_sets +key, and each boot set in the session template should be specified under +boot_sets. Each boot set can contain the following keys, all of +which are optional:

+
    +
  • Use an arch key to specify the architecture of the nodes that should be +targeted by the boot set. Valid values are the same as those used by +Hardware State Manager (HSM).
    • +
  • Use a kernel_parameters key to specify the parameters passed to the kernel +on the command line.
    • +
  • Use a network key to specify the network over which the nodes boot.
    • +
  • Use a node_list key to specify the nodes to add to the boot set.
    • +
  • Use a node_roles_groups key to specify the HSM roles to add to the boot +set.
    • +
  • Use a node_groups key to specify the HSM groups to add to the boot set.
    • +
  • Use a rootfs_provider key to specify the root file system provider.
    • +
  • Use a rootfs_provider_passthrough key to specify the parameters to add to +the rootfs= kernel parameter.
    • +
+

As mentioned above, the parameters under bos_parameters are passed through +directly to BOS. For more information on the properties of a BOS boot set, +refer to BOS Session Templates in the Cray +System Management Documentation.

+

Here is an example of a BOS session template that refers to an existing IMS +image by name and targets nodes with the role Compute and the architecture +X86 in HSM:

+
session_templates:
+- name: example-session-template
+  image:
+    ims:
+      name: example-image
+  configuration: example-configuration
+  bos_parameters:
+    boot_sets:
+      example_boot_set:
+        arch: X86
+        kernel_parameters: ip=dhcp quiet
+        node_roles_groups:
+        - Compute
+        rootfs_provider: cpss3
+        rootfs_provider_passthrough: dvs:api-gw-service-nmn.local:300:nmn0
+

Here is an example of a BOS session template that refers to an image from the +input file by its ref_name and targets nodes with the role Compute and the +architecture ARM in HSM. Note that using the image_ref key requires that +an image defined in the input file specifies example-image as the value of +its ref_name key.

+
session_templates:
+- name: example-session-template
+  image:
+    image_ref: example-image
+  configuration: example-configuration
+  bos_parameters:
+    boot_sets:
+      example_boot_set:
+        arch: ARM
+        kernel_parameters: ip=dhcp quiet
+        node_roles_groups:
+        - Compute
+        rootfs_provider: cpss3
+        rootfs_provider_passthrough: dvs:api-gw-service-nmn.local:300:nmn0
+

HPC CSM Software Recipe Variable Substitutions

+

The sat bootprep command takes any variables provided and substitutes them +into the input file. Variables are sourced from the command line, any variable +files directly provided, and the HPC CSM Software Recipe files used, in that +order. When providing values through a variable file, sat bootprep +substitutes the values with Jinja2 template syntax. The HPC CSM Software Recipe +provides default variables in a product_vars.yaml variable file. This file +defines information about each HPC software product included in the recipe.

+

Variables are primarily substituted into the default HPC CSM Software Recipe +bootprep input files through IUF. However, variable files can also be given to +sat bootprep directly from IUF’s use of the recipe. When using variables +directly with sat bootprep, there are some limitations. For more +information on SAT variable limitations, see SAT and IUF. +For more information on IUF and variable substitutions, see the +IUF section of +the Cray System Management Documentation.

+

Select an HPC CSM Software Recipe Version

+

View a listing of the default HPC CSM Software Recipe variables and +their values by running sat bootprep list-vars. For more information on +options that can be used with the list-vars subcommand, refer to the man page +for the sat bootprep subcommand.

+

By default, the sat bootprep command uses the variables from the latest +installed version of the HPC CSM Software Recipe. Override this with the +--recipe-version command line argument to sat bootprep run.

+

(ncn-m001#) For example, to explicitly select the 22.11.0 version of the HPC CSM Software +Recipe default variables, specify --recipe-version 22.11.0:

+
sat bootprep run --recipe-version 22.11.0 compute-and-uan-bootprep.yaml
+

Values Supporting Jinja2 Template Rendering

+

The entire sat bootprep input file is not rendered by the Jinja2 template +engine. Jinja2 template rendering of the input file is performed individually +for each supported value. The values of the following keys in the bootprep +input file support rendering as a Jinja2 template and thus support variables:

+
    +
  • The name key of each configuration under the configurations key.
    • +
  • The following keys of each layer under the layers key in a +configuration: +
      +
    • name
      • +
    • playbook
      • +
    • git.branch
      • +
    • product.version
      • +
    • product.branch
      • +
    +
    • +
  • The following keys of each image under the images key: +
      +
    • name
      • +
    • base.product.version
      • +
    • base.product.filter.arch
      • +
    • base.product.filter.prefix
      • +
    • base.product.filter.wildcard
      • +
    • configuration
      • +
    +
    • +
  • The following keys of each session template under the +session_templates key: +
      +
    • name
      • +
    • configuration
      • +
    +
    • +
+

You can use Jinja2 built-in filters in values of any of the keys listed above. +In addition, Python string methods can be called on the string variables.

+

Hyphens in HPC CSM Software Recipe Variables

+

Variable names with hyphens are not allowed in Jinja2 expressions because they +are parsed as an arithmetic expression instead of a single variable. To support +product names with hyphens, sat bootprep converts hyphens to underscores in +all top-level keys of the default HPC CSM Software Recipe variables. It also +converts any variables sourced from the command line or any variable files +provided directly. When referring to a variable with hyphens in the bootprep +input file, keep this in mind. For example, to refer to the product version +variable for slingshot-host-software in the bootprep input file, write +"{{slingshot_host_software.version}}".

+

HPC CSM Software Recipe Variable Substitution Example

+

The following example bootprep input file shows how a variable of a USS version +can be used in an input file that creates a CFS configuration for computes. +Only one layer is shown for brevity.

+
---
+configurations:
+- name: "{{default.note}}compute-{{recipe.version}}{{default.suffix}}"
+  layers:
+  - name: uss-compute-{{uss.working_branch}}
+    playbook: cos-compute.yml
+    product:
+      name: uss
+      version: "{{uss.version}}"
+      branch: "{{uss.working_branch}}"
+

Note: When the value of a key in the bootprep input file is a Jinja2 +expression, it must be quoted to pass YAML syntax checking.

+

Jinja2 expressions can also use filters and Python’s built-in string methods to +manipulate the variable values. For example, suppose only the major and minor +components of a USS version are to be used in the branch name for the USS +layer of the CFS configuration. Use the split string method to +achieve this as follows:

+
---
+configurations:
+- name: "{{default.note}}compute-{{recipe.version}}{{default.suffix}}"
+  layers:
+  - name: uss-compute-{{uss.working_branch}}
+    playbook: cos-compute.yml
+    product:
+      name: uss
+      version: "{{uss.version}}"
+      branch: integration-{{uss.version.split('.')[0]}}-{{uss.version.split('.')[1]}}
+

Dynamic Variable Substitutions

+

Additional variables are available besides the default variables provided by +the HPC CSM Software Recipe. (For more information, see HPC CSM Software +Recipe Variable Substitutions.) +These additional variables are dynamic because their values are determined +at run-time based on the context in which they appear. Available dynamic +variables include the following:

+
    +
  • +

    The variable base.name can be used in the name of an image under the +images key. The value of this variable is the name of the IMS image or +recipe used as the base of this image.

    +
    • +
  • +

    The variable image.name can be used in the name of a session template +under the session_templates key. The value of this variable is the name of +the IMS image used in this session template.

    +

    Note: The name of a session template is restricted to 45 characters. Keep +this in mind when using image.name in the name of a session template.

    +
    • +
+

These variables reduce the need to duplicate values throughout the sat bootprep input file and make the following use cases possible:

+
    +
  • Building an image from a recipe provided by a product and using the +name of the recipe in the name of the resulting image
    • +
  • Using the name of the image in the name of a session template when +the image is generated as described in the previous use case
    • +
+

Example Bootprep Input Files

+

This section provides an example bootprep input file. It also gives +instructions for obtaining the default bootprep input files delivered +with a release of the HPC CSM Software Recipe.

+

Example Bootprep Input File

+

The following bootprep input file provides an example of using most of the +features described in previous sections. It is not intended to be a complete +bootprep file for the entire CSM product.

+
---
+configurations:
+- name: "{{default.note}}compute-{{recipe.version}}{{default.suffix}}"
+  layers:
+  - name: uss-compute-{{uss.working_branch}}
+    playbook: cos-compute.yml
+    product:
+      name: uss
+      version: "{{uss.version}}"
+      branch: "{{uss.working_branch}}"
+  - name: cpe-pe_deploy-{{cpe.working_branch}}
+    playbook: pe_deploy.yml
+    product:
+      name: cpe
+      version: "{{cpe.version}}"
+      branch: "{{cpe.working_branch}}"
+
+images:
+- name: "{{default.note}}{{base.name}}{{default.suffix}}"
+  ref_name: base_uss_image
+  base:
+    product:
+      name: uss
+      type: recipe
+      version: "{{uss.version}}"
+
+- name: "compute-{{base.name}}"
+  ref_name: compute_image
+  base:
+    image_ref: base_uss_image
+  configuration: "{{default.note}}compute-{{recipe.version}}{{default.suffix}}"
+  configuration_group_names:
+  - Compute
+
+session_templates:
+- name: "{{default.note}}compute-{{recipe.version}}{{default.suffix}}"
+  image:
+    image_ref: compute_image
+  configuration: "{{default.note}}compute-{{recipe.version}}{{default.suffix}}"
+  bos_parameters:
+    boot_sets:
+      compute:
+        kernel_parameters: ip=dhcp quiet spire_join_token=${SPIRE_JOIN_TOKEN}
+        node_roles_groups:
+        - Compute
+        rootfs_provider_passthrough: "dvs:api-gw-service-nmn.local:300:hsn0,nmn0:0"
+

Access Default Bootprep Input Files

+

Default bootprep input files are delivered by the HPC CSM Software Recipe +product. Access these files by cloning the hpc-csm-software-recipe +repository, as described in the Accessing sat bootprep files process of +the Cray System Management +Documentation.

+

(ncn-m001#) Find the default input files in the bootprep directory of the +cloned repository:

+
ls bootprep/
+

Generate an Example Bootprep Input File

+

The sat bootprep generate-example command was not updated for +recent bootprep schema changes. It is recommended to instead use the +default bootprep input files described in Access Default Bootprep Input +Files. The sat bootprep generate-example command will be updated in a future release of SAT.

+

Summary of SAT Bootprep Results

+

The sat bootprep run command uses information from the bootprep input file to +create CFS configurations, IMS images, and BOS session templates. For easy +reference, the command also includes output summarizing the final creation +results.

+

(ncn-m001#) Here is a sample table output after running sat bootprep run:

+
################################################################################
+CFS configurations
+################################################################################
++------------------+
+| name             |
++------------------+
+| example-config-1 |
+| example-config-2 |
++------------------+
+################################################################################
+IMS images
+################################################################################
++---------------+--------------------------------------+--------------------------------------+----------------+----------------------------+
+| name          | preconfigured_image_id               | final_image_id                       | configuration  | configuration_group_names  |
++---------------+--------------------------------------+--------------------------------------+----------------+----------------------------+
+| example-image | c1bcaf00-109d-470f-b665-e7b37dedb62f | a22fb912-22be-449b-a51b-081af2d7aff6 | example-config | Compute                    |
++---------------+--------------------------------------+--------------------------------------+----------------+----------------------------+
+################################################################################
+BOS session templates
+################################################################################
++------------------+----------------+
+| name             | configuration  |
++------------------+----------------+
+| example-template | example-config |
++------------------+----------------+
+

View SAT Bootprep Schema

+

The contents of the YAML input files used by sat bootprep must conform to a +schema which defines the structure of the data. The schema definition is written +using the JSON Schema format. (Although the format is named “JSON Schema”, the +schema itself is written in YAML as well.) More information, including introductory +materials and a formal specification of the JSON Schema metaschema, can be found +on the JSON Schema website.

+

View the Exact Schema Specification

+

(ncn-m001#) To view the exact schema specification, run sat bootprep view-schema.

+
sat bootprep view-schema
+---
+$schema: "https://json-schema.org/draft/2020-12/schema"
+

Example output:

+
title: Bootprep Input File
+description: >
+  A description of the set of CFS configurations to create, the set of IMS
+  images to create and optionally customize with the defined CFS configurations,
+  and the set of BOS session templates to create that reference the defined
+  images and configurations.
+type: object
+additionalProperties: false
+properties:
+  ...
+

Generate User-Friendly Documentation

+

The raw schema definition can be difficult to understand without experience +working with JSON Schema specifications. For this reason, a feature is included +with sat bootprep that generates user-friendly HTML documentation for the input +file schema. This HTML documentation can be browsed with a web browser.

+
    +
  1. +

    (ncn-m001#) Create a documentation tarball using sat bootprep.

    +
    sat bootprep generate-docs
+

    Example output:

    +
    INFO: Wrote input schema documentation to /root/bootprep-schema-docs.tar.gz
+

    An alternate output directory can be specified with the --output-dir +option. The generated tarball is always named bootprep-schema-docs.tar.gz.

    +
    sat bootprep generate-docs --output-dir /tmp
+

    Example output:

    +
    INFO: Wrote input schema documentation to /tmp/bootprep-schema-docs.tar.gz
+
    2. +
  2. +

    (user@hostname>) From another machine, copy the tarball to a local directory.

    +
    scp root@ncn-m001:bootprep-schema-docs.tar.gz .
+
    3. +
  3. +

    (user@hostname>) Extract the contents of the tarball and open the contained index.html.

    +
    tar xzvf bootprep-schema-docs.tar.gz
+

    Example output:

    +
    x bootprep-schema-docs/
+x bootprep-schema-docs/index.html
+x bootprep-schema-docs/schema_doc.css
+x bootprep-schema-docs/schema_doc.min.js
+another-machine$ open bootprep-schema-docs/index.html
+
    4. +
+ + +
+ +
+ + +
+ + +
+ + + +
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + diff --git a/fonts/Inconsolata.eot b/fonts/Inconsolata.eot new file mode 100644 index 0000000000000000000000000000000000000000..0a705d653f6695115dbb13f56684ef17ea071502 GIT binary patch literal 35620 zcmZ^KV{j!-^yPam_KTf~ZQHhO+fF7E+xEn^ZJU#1V%tt8GyALm?$&^$_>Tbri9i4V79g+81ONou{m1|BK>t6)!%ETo z|7!m)VgY0TjsP=&(|_ppAKC*<0Pg=S000@F3a|iJ0X+UkbNx@j18DxIxc=v}`5!+q zfCaz^VEzx;{@eZkp9BDis!1vTzdQdog8+==0_Z6L3?%@<8?@Q;=-DMyji2K14Cn7Q z?$%kxC5*B8Qu2}t@qp3zGs6!C#P?Qm?lOjyBUSRGOgxdM)cCT_6Ub88*AlZVUkPgX z-Lw%*g4~c0ey9@X#e)Qs$jt)yTWcC{%75k+K_=NlSp@`- z1Hm~n{PH!4(%7T2zTs%41@vfMK(dxEQOeBu_mZ$RrK}gaI%o$GPo`BV4ta+*=z~#R zDgKD(CLK|rt`r?G!{zr8i*I+6s)imB8ExbT9z}?{oxs09=HBldU;6Iw6aG=AW+8ph zy@{&?j6*WfuS}+bUk79r@q37U>d&tkJpILPRJM%)$8}+6dw#iuG+^4+6=f)*x@Je$ zlCXExlte;cWbLwmSe)ABy#DtH0Z!EAINHjI-l#@5&4-{F&%@g@Jteiyb1b&l->6^j z{liOjm$eFUVXTRmY(Hf^yksbU%?cJHT7SAhW?ErkQkx7+cmDe=f(1H~)Z3b!R&(JV z#SN=@*?6@V{OY}-CBgP`yN2G#AAI6hzzLjx!^fRN*RTr0r)2F+< zRXuwAm8s>%B)%@dnrfe)>4cpzu@x0cr19IJ`f=$EjcNBU6&=zA>Gx>gdUDMN)-VVP z3aEJL3JhnuLE=iT1d^4oQBSuDfNw>H-OrTcGFNYXOOKII0Ustw30fwVV&U=Ld>SB( zTz-6Iw2~H+Zo)yJMpsH{7j^t(lb5!!T@+qW@;>jRM@?J-|MOB z`IHZb))~U`Cml8XrF}wcTI}3$6O!v2&pb7h5Rn?hsX%h#l5zpQ!e0m|&85wBpz!^N z?o}(s8{MPY4OrQH|MRuqy~QRR~LwTW;4J5O?FI(FvK;l-cU-VZll+k zY?{tN8@sGFl8fH>Jr3n+_BJVA=`usYO7Sb_ED2AXllfzM@LscZq@5=xYxu5TLB_)h z)}$aC2Kc)Ds1)8>3@tP+`^WT+)R!$Go(5%1f3Cx0Z8c*)K&40OnY^U+FLtmB=$=Id ziLLQd0`u#%qBE0$aTQUWEq;bP>rvF^4o$+}K~zL{#*nO!^``T;r+(rd74I;V!6!YQ zK+KvqOpKxLIFaZAM5aB(5JyIkM+~r~xgnjk5f2aOi2Pzs;g-t1Mkkwk7HG2~nk)KO72*Uh{=v%xUuWH?T)BXQiBD- zz-ef{Is(O=k=jQzYB{P2R#PBaW64-p1b<1ut!5&|j%xvj)n86eAQC~!nPK<+!BvMCd1=J~dgQ@+g!Ld5F*%4B-+Kw> z#25#%GM2Z>^aNCcb7k#RPVGChWY~I3B#??#j?M@!B`Q}aw{RJE?o%-%kGum*lcDv< zeshR1>}P|EMNgyEHEk>rrw+cwV*YiK=C7m4Rq~B`P4@M392dd zil(LW#o$RolNK2;XngHZQkTba<3?F|vjJ6RhRZPmsa(?Z3YdPg-S)~fia{*a^}W+h zGQ4XT^jKLJ^A6bzc@Kof1@w?*DSyR^z@jQn7-%iMld&P0;|Lp15EW9YoNZe;>1D*e z*x;t6I~J7QGEbby;-Yh9q`*j|g@d_6PgU^p&;yD9c zMNdfhgWurm#r_4R4PUtEjhudOo)9i)R>6Jsy5%nDWeybE6u?m^8@o8GxOd7kiFr7W z)SXd>F$#>VVbnOzxb}Y+3#E{BJufj9haZE6VPD0=>qM{D^@JuYt0SO)pL2twBSZ{r zfLcDDS#GSCPdRAG?SLn!Ks2t@T{J%-EO&PzcU3QQy_5(AmNPjDD&t&Xp!3o5Y~BG& z_Q^_iMG}0jE0{&Rqo6lw*2QLc=3NjjH=7MkJ^mfe<}*~6cFtK@h72s^w?Mk~%4ow_ z_8o}D!xoZ73?hhlQpKB#&`6wTvWfmv^p-jX!E&yHLxm^{*>70LQdCnw=;`)!2$w^! zEY;tt+174KBr+QJ+@CK1b1{_YOxNf)V@83O^>BiZ?Z=N;+?q)w32bl5 z8YK`qR%&~!&UnlMV1;IbYAg#F)5|5PuVg^y%@kR5G7&;Td%zh-b4Cx{0Dp5z4e?;r z$W9@aob_;zps6l&#&3;VUm1xk+fGUK;+zA<7<#dIDV1(RnxVBKJrbK@qYnne$&mMV z>J{Ke-k?CyN5kZ4Q9b1?o%WuH{`$f8ukL0E<)@z8$>3oPhLvvBQ0e-F)YKd_H-m|n zIJ%T4XL5Q%LX27yDLU_!M8Q_1Ni9O|2Xps+NtL;hoB`q0%$U<&n0e?2m8qr6ef(zp z#?WN&dV|9YlPLhGE&v={8<=U9J7DJFs>g+#`tj|@io`I{fNhO%tgIZ?n`2WYhOws9z96<5$8$(Nw;~^g|G&Lg&^$2jlJBWniU@KNPRQO@dofL8+?;LF< z{F0M%&l2Hey>*K^)3C=PRmWj1Sk-msuTLZU6c*o+QI1U9FQ-GmGv5;RE{_j_S5*iZ zAemZ(P#=Ze~^Pk0$Gxvn*FDJ|4C;`9K zfLp2?&f;J~aa^Cv-NpIwa|Feyf$2Sky}2`*388;~003H4fbx||AxTYnY!sQ(@W4ej zbW0i7i>_1p1yJofGcaq5NdK|A^dQK^OL*o1!#Qr=jZSPoV$5d6StrO(mubz&$81y0_{oy`FO^y*k_L~3QCeWh+GTRz$$#iB3 zS0%UgpdyC+BD%CHw0t+ZIVeXt5`4t7k|_Hb$3LFW&Sw;*Its6Rt;i1_%o9Ti(^A|6aM7 znzrX`Lj2%Y3@a2(r;{?BtTV%@$a*wAQp)@ir&V(d&~;tG zpFPBhP_r)=``&2Ai;z)0Jv~HJ<>K7!EDwYYrwt^7<_gR*0r@3J8RIC0bmv!cicL}! zdd_>sD!LTeV)YWZ;u+MiKZPHow~2ZVTVWwaFTT5+Bp862gPD#znPJa|rm zFN?WnZ(Mh2M-pSyg{oIUKlbvWW0MHO==2v@8<>r}>Vj<|X_vMPiZN~)2m+dzv5f#( zoOsH@Q9<7q2ZHlO`*EZ)OXn}^3RSJqjxaJy>I^R#0IL3JdK!Y?>#ylWtew>zwz=Bs z?!ETslT#<}=xWNHFG^=fBO9S;PDZ@KS_+vL-~Vc7ZzLrTnii!+?z5MEihR~08`n`m z}F&{j%c%0t{|qg z7_##K$Dcrycn}GOp0ZUC=i89u1_T4q$5T|A)CPlMROyE@E&Jajaxy<9) zKh}q>yp;swx}SW5mzM`o@N)P0jj|E1j+)O$0$3H+nSXk#%*bX#U5=q2OO+4H?2J2r z6&y*TNh9~|V!sxYeMnl^X$AvL9eb~5Ysn`~uM$iHy?t2uPJ6=XLr|lug0e@Zj7?}{ zTGn9d`t==-Xxhnn*#fm+lj?}XjG_UoLwc}S-omXo;Fdrhgypt}oL&yVvL#tj9IFrBNW;sB#o#O$E z7C~$=ceVc1eZ{>;CFpFqZQ0x}<=pB@D`#^BX+1R64@nM0s^zR2)pi+@ z4@V&gcOPo87HFvE9VnaOXpO3!`lNIWiK!QWbIDRMb?~^8;d^xAd7Jwl{KZ!Wl|pxy zTx*HX+{XyROj>ZAQx|<*gfxl1=PI0m9j7Z@XPL3X%_Aew563r6r1ONf|IGr@4AG+L;l8xbxG@zWsju#EtaY5^(ICHO*^ zt{*{%Y8c^{7MJ0$8`RJIYS6{=ld7EKzj@;%Lh241I7T1oH%gZ$uiD}jLirmF(LvFG z!+IJJ@guzjbdqEnNz1xnby6Mb<_4sNvtTwaG*tUD{)BI_yBmfgaY4o+oz>N$CYr}a z#44B^P*slY&DL~gm)G0TNTR8KOsI_^o6YH=8aP+KH8h=kaE=_=k}2L(3!;cq7mKK} z6qAWZI$|nOWHXCkwg8b7j_O#fFL35sqn_Z(HY@KN)qNPdXULUI_fF&HqYiYs2S4>iiPE29zrbQ z2z=RV3WPO+X4^#=qoJa7X@p*6L9UGC*gKYOCl9aoQR}+Dqp{)NTFsJ0U z>$&aT`bkbH){Vt7$dt{;y9Rl)I2uMvCLlmOp+cx}CRyA<$>Pb0OnoF;m3^l=@LF{m(saN`KEqada+vI6yn z*JpxiYU|R>;LE|bmlha=_SyUeKLN^M=_(Fd8scaB3)xc}@Q=58#Ml>E2Y?O17QJtb}J2o0Q5&%j&VKGktA*A(`?i_!#K%rx=-Y60|*a}(e3nott4QveJ{{eop z*}FOF6+LXqmbW%YgMKn>9;;PPmG9(J>CX zE(|;TbJWr#9fLV0%t4j^jnHoZzL|y*5jJY=_LS9aXX|L}0WGl~Xm$&Rk%2Pz^IHvb zGHXvIY}=&{A;Roe?UW67SU-6=Go0Ls)mB!GJ1^BMBb-3x%%`P)2o*7vjy8VkIE_BAZW9r<2NE~7hB>nD+o#MAenorZuieWp}WrwWtpBt(9zaadi}K?Nl#lWAr9 zNd?n{20J1G+J(8xIrq=%VfnKvfFb7Bj-_ecOSY?1Ga`HRl6p8?u=SdoAI}-l%R(d$ zPdzoFGh*%^USb&aI4yzLckxe_+vQ>j{D{VnD<~n`t^|cnPfJFUgG+|=^I0*1BrDii zXrTm^zJMYBr=y4!JZW31pxwf-CX7TbXuX7=LsZ2?%FJ-aX0^J2TunG+Kq|V_2{n0J z!WY^1LRV!(k%pJuC%L&J+GvzRJL2o@eJcTC4XCQYXESC4`WE*a*-~&Bx4Sjkz ze4UIt0?(LMeSgyunUp`K9ay{j$_~8IZ&WEEL$40T$1JYGE()XfdI~J?3T32uk z-&te#8DF06-z$k^?jiKxkVeq{9i)tBPWKI>8O<%0$<^?}JjJ9nPWYTnRJ@{abztJl zqHc8BJ{69&Ch+58P{n1FALf&WG#L*K5or)35&?VK=2{R;Q~`b*)+~Dc%d@`1arzys z@+=y218NadE`5ZW_U%Urk&UTg@JH(IL$%5upSDl!6c1Kol}WR0`UxAvErK@HN`P#LXdo_q?1x! z*)HkhNbVKmZZmYv*Fh~8&lJ0+_lsXl762YrU*Z;zG9q2V;d;tE_Nlz{19m#1k>q4 zN{4P$JFznsR#<AO0SkZodQ9m0(`cpc3M8Dj6^_R_~p#1VDir-K1dT5W4+7ZGHMwo z>hNo*8s+=mYSI1BE{#~QzQOp0B4e_4&=`Vk&Rt#g7)&xCJv6v@% z%;(>Eg7o{m!=#9oNeD-fwMHm}u0MCx>F`X2=Y~ zvJ_!&KWmqpdwLmjIVbmae96yy_ORg9pXpf-9IuRvUI-|3_@g6to2bUZ+5LK>I$oD= zY2d?8KsE0BUY9csT{V^b0m&M z><)RD91{CUR4LIXLpI3X1EgsIQqif#-_%FlK+d)IEUUi_I z9`BB6bGyDJ<|ow0k%jXwxzH}e*321?uv`QN|wZY}Zk)hixBpaakOGl3AwPbb0j-Oq0ecA-5YvbMXL4L@4$>d{~`M|h;S z+N@4-1SluxY4Yl|&)I(>P!~4olDb_R@0io2+UI-z@xlR^n*Yw)XmR6PgYCj5AT4um z-xP4e5-vWTF*+VaD{V&b{6;1DE6S^D5o$yThRXsu^ni<)3*Nbb&Q*u6!fP_IJxrL>KkklBrptqSm(c@FxGV^dKWx}0`1dei z(T+WS*@jLtBuCJxF6PweCUO|f7L8csUr9@bim?!%T_X-dM-k?I5Zm3DOrA#NA6N&bT6uukiOa+u~B)#mtn@bP;GqVKIE_5Nq~ zYjE@DyLYm}_agU52HZkXOJg0O=56t!gpwZQamcZ~1%LXr+UBTMoOP5Vzy=A7Q(KNO z1M6Xo?YhGk4hM0N7GHv4**L_cd$h%puWGExPUj}P+dx>e<#a3k@HbNvK~|L)R$a63 zNs1+?0Mo;%a%YkvqiAkpJHq1G*X4`je0isnIRmqgoX@B1E%od8yixEENY_@0y%4TAN9PNuaS$b}ciHD?5mWHXz8U#Xi zN=*V~gswMAK@#^?r>fs`YTF0aGe5W%nW?<6uJ-0nn1Kab;W@a2OX@x}bD}laf6a*P zgQ-b+rMtLaGq`xwH^H*{M(KDTh$yYRgs2Pn^%PW<8LVepO9o<0u~XHvj!zSTIfag`yD|98t`Fs zpx;q1wKo}#K_2Q^=~ag$sezP5OjQF(g+?_>d!!T3aEf3u=h0Q%f!n z6z>L3!dCUkU(8=qZbG*&4$D_7za1YnUDlqCN!`L>+ZtnkHC_6z?H|3{9NCdxrd(@# zn-6rOG!?Bk*Bvcb5vmmD z#TS;J0TY)^G|x6cjnQV*(dLh703H;qyJwO<1$ctmz^Q3mdH&7n!o5nFmt1x2iRN;~ z=NvYkxN|&FuyH)liFj__>rkv*`Z16`Q9s~XPn4FQWs)lxF3FpM!V#VhAmuq3UpM`C zDrp&}XtY>oa0dfJ4!ob;rZzRLPRIP07gk0>>zi-kC?lDvNhA1fRf5 zIrk>y(x8vIWiDl{`};)GCB=G~&{$Jh{JqP(lHyK*lQJZ28vn3ZNdXD}F`oF5#?|ggRt6}7l%j9g--R@@C}Z?8Ae2XJt5Imv(p9_6_qxf_Jstl zuB+t6nYoddUrpKpYgvwyv`~VM)F%8VkWiEq%8d(M4GDf6$|gxWO}J~}LeY34(R>VX z0kh^it}+^4eP*}#RCPTPksskeu|$&;Mz-Vx(>zHsEWH3~BdwlwU!oWfAN908vHV0! zA#a0PWs4TmRA^V!!35`J^5D2(0|B?VWiA_zI-w}w#&ai}V~6tVI&iER1$A7B9{1O} z8^MYs&*`<}R2mde$xa32&ZrlbO~&$`L=RLQbrJBL2)hza*8$t(IWv#KOodq!xOxDt$MFpnhRF24J-@Rw()hZHKH zE?g$V9m<&FUL0I)DZD(w5r#0)91W4_LzI>|a?S?F2bToIC9yD~+cBB58}`@xZJSga z9(`(T-RSkjH*tsRbd~S&W+Y{OY)fq^KI4ZpUbPXp_irG% z_uN8-P!Xw&A`tTYxYDmJ+5rZN(DHg|cEl`m*7PN)Ps(Wfqo8{zHA(v(PQ zV0_Q2FebbMNtomt&`R#z8Ql1N2_*$W=qtTPu;Vs7@BE{o5aCQ$q<3IKIKhrah87xK z$(q}M^@!S~{a>akEJR)?-RkocQzbKJU$zECXyr|xn6UVr>7(K12%__3-m*r)f_HY4*z+)1_w zZ9!%9Nw)W4Gqj)^2pyo#MoO}e{xkc~KD2S1m7Xhdg-b=&j5|S9FpirlQ7va=@`B8OCWTGoyogsAK7hrB z)_0LI=GVnKkWHrtMJuPZLVfV<4qGlH$dVgj9>_cdr@cn0OR&vyP@z>x=SK zwZ6ddTsQNdQqBWxl=<$5>!Bcp-q1Kwo+clDHG;jdMc`3yGA*C?dRN7iLxA>X4Tm>| zvGzb_Sm|z@S6b<>cir;jCeKx?_vOGr?V*k;qY6ijxuQU{&PsT#728-f2uz`uD4ERkC$Nl(7!AJl9E=W5i~SBimA11m`emYF1Sh6 z+wDmWg8D`@e3hv%xE)hVbwyFJBwjSz-%V=4q+k=vJzGd&h&q%2ho_dSHRaf%f@cdE zOr#F2P*48btF0OenG-Y3>*o655(=B2azYjK`h*H=4KcDs=C?{z#g6KHCTyVwlhoW^8S1MksHiuY?H*$)%V4@MbtWXO=9 zr9y%V4ttaq4#kZi{a^0zq8O!}OAZw^a#)U9u$nGBhuiIjRMRnoK&6_%f?0wT_mFQ*$mPUR6dixh@XvrDT@%Ix$crV<_j5<) zTIg6(9}wLE>WVBbnS+0ttmA0FLzXeQ(7{%k6Ff^IS*qBQ-5mSXaV9{?Y`%VjFjj#* z6reW|!_;vDVaF^Ex59Mpzuja7lv9zr8pM5xrg+WBEK>;yf0y6;h0M$7*l1RBiwQ^q zC3s(V|1KP0E+zgF|1pH;n0JbO&!ZV#UO^(K6_Ea=Y~kGFHApOJt&eF1*d^b&Q4%Lw zN8;Pd-PfSh7ZUrsN^|>C~nP#@)+!NvV`wNCJ53TUXCF%?BRD=#j+zgo+ zx1t+Dy!)G}Jv#MktiPk|aHr1U!F5FzRaA4~WXSl@K0b-Vc({@cfhpA_(bY2F3MS?GPc> zD0*CuIlRz%0Z$Mi_qc?ybVrbL`0o}kZ00(2cVK6#8kJe-mk64P@J~0eXbTQCYp;Fv zZ;YPTq}Z&YXo=c*(vEF*BHJI?Ar*H&LrrYIVOUWYhT6`tJyp{NnfsB3mI;qTOi!Ug z5#Xn=>Vd=`n%1v?cBpu|-jieQjd*@%%h?7H80@N-EO2=#ju^XtNZIp7kN$iAwNet5 zN9=3;_=~gUpQ5O@xh$*=h$(fVR{cT}qq}?-bHt9}3K@yXNW#?3B?2j0d4ygS2>D(} zTjj}Z@AoD?chH|D;JeWkA_bFP%#~O=UD%8$)IX<&>7K{P@Y$z&&Qz5kqt zT@GEQbRR+8#1qX4PqYhn{WLu743T!l_avv?Ddqh(0Iuyd8xm@Mj@DNeB(LXjE?hcL zVCN#h;|`7`^$p$*SVz8Qu}XGY=qkr4-VCF8hM{@#F0L{oUVL62`im~aB}PJ*u(I(W zfz@>u%O|$BP}-qv2S-gjkAFAZ;hFQ+E@<%QiQXC&i82rdu2u3h15z%@)kLSI_GB?g?77>UqZ6$ufKG>s|X}O&7FFNAib3Q`}Pp;pqpgh0yCcR@rZm+KDL`VR> z-%j9tQYD#OvOB?n@waP1WHef1I!q6;eQNZ=F9NzRnd(feKhGQ?v!ob%suDbG@_A$Dqihp2DY%wG8V>NQiv$RJ&1{&HIdn^DFv6kb$un(exQ~X~-M!Lfk`DE?Vb)GX-Gnh2>1S!!o?PAB%-nDgCK2fOD z)ZLL}EM4;k<>}n+qMfXTu4bl1(Lq)KM5u(L|6$${7O2k5gq0RL05kBQW{%Q61e`A= zh$s7gK`IvMc<^7b2TK^Daeq%jQ|luEb`Fez3}{#rn&1Ns84er-@|~;|^4Q|KtocLn zBQ_7D@9DR!B5&*aihX+c%z@LHAdWitx2Efs@w(+>lGOYYNyyRHS>@=gn-3t17&eGHqrd5WlpWOu&d(NhD_x;xZ-uf5s4F5ML@KT`D_sfqU z!9%>4dn+{~wj9G>%-nc`16wbF)d@AfYZc+eU@()0LPyzF0+~1`RD`5URRH917LaEL z(rLIK`N3f+YRDvRh`=zavZPpPbu$n6?cD94vfntIh8N-`865wdDx;6N{Gfv)XLLkaoAJAAK@t0N{U>Nw z!~NqZ3SKeW#QKJ)lSX$QR3ImA)&!>&2lq=SrwIy9)g+>N>E~XMOo5C7CV_ADSdcbZ z$g>7?QDmP@cJ^W^J0QCcjNLn#Nl;0|d0?T~nwd0c82;qebjF+PbrmD%D@UI_TS5_m zi6sW>D_C=B3@Wqdd;wA;V7kwzVQ7BzmB?L1k78)w=0iB*;Tf(wvYTdOHW&r^h-AdL zJz>B*mL7sMy=FFALT5X)rcv%6E2DJuNfbf>sy4g}8Ff1S_FLF!Bq>(G0 zq;?D`@h`n9YbZ1Yki>vuOtM(%LDa!$(+S>;>tP@mVzcOn`&T`wVASJ*>oqjdSub(J zxJ9;mj{^`+V;O=7G4ny(WL&IdYQ$Rk2|a&S*_E!PP3kk|z~FmxHT6~{b#IIq!wO9S zv=}|Tw1}%cCF)Y$u_gQs=7=Q%ZkqMKpV&luj6vCN7kPh$38T4@0{1N%BXFlR@+3?fcu5i^;vXlEXZR}{a$y_{8V@f;oCc?0GT3OK-1 z&tDC4wTEqc6|&WsMl|eJB=#bZA#+cvBz5j?A#7H5ET-@c|8)i6XfmVX*D%ZN7ty%? zn2*jtTfZqmH_2s2>MYC&RwJL5wBOI1N#=B52_tuCGG!A{*%Dp|%>O%>CcZb{5T2#) z11qvV>I`%b^`ko$$`H)D+I891NJ}3qsUE_dUkZZKB628&52?8~SDOC%F?1(E>`Zep z)6XY`gR~B|@@gAH+=T{ZnFC5dcq2=!X_&C{?(4mnwh=oz*+In!qJn#oogX{2*jk3o zGhhQpnvo4Eg;6nwC6xNG-u>mWOgdKYKvKYqxO#wBz)v8c%#jJh_$wji`=Eh zs~6mjO=y_qYV??i%0f1k?}@Op4~Uz|z-IE^2j_C*U2)v6r(u{aK(8z(uV=zP=bESu zRI;f^H)R+hRlz2$-nRu|Xc}kkv#?W7xkiQym;V76y2&%~xR@m=rUiMmd+~p-=!K+} zApadxfJF;QM<_vsj--zycB9RXwL=I&4_^-rQ5;u-zMA`v+C0d)^YnIWoa%!;T@BR*(ew|TQPH(Y7` z7we8$+R7S}-mNdZKSr@|lk0O&S37^)Jxi#PY+h?AEs45{I0D9vDiYRx-!4 z{P0ABa%ia|=(%$G16`SC1%`C5fGMpvdri;~2Xz%lHwrDLBZad;*bv*UuNBdP8kK`h zK_2a2<-gC0DvsOFaGRW6KCH;ckU!I2GP|7K{nSi$psub+BzFqM28JvrR<9&xa3s%3NqtE|C7k zD9n@=KmlR`YhaM<)9B^@qX&uHEB1t@*(@!z2i~F(q+x&E6^SwgFZ)Cq)D(0S3nN&-X_Kjtd2ll962Kj1` zkU6c9nmX?nasnuL77n5#-^tK%%ZzhXz%_87(^JL^?O~|)x~}wxL3;EDkvuT@#c;w@ zlQtGM1AxS|Qp7zKzoATHnfXlXsr3#gl5ss;fe?}IuZXwK4Nc|Am}iiU2->xCf{P3s?F zHn=;VZ-Np<)i@c@2kwgY)1Uj(fngEwC6LB2S{$EGMI`Y1oqNqvAY$4s=5J`LmPm{p zM#0w($S3+%b0jQ`?Ismc1wy#ai7O)CbW<`!7{Xq}Cl60oi3}{`D&V$wp_YmK84SFr z&m$Z(0s<4B+Ysz}pt>k6EOkfHlt^rpAC9BRH$*s~BxfUtioKVt!|%8^Z6kchv1V^4 z;j4GArTWF7<|cyl=Lhv?n=Vcq;RYfqxG{t#8%Ex#p3Ef$x#6DR-tf8c*Wt-Xq*=X|O` zxB@tUU~Jk~RucTLz-DN`nl3MkAoE?>n!OUwMqBi2-31n()C@WZZas}5U*@*T3`5>B z6oym62$7jY&E|kk&no>8nt$PRROxk;1qtnsB=$tp z+P_6%X$E*QNNcJGbc|%?pitw*0AeT8xM{eum@KoYZy5y}o7BIja}l50sXU$MrPk}w zKD7ktQ7Ap!fL`QN0F(i3DaWo(p0vf)ZHkZ4k z;AB2&1O)=>gKThZ4?rnDX+OOBN>7cRfBaBm1&?RA1~VLlQ!cY*h2Ak zz!XWPC2k0$o%Kl#fE2Y>(j*z;4q9NzLj-*$oEH0mIBH#Kg0>B zL_iYWZ3%24$NF?HhapI5vFSVe6qJPwj_N`c5m2h=atzgk9HC`z4WZM~#QthRBf!qK ze#3(jb(K%c^tiSHb&CcCAFq@XqeMH~p{l_axFc5J{b1P{(w{0i9HEML1JDs^h>LQ< zn$s@&4qg94)-xSoZs#>qqVq2?qzl+*7^@hqH7Y!XB!%-j6Gs@uyu$lm04qS$zW~si z%i#;BRUpptOGI;lrOBoN#K2VJAu0AYj^^8C#kV5Xb++->dSas2GLbV1jub|PcR=MU zpfv0<>5rl5nz81J2%4oOzW5N@y6q?y3g}QRL~XRUMPoHjcxf~E*+dO=4n>EoorZVG zHhRDNhX~8I&=seL!6@S>tP7lAHi#NCNFmn(;q;^rXB=9P{6-|j)Bkg?Jk;c zj&06#@r?NP+FG{{ULip4Z3$c~0&`-jThG+ZZ;HJjTRj$p9s$FAn3kW1Z?)7ygB86Rign0uTe3Y))YD8#!(WDD=U^ZfZpTG|d5stn=hd zL5&2wGBO$$9Poyc%h`P`Q!r7IHrgzVSlY%s(>PK2EiXZlBvb|Fp&p_l)H*eDMQchK z0yChM_|E{qp1t${fR2rf@-7UBdqFpcC%;OXwJ~Vwcj$@rFh(`=<|Md-09S>FuSw)K zW|Oj{yZ3SeZ>j&GeP`qxGJ51?IKe9KW@Pa^@E1|yJPg_?AQBp|qFj|Fk$^%d*#yQ` zP+_cDv0G3OL6g=zab6Vrfj-XxaQSBv*i3>;4NbH)jJy}<{BhpQ^JSvo0e!b9h71}Y ze3N2 zT6J&`)U`(0wJcTY6I{9*0B&y&KYc-);(uE@>7geBnwrXMg&{2kUCB9F*mD8sh^};~#3azl?KWnP zEUFfm0)D__Bt$9_3IR~kQDRw&5->u_##t3gc$V9siKEboP6SVwoe~hN812xX3<5M; zLm4C2EKBZG4nj0bA4+;u)r3QJBDg(E$ZJGNu|_`&K@hB>tC)+Qx%s$a^#j}6tJ{L0 z*FZ2{m|SzV(W*!w2;@I2C$4dFOtF3_P+1Nrb}&_yItC<-K{DGBt#!kYLtIirW7k(5 zdA#YACS8h`+u%&ivfQotIp&n@v6}JfZ)$IAmKx{XUKg|yK}`4q97Cr0Zj_o}sM?g& zO(7@rG73h^OY@!XLH=zsJ) zFcUs?BQRbQgcz7ZEKRA2?7nGDWjd0WQ7mL5USJs%*DT`C2MpxlabOl@wzDCGxMhcgzl zs-T~@Bl8r+x1KcF(lKLxW)UO--G?s!h=d>2YO-w3o<^p#gaiMbFI3n5^-{pI{io(h zP%l8E#R@;2q!fyXFhO&7ln+(hk8i>qfR=r5*mxFl7l|e zHwJ8vp+FH36aaV1LXdG8mZ*u89zZe_R!Q6HuF(-J@MG|U2T-GhmLmxO_daM?01=LO z0k|Ou!Z>BsJIJfCwezS~D-=fd!%1idI(z83@Pta!P}#X5z@@K~Qjw7GQ>=0<>yn=&0x`;DG^gTTF*zAcR_PeVl~(c zSX^L*i?$3=7|zifmA;Zs;|Lsw*WhJcOim?@F!!DkYR;wp(X@~Nvkf9k>ngIeA^&Q# zF~SOxB07$`{%0{$SPX5F)fn`f3uTCs5fw<3Bt(fb)Mz-^N|HnjM@52HuXXw)a)XLA zXAT*Wyp3;`16%3HuHpzV@Z6_!t4|llRH#|b4cKa6?YZPY)$qRYS%Z8H&8c0 zu~(Re9kYhtVNJGMhJrLmY#d0bAi)zB843VHdn~dg!2>evql#4;{XUREW7@UBvf2Rk zYT!N6tcWx&1+4XX-DLtL+|w`LxvZW0&jy9QyAKee3-HHbNPQx04Xf zg}gQ{DNuZF)slnxucX(`XwTpFS4oN}R$VcV5mk@`5tyK}u~=h)5GpE$M1DX)c?NPY zX!+)db#KrJOhZWgBa%#6mC~#X0Hx5o3P4bdhA25EX;5RKgXT^18BRh1}*15Q? z1P5#HYI@X5xMTl8F(hUOTb-Cjgv*WMhTbrXs;;ltnBT%O=-hlgnn5c8NyelJ)C-8$ zz?0E&#TamvrO--H=JYF$ajBsS_9){PVz6tlRXuGnv!b!3RL}qfV=D-eNC-sI{$2!t zdJC*(A@P2xz;_YI*iJy-+#$HU8AXIYnM`9Fq0tiZ03h9q^^2V?2YPB>2YgNrF!Hc~ z)*w?mK&AW+&n@P>^<^f}@+LPZhoDnikQ zgpcsVBY~J+flDD6iV%7rMxD)B!b*uz$><^gA&8;2;%I&{4=-8d73j3E(lAC8E~tw% zeB0Mv<@lo4+zs3}F*6_(*nUBv#M`d7fti`ia5KcUcN%Jd?BA`zK3SO_Q8EZdPLU&D z{I4q=CMp*;zKRXEN+jn^09X~6$Q?>aVOr6dN=nYvQb}e5J5N4vhS}at%se56NgBM` z1CYVvHmgBIsKP|4$9a#Z4iH^$4s5)0;ypJ7YAUcp0BBe^iC+Cw!V8$OW2f0@vIgQT zqY`F82D0uNr%ljHxD(jf%>!^lG(ZToSl`LFJ#0k{bJ4xQalnmp-L^j55Cn1;g01s; zp!pdK42o;3pcm7s6|X;z4j|skXfl2mWC#FD+5zYigz|2gYuE?}WDn~>H)IWjpjv=p zM+~oBEz~&@NkfnmJ15{&zt#KW^JBT2UDARf0k}_WYQaD87$vT7^R;%&V_Cvs`iqvb z4AOit^&lF>Jj~4yJoGp4uVaqs%c{%_#?07UV3nbG4-5K+OGR!F8v+m+0vjc5$%7$2 z4jUV>sMH99gniiTbzze5j$}Xddw0(Y ztAu2%CW2d^ClkoxLyu0=IJ81R75%3&$%qGO?o9P;rR>NeDDV;kTYhW2z!_aez*wob zHJNK72n=e}EWH6Uhz0nhC(H#gIrSMWNXKNv>PoL>UzwhiNNR9CKK^4gjgV2Ja+pNy z0ZU#ex;--s<>#bKWk@#6_sjvY&Nh|iryN11j(pBBri-*65{O8*KZK$j^j!>wMG<(C zmh#VK4>79+BtMM+Ly{-3EP!#K8>9{pg7$5&-l;<7*a7tzO2PntBxjh?FcT{Xxt5WN zGFPOXWpANtU72zjr@(+anOzC#1dM22jyih~2rVSoTN`Jg4-8GegA8H|C|pfLQw*#A zV#9Yxm;O^Rf^>rndlibAKkXmpB@zMB=*Jd*SqKq;N)jirG5x9BbhmQa)@8Pn>%t1! z+%v%2P?~r>RKy}D+SuFqwxZQ3>^+u8rp$QH1hxDbAUUD3aj^``jR_qAj9Aa&SeTQD z2x2Bh2{A5nL)F|^aAq`ZL*P?A;x#KuI zda#G07|EvJXBI&-_{7A`BPemICS&NVA-n7&HBN5uxvqlM%)K7pY4F!3>Qm12@Kicrz0q6DZv zg^|PX*dhdzSuSQWMq7=3tE=1g(t#F(Lc~FuZAs&xplTlnngEW{fbSj30DJ!jzl=Wv2^B zWUyh*6s%eSjl$9BL}l@lez;N}s6k0Q`02$^C`dxvafSpjwmAA4b9_|@ngMht9O0x^Z)pQm5Lt#R07;m<67S4O4J3)t4asm3KH_7{#^g;*MA+?0U|dDK=;0LjT^xRje3@zz zXG}tnLi1S-Bx6XF*6qO>lPN|@=2R9im)#i;7d*!0H8i{}8?!_kkpDn%hQQ|K6{A1k z(y{}WI$}doGC;BWnDC1Gi2_C;ZzZ4=ridSZQtY~GR?dNld&PBQSJJTU*WO?KV%ULd zY~a%IL#1{oWO+!&KI7dEM# zLhJ85dxDwN-nTKZ1K99f9w@yuvg18=wElR~6^PykgO4_Tb}n3PED~asf)@~#8>Ep& zvQ)?CL@w(v2~O3Jz>`1>tmYDE19e==zLXuG0X}V{5@2>%k|!4xa7QZ+l+|wQ0u9nXYh+C_40_G0~)BVbvwzYKWq>O=Rk`{4p>6 zH99OCsJJZUUK}RS?WJ0)$7>mYZ`&4utUxs?um((fViJw~gS66#UmmhXE&a zNK!DQGeUq?Lvn4drvV0KPA5L&1 z2nQLPQ7gjmY}%VYSBHz4Vs&8R6(u{2_i87z2>u3Ty6$-1@(9W;?e0^q;_BKFk3|eb z5a_Pf<9K+-Au&R%p`l2o{42h!?tr@nRAa#5phW`Fl0Rc5D0I}dP+wS%^Ouxb* z2tQ5j5m3H2CY|wx5eQnfrLYNeTrvS&@tXx|#CGrtdvEZFfFnRWs6+*|(#-D6oSBk~ znI*u=ytq=229=vCFy=f-q?EHO0!U~79%VVA7mBGdDhHBCr;(x3NYm{SJ7A%;-@rse zrKN1pba~89h@4t33%w;fT?z}rXoe_9nJ|Or(i!9BY4Ne4zD8$40 zpa8I59h`ezQQyEKaiv2R*4c4iRU!Z89ZQqcxJ22_GF(J9omUV}hVsc<8U zxv+g|@&+b?hFA^Kjkfi2C(7*1oX*6pNJlVD%g?=%|K6{ly1Ci zT?zu_h3i!vkPgw?P`v7xzgP7RG%}In`)6x6yn$99Byr*`g~)G~P0 zR%@}c%Hc8|nl@QZ!qlo2DMv7(kM31{wZEZ(fnm6=;Lfeo#@HSloRv5zx>c$+)3|y; z9J(><8$7TXNXPNvPrya(cB8y=#M7QBc|s#Re@saE75JT!m7Z@#bzE5#`wQ|qW{=kgK%@tLJZvbZ8D z4|ZuTu~1{O%+vC$bP3nksuKbKEnJz!?M3SgF)RfDQ#eE{!Y8=w1h9Vw4gxPnS$achr-_phvP_OGkuDgWSOlx!+uY*l zDalVG?Ew%D2`<+}GA@m1z})#mbOOi|C^xC7VnU2Otw_D0_lIK`dt=cn_$8bl!5^viST_P7aE`R&FR>U-UN6&@#-bV>T)W4iPC_+m3H%oq+UR=1V&_j-jNq8s_%d! zsD>1#UJK($xAU`dKyP6A1f`f&u19phpb|@R9oJmlAqRYsQ@l1ODZ>6h=$tI^|D7V- zbbTtP-Fs*U>G1?h*PXeIyZwL&MR;reENSX#C3ZTrvh!4;y4B^*q5W2;=7im&3(GMVfu3sboVyh-2 zoV)@^4NB8wu!+c5G|F4~XB;8Mq#l#jxp5^f| zTBvmy=j1>F2ME-Rjr~>(%ohAbjZED|IL%S?5Srx4ZoQ6Y+OdFkxF(=}guysdb(G20 zW;u1}1gB|Yqp3wnd}K9p)x2h9hmC@6@|Yt{^QyvFBEze*QJU0Q^?BH;n4;O4Zt*CT zGea9r6Q<;D6C_I@oS7o38*vm=3<Cj2%gr`z(pb2CG6AuY+rG++N4|ugRG3z^Swc1n^iyAlvV~BXl9X-$B z@k&TgcAaoojky6{FF3wDGMIJ(SVkH$5u&C8WbC`A-zdS%QzHb3oD+E`PIbK$ft_e_ z4T^P}C}0K<5Pk<)Y{Y3g5Q2nAO!nyAW)jGo52jK^)R(MMuvG?>C`LdWo{H=r%sRxY zC5t70(Z7P=hg3e$S(tHsZiN5Q2nFF3V<;GCyw(K_CS_^D%a!72X0mh~Tt@Xok<|)K zF{gTr1rHvZrjX-0?^syGp-V7}K6oL~x#H%E|c+AJ~{qRC| zba$y^8VHl-Kg^Pxa<4cEN!X}WlK~~)lIniaUZGwzjgLtyMV>;4K;u3z%EA&X!*YOF zRu(uzWr}de^fn}_b6gaPm|9w$RumHARW~gJEdgMFK@#&IcND;?5a#0rCP&{wR_nRaqKOVuuG}R8w*EOb!Pv)O|0su%ohrtL4Exzu8aY%14 z;9+xniP3^2Lh%SXfd>R^I;>$R#|w#PjcKrs59i3FUnA2lAUZVAB<7MbC2RPKuq6bf zMlcWgDLXtY87wi+`$XSV!#>Sj>35#K16n^^=oDv;H*GXUq8f-0Bf+J zP=0ij2$+*=SXM1B-2qtBeZE#8%}uuRPnmiVW4*O`h%o57=r(avs3L(apH~aSTuWy3 z_@6Jz)LV|yUNPnWN5LK1x#10k|9i?A(v;h*oW;`?PC=6baBJ9PCsO1F&DT{<0B;4706(o#DM!Bi&Noz<7qp^XaKtRCx zBgMC+3LdaI9l;UF?75^=&^eJ>Wh)c~3PLJ%cTtX4TqJ#% z2vcWQ>9j8`lhS11nRa4Ht1Pl=D?t$x8nn^DkZtW-Q@x1NSbp(3#b{o2LH$8V@vRK# z0EWCwq=??Zf{;LwKK2R=j8Y>^*t5Nwz~Qvo`l*Imr}ZeSutL{k?)d=WxdqTTkb)!C z$ak!OIX2WorG^r_k6;qS?FB5e2+Cy=0_de5yP z9Am2C4D|%&md``zh+;)kgp+_qlfkfhz|6@cjpYaMzz=6Am%UjM4Ir?T!U$a)Fhn~k z2oo*=#OYoit&SOIf*+y-)W@7IT>``)lJP(?HP?)xd*br_WVh93Wstx}s)>3^FYD@f zddP-1sjcXAW>vm}t_5_Eq$OZ+QIDZV#kc9epOUcj>^a*0(bPS!& znFFCFg**a8e3H0{Jon&H(c+1-1nQ5Ii;A<*P}qK&8)v;B| zAumUojEw;B$HPY=gOxkxstE#!IR~F^FCkjIKzhoc6Bs{NBNnC?sGOZg5Q88>2nd-R zliMgr(0YErnvICqIFQjt+yK`diF7MhIa%aPIY|a)S>lQI5ChXtCBK+~RWbX)G?%Nu z!||Y}-Qb(+N~A8B4dYJ_z>m$|Y)rY(sE^8M(=s%p?YY_(0pq!hz*^nS*j?8GC!<8? z3#;E5(DIp~PYo5s6B0i%c!5a!hIC|E)P(1|i|DU)^W%#A8XEr{z$Kv5DfmTLtpKr# z!iWGN7gB`M5E1`x7+KVIycVl!rfXBt$S+WUr4eX{3zP7c%p|C=%K*xXMDrkrjcn=L z#FCfFoH=|EE<>LA1V)dp1mcboo|fT1Rdp%Y^&dW=wDOU;B~zqhKh7S;N_~aXTZqF@XPPIu2UQ#y1p%dmjanC+!ax@& zA4hF`qOYP}vnHvl_*2#qrul=ai!5!la_O=NL-a&+NKJ%$zs^bI(4b41C(jOCs{*rz zA`wcpGf)oR=-qS%vOHSI@}puyW(8IXxEe+%7%&Ja6A}P9o7=hC*!{Qz4_40XxtK9K z?q*Bfgf(W8r=uvA(wmg>sZbVLB+jb>)p|Ts$I(IqDPK(fAEpwwK!|<{8pJ~}B=TliEMPX6N3mQ)LlGb^dL;%N|HO^AUt}3*=j9|X(uYbv8o!ZAU0o49-VF{k=YQ< zDzp(iNG${?2Rru6bi>s~7y>66DG^jw%rZ3T7dd?25ysKKz!vFZ9!5<9OR6K$G@vNT zAk3HqXbL1weX873=v<+N%qF~9y8 zdJKHUa0tkHtwzU76)jN+!a_#sEH$d(5FIYKt>{pu!9RowAW!CDBGMP-o}NrR3N*3V z1clpjp#%mgYBSkiUxXTxCFVR!f-QoxCFUN2bzEeEqY?79v(Pdjv{RWQXA0SneOMOf zI10??A<0vf1XkGAWXUT4OgYO0E1EzOrcZ+LC`Q_dD$qYO6&6MdXoY4*SX@{}sME=W z?O{%2<}#RU_z27=O8eap?=_{VT(8G;kP6 zaZ=aPCra{^ahkWqq9>cSfU3751PGco!DyA*Uny0|`o|~Ejzg+|lirk?ni$O6B0%H| zR$~NA$(6l1gz@i{> z#wkMLr{|+Fu=t1`ser=w`|ND14UD&JAyV4Vdx--q1|VeD`2Ntn<~uDb#4B zR-C`{g6XQ<;Ggj#f&Vx846?49^2~Lf4&@7?)?M7E0@Y#93(i-J35u|rnbxdJdnQP1hN5XIg z8bm^hBLc7l*Ap*NuyEu#3-TvO!Hy>O+3C(kd}si@dn{1OFDx_cVVuoPqSvs!u9^a@ z$yOqvSUIvnP+|Q^!I6sj{`m|*Y5q6$At^=eARweRAT!Qfr35M?>&RY%HWY&7;!{5w zhR_o#QgAN?P%IStSfAbe*~B{GqPpu(2zs|O!>ho z3FA%WCDkGk4C*i{pGxb|Qn0UXfKUL86y*q1U*=1i3GFhMy(KVmQGM>XgkieisDhX$ZHKm_tb`u2@pH?_1q>1RHP4Yl* z5hJz|2zbMzhya9RJP3DF=f`_N%<6u~%w%Q*^f5jd4DF|n_QK$tZ9W4vqW2A8Y-oih zn^-jJt8K{bQ#c_Y=4+M*##77!+bL46SRNTqovqx9SRkGB`G#JcX~4rL;GiPF%uV*a z5=mLIuR7=622QRPRjxpKGn2i=tf0AIXIx>2R5bXe7BXg_%o=eW*GJHYEljbY%`EkV zU!xMn#YCu(WmK}dUy|R?^d}A^kGw>0a3brx7xy-5?!*P#)Ad~!>xPA}i>+9h;sXd( zlXj@NNp@(0BI%#vO$`n(BPURkY1EDCEcpSxT!J(}P=KPf+G&*vBQ%>(o_P-y24NvG zO!FW|aXzs=YFg1{t(WKTtJBe=XWou2Y~xC;casfkIMd}1mnr7(%10v^lhJ|}~ca{^)+1ZAn9o-H@qCW3vS^8prUICo^#Y5+op; z7ebVgDEExQ>eXm~n1VBpkqSrFtxNUplm@Fu4%GLH`hAO7v1`H=VYT`+V~()ON?(bS zDF{G`lBVS1nc317A_AT{#XNDyV3o;|pqQMgq-W6^0j!rc30yXUaj!2?k#pkaUF;-^(;N6YMV=#IMesT*V z4UEUxLQxcjh=9SxHvo}c#yqUqqwF#QT9_h8@!v`MA|#;t8$T1qOPlTCEZnR2<;xey zNK;>D_*6}5jcjP!xKH~QTr6137LW_)2N1= z&K+=>0J0$qbjJ?xv(*;ZEb;0rCndnH!DIrw1;A|Wyc7bW@lyMo_&)R7y}#~9HVa~q zRj$-3xe1euwyB5NWF0X=N-+#WA&G=&^x7k0%VQ*u-z+@|purho%rwE$p%rL^W_!oo z`Pm^XXfVUM@l-3k`^VILXyDE!&z=q} zGTB-7*MLF;Rz`%dEsk?VlZqm-(HtK6yP0Ei8TED80&x7E~yrFDQ2Qm*?;QiyJx zzH@hKekaTZAI-bB2U1QbUS`A^2*Nq7nb&}5GgYDXIx)3{(e0$mT)O?;tZwVXmxLz&}Afv~Ux$X-0U*o)Kb>|I`V04%q` za3&CxTs;go+0^gK;;x0RLWOdWe~QPzHkcAsMDoLd#wUQb$WjQllk26HF^(tEIAj0}aV zk#4~xm_WsIR$b}?f@XN@0e}M&Oczl|lo&yFt3Y=glB}#)pas33QTvl+1X-LwFu3gN zJA43+6)}y#+cUUUnpK1~uFECLK9PY|%m;yENPq-z07)7~<2qPWXgW-&2}i#4I>1Gl z!L*Lu*RTSN+pQBJMAd*q*eKn--`|0F?*YwODJaiOlCs#VN7O1^?gRXy_4tB+sC+R zyIMWM@zmJiA5s#OfcS|K3{TL1vrBxQbCBRD{xC6!So^by7= z0S~!WI1m~6X#{mji$*$(_B;OAqWK75pb&O1&w{sau)5Son@Ap|&Lh8!sVNQo0RyBM8Ck^CW`KXdT83@xUB@mE?E#C_V=z-sdIVOnwIu=O3-)GGF^i%RsxOusLbJ%S zETa+?pZkw}yn1`>@bg0Ah%C~G!CT+F-}E<>QwuWekCgf!%=fGBsQ2=Yatsei(9iFF zvA(h7fdMgaR#e%hvPZ3pYbB2ZFqU>vrvSIK5w(CdvKxCMVCJ7qq(B7ZrhF2k#Rh&N zo4#epvj9kle1a0iK`2+I-u%tspJ(XBv6Cc~8F<)h1fY+D z$t!_C+ae1$ukT=aS(tZ*Kv8QPq^lxHsvqczLQEKT2x)ONK!v^#L0bsu$!1rl5k`g>> zyHR2-jpXL302NeW5H-9{Ktct$_FmXD!bCynu$}<1k)0LE4^WKF-_GCHJWx?TUb=89Z0s%Pf}3P^ zX+FHFY>bGJXlPle5X{xL9=MgPYF$`Cf*+ULKrsG%02vmG=JzRV0xjV$YM*%W1=O#SRW0wa22`H$H_TLix&3|pqpbHd(q9O=9 z5*N_&6rwN>$Ah))*zQ61cUx04Ofq(3Yho@e)iG{Gb9O=}AH}G~MP|?kaetX3sL&Es zJ{5@b@{y1c6uj^h^iv9z85pCKo&+NeJWd@}=j~@Qf{+>Pv2F%DK)GL}i0vaFCy;jul5ljy^|XyAk>@#1c9@#Oa29%WVNvw3^x>u+bbTW+SK!!JqlI2Lv5hu1Iep zf=dRGo9Lx-OGm>R0QIeqSQvgfNaxfzt~mQ0TtK3Y^BjP(^HhLfN1;v1O}184$XN=} z3#9&6(*wO~tFC}WpuigBZymeCvGhn-yff%fiF;$ZAp*1(i+ATpupNur6VV732rU-x zzRQ@FKnZOjYtY2YuVu^t21#ufZ%&Z6?|L>|$k4V%rFDUVGl={!EDi>Zkly*gUB*@_ z0|=1orAq@;yVTG@A0PQo!3H%7bFUj@By52Tf)r>4`SqI&|5};7@dJXa>B2`bX}r)e zBQO`XQgQ8ud=1}S>HvA!kkkNsK=ZzO335nhEd>d|v~G!IPF7nxDLO#&gFH^5|5=zg z1H>@Q&^TidFZz6inh_W%HU~}$jv>`9N}w=ABLay->ZoAb0RjdS!T{x2sV79UP?`yw zn3k+qPaYBM;*W460pJSbx?_;-hwKMxM_b1V7ue|V`JQ`JCd&h2v?nK`1$P@YK(~qX zW}zlb~V(56c2*} z*crT8D=qnV;fkzVsD8pbQ4A(}4FE*Imt5j z%Is6NcJyFSGk+P1PbpkSa(UM;Ba_Wn;I~uZjKeDs%oeT~Mc`TBJ02Y~v=9`>US}2& z9paJg90I&8k!lmXeA^?Y|3V_WKf&Ew-o(kyBcc!F2X$!fn};7q7{lxND(!npiGuqI ztUxd8aPyH>V;5n&G2N1dgXkW3XDnK^HnesKaC7iti|lbSEG3qLB^vccSrI|S4JcWM z)>P61D^iKd(XQb18T}GQzk*20V}I#Ha5LgY5!#F?hYpz#kc28`XjuS27DK%TbHtK< zU?)3CFd={}O}$MrBXFvHHf;F@(WF9xE*%COtn}9yZx;a}9SD|?kZ4@6tIhymm=ZP8 zrOZrBl4jysO$x(G)f~}y5HtF+C;x)AX(3fcv`&p2@MKMUqu7!L%!8sMgyI9bjNt+R z|L0JU?xC2?1_E2-dCJf$NYpn~HlZ_I(-iJ#WGmSq7T%e~u-La0`t_#XfxcYu?7_frMK08m z%cd=R-ieYo`0g_^26xUf#Aq1^*HAOO4g`F&1}PRsTx&-y4iQ~|4#<+iFsa2LV63?B zgt9tg5eNZ&6UL6xbv0@+qeTH&(iMrrT4S;if5mvsq0@a(=(mT&~_uzA4My^fjVCLBz zmcYcf_9jj?$rEOYM0mu!mPp(<nU6j03=zq8PC_gO#Bo?xYstq22?k$pd)~@f|#| z?pg{1r3WET_`7@ShVjn190VDvBNl){!XreK3)#1yfAP{7jsoYIxd7&leuXne2ty!+ z1Gt~tnk=4*%5H9dd%gdT_t@@J$A;=%d~9jQpbfAovV|CNJQ~n+v2J7DFABAD#cr zqW}4@2ym8^F=R*`hu=&bLWgfXhDs3)AS}Vl9Rf+2t|%9hfXMy!U)ZM+5&wcVOdzr; ziw-v2A|Sz&6{4|9gqs37Ugc3}ET-;HCbUZnUJ#eWs1r6aMs7=zs(<37gT&xQ}s)Y=5 z59ItDaX98eGU`@DU%fZ0Vn8^6e9?KbFo3cALqwF`mTM)uhZS5S$Vv4wh4NO!n_VxF z*L*%iAZR)uzqgkVVr)_(iNhOHP!N?W0iLeD2ZTXK5aI_ndye`K`R3f;Bd}Oo;7KWF z+)$F%?o8x2+{Lb}rUVhPy9Y@I6_+ofOiGkTL<jw}Isebi>l#eeKM>fPZf zBU(qF1l(Vh!Hj~fMoeDj9bw~ihq@3_%9)RrGY3x~UhP7Wvw z9TCScQGW`EssumwAsoC6O^z43|`YWbyd9GCQ!s9|%m$+@-Z)^>Z8PhbQ1#H1sCJABX#gQR3q?)Yl28KAW= z6_D7atX+gTOqs;e+u?SPh4vT2#i981h@Qvi1${kEHDbo$$-o;u^s%drwai5Q~y_21jJ5aVAX1e zq~_heGsWIPzXBx4wqGOSeOxV~G#cIj^@m8qiWML&#|Gs|SOxr2Jd{MML7V=F8=;FY z7DKgOf&%;Yo+xoq?YB0jX)Bb`MlVoiaWmxGJOKGG0Hr!Wv?ps&!pFs-;gVQ-~$gJWa+|7z4>AL_+ z_Zp-M)6C=oZp_7E*2n)-$Vfeq8GK)j1kwq=GobdORPzZQSp?yTjhkhY(;AEm6gG((bb)GCRktd#x2fD2-QWZ>KLgabCoEk@prkp3{_ zba9KMAaac>Fw5J?J#3{YtBQbW>JF3y=3;P#co(D~s5?43>T2hML`JLoIB`6c)g5F>;VU1DE= z*WutAq6S`^52Jo&j?`eqAVHLh;U~_SB(W}%QNmdd#@Kw{(Iz**x)MH;^Gu;Q2`HA; z)OtXbXo-a*)oCHg@(7R}uB2Um5FAN0BnFxdFmaY53Ig?TgT)CU(i0Vtpsnra3}%P_ z!fswDnD^PZ(R1BOK^HZAozTZ8fwRiOj^OWsN;^I_kyB#G(Kri6!nhfm?1CLEx_qA9#?gLO5zp+GVOR0CU+AkHOC!=Cg$n( zLAK;IC~`O&d?5$=qUP|pnN*jA3qXLXgh6)LNW}{CX4uv^;0hlUWrT=`+Vd!(q1iJ@ zWmw!U25P_qNceX~pY#{XB!vCMgX8ODm1D69B+(_Bj)-=qC37}+B1kAnGoY*nAmCEc z%+UfrSD{7|8VGpik(!!h_E;J`1`2qGB)E>-hc<2UYXE2mz17!DBYg z5DyG!3jYBFY1y&EHrb+|lQF2JV})}JfsG_6S9efKMcI9)!I>#yU~2Nc z0ZGMp_ml;~AHg>dR3%$Ap<% z=%H=wWrRS?M4Sg)s6=T`C|(xnh{4F_v)-_gBs_Wqw|0XVK-19<0a=Qpq z2lJz7ZAH%ck4phIY;;m!^NCcegoz{onPpzId^40_xb0}17ID%41f$InJq_48z1R+T zPuP@u`br;;9!9+n@0ubAxHy(BZ|L0blF!VZq$QdERR&l~w3ULH2$B5Nyon*Y^(#e| zC-9P|B!xEYNbmLhT0Ekc7?Jxd4d^8!oein$8@PAGJL2+%exdf>Z@xm>Zgc2;Wb}~P4<^8SB9~z5HU;}ZCIM^lm5Fsyc>m_&kOD^N< zh>_;>%Nm4GTd7aDppsw!Bmz?c6G`{dCNJ>Poz$r6s{gf2KvpzyF#%;jOv{}Vts@~-Tt+JLxJeuO$}2T^)z|NX99*;h)Q+q(jDQvBHC$wk2@%|> z0Gd;9U$kAqipWD;(^Cn+DsNvIyQYx6&lsaXn5D<7=~5!Rn4xELK4p6_;F0w0Xij3f3bICad{wU$SjsCQ>M6b?gOa>F-0CV&ZV z6%K$!VC*RfyE<5qr%*@rLmO7}-{isH5f~zDA~ROYa2ncJ2#uIC!lOgx%IO$g-GAUc zIV@~Ql1I(s&r`2SGyscuqX8K( z2qm)>xIkzSOu-GiK19@y$}Y4NabH8~69n1GfL!4`wWZlGYQaYPpzqmfQGj)bapa+`oeRhqb(evGETHp1~{_Ehc2v@l4W-v@u{+DH556D21pbW{|6bW?Hx=ZNN@P zpeGnRNe{Hq_1g!0k;^tZ(K1DZtCkcTt}B8(dFLF_T4|~yK5n`i7?>2TmBA8DIe+0G z8gPV$0{}n(oKf}H+Q@YJ-nYwh3V6P{sh<+;X@65&rf6+psfiQ{X|>F_l)&2V-X^j@7}EgrororV_+Wq=f_w)ua2uSLj+a6_&M& q1k-_ualXM&qn4!ObHoBOG%Br+bNs^Al)~~>*-Kf-uA}b=?V4trO+Y>X literal 0 HcmV?d00001 diff --git a/fonts/Inconsolata.svg b/fonts/Inconsolata.svg new file mode 100644 index 0000000000..36775f0749 --- /dev/null +++ b/fonts/Inconsolata.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/fonts/Inconsolata.ttf b/fonts/Inconsolata.ttf new file mode 100644 index 0000000000000000000000000000000000000000..4b8a36d249a05a0fe1575dc3d96ef7079dba6b07 GIT binary patch literal 63184 zcmaI934C1Dc{YCUon14UMYC(0k!CcbeYB5c%hq_)VjJ58uq24VK=49BY$wDE*+|n^ zHfg`OZSX>xK)(iWNxqCOm$6OK#!bPtob*FYK(dIw*lj?v4K1`G1d<^CpXZE5SPA|A z{PQ#C-kE#uS>E?O?{%f*@&1SI-ToIp{HrhF z`Yl{*_wRf-Y@CwalJws%;X1l$`{sxKI#u{PNqXzsk|f`|`QA@&mrA9GB)xMM-#a&d zV$Y^3-KL!=zadH2(_0?6_havT^1gaW`j3ZkuWbu%819mrQ2!@z9o_QK!@J8Ti@u5P zzl-|*@e|wbzxV0(SKgMS*MErX(+}Odd%N;qrW?5aTl_x!$$KAqplBqy8tr)(-*4Z( z?b8px{lga@m87?~NRo2L_D?;qebxJu_u+dpem^29l6K=aa*gu0k`3+Lnl>lW%A~qc zk$0$90NSW>MNu}Stm~AG%68>Z<$z+?kamuytlxHO&gY#kIbU_+hS`}e9+lG4ih*=~ zqG&kZxp+`q7;s@QwI? z(Lf*)2?TupVns0&G&y9QPFFNo5b#IJ1A(a07_YO2JS{VC$R1~;tTZnYM{g8qoBX%( zUn);X`BJg8A#F;eIME=YcQWn3FC72JA%5ZbsbkXd zh6BIwI@7_)Y=;WahXQs;KbkIZrUR4dywQe6InIWo*(Osw*%qI7)g~`A7P?%;<$tV~`cOz*W$}haHpZ zHU~yrKdS2V4&HP)({|KoXN~qg`=FgQ^2%%v*eiK;4p-XC_SfvF(J-nS4R$=ITCyMS zTKH2-z*1?^?MPdkY4a#ZM$NMu_@jLBk0m-F%HA#(olxH^#tSXQ!Q!f7w5=q2vou?8NOVaOV+G2SFj10y z@t~@R8qx}e(8*cTgQlHn<0!FsQhT%bMzQj#v}IH+$-cTIfhkRwIMc34?NQeOm$D!zV?r%i$MUQo+8qKdR4|)jpt40DflRzE>$+Tlcwe*{+lA=zbP3p z;eWE3|NZ#tdyBlE^epz=WxUIKzu|u0BHuReLhrr$`#lfowzYXa=>?O0=a_snaiT7x zKlO~P)_teG?&L`cvZ(XMzsf&VzADvAt%sLO}CAv>oJec;bz0z_~GyZ!`o82K7n_n>z$~Rm^Z1tn0FbYqc*U*dgpLb zemm_LRom)I_`WtL-me~UW-Bceqa2>Z3x+H3yEf-=OnEz<7)@6=(NqrjH0V$DgXYzK z!a+C2zu&#tjW-i4fu`4ETq%{^#`aFK0zcmJtyI4uO zy=`r+EwOm3(dhNOo|297-N_n*Y>0H$bX9r$HH+g5KC!GuuWMShW{tn9BeI~Otzmmz zo$^&#Q7opIb!nSoH&o^QlfASe5h`h`3mdu?nR`2Rc72;^val~%)EFx?%>4MgWnm;* zv-Nw1`jQUGAQj(uNB(!^5m2*NDgzxam3Nan8x!gHq$*gR4+=n zcpZ>ABAt-VNV*N`1aIl|asFJF(7vX7QU_tBjH-tePUKM~qnuO56b#a9xRKUF=1mU! zjBlefT#S!K=kP*&#GS)Sj38PrTNVfp3xtQb$Vn1$QHyVCxrXs)3N930K=ipLfx|)F z+mH~$A$-(2)8&)H?V>ciSobyvR_ikk8bJ*`)_yBL9Q{~n)XgAxt=ByOveo)LgC2aW zsJNp7-)yQt&vpT{?yB`w{5mn1;79Xdv$8?bdW`+7uG_jE)v3EtPo~c~=-lem%~jaz z89;?8OHW0A#pa4#6(Hx{ssYy3n;2kSJh}B;(8_75{s0B9DL19 zZGLgvu0+b~6%vg9gRfd!UHWN&p9qSUU8toS1CE$1Aqa-HGtM0>B6_s`N zK&Zf3UJ@`lWTVZfuj_2Tt9Brs2vj9QT^|pxUr`L+^i?E+!KS(j>o;9ZvfQxRwW6%7 zuJU?tUECWfa^yMOW|t&O{};M=7j$ul)b#(WiQ8uNY(1!4Pd(cT^T0i;P#a+tK)-JL zPoYK24p%VwfgbHzT%T2*AtPkzt2b_wPvCt4IgoZGhK=BC$OZpo+B%x{JJY^d`^1OW z_;U7%V6!~Fb5wiD`YL29Ip063zK#`JeFZ>*eu2z3MR);XMI9#`Bn3|qh6wxe0V9NK zgncBF6Qr97`!&+d6TESeu$$C!f-pd?I!@S6I74`Xu+K|+yvi4j5H9hBBLwl9OLOlM zuQ|?Iuku|Z_6fX8JLow|dDPFUh6txb36;w6a#NNx{3aS&AP>J${+3l|9JsHv{nn;% z=iN&pk)<0JmKv42WL?WMpK5>T{@Y4gLw9Ze((>h>|M*7=7b#+_dvAP1{)BP_tN7b# zV?qssYtqsr3=nGE(ETywM(40AC)#9;xttqwD=w@YbJ@w|oh!Tg3LtIeqw32xT)zt7 z$PZ!p*3K*AFhSL$9Ex)UF%^ec8W;CCGUv#tBW=Iq2v^%J9PE9BBLHb$ zrK~SAq&uWLrh~{~b=rt!fa~x4=i>!-?|_aYG0?^wYa$dq0cW}_Qh>?mUI@~a?gY9?GJtwX1Od?Ne{{w6_ezW z{s1~vQ(VAc>VZ}bldx7&`Gxvw{Q~_;{hj&;^~N1(1C;4W)nSr%q%3LES<|TLiU}4f zZo~EhS|<5yzCgRE$1$0*{K)a5coF#zApX2~h_z}!?*tW7tWvVLFpBi)O-%epsph7DSm zZY^~Vqol()l0B?CVfb1TQrezS4`68MV|fy^4L^v-6sOo0LLCkTx#{EO#T8Dsv#hYN z+Ozhd(!x%6p3CXY50=A8MEdEGgYx&~k5Y%GCJ+YAqB;rXVM&J0=`Qn@^~hUh4$B{1 z#@{~!|4y~E1^%5Lj@LFb>^^03*0CczJ@dUg!taw+Np5!E+{n3a{>XPD2MQv=V0qN< z?=SHC%gX|R@@zX(H^$^=AtQ9sT^K9&csqJbC&f=_HPaOXhB_%f$B+H;5qwa3Kxung z_bdib+p9asaeSUk`E%W`P-Z8Eu9Oof4UK-;FQ?>=&Y5%h%F)pKaMV#>Y(k%ZtbAH> z!>3iPEK+s(&=)tNqO9VS(9spe%L9ZIf#ax#C|VQw_%_T^3Xs-0hbys`(ooHvder;Xsp9ujyzb;Q2B zL9*@y+3`UFt$l64xdlQ%y#Rrr_7Ns18phmHkalVhW#?vqw$F2z8t(M8Ap@EqmXTNhZY#;SJ+uTos;0`vno3M#3p6$ZRY~?wz4vO{?UgeOF5nka~ zzfRZ}23#eK5MBYuJ{Z*>7(&fW{up#DJB%iOQs;xMv>5tWO#ZWyNTj2;BG%hpR@UAd zTjTSz6a^b&e*3Q{1FeNciHO&zgyUaWv-UG5Me7Q`VEZ=X4i!ujsBrUZGwPm@DFf6qajNe8Ktm%J%mU zD8Y*O9ilCLXv-<^QiHroH5Y-8E*GH%VS)r%qK2veTp_F@NJX@b$nizaw0l%N%2_CM zSG$!R+AjAH=qdB8`vv#QZp_-N_>OW|IR3~S(VWJhLnm~(P88yzkoHfhu8<7#F6Yc# z3OQB^7w4#Yjav9S1fzq_E$6UXep@Ya^T%Z0DsY|-9;8V%+#vLdl=XysMjnwTa7~I_C<;@Sz@~ORA<~bpMhdpfW6XDN9B^ zCy&Wfa51aL=)z!)nIXd=!!ZNcV#s*Nc#O=r50$#x;6A414dvZr*O|(i+M1iaWvy*( z$z)ckAdQ)frZq(y+A5Yd6}yTnJe~RBP^ncm7_0`}%wJcmuWSg03XBD1RldTiPyswM zioKz=s38?CX-U)+wA;#J)m}??ZQp~@T7NuR=JHjQxgB1=#iGNyumUpjgt9|wK_`rq zkL%dsM+r_N?!8F~=%g%^jQQCqRm<{e|E9|ls;-P{n%YK5x*h=en6{7R{KioJ3L!Hk zIPf4d>$6Y6H&}!^Qq?Z&AJUTq8&N00>_-s@1GMSFyBnALZ;Ni`2yvDWFmi~ zxw>ItQS-{gN0+qf^#;4Sv9PGV+ zI{V%1ue{W6?jT&l z7jm;JrvtwGhY8yW)ov2DdZHR5y07|hHQjTkt1nbvs=itcRlZsnLW-5)5JoLYv!9iG8T`_xl$}ykO3DwZzA$(o>_f}86Rr?0 zQymBst`HQTkV}{>9o8R+96I)>CfY~gK^Shx&C)z-7al&&64l&EN=FMsoJ*n?kEWpA zB}(wC)nQWL8*HUMFRMpMLwh+=e!?NbUTQFh2nXqJ@)L#t+EDP2aFNl~bQNop)*Bg! zV2Un8F5yEx6T$u7DBv2XQQcXCU-Z{(rVDUa5{sC&*L{!_%r|L6ovMq-{y=PO=8PP;Sb`Duha9 z`e0Ga`JHt}Pu7(sY$VLQ99pxm(PFeZLUvDUeVOd-sf;X66csltsYvuT7KRqwdavv* zuP>}gc|vh_bg8nlqt)!z=b79s_pFLkmb9&^ufHW(TDAJ2<+p!npl;@?aC60%HWaVy ziM2&sjkF(RX)PcPzRr{W6-o}M;ROj@7$USu5D~AjR3?DLt}~0pP&g-E(vfY+!CG9O zq%XQ%57XV%rytaB)$h^o*B{ZJ(4WzpcVsT=U(sLJLu$QF?wln2gzy|7ll>jEg#q63 z5#AvfQ5#*>XQ&+uXDWTGS=l--h#~xGq&5U8%#aC^g@P3HWK>L%wt{3?YnhzxdZ>PF z!z+=&;4tv(TQ<*iYvnvLYQ!tu$_=1 zT%i^oCP+f;&_?z-g=F_ZWsrm;-RsEtb~dHhU(06(h#+>`SM9UNa=Qr5TM3$ zoNz<{h1E&I)dIjjlkJ`*?1w8Y%M^#n6ekEHgy#qWx_%D_kCR6(&{2JcaFpEQCmaH3 zr%KMlZw=j|^k`|O^js-4Mn4tFoltzV{<6(wczCD+H%=!2mjIbN6AvaHNq`_O^49Bw zO;BgmO^tvtf`|i7qoj>DO+(#K$D2{!(z?5qvN=Fue8hZ$vi&%_dnDIq?MVKKeB3?E zzS3){PP4;vf+ce-a4K*<02TIN@Mtg-L>v6<(|H2>l(HNuIab0x>HoA(+CbTsx$X!b z`~cg&n{a_}hH#zm3&LmE7161ix}uFWPc@^7JL$RK47gc?nstcJdBkUZoU@i$oa$B9 z#gaAK6r(BTM#U8R&MinJX3^ekdnA*o4T3F`#hbeYr?7C>|A3Sm1zaf_8eEH5NqD|jP9 zRbaR##~uMJ`GMT}FP0hddUjbMyW0bT&Fl%S%-%>B^jn-*$qomcP@s3HR(pVq7yy%C zxv^u_$}&lS41AcdAE51X9d_YyI;FM!z9T-A8O+dnO8b%TFq`(E_QHDBPFGxD$Yo0m z&z>gi0f6%6Rj3|zv1-B)8EG$O z$8eYL@Rtki0Csp=G8Y|TR8tu3?zR@X*05~ME+P}_7Bm`6`jYBZEA_tRaj|kVE~&Wd z{z&J#O|m;&?Q8BTD5>yNcI9=n>I!uJ9bXK=n(C{qU6l-d^LuL_UKNuchRz*N)dg2C z4L3*K2v90nADes(KDMCrFmqeBc_H(y_jtE?zv%s%_en3zY$O_uIJg_E_KyJy8f}@k4EUwULsD-9An~q1=0K=3 z@SjVka^HL*2arqUkHSCa&N=GjgY?vu`vc`O>6?9aO4h%LemJEP=`l+06xX;bSn~d7 zH)qzld9$07`i&dZnm`Vfb~*SaBq7EkxGng_;Mamr2GQMZLA3l$fRrvy{IOG%Nj5(8 zmelZ;kGlIGJ4to(I(W0kv@qA%KXRSQ8**J1>w82>$p4}w;a|BGJ{9;RwdduR;DA)0 zwbUIdObIfwP+ zNUFp9S0{gC<^l0Pv*@oEiGEa~A3qcQ7@#j$I5O$dWH1KqBB&w8QSB$jU(lWQh7rB` z2H^}qV%~+E?U7NYS7;H;g#a63WJA!LVS~cAw;H^L){1KRIQp_deyitl!+WcrM_*Dm zel4r;@7knB`3}`f55i?Go7>6M;e3&A6izTm0k89$SbX3D{!>pgxPiHbLy&q@p+gXK zNGW1i9u9>@SV33~vdWFHadJVV5A{r^!;@-JSlBy{QHmZR#GKR!v`p+ABnGvPdQ2FM zpvFn{GU}#&eF2hDJ7PaUDJcTHk8}AGSw?jBXb0U#b1HFm;TtRD_k``Qg|MS)0>v$(=r-RHlvf;PHGF^Y6%IGyOQ@L0&`~$G%b&vBYnA$T>gYkL)<+0u2=5UdBb)?ihYiQ+Abc0{ zR|^`dSbmJM_#)u~)u;}_34qp~*9-r8=6K%eybB1GWkX&h20Zi*mtfk^stN0``V|LC zbXlsuWoe8nYxpbK)ldt`tDc~2hjD_%o^YBy4eF~n9Q%1g3_^f?p6!1XyDPl* zZS1blna{J&NAog_DHs{uOXl^kETXXQz;Mm%wX^pa2_yUbTlQY`d5C=$9iM<1JKJ&X zYT#Y=pS{j?_#FF{1Y`~sA1gjpjH+9^QR`NU(K!kd|r5tzn5O%SvbmmoHQKWh} zo96_knY{sTt56K+$7iNQQYVxIsu8X7GfP%A-My-=X2l&f)jcgGo$&=F4N=bn+Z^7C z#-eblIb6}XI^NNwbFJyCFYc%)t%|RG=R z8A~3WbGUg9S6Qh&&rM~5&T67Q1NT;*%!<=_$kf1Ehqco(nz?9s#d6)EgHTq(q_6@K z*D}j(bg#BpmRpn^>Thr>W3YHF6-YqNran#LRl}y)4ul9t zlw%&sb8C+p3b0J|Oo!k=71wSb?+me1e|jdp zX2FLtWzN+kW*t1}on<~GFNpkN5nRgj==yb=DP<3Vk+k!=aUBNhJbAFk(hqqBmk6Rv zr!40!kSy0o0t}Q(>Ood>ijW}>=c>_|frQz;sUo$PBJeQbG(kkdsbZ)jfLYE%Tsq=* zanZuOwEfk(!NsM~u8*z!%F@)w@0SO+D%)y5@^D}8r*5rQT4$6m?Rn%eu0OK05O4-D zAFH%o&9h=uU&KnSu4VKiK~VC9mks_0xX{cPEeLF5_MQ=0EDYhz^K9qFj6Q80eA;?R zJP!jWgdrI=LFHyeH(N8bXco#}n0a0{%=}*NnE8sbeeu7frnB*HER*n+Y?mz3$5h3F z_AyyT4HKT^2wW!o2q2uB+4dO}CZNKc`;hj{IWvP6UhlWadTrvizp3L$=qG$n*J;{3652)2uS$6l-PB zIqbw3dm}-<(wi9eWGVClhFTq>$l>-LwU^e<1;T_Vk&!0|y=8zgvh*}S(oX9yQ0Eg* zW^zwzBSjNX*|l@wF^Yk1Jfn?QOhfd@rr10okYuKm_a;5dCtqwdnjBr#C5xIuh4oz( zOIi`EySsg`tE_R&tz{keDfvx$M_E;1!9Bf8KDI0p`}(4{m(+da;hy{cd_`f0pilDs zS@6AAx=(d_G3NBA&@l91Na6f;IB^ME4jG2RU-Bme>BX3Oxw4uhVTi(X2|+~DGhq>4 z7MCzWkSD;5FS-*dMHsfwBq5ZNg41in9^V%Xl7>IV5Y=bGwvcal8In{(&9PY2qem6 zHJISAlE5dh0AR<}T+U$x9$gQ9K(#$`8_F-k)!WqMYg)(*m53Q8 z?j=po6i%7Wa}~M@rB4J;rA)xYl?l@EG}pxu!nNGDaA!nZBB4e&?!ZzMU#`e^<&us5 zrUm7L3y_|rv*`=`0b5i3Zg%pUi$2nZv}Iks-e#~`Ox^wR$Fg#)`oi601hm>tkG=z5&Sm)HZ2*13`232fTF>pl!A7!N{xm1`0UsQvOxy78kkFpU6MM z@@_KyVZevb)x2~d2iU?PCKnPsC$tfK=hi?q1EN)50BA26UWJXDhW8751(}sUn_8^q z8O3Hmk$@$pdyL)5w^Q5I&g74XC;}UnZ6posQ+emnP3^pOoTGl8ow`Q2&gQDm@}1KJ zksrzoX?L^7=yl1y=4PGSq%*l9)wf$@y|1+JjX&Hu-ndHHZp=5${7#MLuQcyYT=WZnhzPF+~PoOkJ5mz$Ktf~BNn-K z=Bvs!Q-S6Ex3c~=ID4@cY?o|^_Zz59xl2SEP>yktPjXtsItjD)#qvdCglwItL8m%mRC7LxQ}3w{MlBaJ9X z4G@%3I3tnEdy<59Iqywc}?wj3wb)8!#CPjrL&bHWP*?!8h635E3Ntzzlpgg+2EdGDj#QEV`IO~?f^3 zQ*KqB+ku0vp~y*nT=z8fv-P@7I=ruq2DOGE%KWpAsi`_KiFz@KNJsgG^*h!dSP?J# zsddu&1`67sb*mN6bwIh|uuri?*D(!J=9G>)ANc)24tpn|o^YHJ=n=w20M;hiB`7l@ zyPB5E#+9bz%zt2nn&cOacGLUck+0AAC=(T_1p3N2av9uGT;8NQ4CDk7V2JQVf=D4m z!~vp_&L_qm)B^;GaF$;@1xP!b!$p*tH<_<_5FmNEA<9LahJDcQ@|?qA`io_CfSsFW z9|lM`mk8_0^1A@qxNVxkY$r@-t-oM1GfBp2Mn6qMrJHb&AoeW0Kv(i9LLXgW!t6Xj zW3QJw*J;8Cp}QP#o^Uh*I0Vqf!;o^2Q>>|{fPjn;45%!W+!#sFKuD6h7) zU=N!#!5g9t;`My9cDnQeLs1v_o->5QeA#rIF{lqrAZGN%;YMOsC?ZcWI+%Pj&9^NK zmv!FWRJ*z>99w+Lfka19OHHu2CQ%e>sV^zXOWd)mw|D19>SDL-zU|J>t}gq0yMMub zt5@FB9+U%ZcduOWV0Lb)w_kvavm?&*2Y4PZx55+>7LTxugaIU+7$K^1_t2d&=gFWa zA|Eq~J-;x2pi6y-G!*;ysX5ssk@bgd-0Ltz3`4;>5oy1 z^l^|ygq_JhsvitDn{TJ?=a}w?-Yf~*M^rFt_uO2CcG!GeI3D=yhEorN)u(uwxY&Vl$mj0nYzh^johv{ z%PZSvd8I}E19rP%JiBV}iZ2pEgeL*%8iaYUeq148hCO5y!dYHE1;Cbe${TejBUZ5* zv9m9h81`eNW7t4Ft7Xm0d5nRNVi;xGA539%A+WRukMjZlD6wo(bC!h>I3F&|vQ-Zx z+w3T7Y2-;xYXcnwlBXlR)ql6^yK^!PaZcjb%?b#iISk*>tvFJMFl@EjOp# z7vT8M1bmggb{{IZ$`%j$wlWaC1*Gud%??B>qwUe&=s#huT+_m)f2Rr?x|Nhuhp0a91R+i^Q zTjPeBH9J<{{kh(7bS)1Bf&6XNeMYWS#=&dJ!Ca?`ji09ZWpC? zh^6qH5Jzc)Y7yrns7a3PQNnrv4H7JASOiJ3arj1Pl0ekcDFUkqwt+V%80P6Ac95){ zf+1g~5{QF7REsP`gq=B0x;N+CGC#ra&kaSU;F7#-dj+XC^@j^u{}LK zdzN)NOB%|RZTGD!YOOCf&0Lq=vw|Riqzw$W)PgnhJaXLI<@2hi5hK2xyqzYzMc7Dw zcM?W zo*VTx40Ky=jh%B2;HU%{8JOEn$j0T-DA#ZMKd872wS z_scSV4X;5t$WELAQ-B?!t(Lv(@fe4wBQ$0?VMYYNB7|`J-yl zT%W`Op~YM(5%%eXdv27-(HAoZKr>)A9E%sD~PGp_7v@>lW9-! z{$lECQ*%#E+4(#l-Q(L&Ngn`VXnXwo`Fwzn?k?KLM|T(R!=sP{bm6!V%JXCQgsVC0 zV1U?eS}R)=PqeX^(YR$r?JMi+R<@QX+Z4USIy2PLQBj~M&iH~h`QXgQ7v0`oT->&X z>5mw@AbbnI#9SF=B?w1OK<(oEe2Mdu0x(u5B6K2P$E8jU0ET6Z;&HP2C4w2}@zAn^ z|8y$_b~}L9hbk1OIL!zXcTeCaIBTbmjMxs~wQ=-AjKN&OJZ+oj*_4L?+Rv3=F$gH^ zKdNRTd^kW+k&RYsBZdjCvN!Fnl2naPzNEa0C$rL4SaHR?yIT1u@BV@1I%N^c!bHEk!g&}cPP^C@fFU}Z8xtY96ig4`>!davRO;z+L3GdN3ZeTFDs|~sNST!=-?Q{tnX|y(Dw-KhK&lrP; zg$#o;8>+B6Xj{#Ds6zI$eBL~cGQY)%KMYrMaABlXSv#zKu+7vvtr*7%A0ILiIjbD~nH_%h4h)z28N#1);Qn5DhJ*M|yrIjQ?%2JE+L4%pnSzZj zyh>>#>A)0yjHLfr!cPfr5bh*AM>qlC#P*ZSCIA_BeLcrObRK(f&@oA^;mfR~Q_dsp z?G0)zFK1Y~i{xcR{+L?K5(M53^?jDg_>PYd{+r+?G!yP8=s2Gd!g5|dOz`mXD=fVN z5Yz!19$`N$#7mZa%=bXY!uyLp{ty^#<}P{H%#eKS{l8@D68MTfl$XF)R;48fA5SRF|O};xoMQb3huqq%FBTYIxXwp?{s)@I^9M5}^6? zG29@B?%{w{0yxZAiT98xs^kvldhzfkbqjzK0e(tij50hoW=erQk9(LXAZY3u>F9#_ z66pvex`!ls(ew&QG={SJ>MV)AMxCY-bgBi7Rdo8b<3`G|*Lcu))R=)YP=GoVC%nr^#Ukt`PF7*33W7i3f5S{~QgNCgJxEDlj2IU8KW(${G z#(Iukw>A>@PQoS*v)JYG8ZQ-ta4De`5Kv|-JyayKs~oj`9G(ouM9b*Tar{N^MB2H~ z#e`iiB2!mEd$Xrt2{)dkPLSN*W2bo# zgeroCZC=RI?*TI0f|0l>f^9i|`Lo^M8eaR@-qk0Mt@<*A(u*_y^xNOci{+;O0G$PsBm$CalkCxrCfgdb!@EizS# z*ByCmai!m zdc=By?ksVf(GK+;@q_H~dqO#*j3^Vz zH5@Of?k4rTL%=>)o-#MA!|(HSbbqV;lsu;>dB`=Yg_pZf%ACuiM;-F~D6UAwW_*QU zgUqd!h@8k}i{&rP{6vnKT&9`(b)FGaj8X;5)f-WP&b;npu42IN-wE? zG&7=~&|iZmAPr^FIGQC5#Lbjy`Pk~ z$nULEt5uRzGXWjgQD?;xW!Sz!2<{pMC9+!-0Eg% z0Cqd$Z_mg-hi9%1Bx#`Cjqv7S8Vje>P_737? zNF)_fuP?vMWmv*)P5|RN9r=BX@l>O%jxe}(lJE_}4+!H? z{AjFVsscZ{T8SH1t0?Hatn^ues9q#2F6ZJ33c3{@P^^+LGOsj`ph3hN#bwC;v_Aj{9d`Yg*)s*85ki)4P_pHGfTZ z6qdQe_3ok)tEXJdd8dfE9+3i=^Htb#fjJM+Q{9EkeC^G^4Wu$^jzA~?v3n1b^~3m* z2}LxurnsUB*X#`%J8;*+`eRAtoQV`PpHb}4fX&XlGNUtHHJT*=VS(jxp@m@0QG*-K z19y%Z{J8MbWn;96qc+7WeQuE_fr&4M^$6h_%})GYwuc(9>L=_XOcTV3JU-6RPTO9( z%%?bMJ2~Bc!VqU`mum=~1MC3h6CYBGHfEdRvwqgI%QnPvfDi6*?&mZIIK#UM+!=yH zSQv%-Amy2xKuwWk&T_|$8co8o@4VgWTNRHjZz(NnTOO_M_6O@f?=H>vG*lI>><+f) z+w?Y%azrs$j5nl;+LDC>3m4zDs5DmA*_~%{#8QoSZH$(dF0Wn?4^VElb3WytNfEhG z^%i3`H!}Eeg>Zn7B7_ND-1{G58tRJ#dRkP;%dHF1fEVk-8^>Urhrf^%9>FTL}mF=vGeQdN>fZ zjN=?0R5!Cc`}FMg_A%y+O%tYA4=aPmrHww9EVGH6TK~MPkdbBs;`#;U3rkun1A*!V zkrhqV%kOWzZBcpoqC1+}2IbE$)R}Arj^aRFR~%b1i`pA|qpALu=7Fv#!+(&mb@0=j z#h!yA?4hbwjULRc2ALp4+FG4uKjeT1w_n(@CYG5 zH`hJ_{ry?L#y}P;V#2Un|sUcL8p=afw zA5~gr5YN!Zpf8fL((&64Qf-s^e?X>l_O%!Q2hd3{RZPXFM>jZ9~ zQ-g%ZIPv@GS>4Bpq9;s!jjP#t0Cr$22Wb$9_fb#Rcs?0!jFT^46S9{=bT)oD&Ku+N zU$CDq7~%`OtXq)71-@VpVFDnFvqy}kGG^c45V#ykn3`MWHd^bV%bP>8Jo5vkq_(Z7 zCsDazQ`2n=!et$+@BTfu%GCrDtL2vpTR+lnc9|RC7j2GrhdKv47Tmcg{A0bz5UeZn zEQ3t#f?)lX@}yKE{iCWNmrDyP4eZ}2N0zdbd0p@=rg4&st3cQfm`6xU-y|{cVM|_a z8mU9-CbhM?doVzpHEyU6WT!TeK#e32q$|yOC3ymKUllNwFKZ%fFB>Ax^(qx<@&shPuHGUEO$D z7?AE3Sqkcv5E>JPpiPIwGNO9ALtJE_6yhN2Kte4EbyK~Ii4Q!LUNV|qk`QMR;9}8e zdQl?XJgGL&JN^{mQNVCNn5Jt8wBwt09_6>nnT}4XT~RV9;rmq898vjGV#Qj8`Nh0=Rz+DgHsBQDswBEfv|D_n z+nwop>?(p|U%gU~3IH31H^A!as^7q$o#=u>^;p*vUCNHkiLNtUBVCYnhr96eW!YNW zox`^aJ!Uqds2#Q*hwDQ->^ROP>>L948Gl*4ELjHg^;Fq;?nw5R6Z zx3U+%Ki!M_?R|jLgv@Hd`C9?g07*M69ft=(J7_ox*NAq|di17t2g>lXc7S%e>;l_d z#Tx-Oyq$2G5NiM=32kh4oXzfO>~CZXS}W0F?NaMiew=9?Vf)+Bel>V=C$!3i?F;eE z0DEv@Ip7T86dIoK_r?2?edy?^T;p-j(XHoh9lLevRy_ize-t@QVrPw?N#Z6En?uMY zyTm|0&mMP_6*WA+G?_h%8t4Dd)*-T(%OQ+n-*DKSMHL=zwAhJ#Yo4kn8kXi;O!=nT zh`+F|v%I)894~jrU3E(;J%uf6Ta#-Wf~zW8!qMWyqVTf49sYQ0$)a^iRjnb<5bKn` z? z`3Hcy0b-L}j>SZ>QI4zTX(J_Iu@b8A79003aA!V(F{994hW%iV;u0R`2-Q!!ly?^dC7hL)7YZ;#uP_8x9-nWkmo#WI0kV0Xwl#~6-=%)}i@M-L9$m2&PoAAWXo z9hqzen0;38q0b^U$&-z~%&O~Ig{fl>b6GfZT7N^sQ$U?A8{ipTT_rmnqx=bev+t zEKmM|MmBFB^$ztdSh*>Suj$anm=gIA?q%72`@gfmpXgns&9Z7A6+_oozaZuT#3h{F;^ph-cox2LqBr;?e$dnaDZ%6Fvk=b)4Rx%3H@IRrrJ$+sBCbAiCFbO?ouDCee{_ zgPT|#*s(_wM4Wkc-ac-h#-6_n>1>LpIX^+-|1JP3EmXYBpZo%2$xuEbw52*fR8pn{ z&l}Y*{JOYtX>6b+0jE%b*B7i?aPp+XCq_7g5x%9Ruimeu78~+x4y$$13i)%tc9i;Z z!wtS&ia6C}@U2t+yKJs7GlVmjoo_mC@B~4TH2g=Y!p~U$neKCuD!iOt=-pJoP7ogC z`CJr3=!Y}-nr!9$7z0v zl-kWK`QX6Rp3QrK*_*F%zEK}?h4+&Hp8(9B>6-bD?FY7>FlG1=-t4svWnc=R=O0s6m8tJqIQ!i zMUs$@r3$_bi9lRo!0g51M>MIi3sJ3zai+=VZ5&B)tmrP3v^&fXFyi{S8D;JaMR_mE zYBy*3=3Qz1q{UtNLv;3inu}5kK=axwxIy{>lqGdJtA3c^B|Odg*PAz?&Ut5(iPpMV z|NVq0;da6b!eKSpWSF~hTY+bnF1VgzOPx){C3VL9 z_Oe8+veam|Tk{J&wq@SJK%G2N7YxNpN-LH%&HSCbJQQ^syx}T0!ZeFJVjayhFA92G z4q8Zq7W~qGi4&N4_HZ`if<(aNKo9{^D{+queTA7=7<1%jeu$HI-X!NdMwm(-Ae+ty z9Ya7v9q_q$L#PArh@-zE9kT}$kvV2QWj=3)koYa9g_Ep4O(1Ql83J=PMSxsV$AodK z$MrZt)Y6UTQdaITJ!j^j&!*LX0kipbaO)tjqfIHVEM|zTdPZ3VqU5O z4e_8na_c-LprWNrC;^I8iNE*oQ~1)E!|cua(y!1(@HN8s2^%RaZcefn32>LO{A*o~ zwNUxf@Bwgfgx?%ob(7f3NxBdG=J+EXSlr+Ok7PZeelEkilp$ED8iNfO$DJGyF)G6N zpQa(X)3g_cWbT0MAq?ux?x)Zf!6TVrm*tM;Wi#OW8W7c(_mP1Zb{2ms;X~?m&(o&y_c?MTJbUi{O!cbvvT*zAn%Y|ylt&h>N&91s zMMe0tTRi%oxiIq2ao%jQeW0r>+BMMJd}mk1f7L9j4+QF$R8=l*DD>AYg^tpBV-Wtw zpGzL>eydaS=x=*-&ZFjFJ{%L^=uvZHs1aWeQ_627qzTLd;h+B5p{@ha$Kqwm2NmS( zj0jyfHzPvg<}QSZPc4M{Np4j_z*;Os1tLr`9DwHy(~N^cDUqfqEc_G}yG%nIOJY%9(T6Z>!W zvl4NNDE)ZwU{ku}Odk9#o``$SdmX28+}Y>9B_3PR8Y*jB5v}g^uk2G&iC|N8uy3iS z8ez+k?uwd{1p}R(A6*oRmH$e9U}ee~Pc;nOtJv{Z9JuBwQZ?r1Ir(MmldF&$vZq{M zA*HTkj8|gpH?2EM-;p>J2B+0v*FUFeE!!#%yWWNpQ#YCDkC<0vG&?WiHTJ9GB?xBbBFqUVrB#j@lR>UJD2x*SJ%W>G?#>veO0$t zn!a3EAHlZtL{Z0*?#wIjRxhckUC|I+zwy3XsFU1}{ec&; z26!Y@HGz9HhbQErKa)&EPRg;4GMdSr?GFJRCLK4x2}K>njBRJ;YaqSsyv$>fdCZe@ ziGf9gXA^NtGY$d5f`Vncz|F8C*M)XnFQpB`u^0vh+9YjEH^qBNT@UY_=72G_=WZ6~ zG4fAE2y4z8xqp@7y{lzqLz%U}i$i1=)D-r~BLfZ1O)DH8yE)XnGozDuRujL0r>rx9{v!Zwl@n7Z&DPsgz6gL*KsK`(;q<~(tJ z3UZ4?{!G^MQ|K2b@D;P`O#g;&bex+<8cBZ6f~~)LHG4_o^2keZE1a*S_Mrjt@!e^A6&!Ize~Gb;2dgwL6If zSreSrv%WUr^p7R+mxSQL{viS|wu1+8$V<4WzTLN?uXm|VZ~XWtm1X%ByZ#dk2iG(# zjd`m&n)~mIZeNLANZ|3sh?Sm}N03|m8`aLecyCHKIB*WCxt9qE0Cioa#5x$>ev|aM zoh87A^z3e=++XIIC(h$Wj?W!k~iIOnJ~ z=A7cf%O#U{T%+oQ3qvH<`*~9|H!Gl2%!o}Seos*|8YjGf3e*uks{WYQ&j7Tan}0<$ z>g(ojQxW?LZ}pi6S+;P8{DZtvXs$M+r@!YzA%Hv1jgKC`8;6}Gn~nG@u}yjFb@HFD z43wIecpA60%juxWs#oM0^K~(e2-yv zhXsFBg=wLE@}Rs`#z^+j>-RlMQJnb$4+k%62wMp$-ZM*7cCvp2%AYMy%!(0seZ*g7 zn*beBtiWq$Eub_I85MN>;^YGL9Sjbp!R2$sTy3sy*Lv3`7p4JT9xtZBI|U}@g>Q70 zvpF3B{Eb%zM#lnENG{=>AifS>$H`#XDVpcfoIA?~Nvsx0#7GhG#6#GxgU}hQ`~d5x zW6>|B?>rT?b5zIJ9$&r#%kjN z<4U6e`#g+$`L%{`GXHG+x$##>?BkPjna*e+D$7!;Fu-$bpm1<-4V;(je1^jO9Y8AI zXz&?ghBiaDVZFhK!)rx?v-%#WDV1-r2Cdn2{y{6g`;e?=^)x!hHDZJU^*Z5$O<7a4 z#xEJJQiYnPJ9e5Qe4TVV#f5|pcWvA{4dX&meQc6A_)jD;|ALp(9K#o^FI!(ja;)5p zoHHgX#gU-=;L5Kb|Hv11edO=HwRV?0^2^s%_3FQ!$jW*j{Qob4CZqCW&$tXxG3 ziZo-yPt#FqB5IIw|3T>yuBswexkKvX8o-@fJg7~r!u)6YOoOJaCg`kP5GQIMv;@^0 z6~~G3&w`DrF)jx?DgXOe8fOV^R|sgrmjPlY;5)EpG0Hcs2^h%-=#)Y=*plj>^^wk7 z0$>OYM>%U;rNx;mwAj&l$Q!!nTzGGlwU^-Lz-Pq)aN<=kDH%1KMNYxHko&F zL3s~1HH$e2X_VRH-tRubzc}+CsuX{>DD$A_5zk{DgeWfhs5jxe@$x@eYp~dum@gwv zDrv|bd6it4Kd4vs_UAhdt1Mo}=iGr+*cBGj>1A`i$5v8@5ZZ|_a_J$B(!Yr;3KlM{ zoH^69EE!Mf@)e8498EBH5PP!#KgRsqO`)IQ@UbJ|@G6pOeY;3?gi*3LQB*6{|7%06s zP2(kPFinD&Y>ZD2Bb#s=+7d4`EoyJ@LfqopCSD-_K>kgDw8g%^-*;x@1=8DlpXXYS z-#P1dzV-dy{k`Y%yRwBA-s@!_qJ*4ixx9}S-i!1#*Ky@8dAITfsYZHH*!D6BLvAnh zBNaUTJ!p!eIxEO8lg>h%935K;_t(5vrXb%b_b{48R5@c(go*<}i%@Z@(f?~JzE=9>at*5%U^U9H{2Kj>aN zxGv(~dh5*gE|a@a%)K*L*2sS4Sy-WXp(`=aH-bHjO%7B949u0J&~t>(%$T7(`yc-( z-dT*kdkuY8FMUhIr-qf4=)M|c6A>N9kV5D&>M(rO>;b*wu8Vag1bOVZ!Y~DSu(TH1 zRtRYs(#lt8dU-) z6hO{*kr6#+6n)5Ox#&h%9^`u!iFFnjnwuQXc)~D$;ewRQXDcmiFx)z7XlTeErw{|6_FJH8!HeGv%}L1USW4*mdQ|bBCJf zDrQhw3=4_u#JR-8+6x64&!}bH|EN5<+O4UX71Tz77DU} z*18V9Rqs{e&gw9j%^OHQ^QulEc<{6J^1g+KQTHb0pFvFAPOn-R8Pr zsIH>MYw=p@(HDxOfhUYBe~S1l)zTL*ixBo3u9jPs=ajv0?0`T@nbFf-WDa0zxk2j8)fB z1^Yg51$6$Hz0ku`yCZb+c53C3SPPV-2vqrF8^WPSYCT?$+pj2v6|EN8U@-WVl-290 zMYQzrCvVorO9PH}*?IXrOHDXX5{`)WHD5U-|22Hq0Y>(U zoB&iLmV{~&<?S7h@&sKjDVhMBdDK+#90P;(V%*i7?(Y8 zR(*~7dkN8)h0FmV${3d`=jHOv$06^cnrt^D8XcMAzCFQ zR8fO4fD9x3ood2@JOLY1U;H3I2g=4UlC6^nYK$x{mD?>qKI>fZtPV#v( z7sP&mbm^`DLyR5^oC;vU@9xHRFTp{AJv|)o%_Pk?ajI;}zotDE*v+t{hcRQ-g83G2I)+zHr0U5pgoGc6{ukEMOjIGB4LfxRCctP6CLf&#-U1grP)*vwoGp~F?9NDr7u-v zHQLS9$)LBsyQ^Vtk1Us4%Khyzv&~%BU0RN4b*UMVsogcz4KtFJ0*B0$zKz^M7GTJh zf;NVK0Pd>Rv)Uk?A&`Wkp8yqtD>RmhOdv**Yw(2RNp`q+tavrTACqk-I?x|Mrz2XM zRX-7P1=hb};?R~BI7L4J!;giF+>CX|jE%{L5Cd>*vY%Cz0^uWK)PIJ+;bru%A`j;V z#1avASJ8}RAuU++Zw~`$tL1iqh;kLsPjVFyC+a9{uGE!!2uD#B{TWdewOW+StuSF{1kB~oE#mgJC22(d;ks(k$4W)D*_7EHa$ewXua{rD_0%LSfI_NnC4ERR4xpWq zFJMH{kn4HmdbtaOl+`5>sK9L;oIwC>Vc|-6E@$Z;eH6libZORf)I|O3hbE42v5BDo zx=n29HRD5Jq1I5;&7tw(c+&7dw|?3n@_(xbNfDkPaB>6~b6=x9BfiHp)gLn`{RxVs zBj|L^XmMFkTqlmvtCrK2i-rH&7aQF!cb&TvgQFdGAE)kR7!t3mBXfYGafDzPqmdn| z8m(GY1^R$lqVVuBjEFtu24RB%rhzT9XA1^3w|jwjtGnueLk-K!+OCGyWUQ;UtGX&x zn{p&Pt+7;Xm)UH#yk6blpn+}9&{qCsxU0&a3a4VNtqu6Gn5(uU@=TQcGB2We5m6H9%C-Pco?@r>YhLiTs9k)lfhdh64W# zR6rpFOl@4^3KB*@js+S_xCP)_pvI8Tf&yJgX@z7~kUq^V+Mg?bP1BDjh)v!C$T?7+&BY6;?zwznn*K9;Ce<-g1{pdi6hdmg zLsLnyBY4r9tinqGnW@5+O`SGX7@#?);nFmn1stlL%EHbM;n8t|N`fJR%>+jY_5oyu ztcO}apSXuape1abHEA zUP=I5q-ysd!Eh_UtTup02+k0EkDx0Bum?bUx@%7tXd6#&Jq_|t_u~2y0L{}^--ioF z`f%ZV8Xz@DdP$_yKF&soC{Fv>C_x(wCA4UiNZ&15wu>zj!uwrlltwidi)7o*09;jy ziOeGJlHPikjiO-UnnoRDqi$%~EVk?sf?>Ajz+|JI?!sx7%{a+sxO<~)R~F6C+$6za<9Ft%;~p!{60rT<6w11d3&k|;|j&CuwJ(}h3f5Cuj`d|c{}V=nIr6vkQ0f~n6D^kwT1B;Milu$ z^(7v?kE85*Wt*}C3_V$4CnQtw^t9lCD;!=6Nrd-#`Vx+^dJZv2Lm^C2gCuw)0Bu|0 z4$OBFmk8_rAQ@vkPZs$KWoi~25yMnaas#Cj@QltXqbIq$TzhiVQthA}wc{^&P*vr0 zD9>1+`>b|20u~-r!Kxi74$>sEWS9Scr9z4zirrkp9hs(NCI!DBPVS{Cd>a5Me3}Gz zQk~2$tzK8XwHk{kiG2+=?CK7Rcjvp7xz48kuDwa<`a~Gx(Q(KJyd}wU?Bnrf}pe6nFg1xZsWewYCY6l@S9A%_0Wt0VRtsh zrE|o`fa#zBy8W{dkScq`f5LwT_#xXBWa0)Kyb^pP_%;vn629#Iy79VWb*NOT4sHAp z_##VA^%(6hx?&jGgRvvA6EU3q4oqwIK>Tq0cpL>BNFGiePx7H=KGb}q`9w3$I@@u! zzkR&@SUb)>!ZwiI-!a~CtOIAi#VXA1>&kW=?ZR1IFD6K;cL*y{>+BokBHV=qnJ(pu zO!W=*jrKvAlS&Vzc?Zi=8%mF+8EI)+-8B59rVUNQt3%U9dDb;BJb>rM22iMXpkV++ z(Qd3}t$T3RAfB2vv}g#I_RPkmS+f_-<{NW{=kSd=d}B_-9GIo6*Y{$Vf0(^^*nixA zn!T6`4h2WqdE>!j!BafQhK`0#LQa}JPj!!jB4LAv!PLl_}A&xvtC}=sMhW9KEP@^$ru2)w45a z^)BjV!}^BNnVPq+p$|>2OXJSqw1wAnnR{9kXX--sRcc@e{ieAGqU^FETvF=>d3|sQ z{YE^90%s4;#&N@J9*bVnhUbi-!#?e84bqR4AYz^ge%58b=7eU51{xjatV01{bp-;csJrd*#o6_Pi#s}&Fwy3cj_8N+QP5Lpr-u_ma= z(qvaA5BcyALc}wB7}(hO*+Y#6v9^aG56ec1JBkO8mMFWhcxCY>9O!AQOu)WUwyvnN zXppMYAuxtnid}yP!K+$K)V#>H#`cH}D#3O=le^1RrHBX>#ImqvfTx_k$3g50THS<@ zBJ#lOsll4oTl)w46J4np{hh%^tJz?Ub=8!r4y0}$#g<(UM+}bQ8j7ouV0n-xIe}1}*+T}AFOE49*@(&bI~}1rAdyd)!tokYj; zg2{cU0v;OeQm^3=N>X7{wUj)z(3>uS1ebl_!FB?JzZw%_qnd;kHHvuaz$NNlfJ`G; zg+{b`N8<~PSeHRq0cN7sL+yAx+1|*BniK-Or1elMt~Iox{M7(RWteHS9!jC~b}N$L ziRe3JXAjx2lfa9ss^B+jeVM}d>#=RsFRMqFM$hUW{t>^9Ds0G(M3+X_5xG6bOKnlH z&$T7B^=;b_XH%PKJI8RF$u@C4YUM|uO+Ex+?3~Z-c&t*YsN|FvJcU3XHPD zoWV#CKipOE@y-y&WGFOxwcoVL+SoN+HXIpaUu^^xqJE8FAHjBlaf1EqxMKuc&_(Ie zrxSY;2NOpUClVm0wy>`b5IhZVLqfh!?MenDGZN%Ja75UdYVBwbhn@0w{_~CKxjUz& zs{HBX)amU*vs;$@@3x)G-;isYBi_cMFPOgYxozYBQv5&1#T@mrBcE+oB0-5u!o0OlTXL)c5Oqg#L~^t|98LJf9TNsekJkUDX+dNVs*(# z8u5v|1G?;}^nGThwLpZ3osk||OTY{vtO5xHuwE|6hiET%D1e$_zo|u5QzHy?bXAJ* zexT&ZeO4`Z)3S;tHsGZJ4p|L|L}8`Huj(_1pIP7&)Yk#fl0!AP9TnFzQ7GGG5zAd0 zGLF)Iijh7fJ-Yis$gNcf_gF!B z0oKEM>EGp@%41Se`h@y^2+6Jh^Qdr#22myyQ)D>d3cy_}gg9d%A=-ll1*tSR9@L|= z61wUtajkZb5Qb2zjO&zXQu`by8(N0(0-zn$oD8e#G2_OUVVS&qrxKAx>Y~pMVfLGTupRFU;4#AsPC5#$R<{TNE_0Cw3dq!6?dx;^8O zq7yJB(7sdt3T{OlG-lB4+=Y<5F6wZY!tGNFgvGWVD!K!SRUWQ4R~e1INLw&bU>k@; z`pxoG1EO;qrdxesyS=u`mVS7^Q(o4VY6?bSkJG)O+uSucZ+J?@mCL`5bp*|dVhgp` z7R$x#+w_%JWesv3n=}RXAcqtz1_+=F&mJ<0WdR&UNsZ`;$uMq^#6Sp4svJFl{l`Qd z7(6HWmkUuYYdv#&>!vmPy}fr1z~wlseEXBd@{>w+67jR93f-bC{kdEr$K)?V#^gsJ zQ$t+BO2z2Tr+jdNU>)Q>DEeCQj_jGt3;&SK?XC%VJR!E@8&^i;ZI~@~>C14CCVC8l z#^LxBfN%ySL;D|`nR7wPh3hfR|0wp&J5R$FQ?PG{HHpv-#ODIq*gkD}(ZjF>(N>ji zrk$A!Io%{}rD+p3%A5_Kwx;xv{H;O|0x6hQ>Q#@XxB}&&WOZqy(KfTYx3}FJ@2Yg% z@3}207q3`fMI4q!M;{7UhIEazG} zI3M)ep|D_5wZn$vF!DmI8yO)mL;OZkTqY;skzRcc#bm zJ&E<5doh>BO`|a;pD*j;Ylq8^V<}~i*iP8afRoJ^bGYI-im?kxL*Bake$}y| z0lV=s$O5VZaLDn-Quu9f?}~JG)(!e6^ENpF_jCI5RSpP0v3UBjW{vT(Nv-SBNsnkzwMEzeADyMt&c=MaUZOI zc2mPw^&ix;Kq|cQiu{kti}rcgXirXZp7MuKaJ1TxLt;N~~>g(lib~fh(L+h^@-# z*heu%vu_!GVfZZ%3Jp#}#9)9Lv)wS$aI0ZCjM_O3OUc^`-W=i73v9yH&U6;^DAusn zZyo^;2f9aH%#GQ}42v}KIjedcRQ*e&im?CWP?ylUQLh8kRdQA>E)*?9ZnBrqwTFyg zIe{7=E5K@k2Z`CH3vo!#sg<17RO_7;-Unw@r-upL)8&=Un6t+@+j+ZltSO=`PSyxzLn!W}#1@4bqdM$G-cUbPl6K!qY(6cVOnCI)(gBN`VC!iX*-0*$rw8d;aD0%V|6kn*7cHv-IW#SLlVHkst_v+7577`b*>8#q=l+*{g zG1l1AIJ@!o#T)Z8Lbd5{010}bW ztUzk=v@KsuxwSsWw0=M=ybuC=ibq>r%TX zi+8dd{ZxFQWVB>e$>x&nCA(P8Q^A8% zIQR`gf=^Q5*UhI6H ze@ltdXCWa-MY+;}jnz8+s4l6N)rokt*xxueK?OEpeYLp+wbzDLSr7H$`t%7LWl|Gr z$8@1R>N=a5Zq4)qZ}pG#18+^6&=ya-4_XOf&ICNwdBaS`Zh&~HFFDWyu>zqSk0rAs zv8Azf)DOG~F$O2DS{4hlh7Mup1_d`Hb6hXY;s@HLOee&5XVsog(XlI!Lw;GznQCHr4h4g(6rFB63!Y~-P;QXbkT=!jJFwAu@ zuG7h~XS;59twq^t`(%;s>S#4IsVF-gOZTMpscjSU8oJh;1OQ|fc%4aRrv}Up=6;UT z1haD;qPUC6x9HBF?ntt5$iZu zIcatWDqJWYvMM{g-Rc$DYqbUHs#`A)<}fvBgDd|kXN5jBi9Cnp z%n~eI9k)VBr&gEKY!*fcA{HBVdJv$K*2gy(9@7?CSRbp~!3<{LoPtzLR0AX@t|89y zR>xMbHC9?lV&j8y6?)Yr>Ic-T&c{)v>a6OmB1@}1;r$x<%UUZP1hgZyCm@cbiUF?V z_{k)ph=4c@J6v|BnetOi!eeHX0q+Yi_e(=A5WIJjBf zr3k%ESn{?p=azHbFS3VqIXX>ahvJQK_?*vzO$EGJd z$!eG1I?Yh-bJzN8{)i(s%OfnVLp9(!F1NR&Xj0ie!&~7_1Y!@-?{kCL1 zWcncI<$p1_l{#U0WRy-{l%%S3vDF+jH=EOJWRfz{33lQ(faVr# zeEuY!FK2M}y%+`%^rEi7<`(#@{)@qfe9~qqqOA6UH1+5TD;RJdrX9I=0;W1zg|~*2 zs~Pk4kO9~clNE%Ou=^MXXD zM?6n^_IPL)$;5}lzA@iwAJa_j_8ssY_K9o$G5=~mb58B{AMhXc^BNV?tAd+@+k?A; z`-9^_aSg)sRiVwH?V(+v{h{#?uMO5NtX)~Vsg{|{_SI&Qkx)ApIR!bFq*=>@6lMIH z%@`n92!I;6$K0#kTigr}eZYO#ElP&|W0j9VqIdcB`^H7BhWw-cRsPNX?fzZ<{r>Ua zTPuq3S4Xx)o{H>_9Eco_pav%*XHWzCHGG>rYO*82N*Ebd^5Hqj;2D2y^LlMIk7wrC z{M+9f9yr=Ja4MWMduyO_^qP~(uPYt)%1XPV@{@o6)vx5OpL{JluH0A98mnAS~ID+kUT^B+`+yJ8`_S`{_lR} zD+kX%-kJWmbj`!c`l)}LzA*LRL8bLF)Cy7q`9nkQv4s=Yyv?w^F!r1~>bJMRLJtO}xE8bFo{#<=k; zy#+cT^6tPRfsVXL`#LYTHf(imd5KN|P71K^sY)9qBivBo{Q;6H$&WCg4VM-o`wI3# z{E!6z+0`ies_870keN>8y6eQFIP4NKAZGHy)b~=t&E#I{aY!WeY+SDp{k}~wM#L%{ zK;9sB-D%s0!0Ot`n)5YyHClt4JAvxd6v1tvF^Ur+ut`Sav&lDJfmbR==9d_{6&@`>cvk}oD-P8uN>_Mk@EY2!s!@dS^LmY#$_ zN_)BN#}tk*asqzz`lxlNh<2*x0xG5L4DW;Gk*JY292;Y0PO~yc2;Lz0VI0*eUy<0D zcp~w&#EXfS6Gl|?XyRnzeBwh^)0lAm*QzNbV>u}y=r?$^z_FnY;^@4+hp-GWeOh!@ z5*wLXn;5ty66kHKFPl+daHMOIsnA!M?5~XsINK{1G#6ecTbol*Klh<|%O0CmT@h^Z zhY+pb7>b5xESu7M*FarExF*(Nth*|G!@kOV#Ye=R4gWA%-?M#chHG79D4pQZHi9$& zcEKCpfz<8{_R3FPM_H#nktCbi&#CbN0UT+uIbZuM_gnqDCykQi#zwdcyo{rtM;uc_m8*ICEku#O}N)OYd~&DT+X zmUYy>c@oiuBdp^)Tu^%f^3kF`;BnB=40Ch6#%QD>Rin;GVFW#7K(5zwLHEOHLk)5j zr3pUZ?kkZfLP`-B(eV^VT&Rq74+tcQMawXG2p~xRP4GQcVyDb!Exrz6<~{DzDn0RQ zRg!xt_f|x%L0O2Zi{K(uZUUnM6%ad$2==3fRdh+-MaFP4;kifvv#SJ^+QmgaPQc{8 zDx+wqr$O7OmtYPcsUnB$PP{A9$7Xdk4Ty|myd+8)V=21{hFQvP0PSGu5z3Cwv&6Sp z;u(}E@Aq#l7cCoFqpVBZvT>+s z(M?mVb~(}0^P4Yi+Vafb_F%5khx@33bRZ@k#`~>8NwPBO_LA&Y^K<6Cpz6hZ5jok# z{Nfw>I&f;%I8>&X|8dlIeta2@^K;|I=eY*T^sLl;`ZLQsg=bvqJM?kuC-@P;G5{8e zy6R=Ju6i9!%RgBK0ULrV8W!Ogm+Ii(e+UtLa4{D6k1T=i9=y#N5Uo8HZqF=^w zP(K2YG`g|yhWs%k8|p`#NWx6x5;p#vsknBj@OOn*U%r6%wDYAOVopJ!29=r+5WD5a znjhbq*!qRW#~w?5UjC@@$tM#}e6jIMPb9uX8DiCyzeIlV7o`&LER9M^EvLt5KPI)h zl^{T{7l6K*%nEvr#2t{uptyxC`oP=91-;r3Ys<`k~U^{|{TETR>W8l%?8s2`UGggc_M zf*A-@5Ow^i(SIWKML5%HBCVh&)jDyeM)5_C)*uE-+a>L%p^O->3oMnP((Jj&d!Z1kTMRpHVMZap62Uj$H(&2u{<>a}mKMg7>%yGlMxk^sIA)$4C<@0}j(y``63& z3rXovK5=BRwyta|NHS3__DIqn$FWB`r5d?Fmk}+c0};H4fX;Z7=21Qi2{%GGN5a!G zom+^&Mm%EpEUv-HxTQjKn_oeB239pmg8PIJ9sZQeoeVs8$R!-8^X~mSOZIUhxrt47 zic}AJx-FW`scwQ@;s_H;%Vj`&idf?5ASbMg7;Gm2LtltDwOytAxzBmHPV{US+5zif z&PuPCl>|?+h^J75y^Z=)6E-~%ie>|Ly|5i82#o-Di{5!kk@9%^tfX5}+)YDm+Xn}? z2OF!(6~$7W48f6KHk21HqLik#KjC{`KKzfis(QD(LC>L{Ld?er zt1D}PS~Mv^{8-Jk76eEaFSD(;ZL{sLfwr1YE6f1F1fA*A1VMsgn*^jHw9nQ`U&LF}Htl0=e;P(B%S|U!Yx*z+Uw%xpoLI*b~xcvax z1D?a4;~wZu&v-7;+j2K?)YAkPiKw1z-`NfUfKK7K{x_u_V5wdJ2;d>3IN>?tLFc^- zshzgHY8P?MB_fum+Zp1TUL1mNH!&vGR8oI?h(-!6EN}ulVD3Nzcn(wr79Nj zCxSMA>-1<(B3vDJHU#a89a-|KYbzpE6-bfc^~I_!^8U|1TGgBm$A|63HOcNk!$5mg zpv&V7#oaYsQD?Wgx+&NrH?MpS-?^*uwZ)gR-sSq-+J>eiNE3#Dp; zM!D`e;F67aju$bb-r6 zg!PM~l-4g~3%n6-^Yp!M#TyWQ^ye*YJ{_MoZ+4TP=VH?P!NL1E=?jZE>D6-aL+v+a zInz5}%EQQNn|%jG%w88abRxZ}xD|nCId&)rJq|VC6tWK}_8=96eU7ye*OB8ch3l}C zo1w20^70yWcqr;ZF&ZrVjDJQEa~BPW8VGv04~T`(P}5Cb{vapt34&J$-WI2%V_yN# z-mZVQ9uMu}h`u!w7qT;t&gAkr&sF#fd_}7(?&KHYp}s^I+5NxG@%b2*(RVbpMqArTEDA@$bPeQpz@MTpo?xX_WiY;*?V zvub;-w(jbgeG^^H317Hzux^IK)>m8A61J~g=xz)*1^&bpX|5_Qb9l?+VR_2VNT{|^ z{?k;bsw%X0Nu8;=XD|}$hy;TXPhGQT;1+{i+0q^V8a&$ItYP*#%Q{lX#&&n1v!#1F z8DHiv9D!-TKS-Uh3#+3{=}mS71WUlLJPHZ`l0w}niJW8wSQEaE`N~~*jl#Bax?L}yK)In?`Y0K)^me^CV-7($&$b>8R#2<=( zDgM>?x8i>u|LeGEN%my?eEdUrb7{u7D-H*!oR~>FRdxXcj5@>*3wl>@!}N|)SCh6B zpFM_e=K{=YCu`61!^7gkD`FdCPsF|!dolKM?8h;Fcx8N3{K@#v_`Y~Hev}_R6~7Sw zh#xk^-T1J!Ch-WAN7o6F7#Ri09AWD=DMP~S|11eo#c<2gmUYy#_P6j5MEm=k${!F&n9rH1 zlXU2E)b3gF?Z4FP`FF6H(?-gdQluXw^=Jhzr`PkwXE%P#eUQ=EwHL}WcpCds= zdYP~PlJ!o)E#TU6Sa1FQ8kAE5@ryQ6v6NO`%PQ7W$@c-)iY8T9D|%I%RCbF*k%l&{F|Uv;N=+rh6uc*k-ttbO{nGnN;rsnnbJ` zb!9V}_zMDui(zKesCY#CPV^N9-Km7*in@q^mYQlTN;42445a}IWWzu=P01)Pwl)i5 z3}I{9Co=6hBCZ)2qB&2*MQ{?y;|?EAeAv%uqmSM4Pzi`PN+eKDgvG@otd4djc8TIw zM=R}I)M!M6P}vowrzM8f$(r2;z}mzo;6A3VkE4tx@%Us29pZ;$He6qbE>%|%yhU>C zU&ubZMIgeVK1rdKn_x4+1psYJ)l;C&v@PMM$dd|J&r96W-o-3b561uw5`3NDKogG$ zULja4b~?;CE!8^I%AJmN&=yv#Zb0Sn_~CbTAfWZo114eRJa9{irbpZB2C8eD{dJXAZ=?$HQLOQqSX~)G=>f_mZ>|~*4F@p z{7U2v5o_^geJx_W+teTjlyWn58330U%e(Pe(wb(iKR!a4-21r)C!gb5)XRJw&v~>! zeX<@rsgSg7<#0CFb8${SPg+!e{urJ&sey+4+SR|ywX5G>gZnnf*s}f2Bh5?Uf|`@4 zQGPTeJt)7V@W?7vNjE|DtESObkZCkC`;mh0_5;vQ84htU*E2#rOuIWeO{i8d6k>6} zsFdkZ=;j9}3fEbLy@yi^3^XZDFd~c~$eFg*>pZ}Rs z*~ZOv8G!aeSq57jtbz~4fLTn1Vu4-+AEg$>=u4ozUGy%*cWOx)BNwZ7kFdEzE1}wQ z=_eprp_mTnC$JX}PG}9mZrH}c-VtWDT0^KCUQKF^C{LY5iZ4g%g~jKzx5B@`veYS) z>w>aRMz=;7MRYVk&qY-wfow|9Ijo~i#Dj!Mr2}I0B;vsF9J!u^ zDqWTv(^3GDTKhbYHj7h= z^EU(J5?+WTu-Zxcc~I}!Jx&GQe+Ffh`kr=<(dnK%k+%OYjSl&msjhX?43G5+I+-3#YD;P31*Xj70MvzLq*y z&DXv6&JK3XiM7V-+Z$(xdq*0h(MZSaZ&U?+&B#i#)7#WvH@8Lhm6y(ZxaW@kkZZQ@ z=ApHnw@-`M2CAOA{6B4;rgZ%RtTPdRUaWO6nUMdGrv!b#A>LNAgZ;V;$NGMG+($-zUf=C^+N-oeg8o z!U;X3`weocW=f6c1CVcnL`0w0lWqnSeTe)m`7KoNhk5clF9-&In3MC815_{K^Fjy$ z=1xzLq@64|KPkkb0VO(7%u6??(dN?alt-Q79Noyt<09Bjz;yB2X6tqcrzDZlP7mWM zgkiaIHnE74rRP}$i_1+-%TwgyJbZtPo*3p4inN{q5V_)WfzVbWRS8PE{rUrSj zT0&2HVLnk?LKE&xEo>quR70&WbAXLxEhPS!PlcFIN!6rZhVZhM);8Ept|rd9P78RQ z@s9BN$cxqTwsEjK6>eS70u}&gBDVy;j&B4YQWr`FI{V>Hxm8enAUDay!8#6cCy4@2 z5x2RiwA@XChhFp;{%1<tPQ0a%n$;Bkh#u0_AE^L^PX>{Q$i^Up>P@8hG?BkGyz0 zUCg4Mw(X(VaU)A|5zw$nd(yd+K~eR<`kLDlW#aK46Vqi04q#EM#|e%A*kSH=)!>7c zaQYtVG6`hpf>JRB&z(;$9DMG%{pW4cX{+X@8+qZn~=bnm%OIo46hEqB>cLGtDZ0te=WI#U*(2V7MSe(lN`x`!kk}-#>!!plb&7cHGv=X? zq2?!LKJlCoCtXcABm($pbxNm#3h03XDYIqpP>d?}Yk2!@!_rlqdN{xs`@EZdF8r5; z{D1*R!NoI@BwRaU_(5Dr$XwO)Xd|XX_81Z?USI^5l?vY8M{pD%m#0k~=Y>H`FZC$F zc>s;hv#8N1FPtJcNe+KM>5pBc;GbYU_7R+9WmY*ia{`PzkI_+`$$HeMNL?NV(Drx_ z(&CP(4%FR5JzfHl#N9(t*3$&LIZ=*?DT6s8sc*?R7h&-(@JQ7Bno4W?m2r021=f9l zHD-W&Tv&+X?9sxLh3DxfehRhL_Lq%QEI`B1>}uy0=TqF=8FmgA83187eMb_&XX)!h$ZZ)IFLh`Yj*IpL$2*SZt18(GdF4KO)s_f!4;9w>|FnHg!I6AQ6kiS5}1l*7hbx zH5{vo{qjE~5{vJc+BvhPem-p4;;r4Xj=8F3M#IhyM3WFn@_Vx6d z>2uH`s2KoIzS>^HO9l*Gz>wt6dc!vSsD%=>q?1Z!HObK* zF#;a|Kqn0q4T1q>Uy~=~b9ARM3VrjF=zGjJt-D|r6a4%Rk7o5eD+t5KG%Lymd#a84 z-zV3(9!Si)SqVM+hv8K#fq!L5gRkZs;j7u3C&2j~`f3WV&HtLirX8jK>sadw<%eIb z-Y)R^i%KD)S-cEek7`-bea^KJWho{Psb?2VJRz9%GXxSe?@1He3BU*!RI6l1Y)ftH z;Ju}8#hHjX0lk#BfT$Msi=bmxNt>nZ5;e5rlCUx?94%Z`xVdmU(&Fqd953WGJ?iL| z;-`vt7au4-Tr94c$IPqEBpi2}510>|#WmrpvjsagwNZyHMR3vi%#REgjuoyh+*0^d z;qF2PMfiOm8M2I8R#}+UZI@-gWgG>5%0c}a`$c)058_b-{PJ2X-cUuP7B-7E*e)u6 z;tN*=(Ay@?_Rh9w<+i!%GLg;K-Fn z498U5qlg`oUE_Gf@ibEt{Mh}L`xgktJNy7}IKcZ$8lW_6Z(Y7(f&i>ODdsK*q& z9_iAT3_miwX?Vx*KEAE>8%DUIjrzx6HBzeAgP%2v2n>6HL(z#2xL^Y#2?0HjncRAB z4ZiEJ@ViQUYoFkb3p>p#`^oNchg+yUb@yzgL&y$Q!T z2Rg3Vk!H|%w?pusZVa1yuN%YW*Dv_dfACaPNbNBw_+IP-ux&+0-Y|X$n}6MS%GGPx zu}(`(Wo5&g*Bnm{uGJ<6HimEeFpb^IvHRjsW8^VNsu;n?C3$4dO>d-XYF zvvVBLylYQMgHOSn+9T#vNP7JLa8}Ws%61lGnQPJY&Ad8{SKFuV!jLhKySjs82fG8| zQh*VKG=w90gZ(e?l zzd5GQwQ?o7&)XUfx3<-U%vN1_sv%79`M6|!ZJ3GE#vZ=mQhp~N=K=Rh{ zfngNw}nnBcM(A3t(N>3DFuLI2^>R#X-XaLgDiuj{TdxDKrUr zo1MJ!fM)QZ(B9!pXoj;1IF90GstCZr2xEURO<-SwU|)o-t50m#jGyii0@vUKy}96T z0}oti7x8qQGf}-rL&B4e^FT}5cE>Jar`5CyJ6v^~mKrBWhX0Uc_>ra)O}H?e;D$Te zvZ`fs%l4LCEy#F*(@DY%`|o=wQQb$S!!CluG$L6;aDwIPVY<~HQ~Z!67({{UzLpzH zl|?pJxUHJPMu*dhAG-Gm-F8BWBEkYx*zE}ZjJ$@3i9g{rm@4Dpt|hjQT<=RRb< zbJ~^QOd1J>~VXAywX1)-rWg?E+=$OvUMP%)PnC<}da1+_JEtwXLe>w(g$7 zQe#zBPtSrjx4;=q@MAwNk78XoNh34o3>JSr%8xFWZer*jc@)ulWND%D4f&v1PehgFw>|C>!?~4vQkBBpw!=A9l;?Zjaj2QbFp<@3} zqQw5tf(WsQ3F}0ZSf`_^%HcE^KO;)4EIp_^CqHR$1MeTucSrRKDa!yro>yCGli zp9{gQZ6(VVAlM6L4C8G~8vBhSMvV7MxQgYg?M1Xdpw)n!l>4u;ayt6T{!QV}3f}`G z&1K2(^vF)oVN6pWe zzi$2xju9x&d>rb9Yp-cO~&C2zo)^FPX^^5@NuTb{9&*|dsp+Ku){?OFRjIs8tu>lOFIo`v3d-hZo{ zUAeqNnS>T>pdmcN;1j z9&h+|?D_bUjSHJP6U~WNn|HSix4hc=aNF{>eeK`tnB8ga{HN3px?NP?XNCQ zEFNBb>*BSGA7A|S#rqb&y7=sp=a;BU-dJ*W$#3p7-dTI+50+V%1(!80o4#!EvIp*} zy}R}9!MhjSefQmu-u*{+AGqiIin%N9Uh%++$5y;^6>qQjc-5_|R<8Q|svWBi ztUA2v?^f5YS-j@KHBYYDy(Y8fuh#Bdn^}AQ-oLy5*8BI}{|^s5{=nsR)7L$=?$z~O z>kn+G-q5#U(}wSDIQwAVLtPKef9TbRyB>c2;gcJ!8^^@R$;#g^pSNn`QcK@&C7%KA zy^?hN<9}Gf-=EBy^$fJOBl0JP={POISc`u$9BlYcX1aAAYl!XUmHJ>ETr2&Z^as+g zh${OcG^u}%@EomJ*|VepiJ>}XNF#V|Ca%ATm_1GK6iUNP)q;BsQYS2j=b?m7=xAG{ zm^2;NTA_jM#s4nETnOOIi%2gG_)e?zCA@iyv;?KJpu{ee)q>SrCk;aO-;8%ha6A*` z_o1YFq;6cFiZd(LybEu4z;bypN@Crc5s_{tzI#TRhWKk{#1)zWO~Vk5J|{hba@XPN zPavg8qt@R*WFy`$#9t|XE!X@NpuFDP-_2+P|Efg`s?Y-d-G=|Ixj#RiOrg$K|4Pt` z{MmA}f`9d*4fXit-w^&!&HcI1G8djG22Otxt#}c2&H}!OmQTUocR}la1$A8s&2W>n zP+B292uaiTF*;&B8}7I=T^~JU<^JTlHH-(a$_?_rf=?)vij-%RS8?T8{Z~E*+EKyU zFEth$fPy7yn}j}<@)GupE6A{7s4e4Z|JMU*LwFHxY+$9e#p57PE;3I8Y36 zhy!1J0l&4lUx2@*z&MXdSL7D?7Uih&wsJOD8LST01bc!rgAWJ4S5pDq5X)L7-6g$% zrxxU%@&x^Os{86wSN=tM^vXY9`O7OiuB`v$@+ZIi_7jPks9Y@isp|UlI8!l=&*d{iOiR)5Yv3=olP0JF&G?JGczMEYsx5%895ee z$`~4hgBe3)aKTu3QSh1IGqaXI6C4b#zH51=AR>NoW5qLzlEI90%h(#gTgO6~^djHn z;fh6zdYUo?ECz4j>1P(9fVH^-@GCAQKWWMoHqHrV40ZFzZXU~Qo9WA>XD;%ELcxK| zYxBo4ug&y@7AU=YEhvH(ZTeF)5rNC^)&)$>K;}RQ~4n^P==$eW%5Rb6xhhP1`nwt1XprL zxNF8EFA=;+fJZj+k&V2uQN3ct!$~V{ECt|Hav**9bYQL+Fk+vSz?HHqizE~Dk`}B3 z6ZllPdPyefcCLVeV$4Dp&h=vj_{WtyHeemp=8g-lc?J=hrEli08-ed$%^jQZ&3^{Y zeE^tm9pFQN_hFShjQ@Hxp)xZ-gq)pNqzz5(NIR{4%;{Sd4yH&au z&)kD&_(VO99>Kj8xON{}v<}CsfcJW^4nO;Q!5hBFCtHDYTL5*e^bo$pS_W|~A?~#O zp0b*5C~GxZ^f2n*0}PZzEAJ7tUXN=Jp(K`jwT?;P#X+GxFOejvTf}i1{ zf~O3?K!q3|6ZXAgP&=iRw_r>x*h6g43D_~ZPK<>cJA)VF;KQy|1$-YsJ3>+o_N7{6 zWT?a5Qjh+LVOlo=4<}Ghz3punqYmtKDPa9>w4fI=WD0P5KXB(X%$k|lF$aP1htU_a zF(PxNo3J~MNb|9)EWplpD|VBG&?1aUi!gugz;3ogx>MlHyQJ?)-;%y8Jt6&fX{U4% zyTgA2*8c|bUw>ORNY6-bWAFT`Tp$-pe<&NJr=-7@{z*1T&r9Etek=V(`Vcef`$+h8 zO!|RzH+pmj_L#rHcpsPEklw^T__x^MFJV{tABcDP_tHxk{SUCuoRoely@fgQp7j4A z*Y;ZU{Jqls==}$P(bq{EFh&nzJT_uvHc6YMccm@ZM<2od`UUCp(qZY(q^+3Y+oUf_ zzm$F@y#lYLjC4pkEf-1uh+R1g{mARs;a-Nd$#(1|KayURi{%pOeYsRFlgnkZY>{RZ z%)4#w+>(dZt$cX(BkNbMc)+yrfi=y|(_3@DZH4!*x#z)kxwCHZ+d5-9f04JZy1!7IlI4E^;wHNX literal 0 HcmV?d00001 diff --git a/fonts/Inconsolata.woff b/fonts/Inconsolata.woff new file mode 100644 index 0000000000000000000000000000000000000000..6f39625e58515fc078ae086db6ed81e777934359 GIT binary patch literal 38248 zcmYgXV~{32*S^QLJv+8-+dH;x+ctM>+qS)9+t!Z#&GY{HQhinGTy>D7)0Iy5iJQEb z7ytBkm?=Z8c5AMgRhX4W32 zKb#Bz5VZmToYzr;n7W#q7#ITpasT;Z`wvgHhIHmXp=-w9-qGa8HhK0(@6Qj$r9U?f-GPksO+ThM0s>M3 zg36;T5I{hL5rR#<`}D`ghWh%3rbou7`e2jI_4Q{VBF&fu1O+mzpo2hy1~BN3Prv10 zVW;L`-~9&$2suZRWL^cN0s?>ly@PPq|M}I|2R1Y%L#|K@l59sCXE_x3Zc>X;4hCx zv!G5dXg6+<>*(yGnVM7|hAObQ(sLXZMj$uUC8ctz*YantO%tn{`ew=m5TSfXay ze3&Ax_TXQu4AFn~JeEYN#v+a0McJle-JT3uhTK*;D3k&OwG_zr+RHdRDL+4X2+#j8 z5Mwd_p;V%<$A%el)28Z@Qa23jH_ujaf>sN%cz{>RaAFJASN(-4<3t4Y&TZtLo4ZJE zfd|z2dq5Ty9o2JTwoF~dR~A=o*sx<&WaoSLW=G!Q8>YJ#hCws*V{yrPv)yw4tZa5D z(>*O7oRo*LJ}-12JnImGEzBz8XIcP20FXaV4LShi`x}7Z4&_QZZRXGFieSvc*VRN-2&;OES4T<8EC}T0o{KgT7@?QX2oU*2cHo_mewwLHzJUtpty;&n^~ zW$iz>E3zD$C0#=0iw_tce%+Ru6TAJ^+nZzlF`N;VcHI_V!I}yA@!ohp>fa%fs)H_a zN2+#8TL1E;qPo0g_!(y-`bEf96D>kysBzS~V{*2WR}TIpR-XlY8RpBM4yMmhkc8L< zSgQ9e9Y2#N`Sz}09D4*+&h&!{LdLXz^cYv}?2J5{c2qICeP7OfUyD-@`izZm7Aye|$O%2qC=?N`D2nIT6T8ob&T%caXw(u#Lhprv2qx;(M2 z8i)t&Vii0y2D~540?72900&M)Itd^XXJC}&O_^U&)F-`L6OxogiH0fupa$jy7osUWS3IFEg){5kc zhb`;oxz6#{rN(}{M%R*0Ze9E77Xkv-T58Ffvag+*?B+A*LPyWy*5k_oF1fw*%xCgv z__usbCeH4kTifX*G{<#j4YryTAhd8VNMV2I2Tb+v{06_qP z0Edi2;kXiInSwFu8gU7W@@rOsUb+!m0RE!MctX|uM{-NUuw;!_W7dGx@kNOJ;2cX; z;@FIf`7@gOc`sn;dv*$3#8A_DolCmyLj-3wQwfGbr1oK-p;R9mf*gpB1xKD`=@wSi-B>AsRkB&KFOJM>l?N>Vsd$P;B<0Ny`jZO+m zNYCVQ&7%nhDaJFZSBtaD-S@crwzZ6w8oEd4FRRxa-i(P+qT!l01M_qX<8pnBs1Y&y zCe(9T2)M=_eq-H4>&fmr>d@;kqQ8A1GoR_78GdO^YlEZ`acT_^2HD*ntP8X1;HuRP zT~AnIc%JNnM-n)kTpsBP8`D=u@b&|3uD~jRY5iA1J#XQ+76DmkdMjiep@REXAA(<) z^oc$HZha5$vC(Q-go~xp;JY17pzxR+O+r`}9{!m+;{RMHUWvz&LW2PYeY1 zAw83^E1PgMGrE|a2P8|VtjTIL z+qy;XeAFV;_l9~V+PZ1Uo6nVTuc7=UO=^#AIi%mTc~vM2ySBW7+KXkC(h{djv7K?e z^|3iIU9Ej-wZGC1&>H_1jN%@D_F0!SdV~eS*R(dj5W#LqOT(}**3E06TCChb_NAG% z5cY=$dgSQ8h!%F~dX-vc0C{HDFVY-`Bq+m6L@bz{5L+Uv(6#ti@OD96Zmmn1fBBSg zs=&L)7gfG-wJi-no5EV)NW>Zv;f;-wZo8f1RBF$WL)`DsK5vsY_x9ViB5*$$)(IPv zXbF0nIy*+r`d-Sc00kx6Txe`r*+Uj>7F!F_QIBm9CVj7XN_>ikSG89*Q!2@oC)=0J zhf0?1w`^h5@q;%;bC$2#9IYN@|Z!oSoJFhH!V7zrz0wy&H_CDkXk3&N1ctz=NH-5@&N>XkS zKa9NTzTm#M=QCWeO9p#Nb{X_LZeGRlf%Hj|tj7FGy|D-t=fXy3aZjt;d^PhNM*Mvp zl{4|qu3r4Br>dG42iolSm5!_56lts2hZsbXb>eEX^KHjp+4L@ctw^{nlwMPpH0y=T z2?$^x9m)&xY@g^y?Q8993FqcsRQ23D5@Gl#VMb2Qkh?`_>6f z+9Fvt#a97L7z)x#%mrWF_@c~V%nF{Yv95GCw%{`l1P5RDn<>`xyfZT&70h}Gu(y*H zwfUMC74oXxPVXr6yd%`PcBbe&jk=#9kFBb@t=@V%UTYAvqyqW5=nRZ~3q*Sy3hGlFmY=jS^bT%tMapr6)4w~FNHC-EbyzPsS*^EP1ufc8q^Vs8In;rZ?mkuGe|7q=kK7ih z_zI;wXyH@GST={&up74Ne`8Zc34>Msp_BclAyg6hT#>@h{~x3qC_( zzFzUTTp;>oh5drDCxiLT2!*?HA<`H9dpAC$t~bQDZJ{2g@=6Cf6na&5mktryqxou} zh=CRoF-(yq*B^z~IzSmG6rrJon@m#GCG1~WAfX>!-2_dk;^pxQm9(8!_FveY9&Ji% zb=)Ypnv+^B{B8FgZq*vkm18SnX<@szyX*e`&e~pFqtv5oQ*jUClfy4b&x(|6&omGn zRu=PCC0nRSynVwvr8~_#TgCMXY>G5nb9mwnO}5IB8|;e_jOcxi3R#!g%|1IV=k<%c zLPa*e(Yxq_q64%r3A`2up&HNmr^uL&qeJWI5Qu_?yO9AGULye;ABjrr9pb0W@p>9!_U5?FPz&H zoJA1{CZ9>|Ib`08XeUPE;LF)RbWx4?=azpfM)cs*bVdrtg;I? zs8lt}IXae=Svs&*U3dYn?Vah3_)Sr|)K9+$8_24}&pH+> zT}s+8YCv3pNF1vrOCzVL4R#aTPAbR=$6{&zrU*^(#oGr-KBxG!9!4Tb|GTJpAU9x9?# zT1+|3Aqk8fXa-2!-)Qw6b`s}^+a!RCzR*u@UAX>59*%N*R_4mE)>G2mtjc5J*?A{xcf*nR!|nz&7LSjhb>tw4vrGhpYWhr z+sTi5D*JxvXZ->ZnD0GLe0Mj+y;9>fx$gX&VuywAd$IKTZ86i5QcF)uz{BWOQpsEI zZOzcG-I^^MjN2QM)W)5o53V~^&eMg4Rm2vonB;D}I6;db#a$#`%scOUR!0)Uj;27A zopgzDqei;L3Y{3fqd|btLx+o&gP}|0C+aBKpCw7|Vem)mQ||Tt35I;TO0*EfS8;ORGq*6*JbASdk1wLd)(??)UE=kc# z$wSja70DbN)&0DEh#PN*Q5 zkz8UB%`H);L_-I9Bi5-e^MD2eCU2OhPLq-$2=k!V_?Q{q`QtBCt5wF zUxyvMhEQ5#aRW7^ok*SV2;Rtuap1AN&5U?X*(&;W&$*IEn{a)bw&EPSy|sKc*+iPP zZ7t;B?rqvAaNm*PeW>e8y&|6-ze}(pJ=Ote5OJw($^+FKlcb%dTtcQrmWt>iBjJz{ zMap@=4qOjBHKMbN-ldn|ODY7#f1R@ZR2zeHod(Wn z@|3|fE zj}ETBXo7(_Y6@J;LGaB-;lCz+@s|`@<55hbT7-sxfh;Z=@^J7Xv}GT>#Gm;n6A-!C5=Qej`!m!wi2aTISDKSPAv+ zo?mDtS!QqX^@avgU|yH$8I*smYBDI5G`QH!bC5iE_2o#{X#IOb!7co=>q2R*-6DRG zjERSYN-1jmO71vl_}2({iaXt|6zE~jW`)2BQS6E5SWhmIp3$CWnq(495tIpqV79_% z-UC)SXRcUP0OUo2*@33})E6SILwcU(!|IkXvCRvF;V~e^@^?$dRi12KD^$yG)H{dT z>FTo{=-+m`c|?ahR6LpKQ8pgw_+=WJGH+f0o(aQW(?zY3p0gcWR(0^Yk6p)~; z=Mo<;#J}%meBNJZ8xiQg|EWRKFnXag!mrJ?zD#RFyoyx{DLyezNKW};As_Ui=Ly#r zAb4@t1-tUB2gu%j#SY@lxMZE>Df9^MK;A94x1w`kT&zb;qyDMbeGGD)n08K)*RCtg zAP`TNGj8)BQ*(!AAR(I>&M62^d;&s(!6%s@sS&ISUV}YmttMEs7WN{o;rX9ufw!(zS_0v$&u{K!<=e#z&`juFbDG{n-w9S_-ju)^9VKo31|s z9}#h*xp;OXli2GNzB}rX^Sz%%`I0z;NGOISnH#j zkiI$CnP_$(bBNzPR zH6K$Rbc@$#%TGpGha=Ci;0?T|pJ*ADg!9Xf;E(`fdG{A9&mp3Hs6zM8y24xTsdm4C1*S+qiTb8gput?nY@ZS`q&S{W=P*DcVoOdvR zRDFS!SoOi$4|x(=G$&;oWIc-B5}TCQ=+BW5A`8pwigzA&qzPTilXZW=Z-sX+f;I2? z0_H`^{sH@elO%>FKL&&tpJNSJ=^3)zTTH8=p`pBj{t={}s@sZm#e3()%+=q|Kgz*lqMg4$k|}1;j6@xP2+;#$4K(ov zhJ^u;OFR(*uccviy2|J~i*O!}>JNmF!gfYj6ortJ4<2+@?Xu%cgw=rY4BpecUz``ixr|lQ&>)&gAVy3Sko%yFJTjw;_ABx!k`?eMF3DD`X3Ka)p zrX5T`5lkMCjn8I=8VBqZK-{+i#IMvF2maJ21`iRx3Q|JkPQf5qb{&Nqc^gh!@Ow`4 zL0`EjN^#W)_$jT8IRKF;L_{^`7B}D3=Ii=n&?A6{v_cpB`V`0$YSbUXeOtH0clq)4mhu-*$hhpxcUcLkruDRg6fT;gq?7jHf5okTKFI$It%j zVoA?CtksofWywR}0PRiIf38|&yE2a)LN@sFOy*|2XY0EN(HN9H(BPeaNTb+6yDvKS zgYbOyT3(os8tC-A7LTHhy|?UM;<@JyUG);3hlAk5_^+b}N^dtwjpgP4+5Pf5H%gtq z2IZy%dnzCXy$5OmbRlc1>*n>SHpGw!1xVR$^L!X1eZlCe4=iU+LQid7pAZh@)RJ9x zO9*}gp-ir=Et>+mRT|en+Xm&u2F&*gR4Oeo!di0t+1eCxQF-Y5F(P2OZB-T7-XjIf{+E+01Ze4Gk_m)BJsl9 zr4De287ZWrI&*#MXV~!#uE6Hq88(ne)?UxMY$-&3I!%sj5;+=v?&}6AMmuY}mY;T$ z6xQN)Q!A}(WoUPN!IunicZK{?BRR4qXrRGH)DE<}=rnA~#J;-hszQA~R9o(TZD8?Y z9^OoMRNMWRawn9TIJ|kz$;Kwj*#dYr_1skwTV{kZw%GjkQQdg{%E{f6zEk8orX9SoG-WSDZ!!M(cih(r90$sWmv?OouOB42yJ-KlUqr#zaHnL~eOjGr z<71Pk%+VW!VJs7LpWRL2GBI+}Syg)@NjKv=mC6yZA>ai+A*q^c*sIU;>PCY|0Ol*) zCnjP!+eLUMQ4B2}I!totlBx)}Rs-YRRK@z^r66C737fMh5Q&%lNz`fZgv~bnrQmV? zulF&l=VdF9qEH*@1f}C;Wtfl8tMf}u z>uJx#lYhOOfPdjVAUQ%cN8UoI0_ThfNRL;=kKz;gtZ7FwygL8{G&ZNE!8DG9tU#P4 z%$G$(NcgrqIAC-E0v3Nzpd#ohzbCqpA2#>$b>m3hf#=HSYmCL0{mh%bQ}e#5FSofb zzytCQ9l`lmPVT$FC0Y_+Z|yV-JM--NlLB*aY(nAvm^*D;u#lb3cVCE?OPnz0j$dke zsDCJW6_4gD6i~*Zo3X6E$XVm%pDfKJ#>nLLPRa?jZmYTtJtX zB9sWT^S*oRi6`XIBoXMOpPySF17uhl+v$t^84s-cZnTzqb9hZ&1Fm*MJxb7`(JJ&vp3q2GRnc2V~7HMZd;hsgg|eu~G}YT1E$Q`r>M>k-B&*nif(1 zdFZnS5bV-)MRs%8lvA?d6D4~;l9|AW(OUjiK$;d#YmIH2$9pW8$Q~_)v>Aw=SRjF6 zZgzZryUy$gc~`-2=bu1ReFF_ndl3@vw20q|o3`!b2*>0l6w>nt>D%$w={q1Q;2gv! zf&8}2bL@*3^+*NsQr)dfuY+8bE`$FW^j_T!qcuBDYoudc4?!$<=-o$N7X7BAzrOl> zCgq=C#YXraoBaD>*hEin-1>o)+QDi6tat6gDKSFkly?F4!0xyl(3f%g9@ai}DWxRE zUn+v&1p%$c3c#@0haSz{xP!;Rw-j}HA~!=cp++YIgfDQlPyC(n&Gd9bQ(=%xl+x3I z#Q+^zjZnqqoq@0P=!TZ**lif+wb-2XllQKz03Is)f$rJ6bF6Q@v%F`|o$@|Q zqwb)w1DEP@q^g&Ffq5NAGfflw(9~|Xb9r0jDSYSnD@W7Q!&EVMSDSksPd7Qzl=%X` z=X@e;xrBJqPWN%pxs`nFj6jFrTGqqxXk%I1@qI!hkoIh{sFO}>L)#4Ru*+|dU#8MO zLrUxJFTW;jLZ5DwFHMz#gzD?T(Vb? z+fYatl6Cx$wOF>vt(nD6z_-S)?|WnNi~i*djzDtX1|CEIdbjijVD@7VLI z?A7C5+B6`m0X@vI9db$Km^wlCie1mJB=1pPS%o=`_c$2~$82+n5H&e4af&3SIC^f5 z;nTqQvA_7+Zo%_w&(EfE$@lqv$A~|Q=LBhep_2mmM!%A^Q+h0AntiQxb;stLaMKyD zf)kWfMUe``f$(?$3`3_aL4Z^nFyU{!(wzm`8uozO;9}Yu++m81o9}Y&vfwJm58`0%F)GjW;(Z8QmbfBqO3Us4$ensTH9G zujEZ*}@^$J-kTuIRidz7t5rKh+z#CLIg4{0oUaE zLeNN=kSr-u{QI~}O9EP%s$ljvWz7ZDlQX!JgU6)s`MDNXBvkqd-d)e44?-0IvWJ>w zc%pMotWtqfwY8k{1Nh3;&@+J}=x=;^Es31$&xH!1Htw_e-t0Wy#m0}!b{em!5)q1h zOd)B*K3Pz24(ogj_#0IPAaC$85G>L_!Rf=Lr;aCN@O{vHPReQ)gzB{9kQlV&rW7JV zwxG`hVgA_;aTiN3VJ}er859O;Gf)Zkfu(hZ@L7GFzLj6^D&5C*0~2 zNA=%Gn@26n#Z9t*5t@rtz25NfUb}kTkItP>#zLK~CG)phq>Ou8BqL-Tmt-gZY<6*F z%eH{e_y1X3hp6rPvPm7$zN@hp^3SEo;U4uBVY52msS-`Hc8`jKR0RvY{d0~h<+8ga zfE5nHh_fe#bBPvy&?F-euWv_|qg`v33{y@v#brIqZ05})1MtUM4h@MJ$PN@xNedGm zZ~%(Jx3*vHnu}h9-)6dECSZzc%9xDa4c(HxW#G(n?Mb8R5!jzW35H@GT=f6!!>q&L z5K=%#E|wgQ5RE!6e#w6{nk=*tZq<1UNICMdH8HX~WOviOJDy8;XLr5@Y5efQ_jFfd z?rjgY_um=NXs68>j{J@TP#(KL7Tp8v>e=oQB=XZ?neA7R&v#FBGuL!6nX3qaJs1)O zyH|II%E-}(`3qsV{Mdv1q*uAkat%Y*{OUv-33gj)z8zkj??0b42a*=~nB6i*GViMC z<2=ClY{;@edxRCHVXl~OO?eh>J+HK0;EnQqN=)CWMnc%;-to;GX*->s4%Zs3UT7zC zG}+!!nu=q*|He_+B^iQGm?>&06DY%DMk4os+xMJmUrwGTv0394PFKaqt1(Y6bX})g zX(z5HW!Y)_%K@8fE0y4BTw%E;b`OBQtzRrWWY4&*GP`GcV-qDc^r(U#Movi>GtHuE zIIy!m)PoQgowcOQ)I zkG+u8%}8dGtqew=!DI`t6xTtw1X#(;4}C{~4?o$SB?9}PwBwqhqi z-x_Frh=>(g?tK|aKx?g*D&g<2HWgh#v%~K>`m79!dUy@n@=Lwk9^5Jz$H#U${9VWB z%-*}=I_6Aup@&JN_ir8Qc{T!qx-wx<3{@*N4G9Q+AJ$kS>y1pLe{A|&4+YGuaaU$v z&w-Zs#*Z^;^_D>Vbvhb@ri7n~`arbtp_X!)(JO1cJz)J6$+9%1a}O#Zuq=z}JUxR6 zYuk=AETwXJXw=M9q8i+!yzDg`(z{s5Kp2r#|)zxIrs@DxeH8I#~%;J<(M zmO34`GjGZO&qp%8>7us(9%*gyw6ZYL^ig#9daG;S1)cvTP1aD%n@tKunKP?TkFesb z*~s!QJ6z{patwnoaTjRZ`RD&BDv(A}ksQ`RncN%AAIz^57bd=ZTX`XH zl-IoLe&l$a$lY{5w=j1yZQd=1&BY&{%6g9s+Z)4a0G^P(<#C7eNN#X-!0t z3dH9Axibf%1j7KTM7?sNiIgEK4kvoma3#VZUH+%534V8sE2lb~XcLGUr_t3kKQs+-Rc)G1Vd|0X&$nx92!soVee45BhSmYa~v z0!dJx3Vm9Qp{pMh^QYp1WRY9iEf#36+>kDR-E4p;w^|7i3_7Zf&`2wyaxeXNCynEE zYI;vajb?P5LZ$;bYF+X%9|S}C62+?I0ts}G<05nf+>^s67B3mwpa%#U8?h(Qt}JTn zzbsfLP>z0=xv8|ZEX&lGc5W_`FtLKUv`*nsi@LRIsn1x> zO)C#}M&e)3WxMjgN}wX5?bYCeREYMNw{*K^6su%VJd9^$!EkNp)3OS@W!wcQXn(@; z>~Fr1ZVioWn$UM4#O=V82!KD3XXBin5tU71q>1O_wu>=Zg}@xBueNaU6a=J=ts_e2 zQ+wu{-Q{;1qlTsz=o_D&pBkOMKcmjjb-%AbOBKHd;;6XHS$C+d(J4~H{S6StFHNNa zoUu&ILDf8O*PV#emCI`G))NH_DwTP)GwU*?2sd}Rrknfn-}92*(jHKk%_@uGkh|k5 zc~$ED-(x|Slq1*+pkp9ilId}JY~A|_=k(dMnLgr?mzqOm!98ol6-CRn(XG(`3=BCy zS@A_AGm30)VW65OSz7)faUDi_^%HihOfH zF0~8SF?u;y^=JW+URV_pV+m;>t7agK|B_hX73k9a2(=jGze_~tb%Hvh-T<42-*SP! z`T|0y2cqbT0EOFcE%y}qB(RY{X`ryf{Sm-C*#h!1yS(YtSeHre7OI7?CqNt6UQLV# zAQWS0S?We7O1iU}?{cVT1=*=UyA|E-oVa1<{7mk2$d1gjGmm zOcK314xW0FuZ`XJ@gp#U`4oK^5c8lPo5GIY+9R(?A9ILb#gVa z-euN)wxubPH?;3*t?xdQsk~)Pw98j!5hLkfxwq2$Jo>Ebt9Mm)*8UtQ#D*i_kmcay zAX$(o&1ET>W*jFfN_$W5gzREKntluiJ;PkE2|jM(TYqPn#dd^=9y3++rJ!}W`CX}3P`o1BQim3f+WpH=He~d7gxXsht}2Cv~j4jFH?=L zz+;8*2SE{mcmx@8$Qco)32M0&xRzVSh)UY~PSwIz8tjRoWvl53njo+z!QeX3oxY z>NQZVCE?1}$l6L>%UnxamMb=3F8i~B1xEQhU5UVst`nH=Y}3uNj*=}!Q%A0UrxDse~@5lx6EW3nGEbJF^|>)<%dyG zMn6viKKr;m;_)|URSLqT0R=&iegfyj04U;~D|_px%^OGnt5Pozl(1yan=lXI^#2(u zU=X#|zCOuFr8g`AVTKHfFhG(B4pb!}E1F7s&?huFz)kWD1FIC?W9|Tg0HFBuD;@yv zI?xIrbnKR$r9q)#_`&<*o}=!A+VVobAnPM+-IPhbvc?80mx6S?PLT7x`Fd4huKV2+ zbBBew(Vex1Y98z#BWxm{QVp>#*fEL6Ai6gi{8hUw;=G4FYfD{Ak8F&w^oALE;@BPa zf5f~|?L&os1_1|B^p(a@@^|PX6tHjE(ueFCV%P$qLym5BpdSg@qs3kgLxmU=L?c7pW>0hzkOL4CxJry-RBd zOnXhEgkDSJQ*;2D?An#>{u|5YeZSW442hk|s_UT`a1ML>N#T5(1d(WX6|)U&tUZk9 zJ`+OZsRD6I*r(%%R%wMsbsTF@o^O5i(1x?%RKi!Wb(uNMgn}2P2?Ilu@U<-DH@|PNfDbis2$+hm|l@ zp)i6p?uC~i(04s%3=`n)7gZbarV-4wG1=t11j&xnE1-I0)%nli!IgTs;(`)P;qvQv zBadBVCoqM1xrocl|4VH3C1THL|4+cPF8T)O$W@*k3M~}Ox3UA|DgjJYi{^HSGHSV? z$#}Gnq{(c6?xudOxK(+z0&l}itFF28tdW@dDpHd6-9i9kc7TUI3QKHDyIW^OvfcgV zQ+RXE5lE7SnZBMtQSNR}9wf@;$nVr?iM_e(YaiQ(UkJ9(m-mD*;%=Z%`*V2x-GWHT z{!X^Di^jYL7j;W$gX?OH*{3osV83FtkSXZtn`myJBQix(h8em`8_7*DM6F6%Gx5^C zW&^n=`t_fuqtLbk3o_Y(5zzB@KKeoSjAB_t=JD~A--$U%Q<2;2x;LlU2xYTP=se*7>qmIGpr7)K3DlU~_i%lucl?#^jrbt>A^MQ~S zZk7hXF%MW*9<()vUem)%&9a(F`J)V$@e-g$fEbW0;y#rFWtYXaWeGI5c@9bbUSGA? z&@vUjBRQn?D1Z9A{V(kgvcJACzs!pAIm$=-aJ$i(`{fo3Mv;U_bV&q0$| z-+(5qSyw!nvcOlWaaghcYa{(-}bY9yT50~fRU3lEEC0GD`(G5j(-AQZZgGx&>BD%|*VY1+I`=B?*U)z&`ZmvWbz0fb(^(?{J-^&_}MT78~*d z@u>-ig|iPL$u&5gCxQjPpu-EEcvkF;i;#~njCr%o!%0pM$)M`jg6D1cSe3#S+A#__ zr)D{n5)j9m&>d>PmkosKVi^U^L9SrW zDT#k+hTQhz_L)@uqTS3@O%4FePrj~DSmpymFCy}2FeW*yQSfO@bMmm!*_<0{m3}`q z`=R%~<u2a{%MR}8iplCRI>+%ZrYIj61W;gzi3tJsgvzq&Gd*Sgbu3=iH?b_=};}k@X zz-*`U%MUcd>PU!G9gHd9D)S#>6~!(ve~2d0C z6SIF4h*WV4bQQCz%<&{tDzpc+9fS!7I!Tl3Rt$6qN|-%uA;+N5DjqxGG7F*nXCVEx zOGjCtvE*Yr^Xi2Jz+RYk!TMfF)cMLMDHFKYh|Tx4JdNLQ{mpI^e}UZ+oiGWqT2W<+ zbb-+~8}8WgTBBM0`Gl~JOy%hUl+!5rPs&OlakO<3Zoqx^C_%87EX5DbX4GZeyh&~8 zxY4iLkG`kIZf9SPceL1PY%TP5UGdwP=GL<$Hz#KfR7 zmRU=8a^stz`%NLyasdAdV*b0)l{=}80Hterk7n#BXoG(jNP0lp@ZR#w#ez+{9j->Q z#7O_7IawI=-{t)b@YKIS_`Y1!ECa%oF3e~jf3mFTlNf& zfagAov&dyWO;zj6Eg(L3D|m;8xKcEK+xZHOxeH_sp$%jo$79Ar0AbKH(s!s~8V?t+hc-h2jYWh#3?F5M1!1;cA|e=H1^yJ>J_PbHKI5_>!?W=(cv-r)FXArskp3FXPjV zn?~P-bTn$&S2ER?bF@75Hm+dy@4(zz+-gm7&yrZgI!RA$u*TvgP4hO{5^-@aF4dXi ztrg9!VeZc4=GbFlXsqZE-kuk6KU5se9q1AW(ZfM~rg}O8jKz3epfBYq4{+x&ZSvQuW zu+iQkV+k2&W{c8dP31{^Sj~rA5QLn*#7jd_Zx^0H#Dk1Evu`C@&lw)tUWoVZRxEX0 zS{i{9b7%>_4+Kjh*`@8%#Rx#S4aYJ58|MU+1=5u;oGc-LzPb;jSk;Yi@j&&FBq(Fq z=acpHH(oDiG~&KduP*KxrmGLF%q^@DF0~Z{N?q2D9sQ4K%x_t7v%y(SDY~n02DZ;Y zOv`I{Sd7MQoOQdKm=RCao||5*O$k)BhMV_JTWTwtb=CbSSL0BkPb)9a8%@N|7AfL) zO~b#Wz$oBtHSZ`w5-%5#r$p&K%GSfrvJtGBT-U&M37udqYr~q{9r_^P4}aN@?o6%K z=hf6CpOwIt;Lf|H7CfVFcP@|4rC4hYwUD3gGGMUP)y)~+6qv<lYeM(uBK>f_i=f9!@GpI4BSOjg?^44rB3)IK@g@u33?!``j_0BH_${l zSWe`HMacnPw5@`}GPI{2ITAJiz4#S@m$k>-(pwR!2hzSy-_l#qq3b}YxEUl$woe#z zbcCWbK-6d#2^W`xN#L@R)mm4QZZG z4N7@@h)dhmDS);NAM0h_zs+U;v~N6M94KOJA5iE>tY&O~3D0NPE`p?FJctD1`;$1Y zU;u@b@G!(wuLKKiRnN>=CAuGfgQCn_U98IBw4Nsepa2?ytjMX6!Fb5)WT@+`A=Ei9 znQG`h+D_1=8kQiyMDuU<*9|-$FHVv^`ynqO-HC|R4`Z36fXGx0%XT86k_F1}QDY(P zHz@dN4@Pevq8+`A+>`S>iCoc5YzLt1aLs_o0cWbon6oj4W(t>kE%j{4dDI&roV^!R zzH+Xz1s_MYh>__8iqlUi@B04&=s7x3aX9<#kQUd?O`BM#<`lbc4^K~*7g}>VAOBTT zA!q$f$oezZ5b8BHzxcU9@p}q)2L4uWonh_Iq6-0nJ0h8#UQ1eaK=MKgtme4w^x8x5 z@-SKUNRfq{`v>jkojylK1UFO5A5o3cUMCeb3zbSc(F*1aSab}L)XVET;|?JhTcpek zlkTi*v)o3K?7zzX4Fh(wmIcR#*CKT5NzYhBbeX~pqK?}F;v+^dW}920;!b=wnpu(0 ztnVcdg%)OgB{p(k12O~H4&l3))q+AYHLGB!8qk=Uz)udWl2YN|xwcaENbO)`#PY!U zbmIQovVAd!hv_4B-pbQDF~O&VL*z6@kRW@|_%1Sn2!q0d#F$LWxI;R#dP~Ar+VxyK zW~z$oMt{?!j}4en!>7~WXkgvc>uR{oeuc`7C^f)pnV)Ez?X*u@tKy?bfg>}eeQT7F zakf7c_h^$>td`G8Y|LKCkb~P!i*n8X-D?Rhjeiag!%Tu*Kg&H?*9l4Zd)As}RJ4+Q z87<#iS%oCgoaCdpNq-93db?y7*&uf3OLpfEXGzGz9m#t0(Rf+bs_F~7V41C7uUYU% zHR{|5bk(46l%FGv6(|9S57s57{6ig8p*RRqUHW1_<=RYj9U~z6F|r4upzovq-3uUjEf47K*U^02tjhNII$)8 zP;h@xqRI&J$_QG6(O_$kDkDyn5&vTRPvfYJIC##HdFp}l5QwV7d;g&R7Co5WT(*xI zaic~es1apO0wdwN4>jULjWEUM*%|YB^A+kf6X+|K;m!F===^^{Kug+r?{ILLorWZ| zVadbI@aEL&Xa6(Uwm7|}vnVsQ-R1VR^gi>9#m#FtLN$C-=V-wr4lb1SMvK9)U>W=L ze_F!sdUZoTl;l*e(YUp;KT~vtp&>l+n)Pk#bt|@8^Qa1c)9{^!s_;^9p?4s46!0Jp zuOW2-ki?-xQ2o5&kMT@HZI~EiI^3_L8+=H0Q3__+m()L0V-ixchH~&@4VBsl0B+b* zKBs?C59YhR;URaQ5lRpQHJ`2%UpKyB{9C9De-bB0jBDx}?V8GPG%IG;ops-b8A%9AP0Y$)x$rOD%q%gYTJk>HkIhZ-< z?|f71UC4{+Qmw*))L3La>B`9muw4(nT3E@%* zmqMpPbScF5r4?Nmgq~|eRXw_lPE^coX?IeMSc_JW2I{2^=gN)dn>~@tWfL|u&MJ~R z%`K>>Xi5p=O+)CFC4d`{!pm&R48v%K;WuGR9jBvIy2g;LbfYGR0ow_xcWUp4#Pu;q z%E&SlY3>Yc$TY_)Z4Bw{raegi9wwzuf~w1$f`0k^+->ku3U#;ChdCu}p z#!Kr!{`UcrfI9%o0G|Ln1?a{bcbg8F@F2Ya?T4w#?coS}55*L?F?CVjOE0#z2SY7t zQ#n>_78k3{W`oJ^G%j)Zy)A6A#TQA3!l@V~mm}X&5x~F6MW!@i` z5{y${@CZMt7zNl^)io~A2|P+CxTRs6_By3d=caj?yh70+G`EM4xuH5cwoyRZ~!&G^{lt+N&Zsm>T*1c*YG;ywHw z@zSBg>{58?uY*PKDBxMZdU=kLJy(Ex%|Zlcz_N;#&UFU51*2*nRzQPqj@IxgEbv54 zvsFYF759kL;UH`PyF~(JZfyRqNZ^KQc5B3jgX}%%`8$kzjo?{F8(y4*$~F;PGJprL z2XLOhLE0nX4bm0-?9}YTw$#hB(e6c-*HFE$&Y!PiZhVee*6a(#>D-EPELvWfZ@#HF zp6I)I+>>q#1juzWT>nEChW#V?n=O^s48)QHYdSja8c6*lzog*x78W&S7q|L7EsHsS zdo6pJ+QBKLSW86@e%sp(j+(`ZzFX6Obtnc9QBe8yfN{VepcNvzTL{2oaZRD3L$idZ zvld{pI5qmYoHtSC6Oo;ZNsf6%uALrLn(Z>*t!q%TnmrnkYmPLU$D_r0?H=tM9`tS# z9s+DP@t&{7Gn&g9aaLZ{ZQ9*haaL}X9Y*dy3n{=p0CbbV#{&m@Huu_Ek#zju*!{}~t(n2r zHSZVA6vaVVE9a8D6aCoktp`lno)I9vo3S_tGhAVGEC~jT_#s8zuo>J!*-dx=()y=0F$q z*XT!CPwfNjv@kkrxn`-$1$J2XT4BR(1v5H~B@uy8x4}Y&6Fc;K^#|dOp6`9=5yM_= zowr-|STL?ES1g#3tT%)e7_^Sv4pGUBVGf_g4)wUvG7W!&X|`?Yh-+m&v#cW&EsZwa zk=1i%k$vDx zGzU0^N<~AXr)qIVoZx3-{JcG5=!jDjif?~tZE7%RG;s3=?UU+7?KSFi!ki(}7(8=1 zo1)CwUoz|tF*-~%ZQC7kZC)r#BcL`A$BGcNp-#_9mvOEn4ddJiE0^t|3v+*r2o<4l zyb|}V5M6h7E^mz)>@IR5+ne`~vdJ~A9qr33PO~=Bu{imfvKH$hKJN+o?jH7T#o2*9 zvJ+DrL3P}D3O*$_cW^cOj)uTwyhCBycg)s`Z33le@S2QswPMSVnaq%qtZSIh(j~4Q zYb$g0*i8+mV?MwT0oRtLhoK;QDmWFShw<||woa`mpIqc{(>p(3D_ zU<5G9Q*8tn04D+00FMB?T?A!-x0{a&`I-#wvl*)&lp_r|pcD(>U~@F+D;H51uP0kC z3>WE4Je`@yoX$wKGF_Wpu+iBCJ3&yr&~~*AwjDU(L4nfUND+`cXr{LSPs86aHh4Ek zVY;D%%f@rEXkVOjkgp=6znES<>~9}x{=J)(I0zz~W4}!PcqwW+xpu(VIiiIV0qTw_4u+VRPd|tg*^| zo6_UXm_R8_*Gw43uB$Hk8FjC9)6c8!H|a;Hj=I*mV8i5sq8Q);wY8&!2%E&TR?iU5 zrAs6zCl>Z!k^shd-~c&!i3SQ~_p;HE#ga<>p^u77Oggjb!+mRSZe5&qHT86ieIU7I zc^|LCg(NFI!6t>U@Y9MJws>y~*HLj6EOTE26bZ1pf^LcPs4&d-Mm()H zx{YaLw{ge_;gx19y03Mrdd_;;Dk@VZ&e*0Z7l~NTYNFY#f}YC2nc$1ChNaz$d>+B0 zm2cztn_4I_Y5xt&s6Wwu4a=y9acWe%7HJ(Ue#?fTUc`@(W>Si8vCwz6?i7pc07-4nn0`7n=1lC73diBq2c(vN*wxw;|wjtYU+XkCvE4Vx^Y6jP38pJqo zPt`^?n!`H<&$HB1y_dbp86REtz3H3fU)?yzmkpFyb%Ixsc;X=g_!-#cdyzjFiylQy zkw-n^R`GBE{haGX7u3_-aQrFJF5J7pi$${+>t(+l%cBE`q6rQsFh~G zN;iM2s)q>`*PnAVa($=oec_5p&7S&F?qa zbkY(_+OzbITNbfN6$zqM;`DL0bo#H>d~8LV&+_qq{}{_oU*O}aNN|?=f(`7f>ush9jxPU@9Ni}5ZA{LMyCm~p@$ovXQZh7V_Y_5~HJ^;MTtKg4|S zCDk)HxdHZBKUHC;EUR3ql&VX$OeJrHD#EJ*&h8ZU2}&GGnLOhP8wIhhn*1umbwv{p z;VEP)RGE#iHEbh1fZU^j!iff|Cx9qm5a&cm!-Haocw8%b#jIEsM?`t+pkFsa2NlQRd9i$?3wX0#>kuvVriP79f=!Y`{nrhW=c z%S}+a_%Ai?)vNvLoVr)NTrHEGhk7?ISJkkLR{x{=-_+7cgsWaYFWLtrr=z8*MMs}gU_I-^RG3~wRyCfxymv+_@sbI5pcsO>#~T2 zjC@swIk1`$XmCl3OFDoavOmKW1Ge+-hU33C0Y3m-K^?wmc*XFBK_UfZ(m8{&Qic?i zA6)(?M{fJ<_S^pKtE;xN$$x&UQn~ssM-^J{CjS4+)F+edk#E}Mq>6;UNi4FG)X|c> z5`3Wh4+@_Y#G0;hk1&ck0G3;D)K+Pt_MaHltkrDN(3*9?hR1ExGTNk#i_!TsnZ|Um z&4g=6okz+IcoFb<0&WTTGb3tp=A1w^c|Vv^Hg1yYDb6zmBT+$NNEcYCh<*01PsKh^M^ z@NuNRLr`6=ze^8ls)v#cx}jg6!-@Z@>pm+w-&LpzV_S?ZzfWpH8f2}~1X5N;Y8dc+ zz_;g7^>#Nl;+Ft_OHj=iO4Q?PO5RZLM%39~qvUP;%}U<0mAP3%nfn(tRqcP3(0~&3 zo+X-8P=sdyF93c>AXGMrC?VjvhLq$m!7L5$VRj!`cUqv~y@dtHOUPu~^wZGrUaO3` zuIuk-2gT0_ap5VhV|z)79|8`tj~Nk_8vrbyZP!NrAg zd(X)K>UnTzb1Jy&j-{Ptji;H{!^P{HSWx_;APGK_l}I&N2_`v3!CWkIIY;8+k|p97 zfB8@RnR}@2PEp-ug+J#$o~LTn7pG_zNp z;?gQ0t8p^X@Ob!~5sLk$bEeBCC?Ig%;0(Cb1VW`u#}n{6a}ihH#MS3;^)vyiSCN`( zOpQ8Jl-x4VJgC=dSY)?Jtu0Phz98MQ`nHlgU^B=~(j8+`d&i1MeC1#hdwHa%y3;GJ?Z$wfQFNjw~=(}6M$Re^Kbt&=$`A43pCXQx~E7)+zqFGT$A(ecJF9B z(Pp9GuxVex7>y_G@m6yx)xuWCGVLC7IvPvc<35YelI8r!D(wmL;-3me+7*6=dJ(z( zCR58@;-lgdqD-q*a)GXWU5ka6mb*aLuGenSKBV2Rl@UUWE2yJ0X(7rUG<+>s4SqNH z{oua`<(cd+>l{xNV09Tto!x*PCYIMO1dt_(aYK6Sh~ubKqLn0fRQaMU>G7nJUZ2+! z6h+zIZefxn1;vup=S?QPp2T}EXY+=Lvy-`|-?GFL5q%<6li43*-yz$zh>&H^S8RUx z->^Ypk)Rs!7vaTmm7hnL_H!Yg8|xQ>aW|jQy@HZ-kyO|Php8@~tH~v8t)6zBb3w{W zC$VVps-S%Xpj9L?((wF1uW4pADd)^C)s0Y|PJTcdp#pv)f*U_k2V+)e3Ab+2K{8(szcJ>beb zZ#aj{&j8MakOHhp!mnlKct%8)*v;pNIC#JdaeFw2DkE`TNJ5jT=_8dShnaebn}wEW znf|7xW|b<`Qdm(=E_y&~=`pWZ8|%HTy(1s(%(zP877cAYZnG@xksPXoY5ISb+lIGj zwz@w3zT#~IX>t0)>@LyY+?N=-htrD8^`EeFWH+;bt*HnlDX*+Qca^BpOWcVR{fxIx zk*^Rw4VeslS828L^{lm~@`6}rg(>dD0unCJ;0U!NKi@Pp-c+o#x0digyLG&S_^QQ9 zSE;o@j{9lU^n)BX6w$S{gDf3nanKK@Dj`U7#nc~Dygh(ILr2|ni4e8}I0#x(C7-JniWPyOn@xZYZI9XaXP#z}eU{6w(uM1nz~# zbB1PtnhqNKpUqm?=uNmXQHS<}t4&Fb-KftN3f5HI-_>C*balF#hy5PES))o=7I$jk zI(@m=U(#CD4s*B|^<{g?O)GmDGg(Z*&Yan1PWKp0B(<<79&TDv^eb^dgs-u2 z(LxlmP1QksLC~(S64fTG1OihIM7}Fj8v-~`bK7VgKbRQNt_O;Gg+ z8EkqE^6m3UVNw8t_FVznV-54L3@edwL>1OyaLy!RWd+!TmG1*G!E?1}j`YA8&3Vlg z&CfNo(a>oq?O! zH{xWZ@aj70nsmX7m}`>@k89kDOhH9yY>ckDf8nOAM%@e-JrFUJJhW0j>%q7JoFtgI z=(*;3*MpE!Fi$$_J?Vwjv==)=A2?fpkq}*48`>12k2(^DDr@fNMX|$rC2f3cw`5g%;4D z1)$GJ??agCUzjDj43=~XY6EJE+XB~a7KU22T(DfV{DK;&denN-ih8o5Q`zXo<+i(Q zWKKKkT$vv{pp#4eRR4CskmP z0^Bu=YFyA^HG)l<4(tnL>ZEyvn?brRRU#lI11>O8=laK(tth~_qQJj4{32G|IDaNi9O%l0Y%chTi{;2;uyH^5#E$c=`X@ zO@Eetk^YEV$f2=n`h=@zp!|Uklm~iTp!+lSTpA&VcsYY=g^kmQxgzjAX;Cq1P-4$0 z+b{>&7t>a333g-CU!Gpf?xy?}U4Mz}m7f#_g;nCq6=x^>{B>dh1`s-(H%!qkF>Iv) zZvlFgYduA7PvCQQ(h=hCc3O`ur4t_CQod+Z?ur%1WM_h~O)FNdII2>Nc znd-wJBLF{O7_c318t^p1_^|a@8$I9|ZmUh5aWWu45l<1o{c@8?WwS1-3BJ$D7i2`O z8g6{qsRixfc>VlHGEz|*sYVkd+6ln5Y- z519Q?M+?9DWuxu*D8LB5=SbtD_LWh6eaHZx;pxlZyC(XP?$6+p-oV#v7{Vt3x`(ld zgIKsBI>s)pZcdPHCeWgccB3bR)?J=*}p6Sos(-a%@ zw+tjZ?v8Y-Maf`^w6%2`{Dt^UgDoivh}$1;yZw~Y*H*ImwaK<_akyPpn|uzV(G|3M zg8`?#c_`dv$}f$Tvz~lzfv7gv&7nff7VtRrzTTEt$&?)pksU$tUo~-eEN>+}R7XoJ z>kvd?i`dEb@OVi+;g80(JR<&e&=!jb=AOttR(Teww<$HDgh-OOfX79gDYEpm&<)ou zxZi@iEV!Ri6N>IT4CrMNJY&Hl5L6$M_sftU(US(c^=-hj*dkvyAP-7`!q~Zs6EBgw zSwX`*GY?K%!cOQ>JHLfQDCBaAk65T(!cJ$zf<%b4+LgHbX2HS!L$nJip)9PF?jCO` zj+e+T2>syR65?kd6>cdhA$%t84Q~$b3R8b8hOsXu88_Iwx4754w}2tbL$F%ikhc+F zv&yD0uuW=&@xd;%#d>U^2Aig1BO2P-W{czPmnw<&EaxH>tG6W9Q`iew)oy0H*rTwj zjldyOg2<2b4*fuTz39Wja+R+hpiHKlXzo2`r#pP8{fVfn)ivmnNG61Nr`>w2NA=El z)_QD-O7V9Z02?X*hv^dW=!2s{k&c6t!HYDMCdyF+ZlJ{T(U+pHB2nk?O&m@iPoGIs zp-O4!LuV)(>{QP{|Dv43!Y_9+H<_cOcXM>@Nd83rY+j;7@kH@#5jVBsrq+|KldW{r z-HC-z=kd-nosi^oBD=2RU1z%J=%-~Uca$f}r^|Gd?n9uSzF``P)$aZw48q6zQ41K6 zrT*dmv3{9u7#tqNl|h&j4UP@M)6$~!BKj#U8eSyQ$wgy0DlZ#Z2HT-!;5{#ET872? z5Tq4DqeDZGL zaC8incRYF~dLD_1*y-507-}PZB7HWE+DM}|GAA>W8B|#YRhC1TbDZ}L>%VG7k zoYiZsIYtFZuW!meQ9s0;A%~}=~ME3bk6_X5Bo5vgt*e$-e)0;IkyA~%S zT^Wxz+ve|H);9dX_BD&r>BVc>+tw`3{G@55I}+(0Y08dtN9mWXaA@?j$JOgS37WKqKGGcdvfVoQkPAb1FAAp2Kx;Ao4}w zh82q$u3BguYruj9nl5pD2&^Zq#fo2J<&3f7u>jpPhNavL*A!hEaw)==EngUox8E_aY@kpsEg9&JHe1b-HCK+CV^LE)?EEELH~r`A z>aER9WpUwv{?%B1VLsQdl~||BLbCFh-kl7b?M6&%;xhd;+b^gElkf;vO42BS0Y$Lw zvD#J~(u&yoP65p58+Xn=eT z%_bD33Tf*Ec59;)FsfAYVAGOOe%^gNv-6?sS0)bP=d17ianrUhW{-N5AAt#X3twSh zrPZ!1_|XHzOUEQ0FRoY%blUL0(-pg$Eg77CkKO&(yRKgshMA8&%gBkH0K;=tV_vcg zX`xf-lXg;lK&R?n8>`7p*Abu&yc#9ql7@VvYHUixph__VPrwA@&9qf$MqK>nC!1mA z(@e8T#(J!iZZCE=0DDg<-d`DLK%)XQ;cKEy%Rz3xc437rDF~i4_6mb zy;I35q3*IYZDrSIsY)}Klo$UE0a9BhR%PzZYzA?A6sI~ee4gtlR=0FK)FG1PSjX%1 zQz>@v^BKfX#5C2bf>!0RK4rFg8iHi(A@fPhe{Kqyr(IF-*T3udHs zXLU&H*p0|`5Z=-KV1mG25b@^B$_iBRI04b2oziYs+64mW8g_xIxk2IF!*0whZpj1cn2ca{^;HDn~}Z0rW?55ggGR3+JFwm_NnV z#Bhpy|Kd~ER+G;3W(EKc)EbI z1!$E4jsvz8aR@kEnhZrjGC1c^NT9j7N{vb zCLBG2C1AqQW5O{XH=i*}wQ4PagK^k`tnD`>I3un#E_|7L#Ema=H@Q(^{xs@sD6o1) zy_F)v5maAf3>D^zrlRzNSru&(V^rI*v3k9sVw1TURW_1ZgSz@e4$j#CPXqP;mY^V4ULBjSMv__zx zV}fGx|?Z!-$k?}CcH9k#GRGM4Z}@LQ+_oc)ls5V@MWN(D7c!p zVNqZO3ASvm)s=N4I-b^N^@uac z)8?$XY#t##qcA%ouL`j(M^rp5XXUay@*6YqSQLw1)jFnZwHocDX*f{AriEI zr{!Cso+m{lTA6jl#T1|$!^7Jz3h0vKY% z>2e0=F~RVah74k;9#hvmeF*$aWwn}M81Mr+>6j4&mXuRqRS(4n(pBMsV5yyOdb8)| zPG2GE(v!loKX03m4YD+SEzs8z^!u`rzL+G7VlLBc3+H^ai%a;NDTi*LIoTU`JDbSg zdroCiQ5|g&{+k^TKPwc4_aN`L({9y{Ngp6{!4x)}F(nl%R@DCkWwH9$Yd!c<4vRJbNia9pas?)WkEf&_;W z{mCowM#=M^@s>*yx3sKp+0r7dYk!XmSg#R zXR%3Z*2;RhB~4xjQpqmyvv4&K$ZO@csJAIU126dZ5^4{tXNSJnyWRYvvRMB82O|^p;oNRn@P>v(#%c1B4FP_QzWG*N<3|v zFhR8;!yuhd^chcTC$%!^qMDwkODQKdMT(w#M$OUb)Fe6=s-Ur5a}`a#qS?o@=8#$) zNOeRDD%-MDYQW4EO0uky7Fz=eha(xX4Ssx?*JSJ{wM1#hmFU^pV=fQfJhH%keflT4 zuBcfQZL!Xzj_DMikAKOk#OJXIh!K8FRC9fG`O+~ph6QLCI5o5FjTK*sN^m;#WesFt zN*pp<%{+otdsp_Q7qtd`eeYXFCdUc!Ywz8|c8lR6`OjKd^z(N8CbP2~`+{H;f)!CK zdG6jH=#GGjH%-e_y|9dti8hi|SedYQp_7LUj5WYYy2J#pc6uF;@7S2lC zavYg2&G2ENpKUx1Yb3sX6X8&k({qkCd|&m0+K)pS`~kyu=$W~#L|3aDG}|;{U5Br_ z$*{A2Nv4HBiBv05bPPg_KsHG}vKdsv4M5fWrmq8I2ru<})NyV4M552#8YAUbW0VpBvgtK+d#u~~LqD1e0) z{T3LxTEH`-6t`oQxQdh?Ka>r*Wr*HF>$hVGiI0R6(plJVAsQR;Oc0IjJi@ZUP#33- zB_sW0?PWV$z}P40N2vSsJ*Q#y2NA{%KTyWR{l+pLJ7GF&0z1n#X}f5X8rht%pQRrM zI_3;R)KVjaa%Wni*?2wi0>Tk8$noV$^xNclJk{NuOm%ln@l9+cx2!GbEi7rylgS(z z^!&xr{{F#%{sl{?4|b#NX76D?Jgz}6M6bifRIz2$U_3!^qv7fk0{1A5O|8HK>a)6& zZC$bYgzj0aw6E(hi4kDL8Muha1d$NZ8jf0O>XeHbI#ZIBAEx_i_Mx2_cGFigyLM*Y z^Bm27aa+?LD?faHDPMn{{ge0<=YZM-FWU(v8$I_e=A><);M6P9n2LZQB$A+l&rYr4 zpooC@B&roe1ef5_Dspb!$5ybr*@qxAeU-h*{tJ#z^~}$5*hxb# z8{oOG-(IAlWG`mF|!}NJ{PKh6e0yu{VdWYL$)a+G#G0+c1W!1Ljp`5sZ<_ zJ(!qXR&KA0rH$9=-~+{5#QY=A_Jj-4rN30s$@*GsvS+DkkEvB4cmY^Oio#3d`M=578YS=3(r{BCw?CkjTiBT5%=oX`MdJY?1c%!XN(8 z``-7%j+;y$vWiCo@2z3M7gIOi9NM*A+%f&Xf9&-2f-gmFdYt`;w`o==ifYbbDvsx9 zy@3|Z8*44P9veS_pxP=73LhsRR%ljAo!Vv4G#MQ@D1!bqA0SKU7|zAJade->%=Ie;oPjwH&m-^vi<&Hsc#BcOd8C z@L2c(${F3OG;b2k)Q^}`4wU`r;}FEMa6m-MaNV6=tZWg_0mCu z(oJDVER(Q7V)J)X;)=R!WFoDk(#47~twYMf`zBU_Ei}G5+!mbdps%tX>!QmELY%vAsm^dg;j$UGC-H z_DWVNYGq*Y0$iqh2YLTStcDG0>QzIU)tU_&B)GK~B}QG)>OsPdpjMPv?77YJ0T1=O zk`Fpi0qTDKa4y^%#m^0Sw zU0NWs2$eZ%3$?`3YNJ{<%F$3X*b)lm*vdK~R=U1;&g_ZU-Eoa7<8#LR=FXhTqB0vp z4lijBiOgrUMbhE+>7g2>#@gWef3gWKPc2fMLldF|b5qA%E`qShrN|iJYN8g2x1oJJ zNAVcC$d%UtdwhyF%8bm#0L7_!w2rNGV7;Mr429#$j}7o}0oCKsrHU_vEp7E--(%Qc zCaobHolH(9F}re8a_nY{B#0>T-PyzeGx(Zoxg>e8swT*;cY7OzD&_T&~9 zyv49PXk8?k0-j{RMo#^5qh79Y9gEYhW4g1g1eMCpB|f{S5Y6R0v1rnp?h3gxL0d6P zJberNh)NzY%{7nI!iB4X5E|53%~5l!c@Q62G=rj{5+5?7Y6U@<=edhN76c=|1NYKx z^W1a(r-Iy*pZsfp*TFIr!*N;Pj7s{xMz{v7bHHJ?%wiZLqPWi;7% ztY6Nd<0|VLT<9QxX8>mbKLex*po%=m$JG1>mTV~#UJbYe_*=jb;4y#-)@^1tC+%k1U71grQAN}z z@VEsEWLW*0Yf--$?J6Rs#IR{kV;6#9* z3$6)n3?k;#!QheLi6G8FF#SMudvs6q@#x{`@hCqRgO{G|u|2WJV~1nMV>maIT%FvI z+?GTnv!|02NiBsYN}W$(z*I91h)tG1RoC`4j%utr2-p&V`@igZ|Y#`Na{q2N-&waNF{L0*ta<{ z8V3bfNoW#|x_eGOC;Y_b^Vw`(@6t85-1XMTveW&`&L@gyUz|jaK66q0iQnn)`yEdI zd;k5TAF*BUJvMP%{IIG$VUKvtW^crv=)itXB?#=_NoUX^IE23=)mJHBi}F|*L*Lz? zM4g2e;gbzVLQ#Oh!uJ=3Vns9{1$u61g#K46=hVeo97AmC>{Hlyq-=`YJjZ;>f(;K) zjI*99D#o)>6)O?wBWe)UmfPtdB9anK0a4EAB!ti+x)b`*4vP}hysjD8g}O^f9cNka z>wox%M=$?=_uwxKn?5dXS@`#ZR~8;UDz;A_gWVAES6-pm<-OvtOq;`I4%Lmpn>*cAW5} zu1^1Lt@141+6q;6+m!+E$@m!ZW-Qd1q?nS)f zlYCyyHsvN14gXB00N(EXWr{-+>mcTmQA zQM}ibf+B;N_qrPQo|6P2g)+W|;ypo7_ZIbIq@&JOO7jvcys?^43b$5q?UfON0=gQe^Gg3eSa zky*a0t!=P>{Rh{sAKoNxF5Lc!;g+>GEwDORp||&)&u`oD$lv!;8}fMcd>z=PtOI31 zuu{-%D&;Qoqvj{flG0yzOm^Nc+8h1LRkh}$dAKix3c@Y<^_1pqJJ0>-Uq(cw=6BDZ z=XtuvU3o1F=?vg+0P6{mY2*HQ{eF}cc{ZW5HOgN`VdsFHIu-Xx{}d`>O62I&=j+ zZY2<^Fk`_5_6sJ`If+3{16dMqRdGBlzboH(_=+B{F#L@A6yvH(oHOiUpKbm9U4>nr zY5weIi=SpcZ{EGT@bKrFKmTyy^MW8zeSV9bCmy0+ND9qjsbcbDl=`tt1w;T(5RCh4 z-u_J(qFBfZfKxbpvgV;LPuEF&!ELni5`M@dDSljj6MnqPPh2^fQf}$Nb}p?vl})pC zGemP3)D2gEG^kCaswF5Ao3D!eK$IwbvCM`j4Oy%d_$(rdQ~{i0kTM3&(hLjYjYpdd!LjcY$I6 z&I2xl2-X6w0p7wSj8Nbrr4v~GBtctJ*vqEr5;Sh<(kQ}G!KRFo03HkSAGsG|z#D)A z1XYxeN(7ZBa2ZjelLXbZ)=gIUF|=Mo!9IzC9daR~Ai?SoJoJPv!@!lBPHZ5U*d0F* ze;Tg0x5sf~0`CS~K?(Pz=#l4BFG2kMgVbB7#P6m-@d&t&eUAgu=2AloUXy8Py~7qr zQkL%rJfZmCr3?Pfw|mnIZ_b4Jg6*Asi=%zFcZB==h3|aIFh`^v*90f8zFn(>WFzpZ-GZGrxbILW_6|VNPet3hlZg2%1VXj;5V^ zU6~8#eGc>q^K}G!WWbLj$YJKauExFR%!1&9=G{OBBqtNeh+7o}yv|GYXLx)^o_~LX zM(V1Yjk{<`R-YrW4meA5q)Ui1mBJ&s7Y0NT9>NK!LD!5ZB$x<2Q?Pj)s2WzF>kp2S^-!^p*JVfCmH)g#suc+kgtC15uXHWS7C$CayGmAv1e##PqaB?5=Be67$ZY|CYf|=!KFzK6arsmC;rJ6 z%6dFaN(}W9%^g$XSA;VAT*cP#T{b{4VG$xiQ6TnX7^k8HgSz#$Ew+bj`)w*>li1KC zfGHc+E`TUNXA=~5F~ogkS>X;78BCX3W;2g%e0x*zmZM7K7vaX1#X2)qiFRfb6SP=H z<*w;?MyPkekhx;aq;bj($p;TsBJwRwdo8?^1Z_5eM~!9xcr-{6RQH%4H={+JI6*LR z#CyVf)+-UA@LuymA2Ecs1Y8B7+TD4eQ>?FW+`lE)Bgoa~MCE};G3mYNRS|vj;*QYc zpf%Ux$h{LTuED2Mc)2q|pK~ROm86(&bykT z4$(nT^1?}bDrBb+8NNU+Y+;8#{mD@4U?M-_(8Y^Ak)~yxp-9>5ise1=a>mtT4!1;I z*@!*Rwlp_A#>c7>8&Q0L#_AG2R$rvkW*#!XYHf?QfvYz6K2A$MAJt z&Ayq%E~1DP{ZhoITY7paj~lPXoDFr_w5}U(T#Yvl;{*bhz%G3Di_3WNX}tJw{CHff zZ`&(RC$M_}r~8I~c$Z7VnPUw_q6XKy7GP3imTtHV?y8+uyCV6~WS`a66JFXsRc`t|Y3`VEVluxh)2U4+QGyBt0EEI}8xGt?}?Hx+x zx>C_-%A0QWF1uY~{@c7fw8D z#~F#UoO}w)DIwx#JVo|yDUitV)Tz`|>h%=KFYzO;;|1fas3ypyVJS9F_KHY$UgA-& zc^E{%1tY-_Uu*&{cnHP<1P=t!>!PQlSe-_(u#4dmLG?oNDiqF#GVtlRF}EYPH+L|n z*dJ-=%zgRa%YQ!q$N4|ce>4A`yk_0Rx%}n)&+;@gsPpbT89*s)rbh6%VZ8VXfbWLa z;O!fOjK6l4BlzmMk={DJ(_`HB2#y!d?n zO8)0~u_o`K7gskGb{53hOeA0bivL*W~u^tDssad=u9xIT~1;dRw!%>OC`r@JH{mpP9)C__?_ukp_2F`z@k;iuh z%o_tuv!6TExW0)ALeqE~35MJ5ZQBev>p&Zl5_#)x!^{8>s6US{Y^+0-ctv>kx0G`J z1C_J7%5<+utSup}Jjls>_kQ9RmkdD5q`|z&-8;H-gfb z5M)|UMbOO#qN}1bdZIikPNnGPORQqC^5G)g*h*5NRuEr+)7{E9rK-yL26UUn7W1MCA_ zyz%bJHcV@K04coQ4d@13&4N_cDV2)mzLv(zQZtr_paG6KRso*0vI)(UumNR)ub6Us zGexhrE#q~kI(BRgbllX|d~;tS-ZPrMxy_mjK4jn6(sOG|?!&frSIg4Y)+J4Lck`lr z(~?%dsD0?K`aiHNofuf%(Y|(ZrZc@PoNNuI{Z?Np)QmBq#8csGyjzqt-Y>zw+K+EN zMF9R)t#4y|-P)iTwn~)q%>e5O_%N8~UeFA4bs)bAJh``PH#YA3M&mxv5N|b-EoQ~7 z3a4!spf!uZ*|`5}jr-4VniFZlJrk@~GXg;;a0Ph{>H`+{ZmeIH1^vw2>Q4RIIe2z~F#VDZ-<`%unL6!h)B$ z*<7qNQxVuP^I({5oIZHL+^87LO9!!@7&TLz=T{lM zA)%=x`0J{#B;KH5IgeBJhIi|bmDiySQY|WFN}19+{**E4nNp^*P@hdS!nO{zu3Gj zgW20?9C82ieEg2hTpyr`AByisy{>QYsAk{W80+y>xb1D_wj1|-qj4X`x>4a-or>VD z#yy7`_h9_G$1^m3GqBIZQlY`9LY~~uFMs#ljd$y+1KCyC2A@iavqQQ}9wEz$uqDb@ zEFLV{J&dvg)B+S7bIb2QnNyzPJgK>Ss#X)2=mgleMQ1UqtiN`DsGrRU#{RIz=hgB7 zNpI#%5N$m`QuUnva)XHl1xm5jFFgjFFzhkZqZNO`Lf{7MX>hf+TlZKomAz4O<2pN^ zZ9G=I;c|m9rgTlq-noHccKYGXl7PpG`whW%`25v>i)P+vJ57Ei+KzZgW7qz4{(w98 z)#B|m+VW7NEz$OY@fK?PmQ^kHwjit`=53*cTA){vizsU~Hc51G$*+rMIm?mm?;3rs z7G<&?T$1-A-Su}#zhZ~r6`I&R6+JBJx%xy>&wZ>Vi%_kQl8~rCM>45sP{>oTy5WS-?pGM_0!Tg%5RO z+H`9gmXam1+?doGaj;(I{aCU+T!$yw}-e&NW^LX^4FgD zGh36d|AQ+(wKo@IAGAe%7C{o!v{v{L?dPLHlYk)2njp1kZ%|XyJ$<{E%Kd2X6TMX6 zRlWDpPes)9(nTdGx+bV>)+?@F{)7%wBG=HC-vP&_2uY@U9|_vCW|&&>@u z#2xrm(_%NoZ#va{fz>MyVJlm62be>h_Yf%d%bb4@Q+DxbCCX@yemtD#TDjb-Xi1)7 za408HV~Lo`0H<%nX{#K^i6I$h0hbA?FrLLm9VgBM&T;0d5fh*tYK|`C1UQGnJmA`n z4shIc#s#JokJIlXI6+W74NNgg~B~|FYI2Lw5IdjO<7mhx{<|qmwkV!8|fVE-)_$i6xOeE*(GOUFwonlargu# z>}KzgefBp5wXh3Z(nkfzWe5-e{t4+>SU^RjB7U|=57AFW79av`2$?HIwEilj2;dc{ z5@kd+PO&NWI(4j?ym`0G`&+d~HHrW~?;@0e5@&_n@FC2KxYbeWfc$s&X7@)6H{UA8 zzW6^94{YH4x2mXTE4Zy@Uwr|N_e2;}q<&|EO$X)vpKIFh7hm|}@E%UrpAu#AX7QY0 z7s5d7~K% z$Aji0<`ZU|Q*3oGV?!Es!lGR#%>R-Rd5yeL-XZUm56W4b*4oFS11eVvmx;FQ3KYi`i32(pj{T?xOhRK*An{GGf$@-==`W5x{@6+udS> zeM9^j&6|g5uH#L`-A%zVisnKAM0C9kT0DTi0Tcn(0S^JV46Bu(=JeZ!IleMbj~_zE zJQTiEGdP>Dm?Ea4NkU8!#L5GOD_QWRWZ|>PxzoANNr@LduXx_@(1bS8V;Qxq#kGyj z9nQUU&5_{?9;|Wdet&3q?rHAsvo}Qp8l%l*)TP3C(!dS|jc&i#5*_n|JX(vxkWD7M zL2rQf*9o?nEg>6kt8la8RHgcmv|plbzeIvT^pg_82O?IAOlwPgi&~HrP0Q+|>L=86 zqd^iB#Y}WafQA{v7-Etsjc`7C7`atIOn#7pNRh zQ90UqITk487&JU9{f+dp^qTZGy}LRft-^>_^Os>j8w9ETS~K^+@Px>Rt&^-0xMMhF zHfHS~iqm_Y7Q9!?ulh*X-|x`dtxl6qdGGZ#terZhRapH0;Juao^sP5uo|^yV%11kE z@5VRd-J-CHzWEvc%`ss=Sn9$h6kt}RS6ijQTKLATycF}-J>PGV_cT&&qvxFnu{Y&> z-HGR&gHA4xwBb$P2QG4d-Vyqc2(-hX)jFsBGINeu_(6P|%M$nd zn_ixgZZxjd#v3;^>k!|)fWG@s?Ynn0zWaBsc>b-p-T61pmz}RU-*)15=c-wsSqa*l z{QGA057@$)={w==ZcbZy<{ZEDU?P;X*{SIQ^m&xFIC)yk-})h?57``O$JFdY0pCY` z>JaZ!G2!?BZ}uu4l<5+EU+s%#edfI1S9v_5#Bs0ek8sA2Vp1S-$L?s!xxG>|x0fEm z=b@M4Q)i@|__P~6HdQ~g*S-|=`wM+!6=w!*qhHaFz@%ZClc))@ff?$7mv5K zQA7cH_7ABijB(rETTx4Myiy51nn1lErV=;fWkn>Eoyv6?6C6SH3He!B3818&Wov>yNw?*lKmZMO0*$D z0FraY%SP3@*;_r>2+K^ZY}~jLHJLjC6S*md-lWA9#)HSaWnkpq(D0JsRRi=LXIq7_ zLS|r~XX5y_ZQ|#CT73Tp5>Nbz(syFSN0}o1_cr#SijP#(IA^o+Y?|O@fZ$8lT-c^b z^g!RHqu2T@IHxaGY)Z-om4A%uG+1juZd;E8cZH8cerkp!!8}KJKx*(J`PZl~G!agDl6>#ofyJfNk;ydm*X{_ymw(V_u+8%F{Vc2|Q%_NgHn+m%XCpIsD z6Cr|4fXPt9O?TzR7HmEMLj~O4HaAzsqq&mVswSa!x?J?*b~ha3XUM}sCk@&X{VtSf z6H!YP^h=}whj+(_ZH@7XW1By3m4YNh&eOM*%J8DEpXk# z#uniI)#6v!Q7JCCsh6`Ncb{P?DxOfEAQ;p|EJX`qeyhk>i%!%QV3s)xFiT?rW*{qn zT7VfMhN3}PfH{=~Shs1&wAzH2EAI2|D{j8-GL4$n;*`QSpv0v6qWhYA#saK+#`^2? zEu~(2CK1qhJl1r$+2ct@{8)W`ov*$k?i*__QMg|mXP=f_+#l=_V#`(E)?SCQ>b=^{ zV0v4%+)Vd(@D5v9Py4@yi`d`f9rk7r&SH&vk~S7nrvL&S&f_Zf|Bjc~7c61!6V~-D zBtjvlOH$9{C6);v6CY)}B@fZyBg*VpxsFDP5GZ>!Yr8ev5?(Adh=$k)W*%0H0bk~wAK?&+&)=4P}8$}q~ZB*A1} zy+*x}_IH&YHC#H52nfsv8*pijv{91k8@`Wy-u{He2o_=WIGbTbD`34Ml5&R9 z8=s`Cxid3ZoL)3vGsCCYC(VzTzhr)f(&Q-5eAX<^I#+$w{3e}pkQy~9sVRf#Yramu zG3IwLzrkP+gvBLGe2XIqU%=|LX?%Uc{{;&C*Ny-H0RR910RquvPG@yr4?Oh%8w2P7 z0002U_|jbf0002YNlA(T0RK+`{R2V(000O80ssI20001Z0b^ifU|^2^@5I2s_=SPt z|98f}KoL~H0sw{+1&;uD0Zq>X$Q@7=0N`)7ZR59X+k6UBp3)F!q-8D62vfEjGL~(( ztextq@7}|7R{R52Ob|8STysFX!%q9-xnU(Lyf);kZnc(;7*HK`pDFG7WB%GH70&B+ z%r@0ZG-@;HbmSQ|O7$vH>xj1a&FURf>wq0f9FFR~ZgVnDsnM=kMdU7L4Z5USuc@f} zo!73^MJ+M!bl!GV_Nvw3ue1_;Q|+97r(@FNx~<0bNg0ajuG=bHi|H@>b^Ge2J7RB5 z*c5qNk=07HWzA$A6&K_!#IMadtWA@eA{#a5>q}YZ#SM8w@jJ8jYL9=(25UX?&1)$? zybe=3!bdN{xGPSmu;{Xz-umqMe|K>^eEM0s2f+?gbo-2kdRxLIzFfP0>m@!B(yfSn%WHY8TtTjqD4mRF5t~e?=dO93B#yf00 zay`60ygzn7`al#wpg|@`YEfYD{uYgie@GHcxs` z3{cQe`cbG+=28q&a8jaEPE(>(j8)oKTv$|Ca9Dy^npm<}##%O7yj(6^NL*B0YFvU` znp~z_yjRA**qd}oknsAsrm&S)fQTxoJ?hH02-uxY|-mTItS z=4;MvRBfhh(r$uo{%=BWes8>RIB=+O9&tQzc5$q6+;Ti~ICD^QymUBpo^;lA5Or7p z0RR91+W=qy1psUS1ONd5000003IG5C00%Ju0ssMc0dSkZBwlmCv;P_=obeLwA6XOcIcLG?D;MG|{mffE`d|BQaOKUBH(tp|2_WOTpG6bnJ38aFa{0bIewfx-X)0I;;@F1WjUac2eQXBhaC2!ZQaguuNEK`8X# z(UWH{UcGtu;nSCIKYsoB7ZaC|l#-T_m6KOcR8m$^Ra4i{)Y8_`)zddHG%_|3nVOkf zSXx=z*xK1UI6B=3f`{cizyJV%`%V8^&s5vCZCg{@J=L~j+nSi?*vUD&CYfxiX{MWD zrdej2W3GATTVSC@7F%MeWtLlErBzm2W36@8+hC(jzI*42tCBp^?3#OSd*O@sVVGO$ zT=qCb!foE@+aEPy zlt#6p#mMwulq}aJOOY5xhcUXs*f1`P4->*fQzG-1&7C{cayTF%5Cs4v zw|V+Jco=D384v|1S>H0aT3t7PZ@U!civREY_2zc{c(Xe0IuEP(&_Gg@i#!#R0+y=O zP=98YLzP=vkurRCSgX{P-%4|9zV!lqeT0d40o%Z!&9I4)g-M%n6Du>2+|KIjWUemG zz@fdJEy@GRVy{T@HCF_(7`8LQ1)1P1=B#iRLs<}ur8y_W2CQ%s2P?bw1_lM!+Dr+T zO$l6##hVU*2n8<2l1=_RK$biYkX6saSh{IGh|uQ)iur?x{}2{P7DTKE5$AyfNJ%MB a0!Y+@i2njWb@~E8iFhCZ0O61}VE_O-Q=5qZ literal 0 HcmV?d00001 diff --git a/fonts/Novecentosanswide-Normal-webfont.eot b/fonts/Novecentosanswide-Normal-webfont.eot new file mode 100644 index 0000000000000000000000000000000000000000..9984682fc9460f3484c1037ec3331535c3b64f7c GIT binary patch literal 22446 zcmbSyWl&r}*XGP%gS$&`cXxMpm%$~tYjAgWcXyZIZUcni!JVKXkU+9|-`)CZtM=b^ zSKs@b=RD_}>i*HyU3G7h9st0v3jl!rby&cE8XVkzUjQH=1qk@ZDXSy=Z{mNR=>P!v ze~jY1%g6sA{|9gbQ~@pkZ-6zx^51Xc4<0UiMJf7s(6@&VWbtp0h(|EqHcIQ{cD z{)PjbH`v{nH8kx7NphIsc=v`R8%`m)Qcq`492@ckutq#R(AjS6ll3 zYZm1H&l~^%Ni8|`|5=>>17HCC6#%Kv0ChEh+6vCXMZ%1)q3x`_rJrVW2(4vb8@CI$ z?9XbS$Z^n)5$t3>0vt*OxL!U5YS1uFYM4_YwmTX1BN`ko_-Ic}V_eV)TS;PhG8GDE zcxnHoj5SJkuD!r0NhJl&I8K^)cl%?JjBVsen)Wx~P=r{Fb>X_|8Vl^JC2P zH0jU>9W~kV1Q(M+JJeN+0i=`LLvepbN{Ow{PUJ<6xpv!?Q3f_yEIAv|-rzOu@ z2#EV|@G6}5P*V3AS9k~)WgfgpUj6|^-s5E^BF6mE>4`IKKX;NtZ!KWyApV1B>SuTq zWHn`_;gp%t7IHi7R8K4sb(~M@<7+TIAL4Q{bpKfK=|9C@x`!yqK2p`{cfjF+>Y3-5 z&)_CG6sd8}F_s8l2ww>UQ-o-95Iy)G0vUQ^1aA-msu}~WKy5{awyzH&I1_tg)z_!) zKVHg@y9`+6vF2jfoU7c=H~dl7$d>}L6Kf#zX~vZY8v(Xo2{XEq?#NYn$&5+HwHDV? zEmqd91=Q7SbSE9eW$=D%G~bX)QV?2y%F@ZWtH3HDOMXJ%wz4d1cPu{Mv!uH)qGBLg z5;polS4A+cWzJb%B?c1V)0xmEd-^q7A8VBApKY64ED2DoCr?7d4sB&HE71N;qxnUB z*xXPTzRL*1trd45Q@}OM=6Fx3Daxi`uj;vGutZu$^+a~8mdrYqmg*GVkEDpAD*igX zdCkG(hD?Ps&<rAt+~$&x_@{zm%i$tTP{x22jt8P07@49j5rPd- zn{bj$t1HAGDcy$wp4m^bnnywpS7?X7JExFU*<#iVqbe3bRQH4oLKyh4c1!^B_LQW8 z&o?X2Mz}1Fh%SI!lB{4ZbUsQ1)oAs)2(+G%z$_1~-u4iF`b7`j=khkVTv883-3nQ@ zl$z@!BsdC5O73%9mdmNJ%i8@ZS1SsdMsiCoJH*bmnIV15m+Q7qh`EmtnFouT$iJM0x&n?jD7GyvOH+X zvQENFVp53G8|Xe@#Vj)UJT$3L*7vz>f>~A4{1}WXPIC?6`D!Kg^sJ^E^V(%U1;qS- z4q1WCh`&xCuo<1+ILupL%=>gi=)}AvLfB@~F>Hk8U|txORt9^Br)XHUFAg^Y0E=tO z`DRYxjGUDL*Z8JfD+Ch7PAm0H3>>4n(rX>@N66-SAa|SW{Q_uqymkY3j;IrsK#ecw z`^c~P2wXK@x-^usJiJC45iF;!*RX_YI~k?Yv@3E0+gMp>`X5z3%yp27ywxHDS3S2O z+KIo_Q=~rw353l>A)r=D%bZJls-w@#t7Usxt5WJDjA0ok_*G$4=bsh8&?iAWi>IF| zGQot$fCfL<%}0$8G?IACzSZh!|NOMz%?ccVrG#c8HN|uyrU#$S>&}Kz8ziEfYF)Xy z(MziOmriG4pZr)0oFtbbbds_2>6~rFWKE)kUNsG-iF)puPHufmuBw$cpCmb3)tu&7 z1c7n~^`5c}s%X_KE@*l@pY|mMY4MkGyq?@sw-u3^o7!yRWk8~DoX(unNjiuoy6wxI zQ<3kF9+~Yo%e8U#*eC@RRUSw5t?5{xLvfl#M0s>Ps?dmC!n1Y(dIfjZlBVR8vt^YA zUh5DuHX{uU|MwtUliEV@YO9QulpNuBc1t2q@)h%)K_t9&0h^L9rFy>UGTmuH`#_R3 zN1u?qJ0wJI0_l!devbdRIzp*5$#pPfrl;Y3ah{q2&r0obBD5!^Kpw9-2YWdlj649a zkWlB-LzRG;Btni0X|DJ8k!;fehu~hpGZE!QO-i2qR#L*mk1f%p-pb^t_u$No1lE}H zE=Z$8RpAPDj;-2Y*wvcQi)2$V9Wx{^mq{2*+**<0+`95WWjg0D$_}#;JgVThY1|-W zR!pCqZLi_&>LWNLt$~@F{5;jTFc17Z>gcMEwhmpG(q-CQ?(6IeRF3-1W<{s;KH9*}#%wnz7*!rGM>b`|%hmE1tke`J zsFzBtAe<|;ji!p3IapM~IYgMRUh3ug+`A@X-cEYS_EG3Kh)#H6eFGfTUo{o9bDil+ z)Ej1B_vWnbHgfPtvZr-?!&x+^aPy2b0u{y^G5jA77p=eK zM@$XV?8-{z%i((Ws-<7D&(I5HjS0Zow`d9nBlrpj;i3?03ncB3^Tr$U>bQ{gm1@|p zstRen(`VCM>d3OPL0Y~|5+Tc#ksXXgPK-VnE%B^LA-hQlX-W0*Q{*QaIH_5bCb`;% zeW%Qt>W+Cm;;vOa?1VV8WO`i&DEnUg|Ic1N6D_P5Bfs3rkeENB(kj>7Ti9Z+s zJd*_06OjPtwsZya904~!axw9im_G4W~m zx1+hPL(~sIOsp+G@MHoM3HHQplt5oAJr9CpM^cr_G{M(=h*Gy0Dvs8P*U|)>>ewb! zm9D9Pm;dbO%8*+ItC1N&3-m=|{x&H)n+5N#$40)wBhS2Kd0L}tr+^XO`X+e@(kCOp z7=uT%g*lhkM#2?DZ!;Q9oTi8DZIz{hkg&QiEsxG?gJ!M+EwqonVyVE@h3b zP{5a8)y0I?UCYwZlxF6`Eea+sqRM7QZumv|E<^bb@l;as)fGyRA~t4T^d+U4>l?77 zKldbJ%8y8lEKi%67s#wGJAWw;9Z=JqW2uo4|5%A%DZ@l}SI!z(8hD6L$OAyBKpPDV zr6%OI#@xJAEp#+ac|a}%_ug_SH#0a!sD>C+_t!cCzC1$D!GsZ2csHjdhwxBjPv=~k zO)o12RA{0V3Nt4>?ua-QQk%`Q21XcA7H%*HPjziOJ;1nrP3%L%TS+4RMen`{5l$aa z2X>q)(YGyjSPW0rIGux#o}fN0POc)=HMeAtft;UF7I6WUwA~uuxIy92#^venZ{^w4 zA$l}E!fd^XgwwfSx>SxY=FW5W6=+%FB4k(-Vb~J@ngvVGsx3#LCa*=`Z2mx6uHMsmFLWhJ@n5@wF1NFQ~~Ioe8` zLTn|+IxZnsxe;d|pzFhN?p^QH!tYJh^hA0-+9UK8F{PB55e6ywKoZnmAsB{dZ-;)1 z-2EJ^`)z>RX>33V`MKjU4mI-OnYh(H&AX(zbix=7nKAmbibl^rl!qJ!j3jyMcX3T86h($XB;+;u5&JrGu@lj{i(+ESql#686lQ@KBlU8tH zD=|}Zg)$8U6V6cEP!KOta@8V}CoDwnhl1@C^@2XW#geF2Jc zvA~dUk#D`p&u3}5P=N|&U_j+e@Z=E2x-HB$9pses%UDB7^AsRaO<4GsDbq5#90tn3 zesGcelS^l%r&ULU{A_rrY3m+2h0KPZaXEHQqoPunnjd{nY$gX^_4>M0IZ~lxk#7D* zv5|VwLmuMomMfp1gz~H*VYL;umiX3VWi@!q-vyUM*EV{#vcq zn{HB8^1XT7l--m=L;N`tpF-oaqS9RrLy8-NH0#8SHXW5~a2T0KsNM8-D%tD1_((Jp zKziT3>=PfYBhL=JS7v<>450gb$oRslJ!6>6Ih%&B$%K@<1B``P%7Ayyu{#g;zoUb$>aWh;^l0&LKoalBN~mL9l@bsMdQ5<>!1eTlFpXMQBm||pvEEHm#DiR8tXO=`#UiBEeaa##k&Qyy|dO~?JI-yVL@7g z_p9`XU$VR;h*`1lI9%b~_R!Y K>>!LA~%cZf1#GGpy3P`^y+xN~^^I!hS#k*IUmO~{(GZHF6247l(miFIy{Kl$R;xx~B6h8_Y$$_+os}*LqbHFm z;X7h`nB&t*R5k;o87!`t3vm_!pd!dR zrG5I93&lDQ;Se-t_|BF^G2K$&_yR>Pw0b{rG;=RoGcv{q-AV{(m)c;W`EoWuN*y=O zT~XdCpDD&+-UPyr@6`r9i4e@6>!+ou6*49yt)?{6qiQ-Zh9My*F=0bvN1MB4d?6=0 zj~4oU9LguUsTt0!*_*~BZ)vGG2e{PB%v>W%LV@t3@`39t!|$2 zFjA)PLYe3MNNh^iXiUN4U3)Nj-N5z zcWzt~M^0)aUlT$E>(Rt+Ck#QMC|@+r6zGaZPCWu!*D}O{tCzU4&BFjmsM&9FQYBVY+ z2^%@Kw1(kKs5&S}HP3a;oz6lf2%75E4HA*eo|@Rgj5-^mST+0FPIaaAFbzaBV|{ne z9ocV6!rtg#^*VCkotT3pLoDq*ad;S{Mpf7pfH?9_E3EKZ!13=NM(v5Rcq8JdDzku&BNj4OT6T?bsGJ9Edr}2AHJN4vKnt*`X6@jL0}Kj;Q`r z(Udt~*+)!UQKOmnnQ4FNW<}R8L{!O~KFw>+vIQ#gSc*Uc2_K0CoY6iU_ZC%7Y+s?d zanGL-mgZt5c<35hIUvI$#|LqF*Q-eMB)vT)Zq`2L+4jl4?Qz{hDL7dd2^VA-}&NIMB z^63RoUgP?StgCQOE^Qsd>!CX>QNH)^)3$1LeEh&5Ps_S{zvr#}CVt45mTuuRq4d@n zn=gsivhY8>afycZ?0hmyYcOerm{4j zOrmjPO)<$Md$n4(>9@o-%@@{9Fr@hcmd-tlG5scwG*cD#`6Uxe>|HhgUQv0F>cMt> zI+Y9hn3o|+J_5_#PgaL~71qbIqx~30P?U%uhnYsM+?}RQf4Y`)zLL4R^f9IQb$+Dse$%GL2(u0MDzlS*mV5f3XdfK;y?}p}TP^A$>-PE95Ep!3RXVnf#f`*)vVc3Xe7IJymflQxPv1 zGKzTqAqlR89`F5z@1lO+c(Pf*55Eax9(3o4W7KVo>fVy0()Eh3rJlPPF=yG4pU8bt zHgHBd@~pq#{aviwaFi9PJg(SALOS*<#J2`_=0N^LHFP~rvW8ITuygoI9~Tx4>IV`Z z&rIQkUu%d2lS*)4A-bL1>tbo5=J21=XYx;xK(St@xU3!B=115_Jn(cZlPqS>%X8d= za6C}dQ_6EBQBXYIa#QtFI2o_HzN%5wZ%V{F*(NEjwo7s20D^qm96U?mNZ|rX@K?Rk z;u#5-!7ZyOuXsrShGesDS4{VnfOEO-s8-y<^RU-VbSP-!f$`2tQ;!EPMm7z@Q3nm$ z+t}(JF3SAAYl7{sgH1x~8xn%@EsC%+rR&sW4DWlq6T7j_S6=m@alZZJ9;@Ic^8-eO z-}fiUAtXL{X8h{zIQB>d)T*oP=bOYJWoj7QHnqRR{D=F}3t?;o+O-(hY4>PQ%y9bE zM)@e2!jI9NG6;c7WLwDQcZY^O(Xn1+yoocFw*As#EA5_wu`HWth%BRj?G}}MNv%6d zF6iR4s(S0sOU{2$i;u%(3$IvAd%;jOQs>CvAX4kIrSKCH7fje|TPo_D)d&O7k z4&F6=9@I8o?NoQ3Jm_eZ0h_?#B>M>6#Po2wo4BMUZOZaAj_U~O@5wQ#`;pXyd5W9r zxzVIAZCboLbs5hp6W_cm2L0@iy=H*hev*ATX0tCD}8hM&Vhs zp{F@MqpEXtr|9duPa6+mdNq@>T>d8IeeP1)w!FcY?o5LT=-6L`S=*q0DKN99qWd~f z-Dq7w3$GS7X52*8$_P{W%3AOcGOwr$uFf3HWoy6IgdFO@VfVQ?wzH6gpOR1N)r)^` zqch^Aoe<-$v2knZlvEFDSaWI?wwy?K1Y1|#p7K9nnRqPCmAl`+Z2BP@(1j=3Xe(GH z{tOy}-DmR?k<{;+8+U1nu${lQ%D2hmDyRnVj%kI9haBa(hN~ZC;@35PVMNBd*ZaV> z^cr?1RvV`-X`P@XG$=53&)qPG$QEF6TA{$gmAM>`_DiUhlB8lYuZa#&K&~NJVuPjm z`vVrYa8EDe&`U>SK;fi&IKB~O*e#@upv)F2s=lN{Pb`)e`7k-9hEyiK>yAJ4+m0O7 zW=O06gZuW-;feILd@;82bu6r+one(Zerad+;~ zE)=ujg^L_mV9|I*!HZ!g2>ZDy_}mX7K1a$*kIOOMzmYiMI6Y?V$2P9o3imMmbto{T z-m~5jHM{s7wIy&fWvevu?_Eu@xyf&E#7_oajkqAb2DN7{t0$>rsK3fhIA(?X9(W9Z zHotYjSAwnX3QO)j7g(^`k589V#!c_%{3H13+tCKizzDPRP=y?UL#qnGE1j~KRKrBO z1I>E>Fx1F5=UCV2y>K5Y8Uf?hiP$xG%p$?nS|QM zgzE-Y^Gd|mM>i!>jf>DFK9Vx0^yJzXHhg;)CJGN9JkLniGjwT3VqhjO3)`-1!^nkd zbk#se7*)W)nUT?*ENpGL@Xv3U@&hy%k3d?)m%ek7?ej!F?=1Pv4Ic~B3dG6JbWJCP z;ie2gg!HaorVtuKk}*@`Ojj)rOT#^-XP#E6E25u%l()uuqe7TN{!Ud>k8rE!)Vxlb ze#w8@%CeJUDkL~XRy{s z6+^LS;a*Nphl`Yb6F^^JwC6Hugaa~WtI~uyC8UJ?WseJ*a z1E&N*=}s;@Kbhq2r2O9K7HS2QsRYxz@X^naeRi*sDXf8`!Hjw#a6CmwEdE-U>YL49 zRnzq}J1`A-R;vA}XiucKOu;ju{>d;2v8;yXDZz`nI^tGd<*B^;r zyitIWpWKB-T62bljEk+O(me$epB@MJhs0xa#6N0m{knY0mS4 z9O&JuC<( zO41&^a8KpqN9ykv5C077V{votQhQ2#8LH;VXmAIjri{e z41PP06U^xx7fxf&;7kjMJR)l}N2?n=;sk-qhv2O(}$s zhC&TD^HUVzaybAL>&ZFhlTFPQWR|kN`E;))#(oJ!G>R*Hj+kiwmApwi1CfH0*l| zYH;+}9bij61*7RQPm%mutL8j#A}JQTOlSc$Y1DwXA9v#3qg9vvQ4T*n(Kyr11v8x+ z08wN9qiq*hq?8Mqqe6`7p>`%cth-Bl^bY1_Ov^fvl7lLbERL+^kdeWCF5Ev4ngmJ$ zrHDv?2{omEt&&2r`znEwv7ZW*Uj=Fd7}viwL};45 z#0`)*d4~Rx_zh<|e6Uu`3b%}NEbcBB4JsioP4jUp{<-+DEvX~u3DYHx8M`H!M*YU= z6AWI7Z``y;Qk^OA2eQ$6DuI1<~t1%b)wQ#GFb-KZBP0$3BZz`#P zg-IBmxGnZVgkq$HS&(yIzsFI(Nkl@RZCQ_ilh;?6*hEHYAv3oTlQ~3*n7!*C2GMVY zm~gX%5TY5Gk$JPDD$`?=KZ~FBTowI{9M#`xvs73$w<9f6r%Mj`*bz*YOoQmUucT71 z*m{SWGZ2A@vm_udhOm4NpGMYCo!e?&@CVk&5ZskVoEOqCOF!|1J=Qvtf{j|kYeO%i z4t?6S+H=ODE99%=iAAkDlb;~y?$0q;b$>@ldrnNzc&5yEimwi;y&tIHdUo zbyB>0UfdX5fhLV5@2@=%1S=!9iIFtfkPVM4`gmT7(~nN`^01(@HOW!xM{*W5N^1Y< zqf{PH->C{Ut^%U(`ScoIi05LMQYt385d~|9eC85rH&e?ph9z5N4G%aYnjAYK#O@hH z=KE^ptA=ewJxpptJ~L8hA8U?fZt|6sNolW-N8aUEvLLzQS#9|mI9Gfo{jN*z{h8ny z|67*5F`s)fDUv0Rf0eiEXcQVvpObk!W`rh;D5u8ctWRO}Q;7?&hfv5h+pq0RFQ83~+@1-D2b17w{Mb15ZIaPYiMk`$_&jPvf{4O& zP~F|mihidHVzTbjM4ieUyd;IGaxl#gG*PNtZf~_1u9}-G7p?IfWm1d+o4&MFgkOsa1?->jWSPg0Ytpzmpa} z5Uf^4l4yUoMQomuA;qHQR$(wYX^4iQymc01FIaI%qhNuXTTxHX6~WT=PTbw%t$bfoOQ6jXs0xC z1KQv^ndNH)Z-r zc11>%#NQo%vV+W}2phTel&Mq(rfO|6yD*#Zeu}Scaoar|N2t`3;{CC#%(Wg$4!f59 zVihTtL3k*F?OgOFiDTSQqJ>W#3ImGJx0fuvLu-HiI&Alw(GTmm^4*Br+U0$TyJ|T% z;t%giRKk{B!*7WR2N4>YYX|X?9>%{d+A8K3lU$S2vIk0Tav1ZH`xu6Fz1^z(gqnu#R*=@oZ#KIO^Gw23I; z78)2XjpD$To=`AP;v;M8nB-wQDvDznq2Bd^0O+Zfck6%8O<(wE>y-u+R+CX>8!!r0%m29I^;sSl4^~IGE`dHU-&4cZAQw0yEteTut6Sh=|nK^v< zBG^2)LDLDJP!~F@>ZQ!rZ(~(!sq|TZ*9ACgL}wsrOg^-*zp?6!NO!OvsK9mIPKAUx@hk_oIIi1GyyC|MqC;6R>ARMfzpOzF?3Akr0}Zd;0L*YglJe|(mj05{$e9HVgVN=yw}CB2Y?))o|(zMrIG$U+R*-m@2;63(Qn@%F5iR%kqOyTkIH?0g{-TuVg=e_W znP0$vCvr1qjSE`X&W)!?p*(Ju=nG)?etC8w9TL=Q^Tzi)7NOVYE-7Ubt0Ck82Y!U@ z`8p*htt#K#j_71pXt3M^@lYOdR(2Y%9U$wLJPpr__e%R!8XPkQi!4Qnl6iSvkSh#d z%64<*Z*5?A9m7fTM;XOFQxks!e9$}oWj2PJ#dS?mqj&z!Q5ML> zwt8`o9CIKnVI^Z|K_d0NaC{{dqleK_K4qHMOwG!vpMvpeEqQvsuR-3mcw?b)gryXg!#* zOzWZ!oGD^e4wmkc@s*v7A`rqRr;4Z(%00h^3e*CMDxM_Qgs1`QVbmE~Uasuyhe?}J zZLEAh5Ob&rae3a-t+a$;{Fc`lk0UtYSZ&Vku=qs;K?w)R;O}0$Svo4z6x;XrOc@eE zfNOTxfs{tgWmmp3+=*qjw82^6p6Y5!hH#2FRxkOzzhI&#=%z2qi9|L8jfQYcF=1Bw z&TOP+;0=y1GMGC^jR_ui%X9m>-z=6ivR8J%F|cX?pHWp>G8_{kQF@Vi*IGCZM-8>P zLU)SvoT;UhSbXwyYO!ELnH%un>v7p@{AhTWVZg{vvxhwO3t2<^YO0ewxXjt#aOHED zDE9h^FAp2{U(Bx^XM*RS^O)T@Qi>S}i_6|o@H`j@TL@vbwp!goOq@N2a%S2n&!xv4 zNWUA!_F#QI40D(2%FcgNJ*u_L>w*ZFVM%=_!QQPn^D++%^k(5nY`Zh4e=pi=LZ*<5 zTGt9U8sKZx77WgI(0^#P?1!?j!}K|2%v#I+GE-thNY6f%*%ZnTNokZfr3ywT5B_9e zfI_}zZ0L{XqWW{!LZ*%=<~LT6mvt3a=~CTd3KEV;WpLHkFjA>Rq}kK!`nXH(uSwZ+ zM_sza;z+#qVk9zR-L29;Z-o%eR-)O_QZy3l(vx0lA}9xtln76!l6W7%-^4U6 zi-Or6@r7yc!-^6%^?nEEBaS1-?#@Z`-EeSh-4X!&UGROQ|7P25#)>n>G|St-lB|Cr zYIHRL8w6cMQW!D~>A_0-O|4{lXiLF5`*!Xi1-79zjJ@M(207{zWNC- zv^X0Y1sPNqGGTZhm;9JX!9qt#2y+La4Y17CCk1UkNj|TdBMf+WW_x+6HNH<@x|#c~byA#}%1!oUD0o$$O7-^4B?!OXt!5EjBl_0CXdaA@ z@tpuu;~8cLm2b*H$Wp4VoUaYX>1uX>!?^MHLpUS z68B9JaNa?Bt6yV${QlMzgZPr;GMbJemR;Zb4HLWV(-I_;a~_L@f@V>^W}P^b=ZUGE zpAp5f`UA7Ai+L^?05S@aiM7L_FqX)i;+Rg~)a?!08*5uZy;E!43KuHHH54Qbp5G%Vk`-&rUYtvoQhad3iu@^42@gXiAPuUOpFV!~Q{+wpU{RF%r&aSd;}qj@*&#aGtf})3~!) zOO^Y%Aq`bTh{3rUJu|b{i5jw;uix0IL=QA}>uZ72uuDK$|0zN5q(Gx|dVkS<9M!J# z=UV?UXag)8YfX#5N&v$jzjeoOKrJAF)9y^G0qn?>)4KVr=l6~s&*7$!Wx^OYi+)B* zWQ?OlmRH54+fZUv;v=u;El)XAI+NoOtRbC9n)(Lv(owk6QlOcY3e=6T$_wf|B*xv3 zoF}XH#2YtGl2%eD$CJ$kG^eg9jX>I?>GiNHQH6fI7nRcErNvCkc5?{F8J*W;xl8oo zHa>HG$Zcu!fAZQMmabA`>Gf}+Qg4n;&xi>&P)E&fAt z!59f<@DSKX7&mZ6uVtL)_!KQlGGYJ$uRMbC&XSdBU$o3N3 z3gGzAr9KY}JY`Z>rLl7X;TG}uxql;jV;Xbh4ZeAqmFn%sHeLG;fyRXBrP{InK1HHZ zMRh1K+u(50S7Zj}>0JXVf=FlGVnU4k+TGO1jxLC?!Rx`j-^iyZ69B0_0=42^xm;7h zm7aMuu9ifwCGbp*S{t7wL zbR-HaRaq@5`2i_ot%~(;VYZWER!WK<-3TT$GFN^UNOTb51Wnq``>B77P(Pp}?IBN@ zJ70|`*7gm-GFFw}38Y$%DD{19(M*IPo`LqpWzh_XD+p1oxBxPN6^1G?$=BZR@J-=gmjXPGs*#Pui{D{n6r)Em+oQeyPIF9F1#5#* zDkpPTL(K|bizDF+G^wUHco4gr4+7sra?FeLNZsw(sTzL2(EdLYP zrIJ@0eZ3pC_CaB}dr>65KK=|=+a{7QXAVCQz0L(QOi%+>)W-Z&aPC|PM8y%=0}g&@ z4xyNs7vz-X#C|NrDY~6wP&hsW)Goq&xFFZ{581UPQ(7pOu*ZO{s`~EDJtN(hsaZr& z?)Mc#DaP2jeM=%n4aT^dj@DiPhxac5Lb5qh+>Kkmw91`xc)UxnQuEZ_h6=D8+TBH z`3xzAzoPsdD2WvT6cuYJ;0+BFDQseRA&ij#(hu|`2R++6?K&VSV_X4$QlO6LH9Vfj z$7UyWn4RTT@5d?w98X%l75h?~&~MaTaG{Py9K^Hx0`Zn(b+?4{)4zrAe%Fr837%lf zbMhCu!231Nh(m;Qdd(SBsj9;4@OLbB;5lhT`ZK!V zC3yGs5g||~={zn3N8`Fl1}VT~OL^owsyW$kdC02}LCVDX8d*(etx6^_t+fSog(MJr zsO$$@clqK#q|x_^I}xJ6NP*Pwv}smBMC_1AyF)jy=Pnw4iW5#1e zp)>gsdun4&jH&@u=)+?u9}S3HV<57>)0AtywU>~KMX&Xo^=CequAjkpI7{*v4l^c- z;K{#FhXCua*>E2=+%%l4jkIklOIqP`hw>~v?^IL2VV3zS!cbi=I6*F3%et~lv&vAV7JRJ`x{e@TnvJe8WFe3-SEwx!+N*+ucIMzk` zgjLgqDnA|HD!-=@H}5ppb~fr#JUBD|-j#K1|3lZaZyo5^O&T4LX%@;{dX&vk#1R`N zh>XVgqdMFGH-TJ=W1Ok(e&c2=gHVRSVI%v}x8=453nGnix(WUg8vCK|u+0Vt->`A} zg6omL&UF4MrUljJaTuK?p#6j?Xh1?tfUvVTJ{Q--41O%U5N51dF-^-Z+HA;Svv~Jj zl4OYZ{eapMDe27O(%z?-dnzMhvZ1MjAH<%q4MiZkw7e2j#e_0xRD(~>W)Pv`QVrprt|Jw-Uig`mo4 zIp%JDYyp_pNXd4i@N#VtnVI2Sl4c+qd$uSxLuq2nI_R*L+O^5sK7B*Wg{YgapfD;B zAukm2T1<3A1*mg!$IAHdNt$oS{xma8W{EuGb#{)-BDio zlqicqCo=B8>e3>Tg1UkVhEN-D+TlE>fow1c?1)vf38(U&8$71KRpq*-eLUN(2OTAe zk|i#bx#U&Il1f~kW6cGl<_V~Jf#hx;jg>^nj;fix`V#&8mR~?+PpfE0*t(n%WWm6~`;+E*EZdfe0VYRCE{(Nx zGW=2--iq1kZ(r5f#Bpr*=eBPi5@2#xrWm1FrZvwU|M)HSQ_>b5d@K#b$7}0>v5uCk z5XW{M-W6Fa)AUte)7m*OZx(CT_Yt{(%gNH8zBD)&Gz}sv&l$W?GwTJcmV0$Z9Xybh zup9^RTDjABf-R()P6d#psu$%*b~`h2KJd>Dhq0#?BkS-N3DA;^HJ9K!1m1i%qFi~& z5B}hF86kqJVA#SP)MWf~S39mq^UA^9OAIju<27&G7#rNZ*5e0V`g)_h zV(M~9yffO!&R&|y^Nug#piMy}9FD_3 zVQ^N#-$Ww5e=8tBQFm`k&gUmqAbVv#yN&%#T~|;dFBId^9=&|$Z6d8;yyY3}`5uG- zIQ{h#t9uMatn|ygd(7*Z=RR5{CU@mL+)hvIl|r{;sVNiL+_buT)HjBaymlWNVgV{S zhfPWHwDEqD@C)@Md9aKB51FW<2i|z)(=@rs!!X+x9wo#PpiUrTUdd7ST*|~GiF*e> zSBy)T$`@aEIJFzhaHmDjZ-E{Va+0EL2Y*RlzZMwU0)4X(tvH|C8kxsk9(qL+U6t6z z4Fwnc=BX7$Lw3XPJYz;~Y-fD* z+j(1kitP_+_}8MwSu5WO z^2idR+QchpV46%a#1=BA^2J{|A23Aw2+Vgj{b;ai_9y86NZ|7}Tg<6MCLozy1BLX`Hd^e?`!1}rtM9AK=;nKic&Y6YPb?%(9Xz0VkNEz2IQwg6sG7YsJI^KSi zx35;JTyiz-;u)S&J7f`G^n!4tCa89zN1_PG5+z|2M3Qqfro(bdgWJ($7c3kCTAXzd zrI4v9cx7WqBX6i#t@A$I(_%KAscsQK1tKg?ks{kf_Z!kPCDe!YBxPNyJNcL;`9H|h z`FL2z6=c%j9;o6oGVM)r*6K&oY!Z6lSulK}2|v#?2kD*zo?36=>+u|=Kco57-fd3K zwp=K{b;gdsciNTZ_dZ!0mEvmKYQXMs(|X~L>GZiCwG%fgvd`POb(Ra^uJ*Ds?+eCd zCJpaKdM?J1j0e~A4~E(J-beb==J#Y$M;-Z~Q}%q38#rkSXJ#i9_c4coGD3-n<^KKl zjiT5LZ2PO^D|HCQ52-gU=rSRNRw&mrFyJ<2N8k$Sj3}mund#|iT(Y#fNvF%rx->3@ zN=oxBxm{5UytS4k6P4vITXQc?z9IHEGLyC-!wuUTQ2R(;n^Ijekk{lgTBTNP%gxet zBtv->7)L7aT>LHE>@2pRSA5{);j3%ZFro&StGBjj zFkDyCNU)AFaVUKy_aTBTw;Q4G$6YNT;R$OpTK0@%yX;+G!8_p7m$65ag44%^`y5WH z4M&owgfwt&8VE~8=SX-}!ytFCORyZ3l$GB!58DcV1f2Sli_+PD;~plH1(KfK?kk?u zTq;%V0auWT+&Z_9(GrMm;Mr0yXbP-^PX0=`{jng1?hTbCYk*ZGB6rbG$Lm1^H*jpJ zD_jDkC&!xdSwdu0A!t^pUt=wCnA$bcFAfX5zgmC5%UVQ8DT_Y~hWV$7*<}hQbmj z>{*ScvJta}eO8)%u(e)KgoVMul}%k)3W1xjMTHR|cod0k*(oN~s%`^b^p%x>A(@)- zESi2267&oI179RkcD#z{zGVw*+!vK3TSYY)lg{J&dBOr^@%J_e5FjPL@2^2r03N1+ ziUfz0!?iuNG}1=QiW1q17Mt2Y zwHf*b(jC@TOezPczL*f6-ruqRt7CK#9*JB@-@};If$l?Av6ExvDe-fj_lVLHu9Kq? z643-ohk1&!N4li z&TS=jvRGp~Y$SZ4e8DFH2}NZTw05;-55x4!j4;+Rb=6tui<=nDa=Y@jb&Q)~-M6U5F& z6R{at)$O`GGTNM5ehuwW(5C#rCry@Mmuq9J-F{gsU*sai(hBFmMASA$_Ae9vX;X^GT3d&-_(NJcTikhlz!4U)ov^{%<9W4NQNaWZ|0}`!0 z>Q!>~)l^ulX+estcn~sua_r%z_?9fvFEtnmo`*>$vLFXaQ7l!SNUUL2n4?!sb?XQ* zH~ z`Z`}hPIvgjm{gMb4laNj4;?dpW;l=e)fs%Qbka>upA-(Pa&|cs2giL4kmDl}g?%5R z%wl5Yv;);rBPrq2!m^iDe%7z;_74TUx%H}qhK27ez90)|+*mfNl9dx3VuyvyLe5c$$F5E?1V(QOB z2FmL~sck(Jx=JIUO95p|l&S#Gw{e3)P(axbr)ER{e7Z4h1BQA*K3F5fJ@5c&Q_7y{ z0@f5LHiHdO4vY%-WxRcVJm|poXC&i02(&H)=JAuKo%C}1s~M>E9)5AhM8Nox_%IU)o43>t)?Y!Qwil-<{_!Un)8RG{k* zp&(p|dDAn?BPYl;MoTrFmjML{|rJm4OKd41$Yd0tQP1IAdJP`bZC3D#yT?| zBx_Z*8UAJsipY_@0s}%Igy=d)9g^z3AYqVy9XN%n^>aG)g- z1{%nB@K4uO2?!2XxQr)p^$NU6BL3#*~ch~8nZyxgwN<#4WyK1*4#lYPX2Mx zqG=H%++caQmSqi<;SqJ44{l(1W8bI9)8a3T60ze&q)GzO%mf9AB-mP^H#*_w9hzJq zDx8YK(R*DHXCYGJgQ;5BHfa=c&+9RPZ zyqNRFAC+s^%$*@UGvS$wEnE_L(AM&LYywXUdzb#8OCPcmDZpYw5cV8l@v)aHD%% z4z=G2gqQZ=U6#6vHA55KMV2v4nX5fmO@5MHRhw34oPQ_II~`_Cl2tAW9@4Q3`z?W^ zsa8!Wf!KDn%3dgaAg>!Z{^WwLwKgJph!ez-z;Fy5AcWop=B+Ex#;n40+8+bkd(*)6 za&p`o^v#>v8fI6PuJRqOl`(eFHDlms)49nx56cjfoCMT-C{Q7RfdOhKG&reXcrtjY zOHgwuHTHmsJU4}B4b^|73VRJmHWO~24wedQDRQE*D4Q3*@WfU~Xac)y%|9=q^PAcV z0bTQ}rG(MfLVCFnaBjjP0{ z?9Ty&rSyW(!xkJkcdZV^A6;SL!R0wz!}p8kMccvWvx2!DLP7|MU_?oa+%@fGZY;TB z!vYkh`Y5o?W258V86dc)n4FxB3YaEcR03G0)O(y%^Mg1Jo$-V;rkq&9Qpv)XwGf=-}GX4rrR{QB7t%a>xJbIRswb9}3e%;a( zff^75!J-ug(@CRKS~^^qKTT1Zs!)Ms6DXw}08M{vZ9gH=GwY$*TOqo)q6@r8Z-H_! zraqXWFZeO8oW-T#aT^jHrlx}dT!i>qeSX-)Mqz)X0DFKL9Yiz8m$|#NJvAmpU(PYB zBH2iNlBCe#BZpyfVHcr*#ETdX3kpAm0^C&-y77^98|$?-8Vly0I@J%3QT9K~+DHrar!GG|cCmWfz+g4fbf8QEzE zEFKS_FD+{XKd8p~e|j>r+BFvnh`UDGLKx!-Z{~!7p2cF2zHI$8qSbdq6a%-GGJ7dY zQ?pey6%||_HfLKk)tDVKAo_F2)k2ddmKpE*9R3*SEDR{sGA6q%L7UbAR&EYuu}Fg+iHm!&J31x z*9@D}w|`s6{L?vAsNg~U!kc+QPNbSZvvKw9fTWXu2>_0yeW}7UKnV}6jb-ABVT~C2 z|1c?NfD#Y$W~t&nQk_!HVvJS9trtefUA)TNIy9fKk?e%08A95I`g$~~m+6Zyh9o{p z)2a1SCQB_!fN#HunKcOdifT|ePL0O7xdzI##ms=UCDwz7f|JWs`cOy$9FQoZ>6|Y& z01U#_ex2Mq#fEwpWCGLF#wlJRM(6{+v4WVf=^5>Jv8TvWQqsGZF_!lYUZxzqE>Vda z6J=b5Sg{6PO*#x=!9#?UqgN?>9-Ek$pnWMv2JN2apqJ7h!SVHX-o=T^by&KB9E66N zfCy(&si4>^MDWi{X3)ok@Gm?#Y8Ph*69L&$ zVS3@_sHQm8O7=wWjQ|sjZHDRF_`tdd7V5SFXC}_(nG`x>p`EO5G`~mGlqud!;mZaP znsUTdot+vI7#FDgDWZ`>4mgP>Fzk0l)VUtXO_!3(oHK@MaS>&+-+$+pm30K3RI!xXh;JC48r2nj7S?wb~j z;f3AJ)^Iq?f}u=k2(0}P9T`Lss)%tQBZTY%79=L^wq1LJF~N}ldjfVt;yuF~rs-*^ zEkz}ne~BvFj&YFOhnq9ekO1#qa=Ry9;alas}R#4)RcvI7p&4oFV2u=RM+>d~{f>?7`EHdYnKO*p)lc+qTZr)<)tu6>)cb;Oga z$&s&k`9bMJA|=n+vH_&}O)SMFWt9bEL7rT&KzGdw+Df&}2bv{eXZWziLSxSQW+0Hu zJZn%^hYbst3)3V;YSYIru)#u$!1j7WfJ8lrn|M3{Kc&LKgyLuop=XDMM{a~Med`x( ziuBw8`Sfvsx(>S`h`IzIP!(Z!f6w7G{wKMw`Qr2^U9%EA^=+^~VS4@6|8tkXM&U%G zQcjN?B1PO>eJC>~^87WE2Eo{kKpsLUV+J9^5U3LL!;)+aaGc0+h4B`q$Y235D&+{w zSEM2(%7@h5ErEh8&ME>Z0l6q`ghPk$dzxR;DkRm~PTY-zp`I!Zfj$ymh|o(|tFMj5 z*)8#AH{0-X)jq1VgDG^@SsbA2zJ^}QCaa)y67vld(;Yv>s5QHS7)@`2^T+S% zp&k>!1m$5I9^~hCP4*I7++)=l?#tKTCgK4ohw~K%05^XhGDkP6jT>rM#+K|2U4V=i zU>FUk+q^fx>a@WWlQ=-%^)6A5Dp5=#-GuA>+=xo)j*-#c8tSIzL2Vfl(sK<4DG$mp z)8L`6v2(-y1u_B8^seR!++1?EQ@YE!{vO*|)$man(5Y>k-w192?~$&;fsePh*9i_# z71>K^LIS5F8z4u-Ur3~Yy2Q$mnVK+Z(ikR~Dclo(qy3{p98xf1tRpzs6d3^E=AtXD zPp6j#5Fw8c+10X0*hF;9OXC1A0R)r4tOu*Bo})$Sy?`bqaI~vcu~~PkL0G&rs%OZ? zE`1G5PRI^s14n3uP^I-l2K$&zQ-5*Bpps@O9bRJE zgJv4HeWN`XT1x+(6sI@~cQYr#QJ`B`IdvyQ0{QR6EOpJErou!E{e-MRVKGJbjYlVraGqwXx8>b?0xQ~|@RzDeF z4#Wx@viu|+9HQp^E6z$H0vYEVe9NB;FUwEOkqzOW`E)ol+vI*|;iUylz8Fm~hQ9^~ z5E>o$a43UOAQY(@6|uRQFDZbOAEr{#VswQbSRrNHSmP@W`z6F28K$M|b(RFKa>>F+ z(~&Tdaf)R-5R`3tCN=?*8IfYN*rQLyXLg#mH7ZKD9d3B+`kvcVpChV4W}tG7Qkq zKGAN*B=nmQ6lJJboNlu`7z{n*m5ZsT)!7;}9Wu>UiVyM>mG(c~__K+Uaz!Vs*E}`+ zsokWgW2373oKrI%+|RCeN1b}4&_vmiU1Y$~75_AMhCzlmfR-a^*=;Dx \ No newline at end of file diff --git a/fonts/Novecentosanswide-Normal-webfont.ttf b/fonts/Novecentosanswide-Normal-webfont.ttf new file mode 100644 index 0000000000000000000000000000000000000000..8cfb62dd59e199f956469a9bf7576af6264c6e95 GIT binary patch literal 56884 zcmc$H2Vh*qwf4-tTUB?pP134tkydTht8K|%tILvQ$(CiwHnxll#vR*$vB7i#h6F-F zi%l>+BoNj>fDn>E;*dNb1VTt?0Ur4&A>@Szyu8Qzt=<1SbMID3#wH~HUhUpCcjnBQ z)91_;GR9kRHLs_$tDBo}hw(9-yLyHeExF{C!1FlY!&uEo z&yuC>zrDEK##rsMjHS0MT2fuNzT~d67@LP@*u>hcYjy+sCmYtP#4GQX<* z8e{W&alduLj?=dObjQ21aefJ7sasB4vug*gn;0AT2z$e6Th7_Ae$T!?;QW6W+j4B< z`Zeq1Eo(n!?1!J?e$z%=(2vV+G4_}r=S3U0?%wm^?UhEH4>2ZRwPpL-HM7b`su=t6 z>uCR1Ti5K_A-VXwjQ#Wuly_}gvvvLARiAX?{3v72rXAaN?G9gf%JYo9dWacX4vXglEM@-kE*A@Q%palO#q`@h ze>r{^E*ik^;6NvShX(rbyLiz;{Emo{Ba7(@i`2t6uiv?i8KN!AIJPn$lW;|5S&g!eG594@)fK0~d*jXOVbD18$3&Ve7S*$30AFB*s z$~v)M7`}>Kfc=H|UWD((_+EnVrTAWk?_qpz#rHORZ^!ozeDB2fE_^wlv9X`9mzk8G zLG9&S;~Zf1)DxDD@Bi0N_``6JrH5Y*zZw2JzQOQw;oto$0Sdnn-p`!j@1o^*!ncIK zg8kD>kKYdg(>viGhYz8|Az<*I^Rb3s3qQ=P;iKsN{|$c-ej)r(_(M=p+$TJV6FK}z z__Hq`3eXuo;TM$V&;nyA%5ki%@Fys7G)%ICg+BwlpM_sm%X}%j@EbJ#N>xfLbWE)( zpV(34O8ni}wJ&lM{z>F1K*7SlrL*vJk!$~&efUAp+dW~(Ur^kG;kU!@Oy6!I9>Ra0 zzSK!xmBpA(L)|eb;@cIaPqK*QG%en#9HEEO1yKjXW;R>!2i#H!rux1 zFnk-1Uch)f1AcoGSAviLZ(xL`!O+RJG+lXc{U?wxe+%CPu4myt0*dEUULY-^e6)b( zFDUmuoreERaAE&$_+!BLVfc4|?_kGp!qYq@kQT#$Sh7XGKmr?e|xcXoW>k73f5H4O68Qfx3@dKR zCyDk!v!s#K&lef-$g{Ku-A459OVGcUgnxv-I-~kG7~cKQ)W0gd6CiqgtqIgkS7!cv zDV7uPEn~#qj*J+Npa;Y!#%GWO;g`VwimrZJ;eTBF7)S48dxLZVD1$gim6b92n7IRV z2bK-#^h4kQ();R2$8-zn!tfvQy-Sq-5M^-`z7I5@${JN#E3mzWd(feRisWf&iK>bJ z0LMc1s60O%|HT*ovh7vS9zNj<@qH)!u-cb5!#~D3S$|}0v+zy$UW@Z!_?O{(!`I?0 zh)uPb6zEj`6MO+3ay0x5O1%KB{sNx+F}4rG_Y0l!2Gt$+$-wCChrZb#z6)gzVhe_E z6D!*`MK; z@cj^UHv!#qp=yz487z z83YBs4~Xaf9G(O&Coxh<)=&6eai8QL>^Siu$^tzmf8u2qN}PfFDdEd;^mp|3Gokrl z`Qw}@|K9LJ_$40MgmHQYRPaprI-K1Hd`0b3Y9V~1_!T^X-U!;j*gqGM>)_RwaZc8= zkj=Og?Lq8_>iE}x2ul&HMdZi73JQVW&%#$nC_=$kL@Fy+2`1tR{JsecK7(<(G6tXe z#4mB@Gf`6T4az2rPpo{>k(p{l>7&B_e=YnXjw2M5RP+Q+DR%J%KLoETe-sK4)*e+B z?+-_K>I*h9^)b@_Z^HfxDtsZJ0KXmoLlhg8|M8_yUMG6M5!XTfT?@W`4f5x1l9r^4 zg)Q?AxNZ|H-s@D!K=qp_k~JM?TN!)OKjQnedKKsD5v(fp2)qschlEF2q8K58 zi2l%idic)pV>mj>>L3^4mxF6x3*U_^4+)J)52>H(jOZ^fS!cP1697PY)U zT2@FGNLUXd1n(yKBkl^^s2GaUUvkNr&LhuFy^lLilGxBIpH15~(M_Ue zqDs^&Q|nW&oDeUBw^3=t_7p8AdQO@G=iq;$KKwq9@3qiAN5fCz_iDg-5nWe4O20^t zqLiY4qWFtR4zd+Ri6o6E{EH``&+bv42d|N|74=}R)I{|9OS($upwt(H4M_5e#!S=* z&iDkQ_ga*Ksk)Q=oE+VrWaTpzC;119`()%Q;&dm#g)=oc^*Ss9efWOm`oG%uh2;4V z6lB7O3}5lCZHgsX2Ol05SVa_e}X>9Gt5{*D-^_$bsowGJTzl@hO^ zJlSW$)}C7O>`k*in+UFxFc<4MGmlc$884mz@ToCB7_G^bfaU9y5+JO%x7iCZMEn@t-4VU zXiF8}RP1RZh$_|1ie6dKS}kz#k9>*&g_gYmF3A@CufS0TaMg-R^MJuTKxILjb*uqn zG#gN7;;25Z$#j$_7|8FXkFw{=iF!`g8qtn~aWgU}MxzW@tQc+OV`EKdrAchcUZb8V z*XddgdauXG=vV>zZ5I#v)aMm?(?!q9K?i2k$Up_LPqjF#Vr|h&xqv*jMS2juEehyg*(iII{fwQ-{vF!|Ofr?D29|zT#zmk7;1HJE!36le^b=TN!Vde=D;5>P z>$#74;3+-`i8u)>_1|#xCZsd0XUI*8o~7XGm!_9z=!J}Sa`FA=e25xUU+ZKVARVRX z$m2aF;u!@f8S(RuS6JLbN%Dd3175F%&lvGSNFz~v5w-+keaqQylmq7KDMiMK6Ju4+*FQBWRPD#eg&kq^n2h}}YCDL%r2 zLzHK_kK#E^d*`w66R1mgR?7W|KQHXhn14>#RV=S0ss!efuBi2hNCd{_&6tIy+&S6b zSd?IES8Bg+t;gv={U#>kk{Rp8g8c~8@ zMB^fD$M2KxfFc!N__3+nG^H%4XF5Bb>Zh2f*e6I*@G;4l7s9`Vtc}8?L~p{sQl2=m z--wSH*^9OmihLpbNF)+_Vs%X|H62A_W?F$gf!0XN{Ehmd`E2wh zybs@x5T$zt`iki1J`rO{k^%5};d|olXW(+OWX1e9VH0u^%^|*@(heAGN zCtUiR6Y@8xNci@t1;dA@Ui(L`D7Zs*Q-bgO6$dhNofzE+YVu#<#mi;RE8)t ztMZvTXE+m1riBBAr(Re6?xT^K)L8fzp9hFkl(e5t)(B}fEoNf9PO1i{pywO$`$Cjk z^@!aN{8sSV>o|^LEb^>qJL2J&g5m|=iE=_`qPCOb#7Mm-H>%O6j;j}9rQq|N^hZ$6 zH1_%-$jQV4R z`^A;FBi5PdNs7{+*we>5QZfNVf(Pt?L0B#X=0CC&i)<#i9>6!tb?+o|r^W3Q*P#514wADtb~TdP4DvT)<8J z@rwSKvG=0RB5WM-As>#*u^B|PMT_W19gZ8Yk>B0~+%{v=u@-DL_|&uE#m~X!M%<(o z-f|nZDuEpbeD6-tgKogL0Gov^#FohxW3#XkY!-Ojqkwc7Ha#1|mcqu_a`b8iwtTh{ zTN*t0Q-Hg5*et?_&w>xX8OK|&l?qSZB0PB~yMSGWUVH_cfn5u)-T<%uM*QBy4guPm zv1!<0b{C+!8=Hka0H5CipZ`(({*XP6)_;sGjr|l`8hZkpfjx=Mf~dgH@GOm7u^6*r zFlptxkr7WaoudW`zELTTlw5g=AJwyO<6K57L^G5>FV9%Ik1avo_{^nq#kfcE z@S9J#`GdT2_Y@8C%%U_MPjtvC&;;?$`yoS5`vMuL;NLfKGiHI54P`mWJzOd2mny z{bq_^ii4FRUfIGnvK?#>xZ-kl4fx@>`&H`x z5_KO`_irnEW3IX%Q}>6|{k!TuB=%BDK}x%Nv@+!}UKEwvYzp*0a(AOq-2 zD@lqVwK^eXByh3J&SAUQZd{jDew4wZr6|z~={f{yvkv^Yhh4<3LKzS0B%E+?uY_L< zxK`ngf6kH8lEUkr8R7c>0Z|HcK@H@4CmV!ZJ{7n<3zWp6-RSer#!x(7T;Sd5VENZU zVFX20fuGvh0QA)a+a%~oiCO(~FcIJX0&x4(_WxPEkF;z6FZiMH1JK+f&{`WY=EMtM zZo84zsMb8lwd6McIj!kI#pSSR=CWQ$iIr$unM?Y|$1=V@v=S__oiC#|krrq+C?>^d zM(rONn@Ft$VK!uJeBECh>PW3xjBSL2IV_@+hcr?X!D5G&j@5Uv&_!y}V9XV+A}i}e zA&NXrty-aJB6XY?6p^Q8;Fu_#w9N5ajyys2XF-E0&mFI|$P*Iq!fER)XV9xkqi~ifDi0-B=0gWgeg@no~}L^D)pDX?C1-14z!h!2$dt6(kAoaR)R<6DY7Nt_>Ps{wkW^@N^{ zJx`L5`lYlx8*-}sglmY^LV82#uL45=y1e(K>WS4wIye!YZs>)`*a>} zX+`em;=UDM@=B=$(VU!we;L=P9Pv=36h#Bb>x@`#)0e3ewqbG^YOgg~6KA)e9*Qfp zp?;bp&V>#AZR8z1fvrV>Jbd1VNoE>Ln=?f%D6&ov4!59xK|J@U#eD4*ya)CcaB9 zQ5{#J8h2;1pJl0>Ujtg!NC%`b)YGr*`6|}Ohj7lcdJK$xI8YOtJ*c&wc2&B+XHWlKIwSwFuRXE%onSrnakwLcIBz1XGKf% z@PCE>6#f}9GoJ`=3on?QoP7VSU%d6iTR(p5@wa~X*28ao|E)XUy6~;WH=j@;6xE-| z4~I9TbP9V3PtZ61gPXEOtJ52dDXD4c8JQ+?mc?qbJF;_foq72Mg)Xh*MMJ}jmy9eOT{bqpe8tLB zR;`{`!!Eh>D_4B|`a`!KzU_|N@4Wk-?|k=r_uc#b`;R>Mz(WuJ;ISY6=y7(&y7i~O zcGfN1H@|)6CU)74Y$rpAMSQmGWp_P#{#tRob>Hi!UU2bsPdxeJ?_Pf8rQbioe)==^ z?{849+u473m0fh;!YeQT>esHm>Kor=*M95ZP3-4Kci`3@@#vJFMWD}K)=M-1N+4Mb z>ImDVr^BD%d`|e&@TYXn+|oHg=640z(y^{_m#hC#mNDEP)Gb*)7Hn_^OUEZRxDG5G z3rfXnen`njYu9>Db-LX_HXdXh-p&Vr`i_bA${_a#T@xEBgOcC1&J}!OD5&u*f1s47 zbabulTD)S+?R7g3jJbkCLu2k>VBF~nw$M?___*tcQfSS(U@0!CXRcrk-LIjNPYjK@ z0K|bcu3*a0*aWV)=w1pPHPKPigmYqieB2r2731UHAR8K6KR#X=l>M$QS5Q;D1^{V0 zhQ@+gZ+lSZZ3p<{K|WC#)cC!C%eC%^_SAM4-BB73rgY$TS5Pi@<7$WNfa?HiK2oDC zJ}^8sG2~pccznz|j(dS6W4Pg@4ymnH2DSd6zN6v+5TQVe4yWFBFVO34UlWv0-4Nt! zQF%~XUK!N;T?Ali$J$3V>{Jv1h=GZ5Dl*Y205td?(5JGFuJ&?w6wyY1BH~k&T6hIO z=s<5LTwMpeYiJMzmY9<;8FV=TWCY5fT`~w*$|#cleLU zw9ob*(a=7}e?&|BT>lXr?VbK3dfMmtj~Hm5?>}OseSx0^(<{CJAcX*=02R0Z2<_bf zg!Uc)LVGU&p?whmp?xs`p}h})(7ptK(7qIa(7w#?Y87-|?nnPk6Rr-z1r6F7?1N=Q zR2BYUc}1`s?BWNd_JE|OKk3Uf)XzZw1 zf1t|iacOYn(Wq7zbk}KeGlPL6La7*R(jjXrUYZ!cMe; z`le|FfRH5AfV+WvEeJ_FrB>9q1`ihtAn*$nLLw~I7O13|aNt7gTAzvoZ!1vKA}$9F z;9i%j+uK8p(P+&QD5DOj7-b`4RjyVjJ%U)hh{|Fp*A?Te54WOfRT-$M#5LhnM+Puf z24|}fbVP<`g7j`O;vz#i$M1Dj5!SjPbz8@)j#O|f7_T*Y8KW7y+!nnoN=F_|C^Od| zY^;dfNvL$5KiE`p05n9zascc&rC|(9Rj>l>2L!r^03+BX;_`wks=y=)jPoHZAfTg^ z8tL!nlVZVF7Q8qS6Shp z9|xQc2K*0jab+P6#FarR(~et!4fJ%2P0I54wh0GIvAxg z0URu&GITITW$0j>%Fw}bD${|36;y@}R#F){IEBj4!73^<4+pEM3>{2R89G=)W$55k zf3P`<=CyPZoP*2j#8E4b)(d*VrB9<1QF@~|qSB{}BPzPdADk5}x|vQy z(JkVLif$E0RCJp^I6GQ&JDrH4JH!zcJwqH((VhMWjT$Lp8MRjg4eNt)(a;`JHI=ZJ zIeaIYBX`4JDVM$lPfX9MU~yEpKA_j+{k86hPWyW61G0oec0{JjTDtszUYCEY^#M-T z>&T zeDYl>cXD>VKQGS@xN7{D%DY?dT&WR zzWX(u+COSLwbJA7;)AY8h}bY`J3JaE@&MJ-7 z_|estiM+17!}(qL6V{35)z(#cUHP}-Y>jo|-R4`HAMD+XPw%rmoABv*_F0UxH+&a= zL^^R`2tAbT(^&r{ua?fOjqW^OsWO=yZkoIi6gP!)~>hGE%ZqvvfwC(UN6K*E%YST#XGbTeIx7 z@Vcf3;L~Ph;*wrD)miP_OE1HF?D3YzL!lyk`lNokZ~+|`7ZtsBe=vC0C5=wjOaOem zA zYvh01wRO|>KuyKG4Xd84=*_=i-~73}?e3ded%C;6KH0N+?f8OOeMZUHF{`Klo7N4Z z<&E9-wKa_w5dnf%*?z&RIjR)EI1-xzDB^ipWlv&FVoQ3aC0x#z$W8 zoynmuGMjj-oGyJ^8q_zT^6XV)Efh#t>C>F zLgbAE048uo&}}Ft*y?pOcJ+0TKstTNT)xGYlkadA)|R>LZrNe8Iz5HO3o^ZiGQhQt zh4@>%1J7p%Y&d6paZE^UUiQwhRKzUj!$V4AC!&TiB6rEVWubz1x2VN~X`y}9&IO=n5f+*y9> zK<}zWZKJdHNxWOYK{z}LI7->d9rD;xJ-mEjz zdeV0+UNteF`($0uoc@)|7FZhR%tZioPIaZfc7tVM&!YAg5T*oO!T4Jkn-pZw)C4Ml zA}t0-3rVPzx9T{+$GihyjXppL2qN-8L1&pwdaV;ib)&n{Qg5!ec}p6-vSSYCUmFa) z{n@U?iwEW3N-NL4wudhZ-P!TS3q$Wocp9|n2Y#MGdtTDLK#k0t5E-z_Aafzbpm|A0 zX-0t|G^om6(4E-|neHXzSR9dIO2Cg8K#SYv)@MjxkxZTbu}wQy4xf?PnbO}hXTgGb zHFMME)$_(MGs#f(tvsu6!;;a{N4m|m%^kC5cldI%cvasiR-af;SsfZ#-#52+#d5yXU&|ZH${QL(zp0xwtFE?DnS&&G@)F>uHL7B4mbIu&QW6z>Rt!;yU zlWH~&jc(a=%DhdTU*Z292+W%sm^%+tATc4&`6H0$W;UTnbecW`uLuyNF*0vs*8J3a z!j_+U8IM5Hr>7V*(v9X6v&E!^FjS3rn^leo{R0go^qUmX&lf}X=i3~i%Og4fc76C; z>|OyMMmgZN+l;bA^McY2f>N<+A$K?%D6^P|gko(ZX+ou`*|wa#Y*imd+xv#>u-bAx z1;zat9%x3YZUrlo3Zxw95Z!~A$*QcVogWOqUlEdKHB{`+ILCc@1xeKJp7gL-=TJ%MviJByEb67rlxQWsSRZ~3$<`o zG@z-iR5|g0wHH!J9)nbrv*n1+K5j7^iUp2a0u^DrEe<$?dAasNM@ESNvnHa2m_ z@W=-5757Hy0vXQXZ%KcZ&Saf@eIO+pxq|iFm?ELe8LEGp42*N0`x=I>u6ssRJ-*GEpIHB#CMQ z3a76L-p2`4Rr%$@78pFqeljh3I>PkSS^d<`Vu~wZ@0i~!`UXLk* z{8w)VhcXcUK)p?<0wEX4QH%&k;VeQ}&ehgCMCqs{iYNJhNSW>auGM3GBl&W3RZV?U zWmUaqVNQN=>8+Psdi%G|%Wo)kdH6S#75(!s|IWP!zIm%YH9a#mt*E5#XZPOx{I3tK*j9n@gv}@&g%zlWJgW*+ zV8&Z3X|%8av><*hBLg4}b{gmDyw6}Tm za2YQj=jF?`E=(y-O_g}Z!p9yXOOtCJ$sWti<+nWwwvv$#&!m2|n+a{?CJO{ML6RmC zyoV48f)QjX!Hy+E$(>*+xy_1HFIH4e1;;t*o(j(IZ9Db6ouU6cwrW><=&9RV`v*D> zKGwH%W#^;(964otX!+^V<7@io4W_p>H_V-UzI`6J0J6k~+1QsL8**7`pg27Zi~`34 z`cZKPAqi9s2}8Z8#Oo!KxL6rH6LF_QUnNI|wMn{cQR)3V4n6zqq1|_T7o~Y-Evw&m z)1kALUiPZ()E!Ur?q61NQ^mpOMcmC$rhd&#>Q>Se`hhe+ zfW+J2Cj4T(5^zfI3{3K6F%K3?vCL-0gC&kxILyxg z2Cf-U$Kv;RwuH3=8UdH8617~T<(n}uaK1L{xJHxKYtTy(SG9zdfMarOwj3jQT;^6j zmp3%Eam6+EDl!+UB#+yzHX1k!HnVgI`YRcYm3bG`o}XW7Gy)&PqyHiOZG_LUH&j>q z3XFy<^U~Tsy;VPI&N3JaeAU$r_RueY*iru7*ceM!0$!)k2xNybG7aF!^37972urGR z0H>Kmg`0chA>#Fr#I4-d&`2cJ652q(Eau4#}lhnR1^g(`w1gHf8&)Wc_m`*c|b<5D%q(0m0I-AAEJmS0ADd zhOQHxyM?d5{ui0&o}2lL>u-JfnNYjv;6)c7jPq@FL5kZMi2u0atMA^llS4rMM-IkHT(Nt4@PHApsYEjMnlKlPK*I#NM zEV!qpyxG>YG_6rGWEPeL%2uo!9kcCiYjT$5 z+ENVq3|Co~|J3zaZKi%*GM~rj_gGLcZ)G_2MWlhpvfOK(56T~;M-!cP;83CpUX!~W3_|C%+l^_LLXhT zWa8;l!KNF(dGn#`_>G~ByLRl@#cw3oum(yZnViZB0?tIi2iTztEfxhlH|#Zw-BI7v zY^mp$uL*sy;_4Bjls@=%^epuCmvc*h!FQv+EcEV2sLxCC3Kk*x*RbSC3~WXqR>%RG zJ`nOMBK)zO(q=^l z;~+SD{*u*;Q#^LbQI@`S_}_V}e@zZP>#IZ00Kx}9)9}}MX6PgLt{%>NE-T|pAS^@{ zyYx-Ko5LCdb=j!^6O=_vCKK3TvuVT@*0)>O_^2rozVTE>(ueM z0PvVualk`qu!7R#^^r0xHd_`n2B-!^!|NRdypY!`E%P%Lhdy3)v#C&T0DcNgw~Py; ztA=0ouDvQPH8r);{=Pz&$N`tup{+vZ50u$xx(l6STLQ?#C$14Bt%Tc&p!sv7p<9*$1^8e+ zYPg1H$S%|j`yD1I1%zSfg5M;V*b?DE;)zXL8ZmK;Zz)=qe!t+DX@R^_)D_@cr4`bX z$cDECvdC(J_9v4D^BNX0uOXK}>FW953vGX1@P4awUg)Dz?hpNrR;?}!KOtR(vd5V# z&=Q`nntW247YK;d;dcRm_`JbMd$8=XW+-&nskOcWc*}RI_;YYPqVss3tU0@2?bdL_W;njf+?&#yKNB z$xjng7qR$yQM{j)s71)clrs8@u3CP?ccOh zs<|l?x~}i^Uy+OwIDQTFPV1iu#2(*21Mk2~Tga~n{o<2PctEP@yRGL3qKMnHp`Fjudy^jh|7vX&!@a|=2slHjE>YG`Q=R09Q z;(fE3eJ2zIe@ERi3X2NQso3kbtDaMCn-;i0dzDB z6ta_6LE&K@oHRZZDIv)$rW|PsM2IXm+RGaZ{d#ba*AE^$Ce{4qFKS)vAnJ>MDs@XcU>=Rhrnic2#plS)d*B3!w*g z?VCHRdSof@kM*w%_1jr(pvndXE~et71Yaqm7ZU-ZuXqM8Q?TTiEjlO+w=7&HTb`uL z<8Yjspda-X{+nk`N5`f7>Sx!!@)w@J<%m>si^-MaFr~?w!kQP~4BfBNAI)h*d?(SF zUA1J4%Fd_|n^1h)y}NM2J$yw_B~3arIu2WF}iuc_G!^8-#v0au(P zMak9)^=_6tT)L<6yBL^()n{e7bkJn!Zu9POo_Aa5X+AqGt+?Eu8Nw{t?_90v={fTX zU!;*zVkv}2r_eF*-!MbH74#x&7}-ZLauJS^N-k4eqgDyN5sW;kY$)_Iz%V$(+ax~7 zf2h%l zK(LTKzGh)a(v*zvp8vfEe~b1#x^M4ed%5HMJ4wdfb>752l5u$V6xtwp|3~z12A>GS zCuUft`b0M26A4lG@W!2IoW5~zaC3WiSI1_lX4UZGl`nEz%eq-ai`0*+L_gA@Q{Z>0 zJ`rxZ@8Iy+M*m~2*Q=QTS9w_lAeh4!mm+I2X6^X80OcA;yb zyF{RutsrIHvkPlxL)7 zmyj12=l%5PhTG?K8dG!4CDz&$x4$v(^wkf!yK;86&hHs2D4OGSZeLy8-cfa>rFM2* zjVae+N=enGNP3fNR>{E7<(8Gz6;&mfI%BSDcJa{S^g^2I0?e?V`2PZ5i9V0u-f4Uu z{=Y{Df6iax?}c*sd(b=_|NZe(sSwYnvxv_lNGGC~(FVjA5(^?e57KDJ=W)T~Dctw& z-bH*a7~skM=byiy&kOzVzWZR+3%JPNS%7-Y$^H(i7oy8yi}*WmJyf$=CZA{d^1qFq znNwykQkW$x-?V!PTKJDSYppiD!CleiT-3x`K?ZMUO5S$#Ur_sF|11K0H4Iceq~f${Jbt=&RLZ z7HgJemH!n$JlV9thN#a9|BEmBSAZ03>zlc($R@0{ll*|)Nxo3-jJ^=4JQf8+2nVjn z6ko^!UnmZ4*}|V&=P1=1AgWf6zw)b7hV2#b2MmTv+ra3*y?#+aV@k@#3%Q$TZq1*S znv#;*mVbKaqtIKiF-sF;2A{|b$2Z9*iVPh95uP;kYf|&Paq#!!%dNf?WJ#rzTE-Xu z;XU4WMgE-3%*>3o{L4d+2-+ZjNJcw$lFjBcZ8Xjxd?C?F)E6o-H^uovP4RvZndWln z)8YoWHw9JP7b@Y|g*BL1?+LxmU*PYCUMy?D8Sh)bo4oZXBy?4{l5djpF}n_nJSSTZ zJx?JH*Z`6|0m9;Vp8$4{(u@yyJ#H6r9?@BAg~evgko5(ce2%Fho5$D28%nU=4beVu zyv?I~GsBXdq0?p}F>t~B^=I_tW#*l+e*OZfc^8rg9R`UTvpuuCJ6Cjd@7Q_PnfhLB zrn~2?ojZESSwUm1ct`#DvL0|y-V(vFn6ASWV#uNrc}oZ#dRsd>Wc@MmI)Bc}(3c+c z#Y+*ZY=;hB8~Q?V4^9)^@GVDRH&W zD+ziYvl`CiJMyS{2a~%-0B1}yrlqDR>03G)YMQ|%%To^B%MCWB3 zy#`1zG0_AQ8n`WDUd)9cLBmW&S}~#zG~rzW%U#LEQ-HHs9q>b7zvz)%!(R$5^5tsU znhX;o-*@yGXE$xu|MI8WQf|1tudh#ES>b31^yUvPz1iB_xGkkWQ0*K9TtHG8a*>YE1-el7ou z!5zycd+_2>8Z7z{m-E>fI4I-%ST3oI^*KA+!#5C4GYAG@C; z-%(7G+wba&-_^Wr&qYs;JGxNM>IdG&3jMy)0P6l-3C&z+(7oqo(S(%+k&KfBDj zZoI++GSy|~*SLoZT>~AhS6S9~R#=Q?eVQ$|+&MB~cUjVfCup8)Ey&6wrL8wn-}lP~ zeuKPT)TD9gOho044f^=xhj?$EfBmKxU%ctY z7hmM=(0?3x;PNXTe5%Q@s&(m>ZA)8MWi{$&H?%G6Z(A&#`CRDebIxYWa*|kjhWfC3+A@blqmY;WjhejBYV~YuLF6S@b767ZYxPtXlwmebW6r^ zh1C#P=$~#mXeR>+a8|1Wv|tm?KZ&en_&FAD2`x{cFls%Fy%Gz=*z)Gf=3d%TcxaKN z(PSBN_vRY1G`EHx{tNF4{b=xKsVSAVK)_a+5_+V$S?~e#BL{*bzL?GoKSk9H%C1DptA65%>c6CjUx`;gCO=mFmk*Sk;O&#oN!BEcuLlxxMPSU$H3r_3s+W+z ztw9E83JtW51{yE-Gw6&HAT*8EFm<4Je)>?6Cn)n_j zxKUF^`|YLaj-uB6T?>a-ywSB}N!QeY4*lpG{91lSYvYjR<|o_cLb9DB>-iyh0K+(A zjyC0z@k60Ma<8mMgjHf@X(9Vmt`u|uYX`Mpeny^9Cg`AAm1!D@4HylX=?04tsnBuR zc~-1UfB;cKP!Fw}H*Z~FXP(EC=k$1_h4W6GH}BLmkCQIsdePQ3XfRF6MVv2_tx{|Y zmx0o5p~oq^9SNsu4y;b6A7y%dx*n>fAif9!Q#u5uuq+``U_5{+n@mb=k0fpwDba$W zctTRw+hoM}mCShF|0g7;U&7Dny5*LxTW<|LOF?GNT>NF;EN_6GoE2z7LL9>84*W_8Xm2D`yKZj=m6RE4 zvUknv>9KcJN|Lksa{ltXeZG2^udpa%Q=qw{C957*x7 z`q6x9*!8j&)CjmZ-eZM3G2_ILS6Vl(y)n~QS(;zyEA{2&6nOyh>`GrfwVxQb2elANH<-i} zffwr?_`t>v>Em0G>PPX@-Tc2HgG7uE^gt%-R)pL*CuJ>qkr7FTD1yMD*qfFn70p6= z&*5f%=lJ5&H*Y?D@+z8MT7O$o`bB=e`y~pmt6pTJf`y;CIgF3JXJHLrcPv`%{n;n?g6!{#mMPNb2mJQVNs=qCVDAQzU zD~h)^ui!5?JUZWsxhri&(Z&#^pbCAko$rSon~MAs{Ewgj@h69dCGCbB4GKdE%K>31 zbC%UwZTEXmAsjy0gY)AW%e@(>%dl(sfWl9Vb(R2@W3+tFCs5)-oO_YH2AeYw2z2?rNXc zM%tpjuBN)GvdmxRw=3&lvS44Gu;?zPb%MtsxX%&o+=&rk;pr(56AUwp{YRAnN~TAO zYkw@Ii`YRSTOBYKSh7+ykfW*)b*l0hQ3M#C%1Re`9CAh^j2GYhjuMhb1REj+ z;6xgY#zJFZQJEK$3fUEmVhJ=2=CEa8-4J9fdHT2@!Z3|I9m~UVa`RT5eM-;bD?JPC zm#o`)cG3J!zZz}0TFDnbU!;rs`x?EbD-^ltfU-X-=AlV4b_V8ybXXU}gN&C>Yq45Z ztAqQfL-<996+*;9WFsL>U4 z&=@q60b4~`0I8F@5NDVQXPs3w zHn}|+D52XFJZ*zMcQ7}b2%JJOGc3Ua+tY+16a=h#odF60+CmBHA)*9g&rZ>aWbP z+H!Ji)||i1LS>6&d326ZU#q;6}-AK|V!Wjwc0lZhQ>Q?RF1K*!!UBKw( z^sF}3EY3C^z5e#;)(H57Y|f+z2H2UTABSMZ0!6&P0jW+R$%zuBv|8OLgdyo~4NPB+ zK(WOv#2@mBxurT}A4iM7xytu83V8-|i9!+|a>T z!{jH$8jiF}^3_b)h^ll&pCPSgUc#W$>C8GoP7Wbn#rpGv{{CCZ#?yUQ|25XI?5-MH zR(aMjEDKQD#h~A*nQ}%3Rm4m@x9EIR9rW^b0b~~1j zQ~S0eYmpE&N)%48rXp;_VLU26f`GAFa!Jl0A_osWy3|66(ZvavV}FbQ33`{p|BK%{ z1x<)|dBo8Kne~t?q?GQDnDIpOfg_l1#lvfx~B%JE{ zpsc^YYW^zWiEArF_dd@6qb9b-cB-_A+`MR8+78T9HJ7G%=eEnrCqdLn@6 zBFC7Zr*;N}OkXX2zc~yvCx~&vvgile6zg)*;2&d^IeaKRd}A4FTqvgr00~o9Oc#iG zaU@0{Tb!18L|5rhf+6LL(@Gt3jnvgT?d|G%og+t-6+67IFZ39#+IfQ}N-!RjZ+4|j zdc1-y4&V)^@MI`zFZCD^XN8-GFr@~8O9W%}+Rb=CodaV+k&yMC){7Zap~OulQ-!I5 zl2WqVUblxdAl?cAZ5^8#gEb9p7+q74kipMCGv_ttk2|Y!uy-ymC|i+`(J!xu)+X(J z><7n9?x*-Na{C31sTuKc6ss;fhT$8FGa%2u2uY$alR&r9bjkjF9OCPvq>O)}>&f|3 z(*CDwKSt#vtI>sGp)Ir$(f~b_G z4y9r$Q%JIDVUP-iNDEz`1cfTtCQGJZA_fQ17g9HDgei08ghA zFEg-dX(a~cTHPL^`DBus9@yL{E#1?oN%5zI2B&b4zt~Sl0OgmrF#$)_9D)& zz7z!!!VAu;JMX+&<&S&L#Yx?{=hdEjZkJU|6bG{n3n}Z*W-5BQ#tac zFeif@>bPBcWx>|x4{jRiZ(FeaH-|QjE|~n|AYaiwc+O#-v**@<(4F(8rzbYve(N)} zYpYLP|D9W(uA2y*wttBKs_0N?;?PCsE(*=^Kpcs64}#Y*mlP;dIbCAg5%Ux)z|_?* zpmAs@iw1(*CW4;C>)ND+5WE;{&aaKEh9Cxia>{~;sckCUecU!ND+PxdPGMp4;tReT ztbJ>wNn+`#O-B1k{A^>GLr}SycTHXD0gY$VVWmWlG7>ZfQ~LRVZ{z7D*YNB}vnmh2 zHl?$IJ`@})IuZXXJ>XY3K?^$tnJHQ=)RRspnAWDjS`do|o5ex8ktVaIae^Glc+V0l zQgML}M1e}um#0mI4s$EeUl)k+w^8P}9+7U$&ZbC;QVZ*2m;^~HUV;gtWkL@ zPhA{w8b)Mk@&XAVY#+qR)Z|4HiVk(aKS_nnKr0e3fr60Cgos>3R5<4Og_-1m?)JJw zpcfXJRZaLq${$TpeS7cTOE2BKcX;@`?|tt)scOqpr+))MO7}$~q6MgNw_;DlUyVM1Wu;0(^dDJhp~D0O zvu+flExNc`_QridGRZAE!J=%M`vyiznY0F+gEX4re*8 z99Mo`gg`B6dpwsCb0GSCnJ2*X9m83-e97k{svaq}4jo;k;Il zH@7v#=9&C^GX9mgQ=9aP8ZYy(9sNN!Fi;l3Tr^ZhF&RDv%|Wj_ApxRB{+yT)SI0+D zE6D-2Xi3aMBgW=&dITjGA^n6rjHL7v5~^}i7vGHJqmUJ4NFuFs6Y^6g!wFqf`zL2% zX2*;E^KC}1W{hR%Fp_Rza$^2uu__Z9b z0^%lPQ4wNprSUO0vSK5%%dwyv8M0zRgw}Qy?(83$+uEF$Q{B5``<2Oyyyh=WF$c>0 zrj|@!InT?yWoP_~FJU|I*My$=oOl~F?s4L66me1FPc%Gk+iM#au3ivXtR?H=sAfi% zY)x%5=A99IaZ;y+a1A!ui6T#mG^FgT}+ z%eBJI85xX_1rqxu767;YC9bX*O~k!OQK>62E_W3M{o8|)!4`Ev(zEx)I8TYoMVF~f z8<%^(w11#e5V?o!`qDGMl0?H zUS^D!bYRvU(%2da-6f?jQsi!d7!DL@61Nfa-XXuW1CEXHYLcY>G`V|U(Y z?2cA%QU(<*lqQ2!gzl78obB!EI?nscMh2y+N;~v;>XbfOl>|-jXzh_60sgHdC(=vn7NxB_UU_d8(41i^OMUe2V1m z$+w1A0w)1@{Dw$AXZS1VRUl@Bg1jjrx+qMVxbUKPN_;W0436Kgm^V35d*_CPb#c-w zWa5ymgOJ+s*2qz84Qu2Cuh5(I@|EiGQq1O^2P-J*0Eg1tO3zRjAWb;!@@s;VQzic{kkAxNhp&DAu z){@~srbP*4pc2}S()moqiQZ45{u8d6C_I(sj)}aLNM{mxPm8}_B-3?he zAh9orf;e(?@RJ<)76Du$puDy7&XqT$e~wD9s6>{5Q3 zviOoj+>=w+UrudLk#Ldt>a^`8##dwQ@qS3RGu6eOkZQ+ik7SxyHRRa;b~*lSZdi8q9cwX4K;X1rTvOyRnMc&-znRkW^#R8BF0bwNON?GlgW25=psf#ZwF;2^p7hoz@<b?5-4y8D?oQJoH9U z#3!S%S21vym@a}B>xo2MZOCDv71q&rgB%?E!yg6*2Zy@mw|5TlA09rqAM0PgR$fzG zfhwVED88Hq`AF{x^Rd+r`y6%`THp~4ZctnUZ7VhvBAsfH*vQ2f zfQ+PQG?IUXjGQuyPwILqww{hn8Tp)Br(jJCVEl~H>B%UhJi=r0{n8V_UOw9&NWpvb zH91%pOfNz7k^BcU&;p!QNb=Q42-{Hf9IICJY>cC?Vm(@8qzn>VBSp~d=wY-lc}LOb zV8!J-z2q9Fod3Je%G>ffYnk?PUE0=DmwTu!}{kgQ6t ze4VCqSZe)wofBiKbPk6n*Evd>5}gyyUa?4}q|WJNOXyr%#YK1DeQ{|HKTmnL%H*kg z);aU?oa^?;heC&BdeO@BYj$h-x3#-sG}% zn4eTk!AQP>b((1qZQP{HmgMP>gk*+1UnqUb%m`=uq)+%wB0mHF?}5{tq?ldiH;LIN zb>|qPC>wP$hp+{htkJOTOgupOG&)_Ll5YpQ)Gh?0)H& zu(~7vV?rzf5&vVt(xgnc(wsA8=4`dG;90ZV=!0jFbKByl!W71RH};7MK8C!O;$@&7fb?>5hm ztT}lC4=%KqhzCnzKd5a3+9sS7(nvvmV@R-nd(Z1UEWOPo`dKA6i7q3-U(2$5~G_Jf`J%V_8-^{PsfATHJqKeRP+)5j3 zWL=MllGv<2>#nZuuKsnU*Hc;P@d9?4%?kgQbS~BikUYv|jmnF0GwHuFVX-J;z2g0= z&OpKy7*mM1T41MG#0zX7h@uiH>0n=Zc6Pbr74iEg@tc}m#bu&gxs8#VThC0f~P;p{!1&HPCvz zbptzSLH_oDmsP9-^(MXR)j@WV@e+aU$1`?F zN5_zCk7w;htLn~#jDfN4g1bu2|H(?`10^sb=t;%BBd2`x#v#+*lhN*zB<)R^T&n{1{1x$8 zM`bMh$yisDl*wcGpQ9$3jFfDhlDV#JcvkW)^sBYAa;($PqEj-? zHCVE&zoPsX$;N*qWm@l}{U6W+^fzO-$qj^qv<|U`&plLpu491HE_1PT`4BhG#Ywlh zu4`~S9LLYV*3N)F(CfMb^(Cm!LjGHm`&{LAz6^B>LHAnFuwN?ip9ab9UrLH=horjh z#q*?FBp37kJZVOr1N`L%*DyRQSPT4_7{3YlRv;e?e1As%5RO}c|0Irg0RL3v$5H<@ zQa94q!LJXHKZt&5Xgde|qk+E>_-_FINx)wY{8s?~B;davu%41>$j1Z!DzSO*x)yNG zW9%jw54@@DgZ4VtFg#P9jkc|5yB&4lJC9Mn+QJn9^x29h{JcmRsC&XyiFg})MtK+N z@~ww;oV!T!?UX^D8-A1LeUkfiNi#Aa|D%$e!Tqdfqyou>6c4_|JN$<%e9;LsJ;Y-p z1IockltB^TRw0q!{Umoj>L~;8KRU@toVP!T^X(_0%O~;B(+c3X`A-@2O4KdZQ3lZo zGO&IJxX9h_fM)RA=*2L^T*G9o^%Cp>mUJpW zbtk!V-8Z>!aqn;+jmeDZj@dQ9HDJbojsY*nro=YHZjap;do1?cz+l{(xP5pFPx+wW zplySm^E7+z^E~P~8lMG@Ael+<|N@~iYl#MC-QqB&|8@hSuj-jun z#-ui+?n-@on0HuU*loiO50AmOdiVpwPp1Xa_NKiyqHe^-5ogmUr!Pwnr@x*4&yhtV z*NuEWV^l^_#!VUPGM>%&U{u+tx=}~3sLRaC+?e^w=#itFN5A6D^KSE=7_(^1mNAF2 z;9sr*++wOxm3CK_EavWli z=j`$zl;5z+p0suHfnAQ5=_9)Ba)K0$*lU*u%cCPs*ySYgrEj&%$&!%1&n_R7;pq;p z7o;HlHLZW$EvX~p*3WD2_BZ;2;dXDRJ{a=$v^Dv?^V&OC)(5Pr~X}$-hR$7501WNQbjAOrIem6I^aX=ygphtb}Qx|N_IAggiI2B;y7 zZZr5vhw|4iU8reC3n?PU!|30EnikX(DreJZ>PcCXp|25jenUwE^04&am#rMFv*p}W zCdAbWNC7iXooyjF&Ys?j^CcCelQeKdv!OJEULPLq;3$HGS(A^Gsll!DT z3@Dr@u}5IHfVOtiDxBnlRHWY`9)gDE6TA6 z^^`baQG2=#-Y!EEF{uC>OXNFoQ5X438WmOp+EsSM;Dt4j+Q`g9#^%T) zLTHmUW+Y|wQ9AC-U%5~2YKb;L8fh_8QOkL?fJXHos^vKh>yIC^yFxjyUO)yv{7psF*nsD z@=5KE`1;y7J!=8#9bGTPQK_kMXyBZw6U0Q16S}1St3A|%LiVJ`ZNM+7bu^k1r-bRh z9Js1^>a|EKJy!G#X~zu)g3d%?(O-sbZ_0VGm+GnV)xk*HqE;&%^nvucv?D@|co=8? z&bScTnt_3GQl0a|7RbFOe3f?Efk)vZVbjiBts%0WwxEtYX+>{xk~+2$CC77K)2p3QqTU2dZ{=+TC?*%k z)mdl>7~ex}B@fkC=zMjBY995GI>4FGR-M&R zeGnzDJtCU15-{lzlqPD2BW2ZjO1Co#5~Ue7@TrfKCT+9DtbfW;N1l`;R|m>_l?`8g z8ND)RqI54dnh}kKmZW}*)JCrrTs73IbG&LItt|vOQAg-O*y7O80lH|NVdQG9^ef8S zN@&h}>_feXP#HNaMtKo9U2CKh%?U!Jr7FEsQ0hBpN?Tilz{FWcB+St{!0u2Uy&h@A zq3ey~k;kLILq9blX!uABj?R1(M6Q^WHnC9~$J?{5#@s5PGae+af25YWOs#e_hrA(d zuIwDEb8uov`fpOe7{hNvtpV2k2x z&6|rlt{C)tS{vcq0@FsnNd4eiPP=g82rrH~qS0VfE#u6U4#sU1OjtD`H;Xk8Jwf~YQYHCJflIAx$dfb^)3ru{NLX_FO(ijN;# zYvgh>M(B*&Fggc5l#n%&BfYfA2)^q;1u3~1JfbDn8mj1Zc{J1ThPte??A=;nA`;4r zQQvG}*CgQ=U#7N7hT(3d7)A$SW`%NTThiVJsL9R{gLHTe7)C77&_Uav#b-~N9jh>X6!M-eW z9b`^zV@|C7!FA#>wW@sdBIPysa(Ctx*3?{_M+LY=9KCmW%#mxebIt+Bmom#Bijzp`v#@C=_wSlC(Xf#xlCSu!dW|9NC zLS|Oc9<9HT{mqi2sj*?m*3l69`&HmB_hXEQH5w(wYE2q#ko$~$`^H-ufpGSeG9{?~ zPFDk!KoQ1$yaeW<*QF#tYxr+*k<>U`EHZqc<N7g;bO_Bh>N9{#l@wc5En^}!^P511sCVok#RmEF^!QKm2q8k)<#;o z#$j9wxGK;y_l}SmNjZ?{&ABf1jj%Oxrq^ct7m4J!k7P8;h)d5j^o{m)E$@FH;ZV(p zuN_dGn1Z`r#(BCYBE>oA!7~kv__*%$odYS-{ip-eiLGmG&ZyU0aFI`pm>LW;jwGM- z+=>%l>I%eFt}iaGBGuq<^u8(wT;Sfq;SgiA5A()ZAuhEy;%cgA54pbT{)~}Jli>{K z7%)5U)wT?{UUI)iY|3Xn|EZCWLQ~o_C$5deUDS{WzatuSxm@QQ``f><{?a=!hvWV2VJ<%wSQa&V zYJZK91hr82mH)fghi3u9(9EgO(0r8op0{3&2%i?mXt34nwEWPJJVa64LG~WqgBG@3 zy8i-5ojVGRvT0A;S5k9yo{oK1VP`o9aWL(&3b?5ui_IwZr3Z4(X3=)JlOQafDbl!= zdak<xF8fL``KW2RS8s?pvCdTP+x zft=^7+82OHD zluh!qd=*!?Z<8%@mwZdUhpYT|%2Byh?zix_Gjfk?mY>QSR-9~?o${WXllSG@@&kE6 zelEM<0~&FEMw9#k{5~j$tlTR{0%boh+?LGHj_ zyA6BcmC(?jJOmkh!SJ7U9fs!g$Z708){de=JHAYYPq<&Saz`<^|x zW8pP<9j~|b;Kg|fc!?C>!JcF#TPgVS*;KsmU^wn2d0h6%k8quFuRI|?liTI{R+>B` zKek3#>2h~$OJH?JYvI7IU|T^!L8ayu1$J&9&nVL48O3%!g?SMM*tr>xW77}0>4&_; zZZEa-GCRM@&L`Ws1Fu4l3vIZCg`VcNmaa~JQ+=pan~JJ6FRhNL>gsG4xo*E4T(o45 zWo=oy+j=q%TG-gJM+VGzEX|T!79RKDpLw*D8f!|iGY;T(V*DWqY6s3Z07Wuow^Z)Q zwl*(Zvb%iql0ELG$~`_F9f;e23&7=@8*5Q1m3Z`J>Ej7;RzmK6>%ykpG574jQvfg! Lt2X1!TSfj2VF}Y^ literal 0 HcmV?d00001 diff --git a/fonts/Novecentosanswide-Normal-webfont.woff b/fonts/Novecentosanswide-Normal-webfont.woff new file mode 100644 index 0000000000000000000000000000000000000000..d5c42907915e60c1975b42031480512706bb0e49 GIT binary patch literal 24772 zcmY&;V{m3&u=Nw$b}}(0wl%TMiEZ1qZQHh;iEZ0%71c;`TyJh>Hl|$h$u+|06?WbEbf0Wf3Bqv75*dg!wvq}_&*>7 zLIi+{%E>DJa0dVYEH(f@uN1h-KO?HBEC>L=|G0n%0|0RBa{+>AvWj$!007dD4UqkT zt`T{$vw@YK?GKmu6Cd=0J^mfsP6KC0LI42ezdh-Hz>Ty97Hw>6V)esG0RUjp004|- zkL?ksiJrqxEat|K59I#>(Ztft_=o$+g@Y0Ru>3G`^;kAF(lZ1A6cB%Wn0~+tVrg(^ z`a}M3|K&pP0}=>zkR4MiN7oX_N0l+Im@-{!vYfWK|hTn2HrLSxZnr=OAWcS+S|3qZ%UXgkQ;AXI|23J^D7li4(wl^yVi0%#Br5pi1DocRW8~GwpIVN3a`}rtq0(e zaLs1s?;j7iOQ%K@Qy)RDuqXJn4%6$rrUJ@I<9Q=&l4tH5jhZ7DCr#6){J`-ONnZB; zET!Q9?nwjFtc{V+`Svfw>jKU%CKdSm^$&1wJ|cuEq#e{FTI+#OR$E*1Xe#(Su*?pD zPo6I}h!y-9NqYTjKg zE6AQKuZ8a$pNw$O2bYVM+5Vy1!oNAEi_YR4IN^`N0_&6O z>Fb)sUIX{0+(;pjOL%l+{7i(gqKWnJceaKdU!_&5;*-+aIenI5=zd+X)wx8tR|VgB zzTm$=Euy-C=N zCes%@;aB^Wkp%E#qFN-^V?xfh0{+}rt#wJh1xq28xv?FO%y<4pWZsoCQaVaq6a zxq;JYt+{@)Wg>&bj5++q|kws6*Z0F z7e_`@jd3-l`{}649%kq_&c5VMCmnCe((gLh&o6bn_u;+?J25Jv_g$vsZ=8BF6?!o8 zVLVm3QsviJU7*Y4Q4FM*Qs!^ioMqNK?gP|d^oKk7*>54J)s;H-t=!?6V8G3?H(oPm zs6`SF&R6@iv4O!u5x#zt(5XWerS^O0OAecK6#a{lyU~7izxZmPnlUVL=#7mP6Q<3> zj<}S_(;;dK)ncT=Hmo>JyWV{6M$Df0QIDRca7#VB2T$fK-;sMF6vV`i$?$I)#%iKl zvSi?bjjnsan-7YQZKM?^#INJTyJY!w)fb3b~NN}V+<#KltYTDdTPbL%E7WMG}=eXHBhNX3d*so=uln-K9 z0w=U%HoxOO;r7V4Kj%8^s}7}Fvk#BakIG(lV7C{ITbo!&1ZSg{!a5!YW#x%-1d{NW ziwaO@uINDz{>k97v=}+vLa#lu8y{5L6E=gvJ=tLLw~+`17FPhr)Jtd2m2_=G9^6)k9^-0y$3 zlk^zpZ2DPA%m{Nj@M;1Pr3&sv3xO(ti*dUa@LCc*A7Q)+tJI{kj}~Uq)dtH?FxDG? z;2Ll)f)Dgk@4R3QxkKPBJ2fb16?3)fJf(Cf=mIqCa(-nr6^*boG6!bhh+o+LNt0-A zDFw$MHA{Iq2=Ge=fduDO`5{CFO}*{7U5nA9`zW}c(QBKBrH9JzR7-Y3)=Z`Fb81v7 zU%B{98B4lJEWpDydEJcF$`wG5_+rJW*!<79ZZ=^;+u>CeMl%5tZ5^Y*W)YbgW?fDt zOF-Ss9!O-R-I@XQ*(|;5@ZK;cC}Os30(u9tJ3}aRNB1Um#A;9!Knv&hLZ+b5%P>_9 zzS3=z;}*E=clT^aE&?MvN5v^ z?fhIPAnhVOxjsNo2_5=rZ%Z0WS6qiHx);c4Obh*dkWY5f|_H}bsm z&6&>BmpyP3$0fIjk+{Cc;&0%DqcPI%Jx}YU`*@$=i^qzoPUJ?$%@(bKqhQP6td7y= zz96|_qym*G`BYaIjq(bpvj?eeL7!V#_Gi-j420rG5@ka#youD2G;FK|_n$p2P5m{F zJ;$@oN?%d|Iw3W9QZt1y4*9MmZA%OHpfCEITxpRacfX@Lgti~kImG89t(>d&3eMi6 zPJ84dO1&yo4Qs04Ry#e*{2+KTFF@q(MIyVT)L!i^j;{^e?0Fb6razRGKL$23PfnLS zHm(a@oqtW=YPyy<3*l|s++RT{oHfxcpAgkmMIq$TUNw4M;)h-98?8}`Tj+>CJ8f=W zK1e3Kz{dvEAbrY?r9ttSguLy6Mw~T0e8unRfN6GwdD9%O83%2HM#ZREph}I`Y?;W! z9)4MEdQIX=WlfWK*1;5Q*Nl^OO!hcSCH}^;pE!$f$F_6>XxQO@6%Q0253?OjOnDAJ zsU)w4eW@@3Y}OJoj}5~`M&qy8FQ-qlUIOnnUwEoq>I0fT%I8JI#c97c=HmvXBjj~3 zb}Ok4uz-gY=xCF>0yI{nu*#3@eKoszekZoiMZMXf+k=9^wMS=x-0+u_GvutLx$-+p zOXLnXwdx?0@^`iRq38bfgjJme?tEbKjd%h^pM&vzePHaBtpS*y{L&@b%=ONMI3egg zQ}oRMKg~Ju0k>5|loMwIvc?8(HN}(*sQ4$SoTSv|5QtwRH%GzD3=PN9KCY6e1c?VH zIQA>AP>DjFD)FU|wHm`69f~LEMLUoK14OG4bf?G&P;=3QI!oo7f)DOmRGlLb0|-C0 z@Leq}Tke16hF0T02L%1-iVe0U*iFx5dAdxt@94d-(#O57{e4tz7G?3+^!1pUW8 z>Q{qEoJzq3>Pww5ifd704d@3gNEF&m`64K}6ZW!|!ac8X zPjNP6Iv0YC=vxmuOx8sYoUL$`q(j2`mEc7|L)u2XM$2)S^wY5*C--{p5K3e@d?RX> zR*ZE$j;mo<7q8X(_xY@Bz&8PDl(PVQ(2bpWi}LJu=;T}SWJPx1jV49o6{`7SmzZbw zH^?#_e(3-71}f6BiUO!SHQSx~RiSWZV)L=Vh(Z7y!9*nmUXmzOQ!yb(qCse)VP<{+ znl{pYe-J|@EKC7S6m{}2nw?&xq$;ge+etrK4?ho+%?(`Rkcx)XyobqA);q)TCYOya zfc_R2!ZtFpxB>FO0cXNAAmaSx5yqMd1b%8$tRFYC3+a!&D?QF1W7lv-4pw$a4&Jol zOtBa_<2i#w#f1Gtbw4TNl0k_$K8EMgHpOaJ`?e48HH^Rut)G%fn60BeO59N2+!}fM z=uvT=nt&e5DCRcR9E`!sY|H1(Y|lf;fKkXzSL7FQ!jDkB2d`2W_M3Z%)wwo;ZDoM# zVjrb@2M3zb-!DeOC&}%vVBd;kYP6NfXxk;Dc1E>7*P-{hpUGOo`RnfG4Xv9?XHFMH zcWe`#j@)VL9Eij;^{4PDPf?F%J5l9BlLxYLUG zt@mzw=UvZ%+UwvEhF^aL zBc9VS**>+8$I<^HHUy})_P^irzJBy>H$fxHsNX_4jW29 zA#NUCPxk<6VYj~j*MA$&>1X!#PWARL459Y*_U^#tVeMmbV}ba3f~%;2W9pjl1NZ3> z(Za&Rc7{t#7JqwTVWwg*bSmiTrozS>FzT*>6ry6f0;Y+ebAS4E16^HRV_#h?a1n6C zR*(Y*|5qAV2;WBd0N~gm5W`!>1%^uFmHwL?hSWO$Q_OihFj_DqFiJ2EFj6oUFfTCb zAlD$4aEb5lfPcGSXPUjW$$B^jh)OI0{=WW!{;*0-q*^Td-!JKrGR_g@~L zpYP8@0R;%~+$-<8(*aos%{*$)x~Bod5XH|3{Mus7x`qb67J7!j$WkZJzJE>hj0}!< z4)%_A5BD(;QIXM+&`?rh6XTQPk`h$qloV9tl@*s~7Uq^_7w6gNnHgCbSeROB8|$0v zni^be9qpa%oE)BS9`2rQAMX($VWHun;9z1xBg3P^q9SC)3{B0ft~1%KruxAml4<_7 zdme@>S1ebnw|MU#NozJ+Z8kYP;|KRAE=;Z)-QPD5BpEX_{?nz<*A)wCr7a29TaA7* zq~~gRlTi@5UjTui(`mE2KWn;#eMey6?sOrbQ1t#p7gAI;a1pi9@tHoLgiSF1mpx|t zA_gQ^4jc+3u^yc8Gh6xZ9QZ-L_)q$F`Wi$0{KkC803?H*Cq0<+W#2h|p6A~>Up_#$ zSg2`KK*uX^j;?D}DrPS8BB*$7V-m^nLFi5N`g_c3#3;>(y@7mbz1mPjvQ7POAQs>knm)V_t$aFeSN; zV$jfQL|(T;{lltmjY^69?}jj(d)y+-0lEkj94)|D?9btR?46#su*!wJ0QCy#y1LzV zO6Po6<}k43GNq1lE}S8iVrJ%V49Qa!OtwoyE@Urf;@#fMP%SnZ zAvG!;qRw$yiWVO+6_^mkx{KM`WXm1b8FzKW_juXdM|OP)Ehg~jlc}3l$TRO%EKqkP z0)!8>XVi%xD4@^G)hu+1E_;o1|Ku4(EpgrZx5j zEP{z;p%E1sC1>vR8FgCK5@&^bQ-uHu(kv+a`(wa(jH$osx|+1^;Vf!&8Y@v;C_l{e zoFU=_b24*St{Za|o6A7uO!XfaX1m;MkB9874QMu(c8PUA@8Of_Gbt%B4?R|vpaW7~ z={Bug3Qaz)0X~!$A`ASq(Uf$(;l6+t@9=}WCL__^2Hxh5_YbJEY!)PLv)(W8#t}s) z31B87W7K@KShaJtWFvc)f*n8&>#GQZSw^ofz>!CjNJ-h z_D5V@+HPt5+)Dj4TL3H*D!DK?!B+ueFiAmE|EOWXjVTQ&J9fehX1`xtFV)(I?!gs3WmJc zP>ak^*oFKUrr)-)OJG+w3}w#{L+lJHh6jV3a-i{IsTrs=@nNv}jZtRRI+@`GKV7~) zTjeMfK2LLNNus4B-+>TmB|e^)N=F!HnY~AvyjHi1J38p+!r;eM_o+T#l1o!OTJ#!t zu{BG%VKqy{a0UFrzk)N5kyUd0CFV^>S?-7KVl=j)AuXEPCoA|l1tN@vM}eTnf{CFb zxid6o@#j_uOmxhdYq{{K?~1n-&unVtpjkVTZJC9J*<;;@PlOd8(MRB!dxIT&INE8a z3=~a+JJ5Z2W)d%19vbR)bu>L(dE(7 z(&3`I_RB27d2!vmDZa8kd69G?Io4>5HNF>&ZFQLSU%fQ>0zWijEl@^stelV_0|pW*Kcs3b z7g7kQ(mkk1la&q{b2lF=ciy4T>XUMGuh0XiXwK2;ybfC97mAh6(8Fsgk8aHHMIK>tUizm&IDAhzTfPwXqI6B}NNr4}{Qz#}w z_O=|fCi|?utgH}>s4IH87dJEOxJY6azn;rKZnzjc<$kxW8oZ~cPc~cIHN+KN<5QVe z2W>_<#wYxDBrQ--0+9dd4tL3}t}AoyEMXxMvwyNlfca^zAO&{7^+3Aym#Qb5Y_=Cf zH{#EH+WUgcX*42SUZ;NDkdQNDaS}?5d{V6u^cJ@dbk~e{>HPO6wp3^u?2Bi&zK&ho z_BkbuZ3juoNo|D=E7x@mO;B5)oWB>j{sk9VtxX>C0LaHjB>VaKE#Cd}i%C{P7}jxP z&4>@~7v~7ayUd>J-q;u3&EmKHw)4xG$E#7G{K-MU3(kT2LLlx1F- zwsx(ga;}=!>iuVn%@sp$Ms?Vdex?lPu$e$GPyCXOujZR4<`blQtB*!OL@navnB1iQ zYOlE~j}7hsWId4dn6lcm6D6}L^yC_Rg!^$sN!aS^G#&pI!;xkA;WzAV&ujz$Sghzzi5wp;V7x;p&8 zG5{-IR!f8+C3wJw=jml1fwoiT>|mQ!XUTqS=&mD%?{;wLruLAr-KzJXIDsI}yB_vc z9@U9#J@c2C|13W%P0~vLnGMDND0Br{dyShqb2@q{Zhpy19ER zdz$9qpJgVtCDsheXLxdV-ZWQ>l+vJw!K2eHbt%BVI)6Y)6-F7AFtv=5yZCIZ>`Yua zp`5g<_|*`MH{$*m-W=~3v6gn&rbdP)sQcYybJBpbG$X*>weMG(oyev zWL3NFNtP?qgx~2iD^`bKbUj+WZ8@+{@yol=ZUvoCTRq6r`yIZtFn8oU=ndjEAiciY zgQJn{dcwIg0e-9(==p-oNYbqWlE~J$xYbzL<#@chd^7gF0*&h+T+X1)qI+=@bTNaJ zcrCe<`u*3y`Xcc}ps|Hm`wV#K4yM><%&x$CaQI5Sf)gH8l0vzOd9JX*F-Y@x0WQ5h zuYM5jS3NmZ6<-HM(zl)>ji-Ca6f=nT{DAC?FxAxxde5rfe zNK4q%v^Y)SPRI2!rNxGA_R(y;1QhfM8IpmZI-=x!AqPQTtX`=+<*xJ`T7bX!LYD@z zpQui3@>8S~I>Fo&82IipL8lM9!5W7{k#alW&)K)sPgVT1J4W_Fw4QM=^WRUktY2=; zC1gVNDG+adY05mX2i{iP@u0X8rv_TPvI!KC^Y!g|4T%$o@g}&iu`o$NK;QTZ zp;}?bx`+l$6vK&F?jnz=Blql=ygz?C@@)}+V?&J9uOGNr_uzSmY`q=Qt*%Y%grHye zqa~3OlM%y4yzfw|VWtJh|NhMMC%ZAGu5Tv|uVwHsP{h^U_OD`34_(axpU<1;cuiiL zM%aVFgF~hM+qrOZUs1biCNXD3*akLCbctiEd}KU0!{JAMPhW_-3^e1+*%!U60)y8sfDN z1m$Ke6XE9xJ8TQSq$?jp0SUgQ*8(3N z39)KBYw~`h@#=@x)2`*6LKq}l%SYGeNo4M!XTg2|HadeC-bR?E>sA&uC)EqD{-(GB zV{hUDTpV(86neFA=I|84AO|Z3)F;UM$8u9SVg1<}lV^L)3e#MJm3>8hS??@z_eI=r zzjvWUPxLmqfvh>|dF>p9T0=usm>XV;$+ns47gaM6tYbH@<63V9P}z{~W-7NCdm)GD zYE+~`;H3il=zS2sreb=ds{wg*TyU{)!5-Ykcv20w#c>eRJVx|J?a@Cf>fiA98S)hBzzv8%x(H8@_|k?916!bL7sYEd z&O0)=i~gygH$4+Q1fO&Ts)%9~_Q(VyJ_&FyOjFPWVLL#G0#pTj;8?%;^^_v8~#j4B7` zEZQduF;Dap)dzniBY4mxWs#BqR`^>I5>4_;$nUMh5F^exVjp5 zabn0!&pomY;BF~U2b;}WK($Sc<0mWg$hbYi=o$8WC8Yx@WW#wtZ`iV~jbO#^m2=u7 zB~JnVJjbCtVWXUh83DY1#%p%78iDlI@VSw@r_QSKf4Zj>9*ePY%RU))u8Eh&4jkr3 zh07U7b4!*=EmEPqK`VKrW?wsGu2Z`C|0xnmCR7vQ+;CTt2^S+;LA*@BeZ(ub>r~n! z%|;!&eDS!ma`kx4z_WqpmcTc9cZF#uu>4>^_W?~9I`ftSK}NKWyn+_v5-p7~F@^}x zPTI*xO|=TL>Fhohj`9B;qIY$8wxJRI#(6u(E`>L8-PgGt@G3c40OIKUXM~vi8yxxW z7v{SD!)oD{8M7`N3l20_gd3y^GohjbCDUHvTCX%Pl|7hNcteR-2B;0!K7X&xEZkS- z^gfj{1_+CSnJ}Q5d@tg60wGkQECUrtPmgK4kE7{A-JH{7@jYF;Zgcu<10M<64{hiF6s6Eixa7IEf@JuG=5)LHIDzF6>zs8E?Z?+J2 ze#3w8zFfBKFC2!w?v^vte&i*@WOy%wmOKr>NB=N!T)872L<+odPalWH4Hs}i^c*Vb z317qlqnTaG;~HOdu*%=Q>8!@$WZBX8^cw9*W`Kf*KxBX*w5gL@=p+Ym&Zs8_h!{}o zL;P7`qI87NaTU~#qQ%V*fMbO~hEVx~m2l5?46L878o&AsKFIYi%g@r%a50}9!qVH- z6rH4{8tP|sG@L)mE3P~4V|(f<3unxSS>iH0u05YbMX$cTY<1MvO9Bp$xjT(k!Qia4 zJ2=rMEMpR& zD!!(!HvrdIY-h0?b=DH&sumpUB?q{>3sOmts5Z%AjJ4(LpggYn)>c5H^$;ufg z$@~@zq7?{76rop=;HafJB%c;QK5XCHLY~HbI2gKWB)xaLoAY+jM6E+@3P?rjQ&w^6LzCAFE|znTyGNNcn&)Z*uDm%T__d`x(l`B>a?NprYN`v7zNH zsgzSq3OXHNShT{cqz}@Sjbbi2-tHzupM4k_$5AcSaWZ=LPl7C}UxOU4vN7zg5uCFR z?UNQ?qP5(HW*O3{{dwGwpM)W{ARY%6%cRVFAYBom10_!i^Xso9GJV4=YqydJcyHFI zM|knOzIVJ3w4B-8p4tqaxw$-vm%LT_#5kQnhgtL2NdA4xfu*VxU<|URw4H%`p$j<)N8KSvv z)2J0ZVK(Gl5PA3}j)vGtc^jej2t0N2(ewZe3SDntb_6Kj+~z1aLvx{YAxQw0umDIT zNGexCr|3N%^u~EuMLlG4X{%GvwBhKS!SzGmm z^C`$2w=n;E$m9B*C^QbW>XD#rZ@i$woE5I*wJYV8D;+kVyKW_o6T8^^_X!qS5jQWy zMIt4099DzkRAlrX^{{QuhxA?L2U#?&W6AIz7n8$ZQlFqDB9cR?h?py?(F#SXh6q_7 z)V$!!sb<`CrbNH`y>N+1(ZIxML|BNK7AY`H8G?FE{dWuT2)Jx_tEw-c84Bfr%2@UzXx6tQf_mW_X@;omxU zAonRmsdI!+hv2musdYV-*jk~okni)Sm^->w?%u)+8~nBoL043sg(5*K7m-KBRHP6O za>uq?UAKj>wlp7+FvV4%$0!^M(Uu8glnL~4wnwW>IeA>{o;ag>R6T#JB`84g`Q?K@ zGNBdK)D-utYf4W?@w=nN0L3{(MhCU5%F1zUJ0vQrS7+)bbp!C=p7tl#8#A8_1z5e) zAP&+kt_AT#Nthz#7cK~i^+4P(J6f5s8w{y2>^4--uo%qrI!w5P1m2zXN=b^_)-Ej- z{OaxRM96;n9Z+3gAdZH*nY3X+D1^{F+gN?Qgx^-INjn4Jb)pAN1)_g_K1XMTo^e|b zR_YL9yl`B)Ugqld>2|YJ@j1d-L}RGBb)hlfM*C)9JXO_>EXPk$7fgX+rCS64xKnO4 zg$Ns)1Khsvcbt}|bvQWPAJ?2@wWPB*8@$e6@3wDGbgzF?`rIQoqr(x9bLsh1G03E=lVYz$DrjMRY(+Z#;RO z_XR9nZ##bsr5w;U_fl7L$EzD;u4=G_lb+L@wnF)@pQ1_tDYl_1ZpIIYC^7V)Q-wngU^#iKSNw>y4P3~9M5M$C$<%k!UjF4!fAU-tvwr0&B}ao z8-$?I*rmz-$~rFXnbv!L7Ke$S@_Qt-Y!G8P`WF>;mYi+;iw<85|4Qk{mto`^%b>|6 z^UVO5V?p;O7Y(4^d|#lplYcWl0foi!z_i5jOo})Uygf7FgU0_^DCw1Ite-)6(nS4} zo{@i}ikv60?vi2pQ!q%TmS-*BJeS)WnlV=zQ-ezzqhHa{5SdBcfjh6HHdgZ~@v~A4wM7|TH=4&o< zc1GcY^p)XNC5a#fh{ste9o9aSBECEIcl<#uQyEZRAA<`L?J$FpvFBIn$L@o6v%Ubt zyP{!-NjQhL)61}n77JOytlFi!Y}^ENss+lVa%6e@A@VeGloxAiMM@Db8di}gczNz$ z!=6}~vXO=GR)H1`yGW6x)S@{4Ix5@H;nj?T3GPGsj^GvvUYKsfT`hgKNwEA$~ z3Qv$S;*JBOAr>Xj;ErRLDrhpBI0P?Hpe`XQlIO7*t@zy24Q94<%*XjdWqUjF2>LI_i zpdw+vxLR|WiD08?Z?Yog8`E-Mk2lJOTwxtqjp+i?#$+L6SHRogEGtQ}iO7;ZjFvo-DG^`*X{dDk)@PonAn%`eG;3fwc)uk7fWgT}@D|c7J>$apN z*H-6gBu)lZOj^=^T4nHKl$A%4Fn5U=hwRgOO(HnxWE@KNnUi%8Oh(MwR04<0lJjn& z&S^bP@+8S^py8eIQqyvBuGU^^9Zb*sBoTPndC$0gyq_{(qZ@x;syy>d(A6Cbo8~!2 z8Y>Dhw@)QaYk%LQ@ICgA1|8#Zc6!m3bqFQf;H^9ja4a78+w`?c4x1!1jhN(e(eQT2 ze0}MBhbI(T?`(C~AQXD3elSLM8G0J4|KcqO5bzAvN!EGaycW4Bdf6-i-wFU)@Y)7_ z#}~vXuT!tX&ft*6;A;C`Tp7#4;hJrvh{%)>0!qQ=XhOo~G+VrYhRd{-*+C`FaA#0= z8rr4vI-O(5fqLvm*sQa^P9D+GamAbI>t4HdU`bW^d#5^ zS~0biE6rj4*I;0kbTb)8%mb_!i{|_4Nqk35Ow7(|zXw|OK0u&gH;05tjYh66gGL@D zXC(PE9obb+euvmV1=KatJj)uuNwbl}*nR~q>ljf{IB8B}m$uu)>4_syJdDXUE7T{SNYgJt!UeyBflx|+?rr+> z(D{qnS@5CPJY7UO`J%K85{*Oh(z;_aPgpt(v6TQZ5mk?rL_X3IgsI*cdGH|bCB=_n zfC+uB-st8S4<<&~zIfvBB*g?~Y z$9SWB7@0sos|VImeR7z<JyUUr(m^$6gs z^9C4dg+TZ>r5KqZtB3oA#)YHBNLHW8NEWXqHJE!6h-Rxv&D5`2R9gbIM?e1tf zfTL!8mgKdz zz0hl9lFM1`Y865FEqiA0CW z!Uo||3+uuvcm6-!132N@q(!)98pqq@vr zKdPtqfyWE^i*_4g4_EFWH$j|!ut{0!NPM*09R1PgAh!VN5v5;fiR)JuNQEr~MXy5$ zUDpHsRbtQUDDefM%3}?Lo|cDqX96dllVq7IgdoCV)sg9BgY{+(IV}av@+qY*`$zMq zNgu3_M)NEsR6D!}SIhOVf;2K>43cJV}&o_*wg#39T8PzT*R61s>IDpua zYS*pEqB|m(nFFu`H0!KdX}BKBpkTJ*uwZg0DtzFt2z{csi7;_?q@MOMZL$+UxpDE< z$L?xDwL~a{W4pPT>z-&&XFi2By=50JM6J`*wmvgv zQWTW3%7|m>n0;ctEREwx%m-l`3Y3yz?&L}xc z4T%@VLxS=iiYhbhfhxIGiYuYtpcxP*w9H+GLCh`YOT^m4yAOEWpC|BRXK2L6g7 z2tXkQBfe~9z_yWK?z<*?(R{~=P}7~gTLPYCZ1uc<_2R9#{`fZmA+E2}O1iUzR7nTf z9QagyeY)B3+z%7zy@h?!VSAm;%ksVEd`Ia>NnTn9S!5u!2_CqpCLD-ZYBdBc!+x7; zFU?U|gs_C1k5vKOf_?#8N$O<|_s&s`o@Z~ka@B${pCvVj!zGq40^%qtcnh9F(6JG( zGSlDQc;hm^ocTuv&&GjkmC;rwtjf1qXhU^TS$|g-%`bVT`*G9j__}LHFfS&>e}Ya< z#cy`#1P{6YJT~f$7Ti|rWJ!On03tPy8HgjWy_sEkpf_(9z`h5YhdPpjJ|h>xu*9!r zY@pfrFem1a)Rf=yU`yh+Tvdy%y5zX1O63gfmC)(yh~Y+#YT0?QlYG^^neBa?{=}l$T)BR6p;fiszUX>Cg~x{7VvQyO zo>|vi6=Pk{ELAlCS%5Z1G6)bx85GNnF8B3tJ8RaLi=s*S3qdgqj5SmRTY%{Lpw}@W zlUI-07>(~L+UF2cN*0Yw&asIY;#-8q&vGk!po|n#+$GM&^;PP@zrEHd^wQUJZ=~k3 z-P`Lcr+sQI_4F>fv~egk=zt~Q>gP^YkvmnY&oY21@cGwF^^R7_A#I5!U8 zL#MV!{g|SX)UZ+Ai%vGPhN^)B1yk}E=XeVxz(Zvn8GGCPG{}G0yA#~-zN@OJsbl1G zeW0YX-9g;p996m16k+=IW=saY)AaP@H{Q23w%WZl-Yu+n-L5@ybQFE5;J8}$=J0nR z+Y+n>o){#19%zET34%#?oZr~2vkcV~WP36lsAlAHynKxH_Dcfx15wRVtbk^`#&lAe z$%EN|rNzAF`=~=C+H=k4Yc#v50SRyRkMYQ@mS*K=+wq!#)wV~aY{|Jt*mg>_FWm?4Q;sWagGNeNf)6S6XhbQ{qvGJD1q@i12#6_mgPTN9C)0Z*B{Dp! zXn$qwdeNHd$g`8b1Uy0-M)itBG;3#@ z2#y?IoUNHEgnq8XbOp_v5Sj{U#)nN;C^?hDrIYUfD|SWro?LskBAw47p537-^KO4i zFz_jQ)Eu!n+%VJ$F={ajpy9|N{DH>GfO-lM0>P2+{Q~dBsBhNPcXESKmhlTvqZa@rN+INf=?0pK1mY!INHnq*!3&Q5n=s6G`$*&3a@~)n>%0Yr zAN6tHt62W~d;lYTb=u6rA7@{;Bwr@kD7h!W*8rYJiY95`WMXur_99iemrCaeG z0_0uX_L6CXsmaGx=XJ>OJz<%|!u|yZG*Bxi6IM40{uv9be?FYwdWs*bswi^lSC>ph z4w%6FP5V%!GiRS_XmW6-fJyA5eJdj@TbBQ>mNPDCYk@gtQ|Nk+wt;iVI{b4buJ-qN zcEi+}`lRWrX3jv)&~eL~V@)nRqcOc4*y!DIYyMV>mjr^B~D(aF&XcRHTN#NAv{EHS-#3l3I zPU9{5q`=rA3CVTEFaaLvgQ7T2GP|91s-#=j6PHTgtN3h>t5XhdEpPQQMY=w|5h!bz zmC$6vgjxRiBkLD|H?7oUc163~Xo5j$LvCfIpUYZO_fkmFL}B+|+Hn<`qtNKUOCDIs z5?7MGiHYau&`(ZJk8SSdP`68eBYd_v2*Q$t!v~Tt#|FcVMPWOwtK;VOhidj!a!VqY zU?3#!&dd60j$NbX$^uwtR7*?reyI;F?43rG%`=<(5LD}|rsJaRk*LV4sN;a)$SbNS zt57Yh)197GlRn#d3aJa3sBU1F(cWW-j{oZJw?!1Qu8JN+KfVl0Z)vF`_Lu9Ay1iLK zI~drf9jaN6`OY4{Eu%fhMWBV+N|FFlQ^>Q!#1wb1;fAZdge6MRlSVA)_+Yg{u-S}oi+&4WDo)q+Dt)WI@295oBi-k99&GkS%- zn8{-GWjbk&6S|wuR|7&Zul6!N*EZ<>aX(y=!o`A3t%J2i#g|?W(Q&JHV-U52gIfO= zWd}l52r~N!Yq==FV#9ZH*D*Lisf3nM`e zs$A3~p`%ZH{{egBxDR|r4Q|OG${YTasCv(t5XG_}Y-ZeB7#26JPJJ@7FVtx?H)FTz zf?Y!{KG_c-==a8NC2gc$SlBvxeP4|I5DC7vJutWI?EHa-+%|+GOGJ*8pk~8Q+#0O3 zxKXFFv4BYI_kHqmyKIkjZ+PE=ueG|k2uosmQ$*;RIcqsj*+qHhx5CDxY&dav0K?TZr_u_z)ij5PQ!p^~6DawrpE{Ppa)X_n=-&AssCV?38 zpK+u{f3#>HQyM)MB$t+58!o(RS4DR<87|Eo2g%Dw;iMEoJ^F9-rR$**kuGkc59-P- z7oU7Vp#D!hFRv>!7EG@6ngMB!y|9s!GmQ3xd!xspSy)bRfkkYjhTXrz-^V}%6>`8I z+bIdvxQWaFi6sN#D`ntx8DT$^4R1s6EY<>!!cibaEn>osP4nGIvdU%bN2W^2A@FX% zb>NJ21&f8iqN-;+k|p8|<)5I&byA*jCB}^nt-o6v+Z*fii>orvznA1xH5Il0D*ruH z$Xy5eTI_+{ENYa!VFq>qHy!!A1IgLe2)Z}l_cae4aCaDY)Wk<(oXkZb!X)k$cS3Ip z5LHHeEcQn-;fq<6!LWud1Ka<@4M$iP>?CS5o~2;pOQ=w@jBy?@a7cvH1QU9Me8P~b zS+9G1eGHcEB-2LjHC&gI@E;U&9c%bg^IY1dHPs#71W;Gh?h>ZCCe09}!p2i3>Bp$7Y zWLeQ>-Zqjy1j;(DdjAgkuZ9j6&Dx#o(rWK`kjSolb-@C=X+6EQ+ zlXyG$t}~nkcHrTWC=4XsDrRJ>A2c%odzxTbKQ~DI(Y6f0rfoF3n|) zG@`kMk-Bzm)v`&o;O=qE8XtTnQ7pd4Lr3YEML;14+DZ)=y)`(B=R0kMPM@Qy!@~9a zzW@p#_1_n6&nG=a_ua^VT&M_8drfjI!vSL|Z3L{)a%k4H6#d1;CV<)Evf{GRFty6G zZ{A@ux=b!$g8>`Nj17^LdlJnwIW5JFx$2gd>YC=}8p-RGTprKSB}MFajpMOcMP=-U zLZ?(%C^-ukh8J;#)uM1;WVLM~MGKl6(DPcFO+r}E<7rwnq?RHXSSC*@55o%HV44 zk#9k2{rEVm;V(yG7zWVICl&SoY~%}epsPEX@hbcMN3+rpsLYVBGk zPHqOTtp7Y`y+4X>-4?m|k69}Y)J(3ezVO7h)ZCmp_h!&p2{5!h*{UFnhJvLQ2|BGX zo$6VI>2*5&1OSiTtOqC36>tUU^itRvW>DkEboaP253{%8g9ybA&%H`24kGjnX*v~H zQUG(}S82`wi6{RFKObPcVfXULk_pNVwafxIA!r1Vm08egGSMEhcbqpobJl2z*9){y za5;?if3n6Rryh%@7hx>mC_T%#2^e|LXo`JoEZX|}KI5I9=6N%`%W4|{PU*FJw{i;u zg-bE}`{hGJ<@?J=xlq-}%Bp>oCrU2?wfYGCmx})`+S`!D6Uqiv07OxAiLk){^i%*G zi-DfbGt4l3hW-5fXg-Y7U1sYrs(m>oh>xq26%a!SnBFa7n$D?rw;X0)oz`xF126hi6@kf9Xv1~KSR5Aem#(>-M)d@@k%t7Tm|ts(b23u z>Ct4WO%6VjG*yR%xrGMJbLzC=jG#iJ7&|oQ#R5 zso=*S+kJ8Wl((i3etXvym9NjK=;t2m=AJGmMZqgQvhEdArxn5YlsO*2K`N^5)FICeF2{&4D{)Z@x73C4Ye8%NV z^&O;Wpt@mGdd)K0af()lGIo^7bYw{yNHK#n`L_IRP=IYAx&$F9I;ebkl=Hkr5|$-W z8W1TY2%1UQCMV5MvhYsgDS06(QdH*iMQUkcJ!x4gY^FY;T$WFEN}LwXrXEco6<*IC!Z3;K2r!N6(QHQ^9Jj)uS)J&lmECqGhG5*hWxRsh&KtQ%CG{V;Wmy>M=&Ki@Z5F_xh3T z<3sI(yI(uHePVFoS0i|R*T^NuaN)(rhvf&BlNV>V-go?^`i-^cZvN8o7aL~f^A4}Z zKMWt0XOCWSaFyH=1leJI4@}oYTA{9LIzhX6aL9-$eK!S=aj+_)27p^)Nl&Wld|o32 zE(JBmpG|c`Pz8T(QA5PyImwylbg_UM^t(8}`2z0;)jpnXzyOtAJY{-Ls?QQd6jhsX z&*D}Ouy~SI62(G=6O;#w*7<&9>$d1ExFEe!MTg&7JTsLKWp2eL25Ih8(F7heK}WMV zCaMNZAtVj8j6wJ(x~XlXhgnMmLGFBd99bdI^=YE=?B#h&?F;LLV7!oM<+z|>l^YqB z(4!Uze&#f(en7CGlH_ov@s?ZM9C03SWKDj91OwYAmuQkuY^a;{$2eHlU4v+9dsgX< zP)&HMs4)n(J5<6Fy{y?@IjFKLM^twoIB@mV2M&ym9{S2x4w0IjFKqi9c~%Zwaiv;c z3w$Ueb;yTBrBzj=eNGT~b9ziqEkxRuq4uR_y~Jm|B%bQ3B`=tono=ezO5a08qtQ+P zx7B)d9y2Ld=L|0KE^rL8?Tkvona2B9hN3;M2H4E77%rhVjY;3UC7N)hGJ1(9Ykmm` z_DRa>f?L!I???JI5}av`aEGnL?jgqY_P`&3dXFRZee&Wv2VQiQN7OvgHQXak(zHOJXriXUt7ykwgh{F3L^i z5Yh!gZ_OtJME-$O(P3mcDd~(kDN9yPO0r1KR8C4v=cKafc)NW6{_>%#^9b2lwQqmb z$ilBqK@0gUcsT{A1lyA)18hnv5vANoqal?DNoStu>2sbN#xTs1&gCe#nW$To#L6VE zPIaC0e>vkPpNuL%abY1wg(Zb0eqZV?hgLI7oY}CACeFmH#2L%o=5P4B;X<3M-ZSbg z_S>}4Lho2!w+=bxYYT=vZ3Zd0@VET^*QopdrkXDcqCG>82Ve)vQ;SKb%GezsC#fhn z^A;XGeS$5s-lW6p^#;8`CdpyZnHBh^%TFk%a(PSqO{yM+8WUaK@($+Ir!1VzS)#f= z&cW_qQ3z2wct;sNp>#DC4ThE^+T-yAJOL-m3W_;dL8sDeOQC9!GES~*X<65@y2|6J z@~p`tcrDGDjjvTRW(%+6^F-<0T448>a-Ke4X35Q$*}<6Fopul+xYPzD2eR^IAxdJZ z6No0v$bx*qk6Ty2a{<0a{{BZF4Gr!b82IdGmByf(uqgjg&6SO@KB_2sB!xNY&qbRxlLSF%FUZBJ9Tz0_pN|a z-~<K= zE~Fizf5;k(oO-O>yxfhz^t(q=%w}WJTUxxw_`E1DXE|+N?!B_1;j;Z@Bjk1^FZVyG z-Zc*5aD?7w{G%uFg9`r&a`;C1piLPSS5Dq8{lZkz;&9MYcPA}hR8x0(<%^V(LBD--VaqcdZ&fU@OOQ3q6?CMhcI3IaL>EvAK z{pYqH&fVXe$=j7Pzo!cQ1H2wu(W+O{Dhi&~Azsi4JS|Jm2s+IU+7hQ0tg3ZDrhYx3 zKiwLoAXmZIn*8fh`I%E*<@{gG_DLtA_-v`Fq#bW|T6k|@*~PrVd-2q5aQHFBy(vul zJGbZb#gR9ui$i^#h2^L1k>iveIi@T0Om@lqqC5K*+D`aN=NGvpn&z;yb$IqGIh}J< zIps)x_uNu*lQYdNrDI*Z)ZCjWYH!S$oNDvp$+Ol@b=wO5&{BED{8qt&OkQ!x`G3LC zTYf8-0tLfm(_$i28kp?UoZ_2HNq_lL0+>qMxzlO8g0!n2T`Yd5db{(JjsGtX&2HjE z&yJ~hE1Awb@m_NOzMn7G^5NXAObfO=nZKJFbuSgW=tB`Sr66k{2U(Y1SMlP6XzqI0 zY9wj^Gda;*1GvJ$&Rt6`5X+Y>DWkWb1Thf{*bEEEC_TZ)TD1lNG?i!I3=YOP zHQ$p029I>uX2nPnt%bHii`isU4!m`_2j1>LJiulC#3O~Q`o(uYt$hBr`Uif9-NMr4 z|4NVik@`@T*&o9`pOckirCO3svKn-RWmz#+I*!tPo9P^D!6(SEim4py#Im&y9a_`f z(%L%y(4q0=%jBs>Y^-ZO`@qjO%s0s&)sv>7@yiZ9STf#SCp-FEVXJ$r&bH7&GhAEUUOcaO4`7;DTaTdi+VRS`MTJ< z$))$btX7R_mFQd@J1?JjCFg2l{9!p)Nqd@{t0j|j6*D>4#m$%1z^AqO4Va2oxws8e zjU~RrddNj~2RcM=Vb0HH^@-;H1kx%O*C3sZb$i5g0#Gb*J|dn`9=f(bdyuEDD{>M z=d#}b7)i6yPW9Yq(J4MVNnW&DFJ_L6BHp=0yLK@D#AsXo7ScMx6Wn9uJFt6xbU117 zU|v&*1$Lv22*rQ30cTnd-WQov?xx4u>?U#Q9vku0dyrnAdJD?D8>Qb&qoee7;Klj9 zAr{Yt0ygT!m1C`XdrNn^S^?2kj)Wb+jC)M3Er{Lo>TCB@`|#^ZWe)z-i60%gJW}M3 zUaol_w>_^JertFEe_ocqU?4?0wf}#C6G;r#SA^!j;lXruq*uA+>k^BzoOyAU%;GGc zba9QT#j#+o)R|hGmJ{WJQsot2{Nj~mh4_#X^DUfv@g}d&=iPKMcT_&g(RlCmbN2K2 zZhl`zCNEQavqJPv1CoOY<NQbkRXGcje0bI)X)OB{pnS%)$^^N&Mv4rjm;n-`so zU^Gwuitk`&R@x_dOwS}0FYpd_`lOyY!TSzz27DVkBd$qS>ZvcM9uS|V@iwS5-sT!U*Tjf` z9wR@<`izO5^k+j&F`tvHBXh0e5l%H531<9V=(dcJi+=?DXYnJ@%3-{uY)O&ryNU2+V4_l**EP8Ko zBH&GIjm5~76#YI*97GmWxwh1lvfiq^r3!g}<8nqVUAq+gmb1{u9+yb@`yl47gU+pk zxqry!2Ck&$?xu6Y&M33zZ%yJfTa})iGGWi@CRf&e@>aZ-?PJc`yR+8rKJ)D9?R}Iz zR<nZoy@~9`7_}uvy(d)-`|ORuWS>i-Sc`}e z@JXOujU3T%U`dDpVSV_Bp$917a)r9r#H?g-IlXZ3Djtjn3EfY_bb zmF`s911&gR)L2kZ`|Ys%{He`{#rg_dR%4&vGC6M_HuiU4>3!sD7=P_6Mc2$7k&?(3lvC+hsQ@ z-KXe%SIGC8z=+s&t-)5Es0A30clQYv4Tm{*Pq%!*uEZ{U(NzZxhLCm79&6ZOICK^6 zx!&Xzv|QZ{jq;zdy%C}R3!ZHPkpKVyc-muNWME)mW^kM+WjQ;Z-{vcWJo5{n2*U-( z2~05h|Ihzg%)6QA0l6FuU{L@}#0)+Fc-muNWME)k^j{1}zWo35|6k_a3_uYS@E8EI zw+KD}c-n1~O-NK>6o%jPT?%R#Xi9S-S($SgBN=ogN+L#3YBP&KL=xIGiwL1b5Jl)t zq84FANHK)%T)7B}B5KU}Q94$+> zSrzM7cet(C-fCZX0aYE;19e+fhahK*s)U-R^nr7Os-k_ipq8*jc^g*2KI;Hy@*%5s z`@#6DI_$OD>^u9vRq*r4-I_){4orlS;%JBB@SZs5REdo7JU%0EjQLLH&sEV9`H^e5 z%6c#B?dY3C<4{iZBx@(gdz>5|Yaq-i7roT>Fsr6;L%DEW`)y38JZH3ke>w4L*26G_ ze;eaT;+#dZ_wpQ0#SPJjYtm?yud8dQ?nl^_nO3-hgNxyayv`4^p(WvP=*9AwY(@Wg7MW7jl|O z)O)ZV??Dgo2EpsS0Z|e49%R>g&_MN-U-Y0123zS-rcwX@@VDjaJy;Jtuy@=+qXlxM z=1ES?x(ws?ivQsr{b*<}|Hdb{n{pnWK#6xiAO2FKCyUAdQ1bWf*mTM@IEv>Z9rn9+ zliq{J<-NwyHsx0Vu!5%{c-muNV9ienom6Q=`b9_Jj+BV1`* zlepG!-Qwos*5Pj9KF0lvM~5eeXB{seuO4p7V@Q3mD z@Lv-U60j4<5tt;%AgCtjAXp%{M(~u7h)|GFi_kWq55juF9l|SwuZXaSB#EpOc_gYJ znj_jKdQOZ52;Ib{h`kce5#J(yLn2I~MdE{`g=CauiR2^6KT<|gbyCNqWu%Ry6Qt{; z4@m!zF_Q_Cxg{GWrzF=RcS&AKK283Tf}X-0g(r$ZihYWwlsJ@Pl$w-QC|y$KQT9^a zqWne0Or=WYnyQ|vkLoJbCu(wPF>0&S-l!|6U(-;~NYPlOnWcG4%S5Y6n@ih8yFq)O zj)sn(PKnMuomaYQx=-|!^pfXE%*Lz^06vb1X#fBK00961 z0OJ5j00jU500002044x70CNBU0Gt z<2Y#~pi*jO=Fa^&_nhzi-dkhLt%*Bk!tlT1^Ag_DzKoW%ub7Wq`zpQf(dfjL>-2Tg z%xZgrW__ydOEmIC+m{RNEA+GNcg&I5)b>?c@sqZ%nLFlZZC|JMAKIS0^^N&k+wYoB zZV$A5!#ueCgSOu@-`)O8+wYsZQ{QU)19M~QM{WONZcf>~el-uKev|g^m(7QFuD#xl z2SGjPX0ez0-P9X~jlkQEla3#G&w^Gz@)Pecs5Rqm_S&qP$YdrkiRl_2Ezf*uD&{r* zzQRaqLKD-tXBMdU0sZF9irF=L)WcuJ-Zst5OdazFG(L~9ig`%S71NiuojO-A<>*g6fH|Tw6mdzy1YSSJm&6j6J z-vJ~^OoQGDC`-34>a##lx1UH?$ate z(gcqgT0YGPY5W+xFr^;7dH)9XWtjrgr=FNb0+lkO`911sQ9n~tm#(-e}7uC{wrNyFT(5b7J4 z8PSZG^qm4{){)o|ug__>U=JN|oSc6<6QP&@E7oHJcHRXo zmSh0xeZ?VEEoP9=YEssx@TUa4r8+B6DTG!HzSLHm;&0|Qmpr#i50bpXN|ygD8@KWc z`p2%7sutN}mZ4$Zt*sFx$B)d6s;XHA`w<6>Q{l&WfLfc*jIFA=}IKX!1HP7lzn)JnBl>XeYLBc`;twl%hx&T&U>5An^)aq))DoV(_)=FN+v^tPmqG_tLB8?1bVMn%^n$t4Jz@FNE z0A1S%lgBFSI~<=f=t*pjZLJ24G?aJ7VUqI3F6E1DLgYDG9_9CS%8dKwfU?Ot<+)|d zTczI?^>VAOcAlzrtt#*1@@Wee!?9cBN)YdIi~X!L-h(8JMe49!C5~f_Ivd!jk9d=4 z=1W|}*wCzCJx3&5BMN&Y$s|45dUB5M7xI``xsUi6!Ui(+Rhu1Cr+JwX6ttNlA_z}B z$M%cO4}nQeDFPpvMwMC3F)d`Cprp@KvjgkzNa=e{zMSs^SVnP|6&JTgbA_*wOV*1e zwn6n6HWDlPxsUeYof)FG&0~V?W3rqb^OR=YMdffn?Pu_>Q6y5-OP1e9V`L6ptm#s3 z2fSMi^Z0au^I|@dibL{^jmR@2v9t>uL$%8{QLHJ3HgnCWv`|G~=ts$F;Zkb9gRQCuqt|$L3YMfQY211ok=x>pR*62A&+{e&2M@4?J>-yA3U!2sNWyX_>JxR%34K_j?>Bj&XWoq{qb2pbt<)W+EeKAErig8E*e zvTp;=eU(e=p9WxKmy^3QM)=YwotX?PI0H+%B}1AewtF zGL)lEs`WotbrCXd(GK%!RdW0uss-^c>lKorc(?B%$uzPoOI3_$<5rH7avC*jr14NJ zg!Oj>n-n{cYP91jF{w5}>~ON)k_sf!jFQK@NP+UA0ikoi<#l-@Oix&vRrE{V9{4JrlR6ud*LZG;%mGK-^V$$Ni zuy8t^!x@I_uvBFTPSko_!&pk=&Kjw!oNJmNb7VSt7m&G|hS6$Ya{2gk#E#pw0jz9I z5o?{7>a7AJD>n_k=FV{^8##|!nzpvycYDmC^0YYZ;~d^c#gkyHr?-T$o^A45wensS zoMp?qPmdrpI~JQ9wee@88F&Ae;#MTk%BA7#IKs*M*wu`3#+Y?D%l&6oxOL66l1TJ6 zz}6Ik&I{b_?ws($J>ZgJEpsgOWURZMeimnJ4hwZ{UUy|Byo;y6^PxU_%K2^f%#&EL zHXJ>}oIi5BC`d1n#8)f)zkR%osMj;gq@TGl_twWWi*2Y2eh0Ym8d9I^UtT@L@2vT| zrCa+19vA2dq3ECMYZI;|FwLmLJdB&YSJiS{E^yZ^6Vl(zO zZS>x$@`jt%q27>gyIZk{?6Q1gCjX1_1U4a=pr`lt9;%UL%B2tKIgiXxMYX(0^J6{N z^z0erA2`UnZU6uPc-n2wN082U7zgmrkG0EMRiv`m(M)U%=4W`1t0V8UPF8?uL%`G zMHQu}BvqQqsz_H=hH9$IR6|X*)K*7b_0-ouLya`{g(jM6=1a}B&{8X3`C4mjwAD^~ z9dy)5XEAXJS-Qy9RgPTUbk{>qz4X>cUwQiJZ-9aF4Knz{r$Y_%jp0TZX_Rk`HpW=v zj5onVlT0?nRMSj1!%VY6iX%4L;ui<}W~)7RI_PMqWQUhF*&k9vn%%y4)vHk14~}`~ zAMYJ@!YwzPG}|0|&2`5-H{JHYUH9DgyZIh_=#f(j{B56So_MOzpZ>Dl0!0>DY>{F= zT4JdZrOK3BX1VYDVTDyzT5YX0E;?krbvD@Ojkhj2?I)K#_aamY>7i=K2-QOMkQr)( znxR&x9qNR-p`J6&y5MKmoO9lF+Z+$|{pw0+5E|N*TCiwkNnt##ytpV9iw#Jc7mJMM zeu>De$Zr3e_;3&zk4!{nMRtkIj_ewl6PX+NsV^^SJnD_d)8`izl$Xw%JFBcPxk}_G z&CX95SYEp1KiPJWFaQ7mc-mv|-obDpC}JZcV_)P3#+@7t91O_?8yQ%gHi6myK#5-Y$*? v21XW#j^vOCkdjCs*v!Mh$fLD`@qgd10n4z&Hn$hjz%2Y z=C^zBB&A@LM3lS5oQ@JkLJO)~SkX81zSG!?j?oMK#A*(A-Wt4=8)U*I4-ECD61&^$ zmCl<(x5&rJaC?327PAqvg~>MAFbu=EBSNPs;auaU8DCgDhB<7ueoz>?+Fnchb_f4V zi|H>+ahsT;GwIaiiLz7VA=uy3pPBm>1VY)3WJp3}Vsl%E`1y{fZT-C61(pgy5pl`m z2*qghP|*e(BQMIUGW*JlR?oPs_>n=7I@aUcK5Ym@aWE!0u_--FANOed1_CJ+f)xaZ zg5WSu4$FEx|Nr-_ea>x_hW#jlf&j~kD8YzktpOk5A$_(qt=U1aU>%Y}2%Y_@s6N5N z0FM8*bOx!+u%U90c+Kqz99+o-F0`dCZ(H9@{!Yv*77m9@MOlObq`O#}3P))^7IbS9lCZHZ|uT+!?U$e?H zkS;_L|5a{uJM`ow8G=Z2kZZ2yjIesyv&C-6ve5iUvwj zzQ*<#YS8&~+Skq~abVg15PgJ2^SQd}y2>*n$r_DGlATy`vWetm*RUijq`+?C;OP7y7I0nep?<;(cJt`P3buopSw2Nk1qgym$6X`i}H#JkoEu9w(PrI zSvPm$yK~0;U;371$#&M9jyvWgJcAXD$)LglQ&w02TL4%KSZVER`AtXRv9UbDC5KWV z>{RnEbiI0xs^u|t`qx}uQkb2;celG20GEA;4s3`TMd1|M!Sk*y%R+i7uD3%l93SZm z@h}NfIM?7A!vZ>#Wy@{p!9Y_gJs<>`qqBG7`&lJhvroh2==+5dO2|wmjPQgJLKxxm z<@Npp!zJS&zWlTYn`-tWbN2rsXa}fW!wN_sK*%CtCX9M_{|!O_Uf+iA1Mv1!?*`!g zy%$?;Q4?qkuyi6HL5MTID_hlcb!<9*VtOv{wy&8#6XaXhQ2xK=Xsj_y6DY8ci_LxJ zvZZOG2>*px zdsg{v^Lyg=pZ~+(4d~Re*IfT4{)2!_LX5XXKuXb@90TGke@8^S_Oh&Yj`q!*< zIbaKHg>A4McECY61c%`W+yb}4Z8rR$8Nqot=LM_<4+zlY>zxik?11gHo3esLlhc8} z6_T%mspyY2yRg>|d-R*OdL~naa!jR%=KcwXL{rD9Zo0_M{6d=l7K>n<{(-4z@R7hw zt|?+M0BQ9bAE$xm*rE#x9_yb4OOr~w_v|gHh^RYbV0dqOH@5=<|8l5NxalXvnl!(J zywwoeKj0$Ebr8P&-EoOuS>K%ED7_(M%QmdnOF@m9oEd4Vx!LS223bLQYk~8O zQXkJw7a1?(Cnx=IZLI@r2lV@KrWh9F<^)?;Y99C41h9X)qWrs@+hmX!WM-BVsaw_< zM?yj7eOfW#tu-qfyCVrSoU*=%F_$2V1go%$D!rbhc_5{=?FWm z$y%cO$uogBrLV>;0V5&ba-;Y%9W>g%w$ya40PO()W|O9vz;hb{9%@xt#>z@g92b}Y zU&6UnG+bC3h*nUQ&jXgxkdZEQ&v4g;DDAn7aU7ocG36QT%{02w6yX7<9Zf$vhNmWv zFYTZkP_n>)3#5rYCbIE;$@x%aDh)1|lXY}zlJDMAs1#9W!a-@|1iHp~o#lRe$ks%y zf}y$-oQ^C8u2XEy*ZcPB%QHtu2Mr{E60_yiXKu9TioH!h`x1VmOjeNnIIw5irms0l;sC-&hX4k#q{L@7nhiBE{ZWjpXJ&Ka$AePhyiiM z88TX#Mu7=7juOY=hmH*vkEhBQr0|OgB}w`~J8!TW>bZDKp61YdU&Y%f5=S^c`_<#K zMpI$t9jQiaD{YTImrz{DK$DF*+pF3wb);Q&=4`u$N*zbrdTTc~T-f46#;RVcdhv(~ z5WFg9D|{)c!sf|`XzAZky&}Eo7;XA)VB|kqljq2*vsf>d_|)bn+DB}Ju3BX|x%rCc)Acx?jrGw}k>NGMa%Wi&O}!gddo&@5_SxB-FF zw5fFtr4{t!ts+0p7Gr39mSm0RgLm~`sz%JzvI@;{d-0qjv=P9Au zg_RypA2SW$6BmGHzEcc8M&~KmEp&}gx<(vtL@c#&`I(rN5N$TRA1d*h-J2*`H%z;6 zM`@{7k!G=uA*JQHxPBS^I{M&T1M#pUW6b7|vKFnCioHQaWVDLUSVh2+3G& z*3~Z80>B%21g*W&o`5%I9yeRz>gSdlqO?|S%JT*$4ZRDNQ$7= zi~i)8-LD#B&|wSUgUdv+&=AfQn<1{pQTQypY)Ic4c^Pc1m*#?KqX<|10w~HoBp%|gytOxfwd3MLTAir>92NcWx^c;xDJyjptGGx;K7=dxwKLt_3!tayOTX#I77Yih3G)z&!P#+OAP*s*0pTJL z$S4CUQfNFYkGL5)U&kg`s(79^yMq=f)awz!@bM~8T|{w+CG#tsMl^y$DPI$iXdPCoEK@kF^#}V24Ght7?|S9P_^ho>`H8 zU8lMc&yqCbkPS~9xI-VK^Ky3o*y3vWdCA(mU`tn!RL8ie-e&GgKub=TFalJ7juQ5h zq_-7!cWLYzJuaJI4?Ar{OVUMNkj_M^j)O4@&|L+Mp)w?s9t}&?)H#mp%$ye=Al5P@ zRz!>I#2@@Ii`D&&Fjh+3(ugU&p%^PuD7)zRS zvgY&+6!%VjyV2w`%{EXi>SiVd<2APC#u~zFuHp!QrZ;XZrUb0eo2C}+QxhjW16LtK-P?N3)eh2;KVkbsl?ciRD0TDSUp30s!b@7OU|th?1M?2@ z{_}!KOem5HH_}u>CJ`O|(!E|4_T81Bl%*+ljSjCajv|%PY+-u|Nej^<8AG;Nh9;23 z4klzxKTKhu3-2BxM8ZW;u^~jqkC~BiaFbsUOC{#SmrX2}n445ShJwygsE9~0A0;?S zsZEHue!oNuV$)-&;!AvapAJYTowU+gr1hP&K_3tOoiJz{%=RvJ$T4Cky4Xo)u$;wl z9>)cwi^MJsBat=g@;t#>FQf6jt&eC2KDIo;QUUW0aX;ra2a= zbzBnR%;!@0`&V9jlB_*7;lri73B-FjAMp5aodZtfH?S0BOqk1GrEA25aA-s%3uodIF#N zVl^OO2(+&&82*_=2bSJ0ZV|um1%) z(7^=+h=l_UAnaZ96DV{CwyRE#5ogzfg|m&=-lY}Dn7b!ZjJOd) z040Nnzx(VQk})ux`_pJegX3Y3TpJKj6UyP$V7d{TGA?$-W-u;8?gB}mO-`+H#;7d1 z8E*Rfr|R#WUmi~*>cv20PYZx)ujdmhr9>v6!hFGKPAMrh zrKkL|BHiXs(~_SuVayo_+X%plqaR|MMNwA>f^uuDs!SAZxX)GA1LEOMsbp6 zc~Mri(#AGzH-0%tR4zIXgT>(qL=rilLZ#6eOctBN^ftnC{b9Nsdrb^Fd8yLRv0vv2>w!-tL>J9_Hm=`%3LX0Lg* zaC4(`Zb4;XZ1 z4ju$3zw}_xxwxXI*X&T(f;S?%r#ws$lQ$%dul}Z$AR!NsU|SXIfkFYi7u?J ziWLc5pd!H4^B2K-#(XAI(K73U3k9L^oam(iSxN?E#*36ZIFyG@Xd%Xv#@z@_0(1$a zyA#Mg1guKMI$m$JgXhH$2E;p8X?gRP*ht8=;^o(IG zeiT+5myg2)*TbwFIw3P49zwH5ohC|v2uKBQA?i>^0!42IxLO(FzbNdq3fc^H;7wP_ z9pGSU-cCJx&@7^B%%v6Q;i6)Vf(d2l;Q{0l9KK15-t!U?+!L4$xlRusLcoul{t>nD zWxmtkF{`T(JPGCz;O$|o#BZ49;QsB0M~Jt3@$Er~(zx3`@okDwfggV)@vqLH7~oq1 z;=wdj&NJlZKpPVa#%`>f%Ry-9B#VojlRE>&uW)k-C)Y6bX<~v-s!k^nW#m+i^iER& z#5M#Gi0Kieo<0u5n5wXZ!w6r3MzAHo5|9UFQ2Z^JO#=_&LRV2m9TRg`n>)!PK?U)u z#{;zt^adp7fr#@#%mpCfLXdI;ka0thb0bi2<5anYT+%-xUuIFl2gzfYx;h7>hCj*PwVd5VwV#(F&C{0i*TBlY7jNCgQba<(c(S z)n7!qGU2g^e<|8v&Oz&Yl&$d-NSW}AKlHeY&w>?Gq`>^3K~^A+N`Un56FeQ8_N@BX zJytvcEH|S`6|+Emd6t(@Ale)2o}gqVh-XPV1fya#>AYG^0FBCKUw1u|X%@v(mU{z9 z=!5ELeRahX0ze9(k0jm`CRZ;yKatkEd}>1DG_||DAS56dqM{)$wC}~A*lm_-uFD9s z@)UvzlIk>w&!mkr1l!1gERgl!9vJhvfwP>)nHWp+CFjniEV{dx1QBdpZ`5)($6)$O zN@$qn$_CUTX?`=IX?ZG}0Of|6VM+jc3Ga4atIDyGCyaebj6)0Hu=Qu2@GuinLbNmv zE(q6@91%r`7li4C+}LW}TyrMg%BqIQZ-uTWYhDkjyp$?xtxzkddgGqR(xa4%oX6a< z^oerJN5Rwz?5f85QR}I#rn+R+V+%XW?mE$kl`lW(7!YC@ZDT;Fb%kO@K^3jwoC1O^ zCiB>}OB5_ttl6e@we}3xb9d}oC0iQQ@M%Yj3nf+3(|fx!N8<^y3omdAfn z4n%$QO@KBwQJ0Vdqrs$DIHEim2(T$17}!+6dr&zTAx}FHVAD4k*bKk`W)4QmvknB< z>i$HV{Er6E zdbG!T4#V<+p}%Y&e;7d*dkas7qh`>>QHmJ_vE{?IWmSka3{CO11trc3s3Cfucu@i= zJdrrbvNqnb%R?w~Khb6w2fXYK%|%;?A(V;e@M4ZQ_KOIT_N}tPpTLAW!fc3yK_z!j zFPG+Z8Q$GO6X|WJGyW^nY;7961?nJ=jnj2t>aS*8R{fyRva{)6wp1TpZZ?mF z`+6(%$EMG(xHQA=y5R=+nwgPH4U__MIIT4Tn!K`1{HcsRR^H#I~w zKtPjhEEiCP2U0aF)vU(l=Ij$rcxH7;90ziU_BxjGJm_3Q9JgYM<5Y-I{Ch_2F?Yli z1Sx)^#pj?*JKHsHXQ2zC_il^E6F?|fy2s}nM7Op!4mN%=KLF`%U+kGhhZ-4tDFR|2 zn2FCnzG&;m+drTAbp?7QJWqv^yV2f2fd77m_kD7mSznCl5kY$668z*<W8Z`uh$%7)O$nZ1Jt~-i&Pl0 zpNV!8U7nEVMPc$zKgyalJ$nM_cG2y;ymN0=ijxdlLDU)K(rP`v)WV|YN&AUBk zK_a)gy*Za!8^0K>HGh@x1n<@Jz?4grYnz%YOMgT{OWWZsBEyNpClcj!f}HXB+fK7D zV+uInc*XQ8L5tKR>09BVOW|*MvlnDUwCb#!AibVghDBHkwa+B5x?3ZwjLWbVmZHY6 zz&h_-fvF&H$c)V>QoDo8HqK*%m~_wV*QPngAcL9U17Df1Ve6+uLrqP5t@6ly^@u%B zBm`CXVX9WG!GZ-;FGO7=Mm#}u*&!NxH=d9l4*4zjuoSIp_7sr}3s@EDZ_c*@634AS zaKKOOh4-%(qqvnMyURvZ1m$t&$>MX6&`L%V9>EbS%CT4+t3=4v)D6Nlds#rtVgSz9 zT&h#CFP{ZT+_t;A>^5vPuh~0Skea1w5ttTZIt<|2ljU3@`N(;Hi|t`XyVZWASj=d+ zOTZho+T8DdD{wrj^a$m4L+HpejaaCBxReO_hIQB938E{A>~eO!jMlz?o9%2J9sI;O z>0_S+Yi3#JZ&pr>Z2$P8qnrJ+>Kf$bT0}956DD7X7;i;@og>EIbh79X&ieDYOXoOQ z-AN;&*IbmL2gCd+ZrUK*;rqbNVd$H;Q9h|AgLIl4A*fu<(&w7nwDAnhnYwa>qRUyf zOr$*aLsJWTdZ9GDs!Eb#x5;&R!W>i{TiZlBlT+_FG%#5U#9$zL`CbL&LkRiMO6Km; zep+`vHV2chNK(awpaR#BQUS`SRKM8Lw*AQVkRo?wcp>_cH{C(o&p_ewI}br&tZI-9t(%R3c=t8=EV8V9Cxj%fDMQr+rbCBxIWi+E z)ol~sF|i~qCom1l1naPiA)T|sZQ2QRt*tTi0j8-0#$ErnM8O!=>i31a?Kev73SFJv z+ByhuOWlsy{vP?7F9!`_e;b!3Q-q?N)$hnFw@6jY8Gru#T35TKlw>ri^e84`RxE4_ zkI^hUzUT$IbR$cRZh$#$WWDB);E`o5!k^|drB(Yt9pdiIC{JzFq}MrtRsl@+_;7vI znud{y9?1B7H~}_W;n3XuZ!|o$d9Uyxq`zEaLvz8RIMg+u_?u{IuQ|KabU-|smEtRi@9swq*azMHM!0LyYlu}~^)vj) zr5G|6B#Ke*jcNXDQD~SxGVHC=j{yY*_;|l?x{tr5V>jneD`Z^dixQEaZe4}6tc_EQ zqO{diEF5h6)*9kuG*F$a3K{$|A)~#J%D(kgwyQNq8YOQQV1ZaidV{`Nqf~?Pb^9;m zsgTL|rs@a@H3I`>qun)EMvm8AGM*Ec!(^Z1HPlK)EVRW+zrKs))kyH_m+w>q?0*HH*`3aToAww6r_a1@}=9SoMAA+ z8AFej6@df_DNlm+(5Rx687e?i#3gJA>Xo3JXiBtI%o0kYsgR*ed;U|ec zoh0>AoMVN2Dmj*YK^$Wmgz=qyPn3|ehEXwaN^8#(UYLZL>PuD$DADmd%LLHl_*W>Z z5=Ed_sBr=cAs8piS(f)Ialcj%NPS-?2|LKp-CbFye$vRYM5MYl7EvWXu&cFa01I~V z9Feb!WW-}9iOD{1)&MC0R|2aNbylG=C6T*tSUnl*cYuUCZN8OSqOI6v?HJA{&cg+t z3~HTI)qX|&XC4u2^JCvFvS*i%SN`os<)D24R~Li$#9pGG93P{IXdKSFJe?bB-kbuE z^w22|C@`unkr-f8YTAXAf8#+f6=0KX7UG+(2Nh`u0SHbLR+#vgYK?&f3UtaCS%4A8 zQWPY}IM6N9FoDCr^cx0Bd7^d{Ff0>jWxgA>jt5HSzVa7?vUlBI+KyRjoR6PDUnel& zvAxW}K5v~($gvCB1hU6%e{A}|HAq);WTJmA7(S_cl>V|0x=*1E5*G?=s34^?4R~;S zuNBYVWEw1L|I5B|+^|%DNy0sOp6K(+5qM-_NU#xNas_04SM{$dOtkIfsa*v%Nr1yy zS<}&Z>0Y`ebk=BV-PN@5Eb6@nD<&3eariGwdeva$N%NO5h#y z?ZDgS$vs}*PaVW(Z;6);w3iQ+LnLL1wW7vnk`he34Enr_{9EN>u_dv_sM(a{Nae|v z&4=C|S|5c;$JQhk=;Q&KSj|MFbg>ws0q6|!oF6agQU9Lnqc3f+&ks_Q**uL}8mNua z421i1h#=6CI_klkc*H~(Wj>-ivNH_v680Z}11Gnh_NR_l1mu%J>8EA@ogK0`pMwYC zU}JmmAPmW*s+PMGCr zH+K^6p04nkD!lQN^r!RIB)BJ@&cD40jY`C;H|jUOC)yy<5j?D_Dqk=#zp5)0hr}Ci zZaN<%$j1D`jJzI|3=K(}DbZM}O4Tf$QAwTlfIt;`_`5`lD$`fT6Eoxu#YHBUDGYEx zR?F#hCYOc932+Q5BcJhap80*mf>3)RBrJWFSZA@S_*AZtKB`)oBKh6qF4hTj%Gb^K zLr-BzJ8mf>>IXpzx}e6cH#Iv-v`zX5QGC?6EI*$C@M-k@S<1mZIr(9rg$(%cf7i4U zD61K1V@kc#rZKiUt(Ml>(h{X@@NnM5Z{0FsFcsi)IZ{5Ajy(HI!mrx*y(2p-ozb6U z{ReDH&zN8EWi>}TqEH$77IFg1-M54y~J)inB z#7dA;Ib0c)fR~Z_Wn@Cdx5E4B?wV?isoiNQ@zj)ZC^d9J%hG}^zjmlNT#kyxWGOjp z4st+Cs)0jyJY?kdx~QoLp|qO2E)0Gu4k-7?MnFeoB!b7;8X_EMHv%Rf-cz4h04TJT` z`JTT=zr2keyO-g`YrPlu^xwF@Y2eD8zG8X3BrRVL@~l(euBn~X^z$ytJRxYK}v$Ke)Bg(q=K zUbrOL<@+0(*5A6Bc>7x4{OwMJP6a;}J7P*Cc1^BrZP~PGp>c^eN8$Z(+uaL;o9~<+ z{8J;}+P!&*zGX$zfUk1)S$fB7YdY@l?6&q6iv7YjHR?liYM>h z93HuIy?@>g%6sicJx?W{I?VYY5ITRE$p zji2^zSynyK*1%K03*25hd0oRyR(wrY{})Nxy7A>J$}Bqk(5i zqzRJ?>m8n@`E(FBmhuSrNStgENS;DK!={{43udE%yFj{#w9c{t#e*xp8 z0nz&aH$*%8w6@z-t=5;xBloH%j3c|dQ;MX9zg-%tU44Bh z>|bt5)xFWhJ(Z32#YVVU2}|x=BUdu>6ANy%ZOAt%g{hOtLUcvHtsSS2)*#91Tyx_O zO}eJ<6~sihcXIXeKEc?!HS2RG-PXpNV`sT1)0UURy~U#q`e)tPb?24dc?BtpD;cl6 zD>@ut$CM=7+w$Oo52uT&70TbC7}#HB^Q>8s<0=Dk)%r^7M*2UhxV zy9Pn1xUOekWrXt&b){#Ax()=Ync87#+fn|jCbTxB35(O=!WWmV|LoUqoi*Uv%GbXR zd@R&e*7sc=SUR~a+K={uha#dnoi1N?r*LXVJJ^r-K&*&dkd8wOmdWOS_)NC81bNq8 z;Wa|DpPaVKQFhS!QNL``B^F`X!1gIvTERhf&ww7yR*)6%UpaEs|1qjn6pXz#`#E&-h9V1MqW+y*8hdtbYb+Snr)dBvugPQec*@H6-x&+Pf|aAdUg+7q9^1LP^O`fct-9NB zy?%PFD^-ab02rHplKgax3t(@37I5tUDIb5~vi7Ch#E_Ke5E{Z=ysfmZbWd_>T&w`YPyamr99K;o_}WmAl$gX{p~i zYUeZbMmh4{EyWb)p#(imM|~0>APB<=?B4gcAB}(U?yJlI^mZS$DXEAgpH0|~5b`b> z_!qg?g=vnY6gX?^Bj3ME>cF5IJl?!Vg;oMm!#XMSHY`S0C6?3c>7B1`=;f#-``G&=X+=ff`ny}A2XiXi zi^2Nr^Kymo7dJ$o0u#OXPM)vRgSFYorLP<>GLB>QdN4fIZZm=^a}$eR#XiciKYT4O zGU!3}38}UiJy>}hOT9b3xxS^Q69jTjw)7W1r>^r#GwVurdOAU!HMi5#9H#61*S;ZS z)yJpFg@wzRMH@%4W&L&Nf@Qj=$vW_-Y_pWoRuz5UPY=9Em67Lun*4a{Niu*3hIgU! zGM-ZlpJmxUU!;1jnOh79d18B0qpPh|93VaN?SZ5=*XwO&m+$}q#`iKKK1&dH1mZ?R zdGDgVtkKl3#wl!)xsd1uqQa?>jpxvlo>`JrfbzE6(is z?W5oqUKu?lUOsEG64a=|7Mx82-Cw5`1Ulj!6(N1g>YQCe_7I1|Ar5G8#!Dqof`P#@ z+N<~59h}F>DTe^l`rKF|i<=*qO zsKb;BWPt)2G=Aq~VXiXG84YUAYk199X)P&+RE40OQTm8lEQBQ5RxfhoZaz6KYQnko z4qjN!2RXQ3e&}FV_o4mEmR^07IjfY)G&*Yy#`+o~vy=`~RgaTc3V_X$ z$yqu@;g@0ULiS=IHAT5zbpeZ{CACa@rdyI|Gg69-LQnMhcI`<#hrj#kE9RG&tp;7KrRJYm=M*fQ*^~x#IU@w0+8A(w|^g0bP8)P`r^Y5YNeO7?K|fWd=lSX5}VY$ z{s2(JQIN&y&R(gB6TRheH)CpnjXkmYQE9Vm)0JfqIkV-#=|1|mW zJe&W|OOAGjGxf81$-U^(QIi&y6o~=dP+G4G7D3l9HFUa^OA;W?4U}tsunh9y)iVpi zjL(E{Q7tvcxETM|HIZLZyVIIbX%5~)p!gs>@VuQy_!eNu^4j*1G zBfSX#o}Cq|X3Z#XC9q^JD3J)xIN4M@)hINjUl77LT3Z?>60-F0+3PtFx%cwg5$k%) z9z`@)?msZ7$DU5mb%MP27=6TdnY1dczS`_Cm5jDVJX#l-p+@2)-4ihAS{{(^_aA#n zgOX?Ye!OZ@QP6)%JDV|FgckhsNt=if&5%qfQw+IX;8p9+CJ=s?#d;=-9vrXnPcdt< zCkAnV@2EyJIq-USFy&BQ>MDE4xsaOsAy32%g&Yb=EJUOr{ST*E-eWrWDp553-8l<9 zVcbdd#rS|Qn)Z{Znyz_{bpM95E!EUo!u77{XG@YlIPtJbemDKQEsNdKm)6}C-F-}f zx@!;gY0(7=cyTkOysmmn;#QSY{708dV;b>p9&q zv#zC1t}41}SMecwZZ%qQ!NO0V-6Fd1nHVc&OIj&!P>XC7`!cpMD!N%U8mK}`V5>@L zXi!-B-qsCy9?xRu)wU@f&#F1xUn%eEcQ0(+U5{)s1Slq0RBD^uXbuY;uKX8o{hN{~ z(2arocYJhNH}^dMf5x3yHYk8s%^2_5^JyW^UTiZFMX@^V-86Mp+-}8gW-;ROFB{7I zX6?{lT6}^Ak(hep??PLAqBiY7FybTm@4TxW;gLulojqBBfND0GO-0?!21N@EY7=@A z2A@2S4jg76AhzNEEd_>FK8#qQ`OJU8(m6z{pCvyZlMO>L^y4g=+LsG(-#z%$=otwfn*kGbRrzErY=K^O6J|DYmtYkg4g_rH&?Z|6u}l zXhZ5%hU;|`@ziB_5?!3B{~qVUWenkF8@{_CK$kns|vdKXG>IV*DPRL)4>f9o+qL3X?!pR`z17 zM~J-;PSY7b9UA3au4K~-b|i230yy0Ck-qy(p>k*ZSZ8p(8- zN#CE&v)(AkrpngQ0KL8&TTk@{ZYEv69WXOO^8TQfc6y#hm0(;}TpVg*@%fjO<#<)+ z=SvB+Og!tigvQSE~Q@L*oh^qtGLdzUv`j@(agf33D6fxd?u9Pq=Pum7>A&u4H7x8=?(hGGdt(>5ZHY%W9`UxdySk$Ez2l?YljZ!e z|CZKd zmPI=oSE1#(pHF|pKT!sCf|fQ@^3i~dN9R}&gjB)kry+#9=;<@?%Z0??DVG41bs=$> zllvfd+z)W$f|v_;62H-?zdl!{*2H;2Q0*CQs458bx%6Xju8y2FYpJE%+#enE4>zX4 z8k@9*_MU2p4bMVFNOG8%D4WMoRp3!YDdey{5|(gL!qR=VqhLBgI}*JodC}4tvWp8t z7k7hz6mV}uBcgwLdeaL5kWbxWvPdW%aJ~%Hfz*w{LE#XoA(|51Knjb5rn=VMZ>NI`z zVtxT`t4j0omOtF0pfuqy*viE=JLM70bm6vJfRj|fvs#MFoW9jQo=r9P^T9Hje4BM4 zOcZ$Sl~RvF8g$wrRrADUk)=r-Nx>N<@V>?*{3yE%t31;;597vZ$pqSjV3f@e;0q+q zfOz||GP>nKJmjxl#B{!M){s#=m$~OaZ~8Y{d^fB|JdZKE2hKcG*UC*3 zjx0~+Gg6*iOu_|V2Pg2gtxNbQD~#EgQS7oLxe8w*GJ*Es>#*>r7rRRrLtmO2^Kuh0 z;1M9Hx>0%SD6Q640N6C?m(sD%-R?d((CSEjUq`!WLyt!gxcfw9!i|2-d{I_@D(0At?AjS}vDq z0@%o=$~iw1PcG=h(w#X4ZX0Wgm}(K7jRS7*zhGX)oAx&%tPbP7>}nvD>B`eb?U@8C zToIqr>mCRW7KAtDADUGDaKFd5kdd&FSv{K^vp1A+H1cxM5^4twOF!eY+_JN z>Q1!Ccs&S|Eyl0Dr3;)0KS>o*aL5;(0h^n}?V=+)%R==@;P!%HL5#f|ERui^Q&~k7 zY+>89L-sr-Zv+36DXqwXi+A1^Fft`uu*>`vcsOF=VPRVqJ~Zl^8Mm9c76aJ^XKvS( z7w(<9@E-a^I9ysEftAa-TJB@zU5$3tx^KE~?-jZ;UfA1n$Wr0ubn>GQ9`CO&&rX}( z8fFYJ8ZQQ-HXCq-JQfwe6K<;;^hb*vcxslkQeLWwJZw;pY=@w>LTZ!iB_t0FIQ0i% zw7?XJ;anudwH-e0vIsJ3Ou-0Ge{(FHklAXVX;G)COm0GBb3YGyrv$G)XxJ` zDi9&C_tK+ccPc&j3e9P+s>b#MF`{1RM{V;O|UULB$K>Fy?TU%(eaqzN8U3;J0+ z-Tt6BVL^rkP>{ymy$A0JO=&ZweTdZxmASz}P?GOO2tzo^Bk+L4@-)CR<=6P1{1Fx=G5 z1HvBQp8=(EAA9C1-Ffjgz^ABMU`MwYd?Pf`>?{;fhsF%YIyBY$$x!o*jD27cqh|-V zcQ;1K93?mi=he+xSbVsBFH5$J`o0|PkW?b5TVE||ck5oDqSafEuF8&|;Q=04LfC-s zke5`Qp#NbS(1KSL;N73_vHf{NB0?xUq5+y4eV>6jUfG2G9s>T}Hv)q;Knm0;x_WCH z+`O?VQOR?l>GAyQ=pOj!veY-`?VjY@rp%LQD5|gWb>#R4ymeexqEHpSQ4~ks8M@T2 z4nb8y!03tRS5al!8Zrx>aO~o}-R&K@>e?jn(27?D^I~T};>Et67JRyDRWr(B-bNM| zlxHlJU>6nL#nHeFdw$OGlw?5*CH+lLp&(URo%;zz_pH>ug-1--m_#7NNmGO2>D-e5 zSN-aRZ0S<8uepd}x4ItPjMH|C6mqAX7Z%6Hg($s=uAL)u>GThDDbvHkm%~aDM~H4s zc<5E6t+grd#{`cuK0+V4w7*5is3-s2AZxNR4~`O<#Xe=;NX|GtK?|bg(m*B!-jssC0o64*ZD_l7aspIK*r8>#S%w2a`7$~J7qy? z3bct=QCfb{9 zL!2o*{MTW2k$(!5bF0}6sop2SzXZ>$IHxUYc_1wGvT%*XUinPcYf%QZrkh_3)^=>r zHaB;O?2q-p?tNB(&ra&F->lktk$G31O;6jLR9A1Y$=Gm_GfWOa#slzGadoEHS@FXZsr6lZU4 z`u^tgn@>Oa@cHrj>hj|J?0DGk`mJH9k}~brZ#w=)I!QW}Cz|zh)0@vjE0N>&3(Hxc ze0omNwIp!|Jhr~L`9S!@rdw~Y;(o{vJi@*P!#irpA}x&sD)9!-+3N<;!v^%*fyd?3 zb`84;2J8Bit5$=jABq}m!Fo-E;ZYq0FBZaAK54(sBg_y+fs-$D{4*hTlEDss86G&P zq^2yerJe9*1WU5HSKv|n#v}!WYBSL~M%XDU%HsM*F1+YVPL4a?^@^d}yrM0NNSRoDPga&Twyl7xGUujv`Y=4Gqh&h~ zGtCE3q!MZLd~~_>pzw2dF3+^?=U>fuk+PX_V}vPxmJBaD7*8j zRWmZmG+cE($I7JwEduuIaDq~{(mOeFf_F9R@mUz;Cgtn$K9lOKrzz)7DML9e5tP7b z7M5EXTNRa{a_po@5QJ=S?N}8(`j>$P!hoeB9AEPil%|r(2v$oXs1(bH5Gj#Nbs3$5 zn{%uOv`o2)0dAd${ha_#Nkl__nXPA_zu9*{Q$vB8TE+uOIeA{#NI72Z=4pUrm>b%v zbwi%u5jKK3oJh@SS&PEIV+%~$TG}p+8nMtUkmaxJ9V0mD9-oTM zej%Q=Y*H6ox^*C#4djM(&0(5^Qd{o;BCkiw6^U~`QzU+Vj^vc7=(E9WiXiU0F)WWu zWpf2ql&9b4xhYJyYHSpx7gwG%SGA(a&Ry%b<|N#*mUU3r7fLTMdbH~$R=QvT+^@L_ zim+9SEOCNcnmy5{Nk#NGknz&3XqTuTN?8=ZDMra|c(asos>ZBXlyQ*-+0ub?#UPiS z*!mjf^Do$d$r*g!rGc1w;G-q(Y%E9cma@XGcyDsu$Mmgl4qmT3&y#}*$~UUB1L2rF?DQ8Za*>t7(_8j}lGVeMk|OYpBu>Wn1t zufleP6SU2y$wR-uh0X$g6rQVdosDhrQ02mPL`7G>?2iLFpPnwuoZzLITo9MXD598!Ds*VSkr^8!an2xs`pRlZ;U&fgzMa z68Vjei8HKq80(NKVkN+F>fcPBOT}>r6fRiO+P<261QVdGiQbQ#_(=raOfzeN}55Qw>fx$NTund5A1;= zA^k0^DDXQ}rlt;FxRpc`1kmGdfoW3PWGJ-yMs#oJ+=WhWBN6bd8=)+r|E_&BSo~N}MO!5n=A%#cs zg>-Gm6&iE2j9*23iH|e^+tU#~_gLyC9~1tb$-i2{Hlh}-mt9-#y4Y*tbL5PRxn3E) zyu6oN+!_#LxOhkiWeLVwT$8y$9j1(X4dZ=^%1!9-heeg{&SO1OJ)dgE9R=lT6}ZPl{Ky#=j@?O#2vqM00Edr=k4&HVszf|3pvN ze@@|_@6Eq2u5gcNO<_DM3k8<_RB>&3@29nFreRzbJ?L3_hd-EZd?u04#Fjp$YJ4We ze{wshqo$fSG`Zbhhgz~z<6eBf<*v6=p4#6*PHIA$kf>zy`J6ZLt*JTarwmkpfI{qF zHER{$_AB_#7vR?l6<$%b_?sB#^b7!%tt7;c7&1ZeXAbzc{5Q_df6H_#9DME3-ykZ2 zGhzjF4SinG^m_4{Ak-lNnIOD)3G*dq_UZM(GJ1ju?e>xRl&nn9#m$hfnCIJd<$^lD z_dESen`e~yjV^yPgpz$mpJEIYx7m}7 z1;`Ua8LSlQcHi@B>1zi?uSI6jw4SafIC3B1+$HJ`lCEG;moa9#GP=kLhW4??aeKhg z%q6SRbM5r4G>MB6KXKDR`c8@a0$c0=ITYz*lsp@7VQvF`{@}G=M_(B@;}@Fxg0AB^ zvY2ozAgZ0DJ_Xcm%qmW&+5FJx_Nn6CmC5w^k7nO=^gdu z2P`Z6iuo_;5msJv_Dkkd`bnmzqkBNDA6p;yL2(UqEBgcZ1zdtw`+z4vKahhEfIhAG zQVTQ)E?{TY!Jgt6aON=)`>Z&{1{m`V%BA!p038H;lY$12^g`oIU5kmP@kWvBx8ymN zKVY!dx4J(}iSd@N2r+dlN=yI^nIV7>;sO{j@yz&j2tQi-5}lK-0~*t_TmHnvH;1M+)dc`=vq=_ zg9AY;&~Z-i=)6G2v3uh;I5&3&%Z>zU0m}B9bPPBCD#Ipn} zN>-c|Cs3h!3qJ6uM-Fo72?MRswpSsdvCOQnlQ|1DN2E8n%YHmtM(^v zF1#kaX8cCY4?7_m@cYOO%5{JEeo zinTODf(~`NMV2Tf4Z2_l6-g_4pE?RM7y|+JDI%B!NlFsMor3Q(lUs@my9ugmjl2H zYIAN1CuUsUoZ02Wth{8B3^!+AyPiHWl((b~=B=MqGFaEhF-R$vD)Y#=s|!%`=tvEE zp-Dt3Qve!ihjT%04c;>u`G%sWPMlr-sL@1%DdXs!>NRDQ$BDu%j)^=8CQN{VZYyRA z`aRG=1PvqMhS+p%r&wVZPpeqka)F?*6FEmt(+NOm{YsWv#VYDMm}+-|m8K?^cM^Y@ zS!EPxxRvy=bkqhdYbaw@#2hu|!vqtegJG#Pt44A!c1WhMY_v7CWKz)h6ph6sj=RPoH4E>jJX z8=Z+I&G!#WkU+M(SHd9hgGdS1Qa4o?O|p*7E@hHp2B5QO$r|MTe1~|HWsL-ukVzI~ zW5ctVnHLJfG9W*&4N}V}b0vyK1Us>;Vwq4Ju@@p_g~(nW>X^^;`SFIO1WgG8ub)2m z=*a`H0s0dwzG|z;!m0ohsyiK}Yiu*~)@f)~egXwrB4HqUV&x^bm9Yt#s+G^c9^HF# zmOkv2YC;yn@(6e+77?{88EbrAPfS!Db4`ecaF7R6MT5XhD4?Ve* z1eOBOMkFr6&Z%=##RD>a9Q$Gw`d2h2vmVIVcZ^N$W6G(mlO@Z8-G*4KYtqT+cM!?f zDlRomiGFeQ8IKt^TiA%PuUsuhz^$AVWJkIr&~ua`2nL|Q4NEm@S^QgAmso5eaVgaq zPm5yPC}Hu;0R$)}tyHvDE%4u(u^ev9N5P<_NM?5Cjcnan$g7dN&3r=WcO#hnwknHb zpdltT7~!s)l&Y~6UcrC~*;Xvul2&XO%O8CqG}fIdNV&Kl#PN?TL%Z#mO%hK2KcsEl+~!y(^AmPjk5M za%CFFz=NsKA10r-cmhzy))^+Qnc2|r?`qlr7Mcu2r%#3!HG~j;9^{;#Q0MVb4}n!Q z85GOr*s3PX8J_rROYu2&ox)K{p$y592eehhTQ(YMg*Y#ZfXm23TkPyS;w59OMO}1$ zTk9_htj$(CESK;|>tLfVwU&)IM(eX18m{2ena9ce1eoEsw(jtg1}74t#-Jm3Np%rh z*5S`bz`Li-JXb$(-KYS!fbrdoYPa2ws<4JHEY>euWE$OXiNi#|z<;jqV=F;WJKkyB zvi4piA6lxnw;1U}u?sudeQX`te{R^*s|{w`58A9>Sh*KVUN6|?YKMDZKGMh{rN$B` zW7xJU4@3xoXnGV{df{2Q?klvM_7XK&p%_vC>War{@69qCpe$eVxCpRb@gv|wM#mNo zlGCDa`^?1D!sT9yXkoGEerWeA^;_2@EkSIyA6sgjrb2eF= znX+WdY0Q1DyX7lTs7SFArOK46Fg6Gn(Wc#5Yki@^GK=-w88qneN~={tM+{i1%VqCE z!hl_V^^4yO+v}$5_8DiqUK89l(G9oUcgJ1#d})%$9(ZU!g&(Z&?3Xw5p5klY>Q-s0 zX~5})L9@(Z{{1n}0`o1j$XBY=s8*|9ofC#MYS5(FH@qos!qE@2Irg)PvixsGfba6y|c-I4_q*_2KN&d zzV77Vgk_RX03VT~QNqFk`0zf0kLV-$$i93Z#YYvf`gut_4z|RHOqyEV>ayF)-Hs1C z2;x_cEcO#EaIu>OX^-K?v)~{?%U%c2|3RU}?t?%Zdsl|Q_;%nPi$vt_+a+{2ee6^0 z0)*KFj2&Qi;o!KVMO}}7P7v=Z_yiL;{Sl|gCa5&3jL&WA;8^l=y2Bh2af~O>|LwPl PrN01{BPHPXGwO`#%R7pr8Wxzk&ZbrUC%q{{*`; z8}R=F{*NO7Py#psJOLH}vw!9YaQ_#90d4@3f4ypK+7kdR9|5WK~!el z%^Xe~QZJQW;Ukbc`p{#!a4<+^z*?E4IR`CMly7lrM2<(|zQd`kPrl#gQ8HQNbd($RgJQR{MyU&U`bRT5SYyn z*>X#La~lVD**QVG@Byz1#Ihd)j~EPv+07Pf-)2n2MNe2cXbH&OCmBp6%avOt3R$vf ze4I|qWI;+B%ZYs|YLXQ$B%mv{H!w=%lvjUBPa2zMS3M*nYW5HKFa1GV9{mN!1n3KS z9=)!Ng-d%JDoJ1#ncKu&XJ70Jiq?-xwHM#MX8{Ok%EAFhXYXh#^zSuWbP=-D%H9x` zG#ex)kgA$eV2h}zWz?z!RYCMLpGB>^N>Gx#gH@hIWC36x)Qt$pkZk4xIWkLJMs5*y z_Ln3?0k-*bIT4F!f2Vba%uj+c zHSAWKmdP{?_S8=H2`VD1b^NpOO$^COZ>)!`sdx6OCy7K1-C3@IaMu~w_b9DDr8)$_ zcE%TH9PWcGF^N^ax)>~~%4M5J>m@2-8&>%vMvTXGKkDrLt!}*p-ml_%gH@MmlM)d# zPPTmW>NZRWpQRj(#<^I2%AFGN0Z|v8ekE_jU1Mc}uVZ(C?P98+Gib|DR4A>*t7&VY z7K7Hqtbq_hh61w;ePvH3PfJCZ^OCB9xVwVc{F>}jKyGR6k3G9w2X!3!ev|V2hL!P^ z;96hzyK}72UmUqshk<-T8O7_9;9`vJ}6P4uJ1P zqwP@&Xz7aHoprz?#VL_RkwK{(DRSD9G5zQX^T1Z|1q?dkkx7%1twQjA30E0y2#N>+ zIA;Zd4G>a;%7&q+Km<~q-&P#fS!&C8BmL`sK?3?-q~c*z1z~AzDFD&pzxLC7;cl~- zjO^dZ$;3h~gSow_BKb`?pCN2Tz3yR@F8r2jh8GLly$q9>8<9i|5`m0-$Wn&?( z#wdrH4XpzbCtib4l|)cX9yO#LHLL2cC2p*k8F=>tQ%FURHSGtf`!A}|?uP5X1sRQG zMYGOO|8PX>5-(e8c%u2A5i;hmn5qHNoigng zi*`4bJjPs!JB(-YZ!Ul$d`w}mwJtUw_FEZ|jDn%<%YtVR zGE$OTx|qdvUPyk?({WKFw?arHSH?5U@z%kBM?CNeVXboOiayzjnF|f6Iv1JK^fn-#4N*_n`>nVHgP$*J3U}#UCQ^Rq5-WSHVv=`~ zvvd&jorP&xo`+DF?c4!12|%T@nh-?z)3C)FFyV0sO~KuV7In8giV!;1#V21!s@Ci- z3-!XONJc==g9XaQj3Q&1r*1PqOBYbWK+Ptt}KR&9x7&$2kttC`c20 zNv<7b41Mx7tYSE%xsBu%=5(;icQM&-MztX5sn z_@he$-yyfJA(4@zf{f3(KA3z5VEs94jXB5|ioZe72;2tYdYAtF29Uf8LNkEGbdjVB zwhau%Fv1{F!qOwj<64r!-qTUHGBK@=Q7RxV0wpK39O$)!8{)%;CmyUhSwWt0LtrNBP3vg4$F1kY-jNiqqMtAid@Xv?4Wh*s9>bH9S=(~ zsN;!@YGep%CWdsm+u@bJn&X*}oN`GpQdw7miPi1uo8?QuD7oPtpK}`s_YmF!?`a7Y zLXEM6QcipeX0|4>{RWSP+FP;Z;p<)tydu8_WaLhY5&zI&4%@ob@`s7!s*UlP7|#0n zCH+rHPDw0-4w5YPNjc(}FvKVBrYWv?r2d&z(~Jv;0=Ge0_?vFsSBZ(#QyADC0%&cP zEosv^gIHe)RS!m+Fx@Y^rs4bSsOK5wQ&lq+hLi$QZ?>p>Lvzs?iKS z;r-|S7~x=ocIqpiQAB1|5SI9t57%{GP@-46MZ+-zq^ezwIiC3h}0I8Zm> zn!Lh6io{2UB_A;s&9wQj#u5TYFt1R)z%$yI>3lxVAmAK{x)Ej#TU>ti6>{)oCLNVG z#^38$yAv|ckVOg)cwIi zcmkK`xh$NR!^_-*N;;(Ge%BL z{w2#5HeSSHY+A}|-WY%z*U2oX7vSeSW=~A9BOPPVQ~y> z{xLO0WTLCzoyl{aF1&C*RYtIvit|zE0dhg1z{1fFGAo5Jg$O|lWk_Tt~Som!=FwZAvl925MFH)_!_60C$d^cAJruVGJXBkS%RR z*Sn{TZP6O2pfHMRFj9q=wZMlhuB2sEHpdc=<^z_qlCkH+FGNxuszQp~w~U%^wQHP6 zk68ZUg6_*Q99A6wb%2H+^H@S9S9~hgq)%-!h{lSOZW|TZBYA(b7EQ3nPu}Fhwk@dW zye{TCGFb6=6IB}3qS2$y_6uErG=&F60Z5NOc=A(35V1HR_;=DT=^EqQq6`@ElL3zd zC3=!%Is7VK{cxIWwGKv731(Iai)z{$aZQ*LaY>nZd9vAi)s^pAxPjt5w_>$Dr!RJ= z>BZq=eIyDKaiO4DD7mY@3C37avQ?tcoLovl0Qdy9##$&zd~cXa)D88qqdf??Ioy)b zp1rl{oY8$zX7LHITn%RAy}weQg8M$)ELIsrNnZE@{=02xH|!Vz zLpl$6idU1rC6aZ8T>i&TV3d>QpU`3i=?Bt)v518b?B)?$^NA;y{tsEx(B6nCL(O#rD#US*hbi?|f$vEQKBvAfRT>iuZH=_1yNO~^_o$8lu)iT#9CUF; z2UCR#{CY_fI&5LUX0A+kCs!)XF%2^Ad-25Sw$}4^9{EXIVL>(Whoi5j)S`n`kFg_# zy6yWQ;X0CUNt#S{?h<%Hua4N20bJ4Py(86o8XHh1Damj#$zL zx*hAZ{)AiOgI4JJWrQ7SR0E_Jx+oDsQ=9YMz(!*;F1$PMa>)rV2tj;NGBM?VxhbTM zMg~GMENH`z;ddy(>6&yC{aK4x_;H0IfV9@%4T%B z4go)c2u+s8^(p~D=S*0uFAVObM zBP2inVSG58L8o|iU7H1S1eFQGcA##>OI2 z*nUIVP%%%XDwCk-WA#ea#_Bo6o1nJ@+cbG2L=~nVBCTdrKO)g(f+%U5*e=8}cZY74 z8Qc`%Sn||V;-`IGHiWJOp&F_K$w^BFH_{}!%paAleg zZ!$=G=a)OgdO)AVXrqH75Nq{+9Qa@V@wISK3?l9FMX4d>bd3&q!~Br$8t_)SgAhW~ zc59T4KlxJT55VP^LPJ7eEXFoYFCUPmWgWv%Q7POcEk3v(BU0H`G)5iSX9oiTmP=5q zi%?PVO}28sW8xOMW#RE=Vam=qY@dj5z}Z~H+}1NwL3MdX?A27s^*r3|=_Q-N>A5b| z>NxU(_Wo`L0NESOB^-Dr>{zCv!(v_RW(E{iFQhogh#dZ zq^A2pH^z?~${>iAv7TNMTQnnU>%B|i=u3>2Q#7sn7zhb%8EJhU)hLDjNDSinBwUUE zI4d@&YYW9|^$w6rf~?T1PGag{j=hV&tMqkjTRbjU7eNg#6xf~tC>wj2EsQ#Gu0;er zz3%%wH^BM6K$}+6#LZ*yOUkST53)*u1DKa29pBh@Cv_3p-v}JlHT9AVRdESszwA2_ z5LGC!|8-MNUs+9KKEg*BYeS=<_{%zB2ojqeP)y#4e%~PeNvZ?eDk}hQ;N20WeIK^) z6>ljV?FfrT)WaG@C)bWSoNPu;B)!?|0{@6FNzJ+Ifxt%%r*@Xl%uQY3g92G1569H$oxH;2Um=qR?t?mEuATOwZOu_^j8SfMh}l&D zak{aQ<}c{9NqPj60-cVi@l72z`r$RC$j_%xQlntw3F*KxJeW)Hu?V#hFX(q}KeEML zwMo+~&AYKhTUUF?cfKD()-l{pKH5Lion8>e1@5Sn#V{#eKfw8Y!fPZSQ|N)Vw3tSS z*xslRUk<^E$>PTK&98Tn^pZd470%114Luo=={CGDdzC``UTuN`2-{HNTd5`IijyG~ zEt7Nu>ae)Px1!AW#qpxGQd^DYAJRNOJz~EuE|^#bSmm658TM)vk*;5fe4>9J?7ZJX z3w=AQ&`gjkdm6+Kvg3H(r|16O{O>h_{Q&-WJMaP zS!g}6qOrRdFXDK;-pKL*IVCLC3@-wQ#mOH+TgNIU88pIg6cRl=UF;y_-JhWf3o=;h zqXGm0BJT%CuFSp77>m5$97qD zCpOfZ#tyc#g2QNja(qXdjkv2e#3q>|9Aw(Iz6Wi4dz>`JVPujnlxm4OstKZjNlaTc zm9Y6}8)m4+A8@dppngz5ubtuNA>Sg!{@R=Cx-WY9$plD0e6ID?QzoiQV@WcF)o?c z#hRv^ASJoJ4BH4FksNh|8F$^k4iqEdD~VDvx_{Z`ylFXbseC3@&y2Iaf@@Nhi+Is# zoErewxTF%1um_{LoMnK!;W%p1_&i29O3k+*8E~I9WU`=_o-1vZ9YgQ}m<*YpByeNh zHbqy3=|DrrrS^0Hn_^G-`+sWgffg9Qe+2Cl-Xc~ahzGSvk*6;(Bl5Dry(Ptsgzi%N zKG}g##nejkcvV{y<%fBood5U+7Y_YZmn^4F0rQ3ac~ubyy|P&^2JWg}JOD&hu?vDZ zPl-pD8LCq5e&!KEPX;WuCb)}MoTGs-9g@`srUi)4PkKq<5(a3=%16L(BX5ujA7t+A za5;9CPHo8IB@Pg_?vwz(cp+}z;ZR%lr{ya;@u9)eq6jbkTzH!~B(JLxfjL$c#G0)@ zQgxO3&NLItf&lQV;^6O+F>FDt#qL&OSYhqi4o$F^`Td`~TU-F&=CjBdp7gF~;-*>KeHgI+_Ua?w6@OmhdQYl#C??9?mXrW4owxWofFMTb#+vL- ztOY%&d6QGDAy&>Icd&-lwm9JVGAn_tlCJk#-C@$ye&Hcv*)nCKKtQ)@O_R^Ky3;JFBzE_#HDjh%qQ*_w%SAC&S#o z7?wttOi}-qp`s5aA^V%BN=kKRqW@+oldptT2VvbzdjAmgt}^#492$ykevQ=c(fHJL z#}q0ydH@f02T^}(FGg)KoUow~-dg3zv;6gyhu_qv{Un9&y5VvW=aj7{ zi+`B9zSRpCfKV6W^fZULkYN2I9jwxB4~}A#5pWei^8EEt9=^c~N}iSuEuq^1i&`n! z2S8&BdM3_Hz=l-6O^s{N)2QQvvxX|&AyP-0M;Bv=`Niv06*IeZA6jyp(0C)co4C4_oELAqo`evy0{cL_?rSDvPp&SqJ1t0FU7?%LN~mH_sha(x#g~+=jZwo z?AYJ$*3&&4@f8&3wLAvID71r|`R*C%9z??5#yvO?ES zVFhHUlw7HCldh~T>=k+BjhHZte}tZWln!>#IsMUUe?%QeY9U3SYHNsm_3PSCTPABS zKq)xCa;dhDLFXQ!4gc~t>AKnVR6JM+(Y?AbGG9UEU=Lkm!0amy_ zd30pam7?=xGEYmHd8Mkb&DN(-e+g`yKg>6!(ziS!@k)$C;1i@!I;E7zzr~zbK zLGzTMQ2BE-@MPYsR^N4X*m#*jF>o7Qg&#`DeNE9*ehrcwv^nR~J@-WSW0}muK+m(C zksI4T<*h`zZ0AckKT2B|4I-*xhSa{`LLQG7*=_S+ z9)p=g!tm)qD}|U4!1Z5+1r`+OkY8jJfH5**`0eToubf0r2+LumD#6)~w}yha&dc%K z_%r0Ap@8n#$q}=xNa&Dj%T7CJ?o{bpaq(UfGp3pz6Z$y}h!+DwFD#n%u#1iMQlDeHB#U;k$q%pbley zRVfCVC<=3epUjwrHlb;ip+<2$)$Orb6$_gqD6+v|npEsLbRl>JmrtT1bcz!JGRjwm z-gGE|oS@Ord22<5v~alalWI?cCoMs&payXfiAK2#I#7V&1avpFZ`A4>F?%j5=&~W& zw7?3cF%(NzdIh7_pOH~#e>)l58Ni0UXzT)s#~h)6{CkqGCgvrN5q-X1tSz>5h;>n$?`nFFeQXYG`;4hC#DMhO6v_NW;nJE z_TedFZa?K{AEbwjU4N9O!--tl0DKg{(uo``Fy3~~$qnKL)p|Ga=5<&$MSlh^H9Spt zJt~7*{CNuS3V^c7zc~hF5UU>@k@0dCVH%MXm-%eIabS9Wh%K=wJ8l;zK^x$Vne(HE zXRRhJHX)139eUsf68{vj&1%ztgM0@wb;y+Lh)mwz5(7mQS!H&9?E@>+ErXo!eZAcj zbOrEEOJ(F>PP?r#-SlNQOIrq|j{_GtgzBd82`Hn1k>~tlc^$q)v1!_KWp2w#N~uWK zv`AA&uH3G*q2TPn`}8lL>$tPlZz49(&HL30k+9NxxuVta5QByFN%f?2#2%_;JLU2a z<;4GfO6)q;<)E6Shi)=|6Tj8D`ReLu6%{E8=n{iuetrjJ_Zxjq&km$k@Qc;bsKaSP z6#l*|5RN4O`MiFp+Tg2TZn2`k2J>E}ZW$%j!$9l7*p?$dlRO9wLTzcJo z)^Um$_%>Nv)F(RW@?FQ2xkF zghv`{3p_1BqT{aJML?cJv3S@-6h=fv1R@3da&h%_QSNLqN0B?udhckj_9#(CxEhfk zY%6x>p>WHgF#fL6zXOmmxN-=%G-IL55tC)H1@~aP<Ta)0o0DFwou|~iLFQwWuB=ep z6z?`$pLwtd_Ym?^fC4#S^k}?26>fgpoRt6s(>=K9f{p=nByeeIvD6VG|60^3c5v4z zH^{K9H<*m)W2kn1COb$+!y-!}Fy9S-TUr8-_c|aVbcX?b+{Y%4R#20z!gp4O6FAte z9}!A>`LtqDa&Wj5w)OjaTIKjh6#zY3Vw_8jNutifp4k?7h+S0jlZ^_MwuJF%Q1}V> zKKf2WzAbum0xkVrD&+Dw!%bkUJXljO8b@@pUxGvm=*;*4$S6l8@M`@IJ3M*P)xnuF zku@5Mq&UBHA_tfscUr9lZW07>!c0s_UDJ#C6T_jWwChdXwtO$nbCv}qJ zj;gRcS%pPX;(z&JVB(W=h3D3iv8?&iGtO3=vvgPGNT<)-1wQ%A3FW830(pE6(P7ap zKx!6M@5i+ti?x6+%4-HEU@iHaV8tf{@oBEZ=ufIz7*YPws|pPIot?5pPp&@AN@cf9 zK|UPx+grPb+{Y+ujgVr)xr8Ns) zNvG;3jrm}aJDo$Uy=4P=jx@&A>I%+gD)CawPz)(DI!4JHg*mOzT@FlDXy zQ@ItqDVLXU3^TqK(Uj!*wct)5S>g?$?jSI8@he*xCHprNCx!&$sP2Bg1!LQn$i1vg zs8ATF;5xjTZ27Zj1-9}kJ>@>&oM5Q_=g?VYXgHW~I7@+ca3B~Y@^L@NcjJ~W32$&iUG6Y8ubq69?uc4L9}8ySze*gFWxAK)wy$}y0YIbNvQ9tgWMOGDW55y z%hPilm1Nn0PuuZ;FFrZUQyX-k{-+srSp1j0EryC2cjL(rRZ+g~BBT@|gz!Gb_bgjW zxi1>$c9caZ(~**M@77cnhfO(3a-w|`gIHf^s|LsKezfBW*HpA4t!VEfjStFyneOd} z5Ne1#bWc5IDIz;dpeS<0WkmuPLV$LNQs<)$B8@M|I_Q7xCNnU4sdd9PJZp|k1opO_ zO8GfraYFK%O;2_!im#OqX%Q)&Hh$`4bf$QDhHQD{!x&@U^mrI3kU&cvrIwrN`QnxQ zxhY(_ST*1?4oeW2c>6-VED5`MdkbBX1<4_y2~}*IqY88{bM;-Kz{#r~MrGR>_O8^a zFiW)khJd*_WzDM69ixXp{P9<|^w)RD;;ErHgY4(hiSS5O8y1GzI8witc3RSAW1SH+ zr~pSsBU<7)=2%7(EXi@F{FF4!0N0_|FU9Wi-VxTbW!lY4#W}jOp>1;<^dvO*8FfP9 zzcmAPopz3C~J2HGu_Kupe~Rw%bmP|W)%ys8{TT*N z>64(HNQ~?WwZ?XxQH0H-%e00s_N$B;u)%-ndl|icD zkqUNC&yIX|&hRZr*!!Gweip&)apXrxom*9Kec00Hc!V%YR5xJRp=P#$sW9FZU_ zl#98YyjlC=LF|0LzHM=Y{5#ad%MR(anD%{Td~rfLQE46mNfEUP9bNeNc) zO><5SEc#Q-2!Z*6j+K@ol|k+Z>b&%M131nFdS(Lo9+DcPkk@I&B(AW{9`?)kL0xDf zxPU03EjZI2G>YO{+1xmcz=C?&SgXG&8m12badFbJto*@@DiaR=7_7binOGBpQP@Te zUFQWmoRxzNS+dqLGE1oe$uR_ z<86`5U4nLrxA#&xQN|NyyxX~@Gdu)2WZF9t*rA#}7hMf?cs!v2xg!StrlXA6X(?k3 zaq|@wx{J!>?So8|V8m3XH1mEIBf}y{goHPTCu+I@a0%Ik^^U%uNvV>NF46B@bwktc_?S;^`VGoqjs*8 zb(!~jG&(PXLWu1J*$1^$(QyPJQagU_(5;#j043pujY2>XeUxA0LUMU6JR8HpzgKj$GJ2&Ei#*-2nw$9-fc&>dx zjQR6a6~-wuQJHk93eK#B_~8&8hF_F*L{E-RQX!0C38mGom8)ErEwZZA*x&>o)8pm` zNxpQfQLT9!9XXck2}`r8t#A>XyAV0(46IW)AM5YB&~2dzJt~fbm9_Lhckd4I6Y3HO z{7{@9R^fbI)=Zn1SKT6i}g5 z#A=36YV0GI0wHnd8}&#&`cb*|77UHzUpiI_U--b!@-UtQz0WlhpICzmR6^Z^H`cWA z`$O)TGU46`5T2hb6ID%rGo!7Sw(P0)bI>xgl}QoiWhy5Xsbeux-L>xSWbSiJh_&~0 zJ(>rV=&y475nA!2q4swRa5tmig-XRHb&g!p zdI0ap-3E-9X9EpbK0w0VQaV2gR~o;sI}8{MAYD>kkQPMAWN4=hj%F40O<}@cO_wyi zw3)d!Po+%jL`cDne{qyo!w&PvFj7LNCQ;#k3sq^|B<9tx3xH#>?(-v2R6cruPqh3( zl#*LvPmSk)n+`3g^UDRrB14SOUrSE?>l`K#VvqEWAFv0wzVn9_cElARjRHS4(KPn< zDKVK;6=BUE2%A+r<8e9S+L>;~vm#FN^U(?ngYbJz6?dFetb(sG*Wr(@xPEi_%7)a$ zltJ@;4n^2@^YlGP)>qlOJHs+Knz?pWGe*$ZmIH#sO<{=@aapcUw9n#zcda>PTn9om z1?vc!{$ib>5f3+0#$2F*b*6;z$YKjDHGoY+1*9x9EB#)@-TN))%`da=GZdtUO_VAXNGTmlhP{N z-UFf|Lxq|Z*Tnj9>Bvd@!|Q#LfFQwXds=0!=V*x0Je68|MMg585SL1A6Lp&Cn$xV{ zS6V?ov9`WUBuYSIZ~!+2|6`IF>OKcWP$ZtWuS5@c{91jt*7+#*dX@^a58qKMD!`Fb zBnokj6pU0dS?O9FoZ+MtJBGf!)^#NsQ#tdf5)kJB8(FBt@(Vj2T3C{OhKdb85(@rv z7|PTVg1Ze0SWEp)Xi#?KxA$|8Zl?;#INzY$K#10)Y+Q^dDM{22-dG5wr0(H!l*wI5 z-8n=dm+DuMBQ-Xnwum9NfDTEKk&WL^Iqx?1vW!s(S_M8B<`w68oWqiQVl+0RGk`3X zQ90BzM`#g;I z;qva~C8(*3@n$r!zfG#0I|#83$(Wt)*F-uf-xy{W7e8XVPLBB;TNVzuMEPcaK*~05 zAU&y-f%A2>2V2He?YFh~S6DRzg}d|A1<0D^Tz|;f2;*!O)kM zr@goByVAtApW8leanmF=^0Xlz=9u37X&A5|z+lFnQtWQLD|(w+Rves|v;AX-CW(aRE~B%z%9(Zk?GB zPS$Gqc35$T^Qqg^yr4M{;D0k*NeGO6B1Z_KXdeVQ>Rn9*QaX`KMV5wxXLeP7A&^B_ zq(_`9i2z9%>CIkgqg@Sgu*&hiN?5k@WVBbu+cBgU4=yTfX*gRtncHl^PCLII%rnzO z=>({gVhjVpSXS_;-KrEWjt~*}i&@$XSJl267^ERi(D-ou8+`(hF^9}66d!x`HX!jx zJdHnRxBzxSM)Py(HxnK&K0cOCNmzQ_epF8lNl=|B3C!9M!u!qI*4EB$K?9GPmlQNt}r9DQeF-6yz`J#zV)di-c&Vf z+1sGn{20c4Z&>zWyD4Ym8@PeK?3>L5)9Y8HtdQxDGg)`kTZk3e!iN28$ly<)D(Tei zCB8SZyAfo3!Pb6ufFF%;>24 z-0xA3Z_pLLwtc!@^RyQZY!CWk*K6l(;)2rt=E%Cbz^|<#qqF;mvjdLq4(t_gFDpH9%<{&4l|@ujKL(X8I^PZrf@K6ZqZ^-QWitQD_FB3+RRaf=^qGw0dV z;%aILMfT;oG}A$dc>JW$cG#n3pROZnM4zeUn#)-G*q2%n;-%k}Pt*i9R#f)u<{pfb zE;8f5y0|DV^PMbU+;LuWIT1O}8AFUf1H@=>CWEDjmz3@bR3Q({RCmzXoT*hgi}S;z zV@eAvx7VE#kq&&0#q0(tFjFtCiLp{Ojts%FsD+3iW9Gtyl8x7JU(~eT1o;-JcBIds zW2COsgB-Xz5HF8*iWS(l!Xi<=KXzON{IOPsMClS^6U^#pVu4eDl(LgDq?AOsUx93* zDnQtlnw+z1x|#kaHF^xt%)aHDqD2RO@oz-J7Y1oRDoP$!H*c-v)_+ zbqxz1_8=bbZ=W61PW*(7Pw*w0R)$!EjlSO=3BJ=YW+rCH{M$K-c>0Y*eKh~u_TF5l zSQU=?Jd7UuGLKDSh$i;(Y00qf=1-Rn$Kh4LzsB!7TTancfSg;$)dKe4w1C#o^_$tx zkZJ;VDqnO{21@(;L(A9bkQ9rSu9p^)0R}EFk!hZBd#7g8n8IU=^+1U& zFig`+^qc)thsrCeZa4j`%pB^QzQ_vF%5SU)=raOrw$Ml|O7bQH3@V(hJD!u~@3rE_ zFcfW}rnHpCDKRG9;w+3Z=fUb(Fl9uY@Q{^lf67XNz9=(Feu?p1;oVb$Yn`)mrMQ*U$CnRBv?yQV*VwGBuh=XxIXp@C_WBuiKP%}lG1 z{elPeTOCOgcJW~Sh6oz4UAc1>2O~RYRW>VL(lDkj+7#L?G9*(bfv7G-Z7LsC;jUCC4F(t2}b9OqgV88Yo zRR<*5SJ{Q|x3LC=tpYO2@+c%Op(4ay%TOhQRSdM8JRsUlffzycZ?7i8cy1P@xRJs) z{ik3OV^I7_2xc{z^VVL#F<`N{&5?6m!cYtsVH7iKa25X|``P`POiSKf`4oz*GE?;zGBFt_@X?6;{bad!ByG5kl0AkX16wWRI5L1WYDMyV#tTvu0 zMBglnKiqtp2PzxGRed2GR1WHy!W z@Q)tX`Wfygi!L@vW1lnWbg)9kR03X3<#5p|^SK=rGj9Rcmi)ej_>*`_q@QmnLYVMK zedXh*LrSm`ZXDX~_31?r;ed0K?qsTlC7gdacc%IYpon@GpMnA7EX-QC7ttA8EY=yEG?X3rLj zu{V!wH$0yqqaxM}D(1YP^sxYgG4`%?V%xuL9d~DfRQ4{X4YS%O$w%NTOk>?;-c6o> zhkE09w+#o>*>tPqvXbGU_eX_#oZ#y`o;Mn+k=F7f$$jXG0-215}xR|%k6M6m8xk+2* zadQ#-EAE8UTv(C#$h@3XyWf_&o4t4h^l9-zKq(T{`&*Sz=iza*D=4{RA{D{*AXxUN zyYVgh_3_Tu{x601?^CR%136diJ484wL!{TA^Av8v)Ji9|ZRyt`nmo`X)ViPBqN*#i z#=KuY2DdLs3M6ko^_-_LL3UH>`%Thj!+dx&=e^E8u5WK$YwX3M!{iBSGxAf%wF>as znop8zpIm3t>|7F}`|{rNPr|!;Xq(BqT5>{3hZsQUtaNm!jzl^2?{C3z zbZtPVgw>_f zbJ$NZ^y9=L0^l#d65lH}f@acYdPJH=xq{L!&LeCm|k$|*#KDqw!@ z{xh-KD-ihaGcTB4VL}Ar4Q307?&Ss%Jpz#zCX_9r9^TVxLaM^Fgd@po1nthyuBgM6YZlp}lO-mH)zwrjKgFt{ zGGlF}W6Mq1>6IdgnOtF;7#%1zhD>tTLHZ7l+Y366Ss}yNEZ_)!RXkrW1^Cnzfc82>A45tQy^C76*-FbR^;b1BYF z>_CG7TziwM0BXAO0`XG?E`6U*d5+!fV`UMjKuNPg)|o&F2#W~)q6%y8uY3Iul6y?0 zzL48Wm><$@=$45_I|ft$44_KXq$#ja7%Bw4;Gzd=AGOG7GJpUN?h6Q~nF1^!&k426 zR#ZPJ!Ji@^d`qEKLzxVUbd<2H6;oKFF*h2hp*t0g5lD`$y};_yN*Kxy?&v; z6C2#B?``ykK34xfzc&OCYz_xX==Feu5d-ham5FBvk{7LBmfx})V-%=DBh3pKA!XX0 zr~?%?27-q>7=DKnGycLP>uXe2xsU}lP1D*P@Qx&KD;DQ}0 zLJ{WHBu|xwm8lkiz`HawMUczkAUK$myJAnP+OgXh6pMhnm<~uiXecQYj?n5eL28t| z;RkgSY77EWh70*6q&V;Po_r|80+;DPg(dD$a9mlO^Hk*GO%vKzh>AwuHYDd-yo9{W zTA(=c2Pr~uBDFy%ks26F{|J}YTuWL@#}ui;&Iu9Yu)&VgDXhe&1xHqiDS{?w(aWS4 zG=T2WCQwv7&1Vo{rJLqXhRundO|BU)x*B^@*>KepxM}LbA&aY86`Pw_9VC-4pk{TX z4bq3?w!E7ej-XjK&g{KG^0vd{d=R76np8qAqN30AQtCA7qK%bpe-%~ULWK|tQYVa~ zV#P6AS5J+9u4e;qxKKlJ1^vlQ_CU-`KHd=PUQJ6*T9~QTms-@~x~3QIj|Uf>@>>W3 zd93mcTp6z#jzVpbZlaXhY|qxw!INswng?R4{app5XNG!9Gu1=dTVHN?A+OQ~buffMG#-$wsUTA#`pzsHi9voFtoJBsK!fM`@iayDotp`a~(@ zqb2s|YB|)(+n3|#=vrbSez_unj$4#9k5CvRdDmenZqzTHI&8=nBwc7R1OgY3ccdHU{^fnIK2-9k&8Rn(~m7B9cnB zY`{upJcY+xoP*en=_${fSiSh|FoIHFE5WiNBrkw_VqZ`&voa|KAadej75Ilv%qT#x zq@_P86c5ka;pD*qqIpcuafA{sUO7#oWF*B2Im{|7H@@S>spWPeF~|Xb@l`^WgMwlq zDw?tYX#r41`IEMUx~D%f5|#G=%BX^BiYXHp2V&k#;V=smqW1RlC&!AY6v`zu^(PF_ zR;CyyrKdnTe5mu9$}3;y@sn_mG*y9^aGIw=Db^%H+PnshJ%7!JAp;bM(1mq?;Y3}+ z8bFi_3qXTP;AyQrl^2M47L4d!1rkbDcGrOVJ*F1@$r;&Go~SVgY+!A~kpqE2R1jmN zf-DJ}MLq9CPvRI!mMGeQY+H=nsTXjDFu!9CAw0$L6#*L{5u;bBDms$LeDZ#8TEiS) zPG%b{AlbKAR_*3trJ10SL&SF>&Q1n4&jg7Lw^##FT$%XC7faQ-#BU}R%y%lQi6D5N zIWa}ct_TWJ)i))-VVVOGKX9)#%r{#}^)WaV9~q`WjBp<_R@_@M;}YK3ySKzX)@V87 z>}!1>cHSKl{L{J%*vVAMv)Bn2#MI*wSWj3_*i_6fWUX@V1$ZJE?2Z@*1-Vxr@G06> zEAbYQ(?Rv93hr8gDz2U$@qo2IR&bFacul6v44ea}_|2+8DufQw8hf{m!?5O?FWi^7 zKy^I^W0>K_0wT6g0F>H803c`v(O&9XDmI6bMHnIFb~d><3Ff!pX+hb$S>a`PBu#`9 z1vVW(&9leOK;yA_8&VYs;P!0`*lPhB1(pCPCJE8?6x%1)N|%5tK3D(_ z<3;l+-b^O|8d!b-WvgHT|Kkty$YYp`iMFEr6nvtd32mq zt4r@xXuvg&M)>ITel17zJE{6M#us8K>||PUWc=c#FsaoNtYj)oV^@9~iM`xSlXejY z*F;CLPaumYH%4j)M$|ZvekY#+f%h9aS~gV9&l3HVKoAXke7q2JBxEsufNcB)439iB zq~^_~Nm)m;q~5Sv5QCGhgO=&<;fR1ZVj*Zlg56~JdHvniWb3Xh9ldNIYA9F6ke4~} zkoU0Njl{CX1#2+;5aEjWZ8HX-FnPrKKN{e)=tU$cNgoqlpRSxYi-IGL(KJ5A!XrTx zcw&K~V^aD%NIs)L(v=1y7mN?P!G{R5fpA1U-=eKK_H|DZ5&1uD@Oi#P5(3OkG&zC6 z#d}qN)uPh&CWKso4pA`12GR7a5^i)OzGo-FOmFm=q@!ZkRFV?X#DffxMfX9%sKGjo zoS;N1nqBoR8rxiA~ZO2Dhe zvpYoq8yja(ePiRO^Q^r}`EQc)z#KKK32Mb_v67m{2=bGRzF}25xUx)WR3(v)MFV3{ zM|y&S_=evp19l*1V4W`HeRCL|kW^f&e}Jcdz6AwshB}lKSepAI2f>NOVBog3!jPZV z_6%rNu`Nw^(AKFFUZNBNaddQl$RpE%Oc0~E*`85cDUet~L56|&j=gltmq|^vGGmKm zF##;r6e(&TvCBjP-couc(M6C{zJtJu9dXp9ssiiIRhq<2qS`G^7}{tcMZ=D%N0ZIg znM)ZN6lF6=G$alfMY4}10l9C`REbO09=>vc4RyNoogG^k7tnT;lyWAQHlRsOD z(zyzGid%qK5`YykuismRLRHQo` zkO4HKydX%58)U{R35qP_hl)_auw$b&203f~ZqabJ;z+ziR#;-`vkt1umLanLTkatyA)D{jLL;Tq`jgQRN zkrcoUJ{>PqD&t`U9rNkj9CnmY?wGK@EljM0fH`n6h>c^$xxqhxjq9gxg6@gvJ2M2z z`1lMcv@0Mlm`I3f(OzH0b*UH@7)&$ID=#sh>rh!osp!l;H0gskbrCP!fS9qYUT|c! zDfB5Mfs;au=X3B7Rcq2;qqr4IVpFs7!@_hA}u3Ufy8H(Mb<^6W9Sn!FpshiAP&Sd zpCm`591}i(Fqx?g>1E8ReMH7|;VB9r^Q55|qyI*N1U8gw8L}yS zN0Vk$-H#wwv_{+>RYPFYtog8P8)B1Ts-%dXz6TmRZx#_?)p8ZKR z%Web!wrN*Lboj?ytsTjk6G(&4Q}e@S27=pomBV^*Tc`Kce^ii?w3{7-6 z&0^|)`zSl3de%csph4zn%7_BZi4*6>G`mx-8f@%Q4y8g>i{)&PP(dp+jB!7t!AoOe znz4F?VymIiB(>Guh->{EkX4H@bWgZH=K&aCp^qy6Q`)0DEBFaBA!i8xNg0vfs_38q z0@A53>X#IX;RRhyRsZo>1VR|F5gEDR`SOP%)ehn~KL^$XBtT4e^-bD;?r&u>QsgNa zv4$d|td56N$;(8xjh&D_PfppZ?+;v(Eou`@GC7+ql8uJ6#uUa(gp$roCXrnk=2u94 z7?p&=fgtk5M5-uCDm*>W(gFiP13|z7HrZ<^n1LIFi*y`|of}`fmv^V1^O}UYD_tpY zbm+m#j~iI^9j5tDiz8EUTy64C4JI?|h_*zb%^|)h8RfLO3C4tn5{ zyQFHe@W9wOCN5Y7LY$zlr%F7MaON8htP&%bG3|u)=V5lE%vAyM06?U^c1E38054dH zZ{G}rMnp7>lo09r;hb&fUV!c*tSAFzLTNRi$}!CE4l`eJAUu1NHw0N7;6o%pKP(TT z9!wDe7-!b2qyA%tXM8k|rLX04(0tpd!)OrjC1qi@- z!Gwzad!nFTx2+6_gE3-Uths_GRm>ak-Tz$_oO?vKp7J4BtGh$ekF!SFs8;#f#2hZpK6_EA0NmNXfl&SSEWSFi7;$^EdXLq#qw;Z dh{%}o=5WF?NX7>fM \ No newline at end of file diff --git a/fonts/Novecentosanswide-UltraLight-webfont.ttf b/fonts/Novecentosanswide-UltraLight-webfont.ttf new file mode 100644 index 0000000000000000000000000000000000000000..9ce9c7f99d47aa88905ee8c931e10aff278dfe9c GIT binary patch literal 55600 zcmc$H31C&#wf5fU+&SZ&rwn(qQy)JL7FXaTLY zsA&D$zKdFmh)OGU=(Fl?TdUSuwXOA8|IW|0K6CSbYoBxOkO^q*dpVqYrhWEad#$zC zUTf{O4vaI#?D)~K>N#_|ySDr_iW|HcKRNAfv*++^JYl>C*Mas$3zuH;awDGcJ&aXH z+LtbCef8>ACu23o8OxZwaA{TT`Y+!58^&7xfb#w81_yRV-pM)1*o;MZ=e>0o?+#ek z=%+9?vmVczH|{)t@adiJPsR04#?rQ(KX4(AESs_UZ{cV)hwEQ4wux=p zFtA=;wC)zh9>q0l+=Ls(DxIFOZ|C5;VAJ64JwLy%_8_h!jLA1_+p%sSdh9=TF?Re# zwEz6zz@D8_fFEJ(!~v8KY#$ihaKE|#bGUw#F@NjM9T)B%zH0SX8T-lK7?U2@xogAD z-?n#rkFnS9LHX-0*>K**U##r*GxkOat_|1;d+f#OM_#7mOM5O~PRCbf-u$L`l8Fls z-C+{0IeQN~u!$?>O$*z`E@M*LocY}>bKAh~?aU{hv*BU!euPJ)n@M$hZ}HD(bp$nF`(OSW z{%H6v<`{l`_`TtevEMcP((vp5lOUnxEi7+1ik4p=zIAvv&Q9Q*u3pD)6!5+DFNBAB zeggeJL2Up7ucN(>Mz!a_-H%7z{mgD?7#D3=v}%*#pmRWX8Wj4>se>9F!>5&2N4AMp zM`2_19S!1hKVsCVf7CC9(i$wR(EKf%E^(@sB=3%6vS0z3Bhz7-28P<&8dmMx`*<7w*-taAUV zdt&5YuhgF4cHk5k|5yK!+y_;UCMZoULLv}FN6b68b1UX1F;ggTk)#s*Af%`0$7x^? zTy)lOWBykppTPfEbI$}-otZ->cv*b}XqE971?S&|`S&ICl8(vqZ{C^f`KL?JyyrcK zT0RraNnrh@1g&v4a-N6I4H_xqpGvCZANM{U{td7sGy~j^%TG~$WG&-#47wN9a}+!f zpZ9Sm&QGbYp&T?K<(`l_DY}5dN22uINaL?xeFl9L{XPu|eb?|lF#-h!QpRBt9#G~qwkY1(hy66(x(n2~6=xse8u(86 zv)~@Jz8j@JLaAGYCJO!+5Rv|Q_G3ATf+=kX8KK=7Q6Ds~;eJT&eL~YE`W_Xq_7g`5 zC`bxvn0F*`$>`R!QkG<1RQOeEosP*65I2GUAhkrzYMp|UfUo4Y#G9m>C&@qUxq?;E z5-6d)r%+QXlX8s1KD-b2E$S$sk%TAcH$eru(K{rC1?7mA{lLu$l`oQ@8@@GBJMehD zfd6&yky-{l6jlvrt#S&k<0CY2mZ;@_@=SqNX;Fjtf2w^&ngC;(REf`d#E%*j3Wk71 zvJQ!2>Ytzu$wNh6p*)?9oHw=7iDRN>hM7gwLL5jkK>Q|3p3|Ae|L63QR+wN?xI-Hs z!!OXYgcd^l{h9v(X7t~o$t3~BgzY4A>j;Sck^YyEYy=E6t`vLwv^eX>mGUGR8VgCH zaa$!%k@yq6AbirU$_qMIpC(CElJv^>S4u1LO^km?Y*wqa1_?mAsgTF2Tu?_c)u~ZT zoI}df5qIOfoK#EFGvzIkEyDlsG0sx-F9l-JTTTBt3k(ncQEB~be-reivt*dhwuXPU zoWSmecUIlo;(BB(?)M7e;S0E^rX8esq$T-FEsxs&y@EPzr=$WZ&7Uq zOK@P~ZKbrJ4{0_uV$?q>BX+fR>uU{nvs8zF>jsWBeWEsa}8J{E0i z{hx4r1IoAtrPVTCt=jXmI}ZOyDVI#$(KTx$ORIBq3Gw6%c+lQXElb*>I!aYuRCr-T z8>8``kVB%~5#>`F8-1aSX3T4(f2Y(PpVLskh84&OSO|$)#K<9zQS~nsVpaYm%1wMm zZ&A;+R@>rZ#kL#pDD!>NjBt*1k6Ap9S9;2sk^PJX;sx#T zGdf92xf<=8u(Kdm@G6-dD@w%-YlHaHv2x}XXLeSNC+S#oa^Y?WTNT#4%;K5$<3am{ zXs3qdvJ6&+t%8M_Rh*@<5Iv9_;ar&UNbML$5ei`Vw0WdQhWo)C1bm#GZyDZ3Iz;x;fA*2U@EEF8-On zLO`KsZ)4Py34E90%myq@L!~}o-Ny<9-fFPUmdU07_ja5?pN#)mQJyfT;YB%$RZdZc zu4%7FI}+$-1_fn6Pph^?q6DpYHlURTu_;HLdZpZ_dv5gJ2+9~>>zGt7DOBIj5=TS) zY7+AUcDfr>@6n-BoHw)S@q5G#iB0Q4{INK(0eWSlen{#j<5@!z^@xsI50rk;FO|uP zZv>H1-As65LVa1l#hL!n(H9FgpZZ%aXzmyN$O6AhYP}5Q(m_w+I0N9oVL`OR=@EE7=`v20O?e!@BKp_C0nHdl%c4Ov)}r4J_km z=I6noRgfpwYqR{B0RKmyV-7h-*?TT6LH9cWP5GP95>7xDC68l?(Ed))6JZ~H#>`wB}LPrJuEka`#I3Q05 z=1!WQleAaS0@=>=Che+cCAHo&UnS4;)CR$R=C{T!q3Q>tC?{tAbF^2r7QpM^M(s+$ zE?`vJNZg+g>WOhfd`|U`98;RLCR!6bLv&82fp`lvh(kBxMB#w3IpOU2`^XX8& znGC{6O)L4?XMCQbQ=UuRD$k6v_&*!i&wynG>b&tvjeQ>+sf^1M54CzPNo!WHFgACL z&yfnZKo*du{E;>mRSKW=$RwT_i*Hnp9CPJRYwOI^8>?n|D-L@~>sp&;i;!5WRsr}t0^TE8F`NLFQm0-C6(@} zR~l^p%u$tO@ihmnuFqyP#cLaTW>aQVWy5`MVce9 z;~i2YX;Ndv6X12oaU8XkoRk?*JQ=0oBvmoSDX^ifbx5$&_1Fr8g-lkq8E0fQ76{*g z4|ZY(JSb$1O0c}MVTD_L{HL$ZR`{M399`Gi&_c*3x`*t2=$d>vk7mD9`kA~&g-$+SR=Ml)`TsK zO~z)2O+6Ks_B3qytQngQHuZFP8wfid*xqfT2XjD?dDzUX3tKu{g3Zjjv6*3UFGou& zu$fp7whY$G`hbg-*!*l2HX|(f)xha`Y-VA@TVca*#rZaDg~F0I3rpV1u4LDt7hk|; zW4FSpx527Eh~Go(EgfJPa>Pd55s14W#mgB!T;qBl9OOGl(yUD}E~Y;Z5+tTcH0h5dBWx5sn%paAyh5l(=}AO@bHdZd}V~g?NVI z!sT&G&t*&5QxlXXFPBy~2W7{vH?`!72}-8I+YGFK@2pF&0{)*KRhol4bdXWxZKeJ< zf!DqQEKt4lM9CGPzOE3xrF$QVTD1CTweKeOhm`z*5P5eXm4-n(!nK5JJ&UB|5iI(L z@(7aaqxubM{jzAmFfg!fH!E64zvUZu4Xk6e$iCRd7VX%zemh%!;YB+y1m7!J5A>Uj zbMkemZvzJ=mDAF3KU0*nieK{k5kJ_$G1VBMo7hga2czP8b_>SAJ?udi1+SlC&$Cy- zIq#z+m48+}zAoT&viJEO$s*k%yX0GR7Tq4*`}z+3LvTMXH{4_R&{$&JXgp~Af$T!*Fyhc4n)#H20(d<)?J?il;_4vMejESRU$+NVoXR9nHl(V$V zH1Z;&wX_akhH@gdK?cxHStA9IT5XUr5~PjH_Oc7vZrqpE@hD@AmY_s4r0XI`oAnrv zd)Vh0Wp0E}r-DQBcoHUaaQ&}4BWl^y(Hj~UuKx{)ESL+bA>Z5B0?6g_fZL0~Nt^`; zK{yiJ|1)?AVC;?s%l{k{W^hy`##1YskNK*fZ4vyWXt@6xOeFI~9!C4<_WxDA*IG7V zERI) zf_j+)XbQ$GlPE{n&jS{VFp|frjY=j;6VFhcCBS<1gyj?O&^S=)uY|VHc*eI9Z_>!u z+N#IA(R^0#Cf+AWNc~dUoeDYCde${0YN2^U>8}Dq1ao=EIn|S>i{{`|c;;YUSa8m@ zDK(O;S9qVUll2Jgxew1B*cI!42dcs{yJt$Eo#kM3pTe;m<#eKC2HVH} z4||ji^QEv)o|WDTSOSiKFOU}q1&RVyfvJJDfo}vuu(s$g1Ml6#zR4crOVrXVkR9*@ za@5jO;-&fUe+~a~_U@eR$r`(9j3(eE*$O?>za=$#))q=dpLb_0Ik8T=h=F zFHWftit5kihr=3DI)$TzH)v1(!$Vo8HyBN3OImtHW>&V8Yl2_%cb9m6@&4~GAO>uJM(8U71hv!Jv$%E|*#wybA%Zy?ZloMkTVj2f2q^+fCa z(URW&je-5kdZJR{z~dBrv~FGaJby44WxY{0E8O-lP(Q1`wIa&Pqk;a76;Y`?us#qy zwJ549>U+3^TV~B(H+#v-o?tlW-`^96E?U$Rj7EC>f#_s9o7~$QIHnXDSRXCHE%ho8 zt)}PIRPxlKo&bQ@KM;so7WMSwPJo_S=&X^>8vFhIy}iBuC@<^n4M*9co(;Xd6;Zi7 zFgp;{6%GI({j5bjQGK{IY6!Oi{N5<gzFi!ANI13z_0ZM7n*FOM2$l|2k56lgKvGTa&l zdc&;)QR%#mQN9k9NA;x@QDb?408E>;?zoPfhavzm(%(x(`r8D6rt*i4X>8W)*3w`c z(dP10#9NeFco{&Lh2HiDX73LV5D^5Hn4d5i4fp}124z$(3=gy^O{9(Udb9v<;pKSO zl3z+EehIfeoMw?{_XPdnU~g%#BAQWtOp<0t*AKK+L^I3Lfj}UdK5HKJ3n$^$-e?A0 zEx}a=t}3Egs3u#WBmfMo1K82bS^a_i{efsEkX8}RF7NE_Ii_3R)>{zG*bv@R5w(_g zF7D}Es@(Jkao;ZP+scoztXa!?j%8(mcmu7`tTJLyux;zHbo$A_Pn5er3Au1l&oSa! zAggshh)d0u2E%wwJNGNk=@sxjJ?%wL+5vxiKZuw@s&NQ-46%4&pmbg8j;4VjEoivEHPDadznz`UF-Nqv?(aWlGn7SlmH9(JlLLLTmsLca z<;OT3UBELP-Q~w*I(o{F>FDS!Kc=Unul$&Sj{fpvMmpw{A2ZQ0xBQryj(O!Qno;%- z0FnSutFD*y^ zv-<fic0N`^@#Ikj-r^;mOCUxD!38LB9d$n6LDM zYX>G*L~F|{-OUxzx-%68hpj{LdXR#-3Immab{d&L;oSZE+r#aU1U-<~karlab(}jL zXukm>#0BohKT#xVo>jJCe`PojXx@*y8WWELl}a5^9qL4>K(wC*b7XPPBT_&P_#csq zWM6M92{;o3CE7!a;W-#upknGc!Jy`4iWHY-^{)>{7Y?Eo)Hg;W0E8r=4x<~m*MpJtqiRKs19-Vm0D)gjAtb^QZGlUg z2nPYQt}jw?5N-x)CX3rq6Gm?!FeltjjS;n`2$WF=RE)Cjp2|QoCOv{!y@|>aC^r=1 zYAzndr&WbeqnWEetWpLrRz#<&5X{m@(@*p6NW^KRoK_wVR1((aKUwAgcX{cexE+b}EAtQ#r<=y)s&Zu{e92`*R>`xx*fUXgv-cgtghgYhVuM zEDcX{%ZVMM9YE{6@`v%+Dx7rUgwx6V@`t&&(}fdpX91OI#iNB(hE5hy89G@^W$0uH zm1)7rQYu3y-BgB7mQfixSx#jlI9Wku=%k0r&`B?qp_4u;GYcmxsSKU0qB3-{n#$10 z8Y(jbCu^w;o%B-~IvJocbaGyKv?-3}b#xJ(hTH4KSu@Ty2!6ut>A2Wf9-SO7eLh`? z(woE?mEJ7QsOXmR=#+TTt#l!ZZWCuzbWog8(e35Ysqvya=t30TDbA?q1>%f~?ka!8 ztdlg&sI@F=+7Ois7VV*_rULphhwVgb&XePq!a78gf5vewfq!I&08cTxSgjx%q?Vo|6s_Z48p(h;?kN*YAhUFT*k` zj*xGMFV{i+Nbg{>j3Sccl;$#KG3j+EBU|-)XPMm^w%S5P^^JA4E~n!ne_p_5&&sw* zCx?D0)eTLx=h*BS1aCF}CHuOl8(x=4P=Z~>m+NJnjOy83oent_MxD{17Zn?*Vq>_t z4tuBMmiA(oPQHOZz$9TUnn@dAmH4ru-5zO6w@9Y!tPB}TZpO8l2KWPH3AP+xlg7>F z%nluwqzq|pPEJmKPJUjl-{iGbH~cd8U4{$Wb{cl7SGx_nKWKZo?Xdf5{JCT9tMKQJ#Xzf);iLSk(tfOkZi|=; z3(O{+Y~<~o(X2&1kucNibozBD#rS$=H0pW`T&HsrrdbbR$I0gUBSDnX?;x`89H&fg zBx_P}I1~)z=M`A3Hj~~{R_HJoo#BR};-)-aSKHW7UnvzA6<6vS>KmIH>R`JXD|t9% za5`M>JRSe)%7xyqI=#kK9dnlCOs*|7>b!Y1eph#=_khorF?UY;f(4zqg;RpQ8)q+( z7A!E|XpGF7)m%`Qn`Po$Z+7L>1X>p87B19ZWt==M(lD(q%V72dnizRyhW{?zAW`&z z5vyiabg47afpfFYXdZyafSGix-@;`%vxDjN_#_|aKme%K!AvFtRvZmZ16YG-1^T9^ zS%5(>iOrgwrgxVWgtBYha@fvlvypbwP+#jb;EdaT_q&Im%zZL;`%_Ozi+=aJ*PeRn zHNM_5^omp+dy3Z&{q*5S9y!eG1s~0THQORlT*M?cBhu`0O0tw@k#w@u4yTDx(ivo3 zKj6_IGZ?VQCMd&LNl_?(7xTk~Wnn@(gt8$VDiS!ZNC>#Qw>w?ZQE-+qK z+rZx)Jb&HRd5u*aYkC`&&r9>>Kk${MoqYP9)AQD>?0KAf`UlpnnAF??io_|VXyVMFgU4_EVgIR|tw zJYr_%RkF}QQ*V8*2vTp;IoN`4(%^Xn2%`QP|`e-rJc<6T|yyYAu^ zo-Oz*+u)7A`U>9UN5q@4RewX9ef(N}58%vXxe;GxM!MOA0S@eP$QSZF0b(BqtiV&T zvAC(Y$qn{wa&yNr=ZY21WjB~^^4(;TvM$TK^wP}BD%@oU4wND3io?UVQIh$u(3c{N zBZv^)5BdIM%%c6OjNuRSBffgeafdQi4=m%S&t523kf6`-pS`;IUy@OO@T!ZSnRc~Y?aGhA%nwJ z+gKmlJUF;{%eHOLpIp8AKd9_ zFkCTC1%bsZX2{}h4B5ILcTDeI*tJ0R8n$$|PM{0cDjCAlg1~J%xfmCuokfOsEIdy1F6}aF( ztD~SW945@z-7T2QTtddi=QV|B_MkIp%#@95xV3xAvcc`ky0&L|(+Aq-ty#OUWnref zh8M*Ku1h4uDFPtzz zK zoU$g;EYw*Ks#PX8YK&}mxG=s1`^qFQz{w#)$+D>hi`RB98K|tYPg!=s@eAr#w9f8c zI;Uf?xBtHWwMW+;h|Gr$JZEZ4clY#3GklVy>zdKg)5BLa&4l8=sjV$`d`3sdjFvW% z(?TEQr_m29GD8K;FeS8;ej!1>h?7fEEu^`2o7Zj2wdcANni0ChysZuWuw9+030Qt3 zZ(iLyctKz9g$jH*|Kb--rc{*3I3^wr=Wc+T3-66zpEQWKs8`B}<8Jk|Njn z-56U=Ru(~AAY_5eS-;St^$>MXqamW0H7m`T?o`C9fy8S<)XRxeP3l9dCe7N;R}1l< zX^$O>&jZk}X$})@dRTd6lFOMUOBC5D?F1t+-Yw(}fZ%LCHLNtM8_{UWT&J}w$LG96 z%ZF2DKjPIMRwenRd}w!uN3c3nQC7hl3Y~hVUh>DL^Jii!_}8mG2z-$DhNS552iXrX z{I3KT8d)fkPe1~?H4p}pyo3-12A3t8!?SgyUV)>X*d>|fPcesX^gSX1LO8n$ZMUgy z8)VXL8VVcGbc0licAr7}MbaC2)Ve~Sis6rWO!@)VwITj+S_x z`vxx9R@6SPHd`g*zdcsHx^-s%y~dTRc664{Ybdnce_IkgD~69q?}B*sEW!pOTPAaZ z*=Cg_z0{t;Ev9snC4G>Y(+%ln!ys0`(+vo=)gi1;$NRC)0!=HuKQm2YMy`iB)DKk3 zQa2<94PHr}-w2gu`m}~fV+8d>yD13S3LFIm1)(fhLYRSs)u76)y4ogaipmfPU~toD zDGqCQpyf*Lx&{(-$|U7*NuG}C#&3Ud|DzAxczB_s`b*OeKmL7Q`u*9>g^fBXdv4Xt zwJYX^8gnxx=?l}_4D+T(X3yjI{%XbY1vfwO#BH~pSeRW?@*j8I`QnR*de&E#mR1fd zT(HTJ>oQG`J=@is*V4881}th)ye*Ty2~Ea`=)cNH8CE~_l1`7A3vwL$T68uYY6a&R ze6Go4vYYHK;w7WrTUHn}hIt(i%f*$viYpq1R1*8#rd&SF%ctdDxHh9aE1PF!muIYf z|9#S!*zk{XH--xe!W(mc1di=P+tbmu6?#NSNF0XNA##9gz(M0&un+8J7`8OaLm#6_ zK3Jm8@-pyP#;uCT(JSZ{*Nyd<@%b11Q>GMNx^3vK{v92$XK3k*Y9nXCYj^rW}+8`}@P_=CGHyf^H%gl7)Uy6wc1H=cLT_l;|} zzHsmT-`~8@x`e0_$V^gDcyKxqF&Zn!&~L3QurPsLXAMX@NqS32p7{lXX1WC+1d^_y8Z5Wh61m8i7%DQHp5WjRrDT#Ec5+fKA8_)*LNXJBU=^$fgN47_M)uZwP0CJY-^yq*W7) zo1pYlALm(RbGJ@E^x}&Nq8)hRg`hSCV!0uAv0kVC1?Dn()qen0;YKR-WqNIDt&KA(n> zqtcFDgnDJB*sJLsWT+^$kspcdRVb6zKED`j;vELv>o8dIyHG7`S)^i6=I%)ouXa2BF)a$Icwdki&C197A!A_w$TU?039@-+KFybn-)2c_`nNt=HYivtl2{dR1IVCbX>=BSf$+w7C@t0|;p{ zR_JVG01@Z*`T1?Y${MmUh(1r_-7+>g(m+ZY{BYnTJ%@_76~uxPzm>d5=^Z8`B)($m z;6okYTCdyfHIwFUZHA6m-#DG*o@|uEa-|Fz=yc?9hs)t4VnQ^6nD+q(nD(+=Med`{ z``jh2YzQ^{`E$67b5{<(BeT4!wmfV}GaB+s=aj^L#)FeO%JL1yG)uU=wyHccwgs5a z;(sJ2P+;Ey*!@CU)7;MFK}`7=XIn?H7{U*{fZ0mJH#ibH%ro_syuN{0t~-`5fb#Qq z#Zfw>*JrzP^9!vp3$V6Txhk;oKMPib+#nhG3C5)nmS&QS!thI&9d^6jMlz}~yD4fr^)S^~*2EUU}q6p7YdGv0pvO+g^AfcJc*DAA9jT-{JM&LH$G{G%f6E zk|fZD&_y!*1k(yx2ybLKXe|hkB#FyGYZ#|cIm>w8xA$Cq%_WEZ{=?gMy>nPPxpBj~ zO|dt5q;Cbh6{sG4xJ>jR1B|(#lj0g6Y@tBGk*L>e(u5iWkC3qUNBnpU7vh*tdn0DM z%>mm^%uR~#Q0Vdj#2Zq#4cXEs-#?Ih+iB{4EKTeC+Pk0E@7be&;VVaggbeEbcVaIJ z_y`9Xz(FSTq`F8oO+<=5&UMi6R0#)}g4s!t0xpL&3#BuI)*2%WnV?LQBUq7K%0@f% zD$pF$;%|@HA{Y7}yZD-iza86j&zqNQIfVH;_NsJp+j;kTV=wXc2UdzP2D?VGgT{@d zedp$&d5rAjc@Vm$YQ@ym1oC_y2oPu446eCL4T`f=NLfV-f|8R5BMt(lQY!JuS8wd! zk^!T!#@%QvE}vbLw`)`X<#u1_k=5%0GpAMN2d9O~-PXN3s+M%sJY`(9a`7U6dA=_z z%V3erX?fw6;-zc4ml^L^FlW-Vu-$AhTCMqoje%ADwlY`{l&8d`cHqy*{1Fe)P+pF? zR7gGuO`3xgl^7@@mAE|?^T%RRzI0@0jda9EJi^%`;9#wwK`@d>dH{Lx;p72=h$Zj~ ze1~iy@_}$`b}-<@sLvL%Q(7DQTkP-tkM{1y0A3Y)ix=?wVm+}>uD+T-DC$Oxob)-= zZD)DltQ4V%=g@WBZUw|3^elUxoDVVCA~)IV_)>T5^_-)&LZ8#1$3*Dx71$okK`WP* z^+f73Gcz*lW~?aXUj+PUL%srS6qBrjc1N}x^l}m#TVc`(xnU6V0c4#vnG~~PC;qHX zr;v5Brr(jA10a&KuD*o>j-*pr+B=vPG@IdD3R<_ifA8OGs|)hn()5+ymFcCqJWy@B z-2Z#tRW+EGm!G$@Hg*Ew-raC;0QUQ}Mcftpu;|*goDUqRyz7MvFMJ_(EGEME6j=HM9~4GH6y_*KLh?MPkj!bb zVb+161*YP4f?|Xz-sX?}Ht<9THF_{WT9p?)5&TdAe&|ITVH)k2 zhxBeE`Yg5E(99fiy6Kl=)Teh~;${*#E+7D{i<_)7g*t5JnKC)tYFl_Myl!wT2`5Il zlp9JV@?=Q8u?|}xI~@XAr^~Q;GWe52KjtSqr6v<5Zi6W!%b6bQl0wpbLvOl^9hs1~ zaBz5}lKdJVi(DPxr?v25yWzt|Zd#-W*FwJoY+$J+1S08?GNNS}N?<%9w{^}YE47sFl#!h8%m=H?NS>Nz)rM;*{W)+=L4`z)tO@YRk^;1{SyCk=D@1shO z^hAWcL+?uYPJI51vnQlK@hS3ks3$v;K|D1Zm2R{W0Csn{__cL;{ql7O_T#2vrxn7V zM)U1Bb{e^V#R!I-mSxJqRFtsO(3@}-FKP%ovN%5;dv#&%U%h|LT{)*snmg;U$E50^ zS6;d2PLuBFA?g+89sU8@qD!2rEc1$Y%HoZtS`2fd@Xf^roJ}<3xI?qSobW%>9LT>Pi((GsTP4?TeX-x81_kd}j(}%Vv%dlp+Fu|A#&D|r6^3Wt zquO81Qe!iR)(jOuS?pFh#nJz2GLhi ziy$NGq%?o*T9_Q4^K)d7!L?@BY%Mv} z)@sBo2;cSFf80a1Rzt}j3f_k!cKSunOVy9tLVm9;Lnk*B|Ms0&G>!`n84 zwPpg7A8K^z#=C(t*jky%wpM@zpnbq}u_?AzQy7W|j4PN+s&Qq{rFb%ZyzL zlzfUStJ|BC$*+NYA(^%vV~f5Jm}El<2fMa1;=rOkNi%zWBQ4v6ikjl?|B46x^x%Vk zdcc3j+h6|j+jnsHzM~I(a`fosyKldJ_eHnguE;Nb3Vk!9{xNJQkWr`*1sDtg&4wbu z?Nm)D*b04L-mqoMhRgi^%U7&gwc>KAy8Di$f94r;T4u~4-k?6*Ao`F2$qXARZL|%A z?o41qr9OoXOk1-wPDPE*0IsXtx3% z$=MfxgDk~{${f>%%1p7LY}vGWs@YJ*0wJo4(dZUN6l|!64&@cE@E<&H+k&<`W8b*! z(MK=)Z|Uz+^@7fs3(YZZ|NK?pEm{|P1oW*U`^oPcVLu5;so78ErTMvD_Xzt**1}Ed zYLjA3TyDjC3=7I@Jg=*BxieT*?N2lKg0*?BwJVP1`Z5-D&R?>0;mX3u`kqkpjI#X* zHHpl~tMJ>?;eMi6liK{Y`PU)NWcp;pnONPE7SCIlkvD_nObLG81-?>kCNbiZZ6=y8 z;49?@;^8N4OU6_vp4*F zABN~R|MNfj(%3^Uz6ga5e~Rv1fjURoNvL{aJE`0=%yMtEhn?Bv)X`-*Lynts(8Lc* z=U0bKW+>xTon^dHZ3E)}jCPWcQ`$r@!cI!^g9|%J6;Y73?j&)A*q8;@02U98rhv7} zb2?{(tJq{F!ytRUdwzBZ+PKMF?AnlX`nPrK-ENP2ecguu`R6Sc`+Yv|rkW2vsM+N8 z`TQ5R@UXIGPj;jUu=~kQ@{MaJfy)!#N4SQZuvJFdNp{#t8mxd@w)5Xy?ymz#e9fM~ z`>zJp`|HgXZniY|*9Ly{;a5Tti)HU&UdYq-g<8|o(=*z_m&X1a`+1yh{67URz-EHk zG16wz$Y;0Nge8u7StgT-<|mn_`+pwTzKY8$2lIap1E~7oKKZgQ$4F+wPU0U6eh@Z@ zB*Qv^r4MN)417^783W`L!J2Lz$xkykVo^D67Qyoj?)^CS+#q*N;u~X4ytSYnG>OE% z#=i?+^wn39>BFxnYcZP?oeFl(bl4sRtSM6O#p)VdF)o-JbI72ESq&c?4zjKvuyN#& z#^+l-KC4eiSNLG^q+Iw1>ztvY>Ab#DF0KwE#R*PCxT2jQ!*^z;dGgw4%wLwC zJ4~Twzh5?f`tQm+W$05T`V?lhkt&ajaZ4&Sd3i7el8wo+ z)~b_bUAO98*U9LPSLu$sp}wh70_a8IhFTZ8l_$IFoCd^4a`<-|Y8#J@*&Ev#JHy#E zSVr{lg^%$%4OAG5NjAb*!dkY)+0$)W%wYL_GL~|HTW&5RPF;8YNa4I2>9OJ^5NpX)t zU$$5*8I}xZ80!}9GMgGg(NJ%P`07z&HJyIxS!LyMXg*>#e~2o;tHTdUF6m0Fv+awR z-7X#U3K6?V6J?1SyGRD?dN`aRbalo7^pH3R2e1$ z1!ZPuQJkL<+3h^fjP>b4EG=S@iXs|?SCT>)DY8z)FgjektZiG4H}}GJ@7C+D+vc0M z$M1D-nZN1ED{ES(nP$$@?bxBaVdst;G0n;g<{Mk)?|bD6(Z2#fNihROv;u6mVO+=@ z8ak~38#sqcDZVn}?l5tqQLHm5VO2#egteIhtIJASULmw`S_3YI381XaD6lylV5=}W zFx_=n8s?{C{T2D9wwb1tU3WUXmf7t$n%@4IX)+JwpI7Gd`ApLr3YYtqc$Y7}-PqE0 zgQwfqU9{N_&LLfe*`$S10pw(uornbSxgm-BT=uMVlb)Moi9%jwx!v!S`0NaLUfMdN z8K9Dric$0v6kmc%QnAjvu3XbT@8(n2 zUVG{~$=1=iX?4c}TUSR%mu+GD>P?*;wz<=rJBq$=>bmPr0SwG35QNppO>K+J%+g7c z1+u{cfoG8h!J051EQkz-=MYLVEg>o~!jKagy16-ikK5@$kQ4sEi0QN#4jLNC&IJ2` zzzsy@Volcb@(Vs6zW;vz{r87If5Gj6z0RAgtr3t?6>0rp|k*TGV0#N;Dr>DVe)DicB zjiE9?sw)B8kOg2Nb-8TmlEsTE%S(!i;O=mh6^d9h@@R`iGlU6aL0nG(tRPH_r0H&0 z8qy(7*y$*Azzgm|92QFIii;qqii!>V#rlSe&o7<3s8;7Qz4nYVcUI%%+|ZP8p>1a4 zVBw6`!WX^XtSu|Pk&&CtF!FmM2i z2uIbrcNl8v4C3+#R+7`wt=4aOtX7XzrXTGecpY-`E8wGxL>pyneq?SSABK<7z}ra> zO8BTe!l#(Qs5kVJn3Ro}X#s%{|1>&fj(D8Xl7bK-OPmQ^L8dVcWGkA8IM;E#U9C&k`=`e`0I^|aUB-`u@z=hEf@tJg4ZR_EGP^XeB#7rh*N z_T`uP)R%oHVy~Wjf>;0AR5NAU(q&twO*ZDu>g$}hsv5YXFSGCGt1ylzzQRp0dtfkH zXdJ}kDjQ^muoH^a*UM|+iZmLGeI#h0w!r?ypKzKq!5p)Piz%p{f;j7-W){oPWLo^U z*>CfgeRBnt>z!$#L!mUM{s^BEd+xV0=UG z9$~>1(=r$=xKWh;<$%pw=ie0Rs3}|bR@dNQ*JvWgqDQ2A_yrBMrS-=9Pb`3!kZ^Jl z)Z{DVa*%Q2nB^;CA0rmo?j>3{q*d%SIRL(}GDVI-qmldZgoy|vk~I>W@37m2YAjMi zNa=`M!C&oeYU*yfDl)00wM1GqxqI^D?)=jHz@$lme0uXBeq{b9_!qNiHNiv?sZb?E zU^ikX;2c9*fN?ppAu^0u#mYihc|6*~OpzIJQC;UGW>dqxPm7?jnLZKo9eacLinAd9 z31Z?mVqV1>69WGw=7xSo3LELiL|G0+5-aIS>=eZhOEUTCVT6P#JSFUN5v<5j3^BA30EX2rq>ThI{~}%$%cimcanpK86FnFWaB_SeNeS+f z(#3R*Bt&CYlJe6;a3|I%;@hQvLkN z)4FvzycKG5b4_7k_0-y__2p)d^}^QHdg)$SUq7jK#_Y+4%4u~4MKzwPaDL^aQsc&{ zWyK<9K6M=d=ojk<*fM1%9~crM%# znPOQJW_lPBh+;MLWb9i>j!)xO{)J8cZCkf)yZZ)OC*|j@y=$$uUN?>Xon67FV$Ghs zSqTgg<59Sz5-dr<_)Y5cfTdt9Jo4{qG$x8hhgb0P0F8*K&IZw-NkY#6_a*|s6SWKc zTkTa+=u?gVLwzkZy{QvO63il0Z2A zfTvJVqev7e3fW=0hBw^0apSEUe9QJNTek1lvF{+q;D*li>pSPIU%&s#?(Qp>#WqhM z^Pw&_Kx2gNNQZ?&*4xEzS*pO-Va{L}3nzgeit=n^TO*r*C9_nD<+>`rgd`7`jIvpl z%!3G*g9WE6RdMy2{O= zd@{Ss?y?CKXNz=`Q7E>{VLvAo5}6FpCX1nFVJW&E2@VK0cGpeijkT#{c=y$u|NEN% zx##>{UGQ}ic^`sem!9RY@VZn2@g0=XG1Rsr@6%!C^PQiWgSjP5mfyfTU`EgnxR7Eh zE^1kSWHm5hl0rer%qrnlliNMqOb!7V#)N4QGnkQ^jQs)~uwd7wCE)}G% zy(bXUk59~7BSD}wX=Ge!G9p>x${p%hW zJAPRD(|*f=p}&ldBBpVf3geVWBa{!C1Cv0+L_QXX1R%vT+o5PvdfPaFt-%bsWjw$R zScbMt1lJXi?it7pf!|O`+A~PACk(UB%*^y=dI>BSMX}h0q#g@lL)N`}tmi*74q(H! z?K^D!L)T9P+fvXpA90Y7WfWv$hqI5ow3z?e8MJVN2~wRylq(7x3>Hc5hoz6%%B+LI zVo2{$g?S*rS)eRXR#Zr$oN|LH7A-R!nxI>#<#5I|wHSpvu1UD(#_A9cmN?P@f>Cca zr)QYF3v$Bl^qex^!rzbGM|pCt17^EXXFz0Dq1O>89QxK+-Gxh2;St4#^|C@XFB0z| z%t(Y9B8-@g-8UarZhVEl!a%;3@jSxh7-j2@*|*FT19;&$J&GH}I2k%UR%f)nTnXDD z3-k-K*2s(mwJ`l~NL#o@VO=6Ccno5BJf5&8EchNFnn(i9En}*cj;tb~WsKQ_>*th} z%_(cF&daOLyK!vzr4Py@<>irOd6jv2l|y%q1;2=8kq=-V&4Nt~iGsNmP>M8jj0>}F zjmd%qT*Gp~U!;#Or-fKV;bv#!f0MIk!?}r9voJpBFCD%^u7##IkXQ*i5qu@{KXMVD z9&3%gcz!N#mZrv92TvllTm-9AK7tPs=l8}|)7(ye+7%+^zntxjIP>$cR)-v0jtqXN zpXp!_9Snye7!DNA4L9KiQr#rJ3NVU9L`+`rZHmlK5hz-y6oYv&QMuko8e-F-yB69h zI-Md`j80{BuQ;y5YWZMrho)o|Ogg%CQ(U#Z?Ym>-7p&eYSu8W-DsR5wxv!2$H&9|+ zJVL%_F=Vb$=O8&bgge$V@Ld7QToh|5n5gx71C%#|A%n8Xby+$=0=rchJBU}3H7elv zSHv!TK9M9qVN9Q1lSma9-L4|B&!Jrk=vPE`ocd^&H$ha#o=LP!hEHn4 z!blKY(CycV4>M6>vryM}lj=&)eNKXuH&lh$qkyF$K8OMGo=!pMq zGLoO5Bc%hV;X0t2*>h{y<|Ac|YmU7La|7bUCb~ zU}hs`5WZ)jEQ_@Wu@;ZO4Me|_Uq^-x0h)7Lu9`v|xdn5A^J_N=6Vr-xoVX zSwWD8+L+iOlRi+#mPGJXP0Wdikd-;yuUHgeI;`yJj7Yb^Hyrg_LCE+D98ELO0HF&Y zNn02-m|yBVbrdjT3zh{#G{5lplANXm*eA$G;O~oB-!n=ZxOPOIg4~WdKUoL(^wkMd z7s$_yyaiRCwKL?=Cvh{rctGnskmah^ANi%2ARP!|#drr#vk{35ybBB-`|lCy48-q4 zGe_k#jMa96`^Rb9srnk4+@spQktAJYMB60pCTLsHMV*w_mKZJS$`!h;E_5Md9NqRP zYfUs}Mz$@b3rQC{G@^A?-VL>k>O4l3)_+Ck6!~1ExGagSkSGpMKfdPz`w*b1^Q==( zpxKG7i0? zxvGU7G)iwA2|S;kDzOVkf}AY2hwdB&F6Qy$>{kA3{xp2MhDS`2_+E+jkq~?#r2ksm zwbxpef4oFFyUu#;HMH8T51>${~NuiSj>$O|oNves;R?8pnVR>m&>=4vT#`gdZ^ z?;L($?a;fE0k@>&Y=|*#qa1E^giCA({G1~54PvbqyaztVtYy>LkhUuvoixVvsYx6> z3qu@EZ#9#H#`dYv$sD8GR7UoMZ59f<9Y$yVh{O@T5JNkvHAzEyj3(p#q%rLvNv4iy zK6`YU3T8ov!4a~RD72t4J+hxKi6PC+TC?g{er8l>Wfi~57znUwk;ybiVg$fN+i%8_ z4pI~_UUj_~xlWy;vjl8`TrAfluhv*-wPw^1fOj=HhlUNOjDXwY&?R&J#!)b0eFcor zr}6;4WnhGd8`&eOV*q4p`(4fahMyrv5~qxmo!a$$mEE{CgExIxwV91#UVccR2Hh6oR)N4!mPIq?)hks-|V z;Q+-h(@d|#XhN+}RHl+G&JC-=&N?VQK*uOy0?J0GccahXeGX678EIYFa2|ku@|GizJtzkuNeX z+Prb`qNc3s_Srp4+sZHIGyd%7mw$nG_T06u%vs#s8d>Cjjw42}`d1`Z$QCb@KEYX< zVga7PrxgG8nD8mt)9qSp%V?icN}fXi{-jG&a~-6O@FT?*rDi;ghUttxq$H5i0TAU{ zr23Fj0P%x&rjG;!6ZNy>!SQE|Y064Glg}ug@&TWbGZQfvqkKlmaJ*#Qu)*4W#|S_! zBtOxrp%2D`GDQyU08DyCXXE zja*l#P?n9diM#R&W0nyeQ~W1|($iuc#*0-AL>p-Slelw>JVHwR6{RI5bwYT9g1%s0 z?%3X-(FOqdQj$CIA1NX&Gy?i-wWtV4xL9Bu*#DyXe)7-O_YqzTj8rQRDi4 zlHujEll(sYBfwpi?C<&O2yih+(O9P#P|eqa7!I@EK;c4+8_j%;30`eAYSSXZ!)UPu zK~&@VdMHi|Ul*jW6^X4Fz8>j6W4HVsDNX!kB^$=S>?WU&(wZnG<}p4eb^_9ld_3JE zhp2?@i6Bv%$)jC7q48Zjh}S+V7f)(AxOk9|bk;5&(ucGxrO-7?5)Pg{UmKaP)ZU}Z zNb>H4boYNQIeiJZ??b15Amr>Bd^i!Cq=`MLnk5JX<6+v@#;t;@ht$L|Cdk6BOKSSBN+1R{W=s!*{5U| z!mp#`7s9V2G7Rxa#Mo~r%kY=V`afiVlqS&}Ud~55z&(u0PXf+mj1C%hVn_FE)ACqte5oT>k@#$!jwta%kDE?(JS-Vna@QX&I zOFe-ZJ3f66&6yy53a~2qQ=~_xBRXMBUk-$E!k2?ws)R2`9-UCdO^|G-QnIRu&tt_S zGOLKEMz@{ddexURvh9Q~2l4)-#V03o@eUGh*QPd(fib#qt!)}3nane$F9%I0d^zZL zk}qehwx3hnId7-7t_ZnU!HC{#?GsPsvSP7WGd|x{g3`nGk7-0d`(CM)r*q?Eob2n>3k!-IHUEw zF(Ch2s*K)}3URX7h+Q=jU>UJ|Js7cnheV_-J9spp%OLm_;}ot9e54uvVa#XUv}6Ep znO-*^fm;rW3h*iGdQhnmMUSWUSI+ryC41qR?`O)1!sl-w zzi-7^`+(dcU*aG40kyYmcyRB)yofz=-UEBr%$pH&Eax4wmhZTO>vw#)FLu05>R7bw zhRcsOEy-H4?D~C2>lejNT|S@RS9N>r^SAH5vMaW-M$B(Y9vaDp>@j>m5V$Empln^X zP4xlM+JzqIizlZ2njAn=mE<%?gHt2((-hy2PRxHwTZ$ymd_QBhmF)XTYKs>_3S6PI zg~2~=TQv6Ze^-z6`JgGZ-3tU@5fZbc&0w=7`+VHV{o?nDQUAKqnljj*8PPe#*P~PC z&OC~gPZ=q~+k;j|czg0}c{yWvdqxkH6o7t`GDy}da3zn8jVaIx9}n`&6dJ?FlZ~%i zjqBq9kRl%pxn_3Z;}Pph$q8ql0QC!!a?T{7mcZhTXP%MXL^}0h*fZq0z?TSs>XB|6 zK?LQ~L}UAG#JA}#>f5+s!^S?pzi(Cd^1eR)_10Tw9zdGkzS_&`Xxvf$#ec@}jurkq z2fm|?cp!ZFS#Qt{rjUWO7c?s-X_(mXHN&*FC6)%s+dLZia&qq+uOl@($vABlv_OIg7EX zk4zd$hN6!fi;@g6g7j@)tS3SFNDc$Qm=&Ki7i$90NAM;k=$u^}^s)GVq>Zzwp3-w7 zpjfWo;{qn|Er0myknWHingHi_Q8p$wchITJhKr-g3R{o=ml~wdo>PX;Ki%su;!k}V zJ$^73(SV1vSOwi_-h5i;`$p{5hxO8Rdf*9sSTQ_=Sj0NQJL`zdc5}VXh40|Oucu^5 ztiiW9brSN&=)=QlCW}nAD_3l5CqVUi9J$V10W2T|yc96L|cEN+yBuG1gGF*_+d3)aU?R` zX-nbbB-b%3ykpG;`^skjPDZb z$%aSpkz?dWh@}#~O9)EUA&$BCO2qr`!dj_=zQr(7qfT1FI-A_Y79Br7%~kB3J3=v* z+mkh6!ew&q1rzD3$=^Uv51*t4Hn?Ip`ZyjyP2hRMCeBjf!_3)SQo%*UISlZ&SjQyQ@cPJyJ5_~5Z zSPP2&_?atW_j>4q_XakbhS#_PN_Xv}+ABqS)OSBoN^7r; z+5-mE7E@5rlya3oNK%W*s7Y;+WDM}c@qHT6W>OzTn`$3Z(KTL+*TnmnjK&cS(ziH% z!CvDl;oH=BF)72sE^?R~NjkxHdbqxzpuXT2*bC}GI~m`K{x4}RD}|0s5)s+}{pTgf zPlI7A;eSIRg~;hhgJat3Cc&4LVX>##^)ltFkz8?u`-GZos2k&KMNUpeR@NKh_m|=~ z&F{-fOV3LF1sLEheyn#s+ zwTS;+19||Add#s#%A!KvwhU>H1Wles>9(qY1>+?xP1D0C6&DtSLsnZMGH&tT%uq&V zp@_&(vTd7?%OF0xtfm7S;b1U|yj%K|pJewo+_&}ejG8LWt7_8rZt1=RABJDKVqmM~ zo%c9@@16AR=iT&grW-HY;Y)M-d^;}hYB$y{+_BE*bEo;%ZzH_m|4HDNNMFU8n32^Y z_pH#+!zNvl`fEQor+a+CsKz^Ox zYFg-DXtL4Q=>4TVUd}x|CDKW6?8m&^8++m_={Y{X3xOM!v~bp;Ls{W8i(YSa`F%O* zU*WU=y_Q$2-?ky%nVB)|&cM^$a)dt+J#(gi2 zFW^{==OyZK2JTG*>^rdkJ6j~(%pCG<$Yr|(`*!Ttp>GkkR=^x#lhFQ5=|`ydFZkBk zEVS>$`?sLJ^*Ca@^Z$qAy|_l3qWxRZz8&}9#{F+$Cs^)8opepd|HiYQp=~qvZnQrW zZT>g*94sLX;TT4lO{nWO;BynQ9q(e-;Q#a$xR<){><_^CWjOu>G81L+d@W$RPOibd zD_B@sfP28Zxc&>fh<%7Ufk$L|1+nK-KlrB#o^c+n$@xOTyqB)wpJ-|L-(&1@0QZRoz<=^S zs{Qq7U&TM+K4mA~qI*Pxq@8HMkAp@y%0C9oQ&9#m0asUHzmh+L@qm#OKbC_w?_$40 z-FM>nD0V37M2Gl(7u$)EM&qH5_?vd%UfEl41iwmGgZJ?+zZf*ZPW4Lb(Ei_932H1= zw;qhQSMmRk96`2)M{1OoNc*It((}@Lh$9ck%jN6k=XC*HkM0|~Kj}mI>+~-fOok3a zzu`K=-G)CHuQWbovY6(X_Lv?ty<#pkFE{Tr-)(-&{E4NrODt_c+D&P{OV3Vk zN#B|NQidaAPR7BEr!rp4_%zd(*^=3vxj*yAS(#bQSzEGh$@*1xdUjEEclNE>Q7f~y zShrj6vHrnUX}jL`pzT$=&VHW#TlO~{4##@OKF1H7_}>nk)y{jIAG>aFz3%$deXIMl zr`mI|=b-0dZ^+y1-R3>w{m^%wZ;$V&?+3`NZ1nH+-;(3Xxiz;f_m5565Th315=3H>eH7~UOztiV&Sv*4zJ4+{$l*AyNu{HUn3 zXlK!hVqI}Z@lC~_l=PHDOFo{oebPgd-Y+dEy{z;|>GP$3DyuEqS@w2$PI+JX;qp%^ zmQ>tQ@lj={vZwNv%D1aLRr9Ovsa{nbtufU2YL<_)t*_Ztb7jrpnn!D1tNElhr?$KH zrrKv~e^pn4t)*@Wwns71la&1>GVz4eg)}ZgM%snAcQ?1=m;T(GzB)#K$-hv_<9B3n zraaX#={tdq6$6GKcqs zdj33fd0$e`UtrbVUn%Erzy|X#IUcVu*Y}@W#1M@eZ zziD@1$%gYU+BUE&uwuh`8+UBqeFdAzwz1v#uS<5Z?QB4t1=wO>>k6?i7f&u^n-NI! z|EoK**tpIrj-M;iG<5@1B`ReR8kPp9RU9udO#(u(W4m>hCXFXe8ic?eZ$ri&Gc%53 zHWi_wu(T@T8ARa;5MVa~N)Ye>h_VXABH)2O@B(5H55Q~r|IV4OcV@7YNI*mq&D?vx z^(_CheBZruy=VnlWsl_5Ykji86E>j|u3Agy)v{qFZ+~9(ecq!-zbETep9RfvPGiz$ zRy7rkJS8vCV}t(Lr?L8Nzh*zImdsf6k!IAg;`CLoP;*@Gco^0Da2~R89Zws-P%YZL z=BR6=_-^QWMppykcv{Drt}6OWstx5;(N&OMt9D-3C4Ck}YgJ`+r>L&q#uao{kO!ZX zr()!LycXV|a<_V=npvm5q54^sEr^DSt?H_*QS0hm_W7YB-n zoXQy$Zc1JbWz$YyNo6xm$&`)_ThTYQ^bT&}Ep)J@m5#3ek8yP`;L!-bav*%;aiMFa_1LZa6u1B@^s|-HS zLd|7f_Ax_?NQlvpG%|-)_^atZoPucRPV`TCJFd{^w9{A=tub1=mS~aCf_y>$oO;HH zfd%ATkgkv`^DJm?q!W}NFK9tlAZuFXXq>S?&v~DB*=b^?&?5Zs2~9@-x<=p(xic47 zW9f;0q@;T8U%DCC5OLR-Pjg5w)}v}3MS_RJJm+9}zB?utut#dQcZIo6R##pgr= z;4LJ|c;I+ZALtETrE$X(fWWGwV@z(T1G;f4IdvoqD^db&f{N5H0cvP5*^U@1@(aE z@MU;qI0?E>IWk&j!IHvnL2YZSAZmnHr+*+3YpY97U<40BO`>5*bYYzh9m87jDpf z3}1iVXQecHk9hBh2t<&;GSNInL*mI2nJc^#y#pm>dxukT^}a>d%Q>(jGOe$)L@^-sIf_OluWJoKzN}i$J>x9LPOGZmR zI(pA>m}jdI<0nMbs*e=1C^^;8#B6KMNw?^#J6Ek9ZKIwWaY=6w+mLP(Lh$z&Bwf~H z6bG+KiVt5WDMC$> z;@}M-#iPy4c#kr%$dSp)h>IyUV(F2G5etY4c;@yDnM^8;gf}NHb!OO+Ipej-{~|W0 zJsPr6GOpNZ=*;#bmT$a{NK}*YRW)kLDOmNA=f#=`io4Z zlEgP!!(4kVaJGee&_Cgt0EMxx{NLq1>;g7~%mYH`9-VdWTdyj^$KuEa=Y6F$BZTxQ zi(&=Y-g`wg)NS7WgtX3zBC>4kiFGB&2|km3j%sCjRCzFVIjXrq$SLndTRc$O&BAtB zNiY^WMUl6H^H_bv4k4}C8wsqnVkYe-ckVm&$c{I^n-KXvs5m8#!lOY|?5dttdF#$u z+)Wu1jb+g_q1q)K*}rFJVL-Cqt2<=}bVi(IN4`&IW11hSV{vIMqMN3=ucd#_J)z$g zZ1nHLVR zyj;&My;4u+yh`sIE7+^;HTGIPd4HGoMqV!s?9$!Yd*lOlOSgNRx_+m1P*mS*`^3iq ztyABmw{^c+PfQ$?-iEar8hOxd-2P#$5z_vs#zEuYc;-C28! zUheu<{oTyB+1qV0+hU*5vjLCVH+1j$5B5QO+&*HTu+L^U*@x}7_5u5NravoekJ&~0 zw*4;KW}mdr*+1;>_D}n?eZjtO-?J}D10{Px$oZk<{fzxUchG-iKenIPABDM}+fVIh z_9f}-Z}u_!mHongDJ=iV{$d}}n!Btu@q+ZaXrGb}-s$qkz8gZ&ik>>SAaAv5@3!~a zd-Mi}Cw1TJefEgG-~McW)xGaETeq*B#uM9 z&13U=xIeCk2b#zI9Q)OwdG!9e_I5gYJ015n>j#_1H#Cp;Hjn$7$28thT=zA{?d$8B zEzd32W~L|W^HJ457RSM{Eu+h|s@ajJ?U|Ej*0b#Khu5;NZ4(MhOY3&i@KgE|2zPUG zsY`FFh_fAA{cP*-Wj(5#*)1x)dHAw`?cl{T>o1rdS>MUk|gHjYD544 literal 0 HcmV?d00001 diff --git a/fonts/Novecentosanswide-UltraLight-webfont.woff b/fonts/Novecentosanswide-UltraLight-webfont.woff new file mode 100644 index 0000000000000000000000000000000000000000..381650c98d2a6a0464d9e6d579b04c34e6631efb GIT binary patch literal 23476 zcmY&;b8sh3w07)ltc`8kwr$(Cy|K*=H@0otww+(hFYkBnKXOM~$b@$Xv_nC2* z7ZU>l2Ku?Q8-Y;%Yu6b5NB*z>e=jjH6`vH)@#h7PkZH8lANiTR`R6Ca2TRKYmj z;)nd++L_tPKzl$PWb?y;a1NZewr!qbL8v0eAjjw6<=-$=1;0 zC$8du;~@ACAOye#c80d5Kb*u*DnGM|EmRC`;O$`V>;eR&sqz!O8T; zR-56+&ie;p7vd8A?xsdRIcrz`$PoWwM_UE^r~Ut{G|5{q^V0{K_V88vubmZ)TlZKu zHZUak158-k`s2nfOSS z6}J^~RkCK96gJOh`CEfXkR3Ht736PK&>~Dkk)UXl0BV&`U@hdYQAib%7ApM#=&^mE zArP&Cwg;v(5Zv{782mpWK7qkC12>;1Q}g*O zmGu5W{+zWRllLvD{vmg0!!)Aa6!HMM3^^|C#&b*;=$#hFPhA}Py%)ULn}ZkNSZ)rz zf$Y4!7tUDy-51hW{XGVUA|SS6gxH9tQh%NXu~P8mUfVQ&xhcwo>s7g>vI7dvRO6e| zuV#R1rtA3Xnp@;Fgcw@%P)dw5){Ca^rk;XcUt53cqNA#_6=Q>yTvr}X{Ellgsyxyc zg%b7=7ix?EE}5cBN77 zlBl|iy7XU3k8Ev_3%oNY>-y%%m!YI@PwEiANLTZ~sfJpt{2RFQA&9PJ-I3e8j~^=q zmaAFA`GO-qwF5r^uXrc0-Jg*666X~O-Vv^Frvd286}<=*UX&!rmx#H4MP{{(wq_46 ztw3VVg{#lkyBhkuG+fSr(?UOW(`IO5$H{nH#@0+=X}nXhr}8{HBihIwmWL%?oROqM zjxytuXZX=>fi1yorkV}eKr$E<@+#2T89N--n+BW`c4C;RWK z9<*M(oM(sQ@ztKX)$OYpMP5r`du3$-51%iOL!P$etEycqGkIXzzoY7#qd>c3 z*MAdJ;rSh3_Cmj}@VcsEs3A1}d;XqXE74*jqEz6Tx&e{i>(z_U8sub$sRAP>kQO)w z6G9h`{aWN8?+?E$6W1Pn!kh;Z&1~vZ_0Rw1Yh0 zwP&D-o+mCo=_ z1(9FfBx*jkd@p^DY}jhAiK}uKp56cWLpyG2zA1qE79~upul8s$Swb!5Kq=@e2^-;p zd*Lp+s%Kp1JDIaT{GtZ$xkLC-Ju>W!m+MkrKC~n@r24lvin2=xnFaKY<{Q-3$TQOe z&{dK=f21)2?Y!P5FN{VB$dM5B<;d4a?FzBUV$T1MkR+>|nK6<0Duye`1# z-zyQT_(dEDUM7WYI>qk-owTCFhmiL$uO7h#zvm>VUpH|)1-=;lBw+-=`&#UnR+!Zqj zmA_(6`~L8eoJ_Hu#F6dPy?-66-CW>#J$w54R4O@}V&zOtdtKIFv!u_c-s&GjZ#{Xb z|H;v6>>1HiO7W+RbxND36LpTh-icznB3I|GQAg9Q0YmFa6CdM6&wS!GZkLzM8`m=y zUT!%$F>9WTjv1cR9nEiQ9<&y6`jor%n@-fsY_?8G?Uv24{P*G=?2S!#QO{P-{o3?A zlj0DrwN2f0K1Mz#QPZ6IX~9fl*npA~vBdRy%xhOXt!5wL{er7n#q4X}Zmno?A;mtl z>wccvsKPyr(XmYXtsG2Vx+n+DU#BC#AxKx_s`{R;G&3>wsie+RKDZ%g&nt-XYP~h6 z8VgVQ+Ve-NC{D|6hf?BA#%Wm2ERXkzU8{vVqQ#}2h<(Z3xZCj6^Y~vSi~G!U%>s^ zi8ZQAVOz89QjOmGl|;DHsuq-vA=3K-S4zv?>5gl;corPsSsm{TC#*w1?R=9Tz~z|y z} z<^URA1c^D?UPUiphxBgf^a2dvg$M5+G3zT5uycCTdyXrRY4Zj-d;>E7fM<}n4Ow&s zDiFyBCUbC3q|7?3dM#N(K9fAj2=6R2;H&d|OhOwJ3o0{)RATanQqw?6td)(9fmfV_ z*ST|?hd^`$*i#Gaux*9uPpcQq0VJ^J8>T@59!T`U2(a?MGJL_}Pl{c{9B>l_<-9`D z<7vOe?FyMb(cLF3fmk}=r&&{h*kxc&l}+{98C8MQZXnEJ`gvA`C(>RxUT{n?@NX86 zHyVNw)(;Y^7i`QOFq{J^zLAs<7ON-j{Qd9%9yG|U5HwDzb*zkW`myzzY)sDw-Qj* zB!sy!S}T%|{R?;GOV3pCVj8B4JT`5fO3wffC+H2ZH16(hFp08U04pQ7>7WaDlo>ym z5C1|#H<KSj=X zi+i-&2`e9>=jl`EC_a^~!m${`7cHiJ>|;KF{o_)a_(jb?OvvKI@9iCMgmH+|_mjlx zpAaurciT~>Hg*53%lqw17@%TJ8X--XoH6DiEtGJu&x%<0nN<8yZ%IHKqZGF_1-#*7 zWmuTQKPHVpPwuj{bRAedE)X9;}pSp|?I~@?s1?m5<=84zq4#_T}Fz;Ao28 zHPl@#4Gm0Hz7m+}I7+`+@OE`}TkV68-#uqu0>I+lJ=f&w`0%T#V|~!6WG3W_Hyjso zS(9_3r_h;^i!UFre%4hC_6z0~oIfc;LFM6^)SQTP+7iF@-tP?QoxWG3*iv$RGpNy5 z5Gy8B+0x4iaoh3F#QlxrUDX?O7oH&;vy)Uk8hIk^?h^-K9bxe*HnC3>uKrbhH`-QF zp$rnd3xlt>AcXVur;cg({KM@Q-LXhrk4i>&6E?y~q$d>hoQcW)se3Yxu7}tVtlrxH z4&ZzJ=-p|8L6pUSP)_mh^?T9j6tt7aF79wzk)&Hhd@p4 zm=+l;%~tzw^BB|Xg3d4(aKY)ok-#azIl)Q6S;2k5sY5+NStF&szk{dtz|XaNYf}xe zjS*E?gM$KsLW1B_nn-n6558-@@xS>WzIVStzX4y~pP%o~L&1dzzj#*P4Q7IK5Sn>4 zo(;}|hapRz5d?H4SPV>z1FQ{AK#*llVFL8b4NZ+tb`STD_l^!Q5K)oQkzW$e9bBB;99^BCZy)ZT?j8XM zP;fB6py6TT{zON{M#MzPOPE+#+TLVy*iQF@N2Su}wfh`Js#dI2Yqt0u9Ls7q+io>E zKjVezZ2C0vr(RPLC=iv+MjImjPisg1Ct|6K_XROjT+cD7 z)WlHqCI+K@77b#QX2jkQf;Gl?y6I)9S<%QGmz|eE``H>#rYp_|Z2qd}7z|{Ib!Uzv zhmY&dwoK3WkdRc8r+zPzqho2twkAnoZh4`0!v!T&{BalhA|1+CZ;|LfYSLF5vBE?| zNdL6NHHiNB#?iz1Xo-SWvRpd-X?$okm!LN}sTET%MxEUqTHwT)FOYt~S+X z*JIX86Y)J!KL3%!NJ@tpBKCCpwiW8!Zw(8~O9da{L*p5BA`}|9Gscux6`H(HL~<2J zGLbF%Qd{yhQOatIdRYE78~rw=R=>mTp^$ljm=;qO!y-J`#f)gIKh(25|Qu8QpN5*P&r#I3d`b{ zpX>dQyS)j+?%po75$HF3I&&@~1MY3e#u|D^$|u{VlTV?|&pp78@$ z+~OB`c;93yzSqFl-0}VaeV)sT#ADg}1<^R7>?#GqOlXE$fEKTDp^<9p#9Amy=JdD~ zUy@9J!4eyUGcZ&~Z>;mZ^3X_17J5_a=;k(BY+mgPZI~Hq&s;6;%+;VVO*~CAb4D|B z@0)|B;g{b)Gy&kkHnP01Nk0nb!Zv(Om=@F2n++n{bZ0muf@=!^C4nqSgWGk}r? z7uKNr>5^jhJ0XSDeqe^x>I4ze&|7P=KB_FYx^blfXCbDi7mCw4E4F2h)1}PO{Z3hr zFAdQqt%y8X>|s)%$MX!v(Et=pm`u@PpHPVxI{92grn1N6OzdhrwjhYVXM0dy41MGU zeJ?F9TDc8n29vArvBUAM$*I`ZpU<)Ca;iU`zWFOE8q&_%6QCJ&lTg?95X?v=o)plyzJlzp&Lj%M}FAhE6R?&+_!8 z_DM+cwCowBJ)RNgLuf^UlQLbk0h$hbzG0e93^>u#`PRjPbLm z7~YHusv%}e|17~|iI2jpZcVeRHpoma1?UTm*ege=@OYbBOOtJ+`45FjEAeoB)jA@$ z%ACA26m`1Yz0kov7Y9GCyU&dHQ{0;p(PGyjO6*w6O{!U=hAVz8P8FVekF1e9EwgO7 z$n!jOm!Po^4e8L-KH2`7S0cn%d=w0QESwlBRyapvk$i52#6-uOy-|pa`L1|d^~t4H z4V`l&*^ygpm^(3e_(WLs7k>nq1sLx-!PCvSW}(Qlzd4i$sn10{DnDSSH!WYn>4Mr> zv;*J87pjTt96@ZC`DNo-(usRPy=b_HcmUNx8!*0zxYHEAqV`(w8OI{raynzOWDFQY zal$ocG(gl2;6QXt8rF{BK2%k_-CttcG|m$g8p2~vDnCE;6DO8@U=}~_HBTu?7!&Z zE$|tE5%$&~DDyc)Q1VrNHXZPWO%M0z9-RIbE-2$$q92X!^w|^blP30yqG#4;`X=HT zfsaH0?B@Xv3 zW!D@AXE*d>_zNLZ|0_(E!5~ZE53ukHsiu?=YZwi!3E^!5SSl*A67-?8nO zZ~?4EgBB#9D+&svJ7gZ{ifqt|E#l>OpD`1-l}~Q+NEVH~%{Utv=$CXsUF*t;llR$O z-HL^qO?A!Sg>$RJmDdaDE0w-B*_lrei1sGQ9}qhEcF_bxMRe1#L5$SZey4JxsJt$f zzutFAc>a+5P=(GAerr+}lF7*l(>~!_Qd4$m!toKB+o#DCjL@hQfri)`G}ClQ6t1(^ ziHV8ziS-(mEXcnoCCX10BcYYt9A z=S6W(q)#rs+cnx>K4Vw7V<}el!V9QY_QMOx!6c5#jBicb^GwFBJ4ut8(?tctrnkd& zCc^G1jgUnb%=%wyLr3d5NCGLSq8Cj5IFbvr7rugZk2gZL`x5NymQTW3pBk5ijPwhfmY>#!lJ9A?BzNdfySL`2*kxqj}^ zL-yalRS!{1nX#LgFydsP!T)*)Ll7g1y&lSuPJ2oB5M6b%1PSg4|`WgzWy|AW~ zhSh5VojMuWLXY zM8qCtG6)m2dr3rw0*3^|gCkWDl|D6(m{1fDQr>40df&8BIVz}vTr*ezWX_VkLOwPfc3bHLVjA$|FKtvLcSeDyIjX^(d7m5dt}@1a85i< zfOw_Qv-C@5!xGj?5iKLl9v_cK`a3;glVG4tQ_VFbQz8O@Lh~) znT%{CBQA&^WeUv+PcAg483Loi;k^p-Yql(yRe&?kMttzI*vwXEMQK^JwTG;oYaFeP z+jkDN_us2}46m>icwXqg39?y`9UEz*i}Q2!`Q(e7;@j?i&gMnNe%>p=lVokQk51Y! zC&8Oiln%`OHyN)`?XM5#W&_&`UgdbdLy?n%AO6W0h{03HIXLS&unUG7KYRehantl2 z0u_+UKbp8cF2)tEc6PUW?mjPH^y+TAq(r$}+x*&!Z(p=`dfodKzvNs$cW!;H4e>W) zT(~4H`Sx8_Y0X$14(am!&w5i5_Mr%>MoVGZ3fc-Z1s`qHdV8oCI50I_3tvk{WzEjp z`#oQerm4*+SRoOXDWY?QO|a2+)g|OP*OA&09Ydj4>j~lwi6Uz=1E6>_9i>Yo;EQJQ zl-g+M@{0REi=Pkt5&a(KMh6g_{c_uLe9)^F1$jJ6ry_Yw7Hy@O*HNKOGi?RV#yw7P za}AhO6I{X$(C4mV)knB+e_6*?Ir4?TGElJ1V2 zSJlGyBRv7oA6nFt%#27AI{Wo(F$!xjO>mWvzJ!hbqJc4rpYzcGIRx$a1H7BS@s(vk}kT~Bwxs=ojc;M%2a zmCP9lY5Bklwp1VW6&)h5v9OkNi;25mZg#zMkFeWtbO$!$DDiXnoDR?6M_#J)e|x4l zd|LL_+~oJTC7k<&ZiW38$Vc%HEG;f$1Fr_eJnPoIxREzF%^~KJ|`=t|2m@K>-Wzb&H6X z5H0Bs(Id&Swi9<2Mj=2SYP|OAAHvUwIKPI*t8W5SJZE2 z6Vj>C53E(%4(uYWHQ&rWpwBe~&VVUXMk)ekNBIhH;e>$e5CsxTu#^RsknUg5M*GXz zl4L0o=0Q60pp3`ji73?_oe)l^%w%(r4cHi$?e1}$CR>YJEk3UL!UMV!Uh3}Sh7(Vw z!qyvqh2lH3yjH3%lDWOq8=GgMbhui&N=5b78*KDq%OJ=3Ln}S;OpQc)bn@~7D;WuU zWKMx)`~QJS@F4<+-NDJ}{!PSWn0p*Av5+N7kv=527=utkYeS`=1@bO9zfef|jrk|& z&3pB;m$%rV+l%17lzOoSI1SqZO=jR zo9D}gEX64Mj`HJjb3~3IoOvh>io~Rp03q1iV7hz`p!S$^0<*#H`T%EtX@BER)j&}A z#YiE6X_${g)O5nvYU>cOILE!Z!JIBT#=u-ZlLhlC`&+*}VY;-fS`14+z%dAk5=LZm zur09KY*T>8j&wKHtKiE;Nyzk`vb~rnB?dr1&BDUUo?>0+7GfqIHr-(`HJkg?fimSw z41}Hbh+rRr#o+&bAGp`LxaP*ogwIU2881{CjozK^+tDt- zluO3q9Gd0HJsAu`Im9!i_&9~hVfwSBzYlrC(~%c8z8Rp$F~q`%V7TdZdD2%jAD~Fd zkg?|_BK6Q|l#XsNp$@aqL_SIg+NF`~N96hwFnje}I`3DE!yKEKc^vdFe8fG-hN6B3 zU*vs15jnj_;4f+MxT^EQ1pBYbRTk!ptcLR-ayknfomvZnqy6fmy##M@HoOfFh8~fk z{{6NqP*7V{08w(JFQ7dv%)l4m6A-$=&9z8=?CLsYeRIliFX#b0vqxB*IVn=2k*=>W zNk2SPT#VkhaRN`ht)y?Mkc4H7@oW)xR_fzbWH#6jY_U~q_7K!$O*ei-FHLj0*4)%$ zKf&e%gMNvr(PaI;evIqOK0nwyjy3_2TBT8ThWLEpfU&L?uy{zV$snXnM9dS#1}tAV zCyEp|fnE#A@=V3}%(ZtOTBf)25(2;Z$?bc-cgG>nggN{Sm$2@m%3y$E0r{1kI};MlQn^GZzR&i&p%%3u4N+Nn8H_!^#zq zr($rIG%{y)KK7Os6_!Fv79bFDA86H&Lt`Z~$+h@o)iE{Uk9 z;@wSZ&=fG*4;~586c$-1wt4IRR~(t);`ldy|6w6ZIf)Rok2!-bopG|&^x2&8CMS0p zPCU8CTZ^?@<<^~oDTl*S39MV1`x8s6YxCEF@gp|+Bz~K?UW=c+y{$amLDx+xi03qi zYjSsZzcq;`Q|1mQHc8Zqa9M;KSFcrbR@IZDQJu6~6pIvzQQ9aS3GO6OG$M1K%mm+l zqasl-^d91I?dU8pdfco>S#1$?=<;&n1pASrZ?Xs1ne6+*nag~r1QfjcW``5E#juPb zb3*I&29?sVJi|n>6x#?+&eJdd_^|f#tnSCx&mEuJ-UL7YPYkVCo>wB3p4NY?3nWVJ z?pq%*!CPY`O60|PwioeU>-SM!ySe)C)p}ll1^J!(q0+al2CDBXY4^^z^S!^c%oP>p zcIW!-Tl&9QTFU4jn}*ll)plB=?;u4bdtx)9WqeG`y2JjA{+(XRHEp z5NKJmdCKq=ERn9K)Jc*Yr5qKK`j-yvns18PsPy^pq+|gtEPW=5joU=W-n!Wo8`JX& zKaoCKc9Ui&UA$0cTf8G4qZ{SjvbT*lNu0QOfVhdP`|JMq873nW1-CLj-qD<713})u z#lp@2pGx4k5+X9<`GcOU)t%ed(`?R+3HP{96BGHgw?X$*J09~#<{mA6ueDz9TJ`*| z@!U7~tkXN!uBdkl`;{P4<22eHZ{GDjxIt$7zk1@DVka*77#JL?iwb68*iG5Qx(RZO z9pe-zi6#aD3?bVhdC=F_3O5qA>7a7 z-O1&9`z^=A2-!?s#_r8fA4X#H@q5x?x2L=K*m?=_dB^5Dd2Vlb7VJ{}_czd*E~kf_ z(+KTc&!<@X`2+In*Ky^98a%FhSGxn7E5vGBV%Jx#P3c}B#!BlG`S#*KI;>kA>%V&5&O>H@ z@%es~jQ~YMkn-ZMCo4uwe~;*%&LabFbvG2PG462tVIoMU)lGpxrI`V$3>mL=;pXa# zH`FoN%Dy)a+`$;K=~!H^B;{y!n<=LfWf(^9fR3^#Gr}fbtJ_ShEo@E|@r77?a`nZp z%3tt0p3pcer<|^lbR$imCTe~q_!vhLV5S2EB&3BP;ffaH5b-ea0qmD|lK)zuCv9&B z1Cgmx1Sn0i2(5v+qg3jCk~GR`Yvd+3Mb4kG?H4KLfjnSQ?fN@hxu{F5Z>MYYE;%qXvo zQvGwOYnJg_p)_nUzqUUTxw&?7Yax=;$XFR0;2lI$6p{h*)*HYN@s-ct8xm2C6zWNT z4>XX=tx=5wyIG+Eu?1obD)k=^79-$Ypt>Op7KefYkx+{H4gb&FD>hY_4<3?#L<_{43Bl-|rzPy1REvWV+M>5EZHMyn3&q)Qw0m~E z5s%j3`mAycpnbsoQkg97LeNZu-xF*UDi|~IKxy9dz-25?K`i~e%Iq9Ec_eN=sFSR~ zz1QKxBl%cO%<}u#@0-`wGZ;~~9bRMKe#BicP0P@015hya^~HX-zMXsEINY|&$D05i zX%H=6IsT;Yo#Figr^5t6c;lt>X=2{XAT^fCMdaXbyrp;#05yP%!sol3(ns~ZoWH<- zO>O_Y#`m>4F^t|h&w6;dcD{zL*a@C~Uvb11))Dp{%_B?oO-lumK9AfdXvf7JGBF=A zPC(>}7ntH<7%xs#qdC%3n+ReUi;(1b&XA-g?swe~bK^o}nO4d?j9eEzs)KEb(>aSG z!QZOotnhfcF4LZ4zX<8{+qyTMTd)5!L8@6cgf88rUWtRJLAulI;;1S; zZk}KgS4y*hs?Wb)r8#yc{^feVNtTJgNC{n$pmj|duZu#-7{!13%&p2=Ufvjuhl^bz z?yBDn=UJODL68tv#{<-Qp1^vLi}ITDK&A-~#&a#g6Rmc0+?`~n@?G-9`}W?2Q3zb4 z?hj(ws*bC~-+j&H5m0j_{>B$${VoB=S}|&A)fQV|K|;nbb3YWq~;VJ%0ZtT^A#81{PXrS!QKEqqj*uv_ZHWMjsmAi4KYut zX9F%?dUD-!eL7eAv*KM7{e|>)E@oU;zxoP)t}Jn_+a{ca*mFZ2p8qEJ+8qOw^~=n# z1E~YkpN;qmX6y(%C_RjsBQjYz5I0a)R>sv6MzIrK&pxb!hn7*62pycT0!%wU5Dg`O zu9bQ_qzHyPmW1HN@xx8+S=Uqg!+zJlp?$=T`xfFduv?w3{S@ud@G%uyYuSl+^e_no zG-Q@DXB0%QCfpj03eBW#5Ys!KxZDrZza4h+xae5~2mK$p0kDprRnn9i#xUy(-X)(I z{B?rSa;)QM(Wr;n`q_{zdP6~$C976f7c40IUMQ?fK}fcdZ=kbG$Qlo{M+;@Td}>JndO(R1vlM4154 z@H86q+<3j_D2>{=z;E{4a!64M!L0J}H0)R0`7o-cpoGzTiNJ?lYtx{oQ$shy{RF(% zzdUz?2_r=PH^k%}k=E7Somn!s3e*6m;_yPoM~P_DpvyEnT4VfwKm! zw)vA*-DGtQEOC|E*PXK)mg-HiBPaJ6lDE2oaJf!w_N(q%8@kOcP_qk$i5qW(@uF-^*Ll?(1yKXb z`v@v;*=w5=sOPgYX8c)k)F#~G=iuPEMMhlO;^=3TZAOaYf-pelM?Ox(51=|&(TGTf zXqgo^E2AyH9_V~tP=u=J5f#QH2G^+Y!?EU+k83(#n~Df*T5sJ#HKsiwAJnqFP={x2 zKTmagp7VOF#>JRKXtdKp&>nd_LaoL%(V%AFU3Nk@sv>}XgR3M(HLfCy4r1!<`1Zsa z&}tk1miP|K4r-R}7QV=PAS*Pi5k_@F!~fFpwaCT@;4}J(I1}4+OsvkwaL5#J6O#vS z%?VqlmOaS$E^xZPRIBC;gMtu350&QfvLDswVe>f431lC>ZPZKp8Y<96qpV4X@a2rG z)l;emx}r5ndNzLFsOt;7R<1_l#Dz0Gga$;>4BfTYgeMjUv`=v!N06v1dOi@CT+OE- z0voPWr7)e3+9bMo!9wB+4ylBWXC=&7>cv@qNb)sN7$TkR&=vc4T6lwrc$o5*UWzd6 z{+$)>$lAteg>CHq`0oBY`kmivH!$uxZu{x_s-?#pn?fD8<3?$*T5+jPEXiTY$=)WHeM*qSH=Hz4ePCM!Kk-J{#c)Gm0{T{lWGn(z$ zw^}eX^Yy0V{Ktk4npiwScZ40`jr^d=&0eT zlWvm?8naBWVZ3C6q-F&a3}3Umx0eD%bbS}eM3Ld^c8B|ni;+g=w@Inho@yozTi{5w zPnIsz0I&dn5pw|_cbMa{^}NDz-64dhoAkzIYUMA`liaWj zjb4!xw8zck>BTJxe5|iPFcK(z#EaiMhn|yMzqFgt^KXx_JgNG(VE$MO$&Wj3#a0;E zhl`$f+)5REpGQ><-URQNUe?lGl9M$DCEHU}O5R;*@Xg7&Kh*;B{?5>LcUq5$Z^>&x zV;;Kp@GNKE`S1MHa!$Fxm1;;Z=i>&wqh z^kE;&{i0Dz$3$l(OA5sF$RwYBuqrs}*WDI%u?7ibIDPc*sjNHNIk6}-nq?gqx$s zxGxsJZ7;;-nAA_y9cBMhs=dgKC3com1*KDt7P)2RkpyI zmYD&fS}0@si)rG78sHm?W*YH!A{mEEHN7pC5?$9?5Wc%_nQl><6J?0cjf77UNyk3M z8u_SO5{SmPMkN&g=n7AD8ADOTp`so^-=;7ENplqjQTDc3chig;Q5hDXNhUS|*4%xm zRu(rycG&l3ibhU0gzBa}rPbDSfwRCA%{`V9J#$=MMpYe?dhDn79(5C33n3@W#kW92 zWCC5j`{rB|=weo?O7Vz;gDRh=7=Ejr>Ja2VPZ<=+G>H`k`P}O_J}>TOWP6mLT8^%S zf;DRA9$2fp!x`6is3{^20`qpDfb+;{aK|QE+vG}atme2>6aE>AgqC6>7(@1>-iyn` z%Y9WeI%Gid?>^a^EE3A1IL6jOBow7Be>*BZK8~+oo{Ez50?$3kt{-%yv{*Q z)vfOkNi{IT{x_3+E~T40HXUz$T>4~|X<%tG9R21n07olUtI(X+9pX6O$Fd}`>_MCK z$a~*7X!Y}pZmhug6i=GE{ohg6w^?6!%dX5o3SY?%PaJKb2IHEu)+6BGMJoh;9aQ#; zK}5%Bo$d+X<5FGj3Baqg>0o~s(2it1gh~X>&_%*$WfZ~-{vCG)A~kdaW*+)kJ;5bd zCNr6~=$22&rAZ(dqsH`;`X00lalySrOlhMl8{}rX|CSiLOSV1~Oy5?|Y}InlJ8QC3 zUh33;W?GxkS}@MsAU$6q+4K0%0K+x(&yza6Csu5?X6DgXJ;Nn8U>oFNTnPb9&aUCs zf(2C917W2LroyL3>rY6|A4r$-3L*ee{9ra8MZ zY3!=#sG8|0vfoJk;+vUouC}wce{SEK&dti(Xt`;_{?}6B{vK9cyxm=0&1dg_5_Z+4 zyM5ifTzx;o=RN>GbJqR7acV3rA@0{LU9=e4-52?5MoL`q0Fh4v8qQc`aCbDnVwpI) z-tEs8>0CVWt+$6U164teZdf6lX&Cb(gb>*g%)pB96?mTHmb?B#_q$SF+wStqHe0;e z4Q=q3gk0>$r8yEOhUd)~{QPdxq#F6hCi%JhZJjpj2Tt@pqz_Or`8T-K8W%RByk*G_ zsqMdb+t;=wRmTUrs7p2(1ksYNf5Yia(ZAt0zJ#D!oQCdAnXRcOCYX`imt^1`e4;@) zb6ciZ7-5C`8W*5>V~9x{~!UhXCS38 z*rw=YrzK500a;?q0CW>Q_;6ir$ev>gT5B<7yVF0ER_+k7^KZA_*GQv z-P}oVo$^~4*i~L9g6OhBpo3+2GyOXSZ+rjEMt#i<#M3&nfU0J0EwcXDJ6GvoOp>c(9XpPr^)lK}+U2 zYsMS457?XCyYc_N{d?n&U%u#`=Zl^=!;7sZrUmJi*HiDBL{9TabGg;pUFwL{b?Ew7 zyrLi8RwJIPw8QhoviQBuV?BMHQsLG-nQ9EX^7K?$bCME-x`uG!$#*3jvY4J13Nze$ zLjj>Ki2Nr+15@7&nGHE&G_f<46HZ2(p~8e~vZLSQv6`ru-O-Fuy8@9R$ue$xzk^f@ z@F>WT0n&W9S43;T1>?M!#vdYjzA!+)dIkSCH&-E8w~M_0XjRJUABNnX*e|26R9&%> z`Y%(?fNqk)PjIwu{Lj&6LY|sW*YS5Y-;MV^$aVeihA*8uiDqaK%!_+rN5rXF%cL@B z;sQy`CMH5@nNj4rbW+%hZY0^`GNC6gq{8IVr0o!PBvTZqFKEM!QnY3U=swj`D7(la z|F$vgX|a}*4znejFUg%#iyalh3IyC@_W|&>uye83?$XpJYtKc}bTWO~#oQEf^$LIB zid|S{&6hK;`&2~nuG>>TIOgAmVE)1$;YfQ)B+?&z_|L|ATaiVMs2@jx$H#%k)&SKM zSgNzPHP8lggk;sUp^EZ-Q!RbWpXvY-wwdA|@2N`SC5ub4fMZ@65=lK-lQlwP1~*RJ zr#q^`P*reHl&)==wFkEw43CA?52%}0wVk2;HSMFyNG;EekKx$Pd96@vi-+Vs>)DV8l|=cItq6__!eJXQXk*&JE(Frm)jx1h zuiz0(02FW(s^9iCx;5&T8kjQP+TfkBt!W8oL}Afc=Dop`ja3IaMH`AUXxCg` zD;0FhZOl}gI&JM_MeWXcL6&ZiHb3wPmnu6^HgJmZaU0KHPlq}&mZ$4b09&YHvgxk_ zo?@K+mc0+C=O7jMnV7534DdF<2tID!F3;7v9XIU>TS@(#*gcJNtu@w!{^aTdIz~rJ zmC(NwyL6ojuzEbLw2yZlb0vJvgi9gzaC8#fRXP+c(j|>@1J^e^xxT!8D0APkJOo)s z4jeqev*rVxogN#c3L3l`+D@Nj$DHgJ)iL1bGV_Py)E2j*8Du&y)rQV?S+$opMx3vB zi4a_=S8vg=Oz3YOU(mX2rfq^*0~-aUE-Gh)j$1b3=T~iRVn^9jX1|k#|K{7ovU<0a z>(3hZv8GdNzrZ16wF!J>Va7AowV$rvfe=(ozkm4YfggnOZ-Z_QGI!h;A^1vKU0}4> zzV9!OmRG1%wV$t?AI!qDKiRF#Z#0-rd|5+4RBIMra|F+fxG;ue6;^&O&G>f3`Bzc8 zy%2Th<kkwQ7;I^6kT>^S)r)WY>h6Zs6)Dnxxc{RX1k`WH?o;%7{!%mk~ z127yfe;nh2-dkyQEK892cAF^I`-#D0w^Pv?0!+H|=}(Vn+yIVAlr&G!WfTlOi};&f!p7AZq7J0o7@5B#hi_ctp0t^ta&oD1m zQMf%LMTkzgq#2r5!S-;~EKlliJOx#AFyKu{dVo0%OUA&O;xhu))Xkx2DhUV((i!56 zz>@lC;vC!vg0?KEcLTSiI8jiCPLzKqhiSTIsA!%I-r<^ae4XhYB_}PM`JPzH@pXx# zNn))8V$60eC7RWT;EdkTKa{g&j%1t8(O8j}$UV1?xUBacn_#j0W!o~k!i4OkvvLnm zZPsS@>a|(c`n5&_S+dHO)wvGBLo$`Ct13ErN!oxxpFK03W&5uti?gu2xxBf=tAFP0 z3yDAL6|CJET_5h=atV5C9&7U<$$XhsP5c{5MKAbI15MrJO+!TGFpFX|Lm=N0Vdb3F zuv!JHT})|(vfXjfn1`egG{@i8z1AGI6M}!Ll;>pZO4y=N)}?Gpg_j=w3~{tXAirbO8cV3NLA#4}p0LKT;ZcDFlLx6+} z;B(;_VIl5G8zJ`7(+YzzL+BveCkYP}RwB8SJOOF+EyLH2nZ0!Zku4g@<>U;C+X8pP zldQd3?B<%lP>p>t?1`lPG}?Aqu9W!_j=4UllI!9i*Ndxtn8%wQkp2E)3B`THYai!s za_MYdU`u*m0e6S~#g7W_G4Y-bbUuRHzO~eF}{Of=(4pFh62piiA`v@kF)ZV&w7`659fSj!QXRoFOF=IG-TwSJ|Hcv z6xmfoHvc_xHbXH<_XrCID>b?*vx+|x?Q7hAP=K&7U17M&FczQt@dBN2wI~%4VxIkE zlK>SjL6#VihJ`YdL@t=bo=XkqlGZx_uD7VMbL&$aQq&^=Yw=;$!D1JGGx#@}^PA=eEnD_3UTc-OScQ z#m0=D#pyQU@&M37-y;}S#4s{?prAo$urNNhz(99gwJENrsX8Wc?lqW~s@a=nIaZhgnzk! z7xNz@xOuH1^#%miV`gn8I%x0rJ}kt-5D__0i0}5kwapD5=t`rS)U zM?W#a1)Fi)CYZq^^Fcf?ck)$iUCSQU4)d%YmIaj?cQnV9Hn;eAXTAo(cl=x8 z^5;3CP15_iFLDH}8X+C@Esc_`KGT&5$W;~?LK-yes*7Yb&yYbTvrjxUSU4<@J|w#J z=+$Q*5#wWKBR=e<2<4f~Ao z@X4yLGH&+jia^3dPmQ!jGd3`cQ<^h%tF6{>Up_EDRgS-{RC8?DMo;A?sytyAI{9jw z0I7seLC`pRmF?4FQ3A?K?AMh$5y|gdARwOZ@xX?d98ELMw++$X7^oXfq5um~5OzDV zIy5DubFl$#J-1ME3Q|MeA|q}C0>m7X#xv^yQGAX!HTYSS7hOu;mLIY;XjykMs?{qsqc=6 z?GTX4gV1VM$%FJdBef-hnvVGwzNUf*vtAp)%Y#3fi1zB|c45|3n;_48(R4vlFes)W z9$}McvQXWR&4F&l04kzy+oV9;Z6d6>%y1yPNRmj?Eu%Arr5SJo2Y|Z8#(NZ2t`GE0 zIz|nVi+&B|>>XpD;bqws%0UH8d+z_CCNoU4GKuJRLp#-dZjiV7*Qg)^eKB zjgWTN#B65r-qg-LoqBlk$u)mB);@&*ty`AUpyix=o@+`f~@g(8Syh< zVx;+)S~0z!s#a4;J&h`DyfG2NJHYi@veJ^0 zRB5WBGQ(SaWIe6X?ko9SCHNI!03DdSs(>K<*F{&pe(2J*UB1rGeDBcZ8y1Znz7+0U zbO1&&>yVZ@$k`C+J{}k+aEjn%EEQ(m0#aLV{MPCfya;Bzj5rn**sqH znGJ4dUN*z6TR0_qOd{ozZ>Vri;}yM0Z<-f6nT?x@hd986CJwudNe*V)&rKcX zn7SuD`<@w&+tIemCJl~2KbrPK-0o7kzgN6_gwMZHF#!I6N z6i%3cby^cpipe6UiY(yPaq0>+f7=uqsWz{n%cDL&LlzO$Lg$27*mVmcrBTtCg~W&& z@Ou5@{#KYYz|nv*Sz0v2!F}yZQwBM-p2NTK`A;wD?|rBYVM8gqb)jskoRSdy7cB~^yYWoxtYc{Juz}W zJ+7LL-lO#`{h7M?JwD2*#D{LmVn#?sCmt9giX3Y3XGb}To*LpwrBkUmdr*n-%n-d* znHSiaEBKI0LWX7XvK`x&FKc$ycP<)Q*-?8b%==RmuKX*Z4x0D zu{zQEvG-3$%gbm>tnY18e%J*B+yb3aBAQ$ovcklJADCw8Idf?#kkWK%IuSSUi_c@h zw37J2ub~&CW2;@9C=wN(;Jt*$7Ag;QhRqI(S(L!0l!v>&J?TJSD-9+yf*=cK2*xt1 zb<)8^{anwE$M7ZjZsRE9M__nNYpVi#(II#>C=p4-N~f;|`KGM~6&~W>idY5wD#jHsQr|M%KT@m{S>M1qJp~5$Ru*t7uI|JI$4LbxuxIn{%ft) zVOcPx$%5ClX_)A$ zn<5c5*2G3)9)rc|Q+kbOfX@(BlFRZ4J%}*1#FIRIiAVW_B_3sRi6@o*RY(8xR53>QVF8(izGQ6Ygouoq4wuo?nvV1AH626f zV{aHWor1OK>DQXJrlX6Iuf=ORT!vF>I?hj2(?Qv=nhukVHkYN>badGSST_tS=uF6j ziR1rERc8vnIRRQ-rz)u;FnAqmwFl__IUUnTYQG`DZQR>9@jfN2~JTL1!mOk=ZdDPn4YT@lP0UC-JH%G&my1B78vk@l=OJ*9ng>9koDGNtW|XuHsDNoTpO$ zw_+c?vzX$dl<(T9@;*d{khg#5^9c&8F6dp)yc^BL{Rqah0Tx__SR>Jr6o$|gpH(E| zjaEt`mypK)1;bi5z%8sz^FHl+ctUFgcsTN7{c+P=*6$#%20w8PNcmsZfI8c^KCpLF zPu`b5=l;FJJ@ZumYUo~osEnC*L~)_k0kYCc}c>n*JLC`EhS%dP(3wcW1Q zt3AaV3i^JUt;ATTe37N_YL9bDwI}9{l}uCZ@l8|hDIn;FMMknkqibJLou`mGs?V2c zd}p14(iv(z#ss6!>-BLz%yW>!fwPZ!foEdoOiN1&C(n%B_6VOd_vz1epIo+aPCS}u z`kD=YHr*v_w{6|JZEZBVcKyKWwQJ$43%)r2Agx!gYPcfH_^zGJ;5(wcn4cox?Ie;( zG)dxUkr-I^Vhmp(#4bVB2MTfN^nR-7^bZy>e@7u7inE#`hOoY+lfohT9CD)+e0eK^ zV>!(FqB^zbDJ6+EfH-VnclxFwmUG*?%)q*A^}(vBHVoBZypr|D4e{rkFhE$?2EZO% zz!GQfobjkpZ9wOf?cw?#?(s>MXX80}KYOZWD2SZ!d6?{xpM|XnT2nguyhK2Bvo079 z`aSqBy-A_7q~_==uiO(YhZ83sdg4%NCRKLW=v5G3fYukp$k)_2A2HDzOh&)h7*%PO z@tt(#7b##8gCMg9GiXy1!xqfh=#cjK0h`$>FiZ*>whkbvk&wSMP|AtL52RPe*2Z%g z6a!w!8l~)kl&bpA(X#9Az4!V=7$Ja^q{oE?+oGbe8lP0T1#&G_ z;X+;;+f4D|oS?`X~0=Q(JNx(J@0c#m-K?C%i{p8ScB*58w*HDo`1rQq4{i^iV~ z?`y)u0OLR-pHN(`KPOj7(sQ-P<90iImMnX|Jgp|5rQg9de0lfy^X2`dTU%w?C(Pq2 zHx{mbpXMk>re{s@j@q-3zW_GQr=l}<6r54{ zL_1zTEgOB4<+7IijJyTwh&--W1s(oAu2)UE)j!ghPB*51mS%r(KhtvRzi2n9MnB`z zo?gxV=Oy@F1h!N%@q{Sgw^@ON73TO{4y(`RGYN)YQId>smY-&)`EIbJ#Nl$i!@vHL zf3-y;E}Pv|_*I|7CN(gZ_uHcn(f(Ah+r7fh2bu9)1 z%zq-N#~3TKDJp@A0(yID1+Y;*)?<_*Z8jqhud2wTQ%R3Ell1sJ-XxpI%qZFuh}pDl zGk)cdUDjveWHznI=Wba;HT8va_wKsVF{=)sZkBED&Vf(4!uEB8n|4`${tJL#{M>%t zIXC^2`M?!>A~q!w*>h!Ir`*uLXLBT?*dkkYYr0ekpQ2yp&*Ez!=5JM-1wMNg(4Hd! zsa&hj)YxV`JV9$Z43y9ydtMD@O~#;T#YK?|>8GLqqRC_KkM^6r>}mAT>Y*?|XsD7N z534_b+OYcco%WJQG>Bl|YD>8eA9kf|R+GsSj7CcAcfz87X@Gk6Y@7cFdy`a<004N} zV_;-pU|?o&QPP^9<%TAeV!I2_y;tRL2YI004N} zV_;-pV4nJ4hJk^Fl>rEtXD~1_pn}H$K^+4<004N}ZIe$(R8bU%f9Ku`0&CM02stJb zG-U&mvrEYlp;cuI7x4&Oq#zMB8*3Am6tgW9B4~E*%SD0YCTJ1SqD6l;iO^1jAi)-C zLEm}vW{`C8@w@ljbI&>NocrvCdg7|&XcIo_yp~lCvnts;6~ls#hpQUYw8~c10Cd=< zlF-moy~gi?YG}W`QQrQjXchI@GJIwIO9fkJy{c2T#Q7Swb(P#dz1z?gj{`HISEYDR zrSL)da9v3}kgk(30#){1>|ZINzJ%Bc6WGhxJJI*(3C@d|4r1%4_FM2mm%}6F;+%5f z4%~z~-&WOFT60w=$v+f65qCpNVVL}fx&N3r&9?xLA zr$V@djlQS*4NYl{nDo&`)dSuB9n2!_GwTIx12*5h7xQhpz2|AacOg1HgOO|o8PvEB zh9N>1z8$Up{|_}Srs^};j?dr-@haf`-i3G!^%+=m1}%2vA18m-{~h?-a`hQ(!)IWN z%m|I2sr4*A)I_gl;J&@(f2d1sJGdanT1(_IgGi3`2>psO9aarmQSootZl64*f`ic*b>;<*ygc)U~gdG$HB$n#Zker zg5v_G7H1e|0p~onN8 z@!9c(@OANB;pgMG;m_iq!2d*mM?g&=L|~G@20;cvJHb4`1%e-h^n^NuRtQ}ZW)V&j zUMGA@L_{P-q)z0NC=(DGh%ONQCe|Z%L+p?EB=I8>1`=fwGbA=iDoNT%=14A*d?l46 zRUx%Z>XbBtw3&2)^aL3(nMtxPvJ+$<$?3_}$bFHIlHaAkqR^nQN8y*EmEt7D9g6pq zIF#I!T9ke$n<BG`?x( zX|B?Irlq1)qqRuugw`i*Bkcn1dpa^YQ9849e(473PSAa$r=%C5H$m^7zJ$Jy{sMy- zgAImkhEj%MIADrlkzs@3EW<5^*9?Cd$ryzg^%)&AdSa{rgm%V3K)A((0RTRPgeU+3 z0002v09OD70000000ICe05$+~0001<0TTcK004N})mhDM97ParCm|vRB#@#c&S_4O zEu8f~A-05MIS$x3wux=5W?7kT@{IB@DhPTkyK?!}sR2+Si-ZRuYcH*n_T+po9d zeozZKS?r~LC-nwlJ@5{qEb+I(W-Ifa2hCpOC*EODZN#1IwOKWh$xL7p(=k3M&wNE_ zy~f|y=t)gzV(RzI0=3T4Z_cckU9(3m{8emi(a6lyFuqUybLgv>NAz4VZCc|M@#HZL zYK@3<)yxyMguhRT*SvX5D{sno&fH>88w0qGIY8qC|HeqJ{<(?t99w?@w{cz%pt){SL( zNV9BD12Sfyd>Ro_|1o4?PF;HQ`gN?!It8XjEiv^3s%1vwyVTO8cIL|3)X>h7)$y!R zTY&Yd^v=wHo`KF5ZBytHV}?gR7jr7!kYe+J7l%x1U6=Qn9m0R1?%IJtB!Z86>Y{xqM zyaQgWNgv#MibJSY%%GvQq|8sTpAyKH>Zm}q5MEX6rIz{>f3vi?=DA;b(BuR&S^x8V z-0CmrA3G{lEAoz6hJ|^xmPU{qKc3r#C-+r9*)wfu6R5RBn>PHL{iE!2MeK85dO&Lg z*t4wt05*)k(fT1H5@B|t`zmm@YyhPY>x!)`Ux@@6WIhX>@*W-_W_Z}gzWP-z{VR>B z(mKGJEnTm#c*w}EVruQWf;hk&TP5FY>3YL^{1IYr&To#sme68lV4a(~lI-KN{9nF( zlF)~qKCLF`T91yf>jHR*{7niCPZF<@~942r_8u-4k(+f zQ=VJKxK;XXQ7cn5_48D{YgJ_*l~0@S7>?bdSAuw#d+g_>{w_3OEK-N#>MSoKf`T6goW0M96{vf|>_aIWw* za>;!0#1^<7!$)F8Ki{K0?9L2P+vYLB_6d2;j(J9-9-wkKAo@A>*Dw+(>Ln}h;}JTC zF4lCYwGG*=g}HySAbBw#NyQ=g#zy3+p;+1hj-mSH+c;JgLz}s#RNJSd+ba1C`;_>g z_;Lf1)*LpeX7-NL!PbxsM7K<}7Os1Q8rPHm7B$YQ;sc>-DEzm`LTmIKC+TC@o1-E> z+4G)h#_*A?r0%lF?V>M4Ciala`-M8fLnL9n6WtRv%?UktqvY-t%!1a~WIE0T3&}-vtggu$h z`I6dBP}#SD=f3JCb=w-SX}gNH+`Ed3ghz1Ix2ZnmsqaZG=h3c=A(zy>M_OI_h~c~= zn_2;kj$by;mbJI}I>#y{FSpTB;(Q%ZN~A~;sRPYitjX^#KFfFSR0Q%gO504C$Fv^p zuvBZlp2{f|ZeA;dy6Pyt{nE*7hFWAF?cp5ep=Ga-uST8n%28OVOwUMz3@T5H(>~7OJybji`nq~c80*<4 zzf~)*Rl!-dy!zx2LenF$$x$19Hkxwxe<^N70+Zz1Y+%`(|%X2iYqF^ys$>OkH;ZoCH6ChM1H z5AZv0{BG&iKEaL)^n_5{pX;=Tw#Zl5@7ERK1I$VgOY+++xm{|4SB~}}fcy;J2aH?0G`Aw6)F_LlSf!=alq`QMbM@D0fbUA@2eP?aoGPW^^lGQkO>M2le(2aMiE85~?(QpDsCu8Da6Zl23$zR%3}QNhRjyH^9B z%WFb~P*FuGDoK^5vMSP5m7$vIGSyI1Ew$BAS3UJV>@?I!V_#^Zsb;>^TnjC=@|CZ( z)<#?HwAVpLopcrxmyo54Y+dEZ)lGLj^wdjlee{*5pZ*3IDBmE14KdU(-xzL$kw*E} zXk&~u&Uh0{G|6OBOf}7PGt4wAq&Q-;Eq-ypZ?@WFr-P1$N_Kc@ll>tzq}lCzSG@|A z{ot5){_);nC){$wNwdwd*IakZbJJ}P+;z`=znkx|haNelz~ATW5of-gxVh(|&TIgz=MpZ4;S#-rVMJbivqL3!!CxwFa& zlT{)=X?A|f!1B^1{{dN=kNjswIjZ6$K037xtBLDyaR2$z~007+e$cX>| literal 0 HcmV?d00001 diff --git a/fonts/Novecentosanswide-UltraLight-webfont.woff2 b/fonts/Novecentosanswide-UltraLight-webfont.woff2 new file mode 100644 index 0000000000000000000000000000000000000000..7e659549bc11aa2c4968d6b22aab220fe25dd417 GIT binary patch literal 18716 zcmV(^K-Ir@Pew8T0RR9107)DG6951J0NEe_07$O@0{}q)00000000000000000000 z0000#Mn+Uk92y`S;6NOjI0j$mBV|mj3VMUPu-~v*hf~jw-EcpNem@vIAS5S?#S(2) zedBt}m+J4IoYF2jDQM`98}?AMqob!i z(5C&o-33-K4<(CuNPxK1ELJLRq;is;h}KLawfmxKi{X9(jxzHO z+uo|pnr{18G|ahl6)xJ3iuqU0vW+)YCcSAHzsFh2SqCeZHA4gaJFcb&5ce)jKg=Fg zTBx{y4F2u-T<>O93e0R8tR`|oZ=52l4WInq&<68b9{8sJW+pwUL{6BWtpNU^9&N8w zlnJX@p~!Xem*`v zJ`Tq^6F!bqRw^r%KwnlW8Fow{@Y!jAu(!DlFlNSBc%59}6&5VcCpDl@C98;t>)VrLE~gs{(hHH*PMEd~RJQy@-R4E(O)y=A@a zJ+$23*>HxItx&mMJ*KM$c0GF+W`Kxd$%(%y@7{IRbl-Gh@c;k!Dc?UV-zz`?e5hFw zNNzG8OXz_mbBEE!0b~L!6{P)EErz-ZD#3yl4Ey6;uN}&M?-SoZma>&=o!n><=o9pXgNQdy<#f>g_Q;d2CxEN##T=wSx=+waea+eAAhZ! zq;;=jyx(bU=fJ(h?+cx%Dk^}a^Pf)Z`XyT~)B2Xy?#5w~ZKu)>*EyW{|0D6gB(NnJ zVqqKy9B+(Cq1YLNoh(Q=1F|#Eh3uwnshwg^Af41HrJp9ZExjFXyO+aWj}@kHuE8^g z1$21$vDAE6yyasfKs+@AFP|8~x2V23&PKaRD= zsEVkHiinDczR&m1->jj?8tisWDls(jLJUeMbDy{GJMAgl@{WFo!E?f{fuxOB0zd%V z9{K7X0NlM;+X?{pCtiQ*{F)YE2LKF0euQw1X0MTGjx`icHw|ir_Hg2od2n`>@P9w7 zAx@+lWdPK0SPGM5b%mRC5KBc!L|kMdAz4zf6kY>GR;x3_{>?6`k>oQDy1mDk2sXC& zID29LOUGx!d*QwJzI6Y8B#cdG@(mBe!}92c_~`>3rp)*Y@s@^eupMU%9ojb7M%!eY z?S=9ex-ac3``W&-Z*A*8GST5rcaPSG^|vBEYCu%)s>U4G=1;Lm9FlLX2s-9{)V))9 z(W9yHOBE^~b??Z{2f&t(sXW$Jd;BfCY*3D)F$`5?YnCfBZy==%M`A(Cq1)H$C}aFM z%QTLxkl&F`bZ^L>TxCWKgyd0*q&~&+@?BP_U}1(p7r0 zze@BM5$E()?S6&?N%5=}t5vaF49=z}7ds_!NYBIW`7T0p$)gI58r(lY`p2975Gr8J zf75go1<_|LWVkd8K>FLj_-;LHBd!;o=yZt&vBbHN54a?F(S7u6aNvSVet4!wys#@X zP*f;Pwjg22w>Y5u4<|r$@H%H0$RqP=r}%0EL<^cWH*5OkQ59KQtkD=jqP22%AU3Po zT>}n}rDA&s=|}xl@JPl^>>4ii=q4pS7AsPi3sg8&k77BNYoTbQlk?h0$8uD+vu7_B;1Js;8K(TPK8QVVmrfa=FwvG#dWx}YJ7us z0|;bq{BbuKODb2WrVl#n4FjT{B^n_B+Y=sf@nNZvw{1m~2oC24)Et`o`o zHWU`O|9P=uLE0P#cS<1ks-yszl`$qkv49i6?q&oOP+$n^abB!2Krfg(c`l?= z2&{4q6hWVBBT-SRQ9Fhnd3!DZs8Bf@JJeo`xfW_@Wq6VW z6y`44qj!Rs2_YI)G2<0#Gtv#R15v3fQJtpFk-rDBR04D~7&k*Ai^Q{VW|60b#*AXa zN1U3m#&dTt?TCJ275>rDDf#vIl$bw0~Pdl2}lLH4S%;)Jg zL`tBc4p##{mqf||w`4|0k51!ISr3y)id$TlI z$Y9jsOMX$~DkSjaoRH!?mQ+c*NY7Ewgsv4}HptzLiBn`WNWd}qNgM-IZ=JUH9hKf8 z5BE}&QRbjEnQU@$im0CM+$2kMX3i!&ugaK5W2Tt#En!KdPo0hl1I%U1g5R^li&YlF zu%?lX3KF^~)2FQjL@@kFMmmd#c(vyoV9_cchyY=wvC1gDI zgx^yb&oFon<9m?rPaPOd4N2>86>mkxCgiI>_3gGWF%dRjQdjCpm1)?C@DFb#_s9p( z^9x82qo|BAOH@dKQ2|CpL=~e`5}K4M!zw3R1)NId5)XD)sAt(-_^^7pL^<==f3CreuM=OGlp9j0T_f8k?*rZI=+auGi6rW z-$-ZW?0GZ23@Offm^Sp+sqm?bOXV@nI9Eh?T=5yAYF)*E`fT;n=_d%+rrK72zWyE5 zz()o|uld8D9ccD`wF)2%j^fV{EdF5`3wq>6V%HR9(9&`AuJ2c4vVdx|bf@&_exbCZ zFK@jNfiXhF4@dL>P2m6)o@G>BgtY)FA^_2Szv+odSVD;z7FZ$UC2#n^7q;8)xbv=i z=((RE0J-|}#(zu+un^;CWPu~$dl9~fy>>`Di`^IY>Gp>lV6N3+zr#028h)lC9u zJ+T{GY1IE)Jg*!@Y7Ee9oEeC#S%$0CEAIh3^-E` zO{x?&{kb_`ph3-1c37VQ8x&mPz0|~7C8#ZIh4KZ2ab^Yy%BG;uH3X<3XfF4#u!d!4 zc>&D}rOE(Sfw9DOb|1q^HVzJV0BP&tG0!Q70o!l4h^4pDA zE;9e>asu)1&&?|+y1C52mjL(tVL1}HEB&@YxNrKrFa&7D*@FJ7QT#pX)yb>T5z zPMIoon*#_Vql5qQYBcBv;b0yl6Ki?7O$HdU0W1+0@9!sgmn%BEtK>IUjC)~o9K`Dh z!>=LrxIR+Kh{w%H1y=QWTfwgq=EIfKK9lr>EOCSTExjbmcCApD{|q<-481f(tQ@-O z^3SE0hv)4z&pMlV&ulvUiwc*W*$!af&o75IVV?{D*xyMqU1h(CMlLot0MK;zu+haY zu&;j71-uOaGn_VnOwB9=(v@5Y06fRmrCd1Y0XgK!4Xp-fth38u|LiJdM>ee#ZPyRu zG%xE`52t767nfJpH*$pt6Uw-dN*n8Zh$)xa`j~4UHiw(Wg2hzRvT>L{?wVz zmVG|o{?XD|c;N%K2&RjFgyvjfYhkMi0GNCId{SoPz|w_BU5}r1_Z)NXH-7l<`v8{z zeToe)+q>F(cJJx#>xaGdH8ujf^k)Hp6$H&vz^P?B3iugtw1_FzZu*xdNi+_H#I?** z!!Ay^75E`dvh?mB_3(GZkI#wcuL%E@6V;YqocI6J8uz2(&<>pUV2Af?JRqpV0D+vI z1Q>KA&TnAJ=iz=mub&)Fw!S29-qrSdhP@_F&7Tt`^{SG;tTrA+us`DdF@K(^y z0V>@Y;2@#Ozn90N39PZlDd7@OA?{Kn9saXguErtWPBUIBU^ zSp-0r#SV5wVct1AwLd>G!XAGbdhsjkAI!88`RGVXyINpn37 z#ei*0-kHz0eLzEF8jbvsjRRVsR6?z{b>Y{L#Y}a;e9LGO13H8rj=i?=$$uk1*OUUOd3tOT8jPG<;%amr@&sx$yLMuIm7GB(rw zz{FhR8g~+nMNKFyk{gsp6_ovMXY)+(9P2OteP?4)xGOnereU}fu+ZoeSXl z4mel^aI#8}#j1dd7L8L?4T@=um+UA-%&0w|J!8i4v(FpcR2P)TxEDq1rWjT90Pzade`~~An zlIhNIebS_*+D%RoPE&U?BshxEn86TDP?j31><3#JfR zRRqNhUV>3MGFbITxS&(-e#J7m7_uk#Ccz~(HCvLwYl`y^JiweqnP>?$BrTso6yCoY zQozoTGLmxu-{pl3+{E110Bz@D|ZzD%2A)lvs+w-1FK@=KIuX z$-Fxe?nH?pz^z0-$a`~1b&is$)AB}v;`Ii~2KQ)O#IocX$|sEDP&uYfWBZ$KB`xKy z#p>goK*c$m4U0-fbMpJHg2HGqrW%T(_KGY83Tm?337k4&5vXx4L9@uRMw*t?+4HtO zxoc^BD-iAQUt;EXh<7xnC`&eNq?_97vv^`15Q6G#z1LgLtKgECX^*H*G#3Pz*IXvfpJSv25+N-FvCblX3N7YJQJHuLzQR9koL-cKL#x?=H-nr{ zBxfHh`d5R$TlyoOq-~#Ia&c ztKb`C9i#CInrXPc9qYQM=sZZuX(LJNbyKuQ8bV08gW;F!lsQI#itpv6bT}87WlK;f z%XY8+rdV24T2oysi2x`4FeAidx(LqhDi6T_A{4GPcn@LOr74E`fT(RJbPRRSp=*V8kO@0-1UN8< zg*58Hf)^OnZD@x72lffZIM+Df58?u5QM_osK{7#?g^ND(ht9?UiR~6V>=hW4Ab)@Z zgF{fOkdj0?T@+lj8uecKj!x|t9&bmL0Qpmpok8(l-VJ=BT8SN+pH zR1dyBR=+)ReRA;U{AaGJ6OCWCe3t*G#&#F}R;&fftWbkp_+O;4MGWKnWNI%ci);m7 zp!$9W#k#a-94lQreAWJ>rzKRKPkUPeE$eaj4$p4!tCXPnm83)l-BC*qIw2>=#4Rmb zaXWW`SN8kPAF^CfQe}-@u+5@vY^m++|ML2sp5wcrV1%egKhgZo_NSY-syW7}hrK{# z@vjbe%3ln8T~V4Xw|)y({?I%OjgLRdfQ0Na9-Jghpv4geYDFqsfRZu`4x_Q`={5IS zZ+U=Lf<$x0ClwV>k6v&GDIO_wwUqVhy^uoAldSSxi)_9pM1}Hn?X7{YOV_AE>6uJ7 z?>G~avW>(9dC#<}D@fuM4UiEjCj(DT@+Sk4snO&&^T~t>n7CL33a<;ii?3h-OduU0 z>rgU>w@62G7k%%-GAiSNdv)3pS8}n;EAOmCe!}NG*E=g0NR)JY*U?`Q$A43;kjJ;4Z9Q{(DSlUXzUARTfDhpMfJ6+fAnlHxHmMk?bEgf!#FNM zf_arc{QA12xFnNk7Kp5vX(xUkAR^0A+Oiyxq8#Hm$Lxqo&}vcJ;Vqw3Ko24M&h6nILkGDOW(tSOBRST_1I1{x}9q9D5BDTiMrwN>aN~iL) z#3@EmCaS6g4yc41H5vPw|j7KfdyrI|Il!_OUrV)u4gHTw13dGJDW~$YOvdfB^_Z%)N-o!7et1$ zvewt5iTXPgg=nQE)t8Q|tEFVobcUiQSyfxR4Cl6u<_}-pzPqC2X|oS%OL@D?t}vhM z?n{2N9NC#KiIOLQQVKv+F_4m%QfH9o5%ME;GT7U}udkSo@)=dsOtnG==Sb6fNRFcL z{4@u1WuC~F(GJ~aoym9|VXJ{biNkT_LLfj7{I26z7t*drnew*)i8yJv_`;<0I*+Q= ztfUe}Cwo!|97eDtXaroKq9-PkL$%{Hh@p(=b^W=eL!VHPN+@%KO<4pvaCxdAe05b- z9Q3RxEjdc~i%Ga|YHDm_-gtC6bKBEhddHp~b>+sTGVwG*=|K*4qUsbE?1>Y5Yft>V z{}gSgQL)exEGp~c-gRnL8-Gy(B<>-TaRHH{=447k(e#s8ZeMZslxEAkG}T>K)}=>_ z{E%V-B?B^wfgL`8^Oz_91ea*4YAajVAp-5o_8rg=QEugoG>=pi`ruA%D4^w1mzb(- zEnOg?1+)7PSg#K8)%1?xU^f6<==CEaS^J zp{DU++^!*!1KrgID^Wn*_?qs6+7|LtenJXmSmi9bBC4hf>8hBL)~oKi5K^mBYT%7u zPU$m=M}t7mP*j%HQ8q6>2=JJP1o~r%(JRpvT;Xj!dSz;=FH3l_hjQsA4-HQ)!$@cA z<j zj=-d^rB7s->XL-)-o@OZ&M;THZ;1Mayg0=u8uVM7n10DjDcE+Kx|Mct6o2CdV(_hj z=NF>78UfloY^$0h-YG)PhAS!C zp*{9OWt*dzLcnHdtELR!)4x0C#3gsu3Gy9Ir`s(Gx4qI(6NHJAp^&BILh@D==mxV- zAy{>wOI7YiF$l4)x5+nDa~m>?-oHf@4M(K8`ho-)2o9i*R{+w7XYI<+1b0h{fb-615czU5t~q^ad0hnXF{%cx7LL&TmZo`a}ROjI#@04 zPCuXYjQ-IYM0iD4(J5yh2MpuezXjPo-1hJgcJ{n+#r>Ax{3Z3kfN82~ld0+*7@*x@ zP^xO@nfFx+?&oiQCB?5PU{FH2Vl@%D454>9^hR+yk5wcfd&aUu*N!0@CNe$|e49}0 zwQ8}!P2Bx-GihaeH@CSwe68J_&>ofbqGE%Z!oPm&HrG0kTZG+3{2|T_y zB|1?Yk%7LNzRPW}+~e^Ng+Cm1wuRxVMk#ACYEc^a!?EK(9Dh8ry32&Ce#X4=d{aTG zN{}oNs^DMoIf-n&ASYVsC*Uo#5nAUbs$;Ww!X(ggB}30)C2RQEXAh-}rwG=w7PnkZ zulj6yI67*%VO{l~v)Z16{oXdwCbVLUSk*u=v0_VCNPSOmKiI!-#(F#)Gk+X^d>))X zia$CZV0J>}x|1mW!Gr)F?p4Qc9xpIuU>Qc|?4HVKGB{-|vJz4a`!1oRe8{(axTLgf zsJm;8UdGyV9c#Kyn;z(Efr}SBu_zSK(P4^|WO{V>fQ;Zs;-e4v2~1^VvOH5N7K`X@ z_QDdOP@SJEj!Du;S(o;~vH);>YycvL#ZMHLYGx}nj=Xwjjxj?ZmSr-NmC51=Fk-Sk zL7F5~@dTx9PGXZlmYpL_iB94tR6#T0_`oXvS_Q~u{G}1_lEcau7^b+ zE6a`~$@bkP$B@Oj8dwI5Z&1mkdX*r zw1i}XT#;pzCk4F;BEwr0qLlP%^_g+Nk=j^QDhtMi$=T*C4liBC!SGXZ`Lp%Nlw2u1>3T1VvCa1=viH$O+h&FYRS)`02xjd^-DijyUWm!d844p13Z-%Cz zi!+qBZrfSlMH!6>0Yfi+Ny>SIg=cWx0bZ0}dR*(2AX-xD~RBiY;nCQTm?|GVG%FqXk6m8eVtiv0FtKX_7Gd=f{bB_s<( zNvT|Aw?JA!|9q$Eb9{moTgCA;Ylern*A;#8EAZoAn%sUJ|Dl~0#8k^Js(_(yFqXfw zy)ss6ggm~84_ucRGSb<3Le=^9&vfOo{hPFkj~TWrZ9#^^rIjPMuFuTfxH4WlZKgwVm$C-)9WWvEEy_eST)@`q}B{2N(Nn3&W#}?~k1zYHW+(3|R)s z#4})+-_%Ud^tT`vvMu^Q1w&o1aNx6r^vF_T(#WmlnYmk6hrTrZ=T3}{Sx@gSoh>}O z`*ZMrPO9ma39>0>T5|>+OH%Q`a}X zAr!Q)yS*LI(d~k!c=$ve2=8&7P4|Js*+Fy&8VG?SQ9uA~Er*t7nxp#6kj!+xW{nmA zppbA>L}&CMWW)LV1f(X;7N=Mp2JG$K9PntG#~%Z$tNrUwdi+`}G{nZebDeSb zI`{4=a?CEub_#d?RMh#p0f{-*la?JtMFlOUO``!2m@-94}hcj5>Q<)R-*`cvXn9?fB~ zA+~n|>D(IM2yEU=z?=t2wCtJFG~YjdJ>%gCD{ zI7o@~Jqe!q?hH73CTN;)mOJ1D?}Psw9VmYPj}*gyd{Qoj!OP-J^dYWyEojT{Bjk3t zpFSBXIf?%x3|sdSyyjloKF+8U+%A2NJsg@HjNs((I`gwKUofulb3}0^0`zQ*A~8Np zn4CQK-x6ENN?>YuoO6uii9!F2ZgqC!fw|_U^&fAGyeE^AH7I;p>5^ zj~mJnfCHM^{_S(K|IN*9mhF{Lm4hAi>YSQ^{%;2QYSlYr&3Wg*6%Go*Zoxtf=-rlg z5Lv^37+7Xleu=hPnH`z>*|!pb$fzp{c=Ho;Q{8osy3Tr1ASX{(I|RV3|M45@=Wo}f z;k&pkeOVweo(a1{PqtznZv&j2P}D$sstXfhQ1${m8n>bxUS2^bMss57({w-1CKe?}29_M40^Rm(RbJ zL#o@&w^ig2%>QBd?ua0YQ2Gl!4xq<=EFotk?2g6}P~vak#Dd~tz*OG{3KxBixg3To zr04@SZtegYEM(J9!Y}=DFZzjWvNQkocaJs zDrlODWOa=JUE@)lX+s0)q085lXcq|fJdac{q-_Eynl0sn#J_(!(th`gYb@UelLZxn zH!!T0ge0>GNX-Q=2A$H6Hm4G2Yw@D^5gm`80*VxxivEDp-$`cW^l_` z=XT*zYXm$*6}GArv8$`PYG-$uof$L>;G4vtu&ts*C^Bzty1%u#`7##V4=#TfO>XYa5!W_!yC)(2Jy5V2CaM3r_r4Nebih#E$iuq{(MEdlr&6~^bOR@ z^->imSpR|QG9VPP=E;JQsy5FOPU+&o_^5z2^7AL~T1)=s>q}q%lbx=>X1mWf*e6os zlm|9)KeWM|%8!Z&MjXhWeR)<~A(2*ywSK>PA+bozq*h^4-_ABdY6p>IVOvN<3Op6O z>a1K2*pCNDBxwaaGjJp+P!_@PJzVcoRK?__MsX!6r$mYA9&k2y7>s*1jcAPwiV!Bp zCCa(6CtXEI5q=b!4i|<&bk;h^*W}Egu6zj=|LkaYw0CrZzpnQ% z7lKvAp_DFRVL@+EfiR<}9ZwXtW1B+WJRN5zissJ-1)v~663j4gxt=#Y8(G$Lvj8h(uQ=l~*z3gM z3|G^7d;)#5Lbt`dU#C&|Kj(HF%+M*N5wKlKA>i zo_@RO)b`=V7~ZU7b2Y^~KG>)m$19k%yKSd3zS({L)aZP*VT>S;WxD?g$ZVw-R{C0q zL=)B@p_bx4gd`5vh>!%=2dj~C@<%1S@`gP*3Bv;Q;4?zth*#%r*YUwt7)Q`@JB#G(nMkcN*| z?S3v;G-M&nc#|Mnin!W&qmW#u`$YCvSg`ukj~Ms8Z9*(~lBeuR<6d=qv}9h3IuqeK zXM9{Jn-KeFw_J(zSZ@4n3DXrnUU_H<&Kk>iJN31$}}DM<}kp9B!Ku*IFt$184Ihua-pY1d)T;Fo~ZgU4!S0VdXnYh1Z?E zD(R9q@>S@CXIm33n9uLjHk7Am@%=I0vn1TiU@q0#dc?H$$GU=TzmOTSHNQVRJq>`+zJK)+p6 zRg2@d<%syR90v0+4EK$LVvJ z-_C7)seb-5=f~#YTg#u*(??$lUuoyT-uD-bv4U1iJPS(&sTf)DKO#SiblgL;r-!-g z=p}fWU1swT)6X*EnOXYQH^f?E+Ouj&BECo8L`6RD9HTv?&*|NqhE|uY67}C!<3=BtBS{h3g^&&K{?Wjhg&MU2S&R+#TarQ%g z0@jm~@INBW|IDdUt3Agv#Fxx1C60*kVPdx#`f#O(TvhPv#p^JCR9P;A0fHKRN@K z^!wq!-;c2ZXm&KK0gW<#^`8a5d5?|G?Y=7w;HBI|^!OKmRy}3VC;PyRejn`i1R7T2 zoT2lDW>1^Pn-T43VYRfs4#mM+K!ENcF$3X6CwRQJMcav>w^EAaXxUmE`NRUg=LJwD zm0|##uoyt=Smp62O^WNZJJe?5a6_Aeo4^rBgm%b!@wTxX(BL1YDF*}5&4Elg7$e1I zW7b<0e+s8N!_G|mrxo{|>crO97Ev~0h^CErEKo=vOC*sc-0?OH86fq?r?lWmWeVFP za}vh&(OsonenW^^E*9~YDkQ6Nt0R(3sM21rjfT&}S^4oEf6~;cFnHfRV3N~D%;3Lu zIxWyp*-qqI)L5(F=8BZ{fGCa$^7&8hEJlBK2`9>)hg0F(A02ph{6&zH=goBwZIUh6 zPJSAd4=NvN8E*^H>UQA(&arXfboPZb4OHgT$~N2WJ`8fghz*;TV1}5d9K=m}IF%>E zvgy1?rjwHYLeMJ+=pk>x5(06@>SSYF`(v9fk_`epu~Koedu)oTCYMbS(|CRRGiEuO za=k8efny*zV7n*W zm_1V6XLIV%VJCRVe9?8LqqImkaR0#ugIhlb9L!~_=SvK=%b25xJ|;kc!_6KGsK}5f z8npuK94{9B-X@|dX89GW(TZpPNK6`Gip1DiB<8e^&Lv|zehg4uXk2KNP72!-lyJ&& ze(-<{tI<|ZoRk}KB3XI$IT+V}Ndk@aEs`jXzG}Ltj{#KZKU$^Aq2($jQG_%ig2L`) z+Om+!$4xL%iE=)Tcxv8^)DKdsJ0OJNaujmH!x1~B2cMuh?J1g~Wob!OE#F{650!ad zu9V1kJq9=vY{!)GX~5?#u#}CZYc2Ce2}1@;6m2Mj2W8wi#$5{X&}uQ5#Sx!ofGggwiGudsDemzPffSRN(nzME$rgKANFo$k+q-_nfEBK zI=&E0kYiWdfu~^R8{(;Hk$X^mB^bO?dMZn@6pmPsRo$M11$&MoIHGez!wT;N8mmcf z9x@SOQUYW#B+9CdJp-Q`vzTdAzW}m-T(7BnQ;c^cfG2n>#v23teQAJV@OS}8kZ+9V zVVWK~<28Fs05ID5ySgG$_eh+fSj{_=qYx@F4Y~eof5AQOWRIE?m&Oh32k-tjFQ;h` z&VawVido3Swv}A5X-BZB;NXZf0QDy}W;49dH7tgDG1m4}``=&GK)rn;7f`_s2Ew@p z>$J;R$uyTvvNAalRcL3mL)+9>n_-qqpth;xicYO{CL%pk0Az0Tj~JNaX{cBVI>B|Y zIeM{1#ns@z`9&o55A6kx9>xv4i8&R@6?7nZ!2ZlPU@`{OE(m0*Ug$X!fBWC_^iz;rdaAnC9h$@6>)HU!t z^&@XFCT=)&KWxxMkGpGcU5`Cp;lujdTQ5Nj$xV8CPOFH{6RvqG!T&{D)V&L_BK2qV zXgoasmcjtxKX_2RG_b^A2>f=7diA3CJ?0E=m7cdMQa?66C%ntv&8+tyZ@DBcH)d)K zl*lYfsn_swmi(0gci{$Q2$&&PTsIyCPJDBgY1afBQ%!=|xMhM`?)n9kLLJ} zDxr}kafbVDDN!x9ho`LS*p*F-_D2j>gzneKe`z}0Tb3(Yo2JxqN~G1oZH47_qoiI2F9Ahc7uw+Pka%hIIM+Q0NpCBuzPHQuSG}XuR-+Kf423Po- z(QcSG9E(!8dDxx0)ihaS4eh>y;6R9bNRj_BJ)UYnIzQ^noBFht-Oi6sr-Q!yxL~qGDhQ%3 zM(hMS>1AL-Y`Yg_IwVt6p_hiM2LJhq9}WZm?o@6)?binm3~{6I@Sik);$-SjDrJ6M zTaM0X_h5^@6ua*h-oi#?#Z-3QTSVjD%^~E(W3#J0u!*)=>scYjsz-@Aaq`OCI4RvF zcY1U{7piSTRd&h@iI@__RMN5C6l?V1H81#)Gb6 zee77%`1O?+8pn_EI^;RS)3si{vbP7k{Ji90{hiB~E}|GwrzgipdxuOr*ykHoei_ML z$;9Ox&6ih!?CP=~Z5EQ7yieq?@5Nl59ylkQ6EM7_mMqeqN}x)8WFmM%II7%$a+qB` z8X_n1j8E<&eoe1#M}jg$sAy7bbh&^c-SMO|5kqQ|H$YKC_RM36fzQnB2t<>OTq>z4 zJ8UW1M+8f~-F9eFeFp2-VHsi$D%9aB! zDO`K1?=eA%P)H=n!d)C#E+o9f@GxJ!*sAO^$&HSShAqX9%kov6OwNP+!3fy{ z>!RGytneM?9pBI*gEfW5BsVlS*_1j_i=4m=WrMsm6xKB(NoSog{F;M4LI zS?76qfK)TprX{}$iVsZNl!aCfn*Yy<8n0IBY@SilurYBQ>cjDzufo4bwrLzHWbAp< z_}1_24(^CMGHt;1gcNSN!p0v5NX+DxzzqdAz#W;m?8}`v2zTf-2hVsNi6%#SZfG}h zmyDc=xU3Y>6~p~U;wRf~#GtmdDoq=@*q%O3eBq*T?9+x=lyNr#SnY|lbtw_{GyV7$ z43u+27x}F!pajVCKM#UiY-R8>FnWsT8qu3CtE7<}UK+{tR*)7~pb)lh^sfk=hCWE< zO{58#M%zlBAp~k0DQa6`<%?y6ww0Xd7@>7sy6tPP#Lys4%e^s!CV^KRQRgkgI{}|H z@+~NFm9sOC?C9y=nyZyw*A=$TWOu^)kyu`DT?=h1>1CzhDT-7goyT0*%N>=F@-UdE zrm~EwIa!3+=@!S(?f@~)iNlhqOQhOgdj{x4gN06eP4yx&kLS0Z&$`H3OcZIXqF!!n z18HB)4(uyb@g$CvV`z6?3kFp+U|S z{U(yDIcxD9S9gkg;>d(Y@|`^`k>KsBD(oAm5iIC5ZxnAKzadfMTbN}WfCR2txDtvb zvKW-q>7>Qv1wHkgD@AEWT{t79o#Eq95~N=6W`Zop3r4vS+Fugsgqx=OwR}{-d0k{M zzqNbU_^Gwxd6=m`}|YlcCUW2I?Qz-ggc-L?TUco8?z)|HwT zCfyE0$L8)Myx&)4o+&c~{y(MbX_wF zdGnBf8R!E6ShYX;_vdqE=6~7u73jV%v*@xr{r~fZOI`r*m=F9wA8zs4gDV37_Tw#F zhkhJ$;28$#>jeJ-+|%T_M7`o$CfpJJbf~sYVyUQ@)KB7EKXFIK#1GxsEfOk4y2N#*r&B6G zYE%hcypy!J2Z!wjb3jWnloG6EZaj`IULZ(`$wc9*^fP~CSngrIzScG|m5FWQOU3wj zFIy@ijjPQ^q~kZIvL5byq;s!$h2l{F((%22Mm!u2&Ggb1LEg}sAEG$O7`TZn_*aRS zf^lXPfYsW+0N1*AjDM^dX>Y55#_()Pdx;byzMuGO6#mDUyJ1(Y@$s7%N|NH+3SW{o zOgV1G|7NLQF{dyX&G2Y3dkkIipA^Ft-QNyWY^KlBBWN)@-8j`|f<2UePRjEj_b8cq zh5_;j4fmye{5EKF3Uc5AjBBO#Ck2`hn>cw2 zCOMuVoh{1yh3E_wpdm*vdx-b<$I>3aHeDgdxbpb<`!#sCIv%UYbGXbLL~(UcfhHJ;P;rNYV|X=2A6{-a5% zzEzr9;ybQs?C$)9rWbtgXa?qYQoGLj?ryvx@qY46Jn6ywH)r*(zjYlcveAK{73jGn znCcktn(HRQBh{_O0AH!7oQ?mEQd&d;3u{l-1`iVdYJPF97tFEMa=oCgU$pIB1{xhl zyWvF2ch-SfC>M!!3q{*NGt^yI<+&OwEWuSh+pyedZ~E6I490wrOf((aUY+yYJ71i5 zH1&o3+gDr0at$T`i<gdSozdkZntN9GYdwpId;m0>?)~8|(Uk=hTM$NT^(ySf$AdqfpluNYo?Y zMoJk6owtD|%2-KTwCNS03=wb`BfMEfNf|}4rwngP7FIbicH!059A_34LvrsAICL-4 zu!t&uIzQmQrT;izj1;018B2D#8QqSPrQ zGyKUE@~uO=aYBW?3D{M|0(-8#{tb<~yRjW>OPxeS5u^EO1lD*74aDeG^9X3uv`eNkAsx0;Oq*sHkWa-+8e((V)4-kyKW^ zek?;`wZpj)28OR8CC0Ays0L${uH$k@ousG%>X}<|2EISuBLSq*NF)iJWL0fy1u~s_ zVK6j+{Dh9snyZ;pR&)^Jwq_N_gyM!$u#gQP2Y#p{-pTXxElY{o5e8bnf9%$s8{i#S zRZ~7nt4P9@01LJ5w%KlEovE#)sav`mUWOm4?u;Us4U8I5g5yv$4GpNub8U~lzQq_lK_`|Qs5owp25J?lt5Gf1!{7wg)Hl-U81pt#${AHn&#r8 zQbOZdCR9LCX{DjHWr6>-8IRMg`Y0&03`wVF)+)}8#lA)|x6USnm%Rw&xN~J`9!Q9p z2O~TUvr)Cw;T05^&~3%BEq!HM1icNL1wqLps6s(;AhvwL@W5lkL1$Dk-kVG`NJ|8P z;go^(UlaKQAq{oZY-!Qb216n7EF`ewW&{1i3J1;gHpOY)-4ULL>`c=< zuwW|nPm|4?Zv&8}J|l{0X0dkcyP6mv#*m?C^vS7*hmeXN2PJ1G)LA_EA&`oYL2+y@ zbv5B|aAK=t4$pbhDHP=#Du4`ygjhwaWhYQ8;5;n>PLZcRkhA-Q7DreQUv&DT=r0NM zW?Ma0a(JQja5@&R6(dHWdG4ScYGh%Gl&gpJC4$9pP0Iqa$Zl!<+Q*8P#+1hNUgDkaRkSY&I1S` z6QM^T(hJ{}eP1DR+D{U)LNIeOHQDi+^;2I%GfYyNQvnYH`V-p(hGem2#hR&?EyDPE zvDVX43VWfoiur#_*8Bhe|5Xh4;E$ol$7J_^9}@njP5IAO>G`Vs>fzKY47~KpYj3>u z&U+tx^vP!va}x7)NlR5$UbSZ3hD}?x|F@J^bkDv6sY6GOoj7&o+=WY5uHA$!iT55n z$^yFM9Z6cXX*WvRXk&~u&Uh0{3_E;nlg-X}&o8{-HCudYM<~$gsg2$aC8_YLmt69_ z;PIKA{^~FO<|}*LaLrzmO!kH;Zkg)3o9?;oj=O$onn&(?V4o6^KX_BmSBfe|3; z%VwErHq4yJ7v@`-_&a8?rIuJ`xnEgfm6cXoYmMW+wB9-y9e(3?PTKE)QyzN~!n&pG&+rQG@CjcB9dgt$mmPM*6))NqHfNm+dtkj%K7G#01v8SWjq_$E zD!IX)T$|vV-ntZAK3hstJLch%T#C!*3b;b9h%4qwgrOR1y~zagCdJ~J)0ZxqI%VSG z8S|4;O@~+5#HB4=G#>*CxIWu{fatZA0eWxrGN%Wim^^4BSaiASkjN9ib)s3BteiZ_ zoQDVnP@RODBm^41{nS45ao(L@x0hfF8;m;1XHe;;GFd5fG^|wB4yk!kM+?CJcVhSI LH=H;$pY{DTEzR!f literal 0 HcmV?d00001 diff --git a/fonts/Work_Sans_200.eot b/fonts/Work_Sans_200.eot new file mode 100644 index 0000000000000000000000000000000000000000..4052e4f94af5de71190ebe717c9c7e0645a3318d GIT binary patch literal 24290 zcmb4pV{j!*(C&$yoY=N)+qO?^+qP}ncCxX}4L9b-*>IEWeZQ~nkNfvdSM@yo^mNz! znCh9DnIj_r;L#8O0RK-Q0sqq={#OG4U;rGj|A7iBF#qZQh5y%+1^|%!4|IqH3;Dm) z|I^U`v;j^4SAgArgVX^g07rn^e@GJG4RHUDH3299YyegO>;EhO02!bLu=vmN0NDTM zas7|M18Dunxc(Po^IsOn{~}odOaKl5%YOm@{Qu+z0L0X#RsNre{V#+7R5SzRngIF^ z0EtbE`OEle(5BUljk>Rww-1#jUnvK7E|zo70vlJPr2JzQUG2wt|P^WUuas&$lkkU@EG$tZ4jw}X-!tJ!ABX+9z zAp?WyW!TVU(%s59jXJmIHlM}k(Fd0w-L^FCWx+En+S?L3CmXvroFGX_HtV$SR#<}!{)rS^={_-t8= z_RC(cHe&QL=}8BxwMj483 znGy@b;uA^(BO>HQGJZM$09L%Vnw@>>?91 z!|7|042>rLOGWD`wXJWrTXwJX1_ptMZ9kdJVO6V~+knCD(RGC;uGE=au4c+M$$Ysy zhu8k6W6WGGoOuV7(K|csnKOwCJm2tTbyZX^Fu*+(w>Go5(Au(v0NsTPE<8-7*z%$Y z)A7OBj6S|Q)IPs@rvjoZ5?2Vg3dso&1HZWSs3Qb6hVMhjk!qs0MGK=E(1!peR7F5= zG2JZIaAWAM&}d+M5+lwQ&aif4tYiqjWxb?QWO%Sc!JHy=Lp%V&dAI{Ki)sGpoOdw? zF>W1A1Nf?-x!6(<%fJ+(+JJ`FA=;w=Z3ybTXuF^8?tdJr@oZ&vYdjQX8?(t;*yDHI z!o06T&UoT6UP&l>B+*{D8A1752hF=i7%5B|%%)%T%SP_CH2fX#nkq$N=*3Do)gJ~K zoyv)hD3g$6wm3N~N>7PEJ_j5QT9aZ(1EylyhjHl87cVUnGLfB{!7|*Mg3X0oIQFCA zVjj7QJTaUWd@m$sqTPSJ1a|>)PP}M{ z-H{p~(p~veo4;T`X0s(*%Adb48DH(rfoU9_+?8yPJiPwTvb&JQU6&HvO}p@;50 zY(GtN!RfTNpcB@ATXaT3?O%dCN3-~lRm&+wqEzTn@eoY?ocirrIDv#7ZV6F&Yfd5V zUrC#v(C&QKb~>_vRg>sTK2Mv%_zub9b%|*t$5<0c?-{#@V>gzhN_nC!Dodv9j-}A5 zG4)%-n2g1R#0?dvUJ5^TN`Yqq33@3qDtkE^<-!K-hLT>3r}81yjB{OOkQ2j6+8S3@ zYL8Uf=+_{#y(eZwPY@~eD=7~Kq+`fwo>UA%tPswLQn#uKYmtIXd})hZ%~^k)hQv@f4*tI!OH1aZD-0DseS;~6WJfVd-~Z{oz^Ra`YSK}qN)3dV)V zzE?Y-QK>P3e=)xwWUOwb^In;+IZBpz_|L!j;YM zv&L3D}7m*_mxMSZH?Pa;Bmeu20ungydwSXN1=lgFP`_G&K zqUPRiYVYkZYyp8l1Q4VMBDvB0b(?}lb`7PPTzQ7v{4v<%JptC+0XIR2Nh7RdCKEa{ zpr{0Gd6{MTH)k`UGwye_N;t$wSNYRFKS7R{T$UR(xgvuJlLlpZ4ZETJ11__42Maj& z%pR!S!2(lGgpSu}+s}i56elQ0ZOoRd#@)sTQzX?@-R}*mHcB<6_i?%WS{uSPBu|A3 zjvBDp9Zg0!8YGDwGqWUnaq^B;Vq0~ZG`K73JS+n9Ohs;-LIMPj1f9Qwc-i}k-<=ew20gv{e>&>!xyA=N*#M5)I z;L}u~DHrzR^CH_byUGrQuPo1>SN~gD>$CZ&Chb`C4{?-EDu%lI&W{$37p9=_ABn7A zSe8jF0o`_lzR*6QIt6FSHEFxp_zhW$f|}RMV;m~;%#Breakc9DyOaiqzQ4MZ3h7x zl|=;GR9KyfX=wgC4O!`*L_kojcW9JAW4YXl~=CKe`Db}PkvwQQF0e^@^74i0x1etW}M$s5{&ds4)76QAIh6>Q$UW zNVu;ivx+~my|OKC<10g};RY#=vW}&R9Wr|Ob6_4#DJ?=CbiJ4jtc@|6Mx@b_n?u<9 zaM^|dgnm{vQKMn~-^}ZCA7Ldr;x!N$(grDQC7~|Grm1;Vj9I8vfQ|b|I_0*Ln1N)l zj-mH3Q)rkckIkVdKt}EJHjhEq#9Wz_i%cCD>@Yo|rkN~uZ`+WEKm#s`n;y{N5Lucn?Un17IT z{uVd~7>|LdNl4ikO;P$pl9rkV!Z)?#pp<-0q*A~$O111e5D|84(&rDfKEpM?y6q_J_dD&xTqru-J^x9z^apz37 zVu@!aIBa^OPF~3_NmIPKEd?hAeF!n4pg_)P45=V*Yeg-?{Q$#75NH*!&vgs`>F5RDwc zktX%p_Uyz;hh@F8gf!s_9RJQ}+Y0vjX2(T#71$C{4r9&-U&iES5_Hq_{QZ5}6OlQ; zhYG)R{60qrE|I~m5rZw*v0W{Iq=Y;F+d@((VN7L`A60Dp{J*02X2@VH=ddQ`J@Anm zVYpHeTL~af#e$^^Mi6AyT@w49*TjbHk@K_m0#*VEl0*^X5i=`xw+0G z`iR6f{S27t?xOBzm(@!=}kFQ2W zU}I#3pbz3>Ypd$z;0C2l-!cT(mgRb!>_Z}TnywL^E8$6!bQMgwOcPi1ZubJowI>p zv93TxQfcN^4*&E|GNhpkEUC8+l&z*!a6N*pZCmuX4pj4_oZuMOnZRSa6@-1Z^~tGZ zoj&V2#*6dtL@ru=ZIO^fp9fAogA&Y7mgAiVS~tLk_q(dSJgv55;HOw%!4V zJ|;fEe#<6b7*T<896-0Vm|IE@QT-h|Pq1FhgG)+rs^$eHa~KN?wK?@ys^y zC2A87X8nUv1>|-?B^3a@6|2{(a=NlMJw-MP4s%g|kA49`&hXy|*l4Bii=yo|{2`c3ray3+t_gz?pxZTf6`9*&^y%gCadBmF=;rK8;c^4X z*R|F70OTRQC;q6py&}|_)hm%5RJYSQsYXX!N?+JZ zpspa6-6s(`?Ribh%W(BVPs$aI6SYEtOzEjb7$qr`(PtGo3G`EpkPqNnRf6M1ln)YW zvf>_N>>82k6R{Nm`{04sPU{y#52OZRFGhlt?^NVMCKg?2`_ENKqfm=VuR*Gp^NIh z0x)w(=#|X)3fS$(aYt%_vT%Y7t&}uRu?1mJ3Z}?jGE?!%w(_`rUZw1uJ`}F-M^RRk zDyt8 zl{Bo7yv2cy_QTG(5Zem%|ArU@9utg}|+na#bmW80A4W z?P=Q8JNzvpVUWrTyzl{0wC(r7JVW<3*dMb!eC{r&U*gU6=JnHyGoN1XS+!s`jteHG z^lph8Hvev)2V7QDSG>XSoQjVR9gzi#X&~kHp^lKw^%(|rD>EnMX!I;(Oib+C<(AqK zl}0;mh~$DVKV*5WR`1BttlvYcU8G*c9PuyZQ!lGHX#equ?SDeA3 zr%5k~)==P4>QnA#+P|RUAHdhO`wkq%bVd@c^o6N9S|d&!9ziQuZ+Eg~5t#VcFR~F( zF`QPDJc9U&wK@ldE&b(B?rB*D1zqzs|lY1T1a(tTe56}Blf_QAen!>^0|m) zRN}vVBg>wmg}@22M_@3moTMoyS)SWGki**Lm6LtJZlNs# zy0=iRN&@QZKHC0KTxGphWxY!PNLrU|wv|N%3UA}aJE-5q6RC&L2-hpSGFJx6LzwKk zc1psk#m*7cf#!3{BZWvV6}Uf-y0oF3`5PXZ>Ti_))F zpIIz4nMgIH-;ntGEv2aOTvE-CU^519$bdm091OBW!7qc?NxRz&tRfk?Qts(}uA0Id zm;tISOk~9wYu447=LXC!@$# z>HDR6brjOlTVZ5?!CjciWel2C72Qw|YdjHfl<^=qKqUmB@y)n|fvvJiqQ-vtXYERhYS0L&uo7%>r^k;2%MIQUgt52t=)$H~$oqE?RCO+ACRoHMGAJsBR!8HMC>tRW zBiIB|a6lqB>v-v&4*q}GU49Oy)sPZ=(+ zDP7pEE6BPEj+0P5lr~@X4f(MUgT3zhx?NpgT6?8qZ5ZYz-Njk`xGG{oI*hc-;^A__ zWlkQZDGlk+glBzqyfUxdv!<{>oEYe|R9=*59SqQg6gfMJ0lm7^(b zFk}<{#q(Ish83&E<#D$9Gs3=}RfT9Y2}N9n6h{zA^4k1Zv3eiljeeS$T7l{$kHcBk z3>BAB0hn8Y6>T6Thd3cQ6cW+ztLfv2BVmo9uQ7zXV;JTrNx>}qBfh(Q=iLn|jvpII z_@(=53(Y{DWJ}7g=2&>kez@=owmmdUoA8_pfCNo$T1hVQjbdgiq=)k!x;HRsVi4A@ zNjp~4{6oDzWzdNAMT#|A|h7802ge)1N&SU%+%z?6JbpXc4dQp%E+HSbt&J_d3q|F3_uM(kk zqm>AMaACi!NQ3kP$4mCc&Dz5R=`vK$t&c0pt60d>#!_ydktO;#*y-HQ(5^C+$&1P3 z)}4t?!lGNNBust{^n(&BIKiZvpAx~a+**DKLxn17|Gy-c(VGf0`-K`<9kq7E$>5(o#4X`!v0X?Wu}n@d~^Y1tYltTToy;hxxB zLt%|Bq7gl|2v?yjp{^1AF?a+N&6`6H9D?o}PYSiB*4Im#SK?DSHE0IL=UhT;E=1bs z&_o1K9MMdnzoF(sreuMGyytA8-Q0g=7f$5wS`XWRixu3Z>ba5*V}so(kvz%`x1*S;npKtfXD@z39r`dU4X2?8(ON`zFw&V0R|ve=DBRc1H6% z>K8u8q-{b*fCUiuZ@q;nWlif}6~8O+kWu(se+z^H{N&__j#XMr9eDgl7E>cMP?5qK z2+F|nJk-s?1zGf1lD8y9u6=0oP8%y2hrxnHkzn9+l;^7Z@@oxN^prroKvVi_++k$oBi@J=*$^|!O55t_F(Iv|nP?S| zNrBW8z$z7vhjd=!>|8LiG&)67-MfJ8c_S6P7hf_QCGpivl}{xX9Msfh6I|p;4)cv{ zO0IYw$3en`wj2sm@Yj#__ze|TiR{#k0m=Euo5rg_ias738-ckq|JABL1c3g}<%gLR zY^i>+eAN*Gma@X{Hz~Rivi?1Ul1xZq>^j~Z$~Am}S((MFb$W00$LA{Cyj=IC-o z3yW^&+V#{WiPIHTp`&wWUV0P~Tcghgnjrfn-0@5e;qK0<1 z1&jknp}S8WgWZDz?JMBv$E6(G8PnbFf1B_s1$Qx-jOAhXJT%2pYZKQwd4QAQq&v z^E%r7WeldGQpy)BCn0j|C*d?|JhC4Qilf_*&{X!C5gVen7@e|n;%tp5 z@L5d0@H}I`vq9_d@EHpsqW{ZBNNnSo&5gSz%})LlV+q~NzmValZw@K@fJCPM)7hB} z0@DxaOtS%rtb{Abj#eMUR6(0S>6FMnSHQn3(XUVv((Vx8;A~ykc0x8$hdh+8t8t|WF zrC{Io#ie{HxM$qJFp|pI><_G9K2(?3R~(}aYHq%PZ&gWBoH1vbaA?8K1+$LDahfd1 zB5zZS>Aq|{G~98%z3tQ6ysCa$t+_}DcbTy#qHrV^_z|I09mUjs-8$ zt)KqQ%3;JjJmY+sD5pubwr0O4=3aKDVS$A6KJUGgKk0|J1R>rUid&jS4g2z`@`0l2A>$c z=YHbXG8;*Dye#q*{|k$3HbtXI6e_O$f5*losYwj!*G0lQdO&(8)WeSbmfhG`y`^$|!(_R7wwmzqFoCN(31^@JjHoZe87`NGtY1bxWY z#@`2xLy;@raipr|BJ|3-(1Z=Jcj084`1EX6a)$Ya?t>aWjsaeFmy!d|9l(Q7w;szT z;!z!Hy9ULnUKUCv@0!}B<=;@&O{q3yT~@O2k~Ig%4yA(Y12)lJKTAz3`K`rrJ9Jl^ z+3BO*M`}}@>PP6)HjKws_t|#l%d$BD#+jk`P07Y-PHKIF1B;A%d)c9Cnq1OQ4W^^M zBJVsU_!ppIo}N$N^H|A+)lrE_Ah0OewC7&}Q$hIW&;U)AhYm#7YwdS# zCt;{0{(ZYWq`Ucf*R1)#i?*1X>Bzr?Fe~hK13%6&D*n5k6hFrgYG27LCcAn9{L*mf zQkrp}qSS=mCfL00d-Kw^kWT+tvx66Y=vE_}nUz_x^KIC2nBmCB$5=4#$~N>iTPyrS z%Fvq#GaQI9L}^y?7hofuI$<9_7 zb2XZc6pej}$$Zga))h`?mgvN8<~}{?KnV?8M>Yv8NWcyx+P|G$-+Jq|cm z1fz#*BZ?Xt0~Hz6o7c1jKK3HpNtNAhgRS;iV@%-IVJoI*S!-D(Hg9L!W~~QMr`Ks) zqw5xLK(;wHF>mM-7=x4HcMboHZ~gLR)Z*T1iPg9Bx$@*-1Nc-2P-PRHpB3eQMpY3<{A7&WqbYe>rEP)Yl%|`kyzj(GM-`>n%**h zcr~>3L8Qks7{#<~*Dzh3?Qc8vq2ymV@FrG|AhVfLc?w5A_ARMnk$_f-kqT&zhOh)PT|BAqOe3kN~xbaA)j1{ohMEE1H}YGKyv=FHz>3={x_D#fX# z^b@RqgbTKxhoow7ZZpACOex+TX`-!n?LCEoROzG>IG=8H@h~@LmOd~K$5#C;HuHW& zRwXzOKL%=li0GfIJZHt1n|v1gHdr6#o=Xmsu!khrptW5qlVSY{{YWgygN9|0oc>&m zYQPdhm>q>E&sX}BNE3iLu5Oi(v-%wafz^sfup+iZhrNdp%3`895}2KqjL)52QKy`nyBFy9vgfNu~8Hw7@ zp>OfW4F-p(u;PT|$|31YToo$qL9Z}{Va`wzI1aGztS+G7xQN^S$pJ~QLbGGnq$Kox zlo-Qk$P1$C1Odnni-+y3ATul#$y!=fhyFC5bj1b#7zk3sz;kD{wV~sz4x5aq-`}y? z2&iAg4aD3mKJ9;GZeBHOaR!42(Q&v2+jq|z{Bae4d4axQ9@x#z#^(fc5xzUngCG_ zd``h8{_lkVL)3TCg0-D!Pj`5vnRzUG{A-*e?=>$1BK6IlC7iWQ`-$jGI7F| z6KBvCA5{o!&XADgJNIgNE{tP>bYG%}k>d=Ekhx07@UDUJ(jV*PKwPYO7$&!GIUSmuGKLqJV#IEWoJ8Ue%BUsKfoS_dj2C9R%IiE z*aI;2=#$OmYiL*hCs|OY`78aL2q0dgFsXK4(6QI=Y17PYw8vZJM?ffrOgE!K*`yW8 ze0UJ;Uc=A8YEM|XOEmM10@iktEMM*8((iZ%wDF}<8M{(RXUDvJb;Pq5-#|1vtjJj< z8;YvdCuS$GfD!sWB0EWf;RH*XK>`K7G3@$R3*e5Q4QGfvKmidOREU@q5qU_+JSFCU zkIbwjkoC@Bf-LR95PD*RauvDD&1ArK3kd~@v_{^N{45HuYP)N?hoO$a;waRz<)4by znhu@dsDguNnuaUXgY7=OciSV#wKj&gQw!=uULOU;)xqKVj`#s8b~=cV~o|cVLEIm z2&&HO1L8-__~>K2J_pW*5%{w%0h8g;b-QLjxZc)btg(GY<|QnMuPOLGMtjw^V#E*0 z3jz*NqHF{->L(Mq(1W0IWRlVA8h9kIG9y+^sDH(KogZ@%5X_&|xiHbR7cpYTk@T5a zdvYTjyd#iG$0hZhwO(iz$vU{QNP#tq81cPF-fuZhpy;TWjt46(^nTUN6*@K7quHMl zH;82qzi|zU`M{*=1;Dez>pt>>hRXsKWfqlVcxC+C50PxmShH!BQWkk*?HRQl$!1t0 ziNXr0&h$=b2n-2wb1zUBV&;Uc9*9^9Z^ysRXEPI4_fkWa>exW6?#0XK)M>>aMW^_< z71)gM;miJy&Ue}#4pu?w8<5g~A)*s1;6TCO0@s4j*DCiF0lSixF#dpGg0F<>jTwvN zpO7^vUcy9%E!Cunpm6>9Lcnumv-ksnV?;a3?u04kMa_pCDeHD^MtcIijiWozc$>b; zd3Rhj@~~Ub`%4kp6_QzjwwQM_#AMmGZr<$Tiv7zk^c(@4AWrXhZ!7Fo^bU3T;24BI z>XYDiqWv8~s&~9QFd?-GV?8)Mug!DucX`77H@Ldo%q-p+1tqBh+a26-awb;sO3i!9 z3+q#G_)Bw<>Nd;GlXeWtq(%!RYqaZ4^4a#H&{9nMZ=EtkT6LT^6RhTJehO+?OyqH; zqtW_5D)4}V9U-8U1W@VO9l`7Fi7NTENY^#2k1`AdnwR){$z+Obaq#%F@KOn* zC-)nT2^H2kJ{%Mb{e%#8Rq&9x#mQ2^3ofbDT{P&&sHl|GbRm<}h->HxTU{19$cp46 zv6imL_UCpNUDU1*+m$jjk23`|l%c}xOaf;_{xpBspKv{Mj7FxJm~5X6eD8^A0hXqk zENQY|p$GRVF&=R=2d%gV>E-NBQW9Rfu;qT`ozVpNGw$oUb0eF{8ErTr&c!VjV5PRq zj8s06Yqtc1RSQf|2$ZM^#840_gp!z?aQgf)-uv4o;2jOKi#SeKQ|t}r#L1&>y$;N7 z9r8|gVg9P$(INQ#9FuD%#lP*kriYI4q{1y}ONlE)9aa4-Ho5jKAEXpTQO8S1F6Djh zzCt&d&SGH+Aew1K8i5Sm-&u5Fc{V>CHxmA;B35khYC9PmpF^W)%+cP_l0?{oR3*Yg z*ftD$R}rd-Pzo_9qaeW%F7H(mgMLZdiO_6BeiX+YpSe3+G`K{b?r3{PSzhIeI(90G6d+6zZKXyHa06@R@NJ?$v|w-l^}uBx599 zVP*f58b+2@p#cyK&}RmEm?lvChPXzXU^)j6X!V_|?Nq3|80z~beVOev=(On{@~kTf z>A(V7lt=bB5Dx+l>xMvO{xHSE=tgzWnO0Lzhs(2^hDoST&|6U|&K>JobGfYjHDFA3 z9p|WF+mEeaW=T`7fS=fFi91c@eW|>M9`JIdm(dr<-I`xXVM}^E3UuG^zFEeV5JsNL z_5Dp#WqlGvc`4-z{L3@VIj+qqCxy=V&S4c&T8cwNgOj7pCB-#=H|=3p;E zp;{;Q1nFUNGoqe71Y!!GOSM_SB7R61YLo=m0(N4FB2g!>d8(k*1MrPX<%0_m&keo_4d0J<5c5%7;8O;LsW9yeHEW> z0%%Q#hLk9gia^MC0gk_PP`VMVvsJkOqI45STC5xlPiLaj^ZL4*Vwg5-^X+1c<)7z70^TUKaNp0jjskT~|=LQ|0=5ys+-zcY@y zkd8s!w(~D6qD!3@qW;pMgcB+b^&QF(PjT%PvYZjapdQLdjS-3%&-$fuLRhy!>OIWZ zlNt(V{OF<5j*cqwch2=`FYP2QVc1%l+omy6Ah_x;_SgNB9rkZoBxW^l zXvGQij(IpVg3{2z#$30@tYU`VAkf59gng0ZO!!{{7<6`mx!aT1x80(AO4IMZRrvv; zUWW|hc^}ROUx}ZBek5pzB*8d`p$~@WfrBPAVW@oSCl4K;=Z{=FYQl%OX%Dap+O)AQ zp!<7v4t6c0>EiPGwm(x|w=+w45Wf@sC>qMN2m#SFLAz-G^!<2Lm zS5WhHhSl#cG^48_1W>ST;G^=p>!M)Df(!2xMZ*p=S?~9hjK}$c0}*hORpn{8)^2tc~2}B>gus&Fpu+c_Ux=I%!^!ubTRo>3F;r zEFF~~6s|Ct%9A`w!F0TMt4!?B{mf&JEg;Fg6&v1!;(W$+0K5n}=AhJ~`0FVP(Y^Sr z4#RQ&+WX(XdCu?#`DZ0W7NT5tvZWo_s!3)ZO~l28SCFBkAWxkQ7Bl9yOen*kT3i?cnxa3 zk5ri>C2D2+%$$uOU79b`AQ-C2Mlt!Kbb14@PB5WHuVR6p2k9 znZBjO`WKm$A8P(02V~=X5t^X>z`-rEufAx7mNnzZuj0kE(vHf^oBlwq+N%3Nxhetg zG5EmC$GK@me8V4ligG3{PM4o7oqP!w;Bw0X_s7%4+@*QZ4gJc_@f*=;GH z=~X%b0<bC*?LVHQGV9wB3F52T2}RXvpCwN6{s?gpCqRyaynp z%h7%Tj>=31BYR4YV7$a=L&k`oSz&l`WI>AqG6;kR{4U{5w+aq<2a?Tdu$sU~51){D z*po2i)Ux=j(o9{aLuKxoSJk1TQmMcQFTT#%O1?afZ(#O_ktZv0xuu3n$`r+x&j>iP z6Z;OUQuvejdlcdF)QbvlQBF^Zt*EZiP{V|xsHU%6vJ(*0QKgym`w90Uu3bn`tRntsr*};)hMkzf&b9M;Jy0)L|3$E7O*WxUKdoy^T8xN0 z5<+RVnTBrcrf{P5Y$x!?LjO62dMFh!)Qo_1X{Uu4pnWD3G28yrRBAmqp$M9)Sg^=U zii6_J9qG0&+MizN2#;oElk7O&0Dyf5WqEk&)4^_-U1ic~5M`=kSE{D&1Y$H(!&=UR z?Mv_AB{(P3*ai_(;34}#j+UT{k(A!3n&^~O5n%4dgvMiVSu+prqc~%vAH$3?)LMj( zS+Z07u9oF8*G}Gw#gHx_Oox-Kq%wLkRCDJVEf`?W3a9Psk#ilpDNrkw#b#|c7k6BzoA|+v zs=WCVo^n-)_X&?}Bx8%lClqF2hi}LVb2#f~9Xxt!5(C(=`yr_hsvr%?;)Q7Kr(5i?eEeD>;;d~U#=_fX4^fBeL^R z9?jb(G#{ zGRJBWFJw`8tkvz}Dfd|)G2JW4DDKCm&sGNxV zho&!=u#Nqd`367)Oij71OwDY>AE0)MPuq)Y?7fdTCw|l5bWtv4V4yipa;&K-qsOAq zM2vIzN{1Rmi1f5ViieS%RU-{pWFao@R}GHUpc}MFi65R#vl}9=IkqJ)iBwWiX!sVl zF^4AJjg#Y?7$x&ZBt;V#ooVhl#QX(eOylT!R2%7;wTwsc2bnFWeJ3X9+e?)WiuKepUTKIFg*psov7DhpVdfTt~vez$y*@dGzb+!PVP1IT4iI7_n zzdx)|g9JJUtFAZsPJ}XzuLMV2ux(k(HyP1vyK1GVUjs)#hy7s9ymsm$`_{y7do*FL zR@~)06Y0-jk^Xyou`wY%7OlRTNB2S4U?FJ)HCb(!79@ZW&h{=zytpA-XhlY0YCw~9_qB5#pbZPrZvEHZtiQD> zq~6w?$kHXNENPb&4c0v+YN0NIW*mxV&|{xDPV2Yms2{dOdYubSpaZvOP|OX$#+9&| z8)!HaqPC~Mj8MGwJ~tZRdUa1lVwTG(G!E8`u$cs7Qs%QkK$65fG4hfqyo3gpSlqhe zY>L(rS3>Yu9mr+sqqQ1H8jcf!V4}F7n{w;3TCzRDt9I<7_ov)vJLCB8{==H0(-#hr zr&)?ak}&n8Tc@sk?wP@Ut*UL;O7<7nbms48(D)As)fO7HmhQMW?InLgom~AGe!l$FdziKc%N7 z3W})#P}`N+e#`@q!hoxWs9QyL#V5Xa)4z3e7BJDBJPhdq)VZ*RU_?TTnR$B8o|UW$ zR4paRNI=OqW4*nibq7;~ z1*M{-4g1s7{6-UuXWsb^AH*+8v#n?kt2;`SQ)*6Djt>#tArz-^o^s_GSZP8v<@9ia z8{G}aW71Vob1qOWlYfR#mlW7ZS zi0`Y6E!iW4^0ydOZg(|4j1!=xnn=vI<9aCh_&$X{r5T`tZCn#phx>C4(({ygn4Bx^ zN;wjK9#Y!!zdGPaZ`eB4pRC}p%bL}~8y`cZ0Ldl6r5ce0BFy0hW{eSO z+g7F8YN>&PMVDERbP0jF0XQLLC&<#JoKn=H#j)6zO%VgjZ9+yJNAqd>#UyK1;) zy>8%%(cF4f*U3MUsFcYnQF}Ql(cF=+2v(s@G|S~W`~)IC2GEAV=!@zq%2td>-*Zg_ z8g3w?=%~;G{wP5jD46puP`ab-g9RmBM-&d)No!P`EbQ0oSqNIJ7SbFt_ErUvrcfC- zfCX1phx_T1QoRasl#U=as3oF}Cej2}hb7e2OL8;@L!|#ny4)ZOjl+s2Z71xWFEl39 z{75B>+G_4e8yUHO^Kc3ui>+CJCtC~~5&w8i{4GSpd> zkKq&V76qOLI2-D{jt^jkj4>(g&=Ag(W)7dB*`O9q;Rq>E=6ADsu$mhVlP{%%p&%tM%I>^lv?>d6TiL)+G-`m7Cf z`pE!(JY$pcWqpL_U|kF zBvDqy1D6!RGFY_o2}Be@RY3AdP8i*d^J`kgR1&xW0iBilkklq3)G{J9HXdHjg4xiQ zNG>Ff=oy>$Yx&t#&|D~8Zf`w=45UnvZP%`a-QQ<&*vePAi!^(+oafa>HVR zd-fbWy-%a!s4&`_2o*Vn%TvJbEP;*?Td>K-=$?~c^|OYq4Tn?q|EFkxKzp!*B0LFo*mmAw3TbEr^ynsb2%y zc-4FYbb=H}sSx`t4G_|ojNYiUG&n-FHP)WZY5=Q2I?xJ-)F={@2X!|VB%nxaCbWeF z)N9%#5))%AJhDdxa-t4I>3|74!f(posvoKzRFz)|hAywAcD>#)zh*s@2x3%>z}7*Y z)GmUT3dsJDUcxK-J3>@Zi(g8^&5uSkRo7($r_d&nUrFU93GT`VKo}A#+j3vj;tvtC zAk_O6YTPm8trc~%4oip8C&Be-GPrwk{VFFuQ;4SwhYO9;iU_qTCgd&sxqVl9st6VZ zdkG$lYO{F1n%M&F;Ql8m?x9E>sL57e>*kQ2k1rgZG(MTQ!Jrw+T zOKJuovUTO!^=Z_&fgfju#nh%b7o#5p87$;@ z?|AujZ+S#xme~Ihh3enp>a`s$uWX`sNO>vXG2vtD=qix6nA@+&mU4=S+@$W4!R^Wl8-@Vdr?)s?k7HJwL~c{P zEczpUP~0|2ghSKj$3^uBZnw?6Dvwp<+^ws3IOHSx&T9&1+l~{${fOn|6||!NT&Kig!q1#Bss-v zI;qz%b`Xp)GH(bTZF^__2ZZveD-Lb5LFYi4z9|O@_ zoTRxCVNrEU`evfCBh1>?_<5eAi84Bz_oG5OU4XHgfsa{VFUQK9^Pj47$nlC>svc8i zfs6a*tTe{Xl&_U+7Btlwwp8a68ij=i6x1rI_lX%dIe$l-4FV?a^p8cWL{EC`L!zbc zE92t~D2wwz6Ca&dDZPyZH{?{!CsN_$3#^NvT2@g59Z2blYeEIzAH{dz&_kmbtxe5x zpV6?Sd3KCl0)KOe2OL^G7|KCRo*WGabWxXyZJc9E*6$nha;j+z?n8PihQYlb$63Dy zc1D=huC=x9qzXn;xO>k6fP`?c;mp|pNK>Iu&_z)IK7$kusLwwnd&YkR8r{LN+uHaK z4lfq|JDOPa0S)n39lqf45`^|dR5&F7>9g(C>s=+DY`G}Qa|}?{@&G-bW%0b}qiI1w zIIo6!W?Pz0k3OaC3~Ev^@Wtw6w^*0hCC`4Co7rj_=`0vz+1D{Dfc3G(+lGNb7d5z$3NI9xd-!r!~ zUn7!+*?b^+PWDDwdopJ03dw8wVYjP&G&RJA$lnBVjz)4r+$Y6y83o5m|3RZQ-~lFi zo?)>)(^6q)_LMfXa~=(*fLcN8iI;^A0I_^blcr&Mi|_W+JSaA-kxP4=0qEWS zFQR=0c8>rh=b$_Ffs2s#V)G`-9_t`)gLuE-ZcDo4BYFT3Sc=MMhVX)7tHZFYSX59y zIZSqg%3aTw9SM}nY+_=WETK~ri16QsK1o|AXwA7fzVI8RSBt8z(%aEWCF*l_8Wur!0+E_W- zQX<(YqF|z%{!v4z5XyOVuDOc}W6@xnGao4@#gvPySxWB&L6t0V7nR{ARmNbqIBqmR z9sMRkz92-gW^%P^Rwt|~x4}FXwU5?>Hi_StsqTI1> ztI-;lEr6@p5{fT-=@~7DxPs0SYCm)t{gtu z1Br%+DxA5A0r1ACB5d2`gE%m=O8?&TT#Myx{j}3Y>*7E+2m%MV3x+E51%a@c1_s6u zzCKA8ot&Ma6aOT*vM)5N(@Lx+9_NrO9Dn(dxrzzi%U+;@=UVk*Y1VWp8vw6M4NM8s z#9nGZ0w8-A;itIav_lsKlwdt zYnl0j>|qfAXEU3@z#2P=SSLQz;0}=PL109k3&_0`b~B`&4jp-hAb^6FM`9N1lvI$IBsdIh^12C3!33bv+-2%11O=a7A!b1 z;9yJ;C%=&=gpv(JAP2Ak;lad^QlWkbK8ZXIpajU^A<>66p{_({b-4-;d=seQ`xf;A z)UDu(4j0#L`7KR zB|nC-f-=F(YR%FDfEeN&WARJVKEySNZ{)B^q?x8h031U=i)v#Hs8`q;38xB(NjVF+ z-jku<>;rv3I+6>>%=#Vt!gGH}^7F_#Z}3O;Uz)BVB)lh1vm-w%Mi78)!ht0!Lp;@j zPx-l2z&fT%ayJA2O*0jj&HYCXF=0JI!ZDmZ~v;THNQKDx z9Hj=NISWhN0?{~szA3=fSi;DJo~1t1Foh`C<5ZIscL`<9%SX<(DVfg_G|KBPlhO0gsu1C-8gp($A|yjVTr% zC{eTOYL6M{c$a4A$gF`cH!X`!z|OIn=Fh9Tp$;%5vMNB7irGxJZ3%J=gTYMT6X5!;5<2`PY4OR8B+ON>eOADzdOqxwoqYqqR4yZcN=`hTt;R!pj*zrH zj?}1th;md^R1mUd0q-52!~IkW5tEk==B|Pq%b|||0El9JWcGHAKS*Fx!JC4AX)OSK zrI!U|wyjSAT<07Dw~rTKV_*;-7sp>6@6P8?BLgMUpi!ni2TY_FkSOjU1AlfN9itI) z1U??yh{fSSKtOmR05{EcGKc4_Ab_AD5JM$PHvxfnoAr6^s;NDG`sCb$`hD&g>o^7E zK(cc=IjxdqZE)8`!d()?Afi}#Y|s>;1i^!TZyfsaz(!FnVy;55b58FG;)XCHIHB=2 zgDH2@Ce=(vU*CFg;uF&vwl?5^24K(CXGq#zWxe=#VXmC)c8z6X%j8+d>2U&V!z}Cp z!pYu7!Rj%$U?Eonu!-z*I?@hL(o7J777&-I9Lm@dh5@ZMfG;fPC$S9IR#(Peag*ag z;mw{Dn&GSC^Ol<+X-3I3!Yx@V0b(UhSto&fB=e!^`^QTFQhLow(H?!%fmE{q(OuGu zfOpLCNF6k+H`MwRqAKj=c!3$YKSu3fE`lfWCfFVvcIqgt8SB}>3Un@ieG6#<`Qy4Q z)!#=I!fttOKC17`+i5`243sT)n|UV$AeT3;L6cARsjDr6C8IS3f;aIOVa544+ng!L zY-B**ul>SVGAWtk5Oy{Bfa3x&>ETX*?hY`QlbfCq(>2_hBY?R;W8PI3Guqpoe3DpC zYY_>+;wBU<6+?HHM2Z#!#wH42$+Q+$9PAjp zsL#WU8z8ML`f$CIhKI)*J!@foA`zYMOwIvu-Oh2jmKy}pmOl`QXD?YL*2Ixq{&o>^ zlFa4&{dO|ifuolb1@X+?`yH?)l()Ft;^z!V~uDAN0ii3w> zT76iM_y0yY%}|0&W+VH?GV^h$vs+)-iHVgEe#-^ z01QDOe}=Gdk(4iq2-GB8>*Ld4_StmAaxg?kCdY+jfszS5=*yhR!Qi;|1#C|=xYHj8 zxEYHWV({nCK#?-#GhP5sOO)^*N=yXEeHv&L^$Z{^;0-7)OCDeB0m^4q4-W*wil#6Y zz}5up5yK<2$e6(BW-?lg# zN0|_Dh>4yyp)Ykn%Wi(t#q5lUv^U0cN3{+uLL`T)IAx(XKt&7aZMVBZlBPI#FkGvxl`uH% zKOjuJu6Q;n1%w;Okv|Wx*1XwmBohd?eLsOgI^7{6s}WB8G6QtQLk2)!u#=a%7A84e z^b*G&6s=SjW@jGgjq+VUl_iuchyemGAVP3Oq@O*AMRgJvWr7Vwt77VMZQw^8%oOo= z|F`W*1nLmvfg|z%zF#>&lfYaN0K=iSTCBV+avG4%09_)CBuA1YKvv+=&RKIPT$Y$q za^X3yqxH;63v|l&@K@cl$@l)lL25Q1BJ$rf=z%rHW(bE;}A}B z#0B$Eyhr>nK;V91&$54V7hhz}hK9$s-0cFdIx4-JJU62lt6UnwZ3sSbI>=%rvf+pc z_s&L$1BF60ksv-=&;$VoMMyy63F~C3AT_M|L9{dlc%=pWI}0J10x+RcQ)fhpZ>iSs z?!J--s@LgV)PP?HrinC!>ICC5T7ck{J&m9r$?&UxK48N2;|Ps8!9rjTa&8P(btG|2}o04T(koJ0&bn!0Vg zV)=q3jCLV+13GAiN_r#G2b>j@J);QR=HmepsQ^K$5>YW>X&#LgasgHWhUc+hk8uGz zNc-4V68WlX&G+jjf=!6n?Jf{`PU@&d$BIfi#;RgnHfn(t8!(X-3=ERk1E>KQRLoDM zYGOGBFp^0p1|(c)t)=K|&k?K_Es(Gn1psm^`6^-1T$a={O5mF^oj%q>d<8sTE*O9% z0(r893%31}w`Cx8A3zRDsbyf%4=@!M+(3xj3hgej#zF*n7Qhxa2QYdpFYX*w@!WJ? z2$C;X!3X)RsTZE5m^`?Rr2u4a$YsdLa(>Z0VG<7i8hY@&kajtIlYv6{sv$SFqC>cu zE7s>}Hxh3H{=1GG3Iv!%tH+m`2|RuZ)~+Sh^W|L_>B#)&H)^KQ;&mTGY&#G63ug zIWhotF;Q%eZkG@wDjnJ|Gl?~@GQ+z|0bYf9)*DMNzXvc2C3Adcc+g4*&Z*ORUQ)3w^HDm@|j(~Eicpd=ko=tx1RgzhKiB>ZFkQ>xUqU10@WPZ{A_RR}s-!JCkId1-`?|t^By&i^lE#?Tlw< zAB9LvOjt)Ge?JzI1OmA?-KWnwL4#L*H#F0CNEOmc1}wBOOrka$7{`kK)Xq#h_H%3KCUL7cQjn9F z-ESTvU@XkMdWUEy98~_Y5N$XgcQ=OG8k{K?qPdnOhpHe5wG?D(fR3ybp1{GXVpLnc z7tHTy00Lf*4OB|S2nv7{sk==X&Fze&DiR4tYMhM2AcmaaXd@mWkspNzh^QPXJ~lTM zH=7)l#gCyfJw;*o$sQLMDl~>Eu(o3X+QgzkW90RU2&~F6PMC~nqZc=zB>H4`i7Hk% zlDiS>>5w6`1Ac?K)l0AM7JazOsTnF_w29bZ1_r0JD=}b{Wf;{%6pYC>SZBwBoL57Q zIz0s{j$dOgkUYD`6pichj1-|U6v&arH|(mtxJEe&s_?-xq_{{Zu^qLzrj2b(x-OV5 ztR4olNGA@=RTp?>TOpluZNECUY(b)?LX3LY>`mY1G!aR@ zQktjvWFs#5kZfc0>r?b8o_7qA5kr3kI98GaM%b|2HcouOLtO%`dq z9Dv{JC>I^A-86;qyEP3m$yRKTgUA|7j;ZDJix!zd1Hxl`7{Q~4QWW8j1Y8mcuY|TL z4!nA+@Ps~_?E$9s!ni9Lc{W=aa(z2kB^hL&=l4L5iiIP9s|mwh0pqtWS6XBfwYXfN zI>Gb1&RN|!<%d33H4yevp_$v}9W?qEa4BtOs(O^z-J0gKp!R%F+}ec1NttVNdpb-i z2*I3)<;v3arRJRaC(PC%uC-3W#>8DW;Lrx4bG~y=(35GR-P|9dId@8L%9Ahb%56MC zW@Bn0$9ylbLHcQBExuXX#6u`_bX#N@Djd!SBU`L|2m2PXFFrUJmxD~Qb1cgKggllL c-9E6xo)rX*7F1zlEQb%X?T-io_~1ATfMLX_MgRZ+ literal 0 HcmV?d00001 diff --git a/fonts/Work_Sans_200.svg b/fonts/Work_Sans_200.svg new file mode 100644 index 0000000000..0ffbd3a845 --- /dev/null +++ b/fonts/Work_Sans_200.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/fonts/Work_Sans_200.ttf b/fonts/Work_Sans_200.ttf new file mode 100644 index 0000000000000000000000000000000000000000..68019e1ccdf13bd85696a6b5d957684ebcdd4fc2 GIT binary patch literal 49752 zcmb@v2YjSexj%l+`%X)rUNVzpCexD4q)ytV&ZhTd)3e#^CY#On%~oJxS(+4C6aiPM zu8N50Rqrf_0xGB%6;v)3kfI`ZE$9`l1<@<) z&vQ-~XN(!}pZw)PI`5$O%aZn_qCD?5hXtx+v7>t#OM7z1+~EVbugCi@$62>y@1@&6bM(?(jByuZi<+GabK5kLyEij-a1y^) z@5BwwyQ(hqcOSm{cJ4cJH22>si}Cv{fXBFZ|NPuB>*hBZ+uw%%jr-<~9+1AC{@?iS zLwon)+`a|tXDc=`cHIN$BYI%};Ugcs=dq76cKz#k{?-GB77mnqKX)hKEkpZ9nZzp4 z?ic%X%%>RV1H4bAQfXCMqd~7uwS`O`gU4_18Y=iL@dG^i z2kGRQy+i!1cskye1*p35HZ4nMp=d!WS4q4_%~j|`#pdwx{$81jSL$@SbX~f^V9;w) z?IFKM>*W#d4az~S%)cLhWK#~$aPy3u9oL!7*T4EI_3?M!SzQ%>1dxhe18!@g zm6=?l;ysKreh9;4hqPS7Bv~WPF_o&nSB;Sj$bISQ>H2g%dPJYP)a(%V)LSvZ;}lusg@8A zMr>;U=Jp{^=f}xEdX+3@Phx77q@Jg_V>pz#OHfN* zUY&v$Wl(`f15(rdPR!1tV7PCgnz04Y^sIICEc=I(D(<(C3INim5f3e%iH97Hb zda|=UbUc@!tM_OMb9|wYFQ-s*=D75*+nw!nyPffnLTk&|-LQ;ZEh|^B%N6WOOYbly z&w}Q&Knrcr^_Y51idr+5##1mGDSS?cnU|-SEcf@Oa;=t4fjrm%>(fIl=uLW)(SS#@ z1YH^o=^zQe#ZyIe>9K&*a0CrrS)Pqg#^ZP9^N;XH;@9$$_zzvi*Bp+w-5zyF~hiFsF)!;!5PoNiYuxY{ITENAp6$a0C81(L3hbP-(v*_&x zd&sRzwT4Uy1}DJbc#7yLDcWe&PZ3u021;+05sN{ zgmRqq1-t=|3L?U%@#c#e$CTT&G|d`|*-DdMW0M9>Y@NKmr~CTJXCltBFAN=RZ9O_P zbm|IM?rH}{YBrz-tdivCMjeYCcu*qx`+sMFIR`@q3!wQ3r2 z13+jrY+A--jrS%Y8|DO$#qT$0F;PB^R>4euAXpJPQ-Qa#$X#ko zHxy*&1^wkC$J@?@d3;)Jt;!3Q8?9!G(Vv%Fnxh*3@ch|>ki<+M#Z2p%frX=m0z?&r zt0M5kB!kLQQW#4yr0BCU&`|5sfPI-Vn}&!{@Qc?F;XnA)r#|}3Gq>G-`>hW?D4o3T z)cv1@#J%ogciwu(nNtj0fR{*Dqc06f8_1dD_jKl94bgRKE@?Q|N}QNhp4LI&_V=a` zu@k8Qii`}#G8`Fp8@e_bpd8W+245Tr=$U68 zQsCmPR$i}w7JtPW|1r%b(R?YOOJk+cFnBxN-#DwC&_xDaaQ%nyB%Hb+gEypu6g&=d3q*IV`Qz-DCwDmo`Vp9qQehb zokmM4Ml~grT?*If1T4^aTCLUyt&M-sIQrC7*Rr-*1;i_gvUzhA7^G+3eRvrV%)f#G z(lHQPLdPglkSBD^S{!vmTWMOLRk#dHor5Hzj1?q7V*^c@8R-c<1H{UP)TEkO1u2h0 z%e=4(PEs%x%U~ucAs3X8!V04S%r&GQpM(98oE~Lj@Iwli0{_VNFbN9q;`3^ndKZ6G zI!06f6_5bElVsH{$SN<3MjMR=Ndvn`1yxUqN)5R&2Vo^m)j>?Q+6<>lliyj>s+f(}A zygvTT_jL{`GHrA`DbzZ5R+c#ue6UgQK``nAd4NRtoJK7XHzt%0AX-iT9Cn-sM+BeJ zMpwMm<>Fr@V~e-Z_~TFW8s)u=xL;@sVOqcgjFI(%rW%7$Lpm*p*G6pg;vdh?yB6~o z4+8dIU3ujPKX}F|#%RUcpOwSFlMVW*ELyCUH8KbO)SS%=TMn;>DVLtkm^0g9Pq(F8 zje0as_2~e%QApSP725=Ai|iEYF`AW?k)hXTygzZSz_7x~t&GI2jI4K`0~o*=N!qIu zILnK=Fb_$ovw|{^u%48o$s3HA(7`1z#5Q0&5F~^uJmX$^n|~aaCWd#UaEyc0EU*Kt zk#L5FH5KN|5XF9|cmlPih7>CqQxL)*-!V5iCp+a0{o~`V=XPE^J!r9}+ReR#ySMPK zBss1O?@tr&*TDM3Tu4FMnen$*acD&a`BKypBiKidK(?;fr z=4OIhnaq30n;|BEiHuiR3}zF28Ar(DHPiqauZ?)XWQ)|8BGO|{DSjpgkjc)1|1ojX z{}f36!87lZjtrjp3A%W)rdn!Dj(iIJWU}0-Gfjr=z3Q#_k;_|JE+0`orBfq!?%a9ji1O)BOey7)^dL#d4+}~)LEbe-8(<71iB$*X zD^J5KkpY}aC6S;Um-@_R6`Vq|*PQRlR+&`B^i(1Cg?9l4%>`ip0M4f%5^^p8E6ItU zT^QUXv?M*Oz;S1^jet$a53M3UQn*H=f*B*MK!P8#WL)mE*K_3dXNf*QC7rJ;#(8r3uw{|{iqg5-i z1Kt3J12#Q(I#wnlNKTdw=1MT~PbOk76Gy-SI>hVj&;rIl{<815LVXps zs-zRCN%+Q!(Qyf*&S2ag`Ta^OgF^N|6E=BvT09fTCa!IZ8`|!C^`>8nVzf#o*I| zRhDi3RTe-0=+UFQ9(Mg;)6SinAA+gBZE|ux{$J1v_m1`VkH^29u)^)=GaY?y?u|Kz zCZl;EXLPJa$D&JeK8Us_Nxh+WXEcX268Qs&E39cMexHh(g=b>QAOIDwgeX4&A?Yhi z#8_47#RdQPC6`?EZ!XurJ^QUMd_mIB&TN{!T{?Mf{9~WEFa9X$>$;^z&@=h8A-4UC zP&JUqJ-smx;Pk+iOiry@&EZsXKHf_XxDeLE43OsHD+RB%oUbkKn~EA3D+suA@&0UU zzzAEz9#YlVgp^$NITh&xuQbAhKdQ)ea+RemzBF^Ae_)$><8@si`b{@>w_i1(9&3v? zFN=B5{sVr8$vitHjoz_ck@wqfA5#qu^4o6iS0*2yiMi+!y3fWSUoyxzfuDmgV9aFMvaA*p)MX}oF2b@$23~<#C4ys;1clG*1z5Uc^eGA%|T;ypchaLn%QY3K^FO zDJaHx5i9hU_$Y|UV0kNY0Wk#IvXnd5jpuKc+pLR|&08Wx+a|{sN*WhCcYna_$hvmx z%+c8+TlST%+uJ3by4~2*QP>eKtS!jODsCyS7z|I07zRfM+w0p+`jXa)^5F`yOqSk} zHUn#3)*fx~aE+Xz1DQxYX0GAgB4)`o67i6FdfCogHq;c$$IJ4)rhK0t)1RFn)78NT zueZuX0WhEyCTGMVNBG~i?;fun)n^$x%eyyCZJPS^D`N|;BU|IIujezv<0Ct~*_Leg z#;%?YJI~!S9`E2^-g-%P{J#jh6laB94?Er&1#W>=#mQBeD`|UjnnZ7vM{@nm^}kYv zbnMJ^(lOyV&0uy$@VtSZCz=hk zSh}lvt32T_;{FGb=h zDjtmRbMZrpo|miw3t{nd@WUaQnN)`v*U^l_Ut0DBNQ03@tS3(c1~H6n*xJ0-8;|F{ zn49}z4h-OzHf)fBM0X$_`8eK^#bCi_XjQ_ekip3yAeCZU8{kzWEOm&2=l{id7n{!Bor!~4@%AnHxksvvlm0YxBE zfC_-&C>xDNk`^9W_L@XLvWfrZrJs5K=jHtGJe&XO>%1ZUBp>6=@fUeP{A=;gCb)*b zi?^q+oM^Td-p9(z6)Yg)OIRS^TaMUlK!e%!ThG;F&wDsqqDeaWi=KA{?mA)1OC`n zhXdh5B|aC!n{8w(*sPMU@6HL+foX(j0G)UsTMUR*CPmyzkj^7Q(7_t%SkdMH0mq~Z50!EbW*g^nJsBG34@>9m-9rZ7y?w} zsQ|447C%|UE)l>}{QGku;uj-(^ziwhq7>3y=K*XPGLk2`tR>n^@x9y}NvDNTNOOFl zARj}Fk9-ouHw1VAkxa@F@FAI`m@nr6QKiKCxcR(biuBUya{*2Gq%p)q0<0+^YbMT; zH4C7gB#yhH?MWPC7#9o!u0k>dHMl~rL;-bzf|H4+3l3%k(Lk<0??@0BjF+4{5P%3B ze7AHDXwif$8DfNxDV+>Xq(d>&fBBc*0Ck6V)ReNb3C2%LM9z>v zLSzGG>v^I&6j753@Nwp8#ER6bLp&rHlsH>FdQP+lA&#ZnEEj|$2+Kr#uuVXnkiQEG{e-gQFaE zTI#Y`LCW`E86bZ-nZEv)#;7E<|Jf)ZgOu4L8Pu-GAYLM5&`R86?fgzeN7v3T$s$BR zH5@qjXA{gAO|jqSMMBh&m5Pvr5K6>diR|~kf(ofnvg6CWev9=6&J()_>gG8LD)&Sj# zBogLGIPdI7dr<7F*w>)j00F^Rst9j=_$m9<%=iko3sgz8_ zoeMMQK*22W1JW^M|AVMSoOn4Ww;J~&(V_;WVw;Bi_WdSBaC;HbjcQgmG6XpSA=PJKd7^glm-;;I; zQfCzuSgetF$IJxkGI$#C29FG_hd%@7^dM%OftNl>?k<(^4gPM?FYCGp5!q8!8kr zOb``iD`2V=pt`T1te~_cjCTaNyry2BnQp9CaH%+j}k6K+)b;krfAV}2+aHKD|Fe~#T^R=g3|-z+rme;A2_1Q zPW!?1_TbEhvANKD4lHgOwt00fPtVZgKv7e~o?X`+*|a#nCH>)<;o@keBYRy(`P2@g zc5u=n=D^7Eqj^9)Br4K^m^$)XU~33E0pE%YnG!-;WBo~s|LZ!LR5CoKM3rt_HtUog zR72>&MLA%nU7w|b6$)%fl01cKHJQ3u;UgDw8H+p?QT4%_xeVOkrPw47pdY7bOBE-eNrC@fG^K6xH?BXhCCDN~Hiy;hGw9Gx9asAgYS2$X!|^ z0VFf3V2x3tmY+$NvK)Pu1I;~SQ*)ml=x!OaSc^Y2KI3%!YO3L$jYFN$Or0%dmX}1L z>*_m`hNW?1oR15JJ4Sq9PndQEy{KL%2L#R$4-$ z)CU~`R7&JhOY|Q9GiQ4c9_$T z4R(!f-2B)C6eCCA|!dltUg@ z27E128BiEh<*+*4fqX(Df&#iSAX{L_F}Q3NJeg%MAzqwRS&&{@IEDrcPALF`1Q2v| z?`4m!0TuyFq$6{^8c%xZ(2s`;Q;rquYamX3nZm zUGO^QO6UZAmW-Uo>iE0J!w6FoDPKh?_tO%BOONg2@y_)b4ePI1+<$pzLrUuqL8U-YDIf?_JT?rc2R==*l8^8sm@XMw zT2sj9^B19xkG%Wy*YPFGOB0y_LJ`#(@|XAatSRFQRLt%?wy$?B)Llc8t#VZnUzscQ zhC`Q~SUm=cMiBnqS(#lRkY*PONs?)L1?qrAO8?R9Cewe(*+pt!&-6YjE)wy?;4&5~ ztTuyGT~j5J9Ab9g$>!#rJ$o?6-8;>Dc1hB%@j1+~^zxa&^=*BG&fYe@=SUx=>PLs_>vtR|9jgVVg=l1_4ri2<6s^v=+$F8FeVX z!jyxOnqU3fR5Zioauv9OMGn8P6ZlHy4Dp=}bQ-J)1S3`(Dm<%es6s&~s|f$}%+Y=O zuB_Y9Hn_*8?~kcJRlliZxZ;TB!@K3O%`KZ256nsn$G>;Whp#`_d!Vts`R@6E$=4Pr zXmpy-eDI0`wOiI*wtf52B>vw3{hBet>SzRkH$lHjHWOBUB96a?jx838(~@oR`SbOn zgwP{0Z3#(2kqd|nAu&);@%#9KYR^pLtj*@!-Ldc3(cKFN5|`FvU~R>kd#CbZwLvzU6H_VlB87bk_1-n!j4(KOA=VQ3o~r_E=geJt}2)K zgzEPCVZB+&dV^&P;Vu%-a0%zhA!Jh&SszN2Vu7Ua5933DdIV`uO7KL)*pl3E%NM`s z+P1B`CE`rY$g@?|^SA7AAOER+q;o@#H8Z`n5t2NAsgVCw8e*lao^`WRQN1S{GQ7Yj zsWj!v9%A=2L>KD?30s`Tt<&=Rhh zTDR(9N|+~~n2P2$G%(iC-O$yxeqBwZ96%KZQC*wka@hRoaO-`^(il<$g7=kAR2xH5 z+Ms?F@&u0&KScs04iv>~F^bv(Z<0Lkn5y5^w)a?VS$<)4sI+q5#?CTTQ-!XyMsD1< z(VbJ?(75jSTQdU#GjzPUsj{#2s;2(^b487jq85KoLqT0?T1k#SqBC_@bWJ!b>g|z| za9{VhMpf+g6#ccQr>UvCyXnj?a;x);%BzYhDJ07#@bNY{)lAWQEO#Nt1+l9`xJar; zGQSk3!puwtv)3eya~Kpz77}ZTw4u-o{MH56WMB1ErORdB)5Vu&C*qIt=-_z8L^VR0 zFULR8&_UeO2@1VNx&_h8EQb6NRUip`!@QH_Bq<^Bi`q`KNk!rn<#8goCk$oEIYlP) z22m21iAdzQUR-AA&wPfzrHqLk##OTJ5U&&?SgAWaj4HCXK=b4H;VHp2`*Ed39;KOq z7nZQ%Z@k4G!)c65Jhs#G_UCeC(P&H79+DU>NPu1Ma9 z$Vx6dmXU*4laOIBWMuX=l;!BseU|cimvqbWL{)TcuxF>Iw>L;-Nhp6hp#r+!E8g^AB?8-U=rTSG7nu@^WHy=N~Z}EyN7U%ZwpPOA= zoK`&CP?p-RDk3{Vcdd#u>;=UX$=R7ky$VT}f$RW2P~WnHf}y>g*VbA!17hYc?< z8vRCLSldu)mQW8=fJT~9t`UW27PHL?H9?taxN656s&iY{AKy2Hb4&Xbiyv}wsd{*B zf8E=Q)!Y*Q->M-Vk93T+U2)lo(zemgD=xh$-tXg`Wmha7YHYk>abL459t$szmu5;C znKqz|>}~l0%#<6>e}wf!JF~e?lZgxb3L71zOnh+d_Vm1#(GZfNUY;}a#IgSJ_s>`gdX^4a>^v0&zV6(p=nt3QEl3QA(H#F8XQ{s*y04iASg_I!{ z6=M)nT3IJ)cOp$9$-3=iH)9PYD#rl3j0!RYF^Q@a>K9?;LRMh*8hsw{G-Xhf;I)Wj zCbQU8Npm()JSI#ut%ZMb%g)LC8hx6#zIWrUsZgkA<5=G#&Ru&p&QG-Sqr1i@_FB#6 zz~;fpX~)KauE8J0GbFa}(Ckp}0{K!b3-}$AE=R2v@N3~PNP5UU?;>MSnj*o2XG#MVk*j=|d2#y8uq(!JLnzwe-* z^yUWi_&SU$VF}B?2ZGelzy}=&GAQB+ylVTe(ZRO1Ud#t=uJDrQDS> zSMHLoQtqk{g60?lZwE>lwbwLmZu7Iu@-`&nh0U?=YEj$L-*IdL7?IY z@#pcLJc!MA@Sb$C)6T;lo#Ti(mM~h{_QiaPvze6 z>738pF5diXyd39J{sTJDg9VU2j~>pgsT%4%e@zvlP$n!ShUPT!e}Cc;?{~ft`1c3A zkNxnCH@N)AmtX#$_&bCF2D|sic&~~1q8@!Z0=u+?B|$d{5{E}c- zYJd)^GJDk-EpM==TPp(9Hve<(&sof$&fB`aGT-J2)lT!j#Ahn1_{V4tL|>MjSgs9tbnQEHKI;Ri=ylz z-c%g_0KYZ?#o zW9X^oaf2b#C|gu|Ec+iFj6crb+FVgh{gYJuDWsy4R=^{xN$hC184W7A3*SIFqI_9! zdD6!L^r-yC+G}4vp$QKBa`?I`DI_UA2?qE8Bx8C~PCiiAZOO3oMNyOo0cl$$Fmp{g zxqt;!FD*z-kP*mPm_fxBEZa;+WiqNF5ou4xW&}-x8bz#qql%Pa9?SIy%w7_n*0nq* z<|`2@f@`hu+Sl;kN9?r)R+nCz<f|C5Z%1MR{3iGKu3y5+{|Co)=Ey2wJw7 z*CcUBB=FHxo^FU__7qjrHLhQbl!j|E%o%Nwx)%4{b-`_QmBj_Sd2#$ld|GYNHt}4T z=)tlyQ%+G?zAq&hs;zpUkedr#?WWW~UQXU#3&!Tf*rFJl66Zip9c2P2m`1_dJXM3J z)HD<&W+Pp2LF20Mh7#veqOb(=u8xlG?)LWXhT7VOhIQ*2Zs3{mKk?3y@$nHltX;iW z^WWRswGZk+VvU#qn{+DaNhZ4<6FYP$E7+h|&*Mo_22)@S$=B5&eCe{w4j;y`uy^mm z!k#?~sj>U+i_zh@_s%=-r33U0hmHL~qIDz4>FdC2FhM9qgfP!4y@!%qEIB2wz6J$R z!RqRoKe%}AOr@@7Cl;L`OU~N8p=Q0^)K`jkQn2HX7)dteVUgXWyi-#AQ%piE#9J2s z)&2k#y4N&eX8;Pc(d$W`VTqg85&;_PKJ=l9*^$xhYKP|Vmf8KoAG)cK&&Rv%m)>x7 zbZ}ONVUi-k4%909J5baFTx>nZAXMPxbKBeNnun@4*G(NXI*=v_yMuz0;N)9F(=l~ zuf>&{Q8ka>7f_a4h$$2H1!1XLWLIFtUQgtf5yQ^fhYQwe-e77V1im@Mf!J0k9%1=QRh8T8eA6AT63|g1q-(ZC#BLNT5x(jO0sshMCnuVJ zxi~v(ps9abiB4X(DKfYJ@Z8~xqX)ZNM@x!_E63)y4ojylPmeTAe`wOzRy$UFU}k3j zzkhP^&i?p|k>TRVaOu|J!FgbtNb?Obv#`{_UtB33CsS<|tEIA3lbM$8a*IaNdaI2v ziTE3rUX_uPe&wa{Ues=16MyRKU*V0{I3T~)L1M_jiW78GL$hdB!xth|jZA?=i@L~~ zheQL%QSC<3<0&X`xlqDUQ&5fAU(glEca!oAQ%&*NBu}D+@?<1oR!6Cnn0^9@Ko-Ar zUq^G#WZllz)}3`zJ}EPzB*EpjAPuvb;%N4tkZfw5vx*@fzf(Zn*sFeIo}AIq5Tl z`xjEB`Yn;UBNxw)Z(kUz8ZR#$t(Hzbc<=q6?_ZzQ*!jp!HFfpl#rrqU?9bjhJTw;> z4rA^aUpk0+-->xxqVytsE{Z#pC_U}!#M^S?#n_hN%wE#NX-n@)&q5~!*cU+2LH2p} zU7WS-L4Hc;Y5M)z^Zfo02uji8?@DijCIakX<$2yHo_~mc8E44*rFVHbzZtR_d&`Ja za6&f2)B#h?lk!d)=2iZnkj&LJNwu;po3#+l5sSxPU0d5&Q(9Ih*;So&^=(&d@;nuP z%MdOr87?fYs*7lA+ghrJxA$^v8z8Yv^j*(y6w(cAlUAgg$i=|4Tb6MGMQLei25d$` zb+#mp{UqbCf(tUvi*@*3q`~S3?caLbJ-CBQ?wbxAIRdjk{_a=Y`qHn`NYi*ayA7C1 zXYdYFkWeGlMn4=D`b~sK;L@#CZB1YfZDJlxE{mJ?dkv zz-}Si9@Pi@3EhH(A?cRhm<{>595loKO2Jw}!z2u%AqlxTCrCkwL!8}Cg=LJHm?T6a zNCkyx&_2^I8@HPAEBpx0O0U0d0fVN0ngEnZhq=5Q32mWP88oh`McSUOc->Mu`` zRF#2>#41tkGbYM>Y}r}2JZ?B%r>BV?^7W1vNZN(9DIRv80pG4?WH z%o<+7ST679<*+M-EwGy2fF!a7+Lv9y7Px{$aVgla;r~i;eCzp0j^?Wq^F`4i*aBzI z*YZRpZ2`cNumw7jVIgHAQvQFPh@bzHi6Bk^*6J}6WCyI_l+{ck%a|9=TWB5e3a0>8 z{*O6@e|-(Ba8}CO_{-?c&a$I6yTz25jzU)OVw%Xm?K0?jsyW1M+F($NnuD5Pu*PN! zRz)n@ni{P6=dJzbfx@DG%Rp(*aozDQRko`03hnV8{`j7(-O=dotUdMSLVJO$@7ino zTm|+*Gbqiw^ce3$k214G&7d$*?2Mfp$m5U|j)Y)r<{7T|pQV@IeN}c7PqjnFUCpn9 zg^XMmJ;nG0ktgXj&Ia)`LL!E~u@8dVMD4==gQYIg?x<_5q&8^Y~r=$9KJ5 zSm4epEX0Ead34SzAeq~@^mq1N{x+oblPrUOjceGG*wHEFG(+t4YqZH6`YT_$nccvu z5wpTRf@v5q?@57Y%{r3x~)J zxsLoMLuOjFL!Fvt$VfK=miDE;OX=tbu<%>)K7#3cI0GgP$zc4Bj416MVjv9w(BR$6 z2LO+v*(S;U6TW@u}U6)P!n2#euzI2?F^*@l~L;*)3YMXnln&OmXM z#MUp(vMc!CfnNhd42VP?WaI%@uLqYi;gckT4VV=%Z)fMfWo$%a@D5XU75!w24j)f; z5r5~ziTJ0`4_VB#iq;8F72aujs-(-*XUM2T*KWhSU-kYNn?(v^{g3B(yW;A#6<5&&}{WG$x7I( z=I{K=&^>16ru`s{23mHZs5BI(sAvk6-34eXh(vK0!txe4mln4r&*>oA3R;)<7(jZt zD&ccc?d0m&<%4@?x4C-8{G0kdZMEloSrXG~$dFD=4~*{2zT##}q^q)R;3FBIK68gM zBVa0t6)p|)C&344fDkJQb92lH*$8_yIr#ugR&AlYyRb!v68@|^J-jrN9|bn-QL4*dGj!z|N>Ch*_W}C0k&a;xusZMREszE4)C=6EgL}xL|zHV8MT) zj1f+X7E+XA3{}XqlQ>1$5^6ieHiecuD$AsX^>sBhb?Z^BQ5h;M4DBejH&*|?wA@}^ z^84xrTUpVYh1F?kHHB{y8Q4MVDM?t2=oGf4T11V=6Xh^A0Tb-L2}nE%GF6ra4Xz|C zMr*{P^z98QuuwG>fmVabx7=P|Q&TU%2p1NH1z>z*xxE5lG}=o;Zx+_1rBxTcSyX0g zsQx`*8CaU+>6l-wkm#r~g@q~42~>`o_DT zx69Yq@usY$NpJ|g33ch90WwtQaDOcoz#u2Tz((5=;&|rq`|f-E0lPd*Z>RxYB;W;` z|2&kT;s?Ueg!hyuiYmRH?_wkh~di(T0+EJkCRG)-EH4wRSAZBSE4 z6Vd0;``_=m`R04YCx7P2#6Q9f-p+o8Ue#o6(fdHF^j37e3tRRf++f1G=$gpj%^p0> zQ}8H$ufS8Uil=g;PAE=#jEpYjIXp{1h`6BWe)N6s%fI<%rDKeo?47?u;|16gXsTgP z93}}|Ev2y~=?l2~b8+|Q;%=3c%Hq<4xcjQO`|4qWn%ce(ZOtNzC^$@5OkMaf$>RbZ zGW?Qelh7O#=0|0TEfGfa_L8)8`N?cbGZ-_Zv|NX`$&i&+1-l6`<%|p?^+!*igQw-~r)(oq#S*WCv=Tf+o%6Xc^=dd7EEUiPN1G@($wtET{1_OSd!RXI7m<`7K zbl5OTf;b5F1mBSbvnJ`_(Rv6&NNkBfSB*4hJ=VADdgJtjEKh7SUcYN-pWSAg?U=d5 zz_ZiiZ_28_r2pD*bW__t)2GL0u03kc&3EV8FTJj(BdewT(tY+^x8G^sd&&49Xt{3b z9z?n(;qiIMPRYfZ#%u?YH)1m)s8U-96IjS=Go(}s27y9h z7%7V6fWMJQE}_z+#^yr_H)fgte6iQQu>Zg|d(U=LwtjMb%hps!eCOQc zyy(b{n(2+aGn!Gqp2rKM&iWMXU3C*S!p^I*OA>~ zw?WYHuGAE&d+6+qRlqnfk#vOwSYA&wNlrb*2B7ezdF9s$oWw@LG8>$VrlXJ>QMOQ6 zR7Uu;aHL?+i}Gzu4V)>^DT=sJB9+{RN|dDkwqU`yP}bL1w#~GyAh6Z6wQQiTV%|6( zI50Ze(K$NSu~fcbS|~1FFmH?W_LR??wiXv}H7=C)esW`P&(u^;FE%=tA&>8o4AS3_ zkqxs-hP_84VW-WiQ^^PjLJWvfdZ>lN6d#n3SEFzw#erd|1T3U?>nYaL>kLmh7wp8@eXytL9tm8+Kyn zmznO)@%oGA?Grm9ea(AzNBWvnlY^OEqiXKW%4=CyI#|xPZBuo28r#}b@#ivet7nt6 zO?s7&tuL*0WyHVP+fqX3U(if?!9`whQ9X3QY;?xw1s^q48#StwG^q!>Eu&m6H4Q=S zBv0WHRC}c%Yn9}v%yfxrqA_-I#zaMQXG2Fz6tAqWt2J1$Aj0PJ{gB-4sA4NHsGt*gf7AXs=S+3!1$ZD6rkP2*S2w-ic0&fGpZ6%t`)|m9rGyqf3)e z7A*WEEMEXus$f6R(p`k6MV&84O|02uOl(1+Y21JYP3U=C6BR<0jj7>s41-x7#?sCjQxAkdMZ%AW0bFF8%}} zgf=$Q8`Fc`e8Rljj=AE}4v=#)Imc8JfQ)UT0)QcBG#|~>s7z$2OuRs&sb~r+e2hLf za(rpko%G?Y-CeV@ zUENzHqh~63}{*TL&AUy z#z_4$+VEdyL~0;5;!U2EBiLO~vj5civ!6MC%1eLoi|n8N6qJhyKDh3nz##nWV7YLv#=w6m3g;pNs7@X2sM%P_sch_MeP>BH{)+Ui_+$OUdicPil)Y9A%1Nd~92CIsLjHl}j$ zeSF`$SMYs!L+w&jJ|^7*1=z#xh^E_+K1eMqmGI{<604IUcvY$-rygKZI!{$esgx|% zO{Za#gfZ-Kzr2>0{#=0ANM%?HF<5r)Q=)W)_L4cz!wiWLhfv2o4c$T=*ZBi}uPNa3 zXNYpm1i32(illypOs|Q^ngrFaBq|d{K*>LrkmLZ=!&O5cNC&<&+7+!Vl`LC3n&+z4 zZC~HH#i+7qd0|mS?Z9WRzx3g)+aI~K^>{F=_&pt0Ke>0;*RR^LcgIBaXelIo(S};- zo+Dp9eCd1JJJxsC?dj@SZ0KyhIR1ED^w@#LhxRRe<@n_f&ldVj{_yrE-t(Ss?Rn|w z!q$r_XX^56rz>e*N?^hCNp~|pe6J?5oogz?{(MhvcBUqkwnA7A>y2Tdv;uj zS`e8Y>1dy+Y;6xT_O4%7I~noRFZfHY=#qNg8yRjm>*x5(AbP9bYQe5v%3nKCiv@Uw@Jg zTvD9xfg%V_x6Q*#>Vbh*nIQg;LV#ie_(L%1Dmh( z+ML_Fhljf>y3?$gqwB`z=EkH`V|Ohq+%=|r+R;jBi_h!k(pSQ_n%Jag10DJ|#sk@g&w8LUbp*Pa1khqwLzDi$N<0xGPe=Cui5?*>^QGzjM|6 z{8ej*edfUGar2o<^(XGVmmjK%j7q~Jpt2I|5TU|cmm`~r+N5;>zY{r0+8u@>BKV(* zFezLI`=YNf==FFDs2U@=1e)Bonxsg9{YVk5#FWB@)RL4Tb04!UJh@;15=rov)h4N0 zs=V&-Sl!J9*4%4)M}5Ox`={1ddGo@fsF*fc@~-Y39o@aSacjrmw)W!6c29p>Pw;2! zvy9b&U^FnPABskNW$rY6b6v^$Op~}74%6MLb$Wes{kEELX(TJfkWmwI7rD~XvWTau z_;q{$qow*b=wGty>2FSu>ni3BTVb51oNRUQJ(>3>(!8d>zqxs!KU&$`Tp4L@j_~US znwkd&nwth}>nkhQ(*Xo}`8+ChUWPr0939NHWUL96C8AAGU{sNfdS8^d$k;YAV&X4; z_q%yN$^8kQn~8q{)xJ048JpC}Zxl7X7s?NEs>!_()wfh_i+;bdRLPHlWK9ei786`{ z-bL0Tkth~u`27^+@(VU3(;v>OV)g`iMtx+}U!5sw);Sye%YR`zu3W4W8au3b>2<{f2lOh?-O3r1!J0I z|ML6d&-0Kp4I5lyAD5c3YT*q*SJ+(yLC=Ue6=`aU!T!DZq2dlV{g8?Q_p<>y=P_Kx}IAp%Sv>6#Mwxq6Sktk`7C(tA+J zj$UbP*lqBYhM|$LlL?D5EVbfN+LO>v_!Y6EAlu09Vz043@mhWh|2ThLs+W#QKa)-P z^AKC*+vI1lkH1f~Lv^d_*J`6WsE(*Ns&7<3qyB@&t?AM1(tJeowB}`PzV=e>OWNP* z8g=*S9!_zljHP@s)tR~_^^0klX(ee>X}72SEbYzoV0usbW$B+z|IZ9{Mn%Ss!8Zy_1^$Am zf?Wk4DfmI5udt)=_QKy3{;9}PG+%US(QQQ^FZy;UBQz2^8oD#|rO@-CH^bVnJ6sU1 z49|zJ2!AB}K=`5X07dqr? zuv7Lfwt)4{b>esk*I!{N;@E)evyUp=`yARnf!(2gh3j7`XZ9=nt(afI-ue~G;!Dge zMe$o9Tafc`emrq}AJ1LjP`UA29on_vpf>w(o@OEGMw~-{KgMRxIR=lHBPh(~M(@dYZC-d9r zx2043Px$@sY()Mh-j8R*5ygAYKGrMu){{%Xz3tn1nCZzCa2)}A(jjLWTJX8jW+@p zbf$Z_ru!29HW6QBUiK|yzCO=Bz@9^H<9LFtmo9@;eT+5pUo$uV1uNuP zxc^BU&jF@ImXH3C_*wcCYE53}W|oe_&Yf%k2P#Zi4UP=?QB>IMVV(Rz)+LTx(C_=#ZFVuF!H@iC@E4s6@P5$pz0$+x?u3he=u}p$;|E0PE0xhxxrYk za^{;MPr}rWgi_+47H860;@?>B!~pb}`yEN?1M=w4ZYEZ9K^nm$W6UicCJ99^F(-7M z8QQlD-;40O3YBW5Y#qCTEup$}MEaKWvh-88*`4jqb?3VS?mBmy`-uCq`Nn(;@?Z4E zGFHbvhPK0rwkEgT?GkO*oz?aT+Owr5#^Md}a6H7=tKY_P_p5ik`tetHzuNw4%_~29 zckuR(*2zb@7%^ zuYeA|$UebdVlnpb>@;|bcJ^11BL@wWg1SyKGcY4;1Lj?SvVBgdJc95l31;Rnt}MIOhEtb|w2A zve_SC?_=+0H-mbw0}Y4Rd)V{f*PpRh*iU0D?2fUq$@VF?J615e-F;$gGA8-w9@PQD z`FZbFr^gdxQ!&=+ZF>+C+B(}(9OL1bdv<$qObWZVxno}&im3t{A1vUht?l#e!_$)< zug7^}(j6Nbn)Jk?Q%-lRmab~2rrf8MMswR@1-O;?=8l!o?`72TYeSQ60C8f@9ZMaW zoW&hC{gz5s)pS)o>ztjMnsUZ?XllwEV?&b*Q&Yv*>D%4zj;Z`}07%_BG#OKSTVfh- z3&5X>@!8^-Dh$WbLmLQIpv=0i-Vcpf-)Qwzm{{mXVzjUW@!xTS3p^h4;VC@4Jhashr4x~OTOLeHmD?vhPOoRG z$Wt842;(pIw#T;3wH3!Q!x#WaD803Z#)S)S%Tz3bz76AB2EG-?vhW(cK#3a|mBGIFlc!bN+NON5j0Nw};+P@ayJ50-M7ino;J!)RH-=BMtk$u~ z(^*-qF+SH4%L);Zf^=I>r_)CUK4RR8nUMWMlc$MtfvlDjm|p6($m7Lh$!n+bJ3Rv0 zr(dTql1{+iIg3eLGgTLuz|)MGyg+elj5R%oz>J^bPiyA zbPi&CbS}X7=o}8a8wC3lhk;i8th*I+J4>`MhjT1Uv|1956^CNQ;KEWcKqn~mylm*5 ztM!ry{D&<-hQ+b6<*DV?SZUE|HMg`+LWI!-maoRlxj$Eg-BkkK2-@-XbEN@<%z441 z`^-vfP#9}#^46ZN;1-Oi65|KJ=Y3=rOfgqm9IFbK*cyss)&Hz12zVaNYcM6u>UWp8 zJBjgu%I*^zotUvs2*vv!9s*ND%7Yj=5T=7d>=fTsVnd@V@hO0zgR6svtao zdo>6OYT+zM@Wwej>=!`b6IzNSY zVw&2}#U^S)7c#rrfHXIRE1KGByOd(JZ^$d zl@7l|Ll35)nZD(57G3^N+>=?`X&-;@2AHq!ojfgXYdamFZ;$D&LM>4Az4Nf)&;(XG z>g@V;>s93%zsjLfrx!iKm#&Mc-VfcR{tx?M!_Tvme@kAmRJ-&y;T>ng zZ$f&XeSfJ{e1CqaQJk0C3y)ZNri`9i`<(PL?-%d;IqzKa9K3AlVg45U+!FEoDdZ#{ z=JBPsmkLEYf?Nwph5=)PDTB2OjMRJk>>Z7+3A^Pmkd49HJMygwJ;bvF`<3T?8L?4!@LR7w<~=y=Cxs z$5=1kGJvb(yOM7zKJS~x@uoxQXBT>2L~kqa`q!S{3E0R3t%K)XiucUpZM*RO2(C-S zd-vi@quPPr2N4zMW0ErYOAo_SKhHm|6BzZu^Zz!y_0Qp*pNBtAp7Az##=qqf@VS6k z!FLeJDulNjVqq?0Wz{qA)t`m0tV99I;pJDb@5A@sftbRr@WNw=3%sHD)QAPtfJvT% zN4yh}1|?R|fH*@V@+TUsW7qK%{4o-&Tjd!%lV@=~H*h02aWl8zulv}LcX#k??nI4T z4$tLzsIJ*1VhX!~Mf!WH?HK8P#2SBxy7L19!w0dmY!7Cq5AlK{6nEfmb`kfme$3V& z8)6$U&%=mB9781HGDMq>!-p6_bYT>8Iu8GTf=$A=zY2c+m55_dEMOC&B9E~do{#l; zKJNejYC9M3DvB%tcPBSDxe0^|q98IXIF6zy0|*E%!wSmmJX}9Nhuv{qXB8nL3MZ*h$MrFeE}*Wc<69mYaYttc8AL?^2N8J$c|#sNLI_F7gOH$*+W(yDzTNkdfa88! z^;K7Q)u~gjQ>RXyuIhF#bT4xIyBE8cpf&r5FO9r_cA~OGnOOLLsk1Q8pe#)9MVa6%g}VBot$EEkf_5W| zvGN4(XGWsYsB*py=Xn^d%dgSE{K^@F)}j>6%Hz(}?9Jcf?1)}7v0(ay!n7a$D0621 zl)>Xhj>{f5aK=3|?ie^|(BLlPCQO`Jn3s6&K5pWaf{8QlynR~Uy@|kX<0ehXE6AHM zWkw>X%ect}6N-X#**7Gj;y+ZBxBO_}wCNM4U3cv@(J>mAGbYF?J|-ob+%ZX6 z=Zq7?d+$ z4;ggD(DUxfE0{8U(!{*{Li%!&7VzpZ<0L z6CUL9eEpwIIJ{L(VZ6xoCB|kNqvBQW_u1bd0-Mb)hTELe%B4S|I$SRZw2>k#do#aD-sP`_Xlo~JIh_qH=NdUeq~_#57M7a zUzgq(ae#_P&PlQtL`Fv*h&DY7K82D>+MBIA;b@fk%KPiDN8u|MO>=rz%)(b>^g zqU)m7(W9BUnWHktX3oy6%epG7DC^0rcVdxPb}Sx~Z#7+wlag~Lj8^0bC@qu=FFFrS zaw$A|NJv9F4<-w4cFWZh^ate%9(WAAo;6qT1NkoCVH8XA!)n*m;wAVHuj;=HYuk!OImd~aQogiM#s0Y+e5Iq5-8M&^+2)`#$5cCWxu1_K zHsyK>MxbkfJPKqhkPSez5!>LrhrhwpJDbdI-XZJ`V%Ec9U2}+ZkCMyNd=YJf zGo767GR9`0k0~f_*;<9it%Jz@=H{t#XcQfv1xPQjog1Z%Wn>p@G#7)BGk@xNR zlW}+8rr@UHrU7>^RC*uo7r1}H%_96?asP(te6)4A9|ye z-uQ~%sG;;nXti2W?>Xemvc9zEFjlMxR<`%LC#Cad6n0f6+j)QFM9&f2HvCe<1uhIJFnpunLW-M zguO}FTJyPArzZNcl2WaQm$=Ye%zOyO-C*29z6Zf_f|LhIv5gchlGK-t(S3fc@u4Q9O!gn*HN+tO4SG@PN!^XPMLYzDL0FFmRhAdOTe_0y#7QR zMk%wD@u-($4Q^Ii=7@`g;x~o~yknlyjIG$j%oRy6FQYjG%s3Qj$FCDC2c4 zeXs%OO=c^QrIfNpMlI?3n3F))Q&$-gRX{fZ*#@MH?m8gbsPPC|Zy~K$taNk|e8K|+ z-yWbUsN*7XE(T&bxo$EC2tDakQ;H*$D@sf&F|DL&B(|K`gTypI-y?t>3DzsgVLtu> z@+=19dq8Xe!qRm)xLOrgBlXSzLh?UK>^^W+6LS=)%+~%x_-O_d*+`kzLXmY)q?GFu zXC-A5%G?h{S3~26wGR(EEPg1*W~pV-C3E+%#{v5SdaOzdJ}7gL83W->WGMvjH#Sjc=IJ7ca-(DqN_ zp2A59p2vRy_actdQ}Ax-&2;Pt+G!-UEjG&;$uaWlgRWo%Ej<#tn@!9dC~7YKT@3A~ z#j2oLC%bp{3i#A0V3yNmd3 z=CG+Xn+dHl`%H~#X;YJD`qiNTVduy*$Yj9SxHNm5wh95X-=9A_?6~a^ERzd8<@#KZtxR~ z`BM7sbOt``z;8l^a?~1`2{GEg)QGy)Fn-m*3pIs5df-$7DKwVU&a?<~AoPK;DgCQF zODbD7@~EaIL%qkCI?niM0iq3C?!hr);IR&~gya{(srZEAl5z?|_&Ec!7pEf@dCk#Q zQ|hre=?Bf1m?k*18fFk&xc(U_3z~z|ZHL0( zcFKk9xMU2IYco`|n>H$wRAR`d(i^{ajMfXs3XR}h;5(rdp)CYmGJ?$^N#pYcMbz#k zpyzg@{||xG!{bV+NNAmab{k9yEhjVFLJJ3FZ1=}(YD)i^x#9D~{kmjmvmz1mDKdUL z#`YQIt1)|M@A>V3bQl!WDY&!1@IYpij*R&|y^-L_0tMyo5Sr2ZujKm843q_D6BD$m z_uP=6&PF)XX7dH}?-#5?t(NFG^m>{SE5<`X3qs8vXYsIav_ARP`T2M;$HHTob}5IV z_s}nzFYt#_+s?=2`;3cVr0o_-Brr%@o`LHn=tzPXp`P?WiHMD{mhzXT2UQ+8B2*@gNYB8O|=S*T8EKse`&9S(i@ zrUy4YalPp+Yh%1y5hs0~tIq13bNnP{@UK9RszWK# zTwO*TT4|jUX0b-vs@kj1c4{W|X{09g3Q@z8H#0D+C)NWUYyQ!e%mY_|7up#;@fofcaYg}FH#=bHXzHOy+hQtO(p3H zpkzfXt8iUoC|;G^5}35FR1(v9iIvW0ejF*$^qQ6UDw&dx;Fp!g4k%IRpvKO%$OLr) zL;rl~k02|#2DnalhlJjWX4q?g@a|+Cc8napU=BuhL|)dJ8+o8g=53(^LJt8YYi3$X zjIJo!>1SZQ_A{>owOL^|pqc3b7g8DrtF9WzYn#TF>6O)pz?-+cH9t9P$XdO=Mch8^ zhbCXnr`&Zat3OG7KJuVzX|*-dQ+x1q90KlyBJr}ZcSM6TU568$4@(Tu{iy! zd51KzHW0mxCl`r45zwx;V${*(_l%#qV?Ri5VORwjwCtXNZ+S8d?SGIbS;KCXNS?L* z^xiMeDQgxFO*agWfD3-Kj8s|GcZ~B;O(LJEmO1=(|Sxr(1G-dr!#gTA!eGESFU*$Aq&d zad%4xyc4q0HvDW25S}dF9{$uYpQdcMH&a%J$FJsWC=b6r;Jt1k&qeG2>5azr8D#6{ zd4Dca^{u=yPe%e0SyLoq(b`(um2~=DMU^f^!ps1N{~lR-IhJGvOAHB0BI;0|kd^aBVS7>NNm7KZzzO_? z;E-DSR!a6Qt?hZl`bMBTG7=-sH641S+N5=U+y!IKjmap*g8D*LpHX?rU|YN zaUvC8f}g|6$hWe0sE^9HomAdE-%BrhfW+D!>Q3lcUW|A>LieZMcA?L|OYk5lgZW5J zZ{%rN&twxiI3d?`B}_)b*@?AO6iHrOZ>0sH2a7?<{`JgdfXNyyEpri9Cv$Js2=W-t zSokAz6|)K>@OW5b`1R2KWl-qcEH^%+v)4A{3wdwwjouoZDQ7f-D+C7FqMYk{yi*f- zTxPQU=(ifUR`YcDOk7QHoXMbjlo@R&>y6#`i`nVtAZx6Izpf>hD&&H#=+`QdBC2?P z1-~8{VI@ynC`rqi@Q35g8>U!S9ZS#w)}qB;Ol&WwlUYihl{%|JUufx8(x*DFF_Wzk z-8b>`(PfHEw}ku;(C?MZnzcd?9UI_ZX5>cfj0}$1!1`PzO*K^KINhL~y?bH?NwH!*Rfhgjh`6OMW;#FSC3D zE5j1{S>+8sj_`6%L%iLF@m4HkWM;C4K9cvaNk(M=O5^JVxwFztGw;WCkk|eITr_Ke z?%Bine(+WyfCLVy(%17Qg(p!6_>*)?0i^j1Doe;7JgEc=-U?h(`+54Qb$y3?3Sl?cAg;xiSh#PrD+3=VA-j->nJ4L= zJt4hYxypl^130;(Pbg`iFVwKDVHmJ@bwRhjFC6p#eect{pO4BLQA%6G=scVVtyIne zErpG&nt)6SP0@rl`qB`ZkW=~<&KsiCFy?Q1Z*ybBEl+*}7T|;Pgz{{U+O@w}nWa)p zfWzJe^|3N!5U(G3VmPLo&4NJQuyDSZUkKfpKtgFHAI~7qXxKV%-z^EtM<#s~p!W zD00eO-^6o5$AsiAeI_daM>V1e5bx&ONV{U?RDigiNaR`SdMZSEYJv`)2P2a@=#(#` z2Z~fixL;3iP&c^o9^{9^%;oG+V9t`AoXI9`UP5B%iQJ zSku8cmmR~hqxCCREArcBp#-7Ab8%VRNejqdcRS(aTucsqF@USc@HzTcKY)=-O5Y=%>gm2WfEODnk%w-327_NXh|xqTy&8uMo*d~&&2oeYCiSHs*_!<^I# zmSnCS(>d>bRtv0Rc!yNWyRQ{!<4y<;tM$NdC*O``d-7^bDS>KS6yp)facb{MluIpB zcPP7rWYa4mr)2;k+(+n5`p))S7JVb8v6%Lit3AUXO|X2P)wvZ|`F=$X zXIrLnoyBR19L`KU$n{}tXU<^AyF1~F5$%&qxZpO*up2A;E%#6k>7^)pF3Y%=zKX&p zD~R2X&7ov{xOXUv{F#!n)9%tcwb1uLLhO27>JY;Tiis+%WGJmf zl~!1Dfjym?RJq$peSzlI8EwGz?ERLVXS4W%#lw8T>m_*oDo*F{HwwNr^E#(fHn5wt zl5cQSb5ci6ku>tvjdb0oh$fhwhwPJP&ztO@tkd0*F1x#G$Zr#p*k*c_oz>8U-E&+G z-eR8QT1^?|Bk?T2Ei|7J^0|hWQh(W>xPW*33z3%=fu|U4_nT0Z?Ddnh<(gLZa30p3 zd&NlNE|Btt+^Jf(B2MCPfR0+9YC19hcPRf`@KkCHkR<3@c*E=R^$~XHy4;BdrDMbA zu7OIURhMAXN%t;KOR*8s3kIR0ETy6>rJtzMPnOb8rZ>ukelnGQGL(Mg&Fb}Sj*>Y1F7Ce%ph!LKvz5eU$B8w*WbQwcR{AHCeZ#_8!Mqc7R%vGm0015 zH#=8xGE3ae#OG+6tkQgUC(2Vn%!6pj)7c|AoIR4=c-o{-qj~DZ(*_`ln9peq?y`uJ zk<*73k^lY5NZ`j&>iBLVcP^*Egii>pymN+Mm^;vJ?j^mWEweFN9)e>~=X6iYYtg^$JH`{;W#6y1;dXM3^o6{0vi&4%{yLgk+-U8(!Ia?;3| zcZTbXd+u;vn0VUjv?-G(I1A2j|T zTS&{xRc2}FE4fO~xzL(iZGVX@**9T_G6t4A``zo@-|`=>61OsKlm{o&W@iHzUT3jM z*l_N1X`AzrVk8%tALJxWg#8Kr-AwL^G;Chtjz0y0=PoUsd>`ooO6&4&UOscLK4oN& zJoes1%;-c6=M%7f6RCSD%y3d)Pdee#)X*I(R~&y5;wrfewK0qn`IL!-3162xe`m!! zDD62;Nj>F3#)%Uga-OOyQ1T}rxH2!(GvA1m6Te1 z!67`XyVMeS)yFI6jgrf7BV~~KJwoXOO4_-X`m%q#6EjR2ZTB))8FemmmtePW@_nY@ zDN2b2LdK|tkW;8#^_=J5a>mm?+v%U?yg^TG%9%~6ZEzAQD^&Bd;S2VARU<=KFJXj@ uMnirT=OD*&D)c9u0KJ+MpwBQPKIc5md@3h9UnE7h5U$i#d?eA1&i?}TW*Yq_p2oCo+qN<7X-(UrSPv>|Lp3uS&A2 zD$X(@A^;%3PckG2ApDp2sr;1xKl!ipf0O7RVG#fT$mfUA{)id41^7}_R!07Z)c^p9 zZvX(J&GN(8l&HL-AOL_|@xz}1fM2wE9ODNv@^p*<0BXUHpUjVRj32z?^euI5e%Qm0 zT>=0A{D=6@uVsBF2YdhkJ>ql+hRQv!V8)M5Kb^-u^#sdIQ16eVoOvbwQKfbsg zKQ<8mD|llISEC;m008jp0svNEWiGC!CWg8O0Dy+cj}7a80%Jx&QE3w>^- zYiany=zm!L&$aNQRxqmBSlc`Nu!SGLs-OB|<1^Z_ZR`wxd<}lu2l($kv@#G?rn&%u z_6h^}@B;ufnO-xbVmi#20xeSfa3N(T$P-GvSI8Pxv->C>Ub#Rbo1jGifD4d90!RXp zC+eUzXQIR%Mt-AZ^zu;e-Tq3GrStO|rh&z}RiyDAYyT4d_h%+=Bd4cTciDIQb=SLA znFOu4%&9ph`7>MBqkneEd`+m3$mwQ2_+Q-e=xu`EM<}f{&t#k1w%@&;lbKC_omejoKVO5e}!quaB@E$(~m=^D; zreS3Qk8?j^+zT?Tzx%t4mRD7;?YFkJs$K6prMjwLir%~q*Y}%0WL~vzx{>&_oio&3 zns3kbg{DjEw~CzW;$=?i&#G|GO0~}Nt78sYLiR? zAr(p<*Gi-yO~RYZ(wojhqRvvLPW-A)%EA=#7(r3w6c`2<^H>|tO<$!{u9;cRtgcGI zmwBX=UW?Q~i=+cJtO4p$37n2KSh_~KO}&46M@*@1$!k}L70vwGbSY)MBxpUCkW1q= zijvwC9bPMgQuHG8=UwI_-kZ(pv}Pb1?l`FE1s)_$R*Iw^AX4mb2(%d3W(Mgx*C#<+ z75^$ywB*8-G~fL#-{=9x)d8Wq0pi=zBIttD0;%?A>q*bSJAngBbAkc(?}c}RBY_3! z?}ea8j0j@eM4tpO^-|NP-*f2Drhp&$gX$2d{6g(lmCz8;kk%NCQu1ffp-}<%61sZc ziQXZ`;sc%XrMf6aPe{Yu)Cs~jW{~xrs<*Q}V^d!}k#-!mg}WEykpj6wvZ#zb!(YTG zBWeR`&a5xiA=NR`MWxCP6QqnvW4`!xLAvtn2(n^P^ml(kn|X_S=9h+a!8v3V*X%29 zCfv+x#=ZKGPNTVBTklA2x}vYCK)dR>KubVhiOQ6M2vvcc>ox zAbi+j33pLlS{Ro?!@t-$~4^|UCb2Sx5V&LS0&uOzrAB)Qcr0^_RW63H8&0u zibGZ_OMcr-E7-v1ID}{gujWP?bEj3z*9x$OTsnBlxeROzu%_5$eUR?*BbBC27{QGd z3u)jb72e|@p2 zuDv=)Bj6*;6x~Lqd-FNKUrfUTo2PZ5mzITBsOH}_G!(dIk7yyaTGAV9f}`KcZBT( zFT1vpt0*WHdQMv7+{)Ix3;*P}CmrmFdM?;6iYp_gZt}a{__hYS3F3GUAB)>Y-Z2B8 zNC;xLK6W(f>erldEh}%xI)~A)&h?^d%{OZ5$Uv@-MdVa4sW&CD_cL8@`i9&w%77;92tb31zpY?m9gdysYFd_gdI4LMxFB z!;rHq>{5$=JzGim;zmN z7XOAbTh3jtZlwbRSL2KJ0#L2j{Ga`0i*My>C7=zJDvM}>TAq%HiHV48NM5G@(!I9P z(Wcr^uHhCAbfiDh4ZHN-K#Hqsws)CiVVm8BRNZywrFDd>Try1wJH;V##DwI-Iy~gVPwPuPPh=s zqy%S`Bc)m9Sr`Rt$>4m5v7H!jd6ZV8;`_oPV7%g%cIw|XTp?5i<1l8_fj5+ly`STg z4Oace!1IDr^jSN{D8*F*^Kd71jewniiB8}^b;x-aGp!~Q&3Ym`#IlHnrh>MH@056U zd7aqh@kfBCR?=~bL>Er6g0|7>^0V#C&}E3DdTrm`(Nu?v+C)f2U)qe1+aWbo8!ItZ z*am|+rn(E`W`l#hLxY9`f+pX@UpahTssZhp_=jO zwDeImt$grq`CQs9Ub8)*MdC)rlI**N z(p4ia=%;Ulcfk&u8R+m@e4R&+s_zY>7>6;o3_Uvres7JVz3`fwh+AzqM!AiC?W9g| zL}$WWl?i7-SZjChktjok=x03T)7daJo58BTv}{*5+2hyAOxY5ZpN&?=&<|KyF`vua zp>~Vo}JePEX z-iOE?Cp#9tx2(Tu_;v7kPli4^t#M%7ZmM4G_;l{#I>li;)i{TCy}#5>dm}d;DP_B7 zx2tvUZ@fTW7ze`Xfer)?a##mLt|4aotNn^gUXgtL+j3r=!9M7fd|!UH+;re+lEu{; zo*kn72XQG)sDk9bC9?zt^MyAIoRt_~aStd3V1 z%6Ni%-0RPMg~T=2MRWvZwN^4dpWQk_I?Z<6o>=(uYLpxA(w?A3e#u?>ElmsJHmOGB zHA+=49K`ZoaKL%a4>5Ee3`ofF;$B+EP=?5KY1N?Q*HD9-QM@h5M6Y^chXr8&h2( z@13g0{F<9Ku38Lf;O&UN_Xu)aQYj>qaI%FP&p0C680w^)t_>EVW}HTlw$*6G>;l}9 z#$kO*Gfe%yvbQbUn%)z?vboh7)yt)PmbWcv`BTL|O&*GZh;fi4{J|G_&4JeFF>rtH}vxz4L0qcH$9;dwW=Ayw{&ydc$YN8a4#$=M{E12&5891 zC)Smh ze_-cUF}pOD`e`q`K|9c|r|b&*@Mu)gm0?|_LS3}?(v?^aEBjf`D3TOBu{N2?yQY64 z6^&kL3r)Lr(P7SNSMt31ohK&GmT~&CgQc5JI1LVcrygORykJPTAd=aL*DPEK>}UEN zrs0d$I+@k)D#kI_wK{TpR#9TZEe2eg84O0}N{D8x{$Z;IskkG?gLB5k&?sb7;TWNb zp4c@Xot3Ig*MzUJbd&a5hd~^@uJ1vYc86CZ_bqmOE+X7JdzZEjdYRFcs28skEuO`6 zHPez8aCsY@^c*_x=M64%-nR-DZgk~SbNL@V!$?mw`fI%UO`D;>=LRaM$pgZ-(7ee> zuCNK_p0x8_XkC=J4BzLw>S9nj%ZO@VuSMCu2%Z}k9d_*O)v2bJc*K&DCTZ3@*-ry# zgF-gj6(Rfl)Z!C&lQxbjAr}C}!o3-;S4Omz>yI6t!b6m7WU%e$iF(ATsD|zQxEF*E zULU>zDR#`}9i_n~=RK|PGH=Z7kY9{rgVc=DF4#Hmb0-jhZ>~C@zdiwl<}`V{@L|Q= zOR5QNQ#D&}V*MkdoH2H__q*&I02}Toq$sq6X#P4tF{mSu$GbdGdZB;h1$z3qT$!Um z<$A1{-&%dTjbC`sG$NOY6PkpV9w0PA=B<;KzK+roh~G?{#B>d zA&Q-1Kt7sW*o@e-)jYs3nTD>>1rJ{gpCqZ&+GfA4a`Y*`cg z-y0?yRpnZ`MM8Za`8}mn-2=SE7~C4iajZ&zGEmgIy5iSh@}m1-=GJ1NH`gDt&#plS zI*D&|(FHFx%eWWpfA8+G{Bc|wuiZf1TVtr-`o zqWsitDHpnQwOgvYq)!sdCJzy#Yv2V+@+JZb3Zti}cWUiSV=*te9Tf-^o;!B^d;g#^ zche{L<_|^amN=KGZI{7N)P?mRO^twnYJ2SL4+c|hmMTQwR+>)!+N0taWqTPBDJ5Qq zqnV^GuU~NZA2Eza)Nw2*+~ay!4!~h07=`ttm_2dB+Cx(1H@@UK zn61aJLu(C+9J15LookLQ^?~oOaDCX3Nq15eHJy z=P0q1@X16LY>?c8dJ@q<~ZcXNM1K4uAp;;rWXy%vb`ovyNxRkRQGA z_gWwX%3R@mM6HKukEra4!7zn@X7ur6x5McmuvWiOdiVm^9*lI87Q5o?J;qb^j6QW0_vT&;5g#3-lS9jnol$)RV6Zp*lsMSlHtTjb zY-E0D2?S9ESJUS{F^g#6Hu#9kJKVdu8pS5+(`ii=A&7naEsx9y5pLV*DI6p_=Hb;|{`Btu-RXkI?Qmx6f>Khgt=>`oTlMi)g^M zHD(A!5KI}e+yNDlf0wzM7bW=d=L9Pd}|296qs$4 z^UZ6Q%j_MY*^Up*uRaCUZGHHuf@RsZ@7PF%{=BJ9#%-1_K|ih{PEqGQ=o4h)gXZco zi8b7CLJy-}Wr#Y7L49z7(YF3CFrQzx(t7sb^m&%{KsDv3{YU1UH?q=xc3|U*U*+6w zQVer?K@HR-ZQRnV zQ}zBt@NXmBo?J($OfAxW3O{aqiU5MW3BK;P{DL^WQ(e)Ve}ZNG}n@yW2!>B zuJ{)JUz+;4_j1-|z5z`&Uud;iOw|4tZ{aMphzpqLJ(7+H;Mm|8rR%{}O-d4x8<^7(QDfU22r~fu8B5CBhm>z3T%IltxAUG~+oXcOa9b1AZ z=KyqGc+Od(f*G;`1^wyD7Zm_Pn|C+sq-ps<*`^QtQ;M3cTqWv#(gsxqGe_ z?Vr$$Q4#9Wm6^MYqv!VcM512`tacI@c-sVQ-G%SbIXZ^{6y{k@qZe&u9IS zGQU?rq^TtOW?xw6jvrXy*H%ZQ8vc4+ zJ_iap%P*e^jYb~>@QDsaVnLX&oRD@MX>*3P=O5Vw&>~v4W&_TdYZ^ zs~iq;S9NN4WHLX;;l8-rxd+p_kQr(4Oov%1xXy>!X@Ea8LmxZRUq+Jp#g&5xE?ae@ zEPT}?O~J;(MeIE088M{E2Kotd{RYNflq$PONsVJLw$?yG&T-1DA(i3o7M?hmpSbJm z7$NE==;#>g=$z?=>FDU(1kFU)LW@LjLi6`b0KhN!Cm{9%+=Aa3*y+hXjP$e~ve8Pc z5c-Wl!GcEdIfm%|%KIb$gD?Rq%b^T@>N6YzvDpF#fX_VZHg$gLuX95iTNbZ2Wv-T7 zK548sS%NlRvU4=@VdM3M>_{UJY*1iMiInj#Jk}+Y%%P9{=0VYd-$L9%-N4wuu)@;98d1OqEeP=hb+$VpzTT#8J+RY&)xyj$J!jIHQP} z!8}_4U#vk-gUr|qpB~9LX9A@`LwKg9+&biFKSGD;hBR6Jvbb5kT%Q|6lPyARza7-yMHZzrB4-z$oyMLHeM+GkZVEzbyrr z1$o546{3N}(8_p=)FZldTHhnC$lr?S>FF&EKl*xZwBe}vuD{vvzqh}wzgYx403H2Q za{oO$Din|1_J?3`B(6Hywt%lHJUj~tnxCb^=AIlsc^MNO-ZQhfL9)RV-nzNfV8vS3 zPurUqKy&~ZAQLf(1WM|1=t#E`buz0;1Bq&H_db}iTwHGJPS{Ee<@{`1WB&y9+AT1O z47Lx$ay9p~m0FEoJEy`}kOR1O-`->Mak#=ml$D8svxiu3HB~nw^~WTO9g>xE&aOhL z!#*jw5vU1~V+#j_%H@DzLM_FVnhhPfYUA0XESoTGD^x2*+-)!H7UB0E7XBeGU{#20 zlzU#y^NvNYN@!d$U^>oPZM9#U*^52paEO1&Vhoy@ocOZm($7;|I;H+=su?x7pBM6KQJXid z|I6UfYugne4_Q3L#jFR(pShcBhR)ICwAZ$OS29YK7~?!&G_DU8^@kg=BVk{~gzrdh zwNjrgEOUGxf=NzRP)7&c)s)*1u76 z&GuJ!ASqZJ>zTEXdz~U0Grh8znt!Fw;(nB&s&I8tl z*L&!1$w-Rr={S$F>RxTu3&|W)u$3Y#+Uc|nL=NyQ;i>cvO1s_z9zry!Eh@Xw15ZNB z_~-DCUd*|HmzP0?9L`14a}@j7|C#v*@;8n=!5x@ z-9FddJ@iE|7aHFlieN79wrykQV%npu`p5OlOhTf@U+xV6HMaj}G8~p_m>k3fHJF zWS{e=hG^{FY^9U^>yQ@9aqE{eSH58co+A|mtXlj?@h9_uzY;HN8nCY^R&X=R?7BEAKS)wq*v^0-Hy5EI}QmK)2_fr$$n>it>5MZE`>@#lx?QkSQw&SfrnW0yeSS#9ZWdo zGZlJrCQAck1A3p!xaUC2zVtqMH%w2rdA(p-lkAO=rI&`A1y~o}Wj7lKP(%I%cIbrB z1du5qp@c!?x*?1~B|3VfW$1Z91ZU`ZzT#;ndLgJmCi)?;q-J^H1a9bg(FEM0-_!Hl zI^-s1ViX2u1F5ia-W6krB4fSyCvQ=+NN25$`O;t)6`EZ<=m!r@y-%w%p&%-1Z*MPdlHpYQBt| zl7ty;jJ;;_Ha4f;r^~;eartv#0N=?IAfPCWB9IWi6ae&#F~s7D3qD85 zJh2}1r6f#gRgJq)lVtg~?u^|o;}Bn~6~BOa0dvFB^0|n2BKhDXe!>_efTvUtL9llU zHPJSWDhcJnB2%wHq)FqrvMA66d*s{H*%Ig--&;*Ct5#EP$ru8z;D^$${VgxZZ+GZW--G)4>d0~0^{LzgQ zWlF6H=__us$$Cx01S+@;1;r5pZH=|rdhCpX1ew~Fh-7OfZnS}UK(3U9FTSEw{BFA0 zqPtDhv`p&w{&bDh@Rs#1Hz+90MM!940;(sq~s#P}b1X-4Io}N?>HrC|DFk z3M77(LNW9c2DN--#HP0dZ5gxKZGgB*OF6PG2`4d+i;dwc6TXL`m0`zgNW_A?*KWf_ zhFoGf98^zHC8m%S9oo2iTIu6! z;6NIjoi8m*AklHzJ(7eNp59N)(az{(&Kd|Lz{?HLDdRmeHe>Zvwtn)`weU+(QF{oe z$W#5YphCSlw{{&b98cE%xJ&Ln`Mf5(x7KjE=TcqSa{i{$eh3=`&C*{XIG`n!+`R=1 zynZLb`{N8LVTAgXARY)v7Hf`VZcb)yitIiDyXbG31cbtxT{J>UNxE|*fQN5sk@q6) zrQo{Xr(bt_T&x@>(<|V$c)WrDqg}!5I{{68Sgm-#18Afwj7=zYI%{Fc#TXM^YHP>P zWIF4h<$)mp3O2hJqK^YEC8mf@ z;yV>()e3*4U0NqoM$iCg1T7ZNIFuD2s^#!7c|wGDy-pZ9?W8frqi!@Mi6%-Zz!N4| zHPgugdMJ=Azas@D9m5>5P;cXvoh>!DZ+RJ}EC@D#j3QPv*{(u5BK$VW;88OPy-Vin zb1*jk#1}AlHG`L&{snc2QzXT*TyrfNz!mgQSULHqW)U%Yprjp4J)ssR-S&s z;>&E6F>oF-Hp`IJ=I*U9|BP6$-|)m4@&PLKlq)`1BSq?0l#iR3lQ*Am1d+|Niw<;C%?BZ9~Pg%ba4pUdGJm~k$J zC@Dd*fU$|a8tBwizLGPXgv`&#Sd;0XKYm&%+27Be7Z!Gh(|{XMDoSqdJzEY+1Hp=# zomhN5fR8&0d5#HC;BrI8n7$9*$4)F!sC=osjP8oJ-7pTF>!{vFn?5?AYs{k)m=Hb~ zMkHJUB`jl}0K2vY+lJD3Hs3{xS`DKV8vH{RD61j77d9jezeRl1nRfQ(wL`0W`MZhCMG@naA<0$0TNS(k@Du|f>)6#jQ!XXHNz0wG z2hKa@fpH6haH`=o5v}5ij(k|1LPl+_lY@=-!C(Z*?s8^IdPcr2Cnq~Y?90+<{d|9J z4Vl^|pT|74mmS3(s|xS%v~rA{I(#{_+^(Ik59$uO+@YyvKX6`D*D;e!JCixBUSX86 z_KW{oC>>u9Zt00ZwV;S0EN`@dooh^S zBbVFOgNK_v{l5dnT&(e#l5E*}c4awJAiR1)Sy&{#LrTY5b5LQAq^WV%z`w7Pcnsn*&5NmrQtL2|BMFyj8KkL*IwPok;LcnRj}NsH zzHF~hn^Zx&E1s8y`*-}yDoQ>!2$GRxQEVBfi!79eW%$aguT`0trm0c0IhdSmr?bNK z_ry_$v|R5FsD=laNb90pfMtD$?-uY+YSveBsfU}P3{$1cq4(IMv8d#vV|>rdvR=v` z&lK`RASHYyrtO@2fg7T@X{V;^6J*=Ll(NXW>Pa=gX{K>?M+Bp1Rpa;+V)-^o$Px1y zP@xW9eCK|1!iSbn@)Ki?E-aVnvK-upb?oV8g%DPg%jE3R;c)bwS9XE9#D=&n1x!}c zDTqoMX^S_8D6B{z9E{(pA<4a07B#zvf^yTp&YUr4-Y$oo=LPPy+~u>{^^+kn7hv(?^sD^{#y zzdZYM2R!t9rZ-iHj_m$9?YVn5@@TlH?pm6PYM20SnD1|lSjgblGbzRtG5J`WsUb!& z1tXOjOv~ZayAMI7d@CYJisohap)8BfkcAKqS2t+}41LCI#{xpF-~1_u@RM9>VDE2v zT}Q_Bs*p&99-g;5TT>Tw zZ3}Q(@3p3rMlCK4(LoZJ>ClivGbQp`1d8jDo)312F_* zNglq;UTtT-19-4}hdndJ+MXvfzTmh$8Ltqj*;v=zxqTk+)$7aJ*i3v-J~75}%M%V; z(3K**s3hbFJ%oT6Q}F|KL5UF;CT2smdB$dX{Vi$sKN-}`b&`QI;3e!?_B~hSK1`tw&?%1}F*%6&x zipRaU@8Jzd(o%1U(yC<63m9cGJar9i7iSX&bAx!Nsq!!IiCX<+pZ~(JG?YLZ~Vww}Q%)*)y-mi>C6u6^yPVsqtzG z^MdyS7+__K+lG&~Y(V);hI}S~cSS{5FjYmWJIq(Ow^Uv2s)_jEVc?K(cu7F}{H*m! z$>?=g485}_C-}hsEqp%O2ASSFFGxS~E$WyyuLxa)SMk0#ERXlDcL{Qe#;OAQ^iRUZ9LVOm!})ZMF6w$& zTzK}5;+l}zXTM^_8xpzio^)Q5^Z#x#f^QUwlR`oF%pr&aY+r`3C;K_|yH>I3xad`p2O z?`>s5=on`#VxwIvhP29A7!pq(6DhL+-VxK@0RTyk?V-(>uebvS&t zT67NVa2nc`%sKbfQG_WJLfyXC%`pa?k-L9+l4ciVmFyH&u3!nsqpkiLCfOW1Sp#_K z>hvaGU^3Cr%?F<7XPaBg&CH0~X2?!$g8Ts!Lgl%8wRdHTJ{%)1yrup;LspB zdXOiS>dcj{sSKJOs}N9F#}Yh(6nZJH)evX$%3++rI_h$4z@bM-ttOkB2XZrM6Wuz!8!Z@{Al=T z5hZdDJ*akkr0KA)+xuj0YEp5%9Zot2ywhW#)ddZCf zT$^v(h6fEy9QCb}P$rmSW8GMcc}{6*X<_ML8}_!GGIepHc?UkPS#@>wWt3j&=bvT+ z4zZ26;~d&p|C&aJtJ=OU@QBaDC(wf;VbE0AtdSnT#z1Pr6lz}D^nM%(S)0qhHYIho z+s+r3wKVJT?3tA)ToD|el9pnNIiDS%9LUsQ@@=J7IlX@dp%nbUs<8(gQv;XW#d&!N z$c_w>Cen9?fh_7Y-HDmLrFvGp&Zfq}*6P!}AO_*}4DBt@E2}!csgtA-J(iAy1C?^i z*msrwZ5uc+f^F+1R?H&)>+3@y4{d6ki4{TBp4JYPwOGbQBZc)Yq zx=Yh2dS}odnC(P@M64?EkV(A*YI%FjBkEgoW~*i@jIC+HAwGKV*07~Awrsxp*JnSf zJ;EK3yJ>PyNZ$d0UA=NZ!DuVXS>8b(kRCt9D|vBOB^VIDWMqvY5!|^)1)|Heh)cQ+ z2O~l=o*B^WOyXINUu=3d5%Tgzuu4i!;e^Mn<3;3)q5+L6QiX+cI5}M3{M*CEya)}i*u@p3{FP%*IfU1wFs%&w8~AaV(FDwkFmAB!U(q_ zmtR}I?t3*xAxb$^IRz=@NjM&(2Ribrp2JG#>ajN=e$PR~$Lw(JxGY@98^EtiaTbms z7B(~{ z@Dvz+r3bweOG-?D%7Tg0uC}Bohj2Bg$QQ0iQ8m}&BHRR~*8zv$dQp9aYt%tr?fZMF z3#6)&YWzLxeSsf%fg}Lniz&tI`$tr#tYpX`LW+Uas>P7>>U43n!PNBpla(iR%f0AX zYyb9PRV$8Wzch5vdCJqR4&SK`<~u8(dTXAiIpd2DE$r+qPi;g05txEMKsev-L<Yz!z_ zj3^e?=M*Tcrh)v)q4;$Xq-1Vk*%e&Q1Z#`RstQf*WYHe)Uf@3R8NfS`WTTc?^GI!qU5R_Yve3`#mn4e94Q3f*&ZM_uZu zmbN_KT5h%BXuSF4)VSxCjK)q%D$8^;q;|1eUxkefUJq;yPY+IhC%?=}okjs!s<}-V z=uIS8+i_XE7(|W6B`x*rno%G``!iAbh%*!o%Vcdt=L03Lw-tMT_4p2+E-spiZFt@t zYzk>Q--L%YTVsf&NaJxj98Gv_e$5j{pCM@8M90K9`Z0*^QHn)(L-i$~=T{(q@OG=k zaeUUNswAyn(%OQL+kN&)16*PLt&ndN_nP3NH*w{`VoPo&)^f9Xf9&*P zr9C-BUO1x%ZxwqLxw;>!Tso#TU&og@J6LIRb@V7tdE9?BZ+jW+*qA%N=Z^!0S5wK( zr5SgAB-ICFIk9GKbiTJRe$xr~soDm_s;Cqn>V1>mo?*h>_Lav*n(HHc1o4!@WMx& zK0&077aB1luj5T)F89;|ieE78vg!ZCdkt}4uKJp?(K1rX&F{jX4XO%o7tzm6M*|6CmatUdbf6US@XBohZAvAP(!k>w6J)Khl)aT3G(aJ&SCEs)`#5C#N z4x3?CLQ5N&puC8aaapON%(o!fGbzH6A zF!RerQe3{Mi*XxoN%hVAz39#?J#%*~toKVilJbCp@?D5~YiVhF+v$}JGR5lDies&A_Yi5j^w0xN`!oFP$b*xoZ{vTZr2-VeT@5tZG zb<53d@N+2n&}bnGgE}Y5xR>9Qeq?HHA?|J%`fT^_sac03C0zz(|8%YsDhJSo9YMLH zWId0Vb+8GRiXupT-N&8UUkebt3(xQFZNzbrxWJPCwe-&}@4!a4Zrc2Q{vg)BDA$|D zBitaUd2|ZusQHSHsMWrQDs}3Tc9s}`x!C`}#n=~ZMd^D%cw`nO)Zuu0Bkz9DT`2mL zCg+Qm!yW#2*NGh5M1!*{dY!xtlN{5xfNi#dng1;rQOi~s`KK}J+5zuw4zPu$W4>G5-zgb1sS#27| zopRt18AYR|gJSdP`U>}Hc+Su5qWf_9DAxBC!(eiPf8CCWH0(OKv1Y#zM~ePhqqkHx zt!l~EYI&YW^*1-3uA;%^Y-p)zYQkSnIhM{~Kjv-^!rKX42=M|X%Sd9`rJ`PRBUl`p zR93qdZ~rtrzI!y4JZeNcB;PTmNUr9U-EtT!o&3EcRmv;O^JZT-$i zbO;rW<xM?8!Oq2lOD)ofZ{qCx)>UOK1Y>FhvV@BQ6>C(jfe6`X4@@n9n@*k1A zx0%734|mcN+ zW@1SewPtCq-yWsW)zZ||VskPB{P!|(2X%2TK@VOE7EWf)CbARRcsgpXnvx70P|(F)o$E1d&Amf>SOp{+;=% zQ`?leXF-Sj;oGwHwlx`8QIADPa3z#z5L!(uztSooLi?KYr$1U_`?3XF&~wIwKmT{{ zuV(C*ceI^G6(X82Gvtr9{hlwZAaUSigt0PqwNB+qRwqrz*Bzf+5N%o}@rulADoqB0 z%4_^!xS->As_mz>MUgE3lP>K@q3?Rb+Fh;TQu8#~wO8Z^8+`GPx6{bZi0%mVq;t_pq2^3jequ zY)PPDWP2sBXo^Dbn}w;x)4dY8YfIdeO)hyY-0V#B50$O0&-!usO&gEvg9V`WMa&fj zMxJCYt_`+3|39e4;L)@ZuoX7=%+OQUzxXCCn7dhJK?X*7uH}IUB#Gh2)4qa3rHC(S9eoYuBoq4>Hx+|ky*ld-w&!@WFg=9O;C?UkR z5T8r^CNASwx;=QpAmt*5K`=2?ViXd$9{aNAy!m~J_adsW4!*C?wLx_Ilqx}KFM`sE zgD35w=VHFEz>yGJgy0D&WiP#?=-n~*Uw5>xYS@Z5ORTGYf+<793`f!S3elg1N0fkp zgrzk6Jzx2kXj#yQI7jxT|N78-`+jvAsnjJAXYIB1%o7f+kUTw z`C>&z0|s_!|0nkifa2d-tzH2p6dFq2)zPRVqs)Gl7prM;8tk=!h{OLw&%15b=L(lP z>WUpj%KHm6UP6)Jt-wIyvei8! zyDFS3X+e`kws)ft6*ws^CaKDxEtI$q9!Pwz39e75`EmF3M1vMRro7-j^kc_Zu)HH+FRxu7{H(AP)VN1IV1tLw8rf7WSZhO#`?ebzY!5!O%>c$k0 zK*D6oHcK{@5zGF^M-nfCam(9 z%WFbkho;FQ#Gzw@kW@^x`%p3(6gl~9Q@<_CHW-7Sk$`lh3CsdZeu2zkI74l$ka8AQ zkhl#%GUzyQuoPF~EQv;(haFTCCDTZp`IqUODO&GIwMvwi5RtC$@?T=> ze&H#v!7vl;s7Kq=+K*E^lW-J2g&q81k+rEMj6y1JL-0Eu$Dop=0$>_Sa#GSkJFld3 zhPX)J)Yep2DM=hZCUG*!3%hm_M@}kOHzaXLB*1tk7);^pcv)>zYsXr+sv??Y&FTs_ zb$T9c3hrvE3zh7HP~r#Z)?2h~P=F?Suv%})FRL#0WdzF`>YptIYpJ{2k{Kw>FFatw zv3YT9F&vwSb5KrQ3z7yvCBZVGK~!oQiX5}y|CLZjB+bqzlK1xX^!Imn_qQ}Ow6ruf zw%h^PiT{M&ZIhGR=(6_>V9o!)K;J=uy=%o4aPaerC#iHjF>uAFoP?`+lJ;wm@X?be zj~&Bn<-mcJmHqoyGT-;)lkcM|_wk1xew;1_tbj50?^HKJIend)Z-(Q_de0=0C?wM- zsu7D6{dYGM%-89nt4@(6XWicNcB9iWSjB)*u;V{)BreLsVs?|Wl=zoZup7jG#2*mi zzm0F)15~PEBfvz{+uk;{ux)&|I#+XS=fa_}x1B46p#2q)qM&?(iv*r)&o9nvy zuEQX3^&ylVFH+S5S@6LCmsD!tlF7*NHJ&m82~I!}?1_!0AQeHN9q6x6%BGa_9bQvO zfWM^C3yZtEo7zVsJDO&Wm~(TMwhir?8VQAZhbM>HXV7g~?cwL=M`GJEKsCFiep_g3 zZ%*gnRNs~n*S3z{(Jf8c?ftX|g7{(=l|v>vAtoEpausZbVugbUyKks5APkx?2fa3| zF{p>IDO^-!ih5D?+3#>CJ_K9*cOEgaNC=dHPrE%R^p% zzMD%tGlS*^=ZK~X4lC!xET^Ego94>H2+ia71w^@pGEEBVOZYly#o!7`+AvPh?2fv~ zV*3j|SJs~K$V3$^Z#~nJ>w&$A_qYHWZ-BSf&9}7ftUqt)@2ecI-@0on?8{C3!aO8b zhru6kP4ihfozOy>lj%jBIbj^o>QOH<#;#JjCjt`X1!VyrsZq>t>Nb|QIKsj+Nzbit zYELaRd@|(98EzZeRjHF2w}%%G9a}v1=Gc+`E#sA;vAT)nr7?c~v?1Iw_qJ(YSHnc; z@cjIt_dd1u@KEAHcq|kit6CZxS(Z`z@Di;oS!#ek{Y)|O(^xH&Wm>GlT(xPq)*CUS zNdzyQxG^i=aKnkj00MSzPJH!qpMut#bD6{%QDR7>88~! zTUMK9;_bZ$=Z1Ie7^bUvuC{irxoIwpul)RMyk%Ps4f7+1Rx)|>&hX-OZ(g3d0yB{n)u^Q}bl#(2n^-uBEZj#qd}Ku04bGBaFdP>U03c6yBAi z^mIlLbQL5*1tdjD59`-o<=;V_6ks1>4A=EN>>ENKe*n%iQ*+nZ?L}WrTryQuSB{m2>YKvahOW-Y*zN(alXT0*zMJ7Ll5SL+ zl#*_8E(T3IMaC)Bk$RI}mT@GFg^a@rE|hUzgzR{=T4)||e)$E@$R6OHbBC|H4$c0= ztDo{1t3FL5)q{aOh%;p%?=S-sY7At^{V}26;Hs*v9#z|eE^cY@6m;eAhZD!3yaIEr zdV5Bdi}Hk^0XxoaDcc=02K-6gf(b+5l&^DOzAm2ub+R)}!zc#PD97AfUP=XRzE6dD zxNJEZK`N-625nB`$Jf_D---pjzN-F)x~?ooMzku_SX-T&TUu395e(}bnVlhizPZX@ zlfhMWf!fyU3PZ5Gx-3{>tM-*t28uERAu(e^IAa$#&KONr2T7>TE5<;^HD~N1&6vI7 z%8V7@OxN&V%C>+({~BAMJ7o)WCU;y0rau0=I}Vnvw&iHOdcjW7A+iP1*XydbKzB-d z^svG7g~<3nU5H=4!9ozH;H)+Ci?8LBbS9Cc4kEa71E&zJ@cNtrpWDDHz^b4NE@E#^ z=88F-HcPf4LrcIcy~w}qH5nn(S`H3vFsMb$K{ObQIvm0JuuU6{I`F%<3|WUu%Z6;j zRq->rGkq$Ts`sq+OdMX=pR+F(+n2My*;?u>aSz^l>!7>DS!!j#yz8HULF`dtj+m8; ziY@9%cpQ?G`P$Z{us%P+qAE6GE=(hdFWCb&&LO@p3dFvUS$GGHT&36ogbl(IWw zG-gwd4sMg*vyF83eV~Uzc;vtNUB53a@f4Pp;)5lH^j=s(GIwzO&+Jb4JqxlgvMl&4 zXxJCC7|VD+gO9;y33SPT)vVvk?qCsSrE>)JB36}wo;B;`kZw~^swzaiMyOZXPo$xg z?vL7h9&=uRb4`}PXwHfho`QN%_;5IUM8Z6c2HT%HdmlRUF6=gz_O z<;O8sZK8|%=~!Q2XW`E{izbQz5vKviekAEgDic0UGT4Nxa@G8|gwSx4cZ^mH`^gp^ zzMyoGc;)W96VJ#Nv#6rYV}<0M8Zx;q+n6P3nNGWuqv1>~aRH7dxC4za8B`%?1IrT* zoqXz6>W5J2S`4US%tu`HVR41EbYZ(!8-_1={^9|T%kvq$?l|W;cW3a^_k8Gkg+t zkCl1oJP5Oi$}VJ;rUIs-C6rGWm=MP)DkZiy8)G()tuQZ__EylII%7bKLL%vN;Xd22 zx-fEJVV65T;om;^oZXrKNp6zoou8i@9$$5xz1J4*tLqy6%dF=vKZKts6qc@!!55Ja z^vpw*ga!FllYDYrYVis2sM@JkCSWw_&w31nZkNR@rb4@E8*teK4cq8+4H=Z^eOdHq z%-(%q=Sq@HTWq~`QkLngmz<^OrY9Tl(qvx+M3Y7 zP=u{K3WpcMZEh5_J+h2t>$k%z>wks!I%BrYLzf>>W0)3RNvPqKlevf@c?N3N{|44T z%f7h23JpoQ*C5Ni^?!tZ=KF8UY%30i2DDLT8`j6ztNia-0bx>HVumSBgGyZ_cNpn% zB6cciTre0h+3=r$F`~ZK;+NBYuSb1Ny*NasP{12)57kxkmX4-qw5bDwwRPpCrR967 zoUM_6t*UX>RQ_wE#Zg`Ma%n`bkCwhnv^a6EXDGCoK}1N^B5Jfuy-N&`CeEcPCa<`} zM@(*o7PCEUll%4tWm=*EnY1VczuwUtjW!E1DoRT$1Ys~+^g0|HsUwDCk{?+$5 zrJJ21@;c4FMc+iY^rU^XxOo>SM;kckSVFwM^}>@+zVNJ58l!KB;=FL2mn^3FV3roD z%R!^Lf+CNih?{kyx^ee)wXW{z(M0r+?&!+JJT3n~+ z=NEFekB@K9;cxxbL+|+Ym}&UMx4!MgArn#6%hsi%;Cj7%>&Ja79ewpjQu%tG`~>&E z@e|yiD288%C;C_d_CekoJpua?zkuRI{`z|A2@U(P@Xo4OH|&6Ku>iYB%Ym;q;X6;Y ztC^nSKB){5?rkM~!S-r2jA`^5eTEM2Q=2tpB{@(<1;gTX^e_IR=-zuD7q9TGFD8E& z1NwIMbNY6&wj^PDq@;k^BxD&DVMW6u_ZH#PkU@_DtHq~&MNiQQUMk@9Sh}euh>%i5 zjNfxlvC=V)lPzEsLC;8<*<=>G%ppQM4n>p>khFCBNm}Yn<}9u+$o00Fa`g2m zBf)?=!^{{6D$XGlud&dSo?v8yg?3c|{br>rb++DU%H|&^aAH^4hI&OD(|8qIP$T9B zSP4cr7E!Z@D2MH^bCo6pdZ3zNl@27Xk`^<7X9DOsEHaITO6$n0)aw;1qP#R1@cT?= zf3eAGG8Y>%^OFhUAhIXYMHbA4q(hOmNCdyMUKzT=7wxA8_ug)vo06odS@Z3CM-Mt3 zj)k82>rLP?Bwm(Ozcc*3>G<}pgO=we=WjjkEGYIAI8WRb@5$-xK5@`l;PK}<4_rSv zB4Txq!ApFaxmXd|DFvXBT)CLM5v6sg{*TIsS7|iToLXd(bmAyf4q_-mURzPbP{qDa z7%2h80!Sv8Oc7jRA40fsmEo6b1J0F0hj%&SyDcu`bVuh>W^Q72ae8_YLFTh_>bu@_ z-CdfwS?G;rHFrRwg!eXQXisb4g7)-Y;=CA}$Z~o-r%2k(rpm?WQPOd4)hm__XLq z2`E%BN=t*zlsJvcfe#p!Xyk^<56bdbwSE>e{njMJG%)|#~ssHHuW8B35$b77V)zR6b;fg$m zU8j+Pnew7GEQXClAoJP)kheDycP@T!-z=d(zMA>FhKsdk-lPHzi zur>u;HZ4ub!-EKtL+wyBd&=g@IlQ%Rs=0o-)46rk>9EfC_f9syY1uioCp_4`e_wd8 zO*K7|-8ZfVZ%$!nW7S9v?AoR3?KO9GsS-cT#-{jozKj0~COWDb+*ye)4Rlu0`)_C^ zy~ssg zSOsqQ4BW*WY<}QYcqj|AnyiI+SamJ5b>!z7l z1|odSJ`WjSj22H8gumK_!~Y8Y&q>d3_ne2fezND zCs1J6#o?5BMwi{1LWk=%K}H>DXlT-1ww9#JNQZrV^~cHoaJynZ|AXtfG+%NX`x4Ip z@_A%SPbO+nSgaFdvCfdinzHo70XBH?j6@thLKocc`a6+r>tc0W&Am*6Hk*c%y=PO` z`~CG?ooI*W6O+(V^bdtUxlkzM3hKC1xmTil)oPo+-p`$Q-}89?=eX*^PYVB`=pX3r zID3|xp`WQ)-@yAaaBiJK@$Zp<1Mmq6Q3rHBZF}lz>r+oz zpMJ^)jZfL0R{oE41lJS%m;CL?JriVMHXhqbJ2eB-=LXPb0rFPHvR(iTc_s%)9%rKg z5t66O4Q-B+a7k@tg`B(Dv{AA*xl-ydczIgp=32PpSNr-XUEKqZ<|lgcUCmAS)7%KZ zrsjCOr>VKQsj;c4k-vSZzi(louYZYS+V_U>SZwRoSZqA;{l)(Ng~h)9MaQ;S`?j%I zY@570hH%CGG7jj9@>dHjIYH`Q9QZE@ry`ll1VxU7ZDH>GS>Dfop7%4T`ps`#Kl>Tu zEY28m-4U8W^0Sri)G*K-#`Lwsft)Wgle9DPaTTc&3%%$ggGyX&SNf1}XLIw9^Im*0 z??2(IxXL%>{_c0V|NifZhs6FKL`3M{!X;)WEIb(k62wKJ{phCitSOE?rj*rzxh{J0w7k}U&9DMaG z9Aum|tjDBN{4v&y^ZroG;J~PLW_1J-ImJuMWYeCiy!{zcwelpirbcY+865^cX#yeG^=b{C@rgP7=G97CqBHi z`(r1zoC)THZt1z{iwE|8?#7)5_Dn^_s{o*EYXg7mx=$ZFac6f=M}O1)zW7>8Z~L1Q zFEqtY9bWt3!Ie*)IsM^S}t2@a<;{c^@Kq=%m)9_>`{ATmGLtZ2gYZ^zTu9x!7a1S%8`PC0&s%I z_jm1vV&6n-Yj}7|;pjkPmw&#e#&0hP&u#1Jp0C@|9cUfsXl$4c7d5Z=E6?`v_?=;1 z&|2#Z)K#Nd7plK}ZqmQH;HmE@Z|-Fxy7?GWx(-QL9H#Az zMx)(mw*{2HRHOEq=%2EpVU<`?6MQr8E?4h?=H>&vFC>0*?AQX@jh8(zS+}#TZD*Zx zWqf=Ejw)-ffX)+bBTI~D#M<*s8-M#YI#KdDOJMJABxp&8o`$k6Y+i`=}k+-{l zY^=YwUvJMIZ=6_MoZ#mt9$8s=WI}#*;$7lidcAE~KQ%cxI2o?UsBK=Fnp$G24WkaR zIyMuVEC#hsY%;W^RMKIFVFr~>y(k==OnLAb8G?zadQg(mkJ7HIt*$IDEg?5Feei~> z41P0oz^u_?^ucSB&kjSR2%RXqap>|u!~{GNuGycz_q6MgmiAX}TwcC$G=fGqS5YRM%ZJ)D;i@yd%dP2?S$-Y2#=t?5p*_msKy`W#W41h>Jkj3^`hOLjeg1UpmEGX7dP*|iaEHxCW9 zw+|1+>e}1u!tL#0xNW$teR#ONZP?LKSJy!oW%ghhkvbQdhT^?xCxA+vi>Q%&&ZmsX zmb?g`h6~^LM&VBjeu~e{C!RpG?_CVQ!F%B@{)^Yi4+3Fw??Ut~p=}wkPp#L%DW+o< z%CK0_Wrscnpd29V_lw}%RqEIwt2vxju3p)$%WLtcD$|SViWp!{ya&$l3vWCo8 zytJ5iz;lrIoH_I0gN(Dc@ojLYTv18*9}XnEMQ{&>*lQQz+J7hEGs&vSuO!PQ`8}Ke zKmr5yR-8Qz|HV};1aX3?#yMNad*4AD{sfdH&- zKSsB;AYbd`H&>#cYb^3thb-nCW0CLw1Ft3m#Q*>R0096100CxZfdPtbUk^O>00RT) z00000(c*R300000(c*jM{<{9P1f2t-0000700IC200000cmZQzWME)k^q-f3f#t-% zUH=PN<^n}f03#y+n@|QzcmZ_L1FU6N6vpxYUZ;MxZQHhu+BSn)L2WZAg4(vNuu*Mu zc;>q&<2x_OFW<^G+~3r@La@DvS&4Unzs8Q{aJ!23z@w_4WB0%uhlgpB`!()G4(A)y zUk54v-^yf(aXz`$tG+T0_i~gkZ1fTBE7>Vm*{(7D8^;~5+?NWwSXn`gJ;eTDrb+N_ zB+W93wg_SZE#%uX93JL2(OJEtu^lR9k1!GJ5xTSYuj-SPA%kk$moYn=J$5=;bu_gr z@eWtcv8N@{6qu7S$qDDCiFNyeTiz zXJ=5NwjTE_x$aBKT#VZ9me1(Y+!9YL>6&|)JLSU=_NM=EST#$`bU zWltI3=rnH^N;bBSTdnS;x8ZT7d6gyaDOzoqYRe|q%cDKS3aNG%(q!orSe8rSIj-S) zu4BV085S}`0st>gxOD&k0000d04D%i0Ga^d0P+Di0gwTq0q6od0(%180}}%q17ZV` z1J48#1SAA!1d#;h1rh}(1v3R&1&IaC1@HzS21*8L2Au}U2HFQA2YCnC2kHnt2&4$L z2^$Gj38e}f3SSDg3l0k|3t0=73*8Iu3?~dq40;Ty49*P&4KfXK4ZjW(4kQkE4!sW- z4|WgY5LFOn5ZMsw5ik*h5#15)5=Rn;615W*6Il~#6W0_h6kQai6$cd(6&)2Q6*Cn+ z6-gD)79SR17QYt{7k?MX7tZx8c`a1 z8qFI98xb2#8(14-8*UqU8`~S^99kTy9QYkb9e^Ft9xxth9-|(v9=RUG9?u^0A0!`8 zABG>1ADkb`AJQNvAaEdiAiE&}AyXk#8Sw#W zaYVl+;aC2PN8ZbmU@ap6cmZU=Gq4y46ac_|-?nYr|7_c~ZFA1{RcG5~Y);HNcG4#O zWLE;P_g4em)-V6XLLn(^h9s;MSl#) zcBsjoQ7zZkl6)*hz6KvjmZ3(0BVsUyT;ei^I83H2Kl@2u4Exeo{`0@7e(|f{{BBB& z#Hc6zE7eopcDX;)saNY0TWymj#~U#g<1V#Mqjb-D!SkN>gu}gLt>s>Jq?OiKv9B$1 zP;w}S!tmNQo}u=*wl!QO7wOebP(1x2=hhv4C;Blt$RO%`@||MoP}n4pO=M59UN&O7 z*Y6KpW}IfCDCQVKQ%YFlFfgz(Xn{BmJl-7kEc$H9EaEJz98jT9HdiKd7ELBuCa@5<(>`Ga0R|oh zP6jrRMoyrZfYUw(2N;BiF*CSqRAKB0jM(7N5wVdu#bu)!h_{QQfq{|5p(8mY0;D7o n2po8PIUHFG*;H91Sy*|rb};^L-N4ejkqKx3Yl;g1)8r_D>oY}x literal 0 HcmV?d00001 diff --git a/fonts/Work_Sans_200.woff2 b/fonts/Work_Sans_200.woff2 new file mode 100644 index 0000000000000000000000000000000000000000..20c68a75c4268754b7d4b7135b61e5f3f390bc3b GIT binary patch literal 21128 zcmV)7K*zs#Pew8T0RR9108)qm5dZ)H0K;$q08%9Y0cK_Z00000000000000000000 z0000QG#lh_9EdIkU;up9cW?W;PC?dHc!Se3)nb-XO9C)_W%E%l~m-Yq?@$e zFwEf}f{Q#nAc~N)GCYikXxZ0nP_CO}YmJg3u}d`e!|G>q%hQzEWJ)q+3RyU6MD^fc z`E}tuDebdZ71wddxy>7s_ZSeRA(s8So-OUSPVlV#RsVab|9Z|w!Y4SZdqtO-mkPfd zw|FQq=GxuTAED;if;*vzI(ZnN__CrELhDgYN5u(X7K!Cvi!#4jL zAP^)#5&~XYh*Y5ZzDZX6a?r!!@@@A>XEv*q12fv>pXKud9dY?U<+ls6Wk<&{6hV?& zseLMm$q-A-dLuzIQ;ficU3$e{k1d(8{9V z795d1`%*2xyPuf>z@wHc<80&|N;EPwI7r2UAe*hYaiZ{t-%@opy^T+?-bwgdCQexf zda8D?(DpwoN(Hu=uwU#Bu`j`LhDw4a&x)F&PFGD1N08a*f)pt4GAn-QP`W2z7PbGqKhsuc-$H=iXfkrbe-xq} z7matTKdA^xqJH&3%G1@e7EI4?AwZgMl3B+6l2-Gjg%EH@#8oQBDo&5nr}Ct9Rk}@6 zd&*R^-8&E_D187OKL);2E|nb1kZMSu6Z zm=i?(Ku`LI4mpD<%|pRCgwErtciVXiGuIwkigCf88V`~*3OJ-9 z0ozRMoveNgOhS+{f&`I%9@~wo+E}~oKGk3|^v6($hW>){q(;HgjFfa zF)N6A*E|1n*l+gcqI|V0x7#oQL16oA~1W6G6zvr$C0X@Kt z@NcRhR5nDsC5S>xQOhhxJmrKCpq9fUbMs@BYN7aI_tqVOz1F;E0UB@som22{NOEHo zyZUbT0u-O!L_6}T;2Bo_Vy|aEYX1NVWNveG%PxUcqK2<)F3kWn6)yB}5T1Q`8l;>C zG@@I&XBPvX)>1$TRw9Lt?^M{gE21>eYt2kLFs}&j|mvnrTE+R>E6z+UkM2itGMQIMH z(&aNUv#_$Ub8zyDi0aa<$9$uVBMCVrH9aFUJ0~}<2R-ajFM5;Thc*hU)u>&kZoU5Y zzqsK55wdw*fhfulO9m8~CUeN`utedvkb#J}RMZJP{O|{&2w$hi4TX2u^-MSixC6bA z++=lgV7{eFO;kmYu8dbyG{lgZvy-M=^$3n2kA@i+N&xjfG+n zu{g5~T~4gPN~|*0W1FzWKr@TLGrTf2Oaj7vwEl2707*O~QYBfhDxcXx zh*qu`^M=CTD5z{2ksyaHQi6gP3JrxLA(WDqf{?4QnSev}hB4v_4yS_`kdADs^3cw`MyE1HigMW_(JiGjS!_o1}tPrfSeWsJ7D4erSYEbEB&mbPINDyNCx6@zP2}Oc3Vn3eF`4 zaxH5O2dqMM`DPF*PeW0v9VV$;Q9im6yh=+=2Y}@!f};AA0NcG=rN*n22=Qd$ZXnd? z(4YY>gI259dn0Od?0i725IQm)Nh*>~xus^RbTss{sJ?p&UL|N$oncT+9gA=4yF`z& zA+51z0*vLh3I6?*G)pa1>10SxCMtZDqH%PI!7;ThkxgkH#9*K~ zC?_NC%g_w)Znn?nqv2t;+*D37+~?9*-9AW6Y#j#&ALTE`Vpw5vP|+ zVM&Fkn<640tz7ainb<0@K;c@Uroy(gMZ*GlavQ^#PVd$zumVI(F1sBrx>g^z5xos+ z9a``7`ysk?&l{uen=r{shAk79*>EpXo#CQ5%l>ShMg{OMnfG4Xvr1WBy3NU$ewst6v4;OP!vr&mvCYBr%WB7@WT z14#-oNL`W^x1^R2LHry0Z0RHRA3jN4-lE>gbjY_gpy=^e2wAYfk=5 zBU7f-u6rH<^sS=A$zPenL0@4`av|#XMz83~CD_0(eT&0BVT+QFjis?>=js}+r(SMi zc1cbKH|uCLRO%|53#4a;;Fc&EKRS2wf<2Pt5oKMbc_t*biDwX3>vU&2BXh$!M0QLd zM4({t&L!;*LsPm?99?asX&wWNHKZd6`XjXFbdVAF8o&j+hT+RY83hX^0UQn5~(m> zofcUYf|qUH4vo#jG4v5{`aKp&Vk8a@ZV@AvwK2W6in;1wF|Cf9^=kqpaG|7pZUw3O z4y*I14RL&=a)<(sS)?e<&Ah}zC~zBZ47|sG<3lFN;<19&j!n9YmIYahZ&JX?J`Ngg zzU$jX1Brmno(l)%eU*W`L|}aHrGa-Nf$uai4W z7DuC6dvk0ajx^A%r8s7f_re)Is&-(ogLmv&GpBkkR^azS?4f z$@I8<%)?wMW4oLta>vzkn|0kV;!XF)jO4+-$ny<$M*?fEDhPDiH>GhAZi!t|g5LEt=FO*+ zM{(-w1L2bO{LD2^xMWK=c zWXhM4ar_RRsGCphCFEj&T>;Qm1G{YFgYxjO9}=lL3@UVuO^W>MB;V3e0E%)Bfo@Rg znqT2S)<_iV9`oV_3K|^j3lt2Eof1kYa28#9v1a|=d{`KCC>RT5<2&qJ!3>ykTXh9) zZb%ge+`vy5*1gFCsJm?Jng(M`I+lo_1qn9lMxC;Y}PZ;(fC*k0{jOzC1*I$)=_E5*^HxPh#$ z@!->za%~3;=fIPDs^x?!Q3ZT96=_z&wgHTfA(NOe$!X*B-{t#eI(>*#n8fHAe$N3o zxx01ZR5i*sXL>GsS;U}11a;pXYu2t$jU0vzd6*U-?E2zU{ge8pnWsTWs`hiMwr(sA z2lASgkn+3d?D;ekc1rfeJ|^ovh8p&i>8f*TTq4l)S$3e|TzdI=QMPFS5Uo8Qqg)IF z+R`0DKN|garDBaG{N zsUM!{F7irpFmM{_F2N*4&0DRr-}x2qX{qp`iq)}Sde@g@xO*eprwF*}Fy^Rp!SVW{ zlg^P`O== zygIFgUnb zl0;FBF&!o8D!etQs^_t8+$kEI%=tVDr0NTk&$GgWv+`x(FBF*b1J?aa?;5en_!Bx& zVaLHWP;;PT#o4Hr0Fsk^90cy!-pB@AD+bkD7I4`_j2XJm7bcwo`bEo+PrBucjQV5O zcy;S-Kc=(52d4zXDB17uV(k43=cix(_>1_73UX3!l!R2D5$PGgJ$Q74h*I#A>e<*B zRz;;amz3r*M}3`CX_$1*=~zEcfj;?q^L*p$8_h6_VlG!LY)X8QCDv!5b4^Y;P4Ix6 z_vn%Es1h7#LM%uWn3EnofUVM6o-VP;$PqYGq~*M0=bhtx16x=4*<-eym9>w1V=uq^ z!PKYvTS3esb^TFwKf)2ZmnZk}9T{W{1)pi!2roX+JTcn2-q`v^haAQ^P8=V(qU&zaxd+a<&v_5H;Gx5l5Z*_2y0bYx>5li|UIg8kp* zn&wd*WC53K$CJ5}>2-P6A>&}sf&NR01JDVFVIw4?v--FNe zD~d}^O3V@^K?I+O48DxiaG1K>`tot!yboa8mY1Lif#;RZdG5Zaow=xonX3$;A3t5v=z>$+CiU55zP%EL_ z8|!v2zKUQpeG{%6)Q)EEcTHGjT{FT762sPB9*$8gal^%Y4USFOwKU{xs<8%D+m+p5 zP`$mC@>-ki3k@pRSEHiroh9k;_MGB!pWQJs6W4%r1L+>wFh@t_AwA8ng{Noc#rtgY zPCc>lx(j;rX@~9m$hG!un`3{pOUq6;%3fn9*?IOZyLS6`0FePBvPC*zj0ucml<|y= z2SeKB$s`)=tY@jBtvar&dSPjtO0pA-CkkZwx0Z~f@Dd~%fxIPRJ?rw&i}kLXJF^!b z1-fKYHgrO;F>Xletp@{*sN%u84Ax6)nam5xvf7vkVR&+?OZQWd_)`IKAQZrGpQ^yz zu?s9W>rCpEg8`Yfw)2UHC#wk(ERIco!xkBDhM8uez(QmnqKvzf?=h4c{d8o>lcE?t z>Rpf^#g$$SgUvCtxmEkU?6Fg?!RH!C;6 z;lW;5Js`CAtD+N-(!l?Ik!$s;zOt)s6|i9c7+co;0KybsR)9|c^wnkpb}_&JqB9KP zT-oSspuT@PaY`HPKXRkAcFFG8y^-N|5=jYDDV(xgRQ zH80H%ep992H6MXMmjUOi&#yVZ0RH(1{PU`&`Nt#vqqYb4A3PGrYLB@EdI13R`H>rVKd z+e(-1cZCx_hC_XBCC38iFZGzX0ZD^~q>Pwvv@ymSZ-S|&nQn&JF8c10*Pb})nU|h> z<%fS^_+y!3AKdacJpTJ)w><&=^IK5}c3JMWEjHWgBmu*b@I*2LHxa$#{Q2VsVG|3;uWLKQ?MnVl)V~eHRcP$Ms@?Y#rNEyYERcVt8DKT;s060?k)ML89)q`q$hx=^_R8EgtVjbL$Y`3O&N2gy9UK#H zEXD+?sK`K#D8#J9$^j^1M#nf~p}QHbrW7Y~I68mXO24nk#MeH)lJq8c4VA?Htyff9 zBsMDW16eT0qY)@yKtKtitsuyBqE!o0YaM62YAXm3m`^zU=dL;yto1+)z8Twap%BL4 z)Uk7ihSMPI#zrfb~n&IcuCLNdTtkZ^&0XfK+6463PxKNeCo%)<|G3>kq4 zYE9#@nRIh+L`^s}yd;W3b#lIQp}S%XS^-!QKB+2<@T?WsKjUg}QE0PqfC+w-;2-1a zd{BPmJVxXnO6(A5qXeG5^TnGsY@heH`a?$=Av?tv$g#xBc@0DR!MwO03 z3$4kRy3*Tl{SxY+Agv88oYU#=$$SMk6IY{mq*RkUU_!#X+`t|O_CY9Ak<)Obw_*WP zZ7GtB5qZB|JdLGt(Jk*hhryv^)4jb}2eO4jq{`o;)iNyHTz;cW1`B^4$>mTng95Hc z6|*R4$s#93UYddoMOjJ)C>w+`1aJ7+fQtNssd)O%uU|FM+b%BZx0$h)`#W!~5I<(WD|(sYzYV?`Z>8M?oh)a#WzvHEZOk$kJ=fw4@7mjGe1EzXxC# zT7fA|C+hx&pG$>t&?l>zbztvWSikT5)zCUN5X$hfdWOI)TGi2&apV{tDrJ~4=$8+8 z`~m=v+|!dX^yOj2F<>#!8Yj6Ds`Lc)mhBH~S_~pA3TI1aD3m+wpcWPh?hxt6`O2Un zli(-fPGM&0@iy=5*AFYsLGU1>5ob4M#iMz?E&w*qk2Y9DP}fh939bYj>5qP*bpP7_ zwA1QNx=dW{g6li8AtI|Kb?wbnI&F}~{!1Jr8c>WgCCxOG!YZ7E)7W=aEgw$`xfBz% zPbZ=bv8QQ|8yGht(zKUUm=_Xzg4L9&7O?1%8KwmIG>W}rMKelxfu#>TAVt~8eq8NI z&a>)fD7doH1Hyz9Mb{uqJP~FowR{b$Mt1Ug63Fs9oOE;0<563b(vZeWltP0J(@lZ} zO?EU6>s8w)$x+{8qP4&p_HR6Fs7u$2qg?B5qgOTdC5O&`>W5>_4We=^7A!1FC#xyr z7djai7bX3(6&5mZ0?XEqOUPW=P7nVg2E#+7qrT-yt)7Tcb<_m55`jR^~Kd$}{s-7<}lE~u=PeBC5RWqSP>f+W7;%OlN-*MvLz0n)QjEIclxFmy3}bFEvy45IW84kL zJmVY6Z*L*~hF7ROz6MV2uQ1dp7$%($NU0wdp@UYEaA`zJyG4Vrh#m9;@zP0@PFLx4 zuMT?JL2oOav~vic*#OvLpq)Ub z_W)V{2f|Fi<^%KPpnzdmJFmdRc{qASciG|#T5z1B4&RxNO)IT_J`xQ~qPXmdv=fnJ zx!cu+A{D`y-r*GEB;YJ0t^|t@&T5ErY|(X{SBtwtBLegVds4omsDpsqNV&!MPQpW6 z?6bQy1PX!X0LC} z*6t9Ui;W~}Kv>$HSvsU8u5TnO32ICyd86p1oQOD{2xh5o^Zlthp`?36OkO@V!%m(; z-*VG_N$@mcqk+&(hWZ4jr#(2S?SWnfDIN@H5VX)Jh~;j#VVGsebHQJxxhMUm?;8X>_-}+?4fc86t?2Of%h2Ug}MEr2CJ|`PTf;WzAeDq-kEUjmC z`fCVr`3GXiR@%r*_K_tx^?hq4npI>4TH;ZQE`3!__7PiwVx_1|aglD+v|1UHQ4^47 zCOcIe$OVW~C;??Aq^W6SCrpRft}$o7{?ZKoQ*yd2sRWYVDZTv_Bq z<%r*b%{%Fm0|g}HC`cba&$?P4*eW{aB+{u`jq3n;7^OMC08P~9?N)wE5Pj*&eUzyD zX1COEdMl$yMywv>==$|aId?Zk=A#W3^21dKfk!LR#tgFg3nksf$yy+p)Gh&t6l&)a z#P`~jaDc!nm6Qoauz&{Nnk-^LqZ9=X{Q~8E^74}wa+_4jZ!TC&ki`sQHHQf(pJk$A zM+GBRWty|2v26!qn;OgE1liYE_J=R#zh7|^gJyyI!5QHp`U3Mi)1emIN9RIEN`vpT zyZ=YQN;t3#_a}u!iEwXhrBfVvF~Y=XBy6Q49eMcZYr)A}4b0~PB5X{nGYBceOEC7~ zRm8`dc#xz!AK4=1W6{j5wfhuii8rNmnvrO$R1%#{=4w>WVVyq6b~?zokp%^z?q-CV zqGPFzTwqp`$P9=jp-vjN?r9lEhtqJkaiY@J8a5OMF93;pZ|@y-WhTM1H+~u9M_l7T zjD82|nZSztq{&_olP<*~lOVa|Tl+goJaoN+DZgJW4ST313SIlyM!ycdP9RLXjs@6z;+DMd?vmf8aT-MAD)bJBGmosR-$~M#XQRBg6 zPkCa@B=4AP6caRJdmy9!*olWz3`(uL3P%mP7p)kl$n2xSQTwdc;KSz$$tIBd6La~> z4?T$bgqqMv>#gnVyV6RZ`sQ+-%XCLDuBgd-|JHYU#6jFNNi=4`Sa zEwqtiIKphw5_V9bj&>&-;?P?0ScW22HFP}9;r?iL=OY*|@04=+!A(*zQln@@ATnWc z&}C?6bb>j(_z0xup@sUL@k$^o^l(s8m-gaX(1k)v^fgTp?7XT&K42&32kCHRYWnb~ zwC)Wb9i$4TqyQ%v9fgEUqM8|K$JJhwmnH7_jljWlLNy(&>q+-A;eeL z?>d0N8#XpyU)o=dO5QP(7p`9coI(fhDXRwBi7)u8@mVe8j* z7(vb{<3o1YPnN~Dx2f7KA8tX*v*rR;c2*)crTJ9Gd;h-s8x_oVK&it@SlP1#B5)?z zY)9rR2$@mrlRRQKpd9+DmAQLS@IX+|K8$x0cl#x+~z094fD1of@?1>`{Cv?6J_)1`Wcvr6$1 zd^`g*1HHtTs5x!RGgooo#YdK2tl$|^7KV}lC7RuOM(at&0g>D-Y*-q-79i6;fmg!5 zmJ=7(w#hh2P+y@@7V@Nztbo@^H$Y`xj_R#bENYjn!&t#E~n%I*nhl%<*w^W7HXeo@b$qBY{Y#gLHxwP*>;IBSZU0U`S z-K$LZ&QbeG$El1voQr#Z;Qj>^TuSAW5YSRMx!e=r3}3xn3p2~9RIYF~`N(NjVi!dz zkMZ(UY?mSLnKFFG`v;SD*<2CXg(cM6twi_gcx-T-hT;Nbcs-ssFB{u$GpD^l_d6g& z`oEi&gP2#Cqr>b*quodbGH3D+z zMj*+~AiBJ!D>;y#ep~ox4wgP2C-(2}GDpFwJ1&@| zZ{0rd@}G>R8LQK)naZDk__^xR$0F;;sOjU_>Eo!tAM*t*%?pI}w9ny!@iOk_>py_D zD-+1*+Va?1&@;AYUS7H*2lhgF59)DtWJeks(;`#m?)x1Ta;>WBS|#fDeVZH<^^H7) zPo%!Cn-} zZEvWOGR_K@D?#|PMP*KDOJt{N6#7{fYgT_H21l&J{=ek)tZoFxhe0c*Ycfal+;!f% zuN&>o`2IcH_wPTl<7WEin$-Foo7Sw~u;w+-YYorF_hskXcVy>HuD{ezySX;wxBYtg z&C;87uhR)|;9B}LupKP{B=wD=&jH~$Hn-PvrH=L?=O@qnR0{0m<}i6)|L7*b63kBB zA2Sb3p8{$-sWf0YOpsDIP4hIuO~IhJ6;}+7X_5NnP1{Z^d1e#(uz(P3CVm63%;Ra0 zca8^keQoF3aC6v{MKdY}D97P~@yyHt>oo4+gl8-mV2q@2*Tk-*F)K6r!wloc2%MAu z8z-d+794$8P8|3gt{g9$QdIYK#_YV`8R&PLToz?X)gfH5RHcv`^daY25HquX#j4Nk zB8z4%tj@^MkFUT0aNtdN>kea1Bdef_j9yemFEpb{6*67(9jzK#^?_bfX0BS>0f$0! znvv5xd1}FR-1ME{#j6?MgJ?`S(sUR5^ie35}va zaUCD&>r;z^KMC6X^-M4IPM6menhpHKr34r`%trw5^7gg^7YuVW{7u1Nf(K? zZwKa~DFCH@ZEkYQjva7wvlP8D#tN4U!dpXO+CHB2noLPg=uH%uzH7Ayb#i%7?|7a6 zI&o*-fYWY+cS`?}4PY9af8>^P&)!RK2;Xox4m2Mmy;G&|I=zOhkLx56dYx(!t z$6G&3XUNQ|qEqlLu4%34|E&zvyi+~%Ar4Ic=;?Clr3Slv>N~ZYSx&W7;?x))QXf*j z-9}vRE)mE0CZ?l?#BZqG;Kdnd>Sy{I@a!fMT@kAnhF2PjG_z+a=4m|kq=HX#@_Gv$ zc~LxpLu#U^BTXX0Z#KW$pbZ5Kt=jTGCUVPQn#5MKNMhpK%<#`pAL)Hz!)fr0r+2{f zFXAQ0<|9+T4}-&h07hhu7s+|ElHXT70PczP_C>;d{n0%j64|R?TbT+c6^5Ob}dNp+_Reo~#>M-iTc;%`ua7&@pPL@ty7|qx>rF7Ownb<`>%PqW>I+FUQMf|6e!$puY@NswMWw#uVrsOM=6J-+*K8 zv%m+y+irZSxLHUOTSdl==?UNprU+3~+ow`cSmYZACW!rG$^_r=XV=j)-P;6<6lFR& zIT~j-!MwYNc|~00$Zz-0M?3B`y=NTrsXJYktQ)nja330%!CH65YK}%luTz>x)`jRp zD1QF2P<dxqNHYJ-$ix;w%t#rT7_M~>YtE;h z0!Iqp7`}#Es#BhmN$Nzux>+KsH4bmpbALB&KnsMFuVkxjDkC8c4o};$ghJ= z>Ga_7b2ur{>Lna0Ei6w?w0H2uED@Z*{;}ozNog(rcxG>V@aOgnu0o0*XUcBt)fOos z=Rark1O7##)l2zuAzF@Pv*-wGC!AHgOJjJiOE1Mntr}R*hDeztrVRQMMnzrBLXyMu zfVaI~M7AYkfv#Rpren+0H||>fHVr;uBdg##z(uL!H<{-uJAh|jZ0e6;a5%kV3AO`Y zDd%UTAC6b7?(ndGOqDl=8wpCuuBJ}*4a&9R|7-m{V|VG7fXoGzCrC_*j@eE#@m&Q6 z(G;#+EavE1CC-MSbq1S8H62?BOh7#PJU+1nH0LSlM1r7+MLqUM9&6+6)6A|5Mi$#? zQb|BnB$=j2$&?};gGx6`?YTz^xO{~~%+|G;o%o@&)Xd#6=HhYu!QsJt@Edo0iYGed z?n}N$hBBIh!PuT}%u%vPjbdVlao0aXOH!$!B@szLR>XxYL_7n-MVx>{Z2K-UoJd4Q z+@|12BqtIaHZg<$bP5Vt%m1>lxUR@(JP{gp@qL0Vi)V7Wl=9f%l2j_SBu02Dj3~v> zfr^{HLMPIh8(i3vJq9U^x!eDI`V0YCP{a*NB@v4J;-F-aNcdW35*jRp20I50ZY4bb zs~C1O5Bh8)H&!Rt#bRR%x~1)j0G+1{^Wu4%WuBL-IQuK8Tx%6UjRSiT+I7*;Xhwq4 z=&(~bw%AZ0kVv{*-+a9#GZ^l*cQ{*Jk^P|#K`gZ-l}auN`@5DViC=XNKtppgLaqT* z>#E7)@Z%qVANb%ttx%-mkdLmr`3(SyG(6G!zH?0cC-*s`nbqm#ed#0rH?%wX6=!+TA{_!ebFwUpOM ziQL%?S#w=;yu-bH^}jx+Q3$e>M!l@n)I>J4;=pI1ofhVc@CN;VgeiKQd9}fx!SG(0 zbj4^UhbWlrG?9k8Y8;&w-?b`FHyMyOzW*+Wq$)b`^3WMtNfVVvCxVn8N(LpjgU>)1 zmxz0O?ZcXiigYvH3gIu>`V&@|@rEnGBP%M*+h9gu!)4^-gPxNmg#Z2g7Kmx(!` z(rl$v#iP#tW=n>80pm1PWPNxZU6;OCULx<->l=#eyLDT*pDw1;__~%Rt6s!Lnls(5 z=2seV86I^GWQ68rhFk+iiKSqj1c7fD#{gbJKo%Bp12TzUS+0Soh^+;Wf`MYzd??Xo zp1&q9fyN?kP$JfOza%JqDv$+{iD3M9ko}KuMC26Hrn^2K=%^72%L*<6gS)ReEDj68#5%f5cVb= zod#ntVk-Af?x~_l&32`!(_*d%>Lq5gLZnm3PTrqHBG%a*v3Q&+slmsCLd)yGd_9KF z;PMz6BlXoUjS0=HC z9=!FS?9a&qli<2rhi-xUC((269K3@%bZ7k?+{@=*oOn@jHRH$+)tjCkcv^AlySrIo z58VjXWK&xAaTTfB60Ee`{~5bsH@o@Z4ov0xj@9pU!`HwFv)j2z_@>&+ADY+0HS51R zhW|T@oo>?dlcdGpC^>^O@KnU8P%5S7m}B%gjT(wSmWqFNzG8Q;eK6j*GOhqw8m*Ee z>Opp>xTO`p@_klo9OuE;_aIdSlfNyKqF8OPN0ctVb!@1sru59;{%;oLm*1%Ww4R-h z3WwH`&NyB`Wes`fbf5o4d0KaK?pzNnT^3rdVhpasHob=+Q321Fg;6$Bko8P8n@vIx6pDNAVmKKe@fokqj6$n<&WV@wWxz`}# z8Wc)A0xy(n*h0Nh&NOjy&&7ix0kh=NqRZfASt;ju)tig%;0+L7M#JuU^SGT%w$VFU z9Ij^O`HF2@ri%hXU8@dH(6&HS9XdAU-KQb{7j>R)6%XE;<;Re*lY{eTK4sn1b48!8Hj8jZGp;4UGymNz_Q#!u?-+8gJpY;a7L>pM5N*?ULoQ zZk@FWlnLL7Wo?@>Xb!!jf$Z*$JM8^&uO9HbH7cJ=-=ZfG)eU5VT1#kUbH~y5#?eJA z>#R|_x)$$iByK7kXcKU$G%mYUGwQcWpk=2^r`I?V%077CrNVRBSWX!{i_OdUKmKgf znvE+E^$jJ}Z~j?Y%q4tPc4OP0jiIiZ4D!=zl88=e<~ClBEDSf|SJmN=M4$wy{l2nh zMnia2S7;r(0UucN^zNyp$Oom;O~NCr?)*p4A1af2k>a-s=bS9ekcU?7kcAZT@Ymv^ zk(%TPPKeBu&PUA8lnRiexZpd?<0pB()!e9omn8i}i z&E$5s$bs^XA5iP`z!ZR5W=t=MH)l3hb)!L-0yl3$LF|wj5GT3n=QdiGHb=$**w~D! zefLewtrf5}nA?a4yReQgf-QT`Sq58)zJx$_A%Gj@VEIXJT@Z#_NO=c%SJ@V^D0I%C z7Z?Lqii>rmN?|k4DwiE9**XFqJOd446AN}`yg&7XD;uqYweF@P=xZL`FS04&Joun8eb1fYz84d`q(z zetzzGc+HIiE!}(4R5|p4MW%b4PU{|7&F{68aUY5!{as`-e7yreQuR&AEno^ z*TyP)o?S}&&!iq+`R_-_kKmzy%KgjX${Wky5&p6j?}Ts5OS%FW}Fzt@Q{_Mf9)jM-1Ev6~b;dMcHrDleRSthxsQo-~v`c1A`&=YSXtRSQ`jkx;S}?C5 zX@wi{#Oj3d!!PT+f(j#|E-XL9(RGq=a44$YR$~nngqh<`%5C#nFYQwb7sm| ztk^bFn9!=SD$33@psDQk#%6_w$cFgfK2>H=028>2xHhgRv!TokeO6l1XZ1kE($5W$ zfR5dWlOkV)sUZo6FnvyZfEJVwaro>G{73R-LTr5lA6vGFShM7}CTr!2KbFA<-6%n= zF5)*y?1~)jvJth2DYxiF)hJ$H^KJO~6Y&bt!D+*|2sG-5JrnH{mRB8yl@67;M1`-y zZUk!3gXJcgBQ)W%vp6Das0F6!13}dTHwXcF^8TUdW^}2u?|iOW-I8avd!go zfs2kJL2@KKuar z!3VVkvw=syAiq5Z9{+$W`7w9}xI+2#rU)cU1ro9xPb&v6$tLAmwV=&RBx@kV#J~Yy zE>IAQ06fGfX?hM$!6!S zsw1_fy5jQJjzkv@z2S4886EMzal$#o9jWnt^6uPv!JK#ek@NHBb-s5oJlpXklJt85 zea2QTnPAI>iq-}yGG*fr#1&Y6#c%h-mQj5~Bj9UoW-^IW!K?0&OV|u4tDV9znn_*H z6ut)^qDCRYZipDOh%|wEL4vbJvIC=@Fl4h8{= zz{(V?Y&s>3hns;Db*Mkh)+SE^-_E17DHaB4iy z#Gn#bEP457)#Il z?o{#Ac-@@&GC6~p{7k0&78x=*tChiOZq~^6Ipo^Mo@=(o#ylH9Qv|bkYWr+q)Bm@w zzUl?`@s!VdSa}0+pEW^B9jDDpLKI>@B%J=Vu*WjWTj?FP631LwyTa=b8joPG$hBTb*wvv0;(q$cn(E z@|swo`qPktYhF$CjfuTBam*zASwj5B+L-XcM0peAmf$Stas@eXW?DFP);VEP;A_s= z1*!^G(%aQkf7GhD>VbhjtBJapnAyZdEg^=n2`2nBQIm-&OK=fvh6&eO*&DLV9-K!g zxG1S+kp<{@1zAB9Y-;*qhj(I=bAc_}mc`-iDPO&F>7>*C^Q|0b%wY*QzQ7F6G_%5a zAT;xUW2djI_jVdI3&;DwQ_uhKEX<9;-;%>NtdPkMAPWG7U^_y?ovX<;?%PaS`w{+CpFQq+wG=#WlDukKga9dPjcbiNfEZ*W;6GPtj{;eeWdQZSx9GVE} zIv{+9w$4`nt)?yu!sVI@13td`%C4(dkqy_9cyva}RqaD@C@sUGgtE-v2U&_uHr zowY}>{6t#!pEa>Gb$eB{wpT%b_oJI%jtcs04^MBj%p2AB-(9kK+(=G^qtRk2^>1VI zoqU`&1CozAe{!MLb)$*zvkqX>ignNUEv$U)xS#%p2VQ zfar{+9|!_1)Cb|78J}qpGY*g&oo_I`!R4A!KObCdJ?3H`IUvV`v~E2~O8F{_Lx}Vh zJLeDbq4UO>^w%1K7vQ*L30Z2weck%ZHsSP8xkBNFApK!JGRramuAC97W*Y?ETv1?N z%okA-aNqbDdgWdcQ025nl#ec-i~cM0N9?v=1M2c=pz~6G7(jWvNj9})I1ILm^8Uq+ zCyHwILLpo+5Bv-$Aryu`$A9Q|# z&QLMj%G=<kAc#T>cLeNn%DAxhi)(b}a#QE6r8Ti-Dui=NT^)??GAm0Mp22-BAr9Kstz-cO z)8p*rgO9AB4UHL)HE-fOCYp0NWMK?g#OaMGFIZxtpuWMTDJNAB z`=D>lY59y9D{1sIx}XjFLAHc(dXhxQ;ruNfo620ifTg;1pmDp1uw15l4dK=P=^X6L z1Zu!cih1bJGkPLPY;JuaTJoSurjG^gQDY~J*&&>j8V_K_)Ox$YZ}>I8T_7%&iPkmI zJj(;wY^o^K{clR7^SM^XL*LaRnKgWbe#@=aE!*3;WCCU1+sk}1A2hg5Wtv^c&V?IG zsz+J0*2=Yja4`yc6HSvZv(^HvnO1K%&_Lq`B4(!EXeaP*Y_=g57fy7yOE(*6?oFOp zezj;;3X3WJ@cW+KVsV2D{A$GA5P?&zT^p7UP+6_{HT*2Ou!01Qd((zR0_4J1_+IJs|;6Ylcy&s1W2O_ zPOAXcX4T+U9^M1P2lKbGfDFs0*|duBR@;Ezg?@lA`r6k^uBPY=j{2hH!^+3W32Uk- z^)n~<9V-AtM&24D)@7VVp2b<+=q!s_X_YOwfOVD3CR@5u@G$JKA9Z>Q-*$IV!y;BI zH|PvtNwEB;tBDgHZ)S=CP!g~0n8!hDgv8itxsQp0QFe}^Z!$ScdOCIG+IMv?&fquxPWSd0rVNp@=sR~L z4SOF~fqO==7S#>~Joc@y3xH2-+*y>Uz&)c_nHdHN9`_0uBXI2F!~W49EESy5@2*O< z2UcDD1~)nqUxbUS=x`PjtEZecOJ@Xsw7NDXdL>&x{ebMrJS4$Turu~8&9W{p{*6zv zYt_`Aefa{IxAHMhpm?^x34o1FbgGI8yVyx-$-n16KMcJ${MUuJ`H@Am%?1opuqCO8P!$;@ zX+-9#dzPU(O)S#lX-;HXZ~u2DG3AP8nH;twqqr3~jEqcYW@_b78FHlQ0T*C7No@+V zU!f&Pq0uF|y%SYIhXEY`9$$<0uHO!EW4 z{C2orR@lS-jns0ACzW3tdcQ)nKb!_TdqCgbZUtNei&~F^#3V(q_hB23C!b9RwEKqU zEg)K7j18%~nN8f@gn^&cN^@Ruwr?92NdIAsNRAZlX_5d{0I#liAOQ|8@(eRf>Zs(N z|Aty>J9@+3uH7hiN*dC7O3OsashJCj4j;3eTCxOaGzPKkO^RZg~Rv$Bf@rDg`2^8{Gp%}&ep?Q@P*CU>jEM!tEonB$O zF53}x4`OjwjEwZ*Ji;ap^@+1!gzNL_OQ_|zZ2?aLgu%$Ft*OqWO0vTEch?He;*UG& zCUKVO!KK0wT(N7{`m&6FRVzMuc7!=?F6@O(e|*tl*q>UxJ$vjZ91sZ*ZDC1V*TM`P zm&&p)yV98HHb7?63jm8@06M#^eK9!Td22KeWxNF+;#W^hog3vP?zUX8hV@MLxbEP> zD4R)mq|cNxmyV}47EvR$3TXffT%1$E~ux*9a|iTtR<>8?h*s!SwU z$3!`1&)VQ@ILTZc2egz34c_VWMDJBR2Fir;>9MV@+&JNLonAK%A<>V4Yl~v$aVyQ9 zVq=H$ccqH{iBirea5PNPwBpd^dA0Nu4nlG@DUW$cVXJgH+0!ij79Kqsf{|7p)OA(_ zHj`_r>9KgR+4LO8p-wgvK_>`PG6e)F%#qQ#4}X9Axlh%HU$>OvrE%R8>&KWZ}L6>`)}G6&)A$YF=`t_Ryk8yl-OXxhpz_ zp;dSytSyFK?Mc+(Y_*h3W>xkU3=&MGRH`Y0-t91j|GMn21>8u2(DGfl(VFS0tqKlUHAatFL-B zCy|bsM9K22Xff9&Q+jW@->y=H(|o-A5VIuRIO7P98UQ{pJVzaDJg%w{2A8q&o;{0Nk`e&HjT`T;^Fo`F_1?JEgKc6(T?+LWLqZnqZnv$c6{tR=%CVU*&6M=!g_ZcgkR)o7(SVEUI{L- zy|9)>b`0~wFaXS79$wro!+tRH4uWhAr+06e(;|M9z=8Fe&mA2TTy<*$uyxuThQ zr-KEhZ3&|R(sq?2>BZGAW&;i&oMA#N1MIpsYvQ%OA0epQ6wn-^oe%9Yr; zp;;>cGQw^kBVdw!?3*H2!Gl(bD!5lTZ8!Uuqte%5@F-)N-7?eT(@Cl>uhLpj%WuOF z!W2{^(TtiWw2uU`3B98eugv7Xdi?vWl^d))^L7R~o^G@KwW<`=oMx#6 zSlX4_zMW}eUt#EH7vn~-4;AIP2se7o&#|w-^A5H6De^yb1ur?g{~!L^v&kMxx4{BS z0C(;^BnBX?7vF608YZ<+v_|Q`u%aI(|L5ztdE7yAE8QF~0 zr8Ju|Hu%%CUzK!Qe*A(5t?AVFwd&M%H=2792wkIYF7{?OYML`89KavjFYBL=7CwNt zZ(gxVYgQ{Y=WXkH)qtj7*+OA_(54_+vMFvUUG3_+lr9QYc@d6S`wEXb-z4u_{_ttf zDhr(FPXy{O3>@%}5d4TcegTf%hE>3~xFG2Eg`9biDsPrFK-IPhUagqmz30e;U9706u|Y74uC zKm2I-x@{nZzk-7=zekh+l-#g+E-}R2?F*ZHG(B8I8((KX$7dhFfyy!Wlsjx{Y33$S z-EArI0}><2u^0+I_YGiIw1w@#ZrmE96jn!a=2f7igDVLjM$VM&6_1 z?ORtjpjeptbYZzx*5056TUR?10n;0F`M!-rScB~q#&i5*J{z`QLkw~beXfY(f2>8) zb$(y}Hq9Gtv@DF$Y1n;@tC!DKJx^noMGI%YS3lam#r<4%#hagudHV45-aO3xBpHkH zvZnD%ZwVN}W*bl_X|HugUa4qnX+DK@z{BM{PpJC|A}3afbWh2Edl@g(oo7SF?rv** zmAfx@FCMq$sO6^?_$2GhPOl?gAuQZ(s0gnyxjwCK)YmkWtT$n%P@&wSlnc=VMLQbh z$^5m~M)zc^(AZ01>0e(4g>$->lRRL7R$Y$DGof=ZcxVd%-Q2Y=7ozwu3c>N=iO&6V zMZApP3SaP|aipO(qNachz((IXnQKNf%A)2~ux*4v6KzI-9jEzF4cly19*_vf8Pcca zY;`7Tj&#E48-+}P0J`wrs-n7*iT;0K>=l6Dr+XDI@&1GdJpVUy9`{9I86cwo2xgDd z{Zqx){qx`uUx2=uz7n5GV28+C&p3v6!?nj>t8sWY`Z}%aEb`s1j-P8$k6i&5!aiHH ziTl%i)*0{^z!WETi-mo)v>q4;od13g-NE6TV8ca4FGr2x`Bv&{$#Y(hskYEKSV=+A z*noF|D5ZzVd%#N(RHtdJZKdzJ zw!k<1w^C}1RZJ46=ER%9EExs)`Hi3wV02a42Ui!=@wFYL2IsR(r|eqq^O?H-RCByX z-4ghBn?;Mp_I=}hLbM#3^y+@ZQMWENRbcjow3Mb{~C8oHplGE&^f$uWjf(x=M z1@03kGoPd76RgQYzJ2mNke)c@`3o@XQQ7?}HwM+IP&l(rI5Q5@>>HBn_lf}ED) zaYnBs+c&Zi4nl!Nq>@;U*_*0(N9}QvloCKFG}5C9#=DQXvQ~lwcH@ZkCz) z*`+=xXf~!3)i4ERlO+kF(jSK*K-NGeGLb<l&eCOs#3LZs!^@#IP8c;7IWn`J7~arZq5HyihT9W_e7~dcoEbn zqMAg)DAO@x_%m6Lvz)*z$TB<~3l}*dtC=QT7_v-bu-!IlT3BnHgAO@ihn;rW?Rb*a z#z+Ttng6@iDE`l)J{`h3MLzCg7HQhA=?TM6q_v9Gxy#82~&7`67IeX zvE+aK@lX@Loj;XN=uP%^5{UglT)Mseeg5+!GsZtuL;A-M%{_hcq6;8{)yVP@v6LdMHxgX^ZT@my6t8%Jy=8$KzAVUzT%zEIQ`$>u+I^Wkig zzX|>Z{7AOou0_@&_bBS8DR5{SzeU@k^BB$C5KG6P(?~Ny;k=-~C+3d(Jkegl%-50p z5ZkTcmbg0(xuvJ2&og9B8>%D{zwyvCIep0l!52@&a)0e!{20$k#Ls2p{jr{@zk4s< zBFXL~5|8coUJ_5w}`t@~GdjiD4QR*xQdp+U_06S4?OPs{40 z!35e=>qp|$+e*mf#TN1t*p|7q6~e}^>VX1Lijj6(6K1F&ygFf-C&1(&1 z-qQMwS6!hpkO>gU1k@O^zKVWh4|#7w$l@33ZOIy2Zv$HKVLAJxp^%9Qx2z=-$UE$t f&oamh+nZ9A13twN`HkZo_1d2FsfF_v-|7(nA6&Qx literal 0 HcmV?d00001 diff --git a/fonts/Work_Sans_300.eot b/fonts/Work_Sans_300.eot new file mode 100644 index 0000000000000000000000000000000000000000..ace799382ae503d52310c1713cc8605577306443 GIT binary patch literal 24817 zcmagARa6{Y6D&Fd0}MX6ySuv$?k>TCySoJ+T!Op16Wk#{u)*CSSb_uymIMpA-+#~3 zc{|Q{*S9^q5PNs|Mq|MKV$#^)c>o; zwd+CutN%AB0q+3r055>^edBa0J)`8~{H5nXv#m0NekVFTmx$xz~RR zDZt=A#p^$(}=g@-dAFJ0<#@6~R_JA~(G0a(c>4roi`53AnEr;0>HdQoy; z(->1r-2KcXd}`vHvUgYLCmH%N6JJ`=sr3wWr1{u)FNA}8GU(%Uy<((0+q)M3WXW1( zZ+c6-1~^3E z-~HUIhq_Ty)Cda1I5@nb1T@patct1mv(n&Ir zjF(m2Y-wO&hf~plAz$tQd(U?J&U!IHiY*P!>Fi_0vFS3j-D_i(&|)R6^khrd*hN0x zGFs&1a4=Tu|iHDwwjKK@U$`Rqk|RsV&{KNfd%_YArWVJ3agdW!h_ zEo;E$bkvM%tzQ^EN@{#{4sT#eWl{m}>RhpmF6c*{Df|hfdq9Q)GLz*$T(qbLIH9gk zYIMc*n2FBhw-YW#)2+GNS{|hrQtiL+L$QjNJS|ULz#uM>H=nvdniZ{ij1VqF==MSym+azF)Q5P$bMP`BAAsPTQDP&0*CYpbAR??|n zJ*Y@Z$%-SoggB6S8fyex9fx6UzyyfCLQmVAx(*Lh8q9(S1c^sv(_GW&QQru%T6ipy zHq6x$Qs^Hb$ZGw4PXBB z?y2?~cEySc!#A5ZSHPQd{Ob;ar?2!-FY|*fYKuN*WRfXfPJw#ImhD_A>&0O*c(Tf9 zLQ807>Ba{K@1{(xjG1w5%=3^YIKo%pk^Ijkh-<(4ukT2sDH-y1F}KXqoH_q$=W@1+ zO!JvO3)8HH`n}p>g+iZXX=1?bcccYFhyf(!0Ov0 zNGM^9m1Byq-zSO#2c+1%`dm6n)H~Nn3QKPunO{WGkJHyf(zRC~;|^iG)95sFd-Ohq zW;g=b!Wj$gmrwR~x1jfp;-ziw*~8CQ=hma@6ah}Yr^ln61MG!5y7jeT3)vqVj76b# z;{_Ur@9WmcEl^}W`F4AFo(jml>3V%!3$RH)k1)-f7juX7qIY0I?MhL*P(~pvdwX6ByW@X7WA2GqEsQ#Y3Xg%Pq{@;m zwiPH#+|IZ>@z(70af_tt2Y*x|rqF%zZ%%H#>N{^1<&C)-^w!90;*QJli*WPNqI-b~ z>@0w+BMiX+m`DavTDWw1WVRE1ieOK{ILFULLxqaA_EJm3r17z^y1~z=-t%p1+FVv2 zbm^kpK0((5s9CRV9C_eQI;II2`W)+Gb|AE32Q_~-vcOxUsnbgGpM1))j3bh21mn0f zW(xR9ui;jy=;bb{>N)H+@2?qXjp2^bB>NotvRI z!Y3scc>05h-7HC4BIz*Puw!#`Hc{v8l$f zqqsX_esN%ZvF$ax`NY#QPMzLQQ&X`hAngI1UT#wrhoPN`+rNw(fPMFDRl#|_VJi7@~f}&BhWqXJW%VT>2m3f4uhlXQ>v4{E}$Qh}0 zom<)soH8PM1BHNi%l+4+yfCm(<*=P22)*d#mc&N`T*wS%Aj#n$X{cQ2srwJGQ_H2> zw$8-5Og;cy!nFXL!1edjF7efu1K}*e+TT7Wxzpa94w199RD41c(7$IYO$%_}kNJte zkOZF}Qq+u%1wDCCorgP^Sj$Wy8Y>}@Y=;^wBci){|JAEn(>lG*A4M8X*C?~$6Kp9U z6bho#YA8}(;#;S=-Tdi?BXYNZ)R4E=5Rg{Rn&SOJ#G|5YFJbySV3zbqNX4@zL1Jlz zGc+G|m2$zV*AYkN@p;0eeu^3)@j)-RX$jI>u6U;4`EH0HKTnefM zvjU*7atj7^RP7kCkw);Y!oNKZsF%^`g9J8@XX{>lOUxd$G;AtIX?1n!%WvHB9tF=m zLitqU9#2Ee8=dOL52cDIUp9X^4~q}*^52}AZ7JQJCGfRY8z_-5lUq_N{CNO2-rIEG zd`kI5EX@9*0fDO^s06#1hqi0GBil~J8_9_87bV1$Q;IBIu)Rd8iQbAVZd?lAuA>wn zA2=o#O{f&)8Oi^O2WGDKVLKw~3DZ@~i?F)37Bpdu6vIF_M*gzF7T|t5*;4w}+BC!k zq_V6Bex;bnB;ne^)k>m4kBz>$2qW*}hR#!u97vB(`v)yJnmFB9{2?Uz#ilNeHH;<8 zmX~@v?OlhSEZ(wjL_?LiU1>bXh+kaZv+ROuJ|MqmzLLWcq4gwmsYW>O;L0PGqD=8y z1j#^cL`)7%x<&zGL{fYf{ik>Tq(`!X>73a-T4eeu%ODExzod;`XugX{mKOxvHH5EO z5j-|_Vz0AIhNGAM1S5fmp*#c z>+LnrAzaAPY%t2W{D+b(h}vjLuT~Oc&7q~;DpOn`^#X7ezh<9$x=v;qZ_-!PH>aJr zLxE!SwZ}HfnN)Zh;-}doIkRoef^}oF68CW@X{D?9%x1|cD$Bl87TGqEqmQ`INg@3C?KMd>PjKJx?; zVxk4U(@OQenJz_Qt!pS-*1)r=CfrN=vA^9ZA^BmseFkY=qPbSBUiwE`R7Bk&- z?hkahnUq^nmYa-)RxCZkGa7G#W$iSf#qD^@!y;Kg-| zJxDfvwWh}h-j)q|c}J*5jkHwI)cMBglQu6 z6_k2nvdFoTDi1*`MLQI;6gD@u%wfn+h`?9T$eP#y1qigLhhuJyCZNU$;&7I7{G2Ml zryj~&DcLQLfaE7m6&o_qfJ;G4zpElWyOwIft@G_L`ta_`e|ulj)`wH5jQbGM(Iff3 zqgGtuh2dLK{NlmJ8q1STC=1Xt`^Dk+8n-6fRzZJnE%yw$7+L~yE$f_z{fj|_^0yocuM+YYq_Ald;SKUU-qm+p0Imo>53sv=`j$F}%aGvV-(5ygBu4unf z@=(Wp11)U7fK7{6kYcRu(>U&cWyu3lhSr)f#V2*R@4ikXv_~QHlcY8cr6WL5Y4mf; zV{T{^8t88=Lz1@TwKn5;>5-bdFdoNjr(D`;J(i?Fxvb_uLk}DMR;E`pob6>0u^NOT zBtHCPL85wFw{fGE1!3cxnE^8cH_#AJR4aQ%*ksyaB_O=$&7 zp`)Uu%mHmuFm4cu#8|k)Cike4du_;tl=8UP!V8jtA8$og(SucF^ko#?Vg8794LIin zdyl+j>*;y;OxoKyt?m0{q~^NsV-?KNtZntYX#E|eSA5!+E*}iUL5DwEeJ?`Q+kFo6 zq}Eq6T}x>ybK`1vl%90|n*%s&6R(wZ#8(d!r7KA=yGNc858C-MZnU9g+h`Y6Fx9%wsLXS0DHZ5Q!s!qZQC^grf1K22& zYTZ}Q(w7iAyphcauu3H|IbwuiU~pUB_(60UC~-^PwnQf&$beumKA2) zMH{K!GeuP%rUhAzal(}^NQtPb?Jgo1n5g!v!1x##pGqscGx=;7g16NUx^I7I_zf5|X5Ww{!v8(>J4|B9tt*QRF7HO7?ZG;UT*EsyHh5KxK%a9p~_;Ar&# zMp+}DWya{=c7G+mh$oYEC@K%C58xmt`d2e+huJUQn#C-GP5{5wohG$NVRhBlT<9HatMLQgmE#Dtltna9f z8GM$j0;V23)dT4p8`&Nd)8}0y=RqwvbF&cZz{#rttQdCUOlzOv&2UJt5*4|f5qeA~ zWVwOwlzQkzC&;i<#OO|IK7B8-)~V^>@bJ6ZJljox>Fsm*227bu-?0O~!|6>r5R1TH zGPNi3WdieFGY=S^{I8sCJWO*PZ7VmkZ5REfFyVqCr{2FwzyU`<>>gRVhinKJis*KR z`6E!=Fz8H5-?r9cm_s0Hb-{#^jql;X0@1&)=fY2cUcE=;7nn~!yv&_>ytb4wc_&AemWc8NgQA7GC@`H!gpp;MB}lmy1W~{* z3+u2Ij7_lmJVJXF5k4`aN1D#7!=0G~YILLS>L>~Pi7Zl(Bu@^fZuT`Nv|=`7g|cxn zJaNgw%09M4b5^M{1n@9P3b+3hmc3=M1Y$;LvF(K90^f-YR9;Mv?i*%iyw#RKUH;aD z=^VeI=h6$uZj~*thA=$n7#x&2Q7kf8_SfxsjpW4MwT#!><%zNpqUNfU*jXcw57T3p zu=?T#b|qzm2`+9&U#-ymb;|>hA(?%@c$>)X?W6iihTl|wNyU$AN}xVh95J!y72|v3 z9(G`%-dRFU@rU0WiU)u&?UkjMj@>s1>P&3vDx-=rmVQ|s#`0WRRS(u@wnET3u$6uocvoAxEsX4u;RuKqenwhv&Re!-L` za#(A_jOv|wBX&Y&n^+8sS?__XZ56P-sEbT_St-9u?1ly&D;)kHDZt0~RcLb%=l{0= zuR<>ECutOe=6A5PO#YR+=p(>{zK5~>%re;L2uJ+qT9dY^{z0DIZikFBN@M&n&$Mh7 z-N!c4eR zJ?mRI8h6+`|02jtOl$cpQO(Dg+7Qms-|yea0}2M5Xj}HN%u3nQXK%Th+<(8WXGvG- z&&Ac;b-E;4h+EBpze|@gX8}o*^o6Zvey@$2mIKf4W)+wkh%WWC_fvz)_w#QMe&E=i zm1>-B*Ht9x)xIrmt=X?|xG3?)jo9v&(P)U3dtuPBC4&myp`auo?~&% zny#5`vKfx3&{y4Lk5y|-Bxv=ARk4K{tCc}FmzjiGi5W|b*sd3dy#+L%8{|+IVKRlK zrQm$a?v9wJNCo#4&%uLxgv&ew7#>iF<)(i;QIHBN{xa-jnx_g>EXoo)YSC?b+SMq3 zcjmM;R` z%UHl$6d`eCTxV|Ft1z%vKLkEdkp5SeVobP+ZnHcx!!fus4qDU?olYZdtNaxULnt~W zM<-9a)pDu)2w4LC=@+)sx|XfMts5afl$0`gkcW+9D|Hi|nW6spjqlq=qjLJIj9_=+?3~t>eGp|^ z5BVI;$F0_c-U93bbwQE}{Pl5)e1BzU7lzaDAqo0wN~Z| z+ck>#nq1ET3`&DVoSELZ*DuppAT=VS&J3kCWl>2O@R%yg4Dk|#w|$tCzpGF<9c|ak z^kZ%^1o(AdeAJ2AJT|u1XTD}b35{R&V&_PWV$}rv+F9&l?3~k*#1)}4^FihKbkme} zQ-~r@1Ol-*2dS*<(ykbpjfyEcEP)?_b%t%NIh0I%=zRw3)O8x$Ews>4vF%)ywbR&F zW$6!`wVGTL)@dt=wboLpap9pYj}$ke&7C(!7AG5b4p4O-M9Qv~uG_CUV#_~pO`J^F zRmOL;XQ$1sWv|9PjYhD1>wm}F&tfOQ70Qh(>B1v=BdApkn%TISgC&jsAjNJ|5*ckf ziMwPw%?jF9uzj(ZkCsFD#z{bo)|2yXC+8cduE2Sidn;P(6WGY4n&dhtLWCX%=_q!f zj2l2()@14{szTb1QJq_w1r=ovX3C|2$$XevGA2 zusIt}csAu+AHX2-Ao*By*44`F9`uiZGRx}?D}`I$E$W(%G~R-+{I(wS=|IM_nefIe z#Ot14pD04_@6je(s?{-!Eb9G%1se|wtgy7a2zCpLAhiDE%ZLY}VF;(baG@JNzo^893)ZI%Z8N!T66nbQDk1(<_M*Q1TGQ^B?97EIbt1rDn5Zj#*sZ znWC+u7o=Svk;&N|yCzQG5*s2!&Cjd9rCKPrp`$JQp~Z4+Tu`9d)^?^rSLGh|j8tJ7 zx9O1&oFrW|O31_^D0QizmsOO*tP95i%#pL--HOr}&L{u%yd!d1rTy^>0L4SY08YwI zKRy}8HF*IEFq~3>2pu9C0=$;fJn2)`Xn-J@ssgd90^S6K$S%M@C@DF>bM=W9f9w=9w@d-{OWBnJpk2G;t01b#a= zs+=EO0{zEVR?DoTnSSpN=ZgEj_Qb4xP(a0@+mBBE*Wh-(0eA>(Vb7sW7*W71SL8oP zrk}>h6#$;;a;`_X6B)hB{Z0DLq%2-s)Z>&&^>ws60=IA-i~!$9AZfqN#?V6FWYe^U zZG2WU#OO+)Y=|!yXRE*bb{Y9*4#Hgp@SS@8GyoV3}9NhNi>JpWFePg!qN5U?SpdRerVL>bXqM_K& zjq^;!#@6{{#Qd>E+54+cQ&9MNzH(eyj$xnx+gxc4`^?d$xqxWmj{#1dlAphR$2fRP zpt0C`P*NldNEqGKIsuX!FSJW%J0|Vpv;cy6o3R(F;j2{fD5wbdu6M7FRXt|}RbkPb zuORwkPfp9u=1vhwA%Hhli!DpzH%DdAwTzLa_lF`hU=Pe5za6F#{~m`XVf@pfO+WZ7 ze{q`w0V+?6SqO1jL*$_}FRjeS1KK%Uu9|9SIe4@a;1l9L9q>Q|>UufZkEglb1fuc@ zQ{p}TN@LUK&aW3dz9dGaTDrQWV4w__%5aD7C@LU-gIwQ1t}q)jhUmGiv5I-ARl_^K zQX1F_Q?J@1fsT}sbWq)HMO`S3$=VVSeWsAxB=Kc`1LQ;k+Fr%?q=T9hzN6}O7Aa9$F z+!C)ET9flK(c|`D>wztYlFoRFC5V?<_+)7DL^!~Bv&V~cnf4xG1hfGk&PZ^+epM7y ztoMW{{qyYb<$MNYj5&B9sX6Q9=v_;*1L~IeoSj(yCQtqTF5>Fs5w=A9`$RYEUgqeh zgRy47XB&hV!%VsMk8nNSh*mij;(l%17@BEXP5BWykI zB^23l45=%f zQXEa@kvTHPC9M>&8`~zQ09>h;Tl#jdIR&zcDXcLkO|vu%pvB6Suy)-urcU)?{i^Q- z0Xy#tBz}Y(YAsNe`Ju#w$6t}|zz2C<>|Usu!P7(U`G{#tc&|9nXmG8>Z3~rKm%IWh z_i2U4gnpQQO!iZgL)hW-02gMhpiU>5)mGl9N9#S{Ik9A8ztm#s8do`8&%^Z>WRI*b z;a>n^R#=@0{c#zaWd6NeA)D68RSyDfUHv93c|ws$nFA`5`D2tiqsN=&_1^||w#`!& zjlGaqyNy*SA0OVqI_f$Z>Xhw50RB!n z+BQI+Sy^h#{gb0Yfp)ww8O)-!){tx1WkEjDnHsYExyq(NN!a9Fv5dX=%vW34sa>b* zAT1k3cIl%!8J9avTA4-UGPDnn*|%JqzY35%b({AclrLs__~lAwxJ3!l6~Qy98>uG}KQ~NU^1MiTwKt}kavplZAmt1S=DxpB^ zkgzb*)3KI6&sGYv=2Dq(y-vPT6MLLtC`WA(dqlY(=R~MpD?U=_FK6hjc+8PVKTebj zI8-(B>q*YPObO4lF}HCAdNQyF`kml+>RLqCQU~`s1WZo!{>-85d6HKSfc>4wl6ENW z(f0L5&mr?d(uWrJqz?uT z9D6sb2q(_}vqJ(y7g33i;?fCrTDchUQ=FqEC{j#u<9SRZlJxFH{`iM1lV7uM2Zc=d+Q7!A0z=-6a<%cNV^LiNq8VG2`#% zl$XSgo2Sn-YuuS6#5RFK57BXZLFaloL=&r;lGw{9Zm;P5&HSusoi32|EUc=a`g<5c zmfee(Q8z}(JAjk5+ejQ3K+5YBiJ>Qv8<_4j0DXm|b6LP$$^fR*%CI{};49|_2#7$c zjW@-WaIaQkKc)I_$aAvhoo|i1O}&rEk$$_B8u#i30Bc-)TbWz3CA|TjmzNhmhBL3> zE6iveoS$AdFBH%M{bC(K*>T|LF|IR!1EfonS%D!iVe@a9e)L)~unO~hti&iGi2%v! zPmAqil%1&Sk#0vN>#T9)uZGjj22%-oh)ID6GbmBSSQ2$=^F6#Aa27}6me>9oC7lFe`Tr;tGDq+&H!=+;4kFwX;Nks1b%CN5p$m-W!z$8f0;kDkAw^V zn)<1L_nTkP=rwk&sv5HEQg*;Q&QQ)UcrhC4Lrh*B?&kUbM$%npG?E6HK& zDiU1LI#AQV_)Y!=vo*}|>b>b#muK45<=Q<%;8!`EAV4ZoB7#GPlEwuHC4*`3(#Pn# zEe1ZhMe*{g!Lh|dcGBKdd^pL|#^dH8ft6^;&o4*t=XYH21pL22b{m_%)D zf6zUCq-jo)7ZYq5gG%K5vUk#UT^ZG_vIL`yI_f(B{{KFYu0|K*y6QW{cJRIbm#S|< z+ZU?gncLof--$qt(B3#B!Go_9&(-BBF?@PA;8xX~j{@iuqHvoZ>aNSSr>mw`yWw9M z6Jt7uGE5|C{IU7@7NUL26ON56_U*Ph4IJIyf!g^bq%w~bWiuOQ#FQ${TUqMja)UzL zP|GPFx221c232~N*g=T$+_p?ux2ad4!T-ofsErCqZ(B_9m({^;@|;-FEuGFEkR#p-dy3=REs~a&t<#vtC=a|@~`~QYku)seHeUC z!vzk;d1Vir_X+fIQ1=(ty{2YAlxy%@&tq5SJPGVOxXsm^Uiv24G8dUB>Fkt>ww}V{ z2$q>yV$5V$Zwv)neREaUCQA*bFRf=SQj%OO^O8O=`Q1)cMbabl=1tLIKT_My2%g%k zO>v(n&;?*+)`CB${vH)#<7ssWbd7Ubxue-pQ%3B{&8=W%YnE{t6ovG8bzDTDaZdd{ z>e_9wbF*6s`h*s57VSgVN8Xro!35TKt0#uMJhO zhX)%KrYb~IYgW~Oz^rGBP+Pu*@x{rPT}Bl@ww&ue899@dy|eI(H6^o%M0%gU4Abf- z-b=7$R_kiEJSajTa7!Rxh}SlOtJrq$5Z*RhhTlj#5_5%$Zz6-w43#`<9L~$N-+j5$Qu$euV3Q0KfW6+?3TBUI=%5LVyMAuRhIyu*#f=W z3qR5+HMaT|co863t#*g$5$qZ-0&{gr*XX5twSe%%(6+|HNSa)}sYY(+4}8~;n5h^V zO$62yNI%`p`sO;uSIEZtYgr7ZM{r6=kd&Y0 z2~hAdiMJ9jp((`Zx<&pHP3&(%24G!^Npy?bH+JG=iQhua&7?@FY?jfG=$x;n@fS|B zzLC}*+P}Ja80SeLb=+I0Kq?y?CrJisyXZrnw>1x5wr^K=)i zRY(wL5N!oqa#u}_#Hbov`|Z{4g40!DGnLJjVYzfJqQ`BdJ9#V@n7L&os^q{ zYjt*-O+Z}&#Y9J1OzdpP59~=bVmBta^2gOu)w|6@7BwQ9Zvo59`q52ty__;QETyQ3 z?7d~>ae6P7ZBB{<7_~qipa|VNjx0Y;szBmGCN?rC=fh`$^oo7dI2GVK@a9owB)cv= zA|(;)RoR2HV!B(I%rNA|i&)k?l(qEldQXPZm<2!KHke>0Fdl_k)Djt^w07eMA4I9; z{_}ACFYnGCUc53^xlH2Z^P*-dL;=NbHKJUaD6+d<;l^4RT{#~vnL8^kuAF#R=u_dW zkB$d?^jJ$uqTKEWx0W*J-)`s`J666j*OE8@+eY@=FKnJK3z4){t3LP8(f#tySF!c4 z@{0Fc=$V6^5k6qqa(9hQW+^sw;75C4QYG7xa^8LdZZ+K@z7S@|*` zU3`5?Z*ME;2Qe$-2#Vv#-weFzl6cKQ5YB4b;42_+-s<$R15G`%yIu}r*<5FNy8N&M zA3#h8^U4drl|BS2h_KTi`vna5wk z>WI?1fepH|D&GW6$Ye0D>`6tI=)W!J$K)l1MUoY89gA@fYD&IEJXj>KL_lYPso$Od zBA5T8!+w8QM)-;Eg1Wet$0@%%O=>&T_fT~7Y!?Zc199i%7sn+;KXd;3z%OQ+1pP+^ z;?+?y&a^k}PJ=cf4c4IES0UUmuO(X=?lXq|L z2=R9E{-S}SW(EXt^5E;y8*Aot6c)QG@3T06SGr1KL}R}HSS%b_r)m>M6GdDH_!pUF zW;hu9Ihr7#G7ih?Ry)3Kc&64`@iDnXp}GG)kNuJ_G9)wryOuYs1-kTDl+%LLj^U|R z)#x$vdNgnKPA35)C34{}3WaIHw9J#PkLz&D5%R}nB0mTHY`pj#o~g0Ym0}e9WBCus zhQX-N$bwx#M2AtLgyOWTl#MQ-W{NsVx6Az+t#e)PMt{5dKZ3YI`2*D=ZIq^LXW=z2 z7+=d$4si2mHn9bH6Jz*s#6K;^1Q@j~*vckJ`anoIxDNvAtmPusEaRXPf&z1po+CDb z8lBsT&Cl4;>7hT)a~h*R9e+1Vlza9HN}(=cJdl#Hd0pec&^TmpYAN4?CTAoWZl5vV z>l@Yxe=4nYgbPOrP4a#O29a6QgjS0kD9LQa47zVWv8q^Z4r2aI9Ict1XqqJAFt_t7BeBjiMjGxo&hO zcem_gPfQk*22wTgBgdlyYWqfOL?_4MT<5>d!GaKkgm` zqEfe&Myi_+TlS!dG-aiX9do;=3Hf1re>O(ebv^)YsxgqmR29dXb^ZL#Vai&vlv6yWMvdn6qEi9HKl+_AY1%LFp6PJeUvlk z1`no3*KuO1Y2_m3b`G&uJ4Hy8%6WzEbQ~bOkPP%CBQx#g*;qPTYj+@08j1Lub+p&P z-r#|jqL@mfh+s{|A{T{($-cfz)IRQ!*U|%orp0sbO_Db1*Bq?LLNaZRK4<4inN>dA zFDU%u-?IRAhOC?ghY$g+2VqK*%r2i6BhLD$gA#+!=vGWA{FCAN5c&#C=2AX|vFVYH z%-rRNm~!%;cQ1N_HECzXnb+HIYc6+^95|*i{nHst2?6o(*WlW@0@FY(Ni5d%l|{v_ za8tTgZT2*8RJ%zZn|5`%)i9pYXIJ-$L{?st`U&)3!53!4XSRZV&v8dX-bugoZ&|NS z<^~ZKD_&D2`8cG^Or+8KyY9TCYo&K`d%H&$`bl1~co}Y$ve|cX>AN(&JvZOa%|A)~ z^cY)QjEM0uHE>ik@5NKno~Iiy`i(lGY^-fh6p!jJlPa>%XFlpF8H6ZX%UP_bXJ0W| z2Csyo_Zl`N@G9Dxbo93iP@UtlOdX%?g&|m+{P}%Zs zF12$Itj2_99NZDPq-Mfu9{x z@>rC3e@LDgxWK>IkkYrAB&SiJ(!$2lD3uD0hck3y-#h%yI>Aj!!i1WF1S1kA$b_q} z8e24$OV#JT2$CIfKpj{s&K}&%)EF0fq`9pFl&Ht-J6|7fU1ngV#HD>l;5VI9w`=VakC}|{e z%Pbe&lM}U*L;sA2hWcRuRo@Xt@ZyzKwohI+af2IC+p&>KLKyDCb}VQt*rww$8q=XU z&vffF&kM8|$GO?HTM*FcRy>PRqDe4??h*96NOUK>O8mNEBe#&4h_BEum&S!d7+ui# z47PS}Dw#>Or*&GLo@yh8BFswucz?oW*lOTG;O+c4(R8n-k|sU-${a#Z4~*9_wQEvS z$ywDY(c3tr&r$H>&;bm}M%Ix_XVW+wWLxQxZ*PH+$JsOqj*sg(&`>4U1Y#WGR1Dk) zl(T9jKA-&hF0D?RKP!Voj8v~WdD{L25Rg>C@==v}QXh?szAFm+8{}f&075!khzi3@ zOg=O|vh_Xbi$&m~mq#-hu!}|+{u)z{X@V5ZZ_2{ztwcJtmUj723hr^RANM^$cUI8$cp6XKa7?RDGlrbk4u8!eV=xjj%t z*okIZpr*4n%~RBq`$Wlc=Qu?vL{ys35{~Y)7mBzo|NcG{*hJ3#DtAsngs(1hauU9u z%wiT2{-8qT0i=kAq9~oU*y0pX?ZDhRv;N>NhTjd()qiOgeX> zJ#V7eIyu2ImuW&8tSY5Aq)TJR_v45lhSG`aNRRM+lumfB>Wn~Ny08(R-E27@Iam_h zKXqoMm3`e>o0yr2N^u5Aw>;>T#cY|WXXGg4rp}C#SFQS9^hUWGf_ro)D-1yV-ip-h z*r#@?xOw;Mgm?gEEVW&T_LltROT2T6i=GTZ5i`3euO^+s3g@uODWifVyeyDEkuD7j z3qb{o9ubz5gZJR|ljd)N?h85-s=6^Q*hT7Z)*2PaEPa4PyDK4(!MMRncrRt&C{-Nr^a_SwSlm;-|AFult9hnLq}i?Cc8ih+UV&RY zq^Iud6;90IJ@`ou$pj9IAMIxGjqFBwgXGIBX3a+#ppD2%9;ewHYvOhJ-_6W=?c&(= z0m>&3|II zJH)(LekcoSM7|<;DraaOL0=-nI!}p zTGDWRrLHE&Cd3(=dFuJeW$SBUkrYEnNECf>O4vI6bwBf(@y2B4D97p*w_|?~>Ym9( z<)uYySrX=BE5?}HD77j0q-1<>J0^FLK6RSV>5nXICNZjmK5b+I6b;gxw znY5zPj_ZkULu_s6p&nrLHl`N8fmd;32N$*|?^#!^aM}BJ>}W9|_~OfVY8eFw*}RYb z8N6iGc>i%&v>Sfakc~d~V)4jDo)oGwUBrnMq|i@ z1)fx$oj2jme8lEtZ%6WWaiNz$&VuuaA0SV*ncd)ms-u=`wEIhMT)jq1dn0(d!-ZMJ zDAz9&{~S8WrgYR?p)(Ipq3KgtMA69MT?VFQx@@CMVrj(vLN2{ zl5K^~9nppuj}L#4rIQ%8ZMx=X+PQhZoa->Oytxb&l#Roa37k-3b}cVm+X7Rwt%U|V zbckS;dXO!495eShMxG?gtc{$HtVpzt|cM zVV!AOZ~PtBBZ(4vo&MAVWDbYc(H3@9h`8ZH696k*;LHi-I2rp}lFIiTmZ>MIx3NBM6(3xBjOX*(DPJ`*ov5$9pg#odV2z{XxV9ug zY?+r)6X^HD9Ueob)lr_J0JgFNK)(k}V&*uDz=1zheihYRd{OBxgh!(?kcekz;+HN0 z)InDv8EO_8d1V?&ytSPO({y(M2=r}M9>zkoTwuea*66bqk?XU%R3f#$K}qjXJ{rMq z2!nVq5nFKOs_1-2TLDODl(%cDmwQ8z`lAcuzh$rTx`!t0pYNrfobRP-|GD<7KsAf^QH5stQUS*s!OsTX8vP`eogGDKN%8-b3OwTxSu0BM4 zLJWQqST>M?1{rFCgOln9Z@p6rFg)Xou&59oM7sgH9O-_0#I`kjoVLfLOh`;jG&>+O=WXHz&Kb03SaGYt_oUCxVum74G#c< zY&6gqm$&O@-5lTW&q3)TnlgfR-V%@DLfgs9jn+QNf*Qh!=| z?Uj>p_*O?hOh?Q3?m&mJQ_BHgarb+=e#Srd$@`^U4xTD?5sIs09-d-0fTU$!BO{JI zRZdI4w@$gitge;V9mK1RZ@1qm7RCHutZe(MEDsDNcmAU|lfkEE@~?*h?E`fE358tF zm_GH+c9k}oll*{vuH7P`k*eP}tgIWO{G`ogO3N(VG68ZbIqV2Z^e-&Gk;mGgl4mJd zSB^e&82LP00{XccxUj@u^Q%8V8Xt5EhY*zpBnLo?p2Uyy*zj}f3g9vVQv z@cwjaoyLaU%}1Pfi|?(Yn8+ePX8c|ZaayU-k~tvULIH%Zut?Nu^=7)zcf1V-(U^WJXbJtOQIK3Qh|ur++`%2c1EVc z(yT_+RKWMwGu+l^6fzO;!+1f$o|>k7A02@**VrB}^CbSVj?PiOHpsKoS2w8(hXOMi zT*PlgC3hE#!%L|as@n%j^4m4{NA`~E!+g_F_V?F{5dmG`y*2xJSFnLpjZWtp6 zkI*Cg(-P?Ykr|Mf+srxsRBs;>BUbJR67}j752}8%8#`#Z;5$yHmT0oIV1ZAAJRVLO z`V0d}>Q4g{FcPP@cXQDNmzdt4zF59(E9)B}=S0{3h=!=4>*YDq{Vnqx0LDf=sJWs(@YS@YV>q z&>2L-UV-2$iWQj!m$Um$kBFrgu6)ls^>IAnd}GxMblvI#Qm37;DKbA%TV5ySQO=)e zcA7Qd&T%J1z@ocj`!v;q+A9TD0Y7DS%|Ez^yB%Lv8IcG)nz48ycwX&4{Bv8DU!KPs z`}h?QS(Tp5(CG*b-Gyq8SOg1qj2lEY8B-2ga;nk`ci8IyeWcMkEgw3+aNm4k(P`}% zN9=7-9w|?&@4-=;(Fo-JEjxw-FLohu!@VLk8c?}KKjt$)^YZqB($HE*>iArgOIl2d z3^`NF{4sJvEc<%zrlracyJP!78}ccpVPE6!^TUD-zItNd;u`u$hSiLf6l-!j3bDIW z?5a=ptBl^3F2XCzM*7nW6}4BbTU4Qfu+-S+m@tkg>@06xt#Mov3&Xr79_EPwvuUdcTfl^i31^F5-j`VLd!sq|WSNDj z>Hu!H%TVXR^p#c>bciU`7>#vR67maL_{CJu;ek@a4t$2nb6HGQ>A(}O@Y?B-A}LC! zF<6r{{A+NhD~2acbJiBc$M`ngg19o+1mbK3PO#;IG1UCkwZJqX{kbH80G{i&7}35E zi0XJ&l;EILWyAit{E>L=IyhazLTCmvjJsvZ4Ln#?U;8b*{iMB0vmY-Tx%UIYum0@w zIEBA^Onm&sHe8UwADP&JkscYrOW&2GuBs~>xlj%;)-ktPoMM~a&{J}Uk4iPQ5D=mM z#0O*(L&u2WD8gz&qqx6DATCbgWnc6zq`~_oSrK7xv{)s26AN2JcAg~|qi~{4;{88V z^Dy{yN!{^U#ABe52(GAVvT3G?GkL%E!-rgV&lKf*eipCE?mv2ebaCVJ{yhGEmsy(p zQHw#9i!Y8d{*D-E-}sZ7PXTaj_03NC?}?_otLS@W1bDql;~vdh9u(;N8wFBwIbswJ zz&zHj5nxm1;HGxl79a_Dw;u|h_*-y7(1t{GJRX7FF6(f(q$KGkC!s5IW$_n zG6MBO#6O~mf`7nnWE=XIy6ZdN4O0}%v_AYuyIna}izAaEoy=^0W>5?q7(~^4m-5YK zC3#3y-V`d5ou-nd(zpe_t1NSkfv>g1>i!zq%g$(p&zLqSl5bg5#5kYC zYbhVOGg=K2CETbc+K0hj9MC&3T`jaSjP(QYB_`?nhJc&qn1!3rKG8`6y+_Qg4*|IH z;V;3Q>#~+!#jJDfpq*;pFoo+U{dN<19{~{iU9e`|1HoFf^f&Hbs z_cMGw;X9J~s;e2qHmrjlbnM?|yS_>!OfGIzTA@YNtr310T{PR?t3Cz`LF`F2^cg&H@yBRj%vn^xZ@NKozDK}MU}z*+)=yt=b8Twq-gX` zUy^}=7B9zN-X1_)35v=fOku^}DZEZv=KZj0M3GcS^lp2L>qj(#iK0)@PV!!>bQ>Hm<7o}!0;5&IIjY=iheHiEyG5!? zAD3HX{N@XKRR2f+C~jjK3|B$K;=6lW_uQ$h&45h*D_0eL*)29`1z^ zQV5&~e{D&X5|6lko?<)vgQ)ATuNMeaYJ|WTpifoiBV-At7F$m`^=q>za{-rNV%n@E zT}d_+*q9^Tuu?e1;pB=6M?42`O1unN1&#M%j=8Texw6i*pn_4IH7M88;pDf|#JZ1$ zmk)nvK)8S>Zh@>m1_Tc6+aWpC!p>-aZ8#Z0k1wxA)La4-+$nB64J2t9@;>0?W?T4S zB6HSd!2=4%A^cwe0}OL>DqC$@Gm++b2cZ_4wF+zeW zkeHb*Ya4I)eRiZ>lpj+;VzR6+zPyMT6&-O(C0J=i{Xr;+NH`1NGD$-47VW>LzQO@t z*Wm%n6}c%l4vf*`xxIzZQ?L%r_3nf2k;xpQ!?^Krmw@{t<2kFg`$wH0leJoN$B1)P zR=s>%!yQ+Lbsd}>%eog+VA8FR zt0&?by<~Y9D-4A!8YmFPdn1~S$b=<^rOmcJ#1@zWuo}@KqAG!|f|Paxbe29dEg=s# zA`L|fF?M{xGB*M)j3~pFm>4k9E(ytI;CA}I4k!d9s*#1uL`Qm^Wo z@A$sT=_ffHvh9XKstS9rT?3eS00TUT@FM7B$+-=p%%fSL%k>#YS<4AXvY9i+l7r1) z2rJbiplyj1s4x2PB+91hhoAscIYXd|qXAvZxlFFZ7zH{eimL8BBZ>`Kn8yO$e4IHB z0@0F&uFPOwqKeKrw3lmpNgvIEClT8;VdumNrVElyW;V)}!ASnLofMl>79iS&x=e%2 zMr{W2vwsEAc!@mUT{7sg6=lM;blWvz2`5juDTrYlMG$##S-?$>;+^Jcc4At2GMzMK zBt5R+OUPqMLjSJgaP-ewG9uOl1rW_SQ({&-M;t!>Fds$M7)A?2R$x zBy31j;s@aiDT#qXZ8#K7M8Z%OP*F7jT$6n$wKpTx$p;*%J%&ks!1M?umNZB#{WBZ} z!yRs9Kk$zMIFfN7N=f#nG?m_YQGxOgqMgdT04&RE_Xm-XO5#Q78AKDQ_vD}Y2%Jw( zf%J~li~+MOXJf;)CZ4U7wtcp{Pet;doLA+jW4)X>IIOItp040f!9_He=!t1ypwDGZ^ZBK#q@^iw7G^U*d$-{#QE-)LNtkc(9U|6@2=rL_?P2GW4}HQnPLuNY__L5r70GUydJ3qxoe`|{#<>CUDp87f4|El-!3 z15;~>@Kq$3r6m0sDXhwHDka4WgxMjd!Hlsf$L~EHRe~)uNe0ooQJ=A+gFdn7_&nW7d4-K76 zg)I`h;0Q8F9WtcR>x2Lg0Sd}!hVX)7tHZFYSX59yIZSqg%3aTw9SM}n zY+_=WETK~ri16QsII<@s(Kyzlu$5n1G}LzfQNT)DXI|DN`eI$`OY_}T&GWAJ z1E8OOC@Is@mVx6Q5ooCxi8NsVk1L~4KDNJ+tK%Pap2f!Py0sy6)_mY#0636>T~C%p zYcCW7=c616wVZYo=ye_pvPrf={fj4xw}aW%ChKdkC^)s=G_AKW(a%jA0$tKLLC5Jv zhohAZDYM1+O^R1j=i^<)eL^d?=utCX_{Vt-{dzNE@qr%`}R53*TA4P+?k<&j8^ zlrzC4N*uku4LotfaByMNQbN&5;KoMlCBmF&d9P(V{Ck4q}1|C@ZpGCeR$rAO?9ad~c01OeYoJmQnp8;_C&=dt`04Z3YD- zmb8dks=H+Pswc5fz{gJy^L0Am=2mY7_ zGdXfDKy{Q#1Qwg~&ZnQ)I~ZwJQAuM3u(<=`f8Stk2CzVF%XA^#`2_rK}8e z9)_fgsgoU|l=R45-^&A?RGk7GU1NI&P|AftJmJ_)!7aG7K?C8?4pb zWmhpo@L{1LhGPkclQ!ViLtW>>vUCO=?PZ$kPV8u8v4c2|B93feOVf^>Ff4XPbcw_d zEV`RVBV~HBhu;YSw$Dj4%NyF6i(L!Tlvo@;=I&HTB!oV1q)|F?iDZHYqD{MFc5?|O zT8PMXb)mQ{P^HoqF}=($nQ~l*eRlQraI5)ICld z&y|3IRx2if#s-r{eGwGL7(N8F2)&g`3@m!VIk4Nnq$2wC2&z7 z0P`f#ZjjlmTU4BEYS@jVjg`v!EOtzmrzhkqOIs_3;8J%v@zik$jW#$Ng2u%QXNY!{ z+Tc=rW05l{8w7vyre2u@4TYAq<5UD&WJzJ%3{P{-soB_ID=2ZSm~T=_TJ6OH7`BYg zO2h>M69LkW!h&M?=e^&WD5J3p+CxCsR^4Dg6dUsv8|1 zPku0Q$^EwpJ1cr$mPF*c2k!`wseR4nk6E0I$`vcH+zTU-W@dCqYlC*G8Ve6X#e5&o zS|E}^nl+-*812`^;S~?u;Fsn@r0;ZX`J-?$rrL0hd7LCRciw`gJ%+;P+^TJS^?SWp zG^e-oFvKnSXH6bMosN zy;!oCF@)cUBkv23DSS3yW~Q;skS##(WRjhgxC&4l6wPA*JzSg1!-F44@zjMwI@Bi6 z4=@BEEFzgTVt_EKJ|Z);p$z$qn<*a?i$qHp-Ni9mso{}G#+L_gmR6h^<=MMYAU%CC zz)b)A@Vx;=YP9sjxQRc66u2B$Re8OOBkEuryXVC$o^ZXgKogz(WPvEURmj=GP_h6+ z!H!!X*?5HVQJ;nK5S{|qrTIcFumEVQE zM-!NYQmI<55jW&{Kn?6bJ)nbqYkBmf{BI8}g1lJFVW zCOBF8eMA|SAgr)F= z4FJ@7^hb4B{9&VGArm6@NGyP9^n{R6{*?r?)IN#;@1hmL00k#Yh}7_}l`26ohjSW< z!S$`!9x3_+97Gry65|-O53PH-=fg!d6 z7iT=WMEK!RneBLwW0E0!A++nkitI?mi0WP$#14`|J6og*X7-7X1w~LOd`J-@)`HS| zym!|L50Rip6ym_u2DzqWRQ9dq0q5~Xze^+vu(Rk1vT5C?TLhdl9#{;Z5TJO_%%p4< zE22E*EkoURIvqYWm+eY8ICETu@ng7Xlna8a0k;viGAOCI5D0CUP)tYspYfQlECew@ z013c5v|-Ots}!5?y{vU6BJ+%|msnf;t8K+ec(6PlgQe<3P-VqhOElm?`0lkV0S`?$ zniyKB4FXFH9AN-MU0tzlFxzlbz+2I%6T~%C6%ccDeaIWY_0LcaOOPulDQTis)7HW?Xqt;PKQr&M<=qId|cY(ujx5`wmQ;gtMs}Qx> zxTH+`m~MV(NzE>3Id0Z6A;ark zPY$}L;|y^AsB2%9eKqfc#%fN+4QvtUP)*W{kfOq7zgf(_|1Jr!jTP`rg0d~JK&gwb z2_m$biqkfV+y(pvEyC+Jg0MUFb1#M)bNB#njYil$0C*A{tkgkQ4UibZ>U|X-)6Ak0QFnpv|g;P>f)x=kjT5~e?vdO(zW)UZ7;XsW<@$~a)yg&dk zZ3?xA2#J&iwFlyso?wfC;hF4+>`!_O2}5;Uq~zAdj)yX- zn%gnyYIreg9u&@CB(TN$K%i(RDS zTE!%2NS+&_Audp#wZeH{9;{vrF*9cY>E6M32P_=vR18lz8|pW#U}TO`%?uWLw@Hs3 zl#2e;#@q1gKn4S=COP322WrFMNvtcxb3Z(=IwPT5fTL(GnT6iC&DV zE1wHsd{Gpwu22aO+Y(TaA^hZTX-m>3S5!64(|!^VR2>%97cM)0t_`CSg8W*tyf~oF zq_^V58z({a7~}SFWDuV20Z5xIkg4i4{pH^sCUcmPF6pa>$RT3V`GyRN$}tCr)~txC zC4B=%5H=JYrj+d=IQK;8lvol8wRFd3Cq=X+xSR`$h7MAq2NcWZzp+A`i5X&Gkb6bU z>y&OOEb4BFOIo9Im9}XELM3=O4O?~(o>`fJCBb;Q;;(c9Osg|X^@7vq#8TG zOIx&)sn}BTT+2Hac#n;u#KYtM@MnT5GuXwn}A$YHDcHB3c1c zl8QuZGY~agb7%P3qwq9bk)aYGImwiLK&}$7S*kzyL*D)jlYvu1p<4yk6pOy(WL*s} z(8XF4ZMq#P@H!v4jN`?dK(bIZI`0P<6gH~m$VPePTw5`Di6n^dm(CDJDIOy>5 zqnnXE8)oTGe-Tme?At*gfy~`4P#6;%QHr{?EXK?U-^E!0YO7EY7<>-{au(Qalmv?R zWq~j54+jHOKe<7j>?K;%j2;00bllXockjdL9an|4e?1!G(@e+!4J7~i!=5IV)A?0l zK-d#d5ZVJzEXZpkOcontEtpG9fdygSkZIRmvlU1T(nbxza4Cx!zz<2&RgngxEMs(V z2)>C;i5jvpE5hG>8p_*&@Z60=j};o1sMNfZQ{2Z9`dpjY2JavM1=|k|R7%AN3X3%% zyGil8}alcUKI)s#H@^=sg*pau4*g^g7nIZw-{P%VZ-3; zn~u;&FCtMWRDTkV7$8F$0wIGdhi*7X3d-im15n9h(O=Pw-9?D4i8R%uO^JELZ+Gs4 zAbRNw@<)g`T2iIVA`^shL*aGmK!(a@H&TFVN51k?($Es6#yLC3E9$RUE7v1v1z){5 zi=Q??#;%uv<>ALD03{V1(PYWS^QAmHByLed5E|+Y>P#)S5n;OPZ@CM@Jd{zGEiDKw z$Av91)W8O)&9W8_i@a5rvq3`&Xe5w{@*N0<7#NR0J^Gu}{&Mr5v3-fx)V?9j7e@y; zF~80HYcp9MQH={G)YbiF8FBtZcJZ&ED7 z!b`3qMrBxnlnOME3RYm?j8}M?T5RZ)4=pZX&G)P3oO3vz1I!%LBbruXA$pbG>*LqC zF`)@qGS0pRIVl}ts-UzqPD)I8EPF_&l7hv5Q5e*q_v+ItCWv*~(tPTL*|()#%DSe) z4h=Jo(<`pW){n5K?93mQiUwT1-6BR$AQNB&$+Q3yDr1e3`(W`Wk>P}#g}-J`zR^+b zM0L4rJ_HQatk#lUBdpoZN!ch#7it46YedGcf%fuZW7;f)n+RInX*Lq*Ud-k)SQ@n6 z)F@Ec9QbE|srdPPSS1b4~>zG0%giz)hMB8#pV5 z0I5N_b-Gi#M$3jpct*ZGJf4JzK0adrD7{5N^aEgedya#*$uL?J7#1u9v_P^OKv#&u z@kf*beo%hNETBER5<}K9?oM*U3+0+ZAJ;5gFCmJ5qX2Q*6C&W#i0K_X*l}q*rV)(9 zG>#BJA;44t5$BUg&#ku;Gyeu_qSRFIbxWekcgT~}V$k$dLnqED(^M!wPx)H3aB$}f z6r_%2M5Y+akOl@L$%U&BO0_gks)Zl2Nk!n>-r@?D29bFRK%gu}6f6bIJ1l|)0VI+1 z@M8_}?SzY*J>AtBa>|VGXInp-Qq^X6wdtQNY-gKKni8|6d#w>{s}NF%Exa@^LT5BR zOWTX5&u94r2L~($(+nq5-ce=15cxXmqgG$StY_MXMzn;2N(N$b#B)9DyX6oFbdM@l zWI%J!u`(!F1R-$(WHcb+odWVRwhn~yDpD}{uNwx#-NS>;e2qib6y#p=Dd7)ecq4}E ze|wbZv~}uvox(g3=x2==ovPr-Z+NBu3#azO&%#R#J+an@b!dJZcGud8}PNo zg9$gBbVlUhvmm7zGyJD?S!g6YyCIFNNKyA*L}0Vu8l^$t8QzFcW_cV3<^5No$ZmVRf@*s&1%j->>}wq)E%_D|Uhs z*&n&tn!qj|*`WX)tFACHuSlZdiBq2-{)Ea!7kTzi?!u(Dg|RRs={BRUod?YkVWHY& zF8k3fs*LPMAF=mz-;O&NtNJ=w{q@rXpb~5tGvSD`_ZwcVlQQlRDO}sHs \ No newline at end of file diff --git a/fonts/Work_Sans_300.ttf b/fonts/Work_Sans_300.ttf new file mode 100644 index 0000000000000000000000000000000000000000..35387c235791512188f3e9c2a51d5465e41d942b GIT binary patch literal 50784 zcmb@v34Ehfxj%l+`(|sKE=iiCZMtMn+bnI9w&_0UzArOvXWHp3U1x(~It#r>iz^@(g+B_S_j<2-fgcK!{=Uz7lQy#;+~4QlnKya!=DhED z&U2pqdCm#rj4=aVR4lKztGh>fNcsz7H(rmcwY_7bN&7XQtbE_W3)0Fi`aEo$m+-^$pz z)UJLPE@+u*J^FhDpWVCm9y${KN!o(oy}( z_}qf__H*X;F6H-!ssPWE=)<|Z@8F@2-SMqYF?RH?xc{Te2bPwPl^X%?H4|w62$NVC z?Y=MF%w(ozo|uzK5}U?X!-Fa=%Y2$~KEj7oDwS5HH5&5NnO48aVQ_d1E<>3ATVk2V z{wm#k;_Na0MnaFLnE=%`JWb28nLk#Z$yE{`P;(VJQL%YEe0Wgi;*mO?E?bvvFc|VQ znFW52L+j!Z?()e#msaM_CLY^R$92tISGRPqfEOHm<{9ec1h@BeC4L83ML+U|ILl%N z7LC>BaE*!&FwXb^43r(vat)JYjWo|xs^LL3#xf!g>GgVp9$iwey38U!cSR$nlY1Vl zXm4&fwRh={H=md|BLtT)4a;HqtToo8LEi?hRZ9vK5@%|5K*zOAR%zvVrdAIRYPd=@ zq8iH0&CSov2M|WUk&$Whn*fK^+5R0E~mz9N+Tz>Qeuw=gHd}) zqAu|>S4pwkU0mY&X^Olq%B*r!*40%ysxnVpA$`l`DlT?9ixa*i$*p2|>net|tWCi% zS1>H04U?Ba{kfQpu2?$=K$D@?%w_Qm%t!{G(_#MQX(r3VgPB~bWz!%MHo}JTARzKg zc_yO)x8@4^G#KE_T13nkwA6CX_+2Ow-0c(F-9V_{`Pp<1p6H)?ni!GMF!2v*kuE zD=0IY@+=06->%EF_)SUlnk|H7m&+8ct97{yCI!&J_eb&0B*x>ogfBN%hKJ(D` zCN^%I_?~q0=Eh%2*X?zvAST=zms89(rrWCZ(j05d`4*b-s8!l{-Q4DD1_rK~e!Qv1 zx->ShzpZuO;MlSyJic}Oww*g~8~?1er>FPI&6}_69qBU(2&x1GK?ZIJ21-j*pgbaUzsJOkV_Gdh1;Mbwz@a=A)M{6(6LAD=&M7~prB>B}(F zI>^F6tU{nr1?UyQCtwAYWn?gxVaUkK%|=75TLTtm%4`}UM!_*ILxey3r7s=(+0U-I z;f5>jx=XtGo?~}?1(Nr+k6(Y)M^8M#K;a-&=?3(r0jc72^|PK8vX)q*noAnawGt<` zm1lGiyu*VTMC?RrfFe7avFyU^0xP;U8JM1B84T`BsFf5fuDVDXJZ6IF_h01iG7`XQ zwNP&W1mI**=lIiR780uwi_t%W)SL+NA0+ni*2E7&A!4km#9K)`Hw&$k%bH^i=#R9G z%nlHzYr*L>W`(~Y__YeTNTfY;Rf4UdK}p^Vy_41--&EPrbkka&&^Pbie_Fq!YmBTj z79&lQ)O8RbPA#5!q8pjEgGJe`IjqKY*XL2Cm^ zIobN8o&j2ALuN|Nq(REtp=5rZ1}CYP-c>La8mI&fWUz{u7qbj`$LC;!q^5>=Sfc6A z06XB1><^QecNZw&Hk$M>|Gu;Xll}zeUdV~Jq;nyuTr3uAH5w!hEF%>ZJ*gl1$gqu^x^XdAzQ^Nr8HCAUaQQT8Qp}Pj#vsM&>*`!}(z)f5?cn6* ztNRD9*}QbAJ!IWGKCs;O;X{3k)i3kT#J3N&v?~H_Y(qhJFC^NvcQ$UV^T6y=M!zUH zz!!6aI6xqLPNSBH50mN!Fr`yIhb`y85y7jp7*6a8hxsST+~N&{fW$9(P&^x&7aZ6(S-2-tsr!3B5RaiTx(@gb1Mu_qbQy;t%4~$ncB|C^w;Ift{oxgN8MgJ7oxA50pEB8jV7)k{t!<``|f? zGmEM!`6Cm<;TO(2f9qJ0Ijg{O-TZd`HH9vuVLUraJX-_16Z0Sm%iHQ-+HOBBJaW@>{$ zg_$I&9WhAWL`Rqe^@-b(cR!80P0SH1&DFxnk@*05GsFNOMLfc6$j^r_Q|NcN3{jVi ze^z1ulQj}GMWm;zHT-X(zj00V;Ex>K{-Z(upGQvIAuS$B^4i5sY)Jwj>EGEX`;y$GVZuJ==(n4F}t{N^^uj5<8QkA5c8b9$SV1H+N zT*^vH*#(*GOeeb0!h={=q-@I06qeI5$fI1?be!q6KPsZsjw=`@=6OV zXqW>dh4eiU=9>7)k&@OEseiAF|Mc2{for#J6|cklTU+-J4FLw4HW@y0uBIa>KJs2; z`Q!V|!|$YH(pMp29n8uKZx!HZ~Qr6XXXW#Yb0(XHv1^l0J5c)cGh6Hx;qi}xcT6^&EOHJ zbRlI(>2!jb1Y4ctRf7FT2H|vOq>K=o4O*()=5v(caYbYZ!Wv2WmuYMkwpi;@Hn1k? zLo5E3iY0~}hc`@L+1GdF%=&X3{IiMcxHs{_=MEpmSDa&ZcMcWL6TMPDD z^$yZ}1OCPH&)<1(_}|B7W;T8nPQlL2n|CGt8zTD4L%lu2i5HR z1{OfaYIH2RBsYclVJg|XEmlHWj64U#AWmv3pqq~63m?XmO#mwX3vo*lLeg>Oh*7x5 z5&pF!=N~>64j+5?{=4s%EQ_<-7jKkqzBqBu$8Smen)G|yN-KEa7_)%`_QWzJL}8#c zRT9YG0azVOqe)G&TFqxD3bJvK-1U?LYKxWPBZa)SpQ$Y$nvNM5EBD$<(MOTRYxL-# zidArz#k{Y&sEXLqS|U&p!VV>UK;E^~)NC}Gd%dH(G@CB%R)M0`L_In@S6+gPV_&T==lEFMm>E^{vecN*qFY@8OuC9Jai6C@UJuqIu4joq`O5-oE0_$)Q2EaBlw5X7b$smMc zz*n$xPtZ-F&sdXHUtss?%k5EpgS}VZXWyisvhURIvY)3vV!v8{js27QPuRbpzsLTN z{u}lu^gpscuYb<|y8e&$;>ybEe~x;-GYqE$&tL6PJDU9LJ4#pW=L6dZAw zwGm0XC%n0-Vai}N_69r0H;zv{^Yp;haQ#AzXZ)&)@0i}$Fj?g;@)VSgB6{TKY<4Ko z!yk?<)K?+o#-YcVL>`}(*R|-nI4o}Ht@HDcuD&hOckR2ePB#}tP?j&XT$S;=EfU=1x5j-Ycr3&*MeCk!&m z`m9c);(VnXe0^4iPNNotPCf|{y1d%Oxx&#G-3Z#gDy=KP><7#hfH{MFegu}#5zIei zT)2oNDOszu2p@%bj0Qpth0?hL<_(uB5)!{Zv5~);7!HL3Qd1~!;&D8iqFX=2v#qQ) zR%3y^#Rsg=$NhlxlrSRLCKb+fK)M(ZOHGP8mlCIszzT3E;yfx{)4DX1Sm3WEhTeIH zZyy;7cr83M78@Bua4GR_DDls_mYN2&FR2}WC@^Vbh%^}is5tyAoWU2l9!zUP>}@t`RSl0{pTNwC}mqx z-prjMZ^TR|@jMjkPscM5{hk3!wuWd3Y-DTllz631&~hpz_MXETL)?<*o?$EqU?zG` z9}373y8A8(mMtVfF$=}~Mo>F~43IFr=#xQ|&ZV?S%6NAB90n_eHryh#=tIb9)n2l$ z*-Op6j-sYk+t=?QqiM&cuO<#DMw6~7(^**O<66ab8e7o*la~wA304{+d$La8O$(t@ z%KBqHW@J41K&G4lM&t)5Kt}kZWG4m427xlo3=Gqa8brYvD=jH1$jhM!FXfYyLLdu5 zfZ}{e#73c`Q&K%W21VgNX)9h%JcYnkNm@XPgoF|kO!S-*o03-kzH*a10qi;9Lm?{R zDJ(z~FGDA(nG(BYYDzD{_LCsUWLY%>n1xatQ4b;IQtm1@_}w0t$Q2{gs94O3AyXd} zMohjyGKKaWspPfvRN}FolJTygO_E35*6gYBT7LVDfw8t)OWW9v8J^9xbxQ{dx%J>P zUmNV~?kei6wKmjC<+1iid!{dIs&oC+TB4iD$`}OBy)3{6V|^7R#j;MFt(Oq1NF}^A z>;NMEOw#Hk5Ck&L@^;85fq9Has~yn}`Fy^BFCfN~%mO5{-yd*P9ZF*S1C31N%l{Xn zBdJoss@VG22+5Uzy-d!~O zTyKg^oIKYgn-IO#aA4y7CYv#uZm-AfBo8VRAr&E{h}V*N`wxZ?$pWeMkq?Ruk?DV5 zWUS(X;vWhww7gcqMKZ?8;rTO}tdl}^sp6w#qL_qdK`l!Iwitbol@HTN7Y1~%)~M8T zWWNi2I1EQwqe&S9wwMQejzHDpdj`f@Yt8FMmu95K)s*2`vG#CBlATl8Lop)3$tCQTfWtSYUotb$#?3rw||72F~uTlyV{3m`99qAC&Ngf64R zU@9?r=Fv*EkO9}9X~fBd<$I5sINZ)Yql`L-m>i`tDkBUC8MB$XpiwR)M_(yMq^K0Q zcDf9$ZjRiRq<;!&kdaDp+G5q|ja6!dZ+E5cftXNl5iV`|Ez>b05~FslU5uYHqv`VE zJ!hOhwwfqCed2{Qpp@z9h=5(9%s=rzvV`OZ@ghOk4@STSjBqLO0Da#=0;8R=SENRszNm865{c;!9FMWk#`N0Y+$ zlCZ+hUBv(ck8tR0!6OVjLLZV;QUqTGS)F8#Go`|XH7sJo3M-`Az%o%Oyr3A&hz;X@ zD}(C_P0sCG%0ve z-b}tkdI_OuShVJBS)!PyQY0uV;b2PCCF6f+RcJ7qJd~tIcwVXbLF_0!qeh8Up8{KR zM|y5;^9Jc90n1R=i5JuJZ2a!AS;bS3FA)FH2a7(eE%Tl1B*)5o4Ytdz7$|YWb;k6ehZ| z?R!nD7RSDa5I}lJupc5uiJFrXPb!>5eq=2ooJO924u%gQ;@(k@)shFphYEBFI6}bG zAc~k|N-hwDNFh5Mj5z`hKkh4Ym%Ck*J9zL}?`vKu8P0Y`wSxGBF-c_u6peRkeN^>k zL6$w@rIHpH-#}tSQsv0TGFL#h?r0d8{?4tv?dMf^EjtD_ErebjtGjmnKpT9(@=R}4 zd9b7Pkkb}u>Dp7=yl!%RB2mXn8q2p9=GIr1`ze1W#v{E7T}s8uuqXa&?dnUbSEa<- z)laQnmET>vy7mNB_Uctxx7t>tUA-!Od-bXom2@(}AlCz@0n|{pv5DAvFZ>p*D$1EQ zH$z8(sewWf8$r$(N&LA?okX&kYS5+zvoav!BqVf1Harpu1|w~e)?heTV|KeM+#Vg_w;nO zG!JJPqpg^ZmbT``XzQiRkIij*C^6>js|%Yl>H`&(ps{JtSh@59YQsv%+s=lcP01Z7 zC91_qPqM)3?+tQs~LCZ8cZmlNhwB1H7x=H28_>`Oh;-_fg0gox$we0 zo%3cn7`D#E*3Zvx8ktq8W=DA9=mi%XZEswbUP#32+Y;`BOG^j$Y;kYdgBf6rsDgO| z^HoTCCoh-uPI}fyD*vL`bWMVa%pEZtRmJjGws)nKn!2mE?f%fd!IQxr9M)E@)tLqhv#!~9!O`>~ zV0M8$Nw+q;Kp)L6GNqJ!Pi8UzHw+FjyQ$Q3YIaeClE?DgR0Jm?%DxmSLrz!?Qhl^; z6>3Qrl+E*=P_iwpgL^Ef^QtYcc)1=~#Ag zaj~!1TT$piuotyVYXx2;>8v1BU)1Z1Sgfc+u8%6!=a>Qhz_tqx?!BaWcW3upk*WIu z?dKb|_77AY$hdPsTAbRrxVTALxah|>+thkbumtTU6Q?9nk^&sVO3|>zVkx%R%p^<5usubVBumqT&_LzS zKcvJ#^}=}bq^YuaSO2~boxgX-p~SDZY51&qdic$}Ejz0NmS{8K{+i_{mu5EaAh}2! z^$#J1cPLU=vv!rFuyR$htX(B3tX!4z*RGNjR<5c%#3#tk@HtqBB5#%puQ-phWaR^F zqy_Tu*)%0s#*$ToNDAXGPfKelDE5wjbrCT_Sd64izY>p!7Z*o*>uouO-kN&;hCdPI zKlV@bthbe08tWm=T`LukRAY!jHM2gp6q`p>m^)zCl^Z3MM$ZvJfhZ&TQ2<+Pu ztI>2t^i}n$#(gtop318F`pf>bp|@wlhMu1Bw|2I-UDnvSxFyn78|?P>xA+?L*`Z>0 zILq7{8kn|LHwG$wp@D(TTD8w+cmK7cqoJX_z2U^$%|UlX&=aboIfCAmB=B243&tw3 zyo#J0#2rzH!&Ru}P^qTU%1!f`$&l|dDMq}={L-w59I%k?{MOy!(a!1(HQ{i<+&Z3^ zolZQ=>qbX|6Ag*iAk4o}*Fap*2P(Tmx)-tMT-Gxf4L`l!@gTRTFj#mIK6)nvj^h&c14a%!@k_!1Y@rmDB1~_99U%V(dV;|16oULHJ7UEv7<5L2Z?Pbb!X$9Q6w2`P*E)>`MRx0>qm7ygX(|CEJj}70H}NnYu3a(pH|6=I-<7EWum1A zh&Vtx3jL&%V5~8sVn))dEbk7FbX1R4;Wac?6AsD+^DVJiQ~p`&_{!|OuN-(YA% zB=Itx1SX=1SNR)@wM{LJ(RE1}Vbvr~mJP&&|6AEWz>sVh=_1(>lnNGN5Do-D?bt|w zgadzLslJiuRFOwyqhqxsJOXVrsW&AvAR)dwsZtiEN-`P))lXI2X%*aSD`OPeQlzg4 z(75<5mt3-MAC9TT#VI;?;=1$Czm5+7p{1ombO0K%M$Ce1E)vin7_@qoxL>&{Io7U{ zW>l`qWouVSGb&eAh~CL~?(d`mDF^w$64*JYUG+FEIVxyK71k`#(nGWX$#Ur+7${|O zleL|qw^GzBl=@1&g;qSnX!IC`wQWW5qhisBl1S2=auh{^n_SK?XM+Sq8Wl(A_8%GlnLKaaU`AeKIO+K_bT4z~9GHqBJk@%jup{Y|aW6HqUjP>M6C= zCmxd?-`~`JlBbk}4|3~N_)hlZ)||Kx3}3n@XC`C|PcAlF0KGpe9J%##bL$m1t|^lE zsr=={HzG|6bO+`#=l2s&HvxMYYuH=!L`cG{dLnB?Pf8j~_1?=9F{FDU(UU!qjIedK zog5KzHg|7V!^b2~guij3iMQ0Z(Hz6uOoY-r5k;5m5%8hP75YrdhA>3HT4)l$q7)fI z0Hs2lR#7#|N=o6CDV>TsFEsVI{lc@2HDTq7vs~|UHt3_yK7FrqO25guOTW{3 zM1P+18vWJIPv}4Cyhr~9=Qs2ZIe(;o!ug#3dFLPXuRBxqjFz;@J|&1J{2^g=lhLY_ zIJ)A?=8D`con6Bn>A4cagYFNhLcuBh-qb=q}_!Cmn7?UkbRD|#IXE; z2U(&8J8OlC!quyy8)U6+`2*e|s%X)--{Lg69gr-PEfdju&06f03Q_BnKt4%M(z6gQ z!p7H{`8T)KY>C;Mat-#T-tqZO6&1Y`BYm63!oO>u@_Tw~_$B)`G|beQ4Li3|MS(F4K;z`DoS!N3ub$-bO|aR5yL=@5|qCl5rjUnf~9GSCV>akN_7$j ziWRyBlas2GJPMTyzbI-ZABilEDBqjk#{>i`xwR?Vwb+ z*tKCkd^9>9;BO@K3v~@M(|jQD{hOiUc^R~%=uha*>(X?ma+P$aa#hit%2m>x%2h>o zp85pRog6Bdao8y!4pi$YHGiU3PZ@_ulW4F)Osp&7h{7W7%3u9?_~#AxKR|%uSjWGI z=QzN^COk*ad@*+xY7~gsD6&f^0lz2hEo4sBIIL<3o*`_-F6EyXEmmVt0PB<)I(_ z`@eJc#*UBr(huI%jNhe^|m9>rXK zOqt8StX-v9Q?4Q+3+Sj6_ZdK!P3tz{GT|Rk3X_J3)w_U?V(1_@)RBR=1bk5*)rz7% zZ4~+V8t$zfP5hmIJn{RM%{(hH@8i3hxZjufbSL)%np7pU274pG&47Jg!G8$oXzz&I1vuNIu0KtCo4zs zQC>ZUzY{j-m|rG+l;)`7qpaL5?S`Z;rOY4781WBF9T9?4BgusFf8pkmg$*c$d8@2) zEoCKOb`Mrj6jI%P(#2Tw0EE$?1nZ?< zPNxYf5gWf%%rM#AiVpk@V6~FW$k(XhKv5`Ikr}5cKr6EtO#Wo36^S2Y`JhW6L$xWR zhPPA|n>__K3*zBkTkCobeQ4^BKpz^j4YEg-lbw?@Ihyzte`Bhe@;oFb--4VhW=*ju zd0yDy0xGz$z+_a(eOL}l84pDH$YcP#NoNeF#mokw>2?ve5VIf|DR{tJmlB;6R0UUj znZ%_rB|UF%=`&jj#(MaVh19HA6QkB*JJwzZ-jnu8UChp~6N4F)Z9#MbF>ppifpKffa&B}IV>UREaDkwp{-^|5)EtZPmasuS@)t?^Ks+qeUftUwMt*Xz^B-xeVoj zrsy3W+3#sEWZG@vLoOOoDMr+b5ow_xt*kB!?b5N7kDKalQtW!8tP6#1K7)@-Sy-~xD1n^b^}`okbnc;xE;_VjZf?t# z`S~rGU;F&$zeY#!lQ-V@NjgB!(1Khq(aI`l(+nN*zOY3oZI3K!nhHb(IV#S`6pEr+ z4|%~T*M}v?mYVG9a|=b{@{N)`=#6*t;_w_2X4zgN0X(#A02czP4CTYrQo_f$0j6f)n$R2|LFhE6)K1 zf^|_W2Ui*H2Sm&qG(;-Jt?WG{3`3V0Yhvm+N>CgQEQW^ab6yfoJj9z~mn2%bQIbsV zM;>{^%kN8!^U$QD9(ba-|J&%Rgz!{^38H)ip$WDjD)N_s8i)m2O|-fpMas5-Q3~=X zVa15oyIn~<2?|V_86pn^YX-9?YaXMHSZRJw~=hg+>d~f30MG|jX z=6BR?Z<{-Gd%=}614GjTd>LEdWOo7^G4O;QGg%5b(;jOhJCEtbo()vzfy|Y9f#lKY z3t`L37%TIaReIgHx5Qlm2-6aP6b^~BNlBg&(V_YX0utoPCgVd_Z!HYv4zzS^31I}}*wWMVKkGGX=G;e zNX@W+>wt9Z>&Nc?>QHx4bH^92FAUW6yJ@nkXokg9V~SVK#>-*MvyxMwjn@DlmOd&u z1=SS<7E$kf_?0(>_xn5*?s&wLi5u1-#o+j_wz&Id(+Ch zauB%kvImv>`Ixx>e*QY%IV)Ltm$&hcV2ZIT6Zw|7D9msU0YicLH2K@@@d^1`A5E!` zl-kYLYR&bLh}q$dMAkLdR0iv$a@Am4tnaG9{GzWVUN7-gh6lan)zPZ#rmpV#@ug-i zc`%cD^xn;{g%r!DHFIlHOyrhew{xtgQU3e6f!j8EhVsWmsN_1-LF0qqwwC zIa=O5fC^R9m z;LZtMW=iR@I_R>`1tm*!X=zWcbZg=ux8_${T{^EWScqquP^aw&p3B*eSf0l%q23a* z5k>8IMbx4UxsVbx!+)h@k8-$*b|ZsljItp%5QP%IIJKP$Yb|pCAd10A-}q_pA{&zA z#rKLyi0OH$Ghlaxhg%!^aw_vCE5gA*q19LE_qjvb3VlylI@Vn6jbN8BFnn8e$TZ~l zI6ck^2bM#WHdy2d}Ux|$I1ATEzM;0!*H>=D z{Mc8%h1k~%mt+wz+b_>4=)-iH$ zbQj~Bh*U|taW;y(DHTjss$ig`oc~Z^VSYXieiPmc3UE%XkFd9RJ^$(lc$QMwtLO}l zlB|jf9Q>=b<>j?>K#q^Dyv^?A|9}L4jOFlqU@<)gj?OsF_(S|2+OQG*)vjF1?ndm| zNH#zQ28@CmwZwW;@KcE%24G|cKMkOs>?mS!pAS(Rp|7qj2~-xlf|9Jw%Pp{(Hk3Om z2h4@pZ6!RjAm3yI9DOTqOBbRKz`jq=sDyjR3IV%gf7v zMOkbqB{y`@Xfy^*o<~`1iRE0h(T!r)2|#Yplxu1=DXdQ1atn{0_>O{O!mY$QR%Y29 z{9WMIK=B_Ee2|pOkcInKQ~Xo3BY+_J?92$P$IQPl=ylTrmwJJ+rL z(JCV?0;*WOCXTvD6!twLapEw$T-pf#Md=mSl?Ch%;`s2jrI%k@8Yp`Z$CY1yu=D}` zmGAm~gg@VReUIYL_g$L#c3}N>%t{t3j9E^Z?i9U>=}yk`<;hWRNR1aGb*;S3e+CVd z&+JrhMup;H{V<-747-Y^P}z5bwo9RGA#jZZf!U13jdpXHtq^ybyyn#I8`!-GDlg5^ zO6M28?ZEdUyEje1z|9Ec?%%EzJX4r29osVUnexLQEg0@<=^pMa7~6c}fmILzqkm;DUb^%2=b#3|qnylJR1p~q!1qldG)~+urLNZ?v0xg$Muj7zFaZ!kx zlm#l{HGfY+wCmvaYWJ)G%0Ha~=fnduBX2{zRK)a92#@{cq~2AMry8|ng#^kH#n4OjCCJ_q6^J4T!Cs0Jub2QQ34pVc zgkgmsusK%+0sl0~Gz`5Uao;I20ic&b(w;3OtpR36O3*4JuwqU8Xf=dvk0M{$%6>_= z@+n}VAZ9*w*vc(xL}(@5iMJ))jUm*)+|0cz|HUumTK3oqT*{=(3n?;h5mjAW9 zb|r_Y$m>FrBCky=L)gOS1br~yUG$_4|L zh}Kz0XYrHEPd z>+&HEq?CyfP*KddIZhxP)y`w@vv5s~wx^5F*958~FCVTL5CF6W|LFEsv^Kp2C^oE2 zaXaQzE2KEBxj;{IV)#_7M6}Cb){!frg>0i>tO+~WAgOG=>{CxaEq(RfX9M!(0kpEN zOtDwRlbo?K%sZK=bGUvI!Q&BP?=ve1o+78OKK-drJ^h7%TuD!81V&1L5p17zf3}ua z`w>c^Tp^;EG(=vqZG3!N@zTP=lJwO0GynE)&y1IBeD&s!y|xke=C2H~|C72`jeA## z9%%7JZ(dkfEEcy*H^25V+)|Q!0Kmh#tG~-vbH~4;RS#%YzWUwA*9_v_E-L4?s~sI_=giu@yK5zkTIz{H0)X7q1CW%eg%JudD#nMI$mHO$Ge1_ zg>qdD-bb8qbw3EuGgLCLFHRtF;HGgljHQoQqN2fO3!pYN_C16xZiSLUnuuO^Uv*W( zHP<{PUinjxCI1LZ=!g9``d5>6M}d3L>nXDf8HJdG35)lmk)78x;2}H%PoTRaxcl$o zZg0#5^+~rYX4j<9W2n;sa2OB)MOKRf)LB4Q8 z9e<5CO5ecsmjrHJVmFEF^~mfsNngkHm&Ns$={h<>dv*`n8_A}?+F9@(Sx|lWF2(i) z9HjP|86{K+=?tqi6&)Qf_4|bxr7`3d6q)#I<#vC+xlj)~Dx)CZXhTncfPDcF&4xZZEHfR3(@nXfC&M6pJq-q{V#@(*?DN2yMqmvyi741% zSO7s=~EOMitAONb3d zln}$qcIsj4D2ZerSempf-cCwDIJ6ECBh$K+bqmtrf=kABUu~YAkfrgd{Hu3wI8+!g zZHbL9W2tBE3Pkd&xj)O_yCJs2bnoQ0iw{)V%8d5P!cE|Y%QDx316Vd zR@6Sjrcq=L%!Op)2{kHFD>hF+U5J_gac5uU{5j{$SN6diA5*Bsb?ZN|)IRZpv>u31hDsbY1x1}xIPKV$!P;@J*1A~j0gupE7CPt0LKIF%RX zW&vzThfSxjzMb~lR`I^f4654bRd&5Ik#vRxSzSLhMd5%Vj0pyUw4i*u32$NpZ<&ow z$Mi~lx<8<-SkS`pf)607(lJeNzCg;TO-GeiYGXHw#YxOJYoCqu_1A85Z1;M%JGRyK z4@S1yw|Oob9c`!h8W?)JeOr0OcKd8?e_v#qV_QY#cE|Qe?`@OaT@w>s-IIW`cI6JK zSb7^Zi2+n@VUGd?Sa>90vs!d28Jorv#nC1qu&ikxVD&)|o3feNFd~h#H#7`VN}C6R z!P;Q00n0%QrDCUK4>EyKOpHO<6^pF8)HI3JVYH>F&>a@5h%tJ723|6KfhCl^qpxdI zQ)I5)KeAL@Zdo7e+Sqh(&ObaA=&Cz+1}|JaHCzxI)A7t4dq+d{hOo4>r0VUm$JVJ6 zf5oN7p=~OtA9Ba13h zys!r&**sIqk}|Up3{No|?nL=o7Lr>jR?E>#*p)lA+R7Gd{XloI)q4hWI84IS{aCKs zhAmIp`rG=tIsja2bECoH@fxhyFh7@AS6L`XDgC6;XeE1I@G@N>X_w3-k~X$N`&04) z1`nnGkvkSiMnN}qy>0$jMPZ-6s-Y#~Z7$BX+HN`QERJkx9-7S!WDT_Rju(5?kAKN* zv^XNJnrfc-V$@`-E-rI9i?8nMFD|eAjrkT+z6I3p1M-9LMQuc57LM3A7+xCCWl1QpCRHy22dsF~)BR)eIrYf*m20NW?oxJ^$%3XIcC2gME}bXcj-fwqE``B`^9@x&9s#~*+E z&f=GvzF?Q^Uub%n7kg*i=bh)C@k;!H#IIv9?5=bbX&X3#{8#)+tXqKY0~~O)lr$hy zZ2}~03pBHejTzin{%aR|24N_K~x$I_Txt=~~rRff}soGJuV zU=$8tC|<#Joou~SD3!w+$OT5=Jt1@tsX;MX7-jHd=P1*mQg5Q*H&q3wRik20SX*9^ zC4aRFo)VDh;R+KhAWfR*&O4H}^?xKP`LoX@KS<>%zbSDdbZ^R;0EG{-ha>}!0|YH2 z`%nQ1xhGh-kQK6oJ@jR1IAtG-Et$waFeIAz<8<)LLvM>HV~kZIhZBT0)7-C-$VxP; z>pY%1NuQ|YpG$1v{mp-2Fa+vx z)JcV5^f&(S4U|pn#GYQ%%fIl9X!KGc;gx&Dn3vcA)Geqmr<(hb!N52m$Pqt-0LN0U zvAdmj-{ZXdZs$FBJ9+cnu6yor-7Q`LNBPP-0P@x(HBg4{A0)>zkW<%lZ8it- zXDnjl3={-QSpG`cTH2k7G9xIfvBe^%w?@Q&7^_<77Fwl-JJ6PH6Z^}IXb_9`QjUmd zD?Lk;cQT#joI+=6q&B3q%vm}OraX7@bhv6{q_<~uq?do9CNWx5D6-*o5&q`rXix9x zXfGKc5nPmRogW^an;#mUSD!dr+CSLRGBD86GMM<|!qCt>T`nJJrAw`3&Bj3nnPF2|WeQ zH%JsHG&876ROeB;06BT3Xac_}lGzXuVInCK~M}CBu=ESdcD(x`gM1B9=(R=c9GfzOb*xk2Qa^9^FlW8n1|W z)96ww=!64>@?%s{`>YmJHHZj<62LT~l@C}Gri|3+)O%u~;R~8(B4eAXTw`79*0)Sn z7PWY6HtaR%aQ=6_t!gk*S7n;AN9qQ~IyS9qb$H!1lNJ3{?Q_+w-Ja(4?QM;ls-upf zpntht)qPo5QrB0O)wh-R2P*<6zUp(gbZ!d`)<(NPwQk|X(4LVNs*QtKkg@kOZHK6q z7hozU3;2dP_HWO#HaBehu9Xh=Y=Q*$o@Ea|D`{{QsX}wbHKf4Ginmt3oa(i~9=?L(}Bk+@y4D;RV`^XnykOY1|49j)j9eYUUUHx3+fw^_;1xb50)kiObSQ&ikUeTai{d z&{R7t4Gw|Q%CR$t4f9ZAmE|6nyPQf%=$DL$ zdmt~!_ezQqWnW^2yI`xrPf#XOY}273Hv&9JZiB@t*_uLy)~e~28|%Er(bn!^=UC6k zOnGCdz*@Dr?S_b}{BX~RaxFYGyCJYNI6D-6xdU6HI?FqJTgxhZbpc19Bs0q$tqiVS zE*)LF+Sla|WoH@f-FVA1VXO^&neV|^X`L4|I{5%7ucYlsmD)ROKyroxxb&n!Dz!nh zdBfynSJ&jm&gzzy>gv|kYQ8+#(K#{E*)dtsR$bjj2Q;3YFQ6RZ1qgFw7NIYcI2k_x zOBV@HC`GC!$1h)?I0x0=*!q?K>^tA7{Y}jae1Q)o9^mICuEkUSA@%Z0C8|MwudF7g zeGxB3t+0gBVBGP=l`4J&Su!I-Zpeth0q-O0l?W8eT-+WC&3VKOl6MhJPN0vgnj6=C zaw^bfuy&TGep||3jb&k+T_|<(k0Jy90Y*gY#3EKczhz6+IgR_I&LcyRcj8eVlcp*$!jDSp z_=2nxl!hH%KxQB|guoZ@9g{XC2~J|8XP~$DG;zzDn?oTSB|cwCsn1s`>ly-q#>POP z!Qm~TizQwf!+K!%^Qg5hWY}2>wSDAGZpYlqC>6#}B=8}l+i7$=gl9>J6t1NPz9kqI zj7gLL@A6o6px9;3D>T>&wdLBXkc~cI!vt-)bY;ECl$+~tHzeQDC#|}>9KPHJ=qL&C zofdW;2<@4yr+`U(3!mHv(z}EGfxXFF_{aI(s0?V8E|y-A3uL>zQ@%z1h03DxsdlSw zQoXLuS68U()LYcosh?5*U1Qe_Xm)Gv)cjcUg4U@$U;7*FpLMOehjmY8)Mf0;_-l?H)UU${di7(&hDHGa-PYxNDMIdOp7~|Kj``k<&cS`~~y>SY|9cEc-1NS+2I+WVzGo zv7T%FdO?1{V!-Amk`*L|vc~|+Bf8 zU+2Hkf4l!Xfy{tC&=}|ooD(=6cq3RCYzj^V4+n1yej)h1;E#j94rPSOLxZ7Bp@q=C z(C0$0h5jq_UsaP;U#oUj-&V7+=I)x`hRegl;f3%8;je^$6#hfx!pP?$FV+^HoWMjws-ra{x-YuMIssNs_h&o)9k3aY>s*%v(fh2L+_ZFv)J z4^@`2pTBbM^UC{$uO%K%+^_nyd>1}ziEro+zDyXoKPK&GruRDJ+g4VjBWxF{7~910 zD9(S%^2D)-^HYyLT>B2%KFM|=KD0|NP~JIyKMJ37ahN3wb4&AR*Mjfs#q;QyyQCL! z-+LS??BF5|qRpmcyG!wY77I$Z<2}YK;L+LBjvdS@-^)s+dW_G`vc<8U`K4!Y&#A{} z6P0Ip2cM{r)oYTxUS&&GFiaC;rB zQ5q>adLzlwCqtKxlM}cnHBLR%+q$Zj_+j-shWkQN>(lP zunL@0G(RR8nOzzM4NR~Ydu8Qpxd^y@5_oS%-QN~g!lzIh_af@##;_`Y-su|7={oQq z=GQYj`vvmcUu8$w|3MYfi@^Q&fveY85BnYKkS>Ca{vvC~7_c=9;)=b9t9>8G|3Osg zdR8Xsz%cnMH?uM1%WLu6T2{u9FT-KwHLMXwzWhrzC|!(7gc{^5d)p&#D66+-TQEht$Z*`CY6*asi)N>>uol>_T=a zyB@p2d=z&JSt8%Hk_{vN*~G&uXRAIfqzk@C{c-qDl9vadotShK^vVF4c<0-I=K!@s z{44c`lBTsMOb%`u!Tj0Zk(53lkN(Hb#F{inBgB~*W=X~?Nho^HPwKpU=-z64uEh5$ z)ZT$Z*u`vx*YI)aap?u=MSH%z$X;r9+P(HBdzbx?{mV|H(~P_(J+YcKu}`DzhGbil zy}({9+BTlj78Se5ZX%?gXh{STC<%M{M>uYO`L>ro^YWgTyI+p}?zg{t8RMx$vmW*| zhIW+hz&nMbah&$Y+4tCw*bhKwe*?Ck01f_ijJ?7B$sPe6e4Tw3bR1`2W5?O! zuwk)nKe=_#Fd5*+d`1>C?VC`9Xn8TqVJ=j9dJu!Cgaz|gRE|gCDb;}oT97ZjmTko{ z$Qf8yTi7->i;(&rwv+9GS$~Kvv;Ej(VM$QxhcNG#vrE{Y*=6iT(CrQEBkX2W3VodU z*@xM$*{|4d!Ot(oS->7=lT+Q(c6+>hc8C4w!{x9YowCQr#-<$c*tE?a zZ=kb=>1q3MrP17Cyd0O3pX~8!`o5Z4J~}pK2M|Z+?D5R8saagH(|4J4R!?X3v$omk z>1kV>`=_T}aW*!!G(8=R%K>}0J+AW10U&kf*i>BY>WFJx9RPni&S!&hRlo(f?2E_M z^Bs2jM(LbhVKZ*G0mu}T zaoOXV>r%SNdXL-VZrp{NSBI87{Nf9WLCKI=3m`(=DKV`gR&4=>`0~vzWw_rs_Q= z@Hk^87f{?8XKnW(P9>rl1 zPB6E`t16GHxw(4^f{f;{CLKAae;p3k>jb>9dn8jlc*?UO>0Gs_skM_EH zA#tXl8z5UD7Vs-h=6oQv0iwzRF2jG(B%aafUpg9c+3hVy@vO$Ruk9h_8F3Y!iB|Ub zED4R+`lYTITe0CZF;M9BO01~9Tt7opk=0XoW7#H3|FL>S=IsqUgaaE8aK))I^1^sXeBzWQ+ zZuSTu@CtQBqH?V-5JeN=z>eP4-XsoOEkI4PxE$9(O4#i^u3qYlW~)V@j0TXzD4UoH z*;}As3F72MJZuf+8V^48B*r zu+{_V-ZC9J9^(1n!F8*bF`H|bW2=`%>(s3$wP_E;8~mwnPI_oZAl~Rd3K}9}ISS4^ ztz%3}C>}!podR7%fGO+}ak;=1A@GR;V;AHG6u~N`rpEjJq}Y2V!uWroKEfM`m=;%q z&5<_Wj_D+f-Gq!3QhR9p4#GTvm>kFIkb5y?v%;J(8Ni38P`nnr*!LdS`yqCDzA0XZ zHUoh;;@I&)!df@*YVUz=OyOxLK;#%71X_m!_d(R)WCSOiPDTUwadBk~C*sO_YSWFc zHc%Tn8K*XMGC^(VWRlvn<76YXp_5J2hEAra4V_F=n@*f;rZ#jkLv83}3$>w>t<h_|jbJwP8s z(}UuSnjR8o)b!lI{TV1AN?KqY{Gqclbvjn-wd5`8d;b ze0>V85PXhG`Vi9(>ei{MG%l4@rPd`cO=`OTZ*AuSpH*=s@VR+>$wwdrL-Z%`oN z5eP|mgg}5K(AobvbMN=v?@I!-``ek{+&gz3XJ*bhGjrzLnR`=iNV|&vx@l0>$mJKX zzUs&tB_bK4B+D7O+}skg8kTBC{jsk%?cWh)r`_|%)bXSKc%?io$^1ThjBc4W4tb6w zNbKwc{9pbezCSILCY_bvH~jDjE5L_* ze>UsBr#J&p#H#LFtZwgO)mq3q+1?zkD$rG52^x%id{bG)jwRJ#zEv}nmG2-{yk9~q zb2obzKNW)zJ zmwHbi{@>66+y+Kc1Wn-ZFW{jKgFaud)|Zw3d#ui10qXBrf6GdEJS*WEbfW#J?fYm0 zRzim zX2IzOZbYwe6K_i*?2^m$qFx8~B6s9}SlM1@FNgoZboDOqx_K9R7kL+Z-Mt>(C0h)o( z`R!ol4zx)RLB)qzwLgOP;Wy@ctQqb?n=l3newp?D-G==u=$?MSYW^#__Wv4MkR|5p z-esIB?CV|OUFm(o>*rnN^*1ZfqC98jpiSr&(~R`+^$N?-M>KLy@M`ZGZ-6(@`=mDr zUC$7-D4#~}@)-Ju&SoK+iQm!RyP!w;EuFptT-w!)^se=Ws4V}KQeh}DJsyUJi(r&kI_$j6d5(HxM*xi%I7|xF}1K@@aW;AJB%JU z<=ayx4jeRSaOcru$4xECk3DxAJ+7d5+|&oYIXVBKSYX%D;|ubO^QRO{i3N2YJ)wAP zX*^$tJ7ZBfpHqdM$yftqO)t-`nQQL72MBXU>J}7PU)Z!u^?sW=x$YAzoqKxEA2Nurv z@OP8|41Z9;$@#JzMpF6q%kx}cpl_zoD}IN6FM33BlC}eT816Tzqds%n7}IS+aX#bp zbLTX3r)B1)lcnF7CUcD$AN1H-!u5F!H0R4Ii_25 z%tc-M+qXN6K0@;0;Xu*VNgmYf>Bdo>L?( zhxeXg+c)jzv>&HEk@iB`>uK*}_oSUp@1H&d8oQ4P*3> zkVbYiV_PtyeVy^;UPgBrOPwC`$BZA3tM+xSnP=vk1&lQd&CARSOVH#lLks(^&ID^2 z>o=gsujGWyZnU!}&=1SW#i-q3a(U}B%x>pg*B-vk*=VNQYBR&unwj>fDZ?$aJIN;} zt)uoJDUXw~iInxEXd(8bS!$b2xjkam+g)a(-3w$kPMRTBzAx_C8uI;uQl2yUcAY7* z+suRH=RF}KebhY8S=s62n?dO_?G{RGG4qLEV5`g$?yGD$aGT93%5K7+$}ART-ik7B zbwk^mVo&g&#Sc4~DEG&>PvibS z_O$sK?&r8CaKFI)688-8&*I*+b!G)_C2keK?FM$}^;_P`;5?FCm4%Zh~V|fwPL59j8`D;lv{9m|`mJJhO|luAa6k)x1vo7E`-7 zz(j;PH&SAQUt%M;XaQCOv%E*&$hC{XU?Ui80fSP5J;*INaBzhA{6gmM9PXh zMXkySU(fSKYTQJRNTJLtkZW@3^Gk8%#I1*x8_AbWt{i6a0nFaDaC^`a;ecU=rY3Y zrsl`AzpesKIjPp$&7|BxEf2ya9@kv(J&aVt!CF3aSPDGHjXM-(6FA5u#R>XpBmMs% zDWsn^`S4^6*u|)}0Nz_jie=o_L)VSepcbw^0;M9v)DhD{o}7}J}_^Cg;nrM6MQNvL48lr zx-FDi2v*Ce={)E@pPIf%Nek&cFLQqdOtF&=jx7bd{O6glVZ;r$9|CnhP|Jb31&)YX z89T}e-AQOOq0R8kDJ^e-me&A8p=cp}r4+gR0`k-_J4MNN1gK3wZBeK)f|r8b>9k}9 zHJAykx!lWW|9q&i09-qK*HgpeW&`eGpl$M@Z3UW)U^1Va1mZ?|R2C3#0OAH9ZU*8G zAnpQU4edSvR8DF_nHMSHCHVSf@c#;7YZZD8qf``X^rTPbk~5!@N*J9=k;$i%YX-QT z32hz3S|A<;;sGFT0pd{~Vigb%0I`Ak)+k5bOC7&wKE+oqZp0OWks{oKIGM+aaZ_+5 zIKjp&?(B@QWz0-v%uHp>Ol8bWWz0-v%uL*golWd)VrLUOo7maJ&L(y?Z5U=JQsSeO zIEfM`G2iz*XQ@v@lc#V`@9ai4>G9>-}bS}xR--(3%*Rl{lBLi;AqQ81osdJy^% zp*7%1#u8=-Viv;tDbWM)tm)9J!wRr^BXSx2)c(dEw##sbtgP^Bpxy=cNjt;Nw|j}* zWLMjd?d#ZMb_ajPU1RszgZ5oQcVla8i#=l-u`S3I|Bzv>GjNM8YYAhH#&$iRw zjI=PGAAd72uDN9ZL zwg>l6vIH;GY;*ze%rWr1+pdHsePj27=Z*3}-<0bq`%%1&q~9b|aJ7(d!3$ULcP;~* z7CY7Mu|K24YVvHe&oWLM`-FYU&auoUwhZ2W)qdB$Ny-XRt+#)Hh8u`uf0X?*_&-hh zyP2JQ!@Plk%e59kXzRPyS=$rD(e_4g3I)mEV(XQb_26c^OCfjWbORS@@A0uwA*J~# z^bV)i+oQNMLAZ-`=@i02384&N$7@c=NqV(Xm3B4LpATs|;Y7H=r?y{~#^856Dp&|i za;Yv{`-0L$X(U*S<)Nna@Ue0l<X>LY+ zV%`@1rr+$cTa;#uz`r|2Lmj$B|VfFN*bqYf%371t78XKiZT?OY0N6-hk zo)P?jamI001m`e1PC7mfappNPomVvVY^QXY3jz?dcP)6^Vn1Y^s|I>)wY!4&w(s=y z4}%zTZVUW!x66YkV(9a&jX%~M14nz{!)IEjXg?(0rnt|grVTpww4E1;!LU*c8E9M+ za9n%5A4=Y?7oPFw)HqML#Bh#3wLXb&w{GMOqN!Bh6J4n+Iil zIYFuKA)k{ctVc|U?=Bb^^l3nCR{XnozOzv#M^>VXzNFyng0Tk z-<{Z-(71nzbANYZKP_@4`gx}Z}FBc-I<2Hp-yYMXXsAvqc zVpjJ3bwgLskvfHq>Ih>2DKVdTT%5csVNHuY%^F(X_{8leh;!OWNgp<%iwqmtpBWg* z5w;R8>812=TcyT*S(T>quIQgL{dkWPwgY^8^oZdlOR*&<;=+~#ZfFk%^6p1$9E;9( z6>*%J=AFU-#djBQE>_+?T+4b{tf+j4lE&b2{4ht^p1h~Jgm+~lc&lW1TR-v(-7hv-bEP+ga{6phwjs zTqY%RmT*JnpQAUkdKpTueV!hHmXTi9OphS`!x0Y1NC&X_a1Om%Y1zhjO}Dxu4E2y?b%G2w5Ne~pql}I z%*(;dAX3}e%T$?0WC%CwUJljL#ZT!jBwjgP$w0++Wo%}$e(~gqK5Bnfyirq~4Z^e0 z*>fbq51#A_>h4x7Rp>yob%Z6-!J_uf{_3$#as-l__<2fNrK%i!2)xR=SLI!oPSbt> zS8YQN!|DJY+YJ}jg8y3Ns%lm#`zc2x={?Ycd5BP@lFOe|s^Uc@F`buKX{-&E^HX?q zIS||mMarp${>LeMAKYC*-P|f|2fYg!o*4MrFXtSzkC#He>Ev6+-L2y)C}%%?_7@vCZEc{#N%U4I7 zT;}FnpORaVs8uG5$<6O8gjdOT01V6eb(ar+E0AbE>jrI)rfXzuSufP3zMJqjK$nAl zEwOqsqm@YR$E*-!4E7#I*j%X!!sHQXM&!3t}!4;FLyNW#>f33I9EbrhAUvID0(`sB)=*@vrK|i88K2( zKD;LXt{4$N6om%^8C^q;2lUjZ5C)*HFR@EZTPCsglA?7B67$(5q*2Ko+8u>HofG5R zdZOh^B|Hv0#EZwI2LwGtQ|V}HmonbbUx?c${2gAUOX%55BCTDi;8e=-$0Ny2Uui*N zloK{3JeINpq!$|7XOOL*eHUZEsIv10$*1GZG^%FxMdcg>4@sS+Q69ck!nq zf67Uyur)mOK{j^A<%wSnaUvDV4~(*qumdZ5hjLZM?WpqZWqy9y10>c_s2iad_%U+3 zIOK2b?F`L7N$?;zqn97u3wc`BGaU#W9FuFh5Y`oUVQeiGL6R5OOL;-~!9kF^pPv~( zGFhXgWGvunGWKK+qm1j}+{MTZ%{qdf4s-PRf&Ir)p>uO`#D48RHLQ9MBK7=JZw<~> zGO{{)4cfOs^;)Y%vS2o-VgwMGrhz%VjVp@#j!t;wE{n z4bAbV+{z%7b_Y~Q1?~aHFO}jX4%~=5hzlEdxPj2k31Nv(4Y9hv6_$s>IsSkAu4l$! zE0v^OwTx9UK7xahg%h>OJa1QesgxW*NYaEJ3#iE&3t2DGF!HKwof!Imd2-StZ_kz{ z^F{!b5hv6W+a3$h+3ccqNxde35Zr^7k&<;m*x1(z^SL-K&%%|v3CD$v|Ar&Phm6%{ z?J42hzW<6g!p<+~@^+G?Fvl-px1V93@e26-Ei8Wk!Dg`kZ#5(GT5L9Z0M{YuZNTQR zyL&f!KaYI?Y;Pm!$Zo4zYoe)a@Bpi+JqC zNMvDqo!`EUSW8pEM}M@V*CtrQ({<<-Icb3nuoB#_CN7om9^7+6GPLYG7rmxf!R@uA zF}NH*Of;ldvY-Dd_I>atJC!T@sT_Anyvj+w-m&NIs!f&0?n*OR0T|VY#*+A+%aL}) z%BcWx-I2&M)pgetj4kJ71|yRibjkyuK&i-#oU8vCEvIcrO?w%UME}%;R!TI2$vq~D zl(X7o)0g6-6Lm&&bck^%M{2-a$G9!hpFFiPvSV0ww6>t>_wWfP2p9IiW#SVI$X|jx z;x58wL5r)oiVUBnZv}*JhLCy~HWRJ(aB_^mc0k{KBQ4>B%#`shY-e`jlu)ZuY!18f ze+tc>lfu!G+ejnl+tz%X`FL!r9FC^~jd1xGD}~nk(d!WYhlY zowAZv_MsK^387b;?eJ)2@(yK>kPc8q^z`Y_NJbywH=&)Qn|!BB&Q=M<_>&?Oiz>yU zN-Iw(lcJR2gRka3(#rQLvN+o^iR&YrmdN7F#G_oNVLNdKV+Cc%xR|Ci$zT-RN*#7! zWxwT4>LFB$u;;SUr&WY;ayPM6*eq%$J2(w>=|_#JI~=`_ne`CVsV2m&*QE_noN%7w zD#t^@J!#4@>B=z?<&|{hm5A~RYc8Ot(vkz-HgfmX(mJ6HxP!glrR-mKoC<=)RZCDGuZ4`zg`q2+Gol^SKcXV=Gx_e~&~2hZdcUdv$Lu#7D7 zjS|_{FLUra*i;Qo(VBQ#2Wd|x=L6<}>G{|+P6@n3x`o&jB!qW?wh9~JT+ue*evEZr z_L6?_k?Hdk9UXmJewv zkyGCCW+j|A>8s~WhH5+HT#1wvp_eHq=(FIn6QfH;-d9KWHX}GX)7y-^^-ivLd?D|v zz0EzGbn0#H8zbR`oDS+u%^f7ct&HGuilwXGWgLq#?xXL~P;@_fztE4BuMXufrn%6I z{ZRQcOc&bTLrxl*S?9P;`SwIJXWUt@lM5z{HS^AK`?l^GE>EmQh)8O^fq|=Q*I=^ zF&1Fb2!Vxk*$Vr+s_9q0ssrX7YY*x(I9o<|Z`*fvt@;#)! z)Rw;xaR~e#cPE@Z@>o4jsxk6)P*M=X`2=k5Snlqc`+9QUL9C3^)Y%&;R~-LC;wq&K z^>H$SaOvIBGZS}K%!1RN<&@OZeoB#X1csca>H=@LuN}$1-!4NslkYTrhqI55F?T%4 zY1gM?CF!YIor|Q_{d^cQhIP|6^pC-n^G1nvxQ9AO`yQuu0q!s1S;i{q8!vD#)bm`@ z>pbQzsiC8he2*#q6rskFLi(snA*WEg=sC~Na>g?_+ZmkZyi-qY%9%}RZTuuuW~k*C zBImpBQwi_S(srGs$FD z;wmdD3IGE9gee99@xO6I?2x0RRVrK}otkGh=%0A&*YHR7KP>@p1kA3D zzP0fW_g}Ba(-8)$7CYVJ_#d@TstGpXZV2D06q> z;j`8=lI!d5muJ_<`me$_xaHK42OOq9JBcI`BfIn8Jf2_I9HQI(-eRx|qhH^;E0HF?S z65;Mg&0TyqUu&J???al#;Y;x9xo)%9mMYkmG0ju!`q_9}^7urwAontk(zI{6r-(*zm zfAir_4&JJI_+@))bIZ~*DuXpDn!oa%&dOxYs%XzDY|d(Wu&M~L^5e0JIsQ9ZuDo98 zyTkHSpx7C<4#bT2wBouZMZ zQBD7^5X2rQPg~aS>Rhks!!DC9Do@C zR!~S!n%8!{4Mp-HbIO&=l{$YXmeZQaUjuuh;1!FEs@6a%UO zP?9gAy0|bfqC63iuo6OiDFLE$%{|Qw^PMqAXHO6aYmKD4y0@?~i^f=HXe;S3`PPME z$l457=YV6(r*>XPq|-pjkp`nmJEmoFAI9G2pux(btH5-c^^6sCX#jQfd?<6s*!|`v zG`Fr&*42QwurlG%U>6xV1c@fY;YY{FDRhGqX0RHxV+!QZYuHy>4)WeY!PkqYWt8To7X2@LIHTXB7?Q_cqKP6N3gR&H7 z2C^ZkDjZ&vqj+)Z$~a-j{3|BIzrwiddh~3{(!16{?)};eg}g4svO4h2TEP7^=THW$c;*#tsh+Q1$$uYkqlyy@-ay`5y!&>bD9-YZ7w2?6gp9Y z$s~`Ar@-<}Y)F^M<{t^b3P`JDz59xdwTn=VwIWp$fxkNSjjMvjBa`HUuj@X_8$dm( zgN9RuV)iA&B4epWHGWw+f9@;q(D{fC3k$*y`KgWdK<6C^dXH~g5|#?g1Y}j3f^p`=3e5U{*`H7#AQSok_G<}y zf?mK3!lkGK)FA5t28=_Jsc9fTJIMr`x<;-RSrsWIp&I%6PDbol{-Oo)X3SWDCn2o# zZ>WY(6aViXHCVDrKvy3NwK^07dSGCLBRJq@gj1km4#NHHRILQq5Sw<)#;tDu9bjN$ zVp`IDSQwr9FYJEcs?M%q0^_*vhkNvL*Q2UkQ9j3U_?f5MEUI9+n9yOm_}i1W+BZ@9 zi?&Cj3USv&+ZJ($GKOGSqtOJ3;c>fo8~h&^m9mWaF#Mo@MYW1`s%NTMXxyQ|s}J*1 zID6emoJeI;MJiy?abja_Qqn$U0mnGCsx`{@K-Y~FyXdE2s?;7?YDa&)#QA03IK7&)^w!>gb z4E=QYUySoLg9Dc#3e9@ZnQZU<{+mzM2nwha>_c(_@4J{@-_R2sG$xg4D?dXA{8TnS9 z`-HdjeYVws9VtVNf0Wx}qT1hMz4vGqYI&&(B!z5P7ZI@l+jCt9#-v-f?u} znrlIfE_Hn3SMGqeCsNz9%&RxaZBvbCa#zBxlsBRqc~)ldQHM3=?zWjOt*&}!t7fXG z-Su=eZ?`d3wwjZtsn7SuHI%Oi6a1?r_=hvacELMiAXYN>;TH3qfHCpY5xQQ-J zIP~8%s%L|{$Qoy^zlw|OWoAp54m*W3mPD&ZNVjn=_&ryHIKrJbe~EQ8P9#=CNLa+n z&YvJ_<3l|2G>IUhpjEYDnBm8q87O9l{Vql>i@f0* zAaSd-qu3_Y3UP%@6|yJUHgXjS3d-{VR$9eOh0k_t*BTH~(nvk2a9fmtkpiY3W)vAJ z7Q`Gtc^2afq&DXf3BrLJ#l(vN|C1o*?o8&+h_7xzavw zwO{32DeC}eU(vV~8J2`s$+4nX?7ZR;&hA&t(3+YB`^p04W3>4BpeBbvHlssU;*>+AoU!KuR*ea4D@AYUBaU81b(Qk^sQd+} zJej8#gInuk-HOWv(3OD(r^f2E^_4f*n2)v?OAW&jJ2gsOD1$ctdDp7d-t(PB^!1$H zvrT>hWsI50MiREcZ>}vb7Y4(7%)>f2$@A3aY{D0;G)*#aYgtA#T$)N$b$7vXSrJ+X ztZeV=5y-}gj$_Qw_lCowRvS=cRZs>GY}G<7h{s`xeBLnL{_XZ21sb>+ht(d>J1=?!^GJyn3E%41QG^ZV z9Z}7|TRnLE@rBc6T+yS24Z?&FGJA5kUsJxG?1u$il&cWbmrgYJ$ujZ?Y_-h~43RzW z7w^rGcGjL3*jE~vvGF5|754CH)h?8LQXCa<6#1i7fDe@2ZE z#F*W7)NxZ{P>|~XSssBj9KGcw6`t>G|KgagOzqTapNy4+dI&rYXr5(^9$sZr8#He; zjMZ$lkXpFPexp9`B5z%rzdRxfoQm)aq|1@$+^$aEKJCe6UF#$X>%Zvc8Ns4*9VB~R zN`KCZ2@Abg%g9Ev0(v@JIy|}x*4$G4B3-^my`b{rI$9V={j^oQf-%}+twj4Zq#rYL zfd-9BXH%!C;Utze+blnJqE0R zXONPjA1^W=Q3{--nWSM;R>zw_@8B#V-nRM*z&QY72M&c6gO~`-U{#pPBj7+fN{#w zUg(psVw!oQ7Dvvqf}arSK)TXgT`JM~{ z1`ZfJCcA9e9BW{=4L@zMwm^eqSd)3G&Fa8?K|5_(BZ{%Ht*>1tdQF%-XB@Q)c+6MS z9${&NQzy8E9nAM;)-o14p>IIXJJZ#gv}T+2lzr9wqd5wWymYGVe>w)SBgjo&9EQ@^ zJJ!bWrNM6@KbMadG-aAPTW5Pl$FO`wCzdzhiF{eveFoEhH7o`%2;gX`c=m7`^6BIo z#TFu?Ev(4?ytt74+c;cZ^Fbx+5t=ZZaI`ws>!AJRnE@~5B7G8Nz4&ySY_;-7b1(kP z#=i8?Mw{mpHXpf2Gi~}EES~n3XOGD@QiwH8*7dE^Yx{F{%FAHT=SpFN`;JGLDtj=B z7~eBEF~2r+DPOIAC)VN4S;*@4oES}5V=d<6n)~{2LtH0gJl16sFC*Qu_MejYN(#3w zrqC2oC+Tv~vI!S~Pa!-!<<`HY*W!M?3%W+oZ-ISQHzSn@0o9gzro-wb$;!JU5>E*v zB36&${M}5mQJC99h=rF_BrzKA2)YKtW#lK7o%6eJ7ORF*6B#IXk1gz6I)3@$nN4oQ=WF|Jy0deR^Up6!AU^|9aJQ>XjpNBM!A@3LC_ZH$a>`I z2wb9$>tExF2@weBehQNU*2usYMRGwRSHEih;5f=1nplx_j@VPl<_`@jkZ&W+AQ8an z{XAoM(nIq;ebAV|;xkXRL(1eR%YR$)V6TyPxlN6>+xS4%2QD8FFXdhW?K?WxxHS+S z39%e&c;wYY3L!r5uCC0mfNE|uE`jY2*VG8I%go(}Kjr=vnl_cGW53F4FVGVMhoCiO zm4b|jFufxWU9ju81&SC;99a$=>7nODHYMj#4%^Q>;^G^=zO)?n>32MqMYd`|?zeeK zQb=k9`d0K(Q_^GeyJXpJi8ezsOLVJtiIXn7f((2JAU)4ZBVlPu#k{siI@ zb%L_qHS9Zh+p8vXo#s4s3S(sPlmSJf+JqGF0`>)xbpmM1p-?paUHTJa|kD4j7R=hl~R;wzg4kUBZ63_9FcV>1$^|sU#GIG zuclml02` zHzrWRstKmkG_pR8MVU z%9$;`W1@BiUip>&=}UkkIDX??DwIzaC8m@hu6Sc^7Os1?i?L`{^{$g`+t}eFkSozS_Iq*tFr# z?sIV0etfzFFmerVW){NCLNIVs3EyTRtbCsJcafXxBr$(euzpKqd=qafZj%#lHf~cB zFO6nOUyI!earFb$Hv1~C&zzTKsVrmlAI7wC+S-`k_pD4so)_06O1FUbk`7g|TKo=Q z#UMJ0e1;HdQw=)+A`Af!CRc$*tU`~FCn1*mO-x*Wtl||E-Sz95?WDTw0qUdo_ML>T zp2dCXVHxzmJmoOeDkZ1(1oD#-PSw0Mxkl*}BiUt@4=Gh5)I0&^DF`=jUcZE|CQGfX z>0!gblFGcDn87DQ*-Bm-Moe7e6&??j2;s*M3r+-y!V^I8>rLNriEjKc!2;G>uvP7? zTjdMEnz32P4GP1omFY64MO`DW-MPv8COw@oH8sU{Fm7QxSF8!G&nvn&C;*u<=h^R}O;R;MW(#)8LE{RN1R+QqX^zLI&nAEtCzSP24>L(Ovo2|YpZ1xf&0GgYtIy762Z~N*UOQ!%lqN*F zk+21y77xU{l_DOm(jnkLC1?5NH>K6=X9Pag#Yij&8NVKz5_f|wUHiDDP+sYTB? zC-X&g?(rJ%9?Q)gJLGG?e?TJDb;5<5za6A8C-VpXz20YtoP8z=ZVQv->2*WVI zj{Jv_q;YBW@PW%-(D`3+1^JYXk-vG>XGHKrf--m-P3?1a!tiNB;CPo&d4i1_yxueb#U3 z{xsa+hB37+U2Dl+E4zHs`mt6)n=jcpn)z_>2f}t`5D7Oaux3On_!l1=lFH^WCLnoG zbr80Zw$U~*H}Sb~hQPuF%x~0g)aj|8o>n`tuo1^pEc6<^8@9F)H?g@_Eu?50a|H}Z zVE@6M!kR156?MouU!MsqT`TeFXg3+Y$5;@SyA41I`hw)|Z1{)>nrNEU@WgQ0#<6W@rkRFgqH$g12_12fU3jpyjaOeew0dry>&HS2g`v`Emr$=c{G(7QP)diY{L`#a zSe##0+I@jq>ps}IecuD`wI`+fy3W>fU%B(SC+qtzCYJ5AEaFO)RX^|3e6(s@yY<9T z$%|q?ryioob(Ku#xfv5}6M;ZL?hC%V{-AyP`k8@g z6DWZWK!0cVe^h>33or}vh=VJ|0*Rwn@Rn#s_2{*~M_rM>mC)1E;~ISo^xf#fQ}bPa zvk`pneA|Ar2zUX6T&R!#^U|x7k39}X;BX~dh@W-bq1zho9+N{hx49@JH&!0s$CTzT zT|Mq#ys+d>zwgXA(-C(i+kszXmBsVu2$vnb(*vYe&DjPBvq|y3m6`mND%4RdZ z7;RcC!7P7^hybv_<}mQ)S(3}bkF@Hce?W!u=$HQjxp>2iGqt|%^pLI`>W}#GF8?~;RXr?YP3 zw%HXQD(siyhzWio=)b1__P=k}*h#Fd1Axges81&1_-yk!@6bf529kGS*i7WGOW zeR^c0l}%SYpR1g%nRm&{Jv}Lvt|1M$B+pHQSe5k7DVvNlaQgI8`ik0v*Syd0Go+aa z=FWR;jN&x6j2Wr_TEAMi|J92t4MR+`xD)VXR7q>5SF;!erU_IzYCYM&*`2{asTyoY zwGVlzIQDz}SU=kRoh4q_ySJ*);2kL~1GFo>W73hdRd^=QA|9HQ zE<%g>)o+X>5k5kT)m@^<`mSNjH@%DKZif^f>D9OJebJEuXgq_vg*Rzq&*3u7{_F3H z`HC8!i53U5&oax`C^=r`H%r(z=+Ji_Gq7+x96?0auP`E(p8+O}sM3$z0Te;x3m!qF z2Dm`n@I>EKO*?QZ5fT(@gC7fOT$FT~>0)_pSi8$0Ov6cl&e=nCQs^ZUuLZ%bc}FjA zpQ_pGZw7Q>r9Jp=Gc5;tdM$RxQu#C3N7aoL(xyBypKk3@ui{t9qBU6NRhswS;iboJ$Vnrww85UACGM!SuM zBNKr$?Z5%M$(sfHz5KkMT=$F<{SdY1n5jc&!yCV+;Yjv)v4c~O2W$TbBVSE53fj>g z?xJKsYtun>X4^pj>3bRi#HkMhlt4piJ4TTwJ$k_62xolg#Y4IhvO?_%>3UgwKBN{x zHZ^2+s<0FqtQ7EgU|M-UlRTn4f-;xL?zP5qIrl_x%?>&oL`Huy9{3w!nLB}n-V(2s z^j3n=e06BSHQYEKBPGOJwZtK| zFP1@Xa%?oIteWM%voD5cyXo{k9507bEv_mbCKEYqOt`7zid>`tYrIQ3wF#q3)i z4W6eREF2lk1zt?vNSWuG4V@OqH5l(NUwstK@5Kj+*SjI^MK_U{$Bl4LmJmTvd|$;I zt`0H39#13(=(yvK)W+&VycstyWY^nQ&^L5a)#VGAoq@OFJuZaWpk{j!G3;KIC)tP`-S@9R`Q-~>6uxwwKCrb#-8G+T; zV^abHc5wL&KA|YEA#?r!FkhxZ+oaLo@yyFcdTX_@f=U0w7~7xqKky z3|paSutjtJKrlC%+0ungqm!*g!8iJ54yGtsY~0dR#VupG%FwbUu_7$??wonTK&9Wp z6%0g6L#LNXGMGgfgbLG$Ez4o)m;bV#0j0fpCC7e`1Lf{Yk!PCcrpwUSY(8%WTxE&~fKl^ZBu( ze(UDvZ1mUlZh{5Ya@9)@8d=LmDz|Ei$B>4$KtEN9f8kpZ)KtR$yGeOK= zSOIxQ!TU7U61EIzfeEvXh6z~i-e%Yn{`mY|^TCViDEKd6z@dXn23&Gn!$wyb!c=7$ zpl+7RFK!N4#J)%$BU!ZAJcA{pl@>Mj49#Rta=xfo@uTB@PRh~jp)j7yxdiTf#%mAy zBgHrhXZ6?%zpN{C8x)1IFG$Bz4Alba2nYxr2t{pC9z>AE0hD~gOu)DyY7Q}X*7WVq zt%{-BxuV&l35caFZ4>+t;DVF|<)2y6ub1c*y+h#%=0Wjr}V08}K{89!>a z4p0TB#$P%4k)-&uvok&CIR6_a96Vbg%09cG>O&3koy(s5>yU?kvm1aTvRGb^l31GsiJkb`r60L*2HB*?Bs<&6i7wjydC zzjSOXYw)<0TlNzX@~4pOmawPPWUp3WYY-{8k68#tt6r06J}^9xGT|9cD?#0CB5>3> z3k?lTeTrHYOHv#ficg~Wq07aTiD0vUG`t$Zgo(?M3vrc7HLKi_jGR@(gNyT{Xhv4n zy+~y_1Dd5(18?KLj;m*9A#S^tSkp%52Z4L5F$-%;3oGaNBUTQLxmu_|xqcEB=>=vU z8{>7Y$?R2QC_m_Qp#>S$Uyw4-nbB zBf}WP+UO%{QvD`Yi@Vt(b9s+KrnlNst)STfI!@Wau=~M3H;ShZbiNWP^CIG0zTc>L zF55#aT>$>KUl|BZcJNE`Bxx&umFWk8n1~jgL!eEK%2tA>Gmb{=q_m~1^GJ?JdQ(2OG`-kgi~VhPqCl# zT^(-5sAu?Y{0`W2O+41lKac_XbuX?B;yLiqe@#ZQu_?WwNH#x&`8gES`q@B#hpQ1) z&}W31t5nvpGP$bB+F@HZ_an5r*{1#Bc|E*!eEn!YjeWL;&&8VEVP>}z(*GEdGcj=4 z|43HN$#s)>>GR)f9F5Jz#pA+2fam}Xpv8mL&YqTrQiMTj29E#Rg^mah)VK;GG_YGn znGPm60_8{Ur#<0MvZN+>zszLDsR}!odg07NpH8YNklo|$V5aJN{-jq|UdmwOEW6q5 zioD6hBx+IDy@KCFU0F_{Tr17vH4Mh!2O-7RM{Vr~neEakmmd(u7{Z})WsC>!H~O%s zq#6L^@yC!5Wv*D}#T-^r;L08jac z>F6;;O07z(1xA);^dV8T_YG7xEBCnU>zE|>>p_Z`_Cm_Q<@MvYtj|gMjBmn>E|8pA zL2iDzpG_w+IXR`W3@{;4ygjgra#{*MATL0BX2cOe+x-lh-e`1dI@ ze3i}dHUHshfIwyb&h|eOY^X@?d1tg!xd_|9aO$n#n+x^ou(~Jco>ceJ3tsN^`qFFl zN>|2_k84fV%}K{-{HJx+S!T5fMyO65kgdNDiFp+hO?guASYToUkXkFwy;sL8;A%a$ z9@tW^B`^cF#x1Xom=HOpU+=|8Q3i9v{f>X4GYvz2ffP(JoHIN1ZBsc!`it8mqq;Ab zLHJRXSIi$DVaA(u*<`2}RuQHc^(ciTmZt6@{W%4}odW0nYeNPAK<-L7Cwu&h23!Ea zuRzuE0q>hdYCGiQrt6c;nY(O~t(DU%ZVk8%0B_*kWC|Cepr)L-M<}35^FSsgU=jq? z{{sAmNR=s#(>3%*jT%Kxp^$`IkhCzSMx#6c6NTk+G5-x~8iVt_BNXg7D!YX* z5n7u$w!{9y$A+JE{YrS{yzP3lPbgt_kh*+{Z=!TFbga#s8R;5G_1P8XSA+`!ih#mh zULGVRW5+ZrM$7g-)lh51dq8c(_~Og0c|cnOIHp=9nGL=#kbzlcAxbmCNM{N97fS8< z`uZn?+MZ5--2>c{5y%;kC&Ywgrw-*q>m_u&ilPOZ>(H2F0h5f$m#5jCl>PbR;}J3? z=DX6+d_GfiWukn8`6UyPc5yG;vydtYy2*vH#~}jxyrG!?{^=cQR984g?1TU6|JS&A zKTChX*M2`EhOce2&j@An4t@Us1tA3Tu&T|uM1Ge6r!TYU&?m(qkHfNPTX`SsP3Q~j zxrxn$Vb%Kww1Jl5J$)w)J{b5*ZtT0kZgsZznZDj-6902A`TE;}X?UlYvV|S5qF{;|`VV2DYX*8p`*;)Ka`1H%y#Y zsUvg8_Kkygkt01bO{A&rRp7{2_1gX`um>p1_vC$QHYX%&T0hDoi+ znr9j~KS9QH<6_4XZ4y9QO zHYGVwiAsc4EjcKBM)Lr@Japn6Fbvr=bvm|_P8Y8EtWDN*oJ|34rrH-|c2_@UhHTt+~3_SS>(lA5jMj z0PV7YZdqAxomVlBi7NtGOddd5Iwnp(M!{zWs)>D`?6?2yuKEszmNk9IVDA$=C*T5I zmG!%)l|>7^S}z8HSZ{S(bp*HL5DwlVgK==uS^ha3$}S=%Xs`ngK_=*cM%qKXwz?)M zYu`90EJ3kpbneEKWXH)CNGIX%SM?rxB&|xRuFH{MKJHw|Yp<;D4c~7?3tQb5gKG(}&g{Rf)$k6W>M&|US=mkS z8RV78&#=Z*p(qCJf`gs4i^~Mm7EaYE1hKFHSnF5`b7(GFJaoU1Rmyv{G@}nyCa9yS z@)n!OccVmYyPe)H`U6c(Y1>I6=<7@=#F$sQysB>eD%oX$)J~8kcYrp2?~^ z_M^$Q6JDlXCMIVjRTOP^FSnq_@KFW2T#R0Ni?1!7rV37EKy6(&BN|5vG@KQH3rCqF zev$ZFyQ%K(ew%qY7dS`b*p$E08v=8KzbHBQ*LpE3KcQ#so7H>GVjEvVHm=(qU(=`V zckWYCd$WR$a_tPhPK{1=j#1(H_Pt<(lEHr^vhhRJv~>SMErNj3zrr_GE6g*e5>-*o z${)L+Sa)s(GB(R}t`P^7v3jBowFGV=A)3C3d6OH!XHyeZP=lYi>{&06T%Q+GCx^DR z@t$9~eqMnigQGJOyWXJ#@!sK4M1|*IDi$}@znSvm!-ddxX?Hk`cgMVSgqJNpz5!y} zeN|n-8x@{`5n8?~7v4q2KZWS>Mg*?ojYi71^s}Q;bU;<7)q~+v6Py$d44+mMOV)X?vBX zyl7N()(?OJ0t4}zAy2@Bq@dc}$fwyxJt&mzq`Rn$B=)wB*V(BVtGm`aEW1`al-vtr+(;H>T zO*5`#dp)P9)t)>r^FuZJSLl+NVTPZ)aCNuS1EX zMboJ@+Vc2!(ortZUgEaWQC!eQL*2trhCU2w^UH;cN}OIE>>NGw1e_3tAMQRJv$ZXv zk_Wmi*%S7kl_B9dq?(jp>I1s{u^9DvAxDbN&4W3L&k78G?i5*7*FxDM>fF1W;ERCG zVOrI@Jr`^S?5`K_<`*R_E-=2{d)(S{&#lgeTzqcqQTB5H9_b1-UA(3G@n>);AFkY= ztW06sLGu>Byb;FYTRI$datuy4)aUMjWi-FHgv5U!m$EwR#KDx1CNo-WasCm~~1AVDasMG| zK}7PMw!Adr@oHuD!Z9&!pTx?LR89=zf3OKIp}U${6d&nK88WU3Jx<4Wqgy^#h8Gv~ z7j>LTwppHePpU@Um%4QNAJ$PH9Bss51j=^N6*&SaTO%M6L`;iTQ zXNMz{j9%8;vuZhfWx9N2ce=gPvOo$GA!JzXCYE?CvP`krW%yLd|32YNkDov_+wbzQ zMG+GHMoYV~X*u#(5!K?>*lvJqLSmgEpZ01fCDcR4;v8oyj0wea#DEMTR5OW^^n!px^^eh8e^r-z{iARHKwN952H> z3PMIM944lzOdY6vRQR@Q>aoq+yR6+6SvW1Mb+t(mNt`>j-b#@wptUT$<@nrLC6y$T zdohZ|x?-*X&e)6d&O>uXz1KO*|0gxO^z)B=Gv?nW3h5}f%*?ZMi;9<^)ayiTq%yl> zFZri%7%H1Af!kaBbYtBVzSQx!k_LYiGDr?&C%CFi>G=KJ$k~F#Kc3ZpM@o@yt(}z$ z@dC>TOk4Br9*Ka6qqNDDP5PuG49~)h)vZ-B(<6qflcf#a2^$+#Q5XdBjd<51Yp4ar zkF#R&%raKl9Fm5X`oG*C1=;M@~YN1t>Ys=Q<=jS)Cy`N>c&0xzYb7v-qDg~^PJ_o{E>gMozEARHm`pm_R= z5HiqhxJqJ)6US$aO5?GIf+nfTF*YmMy>qpsZokTUt#45{4 z!HSDnLg6BH9sn%dN%GL-6$99K-XRiX7$#E~rza;TS0`vhcherjl*3weX)ng(9J9T0 z68{*#ZjFD|U7dsOGPNsc{H}c(OcTGEY-JrQE)$bQ>w&kX9;mGy`BshUIprxNRrA$G-zHv|J$ob4Z zl$d$fNjn=Ke^tKo{iYn#LEhZhEt)53?O@{4=C(+9phNm5j7kyJqDdpl8Ec5H;$t|u zTsy?oT}65BA4U6tH#L zQXkpZ!H5d;iGc}A{)NR!)-I#YtQq9e%Bw54xe z=-O^|b#+p!?&DIm;zFIO;sOFP+rwO=BOj9Zx{_nvR$jz^&#rGuVZEkM;Xrv9Ez=q% zRBsLIE#4kTKOWXtu~kTn@E|I`(2&3a761X2Kyv@+YQWA^S-UbMB^_$TaqNewc>+l| zREevA{pjnK&5f}s+4`}K21M#HXpv1)wGeBQ2QGidM4Af@*)Uo{>{Yw2{Sjz^WzfjL zyhBxSDb~D+nbke=;=NxP*z?zdc$UFS;~sd{_!Qy-Zz5iSH=I$eTi|-t>gAa?SU!oM zEiprZAR+Su5351Ex>j3%b`dn4h#&)|;xcPgrR@&**O>0iIO&YxEfV{7T*H^o={SDV zhRF8S+kEY3c`kX+v(rA`{p0rs5eJbAYM1#3A#4>q8$El8y)l4AGBGsl`GbU~%)4p(Vn33bn22ruX-m%`D=wSEx(BTQCIm%7Y2!)* zKU4VPb4e93Wp1Mvmt{9^xE9BhAMC3TE2(Z5!qnX0lbLnY2TuvL`$O0;1PvWcEdNwr7t#bKiMCo+q#&{mF7Ukl@e&a@zZ|2k3ne(GPYTX1|fEcMbos_3;D<GAyE`P*dB!Ncuw0b9pa zEAx}+mKialD?!`icstL61R691C-=Mq)jj&E8U;?6%ZbyX)^E$hz~|D^3(W@j+mNY? zF`hC65VaV*2uA34QkM9G%Ymvf1NMMC?$m!pTGzFV6Io&|F!d{2#|T@Z71PI0d6_3q zE%?mFXqP97Q~nPqczh2SB$lo>1x;L#mt&kq`U^q{tA9gweXiRkttb=tm5Rd#A=5C8 zz-s;aK>=59RTV@q)bDf3yT^@SCa}A~se>PvboeF|c=6t#>>Zn>f8EKhE#IfBWK6Z>OgBMYYn@>$ zy{4-OB$}fZUv%$`H%W2?L99|P3MEXN1vSNw59zQqY7#5sgej#J3XCrL1;2|D8_^nZ zs0zii6~bg-PEF>Ql|c1vWz3n;V^~MFfc@^*C|o#o?6}~hSs2YyP=;b4rz~yvIp)s% zw`Kw{MA;fhPO4Q_I^G!+oWBedSZn1|XS=24v?TZa@ZryQa@{p?&8p4%m!py@+jgUk z==IG966}sQ`(yBSbyUm~`ElbdcrZV%JiolPv$V9a*qvP#-`03?ZhmObgojGeFrbb=2}1!6rDX{JVi?Z`B_=r!*Q`lsOQGA9RjyE| z&_H5It?-yboegOgs3sS}*EZ#D=k^NOHr-GXx*-+2PKVw`Zh2ruvJZ8~AQ$5Yi<{ch`xn3v!8?rDqEkhQzxfLxO8lT&0>DK4>sx;ELyj^u}>@1va z$O%K@6XM=P6JBck4gQLVZaAhZc&zDvj7cjI-612;N$B>HOw&U)fNbXvAs^3#@00R7 zF7Cbx*>pVJ4vg+<(S_9%X5qeD%)S~j{3y1g9DP@gWS5VhYzcG^mF)342p#nqHavJ2 zB&FAu8`D+tUlexo9EuB=>i*15+BXU!EQ#;{Qcu)07rJV;L*M$+P@%w8_nuet}Lp_{@P!ClJ}2^r#C0{ zHsYyQfI?F8CwG5TBC+sym!oG908myTAxi&QqKqf*i8ldrT!S(@`U^YkkM6Z|K_)~) z6V&w3{NO^0bug##v?UN**-+3mW#D3-{&_g0on&%)bz#XIK)q!po9hreHB)FKVi7on zu&{9v`_!zn=6#WoaRw!}dJc_~ExQ<@EpOeXv*hMfGp~$WQ``G!JL>5f@^J zxltXRZFxV}(xKPd**m%7Y)VD##i`NcY30OI?vaG~=CemIL>%q7|y@TSwPmd+=3L?SrVe62s z6$By#?t=X5qfS+$ILQkTRqNHwuksgiezPovEh_0TBXYN!v0}qqGzb$pLHQ0_o=4gd zvY0r~X^rXWjnWSEZDWV`fwt6^LJ-p3dV8ZV)bY0*L%soY$%2SaU;l7z@kRlMnXR6G z=bIXLQHahV*hYX1avb`_)ISSkQH~(Wf5e0>K!H)P&@Z0a2cZ#?x^U+}VRk6v+#=;&WNy>GVAHH)e=#Er4|<;{cq z!(s2^peO8m0tbxJ)XNv=Exc1W=sf||V5@I^u2~g8j9Rmzq24e=cFMJcWT#j?fRK=Q zWDgfKMztn|KsCSOCFVxI-8&Ta7*!e=RnhZR(O6mJ@wyx9M_wLr?~AV@3{N<_jH3*MiO4H*!z$tU2zfiAIDMq&BOwb5olz*+k5&RiKNJxnV zBOBcsF*c_u-d}S~*@&EcP)P6Wp>?nxqp`5K)7&@}wSb3G9bmOLNNSjnyxqOM^w*Nl zS`b%4F$Gg*M#gnP3Jt{Nb@`xw)O)^F#1VEBO-Bg|jE|4Wn4|ZEjb0KB5FD43G8mWh z8pd1ISOLotIaHbME6 zlE$KhYqvAahR-umliu8n*+t-f-Mq3LnfiVB_9oGV!P2GcV__3VQW#^TF>9(}uH5oy zRia!*ocaQ$40{(Y8j?<(4?4s@5e{BoN!wY@4@$J~8;JffE;NkdFEUiJW_hf#5`w~B zxt-?J1=oW|YL4XwgwGIADM36=1s>a&WYpRaSd0q=G80?#@-MEZO)sYkLZq{cj@J_& z)ZX&TZ1u{|M-70aF07Lf<0|Kp_g3@s+q$WTO~=#rp#ckfH`&SxmZnS%zL^8D@7Y+) zC0BaA1W-|CGZef~f>Jy|`EQVL9V#>7wS)qYF+u^Ml=Lm)h*Rk#DvIbbxiK5~rQm{Q zmZv-7)ViZZwU!ZLPyDGK54xJ_#c!qT;7t2?;i zKqk0rLyFsb2MH;PdMgvL)wa#%4F!uzSzhT}j^)LgrX-`c?VW`8*@f1H1SYJ=g$J5s z`u5%-*!J$pNl)YbjDm4K)Se_S#&u#vS1%6Ne;5iYLuHfxhr=mh^eO&O6l|XatvTCE zNOKgeLSCgL3CIj|&G?d-nc(P46(ly{eZkeFX63e0>Y3wl14!}48QmfcW*KGy1@z_6(ld;x;{nmC^xp<)QLl!} znOxDP%$dI`h$8+>q+6BZ91q(#b9~Zb&W=4mbgG`$vzZ+{@mkk9xRMfVK6 z&eZJ1ga^J`m|%&bKYle>c3;-icw;Aq9y@AcRmY2G@1T-16KC+?UZt>38W;OS(kYcm zF_VNq+Fb{v-_8Kqp$mQcTKur)HAKS1141NI8v*F3%-ChQ&}F%W82=}1CX?A0C?@Q1 zLpp2fh4BGF(ro?*pWrB3*0{rDYbw;) zntCTzrhUHN$&tS4vB>{zpYgkTYvJaj;|+5$qt0WS=^L8}?d|I5SzAw*z+11>j@Jf; z!$1+~$X5F>y_uNMhhYLWz<@T7(moX+0!jeB#j?H?ht8lg*hP$C%DbG~MR6nANGQ_c zaJab1(b~PX7WwwKgZ_xiR&46*f+7En1^4=s-wM~d2#`tE=NoW=7*LuEAYewnil#R6 z2r6j`tgL|;>;?zs)G4fd1n6;4u@2q{Qp;M`_)6rS_(TAU2CT*!=4N3a`NK~#5f7Ey z+j4(g^4+VDopS5>Oe?L*ww}dSh3wq@4JbSDYX~qsg@}mOQ$q%;m)7F(RwBxIMIdmv z9=!7Bkw0(v`eR5ayY|2j2#_j_(y{N+B33a^BXC_2J-aw1S=X+XXqmc*Gr_-2NaOzm z!xtlG?vH%2;e!uG9{3Rd=EswR?7bJhffoVHn}c7$g-hW6#@+?@$Hcb56Gbs@fIs~F zxt3?Xop|UoEl>UUZ~g|zg`fQ7Uz1xn10vJe|BiicF;cG6Vn!Rz106_h9DuapT5NQ1 z%qy3e^7f9$J%Wsee6y^puC2;YQs<~O+Um|Wp0-#&Q9s`mcln*3y0IJJn&j=BeQ*j_ zg7?T*;uG>({$sZFY^GIs2dN9Omlqgy`IxsU0c!z)!yX8S-EkW(9ld2|i_;f}xWqwy zQk;eDYQbGMn*2BTRPxs?`yns6;(>!r;P)gy+X;TwZyE_Ll3Ie1@+n5gAJbP-cqS_u zP7D}$SXz|mB`{56J26fBIi`slCGU%A+HIb^wBQ>98+%D^MIx_EFdL;HuRyj@UOB^l zwyaFX{AJ2UX^zV_%Jw;W5R#+@p2kRp09B)Bg5Q0jbn`z-ch;MJpRB>JIbVl!%W#BIu zt!CsI#iAN#^4$fXnV572f6CQrl5uNX2um3`*b*)?x=O4jrpdXjt$TsVLqmTQk~)39 zPH?FT@(T*4Mw5R97iMZADL(l-#wW{2QzDL*m&9YnmJ)+rCG?4G-l$9kCrH7+%7~RQ zO{W8A%OLYe^G?>8(j&iw>{6fRo)5J28BHZ)J@6--Yx=Tm)Ldq>Rmf+L9;IExhLsqM zAW##4z%(mF-GYiJoJ%Q=BrCc5Rg5YOzqs5+2l5iruG6SYB9;V3m}lq7yt|}1P+}{{ z%{LX_f^k%UjQ4t0IbmIBJ1&A+wR~U2IT_xrsQI108s5OELfQT3b7KtQE2hxG5 zVLD{D6A}&u1DMFg9=ExC4o5E9jC@D$j*N)u5R?%^P^o}ORAM{==5mE1T}&+Mu8uUf zbzBzmd!zX_ZEw7-%l3)BnY!@6Cd86|3YV!XqP_zIN{7xHXo^4R68x?P zU9Qa&7?Xbwy`N`4&W=w0({UA}fRa6Iu5I*8 z+Qv(pp7aQJ*9A=KxqHaeZ$j(!wX^{=c=WZ69b>P zsRKgEUf+?su4(I?T%NGZA3i+aapOG;0EpbEVO-;HF*gWzrrSkTYJ_hH*u6?n5k!s& zR3)r(xE+GVE|DpO+F>^L1+B36)Dn?o3?uc%_l!2I?%8*&B;@#5|NgzBE?3XMaCht8 z!m#;pA3d`))Nw!!bgrX*B0M%|xnm@e=nD0ISXV>Yl@=^gXeU@jE zF)l)ZhY5D%#2`YFD~1ju%ZZ5rgP>GZ>EaGiqV}63$)}(xadWa2^pqN$-~RTu-SD;K z1caul>Qj-lH!#MH^Hd4~#drixlRy!XznLz+w3@+yD|Kle_AW!%yhENRoS}@G!L2W* z&9K!Iq$r!4^~JiY*Paa4lz(dI0L%2}iNhnFMGofWGSwZ|*+XeMJqUALk2uKL+SFaL6E|CaZSxHExzp~oxM8WCwxircE zAi6`MZ8REDhJWY||InQWETO`ImX7(5T2M7j1y@g;TD$7T_7nZhgVl5WBeSzZ^h|rZ zskU+QgOgToZJ+Dd(&Dkl&mKNKlKkI+et+NG%wYdC0b(Nr-sYJO&O{aP=wMpKA0AZZ zH|UGG!fF($v0s&U9LcRtv_+|tta-eIz0t@2M#TWY`JGbE2pkmADP=fQakKF zFhI{dapv4thPq3eJHGHiOCZ+o#KjKd3iG8V1h%haFQ+nfH3-R^P##mj+FH;VP5Pq9 zD>;gA`yKiYlQ(Yi7$IyWzd~N(683BGU6TI%8<+U}>u{2PZrFZD2(r0ylgH)HVJ!7I z#wLK2Z@&X=@L^)bs!ZCvEC&WcD3Dbp|Lt~pIRCAW*Vpgjz>;KS$Q5IiI~v{7SX&*8 zQLk#SEzx(!U~%bJldqS1sw0DLZ%sU$-_+GzKe65n)I})KvfjJlZjwuiG4_|`Vm!9Q z^tKc)TS;dM=N0D_b6$oD8|P(?7z+VL9Sn@(keD2hpnJ&k%(o&#Cn(jba>eTo9zI+O z;`T$u-eR#x^9YVP7qsM$=;@uZjN2VtpzV-lhO{h;FGxtx>%5rGN})XrX+*P@bnEy@XC?~5c23z-^BD?DQu4Y6jt z5xehGrGSfG;z4=i$HD6rXYoCy&H2uN%@G-HZRjhgE}HU1f&q)!Q|0-(`2%eN_&xqq49%B+u6{o39rymi_I>nL4ubm2=U238v;soUa#g zzHH9ye3ip6v@wm*ijrTOcah}p&Pe`_)XvK(@f-g0I}eUra_jLG>t!o;Ud|QSy<+L5 z$gDwkhL7}+A>~r!{0}b0`S)B3JTGk4y6KA-pBLp(5rlRmwqwV6K|0|-a$ew@yABMH z2-LwpvR+HD@=1xwXkdAxEUQmKHNKGa5<(8@iXgYx4`#{Zkt7eZRy=XD*%ONzrFh(o zVe^5iA)j}sYM^f98tt_Ml3(h-PJ7J=Ja&1>MtAo{$>lA2ug6_Edh^Yrm2Qt$j}meF zn{b%*DiCv`nDXpG?1|eIf_yf?0b@{Jll(P(@tv0i6rrRA8p(a|ak)MXK1E=freelG zMhW5Su&^tfc%#KqT+A-`ID0QCVZYqJ$&W;ziUVM2uOXs&&MwKN}bnRhZp0+ zquXzg&%>L{uhC#;1L9$5?~0kTgW*wPV}e)?_1G!yD~~7L_ub`z>M}==3Q|#FiPbRft*Ra{TJqbIoUF;IEkXD6N_9t*%DnJSm;JE2_F)@ zVx5?t)yezrgT&T%@h`lvpN{P%@*uo}wJFj6gQpEB>qiidWkUQjsATJk3i2-*z84sD zU+0)h^-+o)!XKo&NG9*QFZq2!NhKjX*V{@eF@C1arJ91Gd_f`_X{Au4L@iJb6-O8c zjxgm$LDUAZV&pwlxi0gASpyPts4`CvzhY5-MJ0A&yF-e?UsQbH-pYXOad!RQ-4(ap zT@k2!oL#p+@p#2!@a6A$e$0M6-}8K*{dm5IE8os${Q)x0#%W2Il*_HyWA%#Zy)8BB z@ywJ`;@Exz{)|bWVq!zQ83M&svS0%h5EU+=Tz6xN7bZ<7f*Xy57;VN%s|7=|ZezOo zhQxTq4rZ%7FR*a@2hoGmlT5+Q2^1b%luAlCA@t1r$nSekeXL}-tEGFmw`6Sp)?><5 z_isPX&7?1hAdl z%Gw1I9DLNmWO-iNO*x9;g(5DorwGWNFfu&*n5@qk*w#4Vt%sMN!_jxL^ZgjSiMfR-ex9cisyx7p11ugXe2HFX@2e4!LKa_nO_^Whrmexj+7yy zri9Nf`ec}3=YbxA@*IhsPAM4#Ms>^&DjUYk1!Irlc8^8s**nK$8F7A@ST}xsMY^Y< zv9Y16N2;xjgu{`0eWzZI)&y!J=bKu6Zs%*Emb|={&})Rx<`7h+sVD;O2~~675Za(A zh!Um3bPDbw&{3V0QK3UB^ronh_v`RPVkv+a5*0_^)}u(mJ<>`f6pGZ=N1O#w-#lexHDe$#mC z+2^09UwP-J0pYd)qVu+A$Se3wh@nsEMa#QaK3#OfjO9Gp^~&>S&p!XTfKZL!(8y+_ zoXto+5x<@ijnd&%b@`Y+M#?aUJ*`6;*1YDqVI0G=am@**w=d;Ju9 zr>#pbc zD?Imf>W2`(e#k##Kd9XafL-h!hhE2-nc3lqM=!gpfqe<&q@Iqlr~eI~#@Lk#Xv#Fe z=P6{qfDlfUkRj@dJMYX8!sZ~leGA0NIGcm-ZQ~q#k9>^JO$=UzM*1XcKaX?6UO&#; z>){n>qEE2)mwEfk*iHcNCy%iE^{7+i01#P&>QfwhimjsxH3~T@ml&BzsM=f&B084vx%z2Amjn&zN<8Vp3LPOpt%5f z6nK{89N{)-US3+;@cTS0g;=L&KpJK>*tNOksX(%a9ch%Z>}^K?qDrdbJ~GK6BW~!a zlAFg4-f5hj6zIfE@tp_9Pg(+o`NYJg9yEp9K!sNd|E&1%cw)ow`Kg7Qj#pbN^|tC$ zw+;1~+uE;KuD0nbtT3&*LX z>cJ`T^yx7%4qqbkR;P$MP0DE%HKqbjx_Y+wP6kS6JPBUAtgm|I$dQ%mo+VSbus_x~ zstqQuniw9Q=pRwI(OGaoT?dCqW zLy0Pro>H(B<{>0qqoRzo0j#&Jg1+1wL~ZoSRqqVQorypeGY}4R2b2$y7 z)pize^Jry!x<4RiEJ$VvHx8oGahaI$#Y^0o8Olpk_~Iz>EZLT#ef@O{Rf}%-V%0)j z|6ufhZNYWx=x96o*MLM9Z3|xCqHU?Jzc0E_wcx8>tXhor-apmdH96VUJ;gI&9;9XT z4dNsLQinAPn7s(mfYof$s00nBt4f#%!{POK?oY7ICKo7^3ngdjOa+6%x?r7-!E|&L zyi&5u&E0Tjom>@5xlBAe41t)bT3YC1#C9m3z0MTM-{|X_Zi+6q`$yKxyr#X0u6<1> zmi@ysfv(t9bL<7wGs7i`F%9Gv*g6_&#v^onUDexVOYBi6|AjR*4lSsd_z?!0y^&IF z@+Y0m-l#P%nZ#A~v2zt;=c<+TlP@F+Tuyef5^=q#%E?1SikmHAG#_$l9?i|$%pNxO zB!jQzt!9r}ftDgz93TZtY5fm9MKaF}7Jycpejd|x+u8_e>u>Ap>R`mRHaF@_F1OC? zblMB?=oViDf5SP$v%I?;F-l`Ill~@D{N76KZtDpIzQE#e>I%;bm`GvT_T2of(u$SH0*I!X?wN*RpL36Ry zUfJmO1>2nsGqofA=GLy^L{(dz=(9K4f?rN+dv0vmzp*K~OQx26MgBReFJ7Hi)iBQC=Eh6jrcm(MiF^X~YYCAyK@{LaG$3 z09QQp?6c1XpLyn)hsw@3ea=R0pKE#<%G`6#tFLy>xhY(i{Od#l{K-2w77HZ!E4ZB) zQT8!9NIDEiRMU(SGS4gIjOm;#{nv&Zh~Rq20S`X;IMeYcJiBfS+Dcuf#{3%XMrF8? z{n}6vhTLMN6b@g{Ux`3E$zE!qUXF&hqV*)=J`jL#Mz!mimKwGnVyM=<{h~f>1I@o}xNEgT5WX2T(pec_ebphpTHYGc`o*w=HKAmo#Zpr z0uw|{`UW4(VW+i(>jRewKmq8K0CJ@#3d7cf86P-t@h7v1JY^wb;88SciLm}AzV)FH z_5v>K<-IgPz>!;UUctr3yiSfY+=7bav2kelm>DCNJjlS~W*9qXKlh0J+&TLr=j_mY z&hf}2j&uB#(c#^Gn^AW% zqa(fW>DuIItp%gu?1JBpj`sA9j`pGgf(`Wa%JA^=%FytNdh1GhY_O$eV4$UCF!|c* z(9jAtdk0#vsda$wt$wy&{3H+cLJaQ83WJ(U)+sc(xf(5SLnaj|g*1m??owLz)9}xJ z7G}%#(o3PA{~T?3LfC1%2In8~IqB~d35c5-H5Dkx<(foMnw5*RWHM3mcpo{u_&~M~ zVCRBb{xbYme-%z{!B5#Hxi9?dUx$D7tK?^JckSH{!EfOLF`_L{oFky_j~XXJT6Pwp zN5}a%hXNT16PE@@y6U?}%mQ;|M~M!8TdgWt>#6QEMj`|4Lu+cpr>)mD+wI8<^qJ%j z2m5EcAjUNAOx#Lj5hfzrm*l2*^%>}*Hw6Np6K+H4Im7P!0N(i@;}8ZUk6j-Kupc-A zSH5!-@SNtB?LETnY{xf{ZgL@2S)`+#sT``@P>_mPFCx{DlWM@c{Bjh|L|~g=$lWAV z3%M$qyGk&9D-SdpERvE*fF4X&7#f#`ta1-E7eC6ODvOu?1{CT|J08io)FVofP81K% z&L%94jf6CIH+Jo5Wh0F{-7Y%==DYH9%d&yGkQs z{$*xsj*imPN56Ia+Iz2#x7DwA4V`Fhjcp`)NxoWvaTg#bvcpAFZ$JuGqz}KV60<$PivLiSv%$H54SJZ zw066i_qMk+PS?b%hJyahc2)PS5vs1QuB>nK_6L1|t*>~TEu9OY!Mb=Cp~T6p82(>* z5F5vt%n5?1LA9_di8KY^8wOUty~tE#GP=|MtxC=F8g=PKjH)>OI(Rd9N2vcu>z?C7 zKTke=@Zj7UeSRwf?eW$2jc9M-$6v+e!;?V*I$sT*&aT3()_XD098*tmak@`3gB2PS<3cg@b;H6Xv9 zjD!s%Bi-F20dHZXadqE5Hgc76P3k;O&mtKBp<`KV4dh)qsMW}b8sdS z+^Ahy^Pg_*{+A;&Ge>p~eCt-_$e}N;InBZ<$D8Vg>EIBd#LFskSlOuSNCzT22NYE!RLOX@E^QBxB%EqN5D}Ai!b<3`Z{o zfYZMV0PaImQ(awC`#Nh{T54)qTWer*s-tsqva@5#*H%;0h8M;oVU?17b zUr6Pw(zCn&MG67(K{j^=`pPAB4qhMFP<^1D_MXA9ZO|DwM{koOHdbZCX81iLHmIV* zx#agDL1(ba#mDF#SQRulLagwj0$`hsg0M;`A#^&m;V2pX&m@ob{}R~YYSGEA}R{J>^p!khZ^fB4C$SAy|ap2me@}U zMD39E0$B}+!kL;tnZsCQ(OE5$R|VU@EX_5S|>#d)Gm00000 z0RR910cK`;)~MrO4?Oh%0R!j&0002d;&s>n0002d;(O-)yZ*BTpaY@+000L70ssI2 z0001Z0b^ifU|?SKpO=Aw<=Vg9|8rOt07Xy$BO?Hul?GUN0d>(sxL`*RhT*U4jBU?c z+qP}nwpKCrF*dP{Rcza~wT+#V>T53E=dV^BwE2Z-lLRuw-nBTFyRMwfpj<`zv?sKF znO)O*8C;=IJ*N9!VbBPJ&LNwY`>WiIwQUzKZ~qW`yw+U3k| z>~>=DGJkN${KtlQe-du*#k@$J^wVUSm(*?A=O7#Am2gl_=AfD6i0R{mbdX`j@RCTP zC74LbCrIlg$s<$t;3*ZPOD&mv<&HW>*dnj!f6rpCY2~1ac!$ z5~SaE8rjl7tTYj%-x^?CLZp=(RiZLgq!(JJY_3?ayzGSHs{jMMO6I{$$rb@00000001WdCjeUjoB-qi^#MEq zl>w#!?E*alegfhH7y}>!X9Jc4(gYR+Cj@B(k_6}l6a^^-H3eJ+iv`aG@&+IVN(N~L zod(GU+6N*Bc?a1C>Igjuy9mq)H3@GCzX~@Bcna|gVhe%`tqbc6F$_Wsdkmfo&J6tx zAq`gzg$>3I6b@+)dJfMI77uO@&=5ZmwGhS;I}uC~wGuEAwGze?NE4|O*c3SweiV-t zAQg8Ns1@@TTNY*(aTa_QhZd3+ofjn+br-f66c}U}(-|HaDH${wKN(6Hgc=+gRvMNX zs~Wc&!y5=25E~pDC>w(tt{d1KDjZ}SZyc)}wj9A6%pBJpIvqtFx*iH1Sstk#;2%^U z*B}ufNgz}pUm$8Abs(7_${_Y3FCjW1MIm+}ej(K&AR;RwYa+BG2_qCEA0sOxHzS}U z;UpX+MzI zdo!dn+%z0CBs4iRT{Sv2xHa`QayIQZV>g{Qz&F`A1~?};UO03(m^jus5C8xG0RR92 z2mpcr2LMt41pop7EC4(JcK`qY&kM}}0{{Vd0ey_MT0>zF1qXL}oF117YTPyM?#cBB z$phyU*Q)$F`|ZvFmPj+l%=`*7?1RsSx?+PD1iBKKY7Cxre<%>S2fV5%O_=P*i`YUyeZ zx#3LPq=G?9wIx2q6nFK@r=k7__qYN zbI$fvXWM3MPRu%X(kA_6R|2s2R|EDZ(vYahOw(QATUYwdtD3dAN~`sepv~20m}Rzh z9XfSIqB-W8XTEMddiCjdjR6ZRbge~R^SvJo+HABP+5aCvqb%@}nRMqbQ1_Bub+!%A+DGqbjPSCTbn!dN;bs4Q_F>4;<|n zw>s7a$GOcN?sU83o!~?#S>`VHxHszD9raFjic_8DboV*K{T}p?2Yl#ZKRVMEXF1zB zo^!7AJmN8rd(`pg{v6f04xOt}h`s{CV@ z-S$LhbVYacL~ry(e+As3-j^)l=Sfxj)pYSL+j7ZIdR)8!;B+F11dhbkBOh^PcvE z!@Xp!q4v18HC!bZ>D5k9JpCf))*XE(`Y}1kAnJVb zonq-w*d&lmWKXhQHe$Nh?+;vNKat?dY<-tSgd$<7rZS#w-efURsKN+ac&E|N;r!i6 zYc^gLrR00bYdXlRRWb)jd3KtdTU{krY%Y>B3%CpNFmqyJm=ChBm0gg^u1aN>r52JN z9yXtWL^9*jzn2x%adjh7HyDWg0{5aaod5uM0b}sq!Ehod zVk0ACU*rbHog54t49Nu>8Q7e*MKD+}Ft9RcfjAC4-W>KU`fSQ9;w-EjP@zyZS0-~7 zO(t0;un@P?K4As{1|9}Z1~!mJPN0~8(>?|V7=(y1Gq`M2VeANu*x=9+v5`5&WuqF1 zw~M2Jfsw_bBRM1jq$Cmu9C&;=99az6R9PfhSb4N|F#d1dz|y;siNR$9Tiiz06c+$c GCMlI(>g#O) literal 0 HcmV?d00001 diff --git a/fonts/Work_Sans_300.woff2 b/fonts/Work_Sans_300.woff2 new file mode 100644 index 0000000000000000000000000000000000000000..f6e216d64de0aca0ecf31749708002145de48db8 GIT binary patch literal 21548 zcmV)1K+V5*Pew8T0RR9108}gh5dZ)H0LOd)08_{S0cK_Z00000000000000000000 z0000QG#lh_9EdIkU;u=2-SMfCuatQjROoF^Xp{)|9@Um8AH>+(iRlZ zyG{Q?aM_SU*3*%Khuky-B0I7*H17}sv0)#GW~vN00+lCU#|gJTGGT(qim#Cf ze%0|y?QH{sY~WJ6jN>En{diAy)RLXG&-!!AFizjM(?@JUg~tx(w=f*5AWw*?V0)cY zzampq68_+DK?OI&no-5R=41cQ%wcmDZC0PsRA;&960Wc*Qv3Pv{HcE~p2C+x z>ylR?O=^7&bO#ab0QWBg{M>p50|yo*Ahl6jzin?DTk{rGtYPF}L}_CsXro`T@7hB9 z>;Gt&b2q8jJ6ha{s#-g{uv9Qhi|Eck*-5l6{^=|g*Hd~7PU zQd_un=|!F8q(qi6K(-~PZPGqc_8X?**TZ?|`f_@uI%DpwJH>7Z`Q{@J6cEy+Nz=|x zZm$pg;=mg?5Gwf?=(f#(YGY zR7xEIamK8n1H^EdpY0WrOc0fe$@hp0a8((`&K>rsXxkHxn!LT01sDtkBI18<^R?Ca z&qU9p@9>(r{9h>=a}~s1dAnZC)754Tw0>5Al{IN(B7y%%YXaz8Dnw9W#Vv3NIDLvT zO_?&O>P(+1e{ZVU{#}rBAawz}6vazXH!d3SBJC>0={>GoF5dt9clUq9T|fjDlmvnb zV9*^1kU9udzygrG1St)4kneaoQ|FWz6e#jS3{JVa)Y-W@yLC~y>D-nn7Hw;YUwc-a z86SMuwy{~G7&VB}Ee2CHw(ED?kG^IG(&|M{wv`uQ{oU`~PAoyd-1U za>n;H0RlLHGvXhq388W#;w(fgvKY0*Qp95}5CmZ52})Y~vV3)9pYGD49Z(mVbSnZ8 z2jIqqz|W%OP!v1=sY?;E?~FiW=XoJ8EchE+JN8KIJ5Ye;F~RcKEudo5kj)=<-vG=c z*x^y~C*|@e$Uo`Kj9kyXy3m}(w4yinx&Ac371has{N*E<{+Td~X2+bG-q=S|x+0fl zb*{m+VLe&DcEPUStM`(9Zok@J4wIB|h>q3AyEEtPJO|G$H(b#v>P;~sKWnp<{?AUP zW8$d{t7vv{Qlv_gE>j`9dcR7w8nx=wYk+m@F<{V;UF~jvW+W>oH(Ibz;UZn`N>{t> zzNna_36mas=D8PM`s=?b=}?t2q*iEcddLtk#fXZn5~6tqI?$B5p(XSsf(mI}(Mc_M zO@7A|5o2Ll0cHffkn&#mM1RphVo<&j$bOi?WU>)F8|5M>*JVWXn78wPYU&s#1@R!h z0xPf)F2YBIh!~L~as(|@1*!uzf!aV_pgzzLXbd#RT4Jp+yww(Kk9EX4V_mVH$hw2| z2OADH9&Czjj%|r;jctQ%hwXsvgzYle1KVq`4|Y)RkltavBYH>mPU@X8IA?G};^xHN ziD)3TH zo_`Qi(1YciXSxWwBq1W8=o(Ff{8ZJ*SPG6=dzX{~QYj7n-`v(kx^7bJXT)k2~L%#3B+&`%%G_J_u<`wfEMv z1wCQQIgrpKSA-~G$1ESy)q#EnB?zSffR9Kc@-X*LxkAOU6sQeBnQ%_`XV;yM=smA< zK305+`YLC>PyHm&$QkcykPRtmyRz4)IuN9m=gqW2oNDbzBLai-5R?`Nbk0I)0#CZK#Wc8-=+bk3v@X@$OVXnE}`^Y zCN%^m<`{SH#94{j4W;ROzM_U&1oGN6`G#2?8oxCfV= zN29I$S6uRf6KC(2e-~qe>iR)%daIyWaKtD*gzrTP&R_t@;<}S`9TKZM&=9YDx3{h; zJbymF(r&Tu9k=mgaSeDgT^$aR{FoNjVpwuY)|x0=SCm0xl?)iY;MuGrGFmpJ3ejL~ zxfIs%kbS8IuLuD3WP5!8l)`{#OH6T~B<=#i*3@9%x>15gf1GJem`z2gJa_Lrww3{G z&4AXjus>9!^dIbJSpz_PhXI^-)qTw9Ggo}{r)9L>I{ghg%k)0?71;y7DbrNT;^Fg@h;z{a#X-e@Ryq4XIo%`Co-{qAtz6nzJ7W|i zg*qvrB;s{>%)f7tXZ^lprg0tk3x0TiuLLKSo7A{=YdyioGAA$t^v9AKu*FslE|qB~ zY?pQKzvz}{-unU$I{4l@F*#0os(o_3KmG5Un*nD2xEo%3VC|w{5`7fd`Ahso-%t)} zno1EAY%A2mPQc&sZEa;cXthu(+=8nnC!B`)a@yQ+#UGY^u;AMI^x#q5YS^CkOSchL zO0AJ0SrpmleX;kuZAyS@_!)uqR?V1Zo-b(Q3a7%nBMssTUua0gsikZ@0m%Xz;5I0C zXUq-7;0+2C2}DD>(mfHTCyV)`VIapL&GGVOdkf%EBmeNdAn{%hp_z7f^`U!cpm=9r z+H9ia;gRVpZr+aGDu|v6(|URF+n8%C2V_`eK_s@b3#FK)ZGoPwW_}r*ZUH|$dyx6G zbmFZb=FDiY7yB98^=_l=zGqf<$sKQUu~n-dVH&+^PUhf;&93D^S-ESxx1$~?T1!xl z(r#CctZQ?o6Ily^uE}9`piwj!`7nc zP$*bZnIc;!m_WTg76L75*y;Vg^k*-T*(J0KoUw}$5lF8h*e4alPPJ*8)dYy=Mv3t} z0xWfHu=*WUaPX5ZO%!0pDn%+kdCp4+;DR>>?v!mcWR@fjEwrOOx{Fc-I>9%Yz=&Q7 zKL2c9iUuemI(`-o=JQP!PYF;hJU~7}++x^DQtpURql&A>>&!ytVa}D{SbBAq36&FrV&k>+8 zETslFb?S{9MHjQKpbr9>;~9F!p7$j8S4dcTlSW%Gi>c%0xM?l$#Ti?3s9dCuvXZj) ziatNEdrOuqCp&8ljx5Q|<2KjZzFqgq_nBPm+xz>h?4PDQZEP1R6Mu(k~TMeEs}r zHM+4o4UwylSP>t8u25^~QTupJmF|herqi3iG5vVnduc}ja~ny({z?1z*+7m$`e@Ff zl~6{~#DX39Kd1_qETEZ0s2*+2@yJq|nfnaNp6i7V3BC1~-m)8S%b?Qb=Y{oEgi?Dx z06<<6M?l`mY7Y7Y15EP#9679ASEvwR5Gq}(jFe(U8gZVVeX^UToBA+dNdlC)+EdWa z|1yeDzo(-j$c{AhdyLY~D8uDJsDwj}_DUmjsSWe)kudW)UH-@|Ch7g9L@ zNBoJQ$sR9&z1S&M(;!9?%}Jm{@vfdfnPT~uGB;qfEkN8~I&KvX`sbO#O%fEppUhqJ z{QLGXKhQS~L4NJX$PP=>R}B7KI5lor=ChXCKkm88?dch(9?E^K&DWNmsg1_t2Q|>& z*TN>=?B5>_N{)0pP^BXBy@l8L8&kdZxE{`s7p@8YF!QO8RByN+^vL-upyxoZ(m#xJ zT43N`8eZM-PGJrGpg5N4I}58{NXMF5c_~?X&SqbJt%1+~KB-UkzVikxj>_1J`*&8m zCq_%04%HVD2q!pEI-bY;5>Cl@*)DRtD|_8{sQ2)LTjtF=Kptt)Xi)rxeS6+n_Pz`X z+M@%{xds%uFX!wq3`xq^+4z1~vr%Qv7A0}&$4N{KC3$uC(u|^x41@Ov&@~dKr^nai*p`a)*<&# zS!?rMo6;Eyuj}BhgtT}iZ?Pm)#iim#EwGyvqb2`3Z~*2|SM94&Cc8OB6)swNr{reE zWbS7axtF?`^?hePC{*tPo>ndk0TSGrq_J5hq^5lL$8hV6Vvl`*KRSdt!nx>Jo01dG zl3m~?m$=!L>sMX#kOi?vxISPeE^s&qD?IX35evY=M__TQ2Vx0`Rd^;IJq2qf2NFWGI?v9cnbv*z;M&8I^2JmWqt&xcNCG70YA|;A%7dVwD zK~x~7q9jhzS7xi~d4vZ~CJj!Ocpe3oy8d1=GYb_aLK#+Ng#Z@(0bSlM;o>%*89M3N zQwBCrdaPnNTs2+=n&o#iSseBY}dr-g@VwPrmu?r+J*KC@jnUWkAu)6QTd-`J( zcia-&01W~Wd?GTGE07CTa&8T0)^h3uC(dxuEiSo3(wRuUlWRD@SKol+)(6o!*8@gR z2OYz-@8#0uL&S)F7~dIR7s!O&fDq+VUq$qgMMhB!s_XiF5LOf*kb6b!bLeG+-9O5N zW8J#Neu`i;y#fvlSVuDJvnH&(EFEll#jw1$gv2O@wCZD_hO{-g)iva;sp<!E#5b)t77~rHQshF)fmMeKy8Jt?A6O1B?z}MH8gfsCGC>nu$B_igs1?bLtl$|xX z4?jg(q~xsW1Y^TJkkme33GhW_ZkEkr&ekHC50b3PZNi6v$t%tdLXaTV_0kX~FaE9y z%o;J*QqzM-ojA}Si`F*Y@$hgpfr2kUDE(124DaV z$S?$u;pGIZXgD2*R0E8Y*qCdy?$o^}9-5zK)dICpEln%Xx@qf1Nua081t>YCS(MnA z!s@weKAL}^RQl1cHzo_dT>5AHGXVel6Zqd7o9$3fiuvIFgAx#tfTykly#N59C-SQJ(MyjU@x*ga zz3|=tVfbx{Ti&^;Gy?wkY^PlT{_mH4A=qK5+cw!~vlB!NClg2%1|A}M^ULy6hCh=a z;X;Ip6y}2n$r2<=lEH4Y23*{HJgWJH)T#lXtrF4&%C)^h$q$LD-8BMu=p(>IUZK1b$Ta^q;X<41%!m+s z;*oX}2qteyV3}8z3|N3)ps-KVBHBm&ynpjKh>9uigRj2|!YUf@YVN-JN7O%P%L^`k z%L}O{9)&jd2AblbNipxYksJa#N-T{=rnA^M4{#rGc4MioZ8fXSZfB z={wl_UAfW7v)*`*O%Ns5Qk+6lvZRa)79{B?h?Jsq_$z88p=#CB{r#c%j}3A%AfV_M zG1Yw2z6(|KF0Qw`hW=3F+k)5O>D%u?Bg&B;K0!rj-m9U{Ar;Ti zZ|)91X-k{AXm-mjSEoxj+LL{DWjX{H}t_{_7HPBd`^vY92tPSPypRcr8sZe z3Z&YRNZgw!(#7N{)+*-S1%~3$)Aug{tx#r0S(drTQXwPVVhqN#P;%zQ zqOwCXk)$DoqAF zZr{X7MFUv&3X>>icW=Pb^pd6iUQj*i#>hQr4_GWRya~6|*wkIj_Hx_ZZ}O^4MOhqw z-4FJ88Ia&m!Etz7MTP_W^y&HpI61f$^>S2#%T!BFwX`_(M#+K1sE#Ta=Y zI+T~IJ3TPs>##)m*b_rg-NmP2(SxjmqOS1FlP9J=AqUmdCFj|8Ql2MY>{rkw$aAK? zRM##KRBs8*UeRDE<6Z(?P?lH=ZDVdPj3v&( zvaxh6Y)jk=$HvC9a4qpJJR1w&!nee~e8WVDA9GB6tNHZ&STLVzts?qLV6=h|bq}s2 z^~0rMxc5dBqUphF(L6k2!=q(*v>tro!>4Wdv=6`LTB?J1FcqHo+wQ- zJM)B>_Hm5rTdZ1hKs~AW7{-)cq)Q#3R%IyxmW#uBvCJWOAzy+sUl+L`I>;j)!l<3= z>YYfPibSNn{?7A)zzL^Cs+~9?gx;X!u12#kQWD3*JJq(fX!u^Bdr|1EW+oAd7Grsl z^Mq&HqOB)A^RyykC3db!TUT^7J=AuxEf(G`Js7&Ja&gdI$3f3Eb@Rvtxf7`+UF5=P z?C&ybM^48<_s-3?txN|lZwMixLAyU3Sz-EK8W$8RUmpwt+jFiTh@NkQWzbvtwj-QN zm2;{mT<%;hTq=a?_l;>7(3H8GX}T+P&rOZF=Xy;ioDf>8^Z{I=DI(Xw`~;^_C*IKK zjjc#aIy?;nE*5*uZoSGQAZ1*iJ!63fN_FFDiu846g3G zyK=)w5ds(V-j|ddPS-)kc|^!n4;mRzKiwBxn;mm0ZCJJ;>DgtywZd!chJB8mCLvfd zq8^i*`8Wj?B@pvAhJCn{)8rTr-X^Ek~c0^|xPAQt$Lk{#?R$w$W$ z4Y!b+4XcyUs$25Zl#}1Yr(t)7<)n(wQNwVz|XndiM#y~wvnCGub0;Vaj`($hY8ez1~HuL|@+2lu_B28|1(l9U)= z=bjsjZL;x$`B_X6Q5O@Aw+cwcG){{LBf-3o+@Ik1jqRej*fSi0?1)oMbymO&KpEF} z2;N|JOp#qsxH$nlNbIH+XC-bBA@j&~+mD5w=J0~emFAyMRne``+ z%)zR@@dbr(O%Te8tee`v?-k1iifEb2@7~iQ9ON6?B8)6hi8ok+5?M(_D|}5IZLn|d z<VB1O+G?8d5L>44$7)L^Y#2nQb#-f zw*mlFK(8DmAOZ50WYK_pFwc@WmqeNREF=r!`vRoVQtN)$Yy=syt0yM8?bFf60bYjt zLW4pVn65i~Dlofaj;uwGdUS>|;^0Z*TXmyO-1=y<5NDxnTx&gPW|-%1E3gDT=!*hUJ)~X_S8gn}#Ka#7V~Z{*z~$DNyy|(sfCGE8Wd&rmyar z!Qj3t$!w%Y<9WdZxGIw3>-CIeU)LfxUV~(Y{An*fSQVb%OmXQ)uvZ!W!OQui%u*J$~UTTh+{wLVE0(mKEw-3ED260Vie54u}EWp{StG0$RK$u`7__<(R|%b z?-|KCLyZjs9C!eGx1X1+t@xQSf$Y zMcbE~xxt(a(TcPs2RU;qrW&Ab`A>r$nF(2bVsw8@ky+g768B9$q}x`{aqScZjZRIu zbDx3?2V>7f1*mciz3l>Cmc3;f+lsZ0ugC3RS&Ts+dJ%GjC~NoRaS%ix zCfVaaNr(3ex4GP#)3bg7oCS%ZK%dP^c5#~d%HnKpC?1(pDLw;+Niso)%FhI?l3j%? z>sNy1%~M-G?#YO_`2`sm(t6tp#Fjbj`r@0f9M& z`f$EAGuoh&g1yOa%`KK`eVc2s_A*1QVA9TAqDf;B7OyIT#ww+OFm*lW9L%ktXPP%o zg8f@j8%s2-vGFjenV{hwW(c0aIzj-q4>-Xemm~xcbVFG)G+W(w=Lsf1 z1>~$Vh!V083^Ee<^B64QM`w%EbnNWmi*sn^s3^36JI};`vQMdN3ZPXArq5AyY4Omm zWvr`o?6PzlyD^IiV@w8u#~km75~2z5$A2wKxLKF6m}QBl@Os=;sMHyWDMR>5iU+|u zPJ*lENBZWNRu6;xI^;i*b)LslE{+60!?X}4|DzN?$tG?WqZ16m2U+pz|8#@O84+O0 z+|{JaVWZsXXAzzDms96b2b&7%Rra>oxNdXD$r5|F`8YIkox5Hifihuwq2}ufiOS+;nrODblu>(`->&q;rZDz+c&%r{5It11a)FDC-z$=IG(5jz4U;o#YZIGk5~b9TbaR$ke$zXC*Xpa^-9r`#rx9j_+Rz>cHy3)m8ej zpT;V_zRojVXG|F2P8eW>|A`}WrLbIayo8{7iGv2X%=a*<%zIDC&09G8bpzg>tt-$; zJ_7mDl(}qZV0rGfM>y%5_O9>JyAphuL<-|e-d*~?k3l|GT2u%Y7E%j~N(wLEp6>t9 z5X^*+55E3$*(>&%fg3 zBFhJtFI>L5eQJC^M^Kirm2^^R~7tLM*a}QSq1zg$4#e)e08TFbo+Q9aEQt1m0wd9hPXCNExj1 zz^M+HX(G88ad~L5Nx3l^<$EqRdA-UUvP#iYGhO(=4|iC~j;3K~OAmWA(A7g&DWjRsXERYsBcuBpmn4Atk4 zUD_cGc?I`)((q$K1wt2}(F~80Z*BlhJ9z zsU7QAt%6xv)r~Svzsn^-irTS%pt~miA?U8H-Jbyt-qV|1YPrm%u??e#DIZSj3i*BA zq0Viqz(H`ksZB?5Sq2-kDJ(l1)SFYu(9STheTcWL;R{*E}R1oME-X(-tk< zHRnj=|4FVdI$4x-z8D<*HPjxmE6ml3$!E$=Y0eoea*4#EFr1@(KO|VQGfx(*GIFeC z*Dz?Kt5iRE&a?)ziorLw5S7uDrs=9rvSi&Vr>#-SXE^vxnVzW)BtT4~ajcD?vOOhI z=diJ;7AL@A*~?PHxw0aX*rcm4Po&vGxIUg7JU-2F@C3vN1{qK)`OA0YR$S!g8nEVP zAiKcxQ}6say}kWzmSJ#HeQjeT+^c>QSWqaAujm)PY9!J+jBT&Z)|)lLnLTR`QXoG7#~p4xc5mfqt&JAg~z~Ct-N}jC;hNcWfDm=HVI6u zgp0o9R=l)Z?_-Xt^i@I{A7b0?>g{4<#O|J)(*9hn$UGrOs?h%WapA5|e{PzyXK2L` ztwzK&%bh(da<6mk2r2~tzHF!`IwHsuvSr`sP}s|EKE@oHs^=eZUQ4q6`tv=lbh_3Z zhzUY(_>&Qu@NjG2D~5leSU^XrNN<)|LKY7=2-b|LbsS;kRjCcdi4P7^zJquD93uS` zg2B5Es$3qUTwm3v>>OrJ=b;c_M!J=Aqi>O67%DV6#scGy=&pk+R7=YH(4>0|PM--t z{C2Vke*T5Z?U_F{2ANigXlosJenY6EmhFC8bN;*K{J@2#xgKk-`+L`Pd5tn$9WkiT zaw}0aZFX6mPvf7}+7Rmuz`Thtv%}!C`ORvq%K>O|ta(8uUPj~d-7Qo#zP~b^bNS{O z)2(o#RGv6^b)c#uNXMlM&en5;3dN3Ak3WS+8^}qho0#dyvco`agve4kg#7kXB^&dJ zJegS7g{^bDA_A2?XfY--faeK8QeeG{^9)mz3_SKOQ%&=aXLKiey^R{al0;f?)Xi2a z!m=F6RB5|ZqqK>5T(`!Pwj+bdSBS+O_&T?{hOZJkIEeLbo}i|Fc1!Mgr$5D}N;|s2 z^O3QHE@yyiGIa5aytQD}R$H(g=Cg(x9X98z_T4di z;Eyrn3b;F1W9C}Ogmp)1Im+1jkF~eAdr4DG+oBfy6>m7%<%c^R5pCuBZ$Bn{duIuJ&}$7 zMtx2x$k6L_Vv3PSF|+c)yP&e&&#WRxj8#{@veE_)uFU0%3<^ zJ05Z7zgJ61LW@AsiyOzmO| z_|>~fZG&vO$YwRlbS<-&^!Ca~i?->OCd?H^Wg3sClsyZ^BN2=`9N~b%nTC(NVYtf| z0)AC~{FEU-Kf(h?Nr^2=KP1`Y(PjJCaR&H4sEoh!Qt8)f^tT4mg8mj`72@q^953SI z3+t2b6-Ga=j>4VzB&RRd|FoO_^{e9q33~P_~eMh#NkjrN{w+9OP{!@Vu^-E zs1OoNQ=*yHDlUdBv{$h7)!d?e1vNcbXu4`TPE4{+iKLsWI8dX;(>^lG+iYS{Ty8pq z8ho5GuFFk!g&|+Bk1^Yuxi7DW6szAZuQl^Pa_%0Pmdj9stXK)_xp+lPvf#JKFwQOX|2)KD<`3Pos-`(AJdH)~3@)p{9Wy2NT(Vs>s`VV)3 zSX@aL!0~PLvJ^2=PwU&(#opMPC(4(v?Wn}0R7Bajgein|m_i>{;HHds^GT(-&He6`YnTD`%_Yg2M=JdH-r;wGIG#&2w33UPe)}0ra;VQZmmGA zO_bv+SoU=Gj|HGA*2XAfh>K+V_pcjtGY7>~p*SgGFhEh53=}e!wofaY#yFnZ_u=l{ z5b9{(rnb9@{tc^ELDb_301Eu8Oq@6{2#ysMCA(RZuKwMwT~Y#Jmp83jr0EjKZDzIB z>rXa~Al&VZ{$RY(BT~*-yJV&pCQJa1;bTKlpGG9}gkeu~E>R`Z6a=blE&5#5?a~En zluj)K8N~VuphBjU3m}bD$~W*{yo@y}72=W;vrmF26=?P+&Z>gry zss(}0w(wEn=HCnZ*J(U1Rf1Y}s5Iw1CU5Ryu7us)m495ELGlN+=qj-5j80dC<5gEEO6%6;F~C&tR*> z0!S{YG%pCNI52AdM-_QkNmSE>X&TKxo(zs_<_u-$CLUyLxA*L!4sTpR%FRaFcHTnY zk`iB+JRA~nDCkdrg_UGtK@FeJl9L~-ovOCt@+(UJN1R@oi`iIGwii?WMf1vIQW97* zd}jqI7gc84`HJ@ws%Vnq!oxp&IQ;pkk{pwJG}l38?F4lME5S%eygDIH#?@wYVUBcH zD2r2cvk9}8Z7Pa;Dvoqvv>CKdmH$>$pNp8)Srt6R6@ET)sTCYo#0NO)$6 zQs>YhWJjmyTb#ZWb$5%mTX4AG=j~LFT6Nr|+d1?R=xgfoY-(X-B8QI`e}uhONov^c zFwb^Al%sXC`M$z-rcO%n(h3t+A^=2QYN@B{7iT>gpDqnXmv%m;&1MtXE#M=Lm?w); zlgnQL1>byA0K5V}3bYiLnN54#xilJ7%@5@6-9pl<@?>gMCgyP-fpb2UKV_&Xime)|XaAtO^6K}yIGm&PzBdcTK+&WX6I!}ItZ#Q}vr=KI_9l2Avy^I_r}`&v zwMaf^lg=WQ=*&W)-Yk*oEyDW3guP3TeVXRhXA!-8LYjE84apX=D4@|#gv5fh1yDH)w7V%>jZZs8apZlam?t-BppsK&=_u|!VIGR) zKw!(Lzrd|cwdFhB79uOMvZoaus4o~oUvytAzt~0U8Z94nkD`Y@dDz3*iyu$q;yI6c z)E81CsPk`ELpkh88p_1p8sxKQYGl@A4H+%O+(<_LCh;b4^X9%Qa!+3R+)-fk4>wuq zLTXC$ zN!q9lXichLF4F}x+I4dIdN}pt0cu_gUB%CCpqdfmQV!I_;O1*#ABbOzr4z}=!~LANy5>Q>MG zZ%y5)IrHlOf4*_9?RB^{XtRaXN`C-uz$EE(A^jMPH>dP)#oHU@ExjBU7F3XhdcTeQ zU8$skt2aoh43L1$wOPpPS98^x1Nku+G#@5G&B^!yZp9;af3L!T3KC9D&NSN5ZwYjf z(yJ#4Rdl9JTqXD;M7qB4Iv`XwRq}#Dks#E{(A?(YqCS%;TI~*z{v6tDwrr}YnIw>e zJ2q~PL@b-L9M}a)#UiJZB$7x%O&LYyB%(GAwOEv|bqW<)sT3v=0)HPBz>F-8)gQFk zrVX@O?Ad48usdykOAN_#E<`p`1M9-;3Gq#Q37h_-rr8ctYaGqa{6}oz7xRLpSU~7N z^H$M4)p}GVl_D8uZa^aSOI!S7+t4KTi7O5E+ME%zDdTk zPr^tkLG_tLotjBl9xTdHmQcND||CLx+DtfmvqhL-5Tl)eiD7w-MR^Q&# zT|+1eG>$ODT2vfz30YH%%zzn{%W{1_3DB%bWV65;5;{>Z`WadZU|mbcvszXbuqIxL zn!@HJY!`_nc*}vqZ(y~wP@OYC1@Fw8(Lc>tX)|tYCQ9{^;%M0nVl(R1jCs`a5TWA; zI&jrTOzP^ueLF>V;jX@7QM(>qfTvHYVscGCo2Ai=1~g-~X53jXMcc>f%|3Sav9phL zObz2L$li%5u{oN3wtc=-?R)^C-3VGyYEiYlgl%1O8{A{Ot1UUO%hq(O*}g+6^B2tt zjxl9rL>!xnp_E{w&j4{;?3Cd!-6^1PIM(I>L^mu7cQoz!bgVzvyBsvRzSu6srZ`F* zC0t28`^p9o4<1z(jV9#0ZP|JJ&wEj54EjS3)!>s%cmX&7KnmmbG_74r zx@uvg+DSJaZ!dwiphQqY!7nrbp87i;=lXPA9;!=lP#W-A(FA^%GP*TkKzmr;8ntZ(!<$S~soEHKMn%2=y@{mti81Xbe2#_E zWtn^(SUXNegb!$6)>f@JFu<#L6-5kDihBxRA#qhg*bDaY!U|f7gEDy++8B@KXj%lv zhuUrdZz|hnt(M$?8M<{my`Jn|dAP!wJy)|io4R$*yLdI5L^nU6Cuy=Bn|j_tRQ9Ai zSmaNb@QC)N#!4Nwx~m$u72gc>3&oa4#r>g?;M`GiL$6NhEx=oOPs1Ax^-c95(3i_m z3t7cUH$)+Lw8Kil4Ft~xZ~u>e(&lpLb=)dlZUl}<$266GKyfrB6Ne0dk6v)DRXpeI zsT|^P3_|ro_<|uTVobHwGs{;BgbRI|DW9K;hhiCQ)K==mj5x?X;c2ZWP#{%y#X zCG53zX^KUOvLYg}#$;9rq9j7pVbkd-D63>S;KZ>m#T1dmZ1fxjnCz5AH_!HO-0Orh zAB#85rK*G(0IFa;Um$sC4E{?+M(?Jj3qOlz{$+N0Zk**FzVZc00-~b_f2ox8%_Wg+ zzRb814ij=n5F1ySmd8r*#g2_5`b7{2ZfXw=9Lr+8tnd?o2J`I)YzZ6d4kZE+jRW3f z#yEZ3lqyC_;Bg~!6*Suj2uu4{vt=jC<`u}s%2&nwg?R1)-t4P`sL^SjQeuQDZ1mXt z@7b20R%2k|RfM9SOzsXi+KG>jVUj&0wS{V_-4s8djj&jDpr?k;npYlVs%pkrFTzF;#SJ zgI2B|=_yWMivju*1?=4_o>@Ohd|R#CHWdN~03U^}RF<$QV~NG|hNR=WbkKUSP@4-a zw9u8Ug59Aus;k?geNLZ3T^BESxNRud9=JFNvVZn1e|cO*k|S0^Lk|IX6*Q<>Sux=b*{iBHahQN9CKKtA2ur&-22dn=Pzny|90wSSb+@Nu z>Hlm`Oqxp|$+w>gAkW}*^{p7Os86H;?`XiK`ECN*EhSEmzB5~KT}vBgVKkT%3*H>8 z1xW=Oy}&NcadRIf7-90PvPNhzC&)K~X-6>H4i`n|in=yfz84o%0sQ(<;Nk01>y&MB zZybU;nuV_Kn$zU!#tfP1M_2X=FOx9YE|J+L_-6s8QIVca@>!Z z<8CqvD^#gue?tRvjHDwY<9Em8cp=J)roNIV+>S<9H}daJG|BEgSe+9=;(Dm9?`Ub%tvq5_&LQ94%wl z=*dO^Z9*Fi_RP>w{7_@>9`AA>kR@`0Ao)1^YNgX{5X3uv2b~yT za6qR%-h;(wtOftzNSb+H=UQ}tbjdW!C534A9+ZfI#RT%Xpj+euQ zB;}j85m&AfYns(V@r$F-g$XOFzeyZu-Nq&~m0^F8)pef#If^Q)xzuDS@kjG($1ZtW z#P?OAjruCbOY=$1sG-#too}TuRf8X!T3c4L#E(ra>gm9h^?dA0Sfe)fsmxEn4upW6 z2-Ix{32}rnD>@&awgg)3_mPgjaw7pPwAL=-Fy)w^E1m&}o0T}ahIqZ~+UMA+RzD=Y zA?pZvnY!!hr$A=84L0jQQ3gCKg!!Q;Xhs8ZV+MIA+13DEbYd-ONzti<>Z0~IZ+FsE z`h^n81iv<^^6gB90I?RWG>q~!Dk>K|YV{xWu8yO|Z2`(NC2+L6p4lAp+W~{y2q)bw ziba8llzZMCKGtv8QMTAjhf6=z4-p)Eli9}|R>Nr2%g<0lsPuV!P%Uf=Ftd+-GB_<4 zOypL)oLa+IN;KC;(AON@iX$+#LhnvF95M_yZeS$_lQRb2ajCa|+B2gb+TD6%R<^Sd zf2UN>x@N*d$0?3;08}yAsRIRV>D<@;5_B1ypK{kuPj9zRe?R@XeY}0ph!-RedlXNM zf~iv-^r76ncU@WQc;Ob~m?7>%Wi^Wsu2L`B45O2FC=``;%cEnN=%77C$|o4EE_F3; z(aX!Uaw#Wazx!lLu~As&=~S3YJc1jy2kIHq%$b>k5KRKy7FHCwk^)wA#xUvcEWoIE z7-KJp#|)rr6)!x*zb*~FM!mk9q_r&BG6ob(dB%p=u9$Ju zwH$t5TbV6%wjd2J9DVSR?%ZLx^L+GdSzTX#`oIpcom1P?Rc>kTXM}>7GV2{dq{$f9 zZQmz6(ley73i8v658dcjH3f;`M4JBw%%T*KUu1Cp69q7!R5&>yNX(m@zzt6sjy;Ky zaYR~cb93tlyr2?m%17%My8#+yx*#y|qUj#}5qs;-!raaT^JloRXz+Hc`SB(yu5lnp zD)5uwJxVt`h@t$`RnQzz$51+9Q4;yEObfgYknz^aXogDJ*CG@C)CtC8P{DG^xKTO4 z&aF;nWk{OrL0I{M!uc((rXzE#EEzqS8mRfjih2M6t5HpVaKLadZ(?p)iXmK&ini4`=<}@{mqZPB*pA6z^>+H`4|MNul`TUi{RKA zZL44l>@v+Po98tim6C5RCeVpQX!ce##AhWQYkn3MA^wOhGs^)U+O}__Z+U*S8K#qg zzF}~AP^$;c_n^x=d53+pc6Zmsd!IVpr7v9kVCO)*E&K+EuFFhAbv~NLR6A%l)jvE< zZogrNXwY!oVijd1reMg@+E<2ayDM=*WI}APZhDChkzxlai6o6UvD?y*0;vNhuDr7* zGLEI?9`wzCOVr0?RW;^mo3{fgx<)(56t*2cS?AkqwqV@ld*5<~i*QhvhmJ zLllb0Ps&ZiiuY2drbEKZrz=Mvv}SooSp*%;VxZ$0j))nfAf>#m@fd0uhm?GuSFef{ zPvAy;L;=T}#}Q=@G4En(}WE8a}LhNzgn;{P1M^+SSA2xHUD zE*BKjX0vHp)5mA7H?eTw4-BmE90o(wSu8n-&5b16GQ5UxNq2ThA<`3T>P-_8jICjs zb%DshNP3GU;&&-N!AiQtV&Z9lK6<>5Crrd9#%EypsAW&2@{?lDfVB5Gg8{=}-CiTA zU~F=s%+QG#Qe4OvU6+S$otg21c_uTR4kAut*3#h0(c2Ae9e1&)Du%`B`Qv@`*L2^d zXZa?L(>aNgn%fivFg!doGxU}f2K#;9xvbB@DRFE;_;xV{VE+hZ8D_gJ(~SjS#C+N1 zi9Pox$3aLIS8Ks{jwvr5=%2LsP_VgBZ6XMQRjNQfE;hxqL{dHvWpQqh&9ax<~biSt5S3L8pT74XLA+4kW!~)R2jQ`;K8>}GI zeqUts&`RgRghvT`{I7CLtg5(%vpwXrdL+d-S1bD zKZaMf;{IZ><0!Wy18e51?n^flaOIk35pth@ma=PN!ZF?5{01QoK)Bq0ZjQ57d6LZ` ziTyu_3L-s4xMYH>z3e`9EPT&Fk}k+Yl%)s97jnSD$E&3$M%rFNCI;z9pGm|LMC{C@ zFL)j2pny1*M#(wMmxEe30|KdT$vezFV084HlDVtuyfAbe!Rl6+VYWM=5b*4;F9ZiR9j)yQk`;U9AGo{7;?4XSjAKB{~$tpGoA>VWCE8BjYO{dC#`uUE4d5f1QWs=AU zN4dkR@F&WLg>epG>p;76uT~Uez7U7Sy#7&EZ6K5W>9)B#R7?ofVO-MyMK4FKr5f6FxUawTAe7uKlbMt=HMgqTc0lc^YBteQ6 z6`QYuhhqM|@?ZWa6$fH3MiU74yS0V@yuj?#6Lzh3zxYA-5*8xw?uC_y3WJml89YQ% z->?dIAGE=N61pK!D#uQUGt2TfCB z@$ok8&>Q?qZ3mf9-<4BvE#$==YRN@tF(Yl5@U`{;N#Ut|_1(M$|J0`#y!=r+5`ztX z?2HX^;Gq7Ac9u_ev{d(Smpj)#7_Oi6A5ZVHD_l+@c^Ly8n1%T8>dP22eOsRT0;wG3 zWj$3h4B{kSOPrqeJtN+)|JZ*R0>IN6Jdp2ZAFyDgXWbPk$1mwbMm4-e$EPv--w$`e z&s#8UD~NmHhr@JYqK+@gSd(yiS!&-aEU&t6pFWJ&h|evFe%EJ2tu1((bcXM6BBSL5 z$R69P^QL1c7WwQ9F6n0{@9)Fqe1_OVF1m>Ka9HYF@3$K5Mq6-v{;eNBs|5u-+bVNl zOJj@w80rqr!dtuaYK6eV_+gqwNJ^v98)uU3GJoXwL77*pFQg-QMqi=Y28$_TAjGXH zKH|x^y!A+6(xPV+z;;_dPloFvCPN@|+7Y2gd`P*blT7^195g&4MgZuy@7a&@|6d=! zG4uYf33~y+Uw(F9$niby`*&CVeBq0F2|%L&fFS&2K>Ss4y4s%;(LwY^`XVlDU{_^T zCmc3kuIeRPL$acyp4GapP~Ul2R8VNAd(hQD62Up-)hE&E`dSBbPtVE`TtU!yHC}0p zkaz38EawOxEH%~IwK<`&0jaj!d`M26(io?!kvr^XtxE2NVvIieDhTzN)@ZnH$a~k( ztA6L1bVvht1EZ+$ZAVqGyy)WvPp0bjc-u_&MJ{A1O&&4kS9&8+)6@F z**LxM&x8r8QP;1%GMZ9O!>#t7GNVp1)fmpIQ#SI>b=V#~IEVX?4~)qmPI~bO`BPNs zZf=j9GP1z!<~NpsE+BvK$va|X{uFbO>bHRGn z$|f$$X|Bk~hkE&4CHE!NIsbU+FAwF_3`o2-H}3?w{HP z#EH)4{00I)4I7C3^?I+EB$%d_n79Tg)dVzagHm3dT2bvxB5HML6c9%hBY~4sx*F8% zbhz4PsVE7ySX`SrT&@`kGuIIPpwL=yID%y!5|=GPwE--tMu4tci>%VyO8pacPVHv9 zIBz2@$F}jF+JZ*TO|-oE0Hbl;|YkobxWY$Q~T`fyQbHbjf9{ zd}*?cHi`E()a;!Ej$|pWxvsUFA#~rm8D9HfV+-9dEn&Od9-ep#2$G^1Rwh>{Rceh^ z$O_bH(5POsCjU`LCPwZX|7h{4-5SXG=5OhyQ&&*BrzEWN{Wt1n(xcA|y>{sD6V?2n zdbnp=QXYSnIR+cJOS><}clKzI(v+n<6+s6RY;eIlytWD#fyfsU1%ywF0|ke@(~i43;dLJh-eYaDRUaocRS z!%oMN6sBSJlMFXQ6C*SMY?gWN1DVOxq=c=J*McZU8EcFYhRU_V1Gh|&@2>m)XQXaJ z@mQceQK_2H(OgHBvZZNKpslMd3Q)2fb%9VvdxTz)TAy?g^W@fsR_sWu!*!AWNoq!& zSEGBhgUH#PBNW3Y~91b?N z0m1P@>2+>zS6|a?Z#G;LuW5Jm7!!MxNamaNjDu+JiUHx~SX1h*Ipb*r5o>PiYVK%? zr|q9JuEROIkV09o$F-nH>jo)pCGM`XH?)`5ICG|0XgM8cL&#wh_3&ImbP7s-m}#<2 zN8&BV#U`TMcbwYRW|9dXHZeHk6jwGwT>WDY7D$l`xAMZEKC6bj%O-b{<>d*iTUyM) zRZ&IT*028k1XKnJ5hR5pwFNm{45M=te0Y-(JORJ%Yuyrk-10X&XG60bU^V#rKmoLb2*aY6(Le_h&p!F3ECy8zRQe$h zQ>c~7k1RR{x0Tc9k9BI`+x?}jdx2$<%`@^X?jNZ2rd+GsJzjH^JL7U8N3a5q4_|B* zqKGe5H;Vn?k_%`ktGiZ!eyNGfc6VOF__2HD(U~Qrb`%LO5$-#1Bs^_J8)O^X&?pO_ z)@(#a1>%UE-I7DXq7vKK{4uN>Lq~8yD&-T8R%P?4jFnbTTnKz@AS4TiRHZ0}N)#Wj ztzk~zT!=K3+4%jFPlvRafn8L5M^Rg=rtI{>V=SgN4XGoN>Y>y;_Uu&3x;D$3Ko1&vHhE~PzurL z2L1c2{<=$LoqVCSm;iV!bd2M=Lu|114yeP)J)x4 z8ShtmUlvg-jraTPB{I)aXliSOV8!>q&u6+}__#C||CL)t)M?(qatpSjY}RV;+3;^~}4E+CB4 zLrg%7NqiR{P#ttHONyr&Koc+WwJ^bTIPmI?I>|`lkU$dp2H$Qub9^OZXcXU@^}*8J zYuDH-AI-*91FDygt0B@N)$IUlW#MRrx#>8C>47vfOUW=tT1m~jbnJgV`)gCk4;Fqy zKF58U3@@qpAYsXa;|h+z!!DrGqo6A*oM5C0?Pon2)>Z%$7f(5hOXOFmydtTqG@}dJ z&D!=_g)8pp+FreP^`s_)#Rt+vhofXv)y6qahANpe4_V1L@Afy zDh8bJhiQ!OyhqgcwhB?Jg57s$?Hf-tYzzrjOsB*TIG5wP;aiYukWbdgr?E=zI2kjh zb;7JYH@X2!V!4~b6FO~)Hs=62!d#+U8Ph^TtH6J}eB;J{vr$NcUFUz=z{H8FZ#?O7 z28)vNT$y4ww(?6!=808M(nDRSks$VCjkUy-J98OzD%;+xp*!;28A@&a>P}NYSTpR- zp`W*6B}n1JX<+*Y)rMYv1jGBB{Y=L(4Di)zA>$$0LBmFEgGUCpe@9Zmqdt`<1@h|3rg$>?g2;i8ViQ=&2;&ebyU20Ij!|jWG?JX8 z_q=%La+eHRyHRPNVx7p3E-a+^w@$OJSydnxoJ7YCKii3x5Z{27uD0_AVprI#u(80FKAr{FU)j5 zany?pRr|HHDo43?ar%7l8J8F=Zb&W!?164KuPwet&B~Vb;cF;nMNYD#3sn$`4dKEz z!W&y)y9?=O#ExCy8=q7OXPq&rWB0qyI)HpRDHDmqH6zBnD;{C8aJN6101nd1c9Y0O zK~vvBQzdO8wsx;C+m(YJi=U*&B9kJRVhMm=5H)N=*qMCqu6sEUhL+=rrxwnFGK}NL zHO~tP+~(%s80hnKY?@$Ttp6HEl3Agv+L#X?zjDszbBRltP`X_VUF;UBKjz4mJXT;? zpsEbwUgdd^WCSAwl=&B{=X_R6GX54X8Vw_PsoCn;gaa;U_>U5jf^4QUqkq5)7#FeT-fJ~4z7ZnF*s~b)C_jgV{qr_ zr-GaUy5AclK^qu0WYqr89Dff&eETmngR{k#%)*$GM38wUJwJ}zmX}^hl|`$9w)*r3 z%9CT98Uck3fT}_=0|Ph!jRnG3Ed&BMDo?f&~UV#sernVKIZ4;aYw!!ijxOiS+Aq z4Iiw-d!j{TA+%loKf}3JEp`v=ZE3)%}(A$_cTXV-m_Yo(*;A zd`Lu*hjnM9swpJrvV?LUtWNf4KQ2O21lST5z(H(e#XIFoH2p}30e~o(GPTjx3;A+X z$&$y}L&d7{nUv|4TEevH}UI|QO zMRL{9M|aG^_{tnM+8Rp=ut~8CbPQ;L%9FQ9#({msl+by(lSNpi*VK3mr&XyAJuh~j zk%x(*5-yk3J9Fk5V_5FCO)`n)Ct-V<8JkonuAzpVIX472 z+`1n_k^m<^Up6|Z0?)B}5_^ptTuCAqV@8<-+fkC>tt%)`BV%L=HFl*A z+1-TxE9gc$V3LeTUw<+tx{Uo#x8#SXl?W^y9FoG;6MXn0yr*W{3DkP=2`)6I~*)ePCj&ugkac&ONhdp zg&U%YtNx5pitkYB2rme81l%I#kTt`%vLO6z*ZUMjdK5ebGM%?To^WJ-E}%>i_%*;$ z05r^mQ%VJ3f{v=91PdF+gzaoYWPKs5_xnk2>lt_AvDOHTVJE`1J%u&l*$3bu|6%9f z^MHrkk*#QIrw3@JoFxd0(j2t^Ci_YN!Rxmzn%&ncdY8%&=##2bZkXfe2<_;=g!yX0l#Fo| zdP;*2v1Ug(sUY?vcxB*8Vdq6dhZbV(f(euMPU>cbjIs9z^Z4>wG?JqQ&z7F5rV=Rq zutl`+vd1SspLd@e&>~X#7(soE(2@3y(a>L_KWKLJF^Bpp{!@vHpZFYIvMH6CO^6&?@_|AQ zm~db+P{t?rJ^?W#@v?_SNv3Didl_iZ{BC%dU!pRmEk{*H{DdX=hqgeyr0|2A34#r$ zBoTKc%_YA?={LqyOM6pS(Xf||zPce4hsGcHDxZ0V4b1O{k-%D$!II4Kl|csqHtM~< zzY%VAXV25+AnX2WK2G{;hJHSlQOqCcdjkl^$T%d%u5wj*6G)cwSk(PZz7R0rJB14{ zNafQ}PENWTsDrR)+qs5Yys51Qly74m=L);26g zZkLL!Zc9^8$t7I$X7H%d{i~2Q#s&yK^vv-*sT{Q)%SlQ^XR6?5QAWDe5KX^5VXPGw z1)3m*C(#RN{uJF{jyy4C{eBffMA-V=C}ml1JTHJ(Qc!{ZyFg%p)6QP15@qGL5_V>- zRW+MOna6&qwH}txWwA=Wx?cDzM-Ge7oAJq5uLO#=O!414QF<=ZLFryN@qCug1|8DABNRve#)?GPjRDR)219{ zT9XlX$6#U)mFCtck3B4P@+x}G$>yTer(|dS3TNE?&|@r8WdpTl`gF;a zg@v>u^r<5W{O=L$@k;nQQ_yAW1;LTUTEC@)K_m9VKDvQdM9W=0D5|f3s_d#{%(o~1 zD7C)H;HdNiYQLzslDf&=^PBGQonMHH^OFj$Wxf3O~pGvMN$II{#dyL z@v6}RlJIh+Edoy-;SZ*{%8V_>|r#LI$u^@M$) z=pW9og8Vr@S(JS@5tbDFCYt`ylb`)SFjmczyyN_uWdy@Dn5qFld67ea7s1^v_MxIW zmM(R(adCKQvV$+w!?ZO1n4^hfnHd+E&wDAjaat)`q79@OQIne27v66GXJ%?0=FIK5bd6?rfdm+4Uh?j4C4^BbZfvI8p3A0GDW{#+` zcu0fHb({Yg=J}2#6TP!$%KNZu%osI~$FgRlCGKxKI{ZO{bO#&uWYf*mf{ zEu%fo1VR^iuh5R1G`3gSPB5AmZ7|m(D43zK4hHqkQYxqjQ9+7wQ&2IJ4qh#X*8Mz- z#{b|5q>~BZ8Mda9U0X&?bW$`o$Ikjpp|q&6zD%Df8Na{Q(Cin^SnW+1%v0IaHEJyV z?|PJ2{hGLIA=Q98EvX1-gP+g8lGWW-y{TG0nU5wYwMS4A#d9LWpZxPljtx;H$|uM& zFJF$%$4(@?8 zH@QTOBwg__$y0|If5Dg);_Y9*sI^2Zc<6bNzif@C+ zuzrgtD61ofZpU zAx9HnL*~o+%&1~wun%Iec4%!3)^GT?Z1@PBZ5Y0MVQ8|VU|D7 zJY~W5Wfs69edxgvk01crNdHW}UrqKzLy zfj8f6W6IhT%;0ok>m-KkBxd9k0o+Fw3np&spGV$G1`P1w zJ@1Ax2?6i@1g#b{c%&NRWDiE37{y7C5>fJ!>RPmVou1g9^2kLzvbnQJQ4-;2cp-rXY~F z+=_AAx%$mPwB;pKX3^QCFeTXRxndnrgj^jXg%U+iyEeeB zzx@v4rbflg7^ULSnV38p9CWq%p$fRDrALX{G2h0C`Nc^!fXyQ#R!^cg=3rN_MvScW zj%`n9Z9Y1PaEGKb_TYLJR|aLDov6ZTYAk5Fe)d?1UI7g4uR4>{g*#$0y>D?noy9FO z!qboNk?vMnsGCQsQ-S&&8ageel9sCYa|aCC%dK>vs{k2^hTax%jH}vpm18e#NpyBA zKqYEW!;}W3IG_{N;IR6cEki=H@(85m@~A$^R#%8i!gzb}G0OBqmR@iH7ruK2?StkL zp=oAZ7i2XqbM=922Ie^##?G;oo`i+PNOMcHugrO)zIxs^SU63=6ukZRskJTzWwFCR za%j3}D@<^z&I&3yRw*(2M*8L<4SL`y-GJ{QH#c-3Q2}F}onngVHc#cS(^nJ)7^k9q zfDbf0%?)}^mLZg2YC3+D9tiU$q}EN z5Z6M)vt)iEWqw--vf)q&ng!vDkSG`!@aFCKGqStZOAgzz90?fTM^|spP=SO~;wj{< zQSV$?`xpMJ4PmEzia;w^DAC57yR2isyPsgJ|NL!zc`w zcy96-40_ROWBhIkc-$#)AlU2Gj1KN!NAD8T*cr}QBs1>lWhXrfr5o+2CoM{`qFP#o z$#RgWF}WqoNk?N705p_ts8kx(=Lwb+t$gs>L;3*qyq=-?7b23W zeh5tF|I9_ZLBo2yV( zy&lh{g)6AhCR?gyp{r6~2sc&YORzw~6etk@T2Dm<%&Wh4SD>~3V;H0>=X(6t`rgC( z%Gz+rI*r`jLVW%{7Dnu> z3aEwyV-j6PhHKsse5v4L5Vw?dT2*p7f~+V*BX?lIfdHj$9_%Efl$`v3ryv|0ttEJ+ z-KaVkkCKmS8x*O3+|^*uBL7bwytiM7m1+} zw}~PD`;Wv>FlM=^QUJOln?%!zCuKk4PJWx_SD-G#Wfh$f5woD{7j4!)zW=#6Z1GO; zOS9dwpTkJ7wlrplPAln@?l&tTX(J}Sem^999W45alx`0aY~wzNuCzwgN7@gJ70v2_ zyB5_twn)pd&;S9V}hKch256(=;il(}YIBB2vW zVy3-V0~>v0miRve<~q$47QFf`hW(i(KSGw*?s!P|9OYYJz+qpNncHYARyPb;9Sa&C zj_+3xvNU6*9MWAg;Yo=+#cDobvvP0h7Gqv}{BQ-$i;>bv3Ee57k}<%W+cPTV;jR~s zpiL&YKkw6w%+8+O`c9b0%mu1XKK%Md_C>7x z&rPWXwpurlQehxYgGhR9d(Uf4NAB zzJt&c66IXeWArMUEDY7d^cUM|6-=DUy>7kM8daIxjvUR$mX|)3FKoB-KqR`9Qz|?+ zG^<47`Kq%0WWxL4z%Pqz8@|+qzEI?7?QwQZ<@K*8p!EzQsk%=kMF%B;6yZbok#DFe z;gF+GwfjD^DK6B-?YkkL3J>Ls8W!k@)fvQEu1|+FcpoZF_ z(EMVo3J;=|{)fSlFfAGVgh~_2Z_Z2=HqQ>59m?8hpqr8JhXD(J#@oRW&;9VS3?&YQ zf`u(CcB3)GJ-2aC7hP2ePcBwr+Fg3=v3}CGxBvyQZ9aq zrEeKHV1wYw`YLlPIKP`wC)!I-a_p zDrN~&SDt!f=#&4+r>LZv-Br}6gkhAy={Ar$YECE3D9IVab()fuoYas# zFiCJC|6~*6=Og()YzBF4G+eNS81yE3#46`PGahY=tSnPswDCXo z#LRj$;|z$`AOh-^y05fBJBj&;9E|(4E1F?REu;i8%q}}fExC&qm`E*UUse2_uybZg zPc6y1mkChG{wo6+udXyYCLce$C=ri6gH7xA(hkFp2Ilk+q>pW812q~rvS3PbA+wEy zKSHeeUco#tvE~xNBbk)?;#knu6WT^`d<-Y>OV~|DarBJE&{l{IMsX0P%jVeE=(K3z z$3u{6k#i_5IHj^#zQfnKh@0?CnU_Lx7T%+|F+ck`W52ok%0M*7o+29PNwF#zQLh3i z3t)U>yR$>S`U5qCaWr)jB4yW3^&r&Dd4`g73iIU{SGvIiRDX5y%K@DUk2$GC!|w|N zt#s3|vrl*xv5A0s3>;S@_WOQP&Vj0B3E&-g-;VOpyIm0#WO6KO<-`G+7$Pqj*R(5@*DZC~IUPf~Z&6_?A!-|P|l12tPS*c}(OD+D*% z^y+awy zC7l$sd(IYYOacLzkabJEKmDAl5l7EF6P$ltgKVqzqwdVxDZ>{H&b`bSdm1}hCAqYN z(~Ug)&!mkw-O@wpnNe&idQ8JC`HwrDkpwhmd8=s;Nl-L>UF1}a{V*9$p6XGXJ%#s$ zF4y>NKw>Av1y4C?aLLh7u_7`3j1aAH9UEN*9T!`)YSp*{EL|4#~7??7<( zfrOhxD-ETFhw{2W`F=P{R(CO+e4uN}d(?0ZVy(5;iomBtE@?Ctrr{(#CljS?GM!nK zedP;H{}8r;coYhj+GoX-dTirpWmFx#hp?%n>l`&PC4=iI1GebdvKb*MHE+yIfR^91 zzO>h5EKf-6(@j!YeGcrIN1+heOJyZ${k&xOWT$TK+zdVz6eQ&}iMb6B3hSEsO+pjD z`vvbHotEvn6xkoC!bs{nrEE+ffyr3xrg+W$+SOjcQ zbFqtl@8fchz%(N%s5B!jWr$Fy9^hlN%ywXkIXoY(L_uK9z!1Qjnp^;abj*{t%|lm= z7G>x;%+~w~7O76=0vV4_{ZLbT0Si&mrbEW}ht#lM%DyQXNDHg?Pd}j!)&+T5vEnv1ci4% zd5q_m6q$U&xL((rEi+t~tQQ3gEVAoyPGdyHEr*C*j?_taT$=#aqlqxCb_i|$*wjRZ z2@N;c3){&O-Jkr-TP>8?gw8L`x1cjkxs_zu!xhnAP8B;n7eHe~lrNfRrdGdj?#0_^ z71IV`gT1o}++>ti#QJ=}z=+Vp0WaGb?OTo~H67y8x6*@hU~lfsHHgq>qJK%;i%o!Bij2*$yRQHzaRawYcgWA zcvw%i2D9yNaZpp6xVNwvk4+G%9nmSuN;~!Qg$?u^Ax5J9gFKl$Lm)-&0bI}@nRT+z zV!V004Cf(62Me#{-NgayWLI<&_6Wj=31Ag!(p!F!ZgZzO`T@lL$j&;I4ET3$c?w7v z2GE>Ew%IL4$byjY73?3kaikBVv*lm#*eaeJ^sEJJXO4drZ%R^^k_Iqe4X74bS&;iU zXTK^nzh`61;pe~Hi$;9>WoZ;jJ`_4eS@snzknVw!pC>`XECIF5@ZYXx9p2H3JlwE5 zeY&POWxsvnA4@#i+#cVRY&qZC5YsiY7>@eJ5aXfu2KGNG$J;EA|N)rFbqfe&Qj75Ft8lEJRdI~je#*I;O^`S6Xk955ax zY$g6(v=^o-{*0+RJ9$ElR@c6{wsMVa_-;swFGbYi59G93k8owpT5R|(p#YmOx-{uCY1sMn;3rDw_o#3yTGbT~taFV*ff%Ue&o@_4XNN{=tbA z{gaTfgw#?u-l%Yj;amd+J$6m!wDR|72-iwCyYAd!30YXPy%UNN`s%txc$--D?B^}4 z6v8cn+?sOFlKwFwhmxx40a=1Ig=y%ZFMa;lAMP6sOBRU9pRSH2KgwimEj7aQ$cQS(|0lQi6CSxuVwzi zc~k93r+#^tl2(+~x*~zhSZj5gSd`+Ws(`@S%r9Hx_5)ujV(+5VsxKe5{_DCgfC|L3+RO5lWkX#nood0njJDpW2H+>%wN(+Sb&oCd@btX?B=_F5|++J zk42vodr8iRe9}vy2|uGx<80G^L0!J<0I7UlciH0WGK*t#A_u8p*a%8f>sWwLL>N5K z;i8ZsVo8}-ZlC_pqDR9K-x z>YW2W#n7=FKpSXks{4WiYfdSq(t6M^8EVWYmse$cd(S6aWOKnXOQDYw{fXFw5$B<@ zQZzCG7|DyqpaC-rJA{zPyG)3=0VWEmw$vjFvqB8XPIKDEDU&sHqy5}(lb0n)l~O*m z6%QH5GK^vWIwoKd*N6iLqOK^IG>s6OZwv5`HTVIVinMYBQj0qBDq;D_=yv+*P6*f= z{-V{VLupPy}q@u9}MJzwjL=tq3N@oQFCzSPeKbiShFm7f%6sW ze{XhJC1!si1Y4wFgoFOMJ-`oaF_G6xBszQU=Uaix50hxC)!b^kQK2EJXO&jye90;S zX|Bp6!d;s^akS>ikIC=h7Mhhz(MfCAC$)&ibn=&BtcN%i7Y|SI{taAo*)Axcox_1y z!#q5VRYG{E+kt!+9c<~ZtkbIFgSZ+r-Z*XjLfwYj$NShaSgWd1C)7;DWy>&1X43%S zH?P_xK^uPA1#}t>x}RjD#AcEQYmmKdDT>E6OZkLzzfVMYEEtK;wsy#h*Dj4urJ#dD zR}yW93iHEDIyk%yxXB@cfqO~gO{Hlqe7J!@2M;lXO{Z$CGP z58h@7aTs4fRFX(JLgSN#H)AcUCN~jk{(6H6*Yfryum#lLzA4!8%1bnx zwuQ#jvWXcHOpJ|WtKda8YDB{W&Fa2K+3bJUwHKyNG=hnn=z6UHHb67`uikfXg*w`H zMSHNCuic$AAy@jOFl5#*Otee9@50KXli%}j^ip1TDEkZIrft5(JEqX4hsbyzYU5jF zeHAR4>+h8K^c(+?*DiTjMp}TL*B>wi&7JMUIe=tg4M{XSkjj|_t;?t;I9~Kdgo!dDfn5nx zLewx2>Djp>{(v-PwLI`qw3?HnUs)*8KVlvqpLNvj@;@Sa>$g)$Z~+0ezNPVNAh-m; zi=D7VT`N~s@&l=A-KzZe@&ea_3U2Sx87)s&leE%yhw|Og+VY^l@rRQU*)KQq{r}!u zE4qSGegcI-^gv<<+1<_C?hc#2IPnr@12W&hP%W$*L_m(ylcuteI|x3_hcX$&JmkqR zI>~Ju|H893!@J%MHy+)v1_6MLv>XG1;ru5)kw7=#Q*)kh&v?d@oj&_Cy5oCgX> z07eU7qxWJdrCkG7OKW&ZfTk(0E`X`9YoD_M!>RoQ#)NJEBB$ZyTCZOXWg?K7OQRqCaMYcAwH^wlm5x>kq^j9^L_s7V-23&;>dMD+g+8 zk%@$cdmt4S1dtf`lTbyV2BQCScs(j`B{K?N)!!36?!N8=%`7r^ctG$d(DC~z43VSY z>cn!d9ZsQyyJ8)=X{`aBDGpTWuFbkFydm_-$pvYfm{_SRt1~?GEbFTcCWOE4OwpMj zU21$`8D!Ph=@$4;9uR{8H+GFc|>pX%KduLw%+eB70eRH%T*9TRiXki z(S<>-+P^&z8F7HjA|P8%Nx%XVh%(?lg#@c|H>frp+KZL};!vW?U5(1#wh)CRLWnpU zHYoH82wa56y1svF3qnS=e_}XVvwlM58QNFVj707&7@}=E3Svtj)|BlY_v`X5YKcv` zE9jN3(N9fs;ZH`@>>q`lH10x2Z0bGlxeG;p^}ea}TOV4lhF#CDo|XEKXGC6{7SVro zLqn=XN*vuoG^F}A1MRy{e{kr=o5)5(k5wGDc@KyLV-p&?=A#$V8HD=uKan-{aYBRo z#BwcL<3jX04XShn?j$A|-s37w2uv6f4G?HVRd)+K?2wQGDSd=~LUG06P9OwVq#Lz3 zq<$Ln%q#GmHfWAw^FVT)HtHOCU^`X`lds~>OG*K%XMTkvE2{5C%)c-RGowh9FEJ`L zMIGtH2BuP0NPj?0_~0KPN-pBVs4V^b44Wr!XI*%Z6NISMW<#7d96y7 z(VbSnex2E|6Yoci7v3hNxK#k}-nDgnlJ#=j+QIapV(}l@to|U0J*udmBHsTpy+DP&wL*v8RM%9KIaACx50tz* zB;T4S^j!4($vnhvi4gbqwtZCu;Zn4DC#GSZS^yjIuZUapu4vF9u%r9Em9A9$1^i%!}fo zB|v5NmQ4aB4pP!f(lW!p6!Ck$XW|-bLqXlInwZH)s3fAJpdtNV!Vk(!v zJ*yHtUY5Lq*$H-L3Xv)=pCFbGhQ${=_0ZtzDRFX)y@+8^u-z=G&}EC|m4imk=UGD> zV5pCwb*hWj${9z--rQ7y-htMFi=R8P&(o4D{_l*faH?K!VrySe=>+ zkAAGt9$wu=b^>(qaW#(g^b*Ep95~P)*C6aDHuQ5Uyovs!c~hg}Xo#=Q@|T;UZB_s; zroIseL=^r3cNl|P_KO5dW2#jwKP4sT@U_MF8m{DVfa z9#RIDto>jaf{StY$bImZ$iG+SQXcFp#b<{U^#d1^WHGx)KNT;i?oAxvfPs8 zx_M$(g1z95yE@F8@n2~vkLr~sQGN9j+A<`IMtftw;o9+_z<$<+`}cIK0!adcg5SYk<=zazvWD67~yVG+Z%Uw8-R{D*+2%QwM zF#*4WcU_WDteMGf;PTAix^5Iu_AHzSfDrqrl_j&j zu&-|3j?DR8m5KWNV9XuO6L0-9k`qSlN3~s{|VNm^gXvmI+({k&;k*}Y#y(_y1tR*7U z_>A#sClE@>g!?usn@uJWusLNkMw)nYb!Q&Y9qO71#iS*l=KW?2EdGZL#3&M&YAL0Lp*%7cOVQ2_%(!0v zw4ZYfd3ecayh4teru23uqf=T>yBY0n5!zBr7n(G8T`S#tOInB4#uI6U(F_d}>q)Fm zb0k9(`&W1{`3Mjl{3IS{9sYA(>dp6vOwoE_86osZ$P?Xg6^VfyminV84eCo;ZxBAQ z;LQGwfuVgyoptGU_zB~7iu>$aK0Q`c%T_xp(>?AdAdo|fO!TP1H2QfPcW_9^3-US( zslf0usq(0PEXSxIgcF7r`qn2>?2*c^aLtJnkWM~e-sJ!}@(5wAFi$8-EJ|qbuyLS) zk2?Bu0}+FNBb*3<5SO#pJ%;Ob=HKH(Jp5W;id}Q2%8(`8XIro6)%P;x9}9q?i;QaX zxrDS-sLZb4-?jxuG)vxP1M-Ha_SjHWZnpVSGS7K7(TRdM4C6~&8}6n8_d*;B>>%Tk z)8NyOLhUpv?JOYM@%bo}7iP{4^w#zaYE&^g-E9l$Aj`dxW`Dz+N@TP|whd{*nj~yz z-IFskyFvr+t~rJo`9!4)27>v=>%i2DvLD?nQ6U08*}$`?_4z+LTMMy3XRmT9ABjaJ zD7$*RpbulmH&pwM;CTYyi8%=3W+9H+aef|zZRPp6gUPDju#P?H zf?K0uT%W!oO=YPyIMM~8~17KBdJM*Jl{&1to#4+6Sn zC-zAOuosNiBjNuP!V%lmiV@ouMHmc!mKQHo|KP86;_Y-kFWU_I^YMJYv9y7i7^0cqrFB z`hyNax-_IzIk74 zzwglAqlyKed#DJDuV~PapWKsY$~GCkKg{lX*Y>A<1X`IU*tIQP(PX(qoM&O@9NE!fEUZxic&v`j>WX1hXF*L=l>1v`;a z$v9Z07-4-lg$Fe$h@m>Zi9IQxqeGzXAoSbi#X4~voxwvZ%ejvH{cKhn`7|ckI%8IN zoaj-5`Nk5tkfm1Km=d6y4E1QIJwd@)*Ls{H=VFU&Q^)L*fIT?xl`5@cMHLaD6s_DY zkX;5pPCY=PfH{y)Ff9TeFq0Ele!U`sk>xzfrEEXci%i4Ihb zV^3#GFFSh;GwEgn#%sp8G&u zQZY10<>KB7l$6~Ugrj-knD60}S)=+vD%eD1NcR>emSQf6Z z(xQsUt71&TOBT=+lMT)>(&2`UQVeE#@s{vz;iV=9Pz7M_jMpg019t@y* zl^R1xP5|%Lpk(_*0LCE6n-E1R(IZ^-dpoV9UMB^!m~caZjWP9NHWrfj_g2bv4ro?% z8&f}L1oWsZfCFZiA3Q^@0ap8crFAr}Ym8ylD=lPLWdE8QOfoX6y8vQ7Of3!VtU2Zz z`FalJd1wPMJf^2CoZNow4P!msZu8hV2m%Pm zzS1LMjCe3-iR&*NRrDChAR-=NhIn?3%x^?_V!H&zK2+*-T*@m5Kg{u=Fi2H@qfcWF zl?k$QtX_(XlD-OwFsaI^Qo{BPoM4$rKikLRDZyM|v_iX7?x5Ns zhz-dX<7+*EnW?HW|JA2LQpCrgXGo~Tlvu9PPEzSZ$p7^L>u;Igv~hV(Z8>Un@z-E4 z$W7Pc!z?~nOEr^7R5O@@CnE#2mjA2yFEYcGXiVQyl#F|(L54dF7)~iv4GDOaPh~-q zW{dVW_L5_)1~t=mL=k9=}lyasZR5-iGJU+SEgD6=2dum;7&@*)v3K-e=@cQrUu8R7zYwHPevLP4rXO`{ z(2P>mV4cSs^^-p4;{C`_cQ-YVv#Z=vL@c=wW@8iUd~NVwI=6HqT?n!KyGE6n?^=bt zWB?-BCc{Zv18_$9B}#GMJGBs9YQ1PcTG-%!&uHr%f*K7KoxM5^(kIDjj;fhr9sY}J zJ=jq;q~ei0=_VH0FCvp1j*`9Ylru9yyNj3Ph*eIs^0bIP3n-`XGL(PLC>3kylOgzI zH?3~E1*+-hnIlD7a~Ui;o81c9#ZzhvhLk?WG@~9a0Wmh0-&P(9g|6WtJTJCka1rfB z$OV+_Na;e!VpB|0BqUqN3nUAGw``zII!SjFqL*VJ0w=tt3|XrOHcU#&QL@wX)1e~` z{ukpC03X;B^COe%5S+{mDG4eWh2ZE#?p?P9I=Ote;3uq>`8ExU9Mm9t_Hm5#$S7#r zFB%9y1_EVOY}w{nLsy438yL<2W1-;8!xaRMLo@!wL`H5R!-gyaGj!Hn5JUwzg|2;< zPZ4i()z=i=GmTAd3yo4l3Y?^8Qid=tJmq&JAiaSY1-O|LIW_NZb8>yM-(p)!N%@=v zNprH3X{cyIVQBT#U%>9U&kqR800*KsF<}gM%Y+BV=NYiV^3J^|y2Qm(4dBshU~FQ- z(7SO7T_HZi{1g^m2oS*b#AzQdvLce<&icS0y0KGpb6HMtLNu2wDgq;fL40_&yEjSN zH0qXY8BgUMiT)lYu3eYnzxA+v{O@h-5o3n$90^Q@QhGVhx3bgIDLA4iYxSF zkV4vq3A?!58`v&0Fi8(p!2>jN(h4ni-2w{fq)9x1aD5NnO6G!JnJ_X*AjLTdh+rQV z#xkZKO*g9}C2!p#DC2F0e*4Pt#G6OFAs(t6A%%!vqQ$34z>w1#WA~lCN{I|LrxVdn z!!dN}5w@V+(Mu{-8!2{#ryv2iZm>mbRcB3<V6Rqm=L^mAKfNhKdJ}1X6r%zC~|; zbCC&B=H#FeB#cQWu%DTA%EIuqD`-TtW*$nG1bx^I=lJm;FVe{UzB4_pSKQvcYj!`N zt{4=0aO-h%SVI(d1BnzgfNZ9&SaoZ~=6KkjUHv+GhUre>V?_$B1JN?n1@Ct- zBIL|iq`|8~tb(3!#)ktS#=j4*HVMKUH3P6@?3-H>%F5VdOnTqMAb0r^x$y}hEQhgD zTvh8t{p{L)^A3E+@xS$!C%|J-C6cO$FiO_4fgAXig02yqc1rJXP5D!==i%zkr4b#| z%GTN9(+kcn34Fk79Jph}IIR0Az$=R27@Cn}CE{7grW`43@d@?(IaN@z{uO3AL6}7< zC~iW6^vAXo0DH_n8Sur;CskO_Tyx5buvKmkXBlA55yO6YC?_(XU}Z7pOPXx(9Aulx zp66tB%8 zXk6GQC)o`X7eEiQX!xGZrlA-qJ*a; zSd4bnhwV-Dqk*(5gPEy)nr15>Ou`@5J`O`B*+XOWR%$ye2N&%fPKV0LiMSrVrNvXL zz*{Jzwjrg1qz@p(kfWL^wqT6jVB)>y`;bjQDe8^kGB!$8kr^p{if#|&@)U|Df97Gh z$VJP}Z|*}al0+d(p06p5hKGar!-xzl!9`bKfxqXW5eHrJNh}E3lKIcGC1V{9Z*~Re zdDg7C6>|Nw?0;YoA^qO^jAdcIRQxK4k6@q)Sr_pY!FGN9^} z645jh1sVeX2I(zv+L6kwyOkU)J}WQwp>OQiK08Z}NZ{j-#l+LZ?KpS=<{{jq8T+IL znM5MI;aDB>W}cDk^@}%8Bo=vmjQ%5;jgeI#U_3^pG(Km__}bx-(*U)a+)% zanCYg3Y*KegyW5ms|gpeb0o}KqyCkd@DR%OQIjE}HN^KCSx0aKJDIAbJTcC3^y$^& zBp*)r8}U#oh4L0<)5|BMQeIQ8nuGFzor4ZZM1a5l4VnruLGNomF^W}n_~+P7)Y2vL+P(X zrhC?Jj!~^Z-$Vp8TEHNMfLnkbL|hXPcDcLlp?QsgUH~SDegr}6o=Vlw898$=TMtt| z-FiaK3NF63H)V>dWBjB^8|;W>uB;VxA=J74QUC)YT#0Nu+1c=_!<}>Go<57jh;}iH z=l-08XlXXf6NVh}()i<`3Z?n{5yp}@RP3RJ)LN4OGp! zM1g-;BxXfa2q@zI)BG@@agWVod`*A1zWILax)QW3WRTgdp0tR0WZYo!;2;t+N7*KX zB@oZ-Ptaeo;*X@!706S4iS$-%I2I5z005-N+42Rt2A-g5Dcu}4fnl_YDe~C+zD?1? zA$^cran@C!?kvk$=4FisQEaSV9kdQb;)$v?+LCG9<((65tJ>2+?5MSLEb}VhGLufu=X^#Pn*_ODpJ@2BZOm$2!!?RF#JE5A0{g1cALZH= zcB~Bco>(8v;+0+OBbhn}=nQpAcS{^~bUu`xGTz@A{pdR+ri&V2c0&{2k7$N8 zD%G-p-^kcisWMMy<=mzRl|4S73R9n4>m*+>jJS_+_RCbzdN_fG4Yn2&uuJeSZU8|^ zuw{MJ4uz;3Y#WiKEe_KRb`7<8AoUPsr4m-=ifJ_Qu6!g>e{Up*^M)+arE(kX>Oshq z<_Z_YgRIa)!;1*l$cFkHfLo;IlRE{w4pvr;dyjJtbc{3*jgdh&hS5IkoJ-Y>5qeJ z3z2EiWQcN(8zg}Pr3Q(zEThR0=sN^9tf?eW9ESdV>PcY>>H*n<1Q-j(_@s+yaH%eX zB}eiPsv{u72|bF;;ryCW>`k(b7_lU?Ax7ZI%^*9=(6Aj7}O9RgNm@&}e;QkeipK zw6p9=Yw~yFQR)|st59OeD2SCwP}z(a4`?vL>u3#9igDE)s*L3vf|v}Pkn1TIoB;rh z;t=Bz`X~TgJ4;@YdptYUPBp z8Y8piG)cW4?6q;^N(*Rs07OrNNKRUAkC&Z#7C`-cFLE#CGyyZ6>d+&p=7O7!=xYkS z)DGJ~4OL6z3WTVLI_IV=lnaiI;1)?DAw;&gWkc&A>VcVv$zwB%oCwUy3r_h1IOF|h zJoA+uEq+o-DR5V23c`64ge8n6OA#h^YTqO1@O8KzFsP3uZ6H1T7=QlX+pc%!%+8 z%6ue=&~}HeoA+ig_gtn(CdIhcGFJpS8(p3YojTmX`ulld)|@frh9f5c>RUD6s*p+2 z45TK22+r1q(B)Q=L|iiM&+ccAtI+}^ppv^{1tZ{j`Ms!R3Ea0jLo|7ZvF{Fwz||tw z5Qp#HY$Q2;d(pyNH7Gf9D(amTMWTM>#zUHq0ce(C6dB_+?tPPmM|L3y?zAV2 zekhXLD9DbH(L|tP#m|-hS)+rV5C9B*3d(4P@PcBi!?3JaR8T)TOm>6HUC);t36#rh zVq%#rp;Hu#mO7`E#7>q7(V=598M^C~bfT+D(xgEQV`<2QkkLZR1dOV>?XEK%OQiwr0L{?PA}iC3iC3p6YLw*52G7 zgnjI!r(;L@N1O#^@}zC)118u|soKu|~t|M3Wl zOHmF|V%V{cwbkJj4K1Qamb4e9lsDXY@MpoM@E8y6s8Qb%8^25mzH(WrGadF8P-aL@ z`>RQ&vr3YxycNzkcDm8UU1Lm$NEDa_r~`b3K_N1A=yBy!i^WHl+JD0i)YRHbTAAs{ zJdsBu(gw-hq_yA025o1}Epad8i!)xwEmbM+?-pO#`W)wHlxyh!(h;OyddABF2N2QZ zr%g1??aq@LJkqCs=p9N>06|%5G4dEm#|vS;oEAP1fksNW5hDrt5poQ{&HO4}&0C59 zY%f|DMJxf#er~n-FLX1#y4O}vJ}*8})PMj_fPnY#Cwk}ks6(sXKXFmd@e~_|J!Bxa zQYQl8I1z}l1u4eQvw~OwBo}hEk#bFl2oPW)F5C+jf*P-w1fZap0Ms3z@v0#q@NGLj zN0+O6T~iReMwp#4h_5c5!ahe6cl+1Pf)vShn~?q0WS-(K0s=d+J(LQ`P(=X{8r(LR z0h(R#MpByW9_aIy)^GuA4kcv|G(U_*qQwH$3dbWeaua~I($0a2GWcu) z0gW(HEoQ{wF7Y0rB$JX8e5s@vT$d>ijSGm9Px{V!NO=v5dyA}xu?h$btVKj~Pr{KN zBe&Zo;WBJD4cQyFdHV2PQz5^7@&^IpAuK792R|v0kjd+@G@t~|FR9o7w|vnyzyrV- zD;enxEKb8cO-w}Po_DGVJeZ#1=#d7J`2e{FliuRx4Pa|B(8MzzrD8g-h~`=D_W4RS z2syL#agH>~(lj#_a}d0^zK;C+lY|8m(!PnkSPZaL#51rE&pi<&l4&pp|BmE~1}2DF zrY}1xAvy4l4aiTR!*Ue08d*l#Ok$BDeNv8G3_%!0zlR8Uv2IFZ6Q3sB&(MpHCq6|9 zLBWR32+oazVjuyoPN2ba+DnL;wFVxTt;&y*o*af0uB0mStufJ!<%jt6e(5GzpwKE~ zNh0bf^kkzt1c-shS-i9-k=S#^SlbVF?zOgjQqeH**23kX4dw4gneWdPe;kW;9r)^~Ed!7#O4)QND-y48AF zgSg_>zcG1|*Hzh+qD7ABa3=3LpJ|6Y!~Z-X{*p4(6g3#y;%ml1){a*8IjUAFAjTb< zuZ2of%+z0f>~h<@nv_aiA~0)DWK0kvIiv!bP%)r_(Q(DF7~X?!05fEk<2bY=coC*d zjVg;iiUEL!{*ico_HE}t3Wl*p-^y5xU}`*^{*bUCP{DzCIiRZ+#~Gqx9Jm^Aj>_?r zdXr8AvhaKSBgT$3cA6A2iED7Jnsx8bD*6gE7=oOQOid@rigCGuAcSY8(hiR8Msp&3 z%ge8&@}mLl1V&uLcSWo0%4IR1rw{&aX~{vO*aDCfweXL6RVR$^$|lHAC=0f094JUu zW%2a|5-Ie3_LNVu4Xze}?N$ZR9)ymrKx|~cAqd*U{AQUB;oX47{sg_6nCymX6wrKO zm(LCd%vOV{IRa%y^n7eFP`2DIm$^+F#dfTb{zcL&l0JVn9uk(LlwiPI60+qlDex?O z@9BhgTf&dW4pmDqfvt-dDS1?F+&XJ-NL=B+i!lf?(?fqQJW!jGf`@BEZ*DIJ77lj= z$@t@Pjqge!Q8M9b?rayit=lvg#7EOYunCMIAwoI({8Q!)2} z%xyK$;XA~Qa>zX(=O(nNTbbupM=~f~%429D1{IOvn+H&-Kx2*?uo5J!CpSGH8{Fw_ zkOYuMY84lX}!_$TTxQ~9TRtU+d%Uj0r-~ctU*2CU#5!OifP&hRu zD8*omHSu5BbfuahVxcMgyi4sNkY!o9c&qqgG9L6^s}?F^fotvZ$bb6T#TXCEVl`9oo&dG2HOeU3F7jxkVj!b|fQLydm@HwJ995q-39#LO zGsC@2$u%^?Z8PBquolrOFWx0L^mHCnTdXjK<)UKHQAF$W(Pa?~RxzZ2_nfq7T5pnM zhcs$`wPn@*j%NiQZAZt4%UP_jpMB&%h*ER#kcI-ZiX>Xtji_0gmf_To#?BHBZT<*c zHX*M&e+&-$X)-`Di9Ao^1a_(`_2#H`YNHcbbW=%a{`wg-&b3$A8ZaVk3w_IY2`Ib^ zVB8zQ#wVN}D3$d(p&>d@kT^H&7=1V^m_Wd}PI5J~`ulZ-6E;VQAY7QVW7rBPw}p>$kVbqsa#bYrtooh$D3ioSBbS{S{P8tinnL z#3es4QRcy7sqf+J@ia*YIUpl&6w;hD5MIb~-kRCx1JdUO5xX2t!jKLza7ID7+Y2mU4AB&+nj~Im3of=3#6R$X9<7Zl5Qct~z>g3JBRG?`Q%y3l zs#xFn-I?3EPAt?Wn*mCvak0k5M^q^5goMMG{n@-ze7r($+`ChnAeliea3QUr9+HGg zI4llW4A)o+Zg!tqHdWL+GN0n~l1HS$B1Drc+3KI(Ora_A1ZHKjNeZTzQm~^$5mW+u z66J$Sln&(Us*VaLbsWR3l*NsiYe^WEkaZ&*&~9q9M;@!8g4-n+zj|t}@dHyV2<$}{ z1|LavMsYyb!jY~GTG(;c}a*=4_cQ-D+QBKMgA)jx}e2bT^$B80U5@2 z7O4oQQBLFvasd7Al#h)eeibGs^@X?*Ku**N{84Xifu?~&7(VWx2JBPnONzc*)F$|n zvFgzz6H(1+5p3X)W0P`Zt27Wv?lH!95Guk6L|JeL7j0G{Ciz_2H!A>ai?+wIP>Vj# za>+@l6TL&P{_D2OC6P}xcCJUvB^2r2NFZ1olJF>?4GB(99e`jT{E58MveS3iM{ho)_a3SKZ61Px;L#Xup9)waL+}i{I|4l( zWtAaN#f|nwMC$K`@c*6sM;+vG6b^95ClRy zz_AlHA>~vfQh%me+_;&jzQK{LTpAFs4;697pRykeeQ9TJ>f>dA@euU<;s{@Pk@ntV z3c|BnWSmg#0Iq&$P&LmbA7LHhi$)`YgEa&q+Ke|eOf_U^VzBZ8Rb_#ND2W_;+xHhvBu&`h&7LgHAj4G8AN^r>u$iN*hN@k%w39FlVS)9&(kQ_kp(~+oE zO&fvc7AzSYix)0oE69ctBBf|owqGug2q+4p!|1W-A!y_{6wxJobiwEv4CwKks!8St zK-`nEoIP1a)21R%NRupmY#l3cA^Yh*G{dQjFxGX^m4YOiNO1r-ptWhCt+O+5 zS5R$FQ@}@Gpxyz}Flw^4!Q?~GhwC{{G#y7@u`_0Bo;oGgoHPcJF|yFV`(}GqgoD_* zA6@nq`2y_;S(pQZ-wV-$)JaSY*kIu<{7r_J14QQsd>@=}v|Swo%p=<eb^z|P zxkNVpz(ZoQrRu2AgG4M%P%K(ih8%Awk`96N!S+HLBGgZn>l1v)0)O*2xutX=C}L+H zop&YNh6!pClY2$!6mrptM}_g_oag0$w&{@+SaQ<@lFp-g>><}OHsskk7#-gNAaeseJNcYI>Rh z>Ek|a4;4MlRUTEs^p&_0IZK^tgbeyhNba{KFWYMr(A+kx1k(qdsT8<0WoQS_%1HOW z0GIB|=gVuz*Z6JuuWgm-cN3z!EaSy6->8 zo-f!y>Fl8qR^N*xv_3i)ejUrkYW@)Rj<5=W1q6>8FZ6&^gS-o9=LB&~cSa_qRh60u zXk%;9_dUpjXfq;AvA++>5fCri1zP^<3^TX@U`JjzpFj*qd^%P`Yh=S^O2|+HF<&JF zEiqpPAt%vD1}0$=c&%iBTyRRo_k03K3YakyYm9Y3!4h%=S*U{9rOkXH)&sPai|}%m zM0HsR1q1J=DLPZA?h;@@2efX7mbW@b^b@rs9FNXa_R|v0-1)zWi#R}8H)X3aZwP|v zHxM;w7mxw~%78vM36%#wbUs zV6DXicRUaJxya&agsOE?6{4z?oSi&GASSyo#X>H?^@nY1Bt& z!CYo0`c)cdmh|b#LNXIPQdsJpI4N;%M!~KWQ4qNzDDpi27^*j zPK2?$5m?D2s8g#2Fb>ccA!FO1S~BIn6EuDBJ1*2Iz^)tNOG(sKtBWq76v%VH{jwR>0HsF{zJ^_R*7pD+fB-89t4GWHy znG;)>KhlG63}-3;!G|)B#t(%YL8#hLOhDX5^KzgpsB1~0zpijD*12$wX}ID*!6P2| zpm4}rKxc$=QSZji4RQKn?n`@5(9xW3t7wnmps@3RpZu|3kY^4=|-;Rt)|qJ z@KHi67$F08#l$6X^=#r1h`-IJV1@^&fgv>-M>D$S5^R@RXN0n@(JjO*pdS&FbOGW3 z#4~#BQsa}-9smy^?IB!YAvWRA0oelSQhj`eDnhnu7-lO+TxYx^eXq-b%&($6G8_Fr(;p(Q65S;=TLtH^@MW z@TAOB-xxZqcRZvaP3?x07>7_k&DSl=Tf#{yFVRyj#{@oC`FjinOGb(R)| zs#K(Ov9h0Kl$FS)i%BHYu}KSxRq_f#<-qoaoYQ>I6@!2GDBfLmG@9-~mOI2$+OWA$ zjN;HFs!UtGZ(NrK6_8O`+aju7CoLk3fyo&?SPY>IgIvp zcy0uoVUV*IzCVv*07I?b5*R2KhS&mBQ4Cskl+#Fgaj==E?H-WC=3vXn;u?{`^5E> z4?gprwoPq{Wsw0eNj}%#ZU?wNLq#B^&>h^@cjwN?2<6*g4kf% ze|QVRP^6y9&jJaSCEk$&)a`mWgo;T}iqcjBr)kig<#OKL@?L~#V3ZcMDmAcGn|yi+ z0j>pD)3Ex!*g&A}`GJn02Dbzryci$m(*kmUohC2WV*7$Hq23H(Q(6O-TwCj^izforBw?FVcJYz-_n%ZHOo(gdnAo$r|@1Z1fQ zx`Ql%4~`ni{=|GgB5}=|>YrKo)}`2HG>niD8!rU>Q0hAJ?bND>0TPD95MPZt zW{6<5IMGmY)Wgg`By&Eskv++X5iOAc#KXSed}746Tu3a1$||a`hCA7~qX8;F1*3;03{u@7-v#^!}X!9g#` ztLl%G1*2)HM5aA50&>%*aBeiEAltjbmiHa``@!E1I@zV>kIaxW4NrxRCnHNqNK$yy z3GmtrGV;3JGS~e~ZiE|?*>sT!F24klCSMLOO~`B3Ql&)|sWFg`eK?K|5dhxOGnJO} zL%gP*?g1TTpE%m!C`Hi4G$=gk2K2=K-Y0$;7@}HsESXLV|Kk|95 zEeKK@FJDTR@%+JzL#~+4Eq)$*gRGAq-{oZR4|czKPfEX=V9*s|D<`9p0_9%i!$|0s z&qV=pYjDTzJGE9G3rvZ1q&162*f{8INN;X15+&AL@@|4FC7l+*8W&nn*DpaqPg^dr zth6<0LyGZ5a12cy%(<9PGRlxO+; sc2U#dd#bdK*$79bXX^+?(O6u`VlucU$qEnL2?3TysWkjM1_|=GNDQozGXMYp literal 0 HcmV?d00001 diff --git a/fonts/Work_Sans_500.svg b/fonts/Work_Sans_500.svg new file mode 100644 index 0000000000..90a91c14cc --- /dev/null +++ b/fonts/Work_Sans_500.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/fonts/Work_Sans_500.ttf b/fonts/Work_Sans_500.ttf new file mode 100644 index 0000000000000000000000000000000000000000..5b8cc5342b5b0975b461e85213cbf54bf7e23e97 GIT binary patch literal 54232 zcmb@v2Vh&(y+3}=y;_#MBw3bid1%Xf$&$P+?>*v?c*TkBY-f`M2qb|JpiK*9^p!Fi zc$60UpsguTIw*xcTGByF9~3BUDbP*F>uZ57BL6?%b0u4L0_}Uhf8bj7UFUngdz~Z3 z8DmELP_fj`w)PI`Dd{c7Zo2|!t2&1UN4VK>7=J&EKOgHH8Ed)s=g;E$_x9s~ZG$6a zl{=n2`JarPx(D}fp5HUO-~C7RWsF^|VoYkAKXS;dsK>tEWofBT+&C!Wk^ z?Ak8I49{$zy$J7Nsd)b-_|$FRed)H}KX%Ij#yIY|{98M=&Ti4{xP6SVE8Msq+<_C? z3e`mz?+X0w-m&M5ZL?9oJ#}tUa@r?3b=je3h|dzsCLc zy|a6^rm4!l$=HW)z!>@a_g!@8lO@ku82h&`;Q6oYKe%=OnS9fWfHwp8KgJ|hiTl1L zeVEBi%RFHxlO#5QOZ~knF3Ws^aX!HNR4SELr8OB-)p~1@**VKmn&xveEQQg23I}5Y2ynFkcv^{OYob48Cf7) znanjR-ouE-8N>9dNsE95t?9(DI{^+EIM zk)_veITyI#=qH(mB?FR%aIJ}c-Nx8=sa9Ch3liZVpf-8;2L@|M`qAS-vU~`qA$Fd|pb4e40y<$d0@ZO-?@htn}f@ zCnlc$4!1;pOHwfh*_#%yq_aH2Fz^cL({PCi`~nI#B}7{bsQ8p3+8I`3YHqeQFC))l zPE9wa7uj|CbjY}ZSW7zL*X1x*2C7^xi&;Ui%QDARhYmDWH+COC6#45r$B*B9Ph&XT zc#rhqnGL}qJ=c%cte@qV%+7u-@|wTA-2V*_mNhKBEnO|0VK$Z@_SmwLlTOh`>h!i`$D27=239bHDhNr(u3;lFy|fjfTln;rZ2?>K&3`tSp1 z&O87u`}DDc2aiRZ4BVd%e)+;`;ER)rTYt&rQaITg3EaX+5(m~Dk_a+dN z6O#doq$I|YGLtf_7}{)PiOgU$y7e$1F<4vy|1vxlzr|(o^S=>HGc&*0xqtu8;}1R< zg^PRpxKjb`>Ar6hEs56$0Gol8g^R)aDz&VdC2WwvB6X`)3o`~V0E~f##y>6T4hzgz zRJf#pNE&}7avgU@UYUmIOg}#P6wOq;UD%ftRuc}AU6El|NV>I+tCrP&p3lldQ-wXTlzLgPSTi*Hkd83kDF|pQgn5>GhX~LqY*g;&->NHw_ zp;k=*2Ew*ZCm?}+(`vOQSZMq+!?x)4*)iL~<3NZgmW8u8D1=!_kHG=DE3+q?0wpDE zilX&+)TXS)4{1H7<6MR7S@;<-!YCxcg#-u!{*jMiCaS}4aaf)qf-mr&NY!8682LHq z9@S1CfOc}Q-C={tC~4sRs9@527c+;(!+GRWs8t&EY@B*fsn`@$1o65p?7Gk$xYi3w z2?e*F_f3RJk{rxohJte$g&SgY`84mUEO-oU^TS`gGsG^)uT}dFRZNO*4CU zZXKNa79We;KUz{TeCy5~w~q7;l?AI$9=`a>fgbaCOh!%!8S#bP@P0X*qgjnwA~}^5 zu-C{2C+y(xr%*^3bA#QjLa9~W8U^)DF z{F#LX>BGcHOK;2BxYNtX+tjjLUWQM>KRiXqm+(2Ez@h?1pv6eH?02Y%LA0)rnUq$_ z_;7Xk!h(FsEw{Y$KD?SqOMk#*!!pT@p0oj87Lyw_oLLeak`>SmQoqu(Za&L_n!069GBj~+x_x1bchv}t2|tyl{GR4{?we!3*Qc} zhijLZ$e1lFGb7QOm~KkN?RvKkfSZKgb*}g-Flgkr(1?>RS8k5WmGd0j4sty_nAfy3 zC&#HA*)CUhj`JNDRl*s3UiM5BXF1_4&_U5jD<}h-r;^b$yL|AZjsC}n#}9U5Hc&GH zQ=Ivh-sZo@>&z@KoSnci3o^gJ4RA(E8v* zSkqm<@Ww?~&acnQG<%ckt4GH9M`9dzHQsL!@7It{;60KsPtc#lBPNs4L@;u#1rQp6 zS?=Q13*fV|tNzZ}ao%{*x4~#%;9ZeFMUKYaS%Y_~>79bxfPD!zS-cNF)l6+Psz6K9 z?0%zE6De3AWq$6g!mF}c%-9jmP0_*wl6enBHY5U)c!kB7mWH?{v&i8xhFmiKvyupy zt^SbNFRSOY{F@WsD+SyMkAR{bK1D78{1@OUN><@-+ETO9({N+5SMdml zHCI%RCPry^(EPdU`ueWhB;2b_8+Yy6IJ0ZljC3aIR|)TGa? zq9}XnV2I@@Er0?zDwS}o)=Pb9Y0#Z4EiWxMD??>gnG*HF6o?1|0+}nlJ7m9u0+_e} zbfghpzA%8x5R#5a2PQkiZE;#ct7wS?uFJyv|$bTwJJ!2m3v*}GW&SC zUpih2p_uI~@9in6==qi z2E@=QXf)-N_)8c4Yhprq$Q5(Sh_hoTHYDg}a@3>BDf+US)wc@##Rag@hbTKV(5w6r zb8Kv2y_j>X(?!Vxd0!R!D$ntRgxFJ{M~2M?v+1>Y9C?^&7J095jADUsoOVL^7l^s- z8WF-Mk)Vo4nmxN)W={9?d|-3)E)QRfe3I)UZ$Gnr`-aUsc5I%Wo~{Te5>{0{Ne+I( zRfi5;b>)#GSH?X3F6eDNd~VowupvZE1;b83AR-*aI3fdPFd&RD8H}mPxHrM*)bBpM-(fyLt1Tzd@ZpQB!l#FJj~MW4uIWVO8M@GLaOz z%!8FNuo?re3@PF#OVUd0MA8~JrUj$=f?hG~cTb$S?3#szYdShO@94bxYRR>G+qT`X zNCzU1*45Y7{Q(|C!&0rV6vR`eNtVDo5F3bMKA0&N&XOdnByww_F*&IaA&bN0 z!?#7W;CAL_6CHK=9xZ@X1w&RrLtjj+gr-CU?PsxM4ag|fHk$J? z#)`-H$j3eex!QDH-;KxB4S~q5is9L~YipWm(vq=pHu<3&DJZ^e$4w6<1%13$7@(6# z-zqW5F<>?c8XlQP#PpOARLDsolVHl_?4#R}?x4&gE zw?1@Pn)n6#*~F*qFD1Tc|8?T8 z?0-%Ci#@rZu>3*wmNpib{IJH9_4)Y+e&)*Jb=jjG?R`C)CU%y$Ts-j2kzV`O-p+O1 zQ&YPu8V>`^mbUKtV5lg+%$Qoy9jqNMyQa6kx}wBgY&2H(1gfVg+MQeahjc4&>0#IR zE|!8bOnNwr2~gBhkBiF|u93QJv6IkJ%O|08=ynk;Nw|yTNIeDYM}16WXXB!!wRgae zUUo&{GAYrLhq>Kmr`rQfowcl~<8m)9S0F@LAyAQ0Fb<2>FXbNyY^raXPV<!e_F@)&y3e@D0OCcSu$(NDnk9=9Bhn?@`qcug{F`==g3boiDXpE zY~c(Fl%iS;)Po|3dD((*TmgsF|N6q~QkhhJ?yOXeY!PP@;D^I_-bl|=wp+wBF^gt) znVsYTM?GwKtV-SzuHfO*r%s*TJvcHlxcl76tFJ!EZ;2e4nV6X2r@`Oit-{B$P?Uqz zixL2k!-oM@d@IH*X~vX9gH9uSDs41+;)+KfHy(clt`tvL8I)Y8b63C1$mBa^P&Nbu z$KtD~=S0REAguUIjAdBUOex8R1jSdPjAGPRGM^8|ql$;Lbp;T`F^V|XfC9UzV1axh zKTu8i?p?xeuH+`-@kI5EcS95C;EHJgpZ@~bxgLHG&x->JrGT}_!P_ZIMtVm_)J9CW z9PyC3V|{7HREnn@E*TL80t)`VV{aY2EkFOZ127BSSDoZvz&o-*%0;{*g&|5w(yBz< zBtv6>b)q6;MC25WQt&2}N)Ve+D52#WPkimr4L9z+>BhZJ9^dKU4n#grN=@gUkisaL zeDI?m#rskJkw)--1M`MmdaVi;ZW&A@VFjQ77ilt+$wXSoA#fLFBcCR2*W=xNc(IBpYBumI%VIZ=DfL&y(l(d<2Lga(kqW*xA(xeosLuBZEA?Y)H z2j(O7{O^$iFTB7zTEqD+AD@`&9^Z&`*ViY%Qe0M8D)mS0=HCU@ZS2q^Hm*@~xC7){ zdNG%1-V>!6BtGX?JUWK79wo^^3R}2@AuXxVY4@)@z%;s5iPE_HC&Gye{2oe^=7=<@ zk|jBR7W^utOrJY{CRCPt?Yzk>&xUkWF1s?UryOc7*J{Yap(zyr!j*I?l9K?Oyq#!1 zl_8xKHbJ)^@6{%(O2NiGG7(PB$rhCHiVUnWHB|Q$pX~y(ON*vs zdoD0TO3Oyf=gl#i6ZktaQeM^=)q&gB=s>}NQJS7yMN=O#qOn}*gkprVzkWO#K#He=b{cf~;sGQHe&0R$lB8@c4X`4f$o?v);ge3_v)OT$GbNG@U? zh*T#=L?s7_`lvM&UI%Qp+vhM^MfFDbQ78|t_#@)3&-Oig12+wb7=(5Ns z700i>!_a1Ls`$R*{tawRzJEzLe<*1q!?|5xT1#0kcHj{U3c(~nlr_%P%L%buAxeS5 z4bo~=2+T#w&=z)H;0ECZX|UP3Z(Fg}MzdQr)vM%J%Q=SfRHTe?Y}0-l|4S5Y_iWM&}qnV^%@ zOzNRzH&bhXYWTSl-vpsiO#$t~4H!`Oxm>P%SH7{x?Qw}}JL>yNAfVLDf=K3y_>F3M zln!;oO8?RWkzbeOY#r^J)YTfQDxAfxv z(&{9z4J!6B1vLWsn2T0BpzZVde8s+EF_&m%CE7diFV3h1I?VL1%}TTz{OdC#Jy*cW z*t+llX}V&2o}8dbO_6jm%9&A3r)3BAJb}r&1R1Reh&EN5z*yQT%ncLN=>~Ltg@uJ> zg=J!b)R$n0DrKcF;a{61|F2lj!oNg4N$F+yr!!qziqep@UAv;~xL0Vq_k|f46B{Ob=nyGKJqQ#3(t}XrYb1KJyDfIWl-U^MZFPOg-~S2+6TzY zPYV?lfB!_-h{A1-Do4x*#)~SavC8d*XCbU36ELzch*V&Q0+S%!FGD)iuvorAo z9VJ4^Hz|xsESiT9d+OkF%#xvq#?KJqgjlUN&N-o*Rcd6ecf_87bgQQ^S?V}hd1NAN zLWS6_wTpRDi8xNosYHC?x$3qs0LdZDaU?H=-WDV$S&x5Wh34@OL`^DDJ)25)*7UT5RVI~${asNa z86e$1ybxo9{Gv*|78@We&DAAhf|<{!BqOO1bF#A#BylQUi^6QohDIH0`|`Y^_rQgS z^04B2!{x;DR)&ZTbfxwNkdh!jkDUBLs(J4oUXjMeX!Uy)v;aoLFI2@dQf-}j_b5#` zkI)GA0;Lk_h(Wl5pGIbcCy(}$XbRm$^*6I4mJ(Y#eNoJle}fjYZ%&?-bPJn5l2dP}s;sJA!3Srj%A_*%a>0R!mH56t zy7OpbRcT9*zZR#kR#pAv+oc~f8ygNMSdxGzg|NjCXDjq45C)}%JhDnPh5k2-a=f)mH%aS|<1Jx@VV^Ba4GyLBE>aQ<4r4U8J4Sg4+*0f*Dxg$B`lU zq~I1zDHyI032;%0r(nqCMEm5jGcG;x`tD;_SCiqUnnHJEBq5s(CggoW{5BsAn$2M-z_TrS33C9YyT>TnmhT~rtho4%EL*7$PjOU5@+ ze{KAG>R*kzXhPl{(h80g4j}>PbHdm2fXPvC> zo}8OK5iFn29Wm`&H+#^S_WJOis!E@`L)De&M3SbhscxMy-BucyEUxdE-0-^D#H)(x z)AjD$>>TRK6El?FfD}_94i188MyOdxIG1Kj}xW8>>{_;Av!B##iKPy)cnx|+`5+8EbIP(-tn2~>uah?n^Q;3`$y`=GP2i)77j-KyDi}#Nehvu zhWFJ}48ED$((QD5YHNd`V5qacZXhMyUK%JVE@x@%bc##;7?dp??lUVUW`DN*NyPCaT&b6JR!5*s=CH3FWHN_e2@T4KqLfxVRK z)i`Mk5i@{jIBR9;9=D4$9D~YG#298jN-hfL`E!9SSyQb&J+1ym{apI~u_ITXI?N*< z%-=LUIyzZd=I9taee~#Q@&bZO1!C+%>dGxF$jt%D-lHp5z_Q$x>neP&u3ROxP`MgL z{`Zk4TYO8dqiAmTsl)fg1H7)+5Z{h#^O%#a*?aW#3izOXHE`x!rhSSWPkXAG3gQc- z#nWEoc^zx71E&h@Vg4)-0X@7U5=?9VF?xJ&b@&b>U-F|>aD(7<}K1jN%O@N^n{Ds;xcdl5Vx zEeMl35~MNQPC#vr}a`hF5 z_8yJA(wV@Mb?u?wWwo@s9G*j`k6!lvYxdpM*4)$q%`G4jntK~?2hHsvZLFLn&8?i( zl&qX3&8?i(7Ok8m&8?i(m5>CXgMwcJFVw;&!}?Uj{8;QHGT!8dW>Yvw71%+sqJm98 zwAoO!$2jN$_M2?2kU^+@n7uibs;!pzL{NN#0v zn$=68*D^^GPO22$3Mt?)s)g4xCq#H!W0DI}`a_a-8q6?}(={Dy{#3dS0`8@k$>E9xuiP>L^S zrTN~x+??!8t0xJW(Qww2?5yu>{*z@-mY)rr4W11>)%;Y;Q>{<6CC03HtOJfLIBAQO z_Mc$TYV|Jn`lCgc?6_YNAELw}x`NPrp@<&;+Gy+H?u#!jE3|tDyuRQ(Rv09A*PF`g z3=a3jbETe4^pD+pLt|rUSwlnF=x~17wIwBk0|RaK{+|4fTBqNTQs(HkrFWE6_7|px zYWN7x%Cfc;^iL;fZ0XiazBN!#7zh*=R-OAsAr=T^XF5GZdwB9vHnfn5m4pjZz~NBa zLiZpJ7IDXTT&u5%p}odwj>c=CW)(q?Phm#*Lpv81s)rU9GDm_uvUxJ{7gZ~GTkZ67j{#Zp`ZtJoh-+giZROn;~u@6I(JPXzbjmHs<`^Md%ZBS z9%lf_=q{Jt?sVGiu5(}DZz{84kK?ykXE9zW!oHQx;>Xb``X;1?BA6s0OZyaA`Viz} z={20KkVux4vziZq1DD>!*<9%>fQUMHM-}^=DcX1eKKaFfU#-Sq(X6}`=fq_-<5V4r zU6}}{zgw4Y+$1aGey1*9D>{60(dqjEr_$|f$HW`a;fvGM>6`1M&vReHv@x$3hBa(2 zqrcUd-Q#id)X_Xy^HKqS9dz*0U2wFHa1%bIr3aP@qV&n6nA(K(EJlbGyk4LH?7+FO zN|;YHw>L@lJTn6;f06~ksFJGG;*>6BQLRT%O+mfU|0$o(?(q2>fsLKbC1z)l)3YEw zy=d=^Uj`i7v;yc-FjnNw=|5$h>PTHun}&y{__qSvM@34EuGY% zdJ1dbWFo%`X%D4u1^N?#X_+hX2E^Ja~uJ>0@rCT>a4hu#bAc+3D>Yt8ub7FRi|L&ukldtZ?XB|R#TImnfKQE6l~p%F^OJkE4ktx7gX9A*tYQgl*Y zbrRVUrSBCD=odlduqh3-U?^T<%mG~Pdlfeci@iFOSiUjrAczh^9>m+?!;RQI=(9}A zMORa!$0R}t>T*?lGST}=rd=gVjZ? zt(~V1@3Y_I^tW~AJlvDXb3UF|!Xw_w(e{gvp0-zyx1TtAI&!+?huKqO9mS2)qYZ`m zKTKc2CGm!WOGA}{%eUn-;0*_=j8&{B+?j=5gJcmzLT_on;HWa{^b*xg$+=t`L>3e{ zods0|{<0EhzSEcP#y^T8ZSheg<&I)OB)QFCm9XVj6KwEc~h&57gH zceZWG$=%j|=<2HvwQtSMo^9#g8I1g-BY_)q&DD{wBDx{g`=hn3hn&5j-yb9f4EX(l z#)Z~f+FHULk-MixN2ln3^&D9$l@NzrI9jBNHTZy(<4RjIiRmzpMvKA<#gkWY!K3%Y zMGO~?7Rk)h#LtfwgJaf(8Fl(ZU3|1i;X-*~zCBb zHwQ;D7Zx%`L-`13ntFSic;tPTjUK5h@BO^+7ZYD{{3`L+j=v=S)e-A^O^<8zyioSk3Mocv__4#eUFM-`e|1%O-(=;c=8-M7 zK2vjLNnN00*Z84r`l>)T)bX~dn8ENkYMq2X_)IIV>m`X{y%j|Zz-Cn9`k}IMt_lf#* z(0N$;ro=Kz7$9;A%3T)zjS*kvmQH7VYDRWdUGrdXq1sc|)>zkDzi{YO?-sOU1o(;I zhKk_EYIE{nMn`R9c%rE?5Ez|`l<{94x+1h5+2bEw~z2mn-)I%S)a4i z@?~iD4GGMn!F+`?1sA-^@`vSi4oD*J`Ea0y`tDz{7v3* z%%zNZMJ9CZibbR%14G$>l}1`AW0T5%V%_{gmA_$-V;_ulQxns?JMvsh2ubi{_!a^d z;fH(xghAwALH1BNOVNsQR#UTbmi!RqtTwcAmi!RqtgeRUNPB=JVvZVyzEP$3l=`5M zqQNjqxs28-iPdo&8F%E^rNpNXpFMKjjRYr-dHylHCkL9L7w<`=sLp`y5fWm`;uE5x zIKmqfSt6G2DQLjklo#Tia__x|k6&{5-a`kD?YjJ+c=OT7HTc{wb_lrvBT$!Y5=JmE zZ+LYFD!l6pcA%0&f;uc56f6JG@spQ6_PHxAx%je&KL6Nb@BHj&1us!$T@p+0g!+qR3ezlZ(RGbVIa!(zMKqz1FV>V>>lkhG)uiX;R^=9?rdQo@ z$=)32j(v6OJIt10cV0p8a(-Fl8#CLvpqm&~Q1fPmnj%xKoF%#`XSHy+xad-T4G<<# zEfp0A{0F3pc#Kx614gQtfZ@<`2=gak44Fe(G?rUrZOCtN`2SqL{zd-rKh&@sLL!bqWD8iYEyd16Q+yvYxwn|_~^mXJcUt11fFaZ%k z;JQ)?&tch6A8vHUW)`Us0TQtTD`^hJ@xy{olw`J85>xZCf(?}N5b?~&&P+>6LRW&e zwT?@tmV+83LSD0Fk_?Uzqc{t zFvsaIZ&Z_m<%=b1Xa@YCKQGgn8BEKwSbbU5eX!1HeU&_7HYca52GvQ1uRkW&HMkH6mjOVVt#*pM`nKBcptw@DCB_^4QfwYovNMqbp!9 zNVVwA#vD)5lX+w9FRqdCgx1ESls26v&l5>rPkCDfQqsL26LeQC%lmZ_$-8nE@{W6v zi*RpX;$Bi6Rs3 zl?-kI%otZqAn~A5fl_+ClD;BGp?8t8z4`BYFFHz;2QaK~EWDKYMY45%%}dwZ2xlVI z=W#mBCXoy_JE?7G*)T(8t;q;mR+(z)PYOr;5n1A?bvfn9rgX>pKd(01D;eYdDE4qOSEW`g7Yxbq@s@(&EZClZLLs{nkRBir9fN3wKEuy8$wI9Xh-2so|$ap4#}-Ow#gVHKkpHvI*!kjpi4SIrk&#UcMBfG^vtrM=2;6 z%#*MZ3i>+govsSXl^na`s!FdQ18GMl^1IdAx{J0IyKBa;9^CN30~a4H^feU0**&tg zraYm)#gQC3oz?{Pcw zva{l{V2Nuovi21W`sFx$tue~6R4uOrwkT)&(4!`-2;8e{Ss`l-*A*ti%|xydh8vCPSt@mx4ja93^@M2G8p0eYtw&j2=$d@5 z(F~W~4HsG;r#u`NGAE8WM?V;nIjN6fzQjC^Qb(4x-PbluZa-%WpZSc}ndvh|U4Jq% zj=>cp6VoEt_JDSa`x3uQ`l#p$sbC%9R&QoTTt`TPT8Hu_N@ld|7tN&_?M8CSM5~M> z+CnPI%SvOdA?Q+Y>8auE!VMs?-UOsB;u}D;Xv*Vj%T#J-PQ*HTs-cStt2Gf2XSe2BTlw;4b+lnh28&2iPPMbGLXH7Gw zUKPg7GBL9`%*=qCo|X2&L(3Hw24Yb!0#R&Nqo$dNG*Q1Kn2fe!N;D^$qUnCIK}lS> zf)+8O5y(&A?j0K&92y%N8W`yBzm@wV&+z8Sb;FaB!|NuScJJN0`t;%z&*b3;j5)<}<0G!p&VX?B$BH_F~B+S3O9vt-0PY}DU{jwuP_#2j_< zhQwwX%Z_@7$4i}4p+;=`B|HtE@H=QSS_|@k7Dva)8=6{c8@tsT^~bk&?g(CYPi5V+ zk-*^8iJjGfmf`NAO?yK#b(_Ct_~;W`=C3_CR&OOA0P+zs2EN$ z{37%;tMIuOrdx$9GuRc4{ImxZz@r80KtDP(Xh9ZkNAU^^vi^npmBK|4D|At=z@8o} zTu`>aLU~e=Hh^9hWgto$1pL?zZh7K-=WL~?CfD2Kt>4r6Q0-hwOJjXob7!vY@|vnZ zQ^K6((h=!Q*-%AUcfRE9C=ISJzpJdarmiAbGPbR<%3qe>H2_X300mk>Sv^vNMd5tP zD#A|%1~6gDd10*$<``>UQ+7}kNdgyE{b5NSI!_(&JzNNNTK8{_e3|>M+8vP#Ox z|HLOg(ab*++4A~=zYe$#0M{uPDUY>=!`TQK_2^2XA{o3ZtOMLnYg^zX!{kFnD;sTr z1C(s5=zGm$xhRV-FG&_WEP~1yg3t$Mh6ri3et7H0XZ%+zOkU*NlG4!7(Am;BlRr_w zPefiom9cz|-xru^TsYFzjh3U9`o`884ZnE$(PUH^P;CXA72t_%c!$m5MzAAi*ie%a zt?1rFtC5$9Cn+ zYKNOj_*14zV=J|!<`*<4Q*`=(wWwtl8r5gx=g{Es!iefLyvxJ&u#sY zPqhZC+nVcY!oV=m(k^I;6}Xh;K~*}I>k&P%ilFM5-ke4|_i&3wvbd^DAxA*6AKks@ z;K9fx(uXIGMc%mYPM&*oBW5XfLn)O$2A$`Dv|`sWlNyWcspSwY0}}0^Kne%i53)+e zHAXM5Hw*U5Tj4D)F3j>|x$U`lMMe>AH6zxfQP~Y%h_l|jr{gY{H1lx z*Bm@}ZA)Eg)g{{kjg5h-rp7>XZ(lgv-`6aCZ1XyQUm8yzZCJl`>-zfj7H;nM4{w_E zmzMbbB_&mnq*}kfuFmhT1>m%QOR3O0KB90ch)aDclpw%P4B&g(7h+{2mlY<=&Sosz zm+f`hp|P^CVr4mz4vNMkHQ<5(E88c+52OAC#e?FXeBZSvCJ*FpO|7mU?^7kuH-+b` zPwXMu)^>K*N@pHDbKm_vJ!Mt?t4|neLshfkt%qiavP5CVm*$|bZUc3dDm`r#3*yqs zc(MN%_j4C-nu@rvbnM)2ihYun-jOGyTM-j|0sQJ?pW`w#^&(7r6c?e?nYO z!}F(sB`^D8^m(f8YuTd`)FQYoW9c0}$*)I70sBf)W)UZa?uPpTk(noJ9!s%wdVE52 zqs1>;^@+7?LUqTKw>#+R@VgwYd_E+v@8}zBYE3CAu^o?mE8wyP!uA|@SwUuFM{l5T zq*R~9<#td~4;W_n`=Px|tRh^xqP@@>B_Bk9y{y9ostg9~B|^D0YOcYagrvh<0rc4T zU1&mq4%70P)}E(7JJ))hET^VSOl{g!#N|J4FYwqij?tWx5SDx&I5UtP)M*tvNZ7yz zqiEC@YKnF}Bs*wEj0QWX4FrRs@2{6bwYhyM(yft;{wLR0uI*MAQoTNnYxodw>|uw( ziB1RHR;*H>&Vk;=1lS)pvP-fW_9wd9k5bFeIl(GUO|s=&}FWD->RM_;+!9T;mrX%S=z}L&G@kOX=ri4e!3ceD~!≷;p^qq z_{!k@d{X);cnz{YI6tfiYC zbQ1(2y2Tc8#0V$g6OeXLfylc|xc9tqE#(saf1%t@--B|HEMR&Dlsiwd;)P0 zxfwsIlDz#sd)M*fU3Oo;Hwm=NT>28f7j;$m^{Ck4#6`rQgJQ!NEHhAK8Orq-FWeG& zLHfZvzmTc*kCpH&_7uM#yp7HnJc4r@=t;7GsDl7virz^R#JBd`UQpn27UaA5{XQoJ zh)ygG=g6^qmv7|X{}ggP)swdg|+Xd+Yf3yJ~8?x@v2>p!d6%-e#}z2sHj# zmdG!LS9KO~Zo-3%e}P|2n^R*v|I#k@6Lu}MraSDQ4Q8-kv07rCG59Hd#01cmQbZF7 z3KtvRcF0GjjY5dUlKR@Jf@(x@X_>xa`?YmtHJfb3$swnt^Em8V+5sa7btk zrB7apPr!rr0*SRO{e`^ME7VwZ|kyetCwX zv2nSdZk%Y2t)`L$<<@r5$=I;c=-Q4ET=@mgY8sO7j|~#}>zBS1`71`EiVK`5_y>9H zXz!u}+8{qgLmRKb!C;)Ws7~nbO-@acwOZXoqF$o>5xP~BEgigcLR@4z?cDj#MQ@x4 zqsl=oml#G_Nk?1#F8`y2#9GwtP|6WUz#oE2M@dH<7MDxw=YPsNbVcrP&h0rPxkpZB z9XOsng5QU8j=pre?GAp&UEL4iU-wo00r!H z;56NlZqLrblWE@ccfmL!)^;S?ZJA~zZATjb#W!I}BsL-NP|PP3efyCpNQVTl^4wTcLtU=`mhX!} zbnaKv1n!oPBoVl+wE&m=w?6(EzFqnZe=|M?#L}`A z&iWN+ks3m88`y~#;0cO&cCp_=V;Im`5(-ygixuqbfW3I7&K1!RnFT2t>WazcCgz~4 ziD)m{7vmBO!m}sWVMSeB4B>P^^?6pS4ZepoAZfy1u2CQaZ3Z;+CxvFF9dB{sB1{B| zS(${@#r>CWfl}^J^f6oNm26A*z1O_e*g!_Io%@Akdt@W}R`+rv0`|MPmYrRy;I^oa zv?)4r>BrFT7yYmGdoOeYO?0(>w=cE8U-&KJ!ih(y6cnq9)6Q<#nFbLhsXuCDz%06xJ~$ChFk**O+Gjbd2zdf6bTefL0&w3*Nn4S@wWJ{xZ25gzm0@<& z-_YP6oi$XI?b|n;JJ8zs#p?3m^6D>jwhrXlpWc?8wf$)z*$r4nqp%t=-U_Tpe;~Uh zU_=54Ff00bm~tO>N{+0)3P*NB^d4Cfuws#=0;?(AZxOI*Ts{FS($WNY2$?C%&tqVg z?%P*NVDo(h<`)5Gj^pX=S=rm3wiEPUB9>UcG>%Nv4-l7N&7I(X4uuZLXnXKMnXH(W zX`vdav}ZO_H-q2u=*@4wDP3`{WK2E=*7n(H zzyJMTSzkT=yBlu&-8i1L;@P6uvuZr6c;t#!^MxMUw{Le1JzgW-{JR@(_}zH*7+&zz zv1%H39s8mDaUOgxe)oXi<&VGf8F~1J8C_DWOe9Ij@EWK?ZescPvN)<*)ge_yuYU zp(OMcc1&OzgT|1c1D~m}hcw~^E43;(#LrufAK!WWI4@N`o_Q+z4^PrK7L1RoR@jC& zlerP^U(t!sbV!DnvF}F6e+#{5Cr`i&2*+i3I$b=C{s|agdR%e!#)J)2lqx1fK#8DF zfb-EfIDnIirCt19*iJ9|&j_*Of3j~0+*I&8_zgWZ)55xKHX$02DXMG#HBhp%6>?mWUa%~AWpy>p~9DE4^+I_L3 z49qr14=}baP*&d{P{t0TaLCD_Eh_LKWn(m9xnr8qP7$m+(DG$&%&(_ zHuNWt*R@R4T{Pd{zs1{`)#}F|hiCh%YwJQ!)K&A8>#P0k`e&1!?KS-i3A1yWaAR{Y zsCh2g)mb|*ubY+b)C7ur1xbXMkCqFTEXk;U>g{pxGf^|*X()pIMS;~$xz0z8E(ffZrWL)&59uz{)_qPPuN!a6X~ zySKg+c|_|BnEK|DVRj^url-b#<+EElmxz zHKBkp-QzW;qqdn09U;C9XF2Xg&787=8_8efGaa6ML5X_ z4bclj5h!A;bj}iNP|)a%(qVNK0xZVo@YO`96Jmi1HfN$}lp4}heOZ|+F{H9f4JISL zABK{oembnQlcXO(jLbiG;>jnUoO|MlCyrITa^x~>;c?lKpYo!*?&^K}s=Mn{e9y19 zZ2eW_W~hlG_6G8U*CR594W+$=R2wilE{JleicJGL6&o_Tv8RcH99af^p)_A`&^ zO>AFzt|RQM%+AO*mKio0u5^^;rRSPT4I6p=aC%xwa>vIlX(=h~q=KqhndFuR;aSk` z{D|OCp1^s^NyE)XBtA=Z9F=+lrTHn1s#XoI?9{)!jE>5*@#z*byeUmw)`1U+{Eg4~ z7QQj%ch5)vkOmP&BJtqxMxL5jqyz-z2p|Yy_U~9P^bLTZ_^Jv>v+(*Qd5rvIc&xJ2 z4_8&$9|EHpDPGBrxcQIi;Csg-KO(OJ*Vgk~9doalOk$7xXqJf47*5y|5>MfUR9 zJwIKz|NdQ2aI6jYdSds=bgx=%@dP}Q2lw5C`(NWP+<*VVPxt(k?yh5(N)Emo?o5}G zfyVBFz}mfKymLniJW+RvJ-G9Cf?U$?$ zxjqNq15CVYgi2d|N{&bt|0OqyN^LiKu1t~#G}SzWS`Fp_!vdoMgA%gxz4wIgxu;qD zALilcZ}d0d@E{M>3!SQPgAcu-Hz}P;MPNIYfcAq#u1&&@P}+no24DxC4Yux}(z6cR zQqr1nu`i|n{JRlh^!F-{!0(_Za4$W!vWcKKKR-L0cq`wZUs+nL6pvEHH$p7)S@Ie_ zQ=^m>mZn}wpF2>5H^y`m$0Y*RW` z{7~n5Lx@)*GZCxxX+&m6M7iwY_sE18{SVK~+$W<(MeCi$*@NOVB%T@BK zltqtf7|H_C+Mfq!@Q-ih``@_=tqXWV!%|qj4i==I_43Wwv0g7F=qt)4l;=^GqCL}s zkorW9`n{ft^|~nowgm$PX_+`_TA&MGU1`_DVJ-OyF@w0eQa za@`nK&k7?8mqIDTk$XY@1$h)oXc~k@kS_cDbj5~he|@5DeNA~^ar4fG z1$$a|fz(hL8u;j*1NTl&-LbiUW1%OoXZ+}6JNAC_s;+g_e*XY=;q+q*!|e|r9=^D- z(pOMiF;PEqY13$bwC% za%c|nz28RWoA%?cf~`Z(b3;ujI#_eFlF(obd|lIg zsB>MR-PafFnXc_CNDHOA`JiNXx~trgtG!ll(CPEs(p5FoQ0h%-YAA%a=kyj2`s-$W zfi{n?v#7hhc749z+LGBkV%0PpEOA*SDWSlgSz2zd_1GPe%G%P3Qe&^D)=j$8hp3Le z)gp>+!w68#uncWPd0F4oY|cM{Pyn=6Zy6t+sn7Xb-oBd+qg;yhen7`cRK zj-UVi_OY?sw{I6ehc0btxpZjg(&pw%hmI9?Bo@2Mg2A#LYl~$lJUTl&DxDdbsI>nW#@gT2yP!6y~0i8{F&f*!XGC356OqA4#d?}%n> z$K<{OpVLlF86vAdf+d{p~3}qC@09GXTRf-JK&T2l$T5FjvD=^nQxYONc z?W(Q|cWpejt1Le&u(fsFysIUvJyhS)iBpkK>-a{0OZ$e6{^p;xXSf0-o%z@%4qfhf z-h#xG?)H*St0P#_UEr^%0jBeO1qPhdyY&W3cDd6iTcFK7s9QrPsD0Q6q(&Vzh!V}%a);nK%gK$P*uP?H}~~z+SJ#-X|SrG zpo$Jib{3z97yS}EZuEV?#32m`w;dOv6$uP0zMV>RRbhn|z9@h{ao1hjUfBEtKF__8 zm-*qy2XOm0r51i%tQ1+({2OP0U&G&kRh_YX^T{BEqy*RbkGlnE-P z9=j{X&C?b(;9h=^PO_bfr@u0BA7J)ddC$<$_`ZYtq`DnDKJ_W0*m|jve;jKzs872? z`DUpUQj6FdgDiuRMYP5;zZ;^NU)mxBb#(Z87b0hzPYl7Lj%-q0{zu&IT>4JGU*nT@ z|BxP|FZH7@^oxDLAKrNcR45Wuc=z}N-_FI0hUa%nErk6psgFM(-3DzeDpAoAb?mzr zDOf=Y{0_cF>Z6{@qf#|Liap(EzSyS^>?vGmc^=o8v?0o<5*xh0#Nq?aRnC5(y}h=s zqq8>0;}PFlD0`a&q2}gLpgH8q&UU-Avt49^!cr4|7;87I%mo`HcA|h5q-`+KYa+G^ z$F~8x9VWM3gxax4TN4**2N7%EzbD6MF`5$17Ik;R-fWN6XfmYXcPVT!CmS4&>(kPb z4R!|@4`VWPMV&-cI}C#)v0`{Q7vuc*49@^xxQdLT5Bzy6`ziY)uj1G9JNYl90KTi` zML9{f$W!uZ`Rl3#RhDW>bxQSnb*8#hU8|l|-=Kb8{kF!d8Pe?2d|dNA&8u3c_9E>w z+E;W%x-aX#lW-#8(S*13TlD{K&>P-w_>|#!d~^1O#2txuC4MdOPf7Nq_N2>_K9$Up zw3_4TtSQzk>zNEGBb;$Z#!}|)%ttbx$ozKZ3z@HFm1q6bmTv2?P1&~D z4%nWyeb4r??U&g_*`wLVvtP^cs95ewCxb zvD@)E$5$L@9nU#laY|0VbH;hA^B(7Cov%25>8f`9o9iyu|G4YjH@fd|-|K$J{Z-F^ z_ikUB?||=>{Ji`P`B&xtXF*%Rr3KGm5Ao5$$BQzHDvFwm))mbbeZ1&L#d7gQ#kUv# zv}CB{eI;Knd974iT2k6ndZ6^m(nm{wS2kXDwCua(j`EW7j`EwzKUMy<^6!`brJ}#$ zo{Dc&{Gw8>bX3+>j#TchJXCo_<-?WFRle<){K@_-|DgXy|E>6Msj92${(vD^5}^+)!1hH*`Go(a2U>CdEe5{E_iHVdU@^9f%kog z&8d2E4f7PoDV#gWYNekrz3N5$Udt-p?T|0RwZm*g3bLR$4zp@$JC1hzz2?A*JDXGp zye+U1?3dJxgFbOAy@un>=sC6I!ZqX415zihRkI=a5xgJIh+_utU3+X&&dL9UPlAPx zBdms>!6)`mmJZ=P_pvNIKX~4e#&n=xj^qVDIGJJjNM(LO7Z=`v=f#nN_k0)c3E{rj z@$Z<^S!P4c!zOothR&r2WD~rE53w|U8Oy|T_55z;lzM@u9#$&t1w0)rAnjz$QZs&E z03YnZ9-ilx=Hx>xNv^>0F+6*iW$**&y_3;tx(|QTC!M3;aURcB@UOB=_D6J|eTJ>$ zg{&Jr41ReJ>IIps1-NViUDI){L8@dP37Zk{yU@z@-{=Y{1b)BDG9()WC~IjiJBkj6 zL(GoD&3Cf(IP&-|)`Y_<|Cy}=pRSW+wm}>Tn1ha$@-}gl@gD<@mvFp*N}&Ot27IRC zlVtKMz+o-MznRsGc^_aU(lOwu1Ux?t9+`%Xnr0y!Z8++pM>pJZ4}PcX)zVh1DFJS{ z9&llOwfqd;cLaF5gZW@r>*+vBBZt3;d&9u{o9vrdp+5{q{|L&VM-hJtyCmPegx#H0 z=OPa;&8uD#wg?wu|2V$JNNUHkYCwG&)i}m_l}|nc{ZdT#q3j&{r^PR1&BVX4-VFm7 z#r_XT8AHCC{n^gM8gytU#DI(;0>n?!SoE0|wS{R|TTza`3vpe=@Xg7rh8<^1yaGK0 z-;iFGer!*(XW4V@PP^A$Yj3k3vOnN7IW4G%(i_WB8M+Ji4oB}b+cWIh;@+Ay_g;eg z*-|58k#M9u0>}B)Z{xW0)ibYt;?=#ccE4Kp%4@Iu9P=r}Z5`~pnA&N20-x6?hw@k4 zPmap{x7pL|4fYm0hl=zI>_zrCdmGj4m(gkXUG_Cpum1;}_D9g-9n4z~|0jv1G7B>Q zR#ZB3;l0|K1GPCfe1uZWyqr}c8(R$w)FSiTz@BGcWj_GVe~;_Xt~AT$*cR-#xWIO^ zJ=k&W2)v3*@IAaov5(Oyb`2`S?_;My^&8lY>?UCTBkaG}-`R8Q_w1MK8|>HYx9m6U zckCaC3AJpAeUkl{{fYeuE+wkO>@V!g>@jfGUs;4b0Y3N=yBGbC53`5ZBdE=5Kr0mm ziA;-cs!9ayjHsv6u2Wg4CuCzUG#9cQ9@Ooj*Vvn=HHKIf3$P$OpAz=TeC*Ook z5N6nB6diW4?dS#G$qupoNCg~ZTiIpo3U&;1Kgmw8Kd>v=hu8<%b?kcfVRkk9H&(>1 zVn1XrvDet^?A1k9Y+qz!2vpF1#Y+{kMy4pSm zg0^mMDOu#ji}uaiN*1MJ`xg7+6GMwC@8svOy1BJ|zI}LV+~IQAPLJCc;ix+n!xJ|9 zVm19%JuzW_P`PP#3vEH_i2h|?ET`+`bmtR8<8}aXde**(R_Dz)W2b9+`YlMm1vlF^ zBj;sX>5-ZXFt5RJ&RhHLezbKe5O+mn^D^(fjYP zZ+TEX*J7tD%HZ^KQN6i+eo-!T;C!q7wEZ;R{b0G;gK4cB-#lcS9iA9>P2g&HWE_`l zG^yywC5!6fMQv-*=fIHyH5&ZsYHQvhpU3!%>cWymZLytzG_=lt0hSiG z0L<{_3A$x-n*dT*{5h?GwYIkuI+l^0P`n!XdgU#=2q3g##+&W!r(Lr|2!SbPBWy0( zZ2&R`<)Z9y&9*5+7~bXaMK_+p!^=~Pe<+cd*)HUdNxL3|jr z2rmH<6g4U&1gfZ2L=Dy@DTxST&=3$?+xpkqB7bY`qCf7oT7MUm7q_Zaq-qsGaR*sN zwy=YQ#2}ITf9K4-_bmxR?cbR<_s*R;bLPyMGiT1sU0z}7Guc^b1zM@NsXXb4u17}qD3TT?irDAqYT`htql7n;N#y-Dw?>0P1?R;RLyDjGU< zDvQ}wrLj)^MMx3d(uN#45XpsErL*W>skUG5LW+6u9wuLkAp4R# zj+Tsq{!x{5Vp3NfpaUB$Hs)b*SV3LmPX2B*$8D;A@Wul zsigYn^Lbz(&nhjQRoT!by?<<4e<<#844f*Ud0qP##SV)$*mCX$tL1!nv>{E-M?@Qf za_$~&2+8@#XhXW3dqf*Dn%E1{A~aFXy=kJHkD-ZjE~JTa?n4vhd@N0r z^Kmp$&flYna_&nLL#1=i;9{SLOf#Rl|i2-$~~SD?tG4^K#BPW$XZ(Z~>`_e9|A^7c9b zRnsAPl5TZ-PUp@MXA}-?7-S#T55Xyl4Tc5K++nFoMn~1qqS%mV@!=&!v6Bu4iX@K* z{A7BC4}(XFBcntEz|FH}%^FoW3XN02+<Sh30@o?=>`1Y}5etG7s7S0*l*X_NDxM8Q(jq;c4IGzt>Z8WOkqluv zGgohp#W0LR6!Ejy>MjJ&>n@Nf7#c^QH<$=~N%h)$ za8Vr9kzjlm=@Y(*iYX}^+M{}c#{PNRiuYNQ$Jl7tdTx|A07eiw zkBBXiA4H$w;SVC`6Va3l1g4ynF#;oz3k60ZV+BSc7YWR8A{PscL@p5+iBt%TM8*kB z8Iel`Mj}5H7>QgaFcP_3U`7(TLSQ6vrNBs}QeY%fB`~E#ek3pw880vrsTLTC)I?*a z`fR>RE@EepJV9e;61!UEiR58iOpL}(^Pwlng+gDWF@c_}F#)|c8Y}TZYvn>gr)W$- zuhW=-ULTE}?t|9Jg@R7in1I%6OhBhapAGX^m1}{O_K#)O#M1hlKf{}K_&@+_%onW% zW3YGZ+tJO&iodSGN-uq(LLQa~S^eZ!|=U|q(JbTG^^DZ;gh2Qcs=Zaj^39RF&jFu??v5Gy~v zgP`g1AGbHT@jT$~p`BA$)m;Ppg{)d@xhWK}&SjNX&6;l-Yu7QvClH%VZXNgMiYYY^ zf0}g>|I&5|dmX3wI6MqRNf<5$LmhZ0Qd2G1<2by!J1%!MYff2pp2})_0OiMnWg^%0 z#ETW*WX?kU1oD5tPJlcMtj>9!)p-Ywy?)_bA6EHq!;`1L`7~>ASq)dS8s5z6x-Zl& zU>&`Pm2p2-vr#*Z{et({BY23xs#I4R~Rx`#b@#KcaEKF=kZ0He7m#V#qMes@T`9~`*8aRySsg) z-NWu_AH^RLAI(#66LlY965PAiddMoLrBir_c?-Km*C}VO=U)=erZ>)ESEF9`8tjNQ z&F)PvoCjadw=Q7sVGO$uKcVk`Z2g(ldjq|_!x~E;Ud)>R603ss{LQT8f6m^8tp6`# z_u*yha{Cy&(C%X&YaeHS&+cm<&pzCI>mPQ1J8Bp4KIHw@1MDmm_`4+C-93g^*jH$_ zTI>P#K=ykE@p}JYdkF7t{2|;*ze4q%3n|bSx9CVb^%Xj|5SD! z&Oi}lqaU8-DWZJ)6zg&833hB=V;|=^_Bmd#{>J;Or`o5noAN4S<5qT1s`yrb?9m); zJ)%1~nT(A;+9mes>}G7T3ehw(*>Rc0?#nIKaCR(KvrBQiRmKj`Dr;H#i1Bq(s_Fx0 zot-hQcH#-;r<7-v7f-!m>ea;q2cFQWylVWk`WpYbpnUwqy7AMly=rpJ3_r0;dG*Aa zx|*pIr}{~q$|uxSO^=t$8slf>pQR|TJiB=El<||#J7+}taLvme9;W`ihCa9o==qXpn)e3?r~jB-NY%?<7;Z`>F;W7MA`7MG;L~4 zw~q4+is2*N^T1&Fw7MxS-XV&2&6e28ua?)s`^^?EQ5jy+yWJk%hStVdcaD% zrlzjeDo8xK&^&{U-V9ke19qP{dvM-h`4WlDNd@6O-CjQC(&!yUPYn1OxPPPgxKCma zvnSb)*iQ%U3oH(_rFBUwNxLiUvtYkqMet|bDg8^L58V}v1z!l=<@w;dp{!6r=*UnB zDffk54sA>Cl0J;Djb4|2Px?dY^D^=?24z%cOwV{MjLdoAobbr- zL*YlmbHekWWjG-V-P8lk5>?$j$ltFmVaN6oU)NoZ#<>!mQ;qJw3Y{+dos(4O*6N<; zE$B$ur+o|^^rSV1dE;r-`3D18J1h7m;a2`N zX$@Z(-(sE0o8xylo2=gx|AVv5dfeG%&2?7lTU1#<@09;n0e0J!H^HO?|?inAJ8J6pFod%?d0{5vVV!J6Z&r}S%98}Q%oZzlm} ztS~tCGj9i|A&n3ugb3+`3_>O$3~l3_FRe=nKO|g6xSVhW;Yva!;YZXpo={DwAzVe6 zK)9MPkuZrc8R}<1{f)Hf$Aq5{ZX*4sgr5<9PPm!yUxZ%}ZXx^6oBVqT4^zh*(EBD~0b#MTnHDx%Ylv?kYyzHFlaynR!Lc{taWni~ z1J!%rP$MNigulDt?@mf?hEwac@4g1|OM0Uf=;iRW4W90#M>bMoJtekN;tNWwWNf_Q ztc8NLP{7VNVFQ7$ZSq#{WrQo8N8ri5^wU4B>!{&+?km(WvVTt6ZBW1$RiG#A{0;j4 zNr^?!wvZB^P+|?x*+Azqy9X)p5hYrorj=ga3q>u~V}v=*r`FT7D@J@Vc-pA{8_MQ` zc?+0d2lEOrF9-8yU|tF4EiUFf7xQYcY_Q%zPb_xc0>hVJ*ue~MQ&$*{=OI76;C79( zj?(*}VHGrdPW^k4vd9-dm=Xbbn<184np`!tw%z=)-gJ~f= zX@!;`tqem;fL6XtD|gf1?~;-Xy|*2tK-u8gi%v@AxN@3$h0|%)%g+1OD~zO9q1vXl z40=vD_zn<@q4Z;}zkwEXFc8ugL&>RO1e-qS4s{vaf$43%!oAE_;qGE*iI$T0c$aGF zjnIERnrAu?Qit5_m`Bb#oELF^m+%Fa=2~?5I?n4kcf)?kz`o=AuRu*9$fJJO6Qul9 zLOo$R;Rax4fZte2rR+I6%k>5(ijZ)bGMSl*BPZMUAFU2~nqVBZF28P8jRY=j4Mp(X>kHsA!)ZeaEUBRr5X zzfGllJv`V=t6oB)w?NH{(A$PIZ$X;3LDdrLZN~0m=T&sddTR$Q-AU=)U~FO}?4fK6 zX>E+!Zy14@Zp-&+%jYukUZcK`wQWMzCZ9jjf-h6}vz>Z&y8LMbdOch)8vlKu8{v5) z^1+-;Eq{XxZ;{f1gcQ)zpU~5*Xu~dA`#JRQpv9{gjr*bC3ixdJunvB$rPd~L-zT>P zxfOjk9SfcBDZnv(aE;kR1Xk~SSJaEG&i8a`&!th5%wpo=JI`!*;paP1+&arI|k2 z1&&?d*bT+a))GQzFs!EZXOvz==~7BBR}TCEN*<%f9tY|PN<9fBbCe^EVAu+Voz_RR zdkM951wh3(8z_tf$ zTj9}A=T>^iI;2Rro`a?x3dLsZ?4|$TL|Vh7%BSvzIvyOm&1Zg%!Mk8*s@+2L%L{SId<+{|_EckXr`cG{fJ z$$!_G?|kfR1Li)b$yw{{;(8s>yPTNwDtjEOoaLnQa{0gRsLORotp%0s9Mt2SJxHB8 zWFf`TUjYM^lF`8>u)d=$;B=NERcR#Z&I4`QgN!6Op)A=s83D3Ovx1XhT$exu< zE1DfAIGnGYX1KkNSTlaB!G=Woj`{ol!Ns|(bt!)n(VBcl#Q~kO56Ng(E)m>WX6OfU z2|VTXKId&`sX&OF!1;B^+1s>Mc+zM}I;+tTzC*5>!Lr6nFnp1##6I+Ly|YM%^HcEO zhI}?kPdd*6pXU6+`LS~cS1X;boF|;w%nz3Hd*>~BZyhx)K*qmx#zDb9sdc0C2BWE+ zYcB_hAkKcRdwo*c7u4cQ2Rz$JUBZiPjJ98~~3%+*$bCtZ&cBOV_WLE*EM#5b9k9{07EJ?S@* z=M*Pn2}gM}2{h{nXH^an2Z9US)@WJ_{yXkjEZ%$krwdoaz1e$a9%=t z&35i4PuhGxqj^4ihe^(P!(1}E;J~@bS%kf6IoH$wub}1Lb{+)VE6(4YM@jt>iCF;F zCT7QPbx5zPiIxUfs8_~|o(Bqq&n;DDGApP&NlChBS7trW!$k<0s= z&K74kUgXIi{mASdda@awY%@AiDF-T*KYkDUl0`YU*TJ~oj09-&M+B)IXf)-fk3(Ck zy4ke(-#Nx>PSsxVc?g=mf@d4x$s*@=YD1pk+gDusZ8;bXrgtg#K4CTC6)AyDVx{s- z(?#M{+sioAvHlC4kq%bPLGzu3zDy*{B3>~W53EEJ94kzV{?}1S47$FXLyoAgqw+|T zN)~b_bKN3m4RW>EnS~9Bb3P>P3o~vGrDjk2h_)7e>daRxq6Jg*H=0N#&Cukmpq0y< z&sf2ldPPrf?TFrvsc^nA>B>PFyQ(QvZc}sy?bA7p(b>p2TEh7)_Ig~0j@d=M{( ztO$`#_`a-CJlCDbk%V6Kn(-nH5~T0*G~_67wpZjJ=aadYr!Tr$fy`~PiV0_i?_m{l z664?*^akr3MiVnT^V>GoBmZDVUy5C~3(dV8ZL^tC{~lK14(uA<6v93V9i+w%vzcAn zoVTfSC!@Dj=h6o+J9tZ}tv9Px z8QXD7K;%Gf9lxigs(X0Ik)OR%rREVBs-#5U%*k-lir zmB1$YMdo2$tGl`|J+&_IC+S;nje+$jd!ed*v61&O#$>Ir0c&v^k|LvOD>AZ%8kZ}L zE6HPp2UUCJS{yP!TxBY;4@~9(j#%@1v2dl_8rryxs~uPf%ZPnUOVnP$PFSU5@EfRf zbVZ46CX~Q~Jzo8aqvhM=Q0;~ltPba+r?3QE*;e|&yhcc5|4EL$oYgutQcL9k>GL{yBi)V#142TJ>Q5uu#VBQjusjot|BHpY*tG4yL$ty z`{+?Dd?{^Ql1zJv{+W9ZV$bYi#VY+55P9@9QNC-DB(B`dnk_B|64RddQM!>t8cY)F zk2dbTBssJ%t30J(m1KBp-9#WtDeuTVblH$q+cLst=B*wEo7)2|J`b_Cfxs%`*u<(s z_HkuZEPVY$QaS5-S9lJm<=8}T`?iz|^AclD>RQU(Gma}rbBHY4+??hte?yIDxn8|?q~!IBCluK-f<0ow>4nz{ez zwW@@~b4SNouTV!6vkQ)PA}l<#okzy_*T_mB6_osiq*~g`>yXyIsIBGI^6T}m>wUjAzgep$qSY+R+(7q zUDQV7AC=VSVK)|Fv5D^l9U;mZXVT<7r5vq;JG5$_cf%4)^!>0akHQ~=7aKF~O5iF<((c(F01wVsz}jE>e;_afJG0(~H7sEFrw#|BCCh3FRX1KhL3gIKeL@gjb# zkWn;5y(tqv4gtOgImdDi`)ief`Zij`wTX{YJVQ7R0mj(LW|eg$X<-4%yj$kFbUL_hngk zu*0{RR?ou{l;cO}wx!OC*hFf%|7-Pf?`N7bOLs?dtuAKwin^9MGo9avZDAFF`324a zQg7qFq2)Xxdq?ZFeiOd8z!jN2_6QFS$OUjPg2no}S1^cke(A0O_(x->3OUSk zZX*>9YVyrdZK%&_|61}sckWNlgB!nNmTqtFi|(_WUwhDUS3qk6xAS{hjX1YpQ_6ET z2~K7OR+jVBA~5@cnyc5XaC-yuX$ZT(y-Sr))N&s7uCy-qf;Qru-x8RSQyqMK%G*Ws z@?1-_!x_}$uJfD+-TusT8VUQl@qBoPO&`CG#}e-mc&Y4?s}*am4Nc(PiEO@^U=JzZ zjg{n=+^+ZA+K`79FYN$l(O5~&Ta`$nDGjfiJP_h3wh;2yDmqAPYY)mhBbgoal9x*v z9e6nA+-o%1>3(x=K;4^q0@_qE=NBBIR ziTni1ZwWr1C$2YOkJyy!OMaMKabmNW=UwI8iSn|CBfG%j#2U{gaM531*ffwtEe_Zgr?DNW3g96Yi_>B|j z135!QJhvN9dnEcH*q!40xMzvW4(SkVvP3U7+7Nj=LA@yxKSs$rhMXeKov(7#b5UT7O)op^Qrn579EbgPJXY&b%%8_Xa9_3Ly2nXRi5-EBYFvR@j1n)P zhl}ZB>1Ej;PIbMpD8=_9LqY-8ZLWp_1wAIUzyYoYiPgw+H6lGX@qB-p+5=)kY+*mE z5&NOBgEe!Ix#*=hMl?lt?uD)Zdb807?6b79emqTq90c_VUx%$lTfZ4$B=QI-$s|SA zLm{l`L0k{T^UM`KgT3++=sO)B%Y~T)qc!Cp?>t&$8~r=dxmZ zkd%jbQzFchJdcq6S9~r{Al8p@hisMXt4%+c`dg=|;k)j>bw7=4Mr|3P> zKeJXq$r^l`_FzzZFr+;g)E*3>GdGaC37^f^RxBier*NfDp-Z0cL|bAh$iBPm4s9jH ztmvgZS=t(TYd|E?NT0}EP-QKovX-t=7E&ooS1Ajse2H!oottC58CVR?h}M~n9G}B` zL)EnRCcXkPlefqo;w>E;>fYf=*rmMdw1YQrc3Vxn2h?JVmJZWfrvM?(5z3Rc0iL>S z;hDxJu$yNv%@dvSoaS2K&GULYc*<@&Da$D-&y32kNps~%&qi`LlJdT$@6_~G_bI>K zq^}@-4%`UvE|bWAj(sY9-3?wfYtPfPLvwNa;NbAsi=hNN_S*{tbq9GTT52upv)iFG zL|yC=9=fC7Wpq&r%W@wr&O_Qn))vqgq8Hvn!j|!l(+VVP12tr5Zb0Yh05I>s8-Ytx zNwifG11fPc7LEa<%&Vf)@>O~|tF(9JO^F)PMCQAy9?Rwp!O5)GMVsZQHp|hm&{fAm zR~-w7@&48Cka^K;IVxw_Je&A1r9`LY@MgsvMw93?n>W2)gC=Q7fm#-MN^yZw9Kya> zh-5Fu2l+P6O0?Q)d?%&8K&da#@zNE|+(w(f!OL4T6(R{p?#-NKf26(3Pqg3LXG@A` znDWM~^R6)%7L3pJwU`2Q<#i=}inZ4^HYFY)tvt4~5TutBxgEUim) z(R-wbY{(btS8%a!bh&<&hxw4NZwHm$Ii+j5^T1jZ(qvslI ztV5BX83Y3>96-}LS7Yn1B{dD5GDD%n&U@XSo%HTfAANUeFePx@&5)YXk(2nf=)PRE za>npW%OlpQyoMFAO3TJ@Jb(1?OCweVZ`MVu%CVAO%iCxXC^wiyqOnWBYRfJeXPE)Q z$WT`|6&plz4|8+ni&y!oKcvjzZmRqTRA<`WUEXZ7W*_7@^@gjh2gZNvQQlp%9zDo$ z%J|9F9C>rldPa{g>T#YP-_+wmJ$|5k7fF|qZ+cAZY2mya)AcC)lu<6nkRDBci7g)S z{b1e^eZ^XDkL6$I+W3-ruRuNUQbr`t%%e8r-(ZuplZfZR8?i-2BDzyYFO7}xW7CLD z*RUtAnD-RSY$WYo-k-fw-@Cidh0oVgGAr9if~;E1 zb1D(qU5MQ~kauo>!dtJim}~z;S+BlcN|(&vXAtBpIOMhUbs?vA_Dc^3Ag83hDK&d_znq z@p_s!itzLOGfv%Z%+is#t9cagofkH_d+#`2D_@JHHWR&6q)c)XH-)imE!6Dz^g y6ktuz1>T&A4jYahx`20<$MU}J#oWWVhkp1UtQL6#`9Vr_Nx+rL_uG8VTmJ`Pw||NN literal 0 HcmV?d00001 diff --git a/fonts/Work_Sans_500.woff b/fonts/Work_Sans_500.woff new file mode 100644 index 0000000000000000000000000000000000000000..df058514fbef579fe76aa47050c0249866c43912 GIT binary patch literal 27900 zcmYg$V{m3owDpr@Cbn(cHYc`i+qP}nwr$&XGO;~LZr=OdAK$K8)zz!k?$ce}XYa0k zj;pMwC;$lXV^;qF2>-QHq+w zwjZhs2#LU1Oi@`706;MV0Dw^efL|u1M{`fIigb(s0NQ`PazD^Bn+q5;wAQ!#;pTq) z6MwYA#J9ga4PBh@0RRl6AC18eI)DlUYfbD-t$(;N0N{5j001>@>)VfQs_*#Yi>LRa z0slY1n_9V>{BS?d6|MyUye6)?Qti!*^?$}PLjTdQ{s&OAOl7kl@`w9x9{4{X24nc; zXlCu?_QU;*2`uz8XF@#_hAt~x!ylbV(+`LFAAGd5#jN$+el%ut|L2Pj90R>)qi=2e z!`=RH**|L`NB%`OZfEQ01OS-F{rC<3jMrU4Glyd5VEp52rSzjK`$1O@IpV4t(C>Z` zpkO%wppK{8%b)a*o>qZ;pmZM^yz;#6-1+Z9^*VNuRL$EU;x6InU!4FqAgORBJ#BsT zklfwVt&J0v&6B0-7HijX>&+H}O|8aR^#GC<-Y#JP&`IO(X1lutW2aqrqYoX>n@z7v z0MR^vg$3NKPy~xc-m?{tga4%k+|101p$Sisdw+c>2C0+?NX)gj$#iLsh3F>wo#6yJ zK+{Yw=P%_+1kXX@E0OLvw|aR;Mf!O-<=o&CrMIZ=0^UZAd%^b^{X>zva|}ewveTIPGY%r(yT_4h7we?G4@Y?wjsET_5ZK zcW~gxJUkGLadJ_noN_5cPNuYRYL$izmMUYMi}gNH*81qHOFgpAwQ1bvhFB2n6L7Tl z8E@R%XuN+%XuWTPx?gv>><8lb(bV^2r72AgfSAk4f!A;bolR=b=>?nh=9bS^>&=t3 z7SjUEVe!r93#U@u_sd$H?Tm<#v-gv8uHF9b(`gKhID$KIH9|&;7O8RIvpM^>DAME1 z^F&*7!JcZQ`=XH}iW6B&2^9;Ol}gEgfvf(R0qVgfeN;UqBR*8JCelxOuzJjuGU^mi z=|LZyE0%jxoaFC{P_@)?Aq^3}Kp)hLx~h5jm5<>NzG9#2YF*B`GR0s~Zf1XzIbaO| zEHf~ip=ZbGNxD9|{@T9Ue%n6V{+m9$+b6MGvRl(zv|H6%wp-U*xLdk{-uS<^goT;? zGwY zlQGMLq`anu3P67eD%PVYU4pZ;l-0(TNh*;?44a>8=JlvkA1YBEZEX`zakt9*^N4C& zTVx!I5~>B&{W07h9U!3*hL0o4gL>shcT(s?xu?3-^iIv_8sPa^?fyRH8#!I2^0nR# z0pTn7-P>(j_G^s6yrdP68noViU^n2Iuw5mio;^@RBjbXSz(RGz00Z(pxzUjjxl)itpQW%da4`M~ zi-8?dAlkRG`uLYcbzxkBa}}FiPkh7`Q71^$c9pd#^4%NN_8;jL_)(iAk23LKwT$rM zKsC&8V>ETtwi{j-lZHyiw7Q~x4)aV!`_csqu4J18Z4ZU#IdRYB$l>K%%`8ZlL3V+n z&#KZe<8bD_Jz6&));Ch=VqV%+gGNnWI?uG5;tn#Wv3g7+-?jRfKSY;slTY-w1Xur_ z?H8ukCfC6J-LpX4ia;`kpz{&-j(+X#@zs4neSy^guT8S-Y1r|!0nJ2{Z;igfyTy0A znv(m91DAnf2t~m-bW?VbEg#fS8fB81Xuhk%S%j}nF`uPFOInH0abqtf@OWil+J$TU5)? z)rejAok-K67Kb@QJ+sJY-AZN|v5QNPO_+Bi>WDg%JSbZXa{7BrJUSwpBw<#OWw5%j zawoBG#=@}B`zXv%!6DfCSGn95APF}Hx>>7_dVxfNY(3f=@Z@`vfU*gds8>Oeqn1lU zY%+SXYIBKzwPa3N3ZA@T50(bcc7;>9wD21BT~ECi-6gU-g%7}rN4_282H_<01y-(U zhJCtJ*hOVGXvyNr9(+?AsQX_@JR$mmO0#XNiM_BbSe(Nb=>T=18uMge)!PVD#g3GQ zNAa>vXx~=K!2QeYzA$FM?YNzjU2Q7@s}>P{j-pnFUGBah zNq`~%vE2-z7+He$dQy-kOar)s)3e$&3hhi z;ay{|w69~>lfL7tbY`E>+OO1ZuzAF_3_Y+rfE&G7#;5DKIK`*ng{aiDvuw&2-=Niv z{%g~t!>p_WVu@=Jhtp#AD3*magg}Dq+;i@})vHcI%+-pX*V_l%yR zo3d)1nU6=mXG_SLN{uDI6E!fF={A8E3-xWz5gTpVLpWUn6L-1nP<^iN6lUv{JC3LX z=7A1&-(vFz!i<8!t_sqWXny9<(lP4Hf7r=kq%$++>mu(p0n}*-l@;uidI~fZ+J+`~ zk{J(6%-2O)Z@W#DTs@a>v&)>Zg3?zHs#;*bs*;h0#l zGE%-67WoI62$jayw_84kd#sOm2i~GA0~SpGNV_#{SIE@codi|SB0Cb_6g{Fgp$^I; z*>YBMk^1GkL?7w5nN_)bccLz0ZswwR_{y@h*E5FEn&*(WQJFhsLNXYr*67u+q)TTW zONXmUf;n`^1Ym=*l@VX{Sr{q%QoI7yWH}upl@WWuRUTYK8ds#MT2M=$bgi#97s@h+eP zV(1!}xmZz3fSH(9;zHI5bg!2SHN)M4YnCsj&Mcx4yCvoQ^{JhC;*)WlUEHP(ALCQ2 zZi>*@?%rk3I|Y@UGHv>6YE0#HC?srmkNJ?q^^nb^iC(jnM}E$v1k@q}U%tR6i%-jCWIx~1%1U%Yy3 zenOLM7E+!n@$MBa&QX?N0~L;Yhuu8ol6{A)dE!Th*P~XGDd||vUCJS#&AggT6tH7j zety^u#uu~lUBHGwMN|^)ub$OE|30I&_}WZl{s_{hOjT|vR<~1i@fj@auyWB*$$|dK z$yeeJk7ggwA*If^*!NYOHkqfY&)c&1%X!y@h8x!qWEbdTZs^PQo(HC;8;ghU>eF^{ zVF?mwbAzIs>rmZ!2ay`Qus)E31b>p@^))d7z|OeZW?*Vs-1F19=a zt3iG)I=}UiYNc09>S8JwMwOzLu+Ydo8-is^Q4X2(>GHIhKs`1+`Mxnq?PuipxIRDg8TFSi|MTXSMs& z;kcjFFkN^3K4=iUI%o|kOi<cd2_ zjq>BsdP+sB$W*~n->-;(AV&F&%?4M8{N;?GW}1(-?Y+POC2#g*XKVI^D*k6S`z_A_ zlt1a8Y7?$v;fl5;xYO9N6S-`dVu&(h4G%eqRQrPH3cn(-Dtkm-oSk#g@>-Sn4Y8pr8gF6YIMfw?Ap-LYItqlTWql#Yj5 zPnCittgYO1b?;q~{CP`PIc~Vwy#hO9sR5&aBjCRA$ehSin_3pViEy0^Wd}a$1mnF( zqwc76;JMpZzru0l3pAM`7{_k43MDGf{@}!Rnu-d|%;_b+tnKXez}AkYYV|V2cB8ZD zzPDYtTprUI`%4=fZ}iKwf2&ITu@X#iMjlK_<{dY4G|S@z>AIMg8|>`;yv3{Rr7diK zy_RmZ*44R(`|91LE!}u*A{cIK)n0<)rei-16RPzmi<)xDE7xzwF3O)Qm?3HwWsTacQD7!0a6qElp)gcawyEj~=GjZGtx%Hf$h ze`T3eN8AA{V$tJ6vwym%zV5e7ZIV-`#!nLL{G_J1njmfNdCP8JM=dz!vT#`9^Oj1By3-xH{QH)5s9a&J0zKJ{fmc3-_P09UHI`vlP$%SAG5-z*7Ce+?~x5($|>n>ZvJ`0xa!#7cY z{-&cai=&`t)c8Sr{|;+mmG5GDm-jAj`}{0y*9s5xsgbQq_Nm^E7kcs>E|_4I4)m_| z7T3POP)dCuHy97H_qvrR`!N_!Z~n=L!Fv;O-a4(g6tR;SG|)#?k~ju>_BOF{o~*1!F-m#<&%&`{L0U- zT@qdGU4Hiswv*?@o@k(4btUs032~**4|-|+YW5X2~LbdfR<{TQg>69 zu0|O#tUCR19pouR3t~jPHPKUT6gC#=~PnuOA zFl7UUPnSbNv~N|}>bd`B7t*RVVCKT7C8?fiZRO$WzUtB)XI-x=%f^&$Cs?1=u*LS8 z?XB`nx1W3Q9V_*LgL>XoSvVTKrPO}!)F9EGa%?`UaTC<5)SlRa5{5D>WInYGNhc|0 z_%G-avtM$(2Vcvah|QN%F_EN+4#Ajrh*b})bF5M9uU@X)5kQRMu3&C>Qjl#l2v^1~ zS;yghTf%XSmUswwsc+LJ0@w$NngOdeBb%RBAZBdXHeTBRk8fUw$76lMOTW@j0`lTq zzS?#YpJVruVl)8R{RIy~q*)_DhZMebsa0lnZ&1yO+S&RQ<}9?n7^ut(-BQhx+9rq@ z@5Cd!Wt&=jUW^Y#LNvCv9#yFWNqbt2+?#Duy`R#ADYl&&M1^rw%at&Fe1!P}w#d_X zWs#&0G{aavV0n+R51LaORH0-$#!9p*{>J(7A91f#4laEtx_k^Kw5u|1LbBRy!3(QV zg!;Y|`;}|AYyur*jC5PV6v7A8Zrozea{)1-X+=_#Dk`KEDj~1J9Gj}({4Vb48#}=X zR}kawG@QbIXfR|itAD$dOD4K)3sEc}O_1)iyV}Yd-IyNv^M2Sksj_&}qBw6b6UAs1ML)bC9nT z(ye9bL$s1!y}TDyw~`v7>BBF`8?SrBAdaVQp1E#vm{TJ6uM>d{9r^!BJH(*&Fjl+Q zRyUxqRH{XjaFgMQ<>-m1EuLC^h*o+t>Ct|Yy@#ssRWG}*6pY3ZB;(2^dVz4CRRs$T zmXWc`fJ6)GGNpfpM&%ByH?8YaCYX(rbMAVh(h~bn@ZD7pvRk>?9u1av5dB4of*tEz zIKy>qFsjjCzp_tG#XiA_ZCrm?xo3G)UQfj-7!!QmSi%0K)uYAg+gbJLzW#dpKD{|s zZp=q#pCw=87^t~*0{h~Cz;H}IBNi{ToAD;O8KyeGy!j?9Umi;C3fXMKrBir!} zUMt}^@s6yeW*lv?^4B|C8rvKP9H_88|xD_SH5=eMZ;yW$Y3Zvrd3j z!^t~X9Ee3P(F}4^U5QVy!{do)5m68SAWA&4dwAeneR?IzIZVB9p0 z>HK}^p1bkX$L#IDnLC?Oam-SF1IwS~s2=f!G(K&@o`rCab?%!gm?Xlz4THjlr^H4u zm;v9;Lh9go2a5IaBgoGs6O1nv1Vhk01OF2BK^-QpE)u(Yfrbc_#vnbh?#hL`j|0Dg zLbyS@_mUeEuSLzDv}U+LBILyn=g={H4%9`sZ$^V-*x1S}~6iuSbMmnG_ zV_bf9an$%GdWiJ<>LJ*xd6Lb;>%cPZq+oC;Cc2l}P)SSiT5##d?hbOVIp?Y8>hJ+)}OQLcLP3on3+ z)D?c@ZuT;=*SqDXUWc;8yJ?TI)PliMwp}J~*jXRlk+^jdeT};7?o#LGLp66^>Lzcz z9b*0Q*m?8F1Bc=I7}Gd9tr+b4B`=`uIp}P*pdV7QEVdHcV03lvU09{wdCGUa(eXY; z9_nJH$u@EI@iocSV>`PdKQk#FY?56rWIIw3fvWv(q{4^sl&Y*;-2oG)4q~h#orxO= z-E$FBXxi-tmD6t5yJ|aA2)E@L`eNIUqnz3P4VvW8|mnk!<-P{2+FpAp=V0UuMD(*C=G6NYhwIp3mgAWZ2( z!dYhDs{&1uWek2aTS+W`nH?oRH;l|!I1`>WCHcX)n1`xx;!I$@k$ zH?2~)BIl<~`3_Yj9LIUrDAr0#Zq7*Z3QZ8+gqD5+?uB*TJZYwN{W9z3Rox=3=cQ|( zK>kDy>4sE^+??3=;^lKgHq-*Dpe1MG#=&Hb>4)6A2* zte7S>^Q7;)zbva7HqbYRizE^WH2nodB9to-%T)?xGGVhju&=>KIcM&EqR!bD1JO`A za)S0>3Dx!yXB(GD&FvH37tg*x-1{(7?o)R4DHOhcPirM^M|yWZyhc%OS@h9nV4bm{@b6br|b@l>+G3dR%0 z70X3BfvC|dmM&35ILBsW7B2;o+D8VdokPYocFmbuH=t}Cqd3=2sg^vK5V0Opiny%{ zi8?P4s@*3zvmUCIrPB@NnT62f zI{^4;01Ev%U^arhiw?s3lN3Z=O>e|km0GdEb5gk2^meEIF@3j^z zCHLhUEAIQ|yY)K*pBLahP4D{OIjT}V^*9`X#gS+se$jDwF32OoT^ZPNEjaf18DCoRD9xRf zu2!S^D27fIK5luF$=cgpp;!DImaJ+)9el~d?fdc(*x=Q`-0`c-Qm zo%Ux;8Ve~L{i*v{^xGf^?~_eb(@GF69g8qe6;pzLXE}|#Byddlw{L@7S(6WT5HuiF z+O%pYu|7bWI4ukJwr`+Z8f_C14;AxZoTb3-ypu1#2(*NYK^qcpXh~MXK^vRiB?s8q$C(^4v7=H3{#WvdK6Dr%x}Xuc&=E&4&y> zLz;2hU#Si8$0Ov6cl&e=nCQs^}kw*}s= zc~>v*fU4PRE(5Bt(jIKDnU(`By%wuux%>t6U)8M@;+8xypKk3*ui|~}o!ahnt)?Rj zvE3UfdEUxzl19jdPTF0@odKa#+wUAIQg^g#*EtjxU6NRhswS;iH1(AQnrww85XiNG zM!U_16BB`R?Z5%M$=gNy{rtS1T=$H>`XOpBF;hp*hPQst!;$RqVuxoQkJkPXM!uSA z6ttr~+(pTN)~3Vi%(j94vyU`*@G~CZa{f|`RXHUelI`vWK*gPQq&8L`;m){uA-UeY{eDLyRb9D+-W_-^-sgg^4Qht(Qeav% z&n;aQ9f{Zd+%VK$V}%ZuN2VRbMR|7iXN(+}x}<+lQ=JKTll}9meFi?o3YzWf@@xr? zF(a_{c4~@mzz!y#!6y_2I%Lit07`7$15JS$R|15A8CU$qaAd}x1Bz_MAAhndR{&&; zDVGnVoM9^z4Z38`9|-CuGh4d2W%PG@N${P%nS&`x77M2|RdL%`t}?W2S*!??y*p=t zAW(@&xPpOjdFbpaNd}`RgFs;#p&Zr5(bw7jAIOK#Qg-QN=-B(Ky88w&4YO9@&*xwO z(Dye0&J8Ha156D|e8ENeg;>03{tvhma-pANoVX5ZY$K4ry4WvttV2JT3y|9GQ>c;N zJCAQq*3#2WI}Wm&7dN`oEXNs+)2tix9#~9bmDiP#q0-XM^Xi(`of=&HI#>XoFfI@z z=TJ5%{x3$r++sC;aT?H&jucfy0hPxbwc=;|vC2}^i1embC|q0O-+%txj9l}fzV?xR z{NR3D<0gyw=qX&$K1$#&c^?%WldDiaOnjOG`d zKHHzmBa7eve800WWmXr?cgS*&Ec5P@g}{12`Hv|dx#ht9Af#tH5SNfIfq%)ti#jd& z$wgxWiJYCO#4qS%&{9$|MoQh)PTkU}$GAvNXtbRVU9T{$3?z@k;bmKEI6Yy^rWCFzi8YiM9n!Z08OOhM-MTC@*Wg{_ST zhfJB2kd`ufyYfsY+4ep+A2yQRN2O;@ZZQ6Wzz38S!g}8_(&rE!ZA{h_r=aOI&zsL0 z{N^kGW;dXQMFoUX?Y&@hlu+{fXYl&EagZv;m*%g``Ib000h+~3`4ZtWO-F&i1!;!Z zE#?`6Atl3NDg>A0Z6NAoZN_!TAodiZfMUinWBbNlN)ECCaCAdJLT6rr3k^n=O9xgo!P^-MvcBbQe* zRocmwxQGlwh33!gKIV(`Y1pVgLkXo_>ke#HI41 zFmv8jkdO>Rl5qbMPHU*$Y_#PoGQ1O3(r5E`ftz-A`GUH(p$F2Wfaw3%#0F?-#1MCpKo zMV7OysNLAivW^&oIy!*z^fdX*>+6_5E*2UgbWyqL^s73?ps~h5d}{%Yn_FQI1cAXP zZFmiUq{1%w+YOR%V(R$zZu|HF=v7Kr-JAidY?L{r4L_=7S}6`|%C|39xBI<7_shY` z!NJNSgWKVWgsy!8@%a#KCaZmq^>$kqmS1OjWg!pwbz|p7L=NIgCNn}{S(7ez_Z%pv{}}Rh$P5Yfb$4*MKYCP@ zHNF}U#>6Tz$CLHN1pJ2Wo=O2!xu^hsixf|Q!xKWHmTD>oM=^u=MMH-DTI6sIDlAFW zDq4lvf7$Y^@BiF^m(0$8f$=LZs=VnK*O6r)y5Y` z{5j4$a*@}+R~cNa>gmF7B{UrW{#T@@tfLxGH*D{w-2WC)(1$U{&&Hgco==Ie>AJLCVh9SYS+@U{a#p6fCl{DR4EZ!Ad&5Dzu@5dPuAe z7d;Hw4#Ce03IMzZpNx!Vd=WuT3A996UOT6r`dHstSLa@|3ygf@Cb-{TIG+^@lqid9w&u6C5D@%AgFLCT;9#b#3qWp%4B?CRhtkY$pHa4mkun(uAQihPkE-x z^HTNR@-tU)D0lHYwhinTD6e+6J50Q?a(o}>zq|aTVT`U_0e{1~?i^YBw06pZZif)s z2^)X;-EgxiF$H4QI*MnTLKrK4ch$z4j#^JW+s4NJMB_&L>%%Qy0R3;ol!-fy1~o_J&gX;*cFn~)+IrQCgS1#I z>y2eePH_>RuhP1+qhz127EwnqtT1P|YD674IL_X<^48miOcA^CCkXiwJ zyuEkdc0Cq#iDQ{pSlws+Ax!7EIfYeDbpEa?pN3{f#%S&P`Cw_y{HbkWYh|7Ht8$Yz z`ntBV332$U+VlO+w+qKrIqRx%IrTf3 zJ{qUhJHxukbx-C+_S&(VV{}XL5 z1y?M4Lm^usZ>=~_3W%@-JTqSogYHUx)2g20BkUHrj<6h+N@SUc(}(dvoLN-Y!x%-~ zdoza1@oHQ$p<**@V%!70D;q&$WZma2aaX=fw1%%tHv_f1OS%JgU8|l&;9^#|r{J>Hf9Bf`^i?lA`bIP}; zy{UFbrhiCfO#+wFl9aO3lV%{w$*|{B~2v!_%Ko<7XF{BC38 zqKHLt0_to*zvP%p{D+UN9ur0Tg|$a##LU>9_QdzE*3CEeYJ!bFXgxV7m0g8c7#Y!Y zluASy7!)YEVFJ@6xjAHXj}@jp8QFdLXvFiQrQ$;)2qq#zAmHNY4>|hSh@9YTnExt9 z;yAmCx3`FhcLT4yysA8w6zC!7r1)4!tk`1ZV0=na4Lv$xT3x%aw1InsRILGd)TP?u zcC!PG(1F`&!?pFbm`wFh!t!Q_ERFMbhXYZ0&Y7Ve^{#`%F;3??T%|2%!E9FMT2QJL z8@r=T)nK<07v84ksUeo%>BQQ}X>$N|ZE78ZZweu?UIC$-$fyjcl=8Fe(nsR!^w?L* z_*kfwY!Ze$JeZeH#RbO`A(`bQ*7<%aSDyzQgnIVpFcPb>%!DT@^q?XiR7}r~j#B|ge)_UK(%{K{3gYAj~h+tbUQwuC38-8#@#mI1avl=tx7GF z%-EIT+qg-=fC2t`ebiL?hTbMpFR7lVX?D*_!*C3*XHaM(c(|^aEjuiOkV9vKp|+o7 zg%5B|&D+n4w%xe)A&`R}rqv<$e;F$ZA^Uj62wIES`GO-IP03QK-z-DcE5=WP)SeyD z=y-2t?(Vo+ZN;{F4ku6yWU={p`zaTaKAtl-Hf`Ut*W|IrmM>#CPmo2tf)IlVKo$1{**D6O-8a zmv@vIx}&v~H3Y+y;K*%6M{g9FpXG`R0^Ze1JUAXJWklcmfgYJ6=6)Lg0@VKZY2!~? z^Tde%hm8K+>jPJ7*PHuwY0laadu9&*;3t^-(NRB6sNl7&T~T>)F$6%LWAa!h#FFTd zuXsSk)V(MRNYal6jvowVd?3he6W0$$dPHT&ooTt;yXkNJ`zmU8&DWL4P1(2b{OCom z{NvNRF7jvB7oLc3EuDIY)wJUIe07{Fb(oux_L^^Bs+NYmE7PZMvUXs)U+noW~OEeTMg^viVLglUtMogSI>)$`DnrMGUhO&g2-zB+OT@B)1v5zNvI*k)U7$l+?~ z@TVEr)0EY&`;wl!=WuJa?;`)i!A~sMDvPomj2bJ=?v~=y#7@qw?$;EWQB6=j2tT>Z zX?dKAEXV*r!myEw2c_mURwspohY#}?QA0-4j88xl?AC25q)77ENsbngq*D}u!J5r`7SD^UD2o1cG(k%DjVh4sy z-6Nm@g2pCtJu^YYGj-|U-xvEYX-R^*HuALjCbe3o#x>cLZfr$z9Cr?ziM8nfO2T|S zbMZd1=7jh~36*>d+f>LiwHbJdsI8FFbVfEZYlIB)_#bf56Fq1Qn!sDzkBuubZ5Ee*ItK^ zsi3k`O>c4hFQYk+aJb1=| zFh)z}T2y>W3NkM4_fw;-ZtvID+xoh?*CSP7p)L@<11Ul~qD~|TCsVXR>iLz^?}tqg zl3`w=O@W0jP=Ou9+C6VzTa5O4M@xb#5PUAT@37MZ|35}Jzl7(j6IylGVGCA8Av3Ts zYb5C>n!poq8hb}Rwoei5N~B!QQM6?h}tRB zXgU1D1YRkqiLa8BL~By?9{VUSZ1X=RY1>=-!)sM=XU@u`& z5o`*vTy7H-j|rt8ncz zMqtMTRK?2>lSnhLp1ARv0W%3#*GRziwKId6VYW^a8q8hc^_z$x_lw3o@BCtUi1N%m zK5(*CI|w;I0sYQwr*ggCXelae6Dz+kVVrv!E!>kc!0I~I`tP}wo0$Z8Z-38edu{wc zt+%J1<>yGVZqj}2i`qEWY0#^paOgwO<-}bLnp8JSR7b>mjeT|QdzVhWSuprmQvap3 zUGkzFJAVbf_A02r;S~+(4QINRvu}OF$=c4NUp+yc zkM$rV*W=Q0W@~G8jB`vDm%rr~1IL!4q=gHQyN~SdNK15eG)lGf>+#8xJlJae0CLfkqQ`l5ta2PZM-}%4#%=-Ng)N!%B~>Qydb?_@8eF^zimq%T(Oz zbx*3xBCiFXxA8UA;9wHg8=q-SjZ<>lS>Yulx9c?yuj9;%*Xf^U^qUQxaaS+LNLQC4 z)CXs-4E5G4cMXZJu-@|%gxV7-RS~^b0=6R<_dxEWH&^meE&IT(;)62PyvZ4Tx_PQr zC9TU=bRQzkZQWh(*LlhA$yZ6s#Zl{kr&weZ1^fm<6}Q8K2`hk=~~5|#5b-!*2y~DOz$i4ouTymr1ADq%T@A5q$VZf zAM>rWm97QqNicC4$y~6dd@Y}`%wZxOO%_s<})v(~W0DdMLV z;1$`0zLk1^=RcT?1QjSpBvLU75bjQ-))v1fxM@r2NT9&=WhvP76s`eb639t}hgkXyge8)hCyPresIZN%LNwb2D*TlKjYlj;f!&QmNyZy8Tz_A9-w6%p_yRd_1O%L-+^P`f7#D5YB<%O^LF}b zF%lCi%4dV!RffK^t_1nGr{8(bW}7n)xm!uhFd9>@L7nT5{D|Za>Q;xuIzXhB)Xrm# zlJnOtk2ow?3qFbucC76ZT&vB{%}T@E{9ZuXJ|(?rE92q^8v!NbM)LM-IrqHD;q9@F z9n{!obRzBGI^UG2Y&r3O8+y5_#yuA&<&Fl5 z`5mWzC=Z;jV;s70>SOmf;9V`PQ0lEXz{+N!p?-snt+|yXA?KZtyeIgts3D6-T$-5G zzi!A4D*&H-wJNfW+8H;KIFEQOqI37~HF$|w zFnGndXS^{s;PG^@VBO>DU7Hffl2cI3vwJk;Pt|O2bar~}DOQ@!GMcl}cG!(+-}76aXoCHUpSNxlu&-;Hg-sB=wgl? z*7B!Th}t^HOnxj5CNQP|d$igz-W`Slz)8UI3oD$NS(uXu2gX1savBf(14O4WyxO&Q z#W3|XF=LxkJ@L#qbZIpzo&wZc_}W_juR`%|K2A7Wa|UYmN2w?41P&RQDB7y3?joxB zACy@Q*%{IkNh;KX&C-SMjnZ$!ewX)&sqmJQam$(<{aUuU9o)##gFu|{aKg?`0u5cX zYfQ7UTFb7N+rZEAk44#{1D(uy&1F&YbmQ(t@m{G2aT1Py@xY`o$_;0_;^f)FhB^*| zbSBvIfQHuhk&8C+hwf!@QDm|qE%O??H8lhg6U!Npu!3%f*<4?D%R|ghhj%>7j0L1hCMGH-q5gdgVB(Pt{Qzcr z{2T=}eu3W-Hz>7QGu?d+>mWY4m=_0glxH>f{NcC7e^uTjZpQx9t{Jb{@^Sb+_ju0o zzbh|$s-B*tXkzk!B-XO~exU@V;+z<-;#0MfURHFmP`NV1CSO#xqfoI8!q3(c{nKyR zEH66puz11iewo@#Ldn5pp*(Aw@oV1uIy}{lujI`yN`6Xb<9ZeeaJaM=CTpAlJzkT& zt?#|#BoM~*To)-r|4`tfDp-rP5(u3_O*%7zWr`MY?6Eu7UR_JwfX(J|CFeE8!@xL` zslO}L?a}E}!t;E4d#JUl@lUxpO(By)lB8l{s!Uf=TCBCty%lXpqZkC=GxtXg05s^X zQA{ff>@8=185tHf*#o>VTTR<;{ zDoV?$14F*}OiypV) z(3s5_VId|0WoAO0 zVP9jPOR~5!lO4#b2nspZO(?6&pMWFNGtsJlakpc3XncAdK1iz;sv4>usw${@)I92( zF^zY!&xpA@3YfAHj6BBSep|COw1+ z9>hs037S9TYwabF8+kR9?X9V-%&%{3w6`hgxbuI19}f@jfweF4$lIpEjKt&_l=nV&0o+q-1 zB$%d5q5{UR)s*DCX@cf0yHv*8_Fx^yJK|apUiad!u2#ygt{T?Si(Y6-=>lJN!pk3T z>_*MX23e8`gS`CBK|~dTvJ6m+vYxcq#~wo9hrT(0P}4h6e?Ot9mxl%jw2Xsx$%Bf* zy=~dlu3kNBf1_(9Y6$TT_l!>+lxL<5=Nd@OTXJ!wAwj-MuoF}luM(=fdZ%ni{TFt- zQ0o^gsh35*DF^qm6OEiO7ToIJk=;I*EmYJ%lU?hWeblA(6zz>E%y*NIGk3>Ohh2@{ zIMD}Jhtqm$A0@1G*(}{sTM>H+Cs&V$XD@tVR@I;yc&Z3SA-<|daOIm6Uo>(o$)Nf8 ztDzkcXgHuy1El`CUIj57Du%E&|NfPXLH^DH0mO;}c&%Y#p)~ZIWY;n-zC4m8u#G$c z9cf@ORFbR-at#r*ktIJ0uYoB!uinwH)yw?q-aUr=rA7Pge67zQOdsICD}Q z|C(Ua4NB}8o+^8`6m7NVHv}3JX*T4}+S>a4bWr;JoTH1~6)WAHp{pzI>kmjb*g7_O z9uhnPvIOLkSxW}>RWw;@d}eiGr@DApj}(53cTS#DGq`7ZcDC-qmnmJKPI(VHkv4h+ z1;&y3G~6P@CL+eU+Hpk)Jw?b=BG|nuCz-TdJMiM%R)lC5V@?-%$rJL|i@kZBAhIq> zK5lVQRWog^H|Q3ToQ|E>J$gFQY*t6#$v>Z5gWKFFr_zK~Q@M=lw7?EJW?K6m65G4;h8A1%xj$= zTUDqKcXA7$kqGOR@8+{C@mCck1dWZ75LSx(RuTc$>C96>!K5fdpxO@?)Hz6)@+{`R z*)#pa{HI?{iPDc_hiX=MENMV#Y&PvtFIq+%!*#ZCXh}RZ5?*x-h1#)BLz5Z^ij5@h zI6|A+Ubi?9;;yYIl;g6haz0xhZNEpjtd;C1+K#Vm?CkV=&Su&5PE$R@sQQ={K~wH( zD8rrUO=^9&Kh)Z_(mv~Qen&h~o%ib0GxEu;Hgm43D}FkA*3fj4K>95!b8{>B;?`mVWp>!E z)*{*hI1f-b=8QmGrZbSS7H^sY$~=GBTI6eZS8Fjg@7P{f+m{kbYZ1+brW%H6e|D|0 zH9d*u!pv}RXhv=alf-7?B0b6OLQn~MAZp6x@hvN9u@GW$St?8I?B-&#HIS`gwu(xF zmcuCUnLFDyQ?c2y?d{UJcr~kH_vmOhq+fRT+}T8JF#QwZ>GYRF^->kNX@e4{jn&Zy z>8y3OdtWP;32r1aS?g>{w$66Ta|`Rttej@?eCy1&?U;)lIwzUui>wi7ox!#1?cl3v zM(aG@xSC#CVog{^<6M&L@G3}?BC?fXfEQ41#sJVEXVR4W3x+dvZ>|WesHB-hGKjNX znm$Ty_KLpdG^7pt3%q?zDD0QF2#_$_k$=Ey z7tG_m62+O`#ax-3709v%0<{_5>qDjoJ8GCGnttbz zd9QXf=Wl_YIwbx4@)_5Vb*fctjU-Pjx9m;LZaK#+sh0Xgbl|qd(+3TaXjg5u$5~og zU>it=2W#W)t##o*sncCx9q8_zBfycIB>e_yAYYaG(O?9i2F`eO%73WYADM2hCt5)# zXmuy`preBBAVCF3ph%|SPUT67$f^eU6oZf5)chB3Liii+%vskh`S;M{fAJ<1_hv#^ zQ|j$LtKZ}I2hpcV>CNqk*g1)DFs4_QR$(~(rJgtg!3%eGq`Gh| z;+2vf(oC|cKg_0T+H$Fvv#HuR+2skkHf*Dg5Ncv=)F5wE4O!NxY&T(6qLEI=fxwBQ z)bzrct7l*RdaNgVZNlRONF^b{D0_|xtvaJl;MzK(_}C>m7~e!pOku}v;7=1|CaN&{ z^qGryo_YH8?H6vl=M;bP`Sktl^CY|uUm2Ec0bJXKfjaeP7^tX_ghW(O9PrwUFS+aT z2VQjNxw}93k;|9=^t%s#_}4qwej~#cZ0xBvthc2=D*)B-CCew35-BXP`8n%atylr^ zct|GYwtMFKLT&acSHu-AwnrYj^LVBA@QK92fYmnRuL{TRfxFY6T|WdkZc?dyEZ!)M zW@#?{$3Jy!Agi_I@orGXmvZbZ#X5WA@IxQ&l^HZz zI&ve`Y$``JTV--&S;G%#mpW|LTk_1%q=l?mhy=5O&6#1i$liXnciql*xbJb(a9Oepciuwpf;6cl>q&zZC>mN+K4x8}0W~3NvX=lz`$i6`s+6zg z3>bpypwbgwNh+B5@cR+HQ^mE?W}Iikpka;+mu}fi#Z~38&a6E%d!)=(q#x32dlNu& zMh!D^zV9r<5#}}L`s>44+eWg!N;!5unKY__&=L(r)%Ab69Xp8KY^~+nF>Y_1uNVyG zSz)Kdsxog`tfb232$i>vvE8|3tOe3mYhkf!Qe9vyESw!m|B>y|EiD=OOPiSdt-zC+ zWk3bAp0$8Z8iw`?!jOgy0L^wcA&P@46~u`h>cbATO5)d%CzWN~|A#1u%d&#`ZmW9g4cc#WsW0Tp1{MzG}Yzt2eB1eQ#GmQJ+pz6-XB@ zAZ{zw6xaLXdFvfhFK1J=E=+Y2LYW($rEYU%<~WmnJe`ff^NRF4F`WQU{|}a4O`c5_ zyKGdWuC!B?rWy<&WTucmhv4c33ZPojX(3>Kw;@=obyfR(cRA{k#7XCAT+s+}z z$xc;>b45&I}A7?6S0HW_@;T zV0vI`Y@|2U)zQ{!iksrGXiJl)%2`@s;ed=4G4+b8maEpQCC`^VU;e!F>cG{htJ7Cz zuFPIpyRu%8QQGrC8yR0f*Q_!ELOct)OK^J?70n8?G0!OXDxe?w9fm-<84~#qt=hyL z2kZQ8i}y|LdDZRb&ew!GYnifp_CQ;ce!R_cbbBrp@>r~u<@WTa5{YPp@jTdhugR&A zshXA?Zuxv=W#h!;vfdaL`#Q!K2ipD70$;l?VzT$uO{^4)oiJ;^{+*SHf@Nc{5nRo6 zbXl$8vltKw8K|aikpblYfuOe&u-g^MJ4DK#Kw%_xfptme! zmSqT&7@o=8CL>Fc;$j|o>=SS|eTZ{Hn#n-2H&|AxV1($^Iza`%gdsuylUAc$lSv}u zl+!|*n;IKrYDj=lLkx(H?oI&FqQ&L(P)L2rrk@oKXC0|uljWK1I zOb(B@o{n^dyyfLDfr<17;JivSFdu`nwz?)#P+U;yE_XZYTDm&#trEP>V1dq2Vl94Y zk_e=XwQN6YnUPqD1LNRnLC^pmIod=PuS&fp!>i+zPcjU}WU`tp#f7`NF4zJ?A`q|c z@%j15srmV-iHY&?he1sLJ*1YWXO@>|rkA^q9zTBce$Kb)VEb1aeS$sBhRCj5-27+` z<6Qs=*|nKU6v(b!Su8GWUhrSN_{A44yyPVphDJt)UjKT-yPtmg-S}F$aL+v#e*b#{ zJPJl1p7KSDN3T=gblQv%cCElHpvHIL(?+AGJ)R&acj+i--=%-$*r^&D; z1S6#cP=BUoj7^68E~9}`l2g<k@Gt=t`#g?3eg-ISaw0#*pyI*PWG^;Spjmb`fs_BG{F39MmelwV zD{$Lo#|6g$WI({1cj8uTQ8XNmY_tU0T*2;O$Fac=w(l?M>FVf94Z587v_+!b`u(=M zX6X}+Q_YRT)igNJ5L;+^s@#V2qj@cXfHoUXvXu~h$?FM`eY5D zAcc=qp2EeG3LGTx*_g2u1<@>em;~`@w6yo+f%GRK^wN{*>2IiLY4zLR{`M5SC%yH9 zZ81TBL|I=Kv68AV%2owXjX_TVon!(9D!@rOe5B%Fm;zlPgx%<3s*rpn`DWq?^1!TY z32C(=>z#}1;)}MI@9=IFb#`_R_H?aRFNNV!`YR3!P5a@Q=z7=o*`Z-ZIqK=?>TT1& zxz&#rM!C0@)w7w+i3(CpQpql~?1=$zLm_}66G4sp|1M!ZDk}-8tga0CJgC11LKz@f zM)zzYpRGzRhSIMMkKb0gUb)#c5>^%O??`RMFCM$_vi`fqlY;|^&c41*`b6(Y{aVlI zAxo?+vNyST`lF8@dt^NQ&fZvSUnJ&7pV6eQLkYIDLsjj9xQ0{lT*dt17^|E(KYg6<@JQ}>o*JM#LQy#rjY)GW; zKXvMXo1O zVtsuiUC=IyiG(P&6DqZdOPvsoa4{QP@Hx+?gl#{Tcf{=<(MbPU;#&9r@ z8R7hi81>=0y}3c~j+Z@fY58{7f#TMV#W7XkW_NP4_0lmM+xEf1cKXCepLpikk&(uT zc;6*sdpxp{JaBp)M;1qzzz#<5dL$eFix7EDN?v*p!3W(dY2ONpS+so$cK#$R(T7Qp ze2fs*(hq>ZZJ>|94w0|BcDephc#dB$Vb@>5dMQXgp1FQPx=!o34OP1HCs>BpkV=dz zX)@+yHxNRBY$_%9U?9XLH>3E)@?cm2aUDE9 zU$6v)s3mVD$^bRrXks~H?H|XQ-2Ui%|4ZD{`hItyztmRcuBz-XOqiw<^oc}EO*5s? z7>;yrc$02tORS>YS<&WfZsGkk&id;c`Td1ml|pgUlj|@2P5sr@iv9JC{QfG1aag9` zC6%Zzn2a~+3;kJrp(iuz^eiyj|7_O5{eNcK@o^i3DOQgFIeX){8Q8c5&I(400;)i19!`eH;tVB|77I8dyA2y#K3xboqprym8D!%f{;QX)RVum^o(u(msS?M zD{pB5X$CVbX62OojpdF1!K>hrRRp>>4QxNQz`ZqDF}{-+(Q>H4!J|) z!2$xLZ08g3H2pH_^+`Jp?i~~@dyc~iM3B}p_}~K6Y^A?Kzx<~k2~Nyb59Q8_IbnAK6p0dMFY_r!ras3A7Bl>_+NOI(#i+x$Vf+G zbTk299BOMH8ftGFVsd+U=QregkR~B=m6+fhXvkF)A^P_d_!ykS11E@&@7zYdO&%Z? z;!k??Kmc%D$sh%##)Y($S}Zh%h2o5ghvc%~SKrYd3AZvUuB0qf=YAm3*tXYMR~YwF zUBKh6VfE-`mTL`p0P8^)2*FQiV4ti$8q~9Tc798~iV+5-n7RU?Sz$_~2pl zEw{)-1xbeysIZph(=Fndvrtn7yRztnxactZ4zUt^)nRWd76~WiLejtc#3$0f%S7vC zN)&ODDsq1GeI7&yi!>N`jqH|pw6M59&}wx{CIdzMNCg?NJ%|bXBGGC0-*lgx zaVhB{1Syxq$!T#?sNd{AJYlG1<~(y7@K;piFHwsxmhRJv@E_%;U*wvpe6(`bb@nCY zw_mK7W#4Bi&wuSv=VS2LQ^Ox*|AwC$elPns{FD@@mHZPMO(U)nY5WC0j zt|(`BmIUqD7+_j95%MIva-qRXFCCs24$}Q|-JKmHn$6-%hwPcLqfe~N%&+PXJZNf* z)V1^^8YkAT|AYZI!Jx;D^{n4npawo$JQ#7=Ras)r#LNan$4~NrB7$n4S}}3Bt?eb(9V z>iqB;yx@o(m%hS(fQX?whXykUg0^1SXe~db5rFXGV*hSsz+f2V4$OG(%Wr z9GuLfWw6+<8Y9MyIkB@-oZB!)8c&>t>#k$^nl~Q3(CXYaQUCZUVTI`~Y*G=OK@w&#PipLSc z`=MOTh7%_mu-b3}tNC$O%}UP;hsrAszTn2%e*$}UVP_FW*c{Q~nLC0hu*P?eC8R}h z_KTKi&1PxmFpE5b-$&ng?HYa2_4;|?!aM;|#hzj1(XDhQA@S&y8|1^88C;B@u^ z>$Nw&@!B)<^h@)YwVU&mQpU`Bq71 z_`2{`h}~+w2iSZU-ukEa2s2+_lkT8XfB6nNl?K@1ckCfwfp{lSYDk6gS64bsQoU&;IT{+M>8e(D_*%q+TQ6WWA>0y@opLZ|K8#78oPSIM7{N z4@SV4I4T{W^|YZ!wip;GY{>rDd34Rmno4ar#2_29CEzuem@QsY&MCqcHLDdWNqLTJ zQR_oOF8h!et@PpYmn|KAb=lGch4Fd&>y9tIxO}N_D%!hd{gwUuK>xw^u97{;_+s(1 z^ZU-+*5@{t82V3LnjQ&9+ownS4JBrGU+-W~2S=bDqs4TQl#(hO%L*ssf0S6vg+?_s z?KVYAtvE#)ah91?l30m~HqKHAnc3+2?G7^&I^DghQ3ARitW9U&J3A#uZ5EDZ-a4BQMv(%DGMfapuJl@sRQcF*-xX`m)^;9Y)iak9dXrl|Ml`8jY zYB7>xm)Q5JmDHk`x@RC3>+g@n23XYy-#pJI4zb6Fp0bJ2uD1 zw}OM^y(0VL%*J?Ydm{c^q7{l>(<=5GzEJ4xZyVp%Z|v73yHc^3=1YaX!S;zw-3EP9 z6Riz}3(`NBudXS4j%%L3p)+ibx07CYK(Zc65MIy}fsuBIRBu#+Nv}d*yH|P5kblkh zXYbqnmZha7sjz5nF&Tgoqn;W!6>CYam$-WiqYMZ$<&M=#wdo)RYNQ6^$=pN8f9Dy# z|9J)ecV#bOMC3#w(VOV$?rd+1N6q#?&}?VE%|a$4{9Ht2`Na;LwJ0%mUl6-`;_Xee*z&fc753OxYW}cosi-{?OF62vpL(OYxT2vV z>>o?NsSFs80JxAMvMR-xb*z<&+mWkx#uo4f9LGojkNLZv)_f<#Bl406RpDu6&(BN)`6d- z--vN~$~BpFZO0!gzE!I zZ%ajKg}KqVW_+=yvC8hUG#J;QW5!-mR5AM(n$SulAo7zq6H^MZRLuz zTA&-~$5E;GAk2^Os9H6di`1VzMyI<0Zm}{=N29bbr$UnT^6PX7{PLeNf6&RG2QdLp zFnwj|eTWSpMnEV@k~h-|_$(15T{RoD5%uJGB5AAw9nS{3Wu=+fi&mul@GX47@x}Bv zQEQA78!e?tB$<9tLs8?jsiT2Fl$NHe;0@{HuyO3W+s{6G8_tG4mNy{h6)>+_Z3{#L zG{Ew`f#v@`eC63^x4(PryO=vc?xG$zO4MXXLZC~ztUQDaMxgToNRcrqjN^$Ww8(D0 zvXnF`e;xw3pOAVs(s#qr|9oT#O93-0<=CyXO2C$T(&g}DFt1|zFj=7%8X!j24jr}` zQ9x}7Hd6&O{?kYHB&eo428oX>dzzx<%A~=%+4Obm*M(R zIu&P&Dc&N+e=es^;$N7G{oG1=sGoKaqqJHDP|d56#w`bU#6ea8&eDt{7-adtuwLqa zVeRVGwHLtp#V;;>;R}RN_B_I#cQ5b#_0jiLVZa)lnr5E}Ap3fmin=6)gmWfc$}B1Z z8Wn6PGAt!6+2gK8UKKr$!IY~C{*W8>e{SjXpI=IU8-B?a=%*L2Tv`0gXVMStAwVW} z8mI%V5i40s8ZEe8NTieug^dS=no|7I(5P(YR>+s~eqxAUmdUVI!r&DPKgurC);W>R8q`U1;!bZ%4)U5iRnz=l9y#i63OHcgCS*XD93H(;%`VS-Ipxw?IP7;)mAP zpAjx#kI%Ba@5j87Ju5|ZT9a|rNs{})8mtt1y?>qkg9C8#PcMa&glnfs;nl444l)Y+ zk|u|N>J80JR72z#VKD)y2@HB_*d%yN+z2||IBu`m?n1dPeU+mg&aiQnlnhaEHz)q= z{YwwYsu=A=pav=!PLlu06MX;E!v8nrE}?c&*4ar&=V&Km`JtvAV0MTl=nod;9}vNJ z#SdW!Y^_U6T_O;aD5JCF6A0pQiKKV;M^>Bnw2B=j=R#Z4SY7H!=eE0KI7~ZR;u8-Y zyZ!0qmB;ptuhj&i#}?0DK79OhFCCh06~zgyj*2XV;h_(mnK{?h5(?KfFLlh`)jcMAeL3z^?LQ2am$!iiZ0EF5l);bFq+P@TURf5AYl?2S0SXZ?0e9bhV0 z$YEz+?Qz1@u9(z%R1<=Ylywz7P~X=W*i3Y9#s{Zs+@Z19$ZGpoxFl}(!z6Wk{Sklq zzMvx*^M(Qs4n?Lq8-hjMoi$A9@doQA#l%J^+7}27)(-c#FI0<;p0d=eL(_Sx-shlH zA9j~DG`ZUYZcnrvssI;0X) zq!M!uhECdoR4VNX{_scM8DF;>_aJxN9cy8HjG(``s@PR(=f6p0+~qfk3TbAtNs}+{ z$I+DGX8!Q#{QRSb4)OP?yLx)=nwq*RmAY%{Ld}4w&es@=HI6uXY*Wd(jg2|_#M~nX z4?Z#{y$|-BpPoM7BfZaUc`Ga0Ba!yb%2;e`Vb2y(<+Zw=M97;y>;<(BGLG?P9?@H^ zI!ts#tzVJB8uzbKA$W$qD9{#S28KMVF-q@}5$He8M9fltwMrd@i@ z63bt&7LAtSO8C1WIDNGu|2@zAe&anR_1;?>!h4seTgRX59Q)=-Z|_KcpIv`a*=gW! zH@@PfOk$^ET^)!iRI*rUy{yNYNjLhqI%5I9(`2MN5HffI*_-`|JYg&x^16|f!BGWl z!)`%*;=3RHQ%P$ObA{Mi>un5`NB5^DkNEo>L#>JA(AtID8mr5r2YRPBeLdy<@s6HB zmXwb7F0P3^{d?BL)Iax^`l9uN)htXLW4Tua!=|F){`x_OCssck7Mt5xPgjM)MwV#s z8;rJ!Ca(`a8o5RRgYYER=NwX`M5K`lus2JBq`Mty&*NJvfQLsnw0YbCY|^K`NUUtAC^yiS)>zR0{%`fJonU72fwoK z%diQ-^f%y4`jrI8=V%XH#FIkkQ`i+qls(RP?uVc5!Sg)q+ADX$aGq2VE8>_EB4;&F z7$N|2Y?eR(m4Wy!5t;t2XGjrwsU}fXJX)U(v*fCF5Fj%&0dJu{WX)*(u+%_lt1rlF zr!#5f5l}Ia96?QA*>LHnCSYW0YVpLW6Et!7@H^j$Bep=h;H~sBAF%=Hgnf}j&gLMm zgd#d*|sXR|x;k*#U_F|kq6#!SE zg-v#i&^?)nO3CDZC-g$JzrQ^(FxXxh2vlMVgn5;JSu>N>Oz+tu+ zOW1dsv{?&{9?xq^N(zl`5BdKAWUM~L000310004IW^Scv>t7E%^#B6{=l}o!0MX)g z*Z=?k0MX)m=Ki$)t_0Wvp8x;=2LJ*9000000C)joU}RumUi6=rfq~`kzb*fhS#AJD zPyiz<0HZPnt9Su*(F3e5R~!WJIsfxj&&IWF+qP}nwxZg0P`eGvxVEjJc35mD`>v7X zmzkrb`U^oS6_A^7VlVnJXt^Fu@*rYOZ?S)aQ>GdA?V9O5?)wT&${$U7)J!sdp?}y< zNE+Pb7VazOdOP#0Ro^3aFBU)MF!#)_?z@w@1aEnU*$q2+1C={mgH!r7*hmjfN-6f4 z#u20~XxdJmXO2?8@$If!uy2PnUhfJtS+d!A*0jR8B}B>R*k}2WJqm$)(ZkG96iXPw zgxDjbol@DiQCGrRyx=a~C|1XiNKBCNHT|_Zcb+&ij~Wk3I@cmlpr7LPyI0jAY=?Sc z>UWrY7Sk9a)$Poq@RSi==U!OxeEtq6aG`F8t+?ToIAQ;~BM3JCi!-k=vg$Ce^9HXI zj{WQIg0;K^Ypp2_cH(3_sE@%)U4av78fSSfM%@i3$wr`L!B6_&DQO6mP9#bqdpBaG z7qR%)XwoA%r~~OXo*l&*HHdvmA!zff<$W%uWtb38H z<-2L%dvpQ=E&HAh?Pj_uYvc{E8gzP2|}#VhzB`=);upnHqruxu{N*k-h3dJe}5m zqEPN6jdIgP@RJMSr&3J*>N5nYkLUx0sQt|S%p=THK%PUeL?KqLL5%s{gYcDEej{Ia zOAR6@fx;<;qE}_=0l1!9r&i>F-$w02nX;f*zs~E8@mjaSUArMhlhndieaO8Duu^~F zWn6+Hlwk}Rm_ow;0(`>s00000Cjch^S^${<-vICdGy#qQp8@3pH3D@4*8>d$6$4uX ziUY+22?QDhTLgpz?FAVHE(JOTVFi!{)CKkiCI(OjZw8|V&j#QJA_sE^%?I8HD+s#? z%n5%9w+ZzMWD21R3JZw~sSDH$5e!!hXbhkX!VK~aAPq$gdkv`$01jsk*$(OtSr4BO z4G?Y++YwL^VG-036JrlDO2^2jPo)q;J1{ISP>J}RoXBOBN;}-4~`40wOaa zULu(yq#~~(-Xi8BI3txKpd;}lJS34MoFu0tvn0PIP9~x!6en>f-Y6d^S15xh!zn~5 zc`3~*Dk@YezAG6kF)KkUQ7d69qbu7i11xhan=IcgP%Vfp#Vz432QDoxKQ3`DfiAZ$ z>@Qd^dN0l}Auug4Mlg~vsW8GY(J=QhO);b~#xdnG12Q2pIx=b( zEjdm)X*%jV6+4hTDLkD#*F5_@7(GZmc0Im5*FEk&EIwrb00031009gDf&d2qQUC=2 z0st%kJOFn9007Sm%>V-c0eAt0j3t5sP#6Yh-M6p80dPo=ad%0$yEIP1Y58zSJe}VL zc%sA|H}@~xV1zy2@~LRYcet?Z`Tnfufp4mNe&nC!oksWSp)E3C+YwI0C)jx!86nr004&3=lyNlHa|1lwr$&;Y&T`ww#}0{ zXV)0#?!|+DejUWXe<%p>B#WzDrVBgi$}Sd?O%C12<+VJ>qdQl)#&z;3ppYVYa)X=P z;x@&UP)Zr)^uWL!?$VQcEMhl%F!CM~W-Ri;ijDg`pcfCZYr}hA@=D z)TRz~smCLRF@ljwW4O|(PXij#h{lYf38NXyIL5G+@$983A81B%S}=>2v|<92n9M|4 z(}uRR;~mFnuMA}>OWDd%uJV+x0?u$&g(_09N?6G%B8eiJ7-ESdo&*v};soFL&JUHU zOyx4jD3i>x5KKkRGlOJ8*^U?M@gbZH*5OS6DMV03R@vx4Cn`{hK!VuMKEh;YE8955 zX)bbrgB;>87vzwWshq@@X)LERM@S=`R5tLDPxukS61n82Bd^HBpP9^IHq)6xW#;jc z$IPcHPkF%;pWkhggN}SL6o>y@+jxhL6_0JjlWwnixhV!uzvvlfqwiOJrz#K@VDYC~ zJCr_+6f?z>BH}Y{p>Q~IS;RyNeciq*63U453|F78J8y~_)tSyI-&$ufJl(82>8;~c zRVgPm^{i-Eja@Szyc;L zHYd7R>>S|8m*x}1sfUIoVGM%EM;08l0=m5{wMp#T5? literal 0 HcmV?d00001 diff --git a/fonts/Work_Sans_500.woff2 b/fonts/Work_Sans_500.woff2 new file mode 100644 index 0000000000000000000000000000000000000000..b06c54df0b24e4661f1c9e3ac5fbcdd787ece4e0 GIT binary patch literal 22884 zcmV(^K-Ir@Pew8T0RR9109j-J5dZ)H0Mz&Z09gV60cK_Z00000000000000000000 z0000QG#lwW9EfHHU;uoAsh9YtHK}@kIx|U@5Y+AgDj=3X zMx8Q%3WWiWLX*Azd46tx?tS;|y|=e!(2h|xXvbib@hiY8bQa%DamL%k5UctA0v+Jz)`yBCR3s#qL@$f?_VyOZidB+tj2=>>1S{as=Ip#M``g#))rY%Q z{qJ+ud(OG{K9CHf{y@B<5cRmm5HM)uE=R3EuYNha+-03*c)n-9|LrsPAtIG5*8hiQ zQe8qb3(d4c^N>ia?je(O8XODT{GgltZ}S_+FFHLD)3#@ZSRv3N79=5Qa`ewO`w*yj zUJTJFrLc5WnEA(lxSdx0|JP~VCw;L&V2dr=BFh*;CqLv2dH{F{nr6BxMY-GUS&DM9 zFc5Hfd9v}PZDy=F*kh$nkmr2l=7(v zNip+D=oLCnolF@*Rx>67OMv!F!Y5@kJ*>ZOI;0gVNNt>2>tB?HmrD|RKp#ce`>?w57fu2YVCrA^e%}0@wv>~T^ z7WRSs%43aKs|M3``7-+UmcW#5f>koC%qte(KYV$q*g2#T^ zcN$FgCD+SFd&GiB85lr}{@ywQtOP<4d}okAWFjC@c0=+VfE{!Q@+=e}2v|zvGh@>o zKW0Gc@oYmD;LeOP8=(vVzfKB&Y>eI%MxA~s+X$(%A4wd4qo9da{(ZCMRuXd^FfdV0 z>D+uu4-U0n6rJZnwABc3Gm4~SV)m!Bc9gxk2E~v#Y#Q2Ha2wd>w#9Alk~7=X%G)uM zVV+h$6Vl3=+bnVUpN}20Q?u8jVoVtakCVr3WByn*$)>1jzKi_D!G=xXc6$dNmhP+>HpXvNb>kVtO;D;qlpCl@!5fNC{r)v4D25fsv* z)vy(G&6TG>kzzI_N|h;Bp-QzHmtAFd%}q^OJoLm<|LM|=$5p9@v`z5?x)p0r?m*s1 zVW_O;G3bMv(#GO*y1BeW^@=^y7-}A9?UF!a+{;uSGL)GbrjT2avQFeqFhaA4H%Z24E0|U|3s}!>G1+!V+ycUfU(mev~Dg}}u?ZQx>E4rMZChi-mzYIOZ zaL|O)OifepvWb}y^G;fkuqJX-d9i|+?Tpe$dCdNeu0VH_3>x5mr>YuSVJMkUV;Tf? zNiM};+flcleM8qw_kQiTn|YC*ZCQzc{#(?S+c?ek8CqWt7p6mi-IEyhF_b- zszUoF{HfJr;v<3DMR^S980=&e#-#2wVwqqvOo42e3TCiOoQ5$SZ3(m$xa}6K{XxMO z0>Srk1wt(QF|3i?MBa=&*BEJDYMm1C1IUR1ZA#Z*h#HSe2R&ixzHf#`(2%GR31STk zfB`_ls``O?K1`P?4wbC&vH>8~VMy@JEck?D66YjtNu3u1ru#Wf#O91VSu-^g))xhO|xKHluNZ8RytN5vHu%lv6c)s zyRKoA9r3h^pJGuFf<)%c5 zRK9X!{@uX`HZATOcXxpoOVsVxKMH88_n-X^IJS|reQ%}Mn#aN*l`fi=gmA3~#*4aU*SptXC`hj1(YCG#~ z8gd$9C6D^Dk|`V+EoOA_kccnAyU#HfNJA@A2vydl;7WE=0uD)elZQM5*J*TC*{r3F zbyNA>1W&*G-P_MT2O8i~@z<~L4L^V>0V>YSJ9H3Ow(;W|o3Dgl;=|hoPJXe4*ZSfV zC^k?(lxSOJ){wz_Bfw|Uf$=gPNix;!>|`gl8eeU^`_Wa7_=E1tG@4ei?L0~2z>Kx2 zKY2=dyLW5h^Y@Rv3Hm!V)`{?(Q@WJq%iaus?H*NeriF7;9+v2R_zO3+b|?;ct|B zS?ACC?WkNsgM64Sa@`}mrI|;WEM~N4hQ=zc|otBm~!!YXfRiUS$A2OosBY( z9td#n$T3|t&?&5-#pH)s^TM7s@&Mxb^fY>das3bi-|vDzKS5}~_7xD$FCH2KFxP_m zl%y!6nI=G5GIx#1$T3(Pu*BciRdApr`k-P^p(S3*4)Y)B5`qG7K!oxJ0BIG9AEzEy zR;6H}EO~mB965>nh>rxVoooohU+a$l>>07bM7?WpUYIzV)_7AR>_d}zx12&fx-UO5 z99Xo!paHu4$QbqeRIDg+U>AQL66k~j`+3od_p;*_ENtENv*A6cc37EZLqy- zHzAlTZfX`0lStl&VFmMLb43U+62OyRBVaL^+s08Ga1+nd$MUeNPdGLTe)G6^7=H*h zDp9|BWIS1*;r(bDJFCezn^?9;;&Gu*A4kIs3O`M;CyZ>Qw_$H4l74T^#^K-|)9+*L zsdm=?VDCF25~+0j!9jUTV3gHXAwr}=rbVIqvrVRJO#*9| zW2n>Yjb*WKu&(50VF@XWA&u#N@+v;#eDrEq4p`o-h(=WQM*6ul-M({jv{z9}h0Er+ z0*ZEKBGooZo+RS;90#*!(~o?5&C=*wXL7VWY^r^dL|}UT4WFIu`xA;uJhi`!P5ft! zIY=afprQs;WPsN|apg@0lq1A}JiU0I0t!m)m$NMW;K%9L5aCu@gjmCU`lRBg8wtV` z+M}7C=mvelP!dADPaFA24y)Lts7x6GBi;{lhJfZkZ3TYJvJP$h;zxc=e*~?}4lk~m zpP0J9AUf0c6>X2Y0#Ly$cRlh$n7(cUj8<9!Ji|4CMX5fG=S!xL%oNP6 zWurI^?~;d$*fmS}q(!O}p;CZ<87Q(>o;EN(R0`w)X;L7$OO7IwZMQ5V>L<#NExvq^ zli1hXO`>1=$<@)09{-z_FWCKVCi6aw$@7Eo0@^QYPDDr_#kH~Z>!eB@`G2kg2ZJ;W zGc(@gPaWS()!qOOBkvVbSBG+ezpATVh(X##dB+3~TWqDb(*enlktAl|AP6QyEuXy{ z!J^+am=R#GEjdPMQ%oq(yG6u`N#r_{0F(MNR_Tse8bcIX7fJIYHw#?6!MybV?+*g@ zqqf4-5W5u=?ARb6Fs#cH@kB9I=w?uskrF6?O546P_;9~AocrgTaN`4-5AYS+n!6dx z=R@;zJ2$AHeAd-+nE3;{^rmx1lOT}aUb<-hlVz5wyqks!MLI?os?xY0f-O;?{ z5v+l=p$*J1!^FHbdk|olhjQ$gJiuw~T>W2dJgEQy)6cnO;o_=PcyXOwI%I+Wvr(%EKvp5rPzq?ibtFqBk?f3|I6V2~OjtSfS z`Ol6YbW*w{za1aLUVRvYMuE1@gTXc)3(IqoIJf5tQ9WVU!(pb4XOXQFD$U9&Qbl$ z<45ZlSL_}8?l@4HgFlM_awg~pChMljoh^KtR6_6PhAPaDgM&NtOaUppwMV_h zfub@fPm&-&R+q@AWPwWjv^Ap5@*9T(Rj^=l`?;E|Ymp^S_Wo%ZuQ3M{ZZTcKrsQXx zO*6`=;)In@+Cue708HYsU*PV0rYtG^5O?10W_e7_kJ%c?>4UR=KuG(*z*F88kP8V+x#>d3(<=m$WFz1L5tIt4`a0U4(0>sfTatkN)7Onizt^LL7;X+ z##Ps_ZVD1jf>g`7$h3Jv4yh7|#gS;CA+QpfzUKVKTuTnH)K&mi>BC|ocxonS0!H>n zb`dDATnrV&d=PLEk5-t<+pVBr$2tPx35<%ZVK63iGbqbQ2^2u3&0iW~d0*?x`?D8O zixvH@!3D8Ggtq2whKl{r!n|9`M?JcN10j~l{Dn}UOOH&XexFi{Cgm?c5H~$|@B@x= z2ex^6;8qc|jgTKEMXrXh4{!aUpOl(J*0nWv&UqtU^_~*dCF`^xmwR{pia>P1Z2Z5^E-)6t;n1Q)!L+ml zbaWUA5>fQ@h%AUWM(yHRgvDEFC9(B3lGtJkp&fP*+i5q6e0y>B+fV3#1H{UdVg0F| z$Rm$PwQI+F>@leh9e6kZ4P<^aSkf^&pk=?NFZ^vt?O1R0CzmSxP`U@ldIe|~rQxot z8oh6>hu%NNoZ(wt(r?rLo_nSw)Y_NsU@vXU_isp~fDi+WXb5O1pkVGW7K10ka^i&L zD+EhJgDoePaA{-^k2skE5{%U_gxQ9*r6KT^3nJ%Du?y`H8zZAi6&Gl*4aM5rA@q<@ z#p4N2^CV7t0)g_ppZ68HfV(0B925v)K)-k9uDxeN7-BdVCcN8G!i?e^o5?etW&(!s zG%sL;TR$*p7#N6LEIUMv04wPHs7gSCUPG4KCSN6lSEo^{SKfN(qfa`04hDj2SUg16 zw7TvJYwpjr_NS=pm+%&o9w_Vf$W=Xf%idg>L>qhg!9F?Q4LpOV{5AGY!9VaGKEj

>@wTW*Ur`vk@~7-pe{bI}=@7^Qin;f7Ne=FK98y9F|b$(bHcVF-re zyEjD^MEe6QxsmaSEU^xF2j0Q!Xq9!?)R;)cdHX_8*e{6K1WuWNR5L0~rW6&tgejAa z)2^BzWEY6Lg4BH`O`KOUWv#>=bWvb*{~8p)2AT=HXaK=^`S`4D(1*~URXd1Er=9gL zyonUB(*otJfcy)XN$hdr6a?&y?8Gb?n;&C~z|)Lv2fTo1cmdBaHY5ZpfqLyTq~w~s?exX92f zLb!4SAFF#q4sTh#Wmgw&jGD!EFToepuY_X#*#oR#m26#Y;a7&#p1cdh^)Clxy(Tle z!75BZr+?I>h$aCFeE|lxWVhR67nEG&zhK*z7D# zrX#QW>?rX8|2!K^AxW|nAQ2q{BS@8vw%Km89d_DfH$*{sXvK8EowYS<|tyA|_o7Fb0@OJ##2YW@($xmc{$2B{sUDO_} z#b2KHMA4JL|2Jy#mova$p8)=PY?lL!3Aym<2!N>kWS^j}}DtkmRe@Hl~%FJm1n(8Zu(E7H=erexmR9z?f)Rez*qRM zyFR)TKvNKgznyj_1pe_wO=vjfkb90e?5L{*CYvw#e(Bhp?=1%(F%ftaCrP4e)+&!)5xoDe%7XL@n>+8pGjL|(0VK?! zfk3ZWHwe&D{PP-?KM$3zIay5Jeu>_^D^Jh4dmBCc&57Md|L$8-RoY;4zodHl?}#zS zDqRKQ{>jl=<$Hf{x|UzGS5EaS$2PYe&PgX76hn@IyKzNd<_#h=5zPCgkoY}oUW>a2t1H!;6<{o52RMdJJ+*3@w% zwd%v2C7|%~06{LCtSUTd0n5sspL0gaR>`YjE+8NvAYmf;Xu;lE>3isTh=H z;Urx0lIAq4eHyj2@P&W>f`+51@8FivOEJ)<3})@#d~`0U-X&3VN;Yul)3@`Ku(^Po1+jKobw z@K9?jsE>p8Oo-mmD!DN1X_oJz886;SvsnmH3{|mNYjEQ81oP4hSUUQsQqnjY@#)pg!1;^p6mHLpgngwHMCISTyAKi z(i~R-PZ3{6phT!lq(ZDpM@{{PAx!Q$$j!6&@tSI(FUJsT`>0~I>-^n#yt;J$y#XZH zU<7~Ag#>z#pbrUBNRUB-91;|epo9biNKipaPoPdyx#{4H*=S@}HtJ24dO9)I@C=b; zFfE;T1=6haFs7{EH7{6xEp^<7R(rQL?Xgm-q`Q-NEpf-zBvW2hdL6pmRc#~ZAk-90 zC@7aKTN>^!Kt!thwp-U#TpHgh4VzG>8M__eOp5i}XbbJ}u3@{G2%^`QI(`RLkiD~N zMFM2D(fg!)pP9+@igOoM#gCfx*k!DXOC5w3k=A|LBUpA_+Xzrxh zixmYwquwM~wrRiX43$#^uSg3A&B_AiFI6_6?BkO6u4sbz#PZqSJrh(gc z!xbqeW$`<#+x_AXHltebt5ZNqI8gMkj4A? z)L{RhP%~mWKR`vx8=BL5QU2t93?E^qt-?B{Z{sUBwRNWa^4IF)7OyLCz|!?E`2_3+ z#{5&T7o~UJY0AOM?qm>*Ewi-HnQ=ju^)G4aB=ucf$#Yb-+1o)6|3S)CdosUM+02vvBZ-m$y1eQ z12E4eUNlKws=ONDCa)#lG)dm7yc=MW_YxnPBp=oL6WEvW_W9PyQN4W0F<&pZ<8Zzm z2Y~!g2mDwE`%jZ_em)L&{8ESfT8I2rhy1?I`J?9iS#$oXx%Xw%-}tG`Og;KiLpNF- z5wBh!#*}ZkCKo_Z_bmaL4nQpi*&}M>3V zi7cpz8?fbQ^;Z@LDlzX5Te>mgjjD7+*~{LhiUldKw&U-ZCAZ&V4OHNbZ^aS~B8O#< zAN9Pro6@#w6d^i(BL^8{32se9CRCQm=3)p# z(UVv#Vl1SzpwF?_droZ5&cbh+j}VesU^)>#lzCdZ3v8+|>Tfo#e82%j{|GU6H zToVn~W-L(wvq~Xz88sCiKeOa0=|hP%7<}o#)O3i zXW18QfsEyMzy=3wP$s5J4rr=#54+EkVCO=}0fbE0*lI0OAHF?7uSfe>a~ZE_fuMt2 zx1+x&{fUhE6$n3%g3{{Wqfhdo8TmF{ttq=pycbh+K9S;Q7aH{7MiT{@yEqWIrcPj| z90#C8?7i>Go5BOKu~g%k$G{Xw)O?x#-prWRRTWvwaAu2ryG|6U6@)$^FJW6L!m<7pt4=Ig#ETU}f6d6f6 zNAF-(-OVVI?#41H=&l|yin2k*W*XN8$_&pqI(WKK5xoAg7>Vdx6xPT7CcY&4n72iE zIwN&kzn(XwDch9Vej#MfA}mD0^6;V*5XrY&?rR_;-ZT3=bN^t7oJT6e=LnLe(;LW* zZb|qI4~LY6#XTAPkF?Z&w^u`qw@$8?!y!f~4?Yz-zN+W9j&=ftMoJiH)*jyhrk-eF z3dK8}2DH;8Lp99QjmjNM{3@R&bKt8=G~L0$B4wn`T^fbbG0hvm((Gi@n9GvXl+L(- z;t+{xinhW*jZV-^c(!;4>IGq-^~7rOoUo4lSe$m38J;gk*O|%n19YRZrpbrRvD{Us zDfPF@_8Bs$z2nd!rt9JeW+$7a-Z?3n}P zZPHUYSXM|C%V86{H?!U~GDBs;Vh73`OTMf4P9Eq8SsFd3^{D$=-UQ`MxiF~cVk;74 zhP<8GYKDDP!SXl0Xio*9Dvy%TC9I9b1Ivw*t*bD&I%~G56H2Z$B_I~)YwV&37U=}m z@Guy zcGP)fV=1KPN|e!#*XEt%X3V*<$-deb*G~tUB!xJRTrW9U^t7jBg!j3Vt5NUR2Qdohp zC`!tbSqaaH8|YZ2JefY4vt^En4HR}hn3+7tHMR2fbQ6cO<|)vmGshg23@)Z(F4PtT zT2u}OMiLakypg?$AyiJax3J-ng$^1`S|3ltNVdi}mhXNuey>Cwdbx?0GG`T$BZW<75k+}rxSK~30H{}*{mIIM!^S`q|B9sIW1vm8)9WpfN6Fz#RXOEwh zjfLKkWI7$|gEdscpl(!hv)vii2HF)f|VK z5$dQ7KFr?#o=5F(%Q~D~c$Y@i$lu%_G<&rl&pGHnXH6BiGLU0*s_ecGI@aW(SH-v+ zsH!HfBabl>Zm1UvRLx8WwZcgr78$V*{%dMpUI?oiPW61fFWt8mzH z`)Y1$KSZM}{5FN=hQVGUupQiO6(NLGqz2O^@#KWW8mg{!4xJEC*uo=&Y!VumU9V~~ zMzO$kW5M8BU}$s?EoX6TdZxI`gl}TM~<>@v`jq}XM+xC4|$UE7>ah;KqUY0pq@oYw=DQBELZ>}Snuez@OXl(bNz{NOI0{h!NqynDtItkA(V3(mh`GxDRO38`ywcpq+!eu7-nrF2 z^>uF2JCJ|ZBoFf8%l^FlDIj$%L`<(1H9R9zc}2@3!~x;>nA&v=s?~?n$ge%V<`6kO z7NC6NsZPcU|34TJEpa`twb9jgNEgxg+J+SP%KxD~&I<>(eZ z;S(a*@9KU|9d*D9+uFt?3DX}m1^4YyS+K(790IDqt)6-Z?D)%0_mU)i&6xeLG38n# z7ko)I^82+WBOMq*c8&u&NPf-6Dh}V#*N&vm)u9?_z!X|&y7(owGGq!QiUwlI6HZyd z?r=}ytfEa0a6TEq0%y0yNK^=DQWjy_wCZ^nX%{!pZ_$zLm&DGNjDp=bNZ0}<+NC-0 zo%eF&_YqjSLi0?$kldgQUSWDjR>ZG=@B7c>VvGnk0Opo$;k@O#ec9HWdbjJ|EM$gN z7LWXN&7KrFa@YoIa?59MI=^Na{Sv|MXL{B|Yx13% zT*iO5t<8Iy;U!zO4NEsv|5yu9_|MD}t*i+jZ4s!Ty6Ddx7rx46${{{q3NdrPx^T~F znd?Uz&{o5!xj9C3eFna7Zfvs6cKhLn$b)9z*u24pOEK1%o3(e-u&YwV-m#hHW~Z4c z&~`)>yZ)EJsPL=Tg5#;|T?YbeTF|Bd?+{<;!jdgXMxc-I4G8Qa>$T?UFa3fxkpaRcw(4j1?c;wv8WS%lG3iYS~S_t*vZKUF4HU*0x9HJ&tU=TJNvjmKC(_dcPZ zbErcHH3z-LV+@X9KKcA-dhR#5{(H`=kqDM;cf1Q<=4|XNUnKT4s-;R}fLyW0eE-3~|nU`L0GI$e`3t}@J3{tk=f z{pQtzt1>t&az2bHMQu{U-f5yTjMV1@?A^#!}eS?6h#{ zRjzV=g&oh!ljZ>#1@yndDH0~2Q}4dDGeN5n9zsq*ylR9AN3F7R*L}X)Xsx&8({?ozaei2R^PhIjEI}Far$ymsI|e zzUi^njb{pn3I{j7(UR@#zdUAMEnFiEt*uy75xO)sw{AIZeY8#DpKb?Suct%vSlqvU z`ZU^~0w3!O-2c5mUi>gIt>X#J$A+~(S%}WcW%od&?$Y_l5}Q5Eyz2AOAyM}%rKV&$+0qF(%OeDMzXuc7SPV=K45*B1&JYw-8nM|!-3{dH2br!+m?feGRiu0 z^Z~6=Wfd;mwwFaAyirI$_IOwiGw8)jzRlIhP@aI=((bDz|GB=|IYadX?TX29Xr5Jo z!aq&s-+|sw{wST^Bm{2Iq5g=uH_2{S6N=_>IG%%MpsVvV(pU|YNU9o5$*63Q{rkU; zQ00SlE@OqAz6I|s+C^8C$FZXXL4AWS1EIrJTyOJe9IdW8**L;}077MSk|#P(RV-XL zKJJgqP8N-}o3xmpyKrMeoo6Da>-O4S!6GC%=Y<`q(tlM`q!7_jZI( z>0F2tms);LF^ou^M~@QBUUl3Qs`sg_6(4@MQ%|LGM66HAE);6$t#?S|Zc)m~uvWiO z^ldb4cHfA%r1Q@f>#J3BJ|rklj0cFbt6ko|A5aQm z2EAnQpZS`nYI2#51`;|GPX1pdDFgm8R(deE6yNEy7O>@3sDkIM^dv>nvWZ5rA8pl_ zW`|&%x5aAyA|*QY^QhmVOZmYxP6{R`m}jSbHZ8Elf^r#)+;ZHUx8KXri9C#n>L#W} zX_oMLPPKjRN=F=V5uFH>{rh`Sc@u2l8OwXmnusiSW?Tguv{}8u4f3P-bi8=9hceldYKIr$aFKL1v6waouKaV3;J?@ zVW!It$?Zm?+zQbiZ5xG4gPSy_@S>&N-NQ>eh=2d8SNyPZPcJWf=8jQ`$VjMq+FcmF zw{r1MpSfmP92N$rHoT;}JG`uxWguIr@+ESsCQ&1|RDd#@UN5tQb+_Ek$hkF9=#r`I1_LJNgA{d$ zVA0tws|^sJCX%-o$~(g_m+-}=FD|@Xon z5`{cNC@b})%<>wk9*5Hr2;e+XM4(HNX{7K1E|9W7fJdVVXbfTRFu8m_8pA32CXU7m zLf=-6`|kNMm;eqRz+n7%`d@<_Iw^Q5*_2&Mkdqf6Y}^mN>Jj7_^3KoGkqcMvka~09 zUYqa0r0ilPn35=v5R&T=?58gbMHGWTjL>+UB$h%eN!t91;g03QjCf?)JyXBZM5M88 z)Jl(w%Bz) zYy0;?BC|x?e``XhhY`vOQWysX#2YSEzW1ZN=1t#~6ne`kPAVcyT}E>24P<6**wQ#=huypW$DXP7=GDEc8+ul^tS(&L zcXse>*V%uM|2fckDtxNv#PsQx1spE!Uwr=;sFHeN%hRA`H_nH#CE_Jj~hy>a3zei%;9DG6`$XvFNT$(A2V08&WY*x22GB?v0i#u?N4K`p zt=FAqrCJyaY1E;hdcz0}pfS$H&A08{%i?`~gCjSXl-lIITIB!3AY1$Q-)qaDvGMxv z2r)@jq}wTub^3fcZ8jd(4BA#lgmr9&2;>T7x|uRZNt~;%u~u5kWH@>56$f|L#iZ~a zI_{R#ZS@c-S_&yowipvr@O3^+Wb#ZwlJq2J(o6gvWDEHam%;?fq!?3nZw+;r&iG>0 zsKQj~LbYK;w5xe{^==p}I6S!eeiLZrU~v9(I^GC%X{8v=m@ z&>C|Pg@9X;)Xwrs5z<;b07ISxNr4i>e^l4t(zW%EHljp+jXeQk|> zi_dIr6mMLpQdd+-L`*ge@dOaS<3JSx5Ibh=>P6D_HBPpmTe_Aw^EYkjbn9qT<&)^$ zDF#8+NT9WKG*HC{O}nCR(o{5kr>ll;eM~HW%%Fc!UjBpu{9nPL(Ue>OP;vQX<$&Vd zTNj_%wr})6zpYu0mIsJa*?fy~QGdeB_kGL?z(-?wfa*wFBj4FR<#uPB1mc3iG5bgM z`*aFjuYl#4M)jpf^$DdUUd5;QHBpv`>wTKMGdti;FLTp@Q38H6moSPagmbaU z59Lx0m#xL;DWqJ^dGfGvN0;6qad@sxyp`cWuroC?fXBUs%e%Tdz;-Rw{#yE9mV4p6A0_^_|e?Vp{)^{-c)NhqGAFy(G#N*3~YMY=K{VQ zwE2kh)DdTGT1FU$Zx8UZg)fYEdfGA~cF0Hf*TlRwD$)2LoD4EtR76Fpw-HHf5du}K2GfW&@V zY7lwj)%2fmH)}%Kq0HKw)-OZFuD6mO;cwOovG1w5iTfCFk+-d9`k##To9>%75t8># zbnMo#a`Y#hCe8V!OEu@l^*e*+(2r|!LqB%Jp3TGXTC2+<=EY89rFx+{{l&35^80$H zK12K7t3uB(KQsAF858&Vt{Pgu3=yxcW=x=F)nnFI{xAxho9~c0T;~C<=(%s>ijTc{ zhvea0?_yPWfVw^<(|?}=Z8(r=TLV;J@;hO1D}TYgahE3Bl1&Q*hLq;8575u~r$^ zR>L^)O`u2iueo5lMdf^#f*u9%~4ZSbMIYM*MBzrra2 zUK26$pM0-R;7YifcAsbVefVU@cxmCj;6=2lXn)@&qOMYE6PHNPo9nA+pB5E@R2KJ7 z&-koY*&1c=R27E9u={DCsaBh+vy?sG7{dhEq%7a_x(mv&xUkZxipM#{e2Oxrt@+A( zxn<~i{b{e39WUwUU6x;FUvBa>U1DF7U*h%6_&6Bu{+8&EAqKj?34an4{+9sj07BZy z$ocuCc-R@gV*&oFFI}G`6XV6s0+>f^4LDp)=c&Qr2J^EU zKeBw3@5U3-J&m7zf~-9tQVp?r&n{Ht?o($Ni$kWon?|fMT+%m=Z!#JycJ8bIcIpst zh7WRM)3@3J216H9sV;tXy%sn0$e1%hJ4&OD78H(BX`_X?-`5-YnldqhlW!q~>vEHC zK5{;~Wxe&#`S4~z?gh*3Yu0ObEO)M3uM=vYo1eQDOm*5~jU-neG3^uN22w7P(71Ab z4b^#audC0MaxCC#UPbrMot*Bm(>3;!9eQ%OO2DQaKeNwN${{Psr53&cSXd_%AXr0+ zN?t^oj}i;0%z&>(J+WTj*s{lF-P?-TCN~>AY6o^JC=M1_y3bbEp6wfKynd^3SejVr zsS>ipG@2Sfy64A{3z)C`FUFNaIX{5Dd|rjGl&PWdB%aEGaV(TySRhfBFco$g%;lJr zg+ojxXvqZ(v6@*q*p?hBlhTc{;4&NC?#z6gCx7C;ltZt)|IqoFP;qUeuR!Xz?daLz z&^Jd#jK1oTP=8MD-#a%Mj2mlemV11bk_UcH85Ka4+j zHkV|j)2$>$5X^zK48Z8|SDE1ujYeX24*`26;cw16a^GJze5tK+h&`-so)jnn<_7`= z#OFhb3DFlsaqT)rIbGr{1hsV(3dE_A=COIdc@{{E90|R1>t%2`Q4(ImET_u?MUc)% z#ewYC#Ca?}n2Rlx#QFG~TXCXXbKE5_56mVL#DuEZB0x5&bd$vAR;m0hZKZRo)H#(! z8mPD!xgvKlEqT#5nU6cwJZtwnZO8ZR#lIQYUohZ2siOSFgK?PkdoXgYww5O?p?$5i z6Z_Oz3K~tpybZ#>yJ46&Nxs@8C7|B7H<)oy8PEh$QVa!RfWZ<2TpkRt7!rVcLzI&P zq0zLQ94eZ0prR2S5Y5R-OaTBnYNas;^0%IZRP9~m?wH^YgG@pU{Oa{w;NkZ^0V$Yg z=Vd%2_;bllR0+59-VHp=V7}^F2BstMGhNaAL_G=kan3%QBL4;+1?WEjubY}4iyJh? z7^1LkB5>P;aj~9)LKh!4&2VAv3k8t$7$QM&@`rFL~xIAgnV@E01yfkFaTNAL`gx>0Aau0PUN zXML%n{BqMo1K){jW6w!DVq&#Clq=8`2!U3ckMIk)NUN(ObVhCCdrmpR%4cLYo2|7$ zdS9;@)d2b$7p%#32X&zC^18-z?$O1~*Pz-8Dp2;WtX;mt*KiN>MX$yy*fKw+G~=qY z8zV<&uL0hPE%7w^{+I9Ai|Me}w+0l_!Leora9gxREjfk5U|o&pO0)ZY66uZ8L&Fu*{Xq%A z{aAC3UB+r_hO&y4PWt}gB`23XK_D^G*ipe;Z|CK1J!Wgw$r-%|Sn_0SBA5OsVJZEt2EM6iuY?X_QGb(+< zEthR7pmlX)Jy4L}&G)m|lTaeFIO1+Yg$1C=4R#w0p#IW0_<(OK^>|dY2!s&T^iPj4k5{mEJz(T}hi8o?=|Ses>IRy&Y9}RyY7G z6|0IntYo~IfIj+;b>4t#dUCL#aE{qUjR>XL&rA+6JWotaEQ(zzgD2KWD01iUstL`% znM4`Rxis4bV9!t_q;6~8UG1r&$tWU-2^JU#s`au_m?qo(zPCk?f#%)idXNyWN4-O& zU`wn)MX6h>EG0u`LmkEod5KJ;jQQ0b5J$abY6EQ;z>}>Ko{FSLLeOZC$)s7V;w&1O zGo~!NusA1@loJ^$C}srujuCezh86n+Q0P#_P~C_kUm^M7!yA!Ia&z&1)?q<;wg*=t zY$#=94UnaNCl7wkTaf{+F0ZmA+P1A8fIs{BA~;K4LrOkW?i8)vZOjf~uDnG7yfjv2 zzSt|f>#;bnR=_y8G3%_*@dR_hmEIcy?u9P{$K%-a-c4CV?rjmmR(d6FpYjd}{70s- z5m>p{s>}#g5+LULWSON(l_8JL`w(S+FQ@qI>=}1@O_DTiAFaMXgty@N#~XBSdBHRE@O@KYu!Y`8W1tC@zfs zfH=f8+%7R}M}P{0d~j~kH+DiXmM!!Y@N+_eCJB*;i%=cta5lsTC;Aqj|INv0R4*PYE&Hcq|KWN}}7s3@%a zH8#{u4Yw?q*uqEI==C(_wU~OAzuBTf3Azc14kQ$=xHyu5aQ z;2bf4mtPQ41!On$^y)-GDqSUGT;I9;nzN%{dHy}t9G%-rcgiTtHkvembNG=6pF&MJ zm3&2DP)b+rG+yhCI{d}G=FkUTrzE{}>d+B0Dzl9y4d5J(5WZSXts<3cxjJu9OP9|Y zZ=9a=%{+Qr{hD>;=>ec2xye0N&E(3HdaUOIVIUZl@Sm+cUQ|$A?-q16Q1T0Sn%YWu1o2V7mAqy-6T)R9+%$W z*}pj2WjQR;B+OQe0$LRkASH|l6fc(1q&EfrR3$XFX5 zej%kikh1_JH+6n!^-QEIjnb@5yoOh%-X9!UOh`AceHaM0Q+j80EZ`6&oMB2}xPu-H zZ<(BRM;-=4cXHIQe*V4^g_O{%?j!SA#a?e81@?Jll$y&Z zntn6Yp;PVa;Zm4 zor?|NMo)r~=ZGa=snDpu^+E*5aA6uG1XfDla<8tQQXHZ;xu4w|3Gm>JRS1?TB^(Y^ z`-I&Noh?byg4N1mHhkQ1YuMC4mX@*5P=ibtmLgHIZtX;aohF!!jrClthH1M)<%5SI z;K5r8V1v)vxm5v0J-hI>Pe6pw63opp^(vsMVR}Kf_YQDMTE?`M{JTXC zSh)lApnncj$i%WYtAyw|+e0PPjP~<=2jj-grF=0k#l1Ro5M?uk5TCEU26n06`|uPZ z(szm3HG-1_L2W!-`O%M0I@um|c$sg)`s{9ItR0#lu?Ho1Cn3(vewoA&gUV*YRR`N0 zbyCHXdGy@l<*yk+HZ=oE(a$?;mVMm=`+qa*nA>{hwLbX=SeNsn`Rzf!Nu%Ollk&0_ zBWy(mC}V6F@g0RLb5f&9A4LM_YSFLFalC!IeI0McYhhhyPpV-XuRi~cqHyz*=|Ird zph#h!ehQ}A9X?mlBAlZl>D}Nh3lOXh6tO@in%#CtFm~J+qSO7B>lUER?cu>KtVv&n zol#enk*$`eE3(rOe`}ix4v;)ZdCP@g7A@)okof%qOX5ysGtAsT$_&%Q_>W$o1&v`& zAYx9$>|0}}id5jU<_92{)BaS!@*JhfI6e;8I=jTl^()!X77-o}%l>yI=1g7a;kn3! zwHh=|pl^_)BPA&{jrA-HZ0i|~MIQm~0uv3L91fMI9CRt`Z?1tz;=JU?euxV{+QgP- zEMf8vVU$fIcqE@Xg4erqQk{r0P|87T)QW*im;61yx6 z$|8;3F4lAJ|3z&TE3CHFb~~OZ5>h-05FIuB5W=}A30St%mR1LBpvg32Vpq-xoCsIs zsTlydkq8qw+4yR?lU5K7B2`#B;>qeF{CF(w2_Wy;1Du{dUB=ywtaIA31N9CutpI39 zkn2zUC%XmoDP`iXv|wa^b!67t#Nx!L>XwRcWQkEi>ZC0Ioy9jY%eTQs{aqg8M7f~u zVh@R-mSi+{F_Aj3a12-gX{%B?5fX+kh#Xl4+%Usep+?o3ExH|KY)B>s#{|ALJp8@* z5}~+Tzq7{3TAYxLg)GEW+DuyBX2|hgDns{0D~6dNpR_b)Wf9s0>K`0#s{)>?xe|LK zC1wM6LC#tVFCK^>N$Fxt7i%RILNcg)8Y2fbV-z&Dy9_Dkh2G`_iA()8lrw9JCQH7D zT6eeI&G|wfbt|pLN9(U7m}^WZ6b1Ttgo6B?yR_I9EiN-z>$rhijfBLi{1z6O+6Z<+ z%S0jzW(|%2a_K=@*tJao+)rJ*lEq~u@`hey2sB@rL$|_f|LEjnD;#bE5QfMm9ZpWf z#l>ow2+o08wuwcz^L1e~$&NQPwo@bH5YmU2D2o2Kg=`#~8#pw;@p)QBq%PhH@+*h{ zrgeJbo1pv+!cX<3Orcn@T&@j8R{nxPG)=hsG6V<#@@6WSo3~a2(GzK;Sg8u@)o+=; z&rsM`vH;95bq%x1S|36zICcXkSACOir8=!XFv|sqq2p>XLv`e5+pp3DBvHv0M}%u} zcJh-1u>4#GIQinXGak4^-Y8PE`Un6SDY7r*#=^;+47)49azkpE-E7h>ibj;4m|aJ1 z@1#j3zLD`+&`IaKZR2e_mkJ1a|N&|#Nw$WJBTxgSetN026{G&F1smY3vpkA z#rn*C5QrHuBh#%t)!Lz<-e#9H$Z8;Jn}`t&gEv3z9XC+Du&U;u=x|Q_{5RMcUX7=* z-mpG;g%?=s4$Va19Ix$ROCJ)naoBR~R6|pd-q#{Ky{&05col-{|VN_N@7o33JdA;CscGZ zljp*b9#JCYX+j;cnI@J8Mpz}=wlUNY<8HugK1^xM589w<{M@kC-~Zme(M1Sklwz^) zp|e}Smo0UcvP*701n2hrRv+A7ENUHi_J9BNgI9}ti@UdOoShsUK0R*#O^v_1>q}MV z38$z7w!dgo{GXjui-3@*MV0B)YtX4{xu*FyCkgiS$tm91H9W&hb=ues-^Gb7QzHO@ zG6d}VhrPabzBnD7Rdtc!9O#!a9gOxOE(vLMO!6%9+iD`C_wiFZ)o_y{fh_YXfiYz; zn2w9iozBW2@j@4EyqJ?nj){ak1n@PhDF*kHIJuj`i~E3YJJWPB_A&0S7lg zsK?#^p6zzua#tNoa9CXRNS(Uq!MSoD^trzC;-^GgA|js$P{+K}+*dL%LW16eq2<0| zQIreS9`3QHXST4qK7x{)Opxe!fWGedJps4yDXNG^3&;Tr$)h5hXISCBNCScJ9p5~pfSd&`yy-tI0& zhzEt&4T=z!Zje1DfEknzD9kEqZC$)70s=8z8!n51ZN`t?Ft@*F7gyvxP@iC1DX}GH zqLvjY*=Zt_vdxz+HELIv*kZYm_Bvr@9=51Rlo{i^WW5kWYV5+MFqV0~9d^wM zclw%@F`g?F;ZQt3Q`k-uT9xE|uC>*_(tkc1P>azH>s5sueUu-hG3lo5*N(3$%P&>@ z0kv=m2=f)SaQv*o&r_&p+wrAf^st(>H76IB_zl3F5PiWQo_(HNfbb7*0jRs6)8kMr z76Skseejhi|z8^B>x)$B4Ay3u5JvAw#duE#R>BO-x5E+{c~a~49T1di|e7hY>)V`$E$??Wap z#=vg0{1?f2?kM@biCijUJOSb@28tpS{-ayU_h>UJxsy~FHtfKLrTaHKlM{Z0JW9a! z$2H`g;1!oHg4>r(k)bwPr94nDY%eJ}L=&gPW$d~KDq{5?(;N`%u>D*8;y7jW<|udE z1_88(L=OmS)n9+J9f)x?wQRqc$!e8mpR_jT^?rI7n;T}X83rMpl-D^~2k^>d)(ibb zu5##tM;f?D$Am4i_%ywO9wLs#6Tq!;ZFAQ!@QSu>Drgl=kprUvGI09feuruC zf*#3^#Sv4w>Zoz*0w#DTsL->m@7k{*cbf?d*wKzV?P1%Vyz2WNnP1Kj<*;oJKMSpg zTIr;2#rQjZXLz!loB_EtjkO@y4Id+sD4#{!TQjxPOgJPh9PH)X2x#um{!)XGar-SN z3{PfJbGrcr5>^h@Dv5}${WP|K9AR9qZ!A1NBlQ`Ld$0*Fgim8^Lj4=rienf-_s*=W zfXDnCw%%EwP6M9}y_M0Q!!pj3Sa1sa7Me|e&D!|}xb$60BH>HxMmIIZ~)_C+Is2N7`$l9 z$SjwZZ1ux$T-)HRx{oqNKX0X(nQ2l+dDXP^BHPw%a_uWcTh&e^TI*KAn8#XYHrw0q z59Ey?})B)>>Yh*4Kwvwb=f2*%kYu3{WT2z)IM-BMipVa z8TERJry>s-hdaxKAM<-r50IYI7!1%HQ%|0=mR$eTZAK3BA##5zC6?Loo@S#WdDAbI zkF*e99@Z&1v5_gOV^J_=ShaDy9tXr*j6twM9$aViJtzOU5*!!j5~uKz_gdu3TXT!z7J82thw^-J~1!8$@-+GF%}EvZwT|7 z^BZR;_#qD1P-m&Peiykt;r{$-bXrx}uG)c4<*=>f(JRoCdJiA(-%(_b?O@3fO|u74 ztVUfu!0+3LBi3%-EI6&V-o4pWtH>RrVGfaSlCK%K=i!*E^-Yj*>M6;Jy`AR%`f@mV zOKMUj^7J%q?$`aV)C;WG+UdHx2!Eg;yu^qkgPB_MK+DXSf)e-kS3fLv%@9lDaMaB@ zHTK=nK-+MWv6Zx=Z=3=1_sEO)|?ye|z-nGOL}_hdi4PMr%z9_b{Ar z7(>pAP}dWVPoS*63TwM*12S$L;)wn*y`XoGG;K8%`aF!5KfMcu)ah403#RM_>6O-V z8tQq}AJVFy_}k}n8tOnG)2OO6efZE#-Tsiri0As|)jFA@AH@3+&=&7a3+d`!c+`rI zQ|UyyhpF$Xau_O3oHqx%#(ju=Fqe##dj$)qEQTng7H4{0xAYR?botCXmiLGC4MVhk z9ga$`EcGD|#|(@B_iz)_Aga%TlU;0*3o7%QodRx^MGJSO#17-2%b!zu<8P)+bV&w$ zq?Z{u>3fQuTlK^@?crXvbp!RSxi3t4_lJXmTh>u#mdrBaXD{#i0j0i2ETiJ;i%}DR zm8!V12x=06?*9K^HfM+=9(GbDM@FWI4+Y|wq-s3khPLmMm5P#TuHFkvsoxUpyU0Zk zlR$Bm7KP+m$0>69isDxqVafNSU;LP0sj22t?!fk5th=>`87^jdnV>2YU^7ugCQ2VZ z`K|K(Rul|)YvMpt?3(mmmz29A)7IA_COkEMf(+}i)<@B$qp$T6b6#qS@|puvVM1ys zb_W1hAa?Px@?o-k7ec~7L(5r52>nAKeQ2OBi{jcLVDOg+-{EQ)bXsXEMOHf1S><CIL%Gw!v$1k zYZ7(CZ3bx43i+l>=M~Zh=O@(y>UC(OSFKiuAg@*w8Zjb7NYIaxnFh~azPBugDlzf4 zsn=w~smb`n>$Hcr8CQ7URDP}8zFE6A#874s@n_9iB)^bQiD5pqepHli@Jt6V@KxuE zOoxqjgq0tEV-$K341o-8x#~|rf`teT1@#)(T@%LjnGU`xBaKCM-3{YBk*iF(Xm7-b z6&C_MX*Fp!-aDVY{oCp*`p`{nqD2@#J(NQ@*%ie!;T5r-(_7^gVLC9ZLcdpy!3 zs(9+H9wMkgNTb*FA<;zY2j6N|YN+M&N1XayW?`LC%Zb;gkvMmqh4i}g=+$kzIgU&B zvy4wE!IsX)MhsYB-sgk=s(kL0VeyVneB&4Y1SBv)30C7=LK2#=Xza9$1Lfym&|N=0 z!hcoH==7J*2~R{K6P4)1BsOuxl3lP&4^qX5eFWsZ?L`w(QAkVAXbtBflp=x1VU=Ww zSExvpYL^^w)G^0hj4lZlJBzWzCZoJb&5Nh~-g%EDu|A2>8{s=XILocF(o!$gFc4Py zM4PoB_`p54MzO!O$=e|#Lp~})u_a=V0l#nNasLFAdTv|Abtds zapTPc+v|gYXe@l+4&!MRZUx>5j>byPohqlA*HkBHXaw|Qr@?9D&5^izkcw7NnTbxL-H6$l?KJZ \ No newline at end of file diff --git a/images/favicon.png b/images/favicon.png new file mode 100644 index 0000000000000000000000000000000000000000..df06e35d6285d95bc852059fe1e6ff1d1ea597b3 GIT binary patch literal 608 zcmeAS@N?(olHy`uVBq!ia0vp^3LwnE3?yBabR7dyEa{HEjtmSN`?>!lvVtU&J%W50 z7^>757#dm_7=8hT8eT9klo~KFyh>nTu$sZZAYL$MSD+10!Z^Su#P$FG|2J>mT)u2s zNl8gYdb*RNqracutXZ=T95`_H%$dI4-cO%CH8wOvM@4Pky!qL)XF&B^Zn7EywKJ9k z`2{mLJiCzw;v{*yyD)UH%6b4f>?NMQuI!I^#02!@PJKxV0Sf)_ba4!^IKB3=h#4>P7d**adabAK)j?jbTfr*F zGIkt1%e5o%yf=64#Qw+gB9!hQHg0X(dhJ%o`lik9`l?53UjLu@!hXp&t}d3fVIsgV zP%UwdC`m~yNwrEYN(E93Mh1o!x`sx&Mn)lqW>zLlU}1_o9J2L0Dh2cl@m%}>cp ztHiD0Usv&4paw~h4Z-_I&?sEVD literal 0 HcmV?d00001 diff --git a/images/gopher-404.jpg b/images/gopher-404.jpg new file mode 100644 index 0000000000000000000000000000000000000000..2a5054389c8b7da11473ff7025bd417914ade520 GIT binary patch literal 206249 zcmbTc1y~$Wwy4{;tuNR}g{9p2NjN4_vO9}uiuq$d(Q~#I#|LYFV+QZWu0D#kcap1MF^|F59$QO3; z^Y-|wzj$FnE9buqkNB58Ukdobq<`7|pUn0Tn}4$8U$${|vw5-kTV@X%SDU{){KB!m zKDIB6p!&kmzK*tjFTD7|bS^%wjxYTCg$Z44ExiB$M9jZ>Z(D1J7v_3lOi!J6GA}F& z0H9*p{|8(B2YcK4zmyXIka712@N~3y@TO+6W~SyA5)!0VwDohb_4a1hw6u1%^t7Rt zad-8wbPE6g{#ob0UI6^RZA<;q$o$+w{QT@Z952oPFZn-a{>$qB41fFfpB7N9fAkp~ z@$|oS|Mva2&bbf8}wiD|7!3r%l{ev<9r-{&-bskqn5R`v-ENCrvBTg*6uFuKAzNG z9+uX&)a?JyLHvL1_#egkk8-fRv$eDJv~_zqmEOxJb9A$R>25b0M{h@WH)=<>|EY)n zFWvs541e*T}WAfHwdp06TyO zAOH{nNCM;l$^Z?34!{s#2CxP=09*l{06#!5ARG`4NC2b)vH* z0|o%2fGNOtz!G2`@B^?1I0jq*ZUGN3H!>7BEI0x zhHw^e_Hb@+K5)TsAK?<<(&6&qO5v*En&3L%2H+;(=HOQ0cHj=-uHazs2=JKjgz&H7 z8Q?kL1>vRORp52tP2ug~-@^yON5Ut==fao4*TJ{J55P~sFTwwSKZd_S03cu>5F^ka zup%6hTx()J3#L ze2*B4n24B6>wM1jPLB#fklWPoIkbnmyo-E;f`USZ!ipk>qJd(G;*AoGl7~`< z(uXpSvWM~;6$6zDl?PQG)d*HaK!k4k&DrYF^;i=agT|Q z$$}|^X@cp4nT%P9*^jx33B|&~V!)EbGQ#r4O2(?j8p7Jb`i)J1&4I0iZG#<#U4Y$& zJ&%2cgN8$oBZXsz6Nr@e}5#Vv-Y2dlyCF0fK zP2e5iqu?{(%i-JLN8*>`58>|;AP~GEkRh-p_(<@XV1!_g5SfsXP>IlqFoCe1aF+0b z2%qRJksgshQ2|j8(GOw-Vg_O*Vi)2R;%4GyVi?J55-Ac}k~oqEl6jIl(pRLCq_(8- zq(IUoQWzOEnH-rjSsGb8*(Nz6ISaWKxgU8k`3U*RE5cVIudH9iziNK9MgdR3Lh+6w zh@zZgn&Rd)-UBA^nda-_Z3ZMCZd+2cA?It z9;Uvap`cNu@u4ZDnWcH4Wu(=mji3e6ZoWZ(BlyPdP3D`yHy3nNbZT_LbhUJA^l0>g z^bYhn^kejQ42%r=3^5Gt3m=>9lnFX1hnTwdev%s_P zu{f|4uz*{9H$?6vGW9K;-|91$Gt9A}(#oJO2! zoMW8NTzp(ET%Wntx$(J`xg)qcxvzLwc&vE}couoFc;$J+c)#&pzGZ!D`?mP)3LgQV z8ea_GAm0U73-M3lKO|@*EG5b$eoDTPw2}NG36Wx!a+0c( zI+Ny-_LOdwzLOD_36bfSMUYjHjhCI3!+Jsdp~y=uKXeOdi< z{T~LL1|bGhhUA8hhTn`(jP#7Y7~L4l8D|;qnedrJn=G3$n);hgn30>gnDv9MFSruAcSj$-FSRdO++GN@s+KSnx+d}Nb?9%NH?8WRe><=9z z9I_ow9AzBy9WR{}ol2bUoHd*)o&UJ#y8vBLT`gQY-0Ds(XHO;}{u-Uo#bRpIF2&fzl=ToLIJ*B|vic1FIA z{1CYtr4UscjUDY74UQ3sDTzglb&Q>jpG@FN$WC}nv`(B%;!es<`jc#z zJe$IwQk;sM>Xy2kCXrT^j+Y*ozMG+z(UwV_8J~HbWu7&W{WiNK2R+9p=SQw;?zcR; zywtqMe24s{0_g%^Aw^+a;a!nU(R{IFaYM=Ll7tf2C&y1Kr3$5OWejE6<;dl}<@=xY zK95xhR#bl>|B~?KsnV_TN7cKk;c9{E>Kclglv?;&pW4GZle+Kqvi08@*c(cL#K43` zK%-CNQIkc}alvP+XfNm`M6}c?E0&{;^`Sao=cujUl?5M zU3y;rxk`kRK`XD{UJu@A-fZ2v-ag#L|0ergbuV~72GfT@9{e6r9&?|VpE{pao;Uuu z{`vD~2k=48-_Z^LP*Vf2yhH=203otF*%WqT0> zB!s_$jEIPUgo6AsVZO|$D5w}{D5&VD$jE3|Xy_Oin3$L-Xjs@-nAk6f@%JEqeG&fQ zi-duSjQTPM{{NIeg8)2K_)Ww!1UOm%JRTeZ9^9W{!0VT4z$3gwFn%8rveI!`+qR>*ob6kUZ~WwfWt`?ok!}I6VgZt^ zQhStQ2ZlPQlxltYyQvJbz$duuQq%PC4W7(E)*87W^!K6YNM7jlF7vUQ>6vCDpGjg% zbDEiKSD2#?lfk7Quu58P?YO~YNYM2_1Dr$)(>-eQv8~T;Q9TJF9xim2qt4A%g;Q6xl z>t0*c8k*tnGEaCMX8CIgCH;yc%ZSV4vV_aai?);0jzp6|Wu`^V{jd;-*7}vrxlU%? zYVx#k1|QP4-yw9Pn?3cewphu?%*S9$8V#zLvlq)ss?Un2G?u2#HeqB=AKXMQ+1-S= zoK-fC5o3WnNW@4>D$l?M=zjkWX%{ueqA?V0%+ic)z?cnBn_bGBZNQxULqrq3LrauJ z8@*O15^bn*p52RGp)Y!lWK|22M>D<7rir%NjorN5wH$6Q*;j(l?ypPU^q&Pt2*ED2 zpVo{PFjTU?iPF&SeP9F7MOoMrqjTk^LiS}BDJ*&M^WH@6<7FVql4j7! zlHprsRFS($I#Vfs^>xuUwl}PGtXnkfb!4+mk~6SoGZQ>fH^`S=$&@!3Kt8OHxlk8D z8sbS;jWrQwHkb}4oD>^mfBeo_wtwc7SRXEez zVt)GUd?u(>B~thcx;HA4u8~?8HQ8kxEJo#)(sD;pXg@GS4dO;9;&?oyCkREyjSO>J zB5YKxq%7h49WaMb=)!H9Xqt~mGUj~am&@w-V6kn!d_)#`RbTcJh}}ZVat|7DuoF;E zh?U|QiQ>k7V?+4eYT`ce{HPsr(dbc|kP%`wk`tdmdW9 z)FGRI$Rt$Cmid8=2ZK-p)rVBMj1hfQvbzw4E(!w~p9590js9JI4a@F( zEu8U&T3&YCHasQ2EJ9Wo%M3K_U^)MDZOs%&w{=R%H-p`xF_u)22oq`KD<;#R?C>WU zc6Br)Zd6snm|WR4;}eFNOcXxYM~9Omj)|3JsT1E{;#AdUtGwFSv~jt=R7iE2d7IuH zmZl3*aF?Y=78X|FlZMkE8Z;wKWn$Zy2q5lyNEJ)}`V^7(DR1Zv!v=M36d#H()Scwx z>i)w-nfJ}2gkOfj^-Yn)-a}{c-9#X8{tEML`%EgmT)HCd0QIK~uE^Xx6b#Id2#j>o z)5r{p$N&r%6*ElwG&Vv5ivh{HbmB@51Z+#C<|c#jEWr%|?1;uylUA@3ZA1v-{{6(Y zR>6MlcXjv7gz=e5vm^R11&-O@40HgQ2#Bny(yBI@lBLxHsflQGpFTDcyD;t*&_k_; zTKN5FX9Wzc<<5mPk6ncxtjZBdGhU*(W zvds<|t-5TTog%3Pp<-Gt-H%8LNbP*9%sWyni9~dymQjvn3GA+|- zzA?eSD`O)yT95c*GtxyPI8MkuuEzyue4*HlUix0B)d_}{GXp$a9DzCq>Uz}>g$Vn9 zCGhNS&2r?aa90K3FE%#DvWadaI$3k^8sip|AhZ&5*o|*2zM^}QZY35dY$6umnpsN_ z^@+Tnk+HLkWN#*Isb-_K*x~VHQB|Iv$djaipK(F9ha-;t<|b{kqkxSXL8C1Qmzau4 z6gz>a#LXpy2I=Z!g$DA6ETniVUJNE%SIU9;@ow%rltXlb`+Ne6UQNKnUEQ1BZ&i-M zI=9=WAE01?O@hTsSdhtb>vb@`O1>Q&%`YWxd{sL#Bt+a9JH@HI++3uHtM?XONCOnL z0QLX%_t(+(mP!d*;J$KB(><6HDar}XxPc`7K#FH#EfzSzCH>2FQJ2L z_7~)a?Uq%R*aOBH7)ZDjulDKdCen>K70hZqr?4=HiGG=ExTdvslkFv8{Za2?=(C$;Q;A0j^b zX$iV~Kk;BrdJgI|o4cdZC|;&-XHcg3#%M84Mrt6dPL>w_Be&6m4T0Fk8VQ428e0?H zBb*w641e@3Vx9%QLAVeL{LOe_F#9`)G-80HVQek&fJ4oEi-Yd9^WLw;n?oo#PXSy} z09o$QC$BVG^K!L@Bi$xv~ z?{#{df^YV|-#k7#gVZMPTeWR@>I|r-(|?a3uL@F5bh9sT)a*?)G%R0DDTk?cXFtgs zARiGR)|j#_Mt{^?X)}0-A}_?pML@>oD}_1yOL9CMn>q*8k_?x|PKwJy)oPkAJ(Ca@ zYZx;f&;pk>;C-Tl67(udRl1 zHs8M1je{4sKx3{lNmnj&|C13SX=gX4P!a7BXY;XgNVc0!NB3HDLC}<$4JQ&VH}Aj%sS zM#Mtu4tpx<2@s@M*IsSd=P^0nsF)mHR55~tK9q0tV#K~Ro@YX zW5!)ruWEOf-9p=$SwoT~$N8>H;tIPlK38L6951rmjt%B7WTC9wHypCE>K0l+9tuSt z9$GDbOGo8(6mCLpWYhuK@hsKEwCHaU$e$B`RPnLxr0HttIk6f8vslccOq{1G4g(%< zq;twu$jb_pW`LM+Qt79B5bKt@rtG>`UTzcL_}equYK^Bj7-o0gntoG7F+@o$6|}YH zaT$zL&HM0$E-jpn6i(hU!X`d}j72R?T5=!~vjqj!Z~zw@m%%~>Ey6ZKIpzzsVt5?9 zsD?@w^Z+EHD=t2J;$yx(sv`Ws0plq6iCjW*`-yBp!){64H1Nw}UVvNAI<_-p6BGa_;y6f()4<6`ZkQrbrcLhT-Lw@Vq+rH z@I*K&YB;fEtDx;gp2pe^xX`Gw_x)*I5JgU@?^t`~L+_N?^MwZJGcOBqH_WKPr%iL$ z2!&%?85YLu&TB3iQ*!DHeGkHE^YHbPKmbEK1N@$Ox4nBgwLvR4$=_}<4YzYuC%CNb zq%3%O5Xbv>1`~gMsvD71r?JswQ?@n!FfqW&mGjYp&SH2m(MCB@_jlPB{I&2m;kcxE z^hv6jk%BB$e1pdwhF_1iDvI>WL%(pAXv|lDbXm;m3k(d?lQP#9j9PF;XD820n%C;j z#OF`0hs?S}BES27{`Sg}2YZx|C(}Sjn>3w=!P06v{EMBk)dmLUgwjNOVFZt-l#L>T zi~>q*v}&xyTljRqXL#*wj=@}6+;F22!+LkOMPDGNnPbmE!I*eq;p17}x{<`ZD8|9# zjStiPkXZYc2ILLsaK-8Vfr?W<=?HxFeqj|7LSiEJ2T&S2Cu;m_yDt@!>5FQa(B2T% z8=<2jXCG)yZxdY6X`k!!}7&?Z2Pwd<)-eY{>@)&SmjQuRl8*JsXWm<4$%M} zWEz^uIBJ>>Bso$W!nR=*o*YKnS-QeR9A4Z#Y!Ys|+yP$1ymabcgK-1smgu?{gr|_ z^r1%$Wd#}{A#sdV`|G?;_-dy&rpVkR5DfYQkoT(obtro0^IafmF|x-bo`=QLitbaD zRD`Ac%kqqE3DMhGEl}}_*4$dO0BM6lUUnp0Z#$=;!CzFN*7NScn8Y(VrKEc^BL{le zp}%s=@HK>>)RF9Xfj_J;F!@mohso^tR~~+2IhTh;%f~b}SweO-sdx|R8squ`z1EtQ zC2~I}=#mkb*;>h%1aY`I0)tV06X@>m(`tAav#NcAbrf3q*0?&FQ8jIfbU1fBuTd@+ zO_mumUPf}+5I<6jUq!N(mz$2V)PIDzA5*lukHy)}uJ`)(DuHFg#$<|cczhIX(5PlG zACp_s*_fd+2{>o21iij50JbFudVN^xN%DcEx0gZPQr4qJuZ3^`nepp%H7 z$GEa~>g^S8b?C3ZO)8%3vj}d#(J&LW?msj!uPkZy_yhPPWIVBcU#YnNYOiax!fR;~ z9eZLt!lQ{6Q*r{$mQR!n7-p~_bY8O5cdT+~cs$eb2e2ewT*47lA{%`<2?KaBh`3yZ zruB*^*^PiGVK^Vx_RiO@&kS22l^!dv_r;?+3o9G8jH-Oh-UgMEiE@>jDPHbAMBH3oTLZoxuh%ENt9NS`)2{Yx@G<4kbFlgqFtFKq z>RbS^S_(4dxdZ!_pU|&GFBL^w=~2jH(-%?HMdZd$kRjV)3eqGRHp}zM2@xf#(}$15 zC=4!j+_wA(^6h|m))s78Q_}<1rXDO zlfh-s<3m`!Tg%@00{hkTh}RXT)ckD>@I>5nDHx)W--_K*6(H7WUfQG!7QEySc>rRw zp82`yCa?Jx^|%G@LARw~0v`38p$<2@<-x1hF(AXPJAt!&9jGt1)`Ae_y${B7$RB_{ ze%g#pBB3#U&j|3mBPEquh$$M!NlU+Wih0~!p=g>ZrS3iS#gtYG!j(dz>zb#5g@-?H< z$UlA+1_z={`7TtFv@mi_)R`mv_-F_ZKTF@A7Os+ouA+@zYfHAI+*ae&>bwd}T9T`| z*H4VA)ni%PY;miYfwtPU7L7HzFM6e(D#*?x^$QOgrz>;4F=lF}M`3VHOhfIDCQY}D zTNPALiovuiZ}F>ro{-)Cs&dog^UuJSt`3xb-!oZ8teQoyM#* z=rU?sQUXzQ#O*_8E=}&H#YzgFW&@}soz`;71)tCcIvFXq#gDyAZyzpueY^~>jnzk{ zF73UTggq;Z0=x7xHp8+_Hoo26xuHE#QD8=uM&z~-8R8&J60K+fFG|Y%NhphRWaoos z#dF?n0S&-vRG{^@j>!pW0&Z@R4dJzOBRClKslEHU9|E_)SGPK5xupwS*f!1?{{b7 zJ)8~D*&^>1uH%V#PH|(~$wvz3j&{jSp8~<=#Tjkq$^uaPv(f@IMVeY*AcBZ^$^4Dd znA&cEqnSOGMi|t;xML~=!yIDFc9g>S>EYdd-pP8BlJT5;S<(C(g}$#l4YLD`Nxu6; zb%{&lp^Nh6DuL*bx3Eloq01md`KTk8Ci~I_f6kBKoMm6Zc9U!WC&va;p%JnR-g^D7 zUSVPTA?nU+0RrZC_v?{jzXxCMjbJP71qBN)t~`F7zLijcP(qgj2emsibT@)swxq88 zX8U9>VQn@lA=*>08qeVl>RBLh z)otnSoe3gO@-(jcN$jLLoT`mXXkpXbluM^N{5_M5t_^>LkAcpGktUq!!_NmSWy-M9 zIp2C~$MZ>x7(;!UV=AG`<6owwKd+X-bN79fbx*{~5*j=z`V=u?bG{thD4V%!?sEK-Hg*5VR~l9q<4`sIpv%)M>i}n$ogO zw(=uQ=<=$CQ;44Q`>i3{0x9kGn?juW$Jy$3P<;sJ=Z-t}tEZrq`Z2SwOJ~N#4~SjR z;kN2g!+MQ^J`ZTX4VDL(_ucjHz&qdL&@o|?jA~EhPCJnLV)#zL<9w$;`{+=>`ON-n z42hjd33sMgJyjM6ZTyG1(-i|OODwtGLS-gAv+G<_o{@7Wo)i+JP zDl^l%kRyL96n&ZJmwt;SAm-Bm{PBc#eC02kBfaE#yp8rW2UUpKUI^r*IWEx{yhl5p z6$L5rT*UW`4ej=tD)_XJQ-#(adPm`lOm?T}4~~Aj`)-2Zx^ojm)Sz-Wb3J8-)4rCw zW6%+vsV8k~|1L#hyk%6#NX)Oqhq4dL)gS%C7%jZiSq_cu=-L|lEd=3F2!hkmom zKeEGKfA6Sg2FB4L?4$0}>3ObD0A3YoFN0o)yq;;NVEuk_uFk&mM93e!@asvB*PQ0Y z_n3FC2By7#b?w}%&{YX(7+VzFxxKi3O=WcB)f@ivA=Iw~yca@t^#`zEw*6XzJbxiqcK|Zv>$BS1B{%yaf1Ng%XiA5eG#zh!-aV?^ec>x4)QbGlWF0wT; za|wDyYq?8Kx6anOny}Sg-Iqf>Ep01I_tkB8$ZxA|w7gq}TDGoRPuP|>VqwE;#vpkS znVHKin%jP?++abF2I|3n%;9;d$-q?D5cHUIJ(h06ZB zG09X&rP|?^ZE|;A)#yMfnh{~ZvQJw;@)|?{4Wv%VI9;M1+y%LTb)41C9Chp!Jrvn* zUHG!OUB)ry&BBTTci)QmB-tx$zb0LJ?QRLaD|omKZ@#;_ncCo-D-0}N8to$P@F!0S zRVv=ra0%6~SeSBVrEL1~czO+n>m@Ps4c z3elETvH(cGnL6|BsRa>TI_tD*lgs&)lUJKf@&-F+y72{lhn~9&a4fdY8@H;@Hs8|2 zrqC2rt&Aw;4daF9kI3hbuVF#HBO`%Pvj!W$peMp7%$Cz5y31AcW-UsM+CK_UYLr%(9mEi`Z+wwUrF%TfgNk zCohaj`d@X>UU^vM9;ZP27vY{h&Qgyh@-IU`mn5@P{`WW^u~9z=iiQ!aUBEPCTo!_I z+^Iw_Ieeh!;56ZbP3+Smj~|pT@m=1xd#|Iu+_N@piB-W8PCp$%j@Qv% z@DBJaS!=Ao5F}`h?@d6fd#NBuN}@BrvPQynOZAALqL{$xwfwed{=MsA93X zp;%q%nh``L9}KD(}Q)Gr;aL- zOKn9G?oO+9s}rR33Dmn>SFNWB=361+peg>@XYm}*uA5(DNs-YkBguiM&hR;(tDy?t zx8GWWyDqjCMuZ*$H|idr;;j&Z0MhYE{fC;y1428|3*+G1Xa| zd%uD+Jd17{w#xnd+wEGD#yWe7rZ{EJjGV>f$8o>YpqSqYoop8^b|+OHKYhU!Sg<|t zVT`*~doxs0`Xsk`^*B5d+uRp*!r;7jRy*77?!LJ5yq{#eAMgy^C69#eZ5yC~A)e23 zlkM&}9mNtYm8;*IqR#IZXFhi*pX26KbwNrvdP^$Ddy=4w0RjuJ^ur`(j$pZWQ~R&N z6fygl+=>=PA>e%Mx!rrQV&4w)ZIIT@YQyNr$6`*O*J0aBe!^xY-*42P&32q2MfF2X zBB_BSCGY$gJ$(`=LY?aue+Ig2tyaw+VZYp+84n((O3JH>Nw7P35q~LChLuAoK&QZ@ z(AwGca;F~qx&6iwgPY&U@*@crKb)C(QRO0kG}G6xtk&l{l<+&J`M5G_LZ8g5LU2+a zvY$-lD5(U^mWp-ld_^Y%7r@$}gtd@a_UQKOFs#!}aj^-NPXFm88dWK7YFVo|irBdD z$fYJ@VL26|OKtTT6Gy(nL`Nca-5IF6W}oZv*ZMP)Cew$R1fr881D_z_De^BX6T~{< zQH*)lr^vqBJycZShY~BJy6RJM4|;S_4l@ik{q_-4=V9qE4rGVmN)1S%yy%ce9d5XBnbS#MQ%_ zRDL{|^_5Q5=9W*SBCDgp$=~p1yO2Zt&yyC`O@SKWHVSn^i;M6C$UUE#*&oV)z4;&e>Zc4BcT3dOs_)LJv@^U!z$ncsx#(SoVug*z$B*-Ym$R(fL~ zZ36hAz=7p%ER|!h_}fN{*s?D={jEJanSN{>g!G6I2C(ME}z zCrt>!lGZT4(S$|TnB^P?1+LbqX}mZ6e)}*?<8`lXaS8gG2SS-@>~Pd9^G96NR3@n! z^H;xsHU424+dpryrFH^(%w=#m+;jRQFCJAo^Y0So>%k(>ARg-kzfIJqXUapTmZuV- zbmRz2>RNQN2w$rygbz_3v0p4y<@74~n5=j|>-z-jEQh@O0=YlaEbU!2XmOXUf-Tf!_3OKXwK`Nl6=vtX1Y_T z=0woLThu#p;5LfxM-ROO&N*|hu^k#n4z}QK^onxu&$iib{s7!_fNJ&+;=z$SyT?J| zF~!>^`LB<*{3$C3H#$SIQzkVQu!HWqYA&B^&wm@+c$ij#p}~Iujn5n~2;}Lshq?~d ziWC1l@pyL?*xRyn4lQ&ZTYeMe(Nn&(PbFh-4!Lh}Q&D(-;k(@l!8v^_PxRtpHK=pgRtSb%msG~| zP=}TfP$T-n;jvh}2jqS;YPF~~)d@aq2$=Qlb%lzLxvUBK>D>lD^G@`(-*5TcRvr6@ z_JaICU>J&7AZ6=~!kgo%!l$vJHn!R2z!ove*J*3h4Aa8Pln;F4{7PWbpblWwO2$t; z(>O|>d*u3MN?UhVp>#OR+A_hZuW)>jpbe{8Zaa+gw_Hqlx$-}3ea08X=ypg3UpjFclk?`!u z7pq6`l8}P$<8935MTbVr%;a;-&)0td0cRBFrNQeEhXU5?a}9|GSFhtOP*DeE2J`7- z{Z>FL7#x%`UI26r!MK7b7l%BX9@SL)YtOg$hA&K9fhul5CD732qNCq%cM`nUdnqMt zeVpK<%(v`RC9Xq1>$~3V^bF-Sz_%YmYSzg^xr zdo}OW5)ax(zQWC4yY

%7R_4foj9yl;PL0M}m zVT6SkXG{kdyp zY*KpfijLI1_H0!Ob<+sAUB4t~@7?LiK@$Byy}wP8PQkEGi*DX)MM;Se$MXjA^>X5iv?R!WGnS z#v5@@ZvuqI0I0MJW+k3G>fnhjN=VAD6;h&*fI+{3 z04sv{WMKgh7;-dC1DGMW8&al2bV?#iB?SPWiC#!SqQJh!gLgLZ_+{Mk4uG{v@vXO1 zY-7<|)6z5xMcRB3ViR>$rO|Dt#=w0I%1W>i7Z7@BDUu1N7$Fre$`m(;JJu`~)gWl~NCjQqeZg7EAlwd;g=R+0w@I?C)W z>|^#K0b|ZZc>e$qDCJlM#=u@h7M_`KN~WmRA{tXiGvZO0l8XD-xX{9n? znvHJTzIHCQ9*LLhy{ZDN#|z+CLr7g~DQt8eHR2zykPF2g2q=WT8yboe6b(n}j;L?C z^&Ue--G9B5g4X3RlmpC|dW5314m?C!lfxMXn|Xy<0;vP$pWjld1rW1DqJ=21KR@a^ zs9vcZ5u&syWulX7FVPnC8HhrtS_70FSKt;{F%hOXaJzaJEbOvrZFU!eAcqcLn8=9& zEgG>w>-XX=?Z%>u17IFC{lIqC5^9fpXP6l_ih(#*0N+QVRvi|#v)7FeMtM?gWKcPR zgGkt~%5s>r;7xOe(#o#`$enG4yoaetU2Z%|8qscT{^lrBDhfOQ0LiKeivYuuY2&bg zLvAQJ<}gYCrhs4zR@G91t%n|tl_Oh;3aXpvP_h!UrNQTm9y4sAHi;F)1G#l*g+sWY z$m2lIG(z^PU8c?;Qu-Ghi1_h>*dfgib8QlM2s+%isG*B$BB-G^E`iYrXgBnO(3foo zh!(drw1`x+vkGAqyIvz*u3x?Hj z3Ik5UGy;mM{{Sd&2gCyMzaA2UBUxM%F2=Z?FzIjRU={FM-xnW)X$1n!a)P#CS{NX$ zA9xm&QTs-s=!^7&VSrnGirb}AZ1W9D1mTn zYdkLf&5v5>UD?vOJOg(Ol23pr$lQKqzUp`>)E)eusQW5Cx!Pbt7HZ7HJ96{_CRn8@(XJ>aSE@})s1MF^}$~h=nhjH>Ty1U2nzd|B|-4{$dx^{|q z>jGMX&=HaSe}CfCWzTE>K$P0x`Dlf-)VX#vdQ4 z&N+}tdVguTJRp?3Yz$^sxEE^33Ox_kU^%LRVc<6iNz&g>ztmH)YQ?E(@pW+MArix~ zX+3DZQ9!1Pq%Q#k52yG1#sErQN}*|V{NW<@-S?SWi?`zilnyNMfcOJ`GK%TY@61s_ zwY{*G&YEbo@f{mkP9-w1mgB$Q;ssQ^&nUwQ&o&i5JPCE0@;X{Li0<)Hias_yx6zSV z99x4!`9Fv#c_iv|5LIU)-d2w~Wsr}8zE_*P^T~xw0|!dndOK8A1FwDh3kN{y0-{bL z_rakBpaxmY*T95ms=V1gF7&$bN3o*d1Xx<>4wNh-={hp%A4)AzS`aBHgszs7fo!98 zs`e2T8>v)TqK-dOmlRvv#$ePxb!Tw_pnVy%D+$MVp{W@&l`F; zK0alr_C9eDz!z0>^AHB>;We>ATkkB9c=kCd4*JR%;NP5d)6LO(NB;m~6tLabaftzc ztSF12<#dd)#rT-0Zn^T6RR@IYt%SG<{)lPCzI#p+xOzlNJD(|T%LWiMX)oc7MJvwY zGs#byY6>i;j-jC_or6aYrXCH0nc3hUB@-n3fam2d@oX`a;VaK+ z$QIOXnyb8J04=@rB@P00R*pZpSaDK{k)=C-iOGQYhJfSLG;qIDpci{~jf!36Y^|1_ zDTqdbsn1`zjG8eoWvAd*1oJAiOTNp&u0^%1;R&B5pZa7TjUKkZwehIY=}*Eh`1ELWd}o zyJFei4v+kpPcr9_8n8AnFk-bWws5tj)C4G66NSdrRl7%sSeFp4pP8YPg`)=>c*R@d zA+W)UK0*ahtnH;(1L9G(Ez9Tg4BR`ZV)_wo=;*?4ewXHqoczF;snu5ukYOwQDFsTqvxSD|0>$M`vF*OR>aXO<|U_;6o&) z+a(tctHecupe6l+oB4n=DpVFX`FdE;vXw*&gC$3FCY5&L)m&*d2s{j|rMq=+WB@}G z(-M;k&q!AEW0)d`b8p(^-zL~!^_x9 z(4OXQZ{gT26&CoxzP!aE9BKmlp{`3UKZDtWn*2h-g)ee+De>ZQ`wtE;nJ&lpiK?c# z?FWl~m{tyr6}Xc7RoBWAxR{e*}^x-ehmQ-9t-LrM5Q z)(X-UrJvt06!f$-=Od;Yt(jIM8RT0kwy>_x6|CAJP%Ov&h3)e^z<}|Pv{i>iT8}Z7qZgPg zAPiraqa^&|(MLkS-Y*vBg-+nz#A*4Mb!Hp)o@IH}_;rm9lzUkaEvY^ppjzbc{{YlC z6X@h)fZ$cFW`5&wdey91tHT9@b<*s1x=vfVYD99f6=Ms8|}axYq-i9JmxV01n9hC1&AdUF@xgsxQ<)O2@+h7J2l*t2=n(5DK0!rdZLxOr?2w zl(Q9X`1exb3r!Rae)|N&OR^_`}3EMz)7FLUR;l3;k~p630gy@|!I}2%bWncoq$9p&B`)`JjNi z&5)aH;Jo>j)|3VUs>6W+s0+LP&6xp8tYt0^oL83o5UbjXXctz3-v^mZmXxbkS#+0G z@d(n^FCFx-5qyRUh4__ftkqkQDl2zU--%%Np=Blj>#8Pve&HFSp85SC>X4hL2Moor za24n5Wet+39ppeAI5x;v-_QHv2}4Yw)7+&5D^@bhIjnW5M+H_SavzEOxdRHtRX1}B zE4+UY6@~MS5ei{Tx^_KOEo+QLZQh8{{kRI+o`wyof$wi)6^?Tom97_Fn94(*8fDrb zkCAQ(guk{Pyz{M$I^W~NRJ>9uFQ%bu)I?s`6GV+fl?7x=#W3U3PU-9B*w{aS;_QPt8 zOJv4tMQ;cKjh|)jh#N)R`vO?kUlN3<6H6873=HuK15yoOwN?tND9cd985KZjih=b# z%n&rI7u_`#(vb=3cG?>FQdbJSb##0?j7ch%%KJ7JE+{QHA09-=3cyKjQQrCFc4PPFzU4uH1@O*o!i`TFwi+T;k-c|XjVetU9;3`*nDEHbLzg?WJ zQS*uRr(vqdwR-M)+oosKmvBH?dA>w1@dJXH&4rlt+ZMhV3SlR=dueeQuz@X3t5z#`QEXdIf^;XlMWj1)TCBg<)Oa%OY9Dtian`t+rFaT) zu;eaOi4|c$C3leX>oU$G_?n6929^P!E|t-1OfwU)287_@Few+zXq(9E1RlA6i0185 z!&NOH!))+dD^7;T0s-#Pxu=OpOToCjsDXZ$0Z9>ffCdLL8So7M0Hh7N8%B1hyS)ag1&=TLPn~wuE zh5+sRXJv{XY^a9Uw92fOb^|p-b=e5lVa0)V4zZxC{F&MThnpVa*~)+je*NPvJRcCt z5E~{+<8EjH)O8MWyrC8?f4|}jOMOV)K=6_U?uykIOMcXBd|$DE~~@` zR0m*EI3#Qh*C27WkA6^wbKD~N1^ieZW&UnLR{lhx>T`WJzxfZng?zqcHYMO?f4L6& zd_BRgP+$JB7^6V&M)`_Lw2K$RPv401ITLEouS71XmDMk}-4&%%(b5>O(C}eJ06&Rp zzM{vo)DQ~tT(W@sxZ|$d92o?B9X#W-l|{7b>hoIy^hm0ZZ*J*7!dO>S2eS5Dy{tn{ z0-rfiR;^!gz{t7j1={_kRGrw*a@ZnE#j8@=&$vlty{1@xV%sp*_72fE9jL65)ar$u znl%AzDEnW2uXeyIeT7r!thXnla8O08EfxiCgruiI+dK!CBW6I*BTGU9r;eES5l0DP{bEO)FfC7sSZ@E+u zKnI=JZzEt8rCQv-5YEw?anZk!9B z49aQ{nm1b7J`Bkmd*!hlEn3^6I4Vjh!Fa6*F212m{S13u*XcFWwFs$sgj(2g9J&yA z3_Q?3>tQevv{;9Tg4`Yt@r`g@-eA#hS?WV{=~ecWYelN46&r1T7$H^DRk%p_zgRXr zi*9Kh1M!AuSl<36{Tz+?M!{}0UZK1#KZ6briaBKhM7M&bvNt6$IPR9eEko0|!t7JP zZZ(s+R4Z7rIEC$odX%5n2%a1BX52Z-P>?Upv7^Lk+OuNQg1j?50|2T~XeF;c;Y5Ie z1%w9M=gn8zE=6#grhwfZ3*QpfQrq=iE}3SAuPw@#aajY9GXTZes_cO#$T=3-Y zf0#mncqPWG;~)`m4V$uoLv@$#UzVbXO;c^={{SDA5G#Z(X>N|^CeTo;QT3tqDul4y zt4u*-x7breE}-DJcMjX`E_U0d&ZWm>wJhpY)>c(Rwu0@c;jd{x zm|ZgX49K^FP~@S|roxndrs_LlTA~+!H#W9ejHoKlFLJbKzdtCz406$}$I&Z_F+Ar=(jq5}hX-x;_vK!jDXxg0DnV^EVG28cVxe{RV9fgSI#Okga3!jz+zC z?KV;6_(HQwmI@?(3Mrsa#pY{t+XmmDeGpU$-Ae}83hKf!XuCg>gi3`qazPbV>iRns zEg_5ma4~vzb1uv5ZFOfN$B>G!eOasr=tUqPg}s3oQ~4o~7Bd7JzL4&qo(<4g*n1>> zf$9r<7q!dx4zxJ%KxYC00Ol@ZV08s zw;Ih`JEI`!3Aa(qV~{)_ar&^G3aVPAxt6x&M`atb4$jmB@&vN>Z|iH!N8BH3jm>^d z^VnXO38^bm9-P#V?U(7YruJKV5}MF#v=`9;U5vv^Dn@fqFY6sTDQ2RR=Av87&HfLbceAxi5mEh^$e^yoznGtof>m^B`->U|ja)(@x)E*@!E z+*`{HC605$*V_^S?Y*mAUHsQSaKzs#)%Y*f>i#8FY_OjJLw~3i#$A1R?+B14t6dKw zne{F%uiURX@A!ZZVyPQoXy&JgpxR~aEArOfMC3KO1YK}ZYt24;;enwD8hw=C&xxrz zYnLL1<7}?1x}%{?z}?qBF|9NW`G71|)Gw^znXO)4$N;w|kLl}}Kl3qy8|V%is# zlIBUECiwpVl8IsQqzi>5wmpCH0l>s;_b7qVs2W59i{3B$kU`~1jFszeN=vA5Q*Q!G zYmM!TL$M(|J`gR3(X(W7yooJbHu0>syYy5$Y4bv&A3&}pV&B+^inKlnM-KR-CJHKZ z4{?CY9}pJb5e;R6_vZ-IAbqHV%ugs8NU;EF`UUSYQMCR{6*tRK(6Gv z!)1|m(&>c*>Ej`~Ao?ZjFMEbZs2?Nc1~mC>H{x%+EK0-F3Idm)u#CH5;K|ZGxr62( ziVOncnLt(y@#E@O{XDALRq>k*WwCh;DC2!zY&A%TP^Pw;w2F#1%%VU(XxZGBbPQaP zTFXULm>AH-i=(0~M`j;!ZG{faEk{KcrK?jtIHlVWcpYF$0>f z;#xLR(a~K2D+~CWJD{mduohh{QBRwK-tPKUBDzfa12uq0h&B|e{Ea`Fi)kt#*K}s%d6iw|E%D~$U@Rs4wXwIY z2H#S`C>vRY&;p7x#C}fNWDm75`XV%KtogND^OMh$d)M2gr$13GK>-rgdZBK5YPax z%vu}sX9ld<#Ltn8UID-)>*Rj65`z=b0lpt-fbhV>Ju_&?Su*p<5@K&K92JI{$caM1hYMQFB zBP-3(4nYI)jUUzkFdW1C*u~et$Rk@HL0>QxH;4c&{{V4!bwIB$b4Hc+*}CSS;-%pK z06UB%ErZC}QrgM3XfCCeh}|MgI!kX?rPj5#`5-PNB~S;Iqf+XxMGBbhZ(jCp5WK-- z!s*AI^%hWm#U*Jt6$*F>;1u6>bLVq(ES?@RpAWJYs^Y8}2C`DJ(nx0AX%{S%$xHeU#7; z*f+tTqY~M;6!V|f4{xA8(v&l4;*aSSMLHH4G5{18M6tWSI8?C)yk-#I7cIiV2wGc( z7)=@ys||oawDCnt&A!n05}>KdBLFQ0I7U@`j4htZ#;prrYTN@`E-3E!x$YwzGbbU_ z8b7}0P2S%&R=z%tL2B{Bh)bZ#q7{_Ccf>3U2=7Ln@{WeNUNFGQZjFT;l)8-gMrUF= zn^qBRO3GPJ#$^y{>{ZY%*1T`#SWObocfNo4x7>CStFEta$?oC=OVW=D29)7uM$=%Q z=0E0^Xrh%tZ4<)(0NE`YG_?;ad7R{-QUSRK&xnCI;(^HZ0QB)IJwZanX`=rC+*w6Z z2yiR_p?g`#A!VmrL#S10PU)53g&E>d(T@~7qtO)6`!K58hWEfg30$Htt> zHU*=G_r*8J6-KlOnB%!q6|RBa#!O@B?kZ=h!2GYo50-;Jg%Z`*?qE1~-fPRg_U=@# z*0{hg0Sb3EGouh7FV3_}M3EvSEfAa-st640g%M<$C>0+P+c&6c9FSA+Ju=P&b_*XH z;g(;FG}J0}zi08uc_45VSa=nye0}Bs1PWSv*8OyjnfNh}^ZQ_cB7m-(KC}4vk71}( zhhCDYj*(ra`Cph4ng%b!hnb%cimGT=eRT9Mi!p+{K~%Bl{g`OH*-G>9R8xIH2GYx{w>L4#S z=8NQ9W&$RGO7Y@Q+<+6{N1U1fg;niG@hTRsv4L)h;p!GDk>VFp*6%aD0Dua|SHM34 zb7_PCU7S+IrQyB2Qt z0>se6N8(vqRY1(TtNMpbLqIpUe!t8Hp>EnM`^j>Ssuu{W!??y+Sv0B@3$dOclp1N_ z+WcG!r2^`sqKn&6=B&Pd;&A**k9Sop4Pkat+=_YxHeW-a+ik`|61p5~+|^R0@TPb) zqRXgKkER$<>HuEV#VVR~q$kG?Q)j%tK8%wDNjlnDP>PCHY}+v=)nsf1v|YZ`5N7e$jSu- z=av5eXR{1KqS%dtUY2AdE|B)G_FuRTXbi-meI@-u4k83B1GYuBRiz7G5D8THHH98) zzAg_#FxN^d-;MJ}mX+$ZjfaokPJ$#0&^M+n`&nxcWIWv4Ze7R~B+BFMBnp+Xgz8KG z00B0632aW%9`G#rzY(1HRj&kA^p4ytW7FB93R|Z6t;n~=0*W~MvUd{A^npi;sL39Y%r=$HLxPY+)IxIuL%aB-IQ>@hU+&4m9+CRRg9`d*{@8uS) zmFknmHQ$%Sw3TDw*?Pj2hm^2vZ2hMNOF1sUR^8GD!moCe05IS`>Ht_#!qB#N)uI6c zyMhCXF0BaJnAoNP<=bQtn!kr<7Pr&bI0H;tw0jX31-v)CN>YaYa+(W%(6AQwtd_bI zl$MS#ptZfPBfW({Mdy~Si`=8cAc;e!=7`@I!a_9Vp_K$xYb9o!EwxIBvrePLsI#VT z#TV?e%nTV&Ls#8w!=%{6dbh0hZ4O; zoE4|YO~iPr(DFbW-L~5%3kYKZG!}ZZ<|uJxZ!7aGEf6dgdOj=*K($3F3a1yCaftSx z@f4`0>(ee3lmeK@YMi>qq5WmT+-j|}GDnmC!p)g?im6qE01&DRp6JC5pS|z7eSC_+lc{fiASBCY7p$6a|M! z`z$Law!=3eYUt&_`YczE82tVwm=)<`^aqveIK~nC;p6n!%LIk8rCVqSc`KiCk!Mta zx({7z_?8x)0v8!*?`VSi0iMt(v7ow!?7K=0E45vjmFCMM{{V$t*OCT>ryG=`-w!3A zEp!3ly_b_TnV4Fwx7SHSaLX$|at#3Sal!t)+bE2}iabiZG9oul3w#l6OSih5hvghhCS@GTQ-5O~mO#a0ixYDJ;DXoNG4q zj`_utkW<>^i`hb_FpBlidD2`~T_~Vk4MX91;BO6@m!BwlU;*-)NAl#XVZ5}n%Bi0x zwgY4|O12(f{DQH!L2GX6uha`NuDYG0*G({BzH8wX4XiL*;$Kc|pc+0f53w4Ta*XPi zP;bHJW}LD$Sj|I;;vgDrSG9n&w7j}enz?{9Qd7_*RNT2hZAs*NR)TCawE=AcZT1ET zw(B?Z5MVjJe&Dmg+xYy&y7Ky}mWr)ws237fyxOL@slY1IhXKLDo$PKpdE0P2F{b5e z4Sn*X|V*soPrAXhq?6lxLaLRH%p-<*W*T7KOErm4lURfXPbxe&rY*I-!7l zx`-Cr`amr=t??U8Y!lRdslo7D$e>xVMHl_emtO6>fn{9u%L+2HutJ`z%%T}*-bC@*tkfPm#ei;K;-%wS1?mZmP$7vo$Tie# z^$yN}`W1cwygkhbST@@p825KUC<2F?gi*@$eB^iHJ9eAx%%x{`6#*o|y!cNKu0*|% zg@MsD1)JyQR%X324I4FARS^kNtsN@>g^Pa>vwfX(H6L?zSfwi*p#!xrmT|sM0Hlo6O3dp%1 zAp1?QzpZ(UMfx!+53?W;La&f_P-vm^J*1E*g+OldHAse=DyVyVKwDaGSS=k5J=g(b zN}<$aQpH|m0ZWER*!}t8keig(+-fe5${R|0;{#hveLRErTjm~M)T)!UYskv3e4z&h zfF6vORZL<4rQ8bRar*I(u+4+mQtn$2C#5e-4USR=yM?J-JP@c%a<9O~i2(bWiaMP< z_=KQc)`GzV&H7k7HOw4M#+teT)wdH;w68j1y3@}_KUJol5GD%WKYW zL*~7?EH*s?W7MStGO`xsDC=0s)uS6eQ495Ao*+?bP0+P59V3=9<|Fae!*qb!2W9VA zW(KA0N%h{rh;3*J)%@zg(=DLrJmY_uW2EQ;S7n_9#ht0JOL{gu=qHc-H zWFd5oTYf}T>r9t4G5}SgwBg$H+g9q>w1%Gz@%xtl01aTED*79jehfl`*cB}Kd`e(B zKxjaru-2+!Ut| zPRGir#WJ;VrHAFeF;eN@X__y0sH?lS`q{4)d8o3!{G%FQ zH*D^J`)m!xXx1o72z=U9^sfMi{{WHIzj}_v*X41QLzmx}-p~cY&|ORL-d+_Q0-Rse zYzq4@0D+ck`HDfx!rC2uJ(fpU)fyic9Ee_om$>^dI@tud=7*;|%36fb^Z}1o_YGFc zy~*Xf;Qc`ui$;d}s5D-Dp{;T9Kf4xdrMN4S$ZldC zL(L(@yiFT)j+3;ThfK)f&34o4N6XiiCUaA>X|}De#r(m+!A7Q$Jqwnx8ZpyE^F?5- z)ICuv#VV8(ny*qjOaX=npb98BMmn|2#0T{hzoL&N*yz$zWj@~$w>wm8V$Q;t1Rj&R za|gsT9OHGtOef!venYMDAgzYcMhGT1QC6e3)aR=F|R>)XL z{i4_(Yvi)8!^?=pYI|%;2baReR&B&Jmkss4XhkdL#G(P6ev%4G`hy z(I|Ur^N=_xSI1H|?yIu?yJ_O>M;p`3T%BEt()oYdlp)gHyI;l`@ik|*j=t?B7{{Ua z<{Cg%bjwE%%L0q;y2LL7?CA{y19h;0P4%iDAXke{hbzkVc@_I|J$W8#0B^?Ku#NfJ z-9m)v?T_2li$G=L6rhrd>~g+-(!aSJj#900L1fwCY-8|U)2J_yQ>&0{QuWo7aaPgN zeaxkLTP$H*H3fv6YalBLfodo?p?tGqm@N?3;vw1#=H{JvVl}? z)pkBfptOpV?KUk1v0rADidK|7bj=XnwuBrDl(HbwG~LPu#+}y9ty<0bnpai5_<)lZ z?*9NtrH=*LC1`splqlPUTRvc<(sxnasjd!p8P2LztEa(iK({&U`JDi9R-|?XoVBHv zmL%yEFX}3~?=}03&>9=o$E!!qwp%5E0u@7DjyBT!=3PUIkr!kEWv*Ox6+>!lsWr(V z{EV$_z+}@v{d&bzvNiUKn-Pz%%u2ycO)epQK(SKpyHn;{-usU*Tp>7v@F2zo2EpsA zhrvkcD2+NHvhqbiS!G5Ny3^hYE#EyL*m=Ep%gseo=@hUZpZCPMu}k>Eme8k+B>3?8 z{-7mn&}LXb3s;|Wq!wC$zr<8lc02?V<{+a5g#a`Z2bW@cGo7lh7PZmx&7n=2zERJE zJ!)`9+mr=$<9=bz($W`-t{yp`qhuh>L*2t3A5ghdtvzkgh1L{s@Jx341J}pIr6Tm7 zBv`fElIF9DCYeTE&DhDc>`TkD@qyqOsHiCQYo1~6F4JrPnN5}BlX9Xit#(V)B~f|6 zEiWzeiqL3s{o&}ScgEo4S-z7X(Uu`atd;Nw@AWMMfgm(6{XY`4w`=i;G1=ck^&QHl z(Pey86)rURU0iMUf^?|+HhoJMaKIlg{K^QmOFy81$LZS)rK+ar~! zZYIc)Y^dJ8{7utWPT9$$4~7a=_8adHQ39QI{N*WKn$v!M(7Rqim{f{rAMljXe&=$o z=LP^#>Bc<5x+bNLy^jc;dQ0%&msx~_ltbF}G}Y4L!u|M_5nPb4!>K`tx@^LJ^C&19 z^5=*f6r(xQ6Z01im%)Y?R&O8`EZ6dYTOW*Oo?f7(64$?3ayHu)L3n&7i><2%C7R#w z?kN=xzx?cU)fZh&m$rJrhTIYj97_wi<i&`Rov1h1ZN~)=me6;6HQB z9#5GILcg3=)hW+7)OD)cf2pgjrcDSHOJ=;b`6@~;n0dC#21&J49w+BN$~x-s{iTyZ z`P>xzF^!K96)Qc+69d(ejRqei$*X=$o_$H=}aZblZU9^J`B$Q8-2G2^4L^ijtUB1mP$0Zqk?T3UewHOrZ@hSFK zailFPtu`&CUG6dh%cQ=TKxH1lglk@64Ja#HA#Jj&*&8jfoy5d^^qVYPg4V&h_su58 zkg!!Mse%#51ERA0FN7dihm?t}of66{u+i3R8mI{5wZ@Cn=7KhHI1j>ztpGf;zr;g8n(_dCZqT;C_S|tB6MkCejeV+wLimCOUulcldha}r7!;g zVrh-pNcO+!u;6?QmQdYSJILDBuurkG`HuH!`=U>WZ=AOx#8k&#)d$Z%5OyAzw&|rQ zZut3P)rY`-BGN4-kV39{dYedlTvoQ;y)lbM+q6Kyl;4CTQ>}4?)L#Bc+`Us)KT#SK zd&kUbEH&JCfH?)JY)h+G4a zO5{LK8!WzhQB%OS*xOw78YUK=ZPeg;N@SIpCa48&R*Goc>^h#%w+@;}&g*gs zwUp#IEcl>;AarerrKxW!iPRb@)F3W3@r1UP*9tZPK_{SGYu$P=AC*U1Q>{&_Um$&V z@JBZ`sttWc>mgwQqnH-}Qx_E9FilrIH64Q`$kH65#FpKuwR!@ZZ*sNlHsJ75p%xT1 zy8$6Ut?L`05U#W8Q^-DjiBeHG-`q-ODL8Dq&Tkf%$W>wmNmv7>aH@L@I`yrFvt^;7 zMJ{X@ms!$;RRzuQK!&f1yA+5$_D47oR4Jecwt24e(L~-i6!QagZh4hA;FL}Zp!xE6 z@h;@x*4)}>Ah|a(aLf-}X@<(UGHi?+lLKkD%-nlI*mmOH?g$gg5qwluJt+O5qqodBiXMCdj4fSfS*$-Ox7n-=4}#deBQi8Nia&x9ywG;1taYhT%j zS}h+|7U^+03b{hRGPQ>r(4TR8Ae6iV2pPIJeaxSD3G5w}AT+ms;Vj!t)9`}Gw4>gl z8p>}DVF`Xz^8kmFt>B$aDSV+-fwG&xhCxhF8uvcn&0IvrT{eMp7V}uG%-abYPMZH@zH0PscRzPPIug`vUF9Z)nCVyi^`5eVur?_ zvIU93edYkymQ`ZIjGWC6E)STuN^jTY4WUQl1(pR5%kv0awzd)>w%Udl;$B;x`BX0O ztgv&*bVJqv0Dgeh=0UxB+|&#TS+iO~XtR&_!FCHvspzU4uQ=k(KPruzTz$X01)blx zHB-?cDSY*aqn4dzoE;7G#r=y!YiiRKo>IolZ`cwkPl9Ro{dNYMXeiKE@d!+L(5Z2H zVa*WxzXi7_LW80-dgRb*HbkXeUajV(N8!-j|jM6rn86^qkky48eWyzT68_bl2A&74R!rxk4~OP zs2~`a5fo8u4>G1`L?0`r{ur=dBou-tms0FVq6v_NoitJ7;j*Qdl@q?utlDdf6mo!c zeV#lu_3mcAO4M@)%PQ{7y00$Fnqrd?8yS^#?Wxc~zCI7QO zEEvbe8j4VQE?eB^k@|w$OJae%I zRN-}@=F5x9>?{_f%#G=>+%4EHm(%7&kPtK~mcI959rIverCCqrIz~%WJpEtyvdXU3 z7wm9BXCB$=gH_-|#)r$8N|dH={=Ojuxz~cvfFQwxWh;YWZ;LLy%K$(OTkuT?31a-y z@$m=U(X%@?x}Pom{J|{hy4i>zOZa44Ap8)Wc(b@gRAtItHtrpu%NV`2fVsU2OKKP8 zxYOu&m@O%v66l%#09lUgjKKz<57t+{X5zT)t_}`CM?$?qajW5*H#|yUBklW5nEwFO zRkN^SS&5p9rE|@;VZx7xV-%<7Q63At)(~z*-?S|Iewp?4Y!ilu?j`glUE1@W#!P!)WlVF(`3&${Z?Mm?oyj#sH@ zpimcG>>KS~8E^s%W-St{!J8etr4>&wbMq36wwph9EQIJJ9wYhhnNdanqP@>~ZG1)$ zf?bL}cj{B`z?Lxn_=`q0-@tb4q9NnzisY%G*Al=(Ep?NmPkv8}?NQ)_Ieb7BXwdWD z{mYCXdVBt677AJu^DnWGDrZ1m%ecPjfzk{cO0^5Ygom!rOe#d5X9&X*g{=y?ggl4&Qs(S$g~~0*PdWCu7cFV z@}wF7UW?B%@C^&=Vuk|BUFf`eUKex; z+)}Czo#&W#Ugw|}7hHMgq%8*6K2-}}{t#VP3g+s1e0ePM4ffj`cMLV6o~|1lAz!Yy z2p$h`FZU>uTssJhC@Ri~<-2GgKk8KMVx_;BPno-|hUr6sgnv@AgLiH$KnF3ojui9p z4(Y-0l!z{k%Y_^6&{`|)YGq~#&bt#$FYhX1l&iK&(ofD0fca9CD;n9TR0w^xAXI11 zWd{YT?o&&MvlHRJS)v*c{`m|k)5oAZ) zA!Hf=OC&6K17#k9@{Ordx7W;7BI-Lc!=Hb|q^1GVJ}&p4xU_4uDBr&1S*0$|U#V*; zS{k@5ZD+nh<_G1h0O;KA8=#x1uz-B>WJ@Vk>Ue4nuH|G5yEj7w1p?7~^$eslmj3{m za}DJv2@w|cPX$HaVi6UZZ&K4jv#O_qP(9@>Kvs2-cTl3W*#pY-v~;l}?I^k^;b~uJ z>sbq+r^{m6m1nj^r3+temnAFa)hR4LEtix9{iA3N<(NvxO5;3EU6}Sd;5=2bEgM08 z&;xn)bn$YjXm$HgUAntDoqm1edfc3_OrwRc2&dLUHs(ARQ<(EM$`Ti1S+RkMiup8`h`L~PPG^m zS`}p@_bs(I-hDukt>#YD1l=2)Z$xnN*zzBU`yoM~0`&Ou9Et@jMAQun7e(|%*TajQ zT`XN?T^(ikXxnA9ly1(|170C7k;OK>bFbsfHwcKWmNscfHgbsVxM*JIB66e44aK(_ zRrRpdSOa=Mh5{jO{Aa~P$)eRZ%)gmTglfExpW<3NhZGC<;!tJJq63vdC2^@4m`05s zF_B9h8V))KTq;&bFG~j$%^7T$8uQ8`_{Qt3$$4|gSc6i)K6&C$RTXcwOMC9RzzAdK z`J2M=)qHDeIR5};u*wMNA?rUd(g7H&vZ{5;@IF0EG`IQ?m2R|qXY(wq3#V*H0OpeM z8A=7bii#9=8Wb1e3e`Pt66O1H@JCRm?A(tXF^32Tcmyqj2sSJrjlOm}w5n*aDjjwxS2{N^R?SD1PJIVi8j*KykiL_MiY&ZYLvjuJ6nK$UJq_#Uy2s@sIkNYQz-N4>3jJ)sKV*I9K5X7PkDr3!$$sl+xXgxU37w)kWE$PNQ&EkV0pJ zY`}*~u%whf5~ZN3_Yny}%h=;!^uX0dK358zgWqrWDc)%1>LeN{ENuM3Xa)XhoX$-) zDZE${3;9I?icUba?0d)JF|byq@-7q&fI$fy4x#w3*Xb{_$FXx12KEfK zKu-(5Fla9|@`j5~=d$X)-q2OBSKPUV{l_DruQ~SwSD%<6;h!_a@$&kBx97)LVqg1~ zv*!HDvYqfPM#^n>*lc6t!aA{QDb!#sZ2VyqHWxK1m5*{`T7OuK0vxi-`WAymJqoYV zWbHkp8IfoeQ>}E0lGu8~s>95d(CfEaV*H0M5m?sswH)k2M@#qmiWIM+O6^GH91?)s z8Y_si$HDRvFxNGc0)?`lSwkuYobf0=3?W#Uy> ztYK6RDN8|d%S$P92}bna+}hAS_X$g1ihiMWG#>nxGBM}+i?F7gS@9YmJ>TO83omK^ z026?Z&1L0_e`qT(P*PFI4};*PQqq@ah&pVWGOVDZ_0r|JHd)HQ`5ELzOO}2mr5jRo zdzDZc((&C=g|^%NCH86GE&NSZl{E6_6GN*nDAuRTZp&mNVc+f*Xi@TV;eyrR3SRLY zg3!Jq-k1)*cR{{Rpq+3L|+#VHrS zTo7CkAbkPS%N010*xbr>8v{i;HFiuH3e75U3f?as_B+=%LYLE)>Ea2Oe)|w>Ypd*_ zL0-))v|Q^UP=>wor)`In+I*RdCMbY9^2Naws=RY4j`=eXuIqh@6tOqYve#gbzZk2$ zGS}`2v{O~MT{`Fdz#w#O3I+m?SA~D}Td6|zTX3``gSRdbc76BSmS8q%dRcbRbK$ir zilF7D`vUgCSlAujL09<={^JJ#ZQd*2YPYjYJDuD>&=V@~83?;b2Oz-%Drk9&BhJv}fsDpT}yO@L$*KL=nDe1%?pE@!ngGA-7 zBV%j5Ws0p|mRee;b&Jycu*U6XDBY8gwC5$Ir=Fu&KbX(vR)!3>J=-sQT)rV6%8*K5nq_)5^>l0i>j@X&Z%DnF@@MCL(j}nr!Jxm zPz_ixy-paylT96dqfo($Z=I-ht%-#t#f{<=KF!Iu94IQdM)db>1hhP?uELxcqLvB| z$NQEO7nCXg0O1QnBbb0T1KS#0px(~iYw@0?t<9%Ag2ku9`{dQvI-lls!k0Be5mpOh zFe?SN%57n@$QL1lfrfSpgX*i%cKs>BD)D1S+maq64=N(-R$b|ulX*~pvhk?`;~D;^IW)KQaz*oV?Ai_Haxvbg#5;AtHJ3i3i$J+A|DFE=;Oo(p=)_VH3U9V z!Jb;NW-ssJ2rpRU_sM-`=z{%E0EOV+;$k4OsoVOVLhy+H0FbCan~30V(5CVvg%`{~ zeSzrP`k6B1g21AM9I&*~2>@kj5g|yme0o_j34S?!q5-Eh_ZWyi#2{BzT_x{Z3Y;wq zH3&T(d<7|fg@?7O@vn;EOTN}uZEbpKu)=@=UI6%)F9+BDLg!6Y6z zf@c^vO!76{kOODxar2J={I7KcwfaD8%lvfV6up4r{a^8xm6!*p9EwSL!Uq zFx~w7f;2{*IXs9p$6_|==Mv1U9xqW030omF{`?~@aR+V-C*nNORqE14y0 zzc%vZs(TnPBM1Fp+Dn8)bY95|n?TRFtxm933 zpWd~#Z~9LAS2$l}}* z92B`($w-Rn9w2nSns1m+29DO4)g!>wgvAkAVwbQ>E&ze+So6}7#Dw%McDf>^P&K+m zsc#i|Jf%(?*xd!Q^N7LNr>U6`rGT?ciW_77ry}w+Hdm=WGCPGAS4nXWGR2hvstX3l zTTmd_(sEvK2MsJ}1@yJ;i7QoDh`%$iXcpKy;8NeD28w)NQB{WYUMEF>Hq{@fD_S0P zKbTP&?Y%^!vaOquyMxP6g316QueR2R7lB_ofpR9b@M5lh zb`);x>RI@kBTK5cd`dt^*?yq=6mGrIRUT2oD6-@88cc`43qfeBvcRL;Tdkc&;{wu` zRziiKdJ_>zOa!#p()In>Pz*A{{{U&dW}R53zH50ZPZ~p$PhFuU04*8QB7twL{%1gK zzVS2y?(ni6)hgRc$lIGL1P|(`%pGi;0^Ru05H=nTUHA1Il`CF3a45EmVPPQYq2s@p zS_Y0Qq7n4ryfTUJ$fsqeS@RUGzcyrHihYxkTYk_U8{xP{7vyB1Iri#YtrzmdzgB+C zM4=PTV-B%?Oe5076?xgisq!)nE~8#^)V33uYcc(H}ZSC?U zwxKgfDlM|2i!09Fq8AVzZ`w7B;<`%IE1G0gRVSRtG*VaF09G&V47&}N)>fr6<%ei= zJ+hWlO>LK))#c=^>8m}m>(f42p}&tZl$fu}5>+Rwwk0}#*bNrXO%bt1hol0C-$p|; z;mmB+uKW=TL8cHk9LUnv7Y+?k?kf|`-iYaaeIoJ7^w>+Fdj76<1;SXB>&hbmZ;BTk z3p{#620iT~(QH1Fz=GS-aSMM5USoB~XHMo!;)0i5Nksq&(TUM_M}rTWuMje;Gv?)s z;GnY$$Ew*!)ddBZs4|=(Wx9gopBB_UJz%1&Ui(kn07yJa{{R;X17lOym?8)YU(osR z#qS5EeOZspK}HQYz5=iLLRFT4zGYsWroRv=vZxi6(tif$w)Y$vvq)7<^M00QE81;z zp}@X!GnAmBPuFFXigFC^H!ltV0hO2c^dQ6nHDd5;6x6*|Hp-tAON^#H{SX+Q@u?vEqg~n>T4Z>lI zQoRSL4jNO5WGZUFx+4f#eiKX}^F~2dDX$14LTiJ6aDeZHceHmc^DCi9K+3JEiot%c zm@UF0b;$MtiZm#L8dz}8OXVzhnn18rFWf$Vn2~bsbI!=y7xflI>)0ifW5I?npszF} z;2nB76Ek?OksYJqvo>;Qmj~RtM`)ou31YmzGS-Y>N}7MmObHN~x$zz}b6D8oQ2E0UY^dDi zbyOYjeN7+^4{tDC8o2EG7aSI7>A!?Ls zS~+o%MFLO?p`m48NMg$PmOpa#`P%_57f-NGqnDUKdIJ_UzYz*+mKdH&$Dy*YEgA53 zG=*)H6#c@-5Y(g(aSXc_KBYo|Dq|pZh*-t|OWq}}zXKMK0#kw5>bN>pn2Qs|7?~_p z`a~<+IF`$S>kI2)UaAvF0PTnNfK=C4RB9+B*|Rf_%2m=?@~6<72^h7uGN{n>{l%e6 z*AmkYFP_UwACMt~MEXRo34aK6MYp3Yfnhhm3YUWh+1yIB9R{=1is+KXi$C;9MJQPj27B9t}aavi3PH&v5gi5L2&$`g8TZ*&xc=W-gWa2 znezqspB@sn7CeHFnP;(mMyo))^p=?0q*g&dD{uh?Fl_1YQ!Q5u_+`2$haHSn!9fAS z>weQE8|F#?@H#>xqwO<)@Qp-s;fxI%8Y}7JF%jnKelgdaG_uv931+3z=MR{~nu6_! zcG|N_e^9+jtyuD#<$o+1HLU$7f-lxQqA^k1wLLIbS-GI1!*p~C`HTo{z=fOpZuP3k zb*u*3u^TRh-!qV!h^)E>tMh+g_?OEx8q^dp3ilcV#~mVxej_ccMvYkW5G5VN8uPUlXTYk3zB*kz+^uxkAmR+NFF zzc33Z7oe>_62&ve?MqP9946~*6%B_1S8Dwc=ribh5W&T(c?YYDbCraK)#$XwRd8Q3 z<6?QYr<59Is{G>?JrLL26_&n!9{U>DD?}nF&YdaMiB<);2;3X{{VRRAzRP;gCGDY z4*vi!@GnnLDP{}T0_TUULgt~&5-NcDO-pTBLRuR%U+?B61+8tGDNctx<&lVAgeC6Y z`apvoo|4b66#oDXjq0t0SJmF&2gkM=Ax)B*F-Gau#5`52$6-v}f(5Rq1=v#^$%D{= zVcQYXCrwM^T(6mUdibtE7B_d|&TU1i=B7qb{{Y-=K-}w94!jxH_ZJ4X8~PviFn}M( z`M-lDz46EE{{Ur*EneVjO}N`2C`wlGMa7yI!&m%D$L?=c4O_-kZ7K3)#RE^Q15CL8 z08B26M?Z|A+$dXY^L5MfC0^RLcnVivNC2T)tXYzt`-;S|T_LuNQ{(uSpy1ueDX@Fo zTBfhhjG`7@*(oRra;Y{g6{4MsQtTU~yg!Q?wTCOlASkn3r_l(g^Fk#At;|-w<{yO2M$w_s5=cOG{JUA5^kh0RB>eL*E#ngPxg5 zWmWM|fHJwM-B;&~;sbn(_?fP)cn(G*r{yf&EA0SKo0n{eluKI=ay0Ig>}}NQwj0=2 z;MWCfL=lAM2`ZWzwlC2iLki~U<8Ms}>7A6|$`3`QU>g1|>IW{}GxJ^i#7OL>pYbox zVPnXv00&l)V6SgPbx8*}5QNg@E=sNatY1|sh}H*`F8zc506%bbGwiAwv;aIlBS0UP zRuJxMAQA_*nBEg#ZbEHw!rEV9W`KHyCHTIKi%iUQBS3Hz&UyI3NH*b&7MR<7Nb+uK`z5J`DR))4(K56rU?r3`L)Kin=$ zD%IBO@hVSy1zUEm?`}Kf76trUqzsw2>P$0bv9jXn%K(h8>o3rd(&;qgv z;x{%H76iiY6NZi<+eS2l>%D%YN!s}c|U>&U`!Y&1%US0zy$@BiKPIoZw3_t3>iHa z3(6H~7cM9@jlD`ixw?UlgJ`_?gacHo6hNS+mHm-MfIe}8*Pj@d6N)d3qvi=2X6ltu zik{HyfkLj^EVy4$S3}n)BE4;|`G>E`cAKx%c6Rft>m!~Q(fi#9o-H!4vlD+3=nKk(AZYs-sN5SvZK&mllNA46$Mf@`h zQ#-5_1^!qyWn1#(63b89vCs%L?Sv(&%C{iC176ueA)K}^Ka$iQpL)wcZ2hyrPkmvO zUeZ+$36HmBrKn$vZZ6_}7hz}vih=qmZ&|cc zo_tK$W1o{{^kh0hPz!K85TK#z*hK{2Hke|3D$(o%$C5tVJ#P@#V@I{fU{D;`1un~7 zatKS;E`+i{eCywFNB8t|y^RhlcpI|QZPpP2fUwQ9Y^gi1?8>-@8kVM{df z_3!g3NjJm8f0&lmy|Uk5@2FmbcQseRh^ToF3xo=X4ad1c3iw~|iFykftDz_Y$u>lF ztOmFFAOS^JT=QQAs_i9iak zQuYFsVvG2LPLBrlP#T~qx3A1qv8=1=bD*Hs@xT3q+A1#p0E84AW6*noa;5ft%Y%Eu z@Q8Ck=h^OB(zS!SB}i?$>hCKX|B6_V5x z7wHQqUfsf6I-Xoh@tEm$P>a7E74;9p^kHq)TfJr1P4>bA%(yrAEN_JX85g}-M?Z*& z54OMdY;9`qiM-K);7V_XY-@9gSmn2vn{*r6WKYadWR{IFjg?|pk-d1mj zzQ0sobei7ZJMdQoP z;@F)&kO(8^{iS;W)v0e5jHif(y(+kZD2Z0@%ob3CecTD)`cm>BORdW*WtC(8WuPM5 zEiYiUP~-TNn2xL8;tS3Cg6y+;`$n+>!4*Z_!Rb!_I%E-e5IFBbE^2{VCb}QERTZx zWknyd{{WDLO;)$~g}uNkA4t_aB9UAU%jgm`bl05*4!$lQS3!5fZ6Z6j@t?|7fi$|ib`7u!``hTndX{`hO@=%oP)6c2FKmb8RI$L-A zOBTMv5HKLLko&m3vaTXknH6AEmU*DH zshwOaG@(c{Xf1XHvz1F{uCHO(O5>*2{Da6B&i??!Tc&{`tOb>dC;@WUe~D%k$TMzL z(HIn|U4r}*i60LJP=YnyFVE&$6$zHap;ZfM^uBHULHc z0P#@_HuUg-yJ?u9Rj9AwJ=N0Vs{Gk6no{NS37)TA`-ciGZiN!ur^~_sorl_>Tw0!? zoEq^2riBm|L95F|w&))OLluu|;-b;pfnddU3deSN#IU-f>KZ%c;vj!6WF@MvR|p&z z%F2bUH?w^P@4{_eu-4j-Nf0{G@Rb#|{OKA?RC5yfVHvgkGAZV-hQ{0Q1gonl@RbE$ zP9t1b_(#I|%s@j}ZX#7z#v_2Y^opH+2&ty~w8|}tT*LqtJEOC>>v&~=wy$YYilaf8Ve(fG36Vi|Vgmc?T5eRs zxT@(9g3Jm_puQ=yZH;)bI|c8h)NYg((;F*=;j`i!){M-yrjL%rR3-Qx!q5_>wY!$A z`kX+68s&BfFW@PXrA2Ka7!WlLLSMu?h5U0R!fwnb#-;od^?68vrn0akJ6`o~Z~rgP#D3T2?&Y(pyRpW2LRsPr6& zHoF&f$h7M5&BASSPhEygZb5vXgY^|mfvnVM18iub?l%U{VN#71psdMPf+*E$-4MR0 z>T(7VuqYD}ym`4;kp+jJ?on2&OF91lWx~tX8}Z19I%%$xFyse2_X|$wYm?l;t-p?Z zLk`0_D-V(AMDq0t?uWr;>%75gA%&|>r!+>PDWx1;aCVBaC6?AX_5m(gM<3_Rwo@jn z+y4OAlSJ*u7F^plgs0?}0ZYFJ{Hg>ZhR+ckS~?2(Wg4_wM!yjR3*L==&48Co_GnR9 z0AJLrQ9wyo%Q2uDA3W0tjLhW)?S#_YU3+TaH&{)kqV`6FW>sxcgA)*f;hWJc6 zD8D5u1&-pYe2Y~C1bR|5m!)muGCdZdD~*A0(w4Zy&;!Ww22ycNvvuAEpVY9W*Alf; zjOT-Q^8nPELoxJqE{F4`;-L45z?~t4hBejYZ5kx8gLFSZxfH1}~J|ouZXG=4p)!|M>I0fbO!7Cjc9yXjdlBTuxwqr*eHWm8XGeQbz6t@ z#ZXrAwQ+(sYU*4{IXY4g0k)XOPhbhLe~Bwj@>^| zXqRMV3;DuyAHq0wr{IqJ{Weh9Wqn2`RQw_o6z8dai)NT?v=8u?0Y5y8eLt*<8(aHE zMYeVju_(N)i1~gxnHVo~f>}h1r4E|KpykFHX&=f|bXTBm3N3wI66X5<07+iUS&#IB z7F24hiBu!bR6V8nIU0_&$PpqJaKMN>-J32x{uqv^w#E3!ms~t+^B<^&JzTw{2S`B& z48Eef<%~2U=jkucvyjH?N^N+HXLsX?QV!dYRH%qCLIC`A60kR3-`t&C_=8}MoAiOL zLHJh{SEo21iLI#)(i1P!;t^m^BMs1aPcQDuwV<%U(t8FL?5iw;4UJz{6xIbrDZ0Mm zI0Y%El+ZbC=L9jUyQKdBD2kd&!VbD5VRpyNT2NX@CZZymf$EE>)*CQeQdG@tC6QrX zrA0Cnlp8guu?cu7MR{+TPJCS+Pyn@l7Cs=}IpqfujnkN6GFO6hx4|FYDOjR$8`U}H zB5kZ#9qM=hM%UtyPWg{8G(`uxr~C0LvNG|u7UKGR!v(_*A?4J zfZQOyU&>P}yVyqU^h2eB)JtcnOcs8bi9+7|C2H5ezsU}(Z|M}Nz7>gKz`lmWwQmRI z8B4d}8`woK@L;iG8R;zDIQd72C@Q?N8f~r>WAO&6KK&wE`s0&hZgPomq&M2FidNBQ zSxPNmTVY^Cu3NBb@8hfl(7rX5eID3Xk;?1Yaec8%b-868EW>3jR#Wi+O1Ix4p0(u3 zLu&4Ll)HC4Kmm5!z=dEgz6nEjJ`%4Ad}2M{@Rle)tk~Ii@Ih_Yk4b5v_F@(|@rhs? z`a+-;UYP|Te@&DOy}mMDS~KA*7JkH{f%v2WkD{>J=sv_JVe^S>u+M}*bzdBq29Ksi zAwPtzE5_&kz^a>hjGIB*^I1n`J}VW2zA-A({1B+FZyOL`M(Jq}7_HNe#nA6DlKmKb zc2(f@VljJnAJRTDd(&d-sXnstN4&1VSDWn|`uLd(E6qRbNqUS<&NmGi-{vp^)A9cR zu?7{~f7mr)Ve!B7FW9Yd63C^rf9$9xQR8RC6#$!7nN{Im7RLgy_3Y5L9!#|~SBgv! z(P3Y6mqY7u-EriuK@qACSUwv3Wl}F~YjaANZB^`6>2Io^?p=Wg!*94SmGzt;LWM5W zKfb^lFgsoOl~GadawA~X@Gz;`%|zp4R0Ek!nkpAXi{#4&p$)|<=bf#sQozvfbQ+B! z2)H9}Z?!Z3|%%H%FnXn0+cYM?*m!cNtn@p(oqzb6aK8M}(i5QEj7H$S?xNXMexyGB-9TF z1kB*kdgCmpQNHVoanCHLV9;$-#`*Utw%gjmZ8lmaP@DyGlV!BILo<-kMINbuG^Q0_ z;&cKy0EjrERv4*KsM*h6ex-~hmh^wwVPm{&42z?*VN~_junZk)>nsylT=VxVmoL^- z6Xa&Ch*YI(p2o|=!Q@(+w0(9c6rtO{`h);EmZDSmzwUEQ2Zlzyyl$(xD^L@mtjM6R z##rk|x1?X_|^kc{XsO}!*j(NvpS0H!{M>|4B}w}H8Bu^x9KZw<7$$PPmzhToU5c;D6pkY`Y*5$ zNZxowa&?059rG1zD{`(DnzzJsDX4G52o-l2H_Ny5m|s82J5>44DBvB0<90((FXzTs zDTG=zZ{A!w=y4bYJK=`H)$CA>F-@(H@|QFldr;c?eB%Qbg`|3EN~lA=B89ZS9uoCh zMYfdsf>ld+n=GYrzHtEt$*2qS)E6A!{l~3ljXD!aA7jBGKSqhqz^BKhNe=n^LO1i$yjk=kqGLD_>}O zxLP)i^4M_Ym#~nBXncr1Li*|1Z9_ru06N0O{Eu8pCE_;emB^q8q3Sj~8!nIve5KbOdnFauRUy ze>ls=bkd+&)jm4EnS61Vo={l=!+U&J%R;}FVECs zRi3Cr{NBjgE&Vnb{CAjNH3{{YNHRVei=R?G3&Rfk)F;h_eJ zen+Hk9vH^jjrfX%wJ<8wZOC+mz93oyZ?XlbyN58(w7hH%UmG3%#8;yK04QkS+&gNI zSjxcv04S|h&FTtLYTr;6Pvt5y>*0&1gO-(rT^?;X@eh<$zPomdYo_)K^Qm^s?{dwmU359b_EVim^*?B=(n%YvSLzQ1iOqVT(}8v9&Biu8aQTngafN35dr!lt8Zl zT51@9MCI}w(M&C@008vv6<{u#$m|~*ZWtDhU7=SE`7wYraaNf?&jo}s8|QEi0@Dk? zu-nUa*r45-tuhgMRc5vpu)eI(3YuEyQuj0-uE-Yi!EX8g05YfrhIg=!v3)xLq%C{B z{7WPNx0G_$4~GDj)$`f7CJkMsu7)*Yon6SNvQB zSh{aS0@1&nN5xa$vBZ>!n^X~2__Fd67y-thwm1(0xJo^wf*4RJGG2j4%-W0sxX^N? z2lIF??D4CJ3Dsq@<^t2l8^(%HokdI?GWBsAtNAE_3uP`2gsxobK4NjBcnw`aYK48l ziRxmN)F!J=aZ^wQq(DK~CfTy~sk+SQ9ngl2F4|Xy0Y;4&BS=+&LXa(?UZWrZ=m?2z zqFSO*0KLV8D*nMsp6(!3&>Hs!%>_GcWmZ|Y16K+iWHo~+ z>K0NJcZxc|JeJai8ttrz+t@UtQv&{+S`%D5caJyaP3=?vj*X+nACTc zxyY~Ji$Fo1iA5Hxc^}|DAW_Bb#VQSP%l`l}x`&?!`;|OuEIXccid{T;+Y~^8-kyer7pC`Gu@s9hQc@d4x7oe{*2%p>mt^ z_?32wdu#%Q@5>3WnfEIao%w>qn5{{Yh?uRoigRKGK$zqv#se(=B$ zq5R}WqItXAh^Cc%@FBIq{N!>KPu`xSTvR zrpoD?v9Qu7%gBJhI@Z49wgnrt_=fC(-w8!U*{gwI8#LkywwrFefkjz+xsXqIhjh&8 zcl!C8yqarOP=s4$rE(s~6#1Dn9CZ7L3fk#4g+QqLb`x{@A5oJQx@@L+SLFnSn^RmGp(BAlp88>fsS`{k2_5T2{ z5Ei_M>Z4V=VD=qPZ|%cs2KM^;fb38@eL;R*{PuBUX7*X7J@KekY5@Eu$PX>v!EMt^ z9sNt2^t`@7M612oNM`xm$Zqu0d3!DDwY%GXCd__JC@H@8kSQBr6|$VR%IzoXkoR+| zcKyJbqv1vPngZGK^UN+G>i1;

tRWzLl{!KM!Ff(w}*n=@3;O#B{$mKE`~d>i_^=_Lsw5e_GrJHjIe&`vf? z#h%ymkO^vjm?cCK`ezuQv?vxnbpq`Ge4s#I@{~AV+BO?++GThAr)t;TOaU?WgR15G zK&n^yPC}IYp=oFB4a4io2ylVAnRueQlx;xf;ncgGL`7ro126d?**V8h`W5L@8+JKx zMKpeVn^m`h&`qQEosE-)rernkQI+y{so|v!nwlwWP${57-;@>`ecCAUm*V|_uzgaA z>In9T>S)=kk76lM)I74gOt`2CcVgQLp_^VYM|a&T5b?nKYV~zL*ZoNHuqUO zfoZMfji8PT*r?xX6|+QDdB9QvN4kF!@|tN{gxShYv?sFXRsX!LrY=RnHRc$4UP6jhhf1NoGeE@MWDr}2i^7XbesE5y`@~mMrsV>x)jGI@DrH}gBrn_8hNJ|-C z0dr@gOXL<<5pMqgFeU{TSMRt=hSQguq@|=5O!1Vuf(4c1UL~UM%{R$xu%7nBx*}-Y zLYA&N`HMw0<54x_UoaIej{HRfrUzKEYo#5CS5Ln&aVLflumJHmz%EugIY>!UZRJ>QsNQ_T6+Eq8;0gurc@ugubh)+f@|4XLDAq7Q zQQ_aI_6yr!BVar&l#Nr>td!^{g|LK+UGA^k1oge5F2Prdi58;1+nmh@<`)9{=3+|r zUg0fK4aFXmXHi^jVY{eys4W89HS#lw9jSd~p6Zw+fBCIAtL?jJbf20uz-1W z)-k>hY!vCa4VqJVtg54S_S-O9KM)pdKaiD_uKo2dPzqhx6tcGsg@wnU@(?@s6q<31 z4daY7rL1_a&mPfGVvU9G_+o)?(ki_NxB;zrCxv~XE4L+p*6eCpPdUkg3ueu}tk|WE z4z&8lovQp`ii!j8FtKv8xQ&;6V$?4ynZ7K0NmFMI*RgR{yiJK_HjlLgEjGI>q+>^P zq`lE!&;DSl_v6wmu&UP-%K%L~&PPVwe(`K}o=VhImOAIKtx#WXUYdo3xG(H@{LckB z>8!J}UJR`fS}Z;88UomO@;U)R?&Wk%J#)xmOT{1W9RkSE{NsOsIayE!v$BgUTlI@z zm*>a+!Sq_^&;J0BX%0N|PpOiC%#`jU#cR|}v3Fj#G@cFjMzx}+i&3mK-gYI1wyVsG zbQZ9AiD0&#u-D<$z5UG!2CJ!6ihNZfM%WF8{w78!vpWk0jjiTW>^`&1qW7F;DPes- zkb^LQeR5RlXs%`yq&@c*QLvJMw$*bCMzcheG(L4%P3lUsDFdoXSR>e7jnBpPUHos%U;0IEWVKls-AS%t+@C}W{!BWEu!DbOF{gE zvP-h-M9@|!w3XOg%CcEj(Js~%N^9;AsFd+di+gqUMU)iG(ik^IZ%8ZJ)4eo+6iw*a zn;M0)6)GyoUM$u*qF*M)04cZABEf5V=|oUdhsg;nkJ+TDWu)CQBSWWcAPGD102^L9 zK?B|OHX`b$UP!tqi}pb}PN>rc7lU34GCIUsG{RifPo8I}p*R$84|?Hj&@&05eGrdR&}W(9L=%jOKY+I2m|vqh-l zSC-x_KfdA@lf5=6i$zt5gd83{vNATKgG+`qbJ||aW-IRpm<4vR!3S1fo|_VjZj_l5 zRw$~xLI73irm*c1-j#91K&KWFZ1{AR3%F+@Qq|p6lCagT^oI?t6z>v>l=LYtrP#bk z*0EYcHa4&BolEuYt2uJTNqj02-E=p^T0SZ%BO<(KAMptk6mGKNP~Udhc(L-UYAb=e zxF9;8d2@w%)75Xt{O!hP4;ix+T9AgaYNn#4DK zwe@yI64mQS)J3q;$hN=aWVV$_*36Z@Pa(t+U$~&8&%aT=mHhHoFU7rKr~8*RB8yPG zi|lLMl-yFz!VwmSSSq(}0e;~+fcxx33v1OxOU3+ zc3PCL9t22{2aI-V zSD`VI(?``M>8^TzeNCyuhCRd{Li`%Sae7}Jioj~QPR05whQux$&LQD@rXh27ybPB6 zeileZsM8GU2o~t@0xv z3+$xAmZ{@}4V1QT&2e^$9nL_vvpphi9*lnwS7AHO5!oJ&bch`q?L4xKtD}z|qFHKb zD=>}b@hrc?orX31Oht?Dh~PuZN_&GX*LH|1#kyi=0H=|2d))A4fA(5c<7`2)RA!Be zDnA&q4^odY2Gy(WB@GRH5zV=t5f-`7c2km{O_u1<+CsU`cci_vdv!@h-wY`Zz6EGx zvfB#wkaWi1hQzQ9Ei4lEj4jmBXXm{`q2EhgG{9G^V_-LGyW%UZA8)A2q@+NsK_eZZEvxbKC^MgP z$S;j{I^nK!v94{^7>h3aRS3O?_y~Zswb~UKxVymwZaeFZZZ(rUILNd&c5$o`<%_}q zY{$Wpv;NuY?sq z*X<22vn0?bwgQyn`A-lue)E_ESv(W?ngJYTY6;m}Uh`4(8>qG=2S{o`x0M=IK-3^$ zjM3{UN;*`DwNee%-_9p$6n4f4r9f6?pnVD^1hAMOA#iyOf>o!Wh}^nZXS--rpbmn`|J;&P|{Z zYdeKS<9>3jLwph{363Eox4<^OP(p^DCGIUhDGaV!Lz(&)B}zDBAeyuM9^g!1ESM0spu zZ(9RrRN(O)z-Autq`$|?dkUfxR%G7>C+9GPZZ(b5ckk|Wqia2CY`b~SIE;INT(M1A zT<$j3d&F7*(V-=ZYWCQEuD2Sf;OB&8f(Pw9E%*(~i%mbQLi&39PT4-0769`7;+6<_ z;^LK9eqcWjsYD##1Q3opSpf^zeWi^nuS}J!z1@xMKA5d6T)A}H*C0@UzdgzvLm5W@ z0HjqquiAI*zrrPBK`Y?`s<3$-=y(u^s<=R2&VF2l!rw3h1;u(D^95|;3(#^NP;%u{ z;?g={v%`|Qs}s=3 zaysa#`Tqd0w)!m3{f(_Xxc>myp<(33A&Kz+0NMJZ&;5+$D%BJQtjL;bkHl_h<;5*p zXCM14L5HdT0I&g!+=(rZ$Bz@zD*gJue-Q-a57_e=%Jq6~1rgTX55~@AD}Q3g4gm1DR!9etu;cevkc>0RELMTdVc|0I@U* z)!Y97v!la&f9xVe=@KN_s)Ma4e~@1fW}!hf`z>7$X74V_smd3^nwrtr_aTs4{%?(;B)?^mTEfUv)lFe1}YWz@Xmm% zsq?_yE{gVVpvvp^EGJN&_WJRIlqDqf!+;rvxokPQ;?Yr|i0 z63Q-n><6mS{Qdj*f^usWcCQIiytT*Y<{H2#eq{wcpyCUExk5d?KzFJS5T^P*Aq$!R z06yWbm>wl4wC!?LRa@~48w#uEVjT9ojOz9A>4KK5PY`=79T$I0aZq!e{@htDmjd{A z)G190eSAttTUTEp27n>Wzfd_Te;@lT@F?*BIyWLMhQx`Gl~pda9$Oaw0GUXjX$_VE JK<0cC|JgTYr4;}G literal 0 HcmV?d00001 diff --git a/index.html b/index.html new file mode 100644 index 0000000000..a4742b612d --- /dev/null +++ b/index.html @@ -0,0 +1,10 @@ + + + + /docs-sat/en-26/ + + + + + + diff --git a/js/auto-complete.js b/js/auto-complete.js new file mode 100644 index 0000000000..0b46054568 --- /dev/null +++ b/js/auto-complete.js @@ -0,0 +1,3 @@ +// JavaScript autoComplete v1.0.4 +// https://github.com/Pixabay/JavaScript-autoComplete +var autoComplete=function(){function e(e){function t(e,t){return e.classList?e.classList.contains(t):new RegExp("\\b"+t+"\\b").test(e.className)}function o(e,t,o){e.attachEvent?e.attachEvent("on"+t,o):e.addEventListener(t,o)}function s(e,t,o){e.detachEvent?e.detachEvent("on"+t,o):e.removeEventListener(t,o)}function n(e,s,n,l){o(l||document,s,function(o){for(var s,l=o.target||o.srcElement;l&&!(s=t(l,e));)l=l.parentElement;s&&n.call(l,o)})}if(document.querySelector){var l={selector:0,source:0,minChars:3,delay:150,offsetLeft:0,offsetTop:1,cache:1,menuClass:"",renderItem:function(e,t){t=t.replace(/[-\/\\^$*+?.()|[\]{}]/g,"\\$&");var o=new RegExp("("+t.split(" ").join("|")+")","gi");return'

'+e.replace(o,"$1")+"
"},onSelect:function(){}};for(var c in e)e.hasOwnProperty(c)&&(l[c]=e[c]);for(var a="object"==typeof l.selector?[l.selector]:document.querySelectorAll(l.selector),u=0;u0?i.sc.scrollTop=n+i.sc.suggestionHeight+s-i.sc.maxHeight:0>n&&(i.sc.scrollTop=n+s)}else i.sc.scrollTop=0},o(window,"resize",i.updateSC),document.body.appendChild(i.sc),n("autocomplete-suggestion","mouseleave",function(){var e=i.sc.querySelector(".autocomplete-suggestion.selected");e&&setTimeout(function(){e.className=e.className.replace("selected","")},20)},i.sc),n("autocomplete-suggestion","mouseover",function(){var e=i.sc.querySelector(".autocomplete-suggestion.selected");e&&(e.className=e.className.replace("selected","")),this.className+=" selected"},i.sc),n("autocomplete-suggestion","mousedown",function(e){if(t(this,"autocomplete-suggestion")){var o=this.getAttribute("data-val");i.value=o,l.onSelect(e,o,this),i.sc.style.display="none"}},i.sc),i.blurHandler=function(){try{var e=document.querySelector(".autocomplete-suggestions:hover")}catch(t){var e=0}e?i!==document.activeElement&&setTimeout(function(){i.focus()},20):(i.last_val=i.value,i.sc.style.display="none",setTimeout(function(){i.sc.style.display="none"},350))},o(i,"blur",i.blurHandler);var r=function(e){var t=i.value;if(i.cache[t]=e,e.length&&t.length>=l.minChars){for(var o="",s=0;st||t>40)&&13!=t&&27!=t){var o=i.value;if(o.length>=l.minChars){if(o!=i.last_val){if(i.last_val=o,clearTimeout(i.timer),l.cache){if(o in i.cache)return void r(i.cache[o]);for(var s=1;s https://github.com/noelboss/featherlight/issues/317 +!function(u){"use strict";if(void 0!==u)if(u.fn.jquery.match(/-ajax/))"console"in window&&window.console.info("Featherlight needs regular jQuery, not the slim version.");else{var r=[],i=function(t){return r=u.grep(r,function(e){return e!==t&&0','
','",'
'+n.loading+"
","
",""].join("")),o="."+n.namespace+"-close"+(n.otherClose?","+n.otherClose:"");return n.$instance=i.clone().addClass(n.variant),n.$instance.on(n.closeTrigger+"."+n.namespace,function(e){if(!e.isDefaultPrevented()){var t=u(e.target);("background"===n.closeOnClick&&t.is("."+n.namespace)||"anywhere"===n.closeOnClick||t.closest(o).length)&&(n.close(e),e.preventDefault())}}),this},getContent:function(){if(!1!==this.persist&&this.$content)return this.$content;var t=this,e=this.constructor.contentFilters,n=function(e){return t.$currentTarget&&t.$currentTarget.attr(e)},r=n(t.targetAttr),i=t.target||r||"",o=e[t.type];if(!o&&i in e&&(o=e[i],i=t.target&&r),i=i||n("href")||"",!o)for(var a in e)t[a]&&(o=e[a],i=t[a]);if(!o){var s=i;if(i=null,u.each(t.contentFilters,function(){return(o=e[this]).test&&(i=o.test(s)),!i&&o.regex&&s.match&&s.match(o.regex)&&(i=s),!i}),!i)return"console"in window&&window.console.error("Featherlight: no content filter found "+(s?' for "'+s+'"':" (no target specified)")),!1}return o.process.call(t,i)},setContent:function(e){return this.$instance.removeClass(this.namespace+"-loading"),this.$instance.toggleClass(this.namespace+"-iframe",e.is("iframe")),this.$instance.find("."+this.namespace+"-inner").not(e).slice(1).remove().end().replaceWith(u.contains(this.$instance[0],e[0])?"":e),this.$content=e.addClass(this.namespace+"-inner"),this},open:function(t){var n=this;if(n.$instance.hide().appendTo(n.root),!(t&&t.isDefaultPrevented()||!1===n.beforeOpen(t))){t&&t.preventDefault();var e=n.getContent();if(e)return r.push(n),s(!0),n.$instance.fadeIn(n.openSpeed),n.beforeContent(t),u.when(e).always(function(e){n.setContent(e),n.afterContent(t)}).then(n.$instance.promise()).done(function(){n.afterOpen(t)})}return n.$instance.detach(),u.Deferred().reject().promise()},close:function(e){var t=this,n=u.Deferred();return!1===t.beforeClose(e)?n.reject():(0===i(t).length&&s(!1),t.$instance.fadeOut(t.closeSpeed,function(){t.$instance.detach(),t.afterClose(e),n.resolve()})),n.promise()},resize:function(e,t){if(e&&t&&(this.$content.css("width","").css("height",""),this.$content.parent().width()');return n.onload=function(){r.naturalWidth=n.width,r.naturalHeight=n.height,t.resolve(r)},n.onerror=function(){t.reject(r)},n.src=e,t.promise()}},html:{regex:/^\s*<[\w!][^<]*>/,process:function(e){return u(e)}},ajax:{regex:/./,process:function(e){var n=u.Deferred(),r=u("
").load(e,function(e,t){"error"!==t&&n.resolve(r.contents()),n.fail()});return n.promise()}},iframe:{process:function(e){var t=new u.Deferred,n=u("

_x+{jR0wIf45iF*G*-~tIr#bP-t@Al@Kz7lb1{O{spY(k zU*RR)YgWTjueEF86zB~Md#m;9lX;?St?=O92Q=I~gjj7{Mm7eM>3$MhJX2z#0z=OF zB-;A;RT^TvBpsEE{LHrQUb#-o%7a=kXNW|?uari9=T1ho{U`rx zn0VJ8fYiM!->WUJ(_ad8V!<#8!E;KSl!L1t4g1!MKK-R9Ex)5MG;`yPoaDlq<=bRR z;2X$!X|MZ5h}h<#`@j>KUK?8NDf%)*9k_Gf_2|z3EC)m01+TpYG6*|5bXsl%&*-Ou zwKoE&X9Q|5K67@RI(C+Ag}q%DC_1Pu9CA)q54#4={sG9s1YMGhL(G`Q!*h9xv2Ou-mSN$>#3RHK)d=HEd6I8VhuC!Z8ooy4X)Z;w4 z6$-9HEf>~TOH8+&55ErjyaGPt_X%*%b+Y$?j*1Hw`LQ!{4Uf-nw%A`sSC&GN&Pql? z-&A-5i+eyM9QTFDbp_e&zj%%vR)aYXk1t^ORkx4Fj)^SqlUIlJ+s!V;%;%rQhxCgA zDDVdwE@oTJwZG4XsC#sJx*)C^gL)K7GzcJDEuc`8qmVBZC2vmKn19DL&0n7xR|Vei z1@r({Abx7;TR?7mlNGz}htRGJqsq=fFOWzrQQ^Ys#xLl3JKZ=Qy?pDkNF~b2({FED zrNC}ZTo$H&3~HL{aSRm9y-m*jQ1PVV?3|9@&*6G&!EW6?oPMLr0koibIQ-*On8e=B~xe?fap}2Xu|Sm1CBrzvShjNEhR>ako>>1Wu*5)u7FNbg{OkDev=$+?;eQ|GV zX=N+&bK)Bh{ha$lafYw{qZE5!2**RQd+l9MvS&&_xYLrCofLBs8cqf3CD7l*E$P5N z#QvARkb2s+d))pm)NS5e{r6KJ*`2!WwSMim_^`;rPM)Dboz_%gPL%`MVasW^M9UL! zc8jm&;4vK`9+&HbX_N|GY1VvmGcd<%diUUmctgs!XZ_ndQDrghnDQJy?6gDG`;mae z$E;%?Y%;%QHU9)&lLSC68<7dSEnjiueT|qQxXSq3exhSXZOOebNV9gBzo0(hnq0P~12Sd0a0v9`ux&w0_ zyIiYbsbMQr*R=JjF1q}ct{w1Y-llQ1vW2qg1nHf=Yq2jq44_PI3BAkn@>*(#tZ%W4 z*S1qEzD~)S;WS;5cFw7+qVOPc>D?L(wLPyq^wv)@_N=nF-47gFK5n1J)Lo{$Ip9*qYw>y0QsA`N z)t~e0JZSV={`P_d%PkqW1J=#Dn0Kldz(3XyG~s`?B}P`JneX2V!<} zva-xDCt$K2F2J2zku@uc*g#~u1pTbfXH`>MYuC`_ysIRGm;agEicrOQ(lrQ6e2>+S z|A~tKw74Rl_^w2LyU0G^`jr+e8%uTW0<+NoU(OG`a`qO<8z;yDyEi`t>_hq7J2>Mk zx4T|np0a)o+1@WQ0%pvf!rz!v9EvYTo!?%bLggOzCVP|bw-2a_t~;Wr_|M%!h?YR> z(6x?Xy40F`KYhskcGQA5W%b=30Joi8NQnfUd<)MT9wps8u44DT;2UUfyZg0!;C9}V zIr?$VtK>Eg?Z%-Un_L;{<#v<()<8z8gYDce52B37%E zp4Ypna>G=QRZ>a#HT?MLPZ(sD>TEoywDelx@rgPtPIyF6xp#H&wNBPDrdd#(Z2c@p zJ{5E;{i$}n$+kg*?6dpj8?jerA@v&4+b{8bmsLSKM_bd8q19`fx~rzt@6=bHqAJW8 zH*1y?>dqI10)2WuJSEKTvQ(Np5tL1_Nq|0e@n`LvJ_e0$^y2N@1@z=-9Z<sO$V z$Cs}UoNmXmb1bn*wU`9)ElAJ4n&LlUC%2sEEqKmHdhB zG0MD@OBbGj{&fwAZu5gJ76VZRu@FDbqG~RmNjPs=_pM#TgkepC54R<^xc~uErVNc0 z502Q8Rcq^3wz=W0X_HoGaS@1rzv6+=#aX~qeYB!dyQylyaN&w!B2~@Etc&#U$Z@@G z407%1=bO8`oo#-A4(TC3+gA|067~x>(l6@?^Qt-Am@mqog><^~0wr>e9*7?Tf)hd$ z&YTVMI^qy2mRj`$&DE|1{oKM#Rv@qLwjW!&Q4fa|t=~p)n*$<1aYu*2FzBl-Ec2<* z?clCwV&pW4cG1lVy82Rg|qG+4X_03wk zHA>~7m399Z8cdI>R1Ur5pvn6`MMRD zpN9Hd(BSFID&i6C^od8p$#AU%)vbQM4`9~+5N^i$mZh!135+(I{1rSyKAgDpX`ukk zN|lU=G>d2&OYQKj^YPaXtAu|HxGv7sa{GXGyM$Jb-U634n6D38tXd{t(v&V_yVPZE zGo|G0PBcVe>@b0n1AG|Ry{7Iyww}YKuk$fp0yt!Hx4K^R9%y(AHK=}%)s(2kAjD|k zSx(sh5emG=7=tlXe+dXpE@(5m6}~VXSP?UWyLIyK5pvJEk>xu%UdQQ6x_Yf}sHT!q zKEEU0+qw%g73q3(T@4T^1UK(ye8gvqc=ww?{%&^0^;z@=Z9#2|W5b#%<~_WJO$K6u z1(K*#F16es1F#aguhM%DNOmo3R=dDQF!@&f8_fR^qz%lym@?FAmSVtqD^(`<-A;85 ze=W5mHIZ)QEfF0VE1`;N>VzjUZmK2AE(sd|JP}9UQC}ZBlRsa0fX6&TsOIRQ$0Zff zC`cD=X=J4v-S&nQQE16nzg{Z@RN*|`QSAvTKGje?5_z|vxz66)azjd=1*H0BxYD7z zg=tfrq(vW&+T71JM&6tV_ksy@<>hbl1&Q7uFqE}^N|Bgak$2Vvb|U+Hc@Qs($jUA^ zbO7htFeTPo=#O6A4%-{KmA`!IBc7BJbPp^Kc<>>E);G=@qR{^A!#wvkx)1Zc4sdQ? zpaf18Wr4~Ju0j-eBIxk(&`}BPEFxkV>@g!W_c-72n^MV_3*Q$)D;}OM&s~U4V8NL5 zM2Xb4X?b+k3^8=!7UXDlq?ksTs4*B5)HI&OfLb|!i@~3kGHl>s8>J|_A`^8tx>|^# zk#0WU9xikKRc>M(8dF*x2{%05&ifjR1(R|tdE*cTL*Ee$;o<~`m1gL{%3_bz$5t^` zan~eHB7wOdN>c(tsw7HxrN0(7P{AR%H`3nM!4eFsNkE&9qB@ zZ`hco=dBne%Syyln)L(s*H^q;b<0#<_=`x*)K+@ZL?_Zj8k*#W`KcrRedvKf?XrX6 zV&{?iV($^>;@4rdY+FV>8|+vxKaV_KE~#j$&X5wK@}!+?6150gjcp7-HZfLHi8Mh8 zfsx*1IAUbjqRD1>fZBttS=S=~fh@v#&7_l{T}(fva&t?tGHGb;+B|$JhjKgW=%lE_ z!Pss(r2A&@*}a5e>G?x#@&;(tya00J{Td8O@ha}h^~50(z6}TQGjzYKcGVWgPJ4mn z6Z?UKTU$QUd#Tg?k&T9#bW%yA)6C<_go=52$f(2L;5&>8;ZaDkF)=^WHbtaGmyzT< z6OB?I?+=!08$`&vfU|JZQ$0IKdIDx*;H|x-d>6+^msq}W%9bUTTSrFkTO3m4;uqa~IE=&wM=jMFns?PU zdd`3WE>%SuTExbQRD4XMI7o^`^ab|eMq=Sn7;9U;OV zsc7w_0WRM6I;vRsacT_fcl14k7i~3D2~s+imwNQgoj=7?OzH_`4f8KCBY(DXapS@< z*GY3@Hhhb&A^yUw)1uQ60hgsBJ8Hq3$|E_BkOt@nlqnVtG0>&|FOt3koXz)p-xjlG zkgC073l*b?)he-xS)*3W#wa=ziLI!;_a3!k(>8XrYQ&}=iW;RwQPtv~@9+O!xh}zb z+BPe{tw0#Ewp3bcS+hyynb zz#iFJYTe@y6{4d6Ue`7;0{6;xlaLE$u+dlbOmtg0Z zoFYG5lr-a(ov+(ruM+0gMJ!7IOgU;5y4Z2XNwIsiF3q~xs4UvP5NMq$r{l8E8WHh% zOd*y2R!NmbJNuOaHT|nN{zw~cE3;_B))tFKwvP}q;f5yR(znd+UW&fDW)E$wkds!p zal)IAmbkHb+=m(DasoPwwid`A%Ka*qM8c&@4<~%|EcnrnOOMcsI^$x*!cv2@`4<~vM?bL1pp^Rk*L=L5Ji5Zlw_cdJJkQE zv0qBOFlZo<3Ax-+g{3;-?BE*$4M6xC>)lOa1{7O-?SR9b$%!sYBdf`A*yo-toZkK# zpo=Nu|Bf5uv><G!Fs>D9=URMmQg#8&1%!F2`b}axExx+-E|R)6Ws~*<+m5n1EHn=5 zV`s|ki$LsvT(9Xj-2Qj@*=7A8pFiuTzUIm9e-ZKFbwG1-^DBfMD%xtbF;^?TK`Tzq z2Y0bBIx>t^;xUQokV@Rd(c1xsI0x=2J!zqmij#Zpy@_AUBX&h9uEl3d&SzbFUC#Fr zh-qQue>bmd!(%bW+df9IACMQ*F-gRMCb}#RD7GaRWIg^D`Utc%LL7`%?Wawbi<3kv zWhpzW)e>Uo?c|lp2%H^(Ek1V49;)W~6S-*T#sX*!mZ`%H8vhBmTrl|%$c!Y8**r=L zq3fFT1oPAQq00Y;WTQ2KTC2SwiT!UKGLo}SK}K)KY8!2C+fg#a8O;0X60N={N!2Kl6aeS2&JaoBTPimngigS> zGJ@R)K#Q^f;SY{>pfU9i)_*DMe>zXQpT?D3}h3!!c+|3J~X#c=^KV zh@-I!!;R!jq4iAt_X{*!2>Qx+!8aY%j3H%1u;qe}#Akt@xT=1yiK9nH+zMyUuzFIn zd+i|ktN22eh-@Q&1^|)Iv=Cp4HQHM7jdnm~S09}-IFn*@y<^+w%f9fUu z9>+K^fC0vUn4(0JEjLG-AY+CWy@>1Y&E(=8x|{nm;f|0lpAn*$r4oCb8AHf8`2!xC<(}v3oGtv*O*>n^l=DkQ>)?hHNt%&w% zJ(CEbC}!l!7;;qE4hUIpZf?mS!x5*h1`TSN1VRzo4FN6VbW1dccA+?_@c`n-77)H| z`{*Vj15J^EtT`R1Z`({n5X1OgX_lRNFG%!{cwZrQXd3hl`G7<7B?M63|L;E2EPoZ& z2Qi&wC!Z(Vl8JRD&BS0K0>tOTSF78Oh~>^VKp;maWwLA(ZlxRsas?65RGG}J+|cXu zHYNYWRA>uB)$n-<9iY#-RS0m5A}{Q5b~V zJKXIeSjF1^d)#6(MnvSON{H4+CNbvy1aX2tRuSioWRs>5u}MTEj+}_gQSwen84u0o zS5wLAm-@tIZ|*2*PFOCU3;k+PEPJV&&e*&^*9&HSuA!^Ga{KpqM5Al^B^}^txgFXH zI?L_sYR?A&NJ@Ibh@TgZ6FkT9hs5bpqBkrA{8VMpp-X?EeLw*MqCQersyRE6?dHt628v_W1NRVoiSd=>q zd-I38n*9mkUQDr^w|-X1%Jg+z5>$5)#%C8gJFh4v>HLfiv|0FK!*`phC1brcffP!) zJQDN-q4PLx1gKEUeW2y~2Ka@}6uDe5*8&VUKl;{yIv$J)&=IB3mtNnEkSm!&YEZp~ zkt+6K-X`n*JXmqd`@0g5NDMUn3v9{6B#oOFAX9z^}E;&F}M9WA(ta!Ph zB;Ob71{4$wp3?3krmt-lxDdLeC4{$bY)rHL3Kt$U+mG}i-y`2KcMIPO_wh>UHK}k% ze{BC~l)6<_NI8#zi>@^QCVe&?N;bmjW>EO=@P!iSS#`rc^MY78eox(ve0=?yI&*LG zy{L*CPnHQ65rfRQ(L?l6hgAF_(Z857(|llqiJ^neqrk*FV%M3Bv=qCwY8#D^PFgi` za(#+%ic}@as)NwWR!ZJ@1=~iRyAzlg|Q$RRB`BvQ) z+ZIc7rKW&#oY>&be9k|)5`@We4&i;YIijQLZVY;)@qdPADV8LUmCVyFY%xx&hjK|% z2C+ez)F3G-Ro|$-5fq2Vt(2~BJgs7l@~c3S31$`wasw*htIhU8euYcyzazRV9eTc6 z-x0@3L>!`Qfdr%P!-NB~f3b{0eRIpBnmx|%PSvgJc(p{uEfaML(~`u0Cx(AOXdAyg zE}6n4tN+D;xp-2}bno29f54yX*;8?N)e~J5v32gvC?IPTd2-kE7?B3S{V4>PZ>M=M z#uN;l*CcOsq5{pM0uaUo2lrZW(kG6t*JL8ZEGC8*LfJf2QMf=Cspy6MjMouri=_`>BHt({CT zE~v_TA575)No9#0rBhSiGc)&8-`X3=>vt z_~$LbEV1Gu!s2uHV;mDnm;6kij#FSUHWOW*lYaILsAF+0>V~9d7F=O&ce(vcG}|jF zv-1rEufiOSNh*GfqGI+}M(EbGiOB)WKF=MRg31)1hZ-Z}2rw}WbGKcDy|Zd*Qv@+& zVP%COU0H2Q6}6GxVK`SN?wAsy>!9Le;#T8h(&{_daR(9*&9R5ojSo|yciwud1pmoU z@fX{r#fv7>7>gfUzTEbeqfPd6VLSY|oS~%iH**vnYtu@v({`cjfgk0B8KsiG#=aX-Tw8ir#5Si?#GjMC`w)PhwkT4U67fT{*K|jNxP(QN)mOhB23|cnGxo>FQ)D{ zSu`3E6G{zB_`EUmneU_^&&tYVN)Ug(iRsOm4yjETe~vt8H~<{Em*ELj-|R@|4f6|W z)g%YsxVr85)G!OxpMUt{{qZ~ZJ*Lp?YFNfgHuIqdncs=XV8TAcI`2-u*VMqEL1FT- z_M27#$5~VnG^1j|w9egyTRIAfqf>KZoJ7C%v)L+WXxLl+T}UQcJbbCh76ymUPR%Yf zor$qM1OHbYSe{qF8pW@}Y3#wQn!t>d+Wx>(`1u&7SU_{z#$;+1YxQ3DiXVXts zZH%yN4-P`vAeRvi(BM_{;`iIK!0Ly}3zf@HRoqxVH={aHQ0iAF9gkl_R=Ru!0Xr%r z38RdNvD0YOYAKG?wLp|UNm5i)QN4CUE#SgyL&uL57ogwBm@~!qzmattB3;>(s?b9p zk`b(7j(Ad%=2u#-M`8j|%RNR@yIaf%8~tB<&j2S;q9#m-gVqHC77G^YGo3F`mzgnA zOCH*lG1BqoQ)tg1>MO8Mj?+W36!A*d41@T&m(GOCe)ovoN?+TEDYKTr#k!L+$^LSc z%fnI+-OB`WJ*ES%?_XjY6)b}g}4#PgUK=xf+8XTd3iYmDmK~X zJY`R!J@%9d)7k4K20|t~_WRbJdp`lm0I(lx*d4y+mTK>cA6AeE@qaXn`Fty!KFR&C zXdvP)i0xmtzW;aoYQ4Ziksim4Rq4U-$=Cb;vSd;#VRtF5=w!*HEP*#9iK90p>otg! z;kz_7o?(s&xKR*KkQiUf1=KCLWJCFJ-yj;SERQF@NB8Z^4atXY+q|gL7z~@q z?kU7Of-Dp-di(_E{}3$pJ4vKSsiC2C2@v6{FV^9L4rlo$_`CgCflx}G#}L5Wo?nJ zg{Kb;`W&U=oYv9=2N*s;E~0*B``D=T_3eL=XS7hNs^XzB_aAgIqJ8lj=+?U6&3I06 zi<%fqJSA6?Y#fv3u=Rk2iDn+MP81Zhwv~(+gFKQN1o8OqRz=UWVFf01pdx0PQq>Go zH4pLCYDy+i414X~hMJ^6f8+#_Ue`uaoy;GNhy_f!I2i&&6iM=AW5xKF=l~QP_r0eb zBpX-L3+3BNX4OifCQW85!cR5G)=5K5wtROuRjq)5^$8=E2+jbhrFU75b3>oJn%1g< zlDT2*&q{w3l-s0vIL{u8hbgrtOx?Nf@>iQI8HQo9=!*a=do)U*(|lhl%1gHY65&@| zRT8CKwXO^BYMrBbfXA92C@9)G+-ox}w^+RT;07V)qCz4aiuD`s{1u!>2PUi9!0q0- zBv7O7JX3#@7bNV)Gm)lC)}KtP_BL#?=tM3lr?K=n}>CA&sVp_(WrNmP=51?FwV zdV9h)XO4l0KqpNxuSTN{lDxcE2u&0Och1qTGFy2=;yO}v)T`x-Af|Zqn2>-H4G%_8 z{|>BWl0Z$aS^Q-flO#~Cd$D3!RMhQiw)^C(p^5Y461$lGE7Kp6#!2wW(QXMPY$9!n zl$4Tr0eR~^wd?W&@# z-mSA?Luuv{>B1q>pb-OrCJDR3Iu4INhm6qdo)o3{ZM{S9I1R($#B>5lK9Oh{(L~D0K^`~ru~I?& zlBXDLq07y&+VE4}*zgTkO=SQE^WA@)8RW*k=X#8%)`&i>f45aoXSqHt-nPI7owbWR zBRmX2m9xOotk}s-3R$KOY?XFRHV#Ofls9w>d=y!*H1IF2sJhDS+|X&^Dv77LzWo}; z7$3)$%ALm|XbY(MOq8IjCUBTw(3!K~D90b$(W0GoQT6VVQK`na^s}iE6Cyu;N!sTM zVt@T4`C&l+<|984exo`+o_& zWWA!R3@ZDL5rsb#Cpo>d;^TN9|1Jp&WrZo}JPK$im2zIml*q=|bmN=-OqX@WI!m#W zCC4z}TU4ARKJd}dB#(}!YGz*DT5kiqBlMIj-{Vu3h! zxNn;Y&uZd%?AZ)k?%N)dL!$RMR4_tyBh%$AZzcLv_C3HPN!3Ua6D9%>2;e+ozP zvymZ*xlT`f3}L>;*U-h&kfzj`Bu|+fKrt1C6AMTQwb{|WxExiURe5IDe%hRm$Bl}w zk#!s=%Z=U_Sk3xf{QxiVY7_Xgk>Fw=-x%!9jc)eE>UM1Jq&s!c(@8kYd4DAjQ7Tng zx_?(R)x|>OjcR2N`=_VlY^~?yyR!gR@T~%J`?52*;||>@VRq zBJjR%mtBACdFW-GDZzK`Y@UA!wM*y)g@>>XJpkPvU8NQ~ig_g}6RNX)Yji#!IyF2n zO__d!o8?<+weFfuJl4|hLAYyd>fW(oBP}-g9!LD0gyd?|Qu+Ls?~_@)$J)m^r~0b( zl0=&RJm?9|d>C)rS;PLe$Dn1s9FL>6fBRrCMR!>>IfSORI&CD9@{px95`TyF{entRYyKBPC<5WISFlSf*3eMK3InU%tx$m@ zv@yFG%(NvTxZ~f7G)px)>t0RWWq0qY=2FEPO?VQlfphtIuo`7X5Xj?v0Stw!<=}<>A|9C|Upz>i zMKU}x;~48adW8!w4B=n>t@erM$I%T*%FAzyO!@SN`aUA7zkhyKWF2hz5l2Y5J>x}x zEhn~Ne{3YtHRdQ;*pVyvyI!fq|4VD|u20IKzz>_NUi}Q9=}(QC?@RCv-lb7Yk$r;r zzJPkSI+W+6wIDBtO}4a?ru1&eJp`{!{JG`xY9Q2uqWdVI0% zhQ!YP^}Ve1SJUEKUV%A0j!_P<67{ybYoFzvW`#XG_7~`ZU*UTE91xa%)eMe4uOd@j zkL2B9QxUYHb&r!dmudfa#7Wn$x3!jE@gL$%i|R(BO`FEF(@z-8a>o5d$KzTR$HR^U zjuvxCwsm8>!pL%Ih3~Cqxq+hZep@!Iuj4p)B-HbzWBc$Ai&FBscuyY}r>V@o1y>x8 zX89z%O9|{J!#!qCs|GqN@w^Mcy3@J%lQ*U6?82UEM-?0Zi z7tXiIFp1W?l{=L3X%(}-^lm5ej;JU%UHo66=cpO47F+Hn16RQ@?BBz;yp|CsVEymX zwEj0Fx5WLD@C9NS%fa`+y7GFQv5dUaD*4|2Xs@|aep}2_`Iqjt(Mpt`PYH1fGgXdO z^C`4uwfuMH>N}RAzzbW%0G<6WpU18h{ZafA{m>xr@P{jJd8?lS=5-2tE-gzH9p$Zr8bscAxbgMwMstp9rIfkU+Oc2}f!E5( zM#0ht@#1n+uHmjkQ6u+TVOU_}Wpd;HA@+n(cVQGMV+}`YhQcTqWHR>zg(*Ab@~3M5W|i^!R(*|y-U z>0QRgL<;PANR@2J-5xMBL|{T}&W8f3j;po8xl7B_w3BV~nqyu`?tbYP4d!`FWU+(J zc?C84FmBG4cX9V>=0o?kwT~~HgZqJGIe**JE1J5DnZ8kI&Zf@9Iy-A*n4m-{lB&<1 zqzW~RcTAXi_}kbhBHnheReX>tHPu-5tC42y?0ZFAh&R6^@xShcJ}JdL-XbWQGp%!c zO2Goxmd=Y1fXdoFF!4`Iiqn;kDk z95uE4M=@Am{KYJyxtN08rc|r$VUMHVM8TW<#{~NAFh+5V?*%Fwj`1f*UIsfj0{`__ z^YO+%!-Y$&J^3^_djPt1Lo!Ai)DNRD1@W*AF&v)sGrFuaO?k`Kvna2we4FtNH_MNJ zWmaqc5|;2feHP{Twfdo|*zOPW)V;B?q6A^6YIXU_-*EAy#LT4ABYkHae&_vCGT&zrQGe(9 z@yd6Te@J3m5liFM%c!XQc?HYq&hU;$>uvTM+Dtdl0a7Numav!(G|YJLFlCh0c}B_S zP-?303FsXt*LB=nr=py=)!YZ3;Y`#&?xRvtx5`=0sGK&&2>Z?arj@KP>TEAvEil<) z&;09FJ6P}}V-w?8H&``p%ZAA2UfXnp>?+N*3O`~bA+n%tS%DOifKIo2Knp_k*isks zA)u9APN$B#C2TxCrh6Mi#6Mm zrl}GYvwSq7US29M>-asSF4kwjI~@{+IA5iG?yd5te6HMVQz>zKj6b9W{i7HDj~2zx zwsmT%t1QZRe|E*3HI!*eQv}V*1d!agwG>=$dJyqp3U@}_1p1;mv)#~Nj_Ob_>J#d(UsZ;(nP{zq`0`E*_F)AkWD_`UE?*lFm@? zNlwmi-TNnz3EadNe0Sts1t@uB+%{N*`)p2m^T?n>-0d%zFOQ#lc4vNFk7`OZq{mDtQc5Y$56U>t*1!vktP>paa5bDY}deWm*ciw}zBg zeEbyR_@}Q@$WD6Y(|>o~ZO}xNca{w@>oii?nt{16Q-K%7N%z1KL;;XI*O$ek=%pY# zShq!CgZUw65foeX_*-d&#TH!Kbn3Viq05ZkX6;19!FAb=$2CuIxhv+%Mte0u1PGl< zh{<;q@5akp?cv;yP1)o&#D*HDn%9_yW*C1 z$x^H`l26*e^PzCDj5GE{-#NK!gZw+7Yy~QAgp!UZEU&xD?i~MgaPZ?tyo|V zyhc`RuFGWhM|`N)Z*-rc!pn!6rfP*kv)AcYce;WSz~z{K3!?Lo2n}k{m}nEFw3Xq_whR+q#^L_ZfeQnZZ{sw zLAWmrK2^gpfgR&{Dx-7cSbUob8K7vr(*Yl79+UkhLqmfIov$`ng4Qt1dhO05k25pI0mqHM(RiVMeXF#?RwkM!lm=$% zqIlF3f%^+37UV>}wp~q!N@k^n*ej{=Zrx4td`AKByViaQ^8-Ovi~dPu+Hw~t|2_?G zaG$TIhy2}``cM4cQjFiKs{WaA$hPAfR{0`{StYF%ctoST8_?=!%W`=ft~w>qe%6SyAqZ9lO#*`^8^xd;qD3+_@9Z4vM=y~t()dr? zV<_NEa8zC%({0NWHX6Xp7i;f1mOpPAmDv1K$y(#Tx^=sLUY6l{x?Qi-FhTR@@+NUUQ{7g*uy1(&6eKVdW=l90YA&n+@7Z>i5D4NP!gLE3N z9Ci<>*O_L;_*%E6k&x?TRqo{OL>IDIUcKpm^oT|ZN@8h+oo}V83Zspy>387 zHHaID)~d3h=(5U1sOyj+g^vV0~rox9mPH;3>oV6di6-y_`5SedB}>e;Sco z{QY#P?`_wAu!-RRgyP^c-j^0jXW0%@bQ^PCEE(g^9964oI@CNKK4Mx+D?*hO$&C7> zm+Q&#)f~&#wS9G@SVjB}I%sHfEA@eMTh$4`%vRE07@+7htU6&q#Cm~bRNG{(W7RH7_j3u~mWNnArHePR(zX?cNVaxn(e`#2aLB4@`m&evB9PO`xZ}+cKjkz!4WQSY9b7xt!>&nQ2PFjs@&NcY zl*fD;NyL;|6;u&MoGhd1IFV#Bx_5)iKaWL?wfkv7@9KzZ%B$ZZdwAbcc@c32_=dCL z-9T?cNd0`9-ro$dtb>nxQnB}|FGh-4Ldt30)y_C=6g|jcs#VGyrwTEk|K-vV?gM!g zj7Xmrhn$;N>ZKJ%hFaMFsbfo-9*@MZhzzUR#fs%W#rMwy*C@EPprX^jTaT2*e;GL? z+GM|C*n^J^R6Mv26YLQFEj{!7++IDK(4Zspz$m$Y%jMQL6u)-gV*#3BKjZYT$u|Es1sN@|8HX|58~9fgd(A6u zTJFHH^SbO`R=o;%c2t3BKr7V7I0Z`UTdAyVj?MMbf^`-@s>S1&maSNE#V`3M$3VrY zLx!ABSOrLud?&flFz>KaJ>ZjyK#c4^YF&EE@$^uK(_K~a81n|a z$3GBLT^U1IN|j4l`9!Dh7AI zG*0k%Y#MHb({WiBRx_?=D6j?rC)N(~5{uM-0XzC}}NHUJtUxmt1|{}fYiTl7}uVqdH3hBpaq=%atDs0)v<`l`IL zP+1-7BXF(^X+1!JXFM7=+`On~$ zxgJ=T>SiM2ea7{qu#d@dkFQk3a{l-%rAF9(T+fIGLbFpdN;|kKG7G#(2Q-2eO_98I zGTe{t%_2;NH*#Dkx}3;dPu-HH6`xst{U@KLD{CR`4TDx$JD()ro*L6i-ua4(r*&)T zdusf8?;%w&tz<*G@bbu!p4Pg~K9MEiV_En6(w{jni$ne(-LwO}*xz^s2xw(f15{zm z{u<}}3N_n?I#+7RPhS-2;W~_1GD-7o!(5f65wm~>&roSF;QS1IYCfBedn)#uK~CFb zmX%4ol0pUGX{>UGW}_ZD#lTgr2P76VuJZLv{VLtCD9K5}3SQB>8($S2WF`*qmX@#d z8PC{o2`^X+P+0LNd_NtV;ao>x7xx zz?@mWpYw9-v(4rw9CaUg^XeHnKHFA4ymE7NbZA~eX<|;>J#R=X1!W_KU1uo{hyH2# z4u>U}RG5PmtF(_R4SY2QeR5o%6A$o`p&KK;HJH)(i-)Ux#K#yg+o}d-xo?O#!+WMR zeO{T2IR^5kxfvQ*lwaF`8(wB}_ZmJ+JNg*P86@_u-piO+RKU#+2VUHhF1Tn?x*@Uo zb*;gUlg5PUUx-};@)bF)8)Ta8EiP_Iz%)D4+uRLOeb9v4%Jd^mwESPYm6pQ%d8gY% zAGKG04=6#joj%o$eDXEPHOrY9&BR@_%FO%L;F;9p(}=3fj*54099W3O2CQSomj;JWb){oT$ml$)}n9>YfB++Km;=OFNJcxBjZsZwEMqp(d!>QB$ z)Ht1nCW2E_F2~qMd#2&=WS3Q=+WXXQEP026Vx4>njI$_Vy~N1CxjP+8ZMhFJ9w!Fc zmwd=&$7fu9tHgHn5qJ)2CETvyH_*G*qH=#@=d~$IJpc zcHio}{WM)U@TOSluGaCER62J2gQ(zUz1PAWTPugu(pO|(iUP)5r9A1TVl$kgiX}dV zu|zEx*qUpYY7cDu%TRstx5oN8M~^|H#u>}8N9n3r(D$tw2gj4=4OEC!fgV!xK3GeY z(jV3|+DeYi%wvU!vtm(ryq)<6MVYT>svX6Qod(DKxSf`__`t5oLxpS}WPC9dsiz5)T$ z*$}#~FR`{cQFvjd!IYE*+VU%D(cJoZr15^m?mPOA_kZz{3stU>VozSK7{wmrAztd> zU$`2xN2Eq6^9-GGYL`;Y%RWGc#=H>zi^JnbW+y@VSJ9(0yzV9Vd43}*0$P#kBqK%P zac+8Y9KbD=(?fBtHi?42}+^9{*-x1`A91G&@BeH%Ha4+S&`cIj`vDu{Z@dHrH` z)=VlhdAxH+xAhBK11S}2PXQOk1*Wkd6FMMD%$m5F4=nlo!Qg}&9m{X~S-7kfWwqRQ)Y#8P#Y_q5Q~fo=8d2k&>I;jM1R4g3GR!yR*3*lZM7WAp*4 zsKTqt3IVPNA#1K4{ZY}Y6hG4_=1fW@6WILHQXg?|xm{H$uX{SJ`JhJ}WlI{(RsaLz2=3If4UCu2<4R7*Tt1y>>wk zt*7F)eHn8f^jbyl4J>%RcMaGm7?j|#=V+NkR}=F+I;wVe_FH$;uMPagD>8pJ-#T16 zw{B@-=1whOO`j(&M0(o6Zw5teVvyotB*qs-omr@2GnE-)|H!qv)vDesR9Rr~YMj9%y){ zK(*64HZ6sBttw6>D%vyV^ad8b-Wd-btky5C(aot0#c#3a8GgS*%e^(XdXe?QtZ%=; z&&lG3w5Js9yWW*zDo_0aQ^G86|wd+q{U)S zvKV7tLh#wkHy@Yhcqsjj7jG$O?w7kyUTZDXXd0y){)ah!qHwSXBxtO38_XddxA%~y z%~Ivl-R;VYy&Dqs@+3%Ga%~bPrJEZB^=&uwc2_Rc^oGRhp^lsyZip5ni&A#HV&AJ> zex?gmhw6y$jqj~x3=Pw06G`c=h!^G{1UlO8 zzHtZh03C$Mo^R=ww8nUYH`kv1(c2FaTzV3opR=-I{v)_97<}}AQ(LC~s zX+zyIBCLy>;YkTX*Mj<@&r|8{c;B?|BBBbQr9>?iL*`8-V74*xblI6*RFu&Y=%!*? z`=&%}YLMT-=;C>?`3=eCO9iwYg{NL5Yd5>X)#E!yj=yG$b&ZaO!EQ?H1uQ{7xyMv@ z^9cIPmFSR#z6fy*_BKUTuanLOt{jEaTAEJHTFX7D>i=dL5^v*Eod5q8ef=6i z25SYc#oN2grmod!BKwP^>;K7-PS`BC-%gvYPyvHy^M?Ye^}mCe-k*H8(r_{nlhH0+ znhM#RY*9g>!o#*#tAn;e;fL{c|BKiSHIGyQ!QTN-N@w`36YnWo))~^}*^Za={}z@v z-d#t(Z+W#F*;v>xn8ljCx~AuDi|+>OU#T|T*NS{HS7W+&c3%-1*6p8}?JMAtrsy~C zZ0!{|!%%>+EWIHisePX$sC~zfz5_10+*jQBZvdXjg3ILHN_S>N;KnAI#5Vc1JuvL} zoy3lOABFSCE13A2aoX>=7YvNK+OTRW=ZoXPeYM0}5IT3++{!_&mvdM}kF*uwr?GY? zMZN1z3isiYMq@Jbk>lve*dqyzv+QJsPVD>9xqSVq!HU_wbd!&T5)WGCjo^M~=v`+# zq)$?()Zmkn`^Psaj54o<3!Fmt>ASO!gP|?kVkSZ*9okgfB>-&($8tIAZyNDmSdNDf zz8fBAvFNXPhvTcvW9R)EHETvG3u)hg5oQEs@{)J^Du4!o6cwKSZsik$aMTl1+DY@- zzs@Fvdlrx(BFQXF2BA1wdv*09I2z3)-8Osph?|z_kL9PLVhRrEW_H*leA8Wx*6K2K zA`P=2tMSuGAa&DL!c4yTjQ6MqSge1Zi2GPEKU^R9;FA*Mc2quNHNTU7yo?BU*@^V% z)xdW2*vVt1fu$1PU@?V)-K`Opg}X6#;#9$E!#}R_F2nEC(UJ2!eV!vC@no!!G2Suy zN^1f2S!FWf*YU;B*`f4a4>fT=Z~HBv;bf+5#QYi2Bu)QV9{+vlMU*O}e>YW{{pbGq zsPhDsA95Q}|DxmPabH_qV?4(uhJCWm-q(Xc?KOu7muGBd3sb@Wq&k8$gRub!3*$BW zjF`DCwMUPhu_^zZb%pwR+IFO1-^=zXcDmB#^zGw5F*mqQwP zyQh{est_%mB6Rvts7nf|}qZB4`k?JcD z?HGG{Q2TkrM*9cVM`3XUB3g*8Pxqm3;77je_5_pW-)yw8CPOV zSUSO9TsHYG<*-UUL!6yB%Zu^~xXucoU5-yS^z(h#w=_f^nr!>n`4Vc_Kb#mK$bEok z7rnJbTsGyfdaD{)J5j^lCNao^+e-A-TEf~|D+!-T8mbw?H6N>OxcRT%qLtyVD90s_ z^?S)}Bdv^nOFcEWk?SY6a(CZ-Na5s%QJAzJ>Z@(eKS5qvm%HrU$5LeD|DhfQ^aLJh zT?M|k`QL@ZulDa`2b~(knHn3TP{Qh}9U@{6>Uffkwi%=RwY5sc&R%?cZei!HeRyh; zUmmJ?taNa9)a-^t@%OE&vZ7F#)uIF3yW;be#+HcV@8TXR$WP0;^(dJ65H@jK3e?OU%Dt3I?P!?_!y z;Tb`NJQQ7z^8-%}QGbKfUbM16JcZ}zl;9O*7hfs(6?~1y>JIepd1YIIrYhg(-&F^$ z+(_|PT zYNehbzvvXY)arHlg{%xfvdfL3_R~r2#8dqyL?+vRmuHNg)sC_#0yrdTkdn}x>@_6$ zJu0fq1A68$lN*xiR^S&JoLb2%To^8F%!_Y03B+sSZ8?p4c>lpl$KVpI`cD%w(yZ(c zPqstsZ|088UJ+riX%!j}vSx4PR?H0 zMf)_%hE>BjLQ^$cQ#EmROdj~Szj{YPc*WvRr}oL;W97XTQG+*F!L>HS!c7g(n; z+xehClXC67QSvdlr>0`^F}C>;QNDj^xqSQ4dQ97>Sw%K%Qb8=N$+F%L%VpfbZ!P4N zS*KnvOgCn+*dpGkR;ULN-IgtxwC~uaI@*ln0o(5mSHfqVCbhcMtfknd_WiMiK8i=R z@5`$6?1b;0CyqF}wJfEYZ(uo%;Msl@z;$}5|3GV9IV)C&lL}HU$xp`Lo8SG27Fn}q z{mv5df_vJtWLIT&CBr!_Liv5w5+t{`%nYXWCLr%)HGRpdq{vBO#`I;zPG(nT5zSS9 zYLR@w>g}kltdjRd?>xRgp)6Oh3DzD(`DavfE&J4a=9kX-beURUC+s`!Y%2eJOZZ9q zy##L}Y@<`r<4NKX<6`V)*_3M#Q1?aQu1m59eC69_pAdLH<+a2#64DA8>E0?UntKg^ z6O(FC9kEmMG&mfNFd;w)L##nan)<(9HzdAF)%CbX`{M0B9R*Ma$>Z{s{>sKOd%~Yo zTeyyCEBlqeMCVv>fc#uOs25o6Zm;0m{S!RTaor1lH6E%k2SBAtC`|Tk;vcpagZuTK zewR1;^g`ChBW;JGA4tF)O`r72&i*l7>aq{u&tdjzEa;MY2Q-}HyT8bSGTC>8RKt7D zjv+SCMAVPscD9UPqWp1~=iLFuA?$-Ft#aI(PVn8K(3cEZq}SlO@lX2g(w?$1G|qMv zE5XKH2Alew0bPeTB;E3QsCR}Uhm8;8^Knf(N?#jw9=&MfkZ*jX7v2xN?N%@IObD55 zTu%6^wxaM^VDPyqcr%_;!fNhKIxKIbO5qhpsnKl-CMwWJr*O5^(SR$5~QE?Ky{#p}8K$v3@X?^XHv zt6r1%03*U4kABmL$k(oK&JT>&(p!WNL4B90$2u8Y-4YNQPMNG#(E}AXTlYevX!xt^ zNQ49ThVllZ^|>%p0zVJ4e$;hA0k(&^eU|iedQDVO(|8ZUS=(I zBZ8JLB{LJnz>vR4uQ!=>g=b)+$GoDN7gc@5;_L(JMOhfr%Wr*-uN9G3Du8HmfTAnS zu%0r{gL-AnW9wuaSZcJ;q7+e1mY3>d`D95ROJg7xoEEMXas+z!{mBCVwAUBOPC;w; z$_g72-Ppm>4IMP?iEtuqCvCz-dwnN%87GOqi1J}S!W?6cDfme!n22&|s1}&q`=P9auK>l| z2dE!`K}ikJ{EhgnRF4l;Utv#swlXHJxyBQ8Kbe;fta>9e$Dd$Jo+JqrRWmMzTuF8E zri!=X=&3tn+DO-i)^+^O|E#@p@2z3|e{{WdR8-#^H;MvMip0;zy=ub9rB3fG!h4>By*Mas$CwFv0H^5)f})t9 zn2fRKE8?pqI5dx$G+l~e#&IpiPhI}ab*aar{`MKwV24k9nDf_{`}EI`%~2E)wdV=Q zWA@8e`6Li%9Mx^_p^!J#ZNZC6n1GkfTchd*-g@o#bT5~l)}+@7;&qQyJeAZEt^OR3 z*H!_4$C*nD?U%LzR2!u5arAsz%R%_A2s-y7K8s#dqRty^N9k>n1f7%p8g}OV4SZWI z>w>ZvQbWCix;{tHx8mh_T*TDGI4P0T5*uuNwfLz-*dt2D=h1wznC`w^nL6`frVnc@ zhN;x*8{I}yUhf@|G=Nl`I~4Ynof=(le%_@{q0K9kRonHvEU!kDn5u->s{TF617-ZB zewpIhbGM-HcEPR8;VU2|a_97a81my`W=CEO3kI9C;N~gGFa!YUd0`v4sv5-;Xrj3k*z<`OfNy*)(o=rYK^E!EL(hTN4R$DQQzY#JHg!dkh%*ozL zPK@<))&)q$nyo<104^iLl8Z+2^5~;Q0q~qGhw53!pU`V4Fh*+#ro%d&#if^VRE@ws zk#}j4;+Q4q%-g=}mzCEadU%_uTgIpGJ&Nzqs{3 zR1W<)?#MpHb2#i)sPAJI`W2OIyc%%?T_3?s_f>=Lp63|}<`tCr&yWh^f|l^(n@Jb@ z`y7>*d8Z3*_mjVxI|^49i=H1d%0zUn1Jl9r@kd&)4`oyF!Yasu{F}8Op$}E$ zC)oq;Aev_Lx=-0g`H6t8Y)CaS?BiQzEm@w5h_}q?mRYGBZ}sXQyP5vj{?*>1L2=GW zHg1brT76(>t1#=76aFF_^oEAv$yQeP4=y544NK9bCXPt$|29Q5ycE7Oq$1!{X_p?KIZFngrp)43RPBG$o%;918 zn-V?GMpgR1YI{)K_?n5)liDs@2gs5yX)WHI2EE<^5EJcya#2n1Oht{LZY>0v!q@q~fJ( zb+fM8S&+f(vBylANRfkkj`%|J5}Lb1g{A&}9{X%h%I=2OPNzS@Dy14}0o7N8wtV@%!f>C1`QoHkvdDb*9&FsF zo6b9!CMT-COKl>Omd?)n2l<~ry*#(Nrr^se#YoiC`)))eG&&P4 z^*$+B@V)SU=6+jIEHf9y`uDIma?1)~a{;o@4HK_4q(5q4nw3Z6K?VTpYt|vmNZ>qn zgM8NwTRO^Go4Spn$X;g`LD+;rCVNwU!SW`LX?9FRz0P_fVSKo}yZTd%9Tq^Zq|YK) z1+$`WXr>7I-LSm~pE1f1fDb}mpwZ$L&^>lqHqhwPYN;G4?0C#w_$~ZyEc$os@0f|n zJxXGDqVTHA(zg9iJ<|GCBeVgYb9%)Oe(R`l873q=#QsdPy>R8EZZCN{4W!Yygwb67SKV6E0An3~dV8Dmbh61A>5&kTM%M3EE&c__RhoLGhuGQqWUjgX8XY{X+~Q_v8HbVB zgt{$Jws$P(zs=TI7n5=)DHmhlXW5--(HIXKVCy2!G>Q6lO1=T*$=1L#15RItnLLyNlIi{j4d&a>78K)C~?5Eps34*)D9 zB|c7#lANDsv(*^QZZ+c|6IxFjWM6c;J^Omijw0Gw-y6@EqS4t(y$=0>N*R{Xh?>mW zOLkiJ#7lh3h?tT@x3jvphM8HV8kB#9ct<~3YnuF0_sXi6&=iagi}kXs;nNkj?ikvy z3EbTol9pN3*+ol;Z<8eIawOKp^4GdCaC#LWqu-`#d~DxJpx87<(G_aVZGtF%=x8k~CsK2;Z3Mbiwe?o@6D5t-6 z?ULRCg*uUYFakK{=9P3ZNz5scJPhYOKLrO!b!$`J=lAP(GYy>#%+A z=9Z*OXHqRp!veERfhr6_^U3LMxr})`nY9(lZ5H%Ad;3JZp1J7(%!zEGhV2app6!P% z9GQwaFmH+ibbiRIrUx94|EpG(i@gM?!a3PnK6jYGmQPPRh4Cx+)tr0lk+JK#r>L9U zMy)l!fb6hJt*q*7&%tjai6rbz9`o=?M}%ej;uVkAc=0coZ_|MD>%?AfI^)!a0D(X6 zyd@OA_TWu2)S{o9E3(9VD>4kifqpMKwKlv}t^v@dNf2-mb6#E<*g4Ni=^)w7 zcZ0n;;)XdhLujeR!pg@HO{Ah(u8LwlWXixRSW+wd=UQD&UtsMn+mRe?lLMTzl_Pr* zrs4SHX;r>v0B?#gowBJV(Jd!t!7W=VEjfh}KKpByGU+Y}BjyA>2Slyz*O`K35`|XI zr9=6Wwvkk8Y;$uy&V!ovoOIaM?PFeWb}4n4pm;R%GBt2|^gUadtP zm9?eRy*-7TuO8KTzw2gE*Hr*IVn4`NgQc%R@Q=5hWA|gwX}&XZ2Ed995|R|eDt^8L z-3^UM)z(XjE9+I#;;3ur#K+0#1Jjmm#0yD_CgA*bk!}l}Ar5I=VOnIZ;dNbaa5xB{ z=3ew3CecaN&dtdC(#4a}0D!)-`{yVeS7~Ciszev3#Iaw>s!`Zq%q1WoQzF`HVe^bPXn>?h%v) zDaU;N2oNC|(eJNQUVFUpm;?K9d&dwY%t`VE#ivLqF=Ov9(^DwoWb{#U^i|#1STZZi zvut7)qT!>JV{p`2wF1w;r0qyA7b$=BcaxgP3S;KpEt$Jqg$!4X6F|Zf>Z7S z)h4I3%_-DYb^kDKPQI~}$pfpguY-{@sVDbbR~5e&(1Ge27U_RdReyBTk?^q9U7Ll# z2FXoC212O|J%gI+Ev;43Se`StEd+*{tt_})rGgL(M}ZzyUgk}n%N}jowTR_I)suo6 z|yQW@J+ECpQKqm1_Ar z^9Yk;aQ34l$WA17}CMy1L6$n*1c+@RQsk`p5dMS`Wb(xMJvl2*T3S@mg z^gdF;oYWA6sMb()*qf>E29~EMCry|YQbP=ECAzT~kx!lf{y~sJg92WGzS1omWcyT( zFjC!3Ari{>etD#ZcU<6aRz1O1G@&^#oNicj89u%q5%akicX(5#6hmy)Si_v;myKkV zMoY-WTr(Rc1@AmG>l{~~7x?5E(w4!V-3zP{Z4T2WqMPN>!od16oL47enclJAQ>^vv>}Evt1cR9$5B?nPH)sRayoV+SmU9ZPC?hvNi>s_lOmd7DRg;yN zK*}YwRN$Z7nHy~Eucac$tOxLm3Dez{`7m9Bewd^9D+}>D7T|W~!W~VA`@8m%dzRZc z0JZqkBIlUrC}b-+GaH&Lsk zb7|}CAIHg}Mh;BkmTQUF$~FbtT;b~N*`7D;q;9z$vch(=te%DoZy7%vn@LV|?G%R8 zm?dApdR_Xrf1+E4qjOGm!GZX`IuK;=o>X=}mxS40&Ftd4exP01?e4KlILAwnB%%}8 zK+8{SRTLp{yZA_4#y-aVo!Edc&&YE*TtAiJL!LI(nbqjFL(F2aPsF5J+oDsL;IjfY zvE-bE>0PZ%1t$^4{rS{Z#+87d_D;=k1xhFT3HDd6tA=y4Xm|c44V-vqVtT**5mSVF z9X(~NgpBGx3^dt5$d@%r9fC^wj@jCuaBlxeb_Xn}zv+LS_I8X|)*`rKb@^E>umuu# zir?2{@R%4MEO9o}uzq^|sg(G4?0M{OK3Le%58ZtD9qf0;d$FOqVYl$L7hnEi2xaj; zII}18?0$0M?OmO2uo6)nkMuNk^#mOUU!xFsX*C<6q`uZWKK79<8`gfOMfBZ2zGR*1RU zVcU=ufQgBJ7N_ru_wA%8>DBr(vyNdzyRRc3K3%G5v*=tWqlJNOVsu834q7{bo0B(}S*rJEuy@O@>O?cam z;u)$^fNO_?l1L?8Z+9mz#ls2Mhak7WbsWTDE*w`7HHQZ{SD(YcRZa zRN7X8*!N-!mloFH&3zep|D3H%%L7G)kJ5y2SFWagHhkYD`kKwBpAXKvzS{Poq^|q% z2VPSy63V=SC=4R&etnD4Kb*HAXqo)1^QnydiuKh$+yZdvROYv)O5eXXYHnOZk5QZJ zJZ>)8IdP)tfVSc8V;_0m3>B4#6;!|kq@~A+#qczF1;gFp+r0)wu(po4#C8p*ZGWs& z9^zI~y78r2w|-?fCIq1n2^P8-meav3#uH?CRFt6k-9oUtDXEL&_aymSn#Pf0H;-eE zy8+q5+_>1oFC3wj1BwkQNgRvB%++m(79^^t^h9(!Ek7kkxuYM6`Xb#?a3liUvYOUqKgD#B>tYI@4!Qa}lYi>oSyo4IJT zOY5bmprE0!dREWdv8q!JwmpU0wH!zxt^MaWtuq} zR#}GA3G*NsfkSpv|ICu2sOi@GY@FS4i|p9W8)u$bnh)&ki;MYp*1}iHH5LZk#bpyn zPj@xS?GV85#+_g#^ScM>a_&mK(S`U8lx3aq)-aKXh+3vBd>I&hXtaj`x5;Q5Lyi0IyOw!S*(&fHkB({cS--J`b@QKkA! z3flIzQRrW`fTHIfHCYjNxj!%bN{w(=px@X)_pns^ChNttV&;y%1}xr9n#w(BSgTUW z^-dLT;q#q%d$yIlh=$Lgmd*ch3`oY&f(N=Kd)>#-VdKXnHLnA$gZ+VW|7Uwt_ zSoPs_gF<=+q8A_EH5+{Dei_y9DC4BK&9Q1q6xkWetFt;U+FnDpOi(U7J|bOc;k?1K zZ}Tm3((lhBSTPmit*J+EvPNtAq+%5RCO-1uaSE-+bCpY_o(?I|@z}2}eOi3Is zf&MXVG2PHxzg8?0cw1E`3nL;hIgi}o>U>OF-s6+p ziDb_?Kd#tu9H;v9 z$-SW;{IZLBe7=_$79}bl9J4h#^t7U%R!b;_U=tSXeqq#;#O$KrZn5o?z-TQWM%9x< zaTA1WgD3-z+MoWl>e9_r*BJ?p(Tpza4a10jvG8eYs@tr|BHF?ql~RLvMc#3cb&aj3 zp)o@E!K=WCAx5YS4&nVy^GPM<@>S#|NrZTwOU>lyq&Z}Or*02ZuASBXg-?mB>KB0B zn~XAX_=mB^c}(Tv#;qkO3<)w*kZZ36k#QhqQboqETN`r$hN zHcK(}z7(NUiOMpLSxxADoX$n5O^wFV8F2BxY*3BFP7AMYWGsYZg3I{T#J)f0g(o`&nDGnEH%^%)YqO-qbAfR5SK;y zlt9?)^!A9#G)1D~xjs;m9G&vN7U}vx{2aBtYi!#Uen?s@DxW;bQKh_lS8!kYxj>ZL$LL6iFy+UbbmpUbfk}w31ym_(CdVhz z8W2A4)4Wg8L=$lzWzmhlLaEdAy}KOb0@E_?(#`n1 zoB%imD~48|t=E@=Ft{To3EY?nb6YzidmWuqT6C0Riw>ZBkUe`v6Miw~UCWZ)>lzu7 zBuMbLikUQUW5iP@BKh-$C|j+AW^GO?Z3y<`C;~7P|EGN0?8|x4y838F-0RNf8@3)} z)rH2X(cE7%*Ke!O9owWGnTQyu7EsJL^?4WnFo<7v4G*7d3ID?&U#Oh$;CO-(D;l6S zft(e8WboWLsp+;h+YXmIopAPJg<|-gOq4w5eC_y2u}Y1YM>7q3T-!ZE8if9vVUZz~ zq1=S*n;QD~ojQzx)QEYg;LHe~bj&xlf17q_-`9j5n@%F5Ieto-Dm-~EH zl!if#uWbI#1piX8ByEHF(i1|`g7?qU6Sa_{!jkc+@l(Hi7brK@veL2}6bij3dUz%w z&$nxPNun-HHfQKC`Yb-Uy$RmY{%9W;^Q|?B>kTeQ7Y9(cDHF%~RYDBmg|p{^uGv9* zKBTDRY+z|c8X&7WE8Sp`8woEhKLz4DbZKcz*ww1^opQO6`UckJ5Wexk*`WyRF+4YE zEku~gHfLCsi@I2PrFw-?0v(gonx&EkamIAktUk%ZgL z;m_>y)fzULzx-M%CR2hvd;A>ZHKeW1jr(sm%kxXY(z+x+yY4sRB)-)w7F|icp7Z)u z@G4Y0ERG^(42TM@NVzT8cfO-#W zoo5`1`J_Ii>9M-b*ORn_M&lGIt4yWiT5Q?j7%P(DXpm}asdv2nq=3fybR6S6AW4aZ zbioHbOAz8&Polef1d_tJ=5$@9*oZ(&@v@%WDeuO#WV&6ftxuP)>2i+<*xtse_h}+Q zy~|IIBKh-uKCjXL%E%SkQm=XmelX5S+V86W8=z7)V|bKxzP;d!9>G6h-nFlBV8@zz z3P}!rwOtX9Me~PDOa@>kgdz>v*dm7I{Q8Pr+F!P3F_SVW!8hWzpPavYg#;8w0RiaP z9xz-dGUqQ5r&G>Ed4t`{C98|&Bq2si$S76LiN~B@^apQ(t{$+!lixi&&hB{A+aLRB zLF8NNuizV>3A)mBuNc}{;v2b{CFUn#(49ZxXp-dKV4aikc+g&rgv7*P)Tv;5qS@|2 z>SJ6w>PWczqK2zBM=fX}Qohts1DoCuy+K0DHnkzJe|Z}+LWMm3_^z-?rM_l;VbKd( zr2ut*MIEi@q&t#A9IyE}=7XXYZV;fe+vDbTz5Wc4X<2`M+%{~uti$?rQlbwE=U^rz*8}B_R*L1F)bgtL62fv-P|^Eq4Z_^XKYI&TRE2d zJFkQr-=~`)CK0s7)+@acal%F8Q!}}r63|$?axE9u8f!jZcvO)K8#rDx&lLYENM}R! zc42Aw7YS<7WxE*3hGnO!_+iiB9o~~BOjcPLCyPwG3GE$OzE59y$TNQ3pj7zy`ZZQ4 z9-{QI1`}qKz7=D?3P_D5wkRt2xQ5S6g?_TN2vT(VQupogUO6OD2i!}N_zj?i>MyQD zpQ8XzRJL9LM2o_G+nV-1=u7or#=|3R-Cdpe4SH@#kXVk=YDWxhd)|XmFLK5TDs>Ij z;Dz%|Jl_ks72kx?%{v&sQI=LTd@r#K0d5JRyMJeh?s* z$}XU<0M-$$)Lae8cR8vB3E6oh4{9}(63@jtcK|*xg$uX|V9dvga2QlAS8<+!O_Lp= zl^ZOA)Z2k=8CyhX5TUO7ni`aNAJVS`4Z{8$KSue1w-yBRA5IMT+^AT+ac(586RS(G z;-iKWNScJaOvMK}(CdocMd_>_2WO5^XL%D7eJ&2fjLO7-czMuUN6>d5(VEebroWiU zzn4^!k6Z+UzOYH~pEC?=*k{|Z^hV26Sug<$sC$}QGU$)ptN$l z|C~y}xrqB=Qo7=@5^7npOlLq_=DZ7R zIQOOu=_-G4=w_tqxwwT+(bcW|GU zD6U*?vTHS_FK+g?hY{T$h3=(bzOYWt*}bqXx*Q-W3HC+$svuAm8)KftF6jqJ7J)8U@WcK)Ub<-NmB_~sGfr$u|w z-?Em8REF10HV}XIk#o@H)}e7Z(!=F)|FYYFXJ5GV_4#U$Hg4K;j{iUZ|4o6G)d8}hBULj&b9(=ibCr$pkMYB(VTXURxEUyvl4bdD{hsG^(CLLT#tBhkzANG{5LDN;p0heA z#@nq}qm9wHjwL#Oj#b0mbR_-)2Gt=9;#EQX{QPxD7f>OB1nWRp#cKc}bKeDVy(_faTHWwT! zitaBeEl3hA2YhwOGRQ5+)KYXf%LV= zl#8Qi!l%Xxz;#&?o_SZQ2bRhKy0m5mAj5}X0~nEB%o#mEOb`a^#Z1Ms$l#L3oRB_+ zqmpJHO@bvzdYJXO0*M|fx}Zw|vtaJ>Q++OQ30>J-jJP(qv1w95xd{bKzczny?;^33 z(40_u*NyS+vo}`B8%E$Zkej7%m?j~73X>sQ|LJ+1e^MEs;JLAA2X1mON|DvuA~WRc z_{1lbUJ6?;<;JFi8DKVs9ki>#N_+!?=-m?z99kj1tn|WhwD$4cGr$r82QA-#+s9#( zz+p7BEa-^s^)g%Jk_N&rxVqO-80}m<$rWMpAed;8feuBoN~~Emty*-V+7qoB54K`{ z#X@x@l=uB|2D8Kd|o_i=QAfe*D6T+u(6aoYq zukCsAQ_BYnVlViALHPCK_Vxi-KOpLC895W{=v=&}g34`Lv&gyUgGqAUnocCIT%JSh zfLFlSEB+fc;H@(G=FtSu2kJw3l`G2dCZ(B^ScUhr8XFt8F>5*l7|vp$_yG43k*=^W zfm3=h{(C^==D&Y=)*XSdyCX2A!2tl8a!l@xFQ&XzeN8B{b2O1XLfrfjSRd2sjV6 zw;2-KnM)e&g}{;56TerSR_jJ-Y*82_tX;a-c{?ELxLqkc9t3(eFV{NTOy5Bu~xmlioNm zFBu|jXNnsc6JBXkzWUPi{9fVNlm1>Lp+&Z3!7hECp=D3ggv8?>z>3Bq6G(h@=^D?! z0QZUNaeN#JR5l2KwTk}Q$1n*AVWn^cg2D{>id3W+B#~gjfYYf{@C;x2lVlhu;Z&;!*ps#XKLpxed(Xta?OzT#6567 zE{M?7UedW(Qa9qsDYeN-IJ5s%NA`*RFZe~g@~-P~dD~}Ywk})1`Nf-t*e&_43<>uW z#6^x{F((4r=ztFeT-p_IU*aRic!Y(4{ht97CSa)q{Qc*?M2z*H_Yx^1Gryp`0yaob z|Fta{i=u(g|BRP_@5w#-&G%^;?e-5N#@h6&+wU&7y;)4^}o zr?xa4G-~I8EmEc@rQ2HE*7~D$bRQ@0?<1hno`}@aD$vhu9y2t$T?D!e~t)-o@ zWc%|3d!d(c_A}AN)Ix1eYq`jn>G;=J&Dpu?O)s2?HwQnjZg8OVrW+TL4d#lC#gq^~ z0z+)rQd@gC;LRRMQ2JODm*b?0G{SFA!vU*iNHgZgAwjbK2kd_svNudOj6Lhw&9ODa zp*$iA0tJiaE60VDXi;d?y3u^8tHyd4X^&F$F^7pU`f0rF^^laaM^V7DIr57)oRn8O z!&!d}9PBmplgZ6;AYQ$3QRAD!lZGV-hbG%6T)QzzWB-B+M! z+@wWLP48CwqQ5aK+^D2-Of5pSd0*>C);F+Et$x{jzTiHRI$ncF#x;Qg6{d%dUMu-u>cS!cm_aJ**#p?B z+eQFeRsE{dJdWC6GJ<&Ag=4BJ7ORWjOjpueWA!{K^-kjnJck^C%zZkysjW6Ci)34C zZ|*S-&ne!)y;4Kki?F8?;l;z;&CHX^O@L=qF$g%Qs!?B4UF>7woZuFc)yQABusZo_ zSLT&d{cc`Ci&wCPjew&c>*nq~7s*r47XCkMq6MJ%uy^JfEKKeBo!*?@U9CiC{j29p*pWz4f;Oe=VpV^O_4c&*YPf4w-vLcpqA7J^UVMumtQSnng$AF3(( zWgQdNahyNEGNa#Ydh857ivj7c(>RW|h6cngVnVlql$BVe*XXyE^h3Ady zRfg^CjRay#>m%a7)%#dFeG@*7v8kL_Y{%WT6s)wIODPM8I>KHiXrwUi?K6p4!~CG2 z@s}+s`VAwuS0%`=--4ZH0*n*uMmI9om5^=maq-wr4)6QuUV~`Nt-_i>-;K5_ZSBl0 z0-o6{4K6U>Tuc?NUUuVHjXvx9`M0@a(7pNRI%O^wU?KBCXHzC7mH-!3T64)Qi63~< zFc5|Gg6HI1+rL;?SDTjAbLIHp+#6oF*xG{IndXPB!q$`&77~i-DFa{@xCN!EyEA9n z-&WRm%@N06RC;CQlWKZO6_svQf`d%DXNeE>lH6c-xY`kwH_4&$UGc96S;&vxWJslF zKJ|FIq(6*PtQ0e0J|o3Il*W^=)bA|&QNpp%< zHT?z-)6Q_e$bc9}EMsm7RBg~nkr`fUQx4O5Nj{UC!w_OF-itVP$c3{3>TpAVbqe9^ z_qC9lk)WSzJz&L+y2Pc3rTzZH|YVIGH2AdB;rWi-Kh8NDmMP&N2tw#f!9c= z&kpQ4T~*FEeMtrIPgs)!lTm0SnO2TZGS-DVASnqwNF= zFbp->|UX8M-8K%)O6Ycyr)yb!UYWk?pgG)_YxD8+1A%_n?;bcvyU8Uz`m7 zd{RK7X>s!wixKL!KSYt7P} zSXNo!65oO6wGlB!v#55E+mX=K`y_kAUyf)^{!n)$UHm|Gl6{xxAJ%A-ZBh0vL29&l zP+NQ0Gd9$xwFJ=|j`d=*(LbgcTu0(Q<9Ikobhsoj==FV3kAC6rU$nvE>X%-9eO8sF z3d#$pCeb!xk@BCYZ9329qlse*Rua`A>_o>@TNC|X*);ANcSDE0Z6cZ%h*Gci)^tL9 z_lu~sI$`e&@YaH(R zW1|&)O6wdVAObHcl#C4g|zfYT<4<>PO`5eYH(x(gu+cabXaDm2}%U9ub?uWy?ZtSk{%v@ukj<|#+?X1*UyW8k2Hz>+I8Kj(9+bDa=G40SFRwFW3 zyh3*uHL6y5YyaW;+h40rvfV&)#ktOOSW?M7i{PdwkFF>EFcWi!+nuog!s%z@*g7}! zoT^~!pvayGx`LuM!haYU70?d5Vj73dhI#5_A{N{UuSEf|j%@$)XRj z|CztrcIdC_S|j3&-`n^Ym&^UqVV6&_GDum2Lbp>s&b@loryti)X_c{q;H{(u{lwDy z>7E>yvN}ke(V%g6+xlP9%9&h&D zb@NmU(dZxJ@>MAR=(qAnKcQVW+?{g`hyRKC^sTug*K7j0`+`%G^+|y$bBceRX#@o< zQF5Aj$uG{U!2ex&SmfTi(~B-K&_WlB5Drp&;7T{w1Tl>i&>|pSUDTxh-I(^X%GN9) zcqwm)e2BuveWU4mof0OPt_A;7X34MH5WX{Td zopC&*^EwOe5ao14_jw^7_MOVWLuEpF9yzyomcmfEKlzq&6`?(x4yBww`(RS%K@2N< zDO+jT(m@d|J{A;=uU<@5Lx|LCn*kQ0$m!S8O@(I8~(s_ zcym8}C1^0RhLzC6AH`Zl9svt9c-CxK^;9>n*Jf`>tMDpTD%Lz$x8#EkwAb8Wmu-r+ zmaMdik@;-o_GgUlZo_IkG2Cym_tYb{){Z!Tl=SVe`#+3SgDQ=VDh(K?QJq2a-IW}W zgz^$&JbnzAfMR0*mwf)8Ec7ukCJ_l1BNM*>DUgCPvk2;g$b=O2Y<>TigFgN*2R&Ws z)K>xh|8C~M5z~-czCjh&|NAWysJ@E3C7{p=GJ%@9CH?#wk_0aQZ@UUOaW`KW82ImO zraW(M@;`8?a@=JO1^_1sHUIAm_i84Yktf-4`GU0sEq&z!RUi}CsgN83BE9N@Qm2rq|u?slU)0*jr6{R^97F}%YDxO1pdRo z`-g!_YJWNWD^1Q7F4vvXak1k-no=S5`zJN^Y0Ddj->URlElW@X)|+;li*P?4LHkYN zi=hPrRo&@q*J2};pOoY4iu0k#45q4DHV_8^u#{@h&%~(Ey|?$f(7zHB+qRm1)PwBt zi(8!nS9${j5Y36c%aEP%ZqFkp%g}Qse=3HMF@fJ@1e*evyZfp8sO073uL9}C1e=J& z!_D(LVGc94u#AYyl#nL9*wa1UatEudx75ANX5cih3BlJ>|2u>}S3?j>vCC9s zhpREI;TR~t5D-*Phy8ptCPNg%1f2ec1z6o4u_De2SII7;Z$zjNr7LnLzu@EQaLh$` zmK5CbzE|?2X&3r5NjY9l6nlJ4v6>szL}WC6mmNUrnZ~yAV(oyW(~cs`S_Msz-yXcM zpHwuO+QPP24{Fg|pFSzUt>MF|9&4B=#`|iUo=LDKLHDZdABL_r4T0}DdsxSrn6mIh z6Y+<3o!Qkjotf(CE#=x<)?J&&XpiZFJC-NZhsa%DQb8`!{)$QUqcdjT0p5@Jx_kL4 zVF}h_-rqF8HQRj2iNNb)mf@fyP)DVX<}h7`uuqOSG$(BTI(>r(nQD-}v^x+s$+n}S z4-`0zJ@&4{u8>h?50R~87|W5+=S~Rb-uD)3pXAfzZU+#o-VT2HR9^EP+&$_;bZzr# z+9kNii%dG|b_v?Bl6u-6kN`n(x)D?8^8*HIhY*#;<%o41e+lannK-c})R;<0KJEb@ z_3%uJ`Mh~sAmybZMeAGm^Xh!E1F{goyF$bUI4#kv)h%{ubu{H-R+~Qmpd@1%?^US= zh+QkGLuiA9Wc7IL#ATe+orQWnSFJwgmU4o3nDRpLO3>y7o#Yo+^Otj_2!HA9UyaII z@tK7h;0l+I^BM0FZx$J%6VAXWGdS=<$4j)m!?l%Simgz=wvF zU!H3S+ar1@8enAM*7+Za{WVPM{k?goB2@RcRMtGq<=7NQMdN;Id6$jIR^y^xs_X=& z1Ve8vcyHGTCmEP2q>bGD6Lv1;3>omqc2f*EK>4{bDT9VD91|DCTo7V-{sIVu*)%`)O?d$(<>3ZbYbLHeuAnVkj2X>xBdvIw=k;>_c=bR*s{ z0f3i@^ZbB`v|y|$>-%2z5ahQLFQ?w$l-9JM68aV1v^ZaaQ*qP9LNR-Wl0b)Fll>mJ zYW}rWBJ1&K-1@)>G3GX(aF}wuon1z?I~p zpGY45;mOKMw1?rlnZH_l($8(bOi&^#^1Z^hjf%YsuSm!@rcwf_3VQJW&I+lBIlnZ# z*xGg)jPx}~+PAxlH_xjHS6M=2i7&TXhI~rMB~E9D`et=z{i?L0N&RsVl5k0U$b_bC z$)#=!6x6k2AJMRWZlVl9%BWA=d%}petHhR4 zNK$D{#O;ni+ykI#0Zi(L0{j!t}E2iRHRQx(YETa~b|4c{NV z@btGI`+kt9bmx^su5p$kVR_%YL3vBmn?IycxzeB=Wh9jN_F%ean+n}?qE@}o&7mLp zW&P5oJDMxs5+)I;*eW;OfZGXV5tv(uMmOqBRFc>9v^gSZ==&(1F zeHs2qdjf%DkylL9!x>)kiGhvezb-^HAAK+~la`YAn_7HiN1D9hWheM%F0?qoP>0lPiy+nC2vNPyJ|`9 zK&RXWnQHFI%kU?SQ?S~K1Xt!g!cY2mb;Go8wZ@$Vxwnqk&{a4R3UqeJworTwBFLJpV4ceXwe)B>154RU4pt zIZnNo)uyHe^{L+oOC^n)N>X&ZVz4F1NuxVQFoZ0LS$b-*<(U)swc+4sW; zZSCZ&xNuEo-wpfRan^atI+jHl;SiVA)VTR^wK)_AxmnoSpvmjB5t|pkeu7+@odm8Z z?5G^mhaSeyV=wW%>i1=ZZXBmMl7x?SwN7_^wj`*D<0!?4S+z^wNhcyNIN_~mu8%EZ&b>-p+IT+UdD`o zzxsWDc-730+$>Aov*5}}k8bbG+ZSq>w=8KN@yHOvzFhISHduljH@h9&3+aZ*$oBqp zN&k=moUGe00v5&Tzo6`^>tl#lOQ+}H3x1?SP*9lyi=8Nq#t(-@kF=LcmkvRw1|TvA z8vgCoy>xv0Vvpn233;VIF;81KP@H<*lI!++tHQM>C-M8O<+7ux7v<_ebcon7>B`@c z(n?Jl%i7iZX873JQ#aYMNx*GllI(`ooWvuIZ@)Aro!X&IekrPrO?B{~R~~erlI=@)pPp4T%7Ac&x|RIJmf2SeV$jfI0kQObjeyCK3T`B2s1r zMt(tkTi@*`AQpMW$jq`A08Y^k(l$h<6gAIk_&Q72{*0W>$fq1f*}*Tm9sVmDy72#c z$3Kw+W*KLa!=qgWA5?AL58i$H>TI#p@{lq3;AC?Qq^Wg@i9P7A272+}Im}umU5Um0 zdX!4~gAVV2Ue$m?XMox#vbI_$7xZVoT<D?(M}fdCgge>9o+aE3KEnatv4-HxZp56}AhLccec3W%Pyoz&!q7nSZiLCRAQpc}Ku-F$ToUh;=sTOF z_k8e~$isYPo=xkC{Lkb&Snmd;3DF~>Z35(4tz3l&Vn#k^cTi#zgMb0d*yWV}BJ0ke z9xlg+>(jF+Du2Wdp6?U1vdJo@w+D&*>+V4xg~T)a z=Pfm-+uyLoA;OKn*%_EoXh!7E?1w9bQ%leY+!)!b8ij|@s_Jt$r1rmfvzW=pvHM45 zZ)ly^TrV(BZX`R(u_AJQDR{%JM#}TelKVuDn3wUTO<@o7LyMQ)yq9sW>8{Q4dNZwH zX_N6cNGzxrF&0T@OkMfwZ3(lHUeR<&m-t3`7twERK35U;ab^%Nv$w{KbE}3_-TN7a z!q8y9=3FivVkUkBoH9>`Z<3nXwKp! zZI)YR8ZU8SxuS+EH{-wrFPncD2usK1TAOH4XWVyokA$JMZIk(Kr40IAp?wUB>dID zGfq`JKr!aa3ub2!P6b$==nbJsD3li+uoo>|vnLuU*Alu;OY0?$_jj}+MNF#_N>s5! zouX*2_)rISw_8`Vm}hFFIEGVzo7RFYt4quEuA|-|psUbQ5igrEv~}M80vvS)vho{= zy^6T%({c|}4Ai)FJ^5wui8Z>axTca-e$Hl|v2RfvlU{cIygPYz`vFZzAy2w93E>S) z%*&}MY}|uWNM>7Yg_nn+QbjM-7_`$LNNVjkkAck1t=ChOAqzO1 zR{Mvnm@t|7^{J+D9hy_^C$<35Yk7wg?V)#twKSpU66(P3?0xZFSBv_U`Jj0j^B4aB zO{yj_fwl96g?8Q*wCaMl+@e@?meQUP>4qqyVv%TSb)rJ$jeFC^Jn~zj>o@IWbWHPB5Z#R7xxgdL)lowxd|KtMm5c+ncx8SNjg!l45Fk+}=_6CJ{3<(iZcIF9M|9 zB=U=zIapl6LAG$%ok~*eDxe1#w<~JZi(Azhh)cW4ZJ~z`vj7aWsx-R}WF|4Bc0$_! z0K>lHfBL;X6bTgNZrhln zfEdFngrIf^wzCssAnRa@XBtjkgA0W-3HOR0)10@c-|W8l>>SOxt9sS7-<`Zmid8Iv z;V{EAs#t8R-^sqM;v);LiuPU==91HHQ>n8ACQ4?suJygqM>KTM9d?RNCH8+iWJl4R zZGFnuy~$x}{%d$??}k@eZQ3a8G&PHQ#kFqRm1w^v{N43mmwrXL`+c8&WRVk-6|GiM zpL9*kDB@CR+*^@&^IZ&r>-4ES69Ia0YISP95Nw$A452>g$VNgki=-GQ07{MOn;(o~ z(KCuP_8s0yfZvo->tNP_)NeL_v|?pRT2Byp3UX;w9q`2SZL4LF-zflauNuUUWI zQj|a58IwhT}`l_qw99(ZO&i)7j8x3uY;7>&3dMZU_mqxQM~0IK@k z;d>66_eZ`08x%+ow%=$CwUWQR3UQ%THN6cj>k@%oX_L`s(>`fmx;U6ia_Pui^~Ho< zEf76R z*3^RDhx$UPTSL!IJQFSzfh?xi97%-K!|k4}W}`USp%j^N}{hY^z7ta@^UQEL5R`S1v54#~gAeBw?; zl2Tt@_vIPD2^65!y$!LWP?sHWR_2ru=C}mAgQTIo@P#GGj4YzXVH8q~I^)E=Ssv6E zf&rLPF;ZhFH_e4NMzfCH9C)nl%Sf%2A1E z-bZ{e@vb!|f3Frt=M%NXU5jJ0+JV*C6qi;uRfQ{0wVw;cA>gno7sI%6EzMt(-^sl> zoAPfL*M3#?-|QRxgO@RGQwdH@wn>1QL?vrH6skhn(lY94O5Fyv1{qC1l@2a(vgQYr zkO{E71hfE17KyjlcI8kSNbTdOsnP%twsb18IChk3G5WlC?l9W>opG#x@6Ld|w=DG5E1IU?fmdApTQafTO4EV8eDQ7c_Ss%Bc$gc2 zxSCXsFq-iZH?!iQZm(0UUi{rPS~zRGQlha+b0Q1~zO!CqyY2gOpK{x%!wFovf?RJX zdFj>UDv%+SHE>(BO(f=*)dckj+qeeOVP(Vd)SVwFvW!W_>W8wJRKmhUw7%<;+G??)gPoGDM+uID3yOujAU+(lozxT9oeukI7cScHkA^#uk)JCa3_BNZQLfWF^nUDz#TK1zr-VB8jG1NJD8*$~KZrc){Pp(>t*;T?y@$#% zC}4F51Bm;lmu*+&cIvdF+)mukteM0#o}WT zxlR=JtAtC1D-qcwSFX`I9M0dWqTI##jN>@5i>v1rFgZpiT6v64t%^$VHLhv-!t{rf zHFp!Z#ZO5>*BwLq#h~J}IV0r5E1jH8m51uu{L0}Tapk=7+;`bTzTy%6;0ZY<2jU{C zKJy0@yFcxP2j!50MKL$Heo_Abb!Xi`772A#2@w1GPF+)NzC9w*?JKNP_k{Vop)3CY zEk}AcPtTEWTDLuYcIL0mThwi?+LlLDOer*`DqH@$VTB@!4OEuYY^YM!vWAv-(A{a@ z44`{0#M+c=iPB+)iRrJeI7j6W;@mUg469bmCB}$aj7{{7;aG`482t0;4PFb$zWH3A;3OF zK}&1irt)}*q{l_E(lMmkC^!_Px`KF!XJ`E6l&E~fO6=Bg5nL7FT;Ns;_qP<2Zunv5 z4MC7m6vWbNgc7eV?JG?{HF-Dp-Xbu+$Jv%R^+A|t$wPJIVkTP|Ss+Jv~4q>PSb;Gjy0Bzhrs?u z0iv8=@dc;^VOIK$c=ka$esNB;o9xv=Uc=W3C#G1$LVC)p3v!A}QZ3={QorcJ+-)IE zN`RFwJKoWw~7W$-~+|N95 zs0wG<3P+P;6%7>n{;eI|W(%{Y(@t z+?Qw{$|H0|;=(Y`GM5Kvg}LO!+s)MC*tx!fdn?h8H`C3#Ea0{!{aX8#`#{5yit2c^ znm3_3H_7H+pPq59gE=>EXM)QI&k4%biZ}Lr$`iR?)L|A`*;WmZA{?m2IdQMzJ>P|P9=*jrq}sF^O=X2Uvw$N2GYK@T*lsY6l9&o zlqjWjLj2t&Z_HnzUg}>cGVBH8al)mzMJiw*-9+M1ryWnLsRYAo_DrP@X7RK$EZUrG zJZ`jRB2DEb*JN5+c8ORez<4WE?q60v`;1$hDq4UMwbQ|J(tH`oPJV8vM2?4QxVKQl zLWKVSVFO5Mw1=k$M0*W)K;y{1yTL@$NO3vQNvtJ!-giffEGu}Rb&lu`GOR&brpX4I zJJ4h!YoiESpSqQqLTYH5{{Yr;igs0%tM6dEGX8{ND0QiZ$e^iK_D~76qF2f31r#?n zuca+HrM$=;^n_yxmzH1zAt@gqA+%{3Y3WuSRuKD);ZOI9rr_&i$_)&IidbGYW0LBqB-x@7F7xHdhm_)A&^kwtMzcSHqgB^M7=QdzK_ zSJjrHnU>O^dc+qrU~*-TX_9J3Hik0@08m0(GOj$ebks&H zeV2xr(~YQNB}^u@NaI5a;Y7oaCYaiL8f_Bq5<*LOsR9ZXGm7YE4j=MXYM*yhA2yYG z=HV+8`NlmZB<2yDgar}sipb2VACkYM6=R$&edX@_1Z@)5HxIO{kp-p7w5HDtFiwGf zWhptdrS5-mA4t)Pns6GWSgJmGLrT*CvdR^UXIhm-C73|%!+4@oN_IuHJ`Jja!Wwz8 zO{zkVzZ4Xm)eD7nL#S!AVWw0!FxY#f5&^V63P|*1R+;Ztm2O4#E$M{>Ap)ew@jW(^ zvrqgxCnWwZ_)9Vf+DyGE7cxbEA;I7I?^cGPPId&<fzxl7S(-OMnmBh4WJ*(8={=WwK^4+69~W)vj9+xxWb)El9VLS zsKZZADJ@90LXwn<7Y|+dMIq~MsD9e79h}M})CrWA^pgjHJQE&`G(rV{{RB)*xDL); zTQOcL?C#~?RpQ#zm5PEggD$0yGg|PZ9NSUL{<~p@Rx2+l>74{-t^y?|m~U==o;}Q9+^{QAnqK0g5)1r;UV7XZ2?&m`N3L&Q2rOVH?>(+?8RZ zE!(L{P1WDXHH|*0XDWoLAdbH15s-{i(#UYOcM6kQLS^MgoM{II8)1=g-_#;zf65(_ zr)Nki!~C#4n)0uz{$5Kv%_ctNrwc;NZtV0DIoF6!Yo8uI7aU+*H!F`c9>^wDD$Ig@8&SWIym}yheK%W?e{}W%k*0m z@8&JaTg?sel{)xD#M{aWa%|MtigrcgaUgd^q1Kh{q==l6oTF<|3InY`Q2zkl?6(xj^ord_d^QLPAr(FFh+xz#F~ z{cE5``iI5|Tdfa#Jh^O2Hcsp*I8*@~Oa|Xd_iboHvP}``c9mO{tWk}VN#R75nBSNJ zy-B15&Cb1i_o9;zKB2?X5gWzh-sy@E;r{^Y7#LD*_{?3jUeVAOi?WEcyH)Or`MVW2 zt{AkezJG8*8wS7I1JNgT!akw6`i93FS~r^pD4cE6EGo)2jH%G9v(5o*+;xcBw6=i< zw<qiQDe%KmCdF;knrGopx1AerM zU~(@6zOb4K=LJ4bwT-cDp;Z$ekjg9$6)+Q~SW_3KFmWTo0c}8o+sRsT#3>V!3!p8p z9(mR`xe1!lZYo}RtG2Ls_QE7Qtw5BWS3yZFNz~ zFkMD5JudQFKGh(3yPz!F0<57H__s61fD?Nt8-xzc{cE|9G zd}6cDp{g2yfl?#sk3RA1QlU#U9c1u>{5_%(_ttECqv)Z#$vhTdxEbskbzLQxw!auA0^1-ZGF!sEYw(Tlwx#HL6f~#43vG0q z-G-8!f_W8;4IA8^$n%{mQng=rs87cJiyhs)`ag9!m}k zLXH8u+ZWe(<9wk=Wni;gk7R#%`eKy%{9O^;B8UJE%~e^dk3}Oh8+|o#np*ZptKXM+ zK5VU@Qz^pUzc;$3FLYLN|^QmLuP*0>ieV@D`gd8E|VXss* zuw@z0+T>F>ZBA62uM;UxLH1Iwc;uA~(m@{>ZxI#3HK|JAD+)Nva>-W<`=B9|grsF{ zYFfB_;d7J68j@&^r1yP-+{Btn_M(bUS&Vv8adJ#6CRyX&V67-^By^l}KZ%dWU>QmImqO$Q}FL$bXR+Q_9iUKEyk zS%^zBl4ohrv7{P^A^{A zR*8qP0K7O+Z)oKWCEP{D3~DDbPh4NsZT2jixP79Zh=i7`P@t@$T|1~9TCVw4T|yi@P^Pmk*e|O6a;;0bBZ$JR76{oykpWl+I!3q=O`p~M@eJ7 z1_8w7?e%6i5c-E$ZUDgT%{nps!NTc^l@WSeMV=gta!whFhbJMN`c@-k0jPS>qbyKp2)*C zlGB|^6pHS}A9W+MGw_5>PABNV)ujIb`4|8UyEWhR)uP2|vc%+5v#JFm^nuLw>LkN5 zve%Q*{*~1Xiv5uSqgA<^{f%h9GUAy4xY)*;^@wf7fxep39hNj31)ql}3#k}}Mm95S zJ2000q}@?QWT)}{(#a5$q*(JwF@2deanAmz0U!=aC1mN1+4XOVnHH4fi!!T zD+g@LYaMA(5iv2PTXCWi8bV4>>jz<1sh$oIRiva+waf^_(F#f8BG9d^!)IB5?CsXG zWXAaj>;ek(P)b#u%_|;nrVyko^bZ5sT~&`Z(M2gD$B8}BRXA90A!>Z1>GN-^-vLfF zjYIDeX%u2vp}gNNFnhm{N}c56-$0OR06r=S|>| z@)4vod;b7`&Kmrx&*#e_#3X~(BC2QRV;W`BSJrD3X(>;4DQnF#tYNJVW-&+VSWXIbHy^BHB@p{{XLeZ8Oeoo=DzS8ds1hufhyo4^$SVaXB#l>JW6@>!T*q`6dHnW^KI`jgD$1Ck z{{YHQTsT!i8Z-m8DM(p%f|m!V!WKQDs$yZ?>?G5&@j)0FqTM_p4yDXHTi&Svd?0!D zl3IWHb^YR#Q?si70P50^tW#5j5&m%ylBcK6AO0m!3#_f*&hp6pVA4$q?oxyumz<-y z^+J5lO6eqoiUGB#f&4p2t^7P3AE}S~)S$G3=`g13_V%U%l0gJoF(f9aHMxe0c%T?) z9*UhvR7tX$;ZwjGM6+`>*=+@2Q&j3x(Nk$Bzfp}LDx}+Kj2^m;Ml_7W#--__OXLJR zuB4L_IH-1LNF26mpI$5bBY=X|k!&rs zbc7H4J*FqyK=vP2)jv2$I!;&dA2-kE1J2f!nqGpOqfRk>RS=~(XaI@5BQPq7dNjp- zlkFeUDb*IwSo9A_F{q({obZGR0dWYs9Hl@|pw^e>_@v)StamxxpQ?xHT zyuSFjim3o7WT9dqnQb33;*zp#?)3y>(oBU8Ds5l1GR}|MZmStpIz8|)o6;XrJ%++e zEnPwxQu8UrtT>$06<71oNDeFNU9s#jTtnjtlF`Y;7I)WMAVX*#$c0m?C$SstFAgnU z$c0a7OQb5f=4<*u3AV01x7EM;#iE1ti|V|2%Oa~{{pt3H!WtC>wdk|zhp}*pTAH1l zVqjFZpt^TJc37NXhZA_jg#e`qb})p^6mAe^De$@=YPuiP~l znMwX*K|=kJY~e**1Z{|+nSE}2;&o>*(y4yPnUa{Xufgd7mIRp^${fRk;_|Q$lMCa#cG?HJYuyDeVv@G-HVKXMG}1vYMao z30h9~v@6j%?aQWWRe%|o^O@_+IiKO|uz}gEr167{7m@z}sCP!qxrcF5$x<;G-cr)vZHf0q85dEij-whw&MQnq z56%{r6@^P6M7kyp@IWf>f~iLmx?08#(h|(EQ>8|mf}uU;H(@?{rBzt~D;Qds-tC1s zAXZYF5=AwLP*+rG2~~d~*m)@F6vVwRhN=0%1{UUxM$s!ZQ)K>-JoZ9iD(oM)fq|*# zuzxJ&^MC}aQjJ#TxSUYxfRtDbZmD-04Emr$w5?aW5=^StTM;tVMO~skCM71N_mIvM zFSE81r8$i%7VL)fwt(E9lj1*^jwwBG+{BXe8_D~JtC+M}FB!s@G`kFk6+^m1Nu+IN zeyCQs5gXZRzN$iV-H9|Y{wpZ+DayIVIYoshvzK@{g`rO}3R_LoI27@;OU`IE z9h#GwMl2&f=tGjry1j#CC$cTdylh!Qmf^BeIL6+8ef9hi*f|C#Nv+j~R`PR=#QgPO zBc`A}a4E>RjpT^j0BbQitJ56^WMWvT3l^q*k)!3&RHkSQXQ?!)iLs+XS_WMr*4`$9 zJla{J;7Hg93aU!!3`l7?cO_jUGjDBT>FR*}`4Re|L6+E+;iEy$_iuJN59u5rX7xdX-~bdHrOY^k!DcK+pfn2?xQyR0Cd!%j~g zPF#w{jcvMMmTkwE`VCj+Z>sTrM|Y{)mZuUiFC-?JnA=RuC7vyz38%&s&XdEnO{>@6 z7@tr`?T_%*%V|E^#1-ikt@R$b2yGw%*%?MrZB$x89nhud#V%3Kw(LFPFlp9S`y=_y zkJJVT}`hGMwV&Gos#ez zJvRIL;OyT@aM?jyr6;zqN?bwr#_GWxkyo4v?}|vF$B$xQUvJUf5rBOeWitD;6Bc zN`bD!tG88brnG7+m$YER>o`c2P7rHxT}nfV1RU)OpYlz1P1i0)>yfg0vhyQ0oD?zV zx-~{ta2lo7`1jK|*m+$pydYFepj8U~(T_*Gheu})O`~|m$3(Vf9#yP2TkkL@JfKph zogEOaihsO5go~7#M1qPy^dK4zM~1%+P4&A`x{V*zl~v8()z38}w^7)jl~eB+alI5k zd8!%_n2C9rYHbRF7COu&>E|}L#F0x4R*PlG;TF_V;z0+p7VneJt*2>9W}k#DjWp!K zrW?%)R`2wP{{RYH#H`0iI@-uJ?dyO%r9qsQNW9ZYxctfe;V$U+QsNI*wFuG@t_orS zX#L{};}e*umggG|cc>fw&=oMlOFd;US1ybIiV%}X$#l!4V!H;j> zjjBMZ(pTGc9!#oJ_v_6nCjx-_;(OwT)mY&TB#e?Zc15l3)D)p{e4t`L_(9mADXr`x z@lv0ZbVtGsqeoz+9BIU#))n0o>sD?}E18uk1JgEBT0-1&*%gV2_x`qh(!97s%Qgr} zFy!3GqUPMkPNA&g7LB4?!0!bn#6>seSWo++v)eE@g>IjmZS*t3QNn6g%B)XnV1qL& zH;_gkTZ|e?MqxjRv9wRh7B(|mhl@l<_;jT7!m^?ot^44&C!@r&Pqyi;J<(k+IO~e+ z6r^EkDWqHUgKEU~iGOv;2T4f(0G6Xst9mW^M)s?6EfRa#xBT~oww25q5P_` zge&mtzarZ04}L=!jckCPOsGGKpAKlm=pW}piWJ--UpQfD$!G_aeOHS`VB#?-gZ#O7 z2>C*yeJ#`_GbcW0M{PPpE}sZ)Qd);>K%^m=Z~$#IgvqpMsgs2E2x+FWLU8J#)p+!< zc8EfR6sd;jdn3`6qPlpIUDVa%rOaiLazlRAH8FC`jN1BXm=dmT{x>qIX$% z`K;AFpn50VU=)x+ffnRmEf(c(D>*6z*YRq%F@8WC1tRG=Lyb(NDGL-Z^n~H6 zo|*y99#2{i7?Y>@V^!kXt*fOTG2;bGSI#CG52bD?2FW#ohX^l02sN9T3>7=^|G>Ja&&BuE=pU%`rQ(rXM+1$CxH0yy0adYeU-&w#dSi3IPRk zYPVNehh`_fwq;nmhXKg(jQOj6vEv#1^)aP%9en0hRVhjO#PvqrNT~#FsSC23Jw`M6 z#(y}u`Nr}2@;qYaSBw&)^NFn|FaH1yE{%v?dUd^{#x1YMkzH4hA6vg6+%>BAN4_PR z`-mK?MDxl|@&HNxqh3yMYZ8yk{bP-(Bz4k;0=pt(&hFH*i%CKKV+&iUr7dWjmU(2d zl$Tpk`NC&b)6HOfyfN0|l(xCE{{Sgpq)CUmdnDHVkp1bnVpC{ppqf{dBs`x1PmxtD zVG`ok8g-z8->+obN2 zMLME_J2hS{4QQPd;u7@FPw=C&;|ys1CN{FOE8Lg@lv&`ecKn-q&GAzjYe-Jdqd`tl zq)fGa`EaUtE60(KOS}=(o+dofN@r&{>V|45$CGHC{yN}q&ew^j7i61sYYrmsGT}QSGf6xnY2`Apsa-4X zqp(6Hv~6}s`>4efW$O1N!ERaaNH`l)n7*QylZw4?w=`pIw(nU@V9IGpZGzoMOJxR( zIC}@P18td6Rd^fn6kNoVI!6rP5vuW!v}B)zTn~g>QNTY@D%}N*P8JqQC(In6T7q7UW+j zE>F6Klh&xgDfz}PC}&@Ef0o(6m~o~VNGchd!dYrqf(9Daz(a-9o%2;x zX9dX&Qt###i$W8$^T}S`lrKo>7K$A}wQq*L5wek2r+;z2_+naDCX-01jNR|~d zA;iL^yqQDzO+i=`C*zbON=Xwrq}f(Af6Wx3M|4dkryJTWyal%f6xzC!Axup#&OFQ^ z0q?)NTlSB#lqp+^jk}m7R518dX|Z;e554MB^G|ZlYRMoJ3>{6ln8gsO-*4 zYKF!nW^{>8)og;Y1&?e?p#u|gm2p<@1Lq4xY~>Q8_-lWZBhAt<)2a!0fCpT8w4Us# zG;wD&_6S353MC?%uM%<%{Y|K075Me1N_P(;|v8F?!~z(69_`kbE;uOLNwx< zWmHRPsTDm!8~!?_w%7yFjQ!>SmzQlc{4t67HWZ=91>nr+7hjiBDxjv%MD~s%5ijM6 z9aO)wHA?)TE?sF*RzzGKRHm?IP1R(jBC1!q67<@g(ehzflHM9PxGGfK`d(MGmyM(R zBTSUF_grkN_ll-sMaKt9tdU;p_d}A?Nb_m-u2?y%^7W3`0ev?2R4My%0cwH78j6U+ zg}0jmmluus0O#a_6QkTl9y!)O;Z_G2!{+YOtZlJc!BA5bHZ?&g41KCv+>9M28yuKxg} zcttsn2(XL(k>Lcy>$*sXQzqsVAy>ohi;t9U#pzz?-UHzjNP}o~O{U>C-K<@~wKpgo zD)mS4Sp=mUE3(RlW4aRGnaWJK4HboZGLLbBTG7≷m8<#U^E?B*kcN(*0xnUrMbZ zLng*XHnYoqabNRIz5)Uy+Cym^5}HL1=>hF0Cd<+%@4Wj3YzVU*E3W6yc33=76w4L3eaS%GI3Uf^@b1zD|romaYxY9Jr zTB=B$RicxQ1eo+~KIk8D6|7MyeLtC^DHC%_S`_@!g{yR?HzGz&H%)eqcR)zt%0!%{ zcJoTYDZ&!$(8Vy|-X<(H?+U__>p+NBidHizG>x-L{{Ssn5%1NOryrR#N(EthV^1Ml zX^*Kwht#9Ht~W$lE+E}*Sw>NmWf^nVaQ_vMlA$zjkl8X1us8Rv^jK<+a7D>lOAT_$zr7n?to=hhZ06&DkAZ7 zNTctvliH{#n0*T;*+|7-gcmeEj+uFB%M7^$`^;fZg`26$qzJF@mRdi5&M2>tgeOZ# zdE!;UE2{m}5SOGYZjw|eq#oGIn7^vq)Zdp`^iK?E@8${~6$Um*0&RiOsiM>G;{$CY zIFrV}ffbjKd-|0~pe)LxjVh%@RaLmYn$>kGD1oVU0w!hjGo$Iw7fNtrDKz;&dr8ec zZL3tnZOG{Ig-j}m$7Am?Nw;Jer%+OfAGA?vW^pz40kDi3T3vcNX$tgibWMBX z4v_j&KYQATw1HMMtsxEeb-<@7*IeEbDG36cU{jJpqeRRm$T)|6#4_T)n40U+vKVo) zvRqIZk}`(S(8zpsUsa%mWfJr31L)U9Q{@Rz;x*bY&0CY4XBqO)+2U*268OI0it`rc z6s6fI5ivaWPMRaI2voY823?z}bmP<^F1lZSQLr$)&(<~h$Fw63kyA@TjS%~N6?Pt@ z8!0!^(iCuvH*wDHuJ{YmW%pJ1om35klQrv5#C|3*OR~}k>P&A%sT<@06;r5LS41ax zm~%+r*vrgf!kgk<^D*1ZTh^`4UsSZ)S5po`R@tafsOE30^wnKNG@-X$keEYyIBloq zRdP+qfc~C!GczeoR-@4evKOYE`ir+HllOS5-v=EbIyt1MtgB~Hm2-t6ailp|NtOzl zlIm4)BeJm5vPbCi2Yo$Vv16V2CMTV8n4Emx2ERyRiC8}PF{6;usZ}bbydi`yG@uLX zmrT#q>}-2$0-E2Lbndj0sA6fIlM>Tv^n0a84_qispdsdIikU1PA{|)?IB=SE??P7g z?Gt!7zx$x!!BP0*6IhlH-Aa$nG5Ms{4!xPY3^H>^5UAWSjhP9v*@6PmBJfQ;p-95i zyLs_&2pc(64)-8#%BH`Hw1crst!Y73{PK#KnPFbTZ!_fm^VjHZHyts#Pd7gd$#D^%pER3?JbdA!twD zcm9McaS0!So3OTKCw4m|;x($OB0zv!lNBjn_iIElh5)Fn^*iFEEq&Vy0QjcZ&QY>Lw3zBkG?N z>qG&x0G& zEsZFiSlVzqEX{vUd;~Q_HrhC30Evm2383D^J5;a}a*os88)@azWho`FzimYC5O~J) zIDvebC#l8?ZDNf;+7%Fj8q$ue2w@2O;tSyPAeBIP=D(PA@bnL3| zC3R`SPYmHILC;*wqnSQ}lLJT0N;^Eu8?x@Aqy)mwk+bs(t{T?@dZ5a;o6Z5>PZ&}$ zZv;}XA5xN%Pao|c!*t_q67cj+ajbcsl?ld;-p5nd0HG-&ER@DV3RIMon-K|n%-P0+ zRQ5nf0)jYd-u+_0YP@XpgyUh#(*QL;C~fI_skd&MNBD!Sw3C)4QWvGXfLdKjs#eg+ z-snHWn%-`KVDo0K>VB~{FFJY&a~;~p{N8NsQ@ zb;QKWp#9X}ggErOg$k7DsVCZsc}s=7Kg_P`pcJeSdt$3vNA*KZvZOec6SZ>n%P*OU zR%OzZu4TZIL@_QvOKj0}u6!eHqY4lt9in>FU`lD!CSGv{gk_843iEXoh4#deT>=*A zYNFK&hmblzRX5`diRY5r?RqB?qi~@cjum!gE^T>4Sr63I70`ukRb-!~X!) zSNDqfvMbvbmTH5BarG^Kv_*C;f3`X)-PLYa4o$sDVDS**67ObeeY*;KhCd<|dvr*vKPdKQX!ep=NQ!wv%g^LK>KQVpf%H4kQda)(47{-x7*j zN^LTa36SH83M25MoFglD!nPo-#t>L>IKJ&~trPkg?=_!fSzHy>So7~KCL3|qm53p;TwSG5WTe%OY2?wi z(+XS4J5`FTlN8Yn?GY}1vozPLoM0{DQlcw^4)?+al+p6b0#|Uh;ls8ZK#XlytaYVB z_m45s1wvq6{{YM%dNbB>!q+h1N)y`)Q&lMyT46~0!V-xohSZUeaT!8aw3jPsSddbh zDJQ-#&XUHIlCqBwdi#udl-VhpmL8EO_Uw-MvD9N@FDErL;YJ~VZv0~t((@9;aB|-W zwRs_06GgQ)XXwEAf-afK^IBotw|LjK#TUnCAn(u{qfZwP>`R`oLW}@0GvgbLH@Y< zwnz0w?!htjZ2thhJt`Uh0CaR1rw!=d41wPkaj3hEd?V6L8g&37(~k(Cn|#6gQ}yo< znQ3{q6yxWpSVk6Vr2+9V=bAt3Ry`wR^uPT>jl7yF;ccri0M0fhB#5G`a@=hsnPk$} z0-`je>Hue1-LW))rxun{lvPTphgi}IDv_GsD$ioC?Fo8` zTD^sXe~c?;y5@GtI6tte;hADDiLPy3W9o)j$2~v-3pi$JCpM+4lJNQQH=&xvl z=>loiAcogmLxd$y1r>R^g0blm~>Ut+kh9-2QXgg2x@*j+EQ;U0z5I6n!jbnaj? zpe5c~*X>iI24hIo*|#pGD)fpnsx4$Tp7RYhC}=Kic*d5SuU-)aPGLYux$23RSiGx? zt4bLd4oN9ZKHbo?<|7W7ms+qUyGFS8r-T5hgo@>g(OtTI*MsKHhgXnFZecFXrN-sW z$FeEi5-rOiSW@19_1&(7LMOB-+08ZCX9wLdiQNnIT_r2hLChbzdmtt1w=&(FZ04BW zi)vT!(%N0%R+@+i@{`I53mU0_+EY%-*0EHYgO?)kq|BkRccZFOm&EI zVQDy9Nm;ZrD8`MQZ4P3@mF#UWF^PI@`K{{RZR;LB;oeAaAR3bJ2xDr-ai zT|FW)6oyphDz2)yrg1dr=*p)IX*rGxm?FK=q=V>7t)~lpd?Rb*gNk}tM|xGm`bNi1 zrFuSS95^0N9{BT#4?_Jc<9RQ>6)mMH=MqZU6Ze3Ir{z;uq!u0>qloxJ6EX_K+sMQ< z4pvc@JAQL5Ks}DffuwICU+yuw(28MK`-}=DLY<~6fam*+3mbOl7fJY-`n1ODX&&h4 zkA!_%ZP^!XKkbbofRv0Y2j$78qz6qgs|fFkfdFX@z^h{60YdR;ta?=>L#+vx$tlPh z!@DXtwv}jCMJ@(P2>13Sd>H z?k~F(*th=J!?Hy`EM263wl_ydF36lA04219MqeoO&81!GikWoxaQH^imh#Fs5 zEe|IeR~soOn4FhRBAvLR)9(=e&Q4PlvxN#ZG)M#I8Z}-~KBYH2_6>t**@5%EP=?t^ z2~P?~gj`+@)ifs67BPp?7Srrj(N?9=Ua}&9e4&&jB8|1Ydbt;YHKKZc(rIPD(jHGM zXEctQI4iOXWm7WFwe^W@cokl#*{(`)<_!{EdUG8+XkdS6ycYzNt}<#>vK2n~q+XF? zBG9B0OhS-el|t0+A(FeQ>t{{XJoqT!VJCg#C6+F(Lzdb5Nz z!|45pHzeKS?2*g$$n)j4+_N^8Ny!aG3cZ>chpf~DS>>P!_2CA9TJ ztMZixVK=_Z;AA?L)d^E%6sTr6#s2_EB{-XWbQ~F`42GKuTaF!?9z0=6{{Stx(lf6n zh2^Vj29I7EnUBMKG^ed{PMSDqljt4QW{Hyx?`GZK(d?-^(c5?CP z)fBqYgMyuql}u3!${uc1;dYy*5i2yr+tW-E(E%M+;(Md~Ge@iQII0NxRLe5e;L0mc zd5`fY<|at{>VkwNhKFFJVbO}lhjSFSd_EQlVq|hh#^P@++oI~>9nX)dq_D% z+{T$@Da54g(r!gK!HK*l4&+LsMk5o8YzD!!OuaCya}#G3RT^adWl&q+_x=yJxD<-J zCV?b46nBTnYH-oIz}%$_roOy=a| zB-v~2YhCNLMJirRvo#a^8(V$Q;_Ny1&2X!HHPj*nWg!nWiK@%IRVckxO}F)h1TD3S zdgVK0YCzTX9OWS^iFRfO7RJ%6zZkUtX4nghSilb@rGn&U-2Ny9TTG4``_^s!_e88^ zY*XDPI7eZY>m;RcF0DwSno*QGmbP+XpMUo&@%(pU)r8!?PFV=_TKe9_T9*Gi7lhG< zx~?BvC#wb5zawD)_G8$;4yyXOwboZ50o*ND{0A4?5fIaX?4RtYoD;c=kimuk$-8#SW>C3_T5`tqL{|2?@&4i;Sd!W2B- zOLkxGOeyqpQ_R`rAQ9it+>Z{igg7L$LA~B^_|fM5R7vm9g3kj|FBhS6#epDg0-e@(G*J9E%=6C08xp&enDuE5- z%U~r~<*@p|7}56Fzm;QgHx@V1_t}MaA2>I(f~vBIlP{j*(JwF*YM8*E$Xi}zSl1Yxu6Ud!0z$LLO)+XrgI)15rSYDijh1b3q2KF2`HIucG5#J} z44N@UscnRbQ_ct6P02&iv8iQg1^~pb&KUo)^pXl>Q=eMJl4k(Us1w*RXFb@2Fn6;r zNm^6vebsl15%B^zov8}}b5!O|rMG$d9M4qHcY&z~;J@*;?_z~7AeYOmb7n}3nESLnAC*i{r0b=rcf-d0k6 z`R|EQ?1u0~qK3;?J3HQMMJZ&q5T|Ww<~iz54^7{kM_SV#*T(6D@&LbMV?!S7 z7LfqnMrU8}KLsZ(V;dSJbXi+otv4cORnv7+6u1Uiv<+J~)O8wvZEAm50+{S{Xt;dgURG3YVgK$jy$j0@g`KDmvub!>8;@jdk78ghE4H(oGL-5`Pv@y4%o&C?c95Q) zn?FQHvOl|F*yjp_9$n7jUn$aIT}CzopQuhFHna@p!UO+?LnzFBO3Y4KLqvaaLHxje z&H|S7pFTkH4;f_5M|o@dn~%?uDS;H$Qruh{UauGnWfprpj0D<6-!skfaZYIkOG_%6 zF+JCTcP@JJ8DC|;{%d?;r0N^{MfWeI<&m3p6s*Od&TIcC21!$$T1I#~mOfVTrxS`< zh)$k;U%rmn6*DAxTwjKMy7%`B3Qb!Yqa zn9|}vKWs|0uABvo`?i|oWtv6{l@IkCg`-iencX|z_?X((1kZP_z2gqH!-qsfd+f&? zFYVh?n&##W=U%K-WN2)1pdThMmCCN4n5)K|&u-ipIBo(SY9%(JyL$nFC6}E=D^Nm+ zbdQNV@_Qf@M#bXKU;2ttxNmt&iR%D{U7T5G1JBZ!Ed}>!QznQC9k|SO*sPC^vmnSJ zf91U)VZ5KztZT=z6YLkn4X*+1fIV+X_73cAtoR_&Ko~tA@GT$ z&&@8&ubSO4P6t>1j$NCq(;f$Z6pItzGlm`P3v7RcO#H8Z6)i!4C-XBe5p2>wLR zx=d+l*Ij=iD0eAMQt2Mu)pVWj>W_JbisT%_-!#FeT(J|MxAZOnY}T88^OpM^nIXIe z+D_J!_pK{}y;m&6^fM+3*Q2apQ5;Sc*97r`hV{RtV~SU|)q~pdUV9z$PLqV~E8my;p7Z(cUQ?bwh1l zVJ(}JRiH@QF&>{J6W%N4Tb1VrcFzkxF=D;PRWbRxP|WpyIJ!>5!9KDQ^H=$OumunN z)XERNY}))f@6L`@Y4lab5n3}w4YDp!aa&Oa_i|J%P1qFw)+;KA@! z+EDY`@M)=|4K6Z@Dqi^PX=!jAi{oZv>rBjJ!Cx9b`}@)Y@IWxSMX!SBsL1x8WSPdG15C_lH8 z%gObOEVsjn=8|z}-d-5**2NR5_Iqg|HfGy*S1n9$_*s5s1)54eEvjdrn{|9qgR#kA`^Houe{=3 zm55gDreP5}LW>=M;d#5F(+JS3yEUTe)s`me^8GK>fwo0}uMEV=u!m!c z=G~^zis^E86#?=0lIEDV_hw@OR-N(@SIi!~KHGA~nx2!5vNw2&cQOnjALoD@DGKhnFq zOC_fJqOms#5RxNR`Cyf`TR$WvRd#)?RN;l;4(P06Rjhc=VgIhk{w_c0GIAr2H}I_7 ze}JI%Rs{oUvSjE74)NcqLKFN~npOri%;d4#@XJ$HmU#c~0`7ssFQWrP6I7mrE~Y8_ z;-A;{+Q62QyXRP)LABs-__ME+qS{_0YcIh+(x#GC2sP+LyaN27{~LW;V3#%{eTfLrS)tU4o*ov4dzkVAR!|%h)-g z{wqDqcpZCc>k^MIlb=EB=3%bASzql4=#28AME~NNaFP(e*)JtCvux@hByOfOKTLk7 zv^TzSD6wZ>9tpYqIkc7U4&^>gnTmcEXJklF;TxuJbDsRDM^KxxAWOc>eD`biMlsIH zUh<%0ud={*rIG~G^iDE0!~eC=STG>rG4~>|xfi$8eZ&Go+_;?f>Guo#i!o7llNs&1 zOvfbi^32Rs*!;UBhqhrH6Vkdyn(oC)7+b}F*A~za1z_%Sm>f$)%pQ0n4*SXMOtoFvaLlon+679eU*G#i}i8KOc{!1A; z!7osFKMww0Ck1DpTI6uqcv$53`I558R{KHlAj4fh9*-m(bTEk9|xDJxJZtJ8g~sWgx|>+h((D@*B)deDQk zo+UQQhZ}i{XFTW`{rr`7l9HC8#kbg~CsQZF;IG`#!>HV0i zv;LE0GWpTFWbVc7d9s%1cP!xo>!j4&B#f9X6DFO=%|T$9#tq5K&=1x(J_bwrFEIvz zLlSxAd{dPEjVC+(#RO8!hIi|ocIWy&MC)nHE^?D6S^WtViEWmKj8oc?0Y-@kLs zFqDDJeVszI-Ddc(?@_gFv>eB#vnLg;Ps1>s;Zv*h8NWbE4F8fq)`W~jHcv- zer#H+<1sDZF*N;M4m^$d<%6HqcIa(J&Ry*{r}#+^Zy=AoUQKDpI{Cw(n${~ zVP<@_Q0#^=LhXjByL?p$3<1~bCH(ZoNH{v@$Ce9|BB0$cgU{bcfi#YpYo1~6*V1LD z7glB4y`F0hN=7GF#NYY4sUtCt)9c|&WvQ)m^Yd>;*47+Q9itd7he7CYLSzxO$)<5@ z=q|MeDZtaM5Yw|e#^v|TEY|5l=0}B&@Fjdi>CI%l6ja*crT&3ME}ryn{n^5ikBc`L zzWJZXo_;AAKG7rOQAywA0B7&4-Mp}nDqAR*+$?!Y)P@>Wam_cu{sxh$o|5A^QnveE z$yqGj0J=Ma?C)*w^L#PFm~mO^`_e!WHj(IbWFd0Tlsb61(W(QsJ5_S)JEzS7#1lv=B>k%v_J8$ zoS3AN@E(e>17P%v9xO_b4A=8b%9S4MeYxr$2iW z2H(Y}dO0~N`S-^kflXKH&GI4ajH$nzMzW2BbpzXWj2_e&yiw!3shiv{42{jh2ob&H ze{2Jg7>$qDpT9KsQr-)NbVs8DZJWdC{(I6dDWRb^Yp||6ho3K57@}7Xc~?GMg2g-C zVFkyKEys-?$Hi6kkErMzI}AP|S=HR__R9F|hK(Ixd0?NJQ>8o^I%H-xQOB?uA=w^^ zF`e-6WCJJHKP3B99^#ZM;^S*G@3PbzhQ3+-Fau!eEL7NYv+BhJ#J5qvH*(v;FxCC@ z)$BgCI3Ry^{UaO<%Fu4l0ye0iJEzr~Ua?P-O2GyDgEWt4HywfXjK}3!(Y`B^icv{l9@x{sxX&$c#lRD%1*`m3zc*ugrD0Fo@NFDKVqvu$ey9m3ybOUW(WPMFt&p z4QCvELaZYAE`3P(khFyC{{pi#W&rlTQyDzHR^`F%GF^!Eu&W-`5hvW`KyE8&{UrcO~BEY8Yh3r=y} z8>mo~_(Ep7qj#wVRFh2b{(CYDeE_ng!*WfGy)vk>JP4Q*Dy-mv(*<4J0pdA@i}9Nu z`3Q!z1+f_=szNrk;l@v2X<{gDLdk4bD$v4EbNpVePBOO}yJL!mlB2{b?G{~QWg9!! z%wk3rRj}#!YI26o5#e8xBa%0PcT&!}q{)^{ilo#(VxBv^dd6EMQ~nJ$A^G0u^Yw5> zw}~oAek$e28svL^!Lc#tc+;~cxE1qIV5%e9{s$*hjs_#uPFDWqcmbhfCGE9AJ_knY z^E|1l|BGqr@n~2RIEMNc>tgC0y6lsAqJOzybv7l^ieIxreU&<@|J)5881UEK12+Fm z4~Th&Jq`qtY8GYGPTC6Uko1)V1zd7_V;F6v3r_R|4AF0VJTTsCG#(@~I(0%Xh;79H zrx>p1>cNVhv(JgUPOEsI5Su!?a!EekXM8KRdatU|FPlMa2cNJqz~vg@K^@;4KHa9$~V0g=ecBMcc}|GU$Vb zQmvJPp^qHTl`r8#^rRPv4OR$wn6}8bf=_)u9y1oFtjv~@_dzU@n8f6NDJ5nqpFhMb z0P7a_o5%R?Fi(vqTU=tStK67S^S@X8|HjE#(qn7*nzSwE-w-%Rm*m;$-LWI45W8NH z^Wz1(FeOaH<@abRdD}T$is;}*HotI`{Mgq!RgNa1@v~uGA7qYC@1Zz2}mwlx- z(T#$z*sLl#QDVibw@>^_T&eHb-MpVQW6um2_09)A?250(eq{WtpF80Gzkt_s`~L!8 zQc0o3Wn$RbKK1{FKezH~;9N__bnqV(;lydI0;9L0>e^Oy<$C z17j&ew^}#>fu~u^`v#+bUmm>QtiRU%Nq_%;F%%OR=TSh2#g@u`_PAZctB7b7+IS~@S<{Tr1=+Gxs8dB9V+?vEZuf>x5^gRTAudt?8e zgY5El7ow)Wm{Pr*dx5!wp(Y0gt^0L{hpf6mP-ZmwK@zv72CL<#`0MeaAeeA%PVg5! zLgpdqZ<7KBOYQjv0Z;B_yc6h(LPN!}T|b28vEuF#;_v7r9QYhARrhw4aG9xKSW#u zKMKV8QVr&3Jz?bP{Jr~yQ29;(f&0_zT`8CLLem@&?(s4)f6VKp@SYxgB-fBdd*2US zadbrRcYw?B^*h{Q|I#$!b0MoaP5&Ay=XblLx5ffJ-z)Y=$VAnzy{`uesIcGfPB8Vo zrClAj3Kt6v_~+CAtLNvr(5*tjf^(}0_%l6*7Vl0t`{Yl-T-lVk+(n}R<#)<=l;*e< z#`ynKIZd)E&a_9I&ePNzG(LmV9) z$-Cg4pycUbg(t7HhFDOp&S-i)?fm8BipIOA&87drhKnL_e{F%|FOg9Kf| z7KJXP?60Wup@|=8gY*vRI7ClqLJ^#`C(wG1%(!H_ctEZ<;U= zhQoV|%r>w*p5OHuKf}}KvAORtZ9pc>cKhMMs(t0pmCA$3c9IWN9i2vENxn<-AY(C{ zKOp$Vct9@ff2Xzk1^js-9rWK542~X5_P>pau(5Ie-(H#j+b)xwT~GnTphvbwz<1GP zsKqn3|A&}=D#xy2JBhX8urdr0e0!tmBaX3!V0ChnKZ}g0C$~^;)!M(+sN~F}CeT4E zAstqBsq{y*tL?OjT~cv*h$O^g1`SNo|aZ53e~If?4TX(SnrL^(zLYW=O~ zm}#Lfx)Y(Ore-VVw8~hmwlUF;o83p_GH#}G0{II?yxdzQksC(hBcV687HVEl=Y8G1pLB7&Hj3=I@pw>3@u7KdY~GrAOx z)V`RCATAG#ewTEO`X z#gTW8Uc&$$?TN8<9!fOk?QME_o=Rj$JXN$UoIRFUlZq7MpbS>#ow&}S&Sb*ABryQK zXa|N7*^pvTolFRFPJJX5tRN{>s>Xk3gpHw6wP`d}L-Lpu%G6yGzF`%a`J5J%u!&Kn|!geRzT*#b*UcdSqp-5>#2ORG8F#m8@cNk{*tf z%=vIrxW502NP-899QpJ3A_5k)qYqRmQ(@<#h%e(Zrwosc^2*t>A^Z)tf26GdaVo11 zjiy+|sN#(sdCm+Bb=@qSGex&TYz=St?{Ou~Ox9SP7|cHa}( zC!g?0U}$~Y=vJ+7R1o5wplE3Xn{wNIiYsNO!{-Q0nu7%6%%L?kc+T~7qA8A4^LZ3A zxbC5miJB6o6r^@m(ZeY-4Mrj~5+ti(l+7p!%HDe(EuvH<7Q$`iFna6(6rRnUxLXdYbPq$nhH}V8y=~xM%66C357=>uMb=kRj_#c!yxTK zL=Rb{mxqA3mz*Y&A?X_xlhA5VC?Zh}vSTi+zDOfZ_Q;^1XyUW7TwI=0^Gl)hUeJMA zD($z5<~n-g+grJd%1cUxweoEPM^_EgM4_taKVS*hh+3ZKUjL@I=W2S3X` z2e9QZtKhP>0UxMjf&ib?30Ofe7Ud5dJ3Tx=UTcvHq6$BTsmg+qnE17SX}{G7A2VO4 zd4E90+%lLyGO_v7X^&N===}lBj@zLQr1b5Pk2t4@sBWVHdPVzq9|C);Xc25AkRA8U z_b$1{IG+YAhBkQ*N!k@*Y=lwbY| ze$Be$O8l11_EgT@IoG9~eJav&s7CLE%vJkIO|?PQ$&}OCE2PXsQXW5E{P><;j?yf{ zaCgM#!EE(J2GE3e2tiJ*R|2bm0~mv$&48%xor*0}VN<7^RGR`?#I|o+xF3)E8c6 zJmriXEnVd1oQuO^9ZW#^0YBK4M(>CKXd0=fGy|p)CI|UYf6|)LQ*-BpQ$rIO4;5kt zq$U8K_4%#A+%q*-2(Nvu$RiahU7AR%i)m?o_a9v%{n&^*@7m0_-OAs#CF2xS&f?#N zPC?oD*)hL3nBmX$CoC4?ZGm?BpC>v0pwoBhX6VnAGPV12_s?v{27BzEqXQDwkxVEB zdyhvjZvv+p4u>b$k)HO(JcX#mGmP9$shpVl(Op7gQb>#^& z%W7I_=?#qs#bnc%6YcJ$Jyz<7En?ix!*1gg_DDPsNwcEUEns{>zSBPVSbEe)m8*Wr z9J2zqYdLx(-z9XXRb=TT@#e3_ktG#1%-XSMo^Oa%*1gz9i zsqUKs{(B-Vw5+P0tyM2H88dP2cB6qaz>oxJX#pVxON;KqEb(BhN%9Uw1i%~bD}ag> zZoV5DjiVyoYEBbL(Y{gw;VDn9WCM4~%)I#MM562*qiT4T;YU1@rk) z>2)}8MWQp6`jMO5I>*nHxvNEx;OM6&U8*biuJ&E%zu zU`>u#DI9>HQB1%<)|z17Z&+Awlnnsa&4U;3h&LI!03XmY;aE|Rq_+CW7XV|D%7I0$ z^h`oH5C`sl;Hn`;wVE1i9VFlTn5^F*dz9z9bBA(#M@$#>JMo?nuv?Q$s;uL@6(;kt zGy`#;B#_TTXGa{#lx6*nAg`+##|0JaqaS#09{JysG!&=M%Nv5$95{RQYQ(AN&mHq^ zR1Bf3d-SYU5=7D9Ej5a)As${ZNyjFpP9DCKP0*59{ggKikO*KW8mbpaujMh{W(Dx% zcGSqX?`)_XsmBA_ly{;cdN~4c%!tLQn_}>0Qup+lG_9*t0s0eW%+pvHunitg3)!B%l$ zYLI5_^X;t9h#GH-vJ4a@u_+mH#{8bb?r*yKh7mvaJV{zvb%Qv z^dB6VzA#>@c^@}`@&_SaL|fo6Hr)`dt(Z#q%`3Xau1}AE^tFnO%qRkM)v6LmbRolfUG#0 zLJ+PM?RXhVsWoj$hxx5_+>c2LS3)lyDDG@m7P=UGIQZo3viL!vLbbJwSXbv-z9-VY zVWh0FaqM*ck4n>raN0G|M@)z%hakWQukX_}Wk$YDzM`}O4a-cvwfnyP4=yzT^hcaa zftto($14SFB4Y+375TIu?n!eu+VZ(nyFVQNC{+3sVX+-0n%qeo!cA6}EP~k~aJa>_6H9UyRK}d8}?V0NO2tVY96uqA2 z6hWG0s|wwntF~`X9~@S5d`7KVm9D*IB>!YtenAWBsMS2Nu#l}-dzV4v)Z-gOE_@!| zqTd&iTk$Xb=mh9v%5dP(w3SZaCaVFKEz>)7Ej-s=pClVDYE8~5*=UoqtJ!+iRSgbo zV!n%418=ItoU28+=f1wrW0NM4xM%Iwd3(c-1P!(cTd&^;_e)7cJC8%6I64#1b|MpB z$#IP|mDMJqkRXte1SOw#lpd!Kug4sUGJ&BU*`VN(q5+4q$1O}-jUj#@Inav4N?y^i z4UScma0v+!(l7cI9P|`@_b~Yio*mfm#*~@xs8b&l)+XIrxAT`lj8vkP$jk7ThMfI> zPo8p1xokTJT><-^pNq88dL9qy`uh@+JoR7LH_~N#p*1weoC?Dub2fu)&OWJSAhl|> zo^HpB6o4f@w)MwHlVf}1m9;LdnTZCG`|4|_WSBEgZqh2K+`>PL1@S86`M#*-42>fe zA=nLQ6aLNJvNST8q1wkz-Xjz(5RbxIi;=RgIQ?+`FN`=5gFrwixL8jVk&@NeyVt1G zf)FGs2`@@e2cDzIH{z4YbV~gsi#!JHP$Bv3dMp#rSJ0lXi%@PvQ~6(B*#)ito-jp+ z6547#YW6^SN%$r{e}3u$4z%YTH6|gVhzLiUB8gWIIpS5dG+O-#RYNGBZ8DVLvXn2Z zPWGfX4eK$djP1QME%FUV&AsA7Z5av2WZ{Nj^pHBjb=;;Vgv7076)ojs`1)fC zeyoCu5{9X2g+nxYBoRqMyyBbiLPlHpTWcMI%K=u1K!Dp_;FahEDRD^5^l|mF-7t?TiF~-1MnBIjah~xL389Pl1KIHkbM#3D5!2?71I%KBo729@TQ^E zn<(uytQMc?6lT|oRiky{SZ!*jPQCmAWGlMpSf{}of6hITtq2jFp%v<#rlN#d$k#Y- zJD1E-U+Yl)r^4+l%?nxg#E)2hZ_pY(65Z?+l;KF|w%Z$AWliRKCI3_RK5~-Gix=T> zZtVkYws8nx0XnQWd5Y{xf879VC{K}DtPI2s~FhSdl$l2J8eHT7;EQx3WT`^Hx zTvEivopR7JjGn0`__K4nosu6F6qCFY7t65?4#U+jUht5^z5~{tYCe(%tw%Jv=|`^(EZ$5mL;Ujbf&dUwZauzx1|hmcMO9J3>i6u#go@oGpAr>J75pl zYQCtYRQgP=Y)s6WT8^54w;Ryzpb!*koa79dnMriYim1G7Jb~gprg-1p`~*eqOr(>k z5X|sv?9q9H#4zvM6ar*Jsig~T|QmA3ig7E$B&S!G)<@30~hzX;uo!*fXrx- zasn=sU}lX|`Fa7Vo9BA`)_Ep8>@{|SyJ^_zYhb{=SP`KzQ~QQgpxPK|xzQV$;%A@W z`P#!)-dhJn(=SmD2cKDyc12G3{5Y@EUn%C?>DDD&Cb3+DqFxa;S*9nZAxc*`ov_TP z$cqLBltr*0pE0e}O=aP}Ih=||%7nJsYtK!YK-&pQoFlu=VlAiQ1N*hP!cQkS?IvMUYfgLSt~7g!zA|YvkLYMGlVol&E?c^`bDO%0 z>1u_G5(vdxmHFJ){$)KX=2`IT!CU)f)HBdsB2`>OU|_Hr1){=~!ld(F5Z8m0NQ{Ce zTjzmPc}y9vgQ`Vydt$}O)AQJI?mAuZS}L< zQ@7|8d8R>zfE2}oG~yxcFI?RnS7DsdCpo)tyH<+s!NX{qrZFm~$mVhUn}BXmXCF-x z3}{I(u&85{`$7qKHjlB!{?{aVHuy2xbu=q<^lGBi8V^l*K{9m9m%P5WD28+L0#Y!* z`TWlFmeKIH{(Z{pAiCmr>C2PXf|5B0Yfjxg^WJj(SyJPmCeap5+q*G`p_aATSI_wd zj}Q8FRFT}p=JvbrOZ{J7kF~(+9c2^49*~z~s!!YHpFl{1RNW`E z-)rNk_TE#+GZY>P6Y?f=3Hd<;Ds;V{$!@;Bpq3Z=~CNn!Uaf-LZ}A6X*9GExkDL zkVP$Zbo7Hd2;{$c&q~Xx2)?=`SnZm%8cHxungT^Cemsb}c zatyiIm>ZOeLl;L1>O>zOVnYBLm8YlK!m}?{#$OP7KWt}{!~T1smiOuVms=6~^rCL= zo=;k+uHPKB=O**gdFm&>#oe}-4~i_c2ig+v6aPXUwc@G)%@>6i+orb+ImP=my&-vu z=h9By34_~y^x$*QuWO+JFpaQxarvAtkn6xx;BaMq9_Sq^!JKnpayU~EzF1ja(7pDU z89Z*la~YD6afO)hSU7%(a46niiYc!8?@0#lLDszCkpnqDr~g4OYlfL%WeJRor~XW} z!ZcH`mcmD)Y=S(3l8KXB${|{V(AZf$8@~=TS9WwyV~lcttuASA0!pWPz@jzazGTY- z9@%We2alZX-mYe{e~cck<~LAStl<1!lmXvO{O<`B?@g^|Ob#fLo=q5myd>vK>;ojQ z<+Y+ZH5vy0DA2hfH}UTv>FI9YUlds#mHlEkfp8W88)@LuYWN#INm@zTaxN01hQ?;= z1X22Z^Lty=JZ8c)e!7hgEZ@JqfzJ#I(Um4V`eQ(avnqvUQepE~1 zJ5;pSQIC$+JjZcirUVJ!u}5Y1(i6ga!k9$W;XJNZis4vxd|F^m>@rN@ri^C*C8g&k zvYGM$&i)ZEEifoWe+UG3^`|d9l^`aFB-=I4VCRj`+Cqb-H$Kp%R~tk-bMT2U#r6y+ zaMqjhT?#+bs`8pcX3A963a(_eJNfv}*y5WQ-!Q7Hq(+=d6L9eOXG`e{LxR7IkFveSK?LMn#|oLLGc@CI@ZLi{%TFvCPFW@@d~dq&nc$+& zp<<=nh4cM>?S@J{LtYU2jdMskND6Nm>mY)(E$-W+R@?q!vNSXFbrJGm>_r7_^^Sv? zlU{R8+)Bgh)lT+KN`JBTP_<%~dt<(Z-(<)Spv{0Pz*&^qP(%1gJ=%ll{GOah&G4Np})G8$Ho=B~bH+N@bz@zU;qdZNcKaWeoCa*NWfoLEGnTRVNi`EHTJ{o`@C z8OZ>akN978;S;p(-aFBIq4>?{PH9$k7MmLu zcjLB_8;&cyRUR)T-N<%&io&G{V7DNiXO?q>2L{A*y0zrTjwS6A3sq zbFuFth$ce=ElbR>P`*0Y%8F9DXB-M4C%q@s3deoFvOjnUiSp^(*e{Msq?N_Liaori z7eOmn9qF0`Klke#szRKqf1q42|L`eN3F9+s%t@TY0=BF%HpXRcp}o-t>eE>}?yFWv zyGPc85_K954sw+H4NU^CDCa0&bfkg#I6WZk!UnAh`S5EnKZH2Om#^Z~O_~mDiIb3q z@z*SdSB<}k)Vg8!3?aTt{6xSTmcX8re<}xDqS(5z$MiS>v7~pMqBLD%3pMN$GaU>Y zwUHHw1Zo-sIZ6x$o*XZmH)fP40*H4ovA>9lF}0myv)3teg9NM+!;ar9T!4$RxiXW%MH8*hBxt8bPhKaNqE&@L zGLy_mF;-Yuseq!&FgS_YUE{+|F7o?ALJUWQ;jM^m;>*>moJt48P z`D9UMr;VO+10ZoELgYxagBkx481|r&bPf%R@i@pc0ew_aPUK0R#7R)6B4R>-c!(wj zBNleSf}5%_P5ao9N=|kXrBQA}bs0ks`C~fA^?&qjW7h}v1vXD8em7(xnF`c0-*p~w zQ+_qjtvE3CQO=M>R!Qmb=13;~Zp-rhVc%lf1xY-Zt95hH=+Ogbr7C5W=~6bzsg zNyo0~#}SN_W~o*tP(#I!@gMS`7o16K;~6y+@-PEXM}kmX%{D%*iD-U|RrFr6$6j0v z=?7N00pf(uxvY=V*2_3iGFx5ivpyY?j%Zo0C-H(0fXHXd`%1c7>&%-F21vXgv0E11 z_Gr0&`aLn6ffaRa-^YNzJ-Q%}p$jUG%xVVZ{F6ORt9r}%Nvr!INo}I!Gh;MApybZt zhsG`A+Pj102ienr#{?P8DalBW;Iy8oo$>>eF5*oypz@ZRf1~g|I#Wbkpdq`BW10?e ziK?V@yr2nyPunz@;UIZc^2oN~=?C03<63J?-^_r}JV*1OP+YMK?S=1}6JPBn!>tUo zV{l(Q3>x3$@FidFa-jRJ$ zjkyLq;VV;%bW87`W)K2tOxl1MCwG#ziWyb^Y$P(~J*L9{QM6j_4alf*>-LDIfx$jr zviqMsd_bC4;47`Vb0r=>38~bNK|<>ncXS7B;O7S=RR%eT&1-fU^Me4g_R2iX%Qn2< zm5m3L9M!;i+{sJ0;JNs#d64G8%K;$&h3FehR;t>udY6OunAh`j0$Ck8o>{J=Me?%( zPEow)8aBBlql#=ggRARKD#&pbbN~rNl`5%!zuM<(6A4M;J`Yv|eY=2l!EK2rYVC>c zlPTy|!kIED1>NuM+XK*OvbMkoc7$o!JYr7Hk*s|sUB7umqX$4cQ3E9*M*l-NP9m&Y zdz@C`WuY@x%lrq6573^cT;aB+pL!?~tOFL{RG#z@O8RTDwC%`46A5a=i8kiLiB&U9 z$~>9*I1#I4F!~SBN%8WIaWHRc{#0bCLV){x{_Pdf46je;TgjP?$m!B4m@XOLk3&Re zFh$CzgT+vdX`p9qOtmzN|ucQq5 zw+j+Vd`bWk-+<*smV18JlCpb?|0u)3z-_I)vx%1dE1z@a;p-QyaDHS$39z3p2=Zq# z=lMj5y%tN~q`<9&ZV&E@;wsBNglne`$Mr;sE|#_(v!>Olr<2%3(iR*r&y*pT!870k zB)MkfE>?H`R~R<7D|d7#*T(qvAB$z^$iRk|-#=y@LO-&&k8v zF0W}<4q99XIIWJ(EO=m)Z6)x=$+(tc^UD`BY>}SqX5>^%WjoRD<=NCd)r+X8KI++F z&kDQA4e1af8%Hq8)Uub>m+Xnf2$ZIYD9`CT_EZN#o1~h;&qPSU6N+=pzU0>cn*=2a zT@+9wM=my>{lPw=m!dG<6-lTNA%~UTz<_d*ocqPvmWxw^bY2dqJ1FG=En{ta#NQFe z##TAc`cnRuPpOyh`jV8`hXNph;(8Lq1|2};v4XW3{DquMybcwbJMTM;SK>%R-kjVK z4Ds*eg}F!;Z(b>#2vX@?*q>Vl4{Ng`?HzX(3T(BK3-UN|^en8WEVbAWLF8lF!&F^? zpgmPSZ+KN3FKvRjyQ}5qM%y@e-40uXQ@=7aM$Bap#al70pAjK13JU^`cDTzKyxLA( zm{>94^q0fwMzIy?=exUqu(dHrT4r$5Gi&YK_lors>AsrDkRYMCX50`d^Qdw*+ssuu zS!pp^bg0kZA5sV4`#>XXY6=DOQ!FxGkh?ofWw#>=?gc*KAPw#vYle|R6Jo(+exg)N z19;RsoBkB_mL%NXyrkpXELi@sWVJ~Vg=xQ@hf@2dIKPMd@=`KoXKM^quI<8tHI?_% zEVoiN<0z+8>QoEHBOP7Pp@TK?R@m@*zyzvUE=CQTOghdYZH81+ie`&}Hm|uhkexzP z1Qq$Djx_fYve5WN+jCQJaMGkqtk0}sz}Cj>_{PZIenGf4FDX)Ybo=YP7G9-zYb!I9 z%bb1y`(Pn2-?zYYyRD5%E$0V7tey3(HVBU0Fn#@ zLd!>^&POqGBv}lD*#@eaYfS8~seJ((r~2s7iM>;O(Z34@Wg`$Q9XmD<2L)u@xNaP@0&CHQvu&_ybC6DlqM0s+(@-U(apDHpgBxWmB@>6vTg*q zFO(bnh1DXqbhAeSkDmP#q)u=`(!q5otJ-gR*PgpqqV7>@V_>kK@b<%h_;2joO zmdrD4Hi|SQznx(|H6{up2|h0WTcNrj5twXBlCDR9CN90MVGp~F0#Lnz z!T|Ni)~&G8$VVRybWkq)pgv)FE?kB_?dikl_S$2Y&uU;6QPEA6K;@<_;vhBON#k*a zNau29j5hXMl+G1k0 zNo@*u*mSi#@WKY5B&;J<30e(J4-nE3sMZJ*w}KN~2}?*I>U-jX$r-2;1cXeunG%po zQlj+jeF!LYO#x`~Aw!v?D{_lLD|!l;qg4tChG?0TQZf@&Fp%#Ed8Y+5IUZ$t+)b}S zWF)sIVkGVnIzlH818FjLoh*Z1f@~x?kVz0U;DRZICc`DL?*Q*j2;Rg@53(SGG>MX2 zhwP!tK}8uZB8LMmEP#O%pu)sMXuTmU_8|htuESRFY=L@E-3(MCSrEE# zGj5=4@M6H4bGX#8K<(61ACU_=)K{n?5|RZ%5)Mi&3^@~p4x8jo9)e!8L8N&Tkkp2w z1(m?2Qbx2ta@a*1lIXanYLwct-+;|Z^+I_rCyiFaRcYk)P$Gn0Y?HJhJz^o!Qm^;Bhfd0Nx`H%?K@@EM7nNC68K4&3y*S6>S>a;Cr&6<)|sE{4f-Qu&P&%Yv;i!Vx zD?z;(r^&63FGGArK_*MygymaW4F@He3c!_41)XbipkEOhQmsW(yd~gSfdQ6!FJ5Yl8Y$lJL_!%V>*M2?d2 z5G>gY;S+T>lz)Rr(EJ;M+4hqv^Z0qYmtT|a%&*Aupu4{!eUeX+n3&IzYRW&Tv>!e|wR38MkHde`Sgk5#WD?c`F0`xLeA za(5$g+xH&18&mdMknl7PzC=)ljaH*$RzBfU;7G&nIi}@%k72$_W~)xeEw@4lr1OL_ zlkAepVolCoqB}S{eSbt0$Vzc81XrQBd>5D{nHY5;wh|YT0pgkIWnRaJYS*?X6*5-LFktCT;rZjjlQLJzzN4qLDt;B>+rd+!OmF5S9 z^ApV_ka-8|R8RU<$Vp!%5q`$s$mNeC!_D<3GViF-op}UbIy*VeG@+6lp zxum?2e26Lc59&VUe2<(M1JpRwFQXFNpBWNOc{eZASg7|TW_?7Rr>;gqs@%E3FELU? z<{Xy`aj2B7YpFq@i?IV#i5Q@_G!bED`1&$9wbj^l#PS@C&AH5t{E&vFL!*`KXmc`s zU`Atxh1x9zUw(iL(^9&RN9--i#urU7kuquMtX!q_Kf28y(fgkxsA%6M zcTXc~dE{Z|K-{?mpg3zDA$)&1|_6Cg9h3L<9DkIY(>-ReZ$3Tr}>Ly@rA`zBqK zXfi&ACRxbYe#~nlbCM)12`z8nKs|$fF*(23ymu;oNU@%yk5|b={{W{Vwi+x<(7lsO%vbLr67zjm%Vq;*lP$M6rAURX;%igxh2>v8dCtS$0iqGgWRCgi%(6@FTY7 zLd>njjS}}gG!8(I&}peZm9)9qpSaAS0-B{~QZ}-Qub|LHORLsrYHirO5icYXb7M^m z2T~TB3v|q=_PSnN-kgUn6sC^(4#sB**k_I{7Ty zenrJTqi8SK?!RL9701ZsVyf7Ue3GdzTo5}YGttSBsWk~#ToGcpFK(P3tq9E>ADnMq zp&$B6=F?G1%NPL$x-Xg-a81>SigfVqGG589&71fZq&Y{ii&j@rb1R-kJL8dWe#c8> zD_B;}rdkGc@ooCa8MT$ifHLzJa6*tOS-uy-Ma-4G-m_wq-=&TV*{dSkXgh*|mvEzY z))4lcNX~N4p-w1#jHci3`pCkQVd+bUBqXJ%TW4?K2K8P=!Ed;oy|PaA^)FNB0+!?U zLa$APn_TiV9qgWai`$Y*K1vYd$$p(puOl?;$z@t{eI!ReB&MkPzrmgP9F=(`^_O%l z*+FiRECoW5Ay432iILKzcAd#O%^SB9j0{^H1+zbLaX#X3+_Aap7$gRz zmL$cK4hHFr+T2K?k}W79DVQ9R6i-q{Svz!1p~MLS9p04WYOswYlw6^Wco_yqLwK1e z6@G;%k-(9fBu)gvbD8{i0j!jJ*g=i66N>!`QnM2)B(4jxitm)6_$F%(vN~y zWRk2o;7&9XnGv@No8n-Z7V_O+w8RKPYPYP>$b;G{p>u1IlL+{&9xZ86?lNilO;*XG z;G>!AH8ja`W@Dz068B?+R#u>OCKa*^FT0i-!nXD!wSsgjB-&Nzpix-RZDVJmUg8f= zRV8f~^+gHTxT2dfg@&S}6>hh>ArfFPt73`*cg?=zniI@n7~o&Gk`+<0l15p?vGviA zct*zwk!IQwI?msPXQ0VLqE3>`+K!?RIGW9nnO40D`ahx*5#%C04?MFJ3dO{0poygN zYNA`)P&G7is9IWj!b96NMHA@6uw}PcwZ1}BQblUU*4vP!W=#{+a%R_&$kTZk`%$hO z!@VAoT~>S%$xxkk8mf}gYp2TgBs_&yjXFDObrn5{>m=9lwrN1Wf6#|3cvj@P$1)S? zMd*gPELBMT5oAiegq1>$^Sk?g(l{RelhoV$t3Z(8eF+a&)r!*h7U)umd1t0H7S)?v z(JTh#&~7uan_@_3nVS)I8n`OiB+i3hsQ|lZOF=aA_?`?{k>Q$&ay0H`)cbxD2&g2Z z?uD;|K>dw^1fd=UY?W{%z6W(?L!jITUXdM*!-A0;i?+Xsay|}$r%uD{8$sCtm6{fz zjcndZ7WAOD@IBKqOWXopbu{i@csJ=`IQudSFQWY2L+)A7sp1f!aJOqhi*2}TjRj^#dt0JPtWg`Z%WvCL>WL0hMO%Rc4 zH)O}zp#)%POl=yajFOhX%#-l2Wv-p#9-has5`ZXJW=-=Mf+-NlS6_6-q|$7ABU27x zPopC`Sune-j?TiOfN2KM-@?>q4lW6=g2QMHmKzY9Rq#|ZVq@|`CPPf*w3iHt9GuRZ z(8FNtU#SBZsa55@65Wf)#VPggqk%GEj7Z^X20_J&6YK;SxXX%Ix#8IZdN5RyiU4st2NQkuZy>)3Y8 znU4c&qHT~%ur&kWZ+T|NkYqz7Jw?}KoWjwW5`}3rMvpp9_6CfnLEVev?1oup)ReT9 zK3R8?c`V9)a6BM<)4F)7RayvohiwjnStDGEiP1TK3CWP7)AW8K6TVcmT zD)1*Ai?DrB_Jf15MbQ}Ju^0F&arzZS6Mq6y{uy}eHr@<7@O@FFevG~fKY=K+?fABx ziG;aqT0e#zF~Fpyt_uDPdT=Kn;S~M}%b~ij1TC|`+Ajjq@J?1Z5odvkM^@(95dev7 zwH^3DBz=sNyy{MsjjWO*!r^DAgm9zKO+&GM74ReA8fd!-n2ls4RpuD-361MlvsyD{ zeFuc3vK0OUzwnEZI;mG8^7b&tVXxqiqcGH~Cb~P+f<9mIprynTjVNjQiqT+N%|W_w zOs)1TBA-b@I^b$k79;6_BAQmMNb16N!&fI~bi`KW1=lgb?(ZVJt=u2i-JVAs^UDm@ zqrk(p>`j))LTHB^Z|2PE*jr~0lX7JdN-L+RRu2@G&EX*>pIbe`bdmnPYxy zN0)(;G@R|qPboV-g%2mWYA{2IB;-xI6VXkWnDDlNJ4;raJ#abk_fg6S#7wd5PY&F| zt}UW6v85%vWLlAqv|2Ixu`QCUZWhk@sEfO_^wRz6s!zl|J0Wr%QD@i6bC@EqeRI$LdOFpe8hv{3`T4EeD*%&{> zFUeN~jmpnKx=n~mzcUacN=1Z;8mwSxAmVxsG{><{m2f4nl!?^Wfs&igK}Yy81##>{ zG?e{|HzTfyq_(EIk#P=6P~ncG64Y9237RDsf%4KUIQMJ6sjVR>VPG!f5bPfx@Yy1__jc5WY+~8piIjdSV_pmAz_P?kk^cbVLw*gRHX1($eo3OiKu!k7Xvr4RC^6m$1r9@31X$WN zFcYy^e4NOF8jZ?^TZ398I@DUW5eT6cg@0Fm^&W(JLxW1$>L;y9qD$Dqf{iqEwX*mt<$;S*gG-3sEa3uZ18CE$Fd4tCfbrDhYOc0!EI&L`>i87>{ zK)T%uyGBZkLUzu1IFE5HYS;%S4JmZ1_++^z?0(4dxmB_BcJSKPNnN1?oHU8Iq%=oI zZM@ujl_f@6=3cEyQk8@xpSe;jRTIopg0s(2;74*6>~}@-L4_f3z;nKW63G+Lk;I|~ zN}O^v8N~Jw{ZItVGUQZwO78OUv%C}aMB8%Ox65+GfqGPg*lo#E{f#XmMQDZE#FRr6 zCsCzel1+6cVGMqyB*^6>p7I5_?YMYT+?s;5`k5nu~XQkUJ6e$yFF9^T$a<$>#tqTs({ zwfi_3I@iT{HbFqkJ6GsLEUua0e1+ts_mz zgh$B~E{oqth$$4Pu)TEvT82cFOlsQ9!{u5}lq<`liD#8y7wCD2A0TZXQO< z6rq{iSlq4G>^VVoNvPc-NzhvuCS0V{jV5w{9Fxq-x{-{xHRMckJcTG9sI(pRA!oT}+kysrna?9zt87}8 zEA_E#G$h8~oYSFdG+QniogSkzS|>@rbW4InxpLQ$ zbZ1RUNc@DXJd~+@%TV!I7`J9qipcdw>pN`M(|D2x_xu$=r%t?+>{#?RM$L@Oq~XQC zTgX9do~e;d%Td&s%J&-@7a@^r8CY#L?YI#YD?!C&^70`qw8`@!h+lFWt$PJ6j+v@( zxW};wo4DUhwr{xQlJ_Q`^n_cFQprz38c#fwpXoCB>TFSbkbkDTUgZ->_ctGN>d&-` zt35_j@+AKNrQgW&@+b7o%=H_S?#^!KA-wJ<(>{_mht^9|$(3G2uJE}r{)-LwC+v+P zwV!fgKch~3pH@!(O8)?)<2T5o`6l)5CqjbP+*Ys1-sD-Ib9t70k-PnsyAGSONcUo8 zl51K+(U8+CW_m!hlzAY3N7abXiDavset;k+;U4V zA;>84(Zg1>i({CqjkW%o-?L-LhyI6jQ&&h9#&s$6gA>|q_r`S+DJ~+qd3a=M)j58{ zuwGf8M2y+Ct8%8fGx`wWhl>w%i7Fdpg)$K+poK@`;r@+mU_ZGXtH|~~631Iiha#w){IU234qX&qb=Yv zW%W9I5WX5pPo9j6Y>m|@QKTg`*h1gj){w>b7R8rQtK^TbXyl!4w=Bo>^)hkE{?PJ~ z)~4M&r_g{T<`h#g4%8%y#CUPv>?Za{NsN&!g%C=Zq^4mr!5LZhn~$mbjtVlo59GCS zL2i4OVK9cmy&RBk9%FeGeuJ7eu|-{rRud%ql5aju2jpk|jYpDg#KIKLTlX&?(IS7Q z3u$e!@lsh4_}zG`eu3dNI}smQNg5<@jPB zpj^sLp`%^77QixQgVp~4o~A4AQiAA|g=Ah5B#4IG0g&vF#>v`E&nw(bs7O`_P$H~K z8AMLwkm#BF+3ak#nG^dp6{ z5F9UTNGn$Ld?bf~7}8bj+E}yULUOhHlAZ-fxKjd7BGi&g1s6jKBH3+=xaO54i05Bf zn+fUqlNzScHAOFY6U&@%jnBCg8dMrx@<}l=SZ2DDU(4OfUk(I>w6>EvlYjJ2Tx$dy zQk>|OjIlgMgyNQ&G?Qdbw8eu=mdyGIl%}=NaOp2}i8AaJXW0;?9>SWJrVOoJ2Q14j z@z9g9tk9LAMmX7~>SwU0#w*h)MVU9io}s32d-f{tGU84Q%Wz!|*j{=-})> zs2?5%#P=FM!EEp*uTkdw8s7U0XM-zUhNVjIVEze0Tl6gJ!MWhR2kK^hpo9pkH7J+d zn65!wlZ48I54sXmB>jl{1t0h=SSqSTFDhg_!gh_Me(~yP&qMtJm5nk3cx>Y$c9uq# z8rSTwLV#aTS!PUWg~BgE%;ku~p}HbB#>NI6pkZPsPe*KLk#~-Y0*$0VB#UZUZHdb& z$RvqXtYLZHA+kV5%+e2#^ zCl@2*Tnfuu?j@9Cf|ogb3AF_O03oTeK%mq`%?pyrglB>UD|``J(=b5KUqK}#*;wFK z3TJ^fe?$5}lXs}Rrg~s#uB;F=T6__j61o=8G%};OfY4=A6Y7Xwf?7nAyp3cdQ(cSM zUqZ_rh?QOhv}2*G_$4`Aglj$t2wjafFRP%C-1z)hnT$DQvEZ}#6~FLo4OUt|gQcGb z)fm@-KESC;U4)dQz>(|0_Jh;0^+Mh|6_0~lb{m)QRmhgF1m=7R%iv32(UtH&v?m|o zOn!uv{0r&|pp?IXYtI5qPlFmX_#3~E!(6S`#z)w3>Or;z18ADVR4t_iRp4~TVt1y( zdXa$?d+TIti)tPkvRPRd($aYzQp6>MgkXusA@yZWn-#}_QOvpw1ZA$1h9J6$8__~o ziRf?_13a{esLnC+C{3BqsT95puY>$ifS*dsYW=;1BH^0XQ|>|%LV4@VLQpzhBxlHk zoRD>sA}{c!W7t^jGLa>_B#Jmtlw{sSdCjE?UfoF%g|b{{HCQ_R$~B(_k)UC5KLYE| zllM}a>V~F;2hE;0E4Gu_Hyw5|;heTkrJ@~@ga+%N!j<50{t?d9zT)&9xW+X-hHXiml?JaPzLvdP^lH7>L)6c}eD zdzErCCIcNY`ldl7F2p7O01R1nHC_d%ljuOWM>KV7sJ%cJ5SrPFske z7gq<+hRurTCn{RU1P&YsbJJQDFrjR)OuT51;xiHIC)1Q9TMv<75^ZnXN|E4puLJu+ zah2F=RfoZU!Hq7)F^&Y8Yfc4>I|;vnY>33{3MDxj-F6}qA}+D3@M};#muxI3FPJPS zqbe3^2#zF;fhc^Q!cmcQ6Bk9Ea5W50S_?zej9}^hCV;d8w2q^ZTin3rH%|wc+@mKx zAeSwMQ?8?0cpdu^$zVY)WfQ zm!cu_)>dc8nXZ{?cfp=aOhg53FL;ep3JNMV5EGffIz=qDgRmSThy4);2PE+k-E>+G zR~j^j^Oo|C=*Fyn*c_FVb{ItwepzZ)!_x);MM@qkd=SaIH+d7cK_x3iJ_sb%7$mq{;DNp)g zGBxzcJxv5{4Vvz^B{$@Ht`3+V-N@B*)L1!v$=#KS$oOiUqUxihGV#X>+~VDZp|qxE z26jcq>|79{76v4AW~@Y%2oUNFDlv2Yl6^XEJ5B;#NPgo?B9FQ(2oo_elynv3;mDj% z7T%)=St;@a*A|w+hKXD(OnZ_w19+|%|J2UFylN;&99 zV^e95VwoycshmB-RzkC$&x07Q>-%3LT4&l^${hMav-B~chzOXF@n3sE7=+n6aydNE z1Sy>~xvV-m(i62NZ*Y8wU78AS3m(*CDS?w*>A2ZhLvU?)H;=x~;@$ zgp~0T;B{vD?h!+26!}{2jYRYttS!7hBzuH8$|Oyon5ku`R?+Ut=*H}Zhq$k-i>r|s zd1ONQ6VTenQA!(fB};Zr7NVp`c{odHOQrgYFs(7WCG1w0m555J^(Unin0s(CI?VK* z2(>ltW|KBY>z8F&Q9b%>1A)ZSII72 z^(y%=&UqW2dF|=QnZk?l;bPG)u=OIqqnlyNy<#Qww?I$jm_}< z6(Q%6$=i`KO?5E&Gg|UUUveR)-*Qt~?sfMd%kCwz?li7#8%tb`MTCjd4MGo7T4ElF zqQ@!<2D6hK0ZB(P7-A(zQ)G(DzDNk2hIKxsZM}GD^1P&*-l+SXxo?=3z zpgGl81r6*x{WM`6z+5CV11_riY>BcL}!}06PL0i39B_JoG#E|iYBj-jZ_nI zI;k)YS z*_bmHW#h6OtD5J*?F$lnZQINAC!3=~`T@^=xhxxVgR{{UfCH{44HkeVNH z_J4pn{E20-IW*UBwJRZ*bh4NSt*Og?gtU~3i_nzv53L2aE|NlN>P)jsk#0J^NL!yJ z8vBzJ?igjFdr4?bjtA z$$>q^H=g6Gm)v!H{5oyuO}%Q zkk}rKM9RmKC-PAA1AYDb&vP5yVp9&qdQwa;sKINCi#>othOBO@zs^ zfF>}SS**z;Ng*)_V40@Oin@*9+K#AVy)jd*3s(Dz^iSC`Heqb*PDY80fWx)7o%_Y|DtmwH(bQ!R%3 z4ZYdk@D>mBDaC2oj^Ch_L#N4HJn}5K zBHE#m!DdDSgV<*4%!Xk$$C$o4KDg83d2G9V;^%weVp28JtCl7Q2R8rhS93sO-e5n@7?2sf&s zW<+)}hGT7EGQ$1R(*oQIR)r(6a++zo=TZYj)~uI8q}_YEScsXLk`YfRm4B-zVnp2& zl(H^@b2|-Xu`t>R1U6BEpa|6MVii~1nxua5I25fa?HaOrq1q%?4mT9R0k1?*VQ!Hr zUXsgaykQQ_O?p2`{CyD;{4_&cttl^&FrkT|;OLhjq^HunW!QmVwn4a>-ff zMz3|S*=K;wkxh^p8r9MU(z_A_D^QbVC`v)3*XSi|q%9q<1ZhI^bu#5QgP=lbZ|K8i z*nMg3_~3+;BM2c$b0iZSa_EVhmB99s4@}a?y$P)-xA&=gT}WhMxRt0K$+MNt@d#UY z(jP$?wqKNCU&%DZUQ1}vpW72Czd?xPyMru{#JO_ng|V%M+zy5E>>9SrNxsW*11@-9 zadt5QQLQAec^5Uh*;#;8w4w%;8%!ICp`;}Ty1@-O8m8!Nf1$gfty3~Iv`*?^uCWUS z=s=UMElR7^izP%31HvrTG(==A2Ztl}iBDrFL@T0ll!i=om$2?iV^Jr8sH~QwEk=h$ z!cC12^k4iWYxrM232oS}9gZ%;@z~ziW23Qz{1YDmaO`VKu$~{HnrDJz{2`L)SD2d$ z6^(USeD#-ZeF#!E3Zl75gw*<|Ib*>>Z39ulVi=q}SFoZ52`VCW_6$1gD%sGLsY&`0 zaxxrbx{^NN(a=b>w2wuxAHo?l^(2_iptmMueue&11$Ch+8m@%9htNS*TDCXxD|DOM zTqn4S-ELhQoo}f=8+u440}8gSB@i1-sj&|7&JpfE?6g<1ZzDBZ>=)pjy=`3au>wjv z3AA=Gr(x5dVi3tn2;h97T1ocy6hDO{9gLsC3ogTHk-N|6+jbW32iy@Fj1 z;B&vx%z6xxTXS*1jFO!-rHLGgne}bMOqafz717MUQRqU|x{J726wy|Ykf|9B7Q&J^ zTA5c?YupNPl$^#T>anO9=D9>-!h>_T(E^b0NgAsEw3>irf;Tx=Pi^ubnC#*%#onkFQ2oKS=@#V0->{{jZEd@}T8ab?R zOJxgqKZ=E@CBzeC%HW*Ia+%xvR4+)zu*!wxC51_fPAkDG28cG4I`lM)91eJP9&Jhx zS{n)@G({|5Lek)C)_5e+JqLJC*ju;Yi%LNSy|~EwDpHai+KORme^@G%DD)jJS7RGp zgz4EFn$HDS;J3q|*Q=o?r(rjy`VD`;w_XIHTE$>%J=Vj{I~D%`1;k^ZoM(cw{21}z zY}aFfY$xnXPD-~3*it`(Ryzsy1le}{UNG!5tOJxMp;!8V(k{Sd;_iQ?_;ZwQU=pZCk})WJwM;H-vYpFrt=+0XW(iV8I`b; z{YKF|dyUypTtI4bg6v`ylHB`}!kLLZus6lpP7cHt!_}TdLRBe40z#_x6%K{1;G)N2 z&3qQd!s-%X5tg>MNGhV|Q6%KS!7S;|SxGj;i7y1pQ%YTAr?|t;TIMcLU&F*19-^BiP%*c;KQ;l+suGuYE3CmLkKX6ZD9q=QCWA4Lo}GZ61Zr zEW`C^YHjWh%djevC7Ejo^wHsq)10aavlP)c4t++IFs6baK)4_>hkVFa7y2PP=;Oo_I-8xF&VGvIceV}d9ADXA-AC$B;FFJZ20*wHS< zPxvC6)1bNMfwdH{wk)a>0z*>GU>QKazCss9?6vV_Kt+6J=JxM&4-UhGJH2p(> zVR=D#i6NUOXc}BCZ!jn@O9CXyJ+Lf|%QC@jo zqOBQ<(=fzNOx=Wzly}&{E`~rUc`cps^#SP>52{$caLE+|=h$smsp99TlFhRa zEkn9o$FevQl%z!>w_-+u(D&d{!69jWf?F26H6eV*^l}P7`sV`7g_F?q6ku!A*uP^* z-N?l%9a%YhMx?}QHLQE)%IO>IB*JifFvO35BysbaZUm~7p%97FEmC6%x#XF}bsJ8R z0`y99NVpZvHty4_qcBbunD`%(4c!TnV*daG>@k&z8&K8iCX$FDHhTJzL6T?75ob{gC6a7z1~2KJp617q6VH)l=edr1jbA4J0Fw57#!poJM^QdX z57?=EiNbTqM8|u5#)LOlVl+%1%!x7g=`Xuz{9*`F3#5yU(<40!Y#6;Y-O*l4Cuxp2Wva`_ZW(myoR*bsA1>dyM5zk|82= zuEoaMG*7svmvN=GT#SdZrxZ(fF=MvUhRB5~mt?c|6RYkvr(H?NlT7P`H`6}SPuV7O zu!uEbYW$t+!UK5G&xM;C!Z9`Y^^$f>lP zWTG37Ql3lPTaq)mkd$HDB*h-nsZza>Es}=UflZbigwFNPQ|ih5Jp79nrVDO7~A9>|yR#JrdBlOkT@HP>GT9oU!1w=L!x>SsPfQ=e%xx7@M+ z07j=CPF_sCHyfRMo};O#{FN7;re5o)@S)#RYsl{Yh~>$ueaD@9o*bE!&$&gA{E4{r zF({bP0}Xx$`>N2BqWx{+Dkq}*IM!<{{W*Vh0HWS7Ns!Q z+v=yVB!#Xw5in>KI{nEcy_F$rqxvFF3Nj!I3|8CnOcAW>$yLMTYDxmsRQ4p9?qxr* z&U4v`gHJaD%DiE|f>XKH15JY#OK7e} zBli&M@PuDAs6gN(84XdI_>{1@BFist)^KO%DP$luu; zuaO`66L9Jw(9u$|(!|I@h7y75RtX%vBr$ny^!@@M*STcgy-7>Hqz~B1th|nT-%@pQ z{l?{9L?=Gt7cXp+-NNKZ$2!JG!Qpan0p||(4XVLrm)urOArq|8o`Ne=)sz~yWETnt zCfpN5!==b{Def#O?kp)`aw&5CMZIoC&R#hXs=~L@cJU^rHmg{YI$W1YdIj=1C}-T4 z`W_zYEIV%ZlDhXBwRq}MWi!b}dyX+K;+~>mZ@G4do=u-4#=XskQJd;K<@Y-KmRFLw z@_nRwuOsg6Rs^alO)4-JH7l7OT?7~lV)~HLITH5Vl0r)Tcrtxbs%x*p@5-&i$B0qG?_-sk!>N8Y~sb!`}ZvoEnRdZ(oQ7O-KST$ z(zL1|kR^`O+$RZ(%5^=(4jdH~P3kIVpyr%5jqD*#O(JbreX)pae z*P*GoI+55+HZ-GIuYyZ!amsoI zE9)@yfu$07p{>UfHDFJs7@!akf!&nUpWEYf91!Z&3r2D9yBCBD9uSPm}oYcH?6M^~2~ros5whTCqs^$+>tNO)pJ#yU^dtG zEnz@4kI=aihmAt9={dMHI8sx%ZE=Q7LP2ZU9Va0tDVtW?3{91lDN_YMhvPLF6(pw7 z5-mdrUI{rZmc$OB6e?2)Y?5E0SxBtdpCd$`1oD{qBMiFAV|gW5@Cm?@%9;sT{*04T z=`oe>A5t777u7->Jc^f8lIu|pAz^GmW!P9K$6;%SK@Z!Ypr=@e1d5kj3z)ei9loha zEUnYiftyqgg*=Yi^+b1=QADieEreK`4`O>Bo&r-dpzv~sBx?oii`{}YDdv_(b|DD} zqBcYzlzR=DVJH&K!bCcAcqg}1{{TV#BZ+Kh3{F!}mH0PH6(rSu2*1SWF()WcmWC$( z0MSYLh7&tnT=o)qB|u1W$v9jVqJM-cnKZpR4+kCw(7Mp-JoFLAJqMZ$NbEZqz6ZTj zW{KlsH*##T!XK6Bz=n2{5})bH^1W^bp+2L-YS{b+i&Gi4BZwnbhRF+ho0T$VL4+bw z50ss%Iy?|^ja&5e9DPY%O@uJcl!*>4xZ@%XaVFfh^4#lkJu=4YZc44(Rm!5mj3_>{{Vx+ zU&E)dZ}7UuVPhSHRlh>*e+J{R8#@_m_+DNGkAbMuv743H$Kbdqod$w?NVX~oOE8N* z1hS6C!t6K3crdYD3g6M2w0M+M*0w2YJPN3hWg7`O<}?o0>ff;54Y;uxRjS)TfRVsv zJ<%f9uH}-7Pj=mi--QK+Nl#M|3Zg2CgsZWcuQY^&JV=m@yslf(i|&ab7F4UDm*834 z3h6Lj{oDwH4uZ{@B{fb_;BuML%SxF3h?h6$rk#g|F~ONr=t{&A%}_AS)-q5gztB5kyi;IrWAQ8_24MmmvqDZiu~FEebcJggQ%OFO?&5evD> zL{j*{Ujz#sg;ww>L3kp6!DryyFCC3gy9kGqf>yFaDfIU^FjOvt5`?>8Pj+`2wuKbz zVy?oIS7G%i^eqjz7N)xnnCv`FH5?7w79cg2#LBV{Eznv7Uk-$JRV(W{@~AVfqs z5xS|S)Q<%wv^63^;U2`yOYA!9atk*?2K+81qflCsFeQmWbGhR|O@&ruOulr^rdkR! z2eb(`>`3FRWz(TOAy(9hPLkE*SRfkVA>$5(oU=t!B!0r2oQR0tYphQGrYHomJrPgf zOoNseVJl+#4r+ENR$j*P>^Cy~8Dp_0_%-9P^n!UQ^cq}#i-S22w}T$M5zH>aOQrNF z{s|8J51H^ZY1lzcI~NV~itoWkXh}rEsDUR7lFINUdo-5yXcsd(~<3Desr{s(D%tRq?*>Vp@$G}YaCrq zWcU|kQsB2aZSvidD~3&OPY9nw`6^mSy#q6gLTp-hd0J4ec@%JLW&0tPcD1l>huH16 z^b}OMO2WdAB4pZD(Sb!dDq18Z`^b@LAyBt?ENLM@jPOR?S3+h}_7p><64mNPW}4Xh zxRDZq6G%(4CDpD5ebVs|_!g`4s$p_ANgk+(tt7U52MSP1d|DK@!dkPxaPpk6)#xCo zt0qz(1QEA@k>K4&)wHG?W$he}8J#E$}R^eAqG+&T^~;Qjz)D*Uo; z1>h(@gCqSJ&})yvY`|(2;LIgs`$i0k12VM$rvy$4S6V4WYZNgr;B2nzYQZKQg*iMF zD;x@IU5b@<87FD`7*bEzwA1zxC5iMAFxKmVbm?#>F0epMa#chk`e7E5F|~6~_zp?L zfi_Kn=q+Te5whI7WrU{ti_4iV2oF_mai~7w8247@v>(xgG|0G^mgkr(Q#7QhYmk!M zcJ@R-mA$YQcIW3Q-0q6ebr zI`thR0>xXPvuNE#8KIHvK~8H@L~1eoJADKsL}Z@=_OBL%2Mxi9=%s--4W--^$Q@}^ zJ)}f$IET?ULtakzVTr~Ql|;kv8nAgPjbCksh} z($r@Z&+%qKI#hn9qujjU7)oN zEs(QlqiL&}Z3)v8L<3S++#xOk?gp$!3Xup>B_%@&xfZs60j9wm5j!JMDBMCu0!zSo zOv>O^HT+`2;WtUDLez*n!lo_I^)#gNc{!R15&MTRyW zS#CC@1d`^K`~mqFaNKAo0|+=*ZWnqP4Ah6**p%@lCMixD1SF^2nkJAHF+Ste#F8f! z7S7yhargr=)Vc|2Q_!U@5+L#SdPO>;2~&v7kwpm>h)~??(4B=hz~ws%Z7LSC9>ntT z7(1=UQC)_iIMlwP6=90isv%AbD)lIT!p9^fwmV3?wH7H!c@G6=@?_+3cgcv{yo!1p znABLulQjaQrH>451E{zx#3~GB3pyC1QVnvLn+X}ZW3t$hMuR~PSe<9dZdc$FQ&1wU zCj^@imVro@FR2KaSvH<5W0L-Jdo4!SP^TMkmYa!}B~CTAkDHM*DoR#S4<+ncG9}5k zU@I37VMGMWR*QS?#&&rY(q8I~jxVEUxgnWQC<(jrHr__9Fg%r_W7k@ZE|v%(5*n1T zE?IJ}0w@~NvSkemIuhx-LdJG}rn;~uyDqde7eY%?LQ)Wmh+8&Z$gkkF5@aTmv&te? z)QY`mwwBr&A{S7GBhx_x2v}_rV#s%bpTm)PXeLs2K(04Z=vt08(;A#p+1Y(7)RJXX zo(7t;4j4HH!c2K7Zs4R|3zxxSrC6kC>ffNp6=NfHtDz}<^ECdJ3dogp7>>JhW$@?F zYg)8QQKp3a7*TFK;n?sJY!kOg>?#Vb4pKZc*F+bIIl_ITZQFPI0)w@*x%D2_LvBe` zjj7~7A&KE8Epmy1XSsM)_c3NTl(B~UBp&JHe6UeEnI2#&$}=RkYw(0+dx^adsNqwn z$tFa{X|8tLd)oIGQigK*81RK-r4pg@omX!1GQu=7&StYf=WNkx?y93>P&0Qgfr}P6 z{O8bK;z>;|u-I*nJ$7iV?~xfF2pz7>Mxtw*Lkj26seJ`hlGs>C)0TQY$_YHNmO1J{ zIOfPvNXsO)Kv4Y#q{fF#iqk`h%bbvHL?NbLra+0TCHavlbrN!qtYE!%7B=Fa(C{l) z5Ryymh9S%$4ngt0 zoSnv$zoRHn`;m6?EmM8Zs}&{vFux=k_ZoHXWxnHQ`ZrnbB%*&}vzHrK&Kx^ji85H~ zPJa0+*@=CnMwU}Fyc2bfqmT3~7woC|6+TGS`6!9*E-5}r%6p8?yqcrgSq_Bynsw`9 zo@g${MyYkW9%9m4PsmWmVe4_CrIjiHG)I!6PQyOhk96Iux2h!pjW?>vC{VO=X0_CO zHzHXaHL>b(ZktUmpP{d(F56i3GG@7Nl3_EZp8Ci*6=9_ zh*+LbDzgmMTSJq4&1$t6hm`B5y5TJ+Fg{F%v;80IBw4Mp|9$fvB`O0K@b zdPz+rjwy1*A#mJKv83`X;ir;#lq_^-0`k(Wp^%=j@TF7hBONLUyG@n33*$LyPJ{?% zo61Wb>JTsuL>f!W)e(MVBcP0AeyMKqCcJ_UW9lqB*vi;cA3TirO9EvOUnPZEVKrSu zDLU6~H>;0wn1$5U>1j`*5H<2nU!znbsz)%*DBUhr?y2Xg5@kfg<{CyHBcd{>`1Wj! z0|hxxtdw8r^pQIGGEb9x$dz@w3T=v?G>4LT?j>dS9QE#1>{C#f&vFL7z?9b zZ@BNAaxNvj2!mF(Co+ylR34IOS|$kXULov^jS!pYuswRN19`5 z3C^@kD)LPF@+9S2*pBwhv{WyRvZCDNL~+OF9ns zP8F@0I-crq^4CL5Y(}8slIkC|xhq+6Jb$9Aypho{6AERjf$c$tq9PaX$)S!8gg0i_ zDR!SERFT<6#-eUSDyerS1oWus@7cj)FVu!T$09g=(9T7EsF1pLv(Pxf1saopojuDQ z5@+0%XSojZ?oF*alEK^d2xD>0$4^KJQIuw!C5sni%sFvdkWwUtYOdDu@7{eHDr5h?T&45o_?aYTiQPosM3F-H1ABOKBg>5&A+%X)6!&fD%!PjS!*i|>Qbhch%`oBsgszHpTH|br51Gt zBuCOt-STJ;I-hdfA$*XGh6l)N%tUE{M(nWM7$S*+M@1JS7fTO3G+RPlhTqQH7QkYy zg~p+{M5&=WArI2rol<%@9$c)I3w0^uVG==Ab8sjP31evW6A7@7R8EkiLtf+)`WnSZ zl+i8M$g_CrB&D}f1@c43?0AB4MTdb76}cSJ{f$6#GaQ+vo<}G4ECF7*C8O?gcO7Xw zay4O+8s>xgbGEaAIF4pnMau62zNt!7Ax7GXX@p!#v>T%1ER$8dNd z(Fk$Sgei~BHPmM$+QJ#47AEC1WvDO%nQ)B6z9JIW(j;_0UUt)uJU@aIFo3 zkSw zN66C?8mRmHCQQ=9y{LA57EQg+on&&0Sf#lKSDDat34_iF?qQ1%aUs@C6@lRB-QvT>A$ltlVwL zSQ=?H^brS7VQ*hU1AY+4jp9D3G)G4(b=cd>kpd7+s>G;Yp&`Gp(Vx+OhoIU?ZS{IZ zo0_p%}CwY3o_WaKeuN=Or;y{6}AaT*ZAq`-t)>=T{gB(~0sl^I;wni3#$UhkOH zPs<6m#(g>t{{Z1CP`nE>P>EhGbTOo8plE8P3B*m61PxU#2>M(XbTW8D8LO9weV&L=hrthDu1* zp6pkUnq}7TUoVgsMi5GL_My<+Amn0H;3hPRqLr)7AqrGul{!9F2Nj5pf>0WgD#(=j z5Mp}{7(;BYLW*v~s?f=aj)Y&}(vaziSQ;Q zrO>fA90@lMnXrzvSR-BNG76bU)Tps3M*RgVN3hn?^9W_IWf!oWMPz9aEe!`iEjWGT znDO>qM!rDyA|%4w1g@yEIYZ|Ret_{}@VBUjS!M7;=~4|Fe2j8)vY1C&EY$`sm#m0L zN`hEp>R4FdU6#5vWBn{z63Wt=bR5Ek<-gl4D8uUh24cG|3Ko5WQ*$|W;K%2zS&`aM z^dW33NZHPhktGEWak)!fXRywfF7!+#ZV>CQsA^owqn2dBnNtGwXc3)kG@*~47bVH+ zwG^+7rcZj*kStu-exwj2m24203>B)Y;& zq334QCous7R5gaA)f10kg_LSd&k98xOtgs=q3O_U@IMo6T}1gLeDoB*!N0)zK{;7X zW0Gbx(qkMFU3MDT*!n>fO6*zVu{jrFCOZ`rb|C)%37U?>)%#G=(7Ov#orup!;F7Xa zRo-6QF(TP0!6Zp!rdFiE)QOZSB2qj#C`B5Gp*pQUdKLHxs~ou0R0L=xmje^IC#n!2 zz2erH@Zni0&{Kzu!v##4GU~*G4?=eCi$XK5($dy&=X%;0`|#SjTE9_UDWt6jwtU_| zdc15^agGOW$}w)YL$b%P$~2ZdkHC_~cp#U7xVs8zU51@jcrJ#opro3K^dmD^;Al!t z_%@fU6l<|p!0^Xm$->itQ)#^P8(8c%zXV-64Kw^7>=7#^-@)}m-a8E{yb^o_)!?i* z;G)N2SKyIju&H9I9gUUP-d&E4!dtGxS&s$QI~y*-DxHXnO(C$kc`mW10z#q|>#+;P z^b%_m&_fc}g82Uc(JiD>$k{y38h)}N%+~|H4e$0Zu+jMlk(*SSy@zy@P-OaOMZNXo zGlV7cQBYTf)15gGQ%&Ac^-oAby77Dh_JI^akoQ3P)N4oVy+kw;w^TavaFtCa<0CNK zXsa*zxZ-+^!BO1kF6Pu}W`>hX_t@tY}$fP>u}n zB9VO!l}5#f=!1nF1f>$FDjhH_Sw2#ul9&t5w+Ocft@L%B^BrD7-4a2T+(OzBRFMl#JB*_T2>_!^b)eW11% zVs1Gr5vK_D63qBGj=~aE*w~BMTRn>@j>70m*qN{4JB8T8#QG5>FJUGcUqNdfh?hxi zxE#f46(*_$@Y%km-?>#-=+v?DIv(U(lJd4G8nD$bV_FSOK^oa?OrcY*MWaLnqFw|e zY7Mekdl18KOL>0AI|@l%jH&$*x3O0}1jH`G zlYa^|S3(oixDr(;^di%-WhqxfVRk7?!AJN@J$4kZ>}fm=Uj^m*6q@+_S`GF>nSgmF z$z+DxLj)=a1=%4%X{A zjeX5_cHWHv#?5!dbrxfB07u5Grz@%;rs+v87{CCyu3yb=1nz?ljq5N{9OqMf(zxn4eN4IDX|LDZGo|jS>>K?1|N~ zYL{I|ntsLTJYUlyF;iKd(=aj^P?XKF7u2bC(bQ!NRiexrlEMB&)_vFbggk<_ZE2cyt=rtUQd6{T4*n8C&L z9bL%}F3gH>AP}pwjm$@@+@aw3*2hv2|dmpTOvqYedoy7VvFa0qy3dihmLW~hKjJ8P8 zJ7{5IUniLO6RB5YKz#$wM=C?}+?u~;+3r?fvq<}#{my>p)=oZ7ZsniIsw7TZ{+NG4 zYyAu8#>xDa`44;UI?Ro1pXkI%h}?-=?paInb9v;PoiaccW>~G!&g_DWWy*K;7a(p? z={Oed)yuQ@BWXCHMufdasZzbfxxXWD6H_|2=tP`1BW$;Xy zM_8Xp{SjM}7Dv$pE=eV`aIuzOu{OAbWa5-qm3yj2Oip315ost`O9)eo?rc1AORl?$ zpm5hZmU;3s)SF2?Uj+%K-z;{@bJSE{as_+X{XV08`e_d$D(Ti)%jgp9R zcI&~;UpY@wsJAhl;BiB;*Kc@awjQgb?H-lk(yVeFaS+eHPJab^9GWk=WTmfhuAgyVI&L9T$pd`r zBc0E3)_LT*Te)3(l8$?jacW^aLpaZ=Jzq4Dw0gQ6B2#HK?n{IdwFaw_cH3J`dX*4@ zwJqcNf<>!iF133>BuUg})i_=UA-uhkkW5v%OksPL{lf%Z5YgYP==3jAZ@_NpqD0kG2oW$~G0{klqZd-yF zk|QG+N(H@&f6WN~Y9d|N>`QSk?jaQ<>P>m%m+?V2BdL3&@N)+Dc>zhu1H(ok-u#O7 zHzz}V$K=HMPpHRJOioqY z-gC(Jgbm#Y4o-qA$iS`q3q`LbcJ48CV{{?4iqtiDwlrg71XnCS(76Q!Nqdbwa^-A? z&V3|}{E6HCn7`>Y3&}F4_FG;}M*Ej)`;9$Ziht@s15nV1Tbd77HM4Ka@?G*q(d2o%8k5}R?p05@XUSjaNw0Dpdy{3{XRA7yZI7{f zB~-}r$V=6VT93X)#hT%=U`5W!tm;OuBF}Y0Qpnl1>#6A-1u;D-X)QTSupm0=iK{~! zarzp4ITh2$v0LymGlm?B)FB!rvzt7j&d8 z%5f6Y?&JG+D}n3_F({Pmy;wr}k9bunjABG$9WtSfr$RRk@sw&`=j#0qdDTh=v$M*! zX(>i6S*Y>U#k`5me@9OwMx#mO=ctN)$W=U?nbzznS(Pb$(PsOMCAY1r5r*jH*}=p| zb4=|Sj&t1G@FWxoom>>>TPdS-NMiGT1jRh}~6-mDWcH!fpg)z%s=$LltC@9D7VRqULT;5ZTsZq70W|y)MW?C~ zGT);^()#3ytcIIACPUcZTcdZ{{ZC@qzYzf=xc`h zo9^hgU+BvJ00|Obw0&A9JYchzND>J6NeMfYbn=(1XUgcw>^5iiw` z1@!L9oh~ej?7ADfdWeLSdx^)%6HAX$6s8TKr|L!DNS})oT#wRFv@lfu!faB8-KBa= z{{W<2gyg|!+@&PtwhiFxI2#vnXB(lfE-8^W>Vo2)TB^2GhK#YOPEEYZ9?V=?K28jv zOKHgAFoaVck^?(dcT)^_MWS!oV2dGy%v*FNW3xwre|S9*XaZeTZvC;1WLl?2qFQ$P zkk(XagdZ9gDs~f~-V2n-wI9Q9n)NXFBW?+BWqR<1KS*&r%!*Y0i)Ne&Hj%oB?1wX% z_8}C|@HJIvq(7GJHW%&K$8PE-UoON40B$ALMvO>8qHoZe8WTqC`XSJ!P2~NNM@uM~ zqF16YhHP>uS1sh0dnO_h5i?hapMh0L&Z)sAMGr}zpsv>Bu7~gTLPg5#kE9`8%#AMp z07KXCHK7$?=`8;M3OQih33SPa9R}Dv54Yzn8vg(sYtT@AcpC4)Z}89HX!sSsgGngt zA%BO^i#`n(;AoocTlGV~@R`%GBlyWD_&Q@e2toonw5k&;ow6(5bQ}pI3#l~ltOVmbTs&o# z6tf%QfQS{w#LYYzs_b6=81Ue?;A>k7RED+-X`T&o7jJ`CaAWn^33dIMs$V1aGpx{* zI(>rMgc=dx=EiykqeFe_H$r3m6af=ikTP%8Xk38skZ8exz*2;UJs<_YVZnA6GA5uQ(|ho6SWGm%2o16GTlq!3(8eUr;zbeuEmvVr4xY4yEu+X)IIZo=N*;x*E>{$twZHd=jIJ7h3E} zn`=4{Mc5UyrZ`>WL}tV(4_Pl)xU$)JOyXVNgr6P40#Cs^P6i!#H*yoAodOlbG$C_T zrL<|X6#)t~Njaf8%W5eNWgoFx5K4gpms&js_j3dV9*xmC2pXu-ooa8L|6DV zCjS6JlGkDpj>Ik_*wl{0o|EVxX^lfnP8UjpJ9g8m5bX87fss$T6!l{wT45T>z{N;~ zRWcb-w@Ho3B@crn%VA=TxSa<46~+<6EVKHYxgHZzs&PA#`4ZL&M@_yN6eOoi4Cb1s z*nb&n7I8)lLfC5p$SIGJ2%#lKXgxD};C|*Pq+xpu0g>Ep1quEcTJiCFA0F9ATB8e*PjIM8yPO0YxHL(orA zCbcP1Eehbipl+y3jRCWPtdwv!BU;MpIbk^TyD^XMb|8YS3DHhzM0f1=4g4X0sK$78plN5?`dW1%BY zV`13iSHVX;52OvFz}4_j{{V;H2CH3$n;cV4$J`%i{2B^Yf>A6M3`H#xWP#{?B*$Vd zdz4{@g`VeEaZ}h>1xgcZxedL@JRQVNRkfFHsAKZT=OtU%tvQOM(3eORdtiNtKdu$2j>~F8R~1jMVV1HoNBWOq8x)~r zvfAntWP6WeUPDDEOx+QwTS95*Aynm9y%Um4moK4=Cf7TPL*yd$BV#KKtZ-KXaqHAi zPq?tjJQuQQR_=)k78=~zh|L7UcUl-Op)( zr0q97(nRXS5uapf(K0y`dRYX21l)tGfwqrf6J20+fmirdL>J0FpwW4;PKwrTF(PAn zfh!-7p%NWTb-RfCi>`sTN zW9O-5RrMhA`yCjDi$s@!?z)Pb(z=UmUs0;mdzRWd{yZ<(Y95u;aG&~muTnJ`IQ@vG zYCT5cK1Uopn(y{42<}3UBvbMO!2pqSDWEH|kb2 z_0(=_2SHTl9G7Hg6Wp+#8|0x@pd-lckk_jUHrfQSIvJIvJzlv_ zB%g9>p5lQmdyO!RYZJE79mFB&^gbB5#L3A_uBUy`5f>aH2GVLrhgm}gj-;<{PNY2I zbIF6XT%MnCqb}mjzJV`5h$Qk8u*f9@l;TeFh;MUNdzPDC<0#7aIlklC`;I#I7b*m{ z(NhT_PY#XD>ODyd7SIgRg3%fl?`1KY(62%hxy6(d*Ca^Wp5j`kj!6~1=O=OtZF`hk z&mv2E3iIT0RQrv52_Ac!{{Tey@?lT8GgI88Uvg(rO3Ug^t;RJ`)K8ppA1s%xWoXWm9C@2yRv&c+k<$xs=~>JkEI=f1&qv z)Q8S_8Z5b^yKSk^$nqdr?p~$)jd6X&9Y(PC6DQ<&mh{|mE6A7q8*{mRM&T2~RlIS$gp?kj6B9XvdY>&Yyg#ml(n zvKHrY>|y1@abf(5l_cFz(w^gT;V}8JxUQrseZyEl#r;6)bnj2^e!h31CH= zcg8vhT(zkBu|y#nrdiIUhS{Y8Aq*%os&1##QOwp5q*c1Z73lIoBs@rt6{pZhL=7xy zz74F|Ap>p6-q}_<;kcUK7zC#yW)C zRV`XHZq0NiO<$#$YGb(db{;ciuHB7jzQes_mRe?fu_=tr4yI?pq0aghBygP3lYhetGRDfZtl)E#zhWiz=pij#2}m^Ajh-H| zT)a8aLS@a5k^8GC<5g_?q@SS$NmfeB(*XWV_ zqE}D!Jf)t4WmIWRKSD~SB67E;IzgKwE*T|R6EX5;gz`tTkVV~0sO&A*>_<<~pzl6| zlM?K*OyByA=aE&3KkF0VpsL)b~>{)mBUeuNOD z*(0CfzxX?x$gSSp4(CE)KY|7`FDPu5qH^y+M$o67dKpd*WMl}YZJQ)n)$}yqqKx<| z*w!Mj)lgHPCh;fY-wzv%{{RJ${{RUvWnY4B917GtLqnYi@ER#J z#EVMkDEho3gV3fel0J|sFFoNI35sSs)cl2-_ULlC94;GxOp#OV4j;XaNh>&=BLyg} z6?zd7EzpEC=+X>fks{MvBQ}Qygg<0r{uLrrJES*1WG0PxLs`E;NG2P+8Zy^HG&=dE|H&A?oH@Z z&}i8FnXIP0$m%9ho)OHQXh$_QtOiE*aipb8kM#rb|2`LC0iRGRll~MHb-E;n-d?F>9Ls48EVKmX01tPiPbK4Yjl+u*H-5 z8g{49YodIl_QCXl*G_{s1>q8u>!nebtaK!=^luZ;gAnai2`V3gj5+8eSl#QPI?e#Fc8GEV)lTMoloWzcF~F~J-76cE(<4_r7fobXb|fvh&*&&L9v@JFyv z-*Klp>Pjp>ME!@ghtPB>kI`(Lk7CO4_%h$@haO2k(uw_&xBVXXanb((Nu2p6KhrOf z%tVNdI|)z3O2=X+PR5@EHTaryf(APmFX0!D1(@tSI`C*b5@c8Y4Or|Zzo9u;&j$x# zjJg*o6RdN&A$!1+xkz={E+8Q#$FZ#1mQXQ3wCWq$(5qksPgbKtQq+@@T(4nT-$~?3 zn(a24jxk7Xf!bcgY>z3js$yR_6R24^SD3dcKv6}>%)g<51tp~su!}I@TNh#pLRsK> z;>&{-Sq)fO%?VKv=p@~CEm$QvSm4AO98jd1GoB=qqlS`M4N_`PrT&xrf?^Jf6RHl2 z3`qSaIZsjM<*GKhkmCgkpCZ}v+QfE*7m(7pPKbm`dd3Nj75#26p%6`y%|tkSY*vVL?=zXX3wm90vZ~g?X%Q+dTy%>fI@VkTvFCf2^hqZWD^ z3@!;4yBj_Tz6AJPhKqO;S|w!4yp(6T68Sfs_->5cg;&v8%WIR4RhOR(_+KZ34^ zJw*P&kt6Z%_!spR(C%paK`QtlD)=B17vO^)34ehJp{Urb05j^c@Fu3xoG}<-j#!57 zI%I)rtY1U&R}K9EJd!Fhi0+HnT27FxJ%~4_voH(j$Z9`9X4^`*Vv|pen3lAcpw=lW z;Cmv*_E_jUYv7i+bRo`s5oSG!d`$lU37c5x#cO^T>qQ=h6uStTuIRvujFA^J)}+at zqR3F3)~eT0iI}Dxjp3qGt_GoIXHh;=XUK4abu9+$_|EoY8lTHXd17;JlrvS@SXmdB zR3o>k5?Yo4T(WSFmJKnMRiT`k&Qpq=8>;n1BW zaKy$t8pw`?P*dnhLUWa8(3qt!2HB94)uoVXU+lgkX&xb-3n^!USjVx5U6|L7%x%^5 z5>ih-rw3+CtF9SGh3v(oJsW%s^_ffg=U7J z)FrfzktHvvf)QOw7RM~Oaol2ze$(S|$nvt{>UljWKh?Uea3^fbN4L_IL2A5t~yMJJgn zTeZ6OsvahQt+y@{E+a;eOpya2k!?5b%PS;x98pAin2J5vkWKH&2LAv`C-Nix1(iM7 z5lr=C(w+G_SJYWm<%^@sDESFP{TdPb3rD_5%fsp{($#XsD)QpUH{`>p?bA^se%|!s z0d!Ec8ho){xeBd4#OeJS2owETV#NBJQSQmwM{*)=Eb8(r(JQEmzDs>#Aq`Kdix1qK|`*vG#(iuR<9=1H_+!xsqe>oA@4=;BEqc zMIUp>TALM=iH$`XSYh5|-zH21+zNVyOrRlK*ChmooCu9iaK@d7SbfCz2r>{>29D6= zUdRc}YD5VpfbiD+1?See(nzeF38|*P>b@R^J7i9J+AYBc(8AsUBAG{q*1@T3$WTFr z)4oLP%%+DqD9f>-##w<-mrR!qk)tF*O-60#P_qtMK~ADYbv}aXruP&`i56S~ONiyq z0j$n|Ws+n}lTs+oU!aAdFycfLFHD%8K_ev<)=m<;Z)Ap)3W-uJHKT>O8IF>XZZVY9 z@TPe86Id;&la$+)*rdxNN>lX|TJg!4C8XWDgz97@wFOS%dxdtepr$J)C^K}@LI%@C z0u7nuXdmz`0RgncF5Qk%mQZG}K;bL&`rz0+Ibe!6}B}bHN1@f0Mfko92Y%C zSve?l{l_hhyYxT6KE?PYZ2Lg-hhjzP$KcngY!1CeW9rAR*CMuii7z7kl1ppcT)yIU z@-^qV1J80?pSf4b4m_3ooW09)+~4v+N1jM6yXtSg=85+&mvJi3a*vTtdhSe}#qK4u zo=ALyrLS@a6Wp4o;Hs0cG^T_Kb+(xkR$qIk4hfU{^R{h4cc_wUJm@BE=Svzhzy7d+P zWs|<;sNcBlP5O=2udI^f{mEgDqvt-Rru^XD@>ck-Alz;)Orcs~-oxGU6-hMr2}_#F zEmOfm1F*RyMBjRp#3bmp)IAArMuT(g7^s*>7bV-|@q^)V+L zlS+G<(X+F;^*_TCvv6_V7;x~Yx{?!xXe-#E#7^kU#yp8X>3{TCr{D0X$pEiHVs-u! z5UZcZ+Wc~TMgIVfr0lkhQZ-Z9<#rymX6NXr)b=RlH`w*xLE7iBHD6-gOHQX@b8~|^ z`Xm1U1hKcFR+PIIa;AL;)J^f|b`Sdn^>!Sy`a1FGGoHhg{{X^G>)84rX>omr1y??W zzN1oIiAlNaBsy=kl7*hbZ?HqZVju7$be_X+`Wq|kB=dKS6JOwG_6sFV^cq?={f65A z00yqz3;zItXZ(>h>_mx@T@|8Z$a`v&$G4?QBG#fNwn>eeZBoElMW=^}GMPqSf$)j! zL#wS3w;uE_#etcjjWLiMjYq0$BikLP9Gx6Dh`H2zM^$OiyqeHiQSkSyN1P5#E?(Q} z2-N|l#onKCK>E6_qBU7wf+2eFKy|2sP|&&!&Q$iH^_JK|H4i~@=LNxXH)te;gqn(j zWc6ZRYSg({z|yoXkY!XyLG1{Qd(lE+xLR0=Atam}j>b!x=tSf6NJTw~*5>*UH=e>q zXR&zCVJJ^Mi{g72d<^AyB@q7rLVaVL9m(iDN$fOa`xI1+&}Sul zlA`|r!?012qFJ}($Xjq^VG?LeiIHdx*xmdV{{RV(@R@vm3+)Xb;eGf%uvnwOp^pd9 zjy}V_qaX0h{TKWf{0e{J8y$$9_!RyG3*eD_8~*?XhrtH^4Dr}#$AX3YDgF{Kg5Tkm zy9qGxS@ht`uLE%S7hi%ZKSB{}u#&mxCvo~6C0XcG{4%e>CQ@_IzGEw6>_ux`i!s<& zpMkVH6CRum>bKCwJQ4l{-@ytz3+Rlm!DWnaR-+she*_x%D23o(q-F3p$#xRTI}2&b zY#-xf27|5anTkEOZ98fw5#U$nw^9Z)_J}ZUN>F%u#EC6QEVLmtbM*-)hP&I+6tPG} zNT`~5*+p8knq%wyASGZsB{N1Bp9xGm&%_#L`lO9uhyIUqUXqL7EU?D4JQ!;9HJvVkE>~feiyRblk3?TF*hqTxF&SF z3v>D&7`L#Q*U)Z$0<^Eil9qD!@ zeRv%I0K?hnQG6Fyf?X#}2)5i1+wesABren3oiW^!T=ygS4!Q11`55pyf8eugu{BGu z)PIH_2H(Ns9fXwOb`WII?EAS}S==;Gf zybl=gLyrSX_%8S*e*^u4uYtAw4?h7?=xBeU3Tci7pr1kT=|)fZSyH}*4!ap+91c0~eIQk28oZO}B9DT^ z;~Wb4@B}B^Mj&=6wadeCr_q^G9mPH82TlY*i|;V z`($Z14qp0}omlWqC4hB!e`LpYaUb0$Zr_2ikqDBsLzkQg$jO8_nA#}-DL7sQCOu$E zhO8&jEVbBcJvJjv*2JFy<10K1ve#oaCO8&raFd1DSf;xUI(i7_*jB%I6W_r$-{@*h zcrtO|Zdzy9dcQ-?8Q^lC;Wqvat@{h-d<`TwT=X`qbQwlPk1{x+&D0iu1Al0aIN+g1 zycS;s4bJ-toA5V674m%~jcPOpnRTd@sF3v>&-f%SgSo-MT?{@5-F7~xiC+T6m;4E@ zz?o}4gIXMV30J_c{1u0X!Ef+a{t3AF6j?XG`a$-B7w~;(yWsjkZTKhu011D=-uwv{ z_&3rYj>i80!>@rqv|?+)v8g6kVZ)C>%Wq<8*JJGi`hp+uu3FCpp94mGA5=C~>?t#A z91eFp3Mw89CC9O(mtnYv=bapMLN*dYNQHO$ccs5sJiZQ{B7qHwd zb)i1Mkv#A$xBMASI}QDVT&}{~ehT`8m+&Xe5ZkcTj>2-?b{2_B_$N(aaN*8`5pwN= z(QAYuA(aI$LlW#OdV3MSfw*|=ER=Q|uYpDvf;T<|`uHSePoa_5Oa`scE=g@@jY+aI zHvo2WXhngiB#uXdKk87z_ACDY(DvsIVQM8Ov{(vH9fcB-U5z0o_7y!}LH$7*_$8X9 zz}2|@3+jrx*Mlrt;OI|5!LfW1)4<#;2~yI&4Kl|B-a82Y00xq(=znlL5sn34;B#Gi z8eamvIt^FEWK??&ar_`x;CfEOg#Q2u{X+eE4cXUXY-z#tf^}oBz@@ja#89oIQ+fr0%T}~MF9jKU{MpLDY z+baliPm*Cc)Ok*SV}qFF$^C?*sRkf&`o$!S`i**b8v`nbypBk}XRmU& zeo8s&b=Oh}pCv6m;{392KKL)LIXb7*RDVXe!+k`l=ee-^j+yRRE#r|TCf)TcqHC#q z?a8Lold3CmF23VUJc*{;YU(Iu+^70-_c?hW)Bceze`8%KAk!WtZoZoSC z?mJ&`2D#*#cb-JLyO$?r zPw;MA{u8;Gk?Y)Uf71gu`x>xWiG7kxpVFD~TUW0lZ{*UvpK@vPOyTz@?3VnEKj~@b zxrfR1l0AEsXSo(#&R*lbvzxg#A8|u2=O=URB$YkP664f@r@67@vtM(QxalqTCky&1 zHxIbv=k_<*H4i+A^@k;p>uhbFtkXwC6 z^(LhE8|S&D`y}h+ZS+~?0HFLOorD4*D_rT00z zmFwP@Mf@=N5wYLoXTE!jBKmeR!MXF)*`*lh9OpGUDQ*J2W` z!*H*_@9G|?Ucz+MeFp`u#9snTF2veDL%tWWRX*Z|e3`$d5Z#9*Y(6>aIpph+!VAd^ zL+&vw_a39UHoeS`*+-t`UHLlk$s*~=H%Vtdf0K&y|T0XwRZ%@#pY-vTt(Wz1IifUwUDa{S8 zU~?v*ZYIE+lM2Z;hD|=B9bQO$WfFdzqPvrmXH%Y}v1MIPVoD%eqfz=E`55;lE*rt8 z;Bgwn5dIn%Gi%6@^b>QDogupl5FDld00}#3$*xJ=9InG)oU71m^85{X)K;-iQb|4}>g*-08^|}+kfkoP0!q*Gfri<8U?WY2g zN8q-djPJmwIQA;|GuhC?Ph+4bl#i8-qa>#csk|3>+cTRS!-MT3o5tK$Kf+hS z6hFe;KV&BhuLcLSm z->~gJqGem?O|Rjp`X28Ew4dm*yb^0B80=Y0KVomb38&M7(vHHl_%5~f6Q}$Rm9GM9 zeugK046nfgjkq8Ak@bPi{{RM8o`c)q&*1$G3l*^8@DyHz2DWmB01UeD zB`&-b{{RX50&yS0ko^#E;Je^kJQ4o@huRISbS=LHnCx9D>|>6^tN15a>@T7ezrjUc zgO`C&X?7q-=)=>YDSir7b|8NRbKvB=6j!eY+7G-H%ytm(eh94i7O&Ap9>dtX7NuT< z3iROmL0vl!Vm$=(XQ1a|xF{lc3z}Krd!!zpf?MCQsuyA#{R^K#k3!}tW_&G?Vlc{T#R%Md^07nPhQTY}L_ZK|!Hz(ZNJSI}a)U01bwC9Y2xh{664+P;_=1wD= |DFQ zhU)wp{2z2v{1WO=mLLHBKmor_kZN20ldSh5!DQIvwI$U9!QZhjUj;PmB~{?<=s&0; zU3fLeV^4vp$Ab@pPk}fOBVUN4K_Mdq85$8Hi#Cwx)J6oe&_@E>3JpXL#Cb~tc2PIv z6t=SsB1aWNr$f*`N*(Dbv3G=BNeS?#26?)k z(Dw{fBFlDM;U<+)&r&u^G7-dqv&ALZAqmqE#y8V-EcY0dBrpOINixtF5e)WDH7lq9 z*$HJ!k{S`cgY3kq7MxIp{V6kFFM!%sg~Cp4BH43bUA z1;gtVt!Ax>bHVJ4+ffKY=J!qE2vKVuuNXPN?YBCc1&8E-;r*SB5V8c8osd_b3hOH%cw0 zMY6I`v5FKUNnCZHb2(?EBm^2RMX^EEQuT)f@M{oTLm=q=qCMg6iT(lg%z*W?Dg%NR z#<cgY;PueKLm2rrX`uljWg6Ek#pZd%Rvw+Cdd6?OCvOv8giBdIUMG zTtH!}@1i)TJ3U{EmiyTIU7Tnyqeo~K1$9<*xei#5vX0t^9O`% z;F+;i{XA=`nCyTYc1XudOJpjSC9c$Z{$7+7W)s1tvgPPAV_{hxv(A9$6d7%-YU1>! z5zy$V9$T5uK0M@-{{Rn3!+&YiL*nX(PJsXt@oz}Dm{v7+#pKqBCa~#vPmp_|mnqND zSGA7hgCMMbgWd$ws|hd`3jTuu$xFpg830Pkv)J|`VVdC?OMY4BY!x-eh)Z0UK6E?B z2Y!wJ02O`=z}PGL&A+p>7g^ix_Y3TZ92X~WbQJvhXQNs${F!@83I71WQvUtm(2Z$X zH~<&~f@yr4bYH!QdOChd(?S?pE?QEnbi&qZ(pL=!Z&pUkWAK8^mevSz%V7{Kpx)LA zK`xZlqpa!WRc3jkBc5_vu+zdLnDU-fJ+9iqO-;w?6B|%0%lfbuQwe2G@usM>pr2{g zU1d;P?4K)OjdDVD(^R*2ufF<63NvkG5)sL-Eh5E3Iy9WU@g&)KcB@sLTrU78f90q? z93o8$X0PWFLSyOU*xvql4fC#jzQn9V4Dr5M(q}`VA|@GRFp(FtN10vaqDyvdW_mjh zClX9YiKSxQ4Bu?-WBcC}&Gfc&6sq>m2*W%QbC9P8qJSTS(yOf1s8id@R)LcDv|Rg&*kPn14-mu(i8~OGR#c06 zGM)mK=Yf9qpcw^n3(CEcKZrbfG&je7biEyH%pU-A7=&t-oN#R!vxhJcjz_Sa#Ngwm z4h3Nf#oEHl=~|?dgL3&)kjE~BHHR|{Q^gv7LjfULj-A`ojSmGqjrIin`iRPyGc)Sn z;Ca(b;|g4rT2l0^l&GN!1$Dq?mS6sz&UP@C^vISlLCKfAzPa`KHSuIZVk$gkOBlik zBq0g_a|;uaTMj0mLAfU7cPI(F%If6vLg@*>DVo8Kl=7s|1l92-5WBno0OoLgI3C7n ztfDD9@mQaJ&?GU^oE$lOaQvMkD_O9j2~km?=A$v*n#!HMG9ns5Elh z_Js*L10NNqfA2&rfe;b!nha$M_XycMGOn@X5J`sefUyro#Slo(Jf{L-X9nirvhu2vphdERqHV#Duv)J+=U*~oL3&7PhrYbHK3U1 z#d#|?W1f)|hTaJ~(IaL;yuBaPNpLbnCDTx>r-5$q3 z#~r>2ZccijH%5E~zhJTK4fG3)$P!;XdLLI2nqFw3#wLJMAiVip@eMH#LDXCgiO_M7 zNit~D9%ZOJ5>&G@V_~(DA%)+9tx#B>4FojiW2&iGC}HrXyj%iFJWoZ?r4K0?)(j`a zI{aszhcU9;afQf+c>6bn&i*^aV}Z(!&Pgau7{^Jciyy!Xc?jL(`PdMg;v7j5Q=_Nn zqU#hr){v1?kc{!Yv`sSS_9_^ku%ip^_`!iW^@TQ*Bp|qpnkum%f${a)HE#871CYunTl-qZ5D*@>5K*rjpaP5YQv22#ka1BvNu3 zDt1>Uxdd#WbLIq{^Hg@#V02(Yc`FpISx3g1nMA)ciOxob)E6i~c*`v!BvGNv5+(~g zdcA&FMY)G&Vf=# zaH~d;LU&I#Adgu)FV<|R(`i#|yNMQxA`}-07Hp8S4iMr2LNe;Hk3pY-{z8H(=Jo73 zdK5S?P#nV;V){5tleXl_jxuR@G(IebhjibYPN^d;{{WN@BuU0!y$cj$MtaBEu}NAT z1tvE?4m`1(5uvB;p^gN`O)4$IZ1RdjzO=x!-m0lM{&VmeBYYWR?bWT4U@_3yRb6PP z$pYtEp{!~IH#%R`0&{G;ol1WUU{5fV)*`;Niy9hPzB8(P2@SDzW6(l0KBqk z^8g9~j3`hi{tLY6*A8jbqpIJo*Q^N)G=l>#3V|V*aKT7C02K|D4l3QPL(JbctU8en z6cZ->_C2E^oO-Ztt%?+3r7Y@iDN0h5r4~ADr722Ml%*+3QkOzy6U8Y`_*h$(LKDK5 z&9UN*jo{u5-wIrmxjvpir4uiJr7wWETZ&SYqGicE()g$6(eD%VTO1A2jg6NIU)PkL zcg~ch@So}Vvqsr`QrWayoW!KWH{;S9H-yWN zb10&CxT0cZ6BF=H#lH@c6mH>$DBcc>@LbZAqIh0c7aqip*%2`-ZHrA~Okxu&MJYz< zL@2!Iic^Bc6EBK)#`rgiHaA8#H$kC(xJwA7DNB6be>0c%{{TdG5moe5FPq*c zf^Rn;oHi$mN_Po~iIh*pVPWC8QjLw=bZq-NTySiq@S@-8F_J?i(DHvK_smKku8Kavl%*+rb^}uhKWim4 zBXm;SriL5!kSEgr0O;H{{N+8D9K-UZIpCebV_^t-7G540Wg97TaM2Lj{R@=JEG0#8 z!S4r5PrvjMrTG5<)1p(i=uSFl2&413&bS-1j~emQj<1`;*_Fv zqYL0p;TH^JV`CnNiZ;$+FBn0RlL;Cu@IfJoF-40?^7qfzGUJR706BojX;={P4@}e2hYbZiu6Yygj8^y!e{8`*o zEWFZ<;=+heU}d~}xNNd}5^P?9(HgZ4RASz}p(y+diLJA(`5)*dj`&PQh2^5}3DF7M ziwt8M8ymwZW>y{$@y`W@%33Bjli7X({!~$yOi}s=wuVdGghi-AE|7QGVWUD6G&fM`+PPW&Z#Gw&u-G{n7W$A*`{wCK9t{iB^^&=~Mpz209o&Xkb8jdm!+H zE{Iz%fc7!rozXlJ8E$xl&X8P)X!KGyMnViuiBNlxq<XI zM9}B{`#SN1_#C`ZHT8|YgSa?)V>%X|$S27Kf>TJ;J+U!`+7&%4ng@h4))o-4Ak~f0 zj}K$$yXDd5Q6Z~ZLR#1R5V#u&eMiDr=8X#z2~`b^@-Y(D`ax)H*vCXASUsFYwj@iM zv5`Ov!PLY(kZVMAzLxr5--J$7HV5w=b1xwK< zvJ86=OK)%+nENeFGsdhogm`h`h^k@t?pFAc(q&WK;mHlj2x z7YITY82UUJ?>zE&=?}m(QNoja8Ni0x&u)eB8VtVtzUpRqbBIt)jL&@X_$ zqv;id(^Uy1t2&28gPWj7W+}qD!fwjEH25TV_THd@Ldq*D?eC67EqYFArA&M znp3Ad8!ITbBj5HG`6`L~iDv5%dXTde^go4)AuW>^tZMugR`9TggCB||8W_Zn zKtGutn0pXOra}UKK=!_f$nfq+qM~h!6CY)Zs3ly^PmL-UB#J_>@`P0sBp>-BXA})E z=LOL;c!`l6asL2+{T$W8W1>U&82c>Pde7MPraZqQ!pV$ydLWRrg8kS-5K40>B8htR zK2;dej6)EQf!<9ESS5fH&2;M9FHre4K?LV_7R zX#4@HY}z6l2n{xD#qEiPs)E%a<+E8r77+45gR< z6AvaakVH_3EVTg5vW(d@PY!F~zgaN#sJp(#$|9R_A&hN^uk3po6+g=zdHzN1{^Nw4 zzj3NgAKt(D{g76k^I2Y*zV%J!L99Az+pm@WwnLN}naZ79?d%YWOh;mqoE|UdTUhv9$?P*!e+_ zB{%K+{{X&5$-8gn_xd)~_3Wk4K#Ox3Muh$){{YdwOJBI%ar^sWM2xFLe$Tl18AI+8 zddMX3MOqx$M}#AyH4lUYCB!F;ZPjSeGF=Ju>8^0rn>xIZyi82L2u%=>?tacN(mFqi z92yN7RYLnskSWihFg+rPQ5CO4r-z@B*W_D5B>wlbxwdjrP zOWnccLptb6D;=C6a{y`z-`+7AHay*n9GzWMkkUGu<&BgO#9Ece<5$Iuab{Ou}WGN zo5d(JW?XZkw3mXC`)5bsb<;28v;M#J6b}xAPsr&tV~&TR*CEgDf3fA>*?h!wf}i{h zO!>yOt_V#r!nP%Aqubcn_BDRUk>*Dt`EQ{|Z%R5I!kqsAy$>r$LVqE!Y}ooB{(KV> zq!vkdF$d!Wjfg2n1dXB!n8V}IZ*>WK^d>okKK7dai)fVgCj|F;#KG_VjD<@_&x#GQ zIw;xU8ZYn7OHGV{@u0WZHl0T5w#OvMAy@tU4{7u0yzs~5u(hnMjA9QB6AVIoC^p0U zDM}pXcPTTM(GAhPvORA##xoFdL@SM#x4&5SUABVOk(C zehCnBSa-Ht8-&d;)_5b|^d98U*lR1L%2YzaLm0+}JiY2F6w_p)RQ5qpd)R9jP8LS# zi*T5Pd=1fF{>NG4PH`)=ng#()P~*<<`>L0?7dbcK8BGD5>envVhafg zp{Q{hM1y6*Yhac(ne6WJvR({h7}glR2?Qow6GyYMC42NFtWp<5Etro)*wlVWi7~C= z7gO@HHcU4(v1Idtgm6LS9FC*kgvSOXL-e!l8PgMm%pqY%E{5-Cv@OSS#g5@2EG3oT z(8e{C%L-kbS+dyDi4WjD5}JceA|WDr5q1qRXl|XFgIj;!xX}o@JB5FLL?7G}qwu3e z-iL(8qCRBD-W2;fNRQ6X1jbRktfhz|QV9tNO6Bxy<{)p<% zCdO$>jJJ1$*`~E?{TInUv_c69*|iX~{lDmHqaIcvD}$e*z(Z$>CMh}yd%xuFB6zoi zPm-O&$DtfLF)SeoWo6~8F_3s`hfGN7xA2C3BRaxgvg@ONv9lk~iqHAaX*tqE-Q z8u8gkL98q%2CNNhWuzdOfX4KT_ylV-(IQ4YZ4FO2H-TF@qYqSs`5|FPgtIX=N=&8f zSV*2vEn%Uf?+}9-+%jdexmcy5(QvS(KMa0ohv0-MmX_GoK8^bg*G>?EXTd2-==5q< zmK1MADbf&&9mk<8bb=BR%3q-TTDXKR9y{Z3@|oS`G+W~i6VXkgb_vt^8f&7Cp2YFL z4HM3I!VrWe5js_O$SktU-IiHpmQEaHoHENSk`KEqvdJvtIL6BKvw(;~5V??9 z1(sRimTi_cSz&d?S(eQEG{2}v?C_{RH%BKK z#&eT(&T-!v1)K!oZAAPV)w)CvT`bnl{4<>M%(ugG_hptzWRn<@S!P-KCjk&3h&Tv5 zGhohtf795Guz-4rOM5+*`g|9EeZAk%65XfYhrSLzB79#A+br0#Y_em(NhW_lA`RdO zAcKI2;4F)ElSsYK8OB-Q-tBPt>fcX&CBL&cBP9G(y$emgI*k?YL)-cF9p0^j!{dzd zNH1`0mUktVS-d5u0!cToG6+Eg5LpGBo&^jI)fgOCbnM`DVl+1UMs{+*Bw)bS5 zdbfro1P{6U&+Ak@{8($*1(Rik&&ji|xrrYOpdrRt;j-TET1Nqxeu2Ws-B?yZ!F^g518K(`wjGI| z7Vy&8FRJN5WtKr_8DnLZS;pF1w%SAS;hB5Cd7c6uAVM6D_}(7kd*|Qjz7Gp7n1@+% z7}+oxWKU05w^kay2EoYdIy~9Lm>j)Yu=#*HY>XFI(J_y+&%-N3JlBa9w0L zwgU9-tbSx!5}5I3c^>#2gdm8EExq2nNbt|2-0y1&bLqcmhq2VxsjDIDmV5*5 zV~~jNkHp)@uLHva9_?IzFaxgy5=H6i9XVOeIX;`PUxs#*=M-QNWc|xsk922Nmczo# zPm(?UkNJZR7dU&EVkBd~HY?x`Zl{NChl#P?>si(dAfh!phk-a+m^G2BbMBVORf_`9BI#Tk2B zG~Y6e>uvtB`4_w20o~NQWL}azpcxMjQqzDPTRc2$_=AFoVer^wL++pAKHT;g{vvyw zB#r3}6Wy@;M!XJdy(@a;Z{k;HgRsVZ$~&E#S>3U~$4Eu!C3^9->K3DXDv9^qyKlv^ z*vfnz$1J`f^9}0X736q12;gm)@77NKwp-nWz_2H*#P3EFGmm6D+;otzm~HxS19kTW z>V0QF9zgVi#zSNd;Sad>MAz}+^LCqIql|i6rYCb?KBc~heWAf-##_rP);w9BPLmvj za5*;Q`hK7Ji@Dc=pNiSe5vOkc@)_Lz_gRxqVHzPUb!?9TmU{B}A3PBR&$9P;z3;mU z4hgc}%i0&DuyL`r(A#ahJYQVzEcpS*F~Ks7(ZRlg$Ez;gTI=Eha@ve~hh(EH?oU8= z$7>S776mH4smT*VNLyGT)vK7k$otuW0(a^S?)P}LBUt?aJ<4er?e)TA3virqu<4F= zdM)9610MMZh$NqOQp1qrFb|38F=VGqL;nDBaaX$r`dgMn9g^n=BjOj{kAvb26ZX&j zfyIyAkRGH(OOuhQ_v#P4Z2_a#8aspcAn||?iOxPEK_Q$RJZ~Bdk8HH*c2f-6r*S)I zw{NJSgSl3ZUQZ7rF&qXW4VYzz_I1G?O^!61s=uRrVt#Ir>R7?|dINvo&G6y{r>=8)c*i}zd`7+;qE{`!SVc010)@< z>Hh$~;tzoT0AKw705+{Z@BaXIRgZ_vJ`BsLaC}38Cc`K4JRC4&KI4E1T>faPuos~A zeNNW>zi4*%-HdIfSUUH_C!^Y%wsXICrPTVgB+|r1aPH65_!IRleOk0nvk&QRVjK67 z>>y*DyZPxoCy$}QLu0qJV4Uyd{{XA73jB+?{{RwNWBXZNmrwZr05{~belhr3`nTyn zM?Z$5{4ayCM0tshp2Rdz#jx@e808by%NyBd5$ip)BYpwzcl92Omh9w$Om66 zAigAygq*w6v+mc`Ep=uRj3>|!r~UYoyn|%3hUy=)XCHi+OSa5LspJATm$U6nIC+L+l}@Q5&m{{UTo>^a$E>dM}kw`WWP1Qs3N zYM3R|wdLr~|>I}Aj`R)R~wEmsPQ`!B0 zll}egm51Sk4?Z8`)HkMSl8(Ewxx9Y1IJJu))i$^K7g{8~!(M}x-8J|Pmx zLu^Fidrz3Mj8E0~vRU6A&(-SIfQ9f_akA1N9X}DnHp4PZ3Da;6;=g2dFR|s2o{R8b z1tpr>_8V=tkQl&NKpl`H3{9+G7QO!PCdRGhnd)4W_j{g5cqon@?2vs3#+DwVQ-`?y zm~{Le%LuiQa?_#R@B{1ly*wQ@3k~h{C;+v6+iYpJ;IjNh0d#t>db0`f!htP(2HS4i zz}$W3{MmnOQQIu)A&i|N5N8|0=OWpeTN#Q=J}^S0Z|+em<)7IT~gx8h}&fl68M zA|;T+7Wh5;ox&d5PnOxD8wXe+h*}>vxGuISzPgF-`J3}Igigpj8@78m+`a6~0yo|0 zTYPtX2qcIjg^~+x%Vn8ml(R30>@tQJcrB0B2;sheFTCGF0noOFcPqCSs>UJ0UBlWd zR@-c|nL4HZg5M>2N4=lYUH9NB(}F)!(l*;1265`#@_1WiwpnGEvfJcvFvAQs-t=?r zcNv67X2W1#HdxpM7|shgSL0THMqPJlPkAjrRS=s(*ukALczoOS2k3i_yBpiz1djL) zIx;F0z#bnyTWqq+!DZQIExW@0p%B9mb{+?fw~dE}+rw?)cg=YZXdaN; zZL{2#TjKaA4_+H>w%fsF;P5;QV-{O@U)C6g7=sTRZMNGDu-n6Jw%#|7cH3;S+i#c~ zZM-(vZMTEw0gPT7JexE1#@J#IgKpbxw(o%3TW#BIw%cvvWw(Oxe^dYukq;wf;4d?41sLJx>-K!6Y(AVk( z^L^B=2M$#FT@}ed6VIt)D?XzspTq)#^T^giJY;)W`X|J5)Tk6&J$aWC{zJZ9{7eEj z^(^u}xhV5s=i7Aau>+fI`Y?Ij*EVwqaTZvtseQYD`@)U5P&agqj2|guo|-e z01z$)7syZxSJW?kgUJZ5@PSJKUTbF`uZUm;-SZ`sekv`6!r7dZAP zVh`6NwC=kDgW~JN;ZqGD2Of7NOM)DzNuYj?O9)tdlTr>sSPgb5QH$ye$6bRtXM#E? zdeuP%w7=RhbkgbVSjq4CLiraaAyP;FV9 zm*l19c!7>wDh;Vi@hDU_{Y$7y_SEDpJ&_=(bk`>89Nd&}yZD0251gCi@2EH9jSWh% zs-xms`BZx3S)H{Cc;AFcuvg+RXnj=3SX1%Ha&DVMTIGH_9Pd96HzXz= zE#s2hS3OK(P;VpBkJ%eO@Bqz@ofiE~-P`0t9eySc(F@TNkjLU01$*%{`}%`UKXR-q z{LD~0@db(bnpcl9lp`U7+Ej0ySa=0?Qt-J%yw*_v0I0p4*=pxVL8bmC;R~eV1$4Mz zC-Dko^KNopto|h_(|a6ot~9`C!v6peB8+||Lq_*%a9G6<5R@UoLAg<#|ebDJN`SiAV5WYiBJICvNUG*$ZKA+hKv&e~I2GO%sunJX~b-Y~Ik9^tfX^_c^9-c@oOYy5X5 zSHsZb2SUeSh44K?x(Qn2J`v@y{YIrUUQo;USa_+aRaNt{?Qj)?gc?79>~Td|o@(HN zEL*LOs$VJbFqB<9;{YhU%wd8}R#P=oPlw#JRh_NmcSsfU5h|f~A&!{%-Ifa1iWqpD zJwS{QdrYJ#&!!c%Rqvmu%Ft($H7R%Z5`Z;z$JC)8mA8=lwK)ic^ zsFwOW79*$lmasSC7#%wsCpVsAQmz&j@$(FwMmB5La$LP3QlH`}W%>DF7isYTHGh^V zTCd#3FZ+PbY#UmwK4N(`_=PsFe&-og`JN}o%&M1=9lZHqZpKsxGvAoiL!E>-mb7u3l|=RphqwPkw%2=iaKYBc}d#0dL=CV4>~a zLy1+`SQ+xeDSws`g%Z08KHaMtSDEd zmM~lSl$SH*i2{{x%mSB}OFm-*+FezTUEhsnlEp8(FY>vl` zt7l*ia^Q(Hp4bZqhPLB4X<0o^Uwaz6#h zke}uFfQVIHotV{Fm)9dX1wSX;G+3~wvYY_dwo+9C?Q(NdOX|u9&U=hVuG{UKDNT8} z0UF-Y%a0$D+-+nmY}X*^c6V96l>NH`khS*gWGyI@p3AtioY?mLho&5nxSX5Z%v}Q!yv4s)(D_Hd&yZ_uSy;27%uppCk}p23L=Tn(0Z06N5?oxhmjEU(NF z1@V-^wf7FG`Pou@^UR^wUlPiHwkwz47Q?fH^2Ks|Z1x5FW1!=mg_o0b{{V0RS351Y z>t-SE?hF3_>?tc(Ugk7wEEW5i5zbUU;jwDV{$~?R8&+qYj0(n>m^VJ=CqlV!g1yGk z>QdcXQP9>uGxd+$yg91#G{-7kW<9BmAa7t)P`l=7W97bMD5m_zz!Q(mQw7`V;1vt> z@da2Y!#GOX7UVPzUX>6aOXll7BQ)7%X5Rfup>Dr(jiQ??dH> z`whEwiKx|&ZMoocY^9W+lQ$#z$W1NzWtt=TM{JZ|ZN^u~z1C7Acs9pHt8ZmIuKwUl zXr|llP#4p_E&_*~>;tRUVa^5e@?_T61@kV8wO)0XC-PhcQmVJSi{+#3l*O+XaYR+l zMNm_)x9VWJ;mFp z&c^9U=JHuVcbc^riYJ|6q!p?xODy+SC^)OTg0OGQxk%Rc%&~F5nWO&zF;8W`aI~d@ z)xaZ#-s}w-@6-$QFHy>K#=`#qXQ-3E<`b-6e3p%A&1a;XcawwRmC2z`=aS*C=dn81 zKT&g{lUE?-a{mAliW_SCaC-b!_IM@629Ksx+NTSHUGW_Tn`MIb{$Rgr=fqAnS$*u+ zTK&eB{T-w2iiWN6aA8v47s>dJ616$D?;A#l8EAr9b8aE$((u0C~NGtvzgd{dch( za{V(*Du>)!SI0ISd;5vAZ@ZLKX#0g>u3*WSBr%rEUe5F?MDfIVwFn7Lg zQ}^<*z=fw(ml~(NoWb0Udp! z7x_d09Q%SWoZXdWSE0Cq&oK6u>3n&LS#91z(w?prn_-*T&|~ugl$Bd;zlm9X3hWXd z_3agn;p2$X8l?@(OVXC*uISqAxOGpMDhG|Li|N;!lVCm0`Ij}E9mc;=MlViS=V0tr9*xaqMHj(yp~@SwjS6D3enEwEzN)KHgpw)YOu+w$tQ|1jwG{SlBWfNzi;wz3h-b-IerS=h^Zu`T; zS8aG~6B<80V5q$~jLmYiy}4$NXJLY^=VA!qZQa97@vS~5K&sl&b87y22=2Z-xQx?E z_sK?W<=myDRy)QzHi8$`cI95f#>5a_HM!@z38A%}jab@z&0d%0Fk7E+3l08a@2dAW zd{1(rNBN0x?fZhXU0$#XQrf+i0UPc&cK-k}q3!vBEfaaL=(%3vp!4Oi)pxOJTic$O zu?Dt}nAA(x<|s{CBB@@%=azeF(Y{CSie z@ynS`Z@G&pR_|F*JH3r!^XE~U8u{cZHn*+z9-H%IQ`vdyC;3EXgO%IlWgFxmEnxNM zkfkVH@YKe|+n+NdjK3HYO1^6Bf)cI1{6tYrR#UJV1QWvpVL&^Z5DS-wv&6N{{Ee0) zJ3~B+M*YN3Yt4$ce)A)ucMg-;=Qd?}Ik0KF_==*UD&G8&ped`alR*A?2Ey_s%Z^Z) zD0lSK$ZK5i{KaUnqe#zM`5Oy1o4;hLu(I}0yUMP;l)5T@NH8My(#Vu5_upqg$m1@T zf^52~^W=&>+RFv5^|D*~nq=sQ%uBId-oyeX+sI(8FTIwmdwY->S3XFLTR#~oI{K(Zz8PV+Kj5{?8#)I&y!*{2b2=PDApNMVZz8--tcUW+r|Z`1+|Kl zpWksvm9#c~$O><0@0n=nF!_qFg)ht*ZP@GCt!}91eMH}e4FT`WMVui1piyg7&k5d} zG#0wMiAT4Ki)m$smmQYZ)!bWGe@%;FcRr^8tK>ra;Pz~4MQQVz$M#V8fm>zkDQjb& zQsK2;9EOAPw3PlPq*NBQ?TdXSc$FP*&Y3Sx=De3Et;b^8aq>hwr|m6CWiOd~zo-oxzZ}@%t1pU;>Cu3?qvqomW4?3T6ziWPtx3s2DlgeS zI2p6Bw!V1+{9bpGiZ6P0I7z?pFAJ~C!KF2K4eplm;BGJ1Vvb#ApsSZW0IqH>;+fbja8sJi-y zj=A$1uZQ9VTl`Gg*I*U}N6{|9_k;`-rx{Z(y(?zb)LLij?kQD7eo}dq0Rv0%*vRO= zgJ&?^VJj$1%$k(7+#ukmxkX$+E4hSF5f2Rzm@XWyz$h4^C16`=Or;{LUkA$s9*Xg? z7!591er4ehy~$oydBPU-2Kma3Y{0KGA%zyzg&p~r5^u)86OguH$ysV!q-$rKJGoEp zUN7ZSr8$0KH4VQ9CaNsIh^SGw)=l;&>t^cj>Kjrn_Hpr$P%EEAxl0>`S$w|`@=d=9 zrR3Z)7!u#E%A3#BK)ySK1vWnh!`b;!41-m^YXMkGcOqy4U%?nQD&|xY*5>fYv)w-g zxoZ2Bu;**~o&eLq1Qq$X0uK5-5%DNssbwj(->)v{TVlN%(fsB?8)|n6X4i&uVe)@O z%(fmXChXJEC=I@Yv2-7UHd^`oMewIvt%rs7!dIiW;sv8;mjWdLhaBX^cG>ZePSzTS zWdN(HBgR1C0Yxp_hb164{3f{RwLK+*%Z<6bT*=es4v_tUD$`1uw%7t1VbVfxn)`PL~KcgXK8Ga#fja3||t}Wux z*>&5sS2h4Bs|+|mXkR>J9Y0~CvhIZ+gRykk(SdN>^WumvY`+yL;l4Qp_IlL0rG5;6 zm5uHafE7B|CG3*^Hdm3e${@Q-vE*}X^>l1Jh*#rf?iBjZ+)GH;GPflK2-&p(l`jtv z=>%+EY1jbKj}V7SZyqC$)Z{@${t0ti$M+tA@0!VZTH0Fd5U0<6XB4kF$yYiY&75Jr zaxa-&@dkrxuBFVU;jTpa9vLhTZ?XtCO|Vl-x8MAYmOI~xz4Xr@bd@Tt`1LWzekP5Z z^(?Np#!j@~sbDVA>MERU@la?G)6p$!8+Iw-!-TU{-byM@GSjaS6ukUO6m!mUZuuJL znUM;{Hl4}{!AE{FYA;4-Wtv)7C0eiQElNCLD=TKYk#_a*IK=tqVqVYU70rUX;RJ7< zQGE^YrzUC=>%GWqM6CE_5{{Ts46HXWWBQ&WD zVb~XbY>tXy=AlvKe}wI2;Zvw^PC*$K?s@o(0=Md3UzgOQK(9QBcD{KIpW!-r9I{d@ zqO?f2NVC5rArAVuA*wl34Hmx0{R^9u#1{QPMLEigF-3%aReXhNU5+tz4u)fKYwOKR zM>Eb`w&*D7)OzV_!EwMh@h*4Yh*eLHQ7o*?bCZ{x8takv*Y5^u>CPQI)C8`8I;@Tb zYAVFQ`x)4c1Hr^l6rNOghN?fno0(kQP3bcIK^H+)SVXWkU1zDxXrm%?SL$kord>u& zElkM6$Q4n@R<)gtk&Af(wToX8rX4NKfD6v!yijYMmb@6`Ip!xTu(Dv-wxP!gl>)8o zsKblkBExK=xfwPdP9tUp=w~BU$K$c8fwt>AFC}%9a$dTx+GnjCGqUGYZ_0KZFsW^9 zF5euK3O+rd-J2E}5#Z__*27Ov?!_Ax)m=s^$0>r6^}hH0QZDm)O^C>)6Bi7B+@RSc90(JZAQ7@tHr3qTsC1q72s#YUpSx+oz z{$f@95gIPB$R&32RM#;|wHz1|ei%j9j&@a}#kuBEw};6uUA=NT16MLwy6?nWbaBj; z)32PDS{QsmpaV^{D==?-L&jm{Bf1e^9fGc6dWC!O@yXIQy-tgt2^uzaT!Q$&JeB2K z^*R1IDIgExX#9LY*60&53hJo%ltRCVWvjmvena98K76eC4?N^DAdkl-L-YA$q2E3$ zk=KRZwK*K%R54>8j>4=dJ|zksFOupJ1#)5q1MM#8&|!J$hCzAr&nU1b$y|VHSK=p? zrHQdDX!$B}x;G^#OG`^1Kjvy%ZMPU%Rd=nXxpUOueENw%1z)K^7muk<0*_4Lga^Gv6e9}o*ch85;qbFNgSVxHp<&uMuq%8DHG7Qp!DVyHWYc$bP4l-c~u z!yU&XSU$qgUTeXS3c5DJ@hS`ERX{dZ zO2~zceMLZ zP_cA(=HPe)_{P_v5lP29sx8|n8bOZqnzERUZ#6m+4rvtAv$ z*s#j{#L-&coro77w5#I9v0>W~ZfvpVj}qe6eTKoSwGXM$uWybLwNPt@!p@iHSX$w% z%bDc-UPLcI-kXFmb)KAsXY=PFGy)II(AYK3%5Vbf*f3Up@@ZjDH!x$;7dF*eSD9s= zZFU8LU(9aH54~lZ%q%4EaX$0jOZhZf`f#%srdPxg0|^g=9b2souFLLRU{cr1`w_iW zW_R;9;}1?pXk;?00C`o2Fq3y?&>R-Dc`B_~c`$We+up-VM^4`$8peUX#x17Ujr~DN z3me~23xMF`1r~_$WC1D-J^+hAbiaEp0-9^F)X*4qAi(d=o+YILy6#I8hn6u^3OsB; zSYF`n_#Ea#9>0;Ob-J6GKYfSa>7^e!);7`#&R^e z*spxPQvoo#zBdnK@@(89wdOOS=DgIYQD1ukpf8Tk23Xga7rH-sz%4nh#`2E&{K2t6 z8^owX#hwe#?aKkn2j0N&^Lk702J5j63)}ONz#p~26$taPq6LWIHQ(hl4)LVG}01<_cyYnm1t9wkNNDe&s{{Y#3p?^CZARNBO z8!J1z{khZ%zHMAC7M?aK+PAq3dvh*YU3lK?sX6*~aRXRY%>bwTTn!i%`-#5{DfIql zh}Tc3)fjK)Aa~39U>|4ZCHjmjrdeMD#7cL5DXQ1UgwX!M3-z<89Pq6DM2@dd)zTQ!Qj8~niADB*EYE0-HLN}OLX z?rgip0{##MTS4;(^1Qd%pmh1{`GV77-KP3`0^`qt@x+u5s)4qM1n-23Dq<$bbe0}bCLhYuFJDQd6f$WLoj zw!(lCi!q0Smne9`62CO^4Fz6q0CwZ%V4rnxZBo}MWfUsh>=RU#<>@grh3l+FtfRE& z%t2ODdjTwK+j$C;NW~v)wdc&HQeiNUl2Yi8Zbw__%2N8Z(S2f2=J3A2SX_KVx4=`q zfqgVIUvlzQ;b)K(<-av3p=|EEDj*zEzWXR+Tk{hC06?~5BkIaqK|Gkn4s))-hrm-z zBDa&wsiO;R$x@MA>;YX}ZwLfYu5Tkh05~y4>qhqA@OR4&*1fg4mA3r)CgtNmk0GxV zyH;5GyX+J4E#%G{;^UQkKJsX~zlV|PE^VwKOT!zOZFid}UAOlOLH=cNcgp1*Z=S({ zPux`6{p=bW_p!1)e9T+=*ex%|xyfIRf}TtHjcsf_#I!s;`IKEdTeAUod)St>pr>IV z(R;8!tH<0;3}Pb=Pss7Jc@g`9ASqXO0KH-J3q9l6RRBD8GD>sjVT)Ee{K(KrULXsX zzQ6(|`<_N|SQ`0I%jg+V-*j{J~XTd+JmWJz=EtQfdA`QdpWBlL?0vu5U(HC=om<%1P-tG@Ez;sNSgdy*F5|jqh)O4`^3A&2cqAzFh zv&MaFa>$-~MqQ8OsB~)H@+#YZhyg4`5ijwPYOXhs1*?VUW$=z8S7foqc&Gd701}jX zxrvkUaJviQabANo$zTn&B&~r+U-`$ zT8eX|zjWQ^l8O;Djh+6GtZi-dl^nC~t_fc?wPr!orq6Hl7SI>Lrp*@hnnJ0!=SiR+ z>R8>{*JVRjes>`rHs@HhI6pGzQj~i(P>Qr>kO61Mh>nA}Qf$Sb=Sc6#UaDG4E1Hu2 zx!om$S6>LvpjtGZ2$uUGp{w7hqSC4IN{H1fq(Y^xypoJMJEXar@@W8zVOo*k@5{)} ziV0mZ5GFNOL@DHA4?zLCsJIIJy9uj8sMgGRU^ZiGEb{j5#0o4Zsps;FK9UP!lt_z# z;*0u#Ue>&T0WW?-VT%GqCbe~uzTjpCQ7A?S^8CU=t0_mZ;=6IGnMG|~k;`q(A*;Go zbnLjbu6Tptew`syrtiqPWsUQ6h=4WuKfH-bECQQJN#LV2io#v(nJE;bUXV~0s`5>o zUigjggV_r9qncze-<@qT6u3N6Y|;Sh+e=_4?UV-A`b}Y+6zz=Nf0j zZkXK`lmlkV9|rG}6fSC(!3_K`gWjvHyZ->#)+<4mQL2jYax>@ll7q9+NdmZ}Yi348 zG+kM6@&VGO{Yvw|ASY!Hqn1>lR?A*FUS$HU8OR|a=DJGpg)MU;G%qHS& zr@25Fm042ND^*ugv8B5@XV38sPe#Y*)X+SG(jKgNdHa{Zd-6demF`9gXP%K2jjGy! zlW$uZ8-K*{CR}!)=emFaPj;3{J*B+66R@|QEr#uXB*MVl-P`(#I9J&KgU7+J)Y`nr zc4<$dctj7b#^K3cgIbA#~Acx8ex-Z5#M_{nk1V&ck1`N?s0b=;H- z6VC`Gv-E;f1?)t|oPsE&A92}T_(gpB&oJAl!?h6>Al|zc>n%G=>R45pHMk1MJyOZ2 z?{|49Z1d>bleE|y_oM0Yh;S|KO}pJ5E<>v)(D zbGSux?)9RXYqU9Zy7-qfS>~C{jr|)p=)B=7-m%Py%V2yH*!wV*ZpeEGjxXN{z*@ed zD(d*cUC=#f4HM=7prdC6ABG!Uv)&Qj!|`E};ius2y;9vYfk(b1EKcf%Y_840c>$~*QKJ$ z(jL-cBmfa;Qy9l$6G5TXr{p!ia>AD&D*ZhIacR7c9#E8jd`nEFfx&e1AI4X!K+u0r zo6V8PM&Q|}Yp;G?OYu}b5O^s4{UG?Xg9S10+Gm=C1fC)~c@&$!2V-2WFHtDIRNR}z zQPeYGhQnDs04&3J9&7{<)G-eLDMm$YTGtGh6tsQ_61BIv^(jRyv(YcXQSA}X-P%q; zRkP;;BpOBdGE!RNxLGwU{szR;c4r^nO5%6mRy-6Vn)g-P1*VP9aZlg-F#s4Vo9%f>o)dRu^y;3JpDY z@%+FAUyy7BpnJoU5*)7)mm7Sc2wEuoLI54}L^dGT(Jd+JJO|n80+VJ_&k!^`{Y%t( zd80M}dIxehxn432^8H2Cm0u91O7-AE%NOOIC29r_Yos(_^N|44@gE$083ZVI;&OtY z3?MQ+#uJA(k0V_`aO@Dm{{TA)P!{|_v(wZt1uw+kEuv(hzo~eyJWq&S)Yz)%1TBu( zHwv5Eg@RS_uQ9-Ao+}_8k$ptlRaX~+if`ou?eQ025%}=}s-2zD>(@5-G;Y zK6?vl%W%UsP#1f|P`BTXMaaj^Ko_m!1>6<=2~Z7llA8k7;=ZMq5pc+c!)-1^B2vB} z+w$aWE{_2{9v-_GFz>$!YiUmqqJsRxKvC!-D*?;osbZ@+D2c0$LSnY%ro5o2r}R48X#!qawt*dwnoB=tgx4_qtsK{NAM>T z$2`Q{;_t#cgv_a@ zEdi)3A1guk4BPjzs9m9I^eI^uyU82X%{;xfMG-W5n1&n3)D)kTdQcB7PJJE^NRfC* zpwUFH+F&mm=06ZR_3wy_;@Y@f;5W|83k9!_5hx~{fK=%*hP8}(a%do}dhA9)zaHWR z8gdfEbi>M9fp7AIsIEd*9ZS9@H{|CbQXPAXN<2Jqu)GDMlQnC>)C4@L#{Em*GgkFB z{qIbFxiW(24hr=QQURV{hvFP5SIQX*jre7Mn6*@Cfo8qLWfbJ$6feTM`USb)!#+mW7!W z(lWOq6bbm`XpxF^mSF=bpp8LS$XK0y*X~stF8xasJMu=kHXD!tD6gnBfxl2L%3XSf z_4m%fYM1)itBt-&Yg~RCjEF18b_kb6lHF7G%J%Ji&s4l?P;Skyo5@^t>uROEVa=D6 z8#-k04CDc({$O7XEbO7pw`REj29$?9$5(HvuheX->!lM0uD&ulz%GTK!LQ;KXFh%< zjOFKbj?@|#L)nUFDaZTnX#NEeT31Uo5f#>p7^+eaX~@lQMs^XZrywR$sKzv?d+TLL z4Zb@NfCtSzni{v5%k)`#V^jr-;}aDE%zGM`o%E=riXd37EAcFw0++^Bui@c`%wKF+ z1K>=$VSEaF)XgSeh9GEHZBTE6UrfmiH(1RWdgCy#8+L{XP79oFSj0EdovH`nxwGZz zlq4I>c_@Qc9H(Ffm3_uO058okD1wvQV(2vZV&3?fjQC4lorE`)>Xw)^9~H)EJ?6Pt z_o8Ou>KHbIaEF91uplT5jPMqk{}wYE!_@q!`@2AcSm$#tWm9F+u6E(69|A9Z{ag4D z8Rn={OM;|;w;UxmnG&L{@k?lfc6Tt4m9=i(QoO1ZnTyKMX%!k+)Uf4O%L;9;(;Y7d zrY8$H#wNk=(!?=Ha~Z_e{XXLhC|@+;9;8Kkgl~s;35J4(>X=NFX4vfEi)qIpV#Cj< z$Lu~GhPi$RAz+ACigqDZw$-KpaG<`UtO~tt%mN9nvJ1tv#^)ZNvJ#HY7}m>RwA~U_ zv08SR+6As_oRkU*_;8j%(@HU15Tg7(SwJlz(YNkgOYU7ixQHcHU7(dY;RkQu$3Jl> z1CFvFPzx%XTL`*+9RC2xU=6n#WzDDQjKMzSs{nam@?Hod(@|?cvs`6jpgpXD18ohK z{6f)13n}$A1675x3oQlHal<%q>{DxR(+lZNlHMhS3QDCNVq)r@h$;$Rtd_Jckj8Y6 zla5Bz3&&ovQ&x@oR&_iZafYu)0OYLAddF^7-#}tv{{YzZ1LGLWTV3NS26SUNIBz=! zuxxB=BO?nA*ClV~(>Suj)JM@8a#pRX=NMayf0%02Uvk6$0I^f;y|^Kz_-$a)a8Pc_ zfYx?e8{wXk?YDkm+Qr`NSN#|jG*6n1^E+0T3m5QqQn0Je5th_`4f&ic*7c6XQ=S@{ z7B&QHhrhT@^sGVr!SHT!6T0o*b_Z}*towvCaoRZwv=$8)*?e8L%j_NywVKsJ zo~Nbkq+IDsh3HKvcO?iZ@L$BThYGy!_TyD7=3dL82RnNLl+|;v1wKmiH2Am7vWLw( zC{O9TH$%G1jkC7v&Pp5g^9Z!qtITy``Si~*)4hab?~7sPs>su5CkRna5_+w(HKZDpa0! z50jNavs7E5_XfxS@!zsodM%RBFVD|qAS28Mm^+ER-b*-mJ4_V4Tf5lmg<)@Mr(Fwf z%D~m0JD-V4*8cC2PA#`h#>-lJu&R6=QX5nO58WeF{f`HTCGOMn9 z_p<}w^BtK7M*5Z-TCck)aZ2^rbQIxk?Rkvsa?^E2c@(`qlAc@f=2Tdf zPs({iO|BrkkK?lHqK~LlPcA@<+gldsE&dP+x4tX;{bg|Pd_mlsUF1U3ZB@mOj4QVp zpjpK`0H!>If&0BWr_Aw_df~BW=u^Mo@*?#dF)_k4(M|3wcW4S35x)bHY{S^zhhkFDh7m2~Uh*5*wnx z7CJ1wx9SfN;9n&?yw>XkYKW8qs;+rcckaqjO5emYuR9PVzG*?HN zEf)^HQEhV`W%2}WE;kDZaJ9go7h`k<-Vr=h6t@*Xd}JsUw+t(;AGiqaei+=K_=?p~9z4&yVlP=j?6Ao8{tJA?3K#b>0307lsI)8cf+>Z)xkFdH zxbWH@bx{j6)n2i&+o$b%jstdGH2uYIcCWUhX}0e8x5&owa@79-$PD*Ga9MFHTQ)#1 zwuC&Uw}(zH1RILJAq-jYLRE!mMX*J8+HDr438js{b7}#Be4#N0BCSWAU~KYz%0YDV zJ`k!Qc-A^;S50I#!@YbMMS4b^5}<%*B8;$UewhF^?N0eHtN^;#uo1zrir=iE!JRf1n*7vpz33j_@*SIS`E1aLAiDbb!K5xgsUn;@%x znFCsC`bXrvx)SkvNWw=$aKx~!#2C`8M|)C1x-2WtV_ORRH!ToX<`FlX*ePdS*k$SQ zd_*C0mBhUfM%Wgt_MGH&yJ`pB3;0KhTKy%?%5xDHM)C(ibItZ1=RRSDw@?6)<}NzX z9&=5urJXOv%4QFB9(W7!^&J(9YQi~Jeq}+Z;XSyL^Iixp#zj)#EmA!qWO#TwJJiLQ zK`M%k=McM~QUDKurO)OvqoVZIc7UIZmW9MCtsaZ8K3I^^eYeEB$*$p*wDYNIzayn? z6f94R?AT?CRkp6S0?WhU=U}wvL{KzY-gqirv*3Z!wS?>3jbdn~>)i?%FTn|ZhX4S3 zW@y{Xp&ct+7=1yDrKlp&3tAkXW+fdD3TCrY!x%JQ{D!fH)Z9Z`oWNN=uu7x@BsDY2trI=M7n0&`= za_^2!=D0pt9ZA@SPZGm*%c#4ytqTeF2ol9KV&z8uV||-L>g&_uDrBpyZ}T<|Tc=}{ zPaC8ZYt~{vaVU2FkBE^sZM8mz7_>R^>hfxf4ceAK0-U1zn#vhQ#Q_uK$dhOIIM zBhIXH8>6}QR0b)Fv)rbnN7DXTY6yJ3Us0-{2EmLSw)MyAT~glH7<%wu62-cUeh^u$ zOSj5tg!6j@U0rLbT2dM4l{Bm2VGCN9+npkZ%nE5=+)P#7-(_B3Jh<#T_VPB)t@xOq zK6xpX?o&`eP`(wD@t;sxf8<+3AE?1sUvYc?05c#_`DQ)8vP)M3^AK%i)$9N$(z?NB zE9JR@c0D_-$YJ9d|k|Pxg`?eNczZz^V z6;vFrm~@4KrkNCa4+&ca%Y5GofCrDpz)uHApQu4WSJWg{BjqrN2sP_S#_==6p;m>O zN@x{cAGva^X|EC4;AbTVRCiJeKnEOvzasoxv0kg{VY1iR$V*vU<6=hMeMd)c-jHRz zIJQK#o$}`(q!!d#v-yEL)8l9V077niGbMo8=RC{de%zhO^Wz~rvwg_X1qod;H+5f) zhPSKEL2R?a*^x=W`61G2^(}7M1Yp57ajC%|uTABt2ibfPIU|hO~274?lO&8?9c8*L+Mpp{kcVuuc{AG0qSX{eM-HB^s|r=(61l;my{4%@XcPi zHw*Ei5w6i!?Bwhggj|3kP}o(RihLhTsYgQ4USlYF^5?xVva-%(CA=@< zRU8uXv&^-n+jyG;FS#DVt-#4{g?PHSs0G&6#p0&0BIgZZ zK2+N0>JVCn;8eUWldel0p1ezYexV#V`XV;${1Wh^Ug|g$epGT$I1eEzXjiH>2UOIj z1R;Wr0pj8qt51Ys{3{m$x!-8qE47fk8Du3CkF1^c4wOp|n!DjHg`V(^HE2A-XinAP zFIgy=N<-q=PkmWkMErrqbhXuH7Zm}Ao++2=hn1cyq0)mQ`+MR2}NI7Y~Pn+RvBt+0ZPOKPZ< zX+dZ}k0H0vdxG#-_#*48`Xvkf2pv7|2nrv-*`-8VP#laj+;E76rTh__IC7`dd8fhV7G56|Cx!xtc4GEr zBv(lmsEaoy*<3vY8}$*1^TUuJrk&v_6j$ihUdPP{hKcH3#EzUZ`xD?vicOR&?tVMG zxmZx5$_K3T!E^pxdD!VfN}+f?>5nxo09vUPGblbdv8RYd%# zK_$TaKZ)X<_%e0d(ovD7p#yCMbDxn3pebvh{$uPDFN8A}UOYw7wfeYgMDuiG4QOcS zggur|fSyRv;DHu5!AECfk7!FLH?$iqNW1tVu~g%RLNW3-!;#QlmfR+9{*jET> zT--8T(R08y6$Qi5uT!aFs*H=^wXGW&L<5Ku%$DF4$bzqK_?*M9N4UZicSN#-%)r^@ z8ZU;m61)H@1KkLwMPtU0qF|!m3J5lZAA`Rz!fTWp{a~2jrNrhUBXEedW$A^+POE1K zZEx2b2*BIyGGPHN)`^`jez=2wK;2cCFizeW0mOBMACa34Pjf+MY;lq>^n`AVBUVB6ilges-FTpkVS zc>se|cExlab`fCX0`*Xd+iD>_y=H!8t=j>4SpiTvG|41bK|k>8w$0n zS~3P*KiYKZT1dbL+8H!xif3!jl&)Sn;Djm}t3>|*HP11tmJw*S>nlhNMqA{;&1&95 z6UD07Bq>@<=VB;W4{MS#Q$EX8rUUB2xr(?|P20X`22 zeh+))Dg(?Ya{|i!%av}{cuUw=HOXhtr^-A}6?`KP-z$>#q1=rE@LKeh1t?thgv6)# zY)}Kgh09M1SRm87w}^!b^*H#LJWTm7ll25}Yj)pq*qSv~vJncBhjjk1Qvm0r9?jin zU7G^JivIv8(L+_li$t!r*IM=ajgZkoTq37m{YDTT*UAZC0O95G#*=UA3m~QXOS>oz zo|9UE*HX0#Ge49Ikn@!d4bgI@3OxElg{4~iM4SE)rJz$Q!d$Z1#@hVBT0zz0>LWn4 zAIf-VLAVj8ha$aY+pk|yS75K&0vb;P%k6|4!PXwsplS!?D*h8dj`H}1vjV(z_Xy&= ztR4cbsxGAsDNUZxn_p~&jbFqx${U4pU395XfL{=$XXD?@8}JI20x5u6hwIBOlk6I@ zF$b@KPxhwBpT{E@)721`IyK1ci*LAy_Vp;33Cwm}Vf`=z_??+70oIs+4sRGi@r-Iw z40po@mxsdu1I_sv;0tWlKo1&TJ)aZZ(@?#zeS-q#miHM|SJKlE02kb21t3_eI}M8d zz;YD~4uSq=jjd62r>Jd3W*B6%p~s&xx2CKcW4l#Hq1c0?r6sgPbc4~BX>4JqD-a8Sf*1DFI z+Utw~WvA4&4m>H9K-aygPk=9DE(wYVQ8$LaFntQb0H8laaA5hTB{BJ9?s(&Cx^S1^ zHQO4vzc4%uxeEHW{lKjU!Y}S6U{SO%FGFk7UgKnH`*gq%+uk!Yy9`A{Y8N}JxDeWv zL{5L0KET8(!;-KIX>_UrjSgB<7l&a^FuaO9B+WmB3Mqa-jd&Y8#|aU<7VIwKy8I#l zIG&h=6bHljp5gp5zK7w8t+IVP2wc3B_8{OJoNpku{{RC7*Ic?{tqJl*bvpM4u^$0< zO!i9jI?j`8;r{r6ck~P;(Ph^dcMwbpb091ZeKNCU_!P=cX)_slu;->ziDQ&AsJnTL zL0eOCiB%U08~pzO6CC#GPsBz=*C~YoTDtK60DQnOS%8d1>ki{m(1kDtr6$iLr*ax- zb>n}CeO^^kWI$4dQaclqc}0)&13re{f4|HDRb!f?0+-08xLvdpfo*`mdA2oC=Hc^s zQMz4r*35;NwLtzD-l$d6V+$U>kGRz;I34UTW$D%Z#J7rjj09}I2r}@2<*3sXrqxwU z$tshDnS2Fl);_Hl~*jVumP)#I{;E&69r0Q@k`Ij%9R12c~%=i>RuHk>}3{I#ssq42Te* zUsVKg>yQO`u|9Y^5Bh zrqdS9Cz97=8K&n}D2iP?ynsc)Nv_TeiMFr_vb^g7G2}5ww)5o|8G7Sp#@fJVscm1H zKqnRRE()GnvWLenujT+M@ABkHY8}^SJQi}SLSK2E$n;?u53;Pz|pnEzCs{b_bM#w<{bqNj(ZZwUdmuMIrcHXTORX4+=zj&}0m9r|!e02RYL*RlZlKi?}^ z^pjo>d$1LhZZ_Cehqu;iCDF@3x|;M^wbJyq5JVqV^)AV63a6w}tgA|mjAaRPT%osV zo~@c4U_j74F2Jo8<=X>M@D>}b9J^yP!NA%;J!5XSP~R&2u$_zPsD)QL>yShU0p(>a z1E*NZs`%F;QKxUN#()d)Y}*1^-D7ywR%-&-hvoc0wE!4e_Fx-4YuG^Bd+o@0!S=?n zS{|xeP-@Dwxv@d-P*F__c?%|=I^+fwTw1|eWnWi)LS+H^6h3)nNlBjaoMf=07FfD0bU~pYsYp|TJ_XTY`@h@#F@daVGamv>ySN(GT05ZhA z_XSEfb=g7(9Q7GG$7{^48}qZ1wwb(zvhQ=@E@|?`m-JhmXPv?=6z4CrBP%O3F0@`vk0{t+%W9MN^IqC%X9bp?9e@M#c50(H|dN4&)uLL`6vy3tV zXKpIm&fFAvFBlIWW*mBtmh0oF{=nndAS}!ZBCv}7BJ>OFRC+~~Tq0-(Ud@GzvZ#d6 zmc-o=C5{UJ0K{c7J{Z=^5+*c|16N0ZjJUIfyA{A|;c{GP3&QHGr%m6S zj7oxKp=hh}z#VMwVQu)!L4O3TrU!BnxiWJN`Q%4n_-)uZu(tmI32Z*fP-(Skf6_JR z3`kDv7MXqsa`oydMTLCJ_E~p+P?|3gLotkByu_XXc)JtvH_T0LzpB&Wmg}aBs@mOq zckTqTA65KKW>tTC^)EA@g~}7f)~WhQK)qE|x&#QXFt7(%RRz~-Y*@_s_!mdz!9{ij zk`ux1&dY%Fi39;d%pH{aAOyU=fZ96O#I8?Gg=jbh6cz4RULrs?09`fm+&qF~;a;gn zO?0k9SzGf==sqZXAXRd!(lNDz^4MWV_C{^BYP<-Vo|(Ns5{JxDY_5Fa2k16?ez#0A zCEt-^=rLFMK|zjn7D`nCT&VM?qy!p%B-qw0HRr7RZnr}r)Jx3>8Bo)V}ZZ<)GLe#nE`>>b4j zTmBK)0pP1p0o$9C@fiZGJcgh@vuR=$K7pN6O$;yCH>x0kJf2X1RhzeQu9kGSj0Fn@ zDlULFV$y%D0dz*9EUhlDh?{5u=~MY%>t|4$_{b!1&>TF zvFFnVm-&VOcizmFAI!9?%Dj65tdG#_C3IIj%G4Lm3=y)8_X^+^UW}ykUo{XKqs@>v zf2EWfTw!%OT2d`4hQ1Reo-nw}<;KXEE%~`d)O57MD1JU0E8UG>O<+Ln_e_YM`O{+6 zF5g#>?LIc?JPWqE_=B`}c#XS;G>{Yzhte#){;&iE7OSoyt~g){f}35NhUL>;H_~N8 z&RYdapA`mP1BZ!k5&Xt@Z#Gbsr`)^pH8IfJX2-V(<@+IRMjvsC9oBaF?~1Q-Zw`u-Noq4SoVklxXHTHWGR%*nCBn z;k=a4uY$#>bw}8PkF8KXXALeEqsCKZv~Y~Bz>E_5zZ&Domk<_wuBF6Xfc58??3y7> zk8v75;WPgLp#z77o@SNy^5Ls>0@Q+KUD}`s+WET^A!}=uoBVNM8?36S9N0|tB$c3RoAf=-t%~w zqs`GP8eZ`oCqe9hq@Ly?2rcL~3l^4W205$Yv}Du=rs5%iP67SoYl7=nNC`xc%yJb@ z(`^R7iB{^57`yQTd<@fNz-@PU+oRW$svhiX@76Irp_7J7i)tojhTmc1uzdn|79QMChwHG=GDf@A6; zJe@HP;l8#uU$N?}=fulfeT&2;@}kc#raF6o3H2YDEr>U6HVr)SP*$|JG5z%bAsc2R zH_EC2+tW1GR8-raDR-CYFRF_g5;~c`l2!aYkOgEGy=9^yUrh2Jd~{5&c)zjFt`MKM{~^ zXPk`k>z*a4^XiG+-W)1j1EYBjU6qG6T6e8o60+ArmV2F<-$dGny#bAD$?*l<)Z0q6 z_@>Q>(&ZG{1ZX@tE~;0$gLlKZ1w(qtz^(4o4(+uIj3!X!kbVQi$zaxt@vOKh)8iu@ z*r&5$5hv4SrrKuR6GTsqA_tXQ;FU`l?6jHvPE%i?VyTS}0+ zZ_nVAQZ^b>cKKzCEqJy1mldFEnHQffEl1Nz&zh9jTFFCGs=L^2wM)XFD^l+=iDe9R z1X72O`#`+X{5dhV1y0qnh`R4Q#}%es zK!MOl);c8ifNz=g8&ro%0t)yR-WXPm-EaX=^hdlz0E>ti^h9>y_;yW{*k9sMvgOJv zc7Mnm4Zj9L5Lxhd#1#~ZKB(Z)lWEf zD!6Pht(2CJx&!kl4~U*U{{ZrNkShSlN=v6|sqkDdjPx}wg}dcfD7dRZvCV(^40{*E zb{bpawk!HtVTUvIHZ7Xs1L`Qkwp3c!_%>B2bm7lX=^)K4g>@DN%7_5HtQ#P#3lxQO z%Pdy>yP~DR=DxQh@qeOe@l?4h4(nVcgcrpXv28jlDrKBKOTl~Q5see_awsbPB|5q} zv0ogrM#8mzuZ#?^>dvHeMUqIVaQco!wIS@_#j0`_#m@>8OT)dnd8j3XtyzO zRT=phbgpDIRIjL7D6IKG(7SmV0`sRDN-2eUM>;+63iwsMPKw9ig2QY0j@lRIr%OV+ zlAai8lJ7-Q`29~HbXGwa8;dIKhQ4Q1yreJl2&4;n@e$AH?6FIe17L-IZsDSqrJaLS zt@A7mdKBcM_B|JHqP-x-z3EOsmFBLfDj-7JaAm2cRy0Law6oC!1*`OA5HzFkK&)5< zCDvc~M^)ALSAUq4ZBt^-Dtf`O z_(2FQ0OP=UU|!oDN<%JnS4h_0yUkvFLCUJq{{R4T=lDSn08%B8(JcbYoo0L&A6!#AZ!$vl(MeDtebQqHqq1D1kag`bdV_5#+xq4 zQ{e=GcYwQvr0rNz6+~T&DRGuCBh;GaI|T&zMS^KRXjrIGV@-@g%5V0Cm|HCLg3`dg zHVYMgcc_AZl*~n@z&->wpR-81pnic64u=eaiz>D(kYMXbT1`5pzC8}lhBQER6E z0CrrbR?GywaC~FmnQ3JO*-uh{hBZKkc3d<~*KwZal(xBw`;ArUrxhQAZCyG0iZrJf zztp`PSminCjRkCT2PbRHGq6x@7UBSvzc|TLOD_2S`G^3ZS|McMGV>7w=k57ya8Vfe z%dW9k7jvuR(T~jNQ$`eztS78RbgJ7%<|47K8fTOrf~q|Th2`)>(6w6$R^ct!VO<28 zfqdOiY;p1PK`yar&b%==N}f3_CQh91=3ztS!*JTVUXMSSwgRoFwO`p?gJXrG3A7y_ zQj^%`MA+r{C2lwM9j1zYP{T}Vt4fYR_ogdVRrSfI-$zkCOX>YV00Q~t2tHNq`-Ze} z-?UIZ3j*i^eTr1oh7BJn;V<@mLXWJ)!j}*}Y_-DSj9t2(CdH9@PY4 zRhQMk$XUJ}W!n(?gdZl{GjHV!U?Fj0)Oi4jr!~m1BiubrU4onSC}Q69dVXQ9A6$&a zmE8SD0d}4spD)T}R4e6xZl6yE02Is>OA&r_yo)wBabgYU#xmIOiqWgH?7?TZeo+>V zZFo*buW&LBmkkc@hfx9wsPf60b865~9tslI0?Qy%K%)k)M@H(PNh>(O%-L0QX+A``-*H? zkrmwa*X97xu`CSZY+j!d>*lA`sq!k|W(bs^Vfuo_2kH_V_(y82*8-rWs2SLs^&3%O zE5jF$7XlSN)3dz1mX8jMPNur=RY#m#zZD#*G+Lm10s>IJ{sb+l)rG;%5VsP$xb&p+ za`K1i!L`SOYl3O8Ov6f^jhWCn&yu50DlK|zn4DhiJlxv~SEBhE1v zj1E&fDdG9Jq`I}#WTT%gm0$suJM{rWHN|lSzAoNtx#Rx;VHQNbixb460rkYOu==S| zjt>=ZOJjNG3?MT7;G%-<>h3hV3&lJ5im4c6IRzTSGZ>8vDiRP@6bg#*sc_X#vT2Gu z@st1-8Fi-o!B!qxU)GTuYK$aLFP@g z6u}7_EIMTzRbxJVo(}5&0I$?t>Y7`_H0#H#IE5d)v-5rQmrpnaf1C${J7(1o^%P3P zt^H~cfdhB`Wp5Uld`qa5T`k#rVPXX-6hs;OGeifQ^nkCMGB30l0;qi}h}392ZNOZ< zKyo_pmt18XA4S1-3;gWJfJ*Jp0BN=`O=9=4?$hD73Xvb)$FT={unQZM0kW*lhr@Jlt!5`FB`G%syZsL1uP%#y;jY2E0@i1^gVBZEl}4 z><9ipHrL^Ng|%fB*k82w$cFFvxJ98Jb_GOV<}->u1_ofim6N+nr;M*MyENzhm*^vV z8&q4bXCPmdFu`3;mkpIsVI2d%FxLuotjh3psb#?<(JM7Y#a>lL#94SMw943YXYOLwmb3 zD=p^8h#-0Gv0NQ0>018yj0VCM?06#bES{aI#Zsph>Y*%!d^T_7WevM}di}wVkfY^; zXb0@VwVZs$he7j`AcN-RoD6lahl4)aU%6fj;nk_2Rkv>-XX#V0m_nMo1t22XKCaBi1W7ybKzzeDbzbRl+F{{ToeKnrP4<`l_A`6z-MRj}NaHd)5`Wu3qt z2X+_juG+ivQijIZ2{oG4~cB!2Z{hFjJ?d>*gJ5znDG_e9Ix9{=x>g=ermRAE%O<<^EydZrgbh#=P{;sF>VV z==3+pCx)LpJWrkMz1SbQS!derAPX0~au?~=wo!Jz1|UVRdl_a>Rim)67OTvqCf_&j;YYS6@Cz(_lH4ERe{nCO zp|{27{FaO=19Ua!gbReKzcIS}H~>E@LFic4P4sG&X9arUKO<9 zU0cWmiz;%8=h{`WHc@k1h@-)s^8~P1bS-{cD=A2lOC-5PJvZ5oxakUs<@ld;_>Fim zB>dcUoV)P|rc1TO3Ti2J;iNm4=N3U(R!}n4$fg`NZ=9wktBf3h-FLfF*T~Str>M;W zG;5xlc1HX;KM7B1fvsbnpl>uqDT@N2(l}ZW1z4ykzcj^D+JdpDi{Z3%hfS-gL2bPT z1TLHJX^+rh+=e+vcIHMJ9)G@JqqZ{gPyws?8)A50I}ZTLJnz&jf<78<0%1w>;$kfT z`4=xsJuSI2odB^wPQN$hjM6ij!Cuktn7~-Rt>on;Jk#b_DHbIM(7rZPG!5;puqh(d z34HYap$f)bTTDd?)u@SI8!UBP6zdnwVdXpO5NnHG)J3!Q58PMjdl%QIb}6cmP-2Qx zc7_AX0Z~r{ETg!2i{Bs&fB+ih_7AP^wD=f5i)ro|0Sm`M%jDWWiLC_q1-D#_&kqjm>-dl~mAoX}e8whL9QPY*p zxYT1A*`ZPBHJ&4?hdnj1s=_|{%c@t+J7f(dUHQ+6R`9^+m-Ps@r1_NfS7(_~Dbl{{Vc(=q09H1bB4Xmb`1z5EQEM z*60W22vr86>F7bj5r<55@mN$mV z6=t2r8!A6}2pWEOVef2xH!j1w?hAEcRcM-8h3zbL@(V%^kBv_<*EYFVDox7ovj8-vWR>U=m**u{ff?A!KX)7 zPn7GIahm-LTI2H%s~TvQ~d-*HK46v;jrHq*D^w6jeCm zQ;Dm~l}h4JiIClzju?AZ_iFFBP3jU{(3-8<&1$NmAmVd{Z`r|lFRksu4VVdjL&Uj| zz<@NZ4~s*v0`uAEL2KTU%JvPfG=vrEEkXK#*V>oDbI`KanUJMh?iw6Y@(0h0odhxH zO}=S!+;eh>Q{O7=GOT$5(pJ>s^>6!<;7}{7v6VuoHMFJB`RkD>Y6F(+3e>E3pNU&? z8VVtA)%7b1x_zf%=WP_jL}soi3dN7KOSDctQluJE%5^!P2x)0S?FppU%8CG^m%e%> zz-xjVwsIY7puUW?1>c9=eqc5?$e7@icBU{(81>P?$hHlu?uj*(; zXYzxkC)+r|U!N1u_}!M1t1c3k=FQpx!9}4 zj7wEh?lvvon7(&(Y-P3o0Emr{=LiOXlr&+c7mT4#G{c;?W*NvxHq>%tN@dBQC|JZKu3)0)0aViKH(V&6blS2 zQtIklaVVpd^BKS$BDI0-SV}Igkfbit7G>;RhPAW;zHi37{LN`e5oH)Fnlbv4*~3R+ zSI9ovhy)v95hx>F<9pbw)B*JnfHYantA@~I5!uSCw)h9!Xw3-L8^XX32>6xnK!rmS z?cPgNzoX_nE{JY@PB{v}$+t%KBhs5ljhsXa+K}8=J z(hwed(-@rvK1!Q~zXB2N#jF#-R#@{;(d;wKU{tZBHMn>uefpNb@D?0Cz&`_#!!3%K zY&S!}N;0NGt!9V>k3rYS%sCeVSf%L05V~z6mFiegvdboh+^UZPA~_z0ls-W%9yz3Y zC{sEW8a7f8trZS0Yy8ZKPu&>}o&;Z*;8p{L;%k8}z9xkesE6)0HoCh#?B0*WwR9jL zCYq?QiQ9w><7=Z>phT^8I{dG0bpfyd{_-w>swGzVo=J#{Ez}<{Sp^k0RbWt^VDk!9 ziWqEty?jLjGtgi0^9DX|gyuBTfcIRePF&Fvg`p}h1*>GQRah^PM?qAcQ&9+|+w&Q- z&{?|kQm9waV5=>TUs8<4mHr5Uq`G*yQ)j@ju&Nj~LhNiW*s;9|v}zpfr5EK8u6*+T zAOm(C?;;zr`+B)#Z(7n>!o9`uReRzQEZDXYvd~}4;t3l;QTGSmC7jbZ!@xf+FejJr zm!_$N3v=LswcoU5l(zSoH?MnH*nqzE(sP|Nq-*q0>TEqNdCAbPy(Nu1_DdCz^QJ-x zTfHqMij{t)1X`P<(iZ)b3ra0)mj$o!$PgFFzReolyEEb{+nx;|8qwE|%2i}Dq-dXB zGh;_Z;j?AE1U;~Kh{12{FqCxlVUZFGeRPET@|J87rlysSq zGR!Fr%CLVEr_59>`|_lHO7;l@2BqQ_YtsF?xpqTF!i|LS+LYen4pwAOTAd0n`5CC$ z#|5~T;6)!WI8PRVq_in0J8_|T<=H$1mtG2m{n1at1X)#fpacH^t=Z<)eGJKbF1w=w z&?2doDuzf)8v^Vcydfzu41&bbL5sI2WpW}Z4`X&vTvtW_ttbc{h4tRl7RA>KaaM5( zrM5yd2Ozh-cL0(Z4O5R6;|A9{{S&iNKyym%uGuw<9=ntW!){63Kn)+TT;+B zX=2x7C{28fjBeOa*(qCmEY@k+r;*6i%PX2}RRx3WOIqVO12j-q4DBagaDvfOIL?R=blTDUJ$B36Pl>Q2O0u${8ECm z)H16}LT~T!IjI2y;nS~}!5^h+4e4T*BFrPe@NrNc)wHBWixFyD;w7xA_mYV9fHq#> z`fRT|T0#geg+M~bN@C+qBxt<>V!KCXG=w4GXs}VR-IsAY_&_zIh(F*wL1TIlIzbE( zAgfjJ=5{%YIvi9g1r4t%DePN7*>7(IDd9{b;-G;xjCPtVE$5wt7Xxo@f^jO$WFedq z(8-8wJ<<+Ma02~4{{X~XtX8kRK<&7A!47g`LDUV^?Yzr*Vt7w5s{Cc7Kx^LF$TTXS zB3L4~$r3F?2lF}A?S+JnAJ}l(1rr(;5d0Hz^-}4=f zQq{;&%{RoLE|+&^z-HeKnJnv{XJb%*#Cx=}ITbT|-bCwpoXJx0<>dC$_>SJrQzh!p z#u3jyf>r_fLQvw@!LVRc@rWa7qt{ScJf+IiL)IH(-^8ii3^o!x20t$*Y zXi*Q$UqS8`hW`K)G!t&3t{7w{ z4t9cby8zlPg{ZyP#Hv&GhQf)gzz53mF|vj2dPo#}{{V(-9dODv?9%DYdF-j3vb^|H zS`^)0a#e;1-$s`K;eU?a;?D^Hlz7kakh%a=DOb|LPFOx*d+wL^?u2MJ)VkH4Jdrlj zMf34G{Sb9pG^{%EJ&<*c`q)?*))CETo1$xP;B2h7@l_AYZjBKg6jfqBD&tHW`06c> zv>yRk5FI>W8P`K_jwYBoYYb%|Wml?{Qij=VNc=0@7?Q1PvXu>x2UdBrLixWjB_<#x z0r(iqad$zL;#}iF_BOEr$v!SWEOQBVZS0(cl2c zCB^2$=qe2oA-Y4YoZ;2;2>`Sf03i57bV?Qzu4oo2p;e{5U?2AClwd#-+N@GAUb6Tz z47w~W*~$17L3J*&Ap{A%l*(jA%p-ui_2nbVFzsmB%SrzLI~x6%G__So>=yEXE}i!sZtGH)20S;Mk0o6;(wjE*qBJ`9ejzb+7Ww`o*Gc|>;u#O!?ds)f5y;e^mfb}Ll!imX$Q zC0Zy~+*XIrnBL$~5lkAKE6b!;3LAC`6~;bt{8uAT204Ba^bd%5lxy*sAaUE2ZqobX z>L#?S{H5g>e?)k*hQ-Mh;y-{Qn{$=oBvXfwfeIhN3l&}V7KXzo!~1gZ0(wdko?!*6 z^AbXa_v+y52|Q|{{WQm zJMz6osZ>6?eJ6fnZN1YIIrw@~m>ze!R9t-{+Eig8H0cUAKo5J-gt1I0RUgizWH(!Xp0RdF>Y zVjioqR?Gyt!#zq;`w@pihPobjsh}`pRa`No>sEmz6h-q6bc5$m>U5V*`&0mu)Q+M!oM>3HH7J- zUO2b1M`sVOk0Hwc#u0bQBm@Ew10R zAOKSmS76$}y$@@#OeUBkfs3hY-w4h4Dr-2DcriSe3J4NqInik2=hR*T0YWH!j3*)Q z61DOZly-Kus@e(k#o?$<4`RXwTk!}gfM3F8+LYnkh&w3lm>@Q*UlC|kseY09$2}p? z2jv1vTfi%aUxThna}c9gC{oHAZM}@G$w@RgF{>_1wm8rj!^jF&%VHQHOqspH{SsP` zSgpZXS)=FXEO?w-C^kUopA#50aUV;a3~(_Hwv}w2hc9UEV?O5;@U$xlV4 z`&ahi^OMf1X$M?hBUwV;;A9SY{H3==EuJ#Lu%&xTS%TWIjmGA9j3BGONpV9}Un!A6 z?%-{$f0VD-e@S&-Kcs&(>>*j=iyVQD?`ib{%MX&JLtEZ6>S5`~7O(ha7^CpQ7zS=S z6Uk-23{_t~nQUwsjP?TiWU6Z1;{s3=dl(1>>9Op{rn{<8@~g_ZHHDvSh&u}B8iC0E zNAWt?yDipAwZ`d6USGwwOWo1*$G4jBVxC@VnCgQ^H8RgFp~g)VIO*`SAoM*yMdJn^kt)zp%MNFZ1Vg zU2MKJXcy&|s2jdH10GTBa{14PQ<>)Wh(e#klOl2XZ9|jwZ#uTsem;EzV3ABTNHW7ha>9$O%P3w2W8qjU-5hb*1V`GR|k-=76 zAlHu!11M2zBwKmKK7KBK8V?inBe&+_4eUji#GD)4vhCc4aaA z%*_I>*8c!~#c#n{BXdy8tEN#!Dz&CCQC=vvlHfIt<4n?eKH5q^vH401USC->pihSG zcKS^L<0`C;304r_l>qC&JgFPRP0#|I@RM&X6a)YRZ2%xoLi03VhaO9wPE|1AZr%(~ z74!xNaczR*{^bh2jZ^nHqy|_zf{I=34oZ5d#>NhO*6JxKqJmN{xIMCEz)&v$Tj~R0`4IRRo*3CU7k0J^=9cNq=lO}tSbdzaf|jc-;|HNy zIzTnj&e7s+31t-w#r?-L#?4kWpft8V2a%bq>8L#{trTZf2(=3`lml|@qLz~oCz9C( z%MLoW0I#=&IUSvDP~;}=sPKIIi&d+oDYAP?O)YVZFevj)5Y+)=nul!&9Y%?;L?O*lBY_;l(n6?1>#s#Q;SgIdZ-0`sS*OS&c?ffxvC@%IXN)*>_R|j5e1ghVYu=kW_ zT#V4HQ><0H^LV<&T}< z7l(mh8owdd`zmz48tkT}b*sobls@grX@UEMAs;KSw=F>7bntEEgKZDXOa$21TVcAF z(^;Sw_RM7udc#h=EntmVY`c3bD%ormmetwaVHrl72f0CkYwozjCYs0~>O12^)k+nC zsL*OyBp4}JJe4gc!6syFrM@sM3v#j0^ddC}pwI=H4_KXU&4wdK%La)Bb>?z5Ua()d z!8ktq3+oq>O`%fqb%+J7cPi?g2IOV!mObjG61I9vBuAU-(e8>HU9t; zC?6WjlOHX9ptDq7?}b{bm_z2$ln`y?!n`*C(^3bXLaal|w;)~!fQ?hsBkh5%DMq&y zK%+e0+^?ga*eA7fvf`jsqxehpQ_ZOgb2F(bT@HfRh{uP^Zot-$Yf|A2>blrpxX&FZ z7x-ab1}C3U$DP17a}3+l8_8nc&tlc?sg+h!y_CeRUe?AnRspY;jecNYZyH-dTD7>5 zEHUu!Vs^+yBKWqasF0%N3YXY>_5Na}fO}m_rQL4a7Boj*+_RzNRRF<~ToMPBKr2)s zazHd8biq=o=H(oa3S7@M0w}Fw_Ng#}p;k@s!O|n< zQ1JC%DikIfHHNj-qgstY(^qUN${YED0+-cqBH;Htv4n92S#94K&_0mX1;Jx!Y!)r_ zTYrz{4h7|TXJApCcl&VJzm;-mSw{8PhQ(bKbD^l;SWV+ab(n-H(%qCbOeohOwugIc zsHIoU$Le9^rQMp1R1cp?ay2Wkhf%+*HWd6oQ%-yAA{y6yBKSoo)3+bGN5c)2TI2#% zHTk%tU7pDK3!bvqDcfX1htw7dE0qAXBb(^T2R{9#29%ZXl{a3#l7Z%fPd*~Gq_5Es zXj$0%0c0A2;3`!q_LrdiA#2;h`9^kQe@Q^BGQ6PN5NuG@QTaz1`TkHUMTD+p0Pwy% zM4JMs!FKfW#JfObaA@VjMz*3WrDsB(h-<%JZ=gE zEI}JbtW+(ph_3uD&Zfm>C%9L;N0%ksXd4RXK9GMB%YysI@L5mhIie?&6J~jW7(XqH zLu!hK> z6k)n<{7h1|9b(vgtyK7rxkJeD!FBU|Jx!e(-LI-0uhgK9Py{WvNp|(@NJX|eRg1(o z+!P30TF2X;5!bt=0)NJ){mK`P#)mCee=xz6y9BDYrMB1G?k5CQ zK}%VOn`2Ov27oB~65BkJ0&&x%zv~l9joo5(q(k?A(oxa0Z?ldsPcrJagFsc&Z7*8w z?9qbY0;?*J__{nqB_)Bet=Knt#WtlbQ$}_TCeDv9m_W2OMy)tH;N%>K@)<%P9DLUO z!s(w9{Dj)Lbo7?qieJhAV#3`@pbNOm1hbhpZysrH=27UQy3jbTL(00d2!g7=44*fn zQa~(dEpZaI5g6DBb!f)+av&nBihz3kqcpqQgu6sycBiAliY@`^hKi3dv%YA9P5hN8$J+FgA^?l%1qPhi_hDfM>%B05Nk z5{rVzZh@)oua040qL)-tDGLSRb^Jy@I#>ID5leel1cHc44rtS4xNr(pLHP=#tg$BP zn6q#>kZaViOz{0B&J%p$>l3(GL{gCJjJPb@vaktJ4(pb`0zv6$0 zpH!lmliGTIW-qsy*TkhF6!8sR9#Sa;D5zm=KZK%3Z`+dLFtxsz%kA5D7I~qwV7z#^ zxwm{@l(B1Q@r7VFZ;m3mW0BOZmBhd=Z-n_DIz>ory=g9L%D$5UVz%^;X1Y2mBip|T zu9Wy28m!p-nE=(_K!OWd=P+p2H^#=Yt3$#Kv1`&M5!c!)TSC1ct-I#3Buk?seiPi3ZG<9+a>W8f?cjMYAN}r zur=WH)@E7T?9AKGA`Qd(L=951#7kw>_H*W=RWMl$GT#AEEzBda`h&A{2b&x9E({sr zkczFe@|%&iEA-f`#VxZJ3zSWZpaR>c#MIsjSSW)QkonA+9F^AU?bhYl6@>(7(UQWc z&t(&!x8;VgE%-pJcQ}EARA$Hyt!11p{4~T5YeCWj-_q0~Wnt5?w}3>7?2(gG=e7XSory(UtM0=oyD zSTp5*=U}u?eS%u8)j|r%aD%5|bT1x}C|Dlcu&Uz<0yK6k((CM&*_8OCP5xg?jau4# zAPc6u#CV~q_j4MB@uarRE;d3bKD2-c>9XHqFaH2vaTNyv>S#JHtiQXA#qBZcQ#$_u zT$hZ1*lPO>thJ06k@1Ks)D@CXO)!Dwe-m&DVJ6bL9B-bIr;#fDD=TKkemf5|a zajy>11tx`f+Zx#517r|)gu{oiib`pIoF$6k-s?CT^>J)tR35hzU8EIIg!DCGKzC{t zf&{HBh)o<#ZvFBd1z5@sOCf5|!?N*2%<3nmA(T8Xq@jWcigmwSh63|y%$~DU+Q7CP zXwfkq>QaEE2(i-cq3n9`=rBrKTVZipbmjP34k)2ityQ@~G3K!RzzR^S4O{@yFQ$Kg z)FA4Hl&ikq%}3Q;qS3$hF>IrZ6r+@FSWxXW)p6`*wX?%AGv{lcb1?)g#tUc{YU;|zuL&k1hQv??i;1+}*6aWs~PXiF2y zs-IHA`}h1K6e#faZWmts;$R6^LYp?G!70-w{iwTDY3ntJ6}j;+c9Y_2wX^C}D(Sq) z?_M9MLX22#M?jGLPe$|VP*vBeBO0B0BfPfs!YF&?9N6mN&hxPkC(Dp_wY8%Rh^wtH z#45C2y+k2v%)%?*--z0D-x1y6zeG-U!!qU4w&_`t_R;RcBWcpUqru!_z2?NzM&F5G7rDrl+SraO?5qzf@e9B&Z;jWZt(A5G0~*t)bElOk zq-7=%W71L4%OX?vVXA?bPL*`wD?vwVCeYCf@hw~WP7zoLd}Ltxc&lp*w3Qo@j)4w> z)v@VsH^g>spLq~n52#Sdv{IS@+cnM_YopvGoM6J@CHUL z-F_l*O~AjMO07W{Q&@0oRPpn#s3a0l00I7`u~*>8YX$J~BrVU3g!zZ!<$cMX0LbH~_>aw-;&yy|L$Sl^E=FB=gFXHsw6?3c zk&cV&#y~5)W^6$NY4MXVH|rn_IuEUnG$-m3mtTC1Lf2Gs6+3zH9)f!V7w6&-flj2P z{{V0YK>8R9;QHUVECLFxDk4aZL@RZHkDI>{&|yl2S6UTi+fr5zJOc!`byi=gqrIU< ztCnLuO(SW@zb=LU0GJJ{nV?u4-LIHXT?fX%N)ZdZhi`x~Cbp*@OZI7PDyv|NGX}gI z^d0^Y(u81aXlZm_#S4w#icl>YeYZCbEgFIy!m0o*1y&_7n$}TB3n_BUxJ{OpwF}~o zwuSA*OSqIAn1y=)QL7=jLhvpY+hd{5XLQp;gMOAQC zg2`u+l8l$4%R>`?O}Nw_w_(9&f;$bVRO+ku3Rkdv3~p1GkzA#(SZmZ);oZMnQZbNi6fN~}#kH~E6Lx5=KO zfeM+SggrJCx!K4iJ|*MRxN=Z<`0|b|8ma~#?o&pCcv~)7&3M1=Mlp1>VFEJL9~i-D z!dHo5h@Ul|5|#Q5PagZ6QhT%~Ux%tEiVxO;$dbJSAg)G>lv=>bB`w-M6K zziD9sjetEtZjb5Na|N@~HEUm}z}sv1i@i(2oTSvzm=$YkhuCu<^BVz4YkNd`Z7a-WC@813 zvv-gX%>lNxyI_AXmX>EEQ?_RPFbwtG0-+{6EvSYZ?;9;8w}uk=0oIKyE5gn367sS| z5o!697gLxQJFpbti;6tX0cHDXmQxfRV)Q4sPSb&?eAi!?7RLM$9i*>K*ek!+a)zf&#TN-h|_<^WI7Iwi#UZe)4JKZ1(6sRf@B9t{kO_L}XkmEz2F?^r{ zg+VGUs$8i-;9X*L5SDS1RRtAw?6_>Lx};dKbPAFap72EJAQ~k;R%0ob|A3J*yP~ zsOIHVC28Q4l@_ZZU9UeA#(A?D%>Mu|7ejWbLKxEpT^siih8~}!8-vO<&xw{;^mz;5 zBEQ7di(sk9%S1G5P!eb?lZ^;T;GkeivjO!I#_bg5dzP_ubIe3>TZ}!<1j1!`*aS8B zUCRYmh0}k#7X4E0o&J!EL4Qc#Sa&*#i0{Ht0eQykvcdVuea4nP#KyXL5LdTtx)nSM zUtJ;E?gtOz65t{}I8Bh}oLm;B8|u?f?ZwYv#jtA?}VPZtbe9P*BKewG;V7;G_b_k7^bG z)Kb?`lAGYP%&ALGpmqxjW2_rDu05*=ZcrO~OmLc-BDMz0k z5|^DMX4lo5+D5o|6OW$jbSv(5ID2?0c5eRwhoR=A%f6 zZ2&f7sr!|RQ8Iz!d9s?Bq-^g>&xo{)DQy(}AoUwaD2M`-@O?^}Fg>GI_PBpJniQb+ zmTG&N>;T>*P1kMIp*=Olo8E#_t!uXcU;_AT^ZY>+R)tt=>+=9gr*YE0V70Kmi0~R7 z69VhT*hUO^PX>fm?EK1ZYIyUEtx(z)urv-YR}IiCvbiF*jXoRokn6zRL*=;gI2BnN zRkarIZ8B5HP*Qp~*+`y~hmRiOhk%Y#_?A$w@`$)y;jTgjC0|%Sq3y75#kf2rMu2P~ z7YI_mFk8^a!l0sR&kBes^z=t^8u8zue^PHEU?=oMsR(zqf z4>noI3;HSuS})TPHiG@Yg=PAuVJ%J6*=LRT?#}|Kc(??Eei$fPmGc*)9~UYuGisfc z1%<4}hzC7y7*SSHxWP4iILpMV9+(Z`#VsN(VV=J~W6<`V4tNFMnG^!YV_Q?=>dl`oGdS#ny z_pGm4{28PXRfcJ1f;I6Ct!UbGY@&<3j=FBu*R@mWZ{iivkS^4e(NLF}D@texMdVU? zNcg-d#(dKE9!4$LUW_3y`U@2{w0vBCA+$g|gF??DLyuE67jF^T^^(voyNQ7I>(3X~ z-T;AlNH0JZ(+!CP;5HKK&=qf!^8)FMrDt6oJW+bjOz~>dN%AM+C3LTbShHYn1RJM* z>Q_@wk%L1YOhgyfD%=7TcU2nD3GfQK_p-3}R*`5e`ScsvV|<8Tsn=}!^BO^m-T(sn zo)U5;_t|8Sr7HG29=#=YaJ6jZe8f^*Q=QqXzbno05m9iL?!3xA-*Wx~R4R(!1@`*J z4#gK+imtarB~1<>u70PM0MJIJl){w<{{SNUokR~kVLH3hc(d0zFGj@Ba>Mfgu|e?m z{d=C)DRSIw(^%=SLf%wnA5q4sH)8?Tl~roWx&X*7-=2>tR8^4f5$els838og&l1>$ z5qiLQ1pxW?FML{Jg%#CZd#PR0r0mm1UMJMB<4(hH;`J$r6VY@4-@-*bClnXXFmxoK zQvQkUJo8w2uAndH+_?prL(&$l3%&j&Iya3yrQL6=^C;qVvd62N)PV;=SO)Up+R`&E z6nd{Wbt)uEzdxCcz~>q6r|F$lE$uo-oHxKRJ@t7L2F+?8Phpy_s(*lfC7Bs-sjyXZ z*E~jcT|dD9fFALN{LG+b!2tWGX9&09$P^xzj%C8xU@s+cWp7TL?4DZx<6JL3G!pxJT>5v#1tZ3bDUqL_)^D~W|Q zeAUD;P}@#_*l2@6S%CVEU|B_T_Y&styBG=;HlC7@x@2l$DzHjfQl+<5C)gM0oVwwW zuD6DjO@0P&Yxgiss=slG3$p6E*NU4~g}iF!g|(KHmFi~lIoOk?WLF1_gNh<@!fVTwtbC=S6b$~2!Wn0goRLN zTZuReonjJ$&Zza9IO;2?Q21RS-p0x`43d>2ukLSa=Eb63iVu3(9N<#*2Z?7JLyN?7}=%>kO4UPN0rZ zRj8gs6v+x$w2eGflZ}LCPPWsy%eJK#0{#WeBMF`IuvxiY*e0l@RYa>kqf)AiI#Q*1 z{{T@)iEy?b3kSb2(nS`v&a?)pEKdvq<|-!NKh48v0KC4TqDGLWM0}M000^pbw{QcL+@675W};#hfW`D2aR2sDN+_1bLSGTAGjYz5cgwScW=Au50a)@SC}yb&sR zwrIPwZu6A|P}LgvGTJZDb0HuBkDviVlp+qSjE6z9q_)a&$;qPnP-^}mg&mZIssgow zjJ5DZ4RTOS8*~KwUlLwRONg-(q9YCS0EvlTD_|b$?lImG0WFZ1tB?wDuM0=!VLP-6 zZ9;7)>h2*EMg^8r!nfiywFA7#L{w+NM=OMOxpPeOdyfV0A;EFc#6Pz^=p)OJxmx^GbWzY&a}j9;1m3K+%KKkLp;g zXuV?g1^lsU6!~Kt*Ka7G+jek;TQABAuq%3m6-iGlg3_k7hmlGr7R!>x?_Ko~X)cQ2!mcFt0LU`Wuff~Jqpod*5SY@>y97yH8^JQ`< z)80^ymp=9YjXf0&P#0>i%Q9(nEhs-zaWq?2-G7;Yx<}hdjmQ;h{{VXd)#X698qlNj zu$EY_f$CoJ(g3Sh)L5YRS{fl*&FLFZ++a{vkI(K@ijBnykmccfA0n&ph!>4t7X=l3 zok56Nm9Ha}rLEVP9R&-^v8reZ?Y4A)3KY1&wr|O@!EiWQ*cWl1EUF4o^1rMUsN33K zq_?`ul7*M6G4y@Q2&a8V(=Xj}3kw3XSZ<03I>S0WwPj+f{R!uF*tJUEmJX?~;I$ZF z2t&Yg#9p=mMcJ+VB~Q8o&*DPp@Zly8liXdLG+{QDQ*H|z(e4OK(9e5d@Q&fi zzYCqSURl^}JYS?5Qu|kfGc86srXr;t+fpiV)xFC+$^;VNJ0EoV##d@VTA_Drwae%o z1xKEz+rn}Wgi_7-UnmSJ6!k*E_(ZB1w|$xiPKO@gFnZ+H;Y2V2et9Y^irxpBSC8{k zrNEHt>AnvfiNHUMqZLj60DDRE0e*;j9jS&DYrK{wF$hrdLjGEV$>h{MH@-G6Lz;+_ zcS_dd4T^FjbOrP)2hN!v&wam1@fB4VqLXkOT@RA3RM`fDgRuA{h1SNbznQRr-K&c$ z%kw#*FCr?)GX*oPM7xc$mh6Es5(}T{{Wd;WWmKL6oyKep(wbN9P@Ib zw!G;70OX-jnLC=dFOL~yUc>`9l?p`~bJVa@cC2c7p!^!3N{Ds7K&1{X-HK zn4k~4Ns&WvvI(S8*OdIX5+dV%4$z+@4e-w(tW^T9*)LdNs*XN$XUorwu^X=QQm5!t zsIjJ*A{c)^ekH9xF*;!o6kPU(lS^v5l*M>MjR9xJ?lhPj@MWw|vs+>p60-1-z~;PN zT&#J_U|ee;N$!M0Ah}?!A12|304t6`M|AD20%1)t8xfcHQ{y|T!nVj zedq@KfunvsO2c3nAf%qmlGiUh}dX+ z`+lMNU3s<5a(Kb0y#l;hDziavpTuwNsZI0vlsgq{n*(8Jy|YDx>(TWJ&}Tf~m?d_@ z#MJ_>{pF>zuk)SVH$!S+PK=;fzlNnS>(7q=0Dp16NPK09N;w2t`F+B)T=#ITr1b_26C+Hm z1LTe4dTPkXwa-Y{T`;ywQZ4+F+SN~FxFUnu$OH>Xl$go|wtSFmuUZQtqNqI5Al@C) zF3b;PwlI{Vt-p}Ad1(gEkFq_k@V=K(xb>o=E`tL2AOh8Nvp+C6Be>Y!!qiX4lkbO^ z;SS$+rngB>+wN2f{Av8mipo-1pHYIH7HKK&b&|=tDZF}D%pa^yF--ny8$**5kgR!) z*Wy1y0)XK|*UUN=L={v~i&~-PBBL_t?G%oA^8^qF00Nw>BPsR;pUetdzmf(hDD(J~ zwVO1{P8Q$I!>LlwwYV>Xr~8zMRXjaLXNK2nAhhcpMZUYA_uTN%+Dez}rv6Bs639}) zN7*0LLYPd^Q}M7IjNoj)7hi~iQ-s|b;#VV6 z?!|S~u>5F67Rh-BxByBAi0o2_!fdO0dn3SEgUn1sZ~PlT$p6^ms`tqMcRv*YKt7alZQa?=&({M;!}Zq(9b7mXN1^;&EV z9)H{<;25!H{{Zog0JV9$eq#+Dy$gf0Azb9CbiJ_@SAUWIkl>&>K^n)tgAT5H-`>Fi zdyn@N+g-|#>qXknZps8zl;Qq9=U^{gGt{PV{Wd67qMH-IvBy~T3NQ2Dm~l0Nf!|+kPmx%XS2C{{RqbXc}xAmbXQF2!_5! z5kN2#K>Q7De8uN-tz_NMt*YL6mt&7*62(TBN%4^dwl&4>Em_7K z!HpBqIzMy2E!w6YM$_Pyyi)5#5Ej2^F=MI$FxUkr4$+@c3;}AWm-IkNB)0VgV*s5B zKh^1t)$f+qOQlV5ZNDx<3&ff3;9i7mb)-#53ptQ*7x9s?dYddsEakB44G^EVSARsCUI2Az|S` zx5-FftI`4C8-v4ojvpMBap<#I6pUU0o?vi2!u!ZlCx9#zgWJz)k97!pafP~$yt#-y zBf)P_l2czq^EzFm03-00(AL~L2dGbi10w6-mbEY9i9<`jsa6Rz>?os|e{mIH6`1%V z#Ri-Y=Kr8MpfUnUKAZk?fhp#CK{5PSed(vCbCfYIwg1vO1@bQN5V6_#`TkK$Yp zO_lQV0ve1D+y4L~E+AI~Ux)~R$_HJGXmlx~eq~8*8HesDO9o|r-{MsCgI0xoLJBTj z5H20J32<&J2A|?B9vdt?veJN8h06t`+N8BZt-l=eX0lb_YyyOL1Cqj6aKduk9K*z2 zTI=0c>J=2V+HXHH(54mZSjnVwhxvg*s4{?RUxhCeO1us#AY?BER@+DS)Wj&}1n7=o zM{W?AL+hx9&@`_*0+7-vb2e2@=s0N_YkvhrWZgHEXUu9BFL3oRD#x1$?2WuLVSaCP zTvaXj39AnIhtM_1Rc)1!QJ(kGAk~vUXnN5;1OOEyi3A3k*m&so=?Vo`@Qs_bai%Vv zhE*wl2}*gT7$qeOPF@Ly(EXJg?wYE(R*?#>K}4tx{Gb@EZ49)|Q39y+TSab;-zB|= zivj^`IHDuSRtXZ|KhL?-t{Mq8lGwC<(qfIr8mgn`KDN6D3V{RaB_>lv8Hp>-ZGtKk zGR={UW4`fbUf21P1kd(YNP=#TIR6~XSC7xOXBBgn4C34d? zwE9#kTZJ$-fPGXg0E}s9)~KTU{3u4|uD8KBa}MfuJmS=TksTMyGAUQ2jLsjaVpCXC zNnSjnzJL$fW@D;5K3^2kh0FvU#;8{Lu*gXSV4=}NIo}Wi3#Lj~WgZg# zN9I*r@B&IRqrZbl8og1G(l}iQeZV7WWj>(p5u0$J+u(TDc%nv%f|OHDi?hO5N(;DY zaSd5Z`G*>)X-2ywTA`@*V9E-O&H<}9%<6SQTLFsU{K_K&)FqsY#o+${SS+E34*kLh z>=gY~%j|?;16CBcTk713#6ch{MgY)I;0?i}K8PDo;0TC_o&wkdmfE~u;#e}ZWl!@4 zfmx|zE=X0xCJ3B;CkuCf3U-n}K* zTE1=A;#uS23s?>1Q?v3-)FBReLp_7!qSb5ROf4S{qu2}^jk31u($jSSXGdw5OKRq- z{7Xt=ZlUI*>6TmbDTb`AYXUs4E8AXTtyQ%tpuSa>a;7D!5>ywPD*bf;fC!rw4vJSW zGcr0(+B=>Y8KQ|GRq_y#uhI7|YN6i=qd>mUviP>b%6wvP`*FYkHpPMMP^cdW_9XC{ z09tG(h4hueJ;6R^1oBPmD0HAwHVqb}tK>LNXtfF*3Mqw*0>O2=n@E6cL{0SuWe@|R zSy24bRVzbdr=>;3DnmDj=HK>}%vvaJ;HiH)#lg$hUa!m?BB2`X9!Oh`K&F7e3Ocp{ zRpKj|p^(I}7gTHGA{EzA=)FFtE1^6-A*xsv0tzTT7+h8RMv~cWrE}cL3vT+xRSgou zj1LG(jZj?auuv*n=n}Kf#CSst#sM%`^vl5SGF$<9>5V3 z28H;#oh*I{P6L^w7T~X`=M;TA1**S@51aDIvM4D^q59MGd7KJ{$``q>+-M{%uL?iJ zEkFmVSNM-R1lT_~g09_@NXl^@d_t;bRuON6U_g#I}B{_y4BSK3-`RaUBarmlk{&t ziKGQGnnc{$XzdVqI;6)yD)kC5_UtAhw2A7awZAM_h-^mKwdi)Y-b*-Ks&iFQfy%sP zq=#*^C;i6&u&He#5dZ`&N9IxmuNCLd?i#D1@=n8kJiv9V^cmV$@u$=&N*l&II@0C2bN zb~m)^01HKTU7G;q-O56QH_WN0^4wy?vwn6mygWM}%%htOuCZrw9vQEliDVv^e{jZw z^L}EWvpKN{KnKjBd=;v@D_RThW!XS;%wVIARF5vIg!;i)8=1wrd2x|~T^v8UUfE;; zV^LpVP~M(-s9d7>-hW8#e0p38hL0PtD4cngaF=(nz8B^^e{{79r~=s5Lx5$U6|+W1dVng*IR_WuB|*1q^}BB)TS!8C)) zf?Xrlsy`95aY7B0jCz#P#2|7duBryjTi|^H!SW(8%{GsHfH4#rH`LY?_W_{%iys;B zbW}<=k%Uq34vXdP{!tT5=>mz&1-#p3fB+Aaj8q@EXnYmtVecLry^JXuc)MbBQYm&J z)qQQGRY31MQj|sG-b=xxUfHfev<0rHg${fbY5;x#t-@BNx#m&seo%^^&g@`dV}S;* z)t{I{;a-!AOjca@SbW1#GXCWkX@|_I6+FInW4iXnWjUSf8=5=r5ulbl?0xkQWf^X+ zvJYsg9-^L_z4@9R*H~XY{K{j4pp<_w03dWO>3jbGFvjR{fIY@c>0R4Bzz~q9%qAoi zdcU9Vxm^Kmw%+YP>``?rmIPll@IUe!p?F(z^oK(2m(r`)A;1{>MR|hECCU<-j!ru3f*m9ppa8kr)NFdX5m~sd2uJ4{y{oRQT%7B0lO| z?Jsqw{fZh(h=C4Dcn=yxb;H`3ln1+ZXlYxZe=?~>wr$_UIsshsunFK7c?hDLI@~Z) zkIcDj63f4MK$t~cH&AS<%B#ZT71CdviSQ9^-oZ?x%TO)yxXA`nAlz^$pzC&BN&#OyiKBA*%t)AMz zY8t8xVpI#Y@k&rhX>Q(PA|iD442GpC7>es}oWn&rW?#5|XodW$J_`g28#$2VF=xT7g>`>vtjhIeE$7!SJ3IE8HI&^#`xq4;h4B|N^kF#v05XiqTLor+ z5Vk{2S{u;5R+5X0Ggl}oqU%^B7rRzVj0@dLgIlQf;|+q#tA8-nRENZW7PHoZ5R!oCfj*`<097S47c(Qih%+#T4{9%*(9F2wN`y~mZ$Z}dQjDbFO}oZE-P+rXKm( zcAatyhP;-9gn70pO^V;2C7CQ+8|nTcT^>rPSm$F+^T7n6bz5dsu_%v9m%9p-t2IFQ z0SiPSTBP`kuor>#lv|4}ZHvNKSWx-d0b>`d@BYek#LH`tHlPhQ?~s(NFgE`HKk6Vf z3tg(aj2PAJRx_%`^*0dga;#fif~osr+q=jwRicNG9$v*$-?BMsN>waSm*sa}BhA|8 zzsKSQXf@QSg#!!L)_-y)m0R+QLe=(wYr{H<=unoc%~(qEvQX6oU0Xh35S%F6IuAwa zG7g(iLfx2PQ?#~aPj||p+yiH}eNLbOin{}g*Le`XE2~O3y0Vw3tx`3WZpzpV(w88# zVmFrL4z?xr7KwikNa_nWog|B8m`3=urk`jo~csA`HtD zGNpL}#I)6$6{`OLD0(<}y-fqEKEP9LC^W@@8cr5zP#~pQr;-ziuF~C5ztmG!A+R^M z&%`NePZN=*s(hdM73~GxVFUfxMk1nlB2*xF1sFrLZRBzi3s3{xvY7flqQ5anm&d8_ zQ$=X+O0C%8xun?;d`AT?=_RBD2PtJj-9A2YJ=$x6kAMmJ_EcVAR>TH9zjfK^YvCSt zP2-l8aPkyD)hualdwLdx_+^k6t$ZU^o5AiHF1=c`1$KNHq3$-q<7qp(6Z4Hs~+6%2R^iL|{emW1P8rwq%wO*G?k~dkmlH%<= z`Q)t!kH$L@Nk_-rM!J+0F2C|1Q5R|O{;_^W-1C97YUPS_>I9o9Z$eypeq*%|3i(S4 z_47Muqi1=6LAkQa+TU}KuZgr>`SPEp$h89g&6lq#@S6on=Z!X0dwiJ_o8Wv(R_T7IiFCdCiK6&flbLHNY>2e^bczHmZj38Pm20O5 zdZV7nTfUpIY3u3;%PIDfcCV+zJ-RMh2k+lm+0>IAhqp z@+caxt{Ss|?qo!~R0`Fv1Wx>(%!d8~v89VDZ8Uo$YGW#r`fXytZAE>g4cbyULkezsP0 zLins84lLri8&b8~T2rFh6%mb;g?qks%B1Q`j62n7;DmjjaVD|>0q6Q|?@{A!xJ28a<~<{fPMv-c4Y<*}d%I^D}%uKlUZ9boNe8Y>^I!-gxsU9Cd~j^UislDi}iY z8YydB0p*5Rx)xHq1H93BN1`QOaA8n#uyqL*?pKX$Ji?wBTNVYnUm-za_o7&_!Q+tv zpgtE2&;ZRYFb{!g2F(WXtd>n|Rnt5{*RI%}CqXl+LefUzveHpX2@Y)@p@r