From a108a5736861b2eec1006f88c1bffddab8f72d55 Mon Sep 17 00:00:00 2001 From: Jerzy Szczepkowski Date: Tue, 29 Nov 2016 13:24:56 +0100 Subject: [PATCH] Added user doc for GCE HA master Added user doc for GCE HA master. --- docs/admin/ha-master-gce.md | 159 +++++++++++++++++++++++++++++++++++ docs/admin/ha-master-gce.png | Bin 0 -> 34559 bytes 2 files changed, 159 insertions(+) create mode 100644 docs/admin/ha-master-gce.md create mode 100644 docs/admin/ha-master-gce.png diff --git a/docs/admin/ha-master-gce.md b/docs/admin/ha-master-gce.md new file mode 100644 index 0000000000000..78609554731f9 --- /dev/null +++ b/docs/admin/ha-master-gce.md @@ -0,0 +1,159 @@ +--- +assignees: +- jszczepkowski + +--- + +* TOC +{:toc} + +## Introduction + +In kubernetes version 1.5, we added alpha support for replication of kubernetes masters in kube-up/down scripts for GCE. +This document describes how to use kube-up/down scripts to manage highly available (HA) masters and how HA masters are implemented for GCE case. + +## Running HA cluster on GCE + +### Starting HA-compatible cluster + +When creating a new HA cluster, two flags need to be set for kube-up script: + +* `MULTIZONE=true` - to prevent removal of master replicas kubelets from zones different than server's default zone. +Required if you want to run master replicas in different zones, which is recommended. + +* `ENABLE_ETCD_QUORUM_READS=true` - to ensure that reads from all API servers will return most up-to-date data. +If true, reads will be directed to leader etcd replica. +Setting this value to true is optional: reads will be more reliable but will also be slower. + +In addition, we may specify in which GCE zone the first master replica will be created by setting: + +* `KUBE_GCE_ZONE=zone` - zone where the first master replica will run. + +The sample command to set up the HA-compatible cluster: + +```shell +$ MULTIZONE=true KUBE_GCE_ZONE=europe-west1-b ENABLE_ETCD_QUORUM_READS=true ./cluster/kube-up.sh +``` + +Please note that execution of the commands above will create a cluster with one master, +but the cluster will allow adding a new master replicas in future. + +### Adding a new master replica + +After creation of HA-compatible cluster, we should add some master replicas to it. +Creation of a master replica is also done by kube-up script with the following flags: + +* `KUBE_REPLICATE_EXISTING_MASTER=true` - to create a replica of an existing +master. + +* `KUBE_GCE_ZONE=zone` - zone where the master replica will run. +Must be in the same region as other replicas' zones. + +* you don't need to set `MULTIZONE` or `ENABLE_ETCD_QUORUM_READS` flags as they values will be inherited from already running clusters +(we assume that the flag were set during starting HA-compatible cluster). + +The sample command: + +```shell +$ KUBE_GCE_ZONE=europe-west1-c KUBE_REPLICATE_EXISTING_MASTER=true ./cluster/kube-up.sh +``` + +### Removing master replica + +A master replica may be removed using kube-down script with the following flags: + +* `KUBE_DELETE_NODES=false` - to restrain deletion of kubelets. + +* `KUBE_GCE_ZONE=zone` - the zone from where master replica will be removed. + +* `KUBE_REPLICA_NAME=replica_name` - (optional) the name of master replica to remove. +If empty: any replica from the given zone will be removed. + +The sample command: + +```shell +$ KUBE_DELETE_NODES=false KUBE_GCE_ZONE=europe-west1-c ./cluster/kube-down.sh +``` + +### In case of replica failure + +If one of master replica in cluster is broken, we should remove it and add a +new replica in the same zone. The sample commands: + +1. Remove the broken replica: + +```shell +$ KUBE_DELETE_NODES=false KUBE_GCE_ZONE=replica_zone KUBE_REPLICA_NAME=replica_name ./cluster/kube-down.sh +``` + +2. Add a new replica in place of the old one: + +```shell +$ KUBE_GCE_ZONE=replica-zone KUBE_REPLICATE_EXISTING_MASTER=true ./cluster/kube-up.sh +``` + +### Deployment best practices + +* Try to place masters replicas in different zones. During a zone failure, all master placed inside the zone will fail. +To survive zone failure, also place nodes in multiple zones +(see [multiple-zones](http://kubernetes.io/docs/admin/multiple-zones/) for details). + +* Do not use cluster with two master replicas. Consensus on a two replica cluster requires both replicas running when changing persistent state. +So, both replicas are needed and a failure of any replica turns cluster into majority failure state. +Such two replica setup is worse in terms of HA than a single replica setup. + +* During addition of a master replica, cluster state (etcd) is copied to a new instance. +If the cluster is large, it may take a long time to duplicate its state. +This operation may be speed up by migrating etcd data directory, as described [here](https://coreos.com/etcd/docs/latest/admin_guide.html#member-migration) here +(we are considering adding support for etcd data dir migration in future). + +## Implementation notes + +![](ha-master-gce.png) + +### Overview + +Each of master replicas will run the following components in the following mode: + +* etcd instance: all instances will be clustered together using consensus; + +* API server: each server will talk to local etcd - all API servers in the cluster will be available; + +* controllers, scheduler, and cluster auto-scaler: will use lease mechanism - only one instance of each of them will be active in the cluster; + +* add-on manager: each manager will work independently trying to keep add-ons in sync. + +In addition, there will be a load balancer in front of API servers that will route external and internal traffic to them. + +### Load balancing + +When starting the second master replica, a load balancer containing the two replicas will be created +and the IP address of the first replica will be promoted to IP address of load balancer. +Similarly, after removal of the penultimate master replica, the load balancer will be removed and its IP address will be assigned to the last remaining replica. +Please note that creation and removal of load balancer are complex operations and it may take some time (~20 minutes) for them to propagate. + +### Master service & kubelets + +Instead of trying to keep up-to-date list of kubernetes apiserver in kubernetes service, we will direct all traffic to the external IP: + +* in one master cluster the IP points to the single master, + +* in multi-master cluster the IP points to the load balancer in-front of the masters. + +Similarly, the external IP will be used by kubelets to communicate with master. + +### Master certificates + +Master TLS certificates will be generated for the external public IP and local IP of each replica. +There will be no certs for ephemeral public IP of replicas. +So, accessing them using ephemeral public IP will be possible only when skipping TLS verification. + +### Clustering etcd + +To allow etcd clustering, ports needed to communicate between etcd instances will be opened (for inside cluster communication). +To make such deployment secure, communication between etcd instances is authorized using SSL. + +## Future reading + +[Automated HA master deployment - design doc](https://github.com/kubernetes/kubernetes/blob/master/docs/design/ha_master.md) + diff --git a/docs/admin/ha-master-gce.png b/docs/admin/ha-master-gce.png new file mode 100644 index 0000000000000000000000000000000000000000..a05e04a18777285f8a7d829d2f5c2d9a146ae304 GIT binary patch literal 34559 zcmeFZcT`hb*Dt(76%;|`SU^BUMMOZQN#}@)3W((>C=l=@PU&6APxR2NmwQWeq8SBL;wI9IC9|kKf-&*si+5Ox9*sNNr`>u4e`AM(rQcR(DQn9q_73CYoqcM(`k_vmC9vh00o0nZ)e4oO5W_mkh zWFUmyw_)X%XXZt7Hxxft&s7tPA{YkrnQBJrD<(L>|NZyBCGh_@2{@7PUs>-}n*BmiKyXk4B7!9^1zL0IcachPDvGa=pgQd4I- zEG(?W$PzY&oE}8!D=Rt(;8*kA^%Mbszz=@zDld{k0~Hd!lj&;AnvoJqFE#x*cGz8@ zS(^yIKj6Vc!FCw+XD!{n+We^P6;h~=@8O9ty$M$`mijH|Vb`Nfbw$jU$qT;o@&Kf{ zR>abU&UF();7=K}{sNiZw}qI{nQaZHB#B+;lmNg}5AoV{Twr{Jb-Y;h6EfFzOnWXE z5oPYvs5=}=e!y`n3%vJ+qGf0tXTls7RknnW%hrB8@5e|cXCxJ8962~x-M)-=x?&q3 zHBYbOd8iQN=2xz;fV=jPSXSzQD5YbuXwkE&A{c5HWeBdYE_lXeZf@2_`%SB{!Ur?M zZ!X%s(=`oEUPR3MT%C{3>gGnI%+d+VVTMI?KpC5tOvY#W&n!%LQ*}1ZT?>Aoy`H_1 zxv0&1b^w<~qwsf$UwdW>f27kZ$Uq4#3iwUbgdxO*;`pFWxjuSzbk!gDyHu!r-fL0p z_Z!$yKghfr46E8WsF;v3_f%pc=#)i;LR%SicJpSZW0zji+|==K1%@slReV}dq!T-O zf)O|hh$v=4_)FKZgY(64;IQ3CEso!N&P!=1)CkWn&9j*M3WaoQd@89V7uS{XEv{C6 zq2ySQ_Zn6~enY`S?_+;c48;KuaGrO}7I^X4 z2EP*~z9;7+4I*DwPQ3d~o^ZQ1J9CQw;d89T<%4(1T;gDhnywSvp8kzSA7=zPnK*Q( z14{iU*A`K`$F>2*J52NFt95;`Wfpk$BgcpgTS&$e8CV(j%RfaI&-x$az6^-!}2;& z2{o~@QM<%j_(U#&c=i4o3wHAHjmMImy?rVpTQO&s6U@k+ZI$`HPbZ)QNvE!ksM0O5 z4T@ngfMh>PrzFd8-Y5(rtW4nRGg1d|wpbNEU>+R@#;7E_lQvy)>2r?0J94@k)yRvM z2PSksw!7!;0_HFoiVEXJH1~-`?S?dl$Hs8}<72=ww5Z^K+E`d+9E2dMcqHmdd9)&6 zuw(-lG@)W&({uOI8jkKEYs6fMILj^!^nLg`QZw?o1**{Bi??$*p`s00qwGq)Y9CT> zfq#Dm{|7h9r-v&%$xqWRLS0ZG?_Ux?KZ=~dX?^OY(jIE1PH+qHUrt7adOWk8>@5|U z87^d5seq;f-B9qnzNJQc;+PRJO-GtqNHZ&2iw>P$Fp#9U`EFT^avY56RE|aPFCYTT zmjU4Ff8(=-8(IZn8j5I9i?0A9@JV9#TvS~U*-~%KYyzEzzi;8#TD-1%QSHG%{aci4 zM*ar3hRdmweMSI51fWHZy&|K7f!C$}zv(jjr%UE!3)N#qn_m>zZQfLb#4l)oyH%B)u-}(Kj~aGcyIy;Kj9An=i zscH8eGvzibgi_7zt#> zv@%dbLG3bu3CW6ppI0iVysi^Yw(5!WFZ{s5+1`X`_@Kc8RkfG23*uRKd0SjTLuva| z>o-iY{-I%D5!{m>U>P*CQiA=Vz$+ zGH}*Xv_N-tVcV?~I-er)Ja8-z{c$a((1$(+U&}Rki?_fC%B4@$;ziTt)>oscZucW= z%?lu@0d_32@2fhj8@P*|gN>$LbJ~s7BNi96gXxQ0k?$-v0x#nG&ESNSq1MKWqXYUo zLF)u}J%oue0_xcBP_?_8YbG?=ynKa7P^(597qG2t_efpg8B|g9cnn#W5B(sUm+?V% zhSx4U_DNI3%&3lfr`b!V@^O`TXSwok*(`P-*EK?-!D%dddXZm9VwB=I9dxn&G2{&9*b-rng{p`ei8OW@K0LWTJIQ|P zsl--=LWlnJ>pMOkqTJsi?Epo!SPQk5EA$y6Pd$H0_{{VxdZv87{I$dH&ocb#4Gua{ z&jbLZfUcPHy30_kYjkM1#X$$%$X=PS0Hu+tQ~t+NX0gU^LkhL|!9w5u9Hm0WGiFJ< zaC%V#EBtheLz`l!yDaN24GeG~?v*9AS%o+tsH*gw*TNaH3N1B75;@ok`Ibvv}lI(s4cEW5LH1)OXapa}yWi*FpDC zmAL4^*%)kv(1Z5OJv}=DGz)o*B$f}Q+W4#%+sU%WXq`>3K>>7Z5v#v|5H&2Z9; zaAYINEcxb=GfbI{^N>e#Rh!P;DObSlpwCv^a=2HctRzrZ=5Vx+_mVlcH(uZ&0(+IJ z#x+0s;vePlUejNYUhF*Bx~qQ6n8|Y|Ytb$5xL0jW!bMx*$&D2ZLtj+2v9=9`W};(+ z_G4!VO>^!zyh|KV_igqu7gU$Ex3vyxTf9=pYvS^-fiI+_5rTYMfjE+grtmF8sL%`+ z=gphgv4TjuW5UXENkS@$a^DzFEY~`Bom)}qp>E&uC}YMg`q(^KF=cvjc1M1_V;NMm z{BHOWet~d8K>>2?xY2BHcpz^4HSZFt!Fh4-bA{ot>OZ>l{bINn{2E&xbB;R^(RdW% zNn*<86jXXg^q?ZkMJBllimz^kF9dIAc0MYLQk)Lo4_ykbftl9Pg7;Z#r8z0I=&zl| ziHiy!%^WgygHCQDy$|diVhdz~bT{4}xp^e3*e@oa^Tiufb4ROrER|al*CSn%r}xvg^V{v0)#sR7#z*KiB^ zOVWAua`=&`D0!TrF>`PsY@Y(z@GXU=2@1sWp>k+Bg#1SLkl%?ek#SfrV(xZyfj7!_ z=2hqQ!nGGVR0tebnlNIwZ}4d3sSH2o+l)>>v!<;)IlW;2g-`pWk!chM;5DRKG*7qS zd2q=x>jZwQoWOWROlttyU?!nX1K5skET%{LK7!&|{HrYH8h$zFP~BeqOaOI{GH}r& z)HSLLA)BXBG;)k?3&kZ0I1x&u;{}|j2@(XA)|U1VbFAK)U7u>5Pt_0CttQlbmt6{b z`fnhqwC$nL>=llmE6cTK7cD(6pLqIh+pRy%d#+NJrF8h7P8sNu?~J9nv4y)I&l1k&Lflk)ObdmT&7pTqcQEjY`16) zP-qF{pHf}nX#S`;H!3Qc=$i3B>r6(z$MqG`XwLnnOw)U1*sv7lDuA>*;8M-COu$jNGt?Ixbh4IrX<4r-%FFR*Z-j^;~AMQzj@NTp>y_ z85T|;DRNY`&&*Wx7F1f2@)N<`0_Gz%$R=<<_%L-rQCcxxV-pF1 z?UTAGk^`LA0mqW9i&rv>ii)sTDXOuZ>A|d6-53eNnE6zr&~Gqr;YDW54RB=__szT% zbeTh(_0xy6^RRMtH~1dO5^xIYIgD0t)I{ ze{HcwW#`K~t>vv(hE?asbq;=O+qx)#y$n$}^>l=T(C9U7x`+(~nL`6;g%_vsHN_U%{9_N}-Kh@+lMSBCL6k0x$!!$mSG~mV6VZ zwc3X|mMyo@uZYoWZZ1s58}yt(dQ=+qwK*Q>RmUI#NG-fX78ufSE2!S-O94%VaO2=9 z`K(2j*Hek@3jNAA1c%PX?0vgt2<{!2$E6JNtv`A=kC^&K)V__kx7%PvUTXo$EWH9B zcIOb)qcu-GM7M1bdqix&=5ZC2FPx?}yvoX#HhH&vPs7d2RHJ}8pV*X(>=(*ns{wi4HcYy=@O$;k;H zmLbO&bIMvwSf$WEC~WWRMycj!9XV;^>0)#+4}LAQn<;3Xs%dYz{hz4Z|9wWf3=nMI z`ahE?|DR3^WbyxFt__Zm^nRiw%-C9EC;rZ9*%Zdgh}ICyWc4j;DKdW$)ox{l9M=>H z`5JOWL~F>5pzjR#_YCm=KtC(;%rdJ{g8@@wz%xcN5R|ph{=MYbgV4x)!4}PCN%K$0 z$b3vgO$8#d)?Shhta%JW|IPSa+eGcZUuL`TkPDx)vL$~j&aJwf@8xCL&J@W0k}I(H zS7qW#jy){5>rhK6n4`DoN&cJ~z(1>k=dZKhv}`FaA+!6hB*LYY0(N10u6%dfg%vyq z2J%aeVt2-cR=lj6%r9>vL_SePxef09C4=F*#^eF#<#r3>S&i;im(X7x^4r#tr$)Zn za7Yn={G8Z;1&nWGzTIvyq6`~Yfj@u!FQCI%lQeb z=ZF@8^Juu!gV698bnsPa?(&}ob?p#wFTeNFEKA(v1T6dME52gV4D?341mQsh-KgHU zBH?Oe!wM#=`ZEwT=R)z>mt*No?UF%LnyQ;i<5<|4XCDeT6b^DvN7fg+{*tl@+5_ol zQNO9d#`IZVN+vdhvp8PZw)}N!Ouf`oK|XTRt%;$>VnZoAB?+p@USO8oPWFAJ)Fr35 z&>YirOzlTgQAL3gKr^5L`9MHXRI{xgXqE`i$2ah+=(mLtrj za#L3cTn+t(V^A_MnHwm8J$Ui2iK{yzUGHrKwg^qKQm`CF(PjqNb9G80& zrZ9_CO+fh-RiBXiaBkv~MCn-xf~?j!gGS@h+FW7I2!6FTr2osbizroNB5j7{c)Xi~ z94&`@Zw(HBjs=9+$?>2&t*xC&6gq{b+Q^+4lSbRgKD^STjOK;uGt-V7z?_Ic^er@j{wQvM=Any*U{h6s;Q>M6R%yz5}a*`<}$55C{v8uHh)XQ;$xPTwpd{D zT7erd!pWLb`kK&&JN+R(fRZJp^-lsKt7}&w?TqHsU4n~w>*jbMBSqV zq^B3N>kVYkueMvvom}%|+XIUpUFs&y%pprh;zwUdzod6sM>d&SpS^C#(r*R8PT34t z948?%-R3q^b%8&C)!KlO*oA?yNu2h~w<~(50???s_#+3KjE1XkdQt3M5Z22QywR_}l4*8pXw(KyChUDaIagqam zLxXABzqMu66uzld?#e3Tz3a@S_F1&wj36hZqvBRd-OxH3&WTy=>3&M0xC|Q*sDov; zCZxk;k3I^0~*HO4|Cv&8F8RVc3g_%eO-Ow;`$j&Z>#~eJq^x-^cR*2 zPB~URn~BD`CU;CGo|ZwoS6-DJ(6WCHcbAi*q+gS*&8`*(>M+7wO%ul>@W62hm?!N7 zMo@ock!!c4WuvPX(PI4^W^_>79e1yOWZ8K$z+LX`LwFPHH{sXSxHN6ZIr2?^Clh9x zj^)I~G|9;Wa)MsfkPAH4b$R=RLh6;W#J5qz07-MN&8UqBm znl^Ah?dY)+wGvF84*JLO4$CQ+L!L`KIt&q0!@n}%TEK_MC;g+e!1;?CF-*ytf>|5; zqPMJ5q}n%9-sV2tBZa5)%|ASxUZm=b57zufI{Q5mom}%00rB*x=CQ&sNOg?2G6D7)YjjrtNLvU?+Zf_?1QWDT>#~Tjp zIWWi)56?gm`(XAnyNO4k; z)tc;6+g_TN-1F4GMw?nKZv~a8t8Fx1qdxJS#cU%OKTJShsr^sSVs3avo!?)DQAcd} zlrm5Us-*1|gJzTZs5$ukdX#gMW(zliy%x5j^sLqMT9bFYh2xdsk_idnb(OTj>F!6X zSJF#9fm!r$Ie9`zTv(RJ{MW$Q9F6aXw4(jO(=e!rsfEpgF{i6pTC~pCW7c(iBmKJ2 zsRe%CzD*!k1o4L$Rf<4!s-D4PlP6sdX22|kwtcpQI$2jwt2=bO1Ur+63+BncfV3Y^e*tNpPh*r zukeesC+;iD8a@KA{YpVyo?4Kk=K))#L1hQ?=1WUhz-|Iv`6i%`e<7Utaixd5Hqd7| zXjR(E)h4o%&#TtfeyM+~e-Lmnbt9SflSdkVLvQGP42wo_Z`Xc}Km|@IcHc%the~^P zmDBN6ty8ijD3Bi6@aON`_j^bi|Lr4j4Gx+Ms#(8=L3}nJ$#J==F zKNzNR9SE}37(DkmXfU2Sof2D@i4Z1F4-jLI^lm2dYCfu_T$re5)?}x=NYxhMEAlbq zKCe8BeCdl+d>YyscHiU(;ah+3^(BPX&w zJj~MT!WfnMEG2_M8yklEuM5#aT+Vsq`9FuI)+!5%z>|yEQ7b2ry8(VY0l_s7tG_5}m$Z zZ#`CtDNiy*ipJy#bym_RaE^uXzZ1^^xP_XJWGqW-9V6?@B8WPyNUhp4pES;y#VF^W z)xY&8sfpS9-k%89TU&;3BprF2M84=@OWstJ%eXQ*_A!(`?PcE((goLF`y^mhQs{KJ zJiaF5EKYa(lI0A7<))>L{~(e=D*=IZilemE@6}Y6l|Xl7QXX!1Ge7gbIxo3@vh|wR zrTP+PqgNbH@0k^tNV; zPK!95KY$TRV}1tAoavRZn2`O==QYqAxn}`&Iws=f`X>G!gw?IK%MA1p2&aa;3pL&i z+qL$O4T(=O%Ho72B$(eRLXM~Za>8OkSZ$zu?RZ|=;CAVYBtc8cI+U;7aHN)TG+AlO%RBRSU?6FZ62K8vvDQZaT-cqgZQF~&e-l|=>W zD7#+LaR)r7cCxk62Mda?$fNnK-}Y$GR=YrPx;DfI0WrtuM366oD1y42>a z5bCLH%wVYGHF|cP+_FMXh|B#lWgFX%$H=<+FD^clLKaASK82k&=+mT^R($l--R}qK zUYils1&a&e$IF*R#;3k8fd@44_1xKo@bb14Z)=+Qw2yVv3-WNkF~6kE7MPyj`(PV6J1Rd- zHb+ebHTtm;k#_IoI0d>#^Q8(ZG{|eueC>@R4MkRzikog zwioOYas&5E?4eepceIZ(=<>?*sFeg)DYR=A&}^~uY?0dH?%eP^X?pfffEjk`fkKPI zDMoN^yn(1Ub{#FMkS15yI=Ht06g`Ai`3Czvyg_a<;tvD`=AYKzX7dqNYa*_%Ucw>3R_YLU2bzVsNbrJ$(At1MD-qc<&idci`Z z05^AXQ2DIA1Kj+Xwjs(W5>u;u2M5`{B-6j_T#Vy(0I5U}PRg~mf;}s|G}cgWe&)EKaF{O2){qAMV zc5`DdpgY)hVYdfm!`c-w|>nn}KFE{|PnbC}D~mq5>w;FwAO?`2-JZ zk=FVk;v8%=ZWh3xgHha zmQ^EowHCT!#_vSLguF#1l+z@`&38x%^Z4R`t_GWye$KY>6_tQr_d^OTVFM<)UV^k1 zY}^5NP%QUB6nG;D<+VX(xMYb-J_``<&=UIF!WOXpjVn6&B+sjre4?mlW0lhxA`u24sL+1zY!vew?2Ax>{;KP?af3 zkn~D>@~axS8dbyhPh=O{u7Ltok0lAWKh+RjrGJ@A3l{iWmnTPE$l-av8p7S1C?`MA z37Z51;S~n_b@GJYIJnBNEYwv$lf_n4cdRfA-_d1#>_AASTG9BSA|WntmYXql$cMgE zw*4=#47Rvzdj@6Q0exnWrYu?$wgzk>3?0i1obA0q9i>1mh3*TJE)5N4mWdztIyL16 z&fe39XE6iE4@ES5?EeDaA&!@2lVbEapK%Lx#HWix@;j0z#YS2zx112UhWiG!Td1}$ zT+*t&dY7vgVh}}%T?s7^dv4-;P=`PjS_?isqys9F>vJHIX{{lOcFUVD^Dpq`i7NMP z9GbLTau~ao;?I5XCDse_QfNZzIy7An_X)3|aZ1Uhf)+f8rH;0c!2q5?mtGEz$|wFg z0M>tS5|B;18PcAW0apT7-1pAYF)WAkMEZN>mvHU|7Jfp)LWOOzJs&>HPJ85n}Au!Es5ihOC>*q@A5;2%SG`;Hb6K? zP${2!s~=J#F6Bp%&zqBDIpGU)Crg`(u1N%ao1QicWU6^#k9_^}gcx7^vjQ#PCNMc2 zZ8H}e>YsmuS=F+}OAUIP)dy`AaP6;7n13>R`;HzV-Jh@%AU+5kbb)y^1gOu(mLCLL z$Cg$D&Z5jk+=nMYXc9pRHdD^50OkU(&p{#K+46)n-V{&*62~Qz!0lTSPMqlMkGmZw zAuUSeG%)E@neg17@|4A>wp_Og2-N3QDMR|-4rXiv`c5I`TZ3aOwE>f}kR%ww$^8H% zJUGA1K=}zn8NK#LDE*;Lf6u{w27(RAk00ioh*`vCBCJ9SEd{Z(f-UTDIon<|;-bllXvhX-ySJlHk`=!B+1kE%&nQG8e`fQ(E!F zxKKxgFma?eRgZ$LklRY}TZ8R(-?wgHxi{7>c@Q7CT(~j-Cou^MZ=Z^VbWFrp481Z|4sZ%skCmbE@Cjgo%;p9C4oM_ai-F=*Dv>TpXB z_1dib_~NmW>FyhjZ56L>BIMo%8^kdikk4;k(l@qbLU+b(ld8?l52?764FsWjqPZbX zJ$4H1>0nYvJ#`w&v2Domrob^|>gnq^49Mh8_po0}-RfzWnC?ZUsp~L8BjlWj90}Z- zme9sM8s95M6b>3YL*`3LDq_n~`C5%cm>vZYa+Wdg!rm2!#pT0ul*7mgWPG;r6ZTH& zp@~4>_oHCWo@PcW^Aa38>yskU_F~D-#fAv(_bzd|3evwAX)~8tJa(Kt6_8Et{eBG^ zCY!>!tOU1Za}=L86zN+E4pDExdDt=w+)0p$nSK&r8#MHb@MBvf2v~2dERxxGMxxm- zf>}|MSF`G(cLThFAe=-1(e>_qyXB`b! znpQ4@Hn*<|e{(b1{FPL;fMt1Fonl!m%)&BCiSg05j88!3-#njk5uM&vbW_ zWDzP?If1RmjP&x(E$A9^Q!VcNDE13l|i{)=-da0J%fQ<^X>f<3*vs*WQ z%l-{)3aPWiy|>c4xNMS2ZRdm4Ts#l?j&>ZF{}VC(0ex()unS3Lxj@3J@fwJX zLX0=xe6Jt!f#3Rc^QOw3fbM@1HBol97uwc!l2KI~b`)@lP=a~xdPdD8JCI8iL{S+s~knC8HV3BKTV=I-y=ktM~3AKvL8kG zAXo<3&-;2JZ}1Z@T0O%wMz6d&A>s2MLP?Oj^>evV^_`nt1lt_h<$aqj*p<;9t{&8XJ?A=d=?M=m28Exa&0*6fj9h0X(ag^Xx%M{ojCW|aOG6`=WSj}-- z{rI5o7JQQ5Pjawi z^&PjM=BZohGB6kk;q~}GtGpS?rV^tbB#V6KkwK+SMn>1#!?5nBptX5YG3Mm(2N8`{ zXJ!_$!>JWT#k9gwR@5m{PmlXP`9Kr*0ZxWW;`P1H*b zIv~(kLQG4JI!+`88d6|zZF19#utp;`6Q?*yGuQY>MN<|3@IK zKcI+xh#pq-C!w@FF+k*GvKT?{iiL*ffv#d9s(1-T{)47Mpny8+xvJomc>`Wk>o@7d zg0ebpD0P%0t2Y6+198W{L8+7%zyo0yv-WGD;GRtrU!NkP2hOg6olE5n&({A7h!pyO z0SWfo_4Mh4Sw;HSSe)SX{&#!r>Mez~Cdd|1PwYxz z%9Vl2N>%FoSm5k5tcb{t1@reH=vczB%SDv^!b((r76^a|u^Rz(Rlkf%d3nP3#Si+r z!Yh4K_X>sQwYX_wl+25IJ_K%g<4>avTUn ze&n#kV+Ao-9b1e`aiAzMN79 zL=MBFoCKQt4`9wN2u}UVldE2W4+TKQIY#j-#TDUyOK~jC;pek3|IU&B8sQ*w(x#wYzbI>pWC?dBbwe+Azv2R0RuPto}!CU$HDG2&2$h|e&Y#kJ43 z_!+eyUZPlFH5c4&$aCP4c&hpTh(r=(&UMmghPwL-(lq-VNmYJ$y89^4a;BC#I%Iy) zRo@n+?+xr@8r?Z&xpim@q`%G(EgFFdFJ_*9h9Z~Jj%OLh6}+W)ymE>Ye$yBJnZwyT z%Q|U{_QA@0^$-qwTps;f1WP8N4Oj?mOlqdOsFx^}x-n}POsq8!lv@ybK@sZ^MMV0B z1h0@c<;MiWcwYi%^Q^zdhSmK!#o(u8@G^Us!&ryN?p$?@xGDHg*al(E@ zVLu;9D8&rIkyjrMeGr=&pdlO?m}t)KPcqj@Xs-j#wIk`R64}5OcgXF|g(_ zSQ*=2=_F|UvkgvoGdw=qmml)gwgvR{BNUq9)hvaIN@mAT9pFdJ^{x=#927P zC_AR^lr=LyHMm@XYM9uusld|i@(mM8Gk5O*-+*XQHaV{$9MDLo!?^L}oZk^cpC5nC z5cFikuGFxK#7$9+9hlMh$y@plgtJbftCMTfeMSRYfgL`^tx`zGkknok2s(CD-JnI61wWVJg_V2=el%Ji7q zUi*>lUt=29Gb zr=~3EGHBC@)c8mD!P09jBo(UX+nN29VwDb6_pKs9cYilH?-;q<>)_ccdlAP4Tsx;ys{wa2u(SM=s16eegW6Mp5bi;yRwcMZ6qus2agH=7>O z@-gZt0cUTsF;Vb7PLEZozgi|+ykb_ z+0hR%R6DEb$G4yw;*r0^Ypp{zcFO#z@=CyIpD&1QTjAS;{65w0p+<71vUG$HOyf8 zaJ<;1gAw7cFkE*44mnnpfM5rg#i}5^yC>}NxL~EqUZ9vp&@}1!Tw~j)G}N>K$azJ7 z>6Ob<0-gXtLKQ;!6$~O{Z%<^vtatahm}>={O6~!YRmVItj*OH|JlZS84mL)2ba=Oy zbVgkQ;+H~@xatE2T4Mx|biR_68nvM{MKyegQ~mWIYKK2+Scl7zQcxeVG)x`p6g1$62m2=nNn2eYx%ecGW%LkraA{473)Pg|)s};nO6= z4Y*ONCQs6kz#!i2%@yP;^qW<7wyEhbFD$Z@-ewN?hQ99GrO@xtZVevvOW(KQvdPte z_T{f>%WNc*{#7c)cO?n4Z<~F*c7Ar3ns%aj_{^VFV06uI4eoG8CiYe zaA!uyWW6=MDz@)@6?l|jqM1^Nq1_Wic_#%2y0sU=`PZ^dS87S4nkeo$c0I%V6!$iZGna54$vVLMntSS1D{;yQJp6$Yf*v~T_qg;~nKzV9 zU_02d_M?6UIspG~z;1}!^{UzH_DPr&zpefeRKG-etjT~g=}V0quM|om?jD#;_k&54 zo&?r=tDZH%&g|W~53YKwsNP?n_qpZBWyLyvsyX{2>a2dq+KX5rZf|6@4xHr}_u*zr zk58Ik5ZK`MXg8$^$;Jgt^#wb8M@ocq%|bWNBd$XZ7K7f#fD4 zD|$_57ea~>D%eP)w*sknnV_eKypf2PSDX_L z`QV+K+mOEC!Io)f@YGRkf8VuIDwNdZzL&z84ymOZ{=u|3$HJA09Qr-T_Ur_QkqjBO z_>@Z}xBSGz0vSMs@WWw%wRjNETr*t;P!=XYuUlf*w~N^YMXt+hW|%Z_R};3q&I_4# zG{@acX4S=%?QD4D^<|G-$zfohNTELr_iDuz`?yDENqN{m^v*mZUQT3XLy}`Ir^R2+ z9`s{yl24n))EPItTxBOlbYeIu4imn>;R6zcf?i2dX1PWjRKzFS z#UN|bDls6tyJR=wVwa+X4FKK;`X>-K{_U`r7zc#|L58% z7%qOT6N1B9YLJ%xs(7xJfW_P; z6Enf&V&IIUb$cw07h-QM8gtrpbjLwZq55NA;uliz8w6b*g07mtnfMI;(5St~V*5gd zHLr)LcR1_8---;*SqXryQp4g^SrjS=Im?9a?DrEEXK2oPe-HK|Ud!oWI&v)ct22JF zE0j7BL7Pdxbtp)%a07(A*9{y0*8ioY_W$-3%*L!ZA_aPiKY+k;nMpC|z4htMzqqC) zvAS`A$!2y~)+xmT3;($fFkPW}ld)Do?MWb<>mGkw)+Yra{8N(PuSrQBwm4Ix7nK&- zaEswyMBP;swNU9pC%*LiN{7+t38W@2iCI?K&f6h=;Y*px?;Wq~PzxAT^|#`3SoBQF za#3q(%MoT_Cm>|vh0MG4gQYDNs1k+#f5sMk^x%J#{xQ0MREaa1iQevhUl=_jEPM;C zsDx%DB+%^s3NRp?Sh9bNCBW}2x|-#OE6PJ%JyaWZH4Dz4y_HE}DqhWEq5Q6-1<)(z zLsTzqvpCw#9mrrG!iRa8^iJLT7&?;-wvT2%-x)IPt$_%fgI~>J7M?>|h(z74HDF27 zBhrfUB}DE6Et1-9oF(qgoNX^EvH~ooD?XA(HkL+LJR9_rEM3QTH^b!NBCcTl@Th5{ z<|~YOI>*4CkvJ1ganiFAaWl@DaZ@R^u-eI_z(`Izr+}OzvKmT?W@LnB!D%&bGg2E0 zim$& znz;QrNYfY{r(tb{9C_xmRweH18YhcAi|^Orf_~4M8PpKXk7C(T?DuA32KJs9a6>Ql zm7y_yI-%$RG<@LJR~~H+cMBAR6Kb)8p?djQ{7&BI5RhKT9>R-wc$9F8FLDyiI@z&N zBHp@mV%W5s%FT?$&R4B4gT))x^EbYVVe@GdG=3@;wyVw<5&r;zPDTohNQ+J(GQLvn-Gr~zl zQP5d0YfwgF<`^c7YL0ldl%o*q%TlhO|DFt5?#Aj(-d4ET#wMa%{Pd!fxe?!feFC8K zJ4q|rcdDA7+Tgb=2{lt=Nv~cHYJ zDC#Vp7FOde1+3G6PY;>+j8_ZXzo^8%ms54aQSnr^T__6ZdP0d%xG2hCFR<%KV z-;F*QXZ7QJ)QgeSu|3{t8^PnP3T$N5*uwB4NibyD6grjxhn`YpoqZKWY;P;DbPvXf z34djf(3imIB{3g|Qv95)b*j}lWhdzkVf2LuorBFrEmOmSA3+`rA0Pq%<807D5J5Z0 zrT5ajjFgYE3;5Op&J`HXH&Fo!UskWLfOx*o4U3SQEG@X{*%1S1RW*6R7D|SBM}iU> zc-WDL*2U{D4!ih(WMS8cQA4!XLPaSnOoP)`$~qfk?xS%Qub??2Dx977yFE(^DxA={ zMrq?Xx;$&3^q1&Z3VYKrrZ_iBsxw7%4+M&L_LTVSuW6||6LP(gpGvrL=}s6ntjEqu zYoXfu={~kI$+75*G0@ETv=J>&i0uQ8Y3e8xRm>d-P|lv)FUiBn9fg)K}H|D5pn6xpa0BWkL?^W0ltYCYg!Bfp+S`ESJ4>b`j05? z{~Xx8*@a|ZR3i+LBVYdfbd$E_mzavj=Sz&j-$440PsZE4QTPU)G5Wr_8&{#A$)gk$ zT1;iGSefA(z$QRH@ok9p+t*@)W9w$@~8Yw~%x z?aZZZpIe%+ZC>v^81DIFsY);D#-3lFvuHm=7y5o%l09{d|qs&3OMGB4{zafK@ct#IRlN4me z_Zq@4${D>Juk#{^yiDhzoWt4*Q?}<$>o-=q%nm=P-kl%Z_iLMd($W{0n-Fcqx^B9}`J-E!mmd&S8nSt)kZz(z~? zRzViYwcv-gZ%p5|c4Q46UiaaP*zHyc)r8=K=C_ss2y=U?IXJ1BFhIrS?@!jjF*ghCSBm9h^x8= zUt|T^D}nruaC+87hs{Wbdwf4o)|tBh)9=ydB6 zi2ah%HgU3tTCsW{A;oL{J5^ooDjxWtG~e{tz@xlJOKCrS2MbJZ zzpT6hQoYk36j+&k$>qQ!1MfgwBKH1OXKE%ndUlF4N|yo9pq7*QVtO~V7%?AWi(a-T z5FfSgDoUZxl~!G;yvexp*rhaRbDR@9%-%jaFZ@TaEbg7>8HoNfrRi87P3r{fkol}f z?W^*b`|Flw1hoHV(F`4(RgTfEX}x2)IeW2VqQ~+H1GpV#gVzv|P@V)}oNHOq);4`V zpkuE=({guDBf`D!qFr{X5PY`N5q8MaHxO@;>hzAR>+Xx(KINofcIx#xIk&aXx(15o zKiO^NQl5z@e`tD{v~a7XeLQc)Y*oEl8oI1q7yv5&fdh&DE7rHH^*I6n!ntot2n(-M zhPN!NPe$g2tqU>$Iv&zU^N*q%1P_<17c$wyx5k2T_4Fd*rqIAGJ3>K6*AK+&A1hJtv9RwDf4Dnh9$-NKo0l2a8gEo|QNUmV71* zV84MkvP88nAFEicsVwHYw-8JTo?cMKaKfSB89lA9djn9i+;J4usQQL9BW-;_Ob@LQ zqW;9^h4>}sQp&#T722?#JTet84>=vo(?gMp*`99$gE@Wc_N>@+`m)HWbWa$YmsRew z=a1I3clHst<6&^+%c%>cKEVpA`^|@J=nua=wn%Eb7E)C|ON_gLw1(`jR;u3j7NkOt zF&S^b#wrF$1>sju6gQpgZgZqeM6g#u54O1v^fSnX`Y8*SP=jp-8yOV6xo+M2vUFJy z%Nx_T!Jk%z{T9DIwATYhr;$+C!>MXUvluk8*t-{F# z<)<34=9L+Eo3#fDhD$;CSYrVO<{Gd~48HP7YQ`Zqmck^VxPmeUc}cX>o8Eo zz}iMT6E65@8)^<(mRodXq1-%31OxrhTZhgD?M^@c7I{45JBy&z&Ahxpr+aBAb6Pw< z&$=>(Z`1^}Oad9Q90$zHVHbg?5>njeUu`TUm^{lf>DPI3T;d#kXA9%-m@a!9rYl0S zk{mO0ug~^i`)jh#YqW?ij-;sG=g<^hyU-2~28K^~)(pKw%|FdG&gw2-0ivSrsaZw* zpT6(dUhX(=SPet@&j}lifi)*3+{D)_uV~ z)Aqih=V|*lF`Ox1X5wz9v$6SmW6`1!*x{kq#wjP8-&VBApsngTJAEuY+8>SD9osM7lWbW%0G#GQUcR?ZG80zp{MyZKU?OqtrFme9D7bR4_HlLn&#{Nj zm2*8*pVG&gfpDKqfp~w868#x2@CQIjR*)-9&JX?#P%#BcRM>8ZT!qd|o5_h<+c4?m zbhu2zlMjy1#zLB20JBN71IsKX|CvJ3{x$SxBlHD`^-nM(8OxtR}g%* zm!#aM`-2h1c<%J9@@G@vlPH=yz)qS?HXXc>PyjZ~w1r&0m6ne8Wri;P8RSw^c-$qS z7Q`KI2#)A6KVuYz5i+Zs$=Y!0(uP$_LF2MD3jjw0s+NH!0DGLC9Uj{Nq&_+GEXnw6 zf)@)`SZY;MEt*!xBwSBAYLP*`_Cw|S`rTJ8;3t1Lbi@J$ zgM~NE?|3>;wDYHV-)^zrHGuv0K%3l;Tf(mGig3QO=(MC^gLv47HmFZPG0SMIV5%S~ z7%yn2p$!XJooyl`=AeLUM6_e^+E^kXX>&>xNI_Bco2oZpLKs>) z!TkONmyqGAs}wFTFAqw@NRTxX+&pdRez|!I_HS)`Fw)|_t?6F$ap)KMm-1y|zp7Ps zN3_a@4k$jh$5KqVw22kmB`dM#^uVfhY3=C}!QkQ}Ki?9$bc&>c%t#aJOH^`P2D$74 zSt{Voa)i3iE1^p{_gtNVEDJvbAl5O0OiJ4@F5K*pY%{rwdYTnhCgRc27u!+|H(DGY z2);Qe1&|4GsAHiK9gXgLnBgf9)oasKUMlEC=hZMMDHlKd{05P`is;CG-6DF^CE?yi zb|EyB+(5syrS&Gg%kGPgB!i$%4=8gc%$G|2TQ^n=En4vV~Pg@q+^a2#KWsw!Z1cI5>k`~ z%|y^3LFaNSV|p{g&N4g7CaPk3Znu&A~r23PLDxzI?n#iOOTu*LqR6CooG zh1IxJ3ye2<5!V5K0$OYoU8Wj{3ENHEe3%76G z7dVjA9>mT@#r-xICMeC@I`sbP1{Z(8=~`sj`7U-__ehji3ap$ka)v;HG_A!Oj{@}i0l+?}z z-8Gt1z233-Er-Z7F15rx;fvVABLaVKw4^wiPm3uXC_w}@m?>u)Qt{5E4~TCA7>|~} z8)p+z*Ezl&XtdBuE>8)af3C?=momk1D}CP#jtihAGLEB-$9o>7dPKc%MG%~Yfep+< z>J{CoLb&8-;oJrL^}H8UATg&N>Y1nEmhW)QxKk&{FkJi1O~2BRa#3`6Wc12F-pSQk zLG2{b(T0oNrE%-Q9$k)-^lRo%ZasbI8<(r008388Ro98hqgN~h38x;dM{G~M$Y|u4 zj6F#IRio1s0e z?#IjlElf&Pfu<5hB4iQT0+l$4ND`WV5!Tb%rCVpOl%?+EU#gx6TgqN|-Oyz~dRb93 z{w-W7FDNUmALzVGc=|>ChomZkYZ5DYt95i7nb1M)=tg&wH=sLj!b34py#u9#DMq$R z4HK~Sgn_{lHa=0tpF}k1S_~L;_RYK2J;~reQAgC9U97#2SoYO7rJU&OP#=+d9U_5D z;}*RSU+YQROy||+CW?@emmE4#Wx$|ABa<{Xf9|i}D`E8!8eP`G51gr*7Q?s^JarG_ zh}_uqXn=<=&n&lG@HlCeeY8-btG>!w{KkVP_J82K%1@2b61)RR^|QDXPweMo;(#h& z!6G7+u%<{kD(pw}fSPoib=>T1Y%to$W?>=m@OvCRsQN07boA@E!NdCW)a&skv^TNn zw?4sB^$G#-oqo3Zd5%vm)SVR{RGQr^@l!R=lN=n1L?H$1(Z2D82O>ozN1 zXwPktIL3sO%3Rc&Q=->VmN`wpuzRW^+~eNq02{F^G)gukCv{CRCoVh<&1KuCj7=4vl}Q=cA(0R4Me?Ii}IO6^IpIPDLu z2Q-n<&i8+M5lXD`6vKYW<6q=wKu2!k7@hTG$uN72Equ^p@dB5p!g7uwP#wIP&l#lT zk|=o3>ydGMAaH)P<<$kRZeh@2{y66SeTl%5-5s!buNP`K`rDdoSSC7SHw5*h#cJ>N z3xEEyAj$7gRhfsTq6f9MX7$&c1GkA+HFAIIBr&Q;k}TXabT#p&f?nil-xzJz@oGW` zft6^cYvD;9NeHxjWPr#BUF%pnn?Ag7oudnrCyTR$-eZ?;bm`IvRKH%@gJp`3L8wT; zoRVCUU%Hqf|9Ao3K;+$E^{aC}bYz4X(>;z+)qfVXis&!=eZSd!$mqeXt zzig{`PNGR%Z7x+RGE;t6axr-Q4vSOm#yGZFvtv`CpWONqy$~`)-)7q_WEB@E7ZZs0 zn|XwmeT4?$DvngA7dc((_hcG1VrmZ-9DS7Z7;>D-JhW-`CdZ(sXBJc>p>+}rMK-|< zZI)j)>DC4Af(l6!f?L>3+SA9Zy}e}4Lt=4vOt_6s7x^k4ZbyHRNzC-U57l#NJ~sJ0 zWFQ6RW4aY4bz%pFAXZ`hEz2bZzY+V7-X_|!>`@b9ZawUhT3725L66DJq7*o_r9J_} zGZ0kUrnAcAAD0)pW29(b4kLdRK=5{HRp@i?;xqSL=>8smB6h2PyL=la$i2O=S<6!F zSnPLlA}G<$*h{<4RubH!an9f8K~QPSA*FXExZ_F`3CG3X_9%G^pH_gcCbq~s(Qoy+ zM)FHe@RTZ55K&}IivA8&3$NhwBFPGUHoDt8JxORyKw-QKMrn>%1|pFsNM*HE;U_TOVwz_9fCIt8TB@{iN<6U3xfi<*jEN82 zy0Qlet7~l0`a!?xuF`9Mu%AyxfLCon>WF{)_}=`lS~9%5FOQ+K!sN0UU0G4rH7g44 z3y_0#m*d=hqqkMxB%qv3>GvEEa`<%2nM(u@oyZHxz1sQ5TC7`L#!LuZWqxTXNQ}1- z#;b0T_FJFL;+1USA)owFHjKOKNF&OdGit0yV~>^)dVplqa8EVq*XkVYZ0ghP&3}$H z$!y%7e!@5I@~$dd;|p8hg!G}aCOln*lcX?VWSsGl&6pIafkr{W?9SpC=4LpT{Op5IdGr2(AV&PR*^OO)L>8B3?-@Oi<0$q!X*Qi7El z%9`rLSWdHg`j=^Q>Q^il2@AElJxi!FZ@ zdC?Bkj=+$sj(mHA6<=joeUp_;f2@g5rRPLthdMLz(BrAjxK0(gZ=9JywF|+5{FNhC zV=BW-fOl`$4xK!%;1-KL5nzck$=ZCyC3(Kih3jRvtT}?ttfG~0A+vCgdGRgz$G&l$ z>~CnTY)*RTS)^Up+d~AHy|8aCKQ=U`Yss3!LR(}Sg-J~9W`ynkt~P)CR%anpFKFTP z`P8A4ty>D1sq~%cE+Sm(Eu`9f#u9c7$9iKS-0guI#SzV5@CatqrQmcXD~GF{nWvpu zvv&MV7n$938BB?t#Ms^e53uU-6^d~09Qb{wc(60&svZ=NX&PbQI9_MS+IZE50Eci!TzAEOo)&TjI$N)L~MsN zDmI-0!SUd;iCGF8w?k$J<<7_{<$%f;oCQ*ZG}+TZn-=URLk?K8$qHlJDKNBdm!V1# z@-HXypvcL>*J|?mF@uli%2LE$q}^Q*8|?-ia7f zcsa3RnXLR?Cez_N<^9WsWtVRPB@y@n?(zg&`ayaBUNs@VeN&j+9+_;lKMEKK z=-`C>8JQG7r8X&wKXe~F$n}RyP37kOeyOapn7RLnsi*e+&Jyz1%ie^&K}dvw8$Wg$ zbO!<-z28=1WxqR5E!Z#n{c4xOM%nMR_^IQEj)1jJ;IsJwG#mV2m)StzJvLB9gc>9V ze%+q^@ACgbbWg+d#^c>H>ZH0`HZimWw=t4+z{()3{L<&hpz6&`<(oe7T~evnq$L1I z|H&tZ0NW?eQ*v7-b3|Zra^OumkDH&pAH+qKv!b#K>0unAnvSK1`KyQ^sOvffhWB|W5A$+SSEwY0-2iwOZ~iY zAei496N1-(?5~(1Zs6xY+&{?N{4OwkSttaNQ5MP$9+aC0P6qoyU}eD(=<17}fPR0` zv`mv_LY2_^9G*o{gm+~;MzScvyQz(B=Qhbhn~vhpv(07q6e9mBD9yv0oedZ z@-c|WMkMg{kLh?55V~fZKTQLMCfoZ&Ps=7+>vLKCHQgQkxooFtkiAaHo@$ayvg&Y>B%7nv^RrRd<~j}rf3)ep6WHg+r}aJU6Vo)9j`(Q8pG=Ct}pP*N8($XvW0eL9#FHN6GaB zVDPfR6L_I4(iP5AX$u+HKur;=P|G`A3rE9D#6of^sb^c1li)m;>{yWH%OhvBG1oFD zcC3|<5(h&=#;Jnj{4T{}`IjA$peZo6ee9XaZp9(+G7x-k@KHmwqh^I2b0jryumDP& zc~6;HXoVcA+Jww#4P{m4sr!|-u{J3V6%Zx#S|4Rf_L2$OD4K?mj4Hx8dS?^?Qf3&< zBO$Xp91(IX=QeE!ejiO} z<10sFxcx%)kqKJy*rPXstb+U{8WqJZEtxLj+r8|lePR4^*iNoNXYnXAl^EZp4;qNd zaf#eu{2`*3(JpL1LE9X8en1=9;K&{eS9+(2FA57_jFZX^6%!l^xdPspn%u|)7cO!B zOgb{7&ONJdII{ISO1n8uu?+r#LKkua(#EeZnc(-+a<{|JQ(@Z*?u1T^(hL!5lmqs4 z!^-4B)c9@s23>Ij%TNGQJg3yBn>Q! z>ZJ#SqWJd0yfTS@w`G`Z!EqMJc_9-@ne0%7-#opmZh3-9-GSSAds{u!;U%Z_y_MgoKNpU>XC&wJtysquvo#724`|o1 z?t&zrtiLZKG%OK@6|s`d_F_^ZM+ku-=*662p5joZt7!ZL;iNTunMVR&Ne?*Y3MW^HBs9kj-O0+VcELU~iJV-##t4+|-uiFM+UQn%jVWD`qKyirZ zTZR}w*b|T>Cdkg?F^oV-v-{_!IUb`Xs(OSYrFm$=V><`^LLaozPQS~F<_DeN*#qd- z6<*wLLw~l$p@_jsA^zH>o@5r4^J|_z*cy%^Du9Tt#D^?$&u}xML9+rZA<{7gyOg&~ z-fYs7f%{DjRzo<=3R8IIEBPetBP|YC_8`~kV)pU$yX z1wA;clkGGb)>Fi=u9%V-QnD2=G8Nxs=I=;?SlMS{x?3%LMjl=hmSV<X6N|jjD;jCmI^FfsGDBw*3UOog+1ezBa*+?2H3oq)qe{>*D+mIG2Ub%{=2;w z7G+6FP6}r?97ZjhxURyyUpg-g-xN!KjHx^6Y;SVqVDP$wAlq}F3@Bif{3y&Yjf%s@ za;V&p01M+)+7{=Xd&-@!ap&KLX>!$~h566h_(t1O3?0W>t7}(phT%|*vQW*sGwpY6 z6?xTG()u=5a-Lo8Ghdmj;T1|SJDfCnGD12#@>ua#3h{P(FU&cDC&w~6(JXnX(4ab| zV~qi+Y%wYf@45ykm#^`J6&pBojC@CzSd%Kep@n-?!p@N>GGqvnD zvw+-?G`_l@nDK;E*0DCvEZaBEW3QqU&{n74x=b*U5Xy&NA4R`CUrkeLrf60iZa<~t z)xIFkohokO)|~HtJ&tf`rt4Rxhic@$=BMI|dw`>zD=*j?$+=&Q#ZX`N#tzhg5pt}bCqF()YXEKK>A!8l5``G77wvp!hl zoYpnz&8ONO8jSua7c zF;$vOsS)~^>rN%-(5K8;ma2Yk5mW6rs*Guq1W3T290X$c z9m2r=2Tmq?|9fTqXO8pxL98jYz038$5(jnpY2*-KSXzyM`6)<$6H155NcL9}8w0GyRK8W-9+bH+(MQb?Jn~;|OnZ|6b|DzNNCR|L^lZ m3H(n2|C7M~y9B-}md;h@Z5%SoSP>_?`C+r82k{5oF8?2J$IMj# literal 0 HcmV?d00001